2000-06-21-14:05:05 Stephen Sprunk:
supporting thousands of vlans
Good luck.
Another Cisco dude pointed me at an exciting-sounding option here; if I correctly understand the material at <URL:http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_5/cnfg_gd/vlans.htm#xtocid2252917>, the desired isolation and control may be achievable by configuring one VLAN, and one big horking private VLAN, with each room assigned an isolated port (in the isolated VLAN), and the router given a promiscuous port (on the private VLAN). Normally that'd leave the difficulty (and performance hit) of forcing a one-lung router for any cross-chatter between isolated ports, but in this case it's specifically desireable that they cannot talk to each other at all. -Bennett