The network I manage now has VLANs on multiple switches, This allows me to isolate specific ports to specific functions. For example VLAN 5 is only for wireless access points, so every Switch I want to have an Access point on must have VLAN 5 defined on it and added to the interface. This also allows me to set up a test switch so I can test equipment at my desk, with the IP address it will have out in the field. It's been running fine with this setup for years.
Now there's a push from corporate to isolate the VLANs, one VLAN per switch, or a couple, but they can't be defined on any other access switches on the network. This is going to require a major undertaking by me to define new VLANs add them to the switches, set up, reserves / DHCP scopes and re-Ipaddress static / reserve devices with the new VLANs, Does anyone know what the logic in this is? Is this a more secure networking design? My understanding if a loopback address is added, it can cause a VLAN spanning tree loop because the VLANs are located on so many switches.
I guess I'm not seeing the bigger picture here. What ever that looks like.
Still searching for the corner in a round room.