Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Hardware Required to Set up Subnets within Network 1
- Thread starter jensenaw
- Start date
CiscoGuy33
Instructor
jensenaw,
A router is used to divide a network into subnetworks!
Just one of many different definitions for router -
Router - A hardware device that routes data from a local area network (LAN) to another network connection. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Routers are located at gateways - the places where two or more networks connect.
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
A router is used to divide a network into subnetworks!
Just one of many different definitions for router -
Router - A hardware device that routes data from a local area network (LAN) to another network connection. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Routers are located at gateways - the places where two or more networks connect.
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
jimbopalmer
Programmer
Routers that are hardware based and all ethernet are often called layer 3 switches, you may wish to look at some.
I tried to remain child-like, all I acheived was childish.
I tried to remain child-like, all I acheived was childish.
- Thread starter
- #5
CiscoGuy33
Instructor
jensenaw,
It might help if we knew what you were trying to do!
Internet--Firewall--Router--Switch(VLANs)--Subnets
\--DMZ--Web Server
Not sure what you are trying to do but with the right router you can "trunk" to the right switch that is "divided" into different VLANs - each VLAN would be a different "network" or Subnetwork.
You can do this with Cisco routers and switches or even with a simple Linksys router with the right "aftermarket" firmware that does VLANs.
So it is really depending on whether you are doing a small "home" network or a HUGE enterprise rollout at work!
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
It might help if we knew what you were trying to do!
Internet--Firewall--Router--Switch(VLANs)--Subnets
\--DMZ--Web Server
Not sure what you are trying to do but with the right router you can "trunk" to the right switch that is "divided" into different VLANs - each VLAN would be a different "network" or Subnetwork.
You can do this with Cisco routers and switches or even with a simple Linksys router with the right "aftermarket" firmware that does VLANs.
So it is really depending on whether you are doing a small "home" network or a HUGE enterprise rollout at work!
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
CiscoGuy33
Instructor
jensenaw,
And as Burt said if the firewall is a PIX - it might be acting like a firewall/router and can do what you are trying to do with the router.
I have an IPCop Firewall/router at home with 4 nics - 1 is the WAN connection to the internet and the other 3 - 1 is the DMZ, one is my "green" network (subnet) and the other is the "blue" network (subnet) I have 4 different dubnets that the IPCop machine routes between.
What I have at home -
Internet--Router--IPCop--switch--PCs(DMZ)
\--switch--PCs (green network)
\--switch--PCs (blue network)
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
And as Burt said if the firewall is a PIX - it might be acting like a firewall/router and can do what you are trying to do with the router.
I have an IPCop Firewall/router at home with 4 nics - 1 is the WAN connection to the internet and the other 3 - 1 is the DMZ, one is my "green" network (subnet) and the other is the "blue" network (subnet) I have 4 different dubnets that the IPCop machine routes between.
What I have at home -
Internet--Router--IPCop--switch--PCs(DMZ)
\--switch--PCs (green network)
\--switch--PCs (blue network)
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
- Thread starter
- #8
Hi Guys,
Basically, I want to create various subnets(PC, Servers, Notebooks). I had came up with the following:
Servers Subnet>>Switch
||
PCSubnet>>Switch>>Router>>Switch>>Firewall>>Router>>Internet
|| ||
Notebooks Subnet>>Switch ||
||
Switch---- FTP/DNS Server
/
Email Server
Will this network diagram work? Or is there a need for individual router for each respective subnet?
Basically, I want to create various subnets(PC, Servers, Notebooks). I had came up with the following:
Servers Subnet>>Switch
||
PCSubnet>>Switch>>Router>>Switch>>Firewall>>Router>>Internet
|| ||
Notebooks Subnet>>Switch ||
||
Switch---- FTP/DNS Server
/
Email Server
Will this network diagram work? Or is there a need for individual router for each respective subnet?
Here is all you need...
server subnet (VLAN 2)---|C S
|I W
PC subnet (VLAN 3)-------|S I---Cisco router-firewall-internet
|C T
laptop subnet (VLAN 4)---|O C
H
The router can route between all the VLANs, and this configuration is called "router-on-a-stick". Like I said, a Cisco PIX firewall can replace the router and firewall, as it does both. I know nothing about PIX's, so I cannot be 100% sure that they can do VLANs. What kind of internet connection do you have???
Burt
server subnet (VLAN 2)---|C S
|I W
PC subnet (VLAN 3)-------|S I---Cisco router-firewall-internet
|C T
laptop subnet (VLAN 4)---|O C
H
The router can route between all the VLANs, and this configuration is called "router-on-a-stick". Like I said, a Cisco PIX firewall can replace the router and firewall, as it does both. I know nothing about PIX's, so I cannot be 100% sure that they can do VLANs. What kind of internet connection do you have???
Burt
Wow---that's not how I just typed the network diagram...basically, it is three or four VLANs, each their own subnet with their own IP address, all going to a VLAN configured switch, trunked to a Cisco router, which can route between all the VLANs. After the Cisco comes a firewall (if you so choose, but a Cisco router with the right IOS can be a very good firewall), then the internet.
Burt
Burt
CiscoGuy33
Instructor
jensenaw,
Still not sure if this is home or not but what Burt listed will work to do what you want!
You have several options and it depends on number of users (is this a home setup or an enterprise or something in between). I have listed them from Enterprise to home with number 2 having been used in some business setups
1)
Cisco firewall/router and/or Cisco router, Cisco switch that does VLANs.
Depending on how large this network is you can have several layers of security/routing - most large enterprises will have a border router --- firewall --- inside router ---- switches divided into VLANs
2)
IPCop Router/firewall - IPCop is a linux system that turns an older PC with several NICs into a router/firewall - with 4 NICs you can have a WAN connection and 3 seperate LANs - one being your DMZ, 2nd being your LAN for PCs and 3rd being your wireless LAN for the laptops - you would just connect a switch to each NIC or in the case of the wireless LAN that is where you connect your access point. In this case you would have 4 different networks - WAN, DMZ, PCs, Wireless
Go to and read about it!
3)
Linksys router/switch with the firmware that does VLANs - with the right off-the-shelf Linksys router you can download a version of the firmware that will do VLANS and the Linksys router will then "route" between the different VLANs. You would connect a Linksys/Netgear/DLink switch to each different VLAN port on the Linksys router and then you can connect as many PCs as you have ports for. You would connect your Access point to the port/VLAN that is for wireless.
This would be for a home or SOHO setup - you can go to the Linksys forum here for more info on the routers and firmware needed.
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
Still not sure if this is home or not but what Burt listed will work to do what you want!
You have several options and it depends on number of users (is this a home setup or an enterprise or something in between). I have listed them from Enterprise to home with number 2 having been used in some business setups
1)
Cisco firewall/router and/or Cisco router, Cisco switch that does VLANs.
Depending on how large this network is you can have several layers of security/routing - most large enterprises will have a border router --- firewall --- inside router ---- switches divided into VLANs
2)
IPCop Router/firewall - IPCop is a linux system that turns an older PC with several NICs into a router/firewall - with 4 NICs you can have a WAN connection and 3 seperate LANs - one being your DMZ, 2nd being your LAN for PCs and 3rd being your wireless LAN for the laptops - you would just connect a switch to each NIC or in the case of the wireless LAN that is where you connect your access point. In this case you would have 4 different networks - WAN, DMZ, PCs, Wireless
Go to and read about it!
3)
Linksys router/switch with the firmware that does VLANs - with the right off-the-shelf Linksys router you can download a version of the firmware that will do VLANS and the Linksys router will then "route" between the different VLANs. You would connect a Linksys/Netgear/DLink switch to each different VLAN port on the Linksys router and then you can connect as many PCs as you have ports for. You would connect your Access point to the port/VLAN that is for wireless.
This would be for a home or SOHO setup - you can go to the Linksys forum here for more info on the routers and firmware needed.
Hope this helps!
E.A. Broda
CCNA, CCDA, CCAI, Network +
-
1
- #12
LawnBoy
MIS
- Mar 12, 2003
- 2,881
Are you really sure you need to do this? Seems overly complex for the usual environment...
burtsbees, if you'll put your diagrams inside of [tt] tags it will be drawn with fixed width fonts and will display correctly. Check out the Process TGML link at the bottom of the compose message window for other handy formatting options.
burtsbees, if you'll put your diagrams inside of [tt] tags it will be drawn with fixed width fonts and will display correctly. Check out the Process TGML link at the bottom of the compose message window for other handy formatting options.
- Thread starter
- #13
Hi Guys,
Thank you all for your valuable advice. I am trying to create subnets within my corporate environment. Therefore, there are subnets for Servers, PCs and desktops, plus a DMZ zone.
I think Option 3 suggested by CiscoGuy33 sounds good. Using a VLan-capable router will create various subnets easily? For example, if I create a subnet to Port 1, plugging a switch to that port will group all those pcs connected to that switch in a subnet of its own?
Thank you all for your valuable advice. I am trying to create subnets within my corporate environment. Therefore, there are subnets for Servers, PCs and desktops, plus a DMZ zone.
I think Option 3 suggested by CiscoGuy33 sounds good. Using a VLan-capable router will create various subnets easily? For example, if I create a subnet to Port 1, plugging a switch to that port will group all those pcs connected to that switch in a subnet of its own?
CiscoGuy33
Instructor
jensenaw,
Option 3 with a Linksys router is for a very small SOHO or home setup.
Once again, depending on traffic to the DMZ, servers and the number of users on the network will all determine the equipment needed.
The idea/concept is all the same - just as Burt detailed with the concept of "router on a stick" - option 3 just puts that concept into one SMALL/LIMITED piece of hardware with the right firmware!
For better advice from us you might want to list more details such as number of users and traffic expected to the servers and DMZ.
E.A. Broda
CCNA, CCDA, CCAI, Network +
Option 3 with a Linksys router is for a very small SOHO or home setup.
Once again, depending on traffic to the DMZ, servers and the number of users on the network will all determine the equipment needed.
The idea/concept is all the same - just as Burt detailed with the concept of "router on a stick" - option 3 just puts that concept into one SMALL/LIMITED piece of hardware with the right firmware!
For better advice from us you might want to list more details such as number of users and traffic expected to the servers and DMZ.
E.A. Broda
CCNA, CCDA, CCAI, Network +
- Status
Similar threads
- Locked
- Question