LAN Configuration / Topology Recommendations? 1

[msdonb]

Okay. I've got a LAN that's increasing to the point that I will soon run out of addresses on my current subnet. The reason I am running out of addresses is because an InterTel IP phone system has been installed that takes up 50+ addresses on my subnet. The InterTel guy says that it HAS to be run this way, because of my P2P to another site. I would ideally like to setup a separate subnet that the IP phone system resides on, along with few other PCs. The reason for this is I'm having problems with bandwidth issues due to lots of 10mb hubs scattered throughout my current subnet. Some PCs are handling art files which are massive in size, and 100mb isn't getting the job done. Any suggestions on how I can get this to work? I've already got a router that routes between 2 subnets (my local LAN and a P2P (LAN#2)) But is there anyway to create another subnet and get all three to talk to each other? I have yet to see a router that can handle 3 subnets? If I set a PC up to route between all three subnets, would it work? I have a couple of HP ProCurve 2626 Switches that are capable of VLAN but am unsure of how to configure this to work?

Thanks.

 

[Deweyhumbolt]

I'm a 27 year Telephony guy who has been doing VoIP for 4 years, you want VLANs.

 

[cajuntank]

That's exactly what needs to be done, you need to create a VLAN'd network using your switch. Since your switch is a basic layer 3 device:

"Basic IP routing: enables automatic routing to the connected VLANs and up to 16 static routes--including one default route--in IP networks"

You create your vlans on the switch, enable ip routing so vlans will route between each other... so for example:
VLAN1 (this is the default VLAN so you don't want to use this one for security sake) but say 192.168.0.0/24
you create a VLAN2 for normal data in the 192.168.1.0/24
create a VLAN3 for voice in the 192.168.2.0/24
Assign ports to whatever VLAN they need defined to and/or define them to trunk the vlans down if say you use your phone to also offer a switch port to your computer. You would then have to set your phone to use vlan3 and it's switchport to pass vlan2 (some systems can so this automatically).
If I'm understanding your verbage of P2P as a Point to Point T1 to another location, that shouldn't matter. Your router hanging off of a VLAN2 port will connect as normal and then you'll create static routes on the router pointing to your switches IP address for those other subnets you created when you assigned addresses to your VLAN interfaces.

Your gateway will be your switch and not your router so if you have yet another router/firewall going to the internet, then you'll have a default route defined on your switch to go to that router for 0.0.0.0 networks.

 

[wires]

I'm not so sure VLANS will fix your situation due to the "10mb hubs scattered throughout my current subnet". If you can get all the "PCs handling art files" directly connected to the HP ProCurve 2626 switches then a VLAN could go a long way toward fixing their bandwidth problems. If 100Mb is not fast enough for them and they are at the same location then gigabit them together and uplink that switch directly to the local ProCurve.

More information would be helpful.

1. Are their servers involved and where are they located?

2. Except for the art file slowness does the network work well?

3. What purpose do the 10Mb hubs serve and can they they be replaced with direct connections to a managed switch?

4. What sort of OS are the client PCs and servers running?

5. What router(s) and how are they configured?

6. Private or Public IPs on the network?

7. How big is your subnet now and how big does it need to be in 3 years?

8. Currently you have 2 locations linked with a Point to Point T1 correct?

9. Currently one location has a connection to the internet and all traffic travels through that correct?

10. Aside from VOIP what bandwidth requirements are needed between the 2 offices?

 

[Deweyhumbolt]

If VLANS, what about QOS?

 

[cajuntank]

You can ditch the 10Mb hubs and purchase very economical 100Mb switches. How are you currently powering your phones? I know you don't have 10Mb PoE hubs (no such thing), so I know your phones are plugging into some PoE switch or by chance do you have power bricks on all your phones (tell me it ain't so!)...

Even vendors like D-Link, Linksys, Netgear have some very economical switches PoE and non PoE that pass layer 2 VLAN tags and do QoS marking to ensure end to end QoS.

 

[msdonb]

More information would be helpful.

1. Are their servers involved and where are they located?

Yes, there are four servers in the existing LAN (excluding the phone system servers). 1 IBM AS/400 server, 1 Windows 2k3 Server and 1 Novell server (file sharing) and a Mac Server (art file sharing/storage). The phone system is an InterTel 5000 system:

http://www.inter-tel.com/portal/pag...network communications solutions specific.pdf

and yes, it is connected via a T1 P2P. There is a cabling closet (where the phone system & P2P are stored) as well as a server room that's home to the servers mentioned above, with the exception of the Mac server, which is in its own spot, closer to its own clients.

2. Except for the art file slowness does the network work well?

Yes. The only thing that really sucks bandwidth are the art servers. Most of the stuff traveling through the Novell are small documents (<200KB) so bandwidth isn't much of an issue. The art files however are 200MB+ and are constantly being modified/uploaded so the 100Mb connection is literally slowing to a crawl. I'd like to isolate the Art server and all of its clients on its own separate LAN yet they still need to be able to communicate with members of the current LAN. I have been reading about VLANs through the HP manual that came with the ProCurve switch, but I'm still a little unclear on how I should set this up, anyone have a link to a better doc on how to setup a VLAN? It appears, that I will need to isolate everything connected to the Art room via 801.1Q switches with multiple trunks connecting them together. Bandwidth can slow once data hits the server rooms, because everything in there is @ 100Mb anyways. But the art server is physically located near all the clients within the Art department, so as long as connectivity between them on their LAN is gigabit, that's all I'm really looking to resolve.

3. What purpose do the 10Mb hubs serve and can they they be replaced with direct connections to a managed switch?

There are a few places throughout the facility where cable runs are extremely long and these 10Mb hubs were placed years ago to act as repeaters. I have walked into an existing nightmare and have been given the task to clean it up. (BTW, thanks guys for all your help) Due to the size of the facility (500,000+ ft2) not everything can be connected to a managed switch. However, this is not really a big concern as most of the heavy data transfers happen in pretty close proximity to one another (i.e. one corner of the building) The rest of the clients scattered throughout are fine with < 10Mb connections for now. Replacing these 10Mb devices with 100Mb devices will only improve connectivity to people who don't need it, nor would ever use it.

4. What sort of OS are the client PCs and servers running?

I mentioned above: 1 IBM AS/400, 1 Novell Netware 4.11, 1 Win2k3, Mac OSX Server. I'd eventually like to phase out the Novell and convert the Win2k3 server to take over file sharing responsibilities. The Novell won't disappear completely, as it's handling a bunch of legacy printers running IPX as a print server.

5. What router(s) and how are they configured?

There is only one router routing traffic outbound to the internet (T1) from the local LAN. There is also a cisco router routing on the P2P T1 from here to the second location (which has less than 10 clients connected); along with traffic on the local LAN. And yes, I know, it's rediculous to pay for a dedicated T1 between the two, but it's on a 2 year contract that we can't get out of. :\

6. Private or Public IPs on the network?

Private IPs.

7. How big is your subnet now and how big does it need to be in 3 years?

The current subnet is at 243 clients. However, 53+ blocks are being consumed by the VoIP phone system. To answer the question about power to the phones, I am new to IP phone systems, but I believe the InterTel switches are powering all the IP phones. There is no battery pack on the phones and the ethernet plug says "PWR/LAN", so I assume its doing both. It's not that there is an immediate need for more IP addresses; it's the fact that we will soon run out and it's downright SLOPPY! When it comes to ethics, I'm all about efficiency; and this company is doing a lot of wasting!

8. Currently you have 2 locations linked with a Point to Point T1 correct?

Yes. InterTel (our VoIP phone provider) provides this service between the two locations. However, the other facility could have done just fine with a DSL connection and saved about $750/mo. But whatever.

9. Currently one location has a connection to the internet and all traffic travels through that correct?

Yes, single gateway/router handling all internet traffic from the current LAN.

10. Aside from VOIP what bandwidth requirements are needed between the 2 offices?

Not much. The only thing being transfered between the two facilities are documents and such. Nowadays, it seems a DSL connection, while a little less reliable, will outperform a T1 and is so much cheaper! 1.5Mb just isn't much bandwidth thesedays. :\


Again guys, thanks so much for your input. I'm more of a technician than I am an engineer. While I have my A+/Network+ certifications, real world scenarios are much more complicated, so I rely on being resourceful and asking the experts (you guys).

 

[wires]

With this information I don't really see any need for a VLAN or additional router(s). The simple solution is to install a gigabit switch for the art department to handle their server and clients. Simply uplink this switch to one of the main network switches and you are done.

My guess is you have a class C network (/24 or a netmask of xxx.xxx.xxx.000) and are currently using 243 of the available 254 IP addresses. A VLAN will not solve your address problem and unless you are suffering from excessive broadcast traffic a VLAN won't really solve any problem for you.

If you need more IP addresses you will need to add another network (IP address range) or go to a class B network and change the netmask to add more addresses. If this is the case please respond for more details.

If you want to try VLANs then dividing your VOIP phones from the PC traffic would be the place to start. Here is a nice simple article:

http://www.petri.co.il/csc_setup_a_vlan_on_a_cisco_switch.htm

Good Luck!

 

[msdonb]

Well, you are right in that we are running a Class C (/24) network and are running out of IP addresses. I guess we'll just have to setup another subnet for the phones. My interpretation of a VLAN was a way to setup separate subnets without needing a router to route information between say four different subnets. I thought a VLAN was a switches internal ability to 'route' information between separate subnets, i.e. kind of like a 'virtual subnet'. Hope that makes sense? So, in a hypothetical situation that my LAN was to get larger than two class-c subnets. i.e. 192.168.0.xxx/24 - 192.168.1.xxx/24 and I needed to add a 192.168.2.xxx, are there routers with the cabability to route between more than two subnets? The device we have can handle routing on two, but are there devices that can do more than that? Additionally, could you point me in the direction of how I could possibly setup a separate PC to do the gateway/routing work on multiple subnets? Thanks so much.

 

[wires]

VLANs break up broadcast domains they don't route IP networks.

If you need more that 254 IP addresses you might want to consider the class B private network range of 172.16.0.0 - 172.31.255.255. Using any one of these 16 networks will give you 65,534 addresses per network.

For a brief description see en.wikipedia.org/wiki/Classful_network

Obviously you would not want to have 65k hosts in one broadcast domain so you could split it up with subnetting or VLANs. This will give you virtually unlimited flexibility for future expansion.

For a brief description of subnetting see

http://en.wikipedia.org/wiki/Subnetwork

You could go with a network like 172.16.1.0 and an netmask of 255.255.0.0 and then VLAN off the phones and add the gigabit switch for the art folks and you should be fine. It will be a PITA to reconfigure everything but it will give you plenty of room.

Otherwise the way to go is routers.

All the big boy routers have the ability to add as many subnets as you want either with a physical port per subnet or by aliasing multiple IP addresses to a physical port.

It has been a while since I have used it but FREESCO can make a very powerful router out of a 486 with 16M RAM and a floppy. I had several 3 way routers set up using this software to handle Internet-LAN-Private WAN configurations. It is quite good, free, and well supported via forums. It can be found at freesco.org.

Current Linux distributions use iptables and you can build anything you want.

Smoothwall Express is the open source version of smoothwall a commercial linux based router/firewall. It has a very nice web based interface but I am not sure how many subnets it can handle.

If you decide to build a PC based router be aware of reliability issues. While dragging a junkpile PC into service is very gratifying be sure you have a plan for when it fails.

 

[cajuntank]

Again, just to re-iterate, you already have a "light"
layer 3 (routing) switch in your 2626's. You create the VLAN(s) on you "main" 2626 and enable ip routing which will route directly connected VLANs, you then can trunk (tag in HP world) those VLAN's down to other 2626's or managed switches to divy out or just untag (again HP world) the port to a specific VLAN.

In VoIP, you always want to create a VLAN just for voice. This way you do not interfere with data traffic processes that might impede VoIP as well as employ different technologies on that network like QoS (easier to set QoS for a network than for 50 individual hosts, as an example).

You talk to any voice engineer and the first statement for VoIP will be end to end QoS, second will be dedicated voice VLAN.

 

[SYQUEST]

Since you mentioned you have HP Procure Data Switches, I assume you have the documentation or manuals that can with them. That might be a good place to start, and see what HP says about VLANs, etc., HP may provide some examples of networks with VLANs and other related configurations to provide information on how you can utilize those things to make your network more efficient and accommodate your business needs.

A lot of good ideas posted here... Do your homework!

Happy reading!!

....JIM....

 

[jeffmoss26]

As far as the Inter-Tel system goes, how many IP phones do you have? The phones would connect to the network switch, and there is a network port on the 5000 phone system.

jeff moss