Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Network Redesign Help 2

Status
Not open for further replies.
captnops

captnops

IS-IT--Management
Feb 12, 2003
141
I have been tasked with redesigning a single subnet LAN with 50 users. The network is currently setup as follows:

A single T1 terminating in a Cisco 2811 router with two 10/100 NIC.

This feeds six Dell PowerConnect 2216 swithes which in turn connects 50 workstations.

This mess connects to a windows 2003 AD server and exchange.

The problem is that this design (and some services on the network)is bringing down the entire network on a regular basis.

I am trying to determine the best way to build it and am considering VLANs or simply a multi segment network.

I have a Cisco Catalyst 3650 and two Linksys SRW224P switches (currently unused) that I want to put into the design.

And just to add to the fun, the company also has IP phones (PBX based) that it wants to utilize, but cannot due to saturation on the current network.

I am not a network architect, but I am capable, so any help would be greatly appreciated.


 
Sort by date Sort by votes
not knowing your specifics i would separate servers in their own vlan. also I would separate the devices that create a lot of trafic from the rest of servers and workstations in their own vlan. and finally move workstation to their own vlan or two.

you have 3650 and that gives you lots of power to do that.
 
Upvote 0 Downvote
I pretty much agree with Avilov. At the very least, I'd do a voice vlan, a server vlan, and a workstation vlan. Not that you absolutely need to separate these out now (50 PCs is not a lot), but in the future, this will make it easier to do QoS and do stuff like secure your servers from the rest of the network.

Though, you probably have a separate T-1 going to your PBX, where all your voice traffic goes to the PSTN. Unless you're a satellite office and voice traffic goes over your data T-1, in which case, you'll want to implement QoS from the get-go on your router. (By the way, what PBX are you using? We run Avaya at our main site, but we're implementing Asterisk at another company that we own - you can't beat the price).

Besides all this, you'll want to pay attention to the small stuff like ensuring that your NIC configs match your switchport configs, otherwise, you'll end up with lots of collisions, duplex mismatches, re-transmissions, etc., which I suspect is part of your problem with your current configuration.
 
Upvote 0 Downvote
We have a V-T1 to the PBX (Toshiba CTX i believe), so creating VLANs to segment the network works.

It appears that our PBX has a public IP address so that our offsite personnel can use VOIP. Can anyone tell me why I cannot bring that inside the firewall and use a static route for that VOIP traffic?

Also, as far as the VOIP is concerned, we are using the Linksys POE switches and the lan connection runs to the phone and the phone connects to the workstation. Can I still segment the physical phone device on one VLAN and the PC on another, even though they share the copper?

Thanks for all the help!
 
Upvote 0 Downvote
I believe it depends on the phones, but I have a similar setup in my office - Switch --> Phone --> Workstation. Cisco has a "switchport voice vlan" command that you apply at the interface config, along with "switchport access vlan" that the computers pick up their vlan information from. I also konw that some phones use CDP (Polycom?) to find out their vlan information (weird). Whether your phones are capable of speaking that language, you'll have to find out.
 
Upvote 0 Downvote
In my opinion why redesign when you don't know the cause of your current problems.. I would investigate these issues first then proceed..


BuckWeet
 
Upvote 0 Downvote
I think the Cisco voice VLAN command only works on Cisco phones.

I run a ShoreTel system with the PCs hanging off phones and in different VLANs. The way I did it was to make the switch interface that the phone hangs off a trunk port with a native VLAN of the data VLAN.

With our phones they have a specific DHCP option that only the phones look for. In this option add the VLAN tag for the voice vlan.

With that said, I also agree with Buckweet to find out what is happening on the network to congest it. You definitely want to know before deploying IP phones...

good luck



Matt Wray
 
Upvote 0 Downvote
The Cisco voice vlan command also works with Avaya phones. That's what I have (mostly).

I'd agree with figuring out what the problem is as well, but for a couple factors. One, Captnops already has the new equipment. So, design the network the way you want it, and hook it up correctly. Two, the switches that are in service are very low end, so besides your obvious, typical problems, such as speed/duplex mismatches, collisions, etc., you've got switches that are not ideal for an enterprise LAN.

Figuring out what the problem is currently may be a good learning exercise, but labs are more suited for learning, production networks are not.
 
Upvote 0 Downvote
the voice vlan command works to offer an auxilary vlan. But until the IETF standard comes out the feature of dynamically assigning the vlan with this command (how it works with cisco phones) will not function with other manufacturers phones.. you have to do a task such as above with the dhcp assignment.


chipk, i agree with redesigning the lan, but what if they redesign and it doesn't solve the problem? the root cause needs to be identified first them move on from there.. as for the switches they have currently are fine, but yes they are small workgroug switches.. a larger workgroup switch would be more beneficial.


BuckWeet
 
Upvote 0 Downvote
Thanks for all the advice. To answer questions:

All: I do not think that the Toshiba phones support the cisco protocol, so creative DHCP addressing will be required. I guess the question becomes, is it necessary (or beneficial)to VLAN the phones seperately from their attached PCs if we will be using QOS?

Buckweet: The redesign is necessary to accommodate growth. I have always been told that hanging a large number of workstations off a single subnet is not the best option if segmenting the workstations is an option. Also, the specs on data throughput on the dell switches show much possibility for bottlenecks in the switch, especially since every port in each switch is used. We are leaning on these quite a bit.

I have gone through and set all PCs to 100/Full to match the switch and router interface settings.

That being said, what else do you recommend doing to try to troubleshoot and isolate the issues? Any suggestions would be welcome.

Thanks again for all the help.





 
Upvote 0 Downvote
How are your switches physically connected? Are they daisy-chained together like:

switch1 --> switch2 --> switch3--> switch4...--> router

Or do you have more of a star shape? (looks more like a tree, really, doesn't it?) like:

switch1 --> switch6
switch2 --> switch6 --> router
switch3 --> switch6
...

Whatever the case is (neither is good, because they are all low-level access switches), all your traffic is probably going through one switch (to get to the servers, or the Internet). There is part of your problem right there. Out of the two above, the second scenario is only a little better because any host (and the servers) is only 1 switch away, whereas with the first scenario, a host could be 2, 3, 4 or even 5 switches away. That means every broadcast goes up each uplink, compounding your problem and flooding all ports (and some uni/multi-cast). It would be a little better in my scenario above if "switch6" was a bit more powerful than the others to handle the extra traffic, but that doesn't seem to be the case.

And God forbid you have a "redundant" link, which *could* be the cause of your network crashing (but since these 2216s don't appear to be managed switches, that would be difficult to find out without tracing a lot of cables). They don't appear to support STP, so if you DO have "redundant" links anywhere, get rid of them. Broadcast storms caused by "loops" in the network can bring a network down just as you have described.

Having said all that, and maybe others will have more to add, I'd just put this beast out of its misery and redesign.

With the equipment you have, I'd do something like the following:

Router
|
3560 (create vlans here, connect servers and high-bandwidth users)
|| two trunks to:
Linksys switches (connect remaining users here)
|| access ports to Dell 2216s if needed (this might be a good place to hang printers and low-bandwidth users - if you have any).

Others will probably make suggestions/improvements, but the above is what I would basically go with.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
170
Luzbel
Luzbel
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
224
Jared R
Jared R
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat 1
Replies
1
Views
402
BIS
BIS
bfordz
  • Locked
  • Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
113
bfordz
bfordz
CDIV
  • Locked
  • Question
Help me build a network
Replies
1
Views
89
burtsbees
burtsbees

Part and Inventory Search

Sponsor

Back
Top