New Site - Architecture question

[30362]

We are building a new facility and will be migrating our corporate headquarters along with several smaller buildings into one location. I have purchased two 3750G-24T switches for my mdf and 3550-24 switches for each IDF, along with a second 3640 router that I intend to use to better distribute the circuit load and provide redundancy.

In each IDF I will connect the 3550s using a gigastack cable, and then using copper Gbics in the remaining Gbic port on the top and bottom switch in the stack I will connect each Gbic to a gigabit port on the 3750s in the MDF, one on each 3750 to provide redundancy.

In the MDF I planned on multi-homing each server, with 1 gigabit link to each 3750.

Now comes my question - I would like to segment each floor of the building (3 total) into separate subnets for the purpose of DHCP assignment etc... Should I use my 3640 router with multiple FastEthernet ports to do the segmentation or is there a better way - I am confused on how to best do this since I will be running two connections from each IDF back to separate switches in the MDF.

Any help would be greatly appreciated.

 

[dx1]

I would not use the 3640 to route between the subnets. I think your 3750 supports routing depending on what IOS you have. EMI supports full dynamic routing and SMI supports basic RIP and static.

I would create 3 separate VLANs on the 3750 for each floor. For DHCP, add the ip helper address on each vlan interface.

 

[30362]

Thanks for your response,

I have the EMI version of the 3750, however I am unclear about how workstations on a particular floor will get access to a host connected to the 3750 if each floor is isolated to its own VLAN.

I thought the ip helper address was for routers only, I can use it on the 3750 too?

 

[rburke]

I have minimal experience with the 3750's but with hte EMI version they are routers... The EMI version supports all the normal routering protocols and it is even possbible to make ports on the switch actual routed (Layer 3) ports just like on a router:

int gi0/0/1
no switchport
ip address x.x.x.x y.y.y.y
no shut

Basically the 3750's are awesome swiches and can/should be used as routers to route IP. Therefore you can use the "ip helper" command to forward to a DHCP server that is configured to hand out addresses bases on the subnet the broadcast came off of.

The 3550 and 3750 switches are pretty amazing considering they have around 5x the layer 3 forwarding rate of the older 5500 series and are only 1 to 1.5U like hte old Layer 2 switches.

Hopefully this helps.. Let me know

Burke

 

[30362]

Yes, perfect, thank you.

I have all the equipment sitting in my office, I plan to setup and test the VLAN configuration with ip helper like you suggested. If I run into any problems I may drop you a line - thanks again for your help.

DK

 

[NetEng631]

You will be using Layer 3 switching on the 3750's. You configure each VLAN with an IP address range.

 

[baddos]

Remeber that a layer3 switch is a router. The ip helper command forwards the DHCP request to your DHCP server, and your DHCP server will be able to figure out which scope to lease an address from.

You should only use the 3640 for a default gateway (internet, wan, etc). For intervlan (local segments) routing, you should use your 3750 switches.

I would also try running 2950s at your IDFs instead of the more expensive 3550. You don't need a layer3 switch at your IDF. The 3750's will provide routing redundancy, and will be at the center of where your segments need to go.

 

[30362]

Gotcha, I've been experimenting with the ip helper command on the 3750s and it works quite well.

Any thoughts on the best way to utilize the two 3640s to better provide redundancy?

The 3550s in my IDFs are the SMI version, thankfully I knew enough to not spend on EMI in the IDFs, I just wasn't 100% sure on the best way to do the EMI once I got all the switches to the MDF.

 

[baddos]

The 3750's you will setup as a cluster, and they will provide layer3 (routing) and layer2 (spanning-tree) redundnacy. That is one of the bigggest feature of that particular switch.

The 3640's should only be used for WAN, VoIP, or Internet access. The 3640's can't do the speed of the 3750 or 3550s for 1000/100mb layer3 switching.

 

[rburke]

One question, I've been in IT for a while but have never heard of the terms IDF and MDF, can you define those for me please?

Also what kind of WAN connections do you have that connect into the 3640's?

Burke

 

[baddos]

30362 is talking about wiring endpoints. A MDF (Main Distribution Frame) is what data guys would probably call the CORE. A IDF (Intermediate Distribution Frame) is probably a wiring closet for a floor or building.

 

[rburke]

And suddenly things become clear...

Thanks!

 

[30362]

Correct, my IDF is the wiring closet on each floor and the MDF is my electrical closet adjacent to the computer room where all the voice and data risers terminate.

My current 3640 has 4 WIC-1DSU-T1 dsu cards and 4 WIC-1T serial connections to my Atlas 550, all are currently in use. I purchased another identical 3640 to distribute the load and provide redundancy, but was wondering if there were any best-practices when it came to redundant router configurations.

 

[rburke]

So you gave 8 T1's terminating into the one 3640 right now? It so then it might be worth while to spread the T1's across the two 3640's and put 4 on each. Then on each 3640 have a one Fast Ethernet link into each core 3750. On the 3750 for the uplinks to the WAN I would make the ports Layer 3 ports and then use a /30 subnet to connect the 3750's to the 3640. Basically making a full mess connection from the Core to the WAN (the 3640's). Does that make sense?

T1's T1's
|||| ||||
------ ------
|3640| |3640|
------ ------
| \/ | <- x.x.x.x/30 (for each of the 4 uplinks)
| /\ |
------ ------
|3750| |3750|
------ ------


Let me know if this helps or hurts..

Burke

 

[baddos]

Does all 8 terminate into the same ISP for Internet access, or are they ppp t1s for your WAN?

 

[30362]

BadDos - Only 1 for Internet access, the others are ppp T1s for the wan.

Burke - In that configuration what would you recommend as the default gateway address for the LAN, should all 4 uplinks be on their own VLAN in the 3750s and I use that VLAN ip for the default gateway?

 

[baddos]

I would probably put both routers in the same vlan, but on a different vlan than your other segments.

Then what I would do is turn on OSPF on your routers and 3750's. On the router with your Internet T1 advertise a default route and the WAN routes and it's local route. On the other router just advertise it's WAN routes and it's local route. Now on the 3750 advertise all the VLAN segments.

With that configuration every router (switch and routers) will know routes to all destinations. If your T1 (internet and WAN) router goes down, then the 3750 will still know about the other 4 WAN connections on the other router.

 

[30362]

baddos - a couple of dumb questions...

If I turn on OSPF on the routers and switches, do I need to disable EIGRP and if so then do I need to do the same at the other sites?

When you say "advertise it's wan routes and local route" do you mean static routes or with OSPF (I've never used anything but static routes and EIGRP)?

Same question for "advertise all the vlan segments".

Since I have two routers, what would I use as the gateway IP address for network hosts? Should I use the VLAN address that has the routers?

Thanks.

 

[baddos]

Yes... You can run EIGRP and OSPF at the same time until you switch over to OSPF... I wouldn't run them all the time like that, but in transition it should be fine.

What I meant by advertising your WAN routes and local routes is simple. Your 3640 will advertise via OSPF or EIGRP your WAN routes. You 3750 will advertise your VLAN segements (local routes). Then if you do a show ip route on any router, you'll see all the routes together.

You should set the default gateway of the PC to be the VLAN interface's IP address that is assigned to the user's VLAN. You should also have your 3640 advertise a default route in OSPF, so your 3750 knows how to get around.

Use the "default-information originate" command in your OSPF configuration of your 3640.

 

[30362]

baddos - I am experimenting with the setup and have a few questions :

I have setup VTP on the 3750 and have it set as SERVER and my 3550s as CLIENTS, I built the vlans in the vlan database and can see them on the 3550s.

In my IDF I have all the switchports on the 3550 set for VLAN 103 (third floor) and I have the gigabit port set for trunking and the other end of the trunk in my 3750, and trunking set on that port too.

Should I be setting an IP address in the 3550 for the vlan103 interface or just on the 3750? I tried setting the vlan103 ip address on just the 3750 but can't ping that IP when I console into the 3550...

I assume I should turn on IP routing on the 3750 and setup EIGRP like my router?