Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VLAN Design - Opinions please - Link to design.

Status
Not open for further replies.
SW2004

SW2004

Technical User
Jul 13, 2004
24
0
0
GB
Hi, Please could I have your thoughts on the following VLAN design. I had approx 500 PCs 12 months ago with no VLANs in place. Now we have a 1000 PCs and broadcasts have reached 30-40%. I have a new large fast layer 3 switch.

My design is here:

The VLANs you see would all be configured at the layer 3 switch by setting each fibre port to a seperate VLAN. I don't need to design my VLAN around departments.

I look forward to your opinions and advice.

Many thanks.
 
Sort by date Sort by votes
Hi there,

it just what we did when we rebuild our network with gigabit backbone.

Each floor has a separate Vlan with 2 24-switch with to uplink to the core switch.
Server are concentrated in data center on Servfarm Vlan.

Be carefull when assigning priority and spanning-tree, and Multicast...

Use DHCP, DNS, for each Vlan , except the ServerFarm, ...

Hope this help you ...
 
Upvote 0 Downvote
In this senario would I need to configure the edge switches or would leaving them configured as VLAN1 suffice?

I planned on using the DHCP relay function within the switch to provide DHCP addresses to each VLAN. I presumed this was common, is this correct? A DHCP server for each VLAN would seem excessive.

Thanks
 
Upvote 0 Downvote
Yes, you can use DHCP forwarding so that you don't need a server in each VLAN.
Typcialy most vlan capable switches have the standard vlan1 for management. So I would move the servers onto their own vlan.
Also, if your segmenting your network *purely* by location and not by department or function. Do you need vlans? The new L3 switch is probably capable of static routes. Then each port is just a different network. Which is what your trying to do with the vlans by your diagram. Just a thought.
 
Upvote 0 Downvote
Hi Saugilsr,

What do you mean by "The new L3 switch is probably capable of static routes"? I'm trying to reduce the size of the broadcast domain. Why else would you use VLANs?

Thanks
 
Upvote 0 Downvote
I would give the servers a vlan besides vlan 1 . To me it seems that your subnets are very small per user community . We generally have most of our subnets with /24 with 254 usuable addresses in a subnet . This is in a corporate environment . You don't indicate how you have broken these up , you may have a reason for making the subnets so small .
With the subnets this small most of your traffic will have to be routed wherever they are going , while todays L3 switches are pretty fast it will always be faster to switch than having to route .
 
Upvote 0 Downvote
Tha architecture should be :

- one Vlan per floor (stack of C2950 for users)
- one Vlan for serverfarm (in data center )
- Vlan 1 is Management Vlan for all switch
- DNS, DHCP in serverfarm: one DHCP server + redundancy
- DHCP scope should be defined for each Vlan (PC, Printer, ...)
- IP helper defined in core switch

hope this help
 
Upvote 0 Downvote
Build your VLANs on the global level using
!
interface Vlan1
description Administrative VLAN
ip address 10.xx.x.11 255.255.255.224
!
interface Vlan3
description Xxxxx XXX Xxxx
ip address 10.x.xx.1 255.255.252.0
!
interface Vlan4
description Xxxxx XXX Xxxx
ip address 10.xx.xx.2 255.255.240.0 secondary
ip address 10.xxx.xxx.2 255.255.255.0
no ip redirects
!
interface Vlan5
description Xxxxx XXX Xxxx
ip address 10.xxx.xx.2 255.255.240.0

Not the interface level. I trunk all VLANS out to the edge. This gives me flexibility if I need to swing one device accross the building.

Also Leave VLAN 1 for your VTP domain/Management only.

Just my suggestions.
 
Upvote 0 Downvote
Hi Ru55ell,

Can you explain Global Level and Interface Level? Also when you say you trunk VLANs to the edge does this mean you configure the edge switches with the corrosponding VLAN info?

Thanks for all the advice.

S
 
Upvote 0 Downvote
I thought when You said "The VLANs you see would all be configured at the layer 3 switch by setting each fibre port to a seperate VLAN." you were going to define the VLAN networks under the interface say Gi2/1. I know you can assign interfaces IP addresses and route between networks but this would not be VLANS. Ignore what I said about Global/Interface earlier, I think?? Anyway about the Trunking to the edge. Yes I define a VTP domain and every edge switch knows about all my VLANs. I assign membership at the interface level with a switchport access command. I hope this clears up any confusion I may have caused.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
71
Luzbel
Luzbel
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
101
madwok
madwok
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
90
bdk76
bdk76
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
87
BIS
BIS
DTGMI
  • Locked
  • Question
Moving from Juniper SRX-240 to Cisco ??
Replies
0
Views
61
DTGMI
DTGMI

Part and Inventory Search

Sponsor

Back
Top