Aruba & ProVision-based

Campus Network Expansion - 5400zl

 
Gary-Seven
Collector

Campus Network Expansion - 5400zl

If there is a better forum for this message please let me know.

 

Background:

 

The Existing 2 building campus contains roughly 250 computers and laptops belonging to the org and as many as 200/day personal devices with wifi capabilities that utilize the public portion of the network. 

The core of the network and all of Building 1 is a HP 5412zl switch.  GB service is provided to all ports with POE available where needed.  One subsidiary switch in Building 2 is connected by GB fiber and is served by a 2910 48G switch.

 

This network has outgrown its /23 subnet in two ways.  First, the allocated dhcp space for trusted devices has become too small and has twice had to expand into the static space reserved for servers, printers, and the like.  Second, broadcast and flooding events have effectively DOS’d network down 4 times in the past month. 

 

Due to new construction, the campus will be expanding to include a new building.  The new building will host roughly 200 computers and laptops on the closed network and up to 100 devices on the public network on any given day.  This network will be served by a 5412zl in the core and two subsidiary 5406zl devices in idf wiring closets.  The ‘06s are connected to the ’12 via GB fiber and the ’12 in Building 3 will be connected to the ’12 in building 1 via GB fiber.

 

There are two sites in our ORG that should be tied in to this network via site to site VPN in the future.

 

The Problem:

 

Simple expansion of the /23 to a /22 might yield the address space to activate Building 3, but the problems of broadcast or flooding events would be exacerbated.  It seems as though it is time to add new subnets and VLANS to this ORG.   Probably past time…   The question is- what is the best way to proceed?

 

Proposal:

 

VLAN#     Subnet     Purpose

8              *.8.0/23     Existing Building 1&2 Network.  Repurposed to include most physical ports of Bldg1

10            *.10.0/24    Most Physical Ports of Building 2

11            *.11.0/24     Reserved

12            *.12.0/24    Wireless Access Points (can include feeds of public traffic) Bldg 1 &2

 

20            *.20.0/23     Most Physical Ports and DHCP of Building3

21            *.21.0/24     Reserved

22            *.22.0/24     Wireless Access Points in Building 3 (can include public)

 

 

 

100         *.100.0/24    Management

 

Note1: The public wireless traffic is managed Wireless Management system (Aruba) and cannot reach the closed network but necessarily travels over it from the AP to the switch and then from the switch to (generally) the internet.

 

Note2: The ‘12s would both carry all VLANs.

 

Questions:

 

I don’t want too many VLANS or subnets, but is this too few?

Are there any pitfalls that I should consider setting up this kind of environment on this hardware?

Any suggestions?

 

 

P.S. This thread has been moved from Comware-Based to ProCurve / ProVision-Based. - Hp Forum moderator

 

 

 

1 REPLY 1
Richard Litchfield
Respected Contributor

Re: Campus Network Expansion - 5400zl

Your proposed solution will certainly work. You may find that there are as many solutions offered as there are people offering them!

 

  • The 5400 supports up to 2048 VLANs, so no issue with the numbers.
  • You shouldn't have any major problems - you will need to configure routing though.
  • You may want to have servers and server subsystems (backup, SQL, iSCSI/storage, etc) separated by VLANs too
  • Sep VLAN for Printers?
  • Sep VLAN for Wireless APs?
  • Sep VLAN for different types of wireless devices/access [this may make more sense with the HP MSM wireless solution, where the traffic can be offloaded into different VLANs at the AP]

 

HP also has a wireless solution that integrates directly into the zl chassis (ie the MSM765zl controller), along with firewalls, etc in the same zl appliance form factor.