I work for a company that has recently been growing, exponentially. I find that the need to isolate systems, create more broadcast domains, and perhaps make things more manageable is a must. I could use some help with setting up VLANs. I've attached a very basic network diagram, which should serve as a good starting point. Ideally, I'd just like to have as little VLANs as possible, to start. I used to work on a large college campus, providing network support. We used Enterasys switches, and I assumed that I had a firm understanding of VLANs. When I look at these unmanageable (CLI-Based) ProCurve switches, and the shoddy doc. that is provided, I cringe. If anyone is looking to help, I'd really appreciate it. Thanks.
The only problem is these switches if I'm not mistaken, are layer 2 switches only. So yes you can use them to setup VLANs; however, you have not provided any information on a layer 3 device that you will need so these VLANs can ultimately communicate with each other. So based on your current information, if you did setup VLANs, they would have no way of talking to each other.
I just realized I said 'When I look at these unmanageable (CLI-Based) ProCurve switches, and the shoddy doc. that is provided, I cringe.' These switches _are_ manageable, but not through CLI, but a web interface. Silly me.
Yes, but if your to the point like you said of growing enough to where you need to create more broadcast domains due to the amount of devices, can you imagine the load your going to put on that little TZ. That box just wasn't built to handle that level of routing. You really need a layer 3 switch and we're not talking about a lot of money either. Some of HP's lower end switches do light routing (up to 16 routes) which would be more than enough in your scenario.
Before I would make a recommendation I would ask a few questions. In addition to PC and printer nodes, what other growth are you expecting in the near future? SAN, Virtualization, etc...
Are you adding more WAN expansion?
How much LAN port space do you need in the near future?
With the number of nodes you have identified you really don't need a highly routed network, a flat network is just fine. Why do you feel that more VLANs will benefit your network?
BTW, you could probably add a 4200 series switch to your system and solve many of your problems, but that depends on the answers above.
It's mostly because we have experienced broadcast storms in the past, resulting in downtime (and angry co-workers). Also, I know that printers can be 'chatty' on a network, and cause more overhead than needed. In addition, I would like the VoIP system on its' own subnet. This network would survive with a flat topology, but there is definite room for improvement. All I intend to get out of this is a more segmented, higher-performing and scalable network, as well as to gain additional knowledge in networking.
"It's mostly because we have experienced broadcast storms in the past, resulting in downtime (and angry co-workers). Also, I know that printers can be 'chatty' on a network, and cause more overhead than needed. In addition, I would like the VoIP system on its' own subnet. This network would survive with a flat topology, but there is definite room for improvement. All I intend to get out of this is a more segmented, higher-performing and scalable network, as well as to gain additional knowledge in networking."
I can relate to that. There is only one way to eliminate broadcast storms and that is to find the culprit and remove it. In my case it was a new NLB MS Server cluster. If you have Network Load Balancing turned on in a MS environment either turn it off or put it on its own VLAN.
I think you are right in putting the VOIP system on its own VLAN. This isn't my expertise, but I would look for something to QOS the VOIP as well.
Personally, I don't worry about the printers in my networks, but I can see where it would be valuable to VLAN them as well.
You could probably use any of the smaller chassis products to obtain what you are looking for. The VoIP QOS and any future SAN would be the things I would watch for, because they could put you into the need for a higher end switch.
Call me crazy, but my supervisor tells me that we don't need to have "specific VLANs", but can actually just (by individual device configuration), put each device on a separate subnet. I.e. printers configured as 192.168.3.x, VoIP 192.168.4.x, and so on. My question to him is "how do these subnets talk to each other, without some sort of routing protocol directing the packets?" I'm not sure if I was given any direct answer to that, but could this solution actually work?
