Switches, Hubs, and Modems
1745889 Members
5284 Online
108723 Solutions
New Discussion

VLANing my network

 
Eddie Walker
New Member

VLANing my network

I have about 200 devices
across 6 buildings. I have noticed alot of broadcast traffic and want to improve performance.
I was looking at implementing vlans and group the vlans by building. I already have one vlan for our bluesocket wireless system.

I have as our core switch where one building and our servers/router/etc are attached to a HP Procurve 5308xl
in our other buildings there is one procurve 4108gl and the rest are 2800 series.

I was also thinking about subnetting as well. We currently have a class c block of addresses, but i was considering putting each building on private ip so we wouldnt have to renumber if we switch isps again. (and to have additional ip addresses if we add more deviceS).

Can soneone give me some guidance on how i would pull off first the VLAN and then subnetting?

Thanks,
Ed
1 REPLY 1
cenk sasmaztin
Honored Contributor

Re: VLANing my network

nowadays many big network sperate vlan's
vlan izolate broadcast domain for system performance and security

How should we do well ?

your network have one core switch 5308xl
as for me this switch must have main router on network all other switches running must be only L2 operation.

all vlan's know core switch other edge switch know only own vlan

fristly you must have create one managemet vlan on network switch for security switch management

secondly create server vlan on core switch and connect all server this vlan

thirdly cerate internet vlan on core switch and connect internet firewall or internet router (gateway)on this vlan

later must have other user group vlan on core switch

if you want building base sperate you network you need very simple config.

plese to examine carefully my example core switch config.

*int A18-A24 uplink port for edge switch connection
*dhcp server ip address 10.0.30.10 and resiade server vlan
*internet router connect int A1 in internet vlan
*all server connect server vlan int A2 to A10
*all other vlan avare core switch for routing between vlan's
I prefer a class network address it does not matter
to important vlan's must have diffrent network address



ip routing
snmp-server community "public" Unrestricted

vlan 1
name "management"
untagged A11-A24
ip address 10.0.10.1 255.255.255.0
no untagged A2-A24
exit
vlan 2
name "internet"
untagged A1
ip address 10.0.20.1 255.255.255.0
exit
vlan 3
name "server"
untagged A2-A10
ip address 10.0.30.1 255.255.255.0
exit
vlan 4
name "build 1"
tagged A18-A24
ip address 10.0.40.1 255.255.255.0
ip-helper address 10.0.30.10
exit
vlan 5
name "build 1"
tagged A18-A24
ip address 10.0.50.1 255.255.255.0
ip-helper address 10.0.30.10
exit
vlan 6
name "build 3"
tagged A18-A24
ip address 10.0.60.1 255.255.255.0
ip-helper address 10.0.30.10
exit
vlan 7
name "build 4"
tagged A18-A24
ip address 10.0.70.1 255.255.255.0
ip-helper address 10.0.30.10
exit
vlan 8
name "build 5"
tagged A18-A24
ip address 10.0.80.1 255.255.255.0
ip-helper address 10.0.30.10
exit
vlan 4
name "build 6"
tagged A18-A24
ip address 10.0.90.1 255.255.255.0
ip-helper address 10.0.30.10
exit
ip route 0.0.0.0 0.0.0.0 10.0.20.2


now to exemine edge swich config
very simple config switch avare own vlan and managemet vlan
this ip address for only managemet
no need ip routing no need user vlan ip address because all user connect to core switch/router

vlan 1
name "management"
untagged A26
ip address 10.0.10.2 255.255.255.0
no untagged 1-25
exit
vlan 4
name "build 1"
untagged 1-25
tagged 26
exit

finally true vlan configuration to gain performance and security your network

it does not matter ip class a,b or c
to important vlan's must have diffrent network address and true configuration.











cenk