- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- spanning tree through 219 vlans
Switches, Hubs, and Modems
1748169
Members
4253
Online
108758
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2008 02:01 AM
11-28-2008 02:01 AM
Scenario:
* 219 rooms in a student dorm, each with one inhabitant and her random devices requiring internet access.
* Each room must be identifiable, preferably through ip address. The reason is that legislation here demands logging of packages and these must be traceable.
* 221 vlans in separate subnets and a single dhcp server serving adresses to all vlans. (perhaps see other thread here: http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1291469)
* Dhcp server and internet router is the same machine, 192.168.1.11 (config attached)
Hardware:
1 x 3500yl, located in server room
5 x 2650, one on each floor, ~44 rooms on each floor.
I would like to configure dhcp-snooping and arp-protection (vs rogue dhcp servers and to ensure that residents are unable to set ip's manually), virus throttling (it is a student dorm but not sure about ressource usage) and multiple spanning tree (mstp). I am mainly unsure about the last one but if you spot something wrong or have objections regarding ressource waste or optimization then please don't hesitate to comment.
The multiple spanning tree protocol stipulates that all vlans must must be configured on each switch in the mstp instance. Since only 44 vlans (out of the total 221) are configured on each 2650 should I then make six mstp instances, that is one for each of the switches?
Also considering not bothering with the mstp's and maybe use some loop protection as the network topology is small and somewhat transparent but unsure who is going to maintain the network in the future.
Any and all input and hints on where to look are very welcome! The more detail, the better - I am noobish..
* 219 rooms in a student dorm, each with one inhabitant and her random devices requiring internet access.
* Each room must be identifiable, preferably through ip address. The reason is that legislation here demands logging of packages and these must be traceable.
* 221 vlans in separate subnets and a single dhcp server serving adresses to all vlans. (perhaps see other thread here: http://forums11.itrc.hp.com/service/forums/questionanswer.do?threadId=1291469)
* Dhcp server and internet router is the same machine, 192.168.1.11 (config attached)
Hardware:
1 x 3500yl, located in server room
5 x 2650, one on each floor, ~44 rooms on each floor.
I would like to configure dhcp-snooping and arp-protection (vs rogue dhcp servers and to ensure that residents are unable to set ip's manually), virus throttling (it is a student dorm but not sure about ressource usage) and multiple spanning tree (mstp). I am mainly unsure about the last one but if you spot something wrong or have objections regarding ressource waste or optimization then please don't hesitate to comment.
The multiple spanning tree protocol stipulates that all vlans must must be configured on each switch in the mstp instance. Since only 44 vlans (out of the total 221) are configured on each 2650 should I then make six mstp instances, that is one for each of the switches?
Also considering not bothering with the mstp's and maybe use some loop protection as the network topology is small and somewhat transparent but unsure who is going to maintain the network in the future.
Any and all input and hints on where to look are very welcome! The more detail, the better - I am noobish..
Solved! Go to Solution.
1 REPLY 1
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2008 03:20 AM
11-28-2008 03:20 AM
Solution
hi Brian your dhcp snooping and arp protech config true
dhcp-snooping
dhcp-snooping authorized-server 192.168.1.11
dhcp-snooping vlan 1-221
arp-protect
arp-protect trust 11-24
arp-protect vlan 2-221
for mstp my comment
not need your system mstp config
because in order that need mstp config you can use mutiple path between switch
but you use one uplink path between switches
your need single spanning tree config for prevent loop occur on network
my other advice:
your network for students internet connection
you want make full securtiy and control on network must be use
pcm+ and NIM
http://www.hp.com/rnd/products/management/ProCurve_Manager_Plus/overview.htm
http://www.hp.com/rnd/products/management/ProCurve_Network_Immunity_Manager_1.0/overview.htm
dhcp-snooping
dhcp-snooping authorized-server 192.168.1.11
dhcp-snooping vlan 1-221
arp-protect
arp-protect trust 11-24
arp-protect vlan 2-221
for mstp my comment
not need your system mstp config
because in order that need mstp config you can use mutiple path between switch
but you use one uplink path between switches
your need single spanning tree config for prevent loop occur on network
my other advice:
your network for students internet connection
you want make full securtiy and control on network must be use
pcm+ and NIM
http://www.hp.com/rnd/products/management/ProCurve_Manager_Plus/overview.htm
http://www.hp.com/rnd/products/management/ProCurve_Network_Immunity_Manager_1.0/overview.htm
cenk
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP