Moving flat network to VLANs
I have a facility that is currently running a single class C network with a mix of hubs and switches. We are upgrading their infrastructure to be completely switched and implementing VLANS at the same time. I am planning to use a 3560 as the core switched attached to the router and have all the remote switches connected to it. The 3560 will support all my VLAN configuration stuff. I will have a VLAN for the user population, a management VLAN and a VLAN for some of the production machines. I am planning on keeping their existing class C for the user population to avoid have readdressing issues and split up a new address space for the rest.
My question concerns the link between the router and the switch. I am thinking a simple point to point network between the two and then use eigrp between them for routing. I am thinking that I can carve up the new space and have a portion for several point to points and then a portion for my management VLAN and finally a portion for the production machines.
I am used to everything havving its one Class C space just for simplicity but would hate to start that model since what I do here I want to apply to 30 other facilities. I figure this was each facility with be contained within two to four Class C and make the over all management and routing simplier.
Am I on the right track?? Recommendations??
Do you have a specific goal in mind by establishing separate VLANs? If not, it would not appear to harm anything by sticking with a single Class C space (/25 or /26 mask if you don't need it all) and not readdress at all. I would recommend moving to DHCP though. Painful at first but will simplify things (e.g., change management) a lot in the long term.
A single subnet wouldn't even need a dynamic routing protocol between the switch and router - just a static route. In fact - you don't even need to use the switch's routing image. Just let it act as a L2 switch only and set up your routing (again with only a static route - assuming you have only one WAN interface) on the router.
I'm a fan of simplicity - only add/turn on functions where you have a business need or can articulate added value. Especially if you have to do it over and over ("30 other facilities"). Make it so any tech can walk in and grasp what the setup is and how to troubleshoot it.
Hope this helps. Please rate helpful posts.
Similar Messages
-
Converting Flat network to VLAN
Ok here is what I would recommend.You have your vlans setup, and the L3 mode set in the SG300 right?If so you will specify an IP address for the L3 router's interface on each vlan. For the sake of discussion lets say you have your business lan on VLAN 1, your guest network on vlan 100, and your servers on vlan 200 Your subnets are 172.16.1.0/24 for vlan 1, 172.16.100.0/24 for vlan 100 and 172.16.200.0/24 for vlan 200.The router's L3 interfaces will be 172.16.1.2 for vlan 1, 172.16.100.1 for vlan 100 and 172.16.200.1 for vlan 200.
[Sidebar] There are a couple of things I want to point out here. Your vlan ID can be any number between 1 and 4095. I will typically setup the vlan ID to match the 2nd or 3rd octet in the IP address. That makes the vlan to ip address human identifiable. The computers or switches don't care, but from a...This is my first post after having read a lot and making little to no progress.I'm the SysAdmin at a small school and we are growing. My flat network is running out of IP addresses. So, given my limited budget, I switched my network backbone to a SG300-52 and am looking to VLAN setup my environment. I want to use Layer 3 switching and port by port VLAN.I've read several articles about how to do this with the SG300, but I just can't figure it out. I'm Sec+ certified, not CCNA so this is a little out of my league.
Right now my setup is one DHCP server (Win 2008 server) and a FiOS router serving as the gateway. I would like to convert to being able to split my ports to differing subnets and have routing in between them to alleviate my IP address issues. I will still only have one DHCP server (which multiple scopes) and that one gateway. I...
This topic first appeared in the Spiceworks Community -
Flat network to Multiple VLANs
Hey,
We have about 30x 2950-T and 10x 3560 switches. I wish to break our flat network into about 10 VLANS using our 3550 as the VTP server and use Trunking between our switches. Do I put all of our switches into one VLAN seperately from our servers/workstations? Or is there a better way?
Also do the 2950T-24 support stacking as most of our switches are all daisy chained. Anyone have a good solution for me to better implement our switches?
I appreciate your help.
Cheers.Its a good idea to have a management VLAN and have all the switches management IPs in that VLAN. Also, you will need a layer 3 switch such as a 3550/3560 to route between your 10 VLANs. The following page should help
http://www.cisco.com/warp/public/473/189.html
2950s do support gigastacking. You might want to refer to our best practices document(written for 6500/4500 but you can use it in for other switches too)
http://www.cisco.com/warp/public/473/185.html -
What exactly is meant by a flat network? Please read on before you give a quick answer.
I have some definite ideas, but I would love to hear other people's inputs, ideas and perceptions.
The trend in the data center is to go in the direction of flat networks, which to me means that the multi-tiered architectural model can be collapsed into 2 layers. Juniper says they will collapse the data center into one tier: the Stratus project promises the equivalent of one gigantic logical switch.
So, the implication is that there will be a flattening of the network in 2 ways: first, in terms of physical layers of networking and secondly, in terms of creating one logical L2 domain that is horizontally expanded (across data centers, too), but the redesigned L2 domain will not require STP, blocked uplinks, or unknown unicast flooding.
I do require some clarification:
1.) How exactly can the access and aggregation layers be flattened? If, for example, one can stack all the top of rack (accesss layer) switches to create a single virtual chassis and then do the same, or something similar, like VSS, to the aggregation layer, the result is that each layer will see the other layer as one switch. So, 10 access switches will look like 1 switch to the aggregation layer, and 2 aggregation layer switches will look like 1 switch to the access layer. This will allow one to create multi-chassis etherchannels that can expand the network horizontally, HOWEVER, there are still 2 layers of networking.
Does this make sense?
2.) The value in spanning L2 domains across data centers in a services-oriented architecture is clear. It facilitates vMotion and vStorage and creates clusters of compute and storage resources, which can be leveraged for SAN replication, disaster recovery, cloud computing (IT/Software as a Service), and running active/active application services).
But does flattening the network mean that there will be one massive subnet that will be considered one broadcast domain? Albeit, unicast flooding and ARPs will have to be re-engineered to operate in this environment. This doesn't seem likely.
Any thoughts?
ThanksThere are as many ways to skin the cat as you can dream up.
But clearly you cannot expect to change roles completely and have everything stay the same.. although the Mac should not need to start over.. TM should be able to have multiple setups where it recognises the different network layouts.. at least with ML it can do that. If you are using SL as per your profile.. no.. it has to be manually setup.
The first obvious solution is this.
Network B: Mac connects to LAN via a non-Apple wi-fi router; TC connects to Mac via ethernet cable
Do the same in network A.. Use the Mac by wireless for internet.. and backups to the TC connected directly by ethernet. Do not plug the TC into the network.
A variation on this.
You can even do it by ethernet.. simply have a switch and plug in both Mac and TC.. but use the TC on a different IP address. You can set statically double IP on the one ethernet port.
Even better plug in a USB drive and use that.. it will be faster, more stable, and more reliable for backups than the TC. Leave the TC in network A. -
Access Point configuration for flat network
We have recently aquired a remote location which has a pre-existing flat network (172.16.X.X/16). Before we are able to convert them over to our new IP scheme, they have a need to have wireless connectivity on site. We have 4 1142's which I need to configure for them. I have experience configuring WLC's and autonomous AP's for networks with multiple vlans but have never configured AP's for a flat, single subnet network. I need to configure them for either guest access (internet only) or corporate access to network resources with radius authentication. Do I configure a native vlan as I would for a typical multi vlan network? Do I configure the switch port as an access port as opposed to a trunk beacause of the lack of layer 3? I basically need a sample configuration for this situation.
since you are on flat network, you just need to configure the SSID, no need for subinterfaces. With the AP only servicing the one VLAN you can leave the port as an access port as well.
as they are on the only subnet, I wouldn't do a 'guest' SSID. I would go with just the corporate SSID with WPA2/AES/802.1x. So the config is exactly the same for the RADIUS server and the SSID, but greatly simplified since you don't have to sub-interface anything.
Steve -
I lost my ipod touch when i moved flats and i just found it in one of the boxes after 4months and now its asking me to "connect to itunes" but itunes doesnt recognize it because i have a passcode and its asking me to enter it. HEEEEELP please
Place the iPod in Recovery Mode and restore via iTunes.
iOS: Wrong passcode results in red disabled screen
If not successful, try DFU mode.
How to put iPod touch / iPhone into DFU mode « Karthik's scribblings -
Implementing Vlan in a Flat network
Hi all,
Right now i have 6 2950 switches all in same subnet and connecting different deprtments.we have 2 routers and Pix 506e.Now I m told to create Vlans in a way where we can use some departments using one first ISP-Line and rest on 2nd ISP line.I want to kno that how can i use same Vlan name/group across the switches or do i have to re arrange cables from various departments and then creating vlans.?we have 2600 series router with 2 ILL.Can i use 1 switch in command mode and other switches connected to various departments as a member of 1st switch and VLan on first switch only? please provide me details on this.
Thanks in Advance..
SidWhen you create multiple vlans, you will need a router (or l3 device) to route between vlans. Since your switches are 2950s, they are layer 2 only. You can use the 2600 router for external inter vlan routing.
Vlans can span different switches if you use trunking between the switches. (802.1q or ISL - 2950 support only 802.1q) To facilitate ease of configuration of vlans in the database of each switch, you should utilise VTP. One switch will be the VTP server, while all others are clients. You create vlans in the VTP server and it will propagate the information automatically to all other VTP clients. Still you will need to log into each switch and associate the physical port to the appropriate vlan.
Check out some of these guides on,
VTP - http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84bf.html
Clustering - Helps in managing all switches in a cluster using one IP address
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84b7.html
Trunking and Vlan configuration -
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00800d84be.html
External Inter vlan routing with a 2600 router
http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_example09186a00800949fd.shtml -
Problem with phone line after moving flats
I have moved to a new flats 3 months ago. We transferred our BT line (BT is our phone and internet provider) to our new flat, internet works fine, but the phone line doesn't! We are not able to call anyone, or receive any calls. Is it something we can do to fix it on our own or should we call an engineer? Will it cost us anything if we call a BT engineer?
THank you in advance!
ElenTry the self help guide first
Fixing phone faults
If you are sure the fault is not within your premises, then you can report the fault here
Reporting Phone Faults
Provided that the fault is external to your house, then you should not be charged.
There are some useful help pages here, for BT Broadband customers only, on my personal website.
BT Broadband customers - help with broadband, WiFi, networking, e-mail and phones. -
SG300 - Separating network using vlan?
I am wondering what the best way to separate a network, both data, on a cisco SG300. I do not want network 1 to able to communicate with network 2 or vice versa. I have one server for DHCP for network 1, 192.168.1.X. I would like network 2 to have ip of 10.0.0.X, can the cisco SG300 do dhcp for this vlan?
Thank you for your help,
BrianHello Brian, the SX300 series do not support any DHCP service, you will need a router or a DHCP box for this. The SX300 can separate traffic with VLAN. However, as the default layer 2, all request will go to your router then route to the destinations. As the switch in layer 3 mode, you may have local connectivity, however, if your router does not support the vlans or dot1q encapsulation, the router would require static routes for those subnets to be able to correctly route to the internet.
-Tom
Please rate helpful posts -
Moved flat two months ago and STILL no internet
I moved into my flat on May 30th and called EE who told me it would take a couple weeks to get reconnected with them. The date for reconnection came and went... Nothing happened. I called them and they arranged for a BT engineer to come and check out why it wasn't working. The BT engineer adjusted something or other, he was incredibly vague, and said that everything should now be working... Shocker, it wasn't. We called EE and asked what was happening and why it was taking so long, that was in the third week of June or so. They said we had to wait for BT to activate the line for us, which would happen on July 12th, another three week wait.
Once again, yet somewhat unsurprisingly at this point, the 12th of July came and went, and, you guessed it, no internet. Not even a call from EE explaining what was wrong, we were completely ignored, as was our problem. We called them again, twice connection was lost about 45 minutes into the phone call and no one could be bothered to call us back, we were left to spend another thirty minutes explaining and re-explaining our situation and being told that "we can see your connection now and it's active.." like it was OUR fault and we were doing something wrong, Not what you want to hear when you've spent nearly two months without Internet. So after two disconnections we managed to get through to someone, who told us we would be fast tracked and would have internet by midnight on Tuesday, that he was doing some very expensive fast track for us that cost £200 to do. Tuesday came and went, nothing. On Wednesday morning (yesterday) we received a text message, saying our internet would be activated by midnight. Guess what, it's Thursday morning and still no internet.
I am sick to death of speaking to your customer service team, who seem to go round and round in circles trying to do the same solution (which doesn't work) over and over again because there is a complete lack of communication within the team. I am sick of explaining the issue over and over again only to be asked if I've reset the box or being told that I'm definitely connected so they don't know what's wrong. At this point it's not good enough. My partner and I have had phone bills accumulating to over £300 the last two months, because of YOU. we have unlimited internet at home because we need it, we both have to work from home quite often and I am completing an online course for which missing a deadline would mean being kicked off.
The issue needs resolving once and for all, or we will be cancelling all contracts we have with you, and sharing our experience with as many people as possible to avoid them suffering a similar fate. We've heard Virgin Media are very good and will set up your internet in less than ten days, after forty six days with no internet, that is starting to sound like a god send. No more empty offers, no more "wait two weeks", I want it sorted now or you will lose us as customers.What does it say in the Internet section on the initial Status page of the BrightBox? Omit your BB Username.
What lights show / don't show on front of router (count them off)?
Is this for ADSL BB or Fibre? BrightBox 1 or 2?
Does the phone work? Do you get a dial tone? Does it announce your correct no. when you dial 1470 17070? -
I am not using network virtualization and currently using traditional VLANs. Now what I did currently is I have one logical network, one network site, and in that network site contains all my VLAN's (23 right now).
What I noticed is when I create a cloud I can't choose the network... I can only choose the logical switch which will give that cloud complete access to all VLAN's right?
So in my situation would it be better to just create a logical switch for each VLAN we have? Keep in mind this is a multi-tenant environment so that is why there are so many VLANs.
Most of the videos I find go into Network Virtualization which is not what I'm trying to do :-(Hi se
This is how I do it (I don't have WLSE):
- Create a ssid per vlan in the AP.
- Configure switch to AP connection as a trunk.
- If needed, configure helper addresses in switch.
If you need routing between VLANs, you will need a router, afaik AP cannot do it.
HTH -
AX guest network using vlan in the switch
Hi!
I'm thinking of setting up a wlan and guest wlan by setting up separate Airport Expresses on different VLANs. The new gen. The setup would be 3 AXs on the internal network and 3 AXs as guest network. VLAN1 is internal and VLAN2 is guest. All AXs wil lbe set up in brigde mode. The AXs aren't VLAN aware so they'll just pass along whatever packets coming their way, right? I will configure the switch to use VLAN1 on all ports except 4 on VLAN2. 3 for the AXs and one to hte firewall that also provides DHCP for VLAN2.
Would this work OR have i missed something vital here?
/HasseThanks for the info, Unfortunately, as suspected the Arris model that you have is known as a "gateway", or "modem/router".
The AirPort Extreme recognizes that there is another router "upstream" on the network, so it correctly chooses the Bride Mode setting to allow correct operation on the network.
The downside to this is that the Guest Network cannot be enabled when the AirPort is configured in Bridge Mode.
If the Guest Network feature is important to you, check with your service provider to see if they can supply a simple modem to connect to the AirPort Extreme.....not a "gateway" or "modem/router" device. -
Flat Network & no Spanning tree?
I have a large network with 8 2950 powered by 2821, with 30 vlans. The network has no loops or redundancy. Question 1 do I need to have spanning tree running and why?
If not how do I disable it?I am sure you have heard the line "run the spanning-tree even when you do not have any loops in the network" and generally our recommendation is to leave it on which is default even if you have no redundancy but have etherchannels ( etherchannels with ON mode can cause transient spanning-tree loops ) .
Traditionally the problem that people have had with spanning-tree has large convergence times ( of the order of 30 - 50 seconds ) and some one coming from SONET , optcal background ( the folks who are used to the convergence times of 50 msec ) dont genrally like that. So the bottom line is you can turn it off so long as you make sure you have absolutely no redundancy and no etherchannels.
the command is as simple as
no spanning-tree
on all IOS based switches.
Hope this helps.
thanks
Salman Z. -
Mouse stops moving on network activity.
Hi All,
I just got my new 24" intel iMac today and I have an issue that I can't seem to find any documentation for. Perhaps one of you has dealt with the issue and can help.
I have a Logitech Revolution mouse that I've been using on my Mac G4 for the last few weeks with no problems at all (actually one of the best mice I've ever used). But now that I've got it on my new iMac, whenever I'm copying data over AFP (Apple File Protocol) my mouse becomes very unresponsive and will only move every so often, during the transfer and not nearly as far I've instructed it... Once the network file copy completes it's back to it's regular working order again.
The mouse receiver is plugged directly into the back of the computer for optimal power and I have the latest Logitech drivers installed.
Any help or suggestions are greatly appreciated.
Regards,
Mat Pridham
24" iMac , 2.33GHz Core2Duo, Bluetooth Enabled Mac OS X (10.4.10)Hi Mat
I don't have that mouse, but when I googled: "logitech revolution slow in os x" many folks in other forums had the same issue with the mouse.
One fix for some folks was >USB Overdrive - 10.4.5
Sorry I couldn't be more help!
Dennis
17" iMac Intel Core Duo - 2GB Ram - Mac OS X (10.4.10) - Maxtor 300GB FireWire - Creative Inspire 2.1 - 2G Nano -
Small network, two VLANs, need some guidance
Hello. Big-time newbie here. I have a Cisco 2801 router and a few Cisco SG200-26 switches. I need to configure two VLANs: vlan10 for public wifi access and vlan20 for private staff use. I have fa0/0 configured with IP 192.168.1.2/24. This interface will be connected to an AT&T DSL gateway for Internet service. I have fa0/1 configured with IP 172.16.1.1/16. The goal is to provide Internet access to both VLANs, but no routing between VLANs. I am also enabling a DHCP pool of 172.16.10.0/22 intended for use on vlan10 (public wifi access) and another DHCP pool of 172.16.20.0/24 for vlan20 (private staff). I assume fa0/1 has to be configured for dot1q trunking and connected to a switch port also configured for trunking, yes? I also have WAPs that will need to serve up both VLANs. The WAPs I have are 121 and 2600 series. I assume I will be creating two SSIDs - one for each VLAN, yes?
I am looking to keep this as simple as possible.
What else do I need to consider? thank you in advance for your guidance.thanks for ur valuable reply.
u r right that whenever we create a new db, oracle always assigns a new dbid. which will be different from the id of backupset db.
kindly explain me steps to perform, whether it is duplicate db case or standby.
how rman will recoganize the backupset.
Maybe you are looking for
-
Illustrations greyed-out when printing PDF file from Adobe Reader
Hello, From within PageMaker 7 I've made a 52-page PDF document in Distiller (selected job option is for Print) and uploaded it to my website. It contains many greyscale illustrations (TIFs and JPGs first imported into PageMaker), and text. I am ab
-
Can't get rid of the blue "downloading the latest applications" bar that seems to be just hanging and won't go away. I uninstalled and reinstalled Firefox, but the bar is still there after 2 days. I updated something (can't remember what!) on I.E., a
-
How to update the field 'VBRK-ZUONR' of Billing Document Header(VF03)
Hi Experts. I got a request to update the field 'VBRK-ZUONR' of Billing Document Header(T-code:VF03). At first i thought it might be a BADI or User-Exit case and looked up in Standard Program but found nothing. Thus i doubted if it was a configuratio
-
RE: WMP and Automatic Uploading to my C:/ Drive/No!
Hello, My name is Seth. I have noticed that when I opened "organize" and then choose the option for my "music" files, I can erase folders from which WMP automatically uploads info. (pictures and music) onto my C:/ Drive. This is great news. I just po
-
How to test Cisco Call home on UCS
How do you test the call home feature on Cisco Call home? Thx