Justifying Routing at the Edge

VTP, Portfast, Spanning Tree and all the other switch related stuff.
Guest

Re:Justifying Routing at the Edge

Post by Guest » Sun Nov 26, 2006 5:13 pm

Jamie A quick follow up - The only thing I can see that would have helped with this problem would have been having the VLANS distributed to the edge. So if the problem was coming from a particular VLAN it would have only affected that building. This seems to contradict what you are saying because here you seem to be suggesting breaking up the one vlan into many or am i misreading ? The key point is the size of the vlan not the location. Moving it out of the core as it is will protect the core but not where you move it to. Jon

Guest

Re:Justifying Routing at the Edge

Post by Guest » Sun Nov 26, 2006 6:24 pm

  Hi Jon, Thanks for your help with this. My point about the VLAN administration is this. If we have lots of /24 VLANS, it would mean changing all the switch ports to suit. How would we mange what switch ports had what VLANS? If we set more than 255 switch ports for a particular VLAN we could run out of I address. For instance, in Block A we have 2 wiring closets with 3 access layer switches in each closet. So, total number of ports would be 288, would we assign 255 ports to VLAN 2 and the rest to VLAN 3? Can you see my point, or am I still missing something? Does that make sense? Jamie

Guest

Re:Justifying Routing at the Edge

Post by Guest » Sun Nov 26, 2006 6:39 pm

Jamie My point about the VLAN administration is this. If we have lots of /24 VLANS, it would mean changing all the switch ports to suit. How would we mange what switch ports had what VLANS? If we set more than 255 switch ports for a particular VLAN we could run out of I address. You allocate a /24 to each vlan but that doesn mean you then go and allocated 254 ports to that vlan on a switch at the same time. A way to separate it up is to have vlans per floor of a building unless of course you have 3000 users on one floor. There is no requirement to fill every single vlan, you can actually have more vlans than you need so there is some slack in each vlan for new users. Last place i worked we had multiple buildings within a MAN. An average building had 5 floors so we allocated a /24 to each floor and then split the subnet into 2 x /25. One side of the floor got one /25 and the other half the other /25. Then we simply allocated ports on that floors closet switches into either vlan when needed and any unallocated ports were put into a non-routed "dummy vlan" to be used if new users moved onto the floor. The floor access-layer switches connected via fibre back to the main LAN room for that building. The uplinks were L2 trunks and the inter-vlan routing was done on a pair of 6500 switches in the main LAN room. Basically managing ports, allocating them into vlans etc. is a standard part of a network administrators job. The setup will take some time but once setup you are really only having to do minor changes from there on in. Jon

Guest

Re:Justifying Routing at the Edge

Post by Guest » Sun Nov 26, 2006 7:18 pm

Hi Jon, Yeah that makes sense to me. That is the scenario I would like to put in place, its just convincing my colleague now!!Jamie So, 1 /24 VLAN per floor, then you split that VLAN into 2 /25. I missing something again here, if you create the vlan on the 6500 "ip address 192.168.1.1 255.255.255.0. How are you then splitting this up into 2 /25? Sorry to be a pain. Jamie Jamie

Guest

Re:Justifying Routing at the Edge

Post by Guest » Sun Nov 26, 2006 8:50 pm

Jamie So I guees in your privious job you created the /24 VLANS on the 6500s? To splint the address int /25s I guess you configure the clients with a /25 subnet depending on what side of the building they were on? Yes exactly. The vlans were created on the 6500 switches and these switches were VTP servers. The access-layer switches were VTP clients. The L3 SVIs were on the 6500 switches. DHCP scopes were setup for /25s and so the client would get an IP from the /25 with the correct subnet mask and default-gateway. I appreciate that it is never easy to try and make big changes when you are new as others may see your recommendations as critcisms of the current network but it really would benefit your network administrators and more importantly your users if you could do this. Jon

Post Reply