vlan newbie, help and advice

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

codemantx

Thread Starter
Joined
Dec 7, 2010
Messages
1
I have a client with a campus of 7 buildings, one main building and six outlying buildings. In the main building they have a PowerConnect 6024F connected by fiber to six KTI KGS-520F switches and a KTI KGS-1604 switch in each of the outer buildings. They have Cisco Aironet WAPs plugged into each KTI switch, and 2 or 3 Aironet WAPs in the main building. All devices in the main building are connected to a Dell 48-port switch, but i'm not sure of the model number, and that switch is connected via copper to one of the ethernet ports on the 6024F.

Currently they are setup in a class C network using 10.0.1.0/24 subnet.

They want to setup vlans for the buildings using the following scheme:

Code:
10.0.1.0/24	vlan1	main building
10.0.2.0/24	vlan2	building 2
10.0.3.0/24	vlan3	building 3
10.0.4.0/24	vlan4	building 4
10.0.5.0/24	vlan5	building 5
10.0.6.0/24	vlan6	building 6
10.0.7.0/24	vlan7	building 7
10.0.8.0/24	vlan8	wireless
and also allow traffic to pass between all vlans, and for all vlans to get DHCP addresses from 10.0.1.128 on vlan1. All vlans will also need to be able to access the internet through a Sonicwall NSA 2400 on 10.0.1.1.

Currently, fiber is connected on ports g1, g3, g5, g7, g9 and g11 (one of the 520Fs appear to be connected via copper, but haven't been able to find it yet).

g17, g18, g19, g21, g23 are connected via copper, one to the 48-port switch, one to a Sonicwall NSA 2400 and the others to servers.


My plan is as follows:

Code:
g1	vlan2	10.0.2.254 <--fiber-->	 KGS-520F (10.0.2.1)	 - IP devices (10.0.2.0/24)
								 \ WAP 10.0.8.1 -> IP devices (10.0.8.0/24)

g3	vlan3	10.0.3.254 <--fiber-->	 KGS-520F (10.0.3.1)	 - IP devices (10.0.3.0/24)
								 \ WAP 10.0.8.2 -> IP devices (10.0.8.0/24)

g5	vlan4	10.0.4.254 <--fiber-->	 KGS-520F (10.0.4.1)	 - IP devices (10.0.4.0/24)
								 \ WAP 10.0.8.3 -> IP devices (10.0.8.0/24)

g7	vlan5	10.0.5.254 <--fiber-->	 KGS-520F (10.0.5.1)	 -IP devices (10.0.5.0/24)
								 \ WAP 10.0.8.4 -> IP devices (10.0.8.0/24)

g9	vlan6	10.0.6.254 <--fiber-->	 KGS-520F (10.0.6.1)	 -IP devices (10.0.6.0/24)
								 \ WAP 10.0.8.5 -> IP devices (10.0.8.0/24)

g11	vlan7	10.0.7.254 <--fiber-->	 KGS-1604 (10.0.7.1)	 -IP devices (10.0.7.0/24)
								 \ WAP 10.0.8.6 -> IP devices (10.0.8.0/24)
I imagine (guessing) I would also need to move the Aironets in the main building to one or more of the ethernet ports on 6024F and assign that port(s) to vlan8 with an IP of 10.0.8.254.

all other ports would be vlan1.

What I don't know is 1) how to configure the 6024F to set all that up, 2) how to add vlan8 in the mix on vlan2-7 ports for the wireless access points, and 3) how to allow traffic to pass among all the vlans.

to date, most of my experience has been with class C networks. but i do have some familiarity with the CLI on Cisco 2800 series. but that was just with setting up multilink with 3 T1s and routing between two different class C networks over the mulitlinked T1s. i have zero experience with vlans.

if it weren't for the WAPs in the outlying buildings, i imagine i would just simply subnet each building and add appropriate routing in the 6024F.

thanks in advance for any help/advice.

Cody
 

zx10guy

Trusted Advisor
Spam Fighter
Joined
Mar 30, 2008
Messages
6,476
You have a couple of ways to do this. One way is to set up the 6024F as the main core router for the network. You would set up a virtual interface for every VLAN and assign an IP for each one on the 6024F. This will be the default gateway/router for the devices on that subnet on that VLAN. The other option would be to leave the 6024F as a layer 2 switch only with all the VLANs configured on it. Then trunk all the VLANs to the Sonicwall which you would then configure sub-interfaces on the trunk interface.

I wouldn't place any of the switch management IPs on the same subnet as your user hosts. There's a concept of running a management VLAN for all devices on your network where you limit access to.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top