+ Post New Thread
Results 1 to 7 of 7
Wired Networks Thread, Introduce VLAN in stages in Technical; I'm trying to get my head around something and would appreciate people's thoughts. We need to introduce VLANs for our ...
  1. #1

    Join Date
    Feb 2013
    Location
    South West England
    Posts
    221
    Thank Post
    0
    Thanked 36 Times in 32 Posts
    Rep Power
    33

    Introduce VLAN in stages

    I'm trying to get my head around something and would appreciate people's thoughts.

    We need to introduce VLANs for our phone and CCTV systems (initially, maybe more services in future) but due to current switches it is not fully possible.

    However we are having a new building built and are installing Layer2 switches so this would be a good time to start the VLAN setup which we would then take site wide as and when switches are replaced.

    First question - is it possible to do this?

    I'm thinking to keep the default VLAN ID 1 for all computers etc, a VLAN 10 for CCTV and VLAN 100 for phones.

    I then set all uplinks as Trunk ports on the new switches. I tag the phone system on VLAN 1 and VLAN 100 and the CCTV to VLAN 1 and VLAN 10.

    I understand that by doing this I won't see a benefit yet until all switches are replaced and configured but I hope to use this as a starting point.

    Any thoughts would be appreciated.

  2. #2

    Join Date
    Nov 2005
    Location
    North
    Posts
    1,883
    Thank Post
    25
    Thanked 93 Times in 73 Posts
    Rep Power
    51
    I am in a similar boat. I have no inter vlan routing setup but have a separate VLAN for some of the chromebooks. The other VLAN is just set up on wireless so the WIFI ports are set to trunks. The only bit I change the PVID is on my smoothwall port for the second VLAN

  3. #3

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,313
    Thank Post
    901
    Thanked 1,798 Times in 1,549 Posts
    Blog Entries
    12
    Rep Power
    466
    You shouldn't need to do that on the smoothwall. Setup a static route on your core L3 switch pointing to smoothwall. Then add the second subnet in the smoothwall network settings. We have a large number of VLANs with only 1 interface on the internal side on smoothwall.

    To put an ip route it on a Cisco switch run the following command in global configuration mode.

    IP Route 0.0.0.0 0.0.0.0 <Smoothwall IP>

  4. #4

    Join Date
    May 2014
    Location
    San Ramon
    Posts
    5
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Why do you want the CCTVs on VLAN 1 and VLAN10? And why would you want the phones on VLAN 1 and VLAN 100? Defeats the whole purpose of having VLANs and switches in the first place.

    So, this is how we have our network set up.

    VLAN 1, computers
    VLAN 2, Phones
    VLAN 3, Server to Server
    VLAN 4, Guest
    VLAN 5, Cameras
    VLAN 6, Apple TVs

    VLAN 1 is Computer traffic
    VLAN 2 doesn't talk to the other VLANS. There is a route in the Dell SonicWall that lets the server VLAN talk to it, but the only traffic on the VLAN is phone.
    VLAN 5 is like VLAN2, except the NAS we have has two ports, one is for all the cameras to come into and be recorded on. The other is a VLAN1 port on the NAS so certain people can view the cameras. No other traffic goes on VLAN 5

    VLAN 3 is strictly inter-server traffic on two switches.

    VLAN 4 is our Guest network. It only has that traffic and goes to our low/free comcast internet connection
    VLAN 6 is for Apple TVs. The Ruckus wireless has a separate SSID/radio for the apple TVs to be on, and then they use a bonjour gateway on the Ruckus. This cuts down the chatter on the wireless network dramatically. Only VLAN 1 can talk to VLAN 6, and only certain ports for Apple TV stuff.

    The idea of VLANs is to keep the traffic segregated so you have more overall bandwidth. When you "trunk" them to another switch, you just need to make sure you tell it what traffic you want on it. For some of our switches, the camera VLAN is the only thing going to another switch as there are more cameras on that switch, and more data. So we keep the traffic to the one fiber run back to another switch.


    Quote Originally Posted by snagrat View Post
    I'm trying to get my head around something and would appreciate people's thoughts.

    We need to introduce VLANs for our phone and CCTV systems (initially, maybe more services in future) but due to current switches it is not fully possible.

    However we are having a new building built and are installing Layer2 switches so this would be a good time to start the VLAN setup which we would then take site wide as and when switches are replaced.

    First question - is it possible to do this?

    I'm thinking to keep the default VLAN ID 1 for all computers etc, a VLAN 10 for CCTV and VLAN 100 for phones.

    I then set all uplinks as Trunk ports on the new switches. I tag the phone system on VLAN 1 and VLAN 100 and the CCTV to VLAN 1 and VLAN 10.

    I understand that by doing this I won't see a benefit yet until all switches are replaced and configured but I hope to use this as a starting point.

    Any thoughts would be appreciated.

  5. #5

    Join Date
    Feb 2013
    Location
    South West England
    Posts
    221
    Thank Post
    0
    Thanked 36 Times in 32 Posts
    Rep Power
    33
    Quote Originally Posted by ericdano View Post
    Why do you want the CCTVs on VLAN 1 and VLAN10? And why would you want the phones on VLAN 1 and VLAN 100? Defeats the whole purpose of having VLANs and switches in the first place.
    Because I have a lot of switches I can't configure which will have phones and CCTV on them.

    I know it defeats the object by tagging them on VLAN 1 but I need Phones/CCTV on the older switches to still work until those switches are replaced by managed switches.

    Once all switches are managed I can remove the VLAN 1 as a tag.

    Does that make sense? If I'm talking rubbish then please set me straight!

  6. #6

    Join Date
    May 2010
    Posts
    1,155
    Thank Post
    113
    Thanked 104 Times in 79 Posts
    Rep Power
    52
    You could set them up, and just leave the PVID at 1 until you have all your switches in place. You don't really want to tag (T) aka trunk the vlans unless you are using wifi with multiple SSID, trunking uplinks is fine.
    eg ports 1-10 vlan 1 - pvid 1 all set to U
    ports 11-20 vlan 10 - pvid 10 all set to U
    ports 21-23 vlan 100 pvid 100 all set to U
    port 24 uplink tagged on all vlans

    This is my understanding anyway (802.1q vlan)

    Why are people using vlan 1 ? Isn't this normally the management vlan ?

  7. #7

    Join Date
    Aug 2009
    Posts
    287
    Thank Post
    21
    Thanked 22 Times in 19 Posts
    Rep Power
    14
    Quote Originally Posted by caffrey View Post
    You could set them up, and just leave the PVID at 1 until you have all your switches in place. You don't really want to tag (T) aka trunk the vlans unless you are using wifi with multiple SSID, trunking uplinks is fine.
    eg ports 1-10 vlan 1 - pvid 1 all set to U
    ports 11-20 vlan 10 - pvid 10 all set to U
    ports 21-23 vlan 100 pvid 100 all set to U
    port 24 uplink tagged on all vlans

    This is my understanding anyway (802.1q vlan)

    Why are people using vlan 1 ? Isn't this normally the management vlan ?
    You'd normally leave vlan1 well alone as the default one, move management etc onto other random numbers.



SHARE:
+ Post New Thread

Similar Threads

  1. CC3 to Vanilla Network. Last Stages, Error message when logging in.
    By Richings110 in forum Network and Classroom Management
    Replies: 12
    Last Post: 5th July 2013, 02:07 PM
  2. VLANs in Virtualisation
    By garethedmondson in forum Thin Client and Virtual Machines
    Replies: 37
    Last Post: 18th April 2013, 03:11 PM
  3. pls help in configuring vlan in procurve
    By kumar in forum Wired Networks
    Replies: 5
    Last Post: 11th June 2012, 01:39 PM
  4. Replies: 2
    Last Post: 17th March 2010, 10:52 PM
  5. Computer Products Introduces The CP All In One LCD PC
    By CPLTD in forum Our Advertisers
    Replies: 6
    Last Post: 13th July 2008, 10:26 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •