+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 21
Wireless Networks Thread, Help with VLANs in Technical; Hello, We are new to VLANs and just have a basic question to clear up some issues with understanding a ...
  1. #1

    Join Date
    Feb 2007
    Posts
    47
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0

    Help with VLANs

    Hello,
    We are new to VLANs and just have a basic question to clear up some issues with understanding a few points

    We have a 3com 5500G backbone consisting of 1 copper 48 port 5500G and 1 x Fibre 5500G linked together by XRN. The copper switch acts as a server switch and the fibre switch ports each has a 3Com 2948 switch attached to them. 2 fibre ports are inter site links running at 10mb and 100mb to different sites.

    What I want to do is VLAN off segments of the network possibly switch rooms at a time which could be a group of 4 x 2948. But also vlan off each inter site link.

    What I have been doing as a test is the following

    VLAN1 - Servers and Admin
    VLAN2 - Site 1
    VLAN3 - Site 2
    VLAN4 - Switch room 1
    etc

    As the 5500G is a layer 4 switch it can handle the routing and has allowed me to create a vlan interface for each vlan which works well.

    What I have done is rather than go into the end point switches is set each fibre port on the 5500G to a VLAN(untagged)

    e.g. 1/0/1 VLAN2 1/0/2 VLAN3 etc

    Each VLAN correctly DHCP's to its own subnet(from a single DHCP). My first question is should it be possible that each VLAN can ping and access each other? (Because they do). I was expecting them not being able to without being specifically tagged with the others vlan id?

    My second question is if this is supposed to happen like this then is it reducing the broadcasts like VLANs should? vs a flat network

    Number 3 is if I havent done things right should we be going into the 2948's and setting the VLANs there rather than at the core?(We were being lazy because we didnt see it was necessary)

    Sorry for the essay hope I've explained myself

    Thanks

    Robbie

  2. #2

    powdarrmonkey's Avatar
    Join Date
    Feb 2008
    Location
    Alcester, Warwickshire
    Posts
    4,859
    Thank Post
    412
    Thanked 777 Times in 650 Posts
    Rep Power
    182
    Quote Originally Posted by robbie-w View Post
    Each VLAN correctly DHCP's to its own subnet(from a single DHCP). My first question is should it be possible that each VLAN can ping and access each other? (Because they do). I was expecting them not being able to without being specifically tagged with the others vlan id?
    That's down to the firewall in your routing. If it's allowed to ping through, then it can.


    My second question is if this is supposed to happen like this then is it reducing the broadcasts like VLANs should? vs a flat network
    Yes. A broadcast is only sent to the local subnet, where a ping request (or any other form of ICMP traffic) is routed to the IP that you specify. A broadcast packet will not be transmitted beyond its subnet (known as a broadcast domain).

    Number 3 is if I havent done things right should we be going into the 2948's and setting the VLANs there rather than at the core?(We were being lazy because we didnt see it was necessary)
    You have done it right, you just need to configure your firewall properly.


    The TCP/IP Guide - IP Basic Address Structure and Main Components: Network ID and Host ID has some quite good info on subnetting, broadcast concepts, etc.
    Last edited by powdarrmonkey; 16th April 2008 at 08:49 PM.

  3. #3
    jimothy's Avatar
    Join Date
    Mar 2008
    Location
    Shrewsbury
    Posts
    43
    Thank Post
    14
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I don't know if this will be of any help; but we VLAN'd our network as we had many sites. To give more control over traffic we set Access Control Lists which effectively denied inter-site traffic as we routed everything through to our main site. Before we had ACLs effective every VLAN could access every other VLAN.

    We are using HP Procurve equipment (Mainly Layer 3 switches) so I don't know if there will be any similarities?

    As you're using Layer 4 devices you should be able to be more granular over the types of traffic you allow.

  4. #4

    Join Date
    Feb 2007
    Posts
    47
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks guys thats cleared it up

  5. #5

    Join Date
    Feb 2007
    Posts
    47
    Thank Post
    0
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Thanks thats cleared it up

    Robbie

  6. #6
    contink's Avatar
    Join Date
    Jul 2006
    Location
    South Yorkshire
    Posts
    3,791
    Thank Post
    303
    Thanked 327 Times in 233 Posts
    Rep Power
    118
    Just to piggy back on this thread as I'm an even bigger babe in the woods when it comes to VLAN.

    Can anyone recommend small scale switches capable of handling VLAN. I'd like to setup a VLAN at home and learn the ropes as I don't get the opportunity in any of my schools.. Budget is tight so obviously cheaper the better...

    Thanks in advance and apologies for stealing the thread

  7. #7

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Grabbing a second hand Catalyst series Cisco switch off ebay would be ideal.

  8. #8
    jimothy's Avatar
    Join Date
    Mar 2008
    Location
    Shrewsbury
    Posts
    43
    Thank Post
    14
    Thanked 1 Time in 1 Post
    Rep Power
    0
    I only really know HP; an entry level Procurve would do the trick:

    Ebay

    The only difference is in the terminology as HP call VLAN trunking: tagging

  9. #9

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    The HP command interface is modelled on Cisco's IOS, so you'd be right at home with either vendors switches.

  10. #10
    jimothy's Avatar
    Join Date
    Mar 2008
    Location
    Shrewsbury
    Posts
    43
    Thank Post
    14
    Thanked 1 Time in 1 Post
    Rep Power
    0
    Quote Originally Posted by Geoff View Post
    The HP command interface is modelled on Cisco's IOS, so you'd be right at home with either vendors switches.
    Sorted then

  11. #11
    DMcCoy's Avatar
    Join Date
    Oct 2005
    Location
    Isle of Wight
    Posts
    3,472
    Thank Post
    10
    Thanked 497 Times in 437 Posts
    Rep Power
    113
    One thing to bare in mind for home is those procurves make *lots* of noise.

    Other things will be lack of vlan routing and ACLs that are only available on bigger switches, although some have limited support.

    If you just want to try the VLAN side itsef without doing routing, acls, dynamic vlans etc the Procurve 1700 is a cheap web managed and silent (J9079A).

    I was looking into getting an 1800 for home, web managed, 24 port silent 1GB ports

  12. #12

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    If you are feeling brave you can pull the ProCurve apart and replace the fans. If you stick some nice quiet zalman (or similar) ones in the difference is amazing.

  13. #13
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22
    The Cisco switches are noisy too tbh, but you can replace the fans as Geoff said.

    One of the things I love about VLANs on Cisco kit is VTP. I'll be going back into a HP environment soon and will have a lot more to do with the switches than I did before, what are the main differences between HP CLI and Cisco IOS CLI?

  14. #14

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,803
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    One of the things I love about VLANs on Cisco kit is VTP.
    You should be using GVRP now, like everyone else is.

    I'll be going back into a HP environment soon and will have a lot more to do with the switches than I did before, what are the main differences between HP CLI and Cisco IOS CLI?
    The HP interface isn't as buggy and does everything out of the box without you having to buy 'addons'?

    But seriously, the major differences is that HP uses the IEEE standard equivalent of Cisco proprietary protocols. So GVRP instead of VTP, LLDP instead of CDP. 802.11Q instead of ISL. Etc.

  15. #15
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22
    Yeah. GVRP wasn't on the CCNA 3 syllabus...vtp was that's how I know about it. 802 standards I expected.

    Are the commands different such as enable, and show etc etc etc?

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 4
    Last Post: 6th March 2014, 02:00 PM
  2. Replies: 3
    Last Post: 19th October 2007, 09:28 AM
  3. Vlans
    By strawberry in forum Wireless Networks
    Replies: 2
    Last Post: 4th October 2007, 02:09 PM
  4. VLANs/ Subnets help
    By Ste_Harve in forum Wireless Networks
    Replies: 19
    Last Post: 25th June 2007, 12:42 PM
  5. Question about VLans.............help?
    By Kyle in forum Windows
    Replies: 11
    Last Post: 6th November 2006, 12:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •