Wireless Networks Thread, New network advice (VLANs) in Technical; I know there have been a lot of VLAN related questions recently, but I am looking for advice from others ...
8th April 2011, 08:25 AM #1
New network advice (VLANs)
I know there have been a lot of VLAN related questions recently, but I am looking for advice from others who have VLANs already.
Current setup is 3 totally segregated flat networks. Admin, Curriculum, CCTV. We are moving to a single domain and hence the reason for looking at VLANs.
Current switches are some quite old Netgear switches running at 100mbps in some areas and 1Gbps in others. There are clearly a couple of bottlenecks too.
We have bought 7 new switches, 1 hp5406 and 6 hp3500s the plan is for the 5406 to be the core switch, the 3500s to be in the key locations and distribute out to the rest of the network. The link between the 5406 and 4 of the 3500s will be 3 1Gbps trunked fibre connections. The link between the 5406 and the other 2 3500s located in server rooms will be 10Gbps.
I am thinking of running the following vlans:
vlan for each of the 6 locations to segment the network
VOIP lan (currently not needed our phone system was installed when Noah built the Ark)
we have about 50 switches at present, but some will be redundant given that in some areas there is a part used admin and part used curriculum switch which will merge into one. Some switches are not managed which will only really affect the printer vlan as all CCTV comes back to two of the areas already.
Any thoughts, comments, suggestions appreciated.
8th April 2011, 09:54 AM #2
Looks about right, one other thing you could consider is an IT Admin VLAN which you would use in your office so you can lock down things like switch management, remote access to servers etc.
8th April 2011, 08:43 PM #3
That was what my management VLAN was for.
Had a thought about another one, should I VLAN my thin clients/Terminal services servers?
10th April 2011, 11:13 AM #4
- Rep Power
We have a similar setup to what you're proposing. Only major addition/difference is a per year level VLAN for students (each fits in a Class C) and a VLAN for staff. For your thin clients I would consider a device VLAN for them and other miscellaneous devices (such as projectors). For the guest sessions it is up to you.
10th April 2011, 04:46 PM #5
Adam, are you saying you have a VLAN based on users rather than devices? How do you achieve this?
11th April 2011, 01:32 AM #6
- Rep Power
Ultimately it all comes back to Windows NPS (802.1x) for both WLAN and LAN. This requires significant setting up so think carefully before going down this path. I should mention that this works for us more so as we're a secondary school with a 1-1 program, every student has a school notebook. But if they were to walk into a pool or use a spare with NPS they would still be assigned correctly. For us pools are dying out, next year we will have none so we're very reliant on the WLAN infrastructure.
There are also products from Cisco, HP, etc that do the same role as Windows NPS but a lot more expensive.
19th April 2011, 02:05 PM #7
Dynamic VLANNING can be tricky.... I would stick to roles and geo based...also make sure your IP plan is rock solid...
If you want I can send you my design doco on this subject...
20th April 2011, 01:40 PM #8
That would be helpful
Originally Posted by rbance
By stariq in forum Wireless Networks
Last Post: 13th April 2010, 10:07 AM
By ollieblake in forum Wireless Networks
Last Post: 9th December 2009, 08:15 PM
Last Post: 8th July 2009, 11:24 AM
By mattstevenson2005 in forum Wireless Networks
Last Post: 24th April 2009, 06:31 PM
By choran in forum Windows
Last Post: 23rd February 2006, 12:45 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)