+ Post New Thread
Results 1 to 10 of 10
Wireless Networks Thread, VLAN Possibilities & Configuration in Technical; Hi all, I have read over most of the VLAN forum posts i can find but im still in the ...
  1. #1
    dblight's Avatar
    Join Date
    Jul 2009
    Location
    Plymouth
    Posts
    35
    Thank Post
    7
    Thanked 6 Times in 6 Posts
    Rep Power
    12

    VLAN Possibilities & Configuration

    Hi all,

    I have read over most of the VLAN forum posts i can find but im still in the dark.

    Our Lan currently is a "flat LAN" over 500 client devices and 30+ Servers. Obviously we are struggling with network bandwidth issues.

    We have 100MB or 1000MB fibre links (media converters both ends) to most of our locations on site. Our topology is something like this

    48 port 3com switch
    Into that goes, Servers, Router, all CAt5 from fibre media Converters also a 2GB trunk to another switch hosting less mission critical servers.

    We have 3 IP ranges on the same subnet provided by SWGFL also and they are used in our DHCP scope currently, our router (cisco) provided by them is our gateway on our DHCP Scope.

    Network congestion seems to be a big issue at the moment and im thinking VLAN could help with this issue?

    Any advise would be fantastic as we currently have our server room in bits for cable management!

    Thanks

  2. #2

    teejay's Avatar
    Join Date
    Apr 2008
    Posts
    3,181
    Thank Post
    285
    Thanked 774 Times in 584 Posts
    Rep Power
    336
    VLANS aren't always the solution, you need to analyse what is causing the congestion before splitting your network.
    Get hold of wireshark and do some analysis with it. Particularly look out for devices causing loads of broadcast traffic and see if you can reduce this (usually printers or machines with incorrect dns).

  3. #3

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,619
    Thank Post
    1,499
    Thanked 1,053 Times in 922 Posts
    Rep Power
    304
    I can agree with Wiresharking, I found that our Oracle SANs are flooding the LAN with ARP requests, thousands a minute thus in a 1 minute capture it was around 96% of the LAN traffic was ARP requests from the Oracle SANs! Queue over a month of poking them and sending them captures and trying to get them to understand that yes its "slow" but its "slow" as its flooding my LAN, as when its been rebooted its speedy as anything. Finally yesterday they have cottoned on and suggested a bug we could be suffering from, which will be fixed they hope later this year!!

  4. #4

    m25man's Avatar
    Join Date
    Oct 2005
    Location
    Romford, Essex
    Posts
    1,631
    Thank Post
    49
    Thanked 462 Times in 337 Posts
    Rep Power
    140
    Quote Originally Posted by john View Post
    I found that our Oracle SANs are flooding the LAN with ARP requests, thousands a minute thus in a 1 minute capture it was around 96% of the LAN traffic was ARP requests from the Oracle SANs!
    Simply plugging in a laptop or pc with wireshark installed will only show broadcast, multicast or arp traffic.

    Unfortunately in a switched network you will only see broadcasts and traffic intended for your "wireshark" enabled pc hence why your capture recorded 96% of the LAN traffic being ARP because that's what it actually was!

    Wireshark and other packet capture devices can only see what traffic appears on the capture nodes interface.

    In order to use wireshark properly the traffic must pass through the device or be used in conjunction with a network tap or port mirror to monitor a specific interface.

    I'm not saying what you did was incorrect, but your interpretation of the results was!

    Sharking a link will quickly highlight gratuitous ARP and help you spot a misconfigured device but it doesn't really help beyond that.
    Sharking is useful when you stage MITM attacks where you actually intercept real packets intended for somewhere else.

    You would need to capture every conversation from every port on your switches in order to get an accurate measurement for your entire LAN.

  5. #5
    dblight's Avatar
    Join Date
    Jul 2009
    Location
    Plymouth
    Posts
    35
    Thank Post
    7
    Thanked 6 Times in 6 Posts
    Rep Power
    12
    Thanks for all your replies. I think we have pretty much sorted any bottle necks or at least now identified them. Most of our servers were teamed NIC's but the switch wasn't trunking them but ive sorted that now. I dont think i'll look into the VLAN features. However again thanks for your replies.

    Darren

  6. #6
    bio
    bio is offline
    bio's Avatar
    Join Date
    Apr 2008
    Location
    netherlands
    Posts
    520
    Thank Post
    16
    Thanked 130 Times in 102 Posts
    Rep Power
    38
    Quote Originally Posted by dblight View Post
    I dont think i'll look into the VLAN features. However again thanks for your replies.

    Darren
    To be honest i would look into splitting your network into VLAN's. One bad NIC and it will bring down your entire network. At least put your servers into a different vlan then your clients.

    bio..

  7. #7

    Join Date
    Mar 2011
    Location
    Canberra
    Posts
    108
    Thank Post
    0
    Thanked 10 Times in 10 Posts
    Rep Power
    12
    You need to do VLANNING for the right reasons...agreed...
    The example regarding the SAN flooding the network is not just a case for needing a VLAN implementation, but perhaps you should isolate your storage network altogether (if you can). Storage Networks can be interesting in a VLAN setting...
    I am happy to share my VLAN planning and IP Address Planning as to the group if you want.

  8. #8

    john's Avatar
    Join Date
    Sep 2005
    Location
    London
    Posts
    10,619
    Thank Post
    1,499
    Thanked 1,053 Times in 922 Posts
    Rep Power
    304
    Quote Originally Posted by rbance View Post
    You need to do VLANNING for the right reasons...agreed...
    The example regarding the SAN flooding the network is not just a case for needing a VLAN implementation, but perhaps you should isolate your storage network altogether (if you can). Storage Networks can be interesting in a VLAN setting...
    I am happy to share my VLAN planning and IP Address Planning as to the group if you want.
    Its actually an interesting SAN anyway as its a SAN and a NAS in one, as its an Oracle OpenStorage system so our NFS and iSCSI traffic is on a completely separate LAN but the SMB is over the main network as our profiles, documents etc are all directly off the SAN thus cutting down on VMs needed and adding extra levels of work to the systems.

    I am looking into the VLAN'ing just need to get switches that support it as we still have a number that don't and we don't have any L3 switches still and the budget is not looking favorable at present as I'm having to buy a new CCTV system so thats a few £K wiped out of what I would have spent on a new L3 switch for the core

    Always happy to see how people do it all and plan these things if you want to share them

  9. #9

    synaesthesia's Avatar
    Join Date
    Jan 2009
    Location
    Northamptonshire
    Posts
    6,033
    Thank Post
    589
    Thanked 1,030 Times in 790 Posts
    Blog Entries
    15
    Rep Power
    467
    Forgive me for being so nosey - but what on earth do you have 30+ servers for?

  10. #10
    dblight's Avatar
    Join Date
    Jul 2009
    Location
    Plymouth
    Posts
    35
    Thank Post
    7
    Thanked 6 Times in 6 Posts
    Rep Power
    12
    Quote Originally Posted by synaesthesia View Post
    Forgive me for being so nosey - but what on earth do you have 30+ servers for?
    We have some servers clustered together for redundancy. We tend to now have a server for a specific role. I'm just starting to plant the virtualization seed but its falling on deaf ears at the moment! we shall see :-)

    On the VLAN front I see a lot of reason for isolation of the servers at least but i still dont have a clue how to do it or what it will effect. All servers need to be accessable 24/7 to all clients.

    If i am gonna suggest an implementation of configuration change i have to go through 50 questions, test it then go through another 100 questions and it may get signed off about a year later LOL!

    Darren

SHARE:
+ Post New Thread

Similar Threads

  1. VLAN configuration information
    By JamesMason in forum Wireless Networks
    Replies: 1
    Last Post: 20th January 2010, 01:17 PM
  2. VLAN CONFIGURATION
    By cgorms in forum Wireless Networks
    Replies: 9
    Last Post: 16th April 2009, 07:26 PM
  3. Central VLAN Configuration
    By rosswilson in forum Wireless Networks
    Replies: 1
    Last Post: 15th March 2009, 08:10 PM
  4. VLAN Configuration
    By robknowles in forum Wireless Networks
    Replies: 1
    Last Post: 28th May 2008, 04:01 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •