Wireless Networks Thread, VLAN Possibilities & Configuration in Technical; Hi all,
I have read over most of the VLAN forum posts i can find but im still in the ...
13th April 2011, 06:12 PM #1
- Rep Power
VLAN Possibilities & Configuration
I have read over most of the VLAN forum posts i can find but im still in the dark.
Our Lan currently is a "flat LAN" over 500 client devices and 30+ Servers. Obviously we are struggling with network bandwidth issues.
We have 100MB or 1000MB fibre links (media converters both ends) to most of our locations on site. Our topology is something like this
48 port 3com switch
Into that goes, Servers, Router, all CAt5 from fibre media Converters also a 2GB trunk to another switch hosting less mission critical servers.
We have 3 IP ranges on the same subnet provided by SWGFL also and they are used in our DHCP scope currently, our router (cisco) provided by them is our gateway on our DHCP Scope.
Network congestion seems to be a big issue at the moment and im thinking VLAN could help with this issue?
Any advise would be fantastic as we currently have our server room in bits for cable management!
13th April 2011, 08:46 PM #2
VLANS aren't always the solution, you need to analyse what is causing the congestion before splitting your network.
Get hold of wireshark and do some analysis with it. Particularly look out for devices causing loads of broadcast traffic and see if you can reduce this (usually printers or machines with incorrect dns).
13th April 2011, 10:49 PM #3
I can agree with Wiresharking, I found that our Oracle SANs are flooding the LAN with ARP requests, thousands a minute thus in a 1 minute capture it was around 96% of the LAN traffic was ARP requests from the Oracle SANs! Queue over a month of poking them and sending them captures and trying to get them to understand that yes its "slow" but its "slow" as its flooding my LAN, as when its been rebooted its speedy as anything. Finally yesterday they have cottoned on and suggested a bug we could be suffering from, which will be fixed they hope later this year!!
14th April 2011, 12:53 AM #4
Simply plugging in a laptop or pc with wireshark installed will only show broadcast, multicast or arp traffic.
Originally Posted by john
Unfortunately in a switched network you will only see broadcasts and traffic intended for your "wireshark" enabled pc hence why your capture recorded 96% of the LAN traffic being ARP because that's what it actually was!
Wireshark and other packet capture devices can only see what traffic appears on the capture nodes interface.
In order to use wireshark properly the traffic must pass through the device or be used in conjunction with a network tap or port mirror to monitor a specific interface.
I'm not saying what you did was incorrect, but your interpretation of the results was!
Sharking a link will quickly highlight gratuitous ARP and help you spot a misconfigured device but it doesn't really help beyond that.
Sharking is useful when you stage MITM attacks where you actually intercept real packets intended for somewhere else.
You would need to capture every conversation from every port on your switches in order to get an accurate measurement for your entire LAN.
16th April 2011, 04:19 PM #5
- Rep Power
Thanks for all your replies. I think we have pretty much sorted any bottle necks or at least now identified them. Most of our servers were teamed NIC's but the switch wasn't trunking them but ive sorted that now. I dont think i'll look into the VLAN features. However again thanks for your replies.
19th April 2011, 07:59 AM #6
To be honest i would look into splitting your network into VLAN's. One bad NIC and it will bring down your entire network. At least put your servers into a different vlan then your clients.
Originally Posted by dblight
19th April 2011, 12:41 PM #7
- Rep Power
You need to do VLANNING for the right reasons...agreed...
The example regarding the SAN flooding the network is not just a case for needing a VLAN implementation, but perhaps you should isolate your storage network altogether (if you can). Storage Networks can be interesting in a VLAN setting...
I am happy to share my VLAN planning and IP Address Planning as to the group if you want.
19th April 2011, 07:43 PM #8
19th April 2011, 07:51 PM #9
Forgive me for being so nosey - but what on earth do you have 30+ servers for?
20th April 2011, 08:37 AM #10
- Rep Power
We have some servers clustered together for redundancy. We tend to now have a server for a specific role. I'm just starting to plant the virtualization seed but its falling on deaf ears at the moment! we shall see :-)
Originally Posted by synaesthesia
On the VLAN front I see a lot of reason for isolation of the servers at least but i still dont have a clue how to do it or what it will effect. All servers need to be accessable 24/7 to all clients.
If i am gonna suggest an implementation of configuration change i have to go through 50 questions, test it then go through another 100 questions and it may get signed off about a year later LOL!
By JamesMason in forum Wireless Networks
Last Post: 20th January 2010, 01:17 PM
By cgorms in forum Wireless Networks
Last Post: 16th April 2009, 07:26 PM
By rosswilson in forum Wireless Networks
Last Post: 15th March 2009, 08:10 PM
By robknowles in forum Wireless Networks
Last Post: 28th May 2008, 04:01 AM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)