?
Solved

Vlan Consideration in respect to all printers on one Vlan distributed between 4 buildings in campus environment

Posted on 2008-10-13
7
Medium Priority
?
461 Views
Last Modified: 2012-05-05
I started a new job with a company where I got to install all new Cisco Equipment.  I am in the final phases of my future design proposal.  Currently all of the printers are on a 10.0.2.x subnet.  It would be a lot of work to move all of the printers.   Would it be a bad design to have a certain VLan and subnet be the same between four different buidings?  Currently the big problem is they have a flat design with no layer 3 devices at all.   There will be mainly 3 buildings that I want to introduce ether-channel layer 2 to get to the core.  The core I have chosen to be in one building where the Firewalls and the internet egress out of.   The plan is to go with full redundant model.  The company is pretty good size but we may have a collapsed core design in which the core does dual functions of distribution and Core.    I am concerned it is a good idea to have your vlan broadcast stop at the closets between buidlings and route from their.   If I did this then I would not be able to have the Vlan for the printer subnet 10.0.2.x be a vlan in almost every switch within the three buildings.   That is I have to have vlan representation for the 10.0;2.x subnet in all three buidlings if the printers will all share the 10.0.2.x subnet.   Hopefully this makes sense.
0
Comment
Question by:asmusjer1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:kdearing
ID: 22708824
VLANS are normally organized in one of two different ways:
1. geographically; by floors, buildings, etc.
2. functionally; i.e. accounting, sales, engineering, etc.

So the short answer is, yes.
Grouping your network devices by function is one of the 'best practices' of network design.
0
 

Author Comment

by:asmusjer1
ID: 22711686
The problem I have is you would want to keep your Layer 2 traffic confined to the closet or within one building.  You will use layer 3 to route to the Core from there.  If I have an IP subnet range 10.0.2.x that represent all printers I can only use that Vlan at one location or building.   I would be forced to not use Layer 3 between buildings and let the Vlan's traverse out to the core.   The confusing part for me there is collpased core for smaller enterprise solutions.  The cofusing thing is the Print Server will be represented by the Server IP subnet scheme.  The users will all have to be routed to first get to the print Server which then passes the information where the actual printer is.  It acts like a DNS Server and does routing.  I am looking for best practical design that is scalable.  The scalable solution is always routing between buidlings.  I am just looking for feedback.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22712258
Okay, it sounds like you have already decided on a geographical-type VLAN structure.
But the printers all in one VLAN throughout 3 buildings is your concern.

A couple of questions...
What type of inter-building connections do you have?
What are you planning to use for Layer3 routing?
0
Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

 

Author Comment

by:asmusjer1
ID: 22712655
There is Fiber between the buildings and they will be connected between 3750 stacked switches via Etherchannel or I am confused how he Redundancy works as far as Layer 3.   If we are doing layer 3 between buildings then I would not be able to use etherchannel.  Correct?   A routing protocol would load balance.

EIGRP.   I have never setup a Layer 3 design before

Three buildings.
TMV = Core
T-INC = Distriibution
T-Inc East = Distribution

The fiber goes between buidings but T-Inc is in the middle of the Fiber Runs.  T-Inc East has to go through T-inc to get to TMV Core.

Phase I :  I can only purchase 9 switches.and the gbics.   I am forced to use the old 3com switches for Access Layer for a few months.   I might not be able to pull off layer 3 for a few months.  I might have to go with layer 2 out to the Core and route from there via 3750 G stack layer 3.   I am trying to design my model in phases with full redundancy as my final goal.   Two switches each are for connecting between buildings and the final three switches are for a Server Farm.  The Server Farm is in the same area as the Core Switches at TMV.  In essence they are an extension of the Core.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22713885
Ah, I understand now.

If you plan to use a Layer3 Etherchannel, then you cannot trunk the ports.
This means you'l have to change the IP addresses of printers in at least 2 buildings.

If you do not want to change the printer IP addresses, the use a Layer2 Etherchannel.
This will allow you to trunk the VLANs across the buildings.

It all comes back to a design preference of whether you carve up the VLANs geographically or functionally.

Most of the time, I prefer functional VLANs. With carefully selected ACLs, you can enhance the security of your network.
For example:
    denying access to accounting and HR resources
    maybe some group of users don't require internet access
    easier policy-based routing if you have multiple ISPs
    etc.

0
 
LVL 13

Accepted Solution

by:
kdearing earned 2000 total points
ID: 22713907
0
 

Author Comment

by:asmusjer1
ID: 24453998
Thanks
0

Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When posting a question about a Cisco ASA, Cisco Router or Cisco Switch, it can aid diagnosis if a suitably sanitised copy of the config is provided. It is much better to leave as much of the configuration as original as possible, as it could be tha…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses
Course of the Month9 days, 15 hours left to enroll

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question