Solved

Vlan Consideration in respect to all printers on one Vlan distributed between 4 buildings in campus environment

Posted on 2008-10-13
7
458 Views
Last Modified: 2012-05-05
I started a new job with a company where I got to install all new Cisco Equipment.  I am in the final phases of my future design proposal.  Currently all of the printers are on a 10.0.2.x subnet.  It would be a lot of work to move all of the printers.   Would it be a bad design to have a certain VLan and subnet be the same between four different buidings?  Currently the big problem is they have a flat design with no layer 3 devices at all.   There will be mainly 3 buildings that I want to introduce ether-channel layer 2 to get to the core.  The core I have chosen to be in one building where the Firewalls and the internet egress out of.   The plan is to go with full redundant model.  The company is pretty good size but we may have a collapsed core design in which the core does dual functions of distribution and Core.    I am concerned it is a good idea to have your vlan broadcast stop at the closets between buidlings and route from their.   If I did this then I would not be able to have the Vlan for the printer subnet 10.0.2.x be a vlan in almost every switch within the three buildings.   That is I have to have vlan representation for the 10.0;2.x subnet in all three buidlings if the printers will all share the 10.0.2.x subnet.   Hopefully this makes sense.
0
Comment
Question by:asmusjer1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:kdearing
ID: 22708824
VLANS are normally organized in one of two different ways:
1. geographically; by floors, buildings, etc.
2. functionally; i.e. accounting, sales, engineering, etc.

So the short answer is, yes.
Grouping your network devices by function is one of the 'best practices' of network design.
0
 

Author Comment

by:asmusjer1
ID: 22711686
The problem I have is you would want to keep your Layer 2 traffic confined to the closet or within one building.  You will use layer 3 to route to the Core from there.  If I have an IP subnet range 10.0.2.x that represent all printers I can only use that Vlan at one location or building.   I would be forced to not use Layer 3 between buildings and let the Vlan's traverse out to the core.   The confusing part for me there is collpased core for smaller enterprise solutions.  The cofusing thing is the Print Server will be represented by the Server IP subnet scheme.  The users will all have to be routed to first get to the print Server which then passes the information where the actual printer is.  It acts like a DNS Server and does routing.  I am looking for best practical design that is scalable.  The scalable solution is always routing between buidlings.  I am just looking for feedback.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22712258
Okay, it sounds like you have already decided on a geographical-type VLAN structure.
But the printers all in one VLAN throughout 3 buildings is your concern.

A couple of questions...
What type of inter-building connections do you have?
What are you planning to use for Layer3 routing?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:asmusjer1
ID: 22712655
There is Fiber between the buildings and they will be connected between 3750 stacked switches via Etherchannel or I am confused how he Redundancy works as far as Layer 3.   If we are doing layer 3 between buildings then I would not be able to use etherchannel.  Correct?   A routing protocol would load balance.

EIGRP.   I have never setup a Layer 3 design before

Three buildings.
TMV = Core
T-INC = Distriibution
T-Inc East = Distribution

The fiber goes between buidings but T-Inc is in the middle of the Fiber Runs.  T-Inc East has to go through T-inc to get to TMV Core.

Phase I :  I can only purchase 9 switches.and the gbics.   I am forced to use the old 3com switches for Access Layer for a few months.   I might not be able to pull off layer 3 for a few months.  I might have to go with layer 2 out to the Core and route from there via 3750 G stack layer 3.   I am trying to design my model in phases with full redundancy as my final goal.   Two switches each are for connecting between buildings and the final three switches are for a Server Farm.  The Server Farm is in the same area as the Core Switches at TMV.  In essence they are an extension of the Core.
0
 
LVL 13

Expert Comment

by:kdearing
ID: 22713885
Ah, I understand now.

If you plan to use a Layer3 Etherchannel, then you cannot trunk the ports.
This means you'l have to change the IP addresses of printers in at least 2 buildings.

If you do not want to change the printer IP addresses, the use a Layer2 Etherchannel.
This will allow you to trunk the VLANs across the buildings.

It all comes back to a design preference of whether you carve up the VLANs geographically or functionally.

Most of the time, I prefer functional VLANs. With carefully selected ACLs, you can enhance the security of your network.
For example:
    denying access to accounting and HR resources
    maybe some group of users don't require internet access
    easier policy-based routing if you have multiple ISPs
    etc.

0
 
LVL 13

Accepted Solution

by:
kdearing earned 500 total points
ID: 22713907
0
 

Author Comment

by:asmusjer1
ID: 24453998
Thanks
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question