Link to home
Start Free TrialLog in
Avatar of AnyTech
AnyTech

asked on

Best Practice: LAN / Network Design (IP Addressing) for 350 User NEW BUILDING.

I am working with a web marketing startup that is transitioning to a larger building and am tasked with designing the network from scratch.  I am more of a hardware guy and do NOT have a background in Network Administration so I am looking for advice on how to proceed with this portion of the project.

I'm looking for the best way to create a scaleable network, that's easily manageable and provides room for things like VoIP and local network services (print servers etc...)

We have now purchased a Layer 3 Blade Switch (modular, 288 ports)

Is this a good plan or best practices???

1.)  Divide office into small networks (subnets?) using VLANs.  This keeps broadcast noise manageable on each VLAN.

VLAN 1 (Servers, Printers etc..) :      192.168.1.xxx
VLAN 2 (Engineering Users):             192.168.2.xxx
VLAN 3 (Sales/Marketing Users):       192.168.3.xxx
VLAN 4 (Management Users):            192.168.4.xxx
VLAN 100 (Phones):                           192.168.100.xxx
VLAN 200 (WiFi):                                 192.168.200.xxx - 192.168.205.xxx

2.)  Setup static routes on the switch to route between VLANS



What IP Scheme do I use?  Do I just stick with 192.168.x.x or do I go with 10.x.x.x ?  I know there are Class A, B and C ip ranges - but I don't really know what that means or when to use which...

Looking to be pointed in the right direction...  Experts-exchange-example.png
Avatar of remixedcat
remixedcat
Flag of United States of America image

Many go with 10.x.x.x (and I do as well) however 192.x.x.x is a standard internal networking IP range. VLANs are a good idea too.
Avatar of AnyTech
AnyTech

ASKER

I guess what I am wondering is if VLANs are the RIGHT way to accomplish what I am looking for?

Being a tech oriented company users are currently complaining that they can't reliably make VoIP calls from their workstations... Often getting notifications of "Network congested".  That is why I wish to break down the entire office into smaller groups (using VLAN).

BUT --  Are there consequences to VLANs?  i.e. I know a router will stop broadcast traffic. So if I had a user on 192.168.3.x (VLAN 3) and another user on 192.168.5.x (VLAN 5) -- Would they be able to see each others machines in "network neighborhood" or similar utilities WITHOUT specifically having to punch in their IP Address?

Would either of these users still be able to print to a printer on 192.168.1.x (VLAN 1)  (assuming routing on the switch was setup properly).

yes they should be still able to print, however you may want to have your subnets divded into floors of the building (if there are not too many users per floor) and have the printers on each floor part of the subnet if printers and other devices have been evil enough to you LOL.

I would go with the 192.x.x.x IP range as well becuase some applications are configured, be default to use this and you'd have to change the IPs in the applications to reflect a new IP range.

use a separate VLAN for a particular type of devices / applications may not be a good design
e.g. u put all file servers and printers in 192.168.1.x, all users from different departments have to access those resources. traffic will be centralized rather than distributed.
for a large organization, usually each division/department will have their own applications and printers. i'll separate the VLAN accordingly so that most of their traffic will be localized to their own VLAN. It is also easy to physically move a division/department away from the main office and connect via VPN.
If u anticipate no more than 254 devices on a VLAN, just stick to Class C subnet, i.e. 192.168.x.x. However if there is a high chance that u will go beyond that, u may use Class B as start.
P.S. putting all VoIP traffic in the same VLAN is also not good. if you have a lot of agents using VoIP in Sales/Marketing, u may want to further divide that into multiple VLANs to avoid network congestion.
ASKER CERTIFIED SOLUTION
Avatar of ArneLovius
ArneLovius
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of AnyTech

ASKER

ArneLovius,

This is helpful, exactly what I was wondering about bonjour not being routable.

I was trying to keep the network happy by keeping the machine count down.  All our users are heavy with their inernet usage...
Avatar of AnyTech

ASKER

ArneLovius,

This is helpful, exactly what I was wondering about bonjour not being routable.

I was trying to keep the network happy by keeping the machine count down.  All our users are heavy with their inernet usage...
Avatar of AnyTech

ASKER

Continued...  

I was trying to keep machine count down per segment of network as users using voip desktop clients (softphones) were experiencing frequent congestion.

We are running Apple Servers and are using a HP 5400 series blade switch.  The apple servers are LDAP, Print, and File services
 
Another thought to break up the network:
Previously I was running out of IPs on a single class c /24 with 100 users as each user gets 2 IPs on their laptops (one for wired eth, and a 2nd for wifi), then they typically have a iphone and ipad so some users were taking 4 IPs.

With this said, what's the best way to set this up?  What about the wifi as wifi users will still need access to LDAP Print and file services...

If you need more information let me know...
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial