Solved

Network switch infra design

Posted on 2013-11-06
19
571 Views
Last Modified: 2013-11-14
This is a design for new network using 7 switches - 5 x Cisco 2960 (with 4 SFPs), and 2 x HP Procurve V1910-24 switches, plus 2 12-port 100-based switches. All are gigabit switches. The areas and number of network points needed include, basement (12), 1st floor (7), 2nd floor (28), 3rd floor (18), and 4th floor (55).

Network cables of Cat6 are planned to running through the above areas. 2nd and 3rd floors are admin & business departments, in which high-ranking management personels positioned. 4th floor is computer lab, and a Internet line/router/firewall, are located. One of the major objective is, all users of any floor must able to access to Internet without problem.

Distances between 4th floor to basement is about 220 m, to 1st floor is about 120 m, to 2nd floor is 30 m, and to 3rd floor is 15 m. I'm thinking to set up 2 2-layer switch infra, with 1 core/distribution switch located at 4th floor, and the rest of the 6 switches as access-layer switches.

For 4th floor, 1 Cisco 2960 switch as core, plus 2 HP v1910 24-port switches uplinked with cat6 cable to the core switch; for 3rd floor, 1 Cisco 2960 switch as access-layer, and uplinked with cat6 cable to core switch; for 2nd floor, 1 Cisco 2960 switch as access-layer, and uplinked with cat6 cable to core switch, plus a 12-port 100-based switch cat6 cable uplinked to core switch; for 1st floor, 1 Cisco 2960 switch fibre-optic uplinked to core switch; for basement, 1 cisco 2960 switch fibre-optic uplinked to core switch.

The fibre-optic is multi-mode, so it should support up to 400 m? Any problem with the design? Can it be better? Does any VLAN and trunking are needed?

thanks,
0
Comment
Question by:MichaelBalack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
  • 4
19 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39627911
MM Fiber should be sufficient. You definitely want to include VLANs and trunking between the switches. I would also run port channels between all of the switches. I somewhat question using the 2960 as the core  since more purposed an an access layer switch. It's routing capabilities are limited also.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39627936
Hi Soulja,

These hardware inventory was passed down from my ex-colleague, and I got no choice, but  take it. Please detail on VLANs, trunking, and port-channel among the switches.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39627953
VLANS can be organized however you want them. Some organized them by location or department or both. You will want to trunk the vlans between each of the switches. As for the port channels you will require at least two interfaces per switch, so if you are running fiber, you are talking about two fibers per run.
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 12

Expert Comment

by:Infamus
ID: 39630758
As soulja mentioned, 2960's are more for access switch and you will have to make sure that you have proper IOS version installed to enable routing.  However the routing capabilities are very limited.  I would recommend getting a low end layer 3 switch for the core such as 3560.
Make sure to create layer 2 and layer 3 VLAN if you want to enable interVLAN routing and make sure to set the core switch as VTP server and the rest as client.  I would set VTP password as well.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632418
Hi Soulja/Infamus,

On top the above 7 switches, with the connectivity as stated, there is one router. I am not sure if this is a Cisco Router 881 or other model (will confirm later). Just take it a Cisco 881 (with 4 LAN ports), can I use it to be my layer 3 router, for all the vlans, beside as a main gateway to the Internet?

How to set it up on router?

So the setting of VLANs and trunking is to segmenting so as a broadcast (such as from DHCP), won't be spread campus-wide?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39632521
I would set up vlan routing on the 2960 before resorting to a router on stick design. Let the router worry about Internet traffic .
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632552
Hi Soulja,

Let's assume i go for 5 vlans, please see my questions:

Q1. Do all 5 inter-vlans routing can be setup on the 2960?
Q2. For the connection between this 2960 and router, i only need a trunk that carry all 5 vlans?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632554
Hi Soulja,

Does this means that i can set up svi - switched virtual interfaces on 2960?
0
 
LVL 26

Assisted Solution

by:Soulja
Soulja earned 250 total points
ID: 39633837
Q1. Do all 5 inter-vlans routing can be setup on the 2960?
Yes, all 5 vlan SVI's will reside on the 2960.

Q2. For the connection between this 2960 and router, i only need a trunk that carry all 5 vlans?

No, the connection to the router will be an access port with the vlan that the router's inside interface sits on.


The summarize:
- Create all 5 VLAN svi's on the 2960.
- Create a default route on the 2960 pointing to the ip of the inside interface of the router.
- Create an access port on the 2960 and assign the vlan that the router ip is part of. Connect this port to the router.
- On the router create a static router for each vlan subnet that you created on the 2960. For each static router set the next hop to the SVI on the 2960 in which the router interface is part of.
0
 
LVL 12

Accepted Solution

by:
Infamus earned 250 total points
ID: 39634229
This is basically what Soulja is recommending.

Let's say you have the following:

Router: 10.1.1.254

On the core switch:

config t

interface vlan 1
description vlan1
ip address 10.1.1.1 255.255.255.0

vlan 2
description vlan2

interface vlan 2
description vlan2
ip address 10.1.2.1 255.255.255.0
exit

vlan 3
description vlan3

interface vlan 3
description vlan3
ip address 10.1.3.1 255.255.255.0
exit

vlan 4
description vlan4

interface vlan4
ip address 10.1.4.1 255.255.255.0
exit

vlan 5
description vlan5

interface vlan5
ip address 10.1.5.1 255.255.255.0
exit

interface gi0/1 --->Interface which router is connected
switchport mode access
 (no need to assign vlan because it will be on vlan 1 by default unless you don't want to use vlan 1 as native)

ip route 0.0.0.0 0.0.0.0 10.1.1.254

On the router

config t

ip route 10.1.2.0 255.255.255.0 10.1.1.1
ip route 10.1.3.0 255.255.255.0 10.1.1.1
ip route 10.1.4.0 255.255.255.0 10.1.1.1
ip route 10.1.5.0 255.255.255.0 10.1.1.1

Soulja, can you confirm?

Thanks.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39634244
Oh...obviously..turn on routing....

config t

ip routing
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39634257
Yep, that's exactly what I am suggesting.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39636969
Thanks for the very details explanation.

One last question (it could be stupid question), so, Cisco router 881 can do the routing job for all VLANs?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39636982
Yes, but the design is not optimal. Keep the vlan routing on the 2960.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39637470
Why would you want the router to handle the inter-vlan routing when the switch is already doing the vlan routing with the above configuration?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39642027
Hi Infamus,

I need to use cisco router 881 because it is stable. Since inter-vlan routing is done on 2960, this cisco router will be used as Internet router with NAT.

One last question - I need to have a dhcp server to serve all the vlans, where should set it?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39642206
I need to use cisco router 881 because it is stable. Since inter-vlan routing is done on 2960, this cisco router will be used as Internet router with NAT.

So you are not using the router to route vlans, just internet traffic correct?

One last question - I need to have a dhcp server to serve all the vlans, where should set it?

Put the dhcp server on whichever vlan you desire. For all other vlan interfaces you will have to add a helper statement:
 
for example

Interface vlan 2
ip helper-address x.x.x.x (address of dhcp server)
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39642429
Thanks Soulja
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 39647886
Thanks both
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will step through configuring a SonicWALL appliance to utilize an internal DHCP server for Global VPN Client (GVC) hosts.  There are times when using an external (external to the SonicWALL) DHCP server, such as Windows Servers, isn’t pr…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question