Solved

Network switch infra design

Posted on 2013-11-06
19
560 Views
Last Modified: 2013-11-14
This is a design for new network using 7 switches - 5 x Cisco 2960 (with 4 SFPs), and 2 x HP Procurve V1910-24 switches, plus 2 12-port 100-based switches. All are gigabit switches. The areas and number of network points needed include, basement (12), 1st floor (7), 2nd floor (28), 3rd floor (18), and 4th floor (55).

Network cables of Cat6 are planned to running through the above areas. 2nd and 3rd floors are admin & business departments, in which high-ranking management personels positioned. 4th floor is computer lab, and a Internet line/router/firewall, are located. One of the major objective is, all users of any floor must able to access to Internet without problem.

Distances between 4th floor to basement is about 220 m, to 1st floor is about 120 m, to 2nd floor is 30 m, and to 3rd floor is 15 m. I'm thinking to set up 2 2-layer switch infra, with 1 core/distribution switch located at 4th floor, and the rest of the 6 switches as access-layer switches.

For 4th floor, 1 Cisco 2960 switch as core, plus 2 HP v1910 24-port switches uplinked with cat6 cable to the core switch; for 3rd floor, 1 Cisco 2960 switch as access-layer, and uplinked with cat6 cable to core switch; for 2nd floor, 1 Cisco 2960 switch as access-layer, and uplinked with cat6 cable to core switch, plus a 12-port 100-based switch cat6 cable uplinked to core switch; for 1st floor, 1 Cisco 2960 switch fibre-optic uplinked to core switch; for basement, 1 cisco 2960 switch fibre-optic uplinked to core switch.

The fibre-optic is multi-mode, so it should support up to 400 m? Any problem with the design? Can it be better? Does any VLAN and trunking are needed?

thanks,
0
Comment
Question by:MichaelBalack
  • 8
  • 7
  • 4
19 Comments
 
LVL 26

Expert Comment

by:Soulja
ID: 39627911
MM Fiber should be sufficient. You definitely want to include VLANs and trunking between the switches. I would also run port channels between all of the switches. I somewhat question using the 2960 as the core  since more purposed an an access layer switch. It's routing capabilities are limited also.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39627936
Hi Soulja,

These hardware inventory was passed down from my ex-colleague, and I got no choice, but  take it. Please detail on VLANs, trunking, and port-channel among the switches.
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39627953
VLANS can be organized however you want them. Some organized them by location or department or both. You will want to trunk the vlans between each of the switches. As for the port channels you will require at least two interfaces per switch, so if you are running fiber, you are talking about two fibers per run.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39630758
As soulja mentioned, 2960's are more for access switch and you will have to make sure that you have proper IOS version installed to enable routing.  However the routing capabilities are very limited.  I would recommend getting a low end layer 3 switch for the core such as 3560.
Make sure to create layer 2 and layer 3 VLAN if you want to enable interVLAN routing and make sure to set the core switch as VTP server and the rest as client.  I would set VTP password as well.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632418
Hi Soulja/Infamus,

On top the above 7 switches, with the connectivity as stated, there is one router. I am not sure if this is a Cisco Router 881 or other model (will confirm later). Just take it a Cisco 881 (with 4 LAN ports), can I use it to be my layer 3 router, for all the vlans, beside as a main gateway to the Internet?

How to set it up on router?

So the setting of VLANs and trunking is to segmenting so as a broadcast (such as from DHCP), won't be spread campus-wide?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39632521
I would set up vlan routing on the 2960 before resorting to a router on stick design. Let the router worry about Internet traffic .
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632552
Hi Soulja,

Let's assume i go for 5 vlans, please see my questions:

Q1. Do all 5 inter-vlans routing can be setup on the 2960?
Q2. For the connection between this 2960 and router, i only need a trunk that carry all 5 vlans?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39632554
Hi Soulja,

Does this means that i can set up svi - switched virtual interfaces on 2960?
0
 
LVL 26

Assisted Solution

by:Soulja
Soulja earned 250 total points
ID: 39633837
Q1. Do all 5 inter-vlans routing can be setup on the 2960?
Yes, all 5 vlan SVI's will reside on the 2960.

Q2. For the connection between this 2960 and router, i only need a trunk that carry all 5 vlans?

No, the connection to the router will be an access port with the vlan that the router's inside interface sits on.


The summarize:
- Create all 5 VLAN svi's on the 2960.
- Create a default route on the 2960 pointing to the ip of the inside interface of the router.
- Create an access port on the 2960 and assign the vlan that the router ip is part of. Connect this port to the router.
- On the router create a static router for each vlan subnet that you created on the 2960. For each static router set the next hop to the SVI on the 2960 in which the router interface is part of.
0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 
LVL 12

Accepted Solution

by:
Infamus earned 250 total points
ID: 39634229
This is basically what Soulja is recommending.

Let's say you have the following:

Router: 10.1.1.254

On the core switch:

config t

interface vlan 1
description vlan1
ip address 10.1.1.1 255.255.255.0

vlan 2
description vlan2

interface vlan 2
description vlan2
ip address 10.1.2.1 255.255.255.0
exit

vlan 3
description vlan3

interface vlan 3
description vlan3
ip address 10.1.3.1 255.255.255.0
exit

vlan 4
description vlan4

interface vlan4
ip address 10.1.4.1 255.255.255.0
exit

vlan 5
description vlan5

interface vlan5
ip address 10.1.5.1 255.255.255.0
exit

interface gi0/1 --->Interface which router is connected
switchport mode access
 (no need to assign vlan because it will be on vlan 1 by default unless you don't want to use vlan 1 as native)

ip route 0.0.0.0 0.0.0.0 10.1.1.254

On the router

config t

ip route 10.1.2.0 255.255.255.0 10.1.1.1
ip route 10.1.3.0 255.255.255.0 10.1.1.1
ip route 10.1.4.0 255.255.255.0 10.1.1.1
ip route 10.1.5.0 255.255.255.0 10.1.1.1

Soulja, can you confirm?

Thanks.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39634244
Oh...obviously..turn on routing....

config t

ip routing
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39634257
Yep, that's exactly what I am suggesting.
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39636969
Thanks for the very details explanation.

One last question (it could be stupid question), so, Cisco router 881 can do the routing job for all VLANs?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39636982
Yes, but the design is not optimal. Keep the vlan routing on the 2960.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39637470
Why would you want the router to handle the inter-vlan routing when the switch is already doing the vlan routing with the above configuration?
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39642027
Hi Infamus,

I need to use cisco router 881 because it is stable. Since inter-vlan routing is done on 2960, this cisco router will be used as Internet router with NAT.

One last question - I need to have a dhcp server to serve all the vlans, where should set it?
0
 
LVL 26

Expert Comment

by:Soulja
ID: 39642206
I need to use cisco router 881 because it is stable. Since inter-vlan routing is done on 2960, this cisco router will be used as Internet router with NAT.

So you are not using the router to route vlans, just internet traffic correct?

One last question - I need to have a dhcp server to serve all the vlans, where should set it?

Put the dhcp server on whichever vlan you desire. For all other vlan interfaces you will have to add a helper statement:
 
for example

Interface vlan 2
ip helper-address x.x.x.x (address of dhcp server)
0
 
LVL 1

Author Comment

by:MichaelBalack
ID: 39642429
Thanks Soulja
0
 
LVL 1

Author Closing Comment

by:MichaelBalack
ID: 39647886
Thanks both
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

The following recovery method will work on All Cisco Switchs that run ISO software. You will need a good copy of the IOS version you want you use saved on your PC and a Com's Cable. The software for these switches comes as a .tar file. Tar is …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now