Network Design HELP
This is more of a call for someone to analyze this network and tell me if we can doing anything better.Please see attached network diagram for reference to below questions.
We currently have a 5/5 bonded T1 connection from ISP and are being upgraded to a 20/20 Fiber connection. Right now we have 2 IP's but they only gave us 1 drop from their equipment so we put a switch in front of our Sonicwall 2400 (DG) and assigned 2 WAN interfaces to the 2 different IP's. My boss wasn't sure if we needed 2 IP's anymore because we no longer have a heavy VPN traffic coming in.
We have Bandwidth management setup on 1 of the IP's on the Sonicwall to give priority to those users and or hosts that need it. We just added them as Address Objects and route them out the second WAN interface, then allocate a bigger chunk of the bandwidth to them.
We have a L3 Adtran Netvanta 1500 routing between our Voice and Data VLANs with 1 cable per phone and computer. I'm not sure I have COS setup on the switch so I may need to do that for the voice vlan?
On the L2 Switch we have a server, NAS, and misc. like IP Cameras, Copiers, etc.
We have 1 SonicPoint AP coming off an Interface on the Sonicwall.
All in all we have a SERVER+NAS+VOIP system+ 30 users + 30 phones + 2 IP Cameras + 5 Network Printers + AP with another 30 devices =80-100 devices on the network at any given time. This is broken up into 2 VLAN's and 3 subnets.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@Tim Phillips yes I meant QoS. The switch can do CoS and also map that to DSCP and I think voice is typically put in at 5 CoS which is in the 40 range for DSCP markings.
Which type of bandwidth management are doing on front switch i couldn't get idea. You already making NAT over sonicwall, finally you are loosing source IP. If we are talking about destination part, switch is is irrelevant there. In fact switch can do just L2 port bandwidth control. Finally it is absolutely unnecessary.
I think below link will help you how you will add secondary IP on same interface.
https://www.experts-exchange.com/questions/27519143/Multiple-WAN-ip-addresses-on-Sonicwall-NSA.html
I think below link will help you how you will add secondary IP on same interface.
https://www.experts-exchange.com/questions/27519143/Multiple-WAN-ip-addresses-on-Sonicwall-NSA.html
ASKER
We used bandwidth management on the Sonicwall and per WAN interface. We have 2 WAN interfaces but do not have them setup for load balancing so in that case you can only add BWM on the primary interface. We have this set for 3000 Kbps and the secondary interface just takes what's leftover.
ASKER
This is a small network but we use the L3 switch to route between our Voice and Data VLANS. We don't have a DMZ server or DMZ device of any kind on our network. The Windows server does DHCP, DNS for only the Data VLAN.
The reason we had the switch in front of the Sonicwall to begin with was because we wanted bandwidth management options on the 2 different interfaces. With the new faster internet service coming we may do away with this all together. I haven't looked into putting 2 different IP Blocks on the same WAN interface but I'm assuming NAT/Firewall would have to handle it because I don't see this option under Interface settings?
If we decide to continue doing Bandwidth management I'll either have to continue using the switch or figure out a another method of controlling who gets what (maybe another VLAN to split up current DATA VLAN?) Any thoughts on this?
The WLAN currently is another subnet (192.168.X.X) on the DATA VLAN but this is usually a maximum of 15-30 users at any time but mostly not a lot of traffic. We don't currently have any guest wifi because we don't have much walk in traffic or outside traffic in general.