Improve company productivity with a Business Account.Sign Up

x
?
SolvedPrivate

IPv6 and IPv4 Subnetting scheme

Posted on 2017-01-20
4
Medium Priority
?
156 Views
Last Modified: 2017-03-18
Hello Experts,

I have an office site that will have close to 650 users in Total.

My first question is can I enable IPv6 for the LAN, and IPv4 as well , for the IPv4 I am thinking to 10 network. What do I need to enable IPv6 on the LAN and is that good thing?

I would like an IP Scheme or vlans that will serve that following.

1. Basement floor.
2.Ground floor
3. 1st floor.
4. 2nd floor
5. 3rd floor

There will also be different networks for the following

1. Security and door access.
2. Wi-Fi For LAN and Guest.
3. Management network for the network devices.
4. Data
5. Voice
6. Video --> that should be for the multi-media devices
8. Wi-Fi --> To server 1500 users (internal and external)
7. Native Vlan
8. Interlink vlan between the firewall and core switch.

I also need to do in the end a route summarization for this office.

Any comments and replies are highly appreciated.

Regards,
0
Comment
Question by:Habib Z
  • 2
4 Comments
 

Expert Comment

by:Terry Whitney
ID: 41972144
Hello,

If you are not familiar with an IPv6 network, you can easily have overlapping services and other issues such as incompatible hardware, slower than normal data transfers and internet access across the board.

I am not trying to discourage you, I am just telling you that IPv6 is has a learning curve and not all devices, networks or internet providers fully support IPv6.

Further IPv6 often is often improperly configured allowing gaping holes in your network security.

You can use IPv6 and IPv4 on the same network at the same time.   I would suggest you use caution, and possibly roll out IPv6 in a small test environment before trying to roll it out with a new facility with such a large size all at once.


From a security stand point, your WIFI and LAN for guest use, I would highly suggest placing it on a DMZ, completely separate from your internal network,
0
 
LVL 4

Author Comment

by:Habib Z
ID: 41972189
I agree with you on that.

Any other comments
0
 
LVL 34

Accepted Solution

by:
masnrock earned 2000 total points
ID: 41972244
There will also be different networks for the following

1. Security and door access.
2. Wi-Fi For LAN and Guest.
3. Management network for the network devices.
4. Data
5. Voice
6. Video --> that should be for the multi-media devices
8. Wi-Fi --> To server 1500 users (internal and external)
7. Native Vlan
8. Interlink vlan between the firewall and core switch.

As far as VLANs go, I'd have split like this (excuse any misinterpretations of the section I put in the quote)

1. Security
2. LAN - Data and WiFi (you can certainly split these if you'd like)
3. Management
4. Guest WiFi
5. Voice
6. Video
7. Native VLAN

Not going to say #8 is not needed, but it feels unneeded from my own view.

However, what does not add up is that you're saying your wireless would serve 1500 people, but you mention only 650 users total. Did you leave out contractors and consultants from that number or do you have spaces where a lot of presentations are done? If that is the case, then I can start to understand why the VLANs by floor
0
 
LVL 34

Expert Comment

by:masnrock
ID: 41993118
How did this turn out?
0

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This article is about building a site to site VPN tunnels in Cisco CSR1000V router with IOS XE. There are two Policy Based IPsec VPN tunnels configured on CSR1000V router one with NAT and another without NAT.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

588 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question