04-02-2007 04:28 AM - edited 03-05-2019 03:14 PM
Hello Experts!
i have to Design the following setup: 10 access-switch connected to the core(4507R)via L2 Trunk;the Network it is 100.4.0.0
Switch 1 on vlan 50
Switch 2 on vlan 51
Switch 3 on vlan 52
Switch 4 on vlan 53
Switch 5 on vlan 54
on the CORE:
INT vlan 50
IP address 100.4.50.2/24
INT vlan 51
IP address 100.4.51.2/24
INT vlan 52
IP address 100.4.52.2/24
& so one
the qestion is:what should be the mangment vlan for each switch
e.g:
sw1(Vlan50)
ip address 100.4.1.4
sw2(Vlan51)
ip address 100.4.1.5
sw3(Vlan53)
ip address 100.4.1.6
********************
CORE
ip address 100.4.1.2
Is this a good design or u suggest another address for Vlan Mang on each access switch
regards
ALI
04-02-2007 04:35 AM
Hi Ali
There is nothing wrong with what you are proposing except that you need a separate vlan for your management ie.
You addressing for the switch management is fine
100.4.1.4
100.4.1.5
100.4.1.6
etc
but they need to be out of the same vlan. So allocate a new vlan number for the management vlan and use the IP addressing you are proposing.
Set the default gateway to be the SVI for the management vlan on your 4507 switch.
HTH
Jon
04-02-2007 04:36 AM
Ali,
Your design is correct and its Ok as per the guidelines. By-default vlan is the Managemnt vlan on l2 switches. Its is always advisable to use a different vlan other than Vlan1 as the managemnt vlan.
As you have used a different vlans on each switch as the management vlan, you should be fine with it. To have consistency on the manageing the switch IP's I would suggest you to have the same dedicated vlan for management across all your switch. Like using Vlan 51 and the same range if IP across all the L2 switches for managemnt. this will make you managing the switches easily across the network and easy to remember IP addresses.
If you are using a diffrent vlan on each switch as management vlan, make sure that your 4507 core switch is routing for all vlans. otherwise there will be connectivity issues in the network.
HTH,
-amit singh
04-02-2007 04:43 AM
Hi!
Kindly;could u plz List an example for ur suggestion..
regards
ALI
04-02-2007 04:49 AM
Hi Ali,
Just use a dedicated vlan like Vlan 51 across all the switches as management vlan and assign an IP to all the switches. like
Core switch
Vlan 51 management IP: 100.4.51.1/24
Access Switch 1
Vlan 51 management IP: 100.4.51.2/24
Switch 2
Vlan 51 management IP: 100.4.51.3/24
Switch 3
Vlan 51 management IP: 100.4.51.4/24
The same way across on your all the switches.
-amit singh
04-02-2007 04:40 AM
Hi Ali,
What I see is that you have different vlans created on your access switch but subnet address is same across all which I don't think is a proper design. Another thing which I notice is that your l3 interfaces on your core are on dfferent subnet as what you have on your access which again is a wrong design.
Like you vlan 50 on core is 100.4.50.2/24 but you have configured vlan 50 on your access as ip address 100.4.1.4 which is wrong and the right design should be something likr 100.4.50.2/24 on your core and ip address 100.4.50.x/24 on your access siwtches for management.
Also I see on youe CORE you have same vlans 50 , 51 and 52 but with different subents which is fine.
I will recommed you to have same management vlan across all access switches and your core config is fine where you have l3 interfaces with different subnet.
You can keep 50 or whatever vlan you want for management on all your access switch but whatever vlan you decide for management vlan make sure the ip address which you assign on access switch should be in same subnet as you configure on core.
HTH
Ankur
04-02-2007 04:47 AM
HI Experts
on the access switch the vlan magment like this:
sw1
int vlan 1
ip address 10.4.1.4
sw2
int vlan 1
ip address 10.4.1.5
sw3
int vlan 1
ip address 10.4.1.6
sw4
int vlan 1
ip address 10.4.1.7
this is good design now regrding the mangment IPs
regards
ALI
04-02-2007 04:50 AM
Hi Ali,
Yes thats fine now. I will also recommed you to have your vlan 1 created on your core switch so that you can manage your access switches from anywhere across your network.
Also it is recommeded to keep the management vlan something other than vlan 1 but its just a recommended design and even if you have vlan 1 as management vlan you are good to go.
Regards,
Ankur
04-02-2007 04:51 AM
Hi Ali,
Vlan1 is mainly used for carrying the control traffic like DTP,CDP,VTP,STP traffic for your all the switches. It is always advisable to use a different management vlan other than Vlan1. You as I mentioned above in my post just use a different vlan like Vlan51 as the dedicated management vlan on your access/core switches.
-amit singh
04-02-2007 05:00 AM
HI Ankur!
Hi Amit!
Hi Jon!
10XS FOR ur TIME TO HELP & MAKE THE DESIGN CLEAR
regards
ALI
04-02-2007 05:04 AM
Hi Ali,
Make sure you also create layer 3 interface for vlan 1 on your CORE also with same subnet ip address as on your access switch.
This will let you manage you access switches from any part of your lan network.
Regards,
Ankur
04-02-2007 09:05 AM
Ankur my Freind!
Thanks a lot for ur reply
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: