Network configuration

Unanswered Question
Oct 4th, 2007

I'm not an IT professional, I'm an entry level software developer but I work at a branch office of a small company and our IT department is located at the main office half-way across the country, so I get tasked with most of our local IT issues. We need to temporarily reconfigure our network and I need some advice.

We have a Cisco 2821 router, with no expansion modules. One port is currently running our local network (DHCP), and the other is running a DMZ. The port for out network feeds into a Cisco Catalyst 2950 Switch, which feeds all of the computers on our network. We also have a DLink WebSmart Switch model DGS-1224T which is fed by the Cisco switch, and feeds a small group of computers that we need to assign static IP address to. Our problem is that we need to preserve the connection from the DHCP machines to the static IP machines to allow for remote desktop connections and what not. Can we do this with the hardware that we currently have or do we need some additional hardware?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Fri, 10/05/2007 - 06:06

Trevor

I appreciate the difficulty in being tasked to do things like this when you have little background in it. I hope that we can help you.

There are a couple of things in your explanation that I am not real clear about. I think I understand that the 2821 is connected to a 2950 and the 2950 connects to a DLink switch. But I am not clear whether everything is on a single VLAN or whether multiple VLANs are involved. This would relate to whether all of the machines (both DHCP and static) are in a single subnet or whether there are multiple subnets (since basically a VLAN is a subnet and a subnet is a VLAN). I am also not clear whether the DHCP function is provided by the router or whether there is a separate DHCP server in the network.

If there is a single VLAN (and therefore a single subnet) then maintaining connectivity between end stations is easy. Since they will all be in the same broadcast domain they will all communicate easily, and will need to go through the router only to access outside resources. The main thing in this situation is that you need to make sure that the addresses used for static assignment are excluded from the DHCP pool so that you do not get the problem that some PC is assigned an address by the DHCP server that is also statically configured on some server.

If there are multiple VLANs (and therefore multiple subnets) there should be no issue of overlap of addresses between static assignment and DHCP assignment. In this case you need a trunk configured for the connection between the 2950 and the 2821. The 2821 will do trunking on its FastEthernet that is connected to the 2950 and will have a subinterface configured for each VLAN (and its associated subnet). The 2821 will provide inter VLAN routing as well as routing to the DMZ. End stations will communicate directly with other end stations in their own VLAN and will need to go through the 2821 to communicate with devices in the other VLAN.

In either case I believe that you will be able to maintain connectivity and I do not see any need for additional hardware.

HTH

Rick

trenshaw614 Fri, 10/05/2007 - 06:50

Thanks for the reply Rick, your advice is much appreciated. We do have a couple of servers, but since I am pretty new here I don't know exactly how the network is setup and where the DHCP function is coming from. I haven't started fully planning this yet because we are moving to a new building soon, so all the changes will happen then. I do know that the ip addresses we need to assign the static machines are a different class than the ip address assigned by the DHCP server. Our standard addresses are in the 172.18.***.*** range and the static ips are in the 10.*.*.* range. I know it doesn't seem like it should matter, but the static machines will eventually be shipped to a customer and the static ips come from them. My limited experience in this field was a Data Comm class in college where we had a little trouble connecting two subnets with a different class of IP address. Anyway, if I can find out anymore information about our network, I may post here again for more advice. Thanks!

Richard Burts Fri, 10/05/2007 - 07:02

Trevor

The additional information helps but still leaves some open questions. It helps to know that the servers will have addresses in different address space. This is especially good since it removes any impact on the configuration of DHCP.

It is still not clear whether there is a single VLAN or two VLANs. In my previous post I assumed that 2 VLANs meant 2 subnets and that 2 subnets implied 2 VLANs. And I believe that this is the optimum implementation. However there is a way to configure 2 subnets on a single VLAN. This would be to configure a secondary address on the router interface. If it were going to be a long term implementation I would suggest that it is better to make it 2 VLANs. But if this is a short term thing and the servers will be shipped to the customer removing the need to that address space then it might be better to go with the secondary address.

When you get closer to implementing this and have some more information then perhaps we can give you some better advice.

HTH

Rick

Actions

This Discussion