implementing subnets / vlan's

Unanswered Question
May 1st, 2008

Hi,

Hoping to get some advice on network design and best practice... We inherited a small and simple flat network that has steadily increased in terms of PC's (400) on the network and sites (8).

It consists of a single class B network with subnet mask 255.255.252.0 with a VLAN for data and a VLAN for voice.

The main site has a single Catalyst 4500 switch connected via gigabit fiber to the 8 smaller sites. The smaller sites mostly consist of either a single 24 or 48 port switch (Catalyst 3550 or 2950).

My question is, in terms of best practice and performance should we be implementing additional VLAN's or subnets? e.g at the smaller sites? Also, if we were wanting to implement redundancy in our switches, what should we be doing in terms of design?

Any advice you can give would be most appreciated.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Pari Thiagasundaram Thu, 05/01/2008 - 20:07

Here are some personal opinions:

1) should we be implementing additional VLAN's or subnets?

[ans]: Depends on your company's policy and your ease of administration. Also, if you want more security like restricting access to other PCs within the company, yes you can seggregate into multiple vlans.

Well, lot of stuffs depend on your network setup. Decide how you would want to manage the network and do a good design review. Keep in mind the future growth of the company.

In terms of redundancy, you can either have a SUP redundancy for SUPERVISOR failures or a switch redundancy for switch failures. (It all depends on how much your company can spend :) )

Additional link:

This is a good place to start with for designs.

http://www.cisco.com/en/US/docs/internetworking/design/guide/idg4.html

Sushil Kumar Katre Fri, 05/02/2008 - 07:29

Hi Matt,

I agree with Pari.

In your scenario I would prefer to have VLAN's based on the remote sites. One VLAN for every site. InterVLAN routing should not be a concern, untill you are having a layer 2 SUP on 4500 switch.

This will help me manage and segregate any issue based on the site. Depending on the issue it can be restricted to only one VLAN and hence only one site would be affected.

Considering the scalability factor this is a good idea. Any new site comes up, need ot add a VLAN and separate subnet.

This will also help you incorporate security/access policies if you decide to have any in future instead of let the network expand and do a major design change.

-> Sushil

Actions

This Discussion