From LAN to VLANs (DHCP and Server Access Best Practise)

Unanswered Question

I am using a private address for the LAN. 10.10.3.0/24 . All our 2003 servers Exchange/DC/DHCP/File Server and 50 XP clients are on the same network. I am using 4 Catalyst 2550 10/100 Switch. The network has 50 Cat 5 Cable Jacks and 10 Cat 5e Cable Jacks. I want to improve the network access for the users, by bringing in a Gigabit Layer 3 Switch for servers.

I want to create department VLANs and establish routing between the VLANs for users to have access to the servers.

I want to create following department VLANs for XP users all on old Cat 5 Cable 100 MB

Sales VLAN- Network ID: 10.10.50.0/24 (20 Users Currently)

Logistics VLAN - Network ID: 10.10.51.0/24 (10 Users Currently)

Finance VLAN - Network ID: 10.10.52.0/24 (10 Users Currently)

OfficeAdmin VLAN - Network ID: 10.10.53.0/24 (5 Users Currently)

IT VLAN - Network ID: 10.10.54.0/24 (5 Users Currently)

Server VLANs all on Cat 5e cables (1000 MB)

DC- VLAN - Network ID : 10.10.3.0/24 (Domain Controller/DHCP/DNS) Static IP

Exchange-VLAN- Network ID: 10.10.4.0/24 (Exchange Server) Static IP

File Server-VLAN- Network ID:10.10.5.0/24 (File Server) Static IP

The DHCP/DNS/DC is on network 10.10.3.0/24 ,

What is the best recommended way for all the XP users in different department VLANs to receive respective VLAN IP addresses from Server 2003 DHCP and access to the server resources on different VLANs?

Should I use Ip helper address for each vlan interface to get to the 2003 DHCP server or create a Local DHCP Scope for each department VLAN on the Gigabit Layer 3 Cisco Switch and disable Server 2003 DHCP?

Objective: Reduce Network boradcast from XP Clients by using VLANs and get better performance from the servers by moving them to Gigabit ethernet each on seperate VLAN.

Please advise the best practise.

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.3 (3 ratings)
Loading.
Giuseppe Larosa Fri, 07/10/2009 - 10:37

Hello,

>> Should I use Ip helper address for each vlan interface to get to the 2003 DHCP server or create a Local DHCP Scope for each department VLAN on the Gigabit Layer 3 Cisco Switch and disable Server 2003 DHCP?

you can use ip helper-address notice that multiple ip helper-address commands can be placed.

The router will send a modified DHCP request to each server specified in ip helper address command

The first DHCP server that replies provide an ip address in the scope.

We have two DHCP central servers in two different towns and they serve almost all client Vlans in multiple sites.

In our case they are Cisco Network REgistrar and they keep each other synchronized.

Hope to help

Giuseppe

Joseph W. Doherty Fri, 07/10/2009 - 11:31

On performance . . .

For the number of hosts you're describing, there shouldn't be much need, nor benefit, in having more than one subnet. (Security is a different issue.)

I couldn't find any information on a Cisco 2550 switch(?), so I don't know its feature nor whether you intend to continue to use them.

There can be performance benefit to moving your servers to gig ports and also insuring there's sufficient bandwidth between user hosts and server hosts (no bottleneck for interswitch links, if any). Possible hardware configurations would depend on whether you do move to L3 and what your cable plant topology can support (for instance, can all network devices be physically in the same rack?).

For your number of hosts, a stack of 2975s (L2) or 3750s (L3) might be a good choice. Or perhaps, for just L2, 2960G-8 (server/core) connected to a couple, or several, 24/48 port 2960s; or, for L3, a 3560-8PC/-12PC (core) between the 2960G-8 (servers) and 2960s (user hosts). (For the former, gig connections between 2960G and 2960s; for the latter, gig connection between 2960G and 3560, 2 to 4 port 100 Mbps Etherchannel between 3560 and 2960s.)

pompeychimes Fri, 07/10/2009 - 12:55

Agreed, one subnet looks ample. Worse case i'd put all Servers in one vlan and all workstations in another.

If your network is broadcast heavy there is something wrong. Look for abnomolies on the network. Loops, bad nic(s), etc... Be sure to turn off chatty protoccols too. You're running W2K3 so say goodbye to WINS/NetBIOS. Make sure workstations aren't running mulitple stacks (IPv6, IPX/SPX) too. Same for printers, they should be running nothing but TCP/IP.

Actions

This Discussion