Campus Area Network Setup

Unanswered Question
Nov 3rd, 2009

I am setting up a CAN with 6 buildings serving as student dorms and a 7th building as the core with the ISP dmarc. Each dorm building will have 2 access layer switches and then 2 core switches with fiber to the core building. I have two basic design questions.

1. I plan on setting up each building (50 users each floor) as a single vlan. Would it be better to set each up each switch in transparent mode for the vtp mode? I don't see why each switch would need to hold 6 or more different vlans that no ports will be assigned to.

2. There will be a 4 core fully meshed switches connected to 2 redundant routers at the core. There are a couple of service type servers at the core as well. I plan on setting up layer 3 routing on the core switches in the core building only and leave each switch in the other buildings (including those with fiber back to the core) as layer 2 only. I figure the core switches could forwared dhcp broadcast to the servers therefore offloading this function from the routers. Since there will be little to no traffic between vlans or rooms, most traffic I figure will be internet traffic (other than dns/dhcp services at the core)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
lgijssel Tue, 11/03/2009 - 03:40

For a new design, I would also reserve a vlan per building for voice. It is also advisable to reserve a few extra vlans for future growth or modification.

This will impact both the vlan design and the ip plan.

regards,

Leo

Jon Marshall Tue, 11/03/2009 - 03:42

George

1) Yes it would make sense to use VTP transparent in your case altho i would recommend 2 vlans per switch one for the users and one for managing the switch itself.

Would still recommend using transparent.

2) Depends on your switches in the non-core buildings. If you really can limit each switch to one user vlan then you may want to consider a routed access-layer but this does depends on the switches you are proposing to use in your bulidings. The advantages would be

1) both uplinks would be used for traffic. With L2 only one of the uplinks will be used and the other blocked.

2) fault isolation - if you have a L2 issue such as a loop or broadcast storm with L2 to the access-layer this could impact entire network whereas L3 will limit where it can go.

If however you do decide to stick with L2, and there is nothing wrong with that, then yes use the core switches to forward on DHCP requests.

Jon

gdrandles Mon, 03/15/2010 - 08:24

Thanks Jon,

  I took your suggested a little further and created a vlan for each Telecomm Room (Each TR supports 1-2 floors in each building).  I was having problems with students hooking up SOHO routers and connecting to the LAN ports instead of the WAN port and were giving out bogus IP's to those setup for DHCP.  This makes isolating the problem easier and it affects less users until the problem is resolved.  Each floor is connected via L2 to the first floor L3 switches which then route to the core.  I am using port-channels to take advantage of the redundant fiber paths and increase the connection to 2Gb.  We are planning on adding additional fiber links in the futer witch will be simple to add to the current port-channel.  Thanks again for your input everyone.

Actions

This Discussion