×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Network Setup

Unanswered Question
Feb 13th, 2014
User Badges:

Hi,

Would like some advice. I am going to setup a network in a friends business. He owns a converted warehouse which now houses about 20 offices rented out to different small companies.

What I want to do is connect each office to my 2x48 port switches and my router, and separate each office so that it is on its own VLAN and give each VLAN access to the internet.

What I would like to know is can I assign each VLAN it's own dhcp pool of ip addresses and would this be accomplished on the router or the switch. I would really appreciate some help.

Sent from Cisco Technical Support iPad App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Leo Laohoo Thu, 02/13/2014 - 17:10
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

What I want to do is connect each office to my 2x48 port switches and my router, and separate each office so that it is on its own VLAN and give each VLAN access to the internet.

What I would like to know is can I assign each VLAN it's own dhcp pool of ip addresses and would this be accomplished on the router or the switch. I would really appreciate some help.

Ideally, I'd prefer setting up the DHCP server on the most "central part" of your network.  This could potentially be the router.


1.  Because there's going to be multi-tennant facility, you'll need a router which can host a lot of VLANs, therefore Cisco 800 series router is NOT the way to go.  You'll need to see what WAN link he's going to get now (and in the future) and size up your router instead of sticking your index finger in the air.


2.  Because this is a multi-tennant facility, you might want to consider a switch which can do stacking.  Your choice would then be the 2960S/X, 3650, 3850.  Alternatively, you can also consider the 6880 but this is a very expensive option.   You might want to consider using switches which supports PoE+.


3.  Wireless?  Think about  it.


4.  IP Telephony.  What about that? 

Dan Miley Thu, 02/13/2014 - 19:49
User Badges:
  • Bronze, 100 points or more

What routers and switches do you have now, and what is your budget?

are you planning multiple ISPs for redundancy if one goes down?

Are you providing wireless access too?


it may take a fair amount of config and management to set up 20 networks, IP ranges, dhcp servers,

this might be more complex to support and more likely to be misconfigured.  The SG serires switch can do dhcp, but only on 8 vlans I think.


An alternative would be to use a sg300/sg500 feature protected ports / IOS calls it private vlan.  Protected ports allow all ports to share a vlan/dhcp range, but not be able to see each other.  All ports can see ports that are defined as 'egress' which could have shared printer, internet firewall, shared email server, etc.  You could put a small switch in each office if they have multiple devices that need to talk to each other.


The SG500 does support stacking for management if expansion is expected.



-from the sg500 admin gujide:

Protected Ports provide Layer 2 isolation between interfaces (Ethernet

ports and LAGs) that share the same VLAN.

-

Packets received from protected ports can be forwarded only to

unprotected egress ports. Protected port filtering rules are also applied

to packets that are forwarded by software, such as snooping

applications.

-

Port protection is not subject to VLAN membership. Devices connected

to protected ports are not allowed to communicate with each other, even

if they are members of the same VLAN.

Jangelides Fri, 02/14/2014 - 00:05
User Badges:

At present the cabinet has 2 x 3548XL switches and a 3600 series router.

Sent from Cisco Technical Support iPad App

Leo Laohoo Fri, 02/14/2014 - 02:42
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

At present the cabinet has 2 x 3548XL switches and a 3600 series router.

Wow.  Those models of switches and routers are no match to today's hardware capabilities. 


If there are no funds in upgrading them, then don't even bother offering them as a service.  I've seen first-hand what a 3500XL can do when you have the new generation of NICs.  In some extreme cases, some GigabitEthernet Intel NICs can cause the 3500XL interface to go down/up 25 times per minute. 

Jangelides Fri, 02/14/2014 - 07:14
User Badges:

I also have a couple of c1700 routers and a 2600 router. Would one of these work as a better replacement to the 3500XL?

Sent from Cisco Technical Support iPad App

Leo Laohoo Fri, 02/14/2014 - 15:04
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

I also have a couple of c1700 routers and a 2600 router. Would one of these work as a better replacement to the 3500XL?

The 2600 and 3600 came out the same time.  So the answer is no.  The 1700 came out a few years later.  So again, the answer is no. 


The main argument is that these three routers are no match to the current bandwidth being offered by even the simplest and smallest DSL link.  The only thing stopping you pushing more data up and down the pipes will be the routers. 

Actions

This Discussion