It does make sense…I’m just wondering about the implementation of it…

I would think that each school should be in its own vlan then…Can you make a single port a member of multiple Vlans?

School 1 = Vlan 1

School 2 = Vlan 2

School 3 = Vlan 3

School 4 = Vlan 4

School 5 = Vlan 5

School 6 = Vlan 6

School 7 = Vlan 7

School 8 = Vlan 8

School 9 = Vlan 9

Servers and Printers plug into a port that is a member of each vlan so everyone can get to them but vlan1 won’t see vlan2 traffic…

Hello,

it would indeed make sense to put each physical location (school site) in a separate VLAN.

In order for the VLAN traffic to see each other, you need to have trunking and Layer 3 switching implemented (if you already have that, can you say which device you are using, and what the configuration of that device looks like ?)...

Regards,

GP

We will be starting fresh with Cisco Catalyst 3750 Series switches in 8 of the buildings the 9th already has Catalyst 2950 Series switches with no Vlans setup...

Hello,

perfect, the 3750 supports inter-VLAN routing. Basically what you need to do is set up the VLAN interfaces on the 3750 as following (the IP addresses are likely not the ones used by you, but you get the idea):

interface VLAN1

ip address 192.168.1.1 255.255.255.0

!

interface VLAN2

ip address 192.168.2.1 255.255.255.0

and so forth, and then connect the 2950 switches through a trunk. Be aware that the 2950 supports 802.1Q trunking only, so the configuration should look like this (this is the same for all connections):

3750#

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport mode trunk

2950#

interface GigabitEthernet0/1

switchport mode trunk

In addition, configure your 3750 switch as the VTP server for your VTP domain. So, on your 3750 you need to configure:

3750#conf t

3750(config)#vtp domain SCHOOLS

and on the 2950 switches:

2950#conf t

2950(config)#vtp mode client

2950(config)#vtp domain SCHOOLS

The default VTP mode for the 3750 is actually server, so you do not need to explicitly configure that. Be aware that the VTP name is case-sensitive...

In addition, it is a good idea, especially in your scenario, to turn on VTP pruning, which basically is way to save bandwidth on your trunks by only allowing the VLANs on the trunks that are actually needed on the remote switches:

3750#conf t

3750(config)#vtp pruning

And last but not least, make sure that your 3750 is the root switch for all your VLAN spanning-trees:

3750#conf t

3750(config)#spanning-tree vlan 1 root primary

3750(config)#spanning-tree vlan 2 root primary

and so forth for all the VLANs.

On the 2950 switches, all you have to do is assign the ports to specific VLANs, you can use the ´interface range´ command to apply the same configuration to all ports at the same time (which saves time, and is less error prone):

2950#conf t

2950(config)#interface range FastEthernet0/1 - 24

2950(config-intf-range)#switchport access vlan 2

That is pretty much it, once you get to the actual implementation, if you have trouble, come back to this post and let me know what you are running into...

HTH,

GP

Hey Georg, I received a little more information today…The switches should physically be here by Wednesday of this week…

Each School 1-8 will be getting three 3750 48 10/100/1000 + 4 SFP Standard Multilayer switches…The 9th School will use an existing C3550-12G [C3550 Software (C3550-I5Q3L2-M), Version 12.1(12c)EA1] for the ring then it has 11 2950 hanging off it…

So our fiber ring through the district will be 8 3750’s and one 3550 they are connected by single mode fiber the longest run is about 6.4 km

I have a few more questions…

1. Are these switches capable of inter-vlan routing or will I need a router to do this…

2. When I set up the VTP server do I only need server mode on one switch then the rest need to be in client mode…

3. Spanning-tree will this be set only on one 3750 or do I need to have it set on all switches…

Thank you for all your help!!!

Scott

Hello Scott,

the 3750 and the 3550 switches can do inter-VLAN routing, the 2950s cannot. So, in any case, you do not need a router.

Regarding your physical setup: it might be a good idea to set up one of the 3750 switches as a central switch, and to have all school sites connect to that one central switch, rather than have all the switches daisy-chained to one another. The advantage of that would be that you could set up your inter-VLAN routing on that central switch, and also designate that central switch as VTP server. Indeed you only need one VTP server, all the other switches should be VTP clients.

Regarding spanning-tree: leave it on (which is the default) on all switches, there is no real advantage to turning it off, and not having it run might cause trouble in the future.

HTH,

GP

Hello Scott,

just out of curiosity: do you have everything in place (and running) ?

Regards,

GP