i have to Design the following setup: 10 access-switch connected to the core(4507R)via L2 Trunk;the Network it is 22.214.171.124
Switch 1 on vlan 50
Switch 2 on vlan 51
Switch 3 on vlan 52
Switch 4 on vlan 53
Switch 5 on vlan 54
on the CORE:
INT vlan 50
IP address 126.96.36.199/24
INT vlan 51
IP address 188.8.131.52/24
INT vlan 52
IP address 184.108.40.206/24
& so one
the qestion is:what should be the mangment vlan for each switch
ip address 220.127.116.11
ip address 18.104.22.168
ip address 22.214.171.124
ip address 126.96.36.199
Is this a good design or u suggest another address for Vlan Mang on each access switch
There is nothing wrong with what you are proposing except that you need a separate vlan for your management ie.
You addressing for the switch management is fine
but they need to be out of the same vlan. So allocate a new vlan number for the management vlan and use the IP addressing you are proposing.
Set the default gateway to be the SVI for the management vlan on your 4507 switch.
Your design is correct and its Ok as per the guidelines. By-default vlan is the Managemnt vlan on l2 switches. Its is always advisable to use a different vlan other than Vlan1 as the managemnt vlan.
As you have used a different vlans on each switch as the management vlan, you should be fine with it. To have consistency on the manageing the switch IP's I would suggest you to have the same dedicated vlan for management across all your switch. Like using Vlan 51 and the same range if IP across all the L2 switches for managemnt. this will make you managing the switches easily across the network and easy to remember IP addresses.
If you are using a diffrent vlan on each switch as management vlan, make sure that your 4507 core switch is routing for all vlans. otherwise there will be connectivity issues in the network.
Just use a dedicated vlan like Vlan 51 across all the switches as management vlan and assign an IP to all the switches. like
Vlan 51 management IP: 188.8.131.52/24
Access Switch 1
Vlan 51 management IP: 184.108.40.206/24
Vlan 51 management IP: 220.127.116.11/24
Vlan 51 management IP: 18.104.22.168/24
The same way across on your all the switches.
What I see is that you have different vlans created on your access switch but subnet address is same across all which I don't think is a proper design. Another thing which I notice is that your l3 interfaces on your core are on dfferent subnet as what you have on your access which again is a wrong design.
Like you vlan 50 on core is 22.214.171.124/24 but you have configured vlan 50 on your access as ip address 126.96.36.199 which is wrong and the right design should be something likr 188.8.131.52/24 on your core and ip address 100.4.50.x/24 on your access siwtches for management.
Also I see on youe CORE you have same vlans 50 , 51 and 52 but with different subents which is fine.
I will recommed you to have same management vlan across all access switches and your core config is fine where you have l3 interfaces with different subnet.
You can keep 50 or whatever vlan you want for management on all your access switch but whatever vlan you decide for management vlan make sure the ip address which you assign on access switch should be in same subnet as you configure on core.
on the access switch the vlan magment like this:
int vlan 1
ip address 10.4.1.4
int vlan 1
ip address 10.4.1.5
int vlan 1
ip address 10.4.1.6
int vlan 1
ip address 10.4.1.7
this is good design now regrding the mangment IPs
Yes thats fine now. I will also recommed you to have your vlan 1 created on your core switch so that you can manage your access switches from anywhere across your network.
Also it is recommeded to keep the management vlan something other than vlan 1 but its just a recommended design and even if you have vlan 1 as management vlan you are good to go.
Vlan1 is mainly used for carrying the control traffic like DTP,CDP,VTP,STP traffic for your all the switches. It is always advisable to use a different management vlan other than Vlan1. You as I mentioned above in my post just use a different vlan like Vlan51 as the dedicated management vlan on your access/core switches.
Make sure you also create layer 3 interface for vlan 1 on your CORE also with same subnet ip address as on your access switch.
This will let you manage you access switches from any part of your lan network.