I am about to design VLANs in our environment, Active Directory 2003 servers, about 100 users, many server and a very complex network supporting our online but educatinal business. I do not support the servers but the Network infrastructure consisting of few routers 2621 and 2611, one core Cisco CAT 4500 (Cisco IOS), two 4006 CAT with CAT IOS and few 3560s and 3550s switches. Currently I have two VLAN but I am not doing trunking in fact, I inheritted the network this way one subnet on one VLAN and the other on a different VLAN but the two subnets are physically seprated (I don't know why they created VLANS to begin with given what I just explained above!).
The guys supporting the AD are opposing the VLANs fearing of IP re-numbering and I really don't know how and where to start in this "Chaos" situation. can I do layer two VLANs only not needing to do any renumbering of IP and keep the AD guys happy?
what would be the best scenario as far as servers are concern? should they be on different VLANs? if yes, how can I make sure that our users have the same network access as far as resources access on those servers?
I want to have the two floors of our company separated by routers, i.e. one router for each floor and have trunking between them and the switches. Any suggestion is welcom.
Hey Thanks, I really know, its very difficult and this may of have been why those incharge of Network Infrastructure devices left these VLANs they way they are now.
7. Some servers might use "back-end" interfaces to access other servers on local network. You should not separate them.
This is actually one of my concerns since we are doing NAT but some of the servers (usually, Web Server, Test Server, development Server, etc) have two NICs, one with private address and the other Public Ip Address. What should I be doing for these servers, understanding that all the servers will be and must be on their own VLAN?
Also, the "back-end" interfaces, yes, you are right and thanks for pointing out. Is this the situation where one Interface has private and the other has Public?
and how about teh Clusters? how should that be habdeled?
I understand that I realy have a lot of working to do and I have already stated working on the layout and "Things that we look for before touching anything at all"..
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...