Solved: Introducing VLANS to existing network

olsonc0510 · ‎01-03-2006

We have 3 subnets to our existing network. Currently, all devices on all switches belong to the same subnet. We purchased some blade servers with Cisco switches attached and the blade enclosures will have servers that belong to different subnets. We decided to introduce VLANs to remedy this. I know how to add vlans, configure the ports and implement VTP, but I am getting confused on redoing the network. Cisco recommends leaving vlan1 as the default for administrative purposes and setting up separate subnets for each Vlan.

Existing network

192.168.168.x Server farm 1

192.168.252.x Server farm 2

204.253.220.x Server farm 3

There are 4 switches in each network with an IP address for the network they belong to. I want to leave everything alone as much as possible but need to be able to VLAn out the new switches so I can put servers in as needed and assign them to the proper network. My question is how to configure the new switch. Does it matter what IP address I assign to it since it will have servers from all three on it? I'm guessing not since routers are used to allow inter-communication. Also, I am unclear as to how to set up the default VLAN 1 without changing the IP address of any of the existing devices. I'm thinking I need another subnet.

Proposed changes:

xxx.xxx.xxx.x default vlan 1

192.168.168.x Server farm 1 vlan 2

192.168.252.x Server farm 2 vlan 3

204.253.220.x Server farm 3 vlan 4

Am I on the right track here? Any advise would be appreciated.

Thanks,

CO

johansens · ‎01-03-2006

You are pretty much right, I just want to point out the following and you can check if we are thinking alike:

- Put your new mangement-subnet on VLAN 1 which now will be the management VLAN. All the switches management-interfaces will now be in the same subnet regardless of where they are.

- Make new VLAN's for all your serverfarms (as you indicated in your first post) and assign the ports in each switch to the respective VLAN's.

- Make sure your inter-vlan router has connections on all of the VLAN's (probably including the management VLAN as well depending on where the management-traffic is meant to be accessed to/from).

Did it help?

View solution in original post

johansens · ‎01-03-2006

What Cisco is recommending is putting the administrative/management traffic into VLAN 1 so in event of a problem on any trunks etc. you'll be able to get into the switches from remote to remedy the situation.

In order to do this on your network, you'll have to reassign the management-IP of all of your switches to be in the same subnet and VLAN.

If you now have every switch plain and flat, you probably have a config like this:

interface fa0/1

!

interface fa0/2

!

etc.

!

interface Vlan1

ip address 192.168.168.10 255.255.255.0

!

ip default-gateway 192.168.168.1

!

What you would need to do is something like this:

!

vlan 10

name server_farm_1

vlan 20

name server_farm_2

vlan 30

name server_farm_3

!

interface fa0/1

switchport access vlan 10

!

interface fa0/2

switchport access vlan 10

!

etc.

!

interface fa0/25

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface Vlan1

ip address 172.16.10.10 255.255.255.0

!

ip default-gateway 172.16.10.1

!

Where int fa0/25 here is the uplink to the 'core'..

Did it help? If so, please rate it.

olsonc0510 · ‎01-03-2006

Adding the VLANs and assigning ports, including a trunk port I know. Still not clear on the management interface for VLAN 1. Currently, I show the following:

Farm 1

Switch 1 Interface VLAN1 192.168.168.x

Switch 2 Interface VLAN1 192.168.168.x

etc.

Farm 2

Switch 1 Interface VLAN 1 204.253.220.x

Switch 2 Interface VLAN 1 204.253.220.x

etc.

All the servers attached to the switches are on the same subnet that the Interface VLAN1 switch is on.

If I am reading you right, I need to change the Interface VLAN1 on all the switches to the same subnet no matter what Farm they belong to.

Since I am incorporating VLANs, it won't make a difference what IP address is on the server as long as the VLAN configuation is showing on the switches and I have them all trunked. Correct?

johansens · ‎01-03-2006

You are pretty much right, I just want to point out the following and you can check if we are thinking alike:

- Put your new mangement-subnet on VLAN 1 which now will be the management VLAN. All the switches management-interfaces will now be in the same subnet regardless of where they are.

- Make new VLAN's for all your serverfarms (as you indicated in your first post) and assign the ports in each switch to the respective VLAN's.

- Make sure your inter-vlan router has connections on all of the VLAN's (probably including the management VLAN as well depending on where the management-traffic is meant to be accessed to/from).

Did it help?

kradjesh13 · ‎01-04-2006

Hi,

Thought of helping you... i have attached a piece of sample configuration. Have a look at it

Router

~~~~~~

interface Vlan1

description MANAGEMENT VLAN

ip address 192.168.240.1 255.255.255.0

Farm 1

~~~~~~

SWITCH : 1

interface Vlan1

ip address 192.168.240.2 255.255.255.0

SWITCH : 2

interface Vlan1

ip address 192.168.240.3 255.255.255.0

Farm 2

~~~~~~

SWITCH : 1

interface Vlan1

ip address 192.168.240.4 255.255.255.0

SWITCH : 2

interface Vlan1

ip address 192.168.240.5 255.255.255.0

In the sample config, 192.168.240.X is spanning to all the equipments. I have assigned xxx.xxx.xxx.1 for the Router and xxx.xxx.xxx.xxx.2 to xxx.xxx.xxx.5 to the switches which belong to Form1 & Form 2.

Hope this piece of information might help u.

Tell us how it goes..

Rajesh

olsonc0510 · ‎01-04-2006

Thank you both!! We were thinking the same but I had to know for sure. I'm in a 24/7 environment with very little downtime to accomplish anything. I appreciate your clarification.

Sincerely,

Chris