Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Network Design Problem

This is a very unique situation. I have a building with about 120 users on 3 floors. There are 7 wiring closets with 13 cisco 3550 switches. I have updated them all to c3550-i9q3l2-mz.121-20.EA1.

In this setting, I have 4 divisions and about 14 printers. Due to turnover and staff moves, the pc's that plug into said switches change on frequent basis. Is there a way to set the ip address of each port to determine the ip address of the machine so that a startup script can determine where the machine is plugged in and install the proper printers and set the default. I use ip address for ease. If this method is not possible, is there another method that I could use to allow the same results.

In other words, I don't want this to become a management nightmare. I would users to be able to move their machines, and the system, by use of a startup script, to determine where they are plugged in.

I thank you for any help in advance.

10 REPLIES

Re: Network Design Problem

Hmm... You could potentially do something like assign a seperate Vlan/subnet to each "area" or floor. Then, you'd need a separate DHCP scope for each VLAN - which you would need to use a helper-address on whatever you use to route between the VLANs.

Then, when a person plugs into a port in an area, they would get assigned an IP that is unique for that area. I'm sure someone could script some sort of startup-script to then assign printers and such based on the subnet they are in. Might be more trouble than its worth though.

Good luck!

New Member

Re: Network Design Problem

Hi,

Let's talk.

Have you tried VMPS in any way in your environment?

Tom

New Member

Re: Network Design Problem

Sounds like you should use dynamic VLANs with a VMPS. Check out pages 144 - 152 of the "Cisco LAN Switching" book from Cisco Press.

The dynamic VLAN allows you to automatically configure a port to a VLAN based on the MAC address of the device attached to the port.

New Member

Re: Network Design Problem

IP address tracking would be a little more difficult, so I'd use MAC addresses instead. You could use the IP address, but you'd end up having to search based on MAC address anyway so you may as well use that. I'd do the following:

1) Create a SNMP RO view on the switches that had limited access to read the FDB.

2) Create a login script that extracted the MAC address of the NIC via ipconfig /all.

3) Retrieve the FDB tables on all switches, so that you can map the MAC address to ports.

4) Find the MAC address of the PC in the FDB tables and you now know where the PC is plugged into.

5) Map to the appropriate printers.

New Member

Re: Network Design Problem

Hi,

With VPMS or even 802.1x (see link at bottom of post), the vlan would move with the user. This is ok if thats what you want, but the question here is do your printers move? If they do move with the teams then either of these are ok. I like 802.1x as you only need a radius server and you get extra security. Make sure you host supports it though.

If you printers do not move and you hav logical areas in your building, then you need something that will assign ip addresses based on the port. The easy way for this is to use static vlans and DHCP, as someone has already said. Your script should be able to find the IP address out and then assign the correct local printers.

This is not fancy and is easy to support.

Hope this helps :-)

New Member

Re: Network Design Problem

Silver

Re: Network Design Problem

Hi, i think you need to look at this from a different angle as i don't think this is a unique situation. Most companies i have worked for have similar issues however they use login scripts that bind printers, shares etc to specifc users based on group membership. i.e. marketing user is always mapped to the marketing printer and marketing network share. It doesn't matter where marketing user is in the building, as long as he is logging in to the correct domain he'll get the same printer etc.

New Member

Re: Network Design Problem

Hello, I think it would be more useful if, say an accountant was working in marketing for the accountant to map to the marketing printer, especially if thedepartments are on different floors. So if you take the principle of hoteling as is common for consultants and they can be sitting anywhere at anytime you need something more location specific than group specific, in which case wouldn't a VLAN per printer be a very suitable solution?

So we're assuming the same printer throughout the company and setting it to print to lpt1: and then mapping lpt1: to the correct queue via login script?

Silver

Re: Network Design Problem

Hi, wouldn't this mean that every printer was on a different subnet? What if you had 300 printers in your organisation? This would be a nightmare to administer! you would need to create 300 sub/VLAN interfaces on you router/MSFC to allow routing to each printer. I think you should certainly have a dedicated printer VLAN so all printers are on the same subnet, this VLAN would be trunked across all your switches, its much easier to maintain and allocate IPs to new printers if they are all on the same subnet. Plus if you have a lot of office moves, its easier to relocate a printer as you don't need to worry about which VLAN it's going to be in, which IP address it should be allocated, all you need to do is patch it into the new area and make sure the new switch port it's in the printer VLAN. If consultants need to print to a specific printer in a specific area then the printer should be labeled up so that he/she can easily connect to it manually by browsing the network.

New Member

Re: Network Design Problem

Hello, the specific case was 14 printers in 4 departments, so I think vlans could still work. The easier you make it for the user the harder it will be on the support staff. I agree that for a very large implementation as you have illustrated, this is not the way to go. But at the same time, 300 printers would not sit on one server in one browse list so again, you could do some separation among vlans - probably geographically/departmentally but definitely not a printer per vlan.

The original poster should probably chime in to keep us on track.

232
Views
0
Helpful
10
Replies
CreatePlease to create content