|
Posted by stephen on October 6, 2007, 8:00 am
If you were Registered and logged in, you could reply and use other advanced thread options
> > On Sep 30, 5:44 pm, tech.suppor...@gmail.com wrote:
> >
> >
> >
> >
> >
> > > Hi all. I am new to VLAN's. I have a requirement, and I want to know
> > > whether it is technically possible to do.
> >
> > > I have a link coming over Cat6, from ISP to my switch. Network
> > > 10.1.23.0 / 24
> >
> > > I have few switches in my premises. cisco 3560, 2960.
> >
> > > For certain of my applications, I need to create seperate VLAN's.as i
> > > understood, every VLAN has to be a seperate subnet. Could I subnet the
> > > existing network of
> >
> > > 10.1.23.0 into multiple subnets. / 28 or / 30 according to my needs
> > > internally, and create seperate VLAN for each subnet, and they will
> > > still talk to the ISP core switch as it were a / 24 network. I could
> > > do this and get it to work if it was purely for LAN purposes, however,
> > > the Core switch of ISP links me to my WAN (remote networks 10.1.1.0 ~
> > > 10.1.22.0, 22 locations ) ..
> >
> > > each IP in this network needs to talk to every other network, and the
> > > vice versa. I know that if i do not subnet the network, it works fine
> > > as a single VLAN.
> >
> > > Is there any way that I could have multiple VLAN's and still have
> > > connectivity to and from my other networks, using same subnet or a
> > > subnetted subnets ??
> >
> > VLANs should be thought of, from an IP perspective, as if they are
> > separate Ethernets. Which means, if you have multiple VLANs and each
> > one is a different IP subnet, you will need an IP router (layer 3
> > switch) to tie them together. Just the same as you'd do with multiple
> > different physical Ethernet LANs (or catenets, to be precise).
> >
> > So the first question is, is the box that ties you to the ISP a VLAN-
> > aware router? Or is it just a layer 2 switch? If it's just a layer 2
> > switch, you will need to add a VLAN-aware router in your premises.
> > This would be a router which undertands that the internal Ethernet
> > connection is meant to represent multiple VLANs, and the router will
> > then route IP packets to the correct VLAN according to its routing
> > table.
> >
> > But there's more, in this case. It sounds like you are trying to
> > connect each end system, i.e. each host, directly to the same
> > Ethernet? The one that incorporates multiple VLANs? Is that correct?
> >
> > If so, then each host of your internal network will need to be "VLAN
> > aware," meaning that these hosts need to understand the Ethernet
> > header extension described in IEEE 802.1Q. Same goes for the router
> > connected to this internal Ethernet. While layer 2 switches will often
> > do this, I don't know how prevalent that is among end systems.
> >
> > I'd consider instaling the various IP subnets you need on separate
> > Ethernets, rather than using VLANs. Use a different layer 2 switch for
> > every IP subnet in this inside network.
> >
> > Bert- Hide quoted text -
> >
> > - Show quoted text -
>
> I am limited with certain constraints here. Because of the physical
> dimensions of the building, we are concentrating the cables into 4
> different points. so lets say around 6 switches. each switch serves
> different applications. Like, VOIP, IPTV and data only applications. ,
> thats why i want to create Seperate VLANS, so that I could isolate the
> traffic each app needs.
The switching within the 3560s / 2960s will isolate the traffic for you, and
minimise "spill" between devices.
Routing adds more complications and structure, and sometimes you dont need
vlans, routing etc to get the job done.
Unless you need to ring fence parts of yours for specific reasons you havent
explained yet - it doesnt sound like you need VLANs or multiple subnets.
Maybe this has come from some recommendation, or device assumption? eg many
IP phone setups assume you have the phone traffic in 1 VLAN and a cascaded
device like a PC in another.
Anyhow - the 3560s are layer 3 switches, and can do routing internally - so
you have router(s) available to you.
>
> second thing. our ISP, in each site, configures for us a class C
> network. So if I were to use multiple VLANS, that means multiple
> subnets. So only one VLAN, that comes from the ISP would be able to
> communicate to outside world. May be I could make the other VLAN's
> communicate to outside world using the gateway of the ISP's VLAN,
> however, i need other Remote networks also talk to my PC's inside,
> which fall in to multiple subnets. Technically, the only subnet that
> my other networks willl be aware of is the VLAN subnet provided by the
> ISP..
You can dice the 10.x or whatever block you have with a router - that isnt a
problem (although each resultant bit is a power of 2 size, and subnetting
will mean you waste some of that address space).
once you do that ideally you would alter each attached device ip config to
have the correct subnet mask and default gateway for the specific subnet it
is in - you can spoof your way around this, but that may make for
complications and confusion later.
>
> I hope you understood the problem here.
not really - i would see if "no subnets" is the correct response 1st....
>
> Thanks for the quick response
>
> Techs
--
Regards
stephen_hope@xyzworld.com - replace xyz with ntl
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map