Re: badly in need of network advice


W33B wrote:

> The back story: We have a building with 6 separate companies all using
> the same network to access the internet/print. All we have is an asdl
> router/firewall connected to a hub and then patched in to various ports
> around the office. We can have ~30 computers on the network at anyone
> time so if we run out of ports I just uplink another hub...end of!
>
> We are just about to by a nice and shiny new server for our network and
> I heard (via a friend) about vlans and the possibility of splitting the
> network in to smaller networks (1 for each comp) but still share
> resources (internet/network printers). Please correct me if wrong.

If the companies care about security, they would need to use VLANs
so that Company A's traffic doesn't end up at Company B's computer.
But then again, it looks like they are sharing resources like the
printer,
so maybe security is not that important.

>
> So the question is what do I need to achieve this? I've looked in to
> managed switched and 48 port ones are pretty damn expensive, do I need
> this? or, could I essentially get a 12/24 port and uplink another
> switch/hub/something without messing up the vlans?

If you want to have one VLAN per company, you would at least need
a number of ports equal to the number of companies plus one.
The last port would go to the router and would be a tagged port
that is on all VLANs. Then you would have one unmanaged switch/hub
per company whose uplink feeds into the appropriate port on the switch.

Using VLANs will entain configuring the hosts from all these companies
to be on different subnets so you will have to do some work on your
DHCP server for giving out addresses on the appropriate subnet
or renumber the customers' computers depending on whether or not they
are configured to use DHCP.

The server/printer would have to be on a separate subnet and you'd
have to route to them from each of these subnets. So you'd have
to have a separate port on the router that connects to the "shared
services" for all of the customers.

Anoop

.

Relevant Pages

  • RE: VMS cluster behind a *NIX firewall
    ... Can you explain why you think you need a "separate network?" ... You have a 100MB network. ... Of course you get three 100mbs networks with three VLANS. ... you will *get* full bandwidth on each port until you ...
    (comp.os.vms)
  • Re: badly in need of network advice
    ... > the same network to access the internet/print. ... > I heard about vlans and the possibility of splitting the ... > managed switched and 48 port ones are pretty damn expensive, ... Get a Nortel 425-24T switch. ...
    (comp.dcom.lans.ethernet)
  • Re: ERS 8600, simple setup, IP, VLANs, etc.
    ... fs> fiber, seperate set of switches, etc. ... There will be a separate management network, ... or virtual management port IP address important is important, ... (VLANs entirely internal to the 8600 are sort of OK). ...
    (comp.dcom.sys.nortel)
  • Re: VLANs
    ... > I need to set up VLANS for a predominately Linux based environment. ... The above scenario would enable us share the switches between ... > the physical LANs while still maintaining separate broadcast domains. ... > separation of a highly critical data collection network. ...
    (comp.os.linux.networking)
  • Re: VLAN Security vs. Inter-VLAN Routing
    ... "VLANs address scalability, security, and network management" ... However, once you introduce inter-vlan routing, doesn't the security aspect ... to a computer in port 3/vlan 3. ...
    (comp.dcom.sys.cisco)
Loading