Simple network design question

April 25, 2012 at 11:29:52
Specs: WIn7, 4GB
Hi my boss asked me to propose a new network as simple as possible. the basic requirement is contained 10 VLANs in a office. I would like to use hierarchical layer model of network. in order to be able to communicate inter-vlan, should I require all L3 switching interconnection or 1 core + 1 L2 switch? here is my simple diagram:
Internet ----> ISP router ----> Firewall ----> L3 switch (core)----> L2 switch (access) ----> VLAN1... VLAN2....etc! Does this setup work properly?

Angus


See More: Simple network design question

Report •


#1
April 25, 2012 at 11:54:23
The design you mention meets the criteria.

If this is for a real project however, I would recommend dual redundant core switches. With only one you end up with a single point of failure. Should your core switch fail, the whole network stops.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#2
April 25, 2012 at 12:39:26
Kind of too complex to me. I wouldn't fool with the vlan at all. Since you have all computers connected to the internet then there is a way for them to connect in some manner. Just make them all in the same subnet.

Personally I'd try to limit internet.Do they all NEED to have access? Security risk.
I'd make only a few dedicated systems with access. The rest of the business systems would be air gap from the internet. Then you'd have to watch out for usb and other dangerous means to infect the systems.

Text, talk, drive...CRASH.

Hang up and drive @#$%^^


Report •

#3
April 25, 2012 at 14:23:53
10 vlans is alot. How many pcs/departments do you have?
why are you vlaning?

How do you use the network?

These are the questions that need answers before you design a network.

Answers are only as good as the information you provide.
How to properly post a question:
Sorry no tech support via PM's


Report •

Related Solutions

#4
April 25, 2012 at 20:11:15
Hi thank you for the inputs, in terms of budgeting, I want to know if implement 1 core (may be 2) + L2 switching will meet my requirement and cost less than using all L3 switching solution, is it correct?

Angus


Report •

#5
April 26, 2012 at 06:58:17
In your original post you showed:

Firewall ----> L3 switch (core)----> L2 switch (access)

and I said yes, this will work. You're asking the same question again......lol

I'm not sure why you would need L3 switches on the edge. If you do all your routing in the core (L3) switches, then it's not required at the edge.

We have dual redundant core switches and those do all routing for internal client VLAN's. We have BSD based boxes that are firewall/routers and they do routing for DMZ and server subnets and also between physical locations. While our edge switches are L3, we do no routing on them and could have used L2 switches instead.

Knowing nothing about the network you're designing (some info in that regard would have been handy) I can tell you if you plan to include VoIP in the future, you might want to look at PoE switches on the edge.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#6
April 26, 2012 at 07:32:54
Thank so much!

Angus


Report •


Ask Question