VLANs Purpose and Configuring

Dell / Pe2950
November 25, 2009 at 06:17:25
Specs: Server 2003, Dual Xeon 5150
It appears that I am going to need to start using VLANs but I have no idea where to start. This is what I have going on:

2 Outer Offices - I've read that it's a good idea to put outer offices on a VLAN. Why? These offices don't have domain controllers, they're still small yet. We don't have a site to site VPN set up yet at one of the offices, users connect to our Terminal Server to do their work. When we do set up the VPN users will still need to use Terminal Services because our main app won't run over a VPN.

The other office is connected via fiber cable from the switch in the office to a switch in my main office.

IP Phones - I was told to set up a VLAN for our IP Phones. Where to start?

We're about to set up an iSCSI SAN. I was told a VLAN is best practice here too.

I'm pretty sure that my switches allow me to select a port and add it to a VLAN, but I think the subnet needs to be created in Active Directory (Server 2003) and DHCP needs to supply the addresses. How do I do that? Also, do the VLANs need to run independent of our primary subnet or do they need to be linked? How do I do that?

Yet another idea, because we use NIC Teaming each server on my network will need 3 IP addresses (NIC Teaming - one for each physical NIC and an addressable one for the NIC Team) We have a single subnet in which a block of IP's was set aside for the servers. My problem, for example, is that IP addresses 1 - 20 are for servers, 21-50 are for users with static IP addresses. Addresses 1-20 doesn't provide enough space for my servers when each one is using 3 IP addresses. And sliding the users on addresses 21-50 down is a lot of work. Does it make sense to put my servers on a VLAN? Related, but unrelated - Active Directory doesn't recognize that IP Address ending in 3 is being used by a NIC Team. Does that mean I this address only serves as a placeholder in the Teaming software and can be used on another server where it can be addressed? Can I use the same placeholder IPs in all of my NIC teams?

Thanks for taking the time to read and reply.


See More: VLANs Purpose and Configuring

Report •

November 25, 2009 at 07:07:34
Before I read any more than the very first line I'm going to say this:

google is your friend

Try a google search of "VLAN" and start doing some reading and research. Once you know what VLAN's are, their uses and benefits you can then decide if you need to deploy them or not.

Once you've done the basic groundwork and the basics about VLAN's come back in here and ask us for some help on getting it all setup.

There's no point in me, or anyone else trying to help you right now. If you don't speak the language, you can't possibly understand the response.

Report •

November 25, 2009 at 07:59:35
ip phones vlan - depends on the vendor. Not all ip phones can use a vlan

nic teaming - you misunderstand it. Only uses one ip not three.

iscsi san - who is implementing this for you? You do realize this means you are clustering servers? Vlans are simple compared to clustering. Who is going to support this setup?

Report •

December 1, 2009 at 14:46:44
Curt - you are definitely right I have a lot of reading to do. The only thing more right is that I should be hiring someone to do this. I just can't find ANYONE who doesn't want to manage my entire network instead of just doing project work. Doesn't anyone just do project work . . .? Anyway I'm way too short on time to read which is usually why I turn to forums.

Wanderer -

Phones: They are Avaya 5610 phones and are VLAN capable. Avaya suggests that the phones run on a VLAN. They will be in an office with a small switch that is connected by fiber to our main office. The switch has the capability to configure VLANs.

Nic Teaming: "you misunderstand it" . . . is an understatement :). Anyway, in order to set up the team each physical card needs and IP address, then the TEAM is given an IP address. It's as if the addresses given to the cards are just temporary place holders though because if I try to access one of the servers by the address I assigned to the physical NIC it can't be found. So isn't assigning each physical NIC an IP a failsafe in the event that the team breaks?

iSCSI - EMC is going to do all the configuring for us. All I have to do is have the physical work done. The SAN is mounted and cabled. They tell me that the iSCSI connections need to be in a VLAN. The SAN and one server are all that will be connected via iSCSI - that's not clustering. I can see in my switch how to create a VLAN and include specific ports but I think there is a lot more involved than that.

My switch is a 3Com Baseline 2848SFP Plus. It's a layer 2 web managed switch. In front of it is a SonicWall NSA2400 and in front of that is an SMC Cable Modem/Router.

According to what I've read I need something to route traffic to/from the VLAN which is where a layer 3 switch is handy. But I don't have one of these and since I've never done this before I'm a little stuck for figuring out if what I have can work.

Thanks for the reply. Any more light you can shed will surely be appreciated.


Report •

Related Solutions

Ask Question