Normal or Bad Design?

Sanis4lifeSanis4life Banned Posts: 60 ■■□□□□□□□□
So, i just started looking into our my current jobs network and noticed some weird things that i have not see before. Granted, this is only my second network shop, so I dont know if this is normal or just bad network design.

First off, they are not trunking all of the edge switches. Some are trunked, but others are configured on an access port, rather then on a trunk one. Ok, this is fine, but they have computers, printers, and another network device all running off one vlan. In my mind, i am thinking create 3 different vlans and trunk them to whatever edge switch there is. Basic networking 101.

Second, they use the management IP on the same subnet used for the clients. I was a little boggled by this one also. Again, not on all, but some. I am trying to figure out a method to there madness without trying to offend anyone here since i am the "new guy".

There are more things i noticed, but these two stick out on my head. So, as I said I am relatively new to networking, but would like others opinion on this.

Comments

  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    If they are not trunking to the access switches it isn't the end of the world, but it won't allow them to use more than one VLAN on the access switch (duh!) but it also leads to the second item you mentioned which is the management traffic is on the same VLAN as the user traffic. Without a trunk to the access switches this is going to be the only way to do it and I would say is a bad design. The fact that they have some switches configured one way and other switches configured a different way shows a lack of standards and should be addressed. If they are worried about security and the trunks they can edit the allowed list on the distribution/core switches to only allow the VLANs they want on the trunk.
    The only easy day was yesterday!
  • NetstudentNetstudent Member Posts: 1,693 ■■■□□□□□□□
    Best of luck to you on getting managerial support to fix it and create a little bit of scalability/security.
    There is no place like 127.0.0.1 BUT 209.62.5.3 is my 127.0.0.1 away from 127.0.0.1!
  • cisco_troopercisco_trooper Member Posts: 1,441 ■■■■□□□□□□
    It sounds like a lack of standards as someone else already stated, or perhaps they have just been a little under staffed and felt the little extra overhead in doing things right just wasn't worth their time. The way I see it, you have an opportunity to bring this crap into compliance as well as a little bit of job security. Like I said, they either didn't have the time, or they didn't have the appropriate leadership. You have the opportunity to address both of them. Best of luck.
Sign In or Register to comment.