Options
VLAN and which router to configure on
e24ohm
Member Posts: 151
in CCNA & CCENT
Folks:
I have the following topology in my model; however, I am not sure which router I would configure my VLANs on, for routing on a stick.
..................................................| floor 1.......|.floor 2......|floor 3........|
Internet--<Router1>
<firewall>-|-<router2>-|-<router3>-|-<router4>-|
............................................................................|
........................................................................switch1
...............................................................................|
...........................................................................switch2
............................................................................|........|
..........................................................................PC1.......PC2
router 2 is on floor 1 and router3 is on the second floor. Each of the routers will provide service for 100 computers. The routers allow for multipule broadcast domains, which have 100 computers. A total of 500 computers are in the building.
Question - In a model like this, were do I place my configuation for routing on a stick for my vlans? I might have a machine on the 5th floor, that is behind 3 more routers.
Thank you.
I have the following topology in my model; however, I am not sure which router I would configure my VLANs on, for routing on a stick.
..................................................| floor 1.......|.floor 2......|floor 3........|
Internet--<Router1>
<firewall>-|-<router2>-|-<router3>-|-<router4>-|
............................................................................|
........................................................................switch1
...............................................................................|
...........................................................................switch2
............................................................................|........|
..........................................................................PC1.......PC2
router 2 is on floor 1 and router3 is on the second floor. Each of the routers will provide service for 100 computers. The routers allow for multipule broadcast domains, which have 100 computers. A total of 500 computers are in the building.
Question - In a model like this, were do I place my configuation for routing on a stick for my vlans? I might have a machine on the 5th floor, that is behind 3 more routers.
Thank you.
Utini!
Comments
-
Options
VAHokie56
Member Posts: 783
what kind of gear we talking about here ?.ιlι..ιlι.
CISCO
"A flute without holes, is not a flute. A donut without a hole, is a Danish" - Ty Webb
Reading:NX-OS and Cisco Nexus Switching: Next-Generation Data Center Architectures -
Options
Forsaken_GA
Member Posts: 4,024
You configure them on the trunk link that's leading to the switches that you're doing RoAS for, which looking at your diagram, looks to be on router3. If you needed to talk to a machine that's hanging off a different router, that's taken care of just through normal routing. -
Optionse24ohm
Member Posts: 151
Forsaken_GA wrote: »You configure them on the trunk link that's leading to the switches that you're doing RoAS for, which looking at your diagram, looks to be on router3. If you needed to talk to a machine that's hanging off a different router, that's taken care of just through normal routing.
Ok - I understand what you are saying about Router3, since that router will be providing Routing on a Stick; however, what happens if I need to add a machine on floor 5 into a VLAN that has been created/established on floor 3?
thanks.Utini! -
OptionsForsaken_GA
Member Posts: 4,024
Ok - I understand what you are saying about Router3, since that router will be providing Routing on a Stick; however, what happens if I need to add a machine on floor 5 into a VLAN that has been created/established on floor 3?
thanks.
Then your switches better be interconnected with trunk lines. If that machine on the 5th floor doesn't have any layer 2 adjacency to the other machines in it's vlan, you should provision a new subnet for that floor.
Otherwise, you're going to have configure bridging, in which case the answer is still the same - it goes on the router that's going to have the gateway for that subnet. It's difficult to advise you any further without seeing a full topology, what you've diagrammed above only seems like a portion of it. It sounds like you're heading into the land of bad network design, however. It would be a MUCH better idea to drop a line from the 5th floor to whatever floor the gateway router is on and bring up a trunk link between the floors as opposed to trying to configure bridging across three routers (and I honestly don't even know if that's possible. Edit, actually, it probably is now that I think about it, but you might need to do some tunneling to make it work)
What you should have is wiring closets on each floor with switches in those wiring closets that connect your desktops, and then have wires from the wire closet running to a centralized location for transport. This would allow you to put any machine in any vlan regardless of where it is in the building. Either that, or each floor should have it's own subnet and let your routers route -
Optionse24ohm
Member Posts: 151
Forsaken_GA wrote: »Then your switches better be interconnected with trunk lines. If that machine on the 5th floor doesn't have any layer 2 adjacency to the other machines in it's vlan, you should provision a new subnet for that floor.
Otherwise, you're going to have configure bridging, in which case the answer is still the same - it goes on the router that's going to have the gateway for that subnet. It's difficult to advise you any further without seeing a full topology, what you've diagrammed above only seems like a portion of it. It sounds like you're heading into the land of bad network design, however. It would be a MUCH better idea to drop a line from the 5th floor to whatever floor the gateway router is on and bring up a trunk link between the floors as opposed to trying to configure bridging across three routers (and I honestly don't even know if that's possible. Edit, actually, it probably is now that I think about it, but you might need to do some tunneling to make it work)
What you should have is wiring closets on each floor with switches in those wiring closets that connect your desktops, and then have wires from the wire closet running to a centralized location for transport. This would allow you to put any machine in any vlan regardless of where it is in the building. Either that, or each floor should have it's own subnet and let your routers route
Understand. I was trying to understand the Campus LAN concepts, in addition, to the method I noticed in the new ICND1 book, which discribes a model of breaking floors or 100+ computers into sections, behind multipule routers to control broadcast domains; however, this got me thinking. If I do the latter, then how would I deploy multipule VLANs that span floors.
The only other solution I could find, would be to create another VLAN on a different floor, and create an access-lists which would allow or deny traffic from other sources.
Thanks for the help!!!Utini! -
OptionsForsaken_GA
Member Posts: 4,024
Understand. I was trying to understand the Campus LAN concepts, in addition, to the method I noticed in the new ICND1 book, which discribes a model of breaking floors or 100+ computers into sections, behind multipule routers to control broadcast domains; however, this got me thinking. If I do the latter, then how would I deploy multipule VLANs that span floors.
The only other solution I could find, would be to create another VLAN on a different floor, and create an access-lists which would allow or deny traffic from other sources.
Thanks for the help!!!
Ok, this is theoretical. That's easier to work with.
Generally speaking these days, you want one vlan to equate to one subnet, end to end vlans are considered bad form. So if you're using a router on each floor, and each floor is it's own subnet, then each floor would be it's own vlan. So a machine on the 5th floor would never be in the same vlan as a machine on the 2nd floor, if they needed to communicate, the only thing involved would be layer 3 routing.
By designing your network to basically just be a bunch of subnets, you're containing broadcasts, and you're generally also removing STP from the picture. This is good, as STP is a royal pain in the rear sometimes, but it's also not as flexible, as subnets don't span multiple routers as easily as a vlan can span multiple switches.
This also conflicts with the virtualization trend, where folks are currently campaigning for a big flat layer 2 domain -
Optionse24ohm
Member Posts: 151
Forsaken_GA wrote: »Ok, this is theoretical. That's easier to work with.
Generally speaking these days, you want one vlan to equate to one subnet, end to end vlans are considered bad form. So if you're using a router on each floor, and each floor is it's own subnet, then each floor would be it's own vlan. So a machine on the 5th floor would never be in the same vlan as a machine on the 2nd floor, if they needed to communicate, the only thing involved would be layer 3 routing.
By designing your network to basically just be a bunch of subnets, you're containing broadcasts, and you're generally also removing STP from the picture. This is good, as STP is a royal pain in the rear sometimes, but it's also not as flexible, as subnets don't span multiple routers as easily as a vlan can span multiple switches.
This also conflicts with the virtualization trend, where folks are currently campaigning for a big flat layer 2 domain
Forsaken_GA, thanks for the help. Sorry I made it difficult earlier - I was not grasping book material, and confusing myself.
thanks for the help.Utini!
