PLS NEED HELP!!!! Wlan Enterprise network creation scenario

rs2000rs2000 Member Posts: 2 ■□□□□□□□□□
deleted

Comments

  • MAC_AddyMAC_Addy Member Posts: 1,740 ■■■■□□□□□□
    Is this a homework assignment?
    2017 Certification Goals:
    CCNP R/S
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    Wow..if someone has time maybe they could help..alas I do not so I would keep it simple

    Collapsed Core design

    L3 Switch - All L3 SVI's configured here

    IP Design - Pick something appropriate, they said simple so do a /24 for each department.

    WLAN - Centralized solution or autonomous? Autonomous most likely, so place AP's on the particular departments /24

    L2 Switch in each department configured with an IP within it's specified segment, ip default gateway pointing to the L3 SVI on the Core

    One L2 switch for servers (do not patch them to the core directly).

    That's a start but this is an odd post, if this is homework then I wonder what this comes from, it's kind of ridiculous for someone who has no network knowledge. That is literally a top down design scenario.

    is this for your job or some studying?
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    When asking is it good to have HA, the answer is always "yes"...BUT can you afford redundancy in your data center? What is the feasibility of purchasing two 6500 series switches or even two Nexus 7k's?

    From the top down, you need to determine what best fits your business needs, some questions to ask

    Will a 3 layer (Core-Distribution-Access) network model be ideal? Why so? Why not?
    Will a 2 tier (Collapsed Core-Access) network model be more feasible. Why so? Why not?

    Remember, always focus on a modular design. Write it out on paper from the top down, what routing protocol is required for your environment, all Cisco equipment? EIGRP would be an option, a mixed environment, well we can leverage OSPF.

    IP Design, keep it simple...do not try to impress yourself by going overboard on subnetting. Again, keep it simple and imagine troubleshooting the network at 2AM, looking through a ton of subnets /26 /25 /27 /28 bla bla bla is ridiculous.

    Network Mgmt - 192.168.1.0/24 - Only network devices on this subnet (Routers, Switches)
    WLAN Mgmt - 192.168.2.0/24 - AP's can sit on this VLAN
    Department 1 - 192.168.3.0/24
    Department 2 - 192.168.4.0/24
    Department 3 - 192.168.5.0/24
    Department 4 - 192.168.6.0/24
    Department 5 - 192.168.7.0/24
    Printers - 192.168.8.0/24 (if you want to keep everything completely segmented or put them on their corresponding department vlan)

    Typically connectivity will come in from your ISP, say a switch (Opteman as an example) or a router. You can then configure an "external" switch to which anything with a public facing IP will connect here (i.e. Firewall outside interface, MPLS) and that can connect into your core.

    Again, lots of blanket statement but some general ideas for you I hope.
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    Network: 172.17.1.0/16? Ok, so that is actually 172.17.0.0/16

    Available range is 172.17.0.0 - 172.17.255.255

    It's up to you, I would make sure the VLAN ID matches the subnet

    i.e.

    VLAN 10 - 172.17.10.0/24
    VLAN 100 - 172.17.100.0/24
    VLAN 101 - 172.17.101.0/24

    Do not use VLAN 1, sure use the 172.17.1.x segment but do not assign it to the native VLAN throughout your network, bad security practice to use it.

    No need to put DHCP servers anywhere but in the data center, leverage the IP Helper command to direct those broadcasts.

    So on the Core the SVI's would look similar to this

    interface vlan 100
    ip address 172.17.100.1 255.255.255.0
    ip helper-address 172.17.20.252

    If using HSRP for redundancy

    CoreSW01

    interface vlan 100
    ip address 172.17.100.2 255.255.255.0
    ip helper-address 172.17.20.252
    standby 100 ip 172.17.100.1
    standby 100 priority 110
    standby 100 preempt delay minimum 30

    CoreSW02

    interface vlan 100
    ip address 172.17.100.3 255.255.255.0
    ip helper-address 172.17.20.252
    standby 100 ip 172.17.100.1
    standby 100 priority 120
    standby 100 preempt delay minimum 30


    So something like that, you really need to look at this LAN Design Guide by Cisco'

    http://www.cisco.com/en/US/docs/solutions/CVD/Aug2013/CVD-CampusWiredLANDesignGuide-AUG13.pdf
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • RouteMyPacketRouteMyPacket Member Posts: 1,104
    rs2000 wrote: »
    Thanks for the response, so the sub-netting and vlans could go like this:

    Network Management
    (Router, Switches, Servers): 172.17.10.0/24 VLAN 10
    WLAN Management (AP's): 172.17.20.0/24 VLAN 20
    Printers Management: 172.17.30.0/24 VLAN 30
    Department 1: 172.17.40.0/24 VLAN 40
    Department 2: 172.17.50.0/24 VLAN 50
    Department 3: 172.17.60.0/24 VLAN 60
    Department 4: 172.17.70.0/24 VLAN 70
    Department 5: 172.17.80.0/24 VLAN 80

    Thanks i'm looking through now, I guess so far my 1st or 2nd scenario design is more like the illustrations in the guide.

    Thanks for the help.


    Servers should be on their own VLAN.

    From a design perspective, why have you chosen a /16?
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
Sign In or Register to comment.