Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1009
Views
5
Helpful
9
Replies

Can someone take a look at my network and tell me if it is correct?

laboon
Level 1
Level 1

‎04-26-2022 01:01 AM

Hello everyone! I have an assignment that is due next month. I need to create a redundant network with the following configuration: Correct Switch security, configured management interfaces, remote SSH access, VLAN's and subnets, DHCP server, static routing, minimum 3 internal networks and ACL's to secure specific subnets. My question to you is, if you can take a look at my network and tell me what I did good and what needs to be done better. Could you also look at my VLSM SUBNET and tell me if I did it right?

 

I already configured the following: DCHP SEVER - VTP - STP - SSH - CONSOLE ACCESS - VTY ACCESS - ETHERCHANNEL

 

I only need to configure ACL's (if am not mistaken) and I also need some help configuring a Provider router and an Edge router (shown in the example I uploaded). So if someone can link me a YouTube video or post explaining Provider router and Edge router, that would be great!

 

Sorry for the lengthy post, but am quite new to networking and am kinda confused what i should do next with this network because my teacher's feedback was basically telling me my network is bad.

 

Thank you so much in advance!

 

Labels:
Network, Example and VLSM SUBNET.zip
0 Helpful
9 Replies 9

Georg Pauwen
VIP
VIP

‎04-26-2022 01:09 AM

Hello,

 

I think it would at least take several hours to check every detail of your network, so maybe you can narrow your question down to some specific issues you are running into. What instructions are you following ?

0 Helpful

laboon
Level 1
Level 1
In response to Georg Pauwen

‎04-26-2022 08:52 AM

Well he basically said this: "Those hosts work on every OSI layer, so also on Layer 3, so they also have an IP address. The switches they hang on don't know this though, the traffic passes there, but the switch can't understand this. The switches only know Layer 2 and mac addresses."

 

I really don't understand what my teacher is trying to say, tbh. Am sorry if this seems silly.

 

0 Helpful

Martin L
VIP
VIP

‎04-26-2022 12:56 PM

Looks good; subnetting is ok; VLSM is fine; I did not see /29 network in your PT file.  Not sure if there must be one.

although L2 switches mostly read and forward traffic based on Layer 2 MAC addresses, they need to have L3 IP and default gateway set. this is in order to get to switch remotely to configure and troubleshoot.  this is usually called management vlan and it could be vlan 1 , although most admins will choose different number. Default vlan 1 is not used for anything, any data except so called control traffic (VTP, STP, DTP, etc).

 

Regards, ML
**Please Rate All Helpful Responses ** 

 

 

laboon
Level 1
Level 1
In response to Martin L

‎04-27-2022 12:01 AM

oh so I need to use a different vlan than vlan1 for IT? And add the layer 3 switches their ip and default gateway to the L2 switches?

0 Helpful

Martin L
VIP
VIP
In response to laboon

‎04-27-2022 05:50 PM

Yes, I would use different vlan than vlan1 for IT department vlan;  then make sure that new vlan x has SVI interface vlan x up up and IP address in the subent use for IT people; aka 1 subent per 1 vlan which is also recommended practice,.  L2 switch should have only 1 interface vlan x up up (SVI) in order for IT to connect and manage switch.  Do not add any other L3 IPs to L2 switch; just one IP and 1 SVI should be ok. 

I am not sure what exactly your teacher is trying  to say.

 

 

Regards, ML
**Please Rate All Helpful Responses **

0 Helpful

laboon
Level 1
Level 1
In response to Martin L

‎04-28-2022 08:17 AM

yhea I get what you're trying to say, but we need to work cost-effective, so we need to try to use less switches. And yes I know also what you are trying to say by 1 subnet per VLAN, but yet again my teacher wants us to have like one subnet for all of them. I know I wouldn't do it that way either, but yhea. Anyway thank you for taking the time to reply, now I know that am not the only one that doesn't understand his remark he made. I will ask him for better feedback!

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎04-28-2022 10:10 AM

 

His remark is pretty straighforward.

 

Hosts like client, servers need to send and receive IP packets so they need an IP address to communicate with whereas L2 switches use the mac address to forward the traffic ie. they don't look at the IP address when they make a forwarding decision. 

 

As Martin pointed out they do have an IP for management but end devices never use this IP as their default gateway. 

 

L3 switches obviously work differently. 

 

Jon

0 Helpful

Georg Pauwen
VIP
VIP

‎04-28-2022 10:16 AM

I reviewed your file and made some minor changes. The default gateway of the access switches needs to be the IP address of the neighboring layer 3 switch(es) rather than that of the routers. I also added 'spanning-tree portfast' to the access ports on the access switches.

 

Other than that, your network looks sound. You have end to end connectivity. So yes, ask your teacher what he doesn't like, in detail.

Network_REV.zip
0 Helpful

laboon
Level 1
Level 1
In response to Georg Pauwen

‎04-28-2022 10:29 AM

Oh wow, thank you so much for looking at my network! Also, thank you for telling me the mistakes I made. I will talk to my teacher tomorrow, hopefully I will understand his point of view better than. Have a great day!

0 Helpful
Customers Also Viewed These Support Documents