Why use VLANs at all?

kyhoover · ‎12-17-2002

I would like to ask for help.. I am trying desperately to convince my manager that having a flat network with 1500 nodes on it is simply not a good idea. I know this intuitively, but he is asking for hard and fast data showing why. I'm having a difficult time finding any. Given the size of my network, and the fact that in 2-3 years we will likely be expanding to 2500-3000 users, I need to get some VLANs running ASAP.

Can anyone point me to some good resources that will help me make my case?

netops01 · ‎12-17-2002

Well, Cisco Design Guide says maximum 500 nodes on flat IP network.

DWAM_2 · ‎12-18-2002

Hello,

You can convince your manager with the follow informations :

-> Use Vlan to limit the broadcast domain (stay < 200 nodes per Vlan as possible).

-> If You have a problem on a Vlan, You can troubleshoot more easily on this vlan without effects on others Vlans.

-> I think (but You can confirm/infirm ) that it's much easier to administrate more Vlan with low number of machines than 1 Vlan with lots of hosts. (?)

-> We have a customer with 2000 users on his flat network and so 1 Vlan - This customer has got serious problems on his flat network and it is not really to optimise it + Not easy to troubleshoot his network. We actually migrate its flat network into many Vlans to reduce problems.

-> You can give the advantages of using Vlan :

- segmentation.

- virtual organisation.

- efficiency.

- (security).

- flexibility.

- low cost when add, changed and modifications. (see marketing informations about vlan by Cisco =)

...

Regards.

ryanm · ‎12-18-2002

A site which describes a real life network with discussions of pros and cons is :- http://net21.ucdavis.edu/newvlan.htm

Mike

efrahim · ‎12-18-2002

Hope this helps

http://www.cisco.com/cgi-bin/Support/browse/psp_view.pl?p=Internetworking:Ethernet:Fast_Ethernet&s=Network_Design

L.Druett · ‎12-18-2002

Maybe you need to stage something, like get someone to hack into his desktop, and then when he wants to know what happened, you can explain to him that this is not an easy task due to the lack of security and manageability of a flat network.

Someone did this on a large building access control site, (large airport), where the manager turned down the budget to upgrade and expand the building access control system, so someone grabbed a cardboard box, wrote "BOMB" on the side of it, and placed it on the manager's desk. It worked, the budget came through a lot sooner than originally expected.

kyhoover · ‎12-18-2002

Tempting, but...he's been here 35 years and is not eager to change from the flat network he set up himself...in 1991.

Unfortunately, I've already used everything that has been listed previously so far. The cold hard facts already listed, plus a mandate from the management above us to switch to VLANs, and he won't budge. It may come to this!

james.henderson · ‎12-18-2002

Easy:

The larger the broadcast domain the:

1) slower the network will be

2) easier it will be to break in (hack)

My suggestion would be to stress the importance of network security...comment on Homeland Security..he should have heard alot about it by now. Since it appears that he doesn't care about performance or reliability, I think the best bet would be the Home Security bill. However, while stressing the security factor, also keep in mind the other pros of VLANs versus flat networks. Things that DWAM mentioned are also a good start.

Hopefully that'll help

bardak5328 · ‎12-19-2002

30-45% average utilization is pushing the limits of a typical Ethernet LAN. If your rate of collisions are above 1%, you will also start to see performance problems. There is tons of documentation out there that supports this fact. If you have access to an Ethernet sniffer, take some captures and that will tell you how over utilized your network really is. If he caves in and decides to get some switches, go for Layer 3.

Good Luck