02-13-2014 04:06 PM
Hi,
Would like some advice. I am going to setup a network in a friends business. He owns a converted warehouse which now houses about 20 offices rented out to different small companies.
What I want to do is connect each office to my 2x48 port switches and my router, and separate each office so that it is on its own VLAN and give each VLAN access to the internet.
What I would like to know is can I assign each VLAN it's own dhcp pool of ip addresses and would this be accomplished on the router or the switch. I would really appreciate some help.
Sent from Cisco Technical Support iPad App
02-13-2014 05:10 PM
What I want to do is connect each office to my 2x48 port switches and my router, and separate each office so that it is on its own VLAN and give each VLAN access to the internet.
What I would like to know is can I assign each VLAN it's own dhcp pool of ip addresses and would this be accomplished on the router or the switch. I would really appreciate some help.
Ideally, I'd prefer setting up the DHCP server on the most "central part" of your network. This could potentially be the router.
1. Because there's going to be multi-tennant facility, you'll need a router which can host a lot of VLANs, therefore Cisco 800 series router is NOT the way to go. You'll need to see what WAN link he's going to get now (and in the future) and size up your router instead of sticking your index finger in the air.
2. Because this is a multi-tennant facility, you might want to consider a switch which can do stacking. Your choice would then be the 2960S/X, 3650, 3850. Alternatively, you can also consider the 6880 but this is a very expensive option. You might want to consider using switches which supports PoE+.
3. Wireless? Think about it.
4. IP Telephony. What about that?
02-13-2014 07:49 PM
What routers and switches do you have now, and what is your budget?
are you planning multiple ISPs for redundancy if one goes down?
Are you providing wireless access too?
it may take a fair amount of config and management to set up 20 networks, IP ranges, dhcp servers,
this might be more complex to support and more likely to be misconfigured. The SG serires switch can do dhcp, but only on 8 vlans I think.
An alternative would be to use a sg300/sg500 feature protected ports / IOS calls it private vlan. Protected ports allow all ports to share a vlan/dhcp range, but not be able to see each other. All ports can see ports that are defined as 'egress' which could have shared printer, internet firewall, shared email server, etc. You could put a small switch in each office if they have multiple devices that need to talk to each other.
The SG500 does support stacking for management if expansion is expected.
-from the sg500 admin gujide:
Protected Ports provide Layer 2 isolation between interfaces (Ethernet
ports and LAGs) that share the same VLAN.
-
Packets received from protected ports can be forwarded only to
unprotected egress ports. Protected port filtering rules are also applied
to packets that are forwarded by software, such as snooping
applications.
-
Port protection is not subject to VLAN membership. Devices connected
to protected ports are not allowed to communicate with each other, even
if they are members of the same VLAN.
02-14-2014 12:05 AM
At present the cabinet has 2 x 3548XL switches and a 3600 series router.
Sent from Cisco Technical Support iPad App
02-14-2014 02:42 AM
At present the cabinet has 2 x 3548XL switches and a 3600 series router.
Wow. Those models of switches and routers are no match to today's hardware capabilities.
If there are no funds in upgrading them, then don't even bother offering them as a service. I've seen first-hand what a 3500XL can do when you have the new generation of NICs. In some extreme cases, some GigabitEthernet Intel NICs can cause the 3500XL interface to go down/up 25 times per minute.
02-14-2014 07:14 AM
I also have a couple of c1700 routers and a 2600 router. Would one of these work as a better replacement to the 3500XL?
Sent from Cisco Technical Support iPad App
02-14-2014 03:04 PM
I also have a couple of c1700 routers and a 2600 router. Would one of these work as a better replacement to the 3500XL?
The 2600 and 3600 came out the same time. So the answer is no. The 1700 came out a few years later. So again, the answer is no.
The main argument is that these three routers are no match to the current bandwidth being offered by even the simplest and smallest DSL link. The only thing stopping you pushing more data up and down the pipes will be the routers.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide