Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
387
Views
0
Helpful
2
Replies

Network (IP Space) Expansion

oneirishpollack
Level 1
Level 1

‎09-17-2013 07:12 AM - edited ‎03-04-2019 09:03 PM

We started out as a small organization with a core switch at each of our three sites. Each site as one or more buildings with multiple floors. Each department (10 total) was provided a routed VLAN  on the core. We slowly, but surely ran out of IP addresses for departments. We next began assigning multiple VLANs to a single department, but it has become somewhat messy. We have departments at sister sites with differing VLAN numbers, etc. In addition, we have added a second core switch to a new building at our biggest site, so it is routed and subnetted separately. So to summarize we have:

Building 1 and 2

Core switch 1 (6509)

VLANS

4 Servers 10.1.4.0/24

10 Marketing1 10.1.10.0/24

11 Marketing2 10.1.11.0/24

12 Business Office 10.1.12.0/24

18 Cisco 10.1.18.0/24

22 Facilities 10.1.22.0/24

25 Interactive Video 10.1.25.0/24

30 Voice 10.1.30.0/24

Building 3

Core Switch 2 (4900)

VLANS

4 Servers 10.2.4.0/24

10 Marketing1 10.2.10.0/24

13 Marketing2 10.2.13.0/24

15 Business Office 10.2.15.30.0/24

18 Cisco 10.2.18.0/24

22 Facilities 10.2.22.0/24

25 Interactive Video 10.2.25.0/24

30 Voice 10.2.30.0/24

So as we plan for future expansion, my question are:

•1.     What addressing scheme would make the most sense? Should I base my VLANS on a scheme like function, building#, and floor. So for example, marketing in building one on floor one might be VLAN 411. The “4” would represent marketing, the “1” would be building one, and the next “1” would represent floor “1”. Or does it make more sense to subnet my network based on closets. For example, closet one (wherever that is) is subnet 10.1.0.0/24, closet two is subnet 10.2.0.0/24, closet 3 is subnet 10.3.0.0/24. Obviously the 3rd octet in every address would be the VLAN.

•2.     What other better options are there in terms of addressing using IPv4?

•3.     What do I need to be aware of? Caveats?

Thanks.

Labels:
0 Helpful
2 Replies 2

amabdelh
Level 1
Level 1

‎09-17-2013 11:22 PM

Hi

If you want my advice, I prefer to use L3 connection between your access switches and the core switches. In this way, you will avoid problems like spanning tree and you can use redundant links and failing over in faster time than L2.

In this way, you will have different vlans in each one of these switches and so different subnets, and it will be easier to manager, so you can differntiate and know each subent where it belongs and to which department/application.

regards

0 Helpful

Jeff Van Houten
Level 5
Level 5

‎09-18-2013 08:35 PM

3 things to consider.

1. Do users all access services in the common server vlan? If so, then why segregate PC Vlans by department? You'd probably be better off segregating by geography (building, closet).
2. Agree with other poster that you should route from the access to the core.
3. There is a Cco document that recommends you segregate the address space of the voice vlan completely from the data so you can easily acl and prevent all access to the voice network. For example, use 172 16.10.0/24 for building 1, then 172.16.20.0/24 for building 2. Then you can put an acl at all layer 3 points that says from 172.16.0.0/16 to 172.16.0.0/16. This obviously has implications for the addressing of any ccm servers and associated voice gateways.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card