I edited this post because my question have changed a lot.
Question (theorical question)
Let's say I have two vlans. On each port of my switch, I have two devices. Device 1 is on vlan 10 and device 2 is on vlan 20.
Device 1 is able to emit tagged packet saying these packet belong to vlan 10. Device 2 does not tag its packet ,so they belong to the default vlan (let's say vlan 20 is the default vlan).
My question is, is there any point to do that if I do NOT have a mac-based vlan ?
My reasoning is, if my switches and routeur are not able to do a mac-based vlan, and all my port are using both vlan 10 and vlan 20 (because of the 2 devices they each have connected to them), then I guess all of the packet belonging either to vlan 10 or vlan 20 will be broadcasted to each port of my switch. So no improved security, and no improved quality since there will be a lot of noise on each port.
On the other hand, if my switches and routeur are "mac-based vlan-able", then they would be able to broadcast one paquet to one precise port, the one with the target device conencted to it. In this case, only two devices would get the paquet (the two connected to the target port) instead of all of the devices on the switch.
Am I right here ?
Original post :
First, sorry for barging in your forum with my bad english and all my questions (which all probably already have answers somewhere) but i'm kind of in a bad position right now.
First, I knew nothing about vlans 2 days ago. Now it's a bit better after hundreds of documentations pages but the answers I need are getting harder and harder to find as I progress.
I work for a company, we are moving soon and I learned 2 days ago that we would need vlans on our new network, preferably MAC-based vlans. So I began my researches, but here are few questions I still have :
- Is it possible to create a mac-based vlan if only the router knows how to do that and not the switches ? If yes, is it useful since what I want is a vlan with QoS for voice over IP, so if it IS possible BUT packets are sent everywhere regardless, it does not seem very useful.
- I will have 4 switches and one routeur, I did not quite got what I was supposed to do if I wanted to use multiple switches. The essence of it was to link the switches between them with CROSS ethernet cable (not straight) and I had to wonfigured the linked port of the switches as Trunk (still not clear what a trunk is).
- If I have mac-based vlans and each port of my switch has two devices connected to it (one of each vlan) and my switches does not tag the packet (cf. question 1 with only the routeur being able to do mac-based vlans), shouid I configure each port of the switch as trunk ?
Sorry, I feel a bit like I sprout a lot of clumsy question.
The tricky part is I am not allowed to spend "tons" of money on high end equipements and I was asked to make-do with what I have. It is supposed to be up and working in ten days.
Thanks a lot for reading me,
How many VLANs will you have? Can you specify the models of the switches and router? Trunk links are used so the VLANs can span across your switches, for example the user from another vlan, lets say VLAN 10 from another switch (SWITCH A) can reach the user in VLAN 10 in SWITCH B or C or D (since you will have 4 switches). For the mac based vlan, you need a VMPS.
For the QoS just configure auto qos voip trust cisco-phone and the cisco switches will configure the qos settings globally for you (something like a macro). Just make sure that all the classification settings in the switch are properly matched when it reached the router for proper marking and policing.
I hope I answer your question. If not, just send me a PM.
Hello, your answer did help a bit, and since my post I had a lot of new pieces of information, including the fact that the phones we will be using are able to tag their own packets so it simplifies a lot of things, no need to use mac-based vlan !
My problem now is not anymore regarding the vlans (I think I have enough information, I need to start testing as soon as possible now). My problem is which routeur should I buy ? We actually have a cisco small business RV082 which is too limited regarding vlans features.
I was thinking a cisco 891 but just saw it's not a gigabit routeur. All of my switches are so I'd rather keep the whole network gigabit able. My new question is, do I need my routeur to be gigabit for that ? since my switches are gigabit, isn't it enough to keep the local network gigabit able ? I feel like the answer is yes, but I am looking for clear confirmation :)
Thanks a lot, again !
It depends on the ff things.
1. How much bandwidth do you have for your internet/private WAN(if there are any)?
2. What are the applications that would run in your network?
3. How many users?
You can choose from the ISR G2 Routers. I suggest to use gigabit ports(copper may do). I understand you have a certain budget for your project. So you need to design your network carefully. To avoid doubling the cost in the future.
Thank you for your answer.
My internet WAN has a very small bandwidth (4Mb/s) + a second one at ~20Mb/s .
The main traffic is local traffic, generated by our work application, central server with ~30 users connected to it all day long. Total number of users on the network is ~40
Thank you for the ISR G2 routeur ref, it seems appropriate, I will look into that :)
For that kind of traffic ISR G2 router should fit into your requirements if redundancy is required you just need to purchased two. And just implement a gateway redundancy protocol like glbp or hsrp. For the switches if you need layer 3 switches look into 3700s or 3800s because it supports stacking. For layer 2, cisco has 2900s. Thanks