LAN design - how to implement a core switch?

peteg1977 · ‎05-22-2008

Hi all,

First post here so please be gentle :-)

I'm looking for a bit of advice with a LAN setup I've been tasked with.

The basic requirements are to have a demonstration suite of servers/storage devices networked with internet access with certain devices segmented in different VLANs. Also, a separate VLAN is required for training and meeting rooms which will receive DHCP addresses from a WIN2K3 server.

The kit I've inherited consists of:

1 ADSL Modem/Router

1 2611XM router

2 Catalyst 4006 switches with Supervisor II engines (CatOS :-( ), one with a layer 3 routing module

Several Catalyst 2950/3500xl switches

Netscreen 100 Firewall

F5 Firepass for VPN

After a lot of fun resetting devices I've currently setup the LAN with a router on a stick configuration which routes between different VLANs (on the 3500/2950s) and which has internet access via the 2611 and ADSL modem router in turn. That's about as far as my current knowledge goes I'm afraid!

What I have to do is incorporate the 4006s but I don't really know how to go about it or what's the best way to use them. How would I use them as core switches?

I was hoping someone could point me in the right direction on the best way to connect the switches up, i.e. network design, cabling (fibre uplinks between switches) and some basic configuration advice with the layer 3 routing module.

Any advice will be most appreciated!! It's my first networking job and I'm a bit lost.

Thanks.

andrew.prince · ‎05-22-2008

Peter,

The key points of a core infrastructure are:-

1) High Availability

2) High Bandwdith

3) Reseliancy

4) Failover & Backup

5) Distribution Layer

6) Access Layers

Once you have the above - you can bolt everything to that.

I think a starting place for you would be;-

http://www.cisco.com/en/US/netsol/ns656/networking_solutions_program_home.html

Then more specifically:-

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns107/c649/ccmigration_09186a008073377d.pdf

This has all that you need

HTH.

peteg1977 · ‎05-23-2008

Thanks Andrew, I'll have a look at the documents over the weekend.

My initial thought was to setup the VLANs on one 4006 and have that functioning as a VTP server, connected to the other 4006, the 3500/2950 switches and some ports used for the rooms. I'm guessing I can use the L3 module to route between the VLANs and use the 2611 as a connection to the ADSL modem/router?

Can anyone tell me if I'm on the right track?

Cheers,

Peter.

andrew.prince · ‎05-24-2008

Peter,

I would do the same - with a twist...

Have 1 4006 as a VTP server, also the spanningtree root for all vlans.

Have a trunk between the two 4006's - and make it an etherchannel 2 or 3 ethernet links (redundancy).

Make the second 4006 also a vtp server (redundancy) and have that 4006 the secondary 4006 for spanningtree (more redundancy!)

That way if you decide to have a distribution layer - you have 2 uplinks into the core 1 into 4006-1 as the primary, and the second 4006-2 as the secondary.

You could then have a trunk (etherchannel) between the distribution switches, then have a access layer into the distribution layer with duel links. This way you could have multiple switch and or link failures and still work!!!

You use the layer 3 module to do the inter-vlan routing - correct. Then have your adsl modem/router as the gateway to the internet - you put a default route in the layer 3 module point to the adsl modem! then you have the routes for the various vlan subnets pointing from the modem back to the layer 3 module......done!

HTH.

peteg1977 · ‎05-26-2008

Hi Andrew,

Thanks for the useful advice! At least I have an idea of where I should be heading now.

Peter.

andrew.prince · ‎05-27-2008

np - glad to help.