- I have been tasked with migrating a separate private network to our local LAN.
- Our local LAN is in a class A range 10.x.x.x
- The separate private network contains barcode scanners with hard coded IPs in a private class C range 192.x.x.x./24 These devices must retain their current IP addresses.
- I'm planning to create a new SVI VLAN on the layer 3 core switch. This VLAN will be allowed on the layer 2 switchports that service the devices.
- The SVI/VLAN will be created with a 192.x.x.x/24 address.
Is there anything I'm missing here? Does this look like the correct setup to accomplish the task?
Solved! Go to Solution.
An additional question for this - Once I bring up the new SVI on the core, will the devices continue to operate normally on the old switches? In other words, can I migrate them over to the new switches in phases, or will it take one big outage?
Need some clarification on what you are planning. For example: Will you be establishing an L2 connection to the old switches and have them use the new SVI and then move the device connections from the old switches to the new switches in phases? Or is it being done another way?
Also, is there any connectivity or routing occurring between this private network and your network now?
Currently the scanners are on a flat layer 2 network, no routing. The servers that operate them are already on the new Class A Network, but they also have a 2nd connection to the old network.
I wasn't planning on establishing a L2 connection to the old switches and have them use the new SVI. Like Reza mentioned, I'm hoping the scanners don't have to talk to each other, and once they are moved to the new network, they only need to talk to the servers (which are already on the new network)
The servers have a second connection to the old network? You mean a second NIC with a 192.x.x.x/24 address?
If that is the case, then moving the devices to the new network may not work, because return packets may go out the other NIC.
Also, if routing wasn't necessary on the old network, have you verified these devices have default gateways configured?
Correct, they have a 2nd NIC on the 192 network..
I will need to verify if the devices have default gateways configured.. There can't be any routing though. All switches are L2 2950's and every port is trunked. They are basically like hubs.
So then I go back to my earlier statement in that if you move devices to the new network, they probably won't be able to communicate with the servers with the 2nd NIC.
If these devices are completely separated and not connect to your network than you can move them in phases, but the issue with that is that the devices can't communicate with each other if they need to. You will have the same IP segment on 2 different networks and that is fine as long as the 2 networks are not connected together and the scanner don't have to talk to each other, if they do than you would need to move all at once or connect the scanner switch to your environment, create a trunk between them and keep the old SVI until all the devices are moved.
Overall its easier if you can move all of them in one outage.
Thanks Reza - I'm not sure if the scanners need to communicate with each other. I believe they only need to communicate with their server, which is already on the class A network.
So I could test this by bringing up the SVI, move a scanner, and see if it is functioning as it should. If it is, then I can move the rest in phases. If not, then I should probably just do them in one big outage, or go with the trunk method. Thanks again.
I think taking one of the scanners to the new network and testing it to make sure everything is working before you move the rest is a very good idea. It makes perfect sense.
Update - Global does not want a new SVI created for this--they don't want to advertise another network. They want me to create a layer 2 VLAN only for the 192 network.
I have created the vlan, it is trunked from the core to the switch and have setup a test interface. I am simulating a scanner by configuring a laptop with an address on the 192 network, but the laptop will not establish a connection. Its sends, but does not receive packets, and I can't ping it from the controller..
Any ideas? I always thought that with layer 2 VLANS, they don't care what IP range it is. Or maybe someone can suggest an better way to test this?
What was the VLAN you created for the 192 network?
Is there now a trunk from the core to the old switched network? If so how is it configured?
Is the old switched network a single VLAN just for the scanners? Or are there also other VLANs for other applications?
Where are you connecting your test laptop and how did you configure that port?