vlan design, can I have some opinions or advice please? Thanks!
Hey there guys, i needed to design a vlan for part of my university coursework. I was hoping that some of you pros here can have a look at it and give me your opinion, it was very difficult to research and design.
I was wondering if the native vlan which is the main network with around 1000 hosts on the is the management vlan also? A thing I was not sure about either was security, there is just too much to think about, so if anyone can give me advice on anything that would be great!
Here is the diagram I made:
#-Link-Snipped-#
Thank you!
I was wondering if the native vlan which is the main network with around 1000 hosts on the is the management vlan also? A thing I was not sure about either was security, there is just too much to think about, so if anyone can give me advice on anything that would be great!
Here is the diagram I made:
#-Link-Snipped-#
Thank you!
Replies
-
durga chhello
generally speaking, all the hosts assigned to a switch are in default VLAN or native VLAN1. Are you taking of siwtch management? in that case, the base MAC is as well assigned to the VLAN 1 it self. Or if you are mentioning the management of each vlan, then you can either do it on each VLAN or by using other techniques such as trunking and so on.
It will help me help you if you can tell me what exactly is the issue. I arent asking the exact uni question but what information are you looking for exaclty -
durga chto add to the above post,
All the hosts intially are included in vlan1 itself, for example see the below switch output, all the interfaces of the switch are configured for VLAN1
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
2 VLAN0002 active Fa0/2
later, we configure each of the ports to different vlans. ( like the vlan 2 here, it has been manually configured)
As far security is concerned, see it like this.
The engineering students are all placed in a VLAn, the science students in another vlan and so on. Thus you are able to create some sort of barrier between the two groups from accesing other's information. see it like this- they are in 2 different networks- hence different policies can be applied to both thus enhancing the security. from the diagram you have provided.ACLs can as well be implemented allowing or denying specific Ips to access few services. As you can see , all these are being implemented at the access layer of your network topology (the lower blue part)
You are reading an archived discussion.
Related Posts
Hey,
is anyone familiar with the use of PEM fuel cell with regenerative braking system for a HEV? I'm trying to incorporate this system into a golf cart for my...
what are the relevances of C++ programming language in electrical/electronic engeering and in engineering as a whole.
Trim Fusion
University of Missouri, St.Lois seems to have come up with a non invasive procedure taking just a second to monitor blood glucose levels, The team uses IR transmitted through the...
A lot of students in my college are talking about taking training this summer. I just wanted to ask, what do we learn in a training course (for CS)? Is...
Lecture on Engineering Mechanics by Dr.G.Saravana Kumar, Department of Mechanical Engineering, IIT Guwahati.
Feel free to ask questions, doubts and contribute your ideas in this discussion thread -
[video=youtube;FkduVLMFAUo]https://www.youtube.com/watch?v=FkduVLMFAUo[/video]