vlan design, can I have some opinions or advice please? Thanks!

hello

generally speaking, all the hosts assigned to a switch are in default VLAN or native VLAN1. Are you taking of siwtch management? in that case, the base MAC is as well assigned to the VLAN 1 it self. Or if you are mentioning the management of each vlan, then you can either do it on each VLAN or by using other techniques such as trunking and so on.

It will help me help you if you can tell me what exactly is the issue. I arent asking the exact uni question but what information are you looking for exaclty

to add to the above post,

All the hosts intially are included in vlan1 itself, for example see the below switch output, all the interfaces of the switch are configured for VLAN1



VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
2 VLAN0002 active Fa0/2
later, we configure each of the ports to different vlans. ( like the vlan 2 here, it has been manually configured)


As far security is concerned, see it like this.
The engineering students are all placed in a VLAn, the science students in another vlan and so on. Thus you are able to create some sort of barrier between the two groups from accesing other's information. see it like this- they are in 2 different networks- hence different policies can be applied to both thus enhancing the security. from the diagram you have provided.ACLs can as well be implemented allowing or denying specific Ips to access few services. As you can see , all these are being implemented at the access layer of your network topology (the lower blue part)