Proposed IT subnetting Infrastructure 

1. For External communication we will use Cisco Router(Cisco ASA5520 firewall)
2. For internal communication we will use managed switch Dell Power Connect 6248

Why use a Managed Switch?

• Limit broadcast traffic and increase security using VLANs
• Remove traffic bottlenecks using port trunking
• Guarantee bandwidth for time-sensitive voice and video traffic using Traffic Prioritisation
• We will manage switch for internal communication. I mean to say when one server (Test5) wants to talk to another server (Test) at that time it will use manager switch for the internal communication. It will not forward the traffic to the router.

Switching Services

Unlike bridges that use software to create and manage a filter table, switches use application specific integrated circuits (ASICs) to build and maintain their filter tables. But it’s still okay to think of a layer 2 switch as a multiport bridge because their basic reason for being is the same: to break up collision domains.

Layer 2 switches are faster than routers because they don’t take up time looking at the Network layer header information. Instead, they look at the frame’s hardware addresses before deciding to either forward the frame or drop it. 

Switches create private dedicated collision domains and provide independent bandwidth on each port, unlike hubs. Figure 1.1 shows five hosts connected to a switch—all running 10Mbps half duplex to the server. Unlike a hub, each host has 10Mbps dedicated communication to the server.

FIGURE 1.1 Switches create private domains.

Three Switch Functions at Layer 2 

1.  
   1. Address learning
   2. Forward/filter decisions
   3. Loop avoidance 

Here’s a list of the basic tasks we’ll be done in the switch Dell Power Connect 6248 

1. Setting the passwords
2. Setting the hostname
3. To configure the switch with different VLANs and other network functions

            Add VLAN and Description

            Configuring the IP address and subnet mask & gateway address

            Assigning switch ports to VLANs.

            Routing between VLANs

1. Hosts in a VLAN live in their own broadcast domain and can communicate freely. VLANs create network partitioning and traffic separation at layer 2 of the OSI, and as I said when I told you why we still need routers, if you want hosts or any other IP-addressable device to communicate between VLANs, a layer 3 device is absolutely necessary.

What we see in Figure 1.2 is that each router interface is plugged into an access link. This means that each of the routers’ interface IP addresses would then become the default gateway address for each host in each VLAN.

FIGURE 1.2 Router with individual VLAN associations

1. Router connecting three VLANs together for inter-VLAN communication, one interface for each VLAN.
2. Remember that a created VLAN is unused until it is assigned to a switch port or ports, and that all ports are always assigned in VLAN 1 unless set otherwise. 

Configuring Inter-VLAN

The first thing we need to do here is figure out which subnets are being used. By looking at the router configuration in the figure, you can see that we’re using 192.168.1.0 with DMZ, 192.168.1.32 with Corporate and 192.168.1.64 with Production. And by looking at the switch configuration, you can see that ports 1,2 and 3 etc are in DMZ, and port 4,5 and 6 etc is in Corporate and port 7 and 8 etc is in Production. This means that Hosts on DMZ are in VLAN 1, hosts in Corporate are in VLAN 2 and hosts on Production are in VLAN 3. Here’s what the hosts’ IP addresses should be: 

DMZ: 192.168.1.0, 255.255.255.224, default gateway 192.168.1.30
Corporate: 192.168.1.32, 255.255.255.224, default gateway 192.168.1.62
Production: 192.168.1.64, 255.255.255.224, default gateway 192.168.1.94 

This entry was posted on Sunday, January 24th, 2010 at 6:58 am and is filed under Cisco, Network, Network Performance. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.