Different subnets to access 1 server farm

[bunto]

hi, i am an internee in a network with almost 500 clients and 20
servers of different types
- the network is not subnetted and they are using a class B address for
all the building and i am given a task to devise a plan to subnet all
the departments.

------ we have 2 dns servers and no DHCP server , but we are planning
to deploy DHCP as well
------ we have a layer 3 switch still boxed with almost 12 gig bit
ports ...
- the problem is that they all share the same servers with layer 2
switches
- and if i give them different subnet addresses then i have to assign
all the ip addresses to every network card in every server (if its
stupid then remember m an internee)
- this way it will slow down the network
- is there any other way to fix this other than assigning almost 15 ip
addresses to every server ???

waiting anxiously for a solution

thanx in advance

 

[Kurt]

That's the whole point of the layer three switch. A layer three switch is a
router. Depending on the brand, you can have router interfaces on Ports and
either VLANs or virtual interfaces associated with a VLAN. All you have to
do is designate a VLAN for each department, assign the proper number of
ports for each department (or add a workgroup switch before your Layre-3
backbone switch) to that VLAN, assign each VLAN a router Interface on a
subnet of our choosing along with all the workstations, and set the IP
address of the router interface as the workstations default gateway. If all
need Internet, you'll also need a static route on your Internet gateway
router pointing back to the other networks via the layer-3 switch. Send me
an email, I'll draw you a picture.

....kurt

 

[bunto]

yeah but is there any way that i cud implement the VLANS without the
layer 3 switch and by only using the layer 2 switches and the servers
...........

thanx alot

 

[bunto]

to be more precise ....... i want inter VLAN communication without the
layer 3 switch in a windows server environment ........

thanx

 

[Kurt]

Then why mention that you have a layer-3 switch "still in the box"? It seems
obvious that the layer-3 switch is exactly what you need (and probably why
it was purchased in the first place - they're not cheap, I doubt it was
purchased as a shelf ornament). If you don't want to use your new switch,
you'll need a multi-port router or a sub-interfaced router in a "one armed"
configuration. If you want to maintain gigabit speeds forget about anything
in a basic router. The L-3 switch will route just as fast as it will switch.


########################################
Segments
A(VLAN 10) B(VLAN 20) C(VLAN 30)
192.168.0.0/20 192.168.4.0/20 192.168.8.0/20
| | |
Workgroup Sw Workgroup Sw Workgroup Sw
\ | /
\ | /
192.168.0.1 \ 192.168.4.1 /192.168.8.1
Layer-3 Backbone Sw
Default GW 192.168.254.2
| 192.168.254.1/30
|
192.168.254.2/30 |
Internet Router
Static route to 192.168.0.0/18
via 192.168.254.1

Odds are your Layer-3 switch can also be configured as your NAT and
firewall..

 

[Kurt]

You can implement VLANs with a smart enough layer-2 switch, but you'll still
need routers to route between the VLANs. You could put a NIC in every server
for every VLAN, but that causes problems if your server are domain
controllers.

....kurt

 

[bunto]

my network shud look like this w/o adding the layer 3 switch

172.16.2.0 172.16.3.0 172.16.4.0
\ | /
\ | /
\ | /
\ | /
domain controller
172.16.1.0
255.255.255.0

i want user and dns authentication like this ...... is it possible

 

[Kurt]

Nope. Won't work.