:::::EDIT::::: Just moving the TL;DR to the top for easy access!
TL;DR
two subnets and SIP interface on two different circuits, same building, consolidating to single circuit, how is this achieved using VLAN's in an HP Switching environment?
Thanks to anyone who takes the time to read and respond (even if its just to tell me to never touch a switch again! :-P)
Hi guys,
This is my first time posting here in the networking sub. I’m 5 years into my I.T. Career and a helpdesk and infrastructure manager.
With that out of the way I wanted to ask you guys for some help on whether or not my thinking is correct on this design I have for our HQ site and if the technical side of it makes sense.
currently, we have two circuits that hit this location, one is a 45mb DS3 and then the other is a 100mb Ethernet circuit with our SIP traffic being delivered through the 100mb this as well. both are on our MPLS network and this is all managed by our provider up to the routers on site, anything LAN side is on us (me).
the 45mb circuit is our primary connection at the HQ and has the primary Subnet of 10.136.200.0/23 coming off of a Cisco 2951.
the 100mb circuit is currently only in use by our Office Accesspoints with a Subnet of 10.136.248.0/22. this comes off of a Cisco 3900 series(I dont remember the exact model number off the top of my head) with one port being for data which has an interface IP of 10.136.251.254 and then our SIP interface comes off of a different port with an interface IP of 10.136.201.223. I have the SIP interface connected to a switch on the subnet that uses the 45mb circuit and our ShoreTel PBX connects to that SIP interface for our phones.
dont worry, im well aware that this design is not bright in the least (feel free to tell me how stupid it was that I had it done that way) it was meant to be temporary but there have been alot of things going on at the company that prevented me from really taking hold of this project.
I purposely made the subnet for the 100mb connection a /22 as I have a need to expand our subnet as the number of devices at this location has increased greatly in the past couple of years, so much so that I run into DHCP pool issues where it doesnt have any more addresses to give out.
ultimately I want both subnets and the SIP interface to come through this 100mb circuit and in my mind VLAN's is how this should be accomplished but im not sure what the technical side of it will look like on my LAN side switches and also on what to direct our provider to do with the router. unfortunately my networking skills are only enough to get myself into trouble and while I thought I understood how to setup VLAN's after a failed cutover yesterday this has me back to the drawing board.
on to the equipment!
on the LAN side we use all HP Switches, though its a mix of switches, none of which are the fully managed switches, instead they range from:
HP ProCurve 1810G - 24 GE
HPE 1920-48G-PoE+
HPE 1920-24G-PoE+
HPE OfficeConnect 1950-48G-2SFP+-2XGT-PoE+
for the HPE devices I do log in using the CLI and use those super ultra secret HPE passwords to program them :-P for the 1810 Procurve devices its all GUI based.
in my head, what I was thinking was to have the Provider bring both subnets down to a single connection coming off of the Cisco 3900 and VLAN them, with VLAN 40 being the 10.136.200.0/23 subnet and VLAN 50 being the 10.136.248.0/22 subnet. SIP would still be delivered from a separate port and can terminate on an access port for VLAN 40 (though I still feel like im handling the SIP interface like a moron so any suggestions on this front would be greatly appreciated!) the reason for the two separate subnets is that the 200.0 subnet will have all of our servers and printers and the 248.0 subnet will be used for all clients at that location.
on the switch side, the first switch that is connected to the Cisco 3900 for Data is an HP ProCurve 1810 24g, my assumptions on how this setup should look are, add VLANs 40 and 50 to switch, change the management VLAN ID to 40 (not sure if that is necessary) and because this is the switch that all of the other switches in the data room connects to would that mean that all ports should be set to Untagged for VLAN 40 and Tagged for VLAN 50? if not, what is the proper way to set this up? and for the other switches, the specific port that is used to connect to this backbone switch, its my understanding that those ports would need to be set as Trunk ports with both VLANs permitted? also, for all of the switches that the clients connect to because the device on the other end is either going to be on the client network or on the infrastructure network do I just set the port as an "access port" to its respective VLAN? (untagged for that specific VLAN and exclude the other VLAN on the HP Procurve 1810 GUI)
I realize this post is most likely too long for what the situation is but Im just making sure I include as much information as possible. regardless:
No comments:
Post a Comment