hi everybody, i now work for a company that started small and grew in the last few years, but the former sysadmins (external company) just did a crap job and put literally everything in the same 192.168.0.0 subnet.
currently, there is 1 cluster with 2 nodes, 1 san, 1 server outside the domain, 2 NAS, and a lot of workstations, printers, and various assorted devices.
the cluster has a slew of virtualized machines: 2 Win2012r2 DCs, 1 Exchange 2016 and others, last but not least a virtualized pFsense which is used as the main and only gateway.
now, this is horrendous to me. but untangling this mess is not easy. I was thinking about sectioning everything with VLANs, something like this:
- physical servers , san, nas
- virtual servers
- workstations, printers
- other stuff connected to the network (like pbx, dvr, etc)
would that make sense? i don't particularly like the idea of routing everything through the virtual pFsense tho... and i don't think buying a L3 switch or a physical firewall is much of an option now...
No comments:
Post a Comment