I inherited a mess of cable spaghetti in a multi tenant building (mostly shared internet) and I'm in the process of cleaning up the wiring and configs and had a couple questions.
The core consists of managed switches for distribution (Cisco 2960) and a layer 3 switch (4503) doing the routing.
Regarding the configs: On the distribution switch side, are there reasons to designate switchport modes as trunks (or access) and specify allowed VLANs per interface, versus allowing them to auto-negotiate? Seems to work fine when I added a new switch with minimal configuration, the trunk was recognized from the core switch with all VLANs allowed. Just needed to set VLAN access on the proper ports. On the existing switches, I would need to set the allowed VLANs on the trunk interface on both switches for it to work properly.
Part 2: There is a subleasee that has their own internet and network. The patch cables for their rooms had been removed from the main distribution switches and connected to a unmanaged switch that's nesting in the middle of all the wires. If I created a VLAN on the managed switches and did not assign that VLAN an IP, would those ports assigned to that VLAN effectively act as a dumb switch isolated from the rest of the network?
The normal configuration for tenants is that they have their own VLAN and subnet, but are not isolated at layer 3, so they share the common internet. Would connecting a second internet connection/router to the distribution switch on a VLAN with no IP assigned cause any routing problems or conflicts with the existing internet connection?
No comments:
Post a Comment