I'm a Microsoft consultant and work mainly with client management and related infrastructure. I think I have a fairly robust understanding of networking as well, but I ran into a network design at a customer recently which felt a bit flawed to me and they failed to explain the benefits of doing it that way that would outweigh my perceived drawbacks. So I thought I'd post here and get some other perspectives on it. I've simplified the example to get at my question. The environment in question had more sites and a lot more VLANs and subnets.
You have two sites connected through a WAN-link and each site has servers and clients.
You want to separate clients and servers putting them on different subnets and you want to segment your network so you create two VLANs at each site, on for clients and one for servers and route the traffic between them.
At this client, they had elected to use the same VLAN id at both sites for the two network types. So the client network in site A and site B were different subnets but the same VLAN id.
The main argument they had was that it reduced the number of VLANs in the environment and simplified management.
My argument against was that it caused a bit of confusion and also prevented tagging a port in Site A with the client network of Site B for testing purposes.
Any experienced network engineer who can talk about pros and cons and why one design is preferable over the other?
No comments:
Post a Comment