Re: Joining Two Large Network

Bowman.NicholasW@xxxxxxxxx wrote:
Joining Two Large Network Research

I have a church I'm trying to help out with a network topology. They
have a school and a rectory they want to connect via fiber.

However, the school wants to continue with their outbound internet
connection and DHCP server. The rectory also wants to continue with
their outbound internet connection and DHCP server.

Consolidation is NOT a possibility.

My thoughts are to use existing Dell PowerConnect 5324 switches. It
has an IOS-esque interface and has a lot of power that I've never
explored.

My plan would be either:

Plan A:
Give the switch two vlans with an IP address appropriate for each
side. Add a route from the existing routers on each side to the
switch IP.

In my head, this seems like it might theoretically work but there is
the question: can the Dell 5324 route packets between vlans?

Plan B:
Give the switch two vlans with two ports in common. On the port in
common, block broadcast packets to block the DHCP.

Before someone suggest Plan C, the physical wires are spread out
accross a multi-acre facility. Handling access via wire control to a
specific port is simply impossible. Switching to static IPs and
removing DHCP is also simply not maintainable/realistic.

Anyway, after that it gets worse because they want the lans tied
together but only for a few machines to cross over between them. I've
researched that part and I can do MAC address filtering and they
understand that MAC's can be spoofed.

Any thoughts?

Thanks ahead of time.


http://www.dell.com/content/products/productdetails.aspx/pwcnt_5324?c=us&l=en&s=bsd&cs=04

That's the link I found for the Dell 5324. It says on the front page that it's a layer 2 switch. You need a layer 3 switch to route between VLAN's.

However, you can use a router to route between VLAN's with the switch you currently have. You set the port on the switch that connects to the router, as a trunk port. "Trunk" means it carries multiple VLAN's. Let the router route between them. That's what you call "Routing on a stick" :)

I'm not sure what kind of router each has at their location. Some models won't be capable of trunking. You'll have to investigate.

I just had another thought. If you only need a few machines to access the resources on the other end, just configure a remote access VPN, and install the client on those machines of users you want to have access.
.

Relevant Pages

  • Re: probably an easy routing question, so please help
    ... plugged into the same gigabit switch as Server B in Block 2 and they ... from a 10Mb link to the router and the computers are both hooked into ... not run out the 10Mb port to the router with all of its traffic, ... nodes in the two networks you don't own. ...
    (comp.dcom.sys.cisco)
  • Re: Port Forwarding
    ... (Linksys 8 Port Gigabit) ... This way i dont have to go through the router. ... or switch to a static IP. ...
    (microsoft.public.windows.server.sbs)
  • Re: Port Forwarding
    ... (Linksys 8 Port Gigabit) ... This way i dont have to go through the router. ... router, but not the switch.. ...
    (microsoft.public.windows.server.sbs)
  • Re: Port Forwarding
    ... Then port forward any traffic coming in from your DSL modem on ... that the DHCP service on the Linksys router has been disabled). ... DHCP Exclusion (SBS server). ... or switch to a static IP. ...
    (microsoft.public.windows.server.sbs)
  • Re: bridging
    ... router other than to confirm settings. ... This one does not have a DMZ port. ... the LAN port to the switch. ... >> router, the DMZ port to the LAN server, and the LAN port to the switch ...
    (microsoft.public.win2000.networking)