Re: Joining Two Large Network

On Jun 1, 12:58 am, "Phillip Windell" <philwind...@xxxxxxxxxxx> wrote:
My reply is going to be a little different.

You don't need VLans nessessarily, but they can be used. Just so you understand
that they aren't a "requirement",..only an unrelated option. You can not use a
Switch,..it requires a Router,...this can be a Layer3 Switch which is really
nothing more than a Layer3 Router and a Layer2 Switch built into the same piece
of hardware. The "router interfaces" of a Layer3 Switch are created with VLans
internally which "group" selected Layer2 ports on the Switch into a single
Layer3 Router Interface,..but the VLans don't have to extend out beyond that
device unless there is a real reason to do so.

The rest is fairly simple although a lot of people may not notice it (no offense
to anyone).
Since each "side" wants to keep their own internet connection that creates some
issues. DHCP is no issue at all,..but each side does have to use a different
subnet, and I am operating on the assumption that this is already the case. You
will need each side to keep using their Internet Device as their Default Gateway
as they probably already are doing. Then each Internet Device will have to have
a static route configured to tell it that the "path" to the opposite subnet is
the LAN Router that sits in the logical center. Also, it is *very* important
that both Internet Devices be configured with both subnets as the "internal"
private network, even if they don't provide any service to the opposite subnet.
If they can not do that and also accept a static route, then they will have to
be replaced.

All done, that's pretty much it.

You cannot make the LAN Router everyone's Default Gateway because that will mean
the LAN Router will then have to use one of the Internet Devices as its Default
Gateway, and you can only choose one, which causes everyone to use the same
internet connection,..which isn't what they want. However some Routers may be
able to choose from more than one Gateway depending on the location of the
source of the traffic (called Source Routing), but off the top of my head I
don't know how that would be done.

If you stick with what I described, it will be simple to deal with.

--
Phillip Windellwww.wandtv.com

The views expressed, are my own and not those of my employer, or Microsoft, or
anyone else associated with me, including my cats.
-----------------------------------------------------

<Bowman.Nichol...@xxxxxxxxx> wrote in message

news:1180644808.737504.67890@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Joining Two Large Network Research

I have a church I'm trying to help out with a network topology. They
have a school and a rectory they want to connect via fiber.

However, the school wants to continue with their outbound internet
connection and DHCP server. The rectory also wants to continue with
their outbound internet connection and DHCP server.

Consolidation is NOT a possibility.

My thoughts are to use existing Dell PowerConnect 5324 switches. It
has an IOS-esque interface and has a lot of power that I've never
explored.

My plan would be either:

Plan A:
Give the switch two vlans with an IP address appropriate for each
side. Add a route from the existing routers on each side to the
switch IP.

In my head, this seems like it might theoretically work but there is
the question: can the Dell 5324 route packets between vlans?

Plan B:
Give the switch two vlans with two ports in common. On the port in
common, block broadcast packets to block the DHCP.

Before someone suggest Plan C, the physical wires are spread out
accross a multi-acre facility. Handling access via wire control to a
specific port is simply impossible. Switching to static IPs and
removing DHCP is also simply not maintainable/realistic.

Anyway, after that it gets worse because they want the lans tied
together but only for a few machines to cross over between them. I've
researched that part and I can do MAC address filtering and they
understand that MAC's can be spoofed.

Any thoughts?

Thanks ahead of time.

Thanks guys for all your help and advice.

.

Relevant Pages

  • Re: probably an easy routing question, so please help
    ... I've just realized that VLANs don't just divide subnets, ... router) I won't need to use a Layer 3 switch at all. ... both /28s are configured on the same Enet port, with proxy ARP enabled. ...
    (comp.dcom.sys.cisco)
  • Re: Trouble obtaining IP address
    ... So some internet providers will not ... On newer systems, you have to power cycle the cable modem to make it work reliably, with a pause of about a minute between off and on. ... This is what the "clone MAC address" function on routers is for - you log into the router from the system that was originally connected to the cable modem, ... >said I cannot switch Ethernet cable from one computer to another and>expect ...
    (microsoft.public.windowsxp.network_web)
  • RE: Clueless firewall configuration ?
    ... the internet accessible segments need to be ... vlans, but I'm OK with all the DMZ vlans being on the same switch, and ... all the internal DMZs on another switch. ... ClickToSecure) or an enterprise software (Cenzic Hailstorm). ...
    (Pen-Test)
  • Re: Joining Two Large Network
    ... The "router interfaces" of a Layer3 Switch are created with VLans ... will need each side to keep using their Internet Device as their Default Gateway ...
    (microsoft.public.windows.server.networking)
  • Re: [SLE] Question about net connection/sharing
    ... >>> My girlfriend recently got satellite internet. ... >> There is a big difference in a hub, a router, and a switch. ... Maybe I assumed there was a firewall installed? ...
    (SuSE)