Cisco VLAN Questions (CCNA Study)

[Phobos1821]

Here are a few questions. Any help would be appreciated. I am studying for my CCNA, and have a few basic questions about VLAN's.

I currently administrate a 70 workstation network with 6 Cisco 2900 series switch, and a 2600 series router in a w2k ad network. I am considering VLAN'ing to segement the network into different broadcast domains, but am running into some difficulty with my studying.

1: If I create multiple VLANs, how would my AD/DHCP Server be a member of multiple VLANs? It is a Compaq DL360G2. How would it know to give IP addresses to different subnets?
2: How can I make a server a member of multiple Vlans? I know I can add the servers switch port to the trunk if it is ISL capable, but how would I program that in the switch, and is the DL360G2 NIC capable of this? Any setup required on the server?
3: Is it easier to create a "Server VLAN", and forward all VLANS to it? If that is the case, how do I setup that VLAN to accept traffic from all other vlans?
4: Our router just connects us to the internet, and it is IP Classless, so how can i configure it to accept traffic from all the vlans? just add secondary ip addresses to the interface so it can become a member of all vlans? and then set the gateway through dhcp so it can access it?

Any help would be appreciated. Thanks for looking.

 

[vipergg]

First if you only have 70 users you don't need to segment them into multiple vlans , this would be overkill . Unless you have really heavy usuage it's not needed , use one vlan .If you use more than 1 subnet(vlan) then just create the subnets on your router and run the connection down to the 2900 that want it on . Decide which subnet you want your dhcp server on , give it an address then add your ip helper statements to the ethernet interface on your router that needs dhcp support . Remember to get between subnet(vlans) it has to be routed . You don't need to trunk anything . If you have a routing protocol turned on then the router will know where to send the internet traffic , most internet connections you will want some kind of protection whether it be a firewall , access-list or whatever to protect yourself from the outside bad guys , NEVER leave an internet connection wide open .

 

[baddos]

vipergg is right, you really don't need multiple vlans for your network. If you do decide to do that, a 2600 router will barely perform the job. It isn't designed to be a inter-vlan router and will give you terrible performance, especially with a Win2k network. You would be better off buying a Cisco 3550 switch that can do the routing if you want to use multiple VLANs.

Microsoft's DHCP service will be able to give out IP address for other VLANs without being on them itself. vipergg pointed out that if you use the ip helper xxx.xxx.xxx.xxx command, the router will forward the DHCP request to your server. Your server will see the IP of router, and know which DHCP scope to give the client an IP for.

As a general rule of thumb, here's how you would go about creating VLANS.

VLAN 1 Management VLAN only. No Hosts
VLAN 2 Servers/Internet Routers
VLAN 3 User's/Departments/Floors/Buildings
VLAN 4 Same as 3
.....

Generally with the old 2900 switches, you want to keep their management interfaces on vlan1 away from general network traffic. The CPU's on the old switches proccess switch every frame they get for their local address, and with every broadcast they have to inspect the packet and make a decision. This can make the 2900s slow down. It generally isn't an issue on the new switches.

 

[neutec]

Hello,
I have a question on vlan's. I was thinking of splitting my network into multiple vlans as well. I work for a printing company that transfers very large files between workstations and printing presses. I have a total of 85 workstaions. I have divided my network into three sections, Sales, Production and Design. Each section has its own 10/100 switch with a gigabit backbone connecting them together. would vlans improve my network? Will limited the broadcast help improve the network?

Thanks