If there is a better forum for this message please let me know.
Background:
The Existing 2 building campus contains roughly 250 computers and laptops belonging to the org and as many as 200/day personal devices with wifi capabilities that utilize the public portion of the network.
The core of the network and all of Building 1 is a HP 5412zl switch. GB service is provided to all ports with POE available where needed. One subsidiary switch in Building 2 is connected by GB fiber and is served by a 2910 48G switch.
This network has outgrown its /23 subnet in two ways. First, the allocated dhcp space for trusted devices has become too small and has twice had to expand into the static space reserved for servers, printers, and the like. Second, broadcast and flooding events have effectively DOS’d network down 4 times in the past month.
Due to new construction, the campus will be expanding to include a new building. The new building will host roughly 200 computers and laptops on the closed network and up to 100 devices on the public network on any given day. This network will be served by a 5412zl in the core and two subsidiary 5406zl devices in idf wiring closets. The ‘06s are connected to the ’12 via GB fiber and the ’12 in Building 3 will be connected to the ’12 in building 1 via GB fiber.
There are two sites in our ORG that should be tied in to this network via site to site VPN in the future.
The Problem:
Simple expansion of the /23 to a /22 might yield the address space to activate Building 3, but the problems of broadcast or flooding events would be exacerbated. It seems as though it is time to add new subnets and VLANS to this ORG. Probably past time… The question is- what is the best way to proceed?
Proposal:
VLAN# Subnet Purpose
8 *.8.0/23 Existing Building 1&2 Network. Repurposed to include most physical ports of Bldg1
10 *.10.0/24 Most Physical Ports of Building 2
11 *.11.0/24 Reserved
12 *.12.0/24 Wireless Access Points (can include feeds of public traffic) Bldg 1 &2
20 *.20.0/23 Most Physical Ports and DHCP of Building3
21 *.21.0/24 Reserved
22 *.22.0/24 Wireless Access Points in Building 3 (can include public)
100 *.100.0/24 Management
Note1: The public wireless traffic is managed Wireless Management system (Aruba) and cannot reach the closed network but necessarily travels over it from the AP to the switch and then from the switch to (generally) the internet.
Note2: The ‘12s would both carry all VLANs.
Questions:
I don’t want too many VLANS or subnets, but is this too few?
Are there any pitfalls that I should consider setting up this kind of environment on this hardware?
Any suggestions?
P.S. This thread has been moved from Comware-Based to ProCurve / ProVision-Based. - Hp Forum moderator
#5400#VLAN#subnet#5412zl#5400zl