On 10/24/07, nestorwheelock <[EMAIL PROTECTED]> wrote: > > I've been making sense out of vlans and tagging packets to create > trunks. I have some printed manual pages. I'll bring them. I'll also > bring a router with OpenWRT on it. If anyone's interested I'll be > happy to show you how easy it is to flash various chipsets and void > your warranty. > > Maybe we should start with simple things like just creating different > vlans and using any existing firewalls/proxies as they are before we > look into messing with the integrity of the various other network > segments. Figuring out and labeling where everything goes would be > another good step. I have a couple good books on Lan Wiring I'll show > you Robert. > > I want to know more about the network's current functional > requirements with an eye to the future for the networks potential needs. > > I'd also think it'd be cool if any real network engineers would step > up. Surely on this list?
Just to toss this out there.. VLAN tagging and trunks and all that are nice, however you're talking about adding another level of complexity that may not be required/possible/necessary for our current environment. I've been out of the loop for a while, but I think I still understand at least some of the basic requirements, along with the type of equipment that ByteWorks has to play with. If you seriously want to get into using VLAN tags and such, you're going to need "managed" switches, which require someone login and move ports from one VLAN to another and such, based on requirements. While it gives you maximum flexibility, it requires a caliber of equipment that may not be available, as well as the skills to properly utilize and troubleshoot that type of environment. A less elegant solution, but much simpler from a "volunteer" standpoint, is the use of dedicated switches/hubs for specific networks. No logging in to switches, no questioning which "VLAN" something is on, etc. Just label each switch as "classroom switch #1" or "build switch #3" or whatever, and uplink the switches back to the right interface on the firewall/router box (or another switch on the same network). Of course, this means your firewall/router box will need one interface for each network (and probably one for the incoming Internet connection as well), but that one box is the only place you need to worry about that sort of thing. Also, if a switch fails, you simply just replace it with another switch. No worrying about which port is configured on which VLAN, just pop it in and call it a day. My two cents. -- Don Head [EMAIL PROTECTED]
