Sign in to follow this  
Followers 0

Vlan to separate VOIP from PC's

21 posts in this topic

Posted

I've just started a new job and I've immediately been tasked with setting up a vlan within the network and unfortunately this is not my field of best expertise (networking as a whole - I'm ###### at it).

 

The final objective would be to separate off the voip phones from the client PC's. Future will be to separate off cctv into their own vlan (but that's a different post for a different time).

 

192.168.1.1 --> 192.168.1.49 - reserved for networking devices and servers.

192.168.1.50 --> 192.168.1.99 - reserved for VOIP telephony.

192.168.1.100 --> 192.168.1.200 - reserved for DHCP, over ethernet and wireless via 2 access points.

192.168.1.201 --> 192.168.1.253 - reserved for printers and CCTV.

192.168.1.254 - reserved for main router.

 

Switches connecting the phones and computers are Netgear GS108T - fully managed (so capable of vlan?)

 

If you need any more info, I'll gladly list off the other devices.

 

What method would you recommend? tagging or port? Is one method outdated?

1 person likes this

Share this post


Link to post
Share on other sites

Posted

You do understand your breaking up your network at non subnet borders.. There is no mask that breaks up a network at those numbers.  Seems more like address management inside 1 /24 vs actual vlans or network segments / subnets.  Which sure you can use what specific address in a segment for specific things but that is not vlans.

 

A /27 would give you 30 useable addresses, and /26 would give you 62.. There is no real easy simple way to breakup your network into those numbers.  But why are you limiting yourself to 1 /24?  That is rfc1918 space why not just use multiple /24's to make it simple to easy see the borders.  Keep in mind for every subnet/segment/vlan you break out your going to loose the wire and the broadcast in that segment.  You need to keep that in mind when subnetting say a /24 into smaller segments.  I really suggest you KISS

 

192.168.1.0/24 - network equipment and routers (infrastructure)

192.168.2.0/24 - VOIP

192.168.3.0/24 - Printers

192.168.4.0/24 - CCTV

192.168.5.0/24 - Wired clients

192.168.6.0/24 - Wireless

 

Just quick off the top, you could combine those if you wanted like wireless and wired on same segment via AP, etc.

 

As to tagging or ports - that would depend on what network equipment are you working with..  You could do it completely physical where you use dumb switches for each network segment, and just your core switch/router has to have interfaces on the different network segments.  Or you could just vlan with tags if your switches support it.

 

What network hardware do you have, router, switches make and models?

 

BTW here is a great cheatsheet for subnets you might want to print out and post on your office/cube wall, etc.

 

http://media.packetlife.net/media/library/15/IPv4_Subnetting.pdf

 

post-14624-0-10446800-1391611085.png

2 people like this

Share this post


Link to post
Share on other sites

Posted

Under Construction - Geez I'm such a retard.

Share this post


Link to post
Share on other sites

Posted

So per your pm you want me to dumb it down more..  But not sure where your confused..  Do you not know what a subnet is?  Or what a mask is?

 

What equipment are we working with? 

 

So if I give you an address like 192.168.1.0/24 - do you not know what that means, what about say 192.168.1.128/25

 

What is say 192.168.0.127/25 ?

 

I am more than happy to go over basic network with you or anyone - but how basic do we have to take it?

2 people like this

Share this post


Link to post
Share on other sites

Posted (edited)

So per your pm you want me to dumb it down more..  But not sure where you're confused..  Do you not know what a subnet is?  Or what a mask is?

 

What equipment are we working with?

 

Ok, scrap what I was going to post above.

 

I understand what a subnet is, but not a mask.

 

The equipment in the cabinet and various other places is:

 

1. Patch panel

2. Avaya 1152A1 PDU- for Cisco phones & POE AP's

3. Netgear Prosafe SRX5308 Firewall

4. Thomson Speedtouch Gateways - x4

5. Bonded internet gateway

6. Netgear Prosafe 24 Port Smart Switch GS724T

 

Under each desk, there is a Netgear GS108T managed switch... And 2 POE AP's across the building.

 

So if I give you an address like 192.168.1.0/24 - do you not know what that means, what about say 192.168.1.128/25
 
What is say 192.168.0.127/25 ?
 
I am more than happy to go over basic network with you or anyone - but how basic do we have to take it?

 

 

That is what it draws a blank. I did this is CCNA1 however I really fully understood it.
Edited by djdanster

Share this post


Link to post
Share on other sites

Posted

K.I.S.S! ditch 192.168.whatever and go for 10.0.x.x/24 simpler to type and remember!

10.0.0.0/24 - network equipment and routers (infrastructure)
10.0.1.0/24 - VOIP
10.0.2.0/24 - Printers
10.0.3.0/24 - CCTV
10.0.4.0/24 - Wired clients
10.0.5.0/24- Wireless

Think of these subnets as separate networks/switches that need to be plugged into a router or secure gateway.

Share this post


Link to post
Share on other sites

Posted

You do understand you're breaking up your network at non subnet borders.. There is no mask that breaks up a network at those numbers.  Seems more like address management inside 1 /24 vs actual vlans or network segments / subnets.  Which sure you can use what specific address in a segment for specific things but that is not vlans.

 

A /27 would give you 30 useable addresses, and /26 would give you 62.. There is no real easy simple way to breakup your network into those numbers.  But why are you limiting yourself to 1 /24?  That is rfc1918 space why not just use multiple /24's to make it simple to easy see the borders.  Keep in mind for every subnet/segment/vlan you break out your going to loose the wire and the broadcast in that segment.  You need to keep that in mind when subnetting say a /24 into smaller segments.  I really suggest you KISS

 

I don't quite understand this.

 

192.168.1.0/24 - network equipment and routers (infrastructure)

192.168.2.0/24 - VOIP

192.168.3.0/24 - Printers

192.168.4.0/24 - CCTV

192.168.5.0/24 - Wired clients

192.168.6.0/24 - Wireless

 

Just quick off the top, you could combine those if you wanted like wireless and wired on same segment via AP, etc.

 

Sorry, yes what is in the OP is what it's currently like, not what I want the final project to end up with. What you have listed is ideal. I'd probably still keep the wireless and wired together on one segment.

 

As to tagging or ports - that would depend on what network equipment are you working with..  You could do it completely physical where you use dumb switches for each network segment, and just your core switch/router has to have interfaces on the different network segments.  Or you could just vlan with tags if your switches support it.

 

I'd prefer is I could keep the current equipment, so what ever's compatible with the hardware.

 

What network hardware do you have, router, switches make and models?

 

Equipment is listed in the post above.

 

BTW here is a great cheatsheet for subnets you might want to print out and post on your office/cube wall, etc.

 

http://media.packetlife.net/media/library/15/IPv4_Subnetting.pdf

 

attachicon.gifipv4subnet.png

 

Cheers, I've printed this off!

K.I.S.S! ditch 192.168.whatever and go for 10.0.x.x/24 simpler to type and remember!

10.0.0.0/24 - network equipment and routers (infrastructure)

10.0.1.0/24 - VOIP

10.0.2.0/24 - Printers

10.0.3.0/24 - CCTV

10.0.4.0/24 - Wired clients

10.0.5.0/24- Wireless

Think of these subnets as separate networks/switches that need to be plugged into a router or secure gateway.

 

I've seen this before and it looks a lot cleaner that what we currently have 192.168.1.x...

Share this post


Link to post
Share on other sites

Posted

I just want to add that you should use something other than 192.168.1.0 simply to avoid any IP conflicts with devices that anyone in the company could plug in.

Share this post


Link to post
Share on other sites

Posted

I just want to add that you should use something other than 192.168.1.0 simply to avoid any IP conflicts with devices that anyone in the company could plug in.

Would the dhcp not stop this from conflicts?

Share this post


Link to post
Share on other sites

Posted

Ok 10.0 is easier to type I will give you that ;) heheh

 

"Under each desk, there is a Netgear GS108T managed switch"

 

What??  Why?

 

As to you know what a subnet is - but you don't know what a network mask is?  So 255.255.255.0 confuses you?  That is the same as /24

 

4. Thomson Speedtouch Gateways - x4

5. Bonded internet gateway

 

So you have 4 internet connections -- that you load balance with?  So what your current network landscape -- just the 1 192.168.1.0/24?

1 person likes this

Share this post


Link to post
Share on other sites

Posted

If someone went out a got a Linksys AP or whatever and it had a default IP of 192.168.1.1 and say your firewall was .1.1, there would certainly be a conflict and DHCP would not be involved at all. Further, depending on what device is hosting DHCP, if they did the same with a router, your DHCP server could see that router is also a DHCP server and turn itself off to avoid conflict. Just food for thought.

Share this post


Link to post
Share on other sites

Posted

And someone plugging in network gear to your network is a problem on its own let a lone conflict with your IP space.

 

In my example the 192.168.1.0/24 if for infrastructure, not ports on the floor - so even if users plugged the lan port of their linksys router into the port at their desk.  It would not be on a 192.168.1.0/24 network - so no conflict.  Are you saying users are getting into the computer room/DC and plugging their home hardware into switches there that are on the 192.168.1.0/24 network?? ;)

 

Your point is valid if your on a flat network that is only the 192.168.1.0/24 for everything and the ports the users have access to would be on that network - and then your not running any sort of nac or nap or even port security..  What sort of company would allow users to plug in equipment to a port?  At min there should be port security setup so if the user unplugs their PC/Laptop they can not plug in something -- that would prevent your scenario where someone plugs in something that conflicts with your routers IP ;)

 

Les say your small, etc.. and user plugs in something that takes down your network..  Wouldn't that user be let go, or atleast shamed on the common area wall for all other users to see and prevent that from happening again ;)

Share this post


Link to post
Share on other sites

Posted

And someone plugging in network gear to your network is a problem on its own let a lone conflict with your IP space.

 

In my example the 192.168.1.0/24 if for infrastructure, not ports on the floor - so even if users plugged the lan port of their linksys router into the port at their desk.  It would not be on a 192.168.1.0/24 network - so no conflict.  Are you saying users are getting into the computer room/DC and plugging their home hardware into switches there that are on the 192.168.1.0/24 network?? ;)

 

Your point is valid if your on a flat network that is only the 192.168.1.0/24 for everything and the ports the users have access to would be on that network - and then your not running any sort of nac or nap or even port security..  What sort of company would allow users to plug in equipment to a port?  At min there should be port security setup so if the user unplugs their PC/Laptop they can not plug in something -- that would prevent your scenario where someone plugs in something that conflicts with your routers IP ;)

 

Les say your small, etc.. and user plugs in something that takes down your network..  Wouldn't that user be let go, or atleast shamed on the common area wall for all other users to see and prevent that from happening again ;)

Hey, in a company where proper policies are in place backed up with HR, certainly you would be spot on. And very good point about plugging in on the floor and being on a different VLAN and thus a non-issue - if VLANs are in place.

Share this post


Link to post
Share on other sites

Posted

Ok 10.0 is easier to type I will give you that ;) heheh

 

"Under each desk, there is a Netgear GS108T managed switch"

 

What??  Why?

 

As to you know what a subnet is - but you don't know what a network mask is?  So 255.255.255.0 confuses you?  That is the same as /24

 

4. Thomson Speedtouch Gateways - x4

5. Bonded internet gateway

 

So you have 4 internet connections -- that you load balance with?  So what your current network landscape -- just the 1 192.168.1.0/24?

 

I have no idea why the other guy put them in. Wouldn't a basic unmanaged switch done the job?

 

So the /24 defines that I can have a max of 256 addresses (ref that pdf)? How is that possible? I thought the max it could do was 255? Does it spill into the next 192.168.2.x? This is exactly what I didn't understand when I did my ccna1.

 

Correct. I have 4 internet connections that are load balanced. Currently, just 1 192.168.1.xxx network. It's only a small office/warehouse.

Share this post


Link to post
Share on other sites

Posted

I have no idea why the other guy put them in. Wouldn't a basic unmanaged switch done the job?

 

So the /24 defines that I can have a max of 256 addresses (ref that pdf)? How is that possible? I thought the max it could do was 255? Does it spill into the next 192.168.2.x? This is exactly what I didn't understand when I did my ccna1.

 

Correct. I have 4 internet connections that are load balanced. Currently, just 1 192.168.1.xxx network. It's only a small office/warehouse.

256 addresses including .0 and .255. 255 is broadcast. Not a valid IP to use. 254 usable.

1 person likes this

Share this post


Link to post
Share on other sites

Posted

What about the smart switches at each desk - I bring this up because for one it doesn't seem cost effective unless your doing something that would require more advanced features like rate limiting a connection, vlans, etc.

 

If your doing anything with vlans now on these switches that will need to be taken into consideration with any changes to your network.

 

Part of the reason I posted the subnet cheatsheet is it gives bot the CIDR form of the mask, and the old school method of say 255.255.254.0 for say a /23

 

And yes as Xenosion pointed out every network be it a /24 or a /30 is going to have what you call the wire or network address -- does not always .0, that is for a /24 or other networks that start at that boundary point.

 

But in my 192.168.1.127/25 example - that would be the broadcast address of a 192.168.1.0/25 network.

 

So if all your using is 192.168.1.0/24 currently - your example of using .1-49 for networking equipment is fine if your going to use just 1 segment /24 -- but if what you want to do is isolate these networks, then there is no real way to break up a /24 where you would have .1-.49 as host addresses.  You could do a /27 that would give you .1 to .30, or you could do a /26 that would give you .1 to .62

 

So what your going to need to do since you seem to have a router that bonds your internet pipes into a bigger one, or failsover or loadbalances, etc.  Your going to need something that will be the gateways for all your different vlans.. I will have to look up the specs of the GS724T, I would hope it can do intervlan routing.. So for example you can put IPs on it where each segments gateway sits on that switch so for example using the 10. address space that switch would have say

 

10.0.1.1

10.0.2.1

10.0.3.1

10.0.x.1

 

And all the devices on that vlan/segment would use that IP as its gateway.  Then that switch would have a gateway that sends it to your internet router doing the bonding, and then through your firewall, etc.  Or maybe you would want to use the firewall as your core connection between your segments so you could firewall between segments?

 

Let me look up the specs of that firewall and switch and could draw an example up for you.  But you really need to be clear on what a mask is and how it determines what part of the IP is network and what part is host if your going to break up your network into multiple segments.  So if that is a weak subject for you - maybe we can start another thread or PM me and we can go over it until you fully understand it, it is a basic tenet of networking.

 

edit: Just caught your comment on the gs108t - yeah basic dumb switch would normally be enough..  And much cheaper too, is there some need for so many ports at each desk?  If you needed more ports in a office, quite often the voip phones can be used to allow PC connection and phone connection over the 1 wire to the desk (typical vlan setup where phone is on network X and PC is on network Y but they run over the same wire that is trunked back to the core or closet switch).  If the user at the desk needs more for multiple PC's / device then sure it can be cheaper to put in a switch vs running more drops to the location.  But an 8 port smart switch seems a bit excessive unless you needed to break out vlans at that location?

2 people like this

Share this post


Link to post
Share on other sites

Posted

What about the smart switches at each desk - I bring this up because for one it doesn't seem cost effective unless your doing something that would require more advanced features like rate limiting a connection, vlans, etc.

 

If you're doing anything with vlans now on these switches that will need to be taken into consideration with any changes to your network.

 

Part of the reason I posted the subnet cheatsheet is it gives bot the CIDR form of the mask, and the old school method of say 255.255.254.0 for say a /23

 

And yes as Xenosion pointed out every network be it a /24 or a /30 is going to have what you call the wire or network address -- does not always .0, that is for a /24 or other networks that start at that boundary point.

 

But in my 192.168.1.127/25 example - that would be the broadcast address of a 192.168.1.0/25 network.

 

So if all your using is 192.168.1.0/24 currently - your example of using .1-49 for networking equipment is fine if your going to use just 1 segment /24 -- but if what you want to do is isolate these networks, then there is no real way to break up a /24 where you would have .1-.49 as host addresses.  You could do a /27 that would give you .1 to .30, or you could do a /26 that would give you .1 to .62

 

So what your going to need to do since you seem to have a router that bonds your internet pipes into a bigger one, or failsover or loadbalances, etc.  Your going to need something that will be the gateways for all your different vlans.. I will have to look up the specs of the GS724T, I would hope it can do intervlan routing.. So for example you can put IPs on it where each segments gateway sits on that switch so for example using the 10. address space that switch would have say

 

10.0.1.1

10.0.2.1

10.0.3.1

10.0.x.1

 

And all the devices on that vlan/segment would use that IP as its gateway.  Then that switch would have a gateway that sends it to your internet router doing the bonding, and then through your firewall, etc.  Or maybe you would want to use the firewall as your core connection between your segments so you could firewall between segments?

 

Let me look up the specs of that firewall and switch and could draw an example up for you.  But you really need to be clear on what a mask is and how it determines what part of the IP is network and what part is host if you're going to break up your network into multiple segments.  So if that is a weak subject for you - maybe we can start another thread or PM me and we can go over it until you fully understand it, it is a basic tenet of networking.

 

edit: Just caught your comment on the gs108t - yeah basic dumb switch would normally be enough..  And much cheaper too, is there some need for so many ports at each desk?  If you needed more ports in a office, quite often the voip phones can be used to allow PC connection and phone connection over the 1 wire to the desk (typical vlan setup where phone is on network X and PC is on network Y but they run over the same wire that is trunked back to the core or closet switch).  If the user at the desk needs more for multiple PC's / device then sure it can be cheaper to put in a switch vs running more drops to the location.  But an 8 port smart switch seems a bit excessive unless you needed to break out vlans at that location?

 

It's been a few days so my mind might have gone a bit fuzzy on this, but aren't we doing vlans?
 
Is this not a bit overkill? To my understanding it's just 2 subnets I need. 2 /24's should be enough right? 1 for the phones and 1 for the computers. We're only a small office with around 60 devices :)
 
Edit: If that comment about 2 /24's sounds stupid or naive then please explain :)

Share this post


Link to post
Share on other sites

Posted

"To my understanding it's just 2 subnets I need."

 

Sure you could use only 2 - but you posted this.

 

192.168.1.1 --> 192.168.1.49 - reserved for networking devices and servers.

192.168.1.50 --> 192.168.1.99 - reserved for VOIP telephony.

192.168.1.100 --> 192.168.1.200 - reserved for DHCP, over ethernet and wireless via 2 access points.

192.168.1.201 --> 192.168.1.253 - reserved for printers and CCTV.

192.168.1.254 - reserved for main router.

 

Which you can not do such a breakup with vlans in the first place.  Since your breaks are not at subnet borders.

 

There is a big difference between 1 flat network, and a segmented network.  Each segment has to have a gateway off, so it can talk to the other vlan or the internet.  So where is that root going to be, at a core switch at your router?  Where are you going to do the split.  Are you going to trunk to every desk area?  Or have 2 physical networks for each vlan, or combination where you trunk to a core switch and then vlans broken off from that one but still physical wires to the phone and pc.  You going to leverage that smartswitch in each desk to breakout the vlans - you going to use the phone?

 

If my example talked about more than 2, just use 2

 

10.0.1.0/24

10.0.2.024

 

Does not matter if you have 2 or 1000 vlans - the basic still have to be there.  Where is the root of your vlans going to be, at the router or the switch..  How is your physical network configured now - you mention smart switches at every desk..

 

post-14624-0-18410500-1392213912.jpg

 

So above you see your vlans as complete physical networks.  While the one of the right you it is shared connections until you break out the vlans to their own specific ports..  Depending how your currently wired or plan to wire your network would help determine the route you take.

 

Segmenting up a network requires a understanding of multiple things, not just what a subnet is.  I am concerned that if you did not even know that the term mask meant this project is a bit over your head.  When is the deadline?  More than happy to help you along..  Can you provide a network diagram of your current network?

 

Where is your root in your network, the router or smart switch you have already - does it do intervlan routing - so example

 

post-14624-0-51004100-1392214665.png

 

If desktop in wants to talk to desktop in area 2 - does it traffic have to go all the way back to the router, or can the switch route be the gateway off each vlan?  And then the only when traffic is going to other networks or internet does it send the traffic to the router via a different vlan.

 

Keep in mind if you trunk and tag and use shared connections for both your desktop and phones - most likely your going to want to run some QoS -- or if billy is moving a large file to or from the server say the phone conversations of everyone along the path that his traffic takes might be effected.  Where if you have physical segments and traffic doesn't share layer 1 you are less likely to run into such problems.  There is more to segmenting a network than just knowing what the term subnet means ;)

Share this post


Link to post
Share on other sites

Posted

"To my understanding it's just 2 subnets I need."

 

Sure you could use only 2 - but you posted this.

 

192.168.1.1 --> 192.168.1.49 - reserved for networking devices and servers.

192.168.1.50 --> 192.168.1.99 - reserved for VOIP telephony.

192.168.1.100 --> 192.168.1.200 - reserved for DHCP, over ethernet and wireless via 2 access points.

192.168.1.201 --> 192.168.1.253 - reserved for printers and CCTV.

192.168.1.254 - reserved for main router.

 

Which you can not do such a breakup with vlans in the first place.  Since your breaks are not at subnet borders.

 

Well all the breaking up is at the moment is static IP's for the networking equipment, server, voip, printers, cctv and the router. The DHCP is limited to using 192.168.1.100 to 192.168.1.200.

 

 

There is a big difference between 1 flat network, and a segmented network.  Each segment has to have a gateway off, so it can talk to the other vlan or the internet.  So where is that root going to be, at a core switch at your router?  Where are you going to do the split.  Are you going to trunk to every desk area?  Or have 2 physical networks for each vlan, or combination where you trunk to a core switch and then vlans broken off from that one but still physical wires to the phone and pc.  You going to leverage that smartswitch in each desk to breakout the vlans - you going to use the phone?

 

The way it's currently set up is, 1 cable comes into the smart switch (2 per desk) on each desk (2 desks) and goes to 5 computers per desk... if that helps  :blush: 

 

 

If my example talked about more than 2, just use 2

 

10.0.1.0/24

10.0.2.024

 

Does not matter if you have 2 or 1000 vlans - the basic still have to be there.  Where is the root of your vlans going to be, at the router or the switch..  How is your physical network configured now - you mention smart switches at every desk..

 

attachicon.gifphsyicalvstrunk.jpg

 

The one on the right in the current config for each desk.

 

So above you see your vlans as complete physical networks.  While the one of the right you it is shared connections until you break out the vlans to their own specific ports..  Depending how your currently wired or plan to wire your network would help determine the route you take.

 

Segmenting up a network requires a understanding of multiple things, not just what a subnet is.  I am concerned that if you did not even know that the term mask meant this project is a bit over your head.  When is the deadline?  More than happy to help you along..  Can you provide a network diagram of your current network?

 

Yeah, you're correct... this is way over my head however my manager said to "give it a go anyway". Which is fine for me as it's a learning experience :). Deadline doesn't seem to be much of a concern.

 

My manager created a network map on Spiceworks a while ago and it's still correct. Here's the link to a PDF export of the network map: http://sdrv.ms/NCAu2c. Sorry it's kinda badly done but you get the picture.

 

Where is your root in your network, the router or smart switch you have already - does it do intervlan routing - so example

 

attachicon.gifexampleswitchroot.png

 

Currently it's just being used as a simple switch, default config as far as I can tell.

 

If desktop in wants to talk to desktop in area 2 - does it traffic have to go all the way back to the router, or can the switch route be the gateway off each vlan?  And then the only when traffic is going to other networks or internet does it send the traffic to the router via a different vlan.

 

Keep in mind if you trunk and tag and use shared connections for both your desktop and phones - most likely you're going to want to run some QoS -- or if billy is moving a large file to or from the server say the phone conversations of everyone along the path that his traffic takes might be effected.  Where if you have physical segments and traffic doesn't share layer 1 you are less likely to run into such problems.  There is more to segmenting a network than just knowing what the term subnet means ;)

 

QoS is a whole other thing I'm going to need help with ;)

Share this post


Link to post
Share on other sites

Posted

So the one on the right, but your only on 1 network segment 192.168.1.0/24  So there is no trunking and no other network address space being used - only 192.168.1.0/24

 

So that drawing is horrific ;)  I assume that is showing your layer 1 connections - you have clearly some loops there if not running STP..

 

post-14624-0-57225900-1392227363.png

 

So I have to assume these are switches - and they have multiple connections to the other switches?

 

So there is 2 smart switches at each desk, and then multiple computers and phones?  Of each switch?  Or just 1 phone in each desk area?

 

First thing I would do is get a detailed layer 1 drawing showing what is connected to what which ports, etc. A good layer 1 drawing should be the first thing on the list to do.  Then once you understand your current connections you can fix them up and plan for segmentation of your network.  With a full understanding of how your currently wired its quite possible your going to break a lot of stuff when you try and segment it.  You are going to want to understand spanning tree. 

 

Now the gs108t for sure support stp, and what I don't recall is if enabled by default or not?  I have a v1 model

 

post-14624-0-36038700-1392228190.png

 

As you can see I have it disabled on mine - I would love to see a sniff of your network, if the wiring is like what it looks like in the drawing when you have change in the network, PC shut off, switch shut the stp traffic could go crazy doing convergence

 

I am curious if your seeing any stp traffic - I would have to assume a bunch if your wired like I think your wired.

 

I am not seeing any on my connection currently - but here is example.  I would be curious if you fired up wireshark and took a look see

 

http://wiki.wireshark.org/STP

post-14624-0-14008700-1392228790.png

 

In my opinion I would not move forward with your project until you fully understand your current network and have a detailed drawing of the connections between every switch and where your end devices are connected, etc.  Once you have that then you can work out the best wiring and configuration for splitting the network into vlans, be it 2, 3, 4, 100, etc.
 

Share this post


Link to post
Share on other sites

Posted

Hello,

 

You have received a lot of good practical advice in this thread, so I will only add this small caveat:  Once you have settled on a network topology, contact your VoIP reseller or manufacturer's technical support department (whomever you get support from for your VoIP gear) and ask them to take a glance at it in order to provide a sanity check. 

 

My last job was as a technical support engineer for a VoIP equipment manufacturer, and I really, really wish our customers (and resellers, too, sometimes) did this.  It would have averted a lot of expensive "the phone system is down" type emergencies for the customer.

 

Regards,

 

Aryeh Goretsky

1 person likes this

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0

  • Recently Browsing   0 members

    No registered users viewing this page.