Lan Segmentation

Soldato
Joined
17 Oct 2002
Posts
3,941
Location
West Midlands
Hi, im looking to split up my existing network, at present i have all my workstations on a 192.168.153.0/24 network and im looking to add another subnet onto it for testing purposes most likely in the 192.168.150.0/24 range.

Has anyone got any recommendations for reasonable Lan routers that would do the job but wont break my bank!

Cheers

:)
 
You don't actually need Vlans. Will the test network need net access?
Subnets can't talk, even within the same class C range. If you need net you can run a standard cable router between the 2 Lans Wanport to LAN port and then your test network will be behind NAT and can't affect anything muh on the other network, but can still get out to the Net.
 
Yes, but the point is he doesn't want to. Else the one subnet would be fine. And he probably can't budget for a 2600 to route with ACLs. If it's a test network he'll want to hide it from the working network as much as possible.
 
Last edited:
T180985 said:
different subnets can talk with the right router, i have done it with a cisco 2600 router
Indeed. The whole point of a router is to allow different subnets to communicate with each other. This is the case even with VLans. Machines on different VLans may be phyiscally connected to the same switch but they still need a router for them to communicate with each other.
 
Psyk said:
Machines on different VLans may be phyiscally connected to the same switch but they still need a router for them to communicate with each other.

Not if you've got a layer 3 (or above) switch you don't.
 
*points to the scenario* We all know that VLans have to be routed, it's a fact and no one is disputing it. The point here is to PREVENT the test subnet interfering with the Working one. I.e, if you mess with DHCP or (SAP if you still use IPX, done this before *shame*) it doesn't bugger up your nice happy PCs that people are working on.
I set a router up on the Network to telnet and configure prior to placement on another site. It had IPX configured previously and before i could disable it it had sent SAP broadcasts all over the place. Fortunately the netware server overwrote these on the Netware domain. However one IP "loose" printer had IPX enabled but not configured. Thus it took the SAP B/c and decided to keep braodcasting false info trying to get a response from the now disconnected 2650. Finding that thing was a pain in the arse. If i'd have done as this smart guy is doing and set up an admin subnet isolated from all but "one way web" then it wouldn't have been an issue.
 
I agree with that we need to know what the test LAN needs to able to access though,i dont think he mentioned web access. If it doesnt need any web access then there isnt really any need to physically join the two networks he may aswell just connect all pcs in the test network with a simple hub
 
if he's using PC's spread across a larger area that's not going to work. With subnets he can trial a system like a new SQL database by taking a worstation in situe and adding it and the server to the test subnet. Thus he can test the database in a safe environment witout having to physically move things. Also ip addressing is far more scalable than anything hardware based.
 
Skilldibop said:
if he's using PC's spread across a larger area that's not going to work. With subnets he can trial a system like a new SQL database by taking a worstation in situe and adding it and the server to the test subnet. Thus he can test the database in a safe environment witout having to physically move things. Also ip addressing is far more scalable than anything hardware based.

Along the lines of what ive got in mind, eventually i want to have a Wlan on the second subnet, but want to seperate the two for administrative purposes, it will need internet access as well. I have been looking at a 2nd hand Cisco 2500 series that may well suit the purpose.

Simple Diagram:
Code:
     Cable Modem
            |
            |
        Firewall                                              Wireless Clients
            |                                                          |
            |                                                          |
        Switch ---------------- Router ------------ Wlan - 192.168.150.0/24
            |
      Server/Pc's - 192.168.153.0/24
 
Back
Top Bottom