Your basic ITPro blog... What's going on at work, what I'm interested in.

Saturday, May 17, 2008

VLAN Implementation Issues

As I have described here, we are upgrading our network infrastructure and implementing VLANs, QoS, and Cisco Wireless. Fun stuff! But, we ran into a small snag today... Something I should have thought of but didn't.

image

This graphic shows the problem we encountered today... something we didn't think to test.

Our server room is connected to switch A, which is a managed switch and VLAN aware. Switches B and C were originally unmanaged switches and not VLAN capable. Our intention is to hang a WAP off of switch C, so we replaced it with another managed switch to get VLAN functionality there. This happened at the end of last week. Here is where we hit a hang up.

After replacing switch C with one that supports VLANs we tested connectivity on computer 2... everything worked fine! We thought we were good to go. But, we didn't bother testing computer 1, hanging off of switch B (an unmanaged switch). Of course, this test came this weekend, when we tried running Checkin for our Saturday evening service.

All of the computers hanging off of switch B had no network connectivity. But, computers on switch C were fine. It turns out that our problem was caused by our solution. When we put the new managed switch in location C, we turned trunking on for switch A (uplink to switch B) and for switch C (uplink to switch B). So, switches A and C were happily speaking VLANs, using switch B as little more than a repeater. But, the clients on switch B were not able to communicate on the network because switch B had no idea what VLAN to communicate on.

My solution was to turn trunking off for the uplink ports on switches A and C and just set all switches as access ports on our client VLAN. Then, everyone could work fine. But, what does this mean for our wireless implementation?

It looks like we are going to have to make sure that all of the switches in the path used by our WAPs will have to be managed IF they will also host client connections themselves. So, we will need to upgrade switch B as well. Then, we can re-trunk all of our uplink ports and re-implement VLANs.

No comments:

Additional Info

My photo
email: support (AT) mangrumtech (DOT) com
mobile: 480-270-4332