We've built new HQ adjacent to existing. Today I successfully tested 10g uplink between new core switches in both building for the first time.
The current network is a bit messy but since I don't have proper racks and patch panels in old building (everything is terminated in RJ45) and everything is in single flat subnet (it grew organically from small network of 20 devices). In new building I have proper server room with tall rack, next week we're putting in patch panels, so I will gradually move stuff over and introduce some order.
At old and new building I have Aruba 1950 48-port PoE switches
The first thing I need to do is put security cams and guests on own network. Questions:
- what do I use for DHCP for new subnet and VLAN for cams? I think using existing Windows DC for DHCP on networks which should be separate from business network is not good.
- how do I route between existing network and VLANs (what do I use for routing)? New switches are Layer3, one of existing ones probably is, endpoint 8-port switches in two offices are probably not
- For new wireless and guests I'm thinking of getting Mikrotik access points and build new wifi with two SSIDs on different VLANs, one for business, other for guests (30 PCs, 50 users, 80 devices on network). Existing wifi was done with g access points primarily for IP phones. I'll leave it in place until new wifi is online. Besides main optics WAN uplink I also have a DSL line which I used as alternate gateway before we had optics in case our primary (now replaced by optics) line went down - i'd just tell DHCP to give out different gateway. Now I plan to use this DSL line for guest network to have them completely separate from our main network.
Another question is: where do I put management interfaces for all stuff like switches, wireless access points, backup NAS, server ILO, ESX management pages? I'm thinking of management should go on it's own VLAN with no access to internet or perhaps very limited access through VPN and jump box of sorts. Since these devices will be in the 10s I'll need a DHCP of sorts for them too.
The current network is a bit messy but since I don't have proper racks and patch panels in old building (everything is terminated in RJ45) and everything is in single flat subnet (it grew organically from small network of 20 devices). In new building I have proper server room with tall rack, next week we're putting in patch panels, so I will gradually move stuff over and introduce some order.
At old and new building I have Aruba 1950 48-port PoE switches
The first thing I need to do is put security cams and guests on own network. Questions:
- what do I use for DHCP for new subnet and VLAN for cams? I think using existing Windows DC for DHCP on networks which should be separate from business network is not good.
- how do I route between existing network and VLANs (what do I use for routing)? New switches are Layer3, one of existing ones probably is, endpoint 8-port switches in two offices are probably not
- For new wireless and guests I'm thinking of getting Mikrotik access points and build new wifi with two SSIDs on different VLANs, one for business, other for guests (30 PCs, 50 users, 80 devices on network). Existing wifi was done with g access points primarily for IP phones. I'll leave it in place until new wifi is online. Besides main optics WAN uplink I also have a DSL line which I used as alternate gateway before we had optics in case our primary (now replaced by optics) line went down - i'd just tell DHCP to give out different gateway. Now I plan to use this DSL line for guest network to have them completely separate from our main network.
Another question is: where do I put management interfaces for all stuff like switches, wireless access points, backup NAS, server ILO, ESX management pages? I'm thinking of management should go on it's own VLAN with no access to internet or perhaps very limited access through VPN and jump box of sorts. Since these devices will be in the 10s I'll need a DHCP of sorts for them too.
