IT 4 Offices

Call us - 0333 332 6600

Pro-Active Support

At IT 4 Offices we use a state of the art monitoring software to ensure your systems are running and kept running, preventing downtime where possible and ensuring you are in running your company using your IT systems effectively and not allowing your IT to prevent you working.

Pro-Active IT

IT Migration

Whenever a system change is required within a business, a migration process is used to ensure that important company and client data is kept secure and accessible.
Including: Cloud, Virtualisation or Mergers/Buyouts

Migration

Email Security

Are you fed up with adding senders to junk lists.   Many of our clients using our spam filters now have the time to work without interruption from constant adverts and unimportant spam emails, as well as having the peace of mind that they are protected by multi-layered virus protection.

Email Security

Network Design

IT 4 Offices have developed a solutions portfolio that enables the provision of full end-to-end infrastructure solutions.
This range enables us to provide our clients with both a tailored and integrated solution to their entire infrastructure networking needs.

Network Design

HP Vlan and Avaya

This week I've mainly been working with the wonderfull world of VLANs.

When a network grows to a certain size or your running VOIP on your network you may consider separation of the data to improve the network performance. You can do this either by buying separate switches and if you need to connect them use a router to ensure the data is kept apart. However VLAN technology has been around for a few years now and the price of a good managed switch is within the reach of most IT departments. Most managed switches will work at (ISO) Layer 2 - mac address. If your even lucky you can find a layer 3 light or full layer 3 switch - IP address routing. (For more info on ISO Layers)

 

HP and Cisco have slightly different views on their switches and there are plenty of examples of setting up a VLAN for cisco but I did not find a dummies guide to HP Switch VLANs.

Ok, back to basics....what does a VLAN do? A VLAN will allow you to separate traffic on a switch into segments or broadcast zones. This means you can have one physical switch with one or more logical network segments. So port 1-12 could be in the default "VLAN 1" and ports 13-24 could be assigned to "VLAN 10"

Out of the box all the ports on a managed switch will be UNTAGGED and in the Default VLAN (VLAN1). Setting up a VLAN will require console access or telnet access, some configuration can be completed via the web interface. Via the console assign the main IP address to the switch, so you can then telnet to the switch or access via the web.

HP make creating VLANs on a switch easier than Cisco.

To create:

# configure

# vlan 10

# ip address 192.168.1.1 255.255.255.0

# exit

This would create a VLAN but not assign any physical ports.

Assign ports

# configure

# vlan 10

# untagged 13-24

# exit

This would create a 2nd VLAN on the switch ports 1-12 would be untagged and assigned to "VLAN 1".

UNTAGGED or TAGGED

Rule 1 - Each port can only be assigned to one UNTAGGED VLAN.

Rule 2 - A port can be assigned to zero or more TAGGED VLAN

Rule 3 - A data packet can only have one TAG

Every port on a swtich must be assigned to an UNTAGGED VLAN - this ensures if a device is connected it will be in a VLAN (even if its the default VLAN1) So the device would get its IP address from a DHCP server in that VLAN (or would require manual IP configuration)

A TAGGED port allows that port to transfer data packets that have a matching TAG (or VLAN ID). so a packet with no TAG information would be UNTAGGED, a device with a TAG in the packets would be transmitted if the TAG matches. You can have multiple VLAN IDs per port but the packet can only have one TAG assign to it.

HP Example:

# configure

# vlan 1

# name "Default VLAN"

# untagged 1-12

# ip address 192.168.0.1 255.255.255.0

# vlan 10

# name "VLAN 10"

# untagged 13-24

# tagged 1-12

# ip address 192.168.1.1 255.255.255.0

#exit

In this example - you could plug a device into each port and in port 1-12 you would be in "VLAN 1" by default, in ports 13-24 you would be in "VLAN10". If your device was configured to be in "VLAN 10" then it would be in "VLAN 10" as it would send TAGGED packets.

Devices awareness

For a device to know which VLAN it should be in, you will have to tell it. Most PCs don't have a setting that is configurable. Most Server network cards do. You would have to check your network cards advanced settings. Avaya IP phones do have a setting which can be configured on the phone, however it would be very time consuming to set each phone before deploying it. Therefore Avaya have allowed us to use the DHCP options to set which VLAN it is in.

IPOfficeAssistance.com site has a great example how to configure the DHCP server: http://www.ipofficeassistance.com/HOWTO_DHCP_IP_Phones.html so we don't need to replicate it.

A couple of points to ensure:

  • Your AVAYA System should be in an UNTAGGED port as it may not have the VLAN setting by default.
  • You will need access to the DHCP Server - you need to set the AVAYA 242 or 176 DHCP option in the default VLAN scope
  • Your router should be configured to route between VLANs

How the phone gets its VLAN.

  1. When you plug a phone in to a port, it should get its initial address from the default VLAN DHCP Server.
  2. The phone reads the VLAN settings and will restart
  3. If the port has been configured to accept TAGGED VLAN 10, phone can then obtain an IP from the DHCP server in VLAN 10.
  4. If the port has not been configured to accept TAGGED VLAN 10, the phone will search and then restart. Handy to know this if your trouble shooting.

IP Helper

If you have a number of VLANs on your network and the DHCP server is not in the default VLAN 1, you may need to set the IP helper-address. This will allow the switch to pass the DHCP request to the DHCP server. You don't have to have a DHCP server with a separate network card in each VLAN.

HP Example:

# configure

# VLAN 10

# IP ADDRESS 192.168.1.1 255.255.255.0

# IP HELPER-ADDRESS 192.168.0.2

# exit

HP Trunks

In the HP world, a trunk is 2 or more ports that are bonded together to provide multiple connections to the same destination. This helps with added bandwidth for data transfer and also should a cable fail the trunk connection will still work.

HP Example:

# configure

# trunk 23-24 Trk1 Trunk

You can then assign this to a VLAN via the untagged and tagged settings as per the VLAN examples. This should not be confused with Cisco VTP.

 

VLAN Routing

There are a couple of options if you need to route traffic between your VLANs, obviously you will need to if your using a shared DHCP server.

  • Add a router with either separate interfaces connected to each VLAN segment or that can TAG the VLAN itself.
  • Use a Layer 3 Switch - effectively this means the switch is a router. In some networks it can be used as the default gateway for all devices and then have a default route itself pointing to your internet connected router.

My HP 2610-24 switch is layer 3 light/lite/basic, this means it can do basic layer 3 operations like basic routing. It will not do RIP or similar routing protocols or bandwidth control. A more advanced HP switch such as the 2910-24g al which has more functionality but is priced accordlingly.

If you have any questions or require assistance setting up your VLANs please contact us and we will be happy to discuss our consultancy services.

 

SMB IT Support

If you are a business owner/manager and would like to discuss outsourcing your IT support, give us a call and speak to one of our team

SMB IT Support   Ad-hoc Support

IT Supply

If you have a hardware or software requirement or have a project you would like to discuss, give our team a call

Hardware   Software   Hosting

Partnerships

At IT 4 Offices, we have formed strong relationships with industry recognised businesses to provide our clients with the best systems that they require to run their daily business tasks.

Microsoft Registered Partner | Dell Partner | HP Partner
 
 
 HP Cisco
Draytek Synology

Contact Us

Call on 0333 332 6600

52 Halcyon Close
Witham,
Essex. CM8 1GY

follow us on twitter follow us on google+ view our youtube channel like you facebook