NEW VLAN Project for my school

Product Discussion Other Products
1

Hey Guys

I wanted to achieve the following for my school projct

1 - need approximate 5000 ip address for student network

2 - need about 2000 address for my office admin and teaching staff… but both network should not be also to communicate with each other… but the network which is in staff admin and teaching should be able to communicate between those 2000 addresses…

thank again

2

@jatin

The inter-VLAN option enables you to allow / restricted communication with other VLANs.

828×259 94.8 KB

3

Thank you so much for your reply which really helped… one more question - can i have one of the ip like 192.168.5.1/24 as static instead of dhcp as out phone system takes only static addressonly…

please suggest

4

Yes you can. You can either choose to have a whole VLAN/Subnet where you don’t enable DHCP and all devices have to be statically assigned, or you set a DHCP range that covers only the addresses that won’t be used for phones. So if you had 192.168.5.1-100 for phones you could have DHCP start at 192.168.5.101 and finish at .254.

However - the size and scale of your deployment raises additional questions that are worth considering. I assume your network will be split across multiple buildings and locations that are likely linked via P2P links such as fiber and wifi.

In those kinds of deployments I’m normally a fan of segmenting the network by location or by floor. By that I mean I will often assign dedicated subnets/vlans to individual buildings and only extend/trunk those VLANs that really have to exist throughout the entire network (like those for VoIP, or the CCTV network).

That way, when there is trouble - a device consuming massive amounts of bandwidth, or a malware/virus scenario for example, I can easily identify the source of the problem and its location by the source IP/Subnet and lock down the building or floor that the issue originates from (with firewall rules or policies) or even reduce the bandwidth available to a whole building or floor by editing the config on a managed switch, leaving the rest of the network and users in other buildings unaffected.

My recommendation would be to think through your network design and look at how you might segment things further to provide that kind of capability later. It will make managing the network easier later.

Best of luck!