Thanks for getting back to me, I have added some notes below.
On 12/20/2011 04:54 PM, Vic wrote:
> NB: All of the following might be wrong, as it's a while since I set up a
> ProCurve.
>
>> I am able to set up three different VLANs, one for
>> internet, one for users and one for development. The problem is that I
>> want to allow both the users and developers access to the internet VLAN
>> since this is connected to the ISP router.
> OK, the trick is to make sure that your users and your developers are all
> on the same logical LAN segment as your router[1], so that either could
> get Internet access if they were physically connected.
>
> Then, set up *two* VLANs - one for users, one for developers. Set up the
> switch ports appropriately
>
> Now add in your router to a spare port on a switch, and connect that port
> to *both* VLANs. If you span across more than one switch, you'll obviously
> have to daisy-chain (unless you've got one of the stackable types - mine
> isn't). You could put the daisy-chain connections on a separate VLAN if
> that's easier.
>
The problem with this set up is that we will have about 8 different
VLANs on 4 different switches that will share the internet connection.
Some of these are dumb switches, some are intelligent. We also have only
4 ports on the router which is connected to a switch in another building
- dual fibre-link connections from one building to the other - But I
think we should be able to get this to work with one connection to the
router based on the fact that the switch in question is intelligent with
the option for routing.
>> I have the core of it set up as required, the problem seems to be the
>> routing between VLANs...
> The way to get your routing right is - not to do any routing :-)
That would be ideal as it seems to be the routing that is letting us
down at the moment. :)
> Think of a switch primarily as the plumbing, with a VLAN-capable switch as
> a slightly more clever bit of pipework. Get your addressing right between
> the relevant logical devices hanging off the network, and the switch setup
> suddenly becomes a lot easier...
>
We are using address ranges 10.1.20X.0 for each VLAN, with X different
for each.
> HTH
> Vic.
>
>
> [1] It's up to you whether they're on the same segment as each other; you
> can play games with the netmasks of each group if you think that's worth
> the effort.
>
Definitely not worth the effort, especially as we will have over 256
nodes :D
> --
> Please post to: Hampshire@???
> Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
> LUG URL: http://www.hantslug.org.uk
> --------------------------------------------------------------
--
Please post to: Hampshire@???
Web Interface:
https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL:
http://www.hantslug.org.uk
--------------------------------------------------------------
