Dear all,
I would like your suggestions on a network setup as I am fairly new to networking, we are about to upgrade the setup and I am going to take a deep dive into networks.
The new equipment includes HPE 3810 core switches and HPE 1910 48Port PoE+ as access switches. We are also planning to go to IP Phone solution so trunking is necessary for the ports that we be for workstations and ip phones.
The problem here is that users need to have access to Database/SQL servers via RDC so enabling IP routing for vlans communication without ACL (in the beginning) is, in my opinion, the only way to make the transition a bit smoother.
We currently have a 192.168.x.x/24 network and the new network will be something like:
IT: vlan2 - 10.10.2.0/22
Workstations: vlan10 - 10.10.10.0/22
Machines (industrial-engineering company): vlan20 - 10.10.20.0/22
WiFi: vlan30 - 10.10.30.0/22
Voice: vlan40 - 10.10.40.0/22
The configuration that a partner suggested for the HPE 1910 switches is:
Port 1 untagged vlan 2
port 2-48 untagged vlan 1 (Vlan1 configured with loopback address – no access)
port Trk1 untagged vlan 2, tagged 10,20,30,40
port 49-52 Trk1 LACP
Having every unused port disabled isn’t much better than leaving it active with no access?
I also don’t get why vlan2 (IT Mgmt) need to be untagged at port Trk1, having every vlan tagged isn’t best practice? So the port Trk1 can be set with all the vlans tagged?
Layer 2 switches will be used, at least 1 or 2 so I think tagging every vlan is essential, am I right?
I would like to have your opinion on all that and which configuration would you suggest for the vlans and the switches?
Thank you!