Hi guys,
right now i am reviewing my network setup and i would like to hear your opinion on it.
It is setup as followed:
Hardware:
2x D-Link DGS-1510-28X stacked together ( each 24 GigE and 4 10Gig-SFP+ Ports)
My layout has 8 VLANs (1,1000-1005,4001-4002) with seperate Subnets on 10.X.X.X
VLANs 4001-4002 are for iSCSI Traffic between my VMware hosts and my SAN Storage (SFP+ Ports)
VLAN 1000 is for the core networking ( Router (more further down), DCs, TFTP, eMail Servers,...)
VLAN 1001 is for the Webservices ( Homepage, Cloudnodes,...)
VLAN 1002 is for my VM Workstations
VLAN 1003 is for my SQL Databases (MySQL and MSSQL Traffic
VLAN 1004 is for my general Network
VLAN 1005 is for Wifi ( Guest only)
VLAN 1 is for Management of the Hardware ( IPMI, etc.)
So far so good. Until now i setup the routing between the VLANs on the D-Link Switches which does quite good.
DHCP is organized via Helper IPs to forward to VLAN 1000.
The Router/Firewall is hooked up on VLAN 1000 and is the default gateway on the switches for any other routes.
Regarding that my Firewall (Sophos Appliance) has only one connection to the switch, whereas it has 6 free GigE Ports. I never used Trunks between firewall and the both switches.
As of the state right now, i think the setup is quite ok, but i thought about switching the routing over to my firewall.
Would you guys prefer any of those two ways? Or do you have some recommendations?
Thanks for your input!
right now i am reviewing my network setup and i would like to hear your opinion on it.
It is setup as followed:
Hardware:
2x D-Link DGS-1510-28X stacked together ( each 24 GigE and 4 10Gig-SFP+ Ports)
My layout has 8 VLANs (1,1000-1005,4001-4002) with seperate Subnets on 10.X.X.X
VLANs 4001-4002 are for iSCSI Traffic between my VMware hosts and my SAN Storage (SFP+ Ports)
VLAN 1000 is for the core networking ( Router (more further down), DCs, TFTP, eMail Servers,...)
VLAN 1001 is for the Webservices ( Homepage, Cloudnodes,...)
VLAN 1002 is for my VM Workstations
VLAN 1003 is for my SQL Databases (MySQL and MSSQL Traffic
VLAN 1004 is for my general Network
VLAN 1005 is for Wifi ( Guest only)
VLAN 1 is for Management of the Hardware ( IPMI, etc.)
So far so good. Until now i setup the routing between the VLANs on the D-Link Switches which does quite good.
DHCP is organized via Helper IPs to forward to VLAN 1000.
The Router/Firewall is hooked up on VLAN 1000 and is the default gateway on the switches for any other routes.
Regarding that my Firewall (Sophos Appliance) has only one connection to the switch, whereas it has 6 free GigE Ports. I never used Trunks between firewall and the both switches.
As of the state right now, i think the setup is quite ok, but i thought about switching the routing over to my firewall.
Would you guys prefer any of those two ways? Or do you have some recommendations?
Thanks for your input!
