Network topology – router, VLAN subnets

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

tubs-ffm

Active Member
Sep 1, 2013
171
57
28
Hello,
Hopefully someone could help me to optimise my network topology and move L3 routing to the right side L3 switch.

To move L3 routing from firewall/router on the left side between LAN and DMZ to the Ruckus ICX in a different set-up, I once did in the past with help from here. The reason for this was to get benefit of the 10 Gbit links of PC and server and not having the firewall/router as bottle neck in between. So, how to do this in principle incl. routing on firewall and ACL and DHCP on Ruckus ICX I know.

After moving to a different place, I switched back to a L2 network as show on the sketch. (In Grey 1 GBit copper and in blue 10 GBit fiber). I could not find a proper solution to apply the previous approach to the new network set-up. The current L2 set-up basically fulfils my needs beside the bottle neck between LAN and DMZ.

What I want to achieve (if there is a solution):
- Move L3 routing between LAN and DMZ from firewall to Ruckus ICX L3 switch
- Keep both Ruckus AP in the same subnet to avoid IP change when a wireless client is roaming.
- Keep LAN as one subnet across the complete physical network
- No routing between all VLAN other than LAN and DMZ required. All go straight to the internet.

The only ideas I found so far are:
- Creating a separate subnet for the Server and PC on the right room and keeping right AP in old LAN subnet. Disadvantage: Traffic from AP to server (backup wireless Laptop) goes twice to the LAN cable to firewall and back.
- Messing around with L3 switch as second router in the LAN subnet and add manual routing to PC.
- Giving up on the target no to have an IP change of wireless clients when roaming. (No idea what would be disadvantages)

Any idea how to achieve this?

Network L2.png