Switching

last person joined: 8 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  Design Issue

    Posted 04-13-2010 01:45
      |   view attached

    Hello!

    I have to implement/upgrade a Network for a local hospital. The design diagram that I got from my head office is attached.

    Scenario: The top 2 switches in VC are EX4200 T and servers are connected to it(Sunray Survers, Application Server, Database etc all having different vlans). The bottom 2 switches are EX4200 F and acting as Fiber aggregation for access building blocks.

     

    As per the document, each building has 3 vlans for thin clients, Voip and Printers. Like VoipA (vlan 50) , VoipB (vlan 60), VoIP C (vlan 70), PrintA (vlan 51), PrintB(vlan 61) so on and so forth.

     

     

    The gatway for servers is the SRX with VC switch acting as L2

     

    Now I have some queries,

     

    Where do I configure the DHCP server for thin clients, voips. If I configure on aggregation/ core VC switch then I'll have to define scopes for differnet Vlans and that would mean  gateways for thin clients of each building will be on that switch RVI. That would mean  I have to use another l3 subnet for FW-VC link. Ideally  I would want  gateways to be terminated on FW how to implement this in current scenario?.

     

    There is and option to use L2 or L3 for links between Aggregation-Access switches what should be more feasible?.

     

    If anyone could explain with an example that would be ideal.

     

    Thanks

    Raheel 

     

     



  • 2.  RE: Design Issue

    Posted 04-13-2010 01:47

    PS: The top 2 switches of each building are ex3200 (no VC here)



  • 3.  RE: Design Issue

    Posted 04-16-2010 08:45

    I would configure a dhcp server with multiple scopes on one of your servers.

     

    Configure dhcp-relay on the SRX to relay DHCP requests to the server from each of the VLANS.

     

    Configure dhcp-snooping on the access switches to prevent access to non-dhcp'd hosts.

     

    That is, if you don't want to do any l3 on your switches.

     

    Also I would consider two seperate VC's for your aggregation/core layer. Currently you cannot upgrade software on a virtual chassis without rebooting the entire chassis. If you want redundancy for software upgrades you should split your configuration into two seperate vc's and test your RSTP settings to make sure things converge as you expect.



  • 4.  RE: Design Issue
    Best Answer

    Posted 04-17-2010 10:27

    For simplicity and future HA I would Do as devol said and have a DHCP server in your Server subnet(datacentre).  Then simply turn on L3 on your 4200 VC and have it be the Default Gateway for each VLAN.  Since your in a VC you will have HA for your default gateways (somethign the SRX will not give you unless you buy two of them).

     

    Then simply setup dhcp-relay's (Ip helpers) for each vlan interface pointing to your DHCP server.  This model will also allow you to run a routing protocol between your 4200-vc and your WAN routers if you ever get more then one for alternate paths or redundancy.