Configuring a VLAN

Discussion in 'Computer Science & Culture' started by Nebula, Oct 15, 2004.

Thread Status:
Not open for further replies.
  1. Nebula Occasionally Frequent Registered Senior Member

    Messages:
    906
    In my network class we are using a 3Com Superstack II 1100 Switch to set up 3 VLANs for PCs running Win 98.

    Part of the assignment says to "exclude 10 IP addresses." Nobody in my lab group has any idea what this means, or how to do it.

    We've looked through ALL the menus on the switch and there isn't anything that indicates excluding IP addresses. We've all looked at the online documentation for the switch, and we've all been Googling it furiously for a few days.

    ANY HELP ON THIS WOULD BE GREATLY APPRECIATED!


    [gripe]
    I would love to ask our instructor, but he won't help us AT ALL. First of all, he doesn't come to the lab hours- he just drops off our next assignment and takes off. This week he's out of town but didn't bother to tell any of us. Secondly, if we ever ask a question he gets mad and tells us to look it up on the net. It pisses me off because I paid for him to teach me at least something. I think he's going to get fired though

    Please Register or Log in to view the hidden image!

    .
    [/gripe]
     
  2. Google AdSense Guest Advertisement



    to hide all adverts.
  3. Sky Registered Senior Member

    Messages:
    85
    how many pcs ? will u connect to any wxternal network ?
     
  4. Google AdSense Guest Advertisement



    to hide all adverts.
  5. Nebula Occasionally Frequent Registered Senior Member

    Messages:
    906
    We only have 3 PCs, and they will not be connected to an external network.

    Here's the basics of the lab:

    1. Create VLAN1 and put all 3 PCs on it. Demonstrate pinging/sharing.
    2. Create VLAN2 and put PC 2 and 3 on it. Demonstrate pinging/sharing.
    3. Create VLAN3 and put PC 3 on it. All three PCs should now be on separate VLANS and should not be accessible to one another. Prove this by showing ping/share capabilities.

    Another instructor had no idea, but he did mention the word 'filtering.' Does this give anyone any more ideas?
     
  6. Google AdSense Guest Advertisement



    to hide all adverts.
  7. testify Look, a puppy! Registered Senior Member

    Messages:
    508
    One thing that is confusing me a bit about the question is that normally switches only look at the MAC address of the sending and receiving nodes. So why on earth would he ask to deny access to certain IP addresses?
     
  8. Nebula Occasionally Frequent Registered Senior Member

    Messages:
    906
    Yeah. One of the first things we learned in this class was that switches are relatively "dumb" layer 2 devices, which from what I understand don't use TCP/IP. But through the rest of the assignment it keeps referring to the excluded IP addresses. Maybe the original assignment was using routers or something and he just got us to do it with switches this time but didn't bother to change the assignment details. Another thing we were thinking is that maybe he meant exclude a range of 10 IP addresses to be assigned to each VLAN's nodes ex,
    VLAN 1 = 10.0.0.0 - 10.0.0.9
    VLAN 2 = 10.0.0.10 - 10.0.0.19 etc....

    Another thing that confuses me; after we create our 3 VLANs and associate the ports, the 3 VLANs should not be able to see one another. Ours, however, are able to see each other and even share files. I think the reason this is happening is that whenever we add an ethernet port to one of the 3 VLANs, that same port is addded to the default VLAN. This means that although we do have seperate VLANs, the fact that all ports belong to the default VLAN means that all nodes can see each other.

    For example, VLAN 10 will consist of port 11/12/13, VLAN 20 will consist of ports 21/22/23, and VLAN 30 will consist of ports 31/32/33. All well and good. But then the Default VLAN (1) will consist of ports 11/12/13/21/22/23/31/32/33, making the first 3 VLANs useless. This wouldn't be a huge problem, except that for some reason we aren't able to remove any ports from the default VLAN....

    Please Register or Log in to view the hidden image!



    Yet another thing to keep in mind is that when it comes to this stuff I barely know what I'm talking about (I blame Ralph

    Please Register or Log in to view the hidden image!

    ). I just want to be able to finish this stupid course so I can get a real instructor next term...
     
  9. Stryder Keeper of "good" ideas. Valued Senior Member

    Messages:
    13,105
    Perhaps it means excluding a range of 10 Address for "Future implimentation". Namely you set up your network with the capacity of setting up 10 other systems later on (as one network?)

    I would guess its about "Future Implimentation" since Sizability is one of the main things to consider when developing a network, especially for someone else.

    It's not the thought of what you/they need now, it's more the thought of what will they need in the future and will the system you "provide" be able to cater with their future demands.

    I would guess that the overall Excluding of 10 IP Ranges is more a Router/Hub thing to do if your Switch is using the MAC addresses from the Adapters that are connected to it.

    This means if you want all your machines in VLAN 1 to connect together seperate from the others on the system the systems should be assigned IP addresses in the same range (i.e. 192.168.0.1, 192.168.0.2, 192.168.0.3) with of course all the same subnet mask (255.255.255.0 usually)

    VLAN 2 would consist of three more IP's (i.e. 192.168.1.1,192.168.1.2,192.168.1.3) with either 255.255.255.0 or similar subnet mask.

    VLAN 3 would consist of three more IP's (i.e. 192.168.2.1,192.168.2.2,192.168.2.3) with either 255.255.255.0 or similar subnet mask.

    The understanding is this, the Switch knows the location of the Adapters by their MAC addresses, the Assignment of IP's/subnetmasks to those computer Adapters allows the TCP/IP Layering to work through the Switch.

    Due to each VLAN having a different IP RANGE (Which are notibly of a reserved range for local networks... i.e. 192.168.#.#) the systems will communicate seperately within their VLAN ranges from the rest VLAN's.
     
    Last edited: Oct 16, 2004
Thread Status:
Not open for further replies.

Share This Page