|
-----Original Message-----
From: Robert Cabeca <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Monday, October 16, 2000 13:40 Subject: NAT, Seconday &/or VLAN?? All,
I have been confused about the best way to go about this. I don't think
there is an easy way. Any input would be appreciated.
I have been blessed with the task of developing a new IP scheme w/Vlans
phasing out the old ones. The current IP scheme is a class B (159.159.0.0
255.255.0.0) flat network w/ a F/W to the I/Net & a 2500 to a remote site.
There are 400 IP address in use. There is absolutely NO consistency with the use
of the addresses, Like, pick one out of a hat is just fine.
I am planning on using 27bit mask (10.10.192.1 - 10.10.223.254
255.255.255.224) variably subnetted for use with 8 - 10 Vlans plus Several new
Wan Links (It MUST be a 27 bit mask). I am installing a 6506 w/MSM module, 2
2610's & a dozen 3524's to create some physical segmentation (have to get
rid of the 2000+ broadcast storms /24hr ya know) and to use for future
Vlans
These are the goals:
Phase out current IP scheme to allow for "slow" migration
To allow devices w/ new IP scheme full connectivity to devices in old
scheme and maintain access through the F/W.
My first thought was putting in a secondary IP address on all Ethernet
interfaces. But if I am going to use VLANS in the future, I understand that may
cause some problems. So I then thought about NAT on the MSM module and F/W. Then
I thought about going around to 400 devices one weekend and just changing
everything. Then I thought about getting my teeth pulled! No wisecracks
please. Anyway, I have done alot of thinking and reading and am now
turning to a group which has a great record of pointing people in the right
direction.
Thanks for taking the time to read this. And deep gratitude in advance
for those that can offer even the remotest of suggestions.
peace
rob
|
- NAT, Seconday &/or VLAN?? Robert Cabeca
- NAT, Seconday &/or VLAN?? Robert Cabeca
