Detailed description of vro Device Application

As China's router equipment develops rapidly and has a high market demand, I studied the practical application of the router equipment and the planning and implementation of multiple computer networks, I would like to share it with you here and hope it will be useful to you. With the continuous popularization of information technology, more and more organizations have already felt that they are inseparable from the network. Therefore, the establishment of a LAN network suitable for their work needs has been mentioned on the agenda of many organizations. For enterprises with hundreds of computers, how to build a network with fast Internet access speed and stable signal transmission becomes a "subject" that must be carefully planned and designed by the network administrator ". In order to help network administrators skillfully plan and design the networking solutions for many computers, this article specifically aims to contribute a medium-sized network construction solution that includes more than 200 computers, ensure that the established LAN is not only fast and stable, but also capable of smooth upgrades!

Networking requirements

There are two floors in a unit building, with each floor containing about 100 computers. Due to work requirements, the Organization's leadership asked the network administrator to come up with a reasonable networking solution to ensure that all computers can be made up of a LAN, and the lan network established by the organization is not only able to access the Internet quickly, it also has good stability and hopes to facilitate maintenance and management in the future to improve the network operation and management efficiency.

Requirement Analysis

Generally, a LAN with more than 100 computers can be considered as a medium-sized network. This network has high requirements on the transmission speed and stability of online signals, in addition, network administrators must consider the convenience of future maintenance when planning and designing networks of this scale. Based on these requirements, we recommend that you use several common Mbit/s L2 switches to connect to your computer. All L2 switches are cascade to the core switch to meet fast Internet access speeds, we need to purchase a gigabit core switch. If we have extremely strict requirements on Internet stability, we can consider using dual-optical fiber lines of China Telecom and China Netcom to access the Internet with conditional permits.

Network Planning

According to the above analysis, the networking scheme of the network can adopt the L2 network structure of the user access layer and core access layer, and form a LAN through the stacked connection between the common L2 Switch and the core switch, to meet various Internet access needs of the Organization. A common computer is connected to a common Layer 2 switch with Mbit/s twisted pair wires. Considering the large number of computers, we can select 10 Layer 2 switches with 24 ports.

All common L2 switches can be connected to gigabit core switches through optical fiber lines or directly connected cables. To facilitate future management and maintenance of the network, we recommend that core switches and common L2 switches have VLAN functions and other management functions, so that we can divide computers in the same department into the same VLAN, this ensures that Internet access to each department is not affected by other departments. To achieve LAN Internet sharing, we also need to use fiber optic cables to connect core switches to vrouters. To ensure Internet stability, we can use vrouters that support dual-WAN ports, so that the Unit network can be connected to the telecom network and the Netcom network at the same time, which not only effectively improves the overall speed of LAN access, but also achieves the role of network load balancing. Of course, to further simplify the network topology, we can directly use a gigabit-level Core route switch instead of separately purchasing a router device.

For example, the Huawei S8500 gigabit core route switch is a good choice. This switch not only achieves routing, but also provides VLAN settings and other manageable functions, there are even network filtering functions to ensure network security.

IP address Division

Because there are too many Internet users, if 200 computers are set up in a sub-network at the same time, the LAN network security will not be guaranteed, but will also affect the efficiency of network management and maintenance in the future. To this end, we can divide several computers into different subnets Based on the floor or work department, and require different subnets to use different VLANs; considering that computers in different VLANs cannot communicate with each other directly, we also need to set routes to ensure that each VLAN can communicate with each other, in this way, the transmission stability of LAN signals can be greatly improved. Specifically, even if a network fault exists in a VLAN, the failure will not affect the LAN of the entire organization, in this way, the failure loss can be effectively reduced.

Generally, when the number of computers in the LAN exceeds 250, these computers cannot be concentrated in the same subnet, because one IP subnet can accommodate up to 252 computers, after this number is exceeded, we need to use the VLAN function of the switch to divide them into different subnets. Normally, the number of computers in the same department or on the same floor is no more than 252. At this time, we can, to divide multiple computers in the same geographic location into the same subnet.

For example, for this article, we can divide more than 100 computers distributed on each floor into two different subnets. For example, we can divide all the computers on the first floor into vlan1. the IP address in this network segment can be set to 10.176.6.2-10.176.6.254, the gateway address can be set to 10.176.6.1, And the subnet mask address can be set to 255.255.255.0; next, we can divide all the computers on the second floor into VLAN2. The IP address in This CIDR block can be set to 10.176.8.2-10.176.8.254, And the gateway address can be set to 10.176.8.1, the subnet mask address can be set to 255.255.255.0.

To allow all computers in the two CIDR blocks to share the internet, we also need to configure the gateway parameters 10.176.6.1 and 10.176.8.1 in the core route switch or dual-WAN port router, make sure that the computers in each subnet can access the Internet through the LAN routing function. If we want computers in different network segments to access each other, we also need to set Routing Parameters in the core route switch or duwan port router to ensure that they can communicate with each other using the routing function.

If we do not want computers in different network segments to access each other in the future, we only need to control the route parameters. Here, we need to remind you that even if we have modified the Routing Parameters to achieve mutual access between two different network segments, we still cannot find shared resources in different subnet computers through the network neighbor window, in the system running dialog box or Internet Explorer Address box, enter "\ name or IP address of the target computer" and click the Enter key to enable cross-network segment access.