How should i segment this?
Hi,
I have been given a project which basically entails segmenting hotel rooms in a hotel, on the network. The hotel is not built yet so im going to say for arguments sake there are 8 rooms on every floor, and there are 7 floors. Inside the rooms are various devices with Ethernet connectivity (a maximum of 10 devices in each) that will all be connected to a switch in a riser closet on every floor. The switches on all floors connects to a core switch which then connects to a router.
My question is how would i segment the hotel rooms? I plan to use VLANs but the devices in the rooms are not geographically seperate, and my client is not worried about the security side of things. Would i just use a subnet for each room?
HELP!!
Software/Hardware used:
Any networking hardware.
I have been given a project which basically entails segmenting hotel rooms in a hotel, on the network. The hotel is not built yet so im going to say for arguments sake there are 8 rooms on every floor, and there are 7 floors. Inside the rooms are various devices with Ethernet connectivity (a maximum of 10 devices in each) that will all be connected to a switch in a riser closet on every floor. The switches on all floors connects to a core switch which then connects to a router.
My question is how would i segment the hotel rooms? I plan to use VLANs but the devices in the rooms are not geographically seperate, and my client is not worried about the security side of things. Would i just use a subnet for each room?
HELP!!
Software/Hardware used:
Any networking hardware.
ASKED:
November 11, 2009 4:06 PM
UPDATED:
November 12, 2009 9:18 AM
Answer Wiki:
I think 10 devices souds a bit high...Maybe a few jacks, the TV, the phone...wireless devices too I suppose.
Here's what I'd suggest:
One 48port gig layer 3 switch on each floor. Each room has 5 dedicated lines, which are all included on a VLAN. Each room has a VLAN. This will make each room physically seperate and virtually separate until it reaches the switch. Each floor has a line down to the router, and you're set. Manage WiFi points based on need.
You could also do a different subnet per floor or per room, but I think that's more work and configuration than is required for this project.
Hope this helps!
-Schmidtw
To see all answers submitted to the Answer Wiki: View Answer History.
LaurenceS,
Your assessment regarding the use of VLANs is correct. I would suggest segmenting each floor with its own subnet using one of the private IP address ranges.
I’m not sure what you meant by “not geographically separate.” You can place each device in an appropriate broadcast domain, when using VLANs geographically separate devices doesn’t matter, what matters is that you configure the switch trunk correctly with the assigned VLAN communication as well as the router if you are using one for inter VLAN communication or for Internet accessibility.
Also, security should be an issue and it is up to you as a consultant in conveying it to your customer. Not only does it protect your client’s customers, but it also helps to protect your client form legal ramifications – don’t implement good technology with bad security practices.
I hope this helps.
Thanks,
Curtis
Hi guys,
Thanks for your input. The reason there are so many devices is because we run our own bespoke products off of cat5 ethernet connections.
I think i will go for the VLANs with a switch for every floor all congregating into one core switch which inturn, carries to the router.
I didnt mean security for the network wont be an issue but for the rooms it doesnt really matter, idividually. We will have full data encryption on the network as well as router firewalls etc. as per company standards.
Thanks again,
Laurence