Best method to create multiple LAN's w/ one internet connection

[tankman1989]

Being that networking is not my strongest area of expertise I'm not sure which way to go with this. I need the ability to add additional "sub networks" all connected to one internet connection. I'm not sure which is the best way to do this, with routers or with managed switches (level 2 or 3).

I need to be able to create networks capable of supporting up to 24 devices. I need to be able to expand the number of networks as the need warrants. All of these networks will be sharing one internet connection.

I'm kind of confused as to how to set this up and where to use routers vs managed switched. Ideally I would like to have a piece of hardware for each "sub network".

I'm thinking this might be the best or only way to do it.
Modem -> Router A -> Switch A -> Router(s) B -> Switches B -> Computers

Now I really doubt that there will be interaction between the sub-networks but if there was, would all of the traffic have to go through Switch A to reach the other sub-network?

Could I consolidate the "B" devices if I used managed switches? If so what level management do I need?

 

[YeOldeStonecat]

I'd go with a router that has multiple ethernet interfaces, say, get a model with 7 ethernet interfaces...and assign 5 or 6 of those to be internal interfaces. Each running a different subnet...192.168.10.0\32, 192.168.11.0\32, etc
Uplink each to a large managed switch with VLANs, or individual switches.

 

[tankman1989]

I'd go with a router that has multiple ethernet interfaces, say, get a model with 7 ethernet interfaces...and assign 5 or 6 of those to be internal interfaces. Each running a different subnet...192.168.10.0\32, 192.168.11.0\32, etc
Uplink each to a large managed switch with VLANs, or individual switches.

Sorry if what I'm writing is what you said, to some degree, but I didn't quite follow you.

The first router will be a Linux machine in a Poweredge 1950 or 2950. I have access to 4 port 1Gbps Lan cards and can add up to 3 in the 2950 for a total of 14 ports on the machine (12+2onboard). Another alternative is for the 1950 to use the 2 onboards as WAN and LAN interfaces.

Now due to the fact that I will have 8 networks to begin with and very easily 32 within a year or so, I was thinking getting a managed 32port switch to connect to the Linux router. From there a dumb/simple switch for the sub-network.

So, I want to have these networks from the beginning:
Network A 192.168.1.0\32
Network B 192.168.2.0\32
Network C 192.168.3.0\32
Network D 192.168.4.0\32
Network E 192.168.5.0\32
Network F 192.168.6.0\32
Network G 192.168.7.0\32
Network H 192.168.8.0\32

Can the managed switch create the VLAN's with those network ranges, with one connection linked to a, 16-24 port simple switch that connects all the local devices?

So it would be the: Modem -> Linux Router -> 32 port L2/L3 managed switch -> (8) 16 port simple switches -> Computers/devices

The ^^^ example is my ideal setup if that will do the deed. So, do I need L2 or L3 switch?

What I need is for clients to be able to log into a machine on their network. The IP address & forwarding will all be setup, maybe even via VPN. So I need Client A to be able to log right into a specified machine on Network A, Client B on Network B, etc...

Would VPN's be a good user for this?

 

[tomahawkeer]

If I were setting this up, I would do the following:

Router -> Core Switch (Layer 3) -> Normal Switches -> End users

Just set the router with 2 interface (One lan, One wan)

Configure the core switch to do all your internal routing between networks / subnets, and hang your regular switches off that switch. Now instead of having to have a router with 9+ interfaces, and a switch off of that, requiring a minimum of 16 ports (8 from the router plus 8 for each subnet).

Your core switch now only has 9 used ports (8 to your subnets and 1 uplink to the router), giving you more expansion down the road (12 / 24 / 36 ports however big you make it)

Are these networks going to be talking to each other at all? If they are, you wouldn't want to send that traffic up to the router then back in, as its already going to be handling everything coming and going from your network to begin with, your best bet is to segment it prior to that.

 

[AlexT]

Shouldn't the networks be \24 and not \32?

 

[YeOldeStonecat]

Yeah little typo there...I go dyslexic or whatever I was last typing when I'm tired...lol. Although since each is behind NAT, doesn't really matter much what subnetting he uses. But for simplicity, the standard old class C is good.

 

[AlexT]

Ha ha ok It's been a while since i did the CCNA but isn't /32 only good for a loopback address?

 

[tomahawkeer]

Haha wow, yeah that does need to be /24. I did a complete fly by on that one as well

 

[AlexT]

I've done it myself from time to time.

 

[Nerm]

If I were setting this up, I would do the following:

Router -> Core Switch (Layer 3) -> Normal Switches -> End users

Just set the router with 2 interface (One lan, One wan)

Configure the core switch to do all your internal routing between networks / subnets, and hang your regular switches off that switch. Now instead of having to have a router with 9+ interfaces, and a switch off of that, requiring a minimum of 16 ports (8 from the router plus 8 for each subnet).

Your core switch now only has 9 used ports (8 to your subnets and 1 uplink to the router), giving you more expansion down the road (12 / 24 / 36 ports however big you make it)

Are these networks going to be talking to each other at all? If they are, you wouldn't want to send that traffic up to the router then back in, as its already going to be handling everything coming and going from your network to begin with, your best bet is to segment it prior to that.

I second this. This is the way I would do it if it was me. It is fairly best practice for network structure. No redundancy or failover but doesn't sound like that is needed in this situation from the way I read your initial post.

 

[Markverhyden]

I second this. This is the way I would do it if it was me. It is fairly best practice for network structure. No redundancy or failover but doesn't sound like that is needed in this situation from the way I read your initial post.

I third the suggestion. With that many subnets you want to leave the router to handle the basic front end and then let a robust L3 switch take care of all of the subnetting and routing related to that. Also if the router dies you should still have your LAN side functioning so some work should be able to get done (depending on how they are setup).