I am setting up a small network at work on sunday. (Work is still a restaurant, haven't gotten a tech job yet.) I will deploying a server, a new terminal and redoing all of the existing, sloppy networking. My networking hardware will be a Cisco WRVS400n and a netgear router, FSV318 I believe is the model number. My plan is to connect the cisco WAP to DSL, cascade the netgear router off of the cisco router and then connect all of the point of sale terminals, the server and printers by wire, taking them off of wireless as they are now. We also have 2 hosts upstairs, a printer and a point of sale station. I would like to plug the 6 hosts down stairs into the netgear router and the 2 hosts upstairs into the cisco router. The cisco router will also provide bandwidth for customers that bring in their laptops and our ipod that we use for the dining room music. Obviously, the cisco router will need to have both DHCP enabled for customers to use it and most of our hosts will need static addresses. I have been looking around and it doesn't seem there is a way to create exclusions or reservations in the cisco router. It is either static or DHCP. I have not yet been able to take a look at the router because of my school and work schedule so there may be something obvious that I haven't seen yet, but I am kind of gathering my thoughts on exactly what all needs to be done. Right now everything is dynamically configured, which usually is not a problem but once every few months it causes issues, with only 10-12 hosts on the network at any given time, at most. These problems will escalate much more dramatically I would imagine after converting our system from a work group to a domain. Does anyone know if there is a way around this issue? If it isn't possible, I have enough ports on the netgear router to run it all on that, and this will solve my problem, but would prefer the two halves of the shop be on separate networks for security and performance reasons - And what I have, is just what I have to work with. Cannot purchase anymore hardware.
2 Answers
Maybe you need to set your DHCP pool to be a smaller chunk of your subnet and set some of the equipment to be static? If your Cisco doesn't do all the DHCP stuff you need, I doubt the Netgear will do it. I've managed remote sites with FVS3x8 units since the early 2000s and I certainly wouldn't confuse them with a real commercial-grade router or switch.
I'd also be careful about stressing that Netgear router unless it's one of the newest ones (likely has a grey case instead of blue). The older ones didn't have the CPU for handling high bandwidth and had a lot of nasty bugs around not-sane default TCP/UDP connection timeouts.
Scant solace now, but you probably would've been better off with a used Cisco ASA firewall off Ebay to handle the more complex networking functionality.
- 4,451
- 3
- 30
- 53
-
Thankyou for the comments. I will check these potential solutions out. All of the networking equipment is CHEAP. Someone mentioned the age of the netgear router and it is indeed blue and very old - I believe the manual that I downloaded for it was from 2003. The downstairs network doesn't need all that much bandwidth though. It will almost never connect to the internet other than the VPN used for credit cards only and the occaisional update done once every few months. The network upstairs frequently uses the internet and will need the higher performance. That station also has inherently – KeithMCTS Oct 03 '12 at 17:25
-
lower security risks. The POS software we have down stairs relies on many host firewall exceptions in order for it to function properly. (It wasn't really designed to be internet facing.) The machine upstairs is a mac and has much better point of sale software, that only runs on that client rather than across multiple machines and still has a firewall not full of holes. In any case I think it would be better for that machine to remain on the customers wifi - it is a less delicate system than our dining room point of sale system, as well as less critical to operations. I will see if I can – KeithMCTS Oct 03 '12 at 17:29
-
create another subnet for it though. If push comes to shove - we still have an ANCIENT apple WEP wireless access point that I will cascade from the cisco router. If the customers don't know better than to do banking on a public wifi network, they've earned whatever gets to them lol - at that point we wont have any large security risks for our stuff - Its not like we give that much of a damn if someone decides to attack our ipod. Again thankyou all, you have given me some good food for thought. – KeithMCTS Oct 03 '12 at 17:36
-
To clarify - this isn't really the way I would prefer to do this - They are contracting me to come in and setup the server - the original deal was to leave everything as it was - on 3 different wirless networks and a mess of patch cables everywhere. I told them I wanted to clean things up a little bit but I am limited to what is already there plus a thousand foot roll of cat 5e – KeithMCTS Oct 03 '12 at 17:56
Don't put customer traffic on your production network, keep the customer traffic segregated to its' own network.
If the router doesn't support DHCP reservations then you'll need to manage it manually. By that I mean you need to determine how many DHCP assigned addresses you're likely to need and configure your DHCP scope (address pool) accordingly. Then use static addresses outside of the DHCP address pool range.
You can use a subnet mask to make number 2 easier. By that I mean that you can configure a network (this is only an example) of 10.1.0.0/16 for static addresses and 10.2.0.0/16 for DHCP assigned addresses. Then there's no mistaking what is statically assigned and what is DHCP assigned.
- 109,901
- 6
- 81
- 172
-
Gah. You're right. I forgot about the customer traffic in that wall of text. Frankly, I wouldn't be happy without VLANs in that situation. – Magellan Oct 03 '12 at 05:29
-
Agreed, although I think the fact that both devices are routers (I'm assuming with built in firewalls) mitigates the need for VLAN's. Customers should be behind one router and the production equipment should be behind the other. – joeqwerty Oct 03 '12 at 05:31
-