Help with VLAN Architecture

[NetworkeR]

Hello,
I work in a business sized between 50 and 70 positions and I am asked to find solutions to a new architecture of the corporate network, with bases but not as a specialist. so I have some question for you.
The new network should enable the creation of 5 VLANs:
- VLAN 1 by default not used
- VLAN 2: For Servers (10 servers)
- VLAN 3: Directorate for users (about 10 jobs)
- VLAN 4: Accounting for users (about 10 jobs)
- VLAN 5: for users Hotline (20 posts)
The rules of inter-vlan routing are as follows:
- The VLAN 3 should have access to VLAN 2, 4, 5 and Internet.
- The VLAN 4 should have access to VLAN 2 and Internet.
- The VLAN 5 must have access to VLAN 2 and Internet.

But there are several question which are confusing me.
1. Is this a suitable architecture?
2. Does this architecture will allow me to make the rules of inter-vlan routing preset as above?
3. Does the fact that there have only one physical link (but more logical link (trunk link)) between the router and the switch will not cause performance problems (as many packets via the router either be redirected to another VLAN or to the Internet)?
4. Could you tell me of routers and switches that implements the 802.1Q and allow myself to introduce this kind of local network?
Any help will be highly appreciated.

[Snake08]

Hello
Overall, the architecture is good, I just like to add a VLAN administration to oversee the network equipment (switch, router, firewall). Another thing, the couple firewall / router is required, because you could replace a single firewall.
Another thing for 802.1q link between the switch and the router, I would also link on aggregate 2 ports to make redundant physical link. If a cable or port loose, there will be another to ensure the relay. In addition, the fact of the link aggregate 2 ports you can double the bandwidth of the link. You have only one switch (48 ports) or you use several cascaded switch. If you use several board uses the same manufacturer, it will be easier and especially unless you have configuration problems. For requirements, you take what you want that will supports VLAN, 802.1q for trunking and 802.3ad aggregation for (if you use this option).

[NetworkeR]

Hello
Regarding the coupling firewall / router, it is not fixed. I think some firewalls can act as a router and also implements 802.1q, can you give me names if you have in mind? Otherwise I will look on the aggregation (802.3ad) I think it's important and I do not know.
For cons, I'd like a Cisco router that implements 802.1q and the only ones I found are the Series 2600, 3600, 4500/4700, which are no longer on sale apparently. If qq1 has time to give me a Cisco router that would be appropriate for my needs.

[Snake08]

hello

I think some firewalls can act as a router and also implements 802.1q, can you give me names if you have in mind?

All firewalls are routers. Many firewalls (professional) implement 802.1q and 802.3ad. You can look at Juniper, Firewall-I etc.

For cons, I'd like a Cisco router that implements 802.1q and the only ones I found are the Series 2600, 3600, 4500/4700, which are no longer on sale apparently.

If you are going for Cisco, the current models are 1900, 2900, 3900.

[Big Fish]

Hi,
I do not think you need a router , not necessarily of the trunk between the switch router. For this, you must take a switch that makes the routing level 3, he will be the default gateway. Then you create more VLAN interconnect between your switch and your firewall or there are firewalls or you have more ports in the LAN. So you can dedicate a VLAN port.

[Milton.J]

Hello,
I am not an expert on network, I just give information as part of an article VLAN:
Types of VLANs - Several types of VLANs are defined by the criterion of switching and the level at which it occurs:
1) VLAN Level 1 (also known as VLAN port, English Port-Based VLAN) defines a virtual network based on connection ports on the switch.
2) A VLAN Layer 2 (also called MAC VLAN, VLAN IEEE address or MAC Address-Based VLAN) is to define a virtual network based on MAC addresses of stations. This type of VLAN is much more flexible than the VLAN port because the network is independent of the location of the station.
3) A VLAN level 3: there are several types of VLANs Layer 3
1. The Network Address-Based VLAN associated subnets according to the source IP datagrams. This type of solution provides great flexibility since the configuration of switches to change automatically when moving from one station. In return for a slight performance degradation can be felt as far as the information contained in the packets must be analyzed more finely.
2. The Protocol-Based VLANs to create a virtual network protocol type (eg TCP / IP, IPX, AppleTalk, etc..) Bringing together all machines using the same protocol in the same network.
I hope this will help in some thing for your project. Best of Luck