VLANS

some things on vlans. Never use default vlan 1. The idea is that if you're using VLANs, then you care about what traffic goes where, so if you *really* care, then you want to make sure you direct all traffic. A recommended schema is listed below, and let the default VLAN 1 be a black hole, so if the device isn't configured, then it won't connect and you'll have to get hands on it to make sure it's documented and configured before it gets access.

Someone correct if this is bad.

Possible IP spaces:

  • 10.0.0.0 - 10.255.255.255 (Class A)
  • 172.16.0.0 - 172.31.255.255 (Class B)
  • 192.168.0.0 - 192.168.255.255 (Class C)
Tag Purpose
10 Default Staff
20 Default Wifi
30 Printers
40 Audio/video
50 Guest
90 Management
100 Voip