I manage a small office (12 or so users), but our network is relatively big - 150 devices, spread out over 6 large buildings. 3 of the buildings are interconnected with multimode fiber, 3 via point to point wireless. Building 1 is connected to the internet, building 2 is connected to building 1, building 3 is connected to building 2, buildings 4 and 5 are connected to building 3... you get the idea.
Most everything is in one great big flat class C subnet, with a Cisco/Linksys RVS4000 firewall connecting it to the internet. One of the six bulidings is already on a separate subnet, also with a RVS4000, because it was originally connected via IPsec VPN, before we replaced the VPN with a wireless bridge. So it's working nicely now, with static routes to the other big subnet.
So, right now there's basically no redundancy; if building 1 goes down, then buildings 3-6 are also going down. I also know that I'm losing some performance simply having everything lumped together like that. It hasn't been an issue up to now because our traffic isn't very performance-intensive - M2M, HVAC systems, access control...light office work like printing, email, and web use. We use VOIP, but it's currently on the same VLAN as everything else without any QoS rules or anything like that. Our biggest bandwidth hog is surveillance video, but like I said, it hasn't been an issue. Yet.
Anyway, I'm trying to reorganize things before performance does become an issue and I'm trying to figure out how best to do it. A friend and mentor of mine recommended Cisco 1921 routers and EIGRP. I've got a little Ubiquiti EdgeRouterLite that I've been experimenting with for OSPF. My main goal is building in some redundancy. To that end, I will be putting in some more wireless bridges and running some new fiber this year. And yeah, improved performance would also be nice.
So, the questions.
1. How much should I chop things up? 1 subnet per building? VLANS for voice, video, m2m, desktop and office traffic, etc? I want things to be discrete and secure, but I also want things to work, and I want it to be comprehensible to a new person if by some chance I get a promotion or get hit by a bus or something.
2. My switches are kind of a motley crew: Cisco, HP, Signamax... All are "managed" in some way; some have layer 3 functionality, some don't. The "best" ones are Cisco SG300 series, although at present we aren't using much of the advanced features. Also, I've heard anecdotally that Cisco SG switches become less stable when you start getting fancy with vlans and routing and such and that I should get Catalyst (this was from the same friend who recommended the 1921 routers - he has a much larger operating budget than I do). So it would be nice to get all new catalyst switches, the fact is that's not happening this year. If I'm spending money, should I be spending money on better switches or should I let the switches just keep doing layer 2 stuff and spend money on routers instead?
3. Routing protocols: I know a little bit of the theory about how RIP and OSPF and EIGRP work. I've also heard a lot of horror stories about trying to get them to work as intended. Which would be best for this particular situation?
Anyway, let me know what you think. There's kind of a lot of separate things going on here. But perhaps someone else can learn something useful from my big overgrown home office network.