What's new
By:
Filters
ClioSport.net

Register a free account today to become a member!
Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • When you purchase through links on our site, we may earn an affiliate commission. Read more here.

Network design/planning



Macester

Macester

  185lb/ft dCi
network design/planning

looking to rack a few of your brains this morning...

So i've got this network:

• Management: 35 employees including one manager per department
• Human resources: 15 employees
• Finance: 18 employees
• Marketing: 8 employees
• Design: 225 employees
• Development: 300 employees
• Quality assurance: 38 employees
• Computer Network services: 15 employees
• Library: 6 employees

and need to make a list of devices and things that will be needed.

Management: one 36 port switch
Human resources: one 24 port switch
Finance: one 24 port switch
Marketing: one 12 port switch
Design: five 48 port switches
Development: six 48 port switches and one 12 port switch
Quality assurance: one 48 port switch
Computer network services: one 24 port switch
Library: one 12 port switch or even 6 port.

Does that sound alright to you network managers? also vlan's i would be right in thinking you can set them up even on the lower port switches? like the 12 ports? as long as they are cisco..

just looking for abit of your experience really.

thanks alot
 
Last edited:
M

McBunny

personally id need ALOT more info than this before i could really comment need to know teh physical layout etc workloads is there any applications that need guaranteed response times what are teh servers connecting too do they need multipathing etc


as for vlans you need a managed switch usually doesnt need to be cisco hp do some very good stuff too
 
M

Mot!

  Go cry to your momma!
Same as McBunny really.

I'd consider putting the printers on their own vlan and to each floor/building/office I'd run fibre, even if you don't need it now, do it for future proofing..

You could also look into VOIP..
 
D

Dafthead

ClioSport Club Member
  MB EQC
You really need a physical layout of the building, do you have an estates dept? Scan the seating plans up here.
 
Macester

Macester

  185lb/ft dCi
well fellas,

The building layout is up to me, i have 2 buildings which i have to put this whole network in(this is an assignment, not real life btw)they are seperated by a river, and i'm thinking fibre through the air could be the way to go for connecting them both up(no digging, flood damage etc), these buildings are also in the middle of a nature reserve park.

Floor plans, like i said, i have to make these up to, so will knock some up in visio. but how many computers can you get in a whole room, like the biggest derpartment which is development has 300 employees, how many rooms should i split these up into? as long as i can reason my decisions i can do what i like.

with regards to application usage i have to make assumptions again but i would guess design, development and network services are going to be the most application intensive, however human resources and finance are probably going to need the best response times.

thanks for your advice so far
 
M

McBunny

will it be running sap lol

tbh these projects are just b****cks put 10gbe to every machine just for the hell of it
 
Mike_182

Mike_182

  Better than yours. C*nt.
What?

There's very little detail there and nothing telling me that you shouldn't just run a big chassis with a load of cards in it! Nothing clever - there's not enough people there on that list and no need for any segregation that you've given!
 
M

McBunny

exactly only reason for 2 switches is the fact its in 2 buildings so its more than 100 meters from the switch to the desktop


hence i said these projects are b****cks lol
 
Macester

Macester

  185lb/ft dCi
the buildings are 500 meters apart, i would show you the scenario but the vle is currently down, surprise frickin surprise!

Basically i have been given the 2 buildings, and the number of employee's(which i stated earlier) all needing their own desktop computer. printers have to be 1:25 ratio for the number of people.

So i have to assume everything pretty much.

As they all have to be in different rooms thats why i was going to run seperate switches? i didn't think you could get much bigger than 48 port switches no?

from these switches i was going to connect to a second layer of switches (preferably switches that can route ip traffic), just for vlan traffic and local subnets. then from these switches go to the router for that building. sound ok?

and yeah there are some servers going to be deployed, email, web, file, application and backup, which will all be located with network services yeah? obviously they would need offsite backup too

what other information would you need to know?

I've got to design all the security policies, performance management/monitoring all that drama, but that can come later.
 
Mike_182

Mike_182

  Better than yours. C*nt.
Two chassis, 2x 10Gb fibre between the two. That little lot shouldn't need a million subnets - just use a Class B and have done. Don't need routing between them, you're only looking at a few hundred users - not a few thousand! LOL!
 
Macester

Macester

  185lb/ft dCi
what do you mean by two chassis? routing racks? for the fibre, would an FDDI link be sufficient enough, or were you thinking something different?

i know its not huge and i could just whack them all on the same subnet but they are trying to get us to consider networking issues like i said security, performance etc..

this is meant to be a 20 page document excluding diagrams, not 2 pages lol
 
Mike_182

Mike_182

  Better than yours. C*nt.
Security and performance on a 400 user network? Which consists of staff I assume, in it's entirety?

Just whack a couple of Cisco 4500-E chassis' in with both supervisors, a set of sufficient 48-port 10/100 line cards, a pair of 10/100/1000 line cards for your servers and a pair of X2 line cards for the 10Gb chassis links. Even that is obscenely overkill - you could just stack 3750v2s for the list above!

If you need security on it, look at 802.1X or IPSec encryption to protect the data. A VLAN won't save you from a hacker.
 
Macester

Macester

  185lb/ft dCi
yeah just staff, but you never know inside jobs an all that...

for security it won't just be vlans, but access control lists too using wildcard masks, thats why i needed different subnets.

like you said i will split network services up into both buildings, as if something goes wrong they will need to sprint 500 metres to find out what it is lol do you think its a good idea putting all the servers in one building too or would it be best to put some with network services team 1 and network services team 2?

I'll have a look into that cisco chassis, thanks for help both of you
 
Mike_182

Mike_182

  Better than yours. C*nt.
I'd just have a flat subnet - you're asking for an impossibly difficult to manage infrastructure here! Rule number one of networks is if it needs to do nothing intelligent, don't make it complicated. You've not got guests (and TBH, that lot could do it anyway!), you've not told us that each department only has one server or something daft like that, so I'd just use NTFS permissions (or equivalent) for files, AD groups for anything like Sharepoint/OCS/Exchange/Whatever and at most use 802.1X and a NPS server to authenticate machines that people are plugging in. Anything else is just overkill for a SMB. If you had completely different companies or legal bodies, I'd possibly entertain the idea briefly but it sounds like you want to get fancy when it doesn't need it - and you'll regret it when it goes wrong.
 
Macester

Macester

  185lb/ft dCi
well the number of machines needed that i've given you, are already future proofed. they wanted us to cope with a 50% expansion in 5 years, and they are numbers which i have come up with.

I also have to do the positioning of devices, after having a think, my first post was pretty silly having different sort of switches for different rooms ( i was thinking the switch should be in the same room) however if i just stick a comms room in there, and have a fair few 48 port switches, that should be able to manage the lot. then have a switch one layer above these which in turn goes to the router for that building. I can route all the cables through the roof.

i know what your saying about keeping it simple as possible, i'd love to, but i'm sure i haven't sat through a years worth of lectures on network design to keep it brief. I will have a think about subnets, but i'd need wildcard masks on the router and doing that would definitely mean different subnets.
 
Mike_182

Mike_182

  Better than yours. C*nt.
There's nothing stopping you 'grouping' but using a Class B. The plan you've outlined above makes your technical penis huge, but you've got a massive single point of failure. Why you'd have a router plugged into those switches also is beyond me...

Try to spend less time and money on the technical aspect, and more on infrastructure. We've all sat through weeks of lectures of how to make Fort Knox look like your bedroom, but the reality is very different - it's all about finding the right balance!
 
Macester

Macester

  185lb/ft dCi
Its not about getting a huge technical penis, its about getting the marks

Router ------------------------------- Router
| |
Switch Switch
| |
Switch - Switch - Switch etc Switch - Switch - Switch etc

that would be the layout. what do you see wrong with that? I don't understand how having a router plugged into the switch is a bad thing? its got to be connected up somehow and having a heirachy is the way to go isn't it?

I know there is a point of failure with the routers but thats the case with all networks?


EDIT: well that plan didn't work so i'll knock it up in paint.
 
Macester

Macester

  185lb/ft dCi
network1.jpg


that is the 2 seperate networks for both buildings
 
Last edited:
Macester

Macester

  185lb/ft dCi
well i couldn't put all the switches straight into the router as there will be quite a few of them, so best bet would be to put them into a single switch then uplink from that to the router?

that also means the bottom layer switches can just be 10/100mbps for users and then the switch above them providing 100mbps connections to the router to cope with all the traffic from one switch.

i thought thats how big networks run with a heriachical (sp) structure.
 
Cookie

Cookie

ClioSport Club Member
With your structure you're creating a bottleneck, surely? That and SPOF. Are you planning on running fiber out to the switches, or will it just be copper?
 
Macester

Macester

  185lb/ft dCi
yes fibre to the switches.

I don't understand, there always comes a bottleneck with networks unless they are fully meshed, how would you do it? how would you get around that SPOF?
 
Macester

Macester

  185lb/ft dCi
overkill, hardly, what do you want me to do? have 1 500 port switch which covers everything? thats as simple as i can get it, how would i mesh that? both switches going to both routers?
 
M

McBunny

you need 4 core switches at the head and every other switch needs multiple paths to the parent switches

personally id do 8 switches 2 either side to take the connexions from the desktops but only half fill both so if one fails you can re-patch the users

they then connect to a mesh of 4 switches spanning the gap
 
Cookie

Cookie

ClioSport Club Member
Have they not given you a price point to work to at all? Generally a big factor in what sort of infrastructure you put in is how much money the beancounters let you spend on frivilous Cisco kit
 
M

McBunny

well in that case where are your firewalls ?
you should really have them either side of the link if i was you id put one connection either side for redundancy
 
M

Magic Johnson

  dCi 65 + C2 (<Sold)
Cookie said:
Have they not given you a price point to work to at all? Generally a big factor in what sort of infrastructure you put in is how much money the beancounters let you spend on frivilous Cisco kit
Click to expand...

Agreed. First thing you should always ask (if you've not already been explicitley told) is what your budget is.
 
Mike_182

Mike_182

  Better than yours. C*nt.
So if your router is going into the switches, why the f**k are your 'powers that be' dictating how you should incorporate security into it? First things first you need more than this:

rightraisedhubandphine.jpg


As your 'router/firewall'.

You want this:

ssg140.gif


Or if high availability is a concern, two of them. From there you work out your network. I'll do a diagram later when I'm not in agony to show.
 
Cookie

Cookie

ClioSport Club Member
Nother thing, you've got no provision for a wireless network (both company and one for external guests, with no/minimal firewall cover to the internets)
 
You must log in or register to reply here.

Similar threads

massiveCoRbyn
Pretending to be a Rally Driver (Snetterton Stages 2024)
Replies
16
Views
1K
massiveCoRbyn
massiveCoRbyn
Ray Gin
Sons Of The Forest [PC]
Replies
13
Views
1K
Jonnio
Jonnio
DeeKay86
My Comprehensive Notes from todays Apple Special Event! 8th March 2022. [Mac Studio / Studio Display etc].
Replies
0
Views
1K
DeeKay86
DeeKay86
DeeKay86
Apple "Spring Loaded" Event - 4th April 2021 - My Comprehensive Notes!
Replies
25
Views
2K
CrippsCorner
CrippsCorner
DeeKay86
My Comprehensive notes from todays “Hi, Speed” iPhone 12 Event!
Replies
27
Views
2K
boultonn
boultonn


Top