Hi
I am designing a network for a project. There is a HQ and a branch office.We were recommended to use the hierarchical model.The HQ is spilt over 3 floors with 280 end users with wifi for 30 quests. The branch has 832 end users spilt over 3 floors as well. The router in the HQ will be connected to each distribution switch in the branch.I have enclosed my HQ design.The Branch will be similar to floor 2/3 of the HQ just with more access switches and end users on each floor. Some feedback would be much appreciated
OK, you mentioned a need for 280 users... how many per floor? Do they need wired or wireless or both? If both, how many wired/wireless? Do you need to support voice VLANs or only data? Is there a need for Internet access?
Why do you have servers directly connected to the router? That seems... odd...
those poor little 3560's connected to the router will surely get overwhelmed with user traffic with the other floors traffic running through them.
What happens when this link goes down?
(http://i.imgur.com/tAr4gf6.png)
Quote from: SimonV on October 27, 2015, 02:36:51 PM
What happens when this link goes down?
(http://i.imgur.com/tAr4gf6.png)
:kramer:
OH SNAP THAT WOULD BE BAD
Also moved the topic to a better part of the forum...
Now that I look at it more closely, there are quite a few ports that are down/down... those servers are going to be very, very secure.
There would be 46 on floor one and 117 per floor on 2/3(Planning on using 48 port switches on the access layer).
They have to be wired connections.
I used VLSM to separate traffic for data and voice. Would you recommend putting the servers on the distribution switches.
On connecting the distribution switches on Floor 1 to 2/3, I was going to connect each of them switches to each other so if one went down the other would kick in then .
On the ports being down. It does not have to implemented, just a logical design of the network.
I have enclosed my logical design for the Branch Office for some further feedback.
Servers should be on their own access switch, there will be lots of traffic going to them.
Does this look correct ?
There's still an issue of needing redundant links between floors. You have a mesh setup on a floor, but only one link between floors. There should be two lines from 1 to 2, 1 to 3, and 2 to 3.
Is this the way you recommenced the linking of each floor.
Floor one to floor three connections still needed.
Think this is close enough to my finished design now.
LOL good god....
some help be much appreciated
We shouldn't just be telling you what to do. You shouldn't just take our word for it either. You should explain your thought process and weigh the pros and cons.
Ok, so first, let's talk HQ-to-Branch:
- You've got redundancy everywhere, but not at your network edge (the router connecting your HQ to your branch). You'd probably want two routers there unless you're constrained
- Right now you're treating all the floors as one big entity from the network perspective. In my opinion this is not good. I don't know how to word this without giving away the answer, but how do you think you could break up those floors into discreet, more manageable networks instead?
1.There is no constrains on this design.
2.I have used VLSM to spilt up the network for each department to have data and voice.The HQ will have 140 employees with a VOIP phone and desktop spilt across 3 floors. As for the branch it has 2 departments ( one with 236 and the other with 180 employees ) joined together spilt across the 3 floors.
Quote from: TheBigDog on October 27, 2015, 06:02:08 PM
1.There is no constrains on this design.
2.I have used VLSM to spilt up the network for each department to have data and voice.The HQ will have 140 employees with a VOIP phone and desktop spilt across 3 floors. As for the branch it has 2 departments ( one with 236 and the other with 180 employees ) joined together spilt across the 3 floors.
1. Ok, so then I'd go with two routers. You don't want any single points of failure.
2. Ok.... that's not what I was going for... how can you PHYSICALLY break out that huge network of three floors into separate, discreet networks that will be easier to manage?
1: So the second router would just act as an redundant one until the other router failed ...
2:By using a patch panel ? I really think I should know this answer but unfortunately I do not !
Quote from: TheBigDog on October 27, 2015, 06:20:33 PM
1: So the second router would just act as an redundant one until the other router failed ...
2:By using a patch panel ? I really think I should know this answer but unfortunately I do not !
1. Yep, or could be active/active depending on configuration (I think - it's been a while)
2. Nope. What if you had enough access switches on floor 2 and 3, and then just ran those access switches to distro switches residing on floor 1 where your servers are? Do you really think you need a pair of distro switches on each floor? How do you determine if they are needed or not?
EDIT - Also what's your reasoning for directly interconnecting all the floors?
Running the distribution switches on floor 1 to the access switches on floor 2 and 3 does make allot more sense than having 2 distribution switches per individual floor. As it would be a waste of space and money to have an extra 4 running per building.Id imagine a layer 3 48 port switch would be best suited then ?
My reasoning for directly interconnecting all the floors was for redundancy purposes
Having a single distribution switch pair for the whole building, however, allows you to have redundancy with less hardware. As it says in my sig, accounting is architecture. You would want to have the most cost-effective solution for this network.
nah dude you are doing good. Most people just want answers without trying.
Glance through what everyone has suggested, then look over your topology and run link by link and kill each one and see what will happen to the rest of the topology.
Then based on your restrictions, interconnect everything in a way that makes sense.
Quote from: TheBigDog on October 27, 2015, 07:05:49 PM
Running the distribution switches on floor 1 to the access switches on floor 2 and 3 does make allot more sense than having 2 distribution switches per individual floor. As it would be a waste of space and money to have an extra 4 running per building.Id imagine a layer 3 48 port switch would be best suited then ?
My reasoning for directly interconnecting all the floors was for redundancy purposes
Wow, this conversation is good for me because it's highlighting just how much I've forgotten about campus... Well, most folks IIRC run their access switches as L2. The default gateway for your hosts/servers are usually on your distros provided by a First Hop Redundancy Protocol (FHRP) like VRRP or HSRP (Not many people really use GLBP to my knowledge).
Redundancy is good, but another thing you need to think about is failure domains. Let's say you had all switches on all floors connected to each other. You allow all VLANs to be trunked between all switches. Now let's say you have a broadcast storm on a particular VLAN on floor 1. What happens to the rest of the network? You want to compartmentalize/minimize your failure domains whenever possible.
Full mesh in that scenario in my opinion is bad for a couple reasons. STP churn being one. Creating a gigantic failure domain is another. Rapidly wasting and running out of ports whenever you add a new switch is another because you're eating up so many ports on inter-switch connections. Trying to understand traffic flow and just general management would be yet another. Redundancy is good, but only where it makes sense. Redundancy should be used to "C.Y.A.", but NOT introduce a ton of complexity or add risk. You want redundancy for high availability, but you still want your network to operate in a largely deterministic fashion.
As a fun exercise, use the formula for full mesh to see how many interswitch connections you would need for that network you provided the diagram for.
The formula is n x (n-1)/2 where n is the number of switches. Then recalculate it after adding a new switch.
Reference: https://johnmcmanus7742.wordpress.com/2009/01/22/calculate-full-mesh/ (https://johnmcmanus7742.wordpress.com/2009/01/22/calculate-full-mesh/)
Thanks for the feedback fellas very much appreciated.
Quote from: TheBigDog on October 28, 2015, 02:30:26 PM
Thanks for the feedback fellas very much appreciated.
Thanks for giving good questions and thoughtful responses. We are here to help anyone that is here to learn!
Quote from: deanwebb on October 28, 2015, 02:57:03 PM
Quote from: TheBigDog on October 28, 2015, 02:30:26 PM
Thanks for the feedback fellas very much appreciated.
Thanks for giving good questions and thoughtful responses. We are here to help anyone that is here to learn!
+1