Solved

Network overhaul

Posted on 2009-07-09
5
203 Views
Last Modified: 2012-05-07
I'm contemplating a network overhaul

I administer a small office network of 20 PCs and some remote PCs. Files are shared on a single WinXP shared folder. Users are frequently in and out of the office so active internet use would be up to 12 of those PCs at any time.

You all have different experience, so feel free to comment on possible scenarios and ideas&even ones beyond my specs.

What I want:
1. Increase daytime internet speed & accessibility
2. Overall suggestions on how to improve the network

These wants could include:
- Load balancing over two internet connections for outbound web traffic
- VPN - this might be nice to replace evening ftp transfers
- Perhaps Bandwidth Bonding, such as Mushroom Networks BBNA, of the T1 and ADSL
- Perhaps a proxy server to cache locally?


Here are the current specs:

Internet access:
  T1 (fairly reliable)
  1.5Mb ADSL line (on different provider, used as fallback)

Hardware:
  The current router is a Netgear FVX538 with load balancing. Need to replace, it randomly freezes. Also auto-failover has a 3 minute delay.
  Two 24-port gigabit switches
  WinXP Pro as "file server"

How internet is used:
  Normal download/browsing traffic during day
  Sporadic heavy daytime ftp uploads one day per week
  Kerio email server is hosted on T1 (spam is filtered off-site, so only real email reaches server and attachments arent very large)
  Nightly online backup (so as not to slow down daytime user traffic)
  Evening ftp file transfers < 300MB to the shared WinXP folder
0
Comment
Question by:mwyatt
  • 3
  • 2
5 Comments
 
LVL 8

Accepted Solution

by:
stefanx earned 500 total points
ID: 24818543
If this were my Network, I'd hook up a somewhat beefy Linux machine to the two lines and the LAN  and let it act as load balancer, firewall, proxy and all the other servers (ftp, mail, samba and VPN). I'd also get an offsite server to act as rsync server for the nightly backup - maybe a cheap VPS or an entry level Celeron dedicated server, or use the FTP space of a backup provider. Rsync is nicer because it is a real incremental backup - it will even transfer only the parts of files that have changed when backing up, something you don't get with FTP. On top of that I'd configure the Linux box with traffic analysis  and shaping control to get a grip on the LAN PC's so that you can see exactly who is hogging the bandwidth and do something about it if it happens.

Of course, this all assumes that you are familiar enough with Linux to set it up, configure and maintain it, which, without meaning to sound patronising, doesn't quite seem to be your line if I look at your EE profile :(. I'm not a windows flag-burning zealot that thinks Linux is going to take over the world (at least not yet ;), but I cannot deny that, in my experience, it works as a really good stable solution in situations where you are cost sensitive and where the network does not have a Windows domain controller.

That's just my 2c worth, and make no mistake, the Linux learning curve to maintain this is typically not trivial, especially when things do go wrong. But it is what I would do, have done for quite a few clients and run at home myself.
0
 

Author Comment

by:mwyatt
ID: 24823578
stefanx,
Thanks - If I were to follow the Linux route per your suggestion which distro would be a good fit for the `novice`?  Any downside to having all eggs in one Linux basket?

Any benefit to an appliance handling load balancing, VPN and firewall instead?  One of my wants is to bond or aggregate bandwidth, that is, combine speeds of two or more disparate providers (something like BBNA at Mushroom Networks).
0
 

Author Comment

by:mwyatt
ID: 24885951
Any additional comments?
0
 
LVL 8

Expert Comment

by:stefanx
ID: 24886245
Whichever Linux distro you are comfortable with Mwyatt. Probably one of the mainstream ones like Ubuntu or CentOS although any one will do if you know it well enough.

As for the load balancing, that's pretty easy to do with the iproute2 packages, and it is also fairly well documented in something called the Linux Advanced Routing & Traffic Control Howto, but that is more load balancing and not channel bonding. The only way to channel bond, i.e get a single download at the sum of all of your lines' speeds, would be if you controlled the other end as well, or if your ISP supports channel bonding. That why the Mushroom Appliance talks of a bonding subscription - they use your Internet links to connect to them and they get the traffic on your behalf, split it up amongst your lines and get it to you. Or, where possible, they use the same concept of an HTTP accelerator to download an HTTP download over multiple connections by asking the HTTP Server for partial content multiple times. What's inside the Mushroom Device? - probably and embedded Linux anway.
0
 

Author Closing Comment

by:mwyatt
ID: 31601813
Well, I had hoped for additional input from others to see other possibilities (even something outside the box) but what I got from stefanx is definitely worthwhile.  I will integrate some/all of these current suggestions and comment back here -- hopefully providing help for someone else in the future.  Thanks!
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now