Network overhaul

Posted on 2009-07-09
Last Modified: 2012-05-07
I'm contemplating a network overhaul

I administer a small office network of 20 PCs and some remote PCs. Files are shared on a single WinXP shared folder. Users are frequently in and out of the office so active internet use would be up to 12 of those PCs at any time.

You all have different experience, so feel free to comment on possible scenarios and ideas&even ones beyond my specs.

What I want:
1. Increase daytime internet speed & accessibility
2. Overall suggestions on how to improve the network

These wants could include:
- Load balancing over two internet connections for outbound web traffic
- VPN - this might be nice to replace evening ftp transfers
- Perhaps Bandwidth Bonding, such as Mushroom Networks BBNA, of the T1 and ADSL
- Perhaps a proxy server to cache locally?

Here are the current specs:

Internet access:
  T1 (fairly reliable)
  1.5Mb ADSL line (on different provider, used as fallback)

  The current router is a Netgear FVX538 with load balancing. Need to replace, it randomly freezes. Also auto-failover has a 3 minute delay.
  Two 24-port gigabit switches
  WinXP Pro as "file server"

How internet is used:
  Normal download/browsing traffic during day
  Sporadic heavy daytime ftp uploads one day per week
  Kerio email server is hosted on T1 (spam is filtered off-site, so only real email reaches server and attachments arent very large)
  Nightly online backup (so as not to slow down daytime user traffic)
  Evening ftp file transfers < 300MB to the shared WinXP folder
Question by:mwyatt
  • 3
  • 2

Accepted Solution

stefanx earned 500 total points
ID: 24818543
If this were my Network, I'd hook up a somewhat beefy Linux machine to the two lines and the LAN  and let it act as load balancer, firewall, proxy and all the other servers (ftp, mail, samba and VPN). I'd also get an offsite server to act as rsync server for the nightly backup - maybe a cheap VPS or an entry level Celeron dedicated server, or use the FTP space of a backup provider. Rsync is nicer because it is a real incremental backup - it will even transfer only the parts of files that have changed when backing up, something you don't get with FTP. On top of that I'd configure the Linux box with traffic analysis  and shaping control to get a grip on the LAN PC's so that you can see exactly who is hogging the bandwidth and do something about it if it happens.

Of course, this all assumes that you are familiar enough with Linux to set it up, configure and maintain it, which, without meaning to sound patronising, doesn't quite seem to be your line if I look at your EE profile :(. I'm not a windows flag-burning zealot that thinks Linux is going to take over the world (at least not yet ;), but I cannot deny that, in my experience, it works as a really good stable solution in situations where you are cost sensitive and where the network does not have a Windows domain controller.

That's just my 2c worth, and make no mistake, the Linux learning curve to maintain this is typically not trivial, especially when things do go wrong. But it is what I would do, have done for quite a few clients and run at home myself.

Author Comment

ID: 24823578
Thanks - If I were to follow the Linux route per your suggestion which distro would be a good fit for the `novice`?  Any downside to having all eggs in one Linux basket?

Any benefit to an appliance handling load balancing, VPN and firewall instead?  One of my wants is to bond or aggregate bandwidth, that is, combine speeds of two or more disparate providers (something like BBNA at Mushroom Networks).

Author Comment

ID: 24885951
Any additional comments?

Expert Comment

ID: 24886245
Whichever Linux distro you are comfortable with Mwyatt. Probably one of the mainstream ones like Ubuntu or CentOS although any one will do if you know it well enough.

As for the load balancing, that's pretty easy to do with the iproute2 packages, and it is also fairly well documented in something called the Linux Advanced Routing & Traffic Control Howto, but that is more load balancing and not channel bonding. The only way to channel bond, i.e get a single download at the sum of all of your lines' speeds, would be if you controlled the other end as well, or if your ISP supports channel bonding. That why the Mushroom Appliance talks of a bonding subscription - they use your Internet links to connect to them and they get the traffic on your behalf, split it up amongst your lines and get it to you. Or, where possible, they use the same concept of an HTTP accelerator to download an HTTP download over multiple connections by asking the HTTP Server for partial content multiple times. What's inside the Mushroom Device? - probably and embedded Linux anway.

Author Closing Comment

ID: 31601813
Well, I had hoped for additional input from others to see other possibilities (even something outside the box) but what I got from stefanx is definitely worthwhile.  I will integrate some/all of these current suggestions and comment back here -- hopefully providing help for someone else in the future.  Thanks!

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
svi stops eigrp advertisement 13 56
IP range 6 58
Question about Buffalo NAS devices 4 47
Simple Fibre Question 6 33
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question