Solved

Assistance with Network Design Layout (Simplistic L1-L3)

Posted on 2012-04-10
6
501 Views
Last Modified: 2012-06-21

Reason for help:

I work for a small school district and I believe it has come time to re-visit our network design.  The current design was implemented roughly 10yrs ago and has worked fine until recent technologies have been introduced (wireless, virtualzation for desktops and servers, and an increase in the number of additional physical devices).

I'm interested in a reconfiguration to reduce broadcast zones, improve security, and reduce the load from what is currently our "core" switch.  I'm seeking professional opinions.

Historical Info:

As it stands now, (see attachment: currentnetworkconfig.jpg) the network is mainly 3 physical sites, with 4 routed (/24) flat networks.  (Networks E- J are VDI implementations which are non-routed /24 networks in their own VLAN).

Originally each Subnet A-D was setup to be (/24) networks to have a mix of servers, desktops, wireless, and printers all smashed into their respective single flat networks.  (Network's A&D were two physical sites before a construction project merged them to 1 physical site, but the 2 logical networks remain.)  The networks within each subnet were expanded through use of un-managed switches and hubs (*gasp*) to meet the needs physically.  Each network carries a load of roughly 150 devices.  

Site A is connected to the WAN via an 8mpbs connection.  Sites B&C are connected to Site A via a VPN tunnel (8mpbs) through the ISP.

As for me, I passed the CCNA exam roughly 8yrs ago, so I'll nod when you are throwing out terms, but in reality I'll be flipping the old textbooks in order to keep up logically.  I know networking basics, but pardon me if I flub a term or two.

Proposed Network Design:

See Attached: newnetworkconfig.jpg  I can fill in details if needed, but I thought this would get things started.

Something to note we are the recipient of a huge local fiber build out which will bring 1gbps to each of our sites.  So inter-site communication will drastically improve, and thus will the load on the core.

What I'm looking for:

- Opinions with the proposed design layouts.
- If the 3750 is appropriate to perform the routing / intra-vlan switching?
- Can the 3560 listed in Site A maintain potentially 9+ vlans for up to 300 devices?
- Should I stay with eigrp?

Secondary Questions: (probably better in another question)
- Ideal placement of Microsoft DCs for DNS / DHCP?
- Suggested network monitoring tools?  (NMIS? Orion?)
CurrentNetworkConfig.jpg
NewNetworkConfig.jpg
0
Comment
Question by:irishmic33
  • 2
  • 2
  • 2
6 Comments
 
LVL 17

Assisted Solution

by:TimotiSt
TimotiSt earned 250 total points
Comment Utility
Hi,

In my opinion:
- the 3750 might be overkill, the 3560 of site A should be enough as a core switch.
- I'd use /24 subnets, because:
  - subnet math is easier, if you ever get a novice network admin,
  - private IP space is free, why conserve it,
  - expanding subnets is more pain, if a /28 ever gets too small for example.
- I don't quite see why you need EIGRP or any routing protocol at all: this looks like a typical default route case, except for site A.

- I'd place a DC in site A, since it seems to be the most stable place in the topology, or
- depending on use, place on DC in every site, to conserve the WAN bandwidth. DFS and replication is nice in these cases.

Tamas
0
 
LVL 10

Assisted Solution

by:mat1458
mat1458 earned 250 total points
Comment Utility
- Opinions with the proposed design layouts.
My question is why you introduce the 3750 anyway. The 3560G is the same type of switch. In my opinion it would rather make sense to have the 3750 in site A sou you could gradually stack more 3750 to it and get rid of the hubs.
- If the 3750 is appropriate to perform the routing / intra-vlan switching?
Yes, generally spoken. But the IP Services Image on the 3560 would be sufficient as well.
- Can the 3560 listed in Site A maintain potentially 9+ vlans for up to 300 devices?
Yes.
- Should I stay with eigrp?
If you know it and you're happy with it I see no reason to change.

Secondary Questions: (probably better in another question)
- Ideal placement of Microsoft DCs for DNS / DHCP?
DHCP probably somewhere in site A since most of the traffic will be from there. If you don't have short lease times there is no need to have another DHCP server. The DC/DNS in my opinion should be at each site.
- Suggested network monitoring tools?  (NMIS? Orion?)
Orion I don't know, NMIS is ok, WhatsUPGold or Nagios might be other tools to look at. It depends really on what you want to pull out of the tool. If you can spend a bit of money Statseeker might be interesting for you as well for trending all ports.
0
 
LVL 2

Author Comment

by:irishmic33
Comment Utility
Thanks for the replies.

- Reason for the introduction of the 3750 is because I have a gut feeling that 3560 as the core switch is becoming stressed.  I do not have port monitoring enabled to prove it though, I'm just staring at solid link lights at times.  Then if site B & C grow and bandwidths increase it made me nervous.

- I've attempted NMIS, but I've had trouble keeping it stable.  I'll look into the other suggested applications.  Cost is important as we are a school district.  I currently have up/down monitoring through a mix of Spiceworks and HPSIM, but lack port monitoring for saturation alerts.

- I knew this was simple and I'll keep things /24.  You're right, no need to strangle networks.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 10

Accepted Solution

by:
mat1458 earned 250 total points
Comment Utility
3750 vs. 3560: you change apples with apples. the switches are the same hardware, the only difference is the stacking option in the 3750. And form a performance point of view I wouldn't be worried. The 3560 is a switch that is built for switching at wirespeed so as long as you do not saturate your links for longer periods of time you won't be in trouble. It's the ASICs that do the work, not the processor of the switch for the most part. Your network is simple enough that the switch processor should have a pretty calm life.
0
 
LVL 17

Assisted Solution

by:TimotiSt
TimotiSt earned 250 total points
Comment Utility
Just to check out the daily life of the main 3560, you could do a simple MRTG install on a linux/unix/whatever box, and monitor it for a few weeks. That should display all normal/backup/other traffic. And even if the backup jobs saturate the links at night, it might not be a problem, as long as it finishes during the backup window.
0
 
LVL 2

Author Closing Comment

by:irishmic33
Comment Utility
Ok, great.  Thanks for the peace of mind.

I'll focus on finding a monitoring tool for port monitoring and see the loads.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now