Please assist on simple networking question.

Hi Everyone,

I got opportunity to setup network for 120 users in a office. They gave me 5 manageable switches with each 48 ports. 2 switches are Dlink and 3 are Dell powerconnect 5548.  I connected all switches and made star topology as attached image along this question.

From these 120 users only 15 users would use downloading and video streaming rarely not daily. others would only use web browsing and email checking.

My questions as follow :-
1) I have connected all switches with Ethernet ports even stacking facility is available. Is right to connect two switches with ethernet port?
2) Will ethernet port bear all traffic or do I require stacking ?
3) Which router I should use at gateway. I need router which support URL filtering and VPN feature.  I heard cisco routers have this features.
4) As in figure, Two Dell switches in middle configured by me, When I connect any laptop/desktop to these two switches then arp response from router come late takes 10-15 seconds. But on others switches arp response comes quickly as they pre-configured already by someone else.

What I configured on these two dell switches as follow ?
a) Just assigned ip address and gateway to it.
b) just enabled spanning tree button from web interface
thats it, Do I need to configure something else also ?

Looking for help.
network.jpg
LVL 10
Ashok DewanFreelancerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

pgm554Commented:
Any particular reason you are using separate subnets?
If security is not an issue,then stacking 3 of the Dells and using one subnet would simplify things as crossing subnets complicates things.
Do you have a file server in the mix?
If it is a M$ server of some sorts ,have it do DHCP and DNS and skip the router doing it.
As for routers ,I would look at a UTM appliance like a Watchguard or Barracuda fire wall with a subscription for malware filtering and such.
0
nociSoftware EngineerCommented:
Rule 1: keep it as simple as possible.., but don't over simplify.

@1: Stacking mostly only works within one supplier and not across suppliers. (and within a supplier not always across all platforms). So leave stacking out.
You don't need spanning tree, try to use the fast converging ly one if you do.
make all ports fast forwarding ports. That will make it usable immediate after connecting a cable or turning a device on, and not delay for few seconds
Placing & dividing devices (switches) is primarily a function of how this is distributed through your building. [ physical layout ].

@2: ethernet will do, if you find you need more capacity
between switches try Trunking two lines together.

@3: i have good experience with zywall USG firewalls.

@4, seems sound enough. The connections between the switches can double up.
And choose one DHCP source, a firewall router/gateway makes sense.
That may not update a DNS server though, for internal lookups.


@pgm554, afaict this is a single subnet.  And more is needed about physical topology.
If this is one floor in a building yes your option may work. If this is in 4 floor or four separate buildings on premisses then the picture shows a better layout.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
aleghartCommented:
1) I have connected all switches with Ethernet ports even stacking facility is available. Is right to connect two switches with ethernet port?
--Use gigabit ports. Two in a LAG would be better.

2) Will ethernet port bear all traffic or do I require stacking ?
-with mix/match of hardware, and you now knowing what to do...skip it.  It does make management easier, but harder to replace when you don't have identical/compatible hardware to fit into the stack.

3) Which router I should use at gateway. I need router which support URL filtering and VPN feature.  I heard cisco routers have this features.
--Routers are not content firewalls.  Some router will do this.  Some will also handle VPN duty.  Best to understand your requirements.  One or two remote VPN users? (Almost any modern router/firewall appliance can handle this.)  Site-to-site with continuous traffic flow? (Know your throughput first.)   A hundred remote users? (Get a VPN concentrator separate from your router.) What speed internet connections do you have?

4) As in figure, Two Dell switches in middle configured by me, When I connect any laptop/desktop to these two switches then arp response from router come late takes 10-15 seconds. But on others switches arp response comes quickly as they pre-configured already by someone else.
--How does the other Dell switch config differ from yours?


--Also...ditch the 192.168.1.0 network address.  It just screams 'amateur'.  If you really want to keep it limited to a single /24 network. there are thousands upon thousands of network addressing schemes that will not interfere with split-horizon VPN clients, and site-to-site tunnels.  192.168.0.0 is another problem subnet.

Even something as simple as 192.168.222.0 will eliminate problems with 99.9% of all the other small businesses and home networks out there.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

pgm554Commented:
My take is you have 144 available ports with the ability to stack via fiber if you have separate buildings.
More than enough for your user needs.

Using the Dell switches let's you use one utility to manage them all and not have to worry about another app to manage the other switches.

As for replacement in case of a failure ,most high end switches have a lifetime warranty with a hot cross ship option.
I could live with a non compliant stack for 24 hours ( although Dell says they are compliant with the big boys).

I used 3com(Dell) switches and they cross shipped no credit card required in 24 hours for defective switch.
0
aleghartCommented:
Stacking is different than trunking or uplinking via crossover.

Stacking makes one switch the master.  That single IP address is used to manage the master and all member switches.

Stacking cables are usually proprietary, and do not resemble network connections.

I'm pretty sure stacking across manaufacturers/OEMs,  and trying to do it over Ethernet frames is impossible.

I could be completely wrong.  But I've always used proprietary cables supplied by the OEMs:  Netgear, HP, Cisco.
0
pgm554Commented:
Those Dell switches can use fiber or hdmi to stack.
Most of the newer gear is starting to standardize on hdmi for stacking from what I see.

http://jackstromberg.com/2013/01/stacking-with-the-dell-powerconnect-5548s/
0
aleghartCommented:
If the switches are co-located, the HDMI stacking arrangement will allow 10Gbps links between the switches.

Create a LAG of 2 or more ports from the Dell stack to Dlink#1.
Create a LAG of 2 or more ports from the Dell stack to Dlink#2.

Connect the router to the Dell stack.  If you get a capable router/firewall, use a LAG.  I know Sonicwall NSA (35/3600+) will do LAG with current firmware.  I'm not up to date, so I can't show it.  Look here.

If possible, spread each LAG across multiple switches in the Dell stack.  That way, you don't have a SPOF by landing the entire LAG on the same switch.  The 5548 should treat different switches the same way in a stack.  So LAG Sw1Port1, Sw2Port1, Sw3Port1 into a portchannel/LAG #1.

Uneven numbers may result in unequal session distribution.  With Cisco, even distribution happens with 2, 4, & 8 ports.  That may not matter in a low-volume environment.
0
Ashok DewanFreelancerAuthor Commented:
Thanks you so much to all

Thanks aleghart for letting me know about stacking.
Thanks noci :- Once I enabled portfast service then everything works fine, no more delay after connecting cable to laptop. You are right STP may not required.
You saved my time because my main part is infosec and I forget switching commands.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.