Network Architecture

12K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts

We have been asked to deploy on premise mail server for which we are planning to go for zimbra network but before to that we have to design the network,  though this email server will be working for internal within main office and branch office as it is connected in mpls network but we also would like to send and receive mails to external domains following measures to be taken
1. if our server or internet goes down the sender mail should not get lost for us once the server or internet gets restored the mails should be delivered to our emails accounts.
2. our domain and ip reputation should be always good so that our messages gets delivered to the inbox on the recipient email
please suggest on how our email server to be configured have internal dns server and make it work as normal email server and for external we have to avail SMTP RELAY service with some service provider please suggest is this correct if not please suggest what service we have to avail for external email delivery with email security will be taken care.
0
Keep up with what's happening at Experts Exchange!
LVL 12
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Dear Experts

to setup new office what IP addressing is recommended as it is common to use 192.168.1.0/24 but I would like to go for something different and this network will have to be get connected over the VPN from other location and they may be using 19.168.1.0/24,  this new network yet to be setup will have internal dns and dhcp and leased line and mpls connectivity. the total users or end devices within this network will not be more than 75, I prefer other than 192.168.1.0/24 is there a recommend/best  practice in selecting a particular ip addressing for private lan network please suggest,  is it good to go with 192.168.0.1/24 or something like 192.168.100.0/24 or any other ip addressing recommended please suggest.
0
I have noticed on some Aruba wireless controllers the spanning tree is disabled.  Is there a reason to disable a spanning tree on aruba wifi controllers or on any wireless controllers?
0
How to combine two subnets?
AM  Volunteer IT for church.  Have one wired network, one server (W12 running DHCP) on 192.168.0 subnet mask 255.255.255.0 with printer/copiers wired workstations connected thru POE switches to Zxyel Firewall/switch to Comcast.  File sharing and SQL databases on server.  Zyxel also splits off to VIOP phone system. Originally had some Dlink routers acting as Access points for wireless (worked, but campus not fully covered).

Independently, another volunteer got approval to purchase campus wide wireless.  Third party installed Ruckus wireless POE units (10, one a controller) on subnet 10.59.0 subnet mask 255.255.255.0 running separate DHCP for wireless side (one workstation is also connected to this subnet).  All Dlink routers were removed. Supposedly inherent to the Ruckus system is health checking and repair/restoration of the Ruckus access points without human intervention.  I have no manuals or training on the Ruckus wireless system.

Needless to say, workstations (wired or wireless) on one subnet cannot see across the subnets. i.e. file explorer does not show machines on other subnet and visa versa.  Found that if I enabled WINS on the 10.59.0 systems, I could then address the server by manually entering servername i.e. \\servername\sharename.  Believe there are issues of getting to SQL databased from a wireless workstation as this week had to connect a wireless laptop via ethernet to setup an application using a SQL database.  There was a…
0
I'm looking for reference information regarding network connectivity into Microsoft Azure cloud environments for organizations starting to consider cloud/IaaS migrations. I'm familiar with the high-level concepts (Azure vNets, ExpressRoute, etc.), but am specifically looking for guidelines, and maybe conversation points for customers asking about network requirements for initial and possibly longer-term cloud investment.

Let's assume the customer already has redundant, high-speed Internet connectivity, and is (again) looking for input regarding how a migration plan to Azure would look like from a network perspective.

Thank you
0
If you have two Internet feeds with BGP attracting traffic to your site and one goes out - should that interfere with ongoing uploads?
Say I had 200 uploads via sftp to my site. Provider A does some maintenance but Provider B stays up. Traffic load drops to 50
uploads. Since the connections are TCP/SFTP I would think they would just pause and then continue once the available path became
available. Or is it the case that the reconvergence/hold down timers are likely just too long to keep most of those conversations
alive?
0
I have a (hopefully very simple question) regarding routing in a hyper-converged environment. In the simplest form, let's say we have a single HC node (HyperFlex, SimpliVity, etc.), and the VMs being hosted on this node are within a typical Web/App/DB hierarchy - so, all in different VLANs/subnets, virtual firewalls in-between, etc.

Given the above, would communication between the different tiers (W/A/DB) require exiting the HC node to an external routing device, or would the virtualization hypervisor somehow be able to handle this? (Let's assume NSX is off the table.)  This would seem to be a "normal" deployment for any HC environment, in that the more condensed the environment, the higher demand for internetwork connectivity.

I'm trying to get to whether a Layer 3 physical switch is "normal" for these environments to handle this inter-tier traffic, or if there are more efficient options.

Thank you
0
How can you prevent a malicious actor from repeatedly locking your AD account simply by entering a wrong password three times on the company VPN webpage?
0
Dear Experts

installing SAP ERP on-premise or on cloud recommended, if we go for on-premise what would be best way for business continuity  and recovery, is it recommended interbranch for DR and recovery or cloud please suggest the best recommended.
0
Scenario 6
This article is about building a Route Based site to site VPN tunnels with Redundant Routers in DC (HUB) in Cisco CSR1000V router with IOS XE. There are four Route Based IPsec VPN tunnels configured on two CSR1000V routers as redundant routers pair.
0
Cloud Class® Course: Microsoft Office 2010
LVL 12
Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

GLBP Configuration


gl
I have configured GLBP on R3,R4,R5 shown in the topology above.
I would like to know why,in the output below, the Standby Router is showing the R5 instead of R4 , they have the default priority. I wonder if the Highest Mac address factors in the election if Standby Router.
another thing that I want to understand is the keyword "Preempt" in the configuration routers that are not AVG.
I know that Priority will determine which router will be the AVG now and which router will take over as AVG if the current AVG is down, but the keyword "Preempt" is still not clear to me when it should factor in




R3#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 priority 150
 glbp 1 preempt
R3#

Open in new window


R4#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 preempt
R4#

Open in new window


R5#sh run | sec glbp
 glbp 1 ip 192.168.1.254
R5#


R3#sh glbp brief    
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/0       1    -   150 Active   192.168.1.254   local           192.168.1.15
Gi0/0       1    1   -   Active   0007.b400.0101  local           -
Gi0/0       1    2   -   Listen   0007.b400.0102  192.168.1.14    -
Gi0/0       1    3   -   Listen   0007.b400.0103  192.168.1.15    -
R3#

Open in new window


*** another issue that I cannot figure out  the cause is the Traceroute from Hosts. if it goes through R3( the AVG) , it will make it to R2, but when Traceroute goes through R4 or R5 it displays the Exclamation Mark with H letter, as shown below:

Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.15 12 msec 12 msec 12 msec
  2 192.168.1.15 !H  !H  !H
Host#clear arp              
Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.13 1016 msec 12 msec 8 msec
  2 192.168.23.2 44 msec 20 msec 24 msec
Host#
0
Can someone explain me on high level Cisco licensing differences?  I understand there are lanbase, ipbase, and ip services.
For some reason Cisco sold me core switches 3850 with lanbase, but access switches with ip base licensing.  Not a production impact but Cisco TAC  raised a concern.
I need to buy more access switches.  What licenses should I get for those?  And is there a pricing difference?

Thanks in advance.
0
We have total 7 scope configured in DHCP out of which 3 is showing blue exclamatory mark, when I click on display statistics for these 3 scopes all value is showing zero only. Event logs showing error messages like "DHCP client request from C42F909FAB66 was dropped since the applicable IP address ranges in scope/superscope VLAN40 are out of available IP addresses. This could be because of IP address ranges of a policy being out of available IP addresses." for all these 3 scopes only. However all these scopes are not more that 50% occupied.

DHCP lease is 10 hours for all scopes except scope for mobile user.

In DHCP properties DNS Tab
""Dynamically update DNS record only if requested by the DHCP clients"" is checked.
""Discard A and PTR records when lease is deleted"" is also checked.

Assign IP addresses dynamically to clients of: is DHCP

In DNS Scavenge stale resource records are set as No-refresh interval 3 days and Refresh interval 4 days for all the zones and scavenging Period is 1 Day.

I performed the reconciliation and restarted the DHCP services in both DC and is ADC. Also I checked by restarting our ADC as it was also showing the same thing but it also doesn't work however I have not cheeked  by restarting our DC yet.

Please suggest if anyone having the solution for this.
0
Can you recommend an ISP for our small remote Sales office at New York City? We need 10-20M bandwidth with a backup line. The ideal ISP can provide a separate backup line -- meaning once the main line is failed the WAN connection would switch straight over to this backup line. And the backup line is included in the cost of main line.
0
I'm looking for some guidance on how to allow Remote Users to access system applications. We currently are running a phase 1 setup where users are sent home with company equipment and use Sonicwall Global VPN software and Remote Desktop to remote into their own computers, located on site.

This is not, however, ideal, as it requires equipment on both ends.

Ideally what I'm looking for is to have a way for a user to have equipment at home, use a secure VPN connection with the Sonicwall Global Client, and then have the user access a desktop that is not in use. One way, obviously, is to have a bank of PC's with one dedicated to each person, but this seems cost prohibitive. So my thought is a virtual desktop.

I currently have two Windows 2016 Servers running my main system, including DNS and Active Directory, among other, core services. Is there a way I can build virtual desktops within that server? Should I have a separate server dedicated just to this task? What would be my starting point? Would I use Microsoft's built in Hyper-V? Would I use VMWare in some way?


The first group will probably be only 5-10 users, though this number may go up. I know there are options like Citrix which would provide a web interface but the way our applications are setup they would require a direct connection and so I don't know if Citrix and the like would work, though I am looking into this as well.


We have hundreds of available DHCP over VPN connections through our …
0
How to restore back the delete shared Mallbox by powershell.
0
Hello,

I would like to know if it is possible to effectively use voip with private vlan edges, and how.

I have private vlan edges configured, essentially with the switchport protected, switchport block unicast and switchport block multicast, on all my user's workstation ports on the distribution switches. This is to prevent lateral movement in case of compromise. I would like to configure the ports for VoIP in the usual chained jack-to-phone-to-computer format. These catalyst switches are connected to the core catalyst switch via fiber.

I understand that all traffic on a switchport protected interface will be sent to the uplink and that this includes all voice and data traffic from that particular interface. But, I would prefer not to have to disable protected ports to allow phone to phone voice traffic.

Please help.
0
Our company is using a VPN Gateway (F5 BIG-IP APM) to allow remote mobile clients to access the corporate network resource/applications. We are undergoing an investigation if we could use other new technology (e.g. Web Base Application) or Authentication Server to decommission the current VPN Gateway. However, we would like to maintain the operation/features for allowing remote mobile users to use our internal resources/applications. We are new to this kind of network/security design and your recommendation is very much appreciated.  Let me know if further information is needed.

Thanks & Regards
Patrick.
0
Hi,

I need  add Cisco 2960 and 3560 switch in GNS3 for practice, kindly suggest how it can be possible
0
Cloud Class® Course: Certified Penetration Testing
LVL 12
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Hello,

A client has a single location network spread across several floors. The tech they had earlier configured their network with a class A 10.0.0.0/8. They've run this for a decade and are now looking to make it more efficient. They only have 300 users, a couple of hundred other devices like printers, scanners, UPSes etc on a single VLAN. They do have a DMZ VLAN with its own class C 192.168.0.0/16. They are planning on bringing in VOIP on its own VLAN (IP scheme undecided yet). It's a Cisco shop with ASAs and catalysts running the network.

What would be your suggestion/plan please?

Thank you.
0
Hi,

Can you please advise why IP of server is changing like

C:\Users\Administrator>ping 113.255.213.114
Pinging 113.255.213.114 with 32 bytes of data:
Reply from 113.255.218.217: Destination host unreachable.
Reply from 113.255.218.217: Destination host unreachable.

Open in new window

0
If your data center is in the same data center as an AWS Availability Zone data center - would it be
possible to create a Direct Connect just by patching from your gear to theirs? That is - is there a
way you could avoid some of expense of a carrier getting packets to/from AWS by virtue of being
physically located in one of their data centers?
0
Multiple sites need to share data with file locking.  (this rules out DFS)
We currently use Globalscape WAFS, but the product is EOL.

I am looking for a solution to mirror my data in near real time (depends on speed of wan links) and maintain file locks remotely.
Ideally, the solution would NOT use SMB for data transfers as the chatty protocol doesn't do well on our 30ms latency wan links.
0
I have a Seagate Central NAS drive at home and it has been working fine until just recently.

I can no longer connect to the NAS contents through Windows Explorer; I see it listed on network items but am unable to view the contents. I am able to connect to the Seagate Manager which shows me the IP address connection, users etc etc; I can change its name and it is reflected in Windows Explorer which shows that it is connected to the network.

I have read that it is something to do with Server Message Block v1 (SMB v1) settings which have been updated in Windows 10. I have tried updating the firmware on the NAS but it says it is already running latest firmware.

Any suggestions for overcoming this?? NAS holds all of our files; documents, music, photos etc.
0
Hi, there's an Edgemark router connected to a Cisco small business switch.  I'm curious what's the benefit of connecting the to the G1 interface over the standard 1 - 24 switch ports.  Also, is there any down (network degrade?) side to hanging additional network devices off the typical 3 or 4 LAN ports on the router when it's a flat network?

Cisco small business switch
0

Network Architecture

12K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.