Network Architecture

12K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Share tech news, updates, or what's on your mind.

Sign up to Post

What are the best fiber cable manufacturers?  There're so many online and price varies and lot.
Looking for LC/LC SM and MPO MM cables.  
Please advice.  I normally buy on Amazon.
0
Cloud Class® Course: CompTIA Cloud+
LVL 12
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

Never done that and need advice how its being done normally.

I need to relocate uplink one floor up in the building.  Larger server room, better AC, power, etc.
Moving all the switches up there.  How do I move the ISP handoff?  Fiber single-mode.
Do I just put a patch panel and route up there, or move the handoff?  Is it something ISP responsible per request or cabling contractors?
What's the best option?  Please advice.
0
Have anyone used multi-mode to single mode fiber converters?  Are they reliable?  
I need to run 40G optics between the floors in the three building floors (floors 1,2,and3).  MM fiber is already in place.  To support 40G between these three floors we need single mode duplex LC fiber.  
Instead of doing new SM runs, can we install converters to achieve that?  Would that work reliably?
0
hi guys

I was hoping that you guys could help me with something. We have many stores across the UK. I am trying to do a revision of our network architecture. I have uploaded a very basic Visio diagram of what it looks like. Stores are connected via the MPLS to a datacentre which has our firewall and from which the internet breaks out. I have created Store A and this configuration is almost identical for all other stores. All stores have IP PDQ machines. The store network traffic goes from the PC's, Tills//PDQ's via the MPLS network to our datacentre and from there, it breaks out to the internet. PDQ's also failover to an analogue telephone line if there is an issue with the MPLS network.

We have additional internet lines at each store for other things such as footfall camera's and mobile devices which I have included on the right hand side. This is so that credit card information is going out of an entirely separate line in case of a breach. So of course, one issue we have is that if (this has not happened yet in the 4yrs I have been there) the internet side at the end of where the MPLS breaks out into the firewall and to the internet went down, then none of the 40 stores can transact properly. Well they can, but via the analogue phone lines which I think is just 20th century rather than 21st.

However, I am reviewing all of this and hoping that we can just reduce 2 to 3 internet lines into just one and introduce VLAN's and consolidate everything.

My questions …
0
I would like to know if I am on the right track.

I have a webserver directly connected to a DMZ interface on the active ASA5525X of the active standby failover pair. The failover is configured via another interface.

Right now, if the active ASA fails, the secondary will kick in but this webserver will not be accessible from the outside. What I plan to do is create a VLAN on a switch and plug in the webserver and the DMZ interfaces from both the active and standby ASAs into ports configured for that VLAN.

What am I missing? I do not plan on configuring an IP address for that VLAN or setup any sort of special routing. The only route on that switch is the ip route 0 0 gateway. The ASA DMZ interfaces are configured as ip address 172.16.1.1 255.255.255.248 standby 172.16.1.2. The webserver is 172.16.1.3. The webserver uses the 172.16.1.1 as the gateway.

When the active ASA is active, the webserver sees it as 172.16.1.1. What happens when the ASA fails over to the secondary? Will the webserver still see the ASA as 172.16.1.1? Or is there routing to be configured on the switch?

Thank you.
0
Dear Experts

We have been asked to deploy on premise mail server for which we are planning to go for zimbra network but before to that we have to design the network,  though this email server will be working for internal within main office and branch office as it is connected in mpls network but we also would like to send and receive mails to external domains following measures to be taken
1. if our server or internet goes down the sender mail should not get lost for us once the server or internet gets restored the mails should be delivered to our emails accounts.
2. our domain and ip reputation should be always good so that our messages gets delivered to the inbox on the recipient email
please suggest on how our email server to be configured have internal dns server and make it work as normal email server and for external we have to avail SMTP RELAY service with some service provider please suggest is this correct if not please suggest what service we have to avail for external email delivery with email security will be taken care.
0
Dear Experts

to setup new office what IP addressing is recommended as it is common to use 192.168.1.0/24 but I would like to go for something different and this network will have to be get connected over the VPN from other location and they may be using 19.168.1.0/24,  this new network yet to be setup will have internal dns and dhcp and leased line and mpls connectivity. the total users or end devices within this network will not be more than 75, I prefer other than 192.168.1.0/24 is there a recommend/best  practice in selecting a particular ip addressing for private lan network please suggest,  is it good to go with 192.168.0.1/24 or something like 192.168.100.0/24 or any other ip addressing recommended please suggest.
0
I have noticed on some Aruba wireless controllers the spanning tree is disabled.  Is there a reason to disable a spanning tree on aruba wifi controllers or on any wireless controllers?
0
I'm looking for reference information regarding network connectivity into Microsoft Azure cloud environments for organizations starting to consider cloud/IaaS migrations. I'm familiar with the high-level concepts (Azure vNets, ExpressRoute, etc.), but am specifically looking for guidelines, and maybe conversation points for customers asking about network requirements for initial and possibly longer-term cloud investment.

Let's assume the customer already has redundant, high-speed Internet connectivity, and is (again) looking for input regarding how a migration plan to Azure would look like from a network perspective.

Thank you
0
If you have two Internet feeds with BGP attracting traffic to your site and one goes out - should that interfere with ongoing uploads?
Say I had 200 uploads via sftp to my site. Provider A does some maintenance but Provider B stays up. Traffic load drops to 50
uploads. Since the connections are TCP/SFTP I would think they would just pause and then continue once the available path became
available. Or is it the case that the reconvergence/hold down timers are likely just too long to keep most of those conversations
alive?
0
Cloud Class® Course: CompTIA Healthcare IT Tech
LVL 12
Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

I have a (hopefully very simple question) regarding routing in a hyper-converged environment. In the simplest form, let's say we have a single HC node (HyperFlex, SimpliVity, etc.), and the VMs being hosted on this node are within a typical Web/App/DB hierarchy - so, all in different VLANs/subnets, virtual firewalls in-between, etc.

Given the above, would communication between the different tiers (W/A/DB) require exiting the HC node to an external routing device, or would the virtualization hypervisor somehow be able to handle this? (Let's assume NSX is off the table.)  This would seem to be a "normal" deployment for any HC environment, in that the more condensed the environment, the higher demand for internetwork connectivity.

I'm trying to get to whether a Layer 3 physical switch is "normal" for these environments to handle this inter-tier traffic, or if there are more efficient options.

Thank you
0
Dear Experts

installing SAP ERP on-premise or on cloud recommended, if we go for on-premise what would be best way for business continuity  and recovery, is it recommended interbranch for DR and recovery or cloud please suggest the best recommended.
0
GLBP Configuration


gl
I have configured GLBP on R3,R4,R5 shown in the topology above.
I would like to know why,in the output below, the Standby Router is showing the R5 instead of R4 , they have the default priority. I wonder if the Highest Mac address factors in the election if Standby Router.
another thing that I want to understand is the keyword "Preempt" in the configuration routers that are not AVG.
I know that Priority will determine which router will be the AVG now and which router will take over as AVG if the current AVG is down, but the keyword "Preempt" is still not clear to me when it should factor in




R3#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 priority 150
 glbp 1 preempt
R3#

Open in new window


R4#sh run | sec glbp
 glbp 1 ip 192.168.1.254
 glbp 1 preempt
R4#

Open in new window


R5#sh run | sec glbp
 glbp 1 ip 192.168.1.254
R5#


R3#sh glbp brief    
Interface   Grp  Fwd Pri State    Address         Active router   Standby router
Gi0/0       1    -   150 Active   192.168.1.254   local           192.168.1.15
Gi0/0       1    1   -   Active   0007.b400.0101  local           -
Gi0/0       1    2   -   Listen   0007.b400.0102  192.168.1.14    -
Gi0/0       1    3   -   Listen   0007.b400.0103  192.168.1.15    -
R3#

Open in new window


*** another issue that I cannot figure out  the cause is the Traceroute from Hosts. if it goes through R3( the AVG) , it will make it to R2, but when Traceroute goes through R4 or R5 it displays the Exclamation Mark with H letter, as shown below:

Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.15 12 msec 12 msec 12 msec
  2 192.168.1.15 !H  !H  !H
Host#clear arp              
Host#traceroute 192.168.23.2

Type escape sequence to abort.
Tracing the route to 192.168.23.2

  1 192.168.1.13 1016 msec 12 msec 8 msec
  2 192.168.23.2 44 msec 20 msec 24 msec
Host#
0
Can someone explain me on high level Cisco licensing differences?  I understand there are lanbase, ipbase, and ip services.
For some reason Cisco sold me core switches 3850 with lanbase, but access switches with ip base licensing.  Not a production impact but Cisco TAC  raised a concern.
I need to buy more access switches.  What licenses should I get for those?  And is there a pricing difference?

Thanks in advance.
0
I'm looking for some guidance on how to allow Remote Users to access system applications. We currently are running a phase 1 setup where users are sent home with company equipment and use Sonicwall Global VPN software and Remote Desktop to remote into their own computers, located on site.

This is not, however, ideal, as it requires equipment on both ends.

Ideally what I'm looking for is to have a way for a user to have equipment at home, use a secure VPN connection with the Sonicwall Global Client, and then have the user access a desktop that is not in use. One way, obviously, is to have a bank of PC's with one dedicated to each person, but this seems cost prohibitive. So my thought is a virtual desktop.

I currently have two Windows 2016 Servers running my main system, including DNS and Active Directory, among other, core services. Is there a way I can build virtual desktops within that server? Should I have a separate server dedicated just to this task? What would be my starting point? Would I use Microsoft's built in Hyper-V? Would I use VMWare in some way?


The first group will probably be only 5-10 users, though this number may go up. I know there are options like Citrix which would provide a web interface but the way our applications are setup they would require a direct connection and so I don't know if Citrix and the like would work, though I am looking into this as well.


We have hundreds of available DHCP over VPN connections through our …
0
Our company is using a VPN Gateway (F5 BIG-IP APM) to allow remote mobile clients to access the corporate network resource/applications. We are undergoing an investigation if we could use other new technology (e.g. Web Base Application) or Authentication Server to decommission the current VPN Gateway. However, we would like to maintain the operation/features for allowing remote mobile users to use our internal resources/applications. We are new to this kind of network/security design and your recommendation is very much appreciated.  Let me know if further information is needed.

Thanks & Regards
Patrick.
0
Hi,

I need  add Cisco 2960 and 3560 switch in GNS3 for practice, kindly suggest how it can be possible
0
Hello,

A client has a single location network spread across several floors. The tech they had earlier configured their network with a class A 10.0.0.0/8. They've run this for a decade and are now looking to make it more efficient. They only have 300 users, a couple of hundred other devices like printers, scanners, UPSes etc on a single VLAN. They do have a DMZ VLAN with its own class C 192.168.0.0/16. They are planning on bringing in VOIP on its own VLAN (IP scheme undecided yet). It's a Cisco shop with ASAs and catalysts running the network.

What would be your suggestion/plan please?

Thank you.
0
If your data center is in the same data center as an AWS Availability Zone data center - would it be
possible to create a Direct Connect just by patching from your gear to theirs? That is - is there a
way you could avoid some of expense of a carrier getting packets to/from AWS by virtue of being
physically located in one of their data centers?
0
Upgrade your Question Security!
LVL 12
Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

I have a Seagate Central NAS drive at home and it has been working fine until just recently.

I can no longer connect to the NAS contents through Windows Explorer; I see it listed on network items but am unable to view the contents. I am able to connect to the Seagate Manager which shows me the IP address connection, users etc etc; I can change its name and it is reflected in Windows Explorer which shows that it is connected to the network.

I have read that it is something to do with Server Message Block v1 (SMB v1) settings which have been updated in Windows 10. I have tried updating the firmware on the NAS but it says it is already running latest firmware.

Any suggestions for overcoming this?? NAS holds all of our files; documents, music, photos etc.
0
Hi, there's an Edgemark router connected to a Cisco small business switch.  I'm curious what's the benefit of connecting the to the G1 interface over the standard 1 - 24 switch ports.  Also, is there any down (network degrade?) side to hanging additional network devices off the typical 3 or 4 LAN ports on the router when it's a flat network?

Cisco small business switch
0
We have a Technicolor Modem/wireless router combo device given by Spectrum.  When Spectrum tech first set it up I could connect to is wirelessly and I could see the public wan IP as ie. 1.2.3.4.  We plugged it into our Sonicwall device and everything is working fine.  Bridge mode is enabled and we have a dynamic public ip so I set it to DHCP.   I just want to know why  I'm getting a address of 192.168.0.5 showing on my WAN.  I was expecting to see the public ip instead like 1.2.3.4.

Wan interface
Capture2.PNG
0
If you use a VIF - I understand you can attract all your S3 traffic over the Direct Connect circuit instead of going to the public internet. Is the full set of addresses to be used for S3 published anywhere so that we could create the right set of BGP filters to make sure that only the desired S3 traffic gets attracted to the Direct Connected instead of just going to the Internet?

Currently the path from our internal hosts to S3 storage is via the Internet to Amazon public IP. The goal is to get that traffic to go over our Direct connect circuits. I believe the method is using VIF and then those addresses get advertised via BGP over the DX. I want to filter those routes so unintended traffic doesn't go over the direct connects.
0
Hi,

We have a main Cisco 3750 Switch. From that switch fiber connections run from the trunk ports to different stacks, essentially all other stacks connect back to this switch. We want to add a backup to this switch in case of hardware failure. Question how do we add it.
1. Do we add it as a second switch in Slave role or is there another way adding it.
2. Also if the first switch does go down, how do we prepare the second switch so that the trunk port are ready to accept the fiber cables
0
From a best practice standpoint which is better, ASA on the edge or a router on the edge of your network?


off of the top of my head ASA on the seem like a better design, however, I have seen some networks in the passed with Router(Edge) then ASA.
0

Network Architecture

12K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.