[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

Network Architecture

12K

Solutions

26

Content

i
The collection of articles, videos, and posts on this topic.

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Share tech news, updates, or what's on your mind.

Sign up to Post

hi guys

One of our directors has asked me some questions about what we could do in the future to reduce the need for I.T presence at one of our countries and instead have it so that the support is almost entirely run from the U.K instead.

The site at our other country has two separate sites. One is a warehouse, the other is an office. The total number of users at both sites together is around 100 users. There are firewalls at both sites. There are VPN's connecting both sites. Those sites are also connected to us in the U.K

I mean, one of the only ways to reduce the I.T presence in one place is by reducing the types of physical hardware/equipment which would constantly require physical presence, right? So things like switches, PC's dying on you, printers, file storage, SAN disks needing replacement, you name it all will require some level of physical intervention.

By heading towards Office 365 and Exchange online, would you say that helps slightly reduce the overhead?

Along with that, how about instead of having PC's that are powerful, have decent thin clients and have high enough bandwidth to give them connectivity to their own virtualised machine on like a cluster of Vmware/Hyper-V servers on a SAN that have been spun up for them. So that would then reduce the possibility of hardware/disk failures on site and instead have them run on virtual terminals. Are there performance issues with that? Are the costs in the longer term reduce and is the quality …
0
8 Comments
Build an E-Commerce Site with Angular 5
LVL 12
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

Enroll Today!
hi guys

I was looking into cloud switching, such as the tools being offered by Cisco Meraki. They keep saying that you can have your switches in the cloud. But I'm trying to understand how that would work.

Would that mean that in my organisation which consists of two stacks of x 7 switches, totalling 14 switches, that I would suddenly no longer need that anymore if I implemented Meraki's?

We have around 300 people in our office. All of those people have to be connected/patched to a port on the wall and those need to be patched into a switch.  I can't exactly get rid of those physical switches can I? So I'm not really understanding the whole cloud switching situation with Meraki's?

Or have I totally misunderstood the cloud switching scenario?

thanks for helping
Yash
0
3 Comments
Hi

I'm moving layer 3 routing from an old core switch to a new core stack we've just purchased.

The stack has been configured with trunks and has access to the network.

The old core will not be removed just the routing will be removed from it.

At the moment the old core has links to different sites

My question is when the routing has been moved over, will I need to move cables over from the old core to the new?

Thanks
0
1 Comment
Dear Experts,

I am at a client location today and they have a local server that will be accessing different sites with various ports. The client has ASA firewall and Cisco Firepower my question is do I add the access rules in Firepower or directly in ASA?

I am always not sure and the client has no preference.

Please let me know from your experience how to tackle this .

Thanks,
0
3 Comments
Recenly we received call from our client said that network down and we visit onsite found that is looping .

She buy two unmanage switch try to connect by her self ,we found out she connect one of the cable back to the switch .

Actually they have are using HP 5130 as the core switch and all the access switch is HP/Aruba 2530.

I would like seek for expert advice ,what we can help them to avoid this problem occur again.
0
4 Comments
What are the common patterns for distributed software architecture? Is there any list?
0
1 Comment
I have HP Procurve switch in my network. I have a network setup for a security camera that doesn't need to be accessible to the Internet. It seems that the camera continuously accesses the Internet for some reason. The packet has been a drop from the SonicWall since there is no rule setup for the network.  I would like to setup HP procurve switch to not forwad those request.  what is the command or rule to do that?  I have a core switch as a gateway of all network and the security camera is in VLAN.
0
26 Comments
Wonder your folks opinion.  How do you approach this questions from executives.  
 "what do you think is better 74Mb DSL or 60Mb cable?"  :)
0
12 Comments
We have some older model Siemens PLCs that I'm told have an IP address, but no gateway. Can anyone confirm if they have seen something like that?

Second and more important is my part in this challenge: If it is possible that a device has no gateway, how to get it to talk/route to a different subnet?

Edit: I see some Siemens documentation that talks about using subnets and supernets to get around the issue. So if it helps, my destination subnet is 10.1.179.0/24 and my PLC is 10.107.151.10.
0
4 Comments
IP address shortage on Class C network.
The company is in manufacturing business. They have Windows servers, office PCs, production PCs, network switches, internal WiFi, IP phones, machines, etc. They all consume IP addresses. Now they wanna add 40 more production PCs while there are only 20 free IP addresses.
What should be done in order to release more IPs on this network?
One thing we are considering is to create a separate network for all 20 IP phones which are used in the "sub-site". (Please see the attached diagram). We are not good at VLAN, but we can learn. Will VLAN help in this situation?  
Are there any other things we can do?
Thanks!
Jack
Map-IP-Phone.png
0
10 Comments
Angular Fundamentals
LVL 12
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

Enroll Today!
What needs to be done to replace Optimum router and modem with a modem router combo device?
0
8 Comments
Hello - what (if any) are the options for shaping traffic on an X-series firewall?  I have a customer with a Gig handoff Internet circuit, currently provisioning 150-Mbps. This is terminated on an old ISR, which is shaping the traffic via "bandwidth 150000" command to prevent carrier policing. We need to move this connection off of the ISR onto a ASA 5525-X.

From what I've found so, it appears there's no way to handle traffic shaping on the X-series firewalls. (I haven't looked into the new FTD appliances yet, so would be interested in feedback on those as well.) The 5525 is currently running 9.2 code, and the 9.2 configuration guide (https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/firewall/asa-firewall-cli/conns-qos.html) indicates that traffic shaping is only supported on the 5505 (not the "multi-core models such as 5500-X"). I haven't checked newer release notes.

Is there a way to perform the same shaping function on an ASA 5525, with either the existing or newer code? If not, how are other customers handling sub-rated circuits to prevent policing and the potential resulting connection drops? Again, if the newer FTD appliances (2100's) can provide for this, that'd be helpful to know.

Thank you
0
12 Comments
Please see the attached diagram.

I have configured 10.0.3.61 and 10.0.3.62 as VPC peers with a port-channel comprised of links A and B as their peer-link.

I want to configure a third switch, 10.0.0.3.63 to be dual homed (using links C and D) and connect upstream to this VPC pair.

On the 10.0.3.63, I would configure the port channel with commands like:

switch63# int e1/31-32
switch63# switchport mode trunk
switch63# channel-group 1 mode active

What I would like to know is what command(s) do I run on either 10.0.3.61 and/or 10.0.3.62 to create a port-channel that spans both switches (so that the uplink from 63 is dual homed?)

I thought this was the most natural application of VPC but I cannot find any documentation for this scenario.

Thanks in advance for your help!
VPC-scenario.jpg
0
3 Comments
I am at a new site and there are SVI interfaces in the core switch, which is fine but one thing I see is that the customer have the line

ip router ospf 21 area 0.0.0.21


Can I please have someone experience tell me if this is correct?
what does it mean, I looked at the ospf configuration and I have never seen any command in this syntax.

Thank you
0
3 Comments
Meaning of Port number in Show spanning Tree

in the output of the command below  I see:

 Port        1 (Ethernet0/0)

I wonder what Port 1 means?  I thought the port is the same as interface.

Thank you


SW1#sh spanning-tree  vlan 20

VLAN0020
  Spanning tree enabled protocol ieee
  Root ID    Priority    24596
             Address     aabb.cc00.0400
             Cost        200
             Port        1 (Ethernet0/0)
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32788  (priority 32768 sys-id-ext 20)
             Address     aabb.cc00.0100
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time 300

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Et0/0               Root FWD 100       128.1    Shr 
Et0/1               Altn BLK 100       128.2    Shr 

SW1#

Open in new window
0
4 Comments
DR(designated router) is for sending source message to receiver. I am not sure DR is located between source and RP, or between RP to receiver? Anyone can give some idea? Thank you
0
5 Comments
MPLS Layer 2 and NAT

If I understand with MPLS Layer 2 , you can connect 2 sites of your networks and will seem just like you are on the same LAN network, except for speed.

Well, let say ISP gave us MPLS L2, and we connect one of our routers of our Site1 to one end of MPLS and another router of our Site2 to the other end of MPLS.
in this case, should the interface of a router connected to Site1 have to have IP address on the same subnet as the interface of the other router connected MPLS on Site2 ?

I mean : (Site1)R1---Interface1------>MPLS-<------Interface2--R2(SIte2)
Interface1 will be on the same subnet as Interface2 ?


Assuming it should.

Now to get all networks of Site1 and Site2 to communicate, do we need NAT translation configured on Router connected to MPLS on Site1 and Router connected to MPLS on Site2 ?


Thank you
0
13 Comments
Is Root Bridge relevant when connecting to L3 Switches.

I would like to know when I have all my L2 switches connected to L3 (Distribution or Core) switches, if there is any concern about Root bridge election or even STP loop.
To my understanding as long as L2 switches are not connected directly between themselves there will be no Root Bridge election and there will be no STP loop to happen.
for instance in the Diagram below, all L2 switches are not connected directly between themselves, but connect to L3 switches.

Thank you

sp
0
18 Comments
I have a data jack that is terminated; but, not properly labelled.  I am trying to use a tone generator to find the correct patch panel connection that I need to use and cross connect the ethernet correctly to the end point.

https://www.youtube.com/watch?v=JHRIiw3OR6Y

The problem is that this specific data jack is in a machine shop floor and when I activate the toner every patch panel connection is triggered in the room.  If I turn off the toner generator every patch panel is still sounding off in that room.

If I try the toner generator in different locations(other rooms) there is no problem.  The toner generator works as I expect it to.

What could be causing the toner tester to sound off in that 1 specific patch panel?  Could it be that the ethernet cables were not grounded correctly?
0
5 Comments
Exploring SQL Server 2016: Fundamentals
LVL 12
Exploring SQL Server 2016: Fundamentals

Learn the fundamentals of Microsoft SQL Server, a relational database management system that stores and retrieves data when requested by other software applications.

Learn More!
in practice, where in the network (for shaping WAN/Internet traffic)  is best to connect packetshaper  in terms of security  and in terms of best network design?

Betw WAN router n external firewall, at DMZ external facing firewall or ?
0
4 Comments
Hi Experts,

we have to plan a big move to another building.
I have some questions about it.
Our datacenter is using RJ45 patch panels and cabling is done with CAT7

The new building has older technology installed and another patch system , called SYSTIMAX.
This SYSTIMAX patch system is new for all of us and the installed cables are all CAT6.

What kind of patch systems do you use in your datacenter ?
Do I have so many benefits with SYSTIMAX ?
1
2 Comments
Dear Experts

We are solution implementer like crm application and even server hosting for those companies who require us to host and maintain servers. Recently few of clients are mentioning about soc2 compliance. Can you please help me understand with respect to solution implementation point of view what does soc2 compliance means and how does it help our business, thanks in advance.
0
2 Comments
Hi
We are expanding our office so will need to install an additional switch in another room c20 feet away from the comms.  At the same time we are looking at replacing our existing switches.  

Currently have a hp 2910al poe+ 48 port serving as GW for hosts.  It routes to the local firewall and thereafter out tot he web via router.  We run two vlans for data and voice.  
We also have two other switches connected via ports on the 2910al.  These are HPv170 and 3com 2952, these run only data, no voice.

Looking for recommendations for specs and types of switches.  We like HP but would use any other.  Ideally have some form of resiliency and HA in the comms room and the same with the other switch in the other room.

Would modules be any good?

We also have STP disabled for our voice to work.

Thanks
0
9 Comments
Configuring NAT

in the LAB configuration below:
I have R1 and R2 in subnet 192.168.12.0/24 ----R3 in subnet 10.10.13.0/16  and R4 in subnet 10.10.24.0/16

I would like to have R3 be able to ping R4

The NAT configuration does not seem to work as it is supposed to.
Any Help ?

Thank you

n




R1#sh run 
Building configuration...

Current configuration : 2199 bytes
!
! Last configuration change at 02:39:42 CET Sun Sep 2 2018
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
aqm-register-fnf
!
!
no aaa new-model
clock timezone CET 1 0
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!


!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!         
!
!
redundancy
!
!
! 
!
!
!
!
crypto isakmp policy 5
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key cisco@123 address 192.168.12.2   
!
!
crypto ipsec transform-set MY-SET esp-aes esp-md5-hmac 
 mode tunnel
!
!
!
crypto map IPSEC-SITE-TO-SITE-VPN 10 ipsec-isakmp 
 ! Incomplete
 set transform-set MY-SET 
 match address VPN-TRAFFIC
!
!
!
!
!
interface Ethernet0/0
 ip address 192.168.12.1 255.255.255.0
 crypto map IPSEC-SITE-TO-SITE-VPN
!
interface Ethernet0/1
 ip address 10.10.13.1 255.255.0.0
!
interface Ethernet0/2
 no ip address
 shutdown
!
interface Ethernet0/3
 no ip address
 shutdown

Open in new window
0
7 Comments
Understanding uRPF Loose Mode /Strict Mode,

Let's say we have R1 connected on both of its 2 interfaces to R2 and R3
R1 interface IP address(192.168.12.1/24) connecting to R2
R1 interface IP address(192.168.13.1/24) connecting to R3

R2 interface IP address(192.168.12.2/24) connecting to R1
R3 interface IP address(192.168.13.3/24) connecting to R1

R2 has a loopback 0 with ip address 2.2.2.2/32

R1 has static route : Ip route 2.2.2.2 255.255.255.255 192.168.12.2

For test purpose I have created lopback 0 on R3 with the same IP address 2.2.2.2/32 as the loopback 0 on R2

With Strict Mode or Loose Mode configured, I can ping from R2 (source Loopback 0:2.2.2.2) to R1 (192.168.12.1)
I can see the ping replies. but I cannot ping from R3 (Source Loopback 0: 2.2.2.2) to R1 (192.16.13.1).
However when reading online, it states that with Loose Mode, R1 will accept packets from R3 and with Strict Mode it does not.
from my side, I still cannot see the difference between Strict/Loose Mode as both will cause Ping fails from R3 source loopback 0 to R1

Any clarification on this ?

Thank you
0
3 Comments

Network Architecture

12K

Solutions

26

Content

i
The collection of articles, videos, and posts on this topic.

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.