Ideal Network Configuration - 3 Floors, Multiple Switches & Untangle

Toggle sidebar Toggle sidebar
A

aromal

Distinguished
Jul 4, 2007
23
0
18,510
My company has 110 workstations (linux + windows) spread across 3 floors and 5 servers. The network is connected to three wan interfaces ( two dsl and one leased line ). All LANs are connected and routed using Untangle (UT).

Lately we are facing network outages at the LAN side. Looks like the switching tables are getting corrupted. Each floor is on its own subnet and uplink to UT goes via an aggregation switch. All switches go and joins one switch in the server room and IPs come from different subnets.

Whats an ideal solution ?

To,

a) Make entire network flat 192.168.0.0/24 and give one lan link to UT OR
b) Separate each floor by network with its own subnet and aggregate all switches of one floor into one switch and send that traffic with one dedicated uplink to a dedicated LAN port on UT. Do the routing inside UT.

On a side note:
Is there a free network analyser or port analyser that I can use to identify conflicts like this. All my switches are unmanaged as of now.

Please suggest an ideal configuration as I would want to expand my network and ensure network bandwidth is also reasonably split across each floors.

We have both data and voice in the network hence some sort of QoS implementation is also needed in the near future.

I am open to investing to introduce new components if that simplifies the whole process. Layer 2 managed switches or Layer 3 ?

 
Solution
B
Modern switches...even the cheap 4 ports ones...do not delay traffic. There is not need for any form of traffic management at the switch level. You could have a port overloaded but that tends to be more a server overload issue. It also to a point is why a single large switch is better. These tend to have enough switching power to run all ports at maximum speed up and down all the same time. If you had 2 switches you would be need to be concerned about the amount of traffic going between them on that one cable.

There are many types of manged switches which is also why there is a huge difference in price. Things like commercial cisco layer3 switches can actually run routing protocols like OSPF so they cost lots of money...
Sort by date Sort by votes
B

bill001g

Titan
Aug 9, 2012
28,319
2,754
125,640
It is not clear how you have this cabled. I am not sure what you mean "uplink to UT goes via aggregation switch".

If the aggregation switch is actually a layer 2 unmanged switch then you have connected everything into 1 flat lan so I am not sure how you run different subnets. Now if this was a managed switch there are a number of implementations.

Your design depends on your traffic pattern and if there is any security reason you want to keep users data separate.

A lot of the subnet design and even the subnet sizes were based on older equipment that could not tolerate much garbage traffic between machines. You can still get a broadcast storms than can take down segments but many managed switches detect and block that kind of problem also.

If it is a option 1 flat network will be simpler to maintain. It really depends why you had multiple subnets to start with. 100+ machines is no issue really.

We recently moved one of our offices we put each floor on its own subnets BUT it was designed for 500 devices per floor. We put in large switches on each floor and ran a 10g uplink back to the central building layer 3 switch. That building has over 2000 active devices with only 4 subnets. The reason this works is these are pretty standard office work pc's. Even though it is a lot of users there is not that much traffic. All the servers are remote so the problem would be the connection to the main data center if we had one. Then again more than 50% of all traffic is non business related internet traffic that goes out via the local internet connection.

This is far different from one of the R&D buildings. There we have users with multiple powerful devices on their desktop. It is not uncommon for 1 user to copy many 100gbytes of data between local machines. You need a very different design for buildings like that.

If you are doing this to somehow load balance multiple internet connections I would spend you efforts on getting a larger single internet connection. Most ISP have other packages they offer business customers. They for example have ways to combine mulitple slower connections in ways you can not and it is completely invisible to you it just look and acts like a faster connection.
 
Upvote 1 Downvote
A

aromal

Distinguished
Jul 4, 2007
23
0
18,510


Thanks for the response Bill. Appreciate it.

The whole thread was trigged by an almost full day downtime we had in the network. Let me give some more details.

The entire network is running unmanaged switches. We have kept the ip address spaces of each floor with approx 30 computers separate for security as well as smaller broadcast domains which can help have better performance. But with all unmanaged switch network is not flat, hence this is something we are doing immediately.

All floors have two switches from where the uplinks goes to one switch (aggregator / core switch) to which untangle ( UTM) is connected. Untangle has 3 wan links that is used in load balancing and fail over modes.

I am planning to put a managed switch there so as to get flow statistics. In such an arrangement if one of the ports or end points gets damaged can it bring a whole network down ? Other than looping with no STP to prevent such issues ( being all switches unmanaged) do you see any other issues causing downtimes for the entire LAN. I am suspecting some amount of IP conflict and having this resolved is the highest priority now.

Removing one of the nodes from one floor actually solved the issue but again there was a partial outage the next day. So I am quite confused hence trying and organising things first to simplify troubleshooting. I am also calling in a network engineer to trace all the network cables and tag them first.

For a network with 150 computers including wifi devices, do you have a suggestion for managed switches. I can buy 28 and 48 port switches to replace the current unmanaged ones. CISCO / Netgear / Dlink/ TPLink ? Any suggestions. We also want to have employees doing video conferencing with good a smooth experience when needed. Thanks in advance.


 
Upvote 0 Downvote
B

bill001g

Titan
Aug 9, 2012
28,319
2,754
125,640
Modern switches...even the cheap 4 ports ones...do not delay traffic. There is not need for any form of traffic management at the switch level. You could have a port overloaded but that tends to be more a server overload issue. It also to a point is why a single large switch is better. These tend to have enough switching power to run all ports at maximum speed up and down all the same time. If you had 2 switches you would be need to be concerned about the amount of traffic going between them on that one cable.

There are many types of manged switches which is also why there is a huge difference in price. Things like commercial cisco layer3 switches can actually run routing protocols like OSPF so they cost lots of money.

The simplest although not the cheapest solution would be to buy what is called stacked switches. These are 24/48 port switches that have a special interconnection cable that allows the switches to appear and perform as a single larger switch. They tend to be less expensive than buying a module switch that you put 24&48 port switch cards into.

Still you would likely have no issue with 3 or 4 48 port switches connected together with even 1gbit cables. 10gbit uplinks are not that expensive if you ever though you had a bottleneck. You likely do not need anything fancy unless you know why you need the feature. Simple vlan is what most people need.
 
Upvote 0 Downvote
Solution
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom