First of all, I would like to thank you all. Thank you for all the high quality information you guys are making available.
During my many years working as a computer-tech, I just kept bouncing into Tom's hardware over and over again. Our friendship first started out back in the day; Whenever I would search the web to resolve some issue, Google would slingshot me to these forums time after time. After a while I even changed my problem-solving strategies by starting my search at these forums whenever I encountered some PC issue! (thus, avoiding google slingshotting me somewhere else, which often resulted in a bad landing ) Never before did I find myself required to start a thread to find the answers I was looking for, but this time I am facing a situation which I think is appropriate to dedicate a thread to.
I need to build a small office network for my new employer, and I have some questions about the best possible setup. This is kind of a long long post, with allot of different aspects that need to be sorted out. I will try to write this as structured as possible, and separate different questions as much as possible. This way everyone can share their piece of advice on any part/question related to this project, without having to read the whole post I will start of by describing the situation as it is right now;
As of now our network consists of 2 switches(gbit), 1 router(100mbit), 1 cable modem (120Mb/10Mb) The cable modem is connected to the router and the router to the switches. We have one server(win2k8) in our office, and it is connected with the router. The server acts as a file-server, printer sharing device and e-mail server. All these services and data are stored in a single hard-disk inside the server. (There is second HDD in server, which should form a raid mirror, but i'm not certain) The server is online 24/7 and is connected to a UPS. We have some usb-hard-disks for backup, but this is not really being used/lacks performance.
The clients in the network consist of; 5 wired pc's(all win7, gbit NIC), 2 wired printers, 3 wireless laptops and some 5 wireless devices like phones and tabs. Tops there are about 12 wireless devices connected at the same time. Most of them phones. Considering the amount of clients our network traffic is relatively high.
Some of the employees work from home or other places, and they need to be able to download and upload stuff from the network. We use software to set up a VPN to make this possible as of now. (but it lacks performance, and it is not that reliable/safe)
Everything wired is connected with cat5 cables, either to the router or to one of our switches. The 2 switches are very cheap unmanaged home grade gigabit switches, made by linksys. Our router is a consumer linksys router with wireless N, Mb Ethernet, and crawling throughput. (Can most cheap consumer routers even use every eth port simultaneously at 100% capacity?)
The problems and functionality that the network (or me ) is lacking
The main problem with our network is that it is dirt slow, lacks a good backup/storage system, lacks internet/cloud backups, and it is not reliable or secure what so ever. Employees that are working from home are having problems with the VPN, upload and download speed, and accessing shared files. I know our 10Mb upload is not that fast, but it is the max. available, and remote workers get nowhere near that speed. Because of this restricted upload speed, I would like to be able to configure the nas to upload the backup to the cloudserver outside office hours. Even better would be the possibility to have it upload while there is free upload bandwidth, and pauze when the bandwidth is needed elsewhere. My research so far has made me believe I could use a managed (layer3) switch for there kind of activities, right?
There is no proper management of the network whatsoever. Since I will be maintaining the system I would like some opinions about proper management possibilities. Mainly for VLAN's, backup management, networking analysis, port forwarding, management of bandwidth, remote access, shared partition management, security/firewall and general networking management. I know most of this will be handled from the server, but I would also like to hear about possibilities for proper NAS, Switch, and router management. I am not that proficient with win2k8, but have a good knowledge about Linux and Windows. If u happen to know about some must-have tools/software that would make my life as network administrator easier, give me a shout!.
The only failsafe mechanism at this moment is the UPS that is connected to the server. We lack failsafe mechanisms for the internet connection, and every piece of hardware except for the server. My instinct tells me that at least the networking hardware and the nas should have some sort of UPS system when facing power outage. Any tips regarding how to keep the network safe during a power out? What kind of damage could a power outage do to the network, except for losing data? Any chances that it could corrupt a raid array in a nas/server, or maybe mess up network settings?.
Since I have just started at this company, I have not yet had a chance to check out the server. All I know is it acts as data and e-mail server, and is connected to UPS. Are there any must-do actions you guys would advice me? Like installing a shutdown script for the UPS, or installing Ghost or some other handy software? The server is about 3 month's old and is actually a desktop pc. (W2K8 running on desktop).
The Solution (so far)
This part of my thread is how I am planning to build the network as of now. When someone shares some good advice, or helps me make a decision I will edit this part of my post, and add his name and solution/recommendation. This way it will stay accessible when reading. (I cant believe I just said "accessible" and "reading" in one sentence after all this typing)
I will go cat6 with all the wires except for the printers. I will need to buy a switch, and a router, or a router/switch in one. I did some searching and as of now I think my best bet would be to buy both a switch and router. The switch would have to be managed, and both the router and switch should have gigabit ethernet, enough power to manage +-10 devices without lag and one of them will need support for something like a 3G or UMTS dongle, so I can fall back on a second internet connection.
I will need a NAS, that has high performance (I hope to get in the range of 125mb+ read/write) and has hot-swap (auto-rebuild) I will need at least 4TB of usable storage space, and will probably need to implement some kind of raid. The NAS has to be able to interact with multiple clients at the same time without going in to crawl mode. If the rest of the network supports it, and it would not cost considerably more, I might get a 2 port gigabit NAS. (pro's/con's anyone?)
The Software/The Server/Extra
I have not really made up my mind about this part. I will need some network management tools for sure. I'm also pretty solid that I want to put my mailserver and data on different partitions, and back up the whole server on the nas.
When the whole network is finished I will find a cloud backup contract so my nas gets backed up in the cloud. I figured out this would be easier to do when everything is up and running, but I should remember it when choosing router/switch/nas/
Some primary questions
These are some of the questions i have came up with so far;
There will be allot of data traveling through the network, and i want it to be as fast as possibe. What would be the best setup for the network itself? Cable modem -> router -> switch, or cable-switch-router? When I connect my PC directly to the cable modem, I can get the promised 120mb download. Behind the router i wont even get halve of that, even when the other clients are down. Is there a way to set up the network in a way to reach the ISP's promised speeds? (or in that range?)
If I connect everything to the switch, would there be a performance drop because of packages that need to travel to the WAN will need to go from the switch to the router first to get their NAT sorted out?
What router/switch should I use? I want gigabit lan, and a fast wireless AP, and I want to configure it in a way that I will get as close as possible to the 125mb limit, and keep latency for internet as low as possible. (our company uses internet allot). I figured out that a good switch will probably outperform a router by far when it comes to networking speeds, but I will also need to figure somethng out for interneting and internet-failover (3G usb?) system.
How should i set up DHCP?/IP static? let the switch do it? or router? what would best option performance wise?
My thought as of now was: everything wired should have static IP, and everything wireless should have some sort of dhcp taking care of things. Oppinions?
What kind of NAS should I get (We have to be able to get data from the NAS from outside the network) and what kind of RAID should I use? I think I want a 4bay NAS, but I am not so sure about the raid. I want fast read and write speeds, but also reliability. I was thinking about Raid10 or Raid 5. Please share your opinion!.
I am familiar with Qnap, as of now I am thinking about buying a Qnap or Synology, but i dont really know which one yet. A year or 2 back, these 2 brands were in a head to head race at being the best nas builder, does someone know what the differences are these days? any other good brands?
What is the bottleneck in most NAS devices? the HDD's right? Any tips to get the speed as close as possible to 125 limit (or 250, with double ethernet?) while not increasing the costs tenfold ofcourse.
oh, and by the way, i want to keep the costs (relatively) low. I understand that I will need to invest some bucks to get a good setup, but 1000+ euro switches are out of the question
Well, thats it for now, I hope someone could share their opinions and/or experience,
Feel free to ask me any questions regarding this subject.
what flavor of Linux do you work with? have you considered using an old computer and use it as a firewall? put in three NICs for DUAL WAN configuration. use the router as an access point.
stay away from all-in-one modem/routers
if the mobile devices do not need to access the office, put them on a separate wireless AP and connect that AP to the DMZ. use you old router for that and buy a GigaBit router for the office laptops to access the network.
if I am not mistaken, W2k8 R2 does backup twice a day.
I would consider VPN the safest way to access data remotely.
I dont remember, will look up later, but I think I will replace them, and I rather use a firewall or switch with build-in Firewall! and the mobile devices will need access to the office. I used your setup for a friend of mine a few months back, using DDWRT on the routers. I want a more "professional" setup this time though.
You should use DHCP for all client computers, and static IP for all servers.
You should connect Modem > Router > Switch.
Regarding your router, the 125 MB internet will be well taken care of by any modern router. If you got the money, purchase a Cisco or Junpier of any appropriate size. otherwise use one (or two, if you like redundancy) PCs with two or more network cards as router. I would suggest pfSense or similar (I found this router howto video http://www.youtube.com/watch?v=dXS8i86X5hc ). Personally I always do installations with router software on PCs, because it's actually the same thing as a hardware firewall/router. All firewalls are PCs. In bigger installations I use a lot of http://shopper.cnet.com/soho-servers/supermicro-superse... which are very fast.