Re: Network Design

Thanks.. I thought that was all overkill :) I wanted to keep it a single
subnet but was curious on best practice for that... Users are mostly
office users (word, excel) We have a drafting department that does CAD but
there are only 3 users there and they aren't doing intensive CAD or 3D
stuff.. It's mostly file and print.. I'm moving to a SAN because we are
doing a lot of scanning documents and image type things and will get more
involved with that later.. I'm currently running out of space..

It is currently set up in the 172.22 range... It is a Win2k domain.. I'm
moving to a Win2008 domain..

In a VLAN case how do users authenticate if the DC is in Say VLAN1 and you
have users in VLAN2 or VLAN3..

I have a watchguard x550e in place that acts as the firewall.. From that
goes into a dell powerconnect 5212 which the servers are connected to then
to two other dell switches which the users are connected to..

I am pretty much re-doing the entire network so I'm wondering best practice
for optimal performance.. I'll probably be playing with the NEW network for
a while in the a test environment for learning purposes and then migrate
everyone over. Being it isn't that big of a network I kind of have that
luxury..

I am getting :

1- Dell PowerEdge 1950 this will be a Windows 2008 64 bit. This will be the
DC (AD, DHCP, DNS, printer server)

1 - Dell PowerEdge 2950 (Backup DC, SQL server)

1 - Dell Equalogic PS5000E - ISCSI SAN.

2 - Dell PowerConnect 5424 GB switches to connect the SAN to the servers..


2 older servers from old network that I'll use to do things like (Anti-Virus
server, fax server, web server, etc.)


Thanks for your input!





"Paul Weterings" <Paul-nospam-@syncpuls-dot-com> wrote in message
news:4901e6d7$0$15820$e4fe514c@xxxxxxxxxxxxxxxxxxxxxxxxxxx
60 users?

It is very likely that the below setup is overkill, assuming the 60 users
are not streaming video all the time, but are regular office users.

I would not split up the network in subnets if at all avoidable, there's
no reason I can think of that is worth the extra hassle in this situation.

Without spending too much money I would do the following, keeping some
level of scalability in mind.

1. two decent brand managable 48 port 100 Mbit switches for the users, you
might want to consider vlanning depending on user activity.

2. A decent brand (juniper, cisco) router to the internet

3. Gigabit switch for the SAN backbone, assuming you are using iSCSI.
Otherwise FC.

4. Internal IP scheme, something less obvious in the 172 or 10 range (for
example 10.46.8.x) this will give you 254 ip addresses. (not 10.0.0.0
please... if you ever try to connect other LAN's you'll find that they
will have done this; forcing you to renumber) You may want to consider
using a B class to allow for scalability.

For a small setup like this the KISS principle applies.... Keep It Simple.
The admins will thank you for it.

/ ) Regards,
/ /_________
_|__|__) Paul Weterings
/ (O_) http://www.servercare.nl
__/ (O_)
____(O_)


buf1 wrote:
Curious on best practice for network design of a relatively small network
of 60 users, 5 printers, 3 servers, one storage arrray, one firewall to
the internet...

I'm wondering if I split up into 2 subnets just to break it up a bit.
I'm thinking two switches for the SAN that connects to servers on the
backend.

Then two switches (1 for each subnet) that would connect to all servers
Then 2 user switches that would connect users in each sub net..

Is it over kill?? Or am I on the right track.. It's building a network
from scratch..

What is best practice for private internal IP address scheme..

Thanks.


.

Relevant Pages

  • Re: Windows 2008 IPv6
    ... Routing is routing, whether you are using vlans or not. ... Like if I have my servers in a seperate VLAN or NETWORK.. ... I'm wondering if my authentication servers are on VLAN1 how do you get users from VLAN2 to authenticate and use services from VLAN1.. ... are capable of VLAN's configure your switches to separate the servers ...
    (microsoft.public.windows.server.networking)
  • Re: Sites/subnets question
    ... the subnet, that's something way different.... ... > the Citrix Farm to use the applications that they need to get their work ... >> We have a distributed network with a domain controller at each office, ... >> logon process to the servers the client is authenticating with a slow ...
    (microsoft.public.win2000.active_directory)
  • Re: Random Failed Connection on Port 25 from CSS Keep-Alive
    ... We are running Sendmail 8.13.8+Sun/8.13.8 on a fully patched ... seen this issue occur on other servers. ... (Solair 8 servers on the same network ... Connected to the BI 4000 was a group of managed switches. ...
    (comp.mail.sendmail)
  • RE: Secure Network Design (DMZ, LAN, etc)
    ... you'll see that their both on the same subnet. ... It has a port for the trusted network and a port ... Our firewall handles NAT. ... > servers, wouldn't it require a public IP and therefore be somewhat ...
    (Security-Basics)
  • Re: Running out of IP addresses
    ... I have a network of 5 servers running Windows 2003 server on the same ... The subnet has 254 possible addresses,...there is no way you would run out. ... Ethernet is not supposed to have subnets bigger than 254 hosts. ...
    (microsoft.public.windows.server.networking)