RE: Suggested Network Topology

Tech-Archive recommends: Speed Up your PC by fixing your registry

Thanks Patrick. All ports support 1GB, including the switch. Cabling is
CAT6. The highest nonnegotiated setting I see for the NIC config is the
100/Full Duplex. You would recommend this over the 1GB Autonegotiate setting?

--
John


"Patrick Rouse" wrote:

> I would always recommend to manually set the switch & NIC Port speeds to the
> desired settings, i.e. if both support 1Gb/FD and you're using at least CAT5e
> then set them as such. An incorrect duplex setting can render a server
> unusable, and auto-negotiate can make a mistake.
> --
> Patrick Rouse
> Microsoft MVP - Terminal Server
> http://www.workthin.com
>
>
> "JT" wrote:
>
> > Thanks again Patrick. Any problem with Auto-negotiate 1000Mbs on the NIC's?
> > My switch has GB ports.
> > --
> > John
> >
> >
> > "Patrick Rouse" wrote:
> >
> > > I don't see any reason to have a dual-homed terminal server, unless you were
> > > running ISA on the same box (bad idea). Simply plug the TS into a switch on
> > > your private LAN, just like any other workstation. Best to use 100Mb Full
> > > Duplex, if you can force your switch ports to this speed.
> > > --
> > > Patrick Rouse
> > > Microsoft MVP - Terminal Server
> > > http://www.workthin.com
> > >
> > >
> > > "JT" wrote:
> > >
> > > > Thank you very much Patrick! Any suggestions on this question -
> > > > "I have seen heard of deployments where the TS has two NIC's - one facing the
> > > > internet - the other facing the private domain. Any good diagrams or
> > > > references anyone can suggest for this?"
> > > > Thanks again.
> > > >
> > > > --
> > > > John
> > > >
> > > >
> > > > "Patrick Rouse" wrote:
> > > >
> > > > > 1. Any hardware firewall that you're comfortable with will protect outside
> > > > > users from probing yoour internal network. Sonicwall, Cisco Pix, Even your
> > > > > linksys can suffice.
> > > > >
> > > > > 2. When you say they have access to absolutely nothing but your app, this
> > > > > is probably NOT true. Having the user environment start with your
> > > > > application is asthetic, but there are many keystrokes a user can do to spawn
> > > > > an explorer shell, Internet Explorer, cmd.exe. Consider locking down the
> > > > > server with stringent NTFS permissions and Group Policy to further prevent
> > > > > people from poking around where they shouldn't be. There are also 3rd party
> > > > > apps that can do this if you're not seasoned with the above mentioned tasks.
> > > > >
> > > > > 3. To host 200 concurrent sessions, you'll likely need 3-5 terminal
> > > > > servers, each with 2 CPUs & 4GB or RAM. It is possible to cram 100-125
> > > > > sessions on a single machine, but more often than not, the comforable limit
> > > > > is between 50-75. You'll be able to figure out what you need by how your
> > > > > system performs. Other options are a blade setup, or a 4-8 Way server
> > > > > partitioned with VM.
> > > > >
> > > > > 4. Each concurrent RDP session will need at least 26.4Kbps bandwidth.
> > > > > Multiply that by 200 and you're at 5.28Mb, which is way more than the 1.54Mb
> > > > > if a T1. I all reality for this many concurrent sessions you'll need closed
> > > > > to 10Mb of symmetrical bandwidth (much of your bandwidth will be upstream,
> > > > > sending image data to clients). For this much bandwidth, you'd need a
> > > > > fraction of a T3, or you'd need to move your equipment to a data center with
> > > > > a full T3/DS3 or higher connection. With a T1 connection you'll max out
> > > > > around 30-55 concurrent sessions (or less) depending on the actual bandwidth
> > > > > requirements.
> > > > >
> > > > > Hope this gives you more ammo for your upcoming task.
> > > > >
> > > > > Planning info here:
> > > > > http://www.workthin.com/tshta.htm
> > > > >
> > > > > Hardware scaling & load balancing:
> > > > > http://www.workthin.com/tshw.htm
> > > > >
> > > > > 3rd party apps:
> > > > > http://www.workthin.com/tsao.htm
> > > > >
> > > > > --
> > > > > Patrick Rouse
> > > > > Microsoft MVP - Terminal Server
> > > > > http://www.workthin.com
> > > > >
> > > > >
> > > > > "JT" wrote:
> > > > >
> > > > > > Hi,
> > > > > > Warning - This is a BIG question. I am planning a network to deploy a
> > > > > > Windows Forms app via Terminal Server on Win2003 with SP1. In the network
> > > > > > are redundant domain controllers (one of which is the TS License Server), a
> > > > > > BizTalk Server, and a 2 node SQL Server. There are also two terminal
> > > > > > servers, running SP1 STD and "clustered" with software load balancing. When
> > > > > > clients sign on, they logon as domain users who are members of the RDC Users
> > > > > > group, and are immediately directed to the target application. They have
> > > > > > access to absolutely nothing else. Being more of a developer than a network
> > > > > > guy, I am looking for some guidance on network topology. Right now, the
> > > > > > Internet comes in to a cable modem, then a simple Linksys Router, and then
> > > > > > one managed network switch (DELL 5324) - to which all servers are connected.
> > > > > > The router forwards RDC connections to the IP of the Terminal Server.
> > > > > >
> > > > > > My question(s):
> > > > > > What kind of hardware security device(s) should I employ between the
> > > > > > Terminal servers and the client?
> > > > > > Between the Terminal Servers and the rest of the network?
> > > > > > I have seen heard of deployments where the TS has two NIC's - one facing the
> > > > > > internet - the other facing the private domain. Any good diagrams or
> > > > > > references anyone can suggest for this?
> > > > > >
> > > > > > I may be dreaming here, but the eventual goal would be to have several
> > > > > > hundred or more clients accessing this app. At that time, I would probably
> > > > > > have to upgrade to a T1 line or better. I am looking for the type of
> > > > > > hardware/setup that would enable this kind of scalability.
> > > > > >
> > > > > > Thanks for your thoughts and suggestions.
> > > > > > --John
.

Relevant Pages

  • Re: Help with Switches their performance and monitoring
    ... How many ports are available per switch? ... Have you specified link speed and duplex on each port of the switch as ... If the slowness is between vlans then how are ...
    (comp.dcom.sys.cisco)
  • Re: min size for VLAN tagged ethernet frame
    ... frame length constraint) and others were operating in full duplex mode ... combination of full duplex and half duplex ports, ... unnecessarily complicates switch design. ...
    (comp.dcom.lans.ethernet)
  • Re: slow network boots & jumpstart
    ... Set the ports on the switch to autonegotiate and everything will be fine. ... any difference at all to the stages of the boot before the kernel takes over. ... Since you have turned off autonegotiation on the switch, negotiation will then fail, and the system will ten choose half duplex, as it should. ...
    (comp.unix.solaris)
  • Re: probably an easy routing question, so please help
    ... plugged into the same gigabit switch as Server B in Block 2 and they ... from a 10Mb link to the router and the computers are both hooked into ... router with gig ports, you will potentially have limits for any ...
    (comp.dcom.sys.cisco)
  • Re: Configuring Cisco IPS High Bandwidth Using EtherChannel Load Balancing
    ... "If the paired interfaces are connected to the same switch, ... VLANs for the two ports. ... IPS is able to track traffic per-VLAN, ... VLAN Pair mode uses one interface only and this is the only supported ...
    (Focus-IDS)