RE: Suggested Network Topology
- From: "Patrick Rouse" <PatrickRouse@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 1 Jun 2005 20:57:01 -0700
Yes, however check to see if you can force the switch port to 1000Mb Full
Duplex. My Intel 1000 MT Server Adapter has the same setting as yours, 10
Half/Full/Auto, 100 Half/Full/Auto, 1000 Auto.
It's also good to test a file copy from a network drive of a 100MB File to
see if you're getting a reasonable speed. You'll know the setting is wrong
if it says the transfer will take more than a few seconds, usually an
incorrect setting will cause the transfer to take several minutes.
--
Patrick Rouse
Microsoft MVP - Terminal Server
http://www.workthin.com
"JT" wrote:
> Thanks Patrick. All ports support 1GB, including the switch. Cabling is
> CAT6. The highest nonnegotiated setting I see for the NIC config is the
> 100/Full Duplex. You would recommend this over the 1GB Autonegotiate setting?
>
> --
> John
>
>
> "Patrick Rouse" wrote:
>
> > I would always recommend to manually set the switch & NIC Port speeds to the
> > desired settings, i.e. if both support 1Gb/FD and you're using at least CAT5e
> > then set them as such. An incorrect duplex setting can render a server
> > unusable, and auto-negotiate can make a mistake.
> > --
> > Patrick Rouse
> > Microsoft MVP - Terminal Server
> > http://www.workthin.com
> >
> >
> > "JT" wrote:
> >
> > > Thanks again Patrick. Any problem with Auto-negotiate 1000Mbs on the NIC's?
> > > My switch has GB ports.
> > > --
> > > John
> > >
> > >
> > > "Patrick Rouse" wrote:
> > >
> > > > I don't see any reason to have a dual-homed terminal server, unless you were
> > > > running ISA on the same box (bad idea). Simply plug the TS into a switch on
> > > > your private LAN, just like any other workstation. Best to use 100Mb Full
> > > > Duplex, if you can force your switch ports to this speed.
> > > > --
> > > > Patrick Rouse
> > > > Microsoft MVP - Terminal Server
> > > > http://www.workthin.com
> > > >
> > > >
> > > > "JT" wrote:
> > > >
> > > > > Thank you very much Patrick! Any suggestions on this question -
> > > > > "I have seen heard of deployments where the TS has two NIC's - one facing the
> > > > > internet - the other facing the private domain. Any good diagrams or
> > > > > references anyone can suggest for this?"
> > > > > Thanks again.
> > > > >
> > > > > --
> > > > > John
> > > > >
> > > > >
> > > > > "Patrick Rouse" wrote:
> > > > >
> > > > > > 1. Any hardware firewall that you're comfortable with will protect outside
> > > > > > users from probing yoour internal network. Sonicwall, Cisco Pix, Even your
> > > > > > linksys can suffice.
> > > > > >
> > > > > > 2. When you say they have access to absolutely nothing but your app, this
> > > > > > is probably NOT true. Having the user environment start with your
> > > > > > application is asthetic, but there are many keystrokes a user can do to spawn
> > > > > > an explorer shell, Internet Explorer, cmd.exe. Consider locking down the
> > > > > > server with stringent NTFS permissions and Group Policy to further prevent
> > > > > > people from poking around where they shouldn't be. There are also 3rd party
> > > > > > apps that can do this if you're not seasoned with the above mentioned tasks.
> > > > > >
> > > > > > 3. To host 200 concurrent sessions, you'll likely need 3-5 terminal
> > > > > > servers, each with 2 CPUs & 4GB or RAM. It is possible to cram 100-125
> > > > > > sessions on a single machine, but more often than not, the comforable limit
> > > > > > is between 50-75. You'll be able to figure out what you need by how your
> > > > > > system performs. Other options are a blade setup, or a 4-8 Way server
> > > > > > partitioned with VM.
> > > > > >
> > > > > > 4. Each concurrent RDP session will need at least 26.4Kbps bandwidth.
> > > > > > Multiply that by 200 and you're at 5.28Mb, which is way more than the 1.54Mb
> > > > > > if a T1. I all reality for this many concurrent sessions you'll need closed
> > > > > > to 10Mb of symmetrical bandwidth (much of your bandwidth will be upstream,
> > > > > > sending image data to clients). For this much bandwidth, you'd need a
> > > > > > fraction of a T3, or you'd need to move your equipment to a data center with
> > > > > > a full T3/DS3 or higher connection. With a T1 connection you'll max out
> > > > > > around 30-55 concurrent sessions (or less) depending on the actual bandwidth
> > > > > > requirements.
> > > > > >
> > > > > > Hope this gives you more ammo for your upcoming task.
> > > > > >
> > > > > > Planning info here:
> > > > > > http://www.workthin.com/tshta.htm
> > > > > >
> > > > > > Hardware scaling & load balancing:
> > > > > > http://www.workthin.com/tshw.htm
> > > > > >
> > > > > > 3rd party apps:
> > > > > > http://www.workthin.com/tsao.htm
> > > > > >
> > > > > > --
> > > > > > Patrick Rouse
> > > > > > Microsoft MVP - Terminal Server
> > > > > > http://www.workthin.com
> > > > > >
> > > > > >
> > > > > > "JT" wrote:
> > > > > >
> > > > > > > Hi,
> > > > > > > Warning - This is a BIG question. I am planning a network to deploy a
> > > > > > > Windows Forms app via Terminal Server on Win2003 with SP1. In the network
> > > > > > > are redundant domain controllers (one of which is the TS License Server), a
> > > > > > > BizTalk Server, and a 2 node SQL Server. There are also two terminal
> > > > > > > servers, running SP1 STD and "clustered" with software load balancing. When
> > > > > > > clients sign on, they logon as domain users who are members of the RDC Users
> > > > > > > group, and are immediately directed to the target application. They have
> > > > > > > access to absolutely nothing else. Being more of a developer than a network
> > > > > > > guy, I am looking for some guidance on network topology. Right now, the
> > > > > > > Internet comes in to a cable modem, then a simple Linksys Router, and then
> > > > > > > one managed network switch (DELL 5324) - to which all servers are connected.
> > > > > > > The router forwards RDC connections to the IP of the Terminal Server.
> > > > > > >
> > > > > > > My question(s):
> > > > > > > What kind of hardware security device(s) should I employ between the
> > > > > > > Terminal servers and the client?
> > > > > > > Between the Terminal Servers and the rest of the network?
> > > > > > > I have seen heard of deployments where the TS has two NIC's - one facing the
> > > > > > > internet - the other facing the private domain. Any good diagrams or
> > > > > > > references anyone can suggest for this?
> > > > > > >
> > > > > > > I may be dreaming here, but the eventual goal would be to have several
> > > > > > > hundred or more clients accessing this app. At that time, I would probably
> > > > > > > have to upgrade to a T1 line or better. I am looking for the type of
> > > > > > > hardware/setup that would enable this kind of scalability.
> > > > > > >
> > > > > > > Thanks for your thoughts and suggestions.
> > > > > > > --John
.
- Follow-Ups:
- RE: Suggested Network Topology
- From: JT
- RE: Suggested Network Topology
- References:
- RE: Suggested Network Topology
- From: JT
- RE: Suggested Network Topology
- From: Patrick Rouse
- RE: Suggested Network Topology
- From: JT
- RE: Suggested Network Topology
- From: Patrick Rouse
- RE: Suggested Network Topology
- From: JT
- RE: Suggested Network Topology
- Prev by Date: Assigning user to License
- Next by Date: RE: Assigning user to License
- Previous by thread: RE: Suggested Network Topology
- Next by thread: RE: Suggested Network Topology
- Index(es):
Relevant Pages
|
