Re: Large network question

whytwelve13@xxxxxxxxx wrote:

Thanks for your replies, it was very important to hear these things
from you. I will just briefly summarize all the threats that you all
have addressed and some that I add. I ask you once again to comment on
these, since all these comments were extremely useful. I will have some
references to my first post.

I will have to use gigabit swtiches between main floor switches (MFSs),
since other kinds would be easily saturated by the possible load.

Gigabit can be saturated too. Don't just assume that it's fast enough.

The
building has some cabling, it needs to be tested and some (or all) of
the cables surely must be replaced. PCs are not my concern - I am here
just to build the network.

In what sense? You're supposed to put in cables and switches and routers
and whatnot without any real regard for how they are going to be used?

Thus, security is not my primary concern. In
order of importance, these are the risks:
- Feasibility - It is very important that any kind of network is built,

Huh? Building a network barring some unforseen circumstance is certainly
feasible. This is not usually an issue. The issue is how to go about it.

- Downtime - It should work most of the time, but it is not a problem
if it breaks even for a whole day. Naturally, the network should be
built to avoid these problems. Downtime due to overload is not a
problem, since the users will be warned about the network capacity. I
am thinking about making some restrictions about the load each of the
computers can impose to the network. However, this is probably not
possible with switches only,


- Cost - I count at around $10k for cables, switches and routers.

In the US it's going to be on the order of ten times that. A good budgetary
number for that part of the system would be around $150K, which includes a
factor for lack of definition.

Computers exist already,

What kind of computers, what network interfaces do they have, what operating
system are they running, what applications are installed, to what purpose
are they used, what capability is the network expected to provide that is
not already present?

- Security - I don't take this too important.

You will. YOU _WILL_.

The users will be
responsible, since the network will not be in my control.

In whose control will it be? I am not at all clear on your role in this.

Each user
will be able to setup the computer as (s)he wants. They will be warned
about such possibilities (e.g. virues),

If you think that you're not going to be responsible, then put in another
$25K or so for a _good_ lawyer to write up the contracts. Don't bother to
warn users, you may as well attempt to raise sea level by peeing in the
ocean.

- Scalability - Absolutely not important. The network should work with
current capacities and it is not important to extend it.

Famous last words.

Of course, I
will not miss the opportunity to make it extensible, but if that would
increase any other risk, it's out of the question.

Considering this, do you agree with the above comments?

My view on this is that you are badly, horribly out of your depth. Hire
someone who has built a network this size before to do the work and watch
over his shoulder so you learn how it's done.

Also, are they
feasible with switches only? Routers are probably too expensive to put
one per floor. Maybe a few routers will be enough. Do you think that
using routers to control the network is a better solution then using
(un)managed switches?

Using unmanaged switches on a network this size is out of the question. You
are going to have no diagnostic capability at all, and with this many ports
to deal with you _need_ the diagnostic capability. Whether routers will be
useful depends on information that you have not provided concerning the
manner in which the network will be used. In any case, compared to the
operating costs the costs of using a router instead of a switch in a given
location is negligible.

About the comment that "peer-to-peer file sharing ... is going to be
chaotic at best" and the next comment that I need a Windows server...
It will probably happen - a dedicated server to manage the needs of
this network only. That is, WWW server and DNS server at least.

You need at least one and possibly several domain controllers. Any web
server should be independent of the domain controllers. The DNS server
will typically be on one of the domain controllers.

Do you
think putting a DNS will solve this problem?

Uh, how were you going to run this _without_ a DNS server? Were you going
to pay for 750 or so IP addresses from your service provider?

DHCP is not important
right now, but it could be activated later.

So you're going to run around setting IP addresses? Setting up DHCP is
practically trivial, far, far simpler than setting static addresses on
hundreds of computers.

All users will be
instructed to statically bind their computers to the specific address.

WHY?

I will do the first-time configuration of all computers, so this will
probably not be the problem. The computers should not be
floor-isolated, i.e. peer-to-peer file sharing should work accross the
whole building. Printing is not important (i.e. if bad, then we won't
do it).

Huh? You're saying that your users just won't print? Do be sure to have an
armored door on your office and under no circumstances let anyone know your
home address.

No "transient devices", like laptops or such are planned. The network
is a cable-only variant. As I mentioned, scalability the last problem I
will address. The wiring is totaly feasible, I have explicit contract
with the owner of the building to do what I need.

The owner of the building is going to put in on the order of 800 CAT5E drops
for enough under $10K that you can afford to buy switches etc with the
change?

"You want as few
layers of devices as practical" - I know that this is true, but the
structure of the building makes it easier to do it 3-5 switches per
floor, 1-3 main floor GBE switches.

Ease of installation does not equal ease of management. If the building is
too large to permit all wiring on a floor to be home-run to a single closet
then you want to run it to as few as possible.

How much will this impact the
performance? Virus-checks, e-mails, auto-updates and such are not
counted in - i.e. I will not put such servers.

So how will they get done? Hint, if you don't put in servers for this then
they're going to be bombing your Internet connection instead.

WWW is probably the only
user-friendly server I will possibly put. E-mails are very unimportant
in this setting, because of the current (and free) in-building
telephone lines.

You think that do you? Telephone is not a substitute for email, email is
not a substitute for telephone, they serve different purposes.

Internet connection should be "meaty", but as I mentioned better
anything than nothing.

You need to have a real handle on the load--a "meaty" internet connection
can cost thousands of dollars a month.

I consider that router can be configured to
somehow restrict the access to the users that overload the network
and/or Internet connection too much. If not, then at least a some
software can be installed on the computer to do that. What do you think
about this?

I think that you need to do some more planning. Like how are you going to
install software on individual computers, are you going to go around at 2AM
with a CD in your hand? And what keeps the user from removing it?

Does anybody have some practical info about this? Anybody that fits in
this situation (considering all the above metioned things, especially
$)? The practical info would be very appreciated, because that is what
I mostly lack about the networks of this size.

From the questions you are asking, the costs you are coming up with, and the
assumptions you are making it is clear that you don't have a good
understanding of the real issues in running a network this size. Relying
on the skill and good will of the users is a recipe for failure.

At the end, thanks again for all your comments!


--
--John
to email, dial "usenet" and validate
(was jclarke at eye bee em dot net)
.

Relevant Pages

  • Re: Cannot browse or open shared printers or server on sbs 2003 from client pc
    ... i think the network problem has taken a different turn. ... meanwhile if i access the mapped drives to the server which we setup in the ... my thought now is what is the update mechanism for the printers from the ... I understand the issue to be: client computers can ...
    (microsoft.public.windows.server.sbs)
  • Re: List of servers in this workgroup is currently not available.
    ... Computer description appears before the computer name in the My Network ... Microsoft CSS Online Newsgroup Support ... <recently installed a D-Link print server with a reserved IP. ... <As soon as I uninstalled the print server and rebooted the computers, ...
    (microsoft.public.windows.server.sbs)
  • RE: Help with 070-217
    ... The network contains 25,000 computers. ... > single Windows 2000 domain named research.contoso.com. ... > Server computers that are configured as domain controllers. ...
    (microsoft.public.cert.exam.mcse)
  • Help with 070-217
    ... The network contains 25,000 computers. ... single Windows 2000 domain named research.contoso.com. ... Server computers that are configured as domain controllers. ...
    (microsoft.public.cert.exam.mcse)
  • Re: Help with 070-217
    ... The network contains 25,000 computers. ... > single Windows 2000 domain named research.contoso.com. ... > Server computers that are configured as domain controllers. ...
    (microsoft.public.cert.exam.mcse)