First Server, how to network

[penti01]

So, my SME business just bought a new server, an upgrade from the old 'server' I had setup from an old desktop, running via an ASUS RT-N66U. We're also adding new desktops to the network.

Currently, this is my setup:

 

Office 1:

  Computer 1

  Server

Office 2:

  Computer 2

  Wireless Point-to-point 1

  Wireless Point-to-point 2

  Wireless Point-to-point 3

  DVR 1

  DVR 2

Office 3:

  Computer 3

  Computer 4

  Computer 5

Office 4:

  Computer 6

  Computer 7

  Computer 8

  Computer 9

 

Via Wireless Point-to-point 1 (off-site):

  Computer 10

  Computer 11

  Computer 12

Via Wireless Point-to-point 2 (off-site):

  Computer 13

  Computer 14

Via Wireless Point-to-point 3 (off-site):

  Computer 15

 

I'm thinking of running it like this:

 

Modem 1

Modem 2

     to

ROUTER     ->      SWITCH1     ->     SWITCH2    ->     SWITCH3

  Server                   PC2                      PC3                     PC6

  PC1                       DVR1                   PC4                     PC7

                               DVR2                    PC5                     PC8

                               P2P1                                                 PC9

                               P2P2

                               P2P3

 

Would daisychaining 3 switches have a detrimental effect?

What switch should I be getting? Is the Asus N66U even capable of this setup?

 

Server is mostly running SAP B1, and off-site computers will mainly be running RDP.

[TheKDub]

Daisy-chaining 3 switches shouldn't have too much of an impact, you might see a slight increase in ping times, but other than that it shouldn't cause any trouble.

Make sure you don't cause any switching loops, those can get pretty nasty.

 

As for the switch(es), you likely could get by with only a single switch, you've got 15 devices listed, so I'd make sure there are at least 18 ports, that way you can expand some in the future.

 

What's your total budget for the switch or switches? And do you want managed or unmanaged?

 

The Asus RT-N66U should be fine, though it might be a good idea to go for a more business oriented router instead.

[Electronics Wizardy]

For router and stuff, id get a unify edgerouter

 

Id then get a single 24port switch. No reason to have 2 switches when you can use 1.

 

Id get then get a few unify AP's as a single ap will slow down with lots of aps. Also the unify ones support wpa2 enterprise if you want to set that up.

[2FA]

7 minutes ago, Electronics Wizardy said:

For router and stuff, id get a unify edgerouter

 

Id then get a single 24port switch. No reason to have 2 switches when you can use 1.

 

Id get then get a few unify AP's as a single ap will slow down with lots of aps. Also the unify ones support wpa2 enterprise if you want to set that up.

Auto-correct? You mean Ubiquiti?

[Electronics Wizardy]

Just now, DeadEyePsycho said:

Auto-correct? You mean Ubiquity?

yep

 

[System Error Message]

Ubiquiti is a brand. Their routers are sold with misleading information. People who dont need QoS and dont need more than 100Mb/s are usually happy. So dont consider ubiquiti yet.

 

First there are ways you can get around daisy chaining because of the potential bottlenecks and it also depends on your budget. You could get switches with 10Gb/s ports which will let you stack/daisy without much bottleneck. Another way is to use semi managed switches that support LACP and use that between switches to increase the link width to reduce bottlenecks.

 

For the router it depends on your requirements.

WAN speeds

VPN speeds

features

 

some businesses can get away using consumer routers because their needs arent many. Personally i'd suggest going with pfsense/mikrotik as they have a lot of features that are useful for businesses but require a lot of skill to configure. Ubiquiti edgerouters on the other hand can be imagined as a more limiting embedded linux, they are better than consumer routers but fall short of the capabilities and performance of pfsense and other routers in that space. Want a network anti virus? pfsense can provide that and integrate it easily. You can install it on ubiquiti edgerouters but you cant integrate it with main router, i've tried the ERPRO and tried getting snort, squidguard, clamav all the work together but never managed to. Ubiquiti edgerouters are way over glorified and ubiquiti themselves have no shame with their ads and irrelevant information. The information provided by ubiquiti for their edgerouters are only if you use them as a layer 3 switch and not relevant to what most users require.

 

Gather up your requirements for your router and post them here. Based on your network you will do better with a dedicated router and AP seperate. Infact for your AP i would recommend ubiquiti. Every brand has their strong and weak points and for ubiquiti its their routers. For mikrotik their switches are their weak point.

[penti01]

i'm VERY new to the networking game, other than buying a good ASUS router and plugging in one router.

 

In this set-up, is a router still needed? Does the server need a router or can it act as the router/manager?

What if I use a managed switch? Should I use a managed switch?

I might be able to get away with consolidating Switch 2 and 3, but the distance between Switch 1 and 2 is too far to be running a lot of CAT5e cables..

[System Error Message]

This why i said LACP or 10Gb/s can help you with cabling. It does mean either a bundle of cables or high quality cable. You only need to get a semi managed switch that supports LACP(link aggregration). Its best to use the same brand of switches. Link between switch 1 and 2 need to be bigger than link between switch 2 and 3 if you place to use LACP.

 

A router is needed, because consumer routers do not have the security for business networks. If you do not have the skill/staff to use a configurable router than keep the router you have as long as it is capable of supporting your WAN speeds. I would suggest a user friendly UTM or giving pfsense a try (requires a desktop like PC with multiple NICs) as they are much suited to businesses than an asus router is. Its more to do with what they provide such as malware defence, IDS and other things to keep your network secure that arent provided by consumer routers.

[Eniqmatic]

3 hours ago, System Error Message said:

This why i said LACP or 10Gb/s can help you with cabling. It does mean either a bundle of cables or high quality cable. You only need to get a semi managed switch that supports LACP(link aggregration). Its best to use the same brand of switches. Link between switch 1 and 2 need to be bigger than link between switch 2 and 3 if you place to use LACP.

 

A router is needed, because consumer routers do not have the security for business networks. If you do not have the skill/staff to use a configurable router than keep the router you have as long as it is capable of supporting your WAN speeds. I would suggest a user friendly UTM or giving pfsense a try (requires a desktop like PC with multiple NICs) as they are much suited to businesses than an asus router is. Its more to do with what they provide such as malware defence, IDS and other things to keep your network secure that arent provided by consumer routers.

I wouldn't really be recommending this to someone who has said he is new to networking, no offense OP.

 

Although I know you've said the length of the rooms is too far, how far are we talking? Definitely the best way to tackle this is to centralise everything where possible. You should get everything wired into a patch panel making it much easier for whoever has to manage this in the event of problems.

[Sir Asvald]

I'd rather get a professional who has better knowledge than us. @penti01

[Guest]

1 hour ago, Abdul201588 said:

I'd rather get a professional who has better knowledge than us. @penti01

 

6 hours ago, penti01 said:

i'm VERY new to the networking game, other than buying a good ASUS router and plugging in one router.

 

In this set-up, is a router still needed? Does the server need a router or can it act as the router/manager?

What if I use a managed switch? Should I use a managed switch?

I might be able to get away with consolidating Switch 2 and 3, but the distance between Switch 1 and 2 is too far to be running a lot of CAT5e cables..

Are you able to provide a floor plan for this?

 

What services are running on the server?

[Emmien]

What is this server actually doing?

 

You asked, does the server you have support this configuration. Pretty much all PCs with a network port will support most networks, sometimes it just take more configuration. Your setup so far for the PCs should be all plug and play. If you don't do anything like link aggregation/trunking/LACP, the server should also be pretty much plug and play, but that depends what it is running and what you are using it for.

 

 

Many businesses can make do with a simple WiFi router, maybe a 10/100 or 1000 megabit network switch. You have a server, so you must be wanting to do something on it.

 

 

Is the server going to be storing files? 

Is it running mail or a website?

 

If a small amount of devices have a large amount of data going between them, but not too much going to other devices, try to keep them together.

 

With one switch, you could have any port communicating with any other port at full throughput, or one port at full throughput going to two ports at half. As soon as you have a second switch connected by a single cable, this is limited to the speed of the slowest port on the switches the link (cable between the switches) is on. 

 

There is no point in not getting gigabit switches. Even if you choose to use consumer grade switches, gigabit is not much more and is 10x faster.

 

LACP/trunking/link aggregation uses several ports and cables to balance the load and increase throughput. These are features you will find on managed switches. Managed switches have a web interface or command line interface (Usually web) and you can do things like control Quality of Service, do give certain devices priority (VOIP phone, conference, file transfer). 

 

Some switches have 10Gb/s ports. That is over 1 gigabyte a second. If you get these, you will only have run run 1 wire, or more likely, fiber optic cable between switches. If you put a 10 Gb card in your server, you would get faster file transfers when lots of devices are connecting.

[Blake]

On 10/3/2016 at 0:34 PM, penti01 said:

I'm thinking of running it like this:

 

Modem 1

Modem 2

     to

ROUTER     ->      SWITCH1     ->     SWITCH2    ->     SWITCH3

  Server                   PC2                      PC3                     PC6

  PC1                       DVR1                   PC4                     PC7

                               DVR2                    PC5                     PC8

                               P2P1                                                 PC9

                               P2P2

                               P2P3

 

1. Would daisychaining 3 switches have a detrimental effect?

2. What switch should I be getting? Is the Asus N66U even capable of this setup?

 

3. Server is mostly running SAP B1, and off-site computers will mainly be running RDP.

1. Depends on traffic, but i can tell you it wont be the best, as your creating a single broadcast domain.

For redundancy and performance importments i'd go:

Router ->Switch1

            ->Switch1           

Switch1 ->Switch2

             ->Switch2

             ->Switch3

             ->Switch3

             ->Clients

             ->AP's

Switch2 ->Switch1

             ->Switch1

             ->Switch3

             ->Switch3

             ->Clients

             ->AP's

Switch3 ->Switch2

             ->Switch2

             ->Switch1

             ->Switch1

             ->Clients

             ->AP's

 

Configure STP and OSPF/EIGRP (just don't use RIPv1/2).

Configure a Vlan for the storage network, servers, each department (i.e. sales, etc), a Managment vLAN.

Configure ACLs etc etc. folllow best practices, etc etc.

If you cheap out on the router you might like to use IVR on the switches. Depends what you end up getting.

 

Use Cisco/Ubnt/HP routers/switches.

 

Now, this is if you want to do it somewhat correctly (collapsed core-ish) this will allow for your network to scale into the future, minimize un-needed network traffic and secure things on a network level nicely.

 

If you need to justify the cost, look at how much it would cost to have up to 12 people not working for 1 day.