First I want to thank Chris and his staff for this wonderful website. Well done.
This post may get a little lengthy since I would like to give a little background and then post some questions at the end.
I'm prepress manager for a commercial sheetfed printer in Washington USA. We have a network, not unlike many, that started off with good intent but may not have been designed for future growth. We have a purchasing agent that got the IT responsibilities dumped in his lap and has no formal training. I am now trying to gain as much knowledge as quickly as possible so I can address some of our problems.
Our computing and network needs are basically divided into two categories, financial management and prepress/imaging. On the financial side we run a total printing MIS package that includes estimating, order entry, scheduling, job costing etc. There are nodes (approx 30) throughout the company that allow workers to log in via web browser and log time a materials to various jobs. Many small transactions. Then on the prepress side (approx 20 nodes) we access the same MIS package as well as preparing all the graphic files for production of proofs and printing plates for the presses. Fewer but much larger transactions. Each shift we pass at least a terabyte of data between various servers, proofers and printers.
I don't have a diagram of our network but I will give a brief description.
We have a T1 coming in to a Sonic Wall, from the Sonic Wall we have a Mac OSX server in the DMZ running FTP services. The LAN port hops up to a CISCO router and the router to an HP ProCurve switch. The switch has 6 or 7, 8-port 10/100 blades and 1 Gbit single port blade which connects to another 24-port Gbit HP ProCurve switch.
The financial/office side of the business uses the 10/100 ProCurve switch and the prepress side uses the Gbit ProCurve switch. The office server (W2K) is on another Dell Gbit switch that connects to the 10/100 switch via one of the 10/100 ports.
So in a loose sense we have two networks, office and prepress, with one crossover cable connecting the two. But all 192.168.6.xxx.
For prepress, I just had a provider come in and pull new CAT6 wire and punch it down to Leviton block and then from there we go to the 24-port Gbit switch. The prepress nodes are a mix of OSes. We have 4 W2k servers, 3 W2k workstations, 6 Macs(OS9 and OSX), a scanner with Win95 running PC MACLAN, and various proofers and printers. Need I mention all running IP.
So here are some questions:
1) The new provider made CAT6 jumpers to connect the punchdown to the switch. They are only 1 foot in length. Our "IT" guy says that's wrong. They should be at least 3 feet?
2) We are running a mix of DHCP and static IPs. I would prefer all static. What are the pros and cons of running all static?
3) The provider that pulled the new cable tested them and we have from 2-4.5 dB headroom. What does that mean? and is it good or bad? Better yet is that the number even be concerned with?
4) We seem to have broadcast storms 40% of the time. The lights on all the nodes pulse in rhythm for 7-10 seconds, then quiet down for a few seconds and then start building to a pulse again. This is not good, no? How do you go about isolating the problem? I don't expect and answer here as much as a link to somewhere to find information.
5) How would subnetting help us? I would like prepress traffic to be isolated from the front office. I don't understand why we are restricted to 192.168.6.xxx IPAs. I believe we are using NAT/PAT on the router. What difference does it make what Class C IPAs you use in the private portion of the network? The reason I wonder is because if I approach the "IT" guy and ask to subnet with a 27 bit mask I can get a 30 node subnet for prepress but then that creates much additional work for him to deal with the other 7 subnets. What is the best way to isolate up front office portion of the network, a router? or subnet? $$$ comparison of hardware vs renumbering and configuring many workstations.
6) Where can I find an inexpensive software package that will make network diagrams? Topograms?
Thanks in advance for all responses.
Re: New to networking, many questions.
15 years 8 months ago #1741
thanks for the nice comments about the site !
Its been a long day and I've just been warming my brain cells on a fictional network design scenario for the site that we're thinking of doing as a complete sort of 'walkthrough' to designing a large network. Its got elements of everything you've asked.. unfortunately its miles away from over yet.. okay I'm rambling !!
Q2. DHCP v/s static - The advantage of DHCP is that you don't have to manually configure IPs on every single machine that you have networked -- Its also easy when you need to make some change to the addressing scheme, the change is just made in one centralised place. Static IPs are nice because they make troubleshooting easier, you can identify immediately which machine is which (this is also possible in DHCP but thats beyond the scope of this post). Btw DHCP will generate some broadcast traffic.
You should use static IPs for the servers (so that they don't keep changing where they live ) and dynamically assign IPs to the small fry ..
Q4. Broadcast storms would happen alot if you just junk everything in one big unsubnetted network.. in fact this is one of the main reasons you subnet -- routers don't forward broadcast packets, thust you cut your networks into manageable chunks, and each chunk will run more efficiently.. when they need to talk to each other, they use the router as the intermediary. However when you look at those switches you will see the lights going on and off very often especially at the same time.. this is not really a good way of figuring your broadcast load IMHO.. according to me switches just like to look fun and christmas-y
Q5. Now when you're using the private addresses you're not bound to use just 192.168.6.* this is a class C private IP block which gives you 255 hosts to play around with.. you can use any private address you like and subnet them at will. Chop those babies up !! It will make things better.
If you want to segment the Prepress network from everyone else, you could do it with subnetting (and the appropriate access list on the router) or you could use VLANs (virtual lans) at your switch.
Q6. I just asked Chris and Tom the same thing lol, some people recommend Visio.
I strongly recommend that you go over the basic material in the site, you'll find detailed answers for all your questions there. Pity the walkthrough isn't up, its being done precisely to help people in your predicament, who have a few questions and want to know why things are done in a certain way.
Anyway good luck, we all know that a network thats been badly setup the first time is a serious headache for the next guy to sort out -- you're a brave man/woman.
Thanks to all who have responded. I had read quite a few of the tutorials. In fact Googling for subnetting is what got me to this site. You'd almost have to be braindead to not understand the numbers of subnetting after readiing the turorial. The area where I'm still a little confused is how it is implemented. Sure you can go the the various nodes and change the IPA and subnet mask but what does one do to get these various subnets to talk with each other? Does this involve a managed switch or a router? If the router is between the 10/100 switch don't I lose my gigabit speed by having to come out to the router through the 10/100 switch. If I want to use VLANs then what level of managed switch do I need? Layer 2 or 3 and what is the main difference twixt the two.
BTW I downloaded a trial version of SolarWinds. They have a sweet subnet calulator and IPA generator that really helps one to see how subnetting numbers works.
Re: New to networking, many questions.
15 years 8 months ago #1763
The whole point of subnetting is to limit broadcasts.
A broadcast is done pretty much whenever one host wants to find another host , among other things (actually, it looks at its arp cache first - but this is just a simplified explanation). It broadcasts for the IP address to get the MAC address (ARP) of the host it is trying to talk to.
If the host is on your subnet, it would respond with its MAC address and then you would send your packets to it using the MAC address as well as the IP address.
If the host you are trying to talk to is not part of the subnet and there is no router (or you have no default gateway defined) - you would get a "Destination unreachable". This would happen even if you have a switch with 2 subnets on the switch.
If the host is not part of the subnet and there is a router (your default gateway), then the router would respond with its MAC address and the you would send your packets to the router. The router would then "route" the packets on.
You can use VLANs on a switch to segment your network, but all you are really doing is setting up separate subnets and you can't route between them, without some type of routing function. Some switches are Layer 3 switches (routing switches) and typically need special options to handle the routing, but this allows you to route between subnets using only a switch.
So you need a router to talk between subnets, whether you are using a router or a Layer 3 switch.
Layer 2 handles the packets using the MAC address and Layer 3 handles the packets using the IP addresses. Switches are normally Layer 2 devices ( but as mentioned you can have a Layer 3 switch - which is really router). Routers are a Layer 3 device.
You really want to read the section on routing. It is under Networking/Routing and should answer most of your questions.