Go Back   nV News Forums > Software Forums > Networking And Security

Newegg Daily Deals

Reply
 
Thread Tools
Old 12-03-09, 09:14 AM   #1
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default I need some help...

Ok. I want to create a second network (for my servers) so that I can have a true gigabit network running without slowing down my actual network where my staff is accessing the servers for work.

Here's my problem.
A) Will I need two Subnet Masks?
B) Will I have to do some load balancing?

Here's what I have.
A) I have dual Gb NICs in all of my servers.
B) I have a Gb Switch that I will use for my servers.

I need a place where I can read up on this. I would like to have a link to a reputable site that will give me some topologies that I may be able to follow.


Thanks in advance.
DiscipleDOC is offline   Reply With Quote
Old 12-03-09, 09:30 AM   #2
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: I need some help...

Quote:
Originally Posted by DiscipleDOC View Post
Ok. I want to create a second network (for my servers) so that I can have a true gigabit network running without slowing down my actual network where my staff is accessing the servers for work.

Here's my problem.
A) Will I need two Subnet Masks?
B) Will I have to do some load balancing?

Here's what I have.
A) I have dual Gb NICs in all of my servers.
B) I have a Gb Switch that I will use for my servers.

I need a place where I can read up on this. I would like to have a link to a reputable site that will give me some topologies that I may be able to follow.


Thanks in advance.
I'm not sure if I completely understand your network infrastructure.

Are all of your severs and clients all on one subnet right now? Are they all on one switch right now? Do you have core routers, Layer 3 switches, etc?

Please detail your network and I'll get you set straight.
Q is offline   Reply With Quote
Old 12-03-09, 09:41 AM   #3
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: I need some help...

Quote:
Originally Posted by Q View Post
I'm not sure if I completely understand your network infrastructure.

Are all of your severs and clients all on one subnet right now? Are they all on one switch right now? Do you have core routers, Layer 3 switches, etc?

Please detail your network and I'll get you set straight.
Ok...all of my servers and and clients are on one subnet right now. We have many switches and routers throughout our facility, but they are all unified.

I have servers that are connected to that subnet, but I want to have sort of a "backbone" network in which I can set the servers up on a separate set of IPs to do things like copying large files, backups, wsus, etc., without a large hit on my primary network and hindering traffic on that.

Does that help?
DiscipleDOC is offline   Reply With Quote
Old 12-03-09, 10:13 AM   #4
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: I need some help...

It sure does help! We can get into the nitty gritty later.

I'm not really sure that you even need to use a separate NICs on the servers, just a separate VLAN from the desktops.

I would just configure your desktops all on one subnet and then all of the servers on another.

Desktops
192.168.0.X

Servers
192.168.1.X

It will probably be easier to keep all of your servers on the VLAN they are on now and just change the desktops. All you'll have to do is configure the VLAN on your switches, set up the scope and correct options in DHCP, and setup any routes that might be needed.

You really don't need a fully separate physical network, just separate logical networks. I support around 800 users who heavily use our servers directly, plus 4000 that need internet access. We have VLANs based on building/floor and then just one VLAN for our servers. We never have an issue where heavy network between servers negatively effects our customers, even with single Gigabit nics.
Q is offline   Reply With Quote
Old 12-03-09, 10:28 AM   #5
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: I need some help...

Quote:
Originally Posted by Q View Post
It sure does help! We can get into the nitty gritty later.

I'm not really sure that you even need to use a separate NICs on the servers, just a separate VLAN from the desktops.

I would just configure your desktops all on one subnet and then all of the servers on another.

Desktops
192.168.0.X

Servers
192.168.1.X

It will probably be easier to keep all of your servers on the VLAN they are on now and just change the desktops. All you'll have to do is configure the VLAN on your switches, set up the scope and correct options in DHCP, and setup any routes that might be needed.

You really don't need a fully separate physical network, just separate logical networks. I support around 800 users who heavily use our servers directly, plus 4000 that need internet access. We have VLANs based on building/floor and then just one VLAN for our servers. We never have an issue where heavy network between servers negatively effects our customers, even with single Gigabit nics.
Thanks, but I am inheriting the network that was already set up. The desktops and the servers are all on the same subnet ( ), and to change the routers and the desktops (that may or may not be using DHCP) would be more problems than a solution.

I thought that since I have dual NICs in all of the servers, that I can set them up on a separate subnet and balance the network load with the servers communicating on a separate subnet. Am I not wrong?
DiscipleDOC is offline   Reply With Quote
Old 12-03-09, 10:38 AM   #6
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: I need some help...

Quote:
Originally Posted by DiscipleDOC View Post
Thanks, but I am inheriting the network that was already set up. The desktops and the servers are all on the same subnet ( ), and to change the routers and the desktops (that may or may not be using DHCP) would be more problems than a solution.

I thought that since I have dual NICs in all of the servers, that I can set them up on a separate subnet and balance the network load with the servers communicating on a separate subnet. Am I not wrong?
What kind of position are you in at your company? Do you have separate desktop and network technicians, or are you kind of a one man show?

If you want things to run right in your organization, I would highly advise getting all of your desktops on DHCP. It's going to make your life a lot easier in the long run. The good news is, if you are on Active Directory, you can just push out a package and have it set all of your workstations to DHCP. It's how we transitioned years ago (before Q) at my organization. There really shouldn't be that much problem reprogramming your switches or routers.

If you are dead set on using the separate interfaces on the servers, you should be fine. Just give them an IP address on a separate subnet, make sure to leave the default tateway BLANK!!!!, and plug them all into a dumb switch. You should be fine and even be able to specify servers by netbios name.
Q is offline   Reply With Quote
Old 12-03-09, 11:21 AM   #7
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: I need some help...

Quote:
Originally Posted by Q View Post
What kind of position are you in at your company? Do you have separate desktop and network technicians, or are you kind of a one man show?
One man show. I have a kid that's in college to help with the simple stuff, but I'm all they have, so to speak.

Quote:
Originally Posted by Q View Post
If you want things to run right in your organization, I would highly advise getting all of your desktops on DHCP. It's going to make your life a lot easier in the long run. The good news is, if you are on Active Directory, you can just push out a package and have it set all of your workstations to DHCP. It's how we transitioned years ago (before Q) at my organization. There really shouldn't be that much problem reprogramming your switches or routers.
Ok, my biggest problem is that I am in a medical facility, and I can't afford to be down--not even for 5 minutes. I know that best practices dictate that servers should be on a different subnet than the desktops, and I would love to have it that way.

How much down time are we talking aobut if I was to switch this over?

Quote:
Originally Posted by Q View Post
If you are dead set on using the separate interfaces on the servers, you should be fine. Just give them an IP address on a separate subnet, make sure to leave the default tateway BLANK!!!!, and plug them all into a dumb switch. You should be fine and even be able to specify servers by netbios name.
I'm not really dead set on it. I am just looking at the resources before me and trying to determine the best way to use them.
DiscipleDOC is offline   Reply With Quote
Old 12-03-09, 11:28 AM   #8
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: I need some help...

Quote:
Originally Posted by DiscipleDOC View Post
One man show. I have a kid that's in college to help with the simple stuff, but I'm all they have, so to speak.


Ok, my biggest problem is that I am in a medical facility, and I can't afford to be down--not even for 5 minutes. I know that best practices dictate that servers should be on a different subnet than the desktops, and I would love to have it that way.

How much down time are we talking aobut if I was to switch this over?



I'm not really dead set on it. I am just looking at the resources before me and trying to determine the best way to use them.

Ahhh, now I'm starting to get you. Things are a bit different in a medical facility than they are elsewhere.

In terms of downtime, its hard to tell without knowing how many desktops you have. The Active Directory software push scenario works well where you have a tech in the field that can restart the machine, etc, while you change stuff on the back end. Since you have no support team, this makes things a bit tricky. If you had a night/weekend/or any window of downtime, I think we could come up with a plan to make this work. If your operation is 24/7 its going to take a bit of thought on how to coordinate this. Is this operation all in one building? Separate buildings connected by fibre LAN? Or internet?

If I were you, I would go ahead and do the backbone idea like we just discussed. Even if you have 20-50 servers, it should only take you an hour or two to setup the additional NIC and hookup the switch.
Q is offline   Reply With Quote

Old 12-03-09, 12:22 PM   #9
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: I need some help...

Quote:
Originally Posted by Q View Post
Ahhh, now I'm starting to get you. Things are a bit different in a medical facility than they are elsewhere.

In terms of downtime, its hard to tell without knowing how many desktops you have. The Active Directory software push scenario works well where you have a tech in the field that can restart the machine, etc, while you change stuff on the back end. Since you have no support team, this makes things a bit tricky. If you had a night/weekend/or any window of downtime, I think we could come up with a plan to make this work. If your operation is 24/7 its going to take a bit of thought on how to coordinate this. Is this operation all in one building? Separate buildings connected by fibre LAN? Or internet?

If I were you, I would go ahead and do the backbone idea like we just discussed. Even if you have 20-50 servers, it should only take you an hour or two to setup the additional NIC and hookup the switch.
We are all in one building--for the moment. We are going to expand, but I want things to smooth out before I go any further.

Ok, so I'm back at square 1.

I am going to:
1) Install the cables to the second Gb port on all of my servers.
2) Connect the cables to my Gb switch.
3) Enable the ports on my servers.

Do I need to use the same gateway that my other network is on?
DiscipleDOC is offline   Reply With Quote
Old 12-03-09, 12:40 PM   #10
Q
 
Join Date: Sep 2004
Posts: 7,808
Default Re: I need some help...

For this to work correctly, you're not going to want to use a gateway at all. I've had nothing but trouble with machines using two default gateways. Windows has a very hard time routing traffic over two gateways. Here is what I would do.

1) Install the cables to the second NIC
2) Connect the cables to your switch
3) Enable the ports on your servers
4) Configure IPv4
IP Address - 192.168.50(whatev).X
Subnet - 255.255.255.0
Gateway - BLANK
DNS Pri/Sec- BLANK

This will provide direct communication between all of the servers, but not to the outside world on that interface. This will be the most fool proof way of doing this. Otherwise you're going to have to set static routes on each of your servers for the secondary interface and routers to make sure that you don't create any loops. A big pain in the ass.



Again, this would be my "take a few hours to tide me over" plan. If you are going to be moving to multiple buildings it becomes more important than ever to have best practices in place. This means DCHP and separate subnets. Migrating to DHCP can be done gradually and with little downtime if you have the ability to assign VLANS per port on your switch.
Q is offline   Reply With Quote
Old 12-03-09, 12:59 PM   #11
DiscipleDOC
 
DiscipleDOC's Avatar
 
Join Date: Dec 2002
Location: Alabama, Planet Earth
Posts: 5,993
Default Re: I need some help...

Quote:
Originally Posted by Q View Post
For this to work correctly, you're not going to want to use a gateway at all. I've had nothing but trouble with machines using two default gateways. Windows has a very hard time routing traffic over two gateways. Here is what I would do.

1) Install the cables to the second NIC
2) Connect the cables to your switch
3) Enable the ports on your servers
4) Configure IPv4
IP Address - 192.168.50(whatev).X
Subnet - 255.255.255.0
Gateway - BLANK
DNS Pri/Sec- BLANK

This will provide direct communication between all of the servers, but not to the outside world on that interface. This will be the most fool proof way of doing this. Otherwise you're going to have to set static routes on each of your servers for the secondary interface and routers to make sure that you don't create any loops. A big pain in the ass.



Again, this would be my "take a few hours to tide me over" plan. If you are going to be moving to multiple buildings it becomes more important than ever to have best practices in place. This means DCHP and separate subnets. Migrating to DHCP can be done gradually and with little downtime if you have the ability to assign VLANS per port on your switch.
Thanks, Q. Honestly, I was planning on setting up the subnet just like you have outline-except I was going to use the same gateway. I will leave that blank so it will not communicate with other machines outside of that leg of the network.

DiscipleDOC is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -5. The time now is 08:40 PM.


Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.