I am designing a new server infrastructure for a school with 2000 users. I have never carried out any work on a network that large. Could you please help me with the following questions?
1/ How many users do you have?
2/ How many DCs do you use in your school? Are they all GC?
3/ How many DHCP servers?
4/ How many DNS servers?
5/ If you are virtual, how many hosts do you have? And how many servers per host?
I want to build in many layers of fault tolerance to offer greater redundancy and high availability access.
Your comments and advise would be much appreciated.
2) 4, 1 for forest root domain, 1 physical curriculum, 2 virtual curriculum
3) 1 active, 2nd configured but unauthorised ready to spring to action if 1 fails.
4) 4, all DCs are DNS servers
5) 8 physical hosts, probably averaging 4 virtual machines per host (yes, it is really underutilised right now)
Users : 2500 students, 400(ish) staff.
DC's : 3, all GC.
DHCP : 2, I think!
DNS : 2.
Virtual : 5 Hosts, 3 production in a cluster, 1 solo, 1 'test'; all 2 proc, 8 core Xeons with 48Gb (cluster) or 32gb (spare and test) and 8*GB nics split 4/4 between user network and storage. Guests per host depends on what's running on the guests. Our big loads are our main MsSql server, exchange and our main file server. One VM host can run two of the three plus a couple of other smaller jobs, so any host is running between 4 and around 15 guests but in the cluster we keep enough spare capacity so we can fail over guest if a host goes down.
My advice would be to very carefully consider the cost/benefit of resilience. It can get very expensive very quickly when the real benefit might only be avoiding an hours downtime.
1. For HA/FT have a minimum of 2 DC which are also configured as GC. Make sure they both are also DNS and DHCP server.
2. You can configure DHCP on seperate server from DC but I wouldnt as it's prcessing is very small.
3. As for DHCP, you can maybe have both activated with a scope on both so you have an active/active config and configure them so that if one fails not all your clients will be effected, you can easily include the scope of the failed DHCP server.
4. As for DNS. I would make every DC you deploy also a DNS server, and let AD take car of replications. This gives you HA/FT.
5. If youre using Exch,or plan to, then you willl have a challenge and you will have to plan in the HA/FT/NLB. This can have a direct impact on the number of DC/GC you have.
1/ about 2500
Originally Posted by dgardner
2/ 8 (we have two domains and we're in the process of getting rid of CC3, which forces us to have a sub-optimal DC configuration).
4/ What kinda DNS? 8 internal as thats AD integrated. 3 external to serve our JANET connection
5/ 8 in 2 clusters (1x5 and 1x3). Not sure how many guest servers per host (for a start, we're using VMWare HA and it doesn't really work like that)
As for fault tolerance - have a specific, measurable problem in mind (e.g. not "fault tolerance is good") but rather ("our inter-site links are a bit ropey" or whatever) and work towards solving that.
If you're looking at fault tolerance then I assume you've already got service level agreements in place which you can use to see where you're not meeting your SLA 'standard' due to availability issues and where this issue is causing the business real pain, and use that information to decide what specific problems you need to improve in order to meet the standard (and if you don't have this in place, then I'd suggest doing so before worrying about anything else to do with improving availability/fault tolerance).
Just to add to @Roberto's post up there, we have two DHCP servers and not all of our DCs are GCs. I think I'm right in thinking that we have two GCs.
It's a new job and I haven't yet had the opportunity to look into the details of service level agreements etc, but I will keep in mind your advice.
Originally Posted by Roberto
This is all very useful information guys, I'm very grateful.
It's interesting to see the variety in sizes and setup. No 2 networks are the same.
I would welcome any other comments.
1/ How many users do you have? 4,000 students and 800 "staff" accounts in AD. some of them may be subs and stuff like that.
2/ How many DCs do you use in your school? Are they all GC? We have 2 DCs. A primary and a secondary that are replicating.
3/ How many DHCP servers? same as above. configured so that if one goes down we make a few clicks and the other pops up.
4/ How many DNS servers? same as above. 2 DCs that are replicated.
5/ If you are virtual, how many hosts do you have? And how many servers per host? We currently have 2 hosts. About 8 servers per host. Plus we also have several physicals that will be virtualized this summer.
1) 3500 users
Originally Posted by dgardner
2) 3 DC's (2 virtual & 1 physical). All 3 are GC's
3) 2 DHCP servers
4) 2 DNS servers
5) we have 3 hosts (HP DL585) about 20 servers in total...running vmware vsphere 4u2 here
You could take a look at DFSR - clustering - FT & HA (if using vmware) to create that fault tolerance or redundancy...don't forget your SAN and switched infrastructure.
2/ 3 (2 Curric 1 Admin)
3/ 2 (1 Curric 1 Admin)
4/ 2 (1 Curric 1 Admin)
5/ 3 Physical Hosts 10 Virtual servers
Thanks very much for your help guys. I'm sure that will be enough information for now.