+ Post New Thread
Page 1 of 3 123 LastLast
Results 1 to 15 of 39
Wired Networks Thread, Help with Network layout in Technical; Just a general question - not actually setting up a network etc but I just wanted to know Basically how ...
  1. #1

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,994
    Thank Post
    3,539
    Thanked 1,110 Times in 1,016 Posts
    Rep Power
    374

    Help with Network layout

    Just a general question - not actually setting up a network etc but I just wanted to know

    Basically how would you setup and connect the network so that it is secure and what would connect to what for redundancy etc that includes the below items

    * Domain Controllers ( regardless of being PDC OR BDC although I know they have changed this recently ) so effectively print servers / file servers / email server(s) etc etc
    * Proxy Server
    * Firewall
    * VPN Solution
    * Internet Connection ( Router or BT Connection or whatever )
    * Core Switches
    * Edge Switches

    Also why would you connect the above items in that manner or way ?
    @Arthur , @seawolf , @SYNACK

  2. #2

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    12,441
    Thank Post
    1,682
    Thanked 2,041 Times in 1,485 Posts
    Blog Entries
    2
    Rep Power
    461
    1. Domain Controller
    2. Core Switches
    3. Email Server
    4. File Server
    5. Print Server
    6. Anti Virus Solution - Could be a UTM or Server
    7. Internet Connection - Doesn't matter if fibre or copper, as long as connection is stable at speeds we asked for
    8. Proxy Solution - Could be a UTM or Server
    9. VPN Solution
    10. Edge Switches
    11. Edge Machines
    12. Group Policies


    Based on your list, and expanded a bit, that is how I would get the network started from scratch.

  3. #3

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,994
    Thank Post
    3,539
    Thanked 1,110 Times in 1,016 Posts
    Rep Power
    374
    Quote Originally Posted by nephilim View Post
    1. Domain Controller
    2. Core Switches
    3. Email Server
    4. File Server
    5. Print Server
    6. Anti Virus Solution - Could be a UTM or Server
    7. Internet Connection - Doesn't matter if fibre or copper, as long as connection is stable at speeds we asked for
    8. Proxy Solution - Could be a UTM or Server
    9. VPN Solution
    10. Edge Switches
    11. Edge Machines
    12. Group Policies


    Based on your list, and expanded a bit, that is how I would get the network started from scratch.
    Any chance of a network diagram so I can see whats connected to what. Also what is a UTM as you have that abbreviation a few times

  4. #4

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    12,441
    Thank Post
    1,682
    Thanked 2,041 Times in 1,485 Posts
    Blog Entries
    2
    Rep Power
    461
    UTM = Unified Threat Management

    and no, no diagram, not allowed to send it out unfortunately.

  5. #5

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,994
    Thank Post
    3,539
    Thanked 1,110 Times in 1,016 Posts
    Rep Power
    374
    Quote Originally Posted by nephilim View Post
    UTM = Unified Threat Management

    and no, no diagram, not allowed to send it out unfortunately.
    Not asking about your network setup - I just mean a general one so I can see what connects to what and why you connect those devices in that manner etc etc

  6. #6

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,555
    Thank Post
    59
    Thanked 359 Times in 279 Posts
    Blog Entries
    7
    Rep Power
    132
    Quote Originally Posted by mac_shinobi View Post
    regardless of being PDC OR BDC although I know they have changed this recently
    Recently? There haven't been backup domain controllers in Windows domains since Windows 2000 was released...

  7. 2 Thanks to Norphy:

    john (11th March 2014), mac_shinobi (11th March 2014)

  8. #7

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,994
    Thank Post
    3,539
    Thanked 1,110 Times in 1,016 Posts
    Rep Power
    374
    Quote Originally Posted by Norphy View Post
    Recently? There haven't been backup domain controllers in Windows domains since Windows 2000 was released...
    More global catalog servers and also how you promote the server as can be a domain controller or whatever else depending on the options you select etc , just guessing here ...

  9. #8

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,975
    Thank Post
    894
    Thanked 985 Times in 809 Posts
    Blog Entries
    9
    Rep Power
    343
    Quote Originally Posted by mac_shinobi View Post
    More global catalog servers and also how you promote the server as can be a domain controller or whatever else depending on the options you select etc , just guessing here ...
    I think, what you are driving at are FSMO roles...

  10. Thanks to tmcd35 from:

    mac_shinobi (11th March 2014)

  11. #9

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,555
    Thank Post
    59
    Thanked 359 Times in 279 Posts
    Blog Entries
    7
    Rep Power
    132
    Trying to be a bit more useful now...

    We have a pair of HP 8212 switches acting as our cores. Connected to both of those are HP 5400 edge switches. There are various VLANs on them which handle traffic for digital signage, servers, workstations, voice, CCTV, e-registration and cashless catering and our DMZ.

    All of our servers are connected to the server VLAN. Any which require publishing onto the Internet are put into the DMZ VLAN as well. Inbetween our internet connection and the main network is a SonicWALL UTM which handles filtering, publishing, virus scanning etc. There are two SonicWALL devices for hardware redundancy.

    We don't have a failover internet connection yet but Janet are apparently investigating this for all of their connected institutions.

    You need to have at least one GC per domain, preferably two. Three DCs per domain is the recommended minimum. The Infrastructure master role can't be on the same DC as a GC.
    Last edited by Norphy; 11th March 2014 at 02:13 PM.

  12. Thanks to Norphy from:

    mac_shinobi (11th March 2014)

  13. #10


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,705
    Thank Post
    285
    Thanked 788 Times in 615 Posts
    Rep Power
    226
    Quote Originally Posted by Norphy View Post
    The Infrastructure master role can't be on the same DC as a GC.
    While the BPA may whine, it can be on a GC if it's a) a single domain (infrastructure master has nothing to do) or b) all your DCs are GCs in a single or multi-domain/forest setup.

    See: FSMO placement and optimization on Active Directory domain controllers down near the bottom.

  14. #11

    mac_shinobi's Avatar
    Join Date
    Aug 2005
    Posts
    9,994
    Thank Post
    3,539
    Thanked 1,110 Times in 1,016 Posts
    Rep Power
    374
    I could seriously use a network diagram so I can physically see how it connects together....

    Also with regards to DHCP and DNS, how do they work together and keep each other updated so as not to have out of date info ie

    ComputerOne - assigned ip address info via dhcp, does dhcp update dns to reflect that ComputerOne has been given the address 1.1.1.1

    Versus

    ComputerTwo - assigned ip address info via dhcp which is updated in dns to reflect it has 1.1.1.2

    Also how does DHCP know to assign the computers in the Client VLAN the ip addresses within the Client IP Scope so if I had a dhcp scope in DHCP for the Client VLAN, how would you ensure that only the clients within the Client VLAN get these ip addresses ?

    So for example if I had an ip range of 1.1.1.2 all the way to 1.1.1.254 excluding loop back addresses and any others that can't be used, how would you get the Client VLAN to only get this dhcp range assigned to that vlan ?
    Last edited by mac_shinobi; 11th March 2014 at 02:58 PM.

  15. #12

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,975
    Thank Post
    894
    Thanked 985 Times in 809 Posts
    Blog Entries
    9
    Rep Power
    343
    I think this is the current edition: http://www.amazon.co.uk/Exam-Ref-70-...4546754&sr=1-4

    Sounds like what you want/need is to work through the first half dozen chapters in a VM environment.

  16. #13

    Norphy's Avatar
    Join Date
    Jan 2006
    Location
    Harpenden
    Posts
    2,555
    Thank Post
    59
    Thanked 359 Times in 279 Posts
    Blog Entries
    7
    Rep Power
    132
    Quote Originally Posted by mac_shinobi View Post
    Also with regards to DHCP and DNS, how do they work together and keep each other updated so as not to have out of date info ie

    ComputerOne - assigned ip address info via dhcp, does dhcp update dns to reflect that ComputerOne has been given the address 1.1.1.1

    Versus

    ComputerTwo - assigned ip address info via dhcp which is updated in dns to reflect it has 1.1.1.2
    With a Windows DHCP server, you can set it to update DNS as it assigns new IP addresses. In addition, a Windows client will always update its IP address with the DNS server when it boots. You can also force an update manually by running ipconfig /registerdns

    Quote Originally Posted by mac_shinobi View Post
    Also how does DHCP know to assign the computers in the Client VLAN the ip addresses within the Client IP Scope so if I had a dhcp scope in DHCP for the Client VLAN, how would you ensure that only the clients within the Client VLAN get these ip addresses ?

    So for example if I had an ip range of 1.1.1.2 all the way to 1.1.1.254 excluding loop back addresses and any others that can't be used, how would you get the Client VLAN to only get this dhcp range assigned to that vlan ?
    I don't profess to be an expert in this area but as I understand it, there is a "helper" which listens on your switch/router. It forwards the DHCP request onto the DHCP server. The DHCP server sees that that request came from an interface on the router from a specific range and allocates it an address accordingly. As long as you have an appropriate scope set up on your DHCP server, it just works.

  17. #14

    nephilim's Avatar
    Join Date
    Nov 2008
    Location
    Dunstable
    Posts
    12,441
    Thank Post
    1,682
    Thanked 2,041 Times in 1,485 Posts
    Blog Entries
    2
    Rep Power
    461
    Untitled.png

    Not the best, but here you go

  18. #15

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,975
    Thank Post
    894
    Thanked 985 Times in 809 Posts
    Blog Entries
    9
    Rep Power
    343
    Quote Originally Posted by Norphy View Post
    I don't profess to be an expert in this area but as I understand it, there is a "helper" which listens on your switch/router. It forwards the DHCP request onto the DHCP server. The DHCP server sees that that request came from an interface on the router from a specific range and allocates it an address accordingly. As long as you have an appropriate scope set up on your DHCP server, it just works.
    When a new machine needs an IP address from DHCP it broadcasts a request packet across the network. All machines on the network will recieve this packet. Only the DHCP server will respond. A more indepth breakdown can be found on wikipedia: Dynamic Host Configuration Protocol - Wikipedia, the free encyclopedia



SHARE:
+ Post New Thread
Page 1 of 3 123 LastLast

Similar Threads

  1. Help with template layout
    By ryans_co in forum EduGeek Joomla 1.5 Package
    Replies: 1
    Last Post: 5th September 2011, 02:08 AM
  2. Need help with website layout :(
    By flexyjerkov in forum General Chat
    Replies: 6
    Last Post: 4th January 2011, 02:28 PM
  3. Bit of noob help with network architecture
    By undercover in forum Network and Classroom Management
    Replies: 2
    Last Post: 8th July 2009, 04:36 PM
  4. help with network address and subnet
    By sexyali in forum Network and Classroom Management
    Replies: 4
    Last Post: 28th August 2007, 07:18 PM
  5. *CRYING* Help with a BroadBand Router and our Network
    By ninjabeaver in forum Wireless Networks
    Replies: 25
    Last Post: 2nd December 2005, 11:50 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •