Cisco newbie managed switch questions

[DougP]

We have severe internet connectivity issues dropping and slow. it stops then 30-60 seconds later it comes back on.
we have a Dell T-105 server with 2 gigabit NIC cards. one is from 35/35meg FIOS router. one goes to a rack of 3 10-100 switches then fiber to 3 other buildings and even more switches all non Cisco, now. we also have more than 50 users and 50 or more devices.
if I buy a switch with all gigabit ports and connect the one servers gigabit to it and connect all the switches to it will that speed up out network? Or will getting managed switch(s) be better.
Please provide any info that might help. this problem is a constant nagging on going issue.

I want to learn about Cisco products and maybe at least get the first certification, CCENT ????


DougP

 

[unclerico]

so based on your description you using this Dell T-105 with RRAS enabled for your default router on your LAN?? if yes, then i would go out and get a real router first and foremost; something like a 1900 series Cisco or a Juniper SRX. chances are that with the number of users on your LAN you are not even coming close to saturating your links between switches although it depends on the traffic patters and applications in use. a managed switch is always recommended so that when sitations like this happen you can get in and look at the vitals at each point in the network. a "core" gigabit switch is recommended for uplinks between the downlevel switches.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[DougP]

The T-105 runs it all. we have 1 small server doing everything. It also only has 3gig free on its C drive. But nothing on it, no Exchange, No SQL.
The Win 2003 server is set up in VMWare along with a Linux part which runs Clark Connect Internet security software. Clark connect is our internet filter. We are a K-8 school and this is to keep the students safe.
Something is sucking up all the internet at times. no one can get on, then it just magically frees up 1-3 minutes later. I have Outlook open all day and get frequent can't connect errors but they too go away in a minute or so. I also use Microsoft Access and get disconnect errors with it. the Db's I create are on our server. And Clark Connect gives out DNS errors when we try to surf the web at times. WE open IE and then get a clark conenct screen. Different people see different things at different times each other asks; "can you get on" "can you get on". If more than one is no-go then I shut off the Verizon router and it comes back up 3-5 minutes later.
Users farthest away have the most problems.
here is one path to an end user who has the worst problems.

each line represents a device or hop?
Building 3:
Verizon ONT
Verizon router (no wireless)
1st gigabit port in Dell T-105 Server to
Clark connect software in server Linux partition
out 2nd gigabit port in Dell T-105 Server to
Netgear Switch to
Allied telesyn Ethernet-fiber converter to
fiber underground to
in building 2
Signamax Ethernet - fiber converter to
HP Switch to
Signamax Ethernet - fiber converter to
fiber underground to
in building 4
Signamax Ethernet - fiber converter to
3Com Superstack switch 3300 to
intellnet wireless router DHCP disabled to
her laptop in building 4
9 devices to get to the internet or server

"IF" she uses an Ethernet cable in the wall near her, she typically has no issues.
Only difference is she eliminated the wireless router. she has to shut off and turn on the wireless router every morning.
The Ethernet in the wall is connected to the 3Com Superstack switch the intellnet router is connected to.

But I am right next to the server and connected directly to the 1st Netgear Switch after the server and I have problems too.


DougP

 

[unclerico]

if you are running a school network, you absolutely must be able to view everything that happens on that network. this applies internally as well as externally. i'm sure your budget isn't very large, but if you want reliable connectivity you have to sink some money in and get it done right.

what are you doing to secure your faculty access from the student access?? do you permit remote access?? what are your contingency plans when this T-105 fails?? have you had any types of virus or other malware outbreaks on campus??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[DougP]

Quote
"if you want reliable connectivity you have to sink some money in and get it done right."
That's why I'm here. What do you recommend?




DougP

 

[unclerico]

If it was me I would implement the following:
- Cisco 1941 router or Juniper SRX 240
- Cisco ASA 5505 or 5510. You could also go with the Adv. Security license on the 1941 and utilize the zone-based firewall. The SRX is a multiservice device so it incorporates a stateful firewall. If money is no object look at Palo Alto Networks firewalls as they are application layer firewalls and permit you unprecedented visibility into the traffic coming in and going out of your network
- For "core" switching I would use Juniper EX series switches, Cisco 3560/3750, or HP E/A series switches. These are multilayer and will permit you to segment your traffic according to your security requirements and/or traffic types
- For edge switches I would look at Juniper EX3300's or Cisco 2960-S switches. These are stackable switches meant for edge deployments. Depending on your port density requirements stackable switches are extremely nice to have as your multiple physical switches are treated as one logical switch (much like a chassis based switch with multiple blades installed. If you don't have more than 48-ports in a single closet look at Juniper EX2200, Cisco 2960, or HP E series switches.
- For wireless I would install Aerohive APs. They have a solution geared specifically towards educational settings. If it was my choice I would bring Aerohive with me into every company I go to
- You'll want a network management system to monitor all of this stuff. Products like OpManager, SolarWinds, etc. Can be setup to do SNMP polling/trapping to give you insight into device health. You'll also want an MMS that can collect sFlow/Netflow data so you can get a handle on what is going on inside of your network such as what applications are being used, what endpoint is consuming the most bandwidth, etc.

All of this is a pretty basic package for your network. You're not talking huge bandwidth requirements, SAN/NAS, or redundancy so your overall investment shouldn't break the bank.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)