New site sanity check 1

[jkupski]

Working on a design for a new site we're building, and wanted to throw it out there for people to rip into. About the only concern I have is with the 1800-24Gs (since they don't support spanning tree) being used as top of rack switches (I'm using them in this application because already have them and would pretty much have to throw them away otherwise...)

Anyone see an potential problems?

 

[unclerico]

honestly, the 2910al's have almost 3x the backplane that the 2810's do so they would be better for the core. i would not let a switch without spanning-tree support on my network just because you never know what could happen. the one major issue i have with HP switches is that some of the most basic features just aren't available on every switch model, spanning-tree and ACL's are just two off the top of my head. are you dead set on having everything HP??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[jkupski]

I've got the 2810s as core simply as a cost savings. I've been playing with the idea of using 2910s there as well, but haven't really come up with a compelling reason. The 2810s switch at wire speed, so the additional capacity on the backplane is kind of academic in my view. If (BIG if given my application) I move to 10G in the future, I'd replace those switches anyway. My horizon for that is at least five years, likely more. One thing that's been needling me about them is that they're L2. I don't see that as a problem currently... but those strike me as famous last words.

As for "why procurve?" I'm not married to HP, but they've been good to me over the years, and the product is overall pretty solid (other than issues like the lack of STP on those 1800s, as you note). Budget is another reason--procurve is hard to beat on cost vs. feature set. I haven't priced out comparable Cisco kit, but I'm guessing it'll be at least a 50% increase in cost.

That said, I'm open to changes (especially those 1800s. I want to reuse them (it'll save me ~$5k in budget) but the lack of STP does make me nervous). Given that you're a Cisco guy (at least I assume so, based on your post history) what would you use in the above? Site will consist of ~120 (VoIP+PC) endpoints in the office area, half a dozen servers in each of those two racks, ~25 endpoints out in the shop area, plus a dozen or so WAPs and two or three dozen IP cameras scattered about the site.

 

[unclerico]

I am a Cisco guy, yes, but I also have 6 HP 2810's in one of my production facilities. I drink the Cisco kool-aid but I also know that there are other quality products out there such as HP. Looking back at my post I forgot to mention about the 2910al's L3 capabilities which, depending on your L3 infrastructure, may or may not come in handy at the "core" of this design.

Feature wise, I don't know that anything can beat Cisco, I mean the tools that they offer are simply awesome. The reliability is also a major reason that I won't use anything but Cisco at the core of my network.

As for the price, I don't buy brand new Cisco gear, I buy refurbished. I purchase SmartNet on each piece and frankly that's all I need because a brand new switch can flake out just as easily as a used one can.

Anyways going back to your L3 infrastructure, I can't tell in your drawing what you have so depending on that your design looks pretty good.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[jkupski]

My current L3 plans are unformed, but given that it's a possibility, I guess the 2810s are officially a Bad Idea(tm). As for refurb gear, I just can't bring myself to do that for a production environment...

Thanks for the perspective, by the way.

 

[unclerico]

no problem. good luck.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[VinceWhirlwind]

I'd question the 2810s as well - what you have there is a reasonably-sized LAN, so you would really want to segregate your Server Racks onto their own VLAN at least - ideally have 3 VLANs - SHOP, OFFICE, SERVER.

So you need to either have L3 switches at the "Core", or add a L3 device with a decent throughput (ie not a firewall interface) coming off your "Core" there.

The lack of Spanning-tree on the 1800s isn't so bad - it's in the Server racks and you really shouldn't have too much willy-nilly patching being done there....If those switches support MAC-address security (?) then just lock down all the ports and you can rest easy.

 

[jkupski]

I actually have 4 VLANs planned: SHOP, SERVER, OFFICE, and VOICE. I thought that routing should be a non-issue as long as each host was tagging correctly (and whoever they are trying to talk to has an adapter on that VLAN), which is why those 2810s were ever there to begin with. In any case, based on feedback I've gotten, they won't be in the final design.

My major concern with STP on the 1800s is that I plan to use adapter teaming on the servers for fault tolerance, with the primary and secondary members of the team on different switches. Intel's documentation specifically mentions that STP should be enabled for their SFT teaming mode, but my research says that this should not be a problem, since only one adapter will ever be active at a time. Still, it's funny how "should work" tends to come back to bite you down the road...

 

[VinceWhirlwind]

One adapter active at a time" is not as good as actual Link aggregation. You might want to provide support for proper link aggregation (LACP).

 

[jkupski]

LACP isn't an option, since the goal here is to survive a switch failure.