private network within larger network 1

[bkelly13]

I have never had an opportunity to mess with servers or do any network configuring. I just need to know if something is feasible and where to look to learn about how it might be done.

We have a small network with about two or three dozen computers in several buildings with Cisco switches. One workstation runs XP Pro and collects data from remote locations, processes it, and sends it to a server. The server runs Server 2008 R2, collects the data, and sends it to a half dozen clients to display real time and for post test analysis. The XP computer has dual quad CPU, can process several million parameters a second, and has two NICs. The server is a fairly high end Dell with its own two quad CPUs and with four NICs.

The NIC cards are recent enough that we can plug an Ethernet cable directly between the two and ping the server from the XP machine. (We pulled the second network cable on the XP and its only connection was to the server so there was no sneak path.) At least one of them senses the connection and adapts as though the cable is a cross over. The XP and Server machines will remain physically next to each other.

The need is to isolate the high traffic between the XP and the server. None of the other computers needs to see this traffic and we don’t want to suck up bandwidth were we don’t need to. But both need to be able to share and access resources that are common to everyone on this network.

We have some ideas, but limited resources and knowledge. Can this question be answered simply or is it one of those that get real complex real fast?

How would you set up this network? If we have a short path between the two machines, and a longer path, how can we make certain our high volume data always takes the short path.

Thank you.


Time is the medium we use to express our priorities
(Bryan Kelly, 2000)

 

[kmcferrin]

If you're using a network switch instead of a hub (and if you're using gigbit connections then you are) then you don't need to worry about it. The switch ensures that the network traffic only goes between the source a destination computers, so your other clients won't see it. There could potentially, in very rare circumstances, be a case where the total switching bandwidth capacity of the switch is consumed by network devices, but I've never seen it.

The reality is that your XP and 2008 R2 machines will never exceed a couple hundred megabits of bandwidth when communicating between the two of them, if that much. The only way you would ever come close is if large amounts of data were going direct from RAM to RAM between the machines across the network. Let's face it, that never happens. On top of that, the TCP/IP stack on Windows XP is so inefficient that it's garbage. The stack on Vista, Windows 7, and Server 2008 and R2 is much more efficient and capable of pushing much more data, but since you have an XP machine in the mix it will be your second biggest limiting factor.

Your biggest limiting factor will be the rate at which the data can be collected from the remote locations. I guarantee you that the rate at which the data will be aggregated by the XP machine will be far slower than the rate at which the XP machine can push it to the server.

I suspect very strongly that if you did any sort of network monitoring between your systems that you would find that your network utilization is really quite low. Even in a massive SAP implementation that I did once the network traffic generated between application servers and database servers for large ETL jobs was peaking in the tens of megabits, far below the threshold of what would require a dedicated network connection.

Now, if you needed to have a separate connection for security purposes or something, that's a different story. You would:

1. Connect the two devices with a crossover cable (unless one of the NICs has an auto-uplink capability, and it sounds like it does).

2. Put the "private" network on a separate subnet, preferably routable (so if your company's IP scheme uses 10.x.x.x IPs then you would use 192.168.x.x IPs). Do not specify a gateway for the private connection, and make sure that the subnet mask is appropriately small.

3. If the applications running on the machines communicate with each other by IP address then make sure that the new private IP addresses are used by the application. If they communicate by name, make sure that you edit the hosts files on each machine and add an entry for the other machines private IP address.

4. Make sure that any "listener" application on each machine is bound to/listening on the correct network adapter/IP address.

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCTS:Hyper-V
MCTS:System Center Virtual Machine Manager
MCTS:Windows Server 2008 R2, Server Virtualization
MCSE:Security 2003
MCITP:Enterprise Administrator

 

[bkelly13]

Hello kmcferrin,
you brought up some points I did not think of. I will first calculate the maximum bandwidth we might be able to consume with the largest incoming traffic we can can get.

Item two looks the best, but we had best do some calculations before running too fast in the dark.

Thank you for taking that much time to post a reply.

Time is the medium we use to express our priorities
(Bryan Kelly, 2000)

 

[iolair]

If you're willing to learn, you could implement VLANs on the switches, then use Windows' routing and remote access to acheive real separation, but it ain't an easy setup.

Iolair MacWalter
Network Engineer

 

[kmcferrin]

2. Put the "private" network on a separate subnet, preferably routable (so if your company's IP scheme uses 10.x.x.x IPs then you would use 192.168.x.x IPs). Do not specify a gateway for the private connection, and make sure that the subnet mask is appropriately small.

I meant to say "preferably non-routable."

________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCTS:Hyper-V
MCTS:System Center Virtual Machine Manager
MCTS:Windows Server 2008 R2, Server Virtualization
MCSE:Security 2003
MCITP:Enterprise Administrator

 

[bkelly13]

Re: MCTS:Windows Server 2008 R2, Server Virtualization

I see this in your signature. As it happens, I am using IADS (Symvionics) on a Dell computer running Server 2008 R2. IADS cannot yet run under 64 bit OS, so the techs are setting up a 32 bit virtual machine on this hardware / server. I understand the concept of virtual, but nothing about how Microsoft implements either 2008 R2 or their virtual machines. Please point me to a web page or a book where a beginniner in this field can start.



Time is the medium we use to express our priorities
(Bryan Kelly, 2000)

 

[kmcferrin]

Well, there isn't too much in the way of books on R2 yet, but there's a decent book from Sybex on the initial release of Hyper-V. This is the one that I bought:

http://www.amazon.com/Windows-Serve...=sr_1_2?ie=UTF8&s=books&qid=1265813193&sr=8-2

But the resource kits are usually good too:

http://www.amazon.com/Windows-Serve...=sr_1_1?ie=UTF8&s=books&qid=1265813193&sr=8-1

I also keep up to date on the MS Virtualization Team blog:

http://blogs.technet.com/virtualization/

And Ben Armstrong's Blog:

http://blogs.msdn.com/virtual_pc_guy/default.aspx

Here's an archived webcast that's a general tour/intro:

http://www.microsoft.com/events/series/thrive.aspx?tab=Videos&seriesid=152&webcastid=12813

And here's the technet Virtualization resource page:

http://technet.microsoft.com/en-us/virtualization/default.aspx

That's probably far more than you'll ever want to know about it.





________________________________________
CompTIA A+, Network+, Server+, Security+
MCTS:Windows 7
MCTS:Hyper-V
MCTS:System Center Virtual Machine Manager
MCTS:Windows Server 2008 R2, Server Virtualization
MCSE:Security 2003
MCITP:Enterprise Administrator