When is it time to have more than one VLAN?

[onsetcomp]

At what point is it best to have more than one VLAN?

We have about (14) 10/100/1000 switches now, about 300 devices, in a star pattern and only use the default VLAN 1.

How bad is that? I'd like to minimize the broadcast traffic as I think it's slowing down my network.

 

[cajuntank]

More than likely that's not your problem.

How are your 14 switches connected to each other? (copper, fiber, stack cable, etc...)

What's the condition of your cabling infrastructure? (CAT5, CAT5e, CAT6, etc...)

What protocols are you running? (ip, ipx, appletalk, etc...)

What is you network OS platform? (Netware, Windows, Unix)

What brand/model switches do you have?

If you have 300 devices and all have network addresses, what is your addressing scheme? (10.1.1.0/16, 192.168.1.0/22, etc...)

 

[onsetcomp]

How are your 14 switches connected to each other? (copper, fiber, stack cable, etc...)Answer: Everything is CAT5 and better, twisted pair.

What's the condition of your cabling infrastructure? (CAT5, CAT5e, CAT6, etc...) Answer: Everything is CAT5 and better, twisted pair. We tested all our cabling and everything allegedly passed for 1000bt but I don't have high confidence in the person testing them.

What protocols are you running? (ip, ipx, appletalk, etc...) Answer: IP and Appletalk along with Active Directory/Win 2003

What is you network OS platform? (Netware, Windows, Unix) Answer: Windows and Mac Unix

What brand/model switches do you have? Answer: Almost all are 3Com 1000bt switches. One Dell 1000bt 48 port switch ties them all together. One antique Cayman Gatorstar 10bt hub still exists providing nothing more than an appletalk zone name for old macs.

If you have 300 devices and all have network addresses, what is your addressing scheme? (10.1.1.0/16, 192.168.1.0/22, etc...) Answer: We use NAT and have a class B setup using the private ip range.

 

[cajuntank]

Good. Ok, to get a verification of when you made the comment that everything's in a star pattern, your Dell switch is your hub and all 3Com switches and the 10Mb hub are all first hop spoke points?
(so you don't have : Dell --- 3Com --- 3Com)
|
|
3Com

I would personally get those trunk links verified they support 1GbE with a level IV scanner just so you have peace of mind about that and get that possibility of contention out of the picture.

Are you experiencing performance issues all around or maybe just out of one particular segment?

I'm thinking of two likely possibilites and a couple of things you can try.

1. I'm assuming all of the Windows servers are plugged into the Dell switch. I would test sending a large file from say your pc to the server(s) and start trying to get a baseline of your throughput. (a side note*-A lot of times, there will be auto-negotiation issues that will happen between switch manufacturers. I have seen pc's connect at 1GbE to the switch and perform badly; when I force connectivity at 100Mb, then they fly.) Now you have a baseline, see what it looks like when you test that same file or files from down the line off of one of the 3Com's...this should be about the same if everything's connecting properly. If majorly different then start looking at cabling and maybe playing with forcing connection speeds.

2. One that a lot of people miss is spyware/virus or a chatty nic. Easy way to test is, and if these switches are managable, then configure one of the ports to mirror the traffic of the others and use something like WireShark to watch you traffic to see what's going on. If you can't do this for whatever reason, then you could disconnect segments one at a time and see if things get better. If it does then you can troubleshoot the pc(s) off of that one switch (same technique, diconnecting one at a time to see if there is any change). Don't forget the "chattyness" might reside on the Dell switch itself, so don't forget about him either.

300 pc(s) normally don't broadcast enough to perceptually see a performance hit on a LAN, especially on a 1GbE backbone or even a 100Mb backbone, so I'm thinking you have either more physical layer 1 issues, or you have maybe some spyware/virus infection flooding the pipe.

Hope I put you on the right path and post back with new info.

Thanks.

 

[onsetcomp]

Thank you for the help! Do you have any suggestions for a really good wire tester? I can rent expensive testers without too much resistance for the expense. Re-testing everything makes sense.

The Dell switch is fully manageable and the 3coms are "Web Smart" which is almost manageable but falls short like no snmp for monitoring programs.

Each server and switch has a home run to the Dell switch.

The biggest problem is that each customer service rep has to log into our off site e commerce site and 3 out of 4 of them have bad delays waiting for simple graphics to download. Even though they all have 40ms ping times to the site and no spyware detected. All Dell PCs with XP Pro and similar system specs.

A while back I discovered during "end of work day" network crashes that the Dell 9200 model would go into a jabber state and flood my network AFTER the PC was shutdown. As soon as the PC was powered up again the problem went away. A new nic stopped that problem.

Thx

-E

 

[cajuntank]

If you don't currently own a scanner, then I would get a vendor to give you a quote on testing. Testing should not cost you much and I would think (if everything is labled and they don't have to search for the wire) that for 14 cables, you'll probably be looking at a bill of somewhere between $150-$300 depending on your area's rates.

What is the connectivity to your remote e-commerce site (point to point T1, Frame Relay, DSL, etc...) and what's the speed?

You didn't mention a remote site in your previous postings.

 

[onsetcomp]

Our internet connection is broadband. 8mb down 1.5mb up.

I was actually thinking of having ALL cables tested.

Over the weekend I started using OpenDNS.com for forwarding DNS requests. This tightens up security a bit for my whole network. Not sure if it's related but so far the speed issues for customer service have gone away.

 

[cajuntank]

OpenDNS is great... we have been using them for quite a while now. If you have all of your cables tested, because of the quantity, you should be somewhere around $4-$6 per connection. The performance issues you were seeing, were they all happening across your cable connection? Was there anything internal still suspect?

 

[onsetcomp]

Yes all the connection problems were across our internet connection. We have decided to move one more ecommerce server inside our building here to avoid internet connection slow downs for retrieving order info. This will leave just the web server away from us. We are going to get a T1 to help with the broadband downtime.

I have run a zillion tests using the built in switch diagnostics for cables without any errors. I'm not sure if I can sell the company on spending $4-6/wire for another test.

Thanks for all your help.

 

[cajuntank]

The switch diags for cables are no way close to that of a level IV scanner. It's like comparing a Linksys 8 port switch to that of a Cisco Catalyst 6500 switch. Yes, they both can connect computers together to talk to each other, but that's about where the simularity ends.

I would at least get those 14 cables tested sometime down the road, again, just for peace of mind. I think your on the right track to look at a T1. Too many businesses trying to do large business function on small business technology.

Good luck.