i need some advice on a small servers network please !!

naifq2222 · ‎04-26-2005

hi every one.

i need a small help please.

i have a collage project that is upgrading a network and my part is the server's network. actually it is 65servers, windows and non-win.

i wish to know what are the important issues that should be considered in connecting the servers with the rest of the enterprise?

i thought of some,but i need some deatails how to start working on it;

pls add any more or try to explain what do you think should be done in it:

*trafic analysis, but where?

*redundancy and failure backup

*security

*authorization, is VLANs sufficiant?

*server loads, how to calculate it?

*.................

Is there a special topology for server networks?or layering?

regards;

naif

Georg Pauwen · ‎04-27-2005

Hello Naif,

a server VLAN would definitely be a good idea. Are you using all Cisco devices ? If so, you could put two NICs in each server and connect both NICs to different switches, and then run a redundancy protocol such as HSRP.

Your traffic analysis and security can be done on the Layer 3 device. Can you specify what equipment yor network consists of (e.g. 6500 switches) ? With that information, it is easier to give you advice.

Regards,

GP

naifq2222 · ‎04-27-2005

Thanks Alot.

I didnt want to specify it bcz i was shy to make it a very big question

here is the specifications attatched

I am considered only with the servers parts only,

So discard the rest of the project its another student responsibility.

regards;

naif

naifq2222 · ‎04-27-2005

Thanks Alot.

I didnt want to specify it bcz i was shy to make it a very big question

here is the specifications attatched

I am considered only with the servers parts only,

So discard the rest of the project its another student responsibility.

regards;

naif

mvervoorn · ‎04-27-2005

There is a layered model for building infrastructure

core layer

distribution layer

access layer

The core layer needs to be fast most of the time layer 2 on some optical systems

Then you have the distribution layer. this is where you connect your servers and traffic analysing on layer 3. (like Cat6500 switches)

Then the access layer thats where you connect the end nodes. (like Cat4500 switches or 2950)

It is wise to segment your network into different VLAN's Like a seperate server VLAN and some client VLAN's, number of client VLAN's depents on the number of end nodes.

You can use multi layer switches (a MSFC card in 6500 switch) for routing between the VLAN's

For redundancy you can use for example 2 6500 switches with MSFC where you implement HSRP to have redundant gateways for clients and servers

For security you have to create some access-lists on the VLAN interfaces on the MSFC so you can implement traffic filtering between VLAN's

Do you also have a internet connection (firewallzone) in that case create a sepearate VLAN in which you connect the (PIX)firewall.

Do you need any more information?

Regards,

Maarten

naifq2222 · ‎04-27-2005

Thanks very very much for your help.

The main difficulty i am facing that i know the concept of my course material but i dont know how to apply it on my project.its only theory in my hed.

* I want to know how to connect the servers with the network if there is more than a server... Is it by connecting each server directly with the distribution layer switches or connecting the servers together in a bus\ring\tree then connecting all this structure with the switch ?

** What if i have different servers for different purposes, like if i have a server for faculty profiles and harddrives and another server for students.also a printers' server one for faculty and another for students. And a shared server for both for Mail service.i can use VLANs to restrict the access of each group to his server only?

and the mail server will be added to both VLans. Correct?

Georg Pauwen · ‎04-27-2005

Hello,

your ideas are pointing in the right direction: basically, each server needs to be connected to its own port on the switch. You can then, as you mentioned yourself, group the servers into VLANs, which are based on the functional groups (faculty, students). Access to the VLANs can be restricted with access lists.

Regarding the mail server, you cannot configure it to be a member of two VLANs at the same time. You can either put it in its own VLAN, or put it in any of the other VLANs; I guess, since everybody needs to access the mail server, you do not really need to restrict access to it.

HTH,

GP

naifq2222 · ‎04-27-2005

Thanks gpauwen

oh, i didnt know that i can make some server without an access restriction i thought when using VLANs i need to make them all in VLANs.

THANK YOU A LOT FOR YOUR HELP ALL

I WILL RETURN FOR YOUR HELP AND SUGGESTIONS.