Storage Uni's Server & Network Project! [Update 05-06-14 - Cisco Meraki Installed]

Yep the 5324 switches are fully managed 24 port gigabit switches. They have a CLI where you create and assign devices to VLANs - the command set is very similar to Cisco.

The simplest way to do what you're thinking is to give your software repository i.e. your workshop file server two network cards, with a default gateway towards your normal network and no default gateway on the second network. You can then have your software repo have a daily scheduled virus scan to make sure it isn't picking up any nasties.

If the devices on that VLAN require internet access for fixing you should probably proxy it via your repository server or get an older firewall like a PIX506E (ooh I have one of them too ) or a small Netscreen, maybe a secondhand ASA5505 even (although these will be more expensive as newer) - to stop all but what you allow to go between the two VLANs, which I'd suggest would be outbound RDP from your house VLAN and chuff all else.

 

That sounds good. Quite complicated for someone like me who's still very much learning the ways of managed networks, but necessarily so. Having two NICs would require a larger board than the H55N... might have to pick up a full ATX 1156 board for it after all. The server always needs an "open" (incoming and outgoing) Internet connection so that I can pick stuff up off it if I'm accessing it externally and also so that it can download new programs, updates and frequently used packages etc.

RE: the switches and firewall, would you be willing to part with 'em for whatever they're worth?

 

Yeah if it'll help you out we can work something out based on Ebay prices for em. I'm not using them so np. Send me a PM when you're ready to worry about that since this isn't the 'for sale' forum haha

I'll rough up a diagram which will show you that - with a hardware firewall anyway - you won't need a second NIC at all!

 

Okay here is my suggestion. The overload NAT on the outside interface of the firewall isn't necessarily required as to get to the internet it will be NAT'ted on the DD-WRT router, however that router won't necessarily have a route back so the NAT saves you fiddling with that.

You could just add the route in, of course.

 

Thanks, that looks great! It would take me a while getting used to it all but I'd say I will get to grips with it all right once it's in place. Still looking for my old network diagram, it's on the server somewhere but I can't remember what I named it

Just to complicate matters even more, the folding farm lives in the workshop too... I assume making sure those have a connection to send/receive work is no problem?

[Edited first post and title to reflect that this is now the planning thread for a project]

 

The folding farm is physically in the workshop, but logically its on your "Office" LAN.

The blue bars don't represent your physical switches, they represent a logical VLAN!

If you've got more than one ethernet link running between your workshop and house you can aggregate them together for a nice hefty backbone between the switches.

In other words, your logical topology is as above, and your physical topology will look like this:

 

Ahh, now I get it! Yeah, that works. there's only a single link between the office and workshop switches at the moment, but I plan on changing that when I convert the houses cabling from CAT5 to CAT6 anyway, so I can have gigabit speeds throughout.

 

One will work just as well as many - even low to mid-range SAN kit won't push a single gigabit link's throughput capacity to its limits due to the IOPS it can handle.

The places where you'd notice things are faster is when at the same time:

- workstation a is copying from workstation b
- workstation c is copying from workstation d
- workstation e is downloading a service pack from file server

... etc ... straying firmly into the realms of "Uni knows this stuff" now ...

 

Haha, sort of It's been a long time since I studied networks and even at that, it wasn't as in depth as it should have been, or at least as I'd have liked it to be.

You're right about the single link, but I may as well put another one in whilst I'm up there... I'll be in the attic for approximately a week running all the CAT6 in the house anyway

Multiple copies/transfers/downloads is something that happens on an almost daily basis. One workstation in the workshop may be downloading service packs etc, the server could be downloading something and writing to it's own discs and the HTPC in the house could be pulling stuff from it as well. For such a small network, there's quite a bit of activity!

 

Well in that case putting in the aggregate links is probably eminently sensible.

Just one thought regarding Microsoft patching etc, you do use WSUS right?

 

Yeah, I just installed it recently, but haven't got it properly configured on them all yet. +1 to the "todo" list.

 

It'll take a week to download everything but once its done you're golden

 

Awesome Just whilst we're on the subject, do you know much about WS 2011? If so, do you think it would be worthwhile for me to update to WSBS 2011 when I'm rebuilding the server anyway? I've been thinking about it but haven't looked into what's changed since the last version or whether it would benefit me any. To be honest I think WS 2008 is wasted on me as it is, XP would have done considering it's only a file server.

 

I doubt it'd be worth the hassle of the reformat myself.

The likelihood that Microsoft have put in a game-changer between the two is quite low. Might be worth checking out but past that ... ?

 

Yeah, that's what I was thinking. Just for the record, I'm formatting anyway once I rebuild it. It's getting a complete overhaul. I don't think I'll plump for a whole new WS version though... too pricey :/

I'm thinking a full ATX board would be a better choice now, to give me room to expand in the future. New storage controller, additional NICs (as you've already mentioned) etc. Using the Mini-ITX is nice in principal, but it's not really a good practical choice for a server like this. I think I'll save that for a custom built NAS project down the line, or that Lian-Li PC-Q11 office machine I've been coveting for ages

 

I came up with the following spec for the server:

Asus P7H55-M/USB3 Motherboard

Intel Core i3 540 CPU

4GB OCZ Reaper DDR3 Dual Channel, 1066 MHz, low voltage memory - already have a couple of these kits spare.

Highpoint RocketRaid 3530LF RAID controller

Edimax PCI-E 1x NIC

That's about the best 1156 motherboard I could come up with... It's still mATX instead of full ATX, has SATA 6Gb/s, USB3, onboard graphics when used with the i3 etc. Any thoughts?

 

With the exception of

.... me likey!

Personally though, I'd give it an Intel or possibly a HP NIC.

If you want new Intel, try http://www.scan.co.uk/products/intel-pro-1000-gt-desktop-pci-gigabit-10-1000-(copper)-network-card for £26.98 incl.

Personally though I'd be tempted to try and get a HP NC360T or other server class PCI-E NIC, as long as its got a full-height backplate with it of course (ebay search linky) - I've got one I'm not using currently, but have previously - its a great card. Sadly I don't have a full height backplate for it which limits my current application for it!

 

I'm limited to what NIC I can use with the motherboard, it has one 32 bit PCI, two 1x PCI-E and a single 16x PCI-E, no 4x PCI-E for the (rather awesome looking) NC360T I'm afraid... Unless I go for the Gigabyte GA-H55M-USB3 instead, and put it in the second 16x PCI-E slot. With that I lose the SATA 6Gb/s as it only has SATA 3Gb/s but I suppose that's not really a big deal, the storage controller will be handling all but the system disk anyway.

 

Despite the fact the NC360T would obviously be around £60-70 on Ebay, you would get HP's driver software which will allow you to team the NICs and load balance 2gbit to it lol

Unless you were planning for the system disk to be an SSD I'm not sure the SATA 6gb would gain you anything except for a little future proofing? I didn't know they'd bothered to give 6gb to any mechanical drives myself.

The £27 intel NIC is a good one by itself whatever the weather

Or you could just ignore me now as the networking part is my strength

 

Yeah I know... That would be a really nice setup!

You're absolutely right... I half did plan on having an SSD in there but I think the 74GB Raptor that I have will be fine to be honest. I think I'm getting a little caught up on the motherboard features that a server like this won't really benefit from. I definitely want USB 3 so that I can fast transfer to/from external removable media but the rest is pretty much unimportant. Future-proof SATA 6Gb/s would be nice but I'd rather have the dual port NIC and use a mechanical drive on a 3Gb/s port.

Hah, now why would I do that? You've done nothing but give great advice so far, for which I am extremely grateful