What is the best network design for a new multi-floor building?

networking topology

Specifics:

  • 4 floors. Floors consist of central cubicle area and exterior offices pre-wired to wiring closet on each floor.
  • IT data center will be located on 1st floor
  • Conduit exists in building between floors
  • Data and voice networks needed (either VLAN or physically separated)
  • User count per floor upwards of 100 locations with 4 data runs to each location
  • Wiring closets will consist of stackable gigabit switches

What is the best design for connecting the floors to the IT central data center. Do you make a hub/spoke design with each floor run directly to the data center? Make a ring from 1st to 2nd to 3rd to 4th and then back to 1st? Copper or fiber? 10G or port-channel 1G connections? Is it better to separate each floor into its own subnet with routing, use VLANs?


Solution 1:

There isn't any single "Best" imho. There are plenty of good solutions that can fit a number of budgets and design styles - I mention the last factor because the "best" can often be the design you are comfortable with and can easily support.

That said, I'll tell you what I've got in the same situation:

A 10Gbe fibre backbone between each cabinet (effectively a floor in your case) and its neighbouring cabinet and the server room. This gives you good bandwidth and resiliency.

Two VLANs per floor, one each for voice and data (actually we have a bunch of other stuff (wireless, CCTV, electronic access control, and hence a lot more VLANs for those - do any of these apply to you too?). This gives you a reasonable amount of "headroom" assuming 1 phone and 1 computer for each of those users, plus a scattering of the usual extras such as networked printers...

Think about a logical IP addressing scheme that can map the logical LAN to the physical LAN. This can help you understand the origins of traffic if you are looking at packets to troubleshoot stuff later, e.g.

Using the example: 10.x.y.0

  • where X = floor and Y = VLAN
  • so 10.4.2.25 might be a device in the voice VLAN on the 4th floor
  • and 10.3.1.13 might be a device on the data VLAN on the 3rd floor

VLANs vs seperate networks:

I've seen it done both ways but recently it has mostly been done with VLANs as it generally makes thing simpler in the long run. If you're worried about phone line quality on a shared lan then this can be fixed with QoS. Also consider that phones and computers are converging at the moment, phones are moving from "just phones" to VOIP to Unified Communications and at that final point you really want a "unified" network to run it all on. So with that in mind it makes sense, imho, to go down the VLAN route rather than separate physical network route.

As for number of ports, VLANs can cut the number of switch and patch ports required for local connections dramatically. We have phones in our office spaces with 1Gb "pass through" switches on the back of them into which we plug PCs, reducing the number of ports required to kit out an office - we do this by placing both VLANs on the same switch ports with data as the untagged vlan and voice as the tagged VLAN.

It really works well and as well as reducing the number of ports it also keeps the cost of deployment down; low level deployment technicians can just plug a phone, printer or computer in without having to get the port configured.

Solution 2:

With 100 people on each floor, the chances of there being > 255 devices per floor would be reasonably high, so I would definately consider a subnet and routing for each floor.

Regarding the actual medium, it comes down to budget. For backhaul you'd usually use fibre as the chances of the disances travelled being above the copper maximum would also be high. Additionally it gives you the option of upgrading to higher speeds without having to much around with re-running all your cabling.

Regarding 1 or 10Gb uplinks, that comes down to your budget and the design of your network. If your switches are stackable (or a Cisco monster with 200 ports) then 10Gbe is going to, obviously, provide you with a lot more bandwidth back to your datacentre. That said, unless you're doing some serious data transfer I doubt you'll come even close to saturating it.

If your budget is a bit lower and you can't stack your switches for each floor, then chances are most of your users will be squeezed through a single 1Gb uplink anyway, which negates the need for 10Gb backhaul.

Solution 3:

I working at a pretty large university (I have no clue how many switch ports or data jacks we have - I'd assume 100,000 would be a conservative estimate) with quite a few separate business units. So I've seen all sorts of topologies.

First off, I highly doubt 10Gb links would be required unless you've either got a) a massive WAN connection or b) need to transfer seriously large amounts of data internally. However, I'd definitely run fiber to the closet and keep future upgrades to 10Gb in mind. Where I work we only run 10Gb for the core ring around the campuses, so that's multiple thousand ports per 10Gb link. We also run almost exclusively big Cisco (4-6 slot, 48 ports per card) chassis switches.

If you're doing normal 1U switches (48 port or so) I'd recommend backhauling them all over 1GbE fiber to the server closet. Labor is expensive, media isn't - run at least twice as much fiber as you think you'll need. If you ever have really high bandwidth requirements - say a departmental server or scientific work - you can always patch into the dark fiber.

Related

How do I get rid of localhost from email header?
Why is this China IP hitting my web site?
IPv6 link-local routing
fail2ban bans me after a series of *successful* logins
Apache on Localhost to block incoming connections outside localhost
How to clone computers to give each an unique computer name
Best way to tag/identify processes for killing them later?
Connections establish slowly, while download rate is great -Linux
Error upgrading Ubuntu server from Intrepid to Jaunty
How Do I Install Net-SNMP on Windows??? (without visual studio)
Wake on LAN over different subnets
How often should tape backups be verified?