Tiered Network Help

Hello, I have been tasked with revamping our company network to enhance data performance, currently we have a flat network that has simply grown over the years with mismatched equipment , basically a big ring topology. We do plan on implementing VLANS down the road but is it possible to setup a 2 tier network design utilizing Layer3 technology? Our budget doesn’t include having both a Core and Distribution layer so I am eyeing the Ubiquiti Switch Pro Aggregation 32 Port then using the Enterprise 24Port XG switches as access along with the 48 Port PoE Enterprise switches. However we do use a third party firewall, a Sophos XG series device as our Gateway to the Internet.

I’m getting a bit overwhelmed trying to find the right products becasue this isn’t 9-5 business, we run 24/7 7 days a week so planning is so important and whether or not I fully understand what I am doing. So far I have looked at the Mikrotik lineup, Cisco 350 Business and then Ubiquiti. Ubiquiti has some nice products but more importantly, they are the only product where I can actually purchase 90% of what I need, others are months away and honestly barely anything out there.

Any help or suggestions are greatly appreciated. Oh we have approx. 160-180 devices and around 50 employees, an Active Directory environment.

Thank you.

If I was in your situation I would acquire 4 Cisco Catalyst 4948 switches and connect them in a daisy chain of port channels of 2 connections each. You can get these switches used for less than $100 a piece. This basically consolidates your core/distribution layers into a single plane. With such few devices I don’t see anything more redundant needed. You could always keep an extra switch on the shelf in case one fails.

Cisco works but it way more complicated than using the UniFi product line. Mikrotic is even more complex in terms of learning curve and lacks good central management. UniFi still has the easiest setup for managing VLANs and is probably the easiest system for central management.

Thanks for the comments. Basically what I need to do is address the lack of performance on the network currently so we want to move into the 2.5Gbe to 10Gbe techonlogy, replace our 3 current switches with something more like a core/distribution model. In the Unifi realm I was looking at multiple Exterprise XG 24’s, Pro Aggregation switch, multiple Enterprise 48 PoE. My plan would be to use the aggregation as the distribution where all the switches connect, and our Sophos firewall would be connected to Pro aggregation. The XG 24’s would be all our current LAN equipment with the exception of the VoIP equipment and any cameras using the 48 PoE switches. That is the thinking at this stage anyway.

I have to join the old equipment closet to the new server room, so this is why I want multiple XG’s to have that 25Gbe uplink. After doing quite a bit of research I know our current 1Gbe network is lacking performance due to the Layer 2 design and topology, so I really need to bruch up on VLANS and Layer 3, I know vlans alone would help but we also need a better design overall, I’m getting tired of the complaints.

We use UniFI in a lot of work environments, this site is still going after about 4 years and we have done even larger sites.

1 Like

Sorry Tom I revised my original reply so your comment does answer my prior thought. Thank you.

Based on my experience it is pretty unlikely that a small network of 200 devices or less needs more than 1 Gb bandwidth with any given system. I would hate to see you overspend on gear that you really don’t need. More times than not your “lack of performance” is really due to the underlying hardware of the infrastructure your systems are running on. I would make sure to account for all those variables.

1 Like

Very good point Fred and I have thought of that but although we are small company in terms of staff, the data we work with is huge. So majority of files we open are anywhere from 4-15GB, plus our backup system runs from 7pm till 1PM the following day so this is really impacting performance, the backups alone are in the terrabytes. As well alot of the new CAD machines we build are now either 2.5Gb or 10Gb so they can take advantage as well as the NAS’s and servers. And you are spot on, its defintely the way the infrastructure is currently setup with mismatched switches, so they have had a good run, over 8 years now so if we are going to upgrade we might as well go to the next level of connection speeds.

Those are pretty big data sets for sure and if the traffic flow has to be routed between VLANs you need to make sure you have something in place that doesn’t create a huge bottleneck. You may also want to consider each of the CAD workstations having two NICs, one for access to the NAS at 10Gb and another for everything else at 1Gb. You can keep the 10Gb network flat so you’ll maintain the best possible performance. Just make sure to configure the default route to use the 1Gb interface. You can buy the Cisco Nexus 5010 switches really cheap now which should be fine for a 10Gb network setup.

If you care about security don’t use switches that are past end of support that can’t be patched.