11

I have to wire a new office for ethernet and the contractors want to charge atrocious amounts for each line running to each room in the office. It will be much cheaper for me to run a single line to each room and have a switch in each room, so each user in that room can just connect to the switch. The switches in each room will all connect to a central switch in the server closet.

I've heard conflicting accounts as to whether this will cause network collisions, latency and just general suckage. What are the main disadvantages to having a bunch of secondary switches which all connect to a central switch?

nganju
  • 213
  • 1
  • 2
  • 5
  • 1
    You could skip the wires and go purely wireless depending on your bandwidth requirements. – Zoredache Jul 26 '10 at 05:44
  • 6
    Going entirely wireless for any kind of size of a network is a *horrendous* idea. And going back to wire the rooms later is likely to cost you an arm ad a leg. – Cian Jul 26 '10 at 06:57

5 Answers5

10

We did this in an office where we were stuck with 1 port in each room, and we put a 100Mb switch in each room. It was OK for basic tasks, web surfing, email, etc - but the BIG downside is that if you start doing heavy network traffic (for example, copying a multi-gig file from one office to another) you chew up ALL the bandwidth for two offices, because each office is sharing a single uplink.

So it really depends on your level of activity, but you may have a larger issue with a contractor taking you for a ride (depending on your definition of "exorbitant"). Yes it should and will be more expensive multiple lines if you want them all in different locations, but if you want to run say, 4 lines into one location within the room then the extra costs should be:

  • More expensive cabling cost (usually pretty nominal, maybe $0.50/meter)
  • More expensive wall socket (Maybe twice the price of a single)
  • More expensive labour costs for crimping the ends (they can take a while, and includes the time taken to get a cable tester onto each end)
  • Larger or multiple patch panels in the central location

What you've got to weigh up against the cost of the installation is the cost of configuring, maintaining and purchasing multiple switches cascading off eachother. If I had a choice I would have paid the extra money to get it done properly (multiple lines into the room) because the hassle of maintaing THAT MANY cascaded switches can become prohibitive.

Mark Henderson
  • 68,823
  • 31
  • 180
  • 259
  • 3
    +1 I would tend to agree. Troubleshooting network problems with many levels of switches, especially if they are unmanaged can be time consuming and costly. With each switch you are adding another point of failure in your chain. I tend to go with as simple a topology as possible while considering future needs. That doesn't rule out multiple-tiering, but decide if you *really* need it. – John Virgolino Jul 26 '10 at 04:43
  • I usually expect about $120 a run near the high end in the Columbus, OH market. – Warner Jul 26 '10 at 05:01
  • @Warner, that $120/run - does that scale linearly for multiple ports to/from the same location? I would have expected `x` for the first run and then maybe `x*1.3` for subsequent runs. ($120/port sounds on on the pricy side, but not ludicras) – Mark Henderson Jul 26 '10 at 05:05
  • It's not really variable, as it's priced to consider the variables. I have people I work with that are around $100 and that's what I consider the more reasonable end of the spectrum. Typically the runs are at least several hundred feet. – Warner Jul 26 '10 at 13:25
8

You are almost describing the cisco multi-tier model. You have a 'core' layer connected to 'distribution' switches (or a 'head' switch in each closet) that will connect to 'access' switches that will finally distribute to the end users/servers/devices.

If you use switches and not hubs on all your network, there's not much of a problem doing that (it's even recommended to do it that way). Just remember the uplinks. If you have 48 ports running at 1GB most of the time and your uplink from access to distribution is only 1 GB, you can suffer of lack of bandwidth, so it's better that the uplinks from access to distribution to core to be larger than the average speed of the access ports (in my network now I have access ports at 1GB and 10GB fiber uplinks)

Also, remember to use STP (Spanning Tree Protocol) to prevent loops and provide failover configs on your network.

coredump
  • 12,713
  • 2
  • 36
  • 56
3

I've had a similar situation but modified the scheme somewhat for the reasons already mentioned by coredump and Farseeker, specifically the problem of shared bandwidth.

In my case I was able to determine beforehand that only a couple of users would ever need to transfer large files. With that in mind I ran a single line to the switch in the far office plus a couple of additional lines, one for each of those heavy traffic generating users. This offered the benefit of minimal cost without the problem of one or two users swamping the network.

To further save costs a 100Mb switch that was being upgraded in the server room was used in the far office, as that was more than adequate for those being connected to it. The "special cases" were connected by 1Gb. Of course this scheme is useless if you cannot identify who is going to be generating the traffic beforehand but can be a great money saver otherwise.

Dennis Williamson
  • 62,149
  • 16
  • 116
  • 151
John Gardeniers
  • 27,458
  • 12
  • 55
  • 109
3

The one issue I would worry about is security. By having your switches distributed around the building you are likely not going to take the effort to physically secure them. If there their is anything valuable on your network then it may be very simple for someone to place a device inline with the switch that will allow them to capture traffic and perform MITM attacks.

If you are going to be processing credit card transactions, health records, or some other else that is high value then distributing switches out in the rooms may not fit your requirements.

You will likely choose low-end switches for a setup like this which means it may be more costly in the future to implement more physical security features since you may need to re-wire things and replace your switches.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • 2
    Why is this especially a problem with switches? Even if I did it the other way, ran multiple individual ethernet cables to each room, someone could still put a device inline between someone's computer and their network jack, right? – nganju Jul 27 '10 at 14:45
  • @nganju You are correct, yes. There is no security concern except someone stealing the device. A hub network would be an issue, a switching network is not. – Ken Sharp Jan 28 '21 at 07:48
  • `someone could still put a device inline between someone's computer and their network jack,` - I mean sure, but certain features on higher end switches can make this far more difficult. Think 802.1x authentication, and things like that. That level of switch-level security wouldn't be reasonable if the attackers could physically access the switches though. – Zoredache Jan 29 '21 at 00:28
2

I absolutely avoid cascaded switches whenever reasonably possible. Unless the clients are absolutely controlled, such as a thin client with limited functionality, it's only a matter of when it will be an issue.

This is especially true within the core network or the network infrastructure that supports the servers. When working with purely workstations, you have a little more leeway.

Many of the other points here are fantastic, as such I will not reiterate them any further but I do encourage you to consider them.

Warner
  • 23,756
  • 2
  • 59
  • 69