0

I've been asked to research into providing networking links for around 16 machines, which will be providing access for a group of small companies which will become part of a co-working space.

I have a reasonable experience setting up small networks - and feel I'd be able to help, but I'd like to find out about any specific pitfalls I should consider prior to commencing the project.

The main purpose of the network will be to share the building's broadband access, providing access to each client's machine.

  • If would be nice to be able to guarantee a certain level of network throughput to each client - would we need to invest in an expensive (£500+) router / switch to enable this? I'm not sure if recommendations are allowed on serverfault, but any examples of good choices would be most appreciated.

  • The building is currently cabled - and some of the cabling has recently been in use. To avoid problems in the future would it be worth checking the cabling quality? Is this a very involved job, or could a novice (such as myself) complete the task?

  • The ability to provide a 1gb link between certain rooms could be beneficial. I've read that cat5e cable is capable of this -> would standard cat5 cable benefit at all from a faster switch/router?

I'm going to be providing the service free-of-charge, but want to make sure that I'm not wholly underestimating the task before I go ahead.

Any and all tips and pointers would be appreciated.

Thanks in advance.

codeinthehole
  • 101
  • 2
  • "free-of-charge"?? You're crazy ;) – GregD Nov 17 '10 at 16:17
  • @GregD - well, I'm actually a web developer - so I'd feel bad charging for something which isn't my speciality. The project's being run as a non-profit .. so I'll do the job for free and hope karma will sort it me out ;) – codeinthehole Nov 17 '10 at 16:34
  • Ha, I hear ya and I applaud your effort but man, Kharma's a bitch when she calls you at 3AM cause the network is down or on a Saturday when you're at a nice family BBQ. – GregD Nov 17 '10 at 16:37
  • @GregD - haha .. yeah, very true - maybe I should find a nice local IT company who can help out. – codeinthehole Nov 17 '10 at 16:44
  • When it comes to testing cables on-the-cheap, the easiest way might be to just use iperf on a couple computers. a $100 tester isn't going to tell you anything useful other then the cable is connected. – Zoredache Nov 17 '10 at 21:50

3 Answers3

1

I'd be very surprised if you could see noticeable problems with 16 users on a 54Mb network - nevermind 1Gbit.

The basic domestic routers available at most PC retaillers is capable of supporting this (approx £30). However you won't get fine grained access controls, bandwidth metering and AV filtering.

If your needs are more sophisticated than just supplying internet connectivity, you might have a look at ipcop, dansguardian or one of the many other server appliances available.

providing access to each client's machine.

erm, really? you want to provide remote access to users machines and you don't know how to start? Don't even try until you've learnt an awful lot more about the topic.

Update

Spookily, the reg are running a series of reviews on Linux based SME servers, starting with the aptly named SME Server

symcbean
  • 21,009
  • 1
  • 31
  • 52
  • Thx for the reply. I'm not sure what you mean by "you want to provide remote access to users machines and you don't know how to start?". We'll obviously have a firewall in place, and I know where to start .. I just want to make sure that the process is as straightforward as I imagine it to be. – codeinthehole Nov 17 '10 at 16:00
  • Some of the users may be working with digital video - so it seemed sensible to consider the possibility of enabling 1Gbit access from the start. – codeinthehole Nov 17 '10 at 16:01
  • I think the op meant 'providing outgoing internet access to each client' not 'providing incoming RDP or VNC access to each client' – bot403 Nov 17 '10 at 16:03
0

With the problem as stated, there are some crucial bits of information lacking.

First, is the intention that the "small companies" should be able to send packets to all other companies? And, indeed, see broadcast traffic from them? This is, I think, the very first question you need a firm answer to, since it influences the whole space of "possible designs" and is crucial if the clients are intending to run one (or more) windows-based networks.

Second, what security are you intending to put in place? NAT on the access (if so, will you be providing static NAT, log NAT assignments or otherwise provide possible logging, in case there is a legal issue with traffic from one or more clients in the future)? Firewalls (both between "client" and "internet" as well as between "client1" and "client2", if they decide to allow limited or complete inter-access between their networks)?

As far as QoS capabilities go, I don't actually have any idea what routers cost. But I do know that from a Cisco 2800 and up, you should be able to do somewhat advanced QoS as well as NAT (although you may be better served with a more dedicated firewall).

Testing the cabling is a good idea, unless there's a test protocol from the installation. Get a cable installer in to do the testing, it's a qualified job to test cables properly. I've done some cable testing, but a proper tester is expensive (the basic "there is connectivity" start ata couple of bucks, but for something that tests the characteristics of the cable, you're looking at least at a thousand bucks) and is somewhat lenghty (for each cable, you need to find one end to put the loopback on, then plug the tester into the other end and let the test complete, I'd allocate at least a couple of minutes for every cable needing to be tested).

Standard cat5 should be able to handle 100-BaseT (Fast Ethernet) without any problems and may be able to cope with 1000-BaseT (Gigabit Ethernet), but I'd want to test it to make sure. I haven't actually had any problems with it, even with cables I've made myself, but if I was doing an installation for a customer...

Vatine
  • 5,440
  • 25
  • 24
  • The cabling was previously set up by a local council IT department. As this project is being run on a small budget paying for extensive testing probably wouldn't be a priority - but I imagine I'd be able to purchase a cable tester to check for (and replace) any badly degraded lines. – codeinthehole Nov 17 '10 at 16:17
  • "Second, what security are you intending to put in place?" -> a firewall between the local network and the internet. I'm imagining that restriction of access between individual local addresses won't be necessary - but it's a very useful point. Thanks. – codeinthehole Nov 17 '10 at 16:21
  • @codeinthehole I think that allowing complete access between companies networks would be a bad idea. Who's liable when one company introduces a virus to the network that then spreads to and disrupts the other businesses? Or one company puts an open wireless AP on their network, either intentionally or unintentionally and exposes all the companies to the risks involved in that. It could get ugly. I know you're trying to do a good thing but legally it could be risky for you and the other companies involved. – 3dinfluence Nov 17 '10 at 17:02
  • @3dinfluence, I see your point - and I agree. I'll discuss these issues with the person running the project. – codeinthehole Nov 17 '10 at 17:52
0

For future proofing this setup, you might consider Cat6 cabling. Cat5e will handle gig throughput just fine (we're doing it along with VOIP), but the future is Cat6. I would not consider Cat5 if throughput is a primary concern. The expense of checking the in-place cabling might put you in the range to just having it all replaced with Cat6 anyway.

Most of my switch experience is with Netgear and Cisco. Cisco components are green colored for a reason. My theory is because it's the color of money :) Having said that, I have far less problems with all my Cisco gear, then I do with my consumer-level Netgear equipment. If cost is a concern, then by all means, buy off the shelf consumer products, most of which support 10/100/1000.

Most things should be relatively straightforward. Keep in mind that some jurisdictions require a low-voltage license for running cabling, if it traverses walls or ceilings...so keep this in mind. It really pays to have a professional run cabling regardless.

GregD
  • 8,713
  • 1
  • 24
  • 36
  • Thanks, yeah - well, we have a couple of grand to spend .. but the project's being run as a non-profit, so we need to be careful. As the cabling was previously professionally installed, I'm wondering whether some research and a £100 cable tester would be a worthwhile compromise to getting a professional installer involved. – codeinthehole Nov 17 '10 at 16:33
  • Is this existing cable cat5, cat5e or cat6? – GregD Nov 17 '10 at 16:36
  • well, we don't know yet .. but will do soon. I live in hope it's one of the later two .. – codeinthehole Nov 17 '10 at 16:41