 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 14 Jan 2008 10:01:42 +0000, Phil Cook wrote:
> And lo on Sat, 12 Jan 2008 00:35:13 -0000, Jim Henderson
> <nos### [at] nospam com> did spake, saying:
>
>> On Fri, 11 Jan 2008 15:07:55 +0000, Invisible wrote:
>>
>>> The point is it provides wildly more
>>> functionallity than we actually need.
>>
>> Today, but when you spend money on networking infrastructure, you also
>> plan for what you might need in the future. Some places just buy the
>> biggest thing they can so it's not going to be obsoleted before the
>> depreciation timeframe expires.
>
> Or from the more practical view they needed 35, but get a discount if
> they buy 50; so they justified the extra 15 by sending them to the UK
> :-)
That's also true. :-)
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Invisible wrote:
> OK, so the company I work for is moving to a new building.
Finally. That's one thing you've been waiting for ;).
> As part of the move, I thought it would be nice to buy some new gigabit
> brand you buy. But when HQ got wind of this, they said "oh no, you must
> buy these Cisco switches, that way they'll match what everybody else has".
Yes. Keep the line clear, and the network will be easier to maintain.
Yes. Cisco has a price. Cisco also has IOS, functionality, support,
quality and reputation. Practically Cisco is always a safe choice, when
it comes to network devices.
> Well anyway, HQ bought the switches themselves. I got an email the other
> day to say they've finished configuring them now. (It's a switch? What's
> to configure? It's a passive component...) They're about to ship them over.
No, it's not a passive component. Even the stupidest switches have some
intelligence and do active job. Manageable switches do much more and
routing switches (like the ones you'll get) are 'bout blessing for
network infrastructures.
> Yesterday I got a document describing the configuration of the switches.
> And now it all becomes horribly clear.
>
> These "switches" are actually *routers*. That's why they're so damn
> expensive - each one is a 24-port *router*!!
They are freaking reliable routing switches with world-reputation
support. Yes, that costs money.
> Um... we don't *need* routers. We have 1 subnet. We just need some
> ordinary switches. Oh well...
>
> But wait! Looking at the configuration details, it seems HQ want to
> split my network into several seperate subnets, and have configured the
> routers to route between them.
Because you can :).
> Er... why?? This isn't necessary. All this does is massively increase
> the complexity of my network. For no gain. Why are you going this?? (And
> why is today the first I've heard of this?)
It makes the network more controllable and logical (or to be precise, it
makes getting the network more controllable and logical possible). And
it increases security, if made correctly.
> *sigh* Clearly I'm going to have to make some phone calls... :-(
>
> [Seriously. Do these people just enjoy making things complicated for the
> fun of it? Are they trying to prove how cleaver they are or something?
> Perhaps this is job security? I don't know, but where I'm from, it's
> usual to go with the *simplest* solution that does what you want, not
> the most complicated one...]
They are making theier job (and yours too) more stable. It's a bit more
work to configure the system and some work to maintain it, but it
reduces big problems.
And yes, I'd love to get Catalyst to be the base of my homenet. But
because of the price I'll probably have to just get 1800-series Procurve.
--
Eero "Aero" Ahonen
http://www.zbxt.net
aer### [at] removethiszbxtnetinvalid
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Mon, 14 Jan 2008 23:12:39 +0200, Eero Ahonen wrote:
> It makes the network more controllable and logical (or to be precise, it
> makes getting the network more controllable and logical possible). And
> it increases security, if made correctly.
I don't know that I'd go with the security angle, unless 802.11x is being
implemented to authenticate devices to the network.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>
> Yes. Cisco has a price. Cisco also has IOS, functionality, support,
> quality and reputation. Practically Cisco is always a safe choice, when
> it comes to network devices.
Oh, sure, nobody can deny Cisco is the best brand on the market. ;-)
Maybe that will become useful in the future; at the moment it's pure
overkill.
> They are freaking reliable routing switches with world-reputation
> support. Yes, that costs money.
That's true - but it's also true that the switches we've already got
have run for 10 years without one single reliability issue.
>> Er... why?? This isn't necessary. All this does is massively increase
>> the complexity of my network. For no gain. Why are you going this?? (And
>> why is today the first I've heard of this?)
>
> It makes the network more controllable and logical (or to be precise, it
> makes getting the network more controllable and logical possible). And
> it increases security, if made correctly.
I don't see it.
I mean, if we had one group of nodes that talk to each other and don't
talk to anything else much, putting them onto a seperate subnet would
make a lot of sense. But that isn't the case. We have 50 PCs and 4
servers. All 50 PCs talk to the same 4 servers and the Internet. I fail
to see how subnetting does *anything* in this situation other than
adding unecessary complexity.
> They are making theier job (and yours too) more stable. It's a bit more
> work to configure the system and some work to maintain it, but it
> reduces big problems.
Such as?
> And yes, I'd love to get Catalyst to be the base of my homenet. But
> because of the price I'll probably have to just get 1800-series Procurve.
Your home network must be *much* bigger than mine. ;-)
[Mine has 3 nodes.]
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Invisible wrote:
> OK, so the company I work for is moving to a new building.
>
> As part of the move, I thought it would be nice to buy some new gigabit
> brand you buy. But when HQ got wind of this, they said "oh no, you must
> buy these Cisco switches, that way they'll match what everybody else has".
>
To be honest, it sounds like an opportunity to work with some nice
equipment. It will mean a bit more work for you - but that is also
experience. Sure, you may have to reconfigure them to be 'dumb'
switches, but you can still play around with them and learn more
networking fun!
To be honest, it sounds like there are a lot of frustrations at your
work. Pick and choose wisely which frustrations will get you all hot
and bothered. Otherwise you will likely be burned out and very unhappy
all the time.
This sounds like one of those things where I would shrug my shoulders
and say 'goodie - shiny new toy'.
Tom
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Tom Austin wrote:
> To be honest, it sounds like an opportunity to work with some nice
> equipment. It will mean a bit more work for you - but that is also
> experience. Sure, you may have to reconfigure them to be 'dumb'
> switches, but you can still play around with them and learn more
> networking fun!
>
> To be honest, it sounds like there are a lot of frustrations at your
> work. Pick and choose wisely which frustrations will get you all hot
> and bothered. Otherwise you will likely be burned out and very unhappy
> all the time.
>
> This sounds like one of those things where I would shrug my shoulders
> and say 'goodie - shiny new toy'.
Well, it was starting to look like I wouldn't get any new switches at
all because the UK can't really afford Cisco gear. Since it's apparently
now comming out of HQ's budget, that's fine.
Also, there's no possibility of reconfiguring the switches in any way.
It will all be controlled from HQ. I will not be given the passwords
necessary to do anything to the switches. (If it's anything like other
Cisco devices, you need to be a Cisco specialist to actually operate it
anyway.)
I'm not *so* worried about getting Cisco boxes as having to deal with 4
subnets when we only need 1... But hey, hopefully I'll be leaving soon.
And then it will be somebody else's problem...
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Tue, 15 Jan 2008 13:56:09 +0000, Invisible wrote:
> Also, there's no possibility of reconfiguring the switches in any way.
> It will all be controlled from HQ.
Huh, so they'll be available 24x7 to support any issues? If it were me,
I'd ask them. Heck, the worst they can say is "yes", the best they can
say is "gee, maybe you should learn how to operate them in case we're
unavailable - or if the WAN is down" and you get a chance to learn about
these things - if anything, it's fodder for the CV.
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
>> Also, there's no possibility of reconfiguring the switches in any way.
>> It will all be controlled from HQ.
>
> Huh, so they'll be available 24x7 to support any issues?
Don't be ridiculous. ;-)
If it breaks, it's only a problem for the UK, and that's a low priority.
> If it were me,
> I'd ask them. Heck, the worst they can say is "yes", the best they can
> say is "gee, maybe you should learn how to operate them in case we're
> unavailable - or if the WAN is down" and you get a chance to learn about
> these things - if anything, it's fodder for the CV.
Would be nice... However, based on my efforts to learn about the
firewall configuration [which *is* nontrivial], I suspect I'll get nowhere.
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Jim Henderson wrote:
> On Mon, 14 Jan 2008 23:12:39 +0200, Eero Ahonen wrote:
>
>> It makes the network more controllable and logical (or to be precise, it
>> makes getting the network more controllable and logical possible). And
>> it increases security, if made correctly.
>
> I don't know that I'd go with the security angle, unless 802.11x is being
> implemented to authenticate devices to the network.
>
> Jim
Access-lists and mac-filtering prevents stupid users plugging open AP's
etc to the network. Yes, it's some of a PITA to maintain, if devices
change a lot, but usually they don't. And the improvement won't be massive.
--
Eero "Aero" Ahonen
http://www.zbxt.net
aer### [at] removethiszbxtnetinvalid
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On Tue, 15 Jan 2008 20:52:07 +0200, Eero Ahonen wrote:
> Access-lists and mac-filtering prevents stupid users plugging open AP's
> etc to the network. Yes, it's some of a PITA to maintain, if devices
> change a lot, but usually they don't. And the improvement won't be
> massive.
Ah, yes, that would do it. I was thinking along the lines of subnetting
making things more secure, which really, it doesn't. You get some
additional segmentation of broadcast traffic, and it's harder to sniff
outside the wiring closet, but in a client/server environment, most of
the interesting traffic ends up on one subnet anyways...
Jim
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
|
|
