RE: Need some tips in reorganizing our LAN.
- From: "Ted Mittelstaedt" <tedm@xxxxxxxxxxxxxxxx>
- Date: Thu, 30 Mar 2006 09:28:13 -0800
-----Original Message-----
From: owner-freebsd-questions@xxxxxxxxxxx
[mailto:owner-freebsd-questions@xxxxxxxxxxx]On Behalf Of Mark Jayson
Alvarez
Sent: Tuesday, March 28, 2006 7:55 PM
To: questions@xxxxxxxxxxx
Subject: Need some tips in reorganizing our LAN.
Hi,
Right now, I'm working in a poor government agency where the
network is not well organized. Its hard to trace users that are
doing this stuff and doing that.IP addresses are scattered all
around the 3 story building.Switches are cascading everywhere..
Everything is a disaster. When a machine is infected with some
worms, its trivial to track it down..When one is doing p2p, no
one can stop him. Perhaps the reason why this is happening
right now is that the former network administrators
OK so this I think implies they all were fired?
did not
consider the scenarios that will happen in the future, like
increasing number of users and workstations.... mobilization of
employees from one area to another, etc.
Right now, we have a freebsd 4.7 lying in a dark room not far
away from where I am right now. And it is indeed the center of
our Local Area Network.. Guess what, it has only 2 interfaces.
One connected to public, and the other connected to our private
switch. That private interfaced is aliased to multiple subnets
like this:
10.10.1.1
10.10.2.1
10.10.3.1
10.10.4.1
10.10.5.1
This interface is connected to 1 switch and then 5 or more
switches are connected to this main switch. Those 5 or more
switches are then scattered to every area of the building. I
know you are thinking a lot of negative things about this
setup, but this is what it really looks right now.
The MIS suggested a LAN transition project, and I was assigned
to lead the team. Right now, we are only two in this very big
team. :-) I'm just wondering if I will ever gonna finish this
project or not. I have a lot of stuffs mixed up in my mind
right now but I really don't know where to start.
You are going to find you might as well start over and toss everything.
These kinds of clean up projects only work right if the chief network
admins who have all the institutional knowledge run the cleanup project.
If your new, and the people with the institutional knowledge aren't
around anymore, you have little choice but to just start over. This
is not an uncommon scenario since incompetent admins are the ones who
are most likely to create big undocumented messes.
I have these in my mind right now:
Connectivity
1. wired
2. wireless
Machines being hooked into the network:
1. servers
2. workstations
3. testbeds
4. personal (laptops etc.)
Will use DHCP
Will use centralized directory service
Will use centralized authentication
We have at most 150 employees...
We don't have that much to spend on equipments like managed
switches, powerful servers, etc.
We have a lot of political issues that needs to be resolved
regarding network usage policies
You have to start with these first. Unless you can get a statement
of use worked out and have the top dogs sign off on it, your screwed
before you even start. Do this first before you have spent all your
political capital because you are absolutely going to be pissing
off people and later on you won't have the support to do it.
You ought to know as well that I know several professional admins
that do this for a living - they are hired in the wake of incompetents
being fired, and they come in and hatchet out everything, then once
everything is running smoothly, they quit and go on to the next
company, because by the time they are done, everyone in the office
save the directors, hate their guts. (and the directors are laughing
up their sleeves at the users) They get paid pretty damn good money
for this.
All these stuffs, basically mixed up in my mind. I really have
no idea where to start aside from creating a purchase request
for a new PC router and a multiple port lan card, which I
already did a week ago..And it has not arrived yet. :-) Please
help me. I told my partner that services configuration is just
a piece of cake once we already have a definite plan. I really
don't know where to start. I'm not even tasked to do this...
I'm just tasked to help my partner who is a member of the poor
MIS. At first, I thought this would be just as easy as
upgrading the machine to FreeBSD 6.0 and then reconfiguring the
firewall ruleset, but I was wrong.
If you have any Network Transition plan that you may want to
share to me, please do so. Even if we don't have that much
similarities in our network setup, at least the non technical
part like planning etc...
Just start over and don't bother with a transition plan. If you spend
a lot of time documenting what is there now you will get snared into
keeping the bandaids going. The only way is to interview every user,
document all the services that all the users are officially supposed to
be using, then figure out how to provide those in the cleanest way
possible, then start doing that. If the existing stuff can be part
of that, fine, but most times it can't, and don't shed any tears over
it going away. And if your forte is Windows, then get rid of the
FreeBSD servers, if your forte is FreeBSD, get rid of the Windows
servers.
Ted
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Prev by Date: Re: ASCII files becoming double lined
- Next by Date: Re: ASCII files becoming double lined
- Previous by thread: Re: Need some tips in reorganizing our LAN.
- Next by thread: newfs'ed partition, recovery?
- Index(es):
Relevant Pages
|
