Well, you were kind of bland on the usage of the network itself... I am assuming you are just going to be setting up a building to lease out to travelers/home workers/comapnies that wish to allow employees to telecommute?
Just from the description on what you have given, the shared media off a switch is a bad idea. Not just on bandwidth, but security. For instance:
1 24port 10/100 switch (say 3com 3300/Cisco 3500 or the like) with 24 hubs hanging off. (like you said one hub per switched port)
Each port on the switch will represent it's own collision domain. and since it is a switch, it actually switches MAC's at layer two from the sending port to the destination port. This is a GOOD thing. It prevents sniffing across a 'flat' network. The only thing any given port will see that does not belong to its client's MAC, will be broadcast traffic. Now, when you place a hub on a switched port, all traffic on that hub will be shared so that the 24 people on that hub can see any traffic they want to originating from any other port on that hub. (if you are going to be giving different people working for different companies access on the same hub, this is a BAD thing)
As far as linux goes, it is suited very well to handle this type of thing. You can throw low end linux boxes all across the network and use them as routers/firewalls.
(when I say low end I mean bottom end pci based machine) ipchains can deny all packets from different internal networks (possibly each network for a different company) but allow any packet originating from any of the networks out to the internet. (one low end pentium/60-200 with 4-5 nics in it could service those 3-4 networks to a T1/T3 fairly efficiently) Just throw down a linux box wherever you need to break a network up.
Hope that helps a bit
-Patrick
----- Original Message -----
From: Brian K. Murphy
To: ">ale@ale.org
Sent: Thursday, April 13, 2000 2:38 PM
Subject: [ale] Large Scale Network
Most of this isn't a linux question, but I do have one or about linux (which we will be running on all servers).
I am setting up a large scale network and I have a few probably basic questions. I will be connecting several building through T1 or wireless links (not yet determined) to a central NOC. Each building will have anywhere from a 150 up to 300 network drops, growing to close to 1,000 possibly in each building over the next few years. I guess I have to stack switches and/or hubs in each building, but what will be the most cost effective way to do it?? Any help?? One idea I have though of would be to take a 24 port switch, and then piggyback 24 port hubs onto the switch, that means a total of 24x24 drops ( 576 I believe). Also, if I get a switch with a uplink, I could stack two switches, and put the 24 port hubs off both switchs which would reach my tartget of 1,000. Right?? Also, I need a router for the connection to the Internet that will handle up to a T3. Any suggestions??
Now for the linux part of this. Basically, this environment is to provide high speed internet access. So it is like DSL or cable service. Now, I am very concerned about the security of the system. How do I keep the end users out of things they shouldn't be in, and of course there is always a everpresent concern about outside security. But, the user doesn't need to see the security side of things. .. I think I can handle the second part (external security), but the authentication and security of the users I am concerned about. Suggestions are most welcome.
Keith Murphy
--
To unsubscribe: mail ">majordomo@ale.org with "unsubscribe ale" in message body.