Redundant Network Topology

King Arthur

King Arthur

King Arthur

Associate
Joined
19 May 2005
Posts
862
Ok so its late and i think im been stupid but i can seem to get my head around how enterpise companies are providing redundancy to clients on lans

Now server redundancy is easy in terms of networking, pretty much every half decent server comes with dual nic, which you ofcourse you use teaming for redundancy and even use two sets of teamed nics to two switchs incase one switch fails, so network traffic can still flow to the server.

But then it hit me, what about if a switch fails that has 48 client computers on it? I know most people would be hopping mad if suddently 48 staff became unproductive for an hour or more while you replace and repatch a switch (that based on the fact you have a spare one).

So the question is what are people implementing to ensure client computers (not servers) are kept up and running? Now i know some bigger chassis switch uses redundant PSU's but there are really expensive and not found on the edge of networks which connect to clients very often.

Are people simply not providing redundancy for client computers? and before any one mentions stacking switchs, they are not there for redundancy they are there for providng a fast network back bone.

is there something simple im missing or do all computers need dual nics?

Because at the moment i cant see that if a switch fails there is any quick and easy way to re-route client traffic to get it working again.

Please help soothe my brain pain

Phil
 
Not sure if there is another way other than buying some spares, shoving them in the rack and hot swapping the cables over if the original fails (provided any pre-configuration has been done, if you have vlans, etc).
 
As discussed, server redundancy typically involves some kind of fail-over or hot spare scenario and network redundancy is really no different. There's a number of protocols for implementing network redundancy but they all work in essentially the same way.

Essentially your 'high availability' network devices (load-balancer, router, firewalls) will be in a master/slave pairs with a virtual frontend. If the master stops broadcasting its availability, the slave will assume the virtual MAC address. for more details see VRRP on wikipedia.

dual nics do not really add any redundancy and are used in enterprise networks for provisioning an out of bounds network.

As far as switches go, if a single port was to fail (doesnt happen often), you would just repatch the server to another port. If the problem is more serious you might have to replace the switch blade etc. In a desktop environment i dont think such an elaborate network is required. Even a 48 port switch I could replace in 10 minutes (in most offices a couple of hours would be tolerable).
 
Last edited:
From what I gather, it usually isn't worth the cost and pain of sticking a dual NIC in every desktop and running that off to separate switches. But it depends on what you need from your infrastructure. If you desparately needed resiliant LAN links to your client desktops, then yes, a dual NIC in every machine, leading to two separate distribution switches, connected into the resiliant backbone.

As others have said, it's usually easier to just replace the switch blade.
 
For switch failure we use Spanning Tree Protocol which basically uses redundant links to re-route traffic around the defective switch until it is swapped out. Doesn't help the poor sods attached to the defective switch but it keeps the other parts of the network in communication with each other.
 
Short answer is you don't. It really isn't practical in a desktop to provide the resilience.

You plug the desktop into the Access Layer Switch and then the Access Layer Switch has redundancy through dual connections to the Distribution layer.

Whilst you can put expensive Access Layer Switches in you still only have one connection from the switch to the desktop machine itself, so if the blade in the 4500/6500 switch fails you are still down.

Conventional wisdom seems to be that provide resilience in the network through the Core and Distribution Layers, also resilience in the Servers, but make sure you have spares for the Access Switches so can easily swap out.

Have multiple cables running to each desk so if breaks then a spare should be quickly available.

Providing Resilient connections from the Access Layer just moves the issue onto the Desktop itself.

Do you go for Dual PSU, RAID1, Two NIC cards, how do you do this for the increasing number of mobile workers that come into the office and out with laptops.
 
mdjmcnally said:
Whilst you can put expensive Access Layer Switches in you still only have one connection from the switch to the desktop machine itself, so if the blade in the 4500/6500 switch fails you are still down.
Click to expand...

Thats partly true, but switch blades on a 4500/6500 have a much higher MBTF rating than standalone access switches (part of the point of them really). So while you don't get redundency, you reduce the chances of failure by a good deal. And swapping a blade doesn't involve any reconfiguration...
 
As far as edge resiliancy goes; it cant really be more complex than keeping spares of your most used switches in stock, and taking nightly backups of your switch configs. I can restore the correct config to a new switch & get it swapped & patched in less than 30mins. The longest part of the process would probably be waiting for someone to arrive with the key for whichever room the cabinet is in :s

Many access switches have RPS (Redundant Power Supply) ports; which can be attached to an external PSU; Usually these can be plugged into 4 or more devices; but are only capable of powering 1-2 at a time... simply to provide protection against a switches PSU going.

To be honest; the chances of a desktop NIC or Machine failing are much higher than faliure of a decent switch. If you really must have resilient networking to the desktop, you need Dual NICs, 2 Seperate Cable Runs to 2 seperate cabinets etc.

In essence there is always going to be a weak point; you just try to keep that as close to the client as possible.
 
we use portchanneled and spanned 6513's across 6 datacentres twinned to HP c7000 workstation blade centres, so even if you suffer blown up desktop, you just swap round the thin client and you are back up and running in 5 mins (thats the SLA we adhere to), coz the workstation image is housed and presented from the DC the building could blow up and the trader has his desktop ready and waiting for him a few miles down the road. This setup can suffer (and has) failed datacentres and switches etc..

not cheap but when you are trading millions (billions in terms of mortgage percentiles) its a small price to pay
 
bigredshark said:
Thats partly true, but switch blades on a 4500/6500 have a much higher MBTF rating than standalone access switches (part of the point of them really). So while you don't get redundency, you reduce the chances of failure by a good deal. And swapping a blade doesn't involve any reconfiguration...
Click to expand...


we diverse route our patches too so we can suffer any dual fab line module failure and still be cooking with gas, as an side we place all our management (ilo's, service processors etc..) on el cheapo single fab cards which allows us to maximise our investment in the costly DF LM's

when purchasing line modules we always purchase from different batches to further reduce the chances of a similar MTBF outage, thats the plan anyway :p
 
You must log in or register to reply here.
Back
Top Bottom