Get Activex - Dorset ICT in Schools Conference 2016
Download
Report
Transcript Get Activex - Dorset ICT in Schools Conference 2016
Dell Networking…
Get Active!
Latest Switching and Wifi
Standards & Best Practices
Lee Collins & Harvey Lang
Change: The only constant
2009
2015
The future
25%
40%
??
2.5M
500M
??
800K
4400K
??
Internet users
worldwide
Tweets per day
Size of the
digital universe
Dell - Internal Use - Confidential
Dell Networking
PETABYTES
PETABYTES
Not just Pupils – they’re our customers….
Pupil demands:
• Using social media to voice comments over the quality of infrastructure.
• In some cases we see pupils school/college choices influenced by some of this….i.e. ”have you got WiFi?”
Pupils technically savvy and in some cases already experiencing better at home:
• Super fast broadband
• Tablets – average of 2-3 devices each…!
• Cloud Services
Improving Teaching & Learning:
• Teachers and backoffice staff need access too, how do you accommodate and differentiate from pupils?
• Access to services via the network – e.g. click2print.
• Lync/SharePoint – Collaborative/Distance learning.
• Cloud solutions (Office 365, SkyDrive, Skype etc…).
Security compliance, network access controls, privacy:
• More and More devices turning up at Campus’s – at all age groups
• How do we secure these and protect the network without compromising on learning and user experience….
All of this is putting load onto a network…..the network of today is the foundation upon which all devices and
applications sit – let’s take a look at current and emerging standards to ensure you get the most out of your
network…
Dell - Internal Use - Confidential
3
Confidential
Global Marketing
The Wireless Campus
• Can we run everything on wireless and do we actually need a wired network?
• There will always be an element of wired infrastructure – servers and storage
– And where else would all the Access Points connect to
• WiFi is still primarily a shared technology
• MU-MIMO on 802.11AC Wave 2 - will that help ?
• On Premise or Cloud, Capex or Opex?
•
Power Users - Switched infrastructure recommended
– 1GbE, 10GbE, 40GbE – wireless has faster speeds….but not that fast!
– IP Phones, CCTV, more PoE budget needed
• How effective is my Wireless?
– Interference
- Was a survey done (predictive and on-site options)
4
Dell - Internal Use - Confidential
Predictive Survey…
5
Dell - Internal Use - Confidential
Security (Wireless)
• Many pupils are allowed to bring their own devices to school
– IPhones
– Tablets
• How do they gain access to the network?
• How do you secure them and their experience on the network
– RADIUS
– PPSK
• On premises or Off-premises WLAN controls
6
Dell - Internal Use - Confidential
Security (Wired)
• Are all switch ports connected?
• What VLANs are in use – how many networks just use VLAN1 ?
• How do you prevent someone unplugging a device from a switch port and inserting
something different?
• How do you prevent spoof DHCP servers or Man-in-the-Middle attacks?
• I'll implement 802.1x – plan ahead – It's more than just a tick box on the adapter settings…!
• What happens if someone plugs another switch into the network – not as uncommon as you
may think!
7
Dell - Internal Use - Confidential
Protecting Spanning Tree
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
41
43
45
1
LNK 47 ACT
2
Stack No.
LNK
2
4
6
8
10
12
14
16
18
20
22
24
26
28
30
32
34
36
38
40
42
44
46
ACT
48 COMBO P
1
SFP+
2
B
F
F
49
51
53
50
52
54
49
51
53
50
52
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
Root Bridge
Bridge Priority 4096
8
Dell - Internal Use - Confidential
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
F
F
Bridge Priority 8192
Protecting Spanning Tree
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
41
43
45
1
LNK 47 ACT
2
Stack No.
LNK
2
4
6
8
10
12
14
16
18
20
22
24
26
28
30
32
34
36
38
40
42
44
46
ACT
48 COMBO P
1
3
5
7
9
11
13
15
17
19
21
LNK 23 ACT
2
4
6
8
10
12
14
16
18
20
22
24
RPS
Stack No.
LNK
Bridge Priority 0
1
2
SFP+
3
2
B
F
1
SFP+
ACT
4
F
B
F
F
49
F
51
53
49
51
53
50
52
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
50
52
Root Bridge
Bridge Priority 4096
9
Dell - Internal Use - Confidential
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
F
F
Bridge Priority 8192
Protecting Spanning Tree
5
7
9
11
13
15
17
19
21
23
25
27
29
31
33
35
37
39
41
43
45
1
LNK 47 ACT
2
Stack No.
LNK
2
4
6
8
10
12
14
16
18
20
22
24
26
28
30
32
34
36
38
40
42
44
46
ACT
48 COMBO P
1
3
5
7
9
11
13
15
17
19
21
LNK 23 ACT
2
4
6
8
10
12
14
16
18
20
22
24
RPS
Stack No.
LNK
Root
Bridge
Bridge
Priority 0
Bridge Priority 0
1
2
SFP+
3
2
B
F
1
SFP+
ACT
4
F
FB
F
F
49
F
51
53
49
51
53
50
52
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
50
52
Root Bridge
Bridge Priority 4096
10
Dell - Internal Use - Confidential
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
F
B
F
Bridge Priority 8192
Quality of Service
• Do we need it – why not just increase the bandwidth that you have?
– Inexpensive on a LAN
– Expensive on a WAN
• Increasing bandwidth is just like increasing the number of lanes on the M25
– Does it help - in the short term?
• QoS is like a car seat belt. You hope that you'll never need it, but it's there if you do….!
11
Dell - Internal Use - Confidential
Quality of Service
• So, we want QoS – Why ? - to protect your traffic
– Misbehaving apps or NICs on a network might hog bandwidth
– Latency sensitive applications; eg:- voice, video need priority
– Important applications for the business should have an element of priority
• What QoS features are you looking for
– Policing
– Shaping
– Queuing
• QoS needs to be enabled end-to-end, not on certain parts of the network
12
Dell - Internal Use - Confidential
Stacking or using an MLAG Technology
• Stacking
– All switches share a common configuration, one control plane, multiple data planes
– When upgrading, the stack will be unavailable for a period of time
– Alternative
–
Multiple links between switches – in a Link Aggregation Group (LAG)
• MLAG Technology
–
–
–
–
13
Mutli-Link Aggregation
Two control planes, two data planes, two configuration files
When upgrading, one system will always be available
Don't disable Spanning Tree!! It may not be used, but it will stop a meltdown if a cable is connected to
the wrong interface
Dell - Internal Use - Confidential
Storage and LANs Option 1 – No DCB
49
51
53
50
52
54
49
51
53
50
52
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
Servers
1
3
5
7
9
11
13
15
17
19
21
2
4
6
8
10
12
14
16
18
20
22
LNK 23 ACT
24
1
3
5
7
9
11
13
15
17
19
21
LNK 23 ACT
LNK
ACT
LNK
QSFP+ MODULE
LNK
2
4
6
8
10
12
14
16
18
20
22
24
ACT
ACT
LNK
QSFP+ MODULE
ACT
SAN
Switches
Storage
14
Dell - Internal Use - Confidential
LAN
Switches
Storage and LANs Option 2 – With DCB
Storage
DCB
49
51
53
49
51
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
50
52
54
Stack-ID
LNK
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
ACT
50
52
Servers
15
53
Stack-ID
Dell - Internal Use - Confidential
54
LAN
Switches
Other Campus Developments
N Base-T
– Not all sites have Category 6 cabling
– This will allow 2.5GbE and/or 5GbE up to 100m on older Category 5E cabling
– Reduces need for multiple 1GbE connections
Universal PoE
–
–
–
–
16
Doubling the capacity of PoE+ to 60W per port
Majority basic devices are PoE
Advanced devices, eg:- phones (colour screens) or cameras w/PTZ will use PoE+
Users of UPoE
–
VDI
–
Televisions
–
Networking kit eg:- switches
Dell - Internal Use - Confidential
Speeds and Feeds (1)
• Is 100GbE essential ?
– Uses 4 x 25GbE lanes
– Breaks out to 50GbE and/or 25GbE interfaces
– 1 x 100GbE port = 2 x 50GbE or 4 x 25GbE
• Third party 25GbE NICs are now available for servers (50GbE coming…)
17
Dell - Internal Use - Confidential
Speeds and Feeds (2)
• Next generation of servers will use faster NICs
• 25G and 50G speeds will have more prominence than 40GbE
• 40GbE market (servers) is expected to reduce
18
Dell - Internal Use - Confidential
Traffic Management
•
How do I segment traffic
– L2 - VLAN
– L3 IP subnet
•
VLANs
– How many do I need?
– Be careful where you deploy VLANs…!
– Should VLANs span the whole campus; L2 broadcasts, spanning tree implications?
•
L3 Subnet
– Do I require routing at the edge?
–
Inter-VLAN routing or a routing protocol eg:- OSPF
– Some L2 only switches will not permit more than 1 network interface to be defined
– L3 at the edge, more expensive option; VRF lite options available
•
Inter-VLAN routing
– Many sites deploy this at the core, sometimes at the edge?
– Few sites deploy a routing protocol at the core
19
Dell - Internal Use - Confidential
Network Management
• Often an afterthought…!
• How many people are managing the network?
• Methods
– GUI
– Standalone software package
• Campus
–
–
–
–
–
–
–
20
Wired and Wireless control
Flow management (sFlow)
Uploading and downloading of configuration data
Monitoring and Scheduling of tasks
Topology map
Event management
Scripting tools
Dell - Internal Use - Confidential
Multivendor Networks
• Higher speed connectivity to 3rd party networks.
– 10GbE, 40GbE, 100GbE
– Optics or DACs (Twinax)?
• Vendor A to Vendor B
– Assume that will work
• Vendor A to Vendor B
– DACs – Active or Passive
– Optics – Does one vendor block some optics that are not their own
–
Is there a command to get around this
– How to guarantee connectivity
21
–
Vendor A optics connects to Vendor B optics
–
Each vendor is responsible for their own communication path
Dell - Internal Use - Confidential
IP Multicast
Outside Broadcast
22
Dell - Internal Use - Confidential
•
One single stream of data
•
Multiple destinations
•
Saves on bandwidth
•
Multicast is a subset of a broadcast
Campus Networking and IPmc
•
Applications can benefit greatly from IPmc
–
–
–
–
•
Trading applications
Video traffic
Software Distribution
Any applications where there will be many multiple receivers
On a LAN, it’s feasible to have multiple streams if there are not that many (Bandwidth on a LAN is
cheap)
– Not best practice
– If you have an online broadcast for 100 people and need 100 streams, each of 50Mbps, that’s 5Gbps in total.
– Using IPmc reduces this to 50Mbps
•
Can be achieved using standard switching kit, so no special hardware required
•
In unicasting, the router forwards the received datagram through only one of its interface
•
In multicasting, the router forwards the received datagram through several of its interfaces
23
Dell - Internal Use - Confidential
Testing IPmc - MC HAMMER
Click on Server
Click on
Multicast
Click on
Network
Interface dropdown menu
24
Dell - Internal Use - Confidential
EFA guidelines for new builds…(some of them)
•
X amount of data points per school (dependent upon type/size of school)
•
Has a core switch design that is resilient against the failure of any single component, including but not limited
to redundant power supplies
•
PoE in compliance with 802.11 af/at standards
•
Maximise bandwidth between servers and core/top of rack switches
•
Can be configured and managed to support network security and quality of service
•
Is Energy Efficient Ethernet compliant to 802.3az standard
•
Has central management tools that can be used to configure the switching (core, edge, wireless), monitor
performance and provide alerts in the event of a failure
•
Is scalable to accommodate future developments
•
Provides blanket coverage throughout the school building which ensures connectivity is not lost whilst users
roam around the building
•
Provides guest access and automated authentication for authorised users
•
Minimises the impact of interference from adjacent networks
25
Dell - Internal Use - Confidential
25
Dell Networking Product Portfolio
Core Campus
Chassis Switch
Fixed Format Core Switch Platforms
1/10G
1/10/40G
C9010
S4048-ON
S4048T-ON
C1048P
S4810-ON
S3048-ON
Blade I/O
1/10/40G
1G
10GbE
1/10/25/40/50/100G
S6010-ON
S6100-ON
S6000-ON
Z9100-ON
Z9500
10/40GbE/FC
10GbE/FC
FX System I/O
M6220
Fabric,
1G
Access
ToR
Access Switches
X-Series
Wireless &
BYOD
M8024-k
M6348
M8428-k
FN IOA
MXL/IOA
1/10/40G
1/10/40G
N400
0
S4810
1/10/40G/FC
N3000
N2000
S3100
N1500
S3048-ON
Controllers &
Access Points
S4820T
Instant access
Points w/ builtin controller
S5000
S4048-ON
S4048T-ON
Guest access
and BYOD
Aerohive
Cloud Based
APs
Indoor
Outdoor
W-series ClearPass
Global Marketing
Thank You
Any Questions?