At present, almost any slightly larger enterprise and school will establish a LAN for use, and the network is everywhere. As a network administrator of a local area network, he cares very much about network speed. How to effectively utilize bandwidth to avoid unnecessary speed losses and thus optimize the entire network is a very important issue.
This article attempts to discuss some factors affecting the performance of an enterprise network, and hopes it will be helpful to readers.
1. The success or failure of design
Design determines the speed of the entire network. A good overall network planning design can not only meet performance requirements, but also use the least investment, but also facilitate the expansion of the network in the future. Network design is a very big topic, from the selection and configuration of switches and routers to the integrated wiring, there are many knowledges. My personal advice is that hiring a very experienced designer or hiring a network cable company is the best choice for a corporate company to build a network in the initial. My early personal experience is that there are two different connection methods for the same equipment. According to the theory, the two are equivalent, but no matter how you try, you can't connect to the Internet. Later, a master just slightly changed the position of a wire and connected. Many times, experience is much more important than knowledge in books.
Usually, a good design meets the following requirements:
Functionality: This network must be able to work. In order for users to meet their work needs, they must provide users with "user to user" and "user to application" connections with reasonable speed and reliability.
Scalability: This network should be able to grow. The initial design should be able to grow the network without major changes to the overall situation.
Adaptability: This network should have a long-term vision when designing, taking into account future technological developments. And, factors that limit the development of new technologies in the network should not be included.
Ease of management: Network monitoring and management should be supported to ensure continuous and stable operation.
2. Services, servers and QoS
The stability of the enterprise network is often determined by whether some key servers and services are running stably. Usually, in a modern enterprise, some MIS and ERP systems will be used to manage the enterprise. In some large enterprises, management and operation are even implemented based on computer information systems. Therefore, in order to ensure the smooth operation of the entire enterprise, network management must ensure the stable operation of these information systems at all costs.
Generally, enterprise management information systems mostly use B/S (such as SAP) and C/S (J2EE and .NET) architectures. No matter what architecture, a high-end server is indispensable. Although modern technologies such as J2EE are stable and reliable, the server load is several times that of the early stages. By using dual or quad Xeon processors, SCSI interface hard disks, RAID arrays or increasing memory can greatly improve the performance of the server. At the same time, it is also a good way to buy a famous brand network card for the server or upgrade to Gigabit Ethernet instead of "street stall goods" that costs 2 or 30 yuan. Of course, given that Oracle, BEA, IBM and others have recently increased support for Linux, all products have been ported to the Linux platform, and Linux has indeed better service features, so users may wish to consider the Linux platform. If the company is very large, then using servers and complete solutions from major manufacturers such as IBM and HP is much better than an ordinary server you think is good.
face=Verdana>QoS is a technology recently advocated by switches and software manufacturers. QoS can ensure the stability of key services of enterprises. By retaining a certain amount of bandwidth to key service data packets in the switch, the performance of key services can be guaranteed. However, QoS is turned on, which means that more than 20% of the common network communication speed is lost, so for networks with dense business in the enterprise network and online, turn on QoS, otherwise, turn it off.
3. Routing and exchange
Switch and route configuration is also a very important network performance factor.
Let’s talk about the configuration of the switch first. The most common way to improve performance is to set up a VLAN. VLAN is to physically connect virtually into multiple different subnets through the same method. The biggest function of VLAN is to prevent broadcast storms. Generally speaking, if a network's broadcast packet accounts for more than 30% of all communication packets, the network performance will be significantly reduced. Now, almost all switches provide VLAN support. Although VLAN setup is a little troublesome, because of its significant performance improvement, it is recommended that the network management be able to configure VLAN. Setting up computers with relatively high frequency of mutual access in the same VLAN and isolating computers with high irrelevance will improve performance. In addition, turning on full duplex support for network cards and switches can also bring about performance improvements. At the same time, different switch networks (Cisco and 3COM, etc.) have their own patented switch technologies that can improve speed.
The function of a router is to connect two different networks. For small and medium-sized enterprises, they are usually connected to the uppermost switch as a bridge for the Internet and LAN. The router is an extremely complex and advanced machine. Of course, routers are very expensive. If small and medium-sized enterprises do not have high requirements for Internet performance, they can simply install a Windows Internet Access Server as a connection to the Internet server, or rely on cheap and easy-to-use Linux machines as soft routers, or install a proxy server software (Microsoft Proxy Server/Unix Squid) on a computer connecting the Internet and LAN. However, the router is very powerful and has very good speeds. Therefore, when possible, an enterprise should try its best to choose to purchase a router and purchase a router that is sufficiently fast to meet the company's requirements. The routing protocol is generally a PPP connected to the ISP, and there are not many improvements in the configuration. Some routers support ACL access control, and through reasonable configuration, some traffic can be blocked, increasing network bandwidth.
4. Bottlenecks, traffic
Network administrators must often sniff online packets to understand what exactly is being transmitted online. If an employee in the enterprise uses P2P software such as online video on demand or BitTorrent, it will have a huge impact on network bandwidth, especially LAN export bandwidth. The number of people online in the school where I work has not increased much this year, but the speed of accessing the public network has been greatly slowed down because of the increase in this type of point-to-point connection. If the enterprise business cares a lot about the exchange of information with the Internet, the network management must remind the user or simply block software such as BitTorrent on the firewall to ensure that normal enterprise information channels are smooth.
Most bottlenecks can be solved by purchasing more bandwidth lines from Internet service providers, or providing higher-level high-speed switches. However, the author believes that the key is to utilize the existing bandwidth. For example, for video on demand, if IPTV software based on Cisco switching technology is used, it can solve the internal video network bottlenecks well.
5. Safe and safe
The external network has a great impact on internal DoS attacks and port scanning on corporate networks. Therefore, installing a firewall or purchasing a hardware firewall can always solve many network problems. Especially nowadays, there are many hacking tools and are very useful, and magazines promote how to use them, so the potential dangers to the Internet are huge (sad). Moreover, the network administrator must scan the computers in the LAN to see if the backdoor has been opened by the hacker, and often check the Log logs, so be alert to abnormalities. Of course, the most important thing is to always pay attention to the latest software upgrade information and subscribe to the secure mailing list.
Secondly, it is difficult to guard against internal thieves. Therefore, the passwords of switches and routers must be highly confidential, and the topology of the network must be kept as confidential as possible. Turn off the http management service of the route and switch. For important data service units, such as SQL Server and MySQL server, they can be disconnected from the LAN and connected to the required host to form a separate subnet, or firewall software is installed to allow access to only fixed IP addresses.
In short, the sudden sudden change in network traffic must be taken seriously.
802.1x
This protocol can authenticate the identity of computers connected to the network to avoid anyone stealing the network. Most switches support this protocol and are recommended to promote use.
6. Details
Wiring: Connecting each computer in a LAN is done by twisted pair cable, but it is not simply connecting the two computers to each other by twisted pair cables to achieve the purpose of communication. We must connect according to certain wiring rules. The connection distance of twisted pair wire cannot exceed 100 meters. If we need to connect two computers more than 100 meters, we must use a conversion device. We also have to jump wires when connecting the conversion device and the switch. This is because in Ethernet, two pairs of twisted pair wires are generally used, arranged at positions 1, 2, 3, and 6. If you are not using two pairs of wires, but using the original paired wires separately, crosstalk will be formed, which will have a great impact on network performance. This situation is not obvious in a 10M network environment. If the traffic volume or distance is long in a 100M network environment, the network will not be able to connect. Of course, don't use inferior crystal heads and wires.
Strictly implement grounding requirements: Since all weak signals are transmitted in the LAN, if the operation is improper or the specific operation requirements of the network equipment are not carried out, interference information may occur during the network connection, which may cause the entire network to be blocked. Especially some network transfer devices, since they involve remote lines, they have very strict requirements on grounding. Otherwise, the network device will not reach the specified connection rate, resulting in various inexplicable failures during the networking process.
Care for equipment: Put the switch unit and server in a room with less dust. Of course, it is best if there is a central computer room. I often go and check it out and sweep the ashes. For cooling fans, it is best to have double backups. For network cables, you must at least have a clue and can find out if they are connected incorrectly. All of these can help the network function properly.