LAN/WAN Design Question

[dominictiberio]

Our company has one main office location with about 10 branch sites all
within the same geographic area. There are approx 60 PC's at the main
location and about 5-8 PC's at each branch site. Right now we have a
win2000 DC at each location and they are all connected via 56k frame
relay (ugh) however, we are upgrading the data lines to full T1's
(frame still) back to the main office.

I would like to eliminate the DC's at each branch site and have one
main DC and a backup at the main location only. I do understand that it
makes a single point of failure, but that is inevitable with the new
setup in regards to some other servers. Are there any other pitfalls or
problems I'm missing... or will this setup be easier to manage and
still allow full operation?

Also, how does that change things like AD Sites and Services subnets?
Would they each still have their own IP addressing scheme (10.1.x.x for
the first site, 10.2.x.x for the second, etc.) but all point to the
main site?

Any and all help is appreciated.

 

[Phillip Windell]

You're already doing it the right way,...DC at each site, with AD Sites and
Services controlling replication.

Don't screw it up by taking the "right way" and turning it into the "wrong
way" on purpose.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.

 

[dominictiberio]

You're already doing it the right way,...DC at each site, with AD Sites and
Services controlling replication.

Don't screw it up by taking the "right way" and turning it into the "wrong
way" on purpose.

Thanks for the reply, it isn't so much about "right" and "wrong" as it
is about equipment, upkeep, and ugly reality (damn reality always gets
in the way of correctness . The servers in each branch site are aging
and there is no budget for replacement. With the upgraded data lines
there would be enough bandwidth, and it would allow us to get rid of
the old servers. With so few PC's at each location do you really feel
this would be a big problem? If so how about a middle-ground solution
that would consolidate 2-3 DC's into one at a geographical central
point to at least cut the number of DC's in half or a third and would
then grant me some spares to use for parts or replacement for failed
units?

The system as it stands is not reasonably sustainable and I am doing my
best to create a working solution with what I have. Again, the
assistance is appreciated!

 

[Richard G. Harper]

A T1 sounds like a lot of pipe ... until you start pushing things up and
down it. I have to go with Phillip here and tell you that reducing the
number of DCs is a bad idea. If you want to do it, go ahead - but I won't
advise you on how to do it (and I suspect Phillip won't either) because it's
a bad idea.

I could tell you how to drive your car with only three wheels in place and
one empty axle, but I won't, because that's a bad idea too.

--
Richard G. Harper [MVP Shell/User] (e-mail address removed)
* NEW! Catch my blog ... http://msmvps.com/blogs/rgharper/
* PLEASE post all messages and replies in the newsgroups
* The Website - http://rgharper.mvps.org/
* HELP us help YOU ... http://www.dts-l.org/goodpost.htm

 

[Phillip Windell]

is about equipment, upkeep, and ugly reality (damn reality always gets
in the way of correctness . The servers in each branch site are aging
and there is no budget for replacement.

They don't need replaced. Their "load" is not going to change. Part of my
servers are 10 years old. Their job hasn't changed, their load hasn't
changed,...they do the same thing they have always done at the same speed
they have always done it. We have replaced a few of them (which provides
parts for the remaining), but that would never justify throwing them out
without replacing them with something else. I would certainly consider
replacing them when opportunity arises, but never doing without them.

With the upgraded data lines
there would be enough bandwidth, and it would allow us to get rid of
the old servers.

No it would not allow you to get rid of them. Speed has nothing to do with
it. The issue is dependablility and these are still WAN links and they are
no more or less dependable just because they are faster.

With so few PC's at each location do you really feel
this would be a big problem?

With what you propose to do, if the WAN goes down they are "out of business"
it doesn't matter if they are two machines or 30 machines,...they are out of
business. It is already dangerous enough that there is only one DC at each
site instead of two.

If so how about a middle-ground solution
that would consolidate 2-3 DC's into one at a geographical central
point to at least cut the number of DC's in half or a third and would
then grant me some spares to use for parts or replacement for failed
units?

If the site has no DC,...the WAN goes down,...out of business,...simple as
that. The local DC is what keeps things running while the WAN is down.

The system as it stands is not reasonably sustainable and I am doing my
best to create a working solution with what I have. Again, the
assistance is appreciated!

I disagree that they are not "sustainable". They are already paid
for,...they don't "cost" anything. But it will cost something if those
users are "out of business" when the WAN goes down. Replace the machines
when you get an opportunity, but don't remove them from the design.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------

 

[dominictiberio]

Phillip Windell wrote:
Thanks again Phillip for the reply, and I do not need another reply...
I just wanted to make a few clarifications on some of your assumptions.

If the site has no DC,...the WAN goes down,...out of business,...simple as
that. The local DC is what keeps things running while the WAN is down.

The new system we are putting in place unfortunately requires access to
a network based server at the main site only. So if a WAN link were to
go down, they would be "out of business" as well regardless of DC
location. This is a risk and one that was decided on by outside forces,
it wouldn't be my choice either. But thems the breaks, so that was why
I was even proposing my idea and looking for some input. I am a fairly
well seasoned admin, and I can understand and appreciate your stance...
it would be my own if circumstances were different.

I disagree that they are not "sustainable". They are already paid
for,...they don't "cost" anything. But it will cost something if those
users are "out of business" when the WAN goes down. Replace the machines
when you get an opportunity, but don't remove them from the design.

Again, a mile in my shoes may prove things differently. The tape drives
in each of the DC's are failing, and cost over $1k a pop which there is
no allowance for replacement. I have had one blow a power supply at
about $300 and a day of downtime waiting for even the fastest shipping
and on a part no longer manufactured, so longevity is already an issue
and they are about 6 years old (some older) at this point. Ebaying
replacement parts is not much better than relying on a WAN link. And
amazingly our WAN links are rock solid (knocks on big amount of wood)
The way things are I have to choose the lesser of two evils... rely on
old and dying hardware for DC services for 3-5 PC's or bite the bullet
and have them go to a few consolidated DC's so that at worst one or two
are down in a rare event, or go whole hog and have them all come back
to the main site.

You can be sure I will continue to fight to replace these with even
some low-end 1U rackmounts at each site, but just about all the fights
out of me after a few years of this.

 

[Phillip Windell]

Fair enough,...
I understand


--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com

The views expressed are my own (as annoying as they are), and not those of
my employer or anyone else associated with me.
-----------------------------------------------------