The Other Way...

Posted: Sun, 25 December 2011 | permalink | 6 Comments

Chris Siebenmann sez:

The profusion of network cables strung through doorways here demonstrates that two drops per sysadmin isn’t anywhere near enough.

What I actually suspect it demonstrates is that Chris’ company hasn’t learnt about the magic that is VLANs. All of the reasons he cites in the longer, explanatory blog post could be solved with VLANs. The only time you can’t get away with one gigabit drop per office and an 8 port VLAN-capable switch is when you need high capacity, and given how many companies struggle by with wifi, I’m going to guess that sustained gigabit-per-machine is not a common requirement.

So, for Christmas, buy your colleages a bunch of gigabit VLAN capable switches, and you can avoid both the nightmare of not having enough network ports, and the more hideous tragedy of having to crawl around the roofspace and recable an entire office.

6 Comments

From: Philipp Kern
2011-12-25 22:16

The whole post cries for a “he can’t be serious”.

From: Andre Tomt
2011-12-26 01:38

Ahh. You must be working in a smaller company. :-) Bigger companies would never even let a “sysadmin” anywhere near the the VLAN configuration of their network equipment without a bureaucracy firewall.

Then again I’ve never had any use for more than two of the drops to my office (got 4 drops/seat default)

Maybe what they really want is a lab?

From: Chris Siebenmann
2011-12-26 04:33

We’re pretty familiar with VLANs around here. I wrote a second entry on why a single VLAN’d switch doesn’t work for us, here.

How much you need gigabit is an interesting question. I may be biased by working at a university, but my view is that even ordinary users should have it (without it your IO bandwidth to and from fileservers is 10 Mbytes/sec, which is achingly slow). I feel that sysadmins definitely need it because your servers will have gigabit and sysadmins will wind up testing servers (or achievable server network speeds) in their offices.

From: Bob Proulx
2011-12-26 07:04

I have worked at companies where corporate policy strictly forbid any switches available to a user on the floor. I disagree but acknowledge their reason being that users often cross connected networks creating loops and then spanning tree would bring the network offline. Of course the reason users would connect switches up was because they didn’t have enough network drops and so this was a self-fulfilling prophesy. But remember that large corporations have no soul and neither can you reason with them.

From: Matt Palmer
2011-12-26 08:59

Tomas: I do happen to work at a smaller company. However, I’ve worked for larger companies in the past, and while they wouldn’t let me at the VLAN configs, they also wouldn’t let me near the patch panels, so if you can’t use VLANs, you almost certainly can’t do anything else flexible with your plethora of network drops, either. A lab is certainly what came to my mind.

Chris: I read the followup article almost immediately after I wrote my post (damned out-of-date RSS readers). I fully agree that everyone needs gigabit. What I question is the need for constant, sustained gigabit over an extended period to another isolated machine such that you need a dedicated link to them. The usage patterns I see are almost always either quick bursts of high usage (quick mostly because the data can get transferred nice and fast), or sustained transfer to a central location (for which separate links at the client end aren’t going to do diddly).

I fully agree with Andre – if you’re trying to test anything in a “real world” environment, you need a lab, not more network ports in your offices. I do, however, still support lots-o-ports for everyone, because people have a lot of networked equipment that does belong in their office, and you’ll make everyone’s life easier with more ports.

Bob: I’ve worked at companies with all sorts of screwed up policies. I don’t any more. Whilst sometimes you’ve gotta do what you’ve gotta do to make ends meet, I think the best solution for those sorts of places is to leave and find somewhere better to work, because the chances are any place that stupid is going to implode under it’s own idiocy sooner or later, and it’s better to be outside the blast radius when it does.

On the specific issue of people cross-connecting switch ports on locally-provided switches, if you give them multiple centralised switch ports in their office, they’ll just do exactly the same thing with exactly the same consequence.

From: Chris Siebenmann
2011-12-26 16:59

Matt: the short version of why I want dedicated gigabit is that I want to be able to test things with a gigabit link that I know is clean of other traffic. A VLAN’d office switch has unknown and unpredictable traffic on other VLANs; if I fail to get the performance I expect, it could be the fault of the stuff I’m testing or it could be the switch’s aggregated uplink.

(I elaborated on this in yet another entry.)

Post a comment

All comments are held for moderation; markdown formatting accepted.

This is a honeypot form. Do not use this form unless you want to get your IP address blacklisted. Use the second form below for comments.
Name: (required)
E-mail: (required, not published)
Website: (optional)
Name: (required)
E-mail: (required, not published)
Website: (optional)
 
« Rethtool: How I Learned to Stop Worrying and Love the ioctl
vmdksync helps you escape from VMware »