Dedicated LAN for backup

Unanswered Question
Aug 13th, 2007

Hello

In our Data Center we are planning to build a dedicated LAN network for backup over LAN traffic for about 700 LAN ports.

Does anybody know any documents that descibes recommendation for building such networks ?

Thank you in advance

Regards

Lukas

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Tue, 08/14/2007 - 01:26

Hi Lukas

Don't know of any specific docs for backup LAN but there are some good design docs at www.cisco.com/go/srnd which may be of help. Have a look at the data centre ones.

In addition things i would look to do

1) Have a separate switch infrastructure if possible for the backup LAN. This will allow you to run backups whilst still serving production requests although a lot will depend on the horsepower of the servers.

2) Kit choice depends upon how much traffic you are backing up. 4948 switches give wire speed performance or you could look to go with modular switches for more port density but you need to be careful on blade choice as some blades have a lot more contention/oversubscription than others.

3) If you use existing switch infrastructure make sure you use dedicated vlans for the backup network. You can also firewall these vlans as no users should need access to the backup NIC's.

Obviously if you do use the existing switch infrastructure you need to understand how much data you can backup and in what time window without affecting normal production services.

Hope this has been of some help

Jon

Joseph W. Doherty Thu, 08/23/2007 - 17:32

Alas, I too can't point you to a "how to" document, but if you're planning a backup LAN that runs on a separate physical or logical topology, especially including a separate link from the hosts, one issue you might run into is how to get you hosts to select only their backup link for only backup traffic. One "trick" I've seen for this is to make the backup network appear as one logical subnet to the dual homed hosts. Physically you can make it a routed network by clever manipulation of address (subnet) masks.

Another issue that might arise is security. If you have different subnet security on the non-backup LAN, you probably don't want to open a back door on the backup LAN network. However, instead of replicating inter-subnet security, modern switches that support some type of private VLANs, might make security configuration on the back up side, much easier.

For physical equipment requirements, this is usually straight forward, and designed about providing sufficient bandwidth to/from the backup storage devices. Remember to allow for bandwidth growth. As Jon notes in his post, insure the selected network devices have the internal bandwidth, and packet forwarding rate, capability that's needed. You may not need wirespeed for all ports, but you want wirespeed for all expected active ports.

Jon also mentioned using dedicated VLANs on a shared infrastructure. Further, don't mix these VLANs on a non-backup trunk, unless you implement CoS/QoS, but even then, dedicated backup links would be best.

lukaszkhalil Fri, 08/24/2007 - 03:09

Thanks.

We are planning to build dedicated, totally separated for the production network, LAN network for backup. Probably we will use one vlan inside the backup infrastructure with private vlan feature. The problem is that private vlan is not working fine with etherchannels.

Many thanks for your advises.

Actions

This Discussion