Thank you in advance for any advice you can offer.
I am helping my daughter's school replace their old network hardware. One element needing replacement is their primary router and I'm considering a Cisco 18xx, 19xx, 28xx, or 29xx router. The characteristics of their school and network are are follows:
- 2 incoming feeds
- primary ~60-80Mb/sec (uwave dish) [coming next month. Current is 10Mb]
- backup ~3 Mb/sec (DSL)
- Connected to the router are 4 old LinkSys 48-port 10/100 switches, fully populated. They provide connectivity throughout the school and connect 6 consumer grade wireless APs/routers.
- total students in the school 250
- total administrators 30-40
- active wired users between 100 and 150
- active wireless users between 150 and 250
- most traffic is currently to/from the internet (current connection is 10Mb)
- they would like stream video within their network in the future
- The router runs NAT and its DHCP server provides all IPs
The current wireless infrastrucure is poor but this will be addressed separately (probably via Meraki). Since this is a school, there is quite a bit of BYOD and their router even with their current limited wireless has run out of their max of 256 IPs.
As they upgrade from 10 -> 80Mb/sec on their WAN and add wireless coverage across the school, this will place increased demands on the router-to-be because things will work better inside.
I'm somewhat familiar with the 18xx product from a purchase I did long ago for a smaller setup (50 users) but so far I'm unable to answer the following questions:
1. Given 400+ IPs, does this push me towards a specific family being 19xx, 29xx?
2. With an 80Mb/sec gateway, what family is more appropriate (although I suspect decision is limited by #1 above)?
3. Given I'll want Fe0/Fe1, does failover to a back-up link work well on modern Cisco routers? In the past, at least for me on a 18xx it was "not so much."
4. Is the management SW on the newer G2 routers modernized or will their staff still be managing by running IOS commands on the CLI? They do not have an IT professional, but they do have people familiar with networking.
With a solution like Meraki, Aerohive, and Ubituiti being consider for the wireless, I don't belive I need a lot of intelligence in the router for management of the wireless network.
If the WAN is 80 MBit symetric, then you need a router that is capable of 160 MBit throughput with security services (you probably also want to run firewalling on that device). For that I would plan for a 2921 ISR G2.
If both internet-lines (primary and backup) are provided as ethernet-links, then you could also use an ASA5512-X Firewall which is less expensive and has a quite good GUI for the configuration. In my opinion that would be the better solution.
Thanks for your suggestions. I believe the service us asymmetric, but I shall check. I agree that a 2921 should work for them w/ an 8-port EHWIC. I looked into the ASA but it is less common in this use and one of their teachers has familiarity with older Cisco 28xx routers.
Besides, someone needs to properly design the network. A /23 for students AND staff? That's a joke. With BYOD in mind, the school's IP subnet needs to be broken down into (a minimum) of three: Staff, students and Guest/BYOD. So the router will need to do inter-VLAN router. Because you'll need a router for the DSL backup, you'll also need to purchase a EHWIC-VA-DSL-A.
Same goes with wireless and IP telephony. Might as well get this done right. For wireless you need to get a proper wireless site survey done. This also means that those switches will need to be replaced with PoE switches that can do stacking. Nearly all the new Catalyst switch models support stacking and they are the 2960S/X/XR, 3650 and 3850. Due to the small budget of schools, I'd recommend 2960X. For wireless, I'd recommend the school look into the 2600 and for a WLC, I'd recommend the 5508 with 50 AP licenses.
If you really work for Cisco, you can ask the account team where your daughter's school is located and see if they can provide Not For Resale (NFR) for the school. I've even seen a website where they sell rock-bottom refurbished Cisco gear at >60% discounts but only to SCHOOLS. They will not sell to college and universities.
- Regarding the design of the wired network, they could certainly benefit from it but they have managed to make due with far less and a modern router will help them take the next step.
- For the router, they will not be able to afford - even with a generous discount, a 39xx. Rather than use refurb or donated gear I think they will be able to make due w/ a new 2921, security bundle, w/ an 8-port EHWIC on the back.
Q? Does anyone else have concerns about a 2921 being underpowered? (keep in mind they are running few services and most traffic will be web/mobile devices).
- For wireless, they are looking closely @ the Cisco Meraki solution w/ less than 20 APs (no WLCs). The POE will require a new 24-port switch (they are looking at an SF500). Going to 20 commerical APs instead of 6 WRTs will be a few steps up and they will consult w/ a network engineer (another parent) to survey the school. You made a great point. I will do some arithmetic though and compare the 5508 solution w/ WLC to Meraki.
- They may not be in a position to replace their current switches due to cost concerns but when the time comes, a stackable solution is desirable. They are looking at the SF500 family where the price is a real advantage and the mgmt SW is thought to be good. I didn't seriously consider the 2K line because of cost since they will end up w/ 5 48-port switches and 5 2960s (one being POE) is out of any possible budget (even w/ a nice discount).
- They have no plans to move to an IP telephony solution.
I do work for Cisco and am familiar with the discounts available. I'll look at finding an internal AM who might be able to make suggestions.Thanks again for providing your suggestions. George
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...