Specifics:
- 4 floors. Floors consist of central cubicle area and exterior offices pre-wired to wiring closet on each floor.
- IT data center will be located on 1st floor
- Conduit exists in building between floors
- Data and voice networks needed (either VLAN or physically separated)
- User count per floor upwards of 100 locations with 4 data runs to each location
- Wiring closets will consist of stackable gigabit switches
What is the best design for connecting the floors to the IT central data center. Do you make a hub/spoke design with each floor run directly to the data center? Make a ring from 1st to 2nd to 3rd to 4th and then back to 1st? Copper or fiber? 10G or port-channel 1G connections? Is it better to separate each floor into its own subnet with routing, use VLANs?
Best Answer
There isn't any single "Best" imho. There are plenty of good solutions that can fit a number of budgets and design styles - I mention the last factor because the "best" can often be the design you are comfortable with and can easily support.
That said, I'll tell you what I've got in the same situation:
A 10Gbe fibre backbone between each cabinet (effectively a floor in your case) and its neighbouring cabinet and the server room. This gives you good bandwidth and resiliency.
Two VLANs per floor, one each for voice and data (actually we have a bunch of other stuff (wireless, CCTV, electronic access control, and hence a lot more VLANs for those - do any of these apply to you too?). This gives you a reasonable amount of "headroom" assuming 1 phone and 1 computer for each of those users, plus a scattering of the usual extras such as networked printers...
Think about a logical IP addressing scheme that can map the logical LAN to the physical LAN. This can help you understand the origins of traffic if you are looking at packets to troubleshoot stuff later, e.g.
Using the example: 10.x.y.0
VLANs vs seperate networks:
I've seen it done both ways but recently it has mostly been done with VLANs as it generally makes thing simpler in the long run. If you're worried about phone line quality on a shared lan then this can be fixed with QoS. Also consider that phones and computers are converging at the moment, phones are moving from "just phones" to VOIP to Unified Communications and at that final point you really want a "unified" network to run it all on. So with that in mind it makes sense, imho, to go down the VLAN route rather than separate physical network route.
As for number of ports, VLANs can cut the number of switch and patch ports required for local connections dramatically. We have phones in our office spaces with 1Gb "pass through" switches on the back of them into which we plug PCs, reducing the number of ports required to kit out an office - we do this by placing both VLANs on the same switch ports with data as the untagged vlan and voice as the tagged VLAN.
It really works well and as well as reducing the number of ports it also keeps the cost of deployment down; low level deployment technicians can just plug a phone, printer or computer in without having to get the port configured.