Welcome Guest.   Make a donation to an author on the site April 24, 2014, 06:12:06 AM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
Read the full one-year retrospective report on DonationCoder.com.
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: what is the benefit of this old style network  (Read 2239 times)
techidave
Supporting Member
**
Posts: 937


see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« on: April 23, 2011, 09:59:10 PM »

I was at a friend's place of business today and noticed this about his network of 3 computers running XP.  Each computer had 2 nics in it.  One is for the internet and one is for the local network.  he doesn't know why it was done this way nor does he really care since he isn't into computers.  Looks like all cabling is Cat 5.  One of the computers acts as a server.

So my question is:  Why would this have been done this way in the first place?  What benefit could it have given over any other style?  I call it old style but maybe it isn't??

Dave
Logged
rgdot
Supporting Member
**
Posts: 1,516


View Profile WWW Give some DonationCredits to this forum member
« Reply #1 on: April 23, 2011, 10:30:12 PM »

Separate or isolate local traffic from internet traffic for security...that's one possibility. Crude but has been done.
Logged
Renegade
Charter Member
***
Posts: 10,364



Tell me something you don't know...

see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #2 on: April 23, 2011, 11:32:51 PM »

I used to have multiple NICs for multiple Internet connections. One computer was WAN facing. It reduces the attack surface and protects computers on the LAN that have no direct access to the WAN except through the front-facing server. It's easy to setup and cheap.
Logged

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
iphigenie
Supporting Member
**
Posts: 1,165


curiosity FTW!

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #3 on: April 24, 2011, 03:18:35 AM »

still very commonly done on server clusters

security is one reason, another is performance - two sets of NICs means that any intense internet traffic will not affect the internal applications communications. If there was remote access or large downloads/uploads occasionally, it might have been a consideration.

Also means that if the internet network is under load or attack, there is the other network to reach the machine to make changes, maintenance, monitoring etc.
Logged
techidave
Supporting Member
**
Posts: 937


see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #4 on: April 24, 2011, 06:35:44 AM »

So was this more commonly done on smaller networks?  Perhaps to reduce the use of a firewall?  Which I don't think I have seen one of these.   Sad
Logged
40hz
Supporting Member
**
Posts: 9,871



A'Tuin

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #5 on: April 24, 2011, 07:14:20 AM »

Like iphigenie, I've seen lots of multi-homed servers. (We currently set up most servers we do with three NICs) But I haven't seen too many PCs with dual NICs in quite a while.

I have heard of doing that in the past in rare cases where the goal was to increase available network bandwith by concatenating multiple NICs. But most of that came to an end with the advent of affordable 100Mb and faster NIC cards. However, it was mostly done, as others have already noted, to provide separate networks for security purposes; or to move bandwidth hogs (video conferencing, etc.) onto their own 'channel.'

Be interesting to find out why your friend's network was set up that way. General network security can be better (and more economically) provided by your standard WAN/LAN NAT+SPI router/switch combo. So I'm guessing it was done for performance purposes.

I'm curious. Do all his machines also have something like a heavy duty analysis or financial app constantly running in the background?

I know some brokerage-type businesses who do something similar. They use multiple NICs in their machines to better accommodate those apps since they need to be kept updated in near real-time. (They also have a dedicated T1 on the WAN side just for those apps as well.) But that's a pretty odd duck client requirement.

 smiley
« Last Edit: April 24, 2011, 11:35:02 AM by 40hz; Reason: Added a missing \"of.\" » Logged

Don't you see? It's turtles all the way down!
techidave
Supporting Member
**
Posts: 937


see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #6 on: April 24, 2011, 07:30:22 AM »

The business is a small manufacturing type... they do welding.  They do run quick books for billing and inventory purposes. And I do believe it is run from the server but not sure about that.  They do have some CAD programs but I do not know if they are server based or not.

With only 3 machines, I wouldn't think it would get hit too hard.  The secretaries machine is used most of the day while the other 2 are just hit and miss.  It has a 10/100 switch and also a newer looking gigabit rack mount switch.  I do not know what feeds what.

I may just have to dive into it one of these days and see what is what.
Logged
40hz
Supporting Member
**
Posts: 9,871



A'Tuin

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #7 on: April 24, 2011, 07:46:23 AM »

The business is a small manufacturing type... they do welding.  They do run quick books for billing and inventory purposes. And I do believe it is run from the server but not sure about that.  They do have some CAD programs but I do not know if they are server based or not.

With only 3 machines, I wouldn't think it would get hit too hard.  The secretaries machine is used most of the day while the other 2 are just hit and miss.  It has a 10/100 switch and also a newer looking gigabit rack mount switch.  I do not know what feeds what.

I may just have to dive into it one of these days and see what is what.

Let us know if you do. Wouldn't be surprised if it's related to the Cutting the End Off the Sunday Ham rationale. Grin
Logged

Don't you see? It's turtles all the way down!
techidave
Supporting Member
**
Posts: 937


see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #8 on: April 24, 2011, 07:53:52 AM »

40hz... your rationale could be righter than you know.  The secreatry told me once that the guy who set this up came in one time and said, "and why did we do it this way"?

makes you wonder, huh.

I haven't been involved in networks all that long.  Only since 2002 and that has been only in school settings (small ones).  but not this small and I hadn't seen anything like this before.

I will let you all know what I find out.
Logged
40hz
Supporting Member
**
Posts: 9,871



A'Tuin

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #9 on: April 24, 2011, 11:16:59 AM »

If you have one 10 and one 100mb card in each I'd guess they simply upgraded their network to 100 someplace along the line and left the old cards in there "just in case." If you run ipconfig /all it will give you the ip and gateway address for each card. If they're all on the same network, that's probably what happened.

Another possibility: Some of the older network laser printers only had a 10mb card for the longest time. Some of them never worked reliably with the newer auto-sensing switches. So rather than configure specific ports on the switch to only use 10mb speeds, it was just easier to leave the old 10mb network (usually with a "dumb" hub) up for communicating with the printers. A lot cheaper than buying a new large format plotter for blueprints.

I'm almost positive both cards will be on the same network however. Otherwise each PC's network stack would be forced into "router mode" to arbitrate between the two separate address ranges. Under XP, that was never too reliable or wise a thing to try and set up. And the performance hit would have been significant and noticeable.  

Legacy. Gotta love it.  Grin
« Last Edit: April 24, 2011, 11:40:05 AM by 40hz » Logged

Don't you see? It's turtles all the way down!
Gothi[c]
DC Server Admin
Charter Honorary Member
***
Posts: 855



see users location on a map View Profile WWW Give some DonationCredits to this forum member
« Reply #10 on: April 24, 2011, 11:56:47 AM »

At work (Hosting company) we run a quad-nic setup.

* Two NIC's for internal (LAN) traffic.
* Two NIC's for internet (WAN) traffic.

In VmWare the two LAN NIC's are grouped, and the two WAN nic's are grouped for redundancy. (if one link goes down, the other one remains up.) - They are also connected to four switches, that are also set up in a redundant manner.

This allows a physical separation between LAN and WAN for security and performance, and a fully redundant network.

Nowerdays with VLAN's you can get away with separating LAN/WAN on the same switch, but many sysadmins and corporations are (with good reason) paranoid enough to not trust their network separation to a VLAN configuration in a switch (which can be hacked to change the config). Physical separation is simpler than VLAN's and not subject to (malicious) misconfiguration in the switches.

Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.067s | Server load: 0.07 ]