Slashdot Mirror

← Back to Stories (view on slashdot.org)

Setting up a Small Office Network?

Posted by Cliff on from the for-those-new-to-it dept.

A not-so-anonymous Anonymous Coward asks: "I am embarking on a startup with some business contacts. I'm the only tech-guy in the group so I'll be the one to set up the network for our small office of 5-7 people. I've spent the last 15 years immersed in the development end of things (numerical analysis software and parallel computing codes). The downside of this is that I'm quite naive when it comes to networking: there's always been someone else taking care of revision control, backups, security, servers, etc., even purchasing stuff and running cable. What advice would you give someone who isn't afraid to roll up his sleeves, but is starting from ground zero on setting up a small office network? Can you recommend any books that are up-to-date and practical (e.g. "howto")?"

1 of 88 comments (clear)

  1. Doing that myself actually... by adturner · · Score: 5, Informative

    I'm employee #3 at a small startup. Since I'm the only one with an IT background (Unix, networking and security) I get to do all the IT work + the other work.... Lucky me. Here's what I did:

    Our server is a Supermicro dual Xeon box w/ Adaptec SATA hardware raid controller doing RAID10 (4x250G drives) with a Quantum VS160 DLT drive for backups. Works great and was cheaper then Dell. Linux support is great as I'm sure Windows is if you want to go that route. If you go Linux, you should only consider XFS or ext3 since those are the only journaled, relatively stable FS with a version of dump. You'll need dump (or xfs_dump) to do incremental backups once your data is larger then a single tape and tar/star won't do anymore. (Note, XFS may be unstable under LVM2... before picking it, you should do some research, but ext3 seems rock solid so far.)

    OS is CentOS 4.1. Has been very stable except for doing LVM2 snapshots. :( Apparently 2.6.x still hasn't worked out the bugs for LVM2 snapshots and you can get a hung kernel. LVM2 is still worth it since it allows you to resize partitions. Just don't put your root partition on it.

    I've standardized on putting user accounts in OpenLDAP. Was somewhat a pain in the ass to setup, but now that it's working it's really worth it. Currently we have authenticating off of LDAP:
    - Unix accounts
    - SAMBA
    - Jabber
    - Bugzilla
    - Snipsnap (wiki)
    - Subversion (source control)
    - Apache (HTTP Authentication)
    - WebCal (calendaring)

    Currently we outsource email, but once we bring that in, we'll do that too. Everyone loves having only ONE password which is ALWAYS in sync. Makes creating new user accounts a breeze too since there's only one database to manage.

    Of course there's all the other tools like CruiseControl, Doxygen and ViewCVS which make the developers life easier. YMMV depending on your needs.

    Run DHCP and DNS (I use ISC's dhcpd and bind9) and turn on dynamic updates of DNS via DHCP so you don't get in the trap of using /etc/hosts files. hosts files work fine when you're small, but don't scale at all and getting bind/dhcpd working is easy enough where you might as well do it from the start.

    As for network wiring, get yourself a spool of Cat5e, some RJ45 connectors (make sure they're for solid cable, not stranded), a tester and an Ideal Rachet Telemaster. Yes you can get cheaper crimpers, but they suck and you'll hate yourself for trying to save $15.

    I've standardized on Dlink DES-1026G switches. They're 24 port 10/100 with 2 Gig ports for your servers or stacking. Cost is under $200 if you look on Froogle. According to the specs, they're "real" switches with a decent backplane. I personally prefer managed swithes with VLAN's, but when you're a startup, $$$ matters.

    For small companies, VoIP seems to be the way to go, but once you're around 50 people, going with a real PBX seems to be the cheaper option. Either way, expect relatively high startup costs associated with getting the related phones/etc installed and configured.

    As for firewalls, well run what you know. Most firewall insecurity comes from miss-configurations, not flaws in the firewall itself. If you know how to harden a box and run iptables, I still wouldn't use that since there is a lot of effort involved. Just find some packaged firewall (OSS or COTS) which meets your needs.

    Just remember to do things right the first time. It's better to put in some long hours initially to get things running well then fighting fires each week when problems start happening as you grow.

    -Aaron