Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Becoming a Network Administrator?

Posted by timothy on from the why-not-hire-one-to-show-you dept.

J. L. Tympanum writes "After many years as a star programmer, I have taken a position which involves maintaining and rebuilding the in-house network of a small company. There are maybe 100 machines, a mix of blade servers running Linux and desktop PCs running Windows of all flavors. Basically, I have to learn networking from scratch. I have been given an 'unlimited' budget to buy routers, switches, etc., to set up my own little test network as part of the learning process. So the question is: what's the right strategy here? What routers or switches or other equipment should I acquire? What books should I read? Should I take classes from Cisco, Global Knowledge, my local community college, or somewhere else?"

61 of 480 comments (clear)

  1. Step 1 by nuintari · · Score: 5, Funny

    Run, run as fast as you can, and don't look back.

    --

    --Nuintari

    slashdot : where an opinion can be wrong.

    1. Re:Step 1 by RenHoek · · Score: 4, Insightful

      1) Why does the network need rebuilding?
      2) Where the hell are they getting an unlimited budget from?
      3) Why, if they have money, would they hire somebody who never did any admin work?

      I'm not saying you won't be able to do it, I'm saying you try and figure out their motives and cover your ass with asbestos!

    2. Re:Step 1 by nuintari · · Score: 4, Informative

      And then, in all seriousness.

      Deploy Juniper products where you can. Commit confirmed alone will help keep you sane.

      As for learning how this stuff all glues together and works, that really depends on how you learn. I learn by trying things, and reading the manual, not from a classroom. YMMV, but I have never seen a class that did anything short of an awful job of explaining how networking works. I rely heavily on my peers and Google for ironing out issues that I cannot solve in my lab. Consider attending talks on subjects relevant to your needs, and anything that sounds even remotely interesting. Find someone more skilled than you who can explain shit in your native tongue and attempt to osmosis some talent bit by bit. Oh, and get yourself an O'Reilly Safari subscription, a nook/kindle/whatever, and start, as my friend Jeff says, consuming massive quantities of text.

      And seriously, consider running, you are in for a long, dark road of evil.

      --

      --Nuintari

      slashdot : where an opinion can be wrong.

    3. Re:Step 1 by Capt.DrumkenBum · · Score: 2

      I agree, God help you.
      This takes a major adjustment in your thought process'. From now on it is not your job to do things. It is your job to make sure everyone else can do their jobs.
      Secondly get a bug tracker, or job tracking software setup as soon as possible. (I use Jira http://www.atlassian.com/ but it is rather expensive.) If the request is not in Jira (Or whatever you chose.) then you do not do the job.

      One SA to another: Good luck!

      --
      If I were God, wouldn't I protect my churches from acts of me?
    4. Re:Step 1 by MightyMartian · · Score: 3, Interesting

      What I find is that you'll start out with one plan, meticulously formulated through research and consultation and even after management has signed off on it... And then you'll find out that a half of the plan didn't make any sense or didn't in fact work the way those FAQs or sales people said it would, and the other half will be trounced by new demands from the departments you consulted because they neglected to tell you a part of their needs, or changed their minds, or read some article they read somewhere.

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    5. Re:Step 1 by pvera · · Score: 4, Insightful

      I don't understand why this is modded funny, it is the correct plan of action assuming the move was voluntary. If this is a programmer that is trying to bail out of a sinking ship and this was the only job available at equivalent pay, then it is a completely different issue.

      The biggest red flag is the "unlimited budget" that doesn't cover hiring a properly trained network admin, instead pushing him/her to learn the whole thing from scratch at the same pay.

      --
      Pedro
      ----
      The Insomniac Coder
    6. Re:Step 1 by poetmatt · · Score: 4, Informative

      Underpaid, underappreciated and overworked? Get back to work!

      Network admins, unless they are basically amazing, are in for a typically rough ride through trying to get things to work, as things perceived as small changes can have enormous impact on network stability. Then you get to things like bad password policies, bad hardware policies, bad security policies, bad corporate policy and a good portion of the time network administration is just not worth the time.

      If it were $75-90k a year maybe, but otherwise definitely not worth more stress than pretty much any job that exists today including hard sales.

      Things to do: buy enterprise grade hardware, do not ever compromise on best buy/off the shelf hardware, restrict access as much as possible (and lock down ports as much as possible), make sure all devices go through a firewall (outbound) and all inbound connections go through their own separate firewall (inbound). Make sure that all requests inbound have to be requested from internal. Make sure that as much of inbound connections as possible are over a vpn if external.

      Basics: make use of forwarding, proxies, reverse forwarding, nat. Make sure that all of your DNS addresses which are assigned to computers point to internal DNS only, and that the same applies to the servers. No server should have any DHCP or DNS assignments from the local ISP.

      Redundancy: You must have it. At all levels. Check for cable backups, keep spare parts for everything - power supplies, cables, extra routers, extra server ISO's and images, extra copies of VM's, etc. Make sure you have redundant UPS's. Do not daisy chain UPS's (or maybe you can, someone else will comment- I'm no UPS genius).. Make sure things are not physically linked in a way that when one thing fails, so cascades the rest. This means UPS's with hot swappable batteries. Make sure you have multiple switches and all servers have at least 2 NICs for both load balancing and additional fallover.

      Check for shit people don't think of - check where the servers are located, what cables are running overhead, dust situation, etc. Make sure that the cooling for the server rooms is appropriate and is set up such that if the leak plate (forgot the proper term) floods it won't drip directly on the servers. Check for maintenance schedules, physical and software, check for licensing being followed, check for PCI compliance. Check security requirements for the server room, for the pcs.

      Additional redundancy: virtualize wherever possible, hardware permitting. Offsite backups, offsite hardware backups.

      Additional: prepare for hilariously large amounts of fucker trying to deal with authentication between linux and windows. Linux is well documented and complicated. Windows is well documented and complicated.

      Lastly:
      Keep at least 3-6 full bottles of hard alcohol on hand, a 2 week resignation notice, and a mini-fridge full of beer in addition, and depending on the state you're working in, maybe keep a gun on hand if you're licensed and it's legal.

      Oh and don't forget, being a network administrator has basically NOTHING to do with being a network administrator. It's more like managing a circus of crying babies who have no idea what the fuck they're doing.

    7. Re:Step 1 by dkleinsc · · Score: 2

      Also, to answer the question of what J. L. Tympanum should read, a good starting point: The alt.sysadmin.recovery FAQ.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
    8. Re:Step 1 by malraid · · Score: 2

      unlimited budget? I'll solve your problem for $120K a year.... so.... when do i start?

      --
      please excuse my apathy
    9. Re:Step 1 by bberens · · Score: 4, Funny

      I dunno, seems like a cake job to me. As a programmer I can assure you that the problem is never the network. Just ask the network guys, they'll be sure to tell you. Never mind the trace-route, pings, and FTP client log showing 100 byte/sec transfer speed I have provided, the single green LED graphic on the monitoring tool indicates with absolute certainty that all things on the network are working swimmingly.

      --
      Check out my lame java blog at www.javachopshop.com
    10. Re:Step 1 by h4rr4r · · Score: 2

      So you want to be calling the contractors every time a new company wants to SFTP files to you? Every time you need to allow yet another protocol out from the exec vlan?

      He needs to hire someone who knows what they are doing. Then if he still wants to learn they can teach him.

    11. Re:Step 1 by LifesABeach · · Score: 2

      the request for help kind of sounds like someone's high school term paper that's due in two weeks...

    12. Re:Step 1 by h4rr4r · · Score: 2

      MCSE certified for 10 years now,......Everything that's supposed to be automated ends up needing watched by humans

      I think I found your problem.

    13. Re:Step 1 by DuoDreamer · · Score: 3, Interesting

      This is the best description I have read regarding the Network Admin position.

      When I started as an admin 5 years ago, the company didn't know to care about redundancy, or security. When I started, neither did I. I could build PCs, do some light programming, and had a knack for finding solutions with Google. In that time, I've replaced all network hardware and fixed the topology, expanded from 6 to 20 servers, added virtualization wherever possible, added battery backup to everything (many servers didn't have any UPS), replaced 100 windows 2000 desktops, added 100 more desktops, upgraded the domain from 2000 to 2008, Exchange upgrades twice, migrated all storage to redundant RAID on server or via NAS, maintained DAILY tape backups of all servers, network monitoring via free Linux tools, expanded the network via T1 to include 7 satellite facilities and WAPs with VPN/firewall, and locked down every damned machine so that nobody can install anything. All while providing these people and locations with 24/7 tech support and software instruction. Monitoring scripts are all Perl and PowerShell, depending on OS. All of our network hardware is either Adtran or 3Com (now HP) and I've only had one switch failure in 5 years. No training seminars or certification taken, just lots of reading.

      It pays shit, but its steady.

      FML.

    14. Re:Step 1 by smash · · Score: 2

      You invalidated your advice by suggesting you arent able to distinguish between udp and tcp...

      --
      I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
    15. Re:Step 1 by h4rr4r · · Score: 2

      You missed the joke. I was joking about MS solutions requiring handholding.

      Do you know how to subnet and supernet a network?
      Yup, I am university edumacated. Even done it on real hardware.

      Any companies that want Sysadmins to have MS certs is not a place I want to work. I have a real degree and use grownup Operating Systems :)

    16. Re:Step 1 by oatworm · · Score: 2

      Ha. Ha ha. HAAAAHAHAHAHAHAAAHAHAHAH... *gaaassssp* HAAAHAHAHAHAHAHAHAHAHAHA!!!

      Seriously, most SAs (at least where I live) are lucky if they can break $50-60k unless they're working for a larger firm, and, even then, you have to work your way up to it. As I understand it, there are a few greybeard SAs making six figure salaries, but the vast majority of them are lucky if they make half that. Then again, that sort of thing happens when you can whack a tree a couple of times and have a dozen MCSE/MCITPs fall out. It's also what happens when 90%+ of the enterprise world, attracted by the promise of cheap labor and fixed operating system costs, decides to embrace Microsoft and its products with extreme prejudice.

      Why? Well, because it's so much easier (and cheaper!) to find MS-specialized help...

    17. Re:Step 1 by mjwx · · Score: 3, Funny

      As a programmer I can assure you that the problem is never the network.

      Damn straight,

      It's never an easy job because we keep everything working so well.

      Never mind the trace-route, pings, and FTP client log showing 100 byte/sec transfer speed I have provided

      Takes end users machine, turns off torrent clients, twitter clients, RSS feeds and streaming radio on the users machine and watches the speed increase to normal levels. Finally I hit the user with a rather large wrench for wasting my time.

      First rule of net admin, The problem is always the user.

      the single green LED graphic on the monitoring tool indicates with absolute certainty that all things on the network are working swimmingly.

      Second rule of net admin: The user lies. The user always lies.

      However Nagios does not lie. Nagios does exactly what I tell it to (that includes not running torrent clients at work)

      So when it comes down to you or Nagios, Nagios wins hands down.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    18. Re:Step 1 by Unequivocal · · Score: 2

      Yeah double ditto. What I'm trying to figure out is how a star programmer can't know anything about networking? Every great programmer I've ever met knew a ton about hardware and networking, all the while being deadly with software. I personally think it would be very hard to be great programmer without understanding the bricks you're standing on, in significant detail.

  2. Don't Do It!!! by rwv · · Score: 4, Insightful

    Administering networks is best left to wizards and warlocks.

  3. Odd choices by Apocryphos · · Score: 2

    Why would a star programmer want to transition to network management?

    1. Re:Odd choices by 0racle · · Score: 3, Funny

      It was a very dim star.

      --
      "I use a Mac because I'm just better than you are."
    2. Re:Odd choices by mini+me · · Score: 2

      Because it is sometimes fun to do different things? I, myself, love programming, but I wouldn't want it to be my only job. Life is too short to not have fun doing all sorts of different jobs.

    3. Re:Odd choices by FictionPimp · · Score: 3, Interesting

      My story in a nutshell.

      Hired to program. Soon after system admin leaves. Server's need patching, junior admin screws up some compiles, etc so I step in and fix the server environment. Congrats, you are not a system admin (doh). A few months later, network admin is gone as well. New network guy is hired, but sucks at his job and for some reason doesn't get fired (still can't figure that out). I need the SAN to function properly, and I need the network to function properly. Congrats again, you are a network admin.

      Now the title outside my office says "Programmer", but I haven't written any programs in at least 2 years. I've wrote a dozen scripts to make my life easier, but mostly I spend my time managing, install, patching, supporting, and planning the network and server infrastructure. Somehow I've also managed not to screw it up and have finally gotten to a point where I think I might be good at this. But I miss my compiler....

    4. Re:Odd choices by squidflakes · · Score: 2

      Never, ever, ever, EVER, ever touch a router if you can't proof-read. Seriously. If I could give you one piece if advice, it would be this. Your network config will live or die by as little as a single character or number. permit udp any host 4.2.2.2 eq 52 will ensure a quick escort to the exit.

  4. Why? by AdamInParadise · · Score: 2

    Why did you leave a position as a "star programmer" to move into network administration? Why restart at the bottom of the ladder?

    --
    Nobox: Only simple products.
    1. Re:Why? by billcopc · · Score: 3, Interesting

      Small businesses tend to have rapidly-changing needs and few staff. If they have less development work coming in, and a pressing need to replace a sysadmin, it's perfectly sane to ask the developer if he can switch hats, given sufficient resources and support. For the employee, it keeps him in a job. For the company, it saves them from having to hire a new guy, which is neither cheap nor enjoyable, and they'd have to train the new guy anyway, which is freakin' hard when the senior sysadmin is already long gone.

      I don't think it's such a stretch, the two roles tend to complement each other quite well. A good programmer-analyst already possesses 2/3rds of the knowledge required to be a competent sysadmin. You know the shell scripts will be a work of art :) I don't know why you think it's at the bottom of the ladder, because I see it the other way around. Programmers are a dime a dozen (see China). Good sysadmins are damn hard to find, which is why I have no shortage of contracts coming in from past employers and acquaintances. Trust is a big factor, because really, the sysadmin controls access to every resource, and thus by necessity has unlimited access to all your data and equipment. Who would you trust more, some kid walking in off the street with the price tag still hanging off his jacket, or an employee you've known for years ?

      --
      -Billco, Fnarg.com
    2. Re:Why? by Ironhandx · · Score: 2

      Easy. He was interested in it, and could do a better job with it already than whoever they hired previously.

      I went from Heavy Equipment Operator, to Network Administrator, to General Manager of a Building Supply in exactly the same way.

    3. Re:Why? by sirsnork · · Score: 2

      If he has to ask how to "learn networking from scratch" he can't do a better job then the last guy, and certainly shouldn't be the one they hire to fix an existing mess.

      That sounds harsh but if you don't already know TCP/IP and the basic services on top of it, you're not the one to rebuild a network. Take over maintainence of an already running network sure, get a few years of seeing a working system and how it was setup then maybe.

      Seriously good network admins got their knowledge over decades, by making mistakes and learning from them. Some made more mistakes than others sure, but you can't just pick up a book and expect to be able to do a good job architecting and building a netowrk from scratch.

      If the network is a ground up rebuild, and although thats very very rarely required, you don't want someone who doesn't know subnetting for example and setting up the DNS and DHCP and having to have it up and running in X hours isn't a good way to learn on the job.

      --

      Normal people worry me!
  5. Step #1 by Anonymous Coward · · Score: 5, Insightful

    Hire a professional :)

  6. Welcome to management by characterZer0 · · Score: 5, Funny

    1) Use your unlimited budget to hire a network administrator.
    2) Go golfing.

    --
    Go green: turn off your refrigerator.
    1. Re:Welcome to management by elrous0 · · Score: 2

      Screw golfing, with that budget he could buy a Ferrari.

      --
      SJW: Someone who has run out of real oppression, and has to fake it.
  7. This isn't a boon. It's a curse. by Anonymous Coward · · Score: 5, Funny

    I have this job now and my girlfriend tells me I wake up almost nightly screaming. I can't help but think they're connected.

    1. Re:This isn't a boon. It's a curse. by PrimalChrome · · Score: 5, Funny

      Haven't you seen Inception? You're still sleeping....the girlfriend should have given it away.

    2. Re:This isn't a boon. It's a curse. by dkleinsc · · Score: 4, Funny

      That's clearly crazy talk. Admins don't have time for girlfriends.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
  8. you just need to learn one thing by roman_mir · · Score: 5, Funny

    All you need is the cloud.

    What you do is get a cloud. Just connect all your machines and networks and cables to the cloud and you will be aaaaalright.

    --
    You can't handle the truth.
  9. Oblig. Farnsworth (paraphrased) by Jon.Laslow · · Score: 2

    Getting the core switch out was the easy part. The hard part was getting the core switch out! Hehehehehe...

    1. Re:Oblig. Farnsworth (paraphrased) by elrous0 · · Score: 2

      Here, let me show you the assorted lengths of wire we used...

      --
      SJW: Someone who has run out of real oppression, and has to fake it.
  10. HP Procurve by Anonymous Coward · · Score: 2, Insightful

    Seriously. Stay away from Cisco Gear. Overpriced over complex over hyped. Look at the HP procurve line of switches. They have very good L3 L2+ switches that handle routing for small to large networks. Take the HP networking Fundamentals In Person Class. It is one week long and provides good hands on training. Their gear has a lifetime warranty and FREE Tech support during normal business hours. Did I also mention that Software Updats are FREE. No annual maintenance. Seriously look at HP Procurve. I took a job as a Net Admin 8 Years ago at a company that was an HP shop and have never looked back or ever been dissapointed by their products or support. The 2910al is a great Static Routing Gig Switch.

  11. Ignore Cisco by nbannerman · · Score: 2, Interesting

    Forget Cisco. Phone your local HP Gold Partner - get them to put you in touch with the local HP Business Team. They'll give you free courses and training, and that is the end of that. For 100 networked devices, HP kit will do the job. I don't get the obsession with Cisco - I'm running 8 networks on 10 sites that are all HP, serving nearly 10,000 students and 1200 staff, and we've never regretted bypassing Cisco altogether.

    1. Re:Ignore Cisco by silanea · · Score: 2

      Your point being? If the gear survives in a campus environment it will definitely be just fine in a corporate network.

      --
      Rudolf Hess edited Mein Kampf. He was the very first grammar nazi.
  12. Whatever you do... by Bobfrankly1 · · Score: 4, Funny

    ...don't take any lessons from anyone employed by Sony.

  13. Did you hear that? by DomNF15 · · Score: 4, Informative

    It's the can of worms popping open... You don't necessarily have to "buy" physical routers, switches, etc. These days, you can simulate pretty much any network setup you want via software and see how things work out: http://www.gns3.net/ Also, asking "us" what hardware you should buy is like asking someone what kind of computer you should buy, the question is too general and the answer will depend largely on the business/security needs of the company. Tannenbaum wrote a very good book about TCP/IP networking which you may want to read: http://www.amazon.com/Computer-Networks-Andrew-S-Tannenbaum/dp/0131651838 Aside from that, you should look into the basic requirements for network administration/security and make sure you understand and know how to apply them, the topics listed here could be a good starting point: http://en.wikipedia.org/wiki/CISSP

    1. Re:Did you hear that? by Dishwasha · · Score: 2

      I second this. GNS3 rocks, though you'll need to find the Cisco IOS firmware. Typically you can find these with some google searching for a specific IOS firmware name. You also might want to checkout PEMU for PIX emulation. Unfortunately it hogs up the CPU so you'll want to use a CPU limiter on it, but it works really well. Settings up network bridges, particularly in Windows through loopback adapters, can be a bit challenging, but I was able to take an old multi-cpu Dell 2560 with a decent amount of RAM and Windows XP, run GNS3 and PEMU on it, and connect it to a trunk port on our switch (after restricting the VLANs of course) and we were able to use it to interview potential engineers. We had them configure routers, switches, and firewalls to our specification including seting up NATs to our external VLAN to demonstrate they knew how to do simple things like map things to a public IP, etc. We even modeled and tested a redundant ATM bridge infrastructure and got the ATM configuration just right even before the physical equipment came in to our offices for an upcoming project since none of our network engineers had really done it before. To be able to lab that out we would have had to drop a ton of money just to verify we were capable of doing the project correctly and we were able to finalize the production configuration even before the hardware was drop shipped.

      It's been a while for me, but they had also gotten Dynamips (included in GNS3) running Cisco ASA code, but it was restricted to 7.X. I'm not really sure if they overcame the issues extracting the ADSM firmware with 8.4 or not. Fortunately for me I went from being a star network admin to being a star programmer and I rarely touch the stuff anymore.

  14. Run... by dakkon1024 · · Score: 4, Informative

    I am a 12 year veteran of the field. My official title is Sr. Technical Engineer. I work for a small (15 person) consulting firm. I’m being completely straight w/ you. Start looking for a programming job. This is the end of my advice.
    If you need to fake it for a while, setup w/ a well-respected school in your area for your CCNA. If you have no budget concerns schools w/ equipment stacks and solid instruction will beat out any other option.
    But seriously, you’re making a bad career move, this isn’t meant to be funny.

    1. Re:Run... by Kagato · · Score: 2

      My perception is Network Admin jobs are undercut significantly by offshore and H1B resources. It's tough, has lots of late nights and in the end, once the hardware is in you can be replaced by someone in an office on the other side of the world and some low-wage wiring/data center techs do the local bit. There are some high end router guys who really know switching both on the traditional networking and telephony like SS7 Switching that I think can name their own price, but they are the exception, not the rule.

    2. Re:Run... by dakkon1024 · · Score: 2

      It really depends on the “type of service” For example I work mostly in NYC, mostly as a “rent a CIO.” The cost for a company to stop using my firm is usually too high to justify the savings from another firm. That is the new firm will both be unfamiliar w/ the environment and might epically suck. As we are familiar w/ the client’s environment and have everything documented we can usually continue to charge a fair price any worry little about being undercut. Now if you provide crappy service well that’s a whole different story.
      You can’t replace a router off-shore
      My H1B guy makes more money than me. (Seriously) Americans need to realize the threat of the talented hardworking workforce outside the US and become equally such.

    3. Re:Run... by ncohafmuta · · Score: 2

      I 2nd this.
      Go back to your 9-5 job. Nobody in their right mind would start in this job with hindsight. So take ours.
      It's like having a newborn that gets up at all hours of the night, and NEVER grows up.
      Forget taking a vacation and not having to worry about anything. Maintenance at 3am, check. Network goes down at 3am, check.
      You know those few people you see driving on the roads at 3am? All admins.
      On the other hand, you're usually considered pretty indispensable. But you'll never know it because you'll be wildly under-appreciated.
      If you do do it, resist the urge to grow a beard and get fat. Resist the urge to talk down to end-users, especially since they will most certainly deserve it.
      Never make a policy 'optional'. Never recommend..require. Never assume people can't possibly be that dumb. Prepare for the worst, and then a little further. Think about the possibilities you haven't thought of. Label Label Label. Inventory Inventory Inventory. Document Document Document. Always wear a grounding strap. Dust kills. Heat kills. Don't throw water on a router that's on fire. Educate users that they shouldn't plug one end of a network cable into a wall jack and the other end also into a wall jack. Oh, and don't skimp on hookers.

  15. Hire someone who knows what they're doing by Sir_Sri · · Score: 5, Insightful

    Seriously. If you're learning networking from scratch you are not prepared to be in charge of a network with 100 computers. If you screw it up, you could mess things up for days. Start at the bottom and work your way up, or hire someone who knows wtf they're doing, you could contract in someone (there are always going to be consultants who do network around). Bring one of them in, have them go over some of it with you.

    The 'go read a CCNA book' advice isn't far off. But if you're already in charge CCNA is at least one step down from where you want to be.

    I reiterate: use your money to hire someone else. Either hire them to actually do the job and become network manager, or hire a consultant in (be prepared to see this person regularly for a year or so) to come in and help you get things going. Make sure you have people on staff who actually know what they're doing, and can tell you when you're being an idiot.

    Going from programming to network administrator may as well be going to predator drone pilot. You use computers and networks, and familiarity with computer skills is great, but they are very, if not completely different skills. And while you're at it you need to learn to be a manager, because most programmers don't learn about budgets, HR practices, setting security and devices on the network policy and all that but from the sounds of it you have to decide how to spend money.

  16. Do it this way by mehrotra.akash · · Score: 2

    Configure static IP's on all the machines
    Take a 100 port hub or build it yourself
    connect all machines to it

    Enjoy :)

  17. Views from a New Entrant by imlepid · · Score: 4, Informative

    what's the right strategy here?

    Proceed with caution. Make sure you enjoy networking and that its challenges interest you. Networking is very different from programming and also different from desktop support.

    What routers or switches or other equipment should I acquire?

    I have extensive experience with HP Procurve equipment and I have been satisfied with their stuff. (In the network I manage we have about 120 HP switches.) They are pretty reasonable in price and have a lifetime warranty on their switches and routers (I just got a replacement for a part for something that was manufactured 10 years ago, no hassle). Cisco is good if you like features, have a large network, and enjoy spending money. I would avoid Netgear switches (unless you need a small desktop switch (e.g. GS108) to provide more ports) as I have heard bad things but I have no first-hand experience. Expect to pay around $1000-1800 for a good 48-port Gigabit switch.

    What books should I read? Should I take classes from Cisco, Global Knowledge, my local community college, or somewhere else?

    I would look to achieve a "CCNA level" knowledge. For a network of about 100 devices you won't need much more. You can do that by simply reading a book (e.g. the CCNA prep by Lammle or Cisco Press), self-study (e.g. books alone or with video) then trying to pass the test, or taking a classroom course with Cisco or GlobalKnowledge. The material covered in CCNA is useful even if you use Procurve devices (although vocab will be different, such as "vlan trunking" (Cisco) vs. "vlan tagging" (Procurve, IEEE 802.1Q))

    Background: I managed a network at a scientific research center (1000+ end user devices and a couple hundred servers). Its a mix of Cisco (core) and Procurve (edge). I have been working in networking full time for 2 years (I was in the poster's shoes not long ago) and with computers for about 5 years in a professional setting.

  18. Get it done, then change jobs. by Animats · · Score: 2

    "After many years as a star programmer, I have taken a position which involves maintaining and rebuilding the in-house network of a small company.

    Learn how to do it, get it done, then work hard on getting a better job. Being an administrator for a small network is a miserable job.

  19. Basics by g00head · · Score: 3, Informative
    Assuming you didn't leave out VoIP or Video Conf equipment:

    1. As above, take a CCNA course or find the materials. That will give you a good basis.

    2. Read everything you can in regards to VLANs and how they work/best practices/management by hardware OS

    3. Read everything you can about switch port management (i.e., access port vs. trunk port, again relies heavily on the chosen hardware OS)

    4. Choose your hardware: If money is no object, Cisco is reliable but more upfront and much more for yearly support. HP ProCurve is a very good economical option.

    a. Either way, use two stacked Layer 3 switches for core routing with Layer 2 switches for access layer.

    b. For Cisco products, I'd recommend a pair of stacked 3750X's, with 2960 for access layer switches.

    c. Save yourself pain later - have each access switch trunk to the core stack with an aggregated trunk, one port to each half of the core stack. (if half your core stack goes down, most of your network stays up. If one line/port of the trunk goes down, whole network stays up but speed may be affected depending upon bandwidth used)

    5. Use one VLAN for infrastructure (i.e., switches, servers, printers, appliances), use one VLAN for workstations, use one VLAN for wireless if necessary.

    a. Avoid using VTP, even if it seems like a good idea to you

    b. Do all routing between VLANs on the core stack, access switch trunks should carry all VLANs however

    c. Test the hell out of your config in a lab if you have time, lot less pressure telling them that the project is delayed by testing than telling them all work is delayed because you can't find the problem on the prod network

    d. Thank god you get a test network

    4. Once everything's built, configured, and running well - BACK ALL OF THE CONFIGS UP, and repeat whenever a config change is made.

    Good luck, and you'd really better love troubleshooting problems with very little info to go on...

    --
    "I'd make a wooshing sound, but the post was so far over your head it was inaudible..."
  20. Is networking the easiest thing to learn ? by lsolano · · Score: 2

    I do not understand why people underrate networking as if becoming a network admin can be done just with a " 'unlimited' budget to buy routers, switches, etc., to set up my own little test network as part of the learning process".

    Seriously. Have you asked yourself for example, who's going to do the troubleshooting? Yourself?

    Think about a network admin that asks here what computer, software and books need to buy to become a "star programmer". What would you answer?

  21. This is how I read it... by canadiangoose · · Score: 5, Insightful
    Dear Slashdot,

    I'd like to become an expert in a field in which I have no experience.

    It takes many years for most of the folks working in this field to gain the knowledge required to be effective, but I am very, very smart. So much smarter than most people, infact, that it shouldn't take me more than a month or two to get a firm gasp on things.

    There's just one small problem that is preventing me from teaching myself everything that I need to know to be able to do my job well. See, I'm not smart enough to know how to even begin to teach myself anything about this field. I'm sure if someone could just point me in the right direction, I'm quite sure that I'll be able to make sense of things.

    Also, which vendors provide "easy" buttons on their gear?

    Please advise.

    MrGenius

    --
    Never eat more than you can lift -- Miss Piggy
    1. Re:This is how I read it... by Sir_Eptishous · · Score: 2

      If there were mod points for Snarky you would get em.

      --
      We play the game with the bravery of being out of range
  22. Here's what to do. by Stargoat · · Score: 5, Interesting

    I'm buried so far down here, I'm sure no one will read this. But here is what you need to do.

    1. Before you begin, attend a Cisco / Global Knowledge CCNA bootcamp. You may not leave able to program routers like a master, but you'll learn how networks work.

    2. Visit every PC, Server, Router, Switch. Put eyes on everything. Create a master spreadsheet. Document model numbers, IP addresses. Create Visio documentation of the way your network is set up. Document everything. You need a good deal of cabinets to store it all.

    3. Decide what is the most deficient part of the network, fix it with the simplest solution. If you're using hubs, buy switches. If the routers need to be rebooted constantly, buy new routers. Above all, keep it simple. If possible, stay away from V-Lans, encryption software, Linux, or anything else complicated. Do this every year.

    4. Buy one third of the total number of PCs of the network plus ten percent. Buy only one model. Create a central image with Acronis and modify that image as necessary. Deploy these models. Repeat for the next three years.

    5. Outsource security. That way, when it breaks you can blame someone. At the same time, make sure you can monitor security to prevent breakage.

    6. If possible, outsource your main application. You don't want to support the product that everyone in the institution depends on. You need to keep the network up, not software.

    7. At the end of year one, bring in a network assessment. Tell the assessor what he needs to find before he arrives. Use that the next year to justify your new purchases.

    8. Make sure you stay friends with the president / CEO. When it is necessary to reorganize the server, etc, it will be necessary to have his good will.

    9. Be prepared to work like a sunuvabitch for two years. Take your spouse / GF out when you can.

    10. Don't let them make you program again. You're a network admin. You cannot support your old programming team.

    --
    Hoist Number One and Number Six.
    1. Re:Here's what to do. by starfishsystems · · Score: 2

      The above advice is the best of the lot, in my opinion as a network architect. But you will want to ignore items 4, 5, and 6, since they are not about network design or operations. Instead see item 10. Unless you're agreeing to wear multiple hats, it's not your job to do system administration or application project management. But the rest of the advice is good.

      Network engineering can be quite satisfying, not in the creative way of software engineering but in a more deliberative, methodical way. For all that the space of possible solutions in network engineering is surprisingly large, the space of architecturally sound solutions is much more constrained. But you don't know that yet. The above steps will buy you the time you need to figure out the difference. Proceed cautiously. Know where you are before you decide how to move to somewhere else.

      I'll recommend one item which I think you'll like as a software developer. Use SNMP. Once you've got item 2 down solid and you know where everything is, you really really want to know what it's doing. That way, if it starts doing something weird, you have a hope of understanding why. So you set up Cacti or MRTG or whatever to poll the devices and maintain historical data, and you graph that data and you keep an eye open for weirdness. The basic metric, of course, is traffic through each interface. You can see how close a given link is to saturation, and under what daily conditions. There are other useful metrics that you'll get around to eventually. I can't believe how many people who call themselves network engineers don't do this. Maybe it's because they don't think programmatically. That's your advantage.

      --
      Parity: What to do when the weekend comes.
  23. Re:Best advice by smash · · Score: 2

    Be very careful in meeting requirements. You shitty home grade un managed gigabit switch is not suitable for pushing gigabit to office desktops for example. Leave home user grade shot at home. Not all "gigabit" switching hardware is equal. Pay attention to backplane bandwidth. If it's not listed in the product specs, there is probably a reason for that (i.e. It's shit :-P)

    --
    I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
  24. Suggestions - Have Backup! by OMA1981 · · Score: 2

    There doesn’t seem to be many serious responses here. My recommendations

    Find a consultant who 1) knows his/her stuff, 2) you trust, and 3) is willing to sit with you and explain what they are doing, why they are doing it, and review your work when you make changes (preferably before the changes are made). You don’t want to be learning from someone who is wrong and you will need someone to fall back on when things get really hairy (and they will, I promise). You also need to set expectations with the consultant early. They need to understand your intention is to manage the network yourself and not rely on them 100%. Consultants often are reluctant to release passwords to someone if they believe you will only screw stuff up and then likely blame them for the failure (though not to imply that a consultant would ever forcibly withhold passwords). They need to know up front this will be a dual-managed environment and have an accurate understanding of your expectations of them.

    I highly recommend a few structured professional training courses. Go to their training facilities for the classes (minimize distractions while learning). Wait till you are a little more experienced before trying online at home courses. For intro level network stuff, nearly any vendor will do. Pick one and roll with it. Just don’t get too caught in certifications. They are great and all but won’t give you what you need to run a network. You need *practical* knowledge. Save the certifications for when you want to leave this job.

    Consume any information you can: books, podcasts, YouTube How-To’s, etc. Just remember, trying to find time during what will soon be your very busy schedule to read books and play in your lab will be tricky. Hence the structured professional training above. CCNA books are considering to be a good starting point. Just remember, these only teach fundementals. When it comes to "how will this router react when I make this change", those answers take time and experience to learn.

    As for the lab, get a minimum of two switches, two routers, and two firewalls. They should match or be smaller versions of what you have in production wherever possible (if the lab doesn’t closely represent production, it won’t help much when you try to reproduce problems or test solutions). This will give you enough to build most typical network scenarios. Beyond that, it’s a crapshoot on lab gear. When it comes to hardware vendors, buy what fits your need. I don’t personally care if it’s Cisco, HP, Brocade, or Bob’s Networking Stuff. I would encourage keeping the total number of manufactures low in order to maintain manageability but which manufactures you choose is a business question only you and your company can answer.

    --
    The less you talk, the more people hear you say.
  25. Dear Slashdot by hawguy · · Score: 2

    Dear Slashdot,

    After many years as an expert carpenter, I've found a need at my current employer for a plumber. I've made extensive use of plumbing in the past both for input and output and know I can handle the work. Many of the concepts are the same between carpentry and plumbing (i.e. cutting things and joining things), so I only need to brush up on the mechanics of how to do it. The pipes in our current building are all old and leaky, so we want to replace them. I have been given an 'unlimited' budget for pipes, tools, etc to set up a small toilet in the basement and after that I plan to replace all of our plumbing. What tools and materials should I acquire? What books should I read? Should I take classes?