Capacity Planning for Networks
There are a ton of components in a network which work together in order to provide end-to-end connectivity between wireless, wired, and remote devices across a business or home network. Planning for adequate capacity is often overlooked and can be one of the most important components towards properly developing a network. This guide primarily focuses on businesses, though it can also be applied to Home Lab environments.
Table Of Content
ISP Plan (Package)
Often times, the most overlooked aspect is the subscribed package from your ISP. You could have a great internal network with 10-40 Gbps, but be bottlenecked by your ISP’s provisioned bandwidth. There’s no ‘one-size-fits-all’ approach for determining the amount of bandwidth you need, but there are certain recommendations you can follow:
- Each video stream will require up to 2 Mbps, HD up to 5-6 Mbps, and 4K up to 20-25 Mbps.
- Social Media can require bursts of 5+ Mbps when fetching some types of content.
- Video conferencing (Zoom, Teams, Meets) require ~1-2Mbps for HD, and 0.5Mbps per participant stream.
- Music streaming is fairly lightweight requiring 0.5 Mbps for consistent results for high-resolution audio streams.
If you plan on having 10 users stream video all day in HD quality, you will ideally want a package in excess of 50 Mbps to keep total utilization under 80% to prevent Bufferbloat. It’s important to take note of your upload speeds if you are on a Cable or DSL package, as these are typically much lower than Fiber-based plans. If you will be streaming video, or having a lot of concurrent video calls, you will also want to ensure adequate upload speed for your users.
Handoff
The most basic types of handoff would be that from a Cable or DSL modem which connects into your network. This is typical for small businesses and residential connections, though it can be commonly seen in other places such as hotels and restaurants, including chains. Growing in popularity and becoming more common is fiber-optic handoffs facilitated through GPON. For businesses with high-bandwidth needs, having a fiber-optic handoff isn’t uncommon, it’s actually fairly typical. In these instances, handoff is often facilitated over a switch or router, in-addition to ISP equipment for monitoring, backup, etc… depending on the needs and what was installed.
When dealing with Cable and/or DSL Handoffs where supported, you’ll want to ensure you are either using your own hardware, or have the existing equipment placed into a “bridge” mode. Often times ISP equipment, even that provided at a business-class level can be easily overwhelmed and may not be able to hold up to increased PPS (packets per second) from higher bandwidth plans, or with a ton of users online concurrently. If you have a fiber-optic handoff from your provider, you often can pick between an RJ-45 (copper) or SFP/SFP+ handoff, depending on what your equipment requires and what the ISP has provided. If you require SFP/SFP+, please indicate this to the ISP so that adequate equipment can be provided, if available. It should be noted for residential connections, you likely do not have a choice beyond what is included, unless you can purchase/use your own third-party equipment.
Router/Firewall
Having a properly sized router for your network is one of the most important items to ensure you have running. Depending on the type of router and feature(s) enabled, your router can easily become the bottleneck in many instances. Ensuring that a router has been properly sized for a location is vital towards ensuring fast connectivity and happy users. For businesses, ensuring that you have a proper “business-grade” router, and not an off-the-shelf router can be a major improvement, as well as purchasing one which is rated to handle your incoming network speed(s).
Since your router in many in many instances also acts as a firewall, you’ll want to also make sure you give some leniency for that overhead as well when searching. It is important for businesses to implement proper access control and tiered access across networks, especially if they will be shared with POS terminals or other devices which require PCI compliance. Despite how small a business may be, PCI is a requirement mandated in order to have POS (credit card) terminals at a business or establishment. If these requirements aren’t needed, then perhaps a lower-end router would suffice as long as bandwidth needs are not high.
Features like IDS/IPS, SSL Inspection, DPI, VLANs, and Web/DNS Filtering are important to some businesses, especially those required to block websites under CIPA or similar corporate/localized requirements. These can often come with increased CPU, due to their nature of implementation (and usage). For guest networks, typically only Web/DNS filtering is done as well as client isolation/blocking from internal/private subnets.
Switches
At minimum, 10 Gbps connectivity for uplinks is a necessity for all switches with 24 or more RJ45 ports. Preferably over SFP+, but RJ45 10 Gbps is sufficient as well. Medium and Large Businesses should be considering purchasing dedicated 10 Gbps switches to provide supporting clients which need the faster connectivity that option. With having 1 Gbps uplinks, even in a LAG/LACP configuration, you are held down to consuming additional ports for additional bandwidth, given your aggregation protocol supports it. This could be per-design, though now-a-days the optic costs between 1 Gbps and 10 Gbps is fairly insignificant unless we are talking about an ISP handoff or transit.
If your switches support stacking, that is another great method for providing faster inter-connectivity between each switch stack. The speed depends on the capabilities of your switches, but take for example the Meraki MS225-48FP switches, we are given 80 Gbps across the stack when counting both directions. We are then able to use the 4x SFP+ ports to provide up to 4x 10 Gbps connections if needed.
Access Points
Wireless can be difficult for smaller and medium sized businesses simply due to the lack of knowledge surrounding implementation. Depending on the requirements you might need, including but not limited to: captive portal, multiple SSIDs, roaming, concurrent clients, and/or range will heavily impact the type of access point (and quantity) which would be recommended for your business. Determining the quantity necessary is dependent on a variety of factors, but the best way is through a WiFi Site Survey where a company can physically map out the property and individually test every room, tuning APs along the way to provide adequate coverage.
At the time of writing this in 2023, it only makes sense to be deploying 802.11ac (Wave 6) capable access points for a business, regardless of size. Even if your connection isn’t faster than 100 Mbps, having this type of equipment provides faster LAN connectivity and allows for less airtime to be used when needed. There is nothing wrong with WiFi 5 equipment, but it will become dated much sooner and potentially require replacement as networks continue to increase in speed and user demand.
Guest Networks
While business needs for bandwidth can often be calculated and are predictable, guest networks often have very different requirements which makes it difficult to be implemented alongside a corporate network. Many hotels and businesses have resorted to having an entirely separate guest network from their corporate network, which is a bandaid to the overall problem. That’s not to say that segmentation to a separate network isn’t good, it just isn’t always required and is often done as a cost-saving measure rather than addressing the bandwidth problems altogether.
In the instance of a hotel, you often can see the highest usage in the morning (7-10AM) and at night (6-10PM). During this time you could have anywhere from a handful of guests to a few hundred attempting to use the hotels network concurrently, on top of the existing traffic from housekeepers, employees, and/or POS terminals to process payments. There’s a number of ways to combat this and ensure guests and employees experience a fluid experience online:
- Quality of Service
- Depending on capabilities of AP, Switch, and/or Router:
- Category “Low/Medium/High/Critical” per user.
- Category per network port.
- Category per group or entire subnet.
- Prioritization/De-priorization of specific websites/applications/users/groups.
- Depending on capabilities of AP, Switch, and/or Router:
- Bandwidth Limits
- Limit per user/network/SSID/group/subnet.
- Can provide Employees with Unlimited and Guests with 10 Mbps download / 2 Mbps upload, for example. Could then apply a overall limit of 150/20 for guest network and 50/10 for corporate/employee network.
- Multiple WAN Connections
- Not recommended unless ISP package cannot be upgraded or for cost prohibiting measures
- Can either combine multiple connections together, or separate them based on guest/employee or similar.
Guests can often be some of the most intensive clients in terms of bandwidth, especially with the way certain features such as application and OS upgrades are implemented into modern devices. Many devices are configured to perform updates while a device isn’t being used, typically between 12AM and 4AM. Additionally, with a ton of users loading content ranging from webmail to HD video, the needs can differ from one minute to the next. Unlike business devices, we cannot control when these devices attempt to backup or update, but we can deprioritize them.
Going back to our example, let’s say a hotel has a 400/50 package from their ISP and they wish to share this between employees and guests. We’d want to allocate approximately 60-75% to guests, and 40-25% to employees/corporate networks. We can configure QoS to hard-cap the guest network at these limits, but allow the employee network to use the guest networks bandwidth at an equal or higher priority. You’d likely also want to apply a per-user limit on the Guest network at say 25 Mbps download and 4 Mbps upload. This prevents any single client from using the entire allocation for a network, and making it so you’d a large number of users consuming bandwidth before users would notice it, and even then the employee/corporate network wouldn’t be impacted.
No Comment! Be the first one.