Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking
Uploaded by RAHUL VLOG

Transport Network Design

advertisement 
Transport Network Design
RAGHUNANDAN CHAUDHARY
0
HND / THIRD SEMESTER
Transport Network Design
Table of Content
Part – 1
Network Design
3
Network Lifecycle Models
4
Network Design Principles
5
Layer of Network
7
OSI Model
8
TCP/IP Model
10
Features of Scalable Network
11
Cisco Enterprise Architecture Model
12
Issues related to Redundancy
14
Spanning Tree Protocols
14
Solving Bandwidth & Load Issues
15
Selecting Network Device
15
Implementing LAN Design with Layer 2 & 3 Redundancy
16
IP Planning Table
17
Analyzing PVST+ & Rapid PVST+ Protocols
24
Analyzing Layer 3 Redundancy
25
Ether-channel Technology Solving Bandwidth & Load Issues
27
Conclusion
28
Part – 2
WAN
28
PPP
29
Frame Relay
30
DSL
30
WAN Technology
30
Private WAN Technology
31
Leased Lines
31
RAGHUNANDAN CHAUDHARY
1
HND / THIRD SEMESTER
Transport Network Design
Dialup
31
Ethernet WAN
31
Public WAN Technology
32
DSL
32
Wireless
32
VPN Technology
33
VPNs
33
Remote Access
34
Site-to-Site
34
Deploying Network Monitoring & Troubleshooting Documentation
35
Troubleshooting Methods
42
Syslog server
43
NTP Server
43
SMP
43
OSI Model
43
Conclusion
45
References
45
RAGHUNANDAN CHAUDHARY
2
HND / THIRD SEMESTER
Transport Network Design
PART 1
Explore LAN design principles and their application in the network design
process.
Network Design
Network design is the practice of planning and designing a communications network.
Network design starts with identifying business and technical requirements and continues
until just before the network implementation stage (when you actually do the work to deploy
and configure what was designed). Network design includes things like network analysis, IP
addressing, hardware selection, and implementation planning. Network design is a category
of systems design that deals with data transport mechanisms. The objective of network design
is to satisfy data communication requirements while minimizing expense. Requirement scope
can vary widely from one network design project to another based on geographic
particularities and the nature of the data requiring transport.
These developments require existing infrastructures to be adapted and that the design of new
networks mitigate best-effort delivery issues, avoid low bandwidths and high latency
problems and be based on traffic priority. (Latency = to describe delays in communication
over a network) Latency meaning in networking is best thought of as the amount of time it
takes for a packet of data to be captured, transmitted, processed through multiple devices,
then received at its destination and decoded. Bandwidths is the maximum amount of data
transmitted over an internet connection in a given amount of time. Bandwidth is often
mistaken for internet speed when it's actually the volume of information that can be sent over
a connection in a measured amount of time – calculated in megabits per second (Mbps).
RAGHUNANDAN CHAUDHARY
3
HND / THIRD SEMESTER
Transport Network Design
Network Lifecycle Models
1. Prepare
This is where you define high-level requirements and strategy. For example, your
deliverables from this phase may include requirements documentation and current state
surveys.
2. Plan:
This stage deals with specific network requirements based on information gathered in the
planning stages.
3. Design:
During the design stage, the information gathered from the previous two stages is used to
create a detailed network design.
4. Implement:
This is where the work gets done to configure and deploy the network infrastructure. There is
often testing to validate the design in this phase.
5. Operate:
This is the portion of the lifecycle where the network is in production use. During this stage,
monitoring is an important part of validating that the network is working as designed and
being able to quickly address issues when it isn’t.
6. Optimize:
At some point in most networks’ lifecycle, tweaks and optimizations are needed. This is the
RAGHUNANDAN CHAUDHARY
4
HND / THIRD SEMESTER
Transport Network Design
stage where those changes are identified. For major changes, the cycle begins again to plan
and implement them.
Network Design Principles
In order for enterprise networks and internet infrastructures to meet expected demands, their
design will have to take into consideration principles such as availability, scalability,
resiliency, reliability and quality of service (QoS).
Availability
Critical business applications have been accessible to authorize persons during all the time,
most of the companies work for 24/7. It should have the alternative ways to accessing the
critical applications in case of failure of main medium or link, for example you can use the
dialup connection as backup. The goal of availability while designing the network is setup the
redundancy so that resources are available to authorize people at all the time.
Scalability
Our network should be scalable for future improvements and installations. Your design
should be flexible enough to merge acquisitions. As a result, network engineers designing
and supporting enterprise or Internet needs, such as converged network traffics, centralized
control and mission-critical applications.
Resiliency
In computer networking, resilience is the ability to "provide and maintain an acceptable level
of service in the face of faults and challenges to normal operation. Threats and challenges for
RAGHUNANDAN CHAUDHARY
5
HND / THIRD SEMESTER
Transport Network Design
services can range from simple misconfiguration over large scale natural disasters to targeted
attacks.
Efficiency
We can provide the efficiency with placing the best hardware and software in the network.
Also make sure that your network equipment is cost effective, you can also build the most
efficient network with choosing the most suitable and cost-effective hardware and software.
You can provide the efficiency with QoS, AAA and filtering. AAA stands for authentication,
authorization, and accounting. AAA is a framework for intelligently controlling access to
computer resources, enforcing policies, auditing usage, and providing the information
necessary to bill for services.
Functionality
All network applications and devices should be performing all the functions properly. You
have to make sure, does your network infrastructure suppose the all the services running in
your network? For example, you are using the Microsoft dot net then you have the enough
bandwidth and hardware to work your applications to work efficiently.
Manageability
You can manage your network using different tools like Cisco works or tools that can
improve control over the network like capacity management, monitoring performance and
detecting fault. You also need to manage the network security.
Performance
We also need to focus of network performance during designing the network, make sure that
all your applications and devices have bandwidth they need.
Hierarchy
A hierarchical design separates a network into distinct layers, where each layer has a series of
functions that define its role in the network. Because of this, a network designer can choose
the optimal hardware, software, and features to take on a particular role for that network
layer. A hierarchy is an organizational structure in which items are ranked according to levels
of importance.
RAGHUNANDAN CHAUDHARY
6
HND / THIRD SEMESTER
Transport Network Design
Layer of Network
Cisco has three layer or three-tier hierarchical network model. It divides critical flat
network multiple and manageable networks. Each level within hierarchy focus on particular
set of roles. This model renders The Sage Group Plc. with high degree of flexibility to attain
optimization and make appropriate selection of feature, software and hardware. This
comprises of access layer, distribution layer and core layer.
1. Core Layer
This is the layer that routes traffic between different geographical sites. In other words,
it’s the network backbone. The core layer is where high-throughput, expensive core
routers shine.
2. Distribution Layer
The distribution layer sits between the core and access layers. It acts as a boundary and
implements network policies to restrict or allow data flows between different subnets
within the network. Less expensive routers and L3 switches are the common workhorses
of the distribution layer.
3. Access Layer
The access layer is the layer for endpoint devices like user PCs, printers, and VoIP
phones. Smaller “access switches” are responsible for switching packets and routing
traffic at this layer.
3 Tier Design Model
layer
Two-tier design model
It is appropriate for small to medium sized campus networks in which distribution as well as
RAGHUNANDAN CHAUDHARY
7
HND / THIRD SEMESTER
Transport Network Design
core functions are combined into a single layer. This is referred to as collapsed coredistribution architecture. This model shares various characteristics with partial mesh model,
but there are certain additional benefits. This model is used within metropolitan settings in
which cost is reduced but still some redundancy exists.
Network Design Models
The networking model describes the architecture, components, and design used to establish
communication between the source and destination systems. Aliases for network models
include protocol stacks, protocol suites, network stacks, and network protocols. There are 2
predominant models available. Open Systems Interconnection (OSI) Model & Transmission
Control Protocol/Internet Protocol (TCP/IP) Model. (Aliasing refers to the process of creating
and configuring multiple IP addresses on a single Network Interface).
OSI MODEL or LAYER
1. Physical Model
This layer deals with electrical, mechanical, functional, and procedural characteristics of
physical links. Network topology comes under this layer. One prominent aspect of the
physical layer is encoding. Encoding refers to the representation of data. The objective of
encoding is to ensure the maximum probability that the message, being transmitted is sent
without any errors. There are different types of encoding available. They differ in the way the
0’s and 1’s are represented. Basic representation is -5V signal for 0 and +5V signal for 1.
2. Data Link Model
The main responsibility of the Data Link Layer (DLL) is ensuring Flow Control, Error
Control, Access Control, Framing, and the reading of physical addresses.
Framing: The process of taking a packet from the layer above and adding a frame to the
packet is called framing. The frame includes data such as the end of the packet, message
length, etc. to achieve accurate information at the receiving end.
Flow Control: DLL restricts the size of the traffic and waits for the receiver to acknowledge
the first batch of frames before sending the next batch.
Error Control: Due to long-distance transmission, sometimes the bits of information might
get corrupted. The corruption of bits leads to poor service. Listed below are a couple
approaches to handling data corruption.
RAGHUNANDAN CHAUDHARY
8
HND / THIRD SEMESTER
Transport Network Design
3. Network Model
The network layer is one of the most important layers. It enables many features such as:
Address Assignment: IP addresses are assigned to the host. There are two ways of assigning
addresses: Static and Dynamic. Static addresses are assigned manually and do not change
under any circumstances. Dynamic IP’s, on the other hand, are assigned on an as-needed
basis. Routing: Selecting the route can be done manually or automatically. Today, most of it
is automatic. There are two predominant algorithms used for routing: Distance Vector
Routing and Link State Routing.
Fragmentation: Within the transport layer, there is a constraint on the maximum allowable
size for data. Therefore, bits are segmented accordingly in the transport layer.
4. Transport Layer or Model
The transport layer is the fourth layer in the OSI model and enables the following services:
Reliability: This layer ensures that a packet sent is received without corruption. If not, the
packet is resent. This may add a delay. But, it is suitable for applications where data integrity
is a must. Flow-Control: The rate of sending information is limited by the buffer size and the
receiver capacity. The delays caused due to propagation, queing, and transmission are taken
into account by the flow-control algorithms. Congestion Control: In routers, the entry of
packets can be decided based on the current traffic. Multiplexing and De-multiplexing:
Before the transport layer, the ports do not play a major role. The ports can be thought of as
multiple inputs to the same network channel.
5. Session Model
The inclusion of this layer enables maintaining sessions during browsing. This helps with
implementing authentication, authorization, synchronization, and dialog control. Let us
consider examples to appreciate the significance of the session layer. Authentication: Once a
user logs in, he/she should remain logged in until he/she logs out. Obtaining the status of a
user’s authentication happens at this layer. Authorization: Access rights to specific parts of a
website are given to super-users and admins. Dialog Control: Allows various systems running
applications like WebEx to communicate. The challenge here is to send and receive data
simultaneously, that is overcome by half-duplex or full-duplex protocols under the session
layer. Synchronization: The digital experience relies on audio and video being synchronized.
RAGHUNANDAN CHAUDHARY
9
HND / THIRD SEMESTER
Transport Network Design
The session layer ensures the timestamps of the audio and video received are in the right
order.
6. Presentation Layer
The presentation layer ensures the translation of characters from the original format in the
host system to the format of the receiving system. It also adds encryption and decryption
features. Data compression is handled at this layer.
Encryption: Encryption is the process of translating plain text data (plaintext) into something
that appears to be random and meaningless (cipher text).
Decryption: Decryption is the process of converting cipher text back to plaintext.
7. Application Layer
The entire process begins at the end user’s device. This can be a phone, laptop, server, etc.
The application layer provides the interface for data exchange between the program and the
user. For example, Facebook’s web application/mobile application is the interface through
which we like, share, comment, and perform various other activities. All these activities
generate snippets of data that needs to be transmitted across the network.
TCP/IP MODEL
RAGHUNANDAN CHAUDHARY
10
HND / THIRD SEMESTER
Transport Network Design
The network of networks that we refer to as the Internet is based on the TCP/IP model.
Therefore, it is also referred to as the TCP/IP Protocol Suite. It is a four-layered architecture
specifically built for the internet. The protocol is defined in the IETF (Request For
Comments) RFC 791 and 793. Many of the layers that we see in the OSI Model are not
available in the TCP/IP Model. The internet requires the following features: Reliability,
Security, Traffic Efficiency. TCP/IP model uses TCP in the transport layer and IP in the
network layer. The four layers of the network model are as follows. Application Layer: In
the TCP/IP Model, the Application layer encompasses the first three layers in the OSI model,
that is, Application layer, Presentation layer, and the Session Layer. Transport Layer: This
layer is the same as the one mentioned in the OSI model. Transmission Control Protocol
(TCP) is used in this model. TCP ensures reliability and helps avoids congestion in networks.
Network Layer: Internet Protocol (IP) is used predominantly in this layer. Until recently,
IPv4 was the most common protocol in use. It provided 32 bits for assigning addresses. It
supported around 4.29 million unique devices. In the late 1990s, the number of devices
overtook the 4 million mark, and therefore IPv6 was introduced. IPv6 is the protocol that
allows 4.3 billion devices. It has 128 bits assigned for the network address. Network
Interface: It enables the transmission of data. The layer corresponds to the data link layer and
the physical layer in the OSI Model.
Features of Scalable Network
Internetwork provides unique features, every scalable network possess essential attributes in
common.
Reliable and Available
RAGHUNANDAN CHAUDHARY
11
HND / THIRD SEMESTER
Transport Network Design
This network can be grown up without creating an impact on existing users. They are suitable
for modular devices as they are reliable due to which these networks allow expansion.
Responsive
A responsive network renders high quality services for different protocols as well as
applications without creating worst response for systems. The internetwork needs to be
capable for responding for issues related with latency which are very common in system
network architecture (SNA) traffic but still scalable network routes the packets without
creating any kind of impact on QoS.
Efficient
Large internetwork needs to use the nominal resources, basically this includes bandwidth. It
is affirm able to enhance data without buying WAN services or any kind of hardware. For
this, it is necessary to optimize the redundant broadcasts, routing updates and service location
requests.
Adaptable
They include various protocols, hardware technologies and applications which makes it easy
for the user.
Redundancy
Network redundancy is the process of adding additional instances of network devices and
lines of communication. To help ensure network availability and decrease the risk of failure
along the critical data path.
Hierarchy
Each layer, or tier, in the hierarchy provides specific functions that define its role within the
overall network. This helps the network designer and architect to optimize and select the right
network hardware, software, and features to perform specific roles for that network layer
Scalability
Small failure domains
CISCO ENTERPRISE ARCHITECTURE MODEL
The Cisco Enterprise Architecture is a modular approach to network design. Following are
RAGHUNANDAN CHAUDHARY
12
HND / THIRD SEMESTER
Transport Network Design
the primary Cisco Enterprise Architecture modules: Enterprise campus, Enterprise edge,
Service provider edge. It accommodate the need for modularity in network design, Cisco
developed the Cisco Enterprise Architecture model. This model provides all the benefits of
the hierarchical network design on the campus infrastructure, and facilitates the design of
larger, more scalable networks. The Cisco Enterprise Architecture model separates the
enterprise network into functional areas that are referred to as modules. The modularity that
is built in to the architecture allows flexibility in network design and facilitates
implementation and troubleshooting.
Cisco Enterprise Campus: A campus network is a building or group of buildings connected
into one enterprise network that consists of many LANs. A campus is generally limited to a
fixed geographic area, but it can span several neighboring buildings (for example, an
industrial complex or business park environment). Regional offices, SOHOs, and mobile
workers may need to connect to the central campus for data and information. The Cisco
Enterprise Architecture model facilitates the design of larger, more scalable networks. It
represents the focused views of the Cisco Service-Oriented Network Architecture (SONA),
which concentrates on each area of the network.
CISCO ENTERPRISE ARCHITECTURE MODEL
RAGHUNANDAN CHAUDHARY
13
HND / THIRD SEMESTER
Transport Network Design
Issues related to Redundancy
Redundancy failures
When a redundant link or device is down, it needs to be detected and repaired before the
backup connection also dies. Without the proper level of monitoring, you may not know that
a redundant connection is running on a single link. More than once, I’ve seen network
outages because a both halves of a redundant configuration failed. In many cases the first
failure occurred days, weeks, or months before the second failure, only it was not detected
and reported. In one case, a redundant connection was shut down for troubleshooting and was
overlooked when the troubleshooting session ended. The network outage occurred when the
other connection also experienced a problem. A redundancy failure can be caused by
incorrect HSRP/VRRP/GLBP configuration, failure of a redundant link, failure of a
redundant device, or the application of an ACL/Firewall that blocks an alternate path.
Spanning Tree Protocols
Spanning Tree Protocol (STP) is a link management protocol that provides path redundancy while
preventing undesirable loops in the network. When it comes to ethernet networks, only one active
path can exist between two stations in order for them to function properly. Loops occur in networks
for a variety of reasons. The most common reason you find loops in networks is from trying to
provide multiple levels of redundancy. When having multiple root switches in a network used to
provide this redundancy, the problem that arises is infinite loops between the switches and the end
workstations they’re connected to. If a loop exists in the network topology, the potential exists for
duplication of messages. When loops occur, some switches see stations appear on both sides of the
switch. This confuses the forwarding algorithm and allows duplicate frames to be forwarded.
Spanning Tree comes into play by only allowing a singular path to destinations when having multiple
(redundant) links such as this. In a STP environment, the switches exchange information among
themselves using bridge protocol data units (BPDU) and will then listen in on all ports for this BPDU
message. Once a bridge is turned on, it automatically assumes that it is the root bridge in the STP tree.
The STP software chooses a root bridge and calculates all paths from the lower bridges back to itself.
In the event of hardware failure of a root bridge in the redundant environment, a new root is elected
and port paths would be recalculated. With multiple uplinks, STP is a must in our switched
environment to provide multiple redundancies in case one goes down, another link is there to takes it
place within a matter of seconds. At this stage in our continuously growing network topology, there’s
virtually no way you’ll ever lose the connection to your dedicated server. That is of course you don’t
RAGHUNANDAN CHAUDHARY
14
HND / THIRD SEMESTER
Transport Network Design
reboot the server itself, then that’ll be your expected momentary loss of connectivity.
The Spanning Tree Protocol (STP) is a network protocol that builds a loop-free logical
topology for Ethernet networks. The basic function of STP is to prevent bridge loops and the
broadcast radiation that results from them. Spanning tree also allows a network design to
include backup links providing fault tolerance if an active link fails. As the name suggests,
STP creates a spanning tree that characterizes the relationship of nodes within a network of
connected layer-2bridges, and disables those links that are not part of the spanning tree,
leaving a single active path between any two network nodes. STP is based on an algorithm
that was invented by Radia Perlman while she was working for Digital Equipment
Corporation.
Solving the Bandwidth and Load related Issues
Link aggregation
1. In computer networking, link aggregation is the combining (aggregating) of multiple
network connections in parallel by any of several methods.
2. In order to increase throughput beyond what a single connection could sustain, to
provide redundancy in case one of the links should fail, or both.
3. A link aggregation group (LAG) is the combined collection of physical ports.
Implement a network using LAN design principles based on a predefined
set of requirements.
Selecting Network Device
There are many different suppliers of networking devices, however Cisco has been readily
available and key in developing networks.
There are many different models of routers and switches available from networking IT
providers. Different models will provide different features including different number of
ports, forwarding rates etc. To select the networking devices that was used for the
prototype, the various routers and switches had to be analyzed to see if they would be
suitable to meet the requirements of the network.
RAGHUNANDAN CHAUDHARY
15
HND / THIRD SEMESTER
Transport Network Design
To make this selection, there were various steps that had to be undertaken to ensure that the
appropriate switch and router was chosen. The switch that was chosen was the Cisco 2960
range as there were no requirement to support Power over Ethernet (PoE), it had enough
ports to support the design, with enough spare ports to support scalability of the network
and the routing protocols that needed to be configured on the network were supported on
the switch with the current operating system version running.
Within Cisco, they also have different categories which support enterprise networks. These
consist of Campus LAN switches, Data Centre switches, Cloud-managed switches, Service
Provider switches and Virtual Networking switches.
Due to this prototype following a Hierarchical Design, the switch category that was chosen
was the Campus LAN switch due to it being able to scale network performance within an
enterprise LAN, whilst providing high forwarding rates and multilayer switching. The
Cisco 2960 was a fixed configuration as this provided the network with a variety of port
density configurations, whilst meeting the requirement of scalability.
Similarly, there are different router platforms that network designers can choose from as well
as having differing physical configurations and features that are available.
Within the Hierarchical Design and its distribution layer, routing is required to enable devices
outside the local network to communicate. As a network scales, the network designer needs
to ensure that an appropriate router is chosen to meet the given requirements. There are three
categories of routers: Branch router, Network edge router and Service provider router.
The router that was used in this prototype was the 2901 which is a branch router; this router
delivers optimized experience across WAN infrastructure.
When choosing network devices, the requirements help to define what devices are to be
used. Across different network vendors, their devices support different configurations and
hardware which meet the given requirements. Whilst Cisco was used in this network, there
are other vendors which provide similar devices, however due to other requirements and
needs, Cisco was the preferred choice.
Implementing LAN design with Layer 2 and Layer 3 redundancy
RAGHUNANDAN CHAUDHARY
16
HND / THIRD SEMESTER
Transport Network Design
FIG – Set to work
This is the setting to work for this task; the minimum requirements are to include three
Layer 2 switches, provide redundant link between the switches, use Rapid per VLAN
Spanning Tree (Rapid PVST+), use link aggregation in the main active link and provide a
redundant gateway using a suitable first-hop redundancy protocol, in this case, Hot Standby
Router Protocol (HSRP) will be used.
IP Planning Table
RAGHUNANDAN CHAUDHARY
17
HND / THIRD SEMESTER
Transport Network Design
Subnet
name
Size
needed
Network
Subnet
mask
Assignable range
A
60
192.168.10.0
/26
192.168.10.1
Broadcast
–
192.168.10.63
–
192.168.10.127
192.168.10.62
B
60
192.168.10.64
/26
192.168.10.65
192.168.10.126
C
6
192.168.10.128
/29
192.168.10.129
- 192.168.10.135
192.168.10.134
D
2
192.168.10.136
/30
192.168.10.137
–
192.168.10.139
–
192.168.10.143
192.168.10.138
E
2
192.168.10.140
/30
192.168.10.141
192.168.10.142
X
NTP Server
/24
10.0.1.1 – 10.0.1.254
It shows the addressing scheme that will be used when the design is implemented.
FIG – Additional R1 Config
RAGHUNANDAN CHAUDHARY
18
HND / THIRD SEMESTER
10.0.1.255
Transport Network Design
FIG – Additional R2 Config
As shown in Figure 1 and Figure 2, whilst they show the complete config that is configured
on the stated devices, before the config that is shown in the below figures were configured,
basic configuration was configured on the devices.
This includes encrypting passwords, configuring passwords, in this case “password” was
used, giving interfaces IP addresses and enabling them.
On the routers, whilst not considered basic configuration, Open Shortest Path First (OSPF)
was also configured as a routing protocol to allow the PCs, Servers and Routers to ping
across the whole of the network.
RAGHUNANDAN CHAUDHARY
19
HND / THIRD SEMESTER
Transport Network Design
FIG – Layer 2 Device & Cabling
Defined by the given requirements, within this network prototype, a minimum of three
Layer 2 switches and a redundant link between all of these switches were needed. The
section of this design is one of the features that provides redundancy and link aggregation at
Layer 2 and 3.
As shown below in Figure 5 and Figure 6, the network prototype has been configured with
Rapid PVST+.
FIG – STP Configuration
RAGHUNANDAN CHAUDHARY
20
HND / THIRD SEMESTER
Transport Network Design
FIG – Rapid PVST+ Configuration
Another requirement was to use link aggregation, otherwise known as Etherchannel in the
main active link.
FIG – Ether-channel Config
This prototype needed to provide a redundant gateway using a suitable first-hop redundancy
protocol, in this case HSRP was used.
RAGHUNANDAN CHAUDHARY
21
HND / THIRD SEMESTER
Transport Network Design
FIG – HSRP (show standby)
FIG – WAN Protocol (PPP)
In the task below there were additional requirements that the network engineering
supervisor asked for. These requirements were to add additional security options, in this
case Point-to-Point Protocol (PPP) was configured to support the enterprise network
solution.
RAGHUNANDAN CHAUDHARY
22
HND / THIRD SEMESTER
Transport Network Design
Captured in this figure is the configuration that was configured on R3 within the network
diagram. It has been configured using Challenge Authentication Protocol (CHAP) which is
a hashed version of the password configured which makes it more secure.
Within Task 4 below, there was a requirement to configure network monitoring tools which
can assist network administrators.
FIG – Network Time Protocol (NTP)
Shown in this Figure is the synchronization of the clock to R3 within the network above.
Using the commands “show ntp status” and “show clock”, it shows that the router is
synchronized to use the time configured in the NTP server.
FIG – SYSLOG CONFIG
RAGHUNANDAN CHAUDHARY
23
HND / THIRD SEMESTER
Transport Network Design
FIG – Syslog Server
Captured in both figure is the configuration that is on the routers and the switches within
the network, and the logs that the syslog server has been sent when an event or action
occurred on the network.
Analyzing PVST+ and Rapid PVST+ protocols
A maintain a successful network, redundancy must be implemented and maintained. Whilst
adding extra links provides basic layer 1 redundancy, it also introduces loops into the
network. If a switch connection is lost, another link will need to take over without creating a
loop; Spanning Tree Protocol (STP) is the layer 2 redundancy protocol that is implemented
to solve this problem.
STP has evolved to quickly calculate which ports need to be blocked so that a VLAN-based
network isn’t affected by loops. As mentioned previously, redundancy is one of the main
factors that needs to be considered when designing and creating a network. By
implementing this layer 2 redundancy protocol, it improves the availability of the network
by implementing alternate paths with the use of additional cables and devices.
Per-VLAN Spanning Tree (PVST+) is seen as a Cisco proprietary enhanced variant of STP.
As previously mentioned, STP is the original standard which provides a loop free network
implemented with redundant links; this created one spanning tree instance for the bridged
network irrespective of the amount of VLANs. Due to there only being one root bridge, the
traffic for these VLANs will be sent through the same path, leading to slower traffic and
well as being slow to converge is a connection was lost.
PVST+ is enhanced due to it maintaining a separate spanning tree instance for each VLAN
RAGHUNANDAN CHAUDHARY
24
HND / THIRD SEMESTER
Transport Network Design
that is configured within the network. Each of these instances support Cisco proprietary
extensions such as PortFast, root guard, and loop guard. This protocol allows a VLAN trunk
to be in forwarding mode for some VLANs, whilst blocking others. This protocol allows
spanning tree to optimize the traffic for every VLAN, however similar to STP, convergence
is slow. This protocol load balances traffic at layer 2 by forwarding a number of VLANs on
one trunk and other VLANs on another due to the VLANs being treated as separate
networks.
Rapid PVST+ is seen as a Cisco enhancement of Rapid Spanning Tree Protocol (RSTP)
which uses
PVST+ whilst providing a separate instance of an IEEE standard for each VLAN. As stated
by
Cisco, 2010 RSTP is an evolution of STP “that provides faster spanning tree convergence”.
Unlike PVST+, RSTP provides a single instance of spanning tree and faces similar poor
traffic flow speeds that STP faces. (Cisco, 2010, p.136)
Each instance of Rapid PVST+ supports Cisco proprietary extensions such as PortFast, root
guard, and loop guard etc. This version of spanning tree addresses the convergence issues of
the other versions and the slow traffic flow speeds that is affected due to this. This version
ensures that when a connection is lost, another takes over much quicker.
As discussed, PVST+ and Rapid PVST+ albeit better than their counterparts, both benefit a
network with their effectiveness in solving redundancy issues within a network. These
protect the network from a single point of failure and ensures that a loop does not bring
down the network. Without this protocol implemented, networks would fail to be
redundant, and their availability would be affected.
Analyzing Layer 3 redundancy implementations for IPv4 and IPv6
FHRP
There are different First Hop Redundancy Protocols (FHRPs) that can be implemented
within a network. FHRPs enable an engineer to configure multiple physical routers making
them appear as though there are a single logical router. Using FHRPs make communication
easier due to a single default gateway can be configured and the end machine can use
standard protocols to communicate across the network.
RAGHUNANDAN CHAUDHARY
25
HND / THIRD SEMESTER
Transport Network Design
First hop derives from the first router hop that a packet passes through. Redundancy
protocols, both for IPv4 and IPv6 present a virtual router to the clients on the network; this
router holds its own IP and MAC address, and this IP is the address which is configured on
each of the end devices as the default gateway. The MAC address is what will be returned
when an Address Resolution Protocol (ARP) request is sent by a host.
The redundancy protocol is responsible for deciding which physical router actively forwards
traffic and which one is in standby mode; the standby router will take over from the active
router if it fails.
To allow hosts to communicate outside a local network, a default gateway is required to
allows these packets, from either a LAN or VLAN to reach these remote networks. If the
default gateway fails however, the hosts within the local network will not be able to
communicate out to remote networks.
The solution to this issue is FHRPs which allow default gateway redundancy.
HSRP
Hot Standby Router Protocol (HSRP) is Cisco proprietary and was the first FHRP to be
developed. HSRP is configured on a given interface and that interface will be part of a
standby group. As mentioned above, HSRP has multiple routers configured into a standby
group, which will share a virtual IP address and MAC address, whilst providing a default
gateway. The reason behind having a physical IP as well as a virtual is to provide the
redundancy; these IP addresses can either be IPv4 or IPv6 depending on what the network
uses.
Within HSRP, there is a priority number; one of the routers will have a higher priority
number which means it is the preferred router, thus the active one. The other standby
routers will be configured with the same virtual IP as the hosts hold this as their default
gateway and are not affected if a standby router takes over.
VRRP
Similar to HSRP, Virtual Redundancy Protocol (VRRP) configures multiple routers to form
a single virtual router, however is the open standard of HSRP. Although both HSRP and
VRRP elects one router to handle all traffic that is sent to the virtual IP address, in VRRP a
group will have a master router with backup routers instead of active and standby.
The main difference between configuring HSRP in IPv4 and IPv6 is that for IPv6, HSRP
version 2 must be enabled on an interface before it can be configured, this is not the case for
RAGHUNANDAN CHAUDHARY
26
HND / THIRD SEMESTER
Transport Network Design
IPv4. Hosts that are configured to support IPv6 will learn of available IPv6 devices through
IPv6 neighbour discovery messages. Similar to IPv4 HSRP, IPv6 HSRP will have a HSRP
group number, a virtual IPv6 linklocal address that is derived from the virtual MAC
address. Periodic neighbour discovery messages are sent for the HSRP virtual IPv6 linklocal address once the group is active, however these stop after a final message is send
when the group leaves the active state.
Similar to HSRP, to configure VRRP IPv6, it requires VRRP version 3 to be configured;
the other versions of VRRP do not support IPv6. Once VRRP version 3 has been enabled,
there is also a different set of configuration commands that are used to configure IPv6 from
IPv4.
Although there are differences between configuring FHRP protocols with IPv4 and IPv6,
the theory behind the protocols is the same across the different versions of IPs. The virtual
IP and MAC address are different due to the layout of the addresses and the blocks of
addresses that Cisco allow the protocols to use.
Ether Channel technology solving bandwidth and load issues
Ether Channel
Also known as Port Bonding, Ether Channel is a port channel technology that is used to
group several ports (two to eight ports) into one logical channel. This report will evaluate
the Ether Channel technology and how it helps to solve bandwidth and load issues.
Most networks will usually have a number of links between switches to provide redundancy
and resiliency on the network. Within a network that is configured with STP, this protocol
will put numerous ports into blocking mode to protect the network from loops and layer 3
routing protocols will view these links as individual ones. Once etherchannel has been
implemented, STP and the layer 3 routing protocols will treat the grouped links as an
individual one which will stop STP from blocking the given ports.
There are two aggregation protocols that can be used to implement ether channel; Port
Aggregation Protocol (PAgP) and Link Aggregation Control Protocol (LACP).
PAgP is Cisco’s proprietary protocol that can be used to configure channels and ether
channel on ports. The links in the group must have the same parameters such as speed,
duplex, VLAN information otherwise the ports will not be grouped into a channel. Once
this channel is active, it will be added to STP ad a single bridge port and PAgP will send
RAGHUNANDAN CHAUDHARY
27
HND / THIRD SEMESTER
Transport Network Design
packets in 30 second intervals to manage the link for consistency e.g. link additions,
changes and failures. PAgP uses “auto” and “desirable”; auto enables PAgP only if a PAgP
device is detected and desirable enables PAgP unconditionally.
LACP is non-proprietary, thus is used between other vendor networks. It has the same
purpose as PAgP, however uses different commands to configure etherchannel on the
network. LACP uses the commands “active” and “passive”; active enables LACP
unconditionally and passive enables LACP only if a LACP device is detected.
Ether channel can be configured without PAgP or LACP by using the command “on”,
however Cisco advises one of the protocols to be used to assist with compatibility issues
whilst also managing link additions and failures between the configured switches.Ether
channel helps solve bandwidth issues as it helps achieve greater speeds by grouping links,
thus increasing the amount of bandwidth due to the links being seen as one link instead of
multiple. This technology also solves load balancing issues as it will balance the traffic load
across the links, increasing efficiency on the network. Another benefit of using ether
channel is the redundancy it provides; due to there being multiple links grouped into one
logical channel, there are more available links to mitigate against a loss of links.
Conclusion:
In the end, this part of the report represents the design and prototype of the network
designed for Cyber-link Incorporation along with the detailed documentation of several
redundancy protocols. The design of the bank shows the connection between the branches
and also represents the implementation of Layer 2 and Layer 3 redundancy protocols such
as STP, OSPF, and, Ether-Channel. With the descriptive report of these protocols. And, also
the substitute of the STP which is PVST+ and Rapid PVST+ is compared which shows that
the protocols, when used in the right ways with proper configuration, makes it easier to
differentiate various segment of the network like layers.
PART 2
WAN
A Wide Area Network (WAN) differs to that of a LAN in that a WANs infrastructure is
typically leased from a service provider instead of owning the infrastructure which is usually
what occurs within a
RAGHUNANDAN CHAUDHARY
28
HND / THIRD SEMESTER
Transport Network Design
LAN. Defined by Cisco, 2010, p.200, a WAN is a “Data communications network that serves
users across a broad geographic area and often uses transmission devices provides by
common carriers.”
There are a number of different WAN technologies that can be implemented within a
network. A given set of requirements will define which WAN technology is appropriate for
the enterprise network.
PPP
The first WAN technology that was considered when designing and implementing the given
network was Point-to-Point Protocol (PPP). PPP is a layer 2 protocol which can be used
over different forms of media e.g. asynchronous serial or synchronous serial and will
encapsulate the frames ready for transmission over layer 2 physical links.
PPP uses three main components: High-Level Data Link Control (HDLC), Link Control
Protocol (LCP) and Network Control Protocol (NCP). This protocol relies on LCP for
establishing and maintain the data-link connection, NCP for establishing and configuring
layer 3 protocols and uses HDLC-like framing for transporting layer 3 packets over PPP
links.
Whilst HDLC is the default serial encapsulation protocol, PPP has more features and
transports layer 3 packets across a layer 2 PPP link which is non-proprietary. One of the
features that PPP supports is Link Quality Management (LQM); this monitors the quality of
the link, and if the error percentage falls below that configured, the link is disabled, and
packets will be rerouted or dropped. The other feature that PPP supports is Password
Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP).
PAP is the least secure version of these protocols as the passwords are sent in plaintext and
PAP is performed only when the initial link is established. CHAP is a more secure version
as the passwords that are sent are hashed and is used at the initial start-up of a link and there
are checks that occur periodically on the link ensuring that the router is still communicating
with the same host.
There are three steps to establish a PPP session: First it will go through a Linkestablishment phase, then an Authentication phase, and finally the Network layer protocol
phase. In the first stage, LCP packets are sent by each PPP device to establish and test the
link. If PAP or CHAP is configured on the links, the second phase will take place, where
the password is sent across the authenticate link. The final stage involves using NCP to
allow multiple layer 3 protocols to be encapsulated and sent over a PPP date link.
RAGHUNANDAN CHAUDHARY
29
HND / THIRD SEMESTER
Transport Network Design
Frame Relay
Frame Relay is another WAN technology that could be implemented when designing and
implementing a network. This technology is whereby varied-length packets are transmitted
by switching; this is accomplished by breaking packets into chunks at the sending device.
Each of these packets can be sent over different routes to get to its end destination; these
packets are then reassembled in the correct order at the receiving device.
Frame relay uses virtual circuits compared to physical circuits that are used with leased
lines. Virtual circuits link together the number of devices that are connected to the providers
network and is provided between the two Data Terminal Equipment (DTE) devices,
showing them to be connected via a physical circuit, when they are sending the frames into
a shared infrastructure. The main disadvantage of frame relay is that it only has one single
point of failure, which means that it does not provide a resilient addition to a network.
DSL
The third WAN technology that could be implemented is Digital Subscriber Line (DSL);
this connection technology is considered to be an “always-on” connection which uses
existing twisted pair telephone lines to transport high-bandwidth data and provides IP
services to users.
DSL delivers a dedicated, ppp public network access, and is used between a service
provider’s central office and the customer site that requires access to the Internet.
To allow DSL to work, a modem is required; this converts an Ethernet signal from the end
user’s device to a DSL signal, this signal is then sent to the central office. This technology
is a popular choice for companies due to it supporting remote access users. A user must
connect to an ISP which will then establish an IP connection through the Internet to the
enterprise network. Due to it using an analog medium, it provides a reliable connection that
prevents interruptions and packet loss.
The above WAN technologies have been examined against a set of enterprise requirements
for a given design, and PPP is the selected WAN technology that is appropriate for the
requirements stated in the above section. This is due to having multiple PPP serial
interfaces within the network design and provides the resiliency and other needs that the
network needs to meet.
WAN Technologies
RAGHUNANDAN CHAUDHARY
30
HND / THIRD SEMESTER
Transport Network Design
There are many different WAN technologies, however these can be broken down to either
be public or private WAN technologies. There are benefits and drawbacks to these
technologies and these will be analyzed below.
Private WAN technologies
Leased Lines
Leased Lines is a form of private WAN technologies due to these being point-to-point lines
that are leased from a service provider. These lines are permanent dedicated connections
which provide WAN communication paths from a customer’s site to the provider’s
network.
Organizations pay a monthly fee to lease these lines from a service provider which enables
them to use the line. The fee of these lines differs due to there being different capabilities,
the bandwidth that is required and the distance between the connected points.
There are a number of benefits and drawbacks to using leased lines, the advantages being
simplicity, quality and availability. They require minimal knowledge to install and
maintain, the links normally provide high service quality, and due to the dedicated
connection, it removes latency between the connections. The drawbacks are cost and there
is limited flexibility. The point-to-point links tend to be the more expensive type of WAN
access, as well as each endpoint requiring an interface on the router, which increases the
equipment. Leased lines have a fixed capacity, which means that the bandwidth may not
meet the requirements specifically.
Dialup
Dialup is another form of WAN access and can be used when there is no other technology
available.
This technology is appropriate when there is a requirement for intermittent, low-volume data
transfers.
There are multiple advantages and disadvantages of this technology, the advantages being
simplicity, availability, and low implementation cost. The disadvantages consist of the low
data rates and a long connection time. Similar to that of leased lines, due to this also being a
dedicated circuit, there is little delay or latency for point-to-point traffic, however due to the
low bit rates, voice and video traffic is not effectively sent over the network.
Ethernet WAN
RAGHUNANDAN CHAUDHARY
31
HND / THIRD SEMESTER
Transport Network Design
Ethernet started off as a LAN access technology, due to the maximum cable length being on
kilometer. However, there are newer Ethernet standards that use fiber-optic cables which
make it possible for Ethernet to now be a WAN technology e.g. it can range from 5km to
70km depending on the IEEE base used.
An Ethernet WAN has multiple benefits consisting of reduced expenses and administration,
easy integration with existing networks and enhanced business productivity. It provides a
high-bandwidth layer 2 network which supports managing of data, voice and video within
the same infrastructure; this increases bandwidth and allows companies to inexpensively
connect sites to other sites and networks.
Public WAN technologies
DSL
As mentioned previously, this technology is an always-on connection that will use existing
telephone lines to transport high-bandwidth data, whilst providing IP services to users. An
Ethernet signal is converted from an end device to a DSL signal using a DSL modem which
is then sent to the central office. A remote user must connect to an ISP before an IP
connection is established through the Internet to the enterprise network.
This technology has multiple benefits and drawbacks such as it is achieving fast data rates,
no additional wiring and security due it normally accessing a separate network the main
section of the network. The drawbacks of this technology are the proximity, the greater the
distance, the less efficient the service will be, slower uploads and if the lines are busy with
other communications occurring, the connection may be slow.
Wireless
Wireless uses the unlicensed radio spectrum to transmit and receive data; due to this
spectrum being unlicensed, it is accessible to anyone who has a wireless device. There are
multiple wireless technologies that have evolved that allow wireless access to travel further
than the local transmission range of 100 feet.
One of these technologies is Municipal Wi-Fi which provides high-speed Internet access for
free or for a low cost. To connect to this Wi-Fi, a user needs a wireless modem; this
provides a stronger radio frequency than wireless adapters do.
Another technology is Worldwide Interoperability for Microwave Access (WiMAX), and
provides a high-speed broadband service with wireless access, whilst covering a broad area
similar to that of a mobile network compared to a Wi-Fi hotspot. WiMAX is similar to that
RAGHUNANDAN CHAUDHARY
32
HND / THIRD SEMESTER
Transport Network Design
of Wi-Fi, however it operates at higher speeds, over a further distance and for a larger
number of users. Users must subscribe to an ISP that has a WiMAX tower within a distance
of 30 miles and will also need a WiMAX receiver and an encryption code to access the base
station.
VPN Technology
Virtual Private Networks is another public WAN technology and is used to address security
concerns when risks are incurred when a user works remotely by using a broadband service
to access the enterprise WAN over the Internet.
A VPN is an encrypted virtual connection between private networks over a public network
and uses a VPN tunnel which is routed through the Internet from the private network of the
organization to the remote site or end device. VPNs have multiple benefits such as cost
saving, security, scalability, and compatibility with broadband technology. VPNs are cost
saving due to it enabling companies to use the Internet to connect remote sites, and to
connect remote users to the main enterprise site without using dedicated WAN links. VPNs
use advanced encryption and authentication protocols which protect data from unauthorized
access and is scalable due to it using the Internet infrastructure which means it is easy to
add additional users.
There are two types of VPN access, Site-to-site VPNs and Remote-access VPNs, these will
be explained in the task below.
Analyzed above are the benefits and drawbacks of private and public WAN technologies;
multiple WAN technologies can be configured and implemented together in an enterprise
network and these helps to build a network to meet the needs and requirements that is given
when designing any given network. Some of these WAN technologies are necessary when
implementing an enterprise WAN network, however only the requirements can state which
of these technologies will need to be configured.
VPNs
As mentioned in the above task, there are two types of VPNs that can be used depending on
an organization’s needs. A WAN is a connection of multiple remote LANs using someone
else’s, usually a service provider’s network and a router.
The difference between a WAN and a VPN is that a local host and router will view these
networks as remote networks, however a VPN includes the local host within the remote
network by using the WAN link that connects the end user to the remote LAN, meaning that
RAGHUNANDAN CHAUDHARY
33
HND / THIRD SEMESTER
Transport Network Design
the end device acts as though its local on the remote network.
Remote Access
Remote Access is the first type of VPN and is also known as a Client-to-Site VPN. This
VPN allows remote users to securely access the enterprise network remotely. Each host on
the network has a VPN client software loaded onto them or will use a web-based client.
A Network Access Server (NAS) is required as this is the device that the user will connect
to from the Internet in order to use the VPN that the organization has installed. This NAS
requires valid credentials inputted by the user to sign in to the VPN. Before it creates a
connection, the NAS will use its own authentication process or a separate authentication
server that is on the network.
This VPN tends to have a timer which disconnects the session after a period of time which
is a security precaution; the user will need to re-establish the connection with the VPN to be
able to access the organization’s network again.
Site-to-Site
Site-to-Site is the second type of VPN that can be used and is also called intranet VPN. This
VPN allows an organization to connect remote sites to the enterprise backbone securely
over a public medium rather than using WAN connections such as frame relay; each site
has a VPN gateway, for example a router, firewall etc.
A site-to-site VPN uses encryption, thus when traffic is sent through the VPN tunnel, it is
hashed as it is sent and will be decrypted once it gets to its destination. All traffic that is
sent through the tunnel must have a digital signature authentication; to get the
authentication, a public key infrastructure (pki) must be implemented and the receiver will
need the private key to decrypt it. It has a “lifetime” configured which is how long the
tunnel is alive for, this secures the traffic from hackers and malicious content.
Both of these VPNs improve security within a network and when connected to a WAN,
across a network. VPNs are cost effective as once it is set up, it simply needs to be
maintained and is simple for a user to understand. They are also scalable as it is very easy to
add additional users to the site or to download software onto an additional device. The main
disadvantage of VPNs if that the organization does not know where their packets are being
sent, although this can be an advantage to stop hackers, if the VPN is hacked, the hacker
can send the traffic elsewhere and gain access to the information being sent.
Overall, out of these two VPNs, the best one to implement in the network above to meet
organizational needs would be the remote access vpn due to there being a small number of
RAGHUNANDAN CHAUDHARY
34
HND / THIRD SEMESTER
Transport Network Design
users on the network. If the network were to be a large enterprise network, then the site-tosite VPN would have been the appropriate VPN.
Deploying network monitoring tools and troubleshooting documentation
Te
Expected
Actual
Evidence
st
Result
Result
I expect to
see all of the
connections
from R1, R2
and R3 to be
active, and
the cables to
be
connected
as specified
in the
addressing
table.
Using the
To fix this, I went into each interface across all routers
command
and used the command “no shut” to activate all the
“show ip int
interfaces; this is shown in Figure 7.
no.
1.
brief” within
all routers, it
showed that all
the interfaces
except g0/1 on
R2 were
disabled.
Figure 7: Repair inactive interfaces
The commands that were used across all routers are the
following:
R1#sh ip int brief
R1(config)#int g0/1
R1(config-if)# no shut
R1(config-if)# int s0/0/0
RAGHUNANDAN CHAUDHARY
35
HND / THIRD SEMESTER
Transport Network Design
R1(config-if)# no shut
R1(config-if)# int s0/0/1
R1(config-if)# no shut
R2#sh ip int brief
R2(config)# int s0/0/0
R2(config-if)# no shut
R2(config-if)# int s0/0/1
R2(config-if)# no shut
R3#sh ip int brief
R3(config)# int g0/1
R3(config-if)# no shut
R3(config-if)# int s0/0/0
R3(config-if)# no shut
R3(config-if)# int s0/0/1
R3(config-if)# no shut
2.
I expect to
To show the
To fix this, I went into int s0/0/1 as this was the interface
see the
clock rate, the
that had the wrong configuration and as shown below in
clock rates
command
Figure 8, I configured it to have the same clock rate as the
on all the
“show
other two DCE interfaces.
DCE
controllerss0/
interfaces
0/1” was
to be
inputted. The
configured
output of
the
at
“64000”.
command is
shown in
RAGHUNANDAN CHAUDHARY
36
HND / THIRD SEMESTER
Transport Network Design
FIG – Examine DCE Requirement
The commands that were used across all routers are the
following:
R1#sh controllers s0/0/0
R2#sh controllers s0/0/1
R2(config)# int s0/0/1
R2(config-if)# clock rate 64000
R3#sh controllers s0/0/0
3.
All
serial To
interfaces
should be
configured
view
whether the
configured with the wrong configuration type and entered
expected result
“encapsulation ppp”, this made the encapsulation type
was
to use
the case, the
PPP as the
encapsulat
To fix this issue, I entered the interfaces that were
ppp. Shown in Figure 10 is the change of encapsulation
type once the above command was inputted.
command “sh
int
ion type.
s0/0/0” was
RAGHUNANDAN CHAUDHARY
37
HND / THIRD SEMESTER
Transport Network Design
inputted. As
shown in
Figure 9, the
output of this
command
showed the
interfaces to
have HSRP as
the
encapsulation
type.
FIG – Examine Encapsulation type
FIG – Encapsulation Type Fix
The commands that were used across all routers are the
following:
R1#show int s0/0/0
R1(config)# int s0/0/0
R1(config-if)# encapsulation ppp
R2#show int s0/0/1
R2(config)# int s0/0/1
R2(config-if)# encapsulation ppp
R3#show int s0/0/0
RAGHUNANDAN CHAUDHARY
38
HND / THIRD SEMESTER
Transport Network Design
R3(config)# int s0/0/0
R3(config-if)# encapsulation ppp
4.
Examine
and set
CHAP
usernames
and
passwords –
I expect to
see each
router to be
configured
with the
correct
CHAP
usernames
and
passwords.
As
PPP
As shown in Figure 11, when the debug command was
wasn’t
used, it showed that the interfaces on which PPP was
working,
meant to be configured were closed/misconfigured.
I
Used the
“debug ppp
authenticat
ion” command
and “sh run”
to view the
usernames and
passwords that
were
configured.
These
commands
showed that
some of the
usernames and
passwords
across the
routers were
wrong.
FIG – Debugging PPP
FIG – Misaligned Configuration
FIG – Aligned Configuration
The commands that were used across all routers are the
following:
R1#debug ppp authentication
R1(config)# username R3 password cisco
R1(config)# int s0/0/0
R1(config-if)# ppp authentication chap
R1(config-if)# int s0/0/1
R1(config-if)# ppp authentication chap
RAGHUNANDAN CHAUDHARY
39
HND / THIRD SEMESTER
Transport Network Design
R2#debug ppp authentication
R2(config)# username R1 password cisco
R2(config)# no username R11
R2(config)# int s0/0/1
R2(config-if)# ppp authentication chap
R3#debug ppp authentication
R3(config)# username R2 password cisco
R3(config)# int s0/0/0
R3(config-if)# ppp authentication chap
R3(config-if)# int s0/0/1
R3(config-if)# ppp authentication chap
5
Verify IP
To view the IP Shown in Figure 14 is the addressing table on R2. This
.
addressing
addresses
showed that whilst the serial interfaces were configured
- I expect
configured
correctly, the gigabitEthernet interface was not. To correct
the IP
on the
addressing
devices, I used
to match
to the
the IP
command
addressing
table above.
“sh ip int
brief”. This
showed that
across the
routers, some
were
misconfigured
.
this, I used the commands below:
R2(config)# int g0/1
R2(config-if)# ip add 209.165.200.161 255.255.255.224
FIG – IP addressing
The commands that were used across all routers are the
following:
R1#sh ip int brief
RAGHUNANDAN CHAUDHARY
40
HND / THIRD SEMESTER
Transport Network Design
R1(config)# int g0/0
R1(config-if)# no ip add
R1(config-if)# int g0/1
R1(config-if)# ip add 10.0.0.1 255.255.255.128
R1(config-if)# int s0/0/0
R1(config-if)# ip add 172.16.0.1 255.255.255.252
R2#sh ip int brief
R2(config)# int g0/1
R2(config-if)# ip add 209.165.200.161 255.255.255.224
R3#sh ip int brief
R3(config)# int g0/1
R3(config-if)# ip add 10.0.0.129 255.255.255.128
R3(config-if)# int s0/0/1
6
Verify full
When the
R3(config-if)# ip add 172.16.0.6 255.255.255.252
As shown below in Figure 15, pinging was successful to
.
connectivit
commands
each device. The PCs were able to ping the webserver and
y – I expect
to be
successful
in being
able to
traceroute a
path from
“ping” and
the webserver was able to ping the PCs.
“tracert”
were used,
they were
successful in
reaching the
FIG – Ping Connectivity
webserver.
PC1 and
PC3 to the
webserver.
RAGHUNANDAN CHAUDHARY
41
HND / THIRD SEMESTER
Transport Network Design
FIG – PC1 Ping connectivity
FIG – PC2 ping connectivity
Troubleshooting Methods:
There are many different troubleshooting methods that can be used and implemented in a
network to solve enterprise-wide networking issues. This report will evaluate a number of
troubleshooting methods and their effectiveness in a network; as shown previously, a syslog
server and a Network Time Protocol (NTP) server were configured in the network
prototype.
Syslog Server
Syslog is a logging tool which sends log events from all devices that it is configured on to
the server that it is set up on. Syslog messages are sent over UDP and the IP transport
mechanism is defined rather than the syslog content. It is down to the application to develop
informative logs for the receiver. The message that is captured will contain a severity level
and a facility; the facility is the type of message that is being sent e.g. any, authorization,
fire etc. and the severity shows the important of the message e.g. emergency to debug, this
level can be defined by the administrator.
Syslog helps to reduce the downtime of the network as it logs the messages and lets the
administrator know what events are occurring on the network, which can mitigate against a
loss of connection. These logs are also a form of alert system due to the severity level that is
sent with the messages, and this alerts the administrator to if the network needs to be
troubleshoot, or whether an unauthorized user is attempting to access the network.
RAGHUNANDAN CHAUDHARY
42
HND / THIRD SEMESTER
Transport Network Design
NTP Server
When logs are being examined, it is essential to the network administrator that the correct
date and time are recorded for each event that is held in the syslog server. Although the
time and date can be set manually across all devices, it is easier to have an NTP source on a
server which synchronizes the time across all devices to be the same. Using NTP also helps
to ensure that the clock speed is the same, and it doesn’t drift.
NTP was established for clock synchronization, which also helps to synchronize the time
across the whole of the network.
SMP
Simple Network Management Protocol (SNMP) is used to receive information for the agent
on the network. The administrator can poll the switch which will return with a response on its
health information e.g. memory utilization, link status, firewall filter statistics etc. The switch
is also capable of undergoing a process called trap whereby it sends event information to the
network manager without the manager polling the switch.
To communicate this information, a Management Information Base (MIB) is used; a MIB
has a tree structure which defines groups of objects into related sets. MIBs are identified by
Object Identifiers (OID) and these name the objects.
Once configured, SNMP GETs can be received on given interfaces. Vendors recommend
restricting access to specific interfaces and clients e.g. management network.
OSI model
Although not an official troubleshooting method, the OSI model is a seven-layer model
which administrators use to troubleshoot their network if an issue arises and helps to
describe how network applications on different hosts can communicate across the network.
Layer 1
Layer 1 of the OSI model is the physical layer. This layer defines how bits move from one
device to another and also deals with the physical characteristics of the transmission
medium. Protocols that are used at this layer are Ethernet.
RAGHUNANDAN CHAUDHARY
43
HND / THIRD SEMESTER
Transport Network Design
Layer 2
This layer is also known as the Data Link layer and combines packets into bytes and bytes
into frames of which holds a source and destination MAC address. There are two sublayers
within this layer: logical link control (LLC) which is used for error detection and media
access control (MAC) which is used for hardware addressing and controlling the access
method. Protocols that are used at this layer are PPP, HDLC and Ethernet. (Tanenbaum,
2010, p.41-48)
Layer 3
Layer 3 is also the network layer and provides logical addressing which is used by routers to
determine the path a packet will take; the logical addressing is also used to identify a device
on the network.
Protocols that are used at this layer are IP and ICMP.
Layer 4
Otherwise known as the transport layer, it provides a reliable (TCP) or unreliable (UDP)
delivery and error recovery. Protocols that are used at this layer are TCP and UDP.
Layer 5
Layer 5 is known as the session layer and this determines how to establish, control and
terminate a session between two devices. Protocols that are used at this layer are SSL.
Layer 6
Also known as the presentation layer, this layer defines data formats and undertakes
processes e.g. compressions and encryption. Protocols that are used at this layer are MIME.
Layer 7
Layer 7 is known as the application layer and provides a user interface and enables network
applications to communicate with other network applications. Protocols that are used at this
layer are HTTP, Telnet, FTP etc.
To troubleshoot using the OSI model, the recommended approach in the bottom-up approach.
This approach starts from layer 1 and will move up the layers until the issue is found.
Evaluated above are a number of troubleshooting methods and their effectiveness in solving
enterprise wide networking issues without these methods being implemented a network
RAGHUNANDAN CHAUDHARY
44
HND / THIRD SEMESTER
Transport Network Design
administrator will not know what is happening in the background of the network; the logs
created by syslog are beneficial in seeing different events, NTP synchronizes not only time
across the network, but will update the logs in the syslog server with the correct time that
the event took place.
Conclusion:
To conclude this part, we firstly, presented the appropriated WAN solution by examining
WAN technologies and also, analyzed the benefits of public and private WAN technologies.
And, the VPN types are evaluated such as IPsec and SSL based on organizational needs.
And, the network monitoring tools are evaluated along with the troubleshooting methods to
create the network baselines. With that, the troubleshooting method is also evaluated for
their effectiveness in solving enterprise-wide networking issues which gives that all the
methods are useful and are good when used together.
References
Academy.,
C.
Available
at:
N.,
2014.
cisco
press.
[Online]
https://www.ciscopress.com/articles/article.asp?p=2202411&seqNum=7 [Accessed 10
December 2019].
Academy,
C.,
Available
at:
2019.
Ciscopress.com.
[Online]
http://www.ciscopress.com/articles/article.asp?p=2832407&seqNum=5
[Accessed 13 December 2019].
Academy,
C.,
Available
at:
2019.
Ciscopress.com..
[Online]
http://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4
[Accessed 10 December 2019].
Academy,
C.
Available
at:
N.,
2017.
ciscopress.
[Online]
https://www.ciscopress.com/articles/article.asp?p=2832405&seqNum=5 [Accessed 10
December 2019].
RAGHUNANDAN CHAUDHARY
45
HND / THIRD SEMESTER
Transport Network Design
Academy,
C.
Available
at:
N.,
2017.
Ciscopress.
[Online]
https://www.ciscopress.com/articles/article.asp?p=2832407&seqNum=5 [Accessed 10
December 2019].
Anon.,
2019.
Available
at:
cisco.com.
[Online]
https://www.cisco.com/c/en/us/support/switches/catalyst-2960-
24ttlswitch/model.html
[Accessed 11 December 2019].
Anon.,
2019.
PTGMedia.
[Online]
Available
at:
http://ptgmedia.pearsoncmg.com/images/9781587133282/downloads/9781587133
282%20_chapter_
[Accessed 20 February 2019].
Cisco1,
2019. Cisco.
[Online] Available at:
https://www.cisco.com/c/en/us/products/collateral/routers/4000seriesintegratedservices-routers-isr/data_sheet-c78-732542.html#ProductSpecifications
[Accessed 15 February 2019].
Cisco2,
2019.
Available
Cisco.
[Online]
at:
https://www.cisco.com/c/en/us/products/collateral/security/asafirepowerservices/datas
heet-c78-742475.html [Accessed 12 February 2019].
Das,
Available
R.,
2019.
INFOSEC.
[Online]
at: https://resources.infosecinstitute.com/category/certificationstraining/securityplus/secdomains/technologies-and-tools-in-security/installingand-configuringnetwork-components-tosupport-organizationalsecurity/technologies-and-tools-vpn-concentrators/# [Accessed 11 February 2019].
Ikechukwu, U. I., 2017. Network Models and Design. Modelling the Design of Computer
Networks for Effective Management, 20 Janaury, p. 7.
RAGHUNANDAN CHAUDHARY
46
HND / THIRD SEMESTER
Transport Network Design
Lamle, T., 2013. CCNA Routing and Switching Study Guide. 6th ed. CA: Sybex
Inc.
Murat Kayri, I. K., 2010. A PROPOSED “OSI BASED” NETWORK. International Journal
of NextGeneration Networks (IJNGN) , 2(3), p. 7.
Papić, S., 2016. Achieving Optimal Redundancy in a Small Business Network, Croatia:
University College Algebra, Zagreb.
Ranjbar,
A.,
2010.
Available
ciscopress.com.
[Online]
at:
https://www.ciscopress.com/articles/article.asp?p=1578504
[Accessed 16 December 2019].
RIvard,
E.,
Available
2011. pearsonceritification.com.
[Online]
at:
https://www.pearsonitcertification.com/articles/article.aspx?p=1730891 [Accessed 05
March 2020].
T., l., 2018. CompTIA Network+ study guide exam N10-007. 4th ed ed. CA: Sybex, .
Yusuff, A., 2012. NETWORK MONITORING: Using Nagios as an Example. [Online]
Available
at:
https://www.theseus.fi/bitstream/handle/10024/48457/Yusuff_Afeez.pdf?sequence
=1&isAllowed=y [Accessed 19 March 2020].
RAGHUNANDAN CHAUDHARY
47
HND / THIRD SEMESTER
Transport Network Design
RAGHUNANDAN CHAUDHARY
48
HND / THIRD SEMESTER
Related documents
PHYS-1500 PHYSICAL MODELING ...
PHYS-1500 PHYSICAL MODELING ...
School of Education Faculty Goals and Objectives Academic Year ____________________
School of Education Faculty Goals and Objectives Academic Year ____________________
Download
advertisement