Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

topology - vasynet.com

advertisement 
TOPOLOGY
For the LAN infrastructure, we recommend using an extended star topology system based
upon a Gigabit fibreoptic backbone via multimodal fibre 1000Base-FX cabling
Two Virtual Area Network (VLAN) segments will be implemented at MountainSky, One
VLAN will be designated for student / curriculum usage and the other will be designated for
administration usage
The VLAN infrastructure will be based on Ethernet LAN switching. This will allow for a
migration to faster speeds (more bandwidth) to the individual computers and between MDFs
and IDFs without revamping the physical wiring scheme to accommodate future applications.
Two Virtual Area Network (VLAN) segments will be implemented at MountainSky, One
VLAN will be designated for student / curriculum usage and the other will be designated for
administration usage .
JUSTIFICATION FOR VLANs
There are many benefits to designing a network with VLAN switching in this school,
including the following:
• Reduces administration costs related to moves, additions, and changes
• Provides better control broadcasts
• Tightens network security
• Microsegments with scalability
• Distributes traffic load
• Relocates servers into secured locations
Companies are continuously reorganizing. On average, 20% to 40% of the workforce
physically moves every year. These moves, additions, and changes are one of a network
manager's biggest headaches and one of the largest expenses related to managing the network.
Many moves require recabling, and almost all moves require new station addressing and hub
and router reconfigurations.
VLANs provide an effective mechanism for controlling these changes and reducing much
of the cost associated with hub and router reconfigurations . Users in a VLAN can share
the same network address space (that is, the IP subnet), regardless of their location. When
users in a VLAN are moved from one location to another, as long as they remain within the
same VLAN and are connected to a switch port, their network addresses do not change . A
location change can be as simple as plugging a user into a port on a VLAN-capable switch
and configuring the port on the switch to that VLAN.
VLANs are a significant improvement over the typical LAN-based techniques used in wiring
closets because they require less rewiring, configuration, and debugging. Router
configuration is left intact; a simple move for a user from one location to another does not
create any configuration modifications in the router if the user stays in the same VLAN.
IEEE 802.3 specifies the Ethernet as a LAN used to transport data between devices on a
shared medium, using a data frame broadcast method of moving data to all nodes on the LAN.
This standard uses Carrier Sense Multiple Access / Collision Detect (CSMA/CD) as an access
method allowing only one station to transmit at a time. Although the goal is to provide a besteffort service, the biggest problem is traffic collision. Several factors can further effect this
performance, including network congestion due to increased demands from multimedia such
as the Internet and video applications.
The combination of powerful computers, network applications, Internet access, sharing of
files, etc. causes network congestion and a need for more bandwidth, especially in areas like
the Library and computer labs. As the school grows, bandwidth issues increase and need to be
addressed. Switches can help solve these problems.
Switches microsegment a LAN, creating collision-free domains, increasing bandwidth
available by creating point-to-point connection. When working with a router, a virtual circuit
can be created and allow grouping of network devices that are not restricted to a physical
switch segment. Network management software, switches, frame tagging, and routers work
together to make VLAN's work. Since 20 to 40 percent of the workforce is physically moved
each year, it is imperative that VLANs be designed in the internal LAN.
Static VLANs (port-centric) will be created in this school because they are secure, easy to
configure, and straightforward to monitor. Three VLANs will be used on the LAN; VLAN
1 will for the administration segment, VLAN 2 will be for general curriculum and
VLAN3 for servers. All changes and moves will be controlled and managed accordingly
CABLING
The transport speeds will be 100BASE-TX, and 100 base FX/ 1000BASE-FX.
Vertical (Backbone) cabling shall be fiber optic 100base FX or 1000 base FX. Fibreoptic is
chosen as it is not prone to electrical interference and also provides high speeds of
transmission.
Horizontal cabling shall be Category 5 Unshielded Twisted Pair (CAT5 UTP) and will have
the capacity (be tested) to accommodate 100 Mbps.CAT5UTP is chosen due to its cost
effectiveness.
The cabling infrastructure shall comply with TIA/EIA-568-A and TIA/EIA-569 standards.
LOCATION OF MDF & TOPOLOGY
We recommend placing the Main Distribution Facility (MDF) in the room (located in
Building A East) where the WAN Point of Presence (POP) resides. This is a typical
occurrence in network design, allowing for simpler cabling and WAN access. The POP will
terminate at a Cisco 2600 Router. We recommend this router because of its scalability and
reliability features. Stemming from the Cisco 2600, we recommend using one Cisco Catalyst
2950 (24 ports) as an external switch for testing purposes. This switch is outside of the
standalone hardware based firewall. The Sonic firewall has a demilitarized zone DMZ, in
which Internet, email and web servers will be located. A Cisco Catalyst 2950 (12 port) switch
will be used in the DMZ for connections for the DNS,web and email servers. The firewall
then terminates at a Cisco 3700 router via an E0 ethernet port. The Cisco 3700 is the main
LAN router(again chosen for its scalability and reliability features).
The Cisco 3700 router's E1 port feeds into a single Cisco Catalyst switch which connects to
two Cisco Catalyst 2950G(48 ports) switches in the MDF
The two Cisco switches will be used for VLAN segmentation and will provide, via hubs,
distribution of drops to classrooms and offices within the recommended 100 meter distance of
the MDF. VLAN 3 is designated for servers and will have the following servers:
• the DHCP server and domain controller for VLAN2 (curriculum)
• Curriculum server which has file server and application server functions for VLAN2
• Library server
• Administration server which has file server and application server functions for VLAN1
• Domain controller for VLAN1
• Local DNS server
The Cisco catalyst 2950 switch connected to the Cisco 3700 router via E1 is also connected
by vertical cabling to IDF1 and IDF2 respectively.
LOCATION OF IDFS AND TOPOLOGY
Two Intermediate Distribution Facility (IDF) rooms will be established, where horizontal
cabling lengths exceed TIA/EIA-568-A recommended distances or where site conditions
dictate. IDF 1 will be located in Building A West and IDF2 will be located in the
Multipurpose building. In such cases, the IDF will service its geographical area and the IDF
will be connected directly to the MDF in an EXTENDED STAR topology.
IDF-1 located in Building A East will house three Catalyst 2950G switches .The ports 1 – 16
will be allocated for VLAN1 and 17 to 48 for VLAN2. Due to the high number of rooms in
this building and the fact that three Curriculum drops are needed per termination point, the
use of 3 switches is recommended. Refer to IDF topology diagram.
IDF-2 will be located in the Multi-purpose building. It will house two Cisco Catalyst 2950
Switches. Again ports 1 – 16 will be allocated for VLAN1 and 17 to 48 for VLAN2. Refer to
attached diagrams for the cabling and logical topologies for this building and its IDF.
DISTRIBUTION TO ROOMS
As mentioned above, for distribution to rooms, we recommend using the 7 Cisco Catalyst
2950 switches located in MDFs and IDFs. The Catalyst 2950 will take the backbone lines and
distribute their bandwidth through up to 48 lines of 100 Mbps over 100Base-TX thus allowing
for up to 48 drops of 100 Mbps per switch.
There are currently 44 rooms requiring 4 drops per room and 11 single drops required for the
principals, assistants, secretaries. Hence current requirements stipulate 187 drops or cable
runs. Hence the 7 distribution switches(Catalyst 2950 (48port)) in the MDF and the two IDFs
can provide up to 336 drops thereby giving an extra 149 cable runs for expansion.
Each room requiring connection to network will be able to support 24 workstations and be
supplied with four (4) CAT 5 UTP runs for data, with one run terminated at the teacher's
workstation. These cable runs will be terminated in the closest MDF or IDF.
By running a fibreoptic backbone, we can supply four drops to each classroom or office, each
with 100 Megabits of bandwidth. Two drops for student workstations and one drop for
administrators will be hubbed and active. The additional drops from the Curriculum (Student)
VLAN network will be installed, but however will only be hubbed and put into use upon
demand. As the number of users increase, there will be a need to reduce collision domains and
hence the need to use the spare drops.
A single location in each room will be designated as the wiring point of presence (POP) for
that room. It will consist of a lockable cabinet containing all cable terminations and electronic
components; i.e. data hubs. From this location data services will be distributed within the
room via decorative raceways.
ROUTER CONFIGURATIONS
ROUTER CONFIGURATION CISCO 2600 ROUTER
Note: Configuration for WAN is in the WAN section above
router# config t
router(config)# router igrp 10
• Defines IGRP as an IP routing process
router(config-router)# network 171.18.76.0
router(config-router)# network 1717.18.77.0
router(config-router)# network 171.18.78.0
router(config-router)# network 171.18.79.0
router(config-router)# network 172.18.80.0
router(config-router)# network 172.18.81.0
router(config-router)# network 171.18.82.0
ROUTER CONFIGURATION CISCO 3700 ROUTER
router# config t
router(config)# router igrp 10
• Defines IGRP as an IP routing process
router(config-router)# network 171.18.76.0
router(config-router)# network 1717.18.77.0
router(config-router)# network 171.18.78.0
router(config-router)# network 171.18.79.0
router(config-router)# network 172.18.80.0
router(config-router)# network 172.18.81.0
router(config-router)# network 171.18.82.0
• Selects attached networks
router# config t
router(config)# int E0
router (config-if)# ip address 171.18.76.8 255.255.255.0
router(config-if)# no shutdown
CTRL-Z
• Configures E0 interface
router# config t
router(config)# int E1
router (config-if)# ip address 171.18.78.1 255.255.255.0
router(config-if)# no shutdown
CTRL-Z
• Configures E1 interface
.
WIRING DIAGRAM
Media
Vertical Cabling Multimode Optical
Fiber
Horizontal
Cat 5 UTP 100Base
Cabling
TX
Patch Panel
Cat 5 UTP 100Base
Cable(6m cable TX
length)
Work Area
Cat 5 UTP 100Base
Cabling(can be
TX
10m cable)
Bandwidth
1000 Mbps
Max Physical Distance
2000m
100 Mbps
100m
100 Mbps
100m
100 Mbps
100m
Wiring Scheme
TIA/EIA-568-A specifies that, in a horizontal cabling scheme, you must use an RJ-45 jack for
making the connection to a CAT 5 UTP cable, at the telecommunications outlet. One side of
the RJ-45 jack contains eight color-coded slots. The individual Cat5 wires are punched down
into the slots according to color. A firm punch down is required in order to make a good
electrical connection. The other side of the jack is a female plug, which looks like a standard
phone jack, except that the RJ-45 jack is larger and has eight pi
MDF and IDF Details
The interior walls are painted with fire retardant paint and has 3/4" plywood which is raised 1
1/4" from the walls where equipment is mounted. 15 feet of wall space is provided for the
POP terminations. Drop ceiling should have fixed ceilings installed to prevent unauthorized
access. 12" ladder rack and 4" conduits installed for horizontal and vertical cabling. Water
and steam pipes should not run through or above the wiring closets and the humidity should
be maintained between 30% and 50%. HVAC should maintain the room temperature at 70
degrees. Incandescent lights have been installed.
ll file servers will be categorized as Enterprise or Workgroup type services, and then placed
on the network topology according to function and anticipated traffic patterns of users.
As mentioned in the Requirements section, the
enterprise servers (including DNS, Email, and applications) will be located at the District
Office, allowing for easy upgrade and download of applications and services between
campuses. However, each campus will house its own DNS, web-server and Email servers as
well, supporting that campus' needs. In addition, there will be a need for three servers per
VLAN . For the Curriculum VLAN there will be a curriculum server (with file server and
application server functions), a DHCP server . The administrative server(with file server and
application server functions) is for administration purposes. For Mountain Sky we
recommend the use of three Dell Power Edge 1600 Enterprise servers. One, housed in the
MDF, will support the DNS, Email, Library, and Application services. We recommend the
Dell Power Edge servers due to their high ratings in reliability and performance, as well as
their competitive pricing points
For backup, data redundancy and security we recommend RAID 5 for each server.
ENTERPRISE SERVERS
IN DMZ
>>
>>
>>
DNS (DISTRICT)
WEB SERVER
EMAIL SERVER
IN VLAN3
>>
>>
>>
>>
>>
DOMAIN CONTROLLER for student VLAN
ADMIN SERVER(Application + file server)
LIBRARY SERVER
DHCP SERVER
CURRICULUM SERVER (Application + file server)
SECONDARY(LOCAL)DNS SERVER
>>
DNS , EMAIL & WEB SERVERS
Domain Name Services (DNS) and e-mail delivery will be implemented in a hierarchical
fashion with all services located on the master server at the district office. Each District Hub
location will contain a DNS server to support the individual schools serviced out of that
location. Each school site will also contain a host for DNS and e-mail services (local post
office) that will maintain a complete directory of all staff personnel and student population for
that location. The school host will be the local post office box and will store all e-mail
messages. The update DNS process will flow from the individual school server to the Hub
server and to the district server. All regional servers will have the capability to communicate
between themselves, thus building redundancy in the system in the event that the District
master server is unavailable. Should the District master server require a partial or complete
restore of data, the ability to query any or all of the regional servers to acquire the needed
information will be provided.
DOMAIN CONTROLLER
There will be a domain controller for purposes of user login security for both staff and
students
ADMINISTRATIVE SERVER
The school district is moving towards a totally automated server based administration system.
MountainSky will contain an Administration server which will house the student tracking,
attendance, grading and other administration functions. It will also function as an application
server and fileserver. This server will be running TCP/IP as its OSI layer 3&4 protocols and
will only be made available to teachers and staff.
LIBRARY SERVER
The school district is implementing an automated library information and retrieval system
which will house an online library for curricular research purposes. There will be one library
server and will be running TCP/IP as its OSI layer 3&4 protocols.
CURRICULUM SERVER
The curriculum server is part of VLAN3 and is housed in the MDF and will function as an
application server and file server for students.
DHCP SERVER
A DHCP server will be housed in the MDF and will be part of VLAN3 (Server Vlan) and
used to dynamically allocate IP addresses for the students.This server will also function as a
domain controller for user login security.
All computer applications will be housed in the Curriculum and Administration servers
located in the MDF. ( applications such as Word processing, Excel, PowerPoint , etc)
LOCAL DNS SERVER
This will be for resolving local dns requests and is part of VLAN3
APPLICATION SERVER
Both Admin and Curriculum Vlans have Applications Server for their purposes.
IP ADDRESSING
A complete TCP/IP addressing and naming convention scheme for all hosts, servers, and
network interconnection devices will be developed and administered by the District Office.
As mentioned in the District addressing scheme, The implementation of unauthorized
addresses will be prohibited.
All computers located on the administrative networks will have static addresses, allocated by
the system administrator. Curriculum computers will obtain addresses by utilizing Dynamic
Host Configuration Protocol (DHCP). MountainSky, like other sites will have a server
running DHCP and use only addresses consistent with the overall District Addressing
Scheme.
For the Ip addressing, Class B addressing will be used for both the curriculum network,
administrative network and also for servers. IP addresses for servers and the administrative
network will be statically assigned by the network administrator. The IP addresses for
students will be dynamically allocated via a DHCP server.
Range of Subnets allocated by District for MtSky
7 subnets from 171.18.76.1 – 171.18.82.254
Subnet:
Device:
Service Centre Cisco Router 2600 -S0(DCE)
Backbone
Cisco Router 2600 -S1(DTE)
Backbone
Cisco Router 2600- E0
Backbone
Cisco catalyst 2950 (24)
Backbone
Cisco catalyst 2950 (12)
Firewall
Firewall
Firewall
DMZ port
Firewall
Email server
Firewall
Webserver
Firewall
Primary DNS server
IP Address:
171.18.17.2
171.18.17.1
171.18.76.1
171.18.76.2
171.18.77.3
171.18.77.1
171.18.77.2
171.18.77.4
171.18.77.5
171.18.77.6
Backbone
Backbone
Backbone
Backbone
Cisco 3700 Router E0(fiber)
171.18.76.8
Cisco 3700 Router E1(fiber)
171.18.78.1
Cisco catalyst 2950(48)MDF-A 171.18.78.2
Cisco catalyst 2950(48)MDF-B 171.18.78.3
Cisco catalyst 2950(48)MDF-C 171.18.78.4
Backbone
Cisco catalyst 2950(48)IDF1-A 171.18.78.5
Backbone
Cisco catalyst 2950(48)IDF1-B 171.18.78.6
Backbone
Cisco catalyst 2950(48)IDF1-C 171.18.78.7
Backbone
Cisco catalyst 2950(48)IDF2-A 171.18.78.8
Backbone
Cisco catalyst 2950(48)IDF2-B 171.18.78.9
VLAN2
Student Computers
171.18.79.1-171.18.80.254
ServerVLAN3 DHCP Server
171.18.82.1
Server
Library Server
171.18.82.2
Server
Secondary DNS Server
171.18.82.3
Server
Administrative Server
171.18.82.4
Server
Curriculum server
171.18.82.5
Server
Domain controller
171.18.82.6
Staff/Admin Router E1(fiber)
171.18.81.1
Staff/Admin Principal
171.18.81.2
Staff/Admin Asst. Principal
171.18.81.3
Staff/Admin Secretary to Principal
171.18.81.4
Staff/Admin Secretary to Asst. Principal
171.18.81.5
Staff/Admin Nurse
171.18.81.6
Staff/Admin Office Secretary 1
171.18.81.7
Staff/Admin Office Secretary 2
171.18.81.8
Staff/Admin Office Secretary 3
171.18.81.9
Staff/Admin Network Printer 1
171.18.81.10
Staff/Admin Network Printer 2
171.18.81.11
Staff/Admin Librarian1
171.18.81.12
Staff/Admin Librarian 2
171.18.81.13
Staff/Admin Teacher Room 100
171.18.81.14
Staff/Admin Teacher Room 101
171.18.81.15
Staff/Admin Teacher Room 103
171.18.81.16
Staff/Admin Teacher Room 104
171.18.81.17
Staff/Admin Teacher Room 106
171.18.81.18
Staff/Admin Teacher Room 107
171.18.81.19
Staff/Admin Teacher Room 108
171.18.81.20
Staff/Admin Teacher Room 110
171.18.81.21
Staff/Admin Teacher Room 111
171.18.81.22
Staff/Admin Teacher Room 200
171.18.81.23
Staff/Admin Teacher Room 201
171.18.81.24
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Staff/Admin
Teacher Room 202
Teacher Room 203
Teacher Room 204
Teacher Room 205
Teacher Room 206
Teacher Room 209
Teacher Room 210
Teacher Room 211
Teacher Room 212
Teacher Room 213
Teacher Room 214
Teacher Room 215
Teacher Room 217
Teacher Room 218
Teacher Room 219
Teacher Room 220
Teacher Room 221
Teacher Room 222
Teacher Room 225
Teacher Room 226
Teacher Room 227
Teacher Room 228
Teacher Room 300
Teacher Room 302
Teacher Room 303
Teacher Room 309
Teacher Room 312
Teacher Room 314
Teacher Room 315
Teacher Room 316
Teacher Room 317
Teacher Room 319
Teacher Room 320
171.18.81.25
171.18.81.26
171.18.81.27
171.18.81.28
171.18.81.29
171.18.81.30
171.18.81.31
171.18.81.32
171.18.81.33
171.18.81.34
171.18.81.35
171.18.81.36
171.18.81.37
171.18.81.38
171.18.81.39
171.18.81.40
171.18.81.41
171.18.81.42
171.18.81.43
171.18.81.44
171.18.81.45
171.18.81.46
171.18.81.47
171.18.81.48
171.18.81.49
171.18.81.50
171.18.81.51
171.18.81.52
171.18.81.53
171.18.81.54
171.18.81.55
171.18.81.56
171.18.81.57
NETWORK MANAGEMENT
A master network management host will be established at the District Office and will have
total management rights over all devices in the network. This host will also serve as the router
configuration host and maintain the current configurations of all routers in the network. Each
region location (Hub) will house a regional network management host to support its area. In
the case of Mountainsky school this will be housed at the Service Centre.The management
scheme for the data portion of the network will be based on the Simple Network Management
Protocol (SNMP) standards. All routers will be pointed to the master Network Management
host for the purpose of downloading new or existing configurations. The District Office will
maintain the super user passwords for all network devices and configuration changes on these
devices will be authorized from the District Office: i.e., Routers and LAN Switches.
Related documents
Heim
Heim
Cisco 2611 Router
Cisco 2611 Router
Assignment 1
Assignment 1
third party data access request form
third party data access request form
Rodent Anesthesia Record Template
Rodent Anesthesia Record Template
Linksys BEFSX41 Broadband Firewall Router with 4
Linksys BEFSX41 Broadband Firewall Router with 4
CCNA 2—Router and Routing Basics
CCNA 2—Router and Routing Basics
If your Internet is not working please try the following steps before
If your Internet is not working please try the following steps before
Download
advertisement