1 / 40

THREADED CASE STUDY SUNNYSLOPE

THREADED CASE STUDY SUNNYSLOPE. Presented to Michael Barrett and Paul Flynn. Intoduction. This is our presentation of the Threaded Case Study (TCS) as part of our “Certificate in Computers IT Support” TEAM: The team consists of Ken Henry, David Lynch and Rory Mc Caffrey GOAL:

liluye
Download Presentation

THREADED CASE STUDY SUNNYSLOPE

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. THREADED CASE STUDYSUNNYSLOPE Presented to Michael Barrett and Paul Flynn

  2. Intoduction • This is our presentation of the Threaded Case Study (TCS) as part of our “Certificate in Computers IT Support” • TEAM: • The team consists of Ken Henry, David Lynch and Rory Mc Caffrey • GOAL: • Our goal is to demonstrate our knowledge of Local Area Network (LAN) design and implementation. For our project we are working on Sunnyslope Elementary School in the Washington Elementary School District.

  3. Background • The district presently includes 33 schools, a district office, and a service center. This project will include connectivity between all district sites. • All computers within the district are to be able to access the internet. The district will implement a number of servers at the main office to most intranet and internet needs. • This network must be usable for the next 7-10 years and, therefore, must plan for 100x growth of LAN throughput, 2x growth in WAN core throughput, and 10x growth in Internet Connection throughput. All host computers must have a minimum of 1.0 Mbps throughput and all servers must have a 100Mbps throughput.

  4. Physical Layout • Placement of MDFs and IDFs • Cable runs • Placement of switches and routers • Placement of servers

  5. General Requirements • Placment of MDFs and IDFs • We chose our Main Distribution Facility in Building 300 West. This is the best location for the MDF because it is centrally located and contains the Point of Presence. It is also surrounded by administrators and faculty, so it maintains a high level of security at all times. The MDF covers only buildings 300 East, West, and the Computer Lab. Our IDFs are located in the following buildings: Maintenance, Building 200 West, Multi-Purpose Building, and Building 400 West. These are good locations because all rooms are away from school activity and in a safe closed off area

  6. Cable Runs • All backbone cabling from MDF to the IDFs will use multi-mode fiber optic cable. This benefits the network by not having to worry about unstable grounding techniques between buildings. • It also allows distances between the MDF and the IDFs to not pose a problem.

  7. Placement of Switches and Routers • There is only one router in our entire network. It is placed in our Main Distribution Facility and serves as the main communication device. • Switches are placed in every IDF and in our MDF. • There is a switch in every room contained in a lockable cabinet. While more expensive than a hub, switches will serve for future expansion more efficiently than a hub. If the available 24 hosts were needed in a room, then they would be collision free. All switches in rooms are terminated at the nearest MDF or IDF.

  8. Placement of Servers • We chose to place the student servers together on a server switch. This switch resides in our MDF and is given 100 Mbps speed to the uplink. There is only one main server on this switch to begin with, but it remains for future needs for other servers. The administration server is running off of the router. This helps maintain logical security which will be discussed later on. The logic for there placement is in there classification. These main servers are enterprise servers and must be able to be reached by there entire networks. They will be easily administrated in one location and if need arise, future additions may be added to the server switch for additional enterprise servers. Although there will be no servers located in any IDFs, there is an extra 100 Mbps port available in each for possible future workgroup servers of any kind

  9. Logical Layout • Ip Addressing • V-Lan implementation • Broadcasts domains • Server applications • Routing protocol • Security

  10. IP Addressing • IP addressing will be configured using private Class A IP addresses for both the administrations network and the student network. It was decided to logically administer the ip address in building which had MDF,S and IDF,S which gave us a a total of 5 buildings. • The network has a max of 7 IP address in each room dedicated to routers, servers, and printers for future growth.It also has a total of 65 address for students which is more than enough to cover a maximum of 1032 users if all 24 hosts were needed in every room. • There is also 190 addresses left in each room for administration.

  11. IP Addressing continued: • It was decided to give the lecture in each room an address of 10.x.x.65 and all would have the same address so when we were configuring access control list it would make it much easier. • Network address of 10.x.x.x will be configured accordingly. The subnet for the network will be 255.0.0.0

  12. IP Addressing system • MDF • IP address for this building is 10.1.X.X • Within the room where the MDF is housed an address of 10.1.1.(1-7) is for router, server, printers etc. • An address of 10.1.1.(8-63) for Students • And an address of 10.1.1.(64-254) for Administration • An address of 10.1.1.65 is dedicated to lectures with in this room. • NB. The same was done for all rooms in this building An address of 10.1.2.X for room 2 with the same addresses for Servers-Students-and admin.

  13. IP Address System Cont. • IDF 1 • IP address for this building is 10.2.X.X • Within the room where the IDF are housed an address of 10.2.1.(1-7) server, printers etc. • An address of 10.2.1.(8-63) for Students • And an address of 10.2.1.(64-254) for Administration • An address of 10.2.1.65 is dedicated to lectures with in this room. • NB. The same was done for all rooms in this building An address of 10.2.2.X for room 2 with the same addresses for Servers-Students-and admin.

  14. IP Address System cont. • This address system was carried out on all the other buildings which had IDF’S • It gave us a total of 5 different buildings • All of these buildings we made into V-LAN’s

  15. Entire network Backbone

  16. MDF

  17. IDF 1

  18. IDF 2

  19. IDF 3

  20. IDF 4

  21. Router Connections

  22. V-lan Layout

  23. V-LAN Impementation • VLANS are a very important part of the network setup. Although the administration and students are on two separate networks, they still run through the same switches at layer two encapsulation processes. Therefore the Administration will be configured on VLAN 1 and the students on VLANs 2-6. • We have decided to allow communication between student VLANs and allow administration access to all VLANs through two trunk ports. These trunk ports will allow VLANs to communicate while maintaining a level of security. VLANs are also an important part of keeping our broadcast domains at a minimum level.

  24. V-LAN Continued • All buildings which had a MDF or IDF was made into a V-LAN. 6 in all. • Both trunk ports will be located on the server switch and be regular 10/100 Mbps running at full duplex. One trunk port will be for administration and the other for students. • Any student port coming out of IDF 1 will be on VLAN 2. • Any student port coming out of IDF 2 will be on VLAN 3. • Any student port coming out of the MDF will be on VLAN 4. • Any student port coming out of IDF 3 will be on VLAN 5 • And any student port coming out of IDF4 will be on VLAN 6. • Any port that is not in use will be assigned to the student VLAN for that MDF/IDF.

  25. Trunking ports on V-LANS • These trunk ports will allow VLANs to communicate while maintaining a level of security. VLANs are also an important part of keeping our broadcast domains at a minimum level. • VLANs are also an important part of keeping our broadcast domains at a minimum level. • Both trunk ports will be located on the server switch and be regular 10/100 Mbps running at full duplex. • One trunk port will be for administration and the other for students.

  26. Broadcast Domains • With a possible user count of 1032 in the student network, broadcasts are bound to be a problem. With the help of VLANs and the router, the network can remain at a low congested stated. • Each VLAN will hold its own broadcast domain and not allow broadcasts from other VLANs to intrude. Although the student VLANs can communicate with each other, the router breaks up the VLANs into and separates them to their proper domain.

  27. Braodcast Domains

  28. Server Applications • Each server in the MDF will run their own applications. The student server will serve as the main DNS server, The student server will provide any needed applications to the student network. These applications could include a student directory for school files or direct e-mail to teachers for questions. • The administration runs off of the router and will allow access for administrative services. This will be the teachers main DNS and maintain administrative applications such as direct attendance programs and e-mail. Having these applications on separate servers allows for a high level of security and growth for the future of the network.

  29. Server Placement

  30. Routing Protocol • Since there is only one router in the Sunnyslope network, the routing protocol will simply be for the WAN link to the pop. Any other school communicating on the same network will be able route packets to our router and vise versa. • The routing protocol that is going to be configured this network’s router is IGRP. This way there will be a guarantee that other school’s packets won’t be discarded because of hop count. Also with IGRP’s autonomous system number there will be an additional security measure.

  31. Physical Security • Each and every IDF as well as the MDF contains a lockable cabinet. These will be used to organize and keep all unauthorized personnel away from the actual router, switches and servers if the room might be penetrated. • Each room will also have a lockable cabinet so that devices may not be tampered with by any unauthorized person.

  32. Logical Security • The logical security of the network contains almost all levels of security on the OSI layer. We have already discussed the physical security, but the logical portion of VLANs play a very important roll in the network’s security. • VLANs make the network secure in one way by not allowing the student VLANs to communicate to the Administration VLAN. In this way, we can provide a totally switched environment with very little ACL’s to keep students out of the administration network.

  33. Wan Design • All schools will be connected through point-to-point connections to a regional hub. There will be a regional hub at the district office, service center, and Shaw Butte Elementary School. • All point-to-point connections will be running at a T1 connection speed and internet connections to schools will be provided by the district office through frame relay

  34. PPP Configuration: • PPP is a very important part of the Wan Design. It will allow for full use of bandwidth with its capability of network protocol multiplexing. It is reliable with its link configuration and quality testing. It also provides for error detection and allows for the use of the Dynamic Control Host Protocol. PPP is an ideal layer two encapsulation WAN protocol for our design because of these features. As opposed to a packet-switched, virtual circuit protocol such as Frame Relay, it is a dedicated link that will be useful in the connections between the schools and the offices; these are the places where we will want the most reliability and error detection. • Although Frame Relay is cost effective and fast, it would not provide the reliability needed to these points. PPP also has an optional authentication phase that can use CHAP and/or PAP to protect unauthorized traffic through the connected routers. In our case we will use CHAP because it provides encrypted passwords from router to router.

  35. ISDN • ISDN is an alternative to leased lines. • It generally is used for networking small LANS.

  36. FRAME RELAY • Frame Relay will be our main type of connection for internet services. It is a very high performance and efficient data technology. It operates at the physical and data link layers • The main Frame Relay connection will be through the data center. Since there is only one PVC we will not have to configure any additional sub-interfaces.

  37. Access Control Lists • The ACL.S will be set up at the router allowing students access to nothing but the internet on e1. • An Access list will also be set up for filtering WAN activies. • An access list will be set up for Admin Server

  38. Equipment Used in Network Design • Router – Cisco 4500m-Quantity 1 • Router Accessories – NP-2E module consisting of 2 ethernet ports-Quantity 2 • Switches - WS-C1912-EN Quantity 3 WS-1912-EN Quantity 4 WS-C2828-EN Quantity 1 • Switch Accessories 4 port 100B FX Module • 1 port 100B TX Module • 4 Lockable Cabinets-For IDFs-50-70381 • 1 Lockable Cabinet -For MDF-50-70244

  39. Pros of this Network Design • Speed: With fiber going to each switch, there is 1 gigabit of bandwidth available with possible improvements in technology. • Less interference: Fiber has less interference from magnetic fields. • Non-centralised: Control is closer, if there is a local problem. • There is room for future growth in this network.

  40. Cons of this Network Design • Non- Centralised: With an IDF in each building there may be difficulty locating a problem. • Cost: The quantity of switches and fibre needed has increased the cost. • Security: With many locations, there is more of a possibility of break-in or theft.

More Related