Washington District Washington District NetworkingNetworking

ProjectProjectPresented byPresented byPat KearneyPat KearneyPauric FaheyPauric Fahey

Seamus LeydenSeamus Leyden

FLK teamFLK team

Responsible for design of R.E. Miller LANResponsible for design of R.E. Miller LAN

Our goals and implementation.Our goals and implementation.

Terms of reference and parametersTerms of reference and parameters

LAN requirementsLAN requirements Student Student Lecturing and administratorsLecturing and administrators

IntroductionIntroduction

Overall GoalsOverall Goals

Future requirementsFuture requirements

Physical Layout of ProjectPhysical Layout of Project Physical designPhysical design

Design goals of LANDesign goals of LAN

CollisionsCollisions

IntroductionIntroduction

Diagram of MDFDiagram of MDF

Diagram of classroom wiring closetDiagram of classroom wiring closet

SwitchingSwitching

VLANsVLANs

Routing protocolsRouting protocols Configuring IGRPConfiguring IGRP

Diagram of topology Diagram of topology

IntroductionIntroduction

ServersServers DNS and E-mailDNS and E-mail Administrative serverAdministrative server Library serverLibrary server Application serverApplication server

Addressing schemeAddressing scheme

Network managementNetwork management

Connection to internetConnection to internet

Security and BackupsSecurity and Backups

Overall GoalsOverall Goals

Design and Implementation of Enterprise Design and Implementation of Enterprise Wide NetworkWide Network

Include LANs at several sitesInclude LANs at several sites R.E.MillerR.E.Miller etcetc

Network must be functional for 10 yearsNetwork must be functional for 10 years

Provide for 100% growth in LANProvide for 100% growth in LAN

Design goals of LANDesign goals of LAN

Functionality Functionality Network designed must workNetwork designed must work

ScalabilityScalability Must be capable of growthMust be capable of growth

AdaptabilityAdaptability Must be able to accommodate new technologiesMust be able to accommodate new technologies

ManageabilityManageability Design should accommodate management and Design should accommodate management and

monitoring to ensure stability of networkmonitoring to ensure stability of network

Physical Layout of ProjectPhysical Layout of Project

Map of overall SchoolMap of overall School

TopologyTopology

Location of MDF and IDFsLocation of MDF and IDFs

Device requirementsDevice requirements HubsHubs SwitchesSwitches RoutersRouters Other stuffOther stuff

Physical designPhysical design

Cabling Cabling Cat 5 UTPCat 5 UTP Fiber OpticFiber Optic Vertical cross connects backboneVertical cross connects backbone

Carries all data between IDF s and MDF[Fiber]Carries all data between IDF s and MDF[Fiber] Horizontal cross connectsHorizontal cross connects

Connects hosts to wiring closetConnects hosts to wiring closet

Diagram of topologyDiagram of topology

Diagram of IDF 1Diagram of IDF 1

3548 XL Enterprise Edition2 LanSwitch

2 Patch Panel 64 RJ-45 ports

Diagram of MDFDiagram of MDF

2 LanSwitch 3548 XL enterprise edition

Cisco 3660 6-slot Modular Router-AC

Diagram of classroom wiring closetDiagram of classroom wiring closet

12 Port 10BaseT Switch w/2 100BaseTXPorts

idf

Bandwidth and Protocol Bandwidth and Protocol RequirementsRequirements

1 Mbps to all computers on network1 Mbps to all computers on network Absolute minimumAbsolute minimum 100Mb NIC on each machine100Mb NIC on each machine

100 Mbps to all servers100 Mbps to all servers

Routed protocolRouted protocol TCP/IPTCP/IP

LAN System usedLAN System used

EthernetEthernet Csma/cdCsma/cd

LAN switching infrastructure LAN switching infrastructure Encourage migration to faster access speeds Encourage migration to faster access speeds

[more bw] for future growth[more bw] for future growthSpeeds 10baseT,100baseT,and 1000baseFXSpeeds 10baseT,100baseT,and 1000baseFX

All cabling must comply with Eia/Tia 568All cabling must comply with Eia/Tia 568

CollisionsCollisions

Csma/cd has one major drawbackCsma/cd has one major drawback CollisionsCollisions

High internet use by studentsHigh internet use by students

AnswerAnswer SwitchesSwitches

Break up collision domain [broadcast domain Break up collision domain [broadcast domain remains however]remains however]

Broadcast domain broken up by vlan.Broadcast domain broken up by vlan.

VLANSVLANS

Two VLANS are requiredTwo VLANS are required

Curriculum Curriculum StudentStudent

AdministrativeAdministrative Teachers, Admin staffTeachers, Admin staff

Routing protocolsRouting protocols

IGRPIGRP Ensure network is stableEnsure network is stable No routing loopsNo routing loops

Count to infinityCount to infinity

Split horizonSplit horizon

Hold down timersHold down timers

Poison reverse updatesPoison reverse updates Rapid convergence importantRapid convergence important

Configuring IGRPConfiguring IGRP

Done at global config modeDone at global config mode Router(config)# router igrp 108Router(config)# router igrp 108 Network 10.0.0.0Network 10.0.0.0 Network 156.65.65.0Network 156.65.65.0

This configures autonomous system 108 This configures autonomous system 108 to send igrp updates to the 2 networks to send igrp updates to the 2 networks specified.specified.

ServersServers

DnsDns

EmailEmail

AdministrationAdministration

LibraryLibrary

ApplicationApplication

Other servers required if anyOther servers required if any

DNS and E-mailDNS and E-mail

Enterprise server in both cases located in Enterprise server in both cases located in mdfmdf

Host needed i.e. local post office Host needed i.e. local post office This will maintain a complete directory of staff This will maintain a complete directory of staff

and students at siteand students at site

Administrative serverAdministrative server

Will track studentsWill track students AttendanceAttendance Grading Grading

Other administrative functionsOther administrative functions

Will run TCP/IPWill run TCP/IP

Available only to staff and teachersAvailable only to staff and teachers

Library ServerLibrary Server

Available to anyone on siteAvailable to anyone on site

Must facilitate automated library Must facilitate automated library information and retrieval system information and retrieval system Online curricular research Online curricular research

Will run TCP/IP as layer 3 and 4 protocols Will run TCP/IP as layer 3 and 4 protocols

Application serverApplication server

Word processing Word processing

SpreadsheetsSpreadsheets

Presentation softwarePresentation software

Client software to access personnel, Client software to access personnel, student records, admin IS etc. student records, admin IS etc.

Addressing schemeAddressing scheme

Outline of scheme proposedOutline of scheme proposed

Private Addressing Scheme

Format 10 x x x

Class A 10 building room host

Addressing schemeAddressing scheme

Lecturer's MachineLecturer's Machine 10.x.x.110.x.x.1toto 10.x.x.310.x.x.3 Network PrintersNetwork Printers 10.x.x.410.x.x.4toto 10.x.x.710.x.x.7 ServersServers 10.x.x.810.x.x.8 toto 10.x.x.1510.x.x.15 AdministrationAdministration 10.x.x.1610.x.x.16 toto 10.x.x.63 10.x.x.63 Student'sStudent's 10.x.x.6410.x.x.64 to to 10.x.x.12810.x.x.128

Example of Room no`sExample of Room no`s

Example of Room no`sExample of Room no`s

Example of Room no`sExample of Room no`s

Connecting to the WANConnecting to the WAN

Wan is accessed via SHAW BUTTEWan is accessed via SHAW BUTTE

Provides access to internetProvides access to internet

School web site at SHAW BUTTESchool web site at SHAW BUTTE

Access to central district servicesAccess to central district services

Access for Network ManagementAccess for Network Management

Network managementNetwork management

Via SNMP software located at central site Via SNMP software located at central site

Router and switch configurations to be Router and switch configurations to be stored on central site office and stored on central site office and configurations to be downloaded to Miller configurations to be downloaded to Miller LAN across networkLAN across network

Connection to internetConnection to internet

Network Address Translation [NAT]Network Address Translation [NAT]

ACL's needed hereACL's needed here These will be controlled at district office These will be controlled at district office

Connectivity to be provided through district Connectivity to be provided through district office which is single point of contact for all office which is single point of contact for all schools in project.schools in project.

All computers on site to have internet All computers on site to have internet accessaccess

ACL’s RequiredACL’s Required

Students will be restricted to internet only Students will be restricted to internet only and DNS service.and DNS service.

Students will be allowed send and receive Students will be allowed send and receive E-Mail.E-Mail.

No unauthorised, incoming FTP allowed No unauthorised, incoming FTP allowed through the router.through the router.

Full access allowed for teachers and Full access allowed for teachers and Administrators.Administrators.

SecuritySecurity

Double firewall implementationDouble firewall implementation Pix firewallPix firewall Plus one otherPlus one other

All unauthorized external connections to be All unauthorized external connections to be prohibitedprohibitedAt district level the network will be divided into 3 At district level the network will be divided into 3 logical classifications with secured logical classifications with secured interconnectioninterconnection AdminAdmin CurriculumCurriculum ExternalExternal

BackupsBackups

Incremental backups will cater for point in Incremental backups will cater for point in time recoverytime recovery

Daily differential backups will be Daily differential backups will be scheduled for time when network is idle scheduled for time when network is idle say midnightsay midnight

Weekly backups scheduled for Friday Weekly backups scheduled for Friday nights nights