WASHINGTON SCHOOLPROJECT
WAN DESIGN PROPOSAL
This is a sample project completed by previous students. You may look at this, but in NO way copy or use any part in any way.
SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE
WAN Requirements Washington School District Connect all school and administrative
offices with the district office Reliable Scalable Optimize bandwidth Minimize cost
TWO – LAYER HIERARCHICAL MODEL
Hierarchical Method for controlling data traffic patterns Two – layer design Three regional hubs Fast WAN core
TWO-LAYER HIERARCHICAL
DATA TRAFFIC FLOW
Controlling traffic flow with layer 3 Router path determination Layer 3 addressing Flows up hierarchy only as far as it needs Conserves bandwidth
WAN TRAFFIC FLOW
WAN CORE Fast WAN Core Each Regional hub connected via 4 T1 lines School locations connected to closest
Regional Hub with T1 line Access to Internet
– Thru District Office– Double Firewall– Frame Relay WAN link– No other connections
WAN CORE
WAN Equipment Hub routers
– Cisco 7576– Multiprotocol– Router A – slots 0 thru 5– Router B – slots 8 thru 12– Dual power possible– Console port – Auxiliary port for DSU/CSU– 500,000- to 1,000,000 packets per second
Hub Routers – front view
Hub Routers – rear view
Hub Routers
QuantityPart Number Product Description Price
Total
3CISCO7513/4 Cisco 7513 13-Slot, Dual Bus, 1RSP4, 1 PS 28581
8574300
VIP2 Port and Service Adapters
18PA-4T+ 4 Port Serial Port Adapter, Enhanced 4781
8605800
Total: 1718010
0
School Location Routers Cisco 2651 37,000 packets per second Expandable for scalability Port options
– Serial – asynch or synch– ISDN PRI or BRI– T1/E1 connections– ethernet
Multiprotocol modular
School Location Routers
QuantityProduct Description Price
Total
33Cisco 2651 Router 334500
11038500
Total: 11038500
CSU/DSU Channel Service Unit/Data Service Unit Like high powered modem Both ends of T – 1 connection 24 for 4 T-1 lines from each hub router 64 for T-1 lines to each school 1 for Frame relay connection
CSU/DSU
WAN CORE
CSU/DSU COST
QuantityProduct Description Price
Total
91Adtran, inc DSU TSP 1345
122395
Total: 122395
Modems For dial backup
QuantityProduct Description Price
Total
36 US ROBOTICS 56K/14.4K V.92 W/RAPIDCOMM FAX/DATA SW 7500 270000
Total: 270000
Cisco Secure PIX Firewall 525 Tracks source and
destination addresses TCP sequence
numbers, port numbers, and additional TCP flags
QuantityProduct Description Price
Total
1
CISCOADVANTAGE FIREWALL PIX 525 UNRESTRICTED BUNDLEPIX-525-UR-BUN 15957 1595700
Total WAN Equipment Price
$ 302,066.95
PPP WAN data link –layer protocol Encapsulate datagrams Link Control Protocol
– Establishing, configuring, testing data-link connection
Network Control Protocols– Establishing and configuring network – layer
protocols
PPP Session Establishment Link establishment Link quality determination(optional)
– Authentication – CHAP– Repeated after link established
Network – layer protocol configuration negotiation
Link termination
Sample CHAP Configuration
District_Office>District_Office > enableDistrict_Office# config tDistrict_Office(config)# username Shaw_Butte password “password”District_Office(config)# interface s0/0District_Office(config-if)# encap PPPDistrict_Office(config-if)# PPP authentication CHAPDistrict_Office(config-if)# exitDistrict_Office(config)# exitDistrict_Office# exitDistrict_Office>
PPP
IGRP Routing Protocol •Distance-Vector Interior Routing Protocol
• Each router sends all or a portion of its routing table in a routing update message at regular intervals to each of its neighboring routers.
• IGRP uses a combination Network delay, bandwidth, reliability, and load for its metrics.
• Allows for various metric settings in networks with widely varying performance characteristics.
IGRP Setup
As an example:
The IGRP Setup for the District office is:
District_Office(config)# router igrp 109District_Office(config-router)# network 10.0.0.0
Routing Updates
• Network Updates will be sent according to the default setting of 90 seconds
• Will flow from the school sites to the closest regional hub and then flow from the WAN core regional hub to the District Office
COMMUNITY ELEMENTARY SCHOOL
Remote location Infrequent need for connectivity ISDN BRI connection to WAN core Usable bandwidth 128 kbps DDR establishes and releases circuit Connected via Shaw Butte Hub Reduced cost
COMMUNITY SCHOOL
Frame Relay
Frame Relay Internet connection Virtual circuit over point to point connection CIR 1.54 mbps HDLC encapsulation Cost benefits over T1 Speed - no error checking DLCI # for virtual circuit from Provider LMI type for Cisco IOS 11.1 and earlier from
Provider
IP Addressing - WAN Core
IP Address: 10.0.0.0Subnet Mask: 255.255.255.0Masked Bits: 24Host Bits: 8Number of Subnets: 65536Hosts per Subnet: 254
IP Addressing - LAN
IP Address: 172.16.0.0Subnet Mask: 255.255.254.0Masked Bits: 23Host Bits: 9Number of Subnets: 128Hosts per Subnet: 510
IP Addressing Scheme
Private Addressing Unregistered address ranges Unusable on public domain CLASS A: 10.0.0.0 thru
10.255.255.255 CLASS B: 172.16.0.0 thru
172.31.255.255 CLASS C: 192.168.0.0 thru
192.168.255.255
NAT On Firewall NAT enabled and configured
one valid registered IP address Translation Table Maps addresses to port numbers PAT - Port Address Translation or
overloading Static versus Dynamic
NAT and PAT
SourceComputer
SourceIP Address
SourcePort
NAT Router
IP Address
NAT Router
Port Number
Lorie 172.16.94.82 400 200.1.1.22 1
Georgene 172.16.94.55 502 200.1.1.22 2
Mike 172.16.94.54 388 200.1.1.22 3
Will 172.16.94.48 344 200.1.1.22 4
NAT
NAT and PAT Benefits
– Administration• Server• Increasing ranges
– Security • No external initiated traffic• Web services• No knowledge of Company
– Cost• Cox
NAT
Server Placement DNS hierarchical
– Master Server on backbone– Regional hubs– School locations
EMAIL on Master Server and School Locations
WEB Server on backbone
Server Placement
Connectivity Backup Out-of Band Network Management Auxiliary port with attached Modem Asynchronous dial in Set aux password
– line aux 0– Password cisco
Modem autohangup
Connectivity Backup
