We Have Numbers Of Free Samples

Part 1: Network Architecture and Design: Physical Topology Diagram

*Logical Network Topology Diagram*

Part 2: Network Architecture and Design: Logical Topology:

Network designing is the first step for creation of any network. We can design network using Logical Topology. Logical design is mainly proposed to identify that how data would travel into the network! However, Physical topology is mainly proposed to understand how physical devices would be connected to each other, for the identification of the physical connectivity physical diagram provide the specific details about port numbers and interface ID etc. While, Logical topology does not contain such information. Logical diagram is mostly prepared first to meet the customer requirement. Physical Topology diagram mainly prepared based on the Logical topology and it used to implement the real network. Physical topology diagram helps engineer to understand that how to create network. In our scenario we have used Collapse-core network architecture where Aggregation Layer and core layer merge with each other and works as single layer. We can define such layer details into the logical topology diagram, while physical topology does not contain such information. Hence, there could be difference between Logical & Physical Topology of the network diagram.

 Part 3: Network Segmentation: IP Address and VLAN ID assignment

3.1. Sales

3.1.1 Sales devices (PCs and Server) IP subnet and mask:

Sales Devices IP & Subnetmask
Device Name	Location	IP	Subnetmask	Method of IP assignment
Sales File Server	Server Farm	172.16.10.4	255.255.255.0	DHCP
Sales_PC1	Floor-1	172.16.10.2	255.255.255.0	DHCP
Sales_PC2	Floor-2	172.16.10.3	255.255.255.0	DHCP

 

3.1.2 Sales Devices Default Gateway IP Address: 192.168.10.1

3.1.3 Sales VLAN ID: VLAN 10

3.2. Admin

3.2.1 Admin devices IP subnet and mask:

Admin Devices IP & Subnetmask
Device Name	Location	IP	Subnetmask	Method of IP assignment
Admin File Server	Server Farm	172.16.20.4	255.255.255.0	DHCP
Admin_PC1	Floor-1	172.16.20.2	255.255.255.0	DHCP
Admin_PC2	Floor-2	172.16.20.3	255.255.255.0	DHCP

 

3.2.2 Admin Devices Default Gateway IP Address:  172.16.20.1

3.2.3 Admin VLAN:   VLAN 20

3.3. IT

3.3.1 IT devices IP subnet and mask:

IT Devices IP & Subnetmask
Device Name	Location	IP	Subnetmask	Method of IP assignment
IT File Server	Server Farm	172.16.30.4	255.255.255.0	DHCP
IT_PC1	Floor-1	172.16.30.2	255.255.255.0	DHCP
IT_PC2	Floor-2	172.16.30.3	255.255.255.0	DHCP

 

3.3.1 IT Devices Default Gateway IP Address: 172.16.30.1

3.3.2 IT VLAN: VLAN 30

3.4. Apprentices

3.4.1 Apprentices’ tablets subnet and mask:

Aprentice Tablet IP & Subnetmask
Device Name	Location	IP	Subnetmask	Method of IP assignment
Aprentice_Tablet1	Floor-1	172.16.40.7	255.255.255.0	DHCP
Aprentice_Tablet2	Floor-2	172.16.40.8	255.255.255.0	DHCP

 

3.4.2 Apprentices Default Gateway IP Address:       172.16.40.1

3.4.3 Apprentices VLAN: VLAN 40

3.5. DNS server

3.5.1 DNS server subnet and mask:

DNS Server IP & Subnetmask
Device Name	Location	IP	Subnetmask	Method of IP assignment
DNS Server	Server Farm	172.16.50.2	255.255.255.252	Static

 

3.5.2 DNS server Default Gateway IP Address:  172.16.50.1

3.5.3 DNS server VLAN (1 mark): VLAN 50

Part 4.1: Network Segmentation and Operations

In this scenario, we have been allotted with Class-B address space. As per the customer requirement there are total 4 different departments into the company. Apart from this DNS server should be in separate network from all other department. Hence, we need total 5 different network segments.

It is advisable to keep the data of each department separate for data security and data integrity. Network segmentation also helps to make troubleshooting easier during network failure, if we have correctly design and plan the network segments. The network segmentation can be done on Layer-2 as well as Layer-3. For segmentation of the network on Layer-2 we can use Virtual Local Area Network (VLAN) concept, while for the segmentation of the network I will use the subnetting method.

I have segmented the 172.16.0.0 /16 network into 5 different Sub network as per requirement of the users. Each department need maximum 200 users and so we have created subnet of 256 IPs where we can get 254 usable IP for user devices. Also for the DNS server we have created subnet of 4 IP as we require only 2 usable IP.

Now for segmentation of the network at Layer-2 I have used VLANs for each department, so even if the different department users connected to the same physical switch even though they cannot access the other department data or terminal for the same the data must flow through Layer-3 device Router and we can configure data security features like Access Control List at Router for data security. Kindly find the below table for the mapping of the Subnetting.

Department	User requirement	VLAN ID	VLAN Name	Subnet	Subnet Mask	Max Available users
Sales	150 – 200	VLAN 10	SALES	172.16.10.0	255.255.255.0	254
Admin	150 – 200	VLAN 20	ADMIN	172.16.20.0	255.255.255.0	254
IT	150 – 200	VLAN 30	IT	172.16.30.0	255.255.255.0	254
Aprentice	150 – 200	VLAN 40	APRENTICE	172.16.40.0	255.255.255.0	254
DNS	2	VLAN 50	DNS	172.16.50.0	255.255.255.252	2

Bluetooth compatibility:

Bluetooth is networking technology which is mostly used for the low power & Personal Area Network applications. Following could be Major concern with the Bluetooth technology.

• Data Transfer rate: The maximum data transfer rate for the Bluetooth 2.0 is 3 Mbps, which is very low this low data rate might not fulfill customer expectation & business requirement.
• Limited Coverage: The maximum coverage area of the Bluetooth is 10 meter. while the Building area of the customer most likely to be more than 10 meter as this building houses total 800 users in two floor.
• Security: Bluetooth is not capable to provide Authentication and encryption methods for data transfer between users.

 Hence, Bluetooth is not suitable technology to use for this network to support customer services.

Part 4.2: Further segmentation bonus section

There are additional devices which need to accommodate into the existing network for the same we need to use the Variable Length Subnet Mask method to segment the network. Here as per the requirement maximum 200 user’s devices can be into the network but for the same we have used 256 addresses as Class-c. We can utilize rest 56 IPs for further segmentation. Kindly find below table for the VLSM subnetting done as per the new requirement.

VLSM design
Server	Requirement Of usable IP	Subnet	Subnet Mask	Usable IP
Sales Server	1	172.16.10.252	255.255.255.252	172.16.10.253 – 254
Sales Printer / Video conference unit & Scanner	18	172.16.10.224	255.255.255.224	172.16.10.225 – 254
Sales User Devices	200	172.16.10.0	255.255.255.0	172.16.10.1 – 254

 

Similarly, for all other departments the network address space can be segmented.

Part 5: Troubleshooting checklist

Troubleshooting Check List
What to check?	How / Where to check?	observations	Suspected Layer issue
Connections of the Cables with Equipment	Physical Jack in – Jack out of cable		Physical
Cable Reliability	using LAN Tester		Physical
Wireless Signal strength	Check on Wireless Device		Physical
Correct SSID	Wireless Device		Physical / Datalink
Correct Pass phrase	Wireless Device		Physical / Datalink
Mac address of the devices are learned or not on Switch or AP	on Device settings / or Via command on Switch		Datalink
correct IP assignment	on Device settings		Network
DHCP Operations	By Connecting new Device on WLAN		Datalink / Network
IP address is reachable or not	Ping Utility of ICMP		Network
Does clients are communicating on correct port no. for File server and DNS server or not!	Router / Firewall settings		Transport
traffic rules of ACL if any at Router or Firewall	Router / Firewall settings		Transport

 

Section B: Create the above network on the network simulator

6.1 Network Design

*Network Topology Design in Packet Tracer Simulator*

6.2 Switching Configuration

6.2.1 Basic switch configuration

I have configured the Switches with the Hostname as per the Location Switch is located, for the same the Command has been used as mentioned under for all switch.

Switch>Enable

Switch#configure Terminal

Switch(config)#hostname <name of Floor_Switch>

Pls Refer the Below pasted Screenshot for one switch Hostname configurations as a reference. All other Switches Configured the same way.

*Assignment of Hostname to Basement Switch*

6.2.2 VLAN configuration:

VLAN is used to segmented the Network on Layer-2. I have to create VLANS according to the departments and assigned the Name of the VLANs with following commands

Floor_Switch(config)# vlan <VLAN ID>

Floor_Switch(config-vlan)#name <name of Department>

Please refer following screenshots for the configuration and verifications.

*VLAN configuration on Basement Switch*

*Verification of the VLAN creation on Basement Switch*

All other Switches has been configured in the same manner following the same steps.

6.2.3 VLAN assignment

To assign the ports to the respective VLAN I have configure the Switch Ports into the Access mode the then assigned the VLANS. All the ports which are connected to directly user should be configured as an access port, also the server which is meant to be connected with one network only should be connected on the access port.

Kindly find the Below Table to find the Assignment of the VLAN to respective ports

Assignment of the VLAN to the Port
Switch Name	Port ID	Assigned VLAN	Connected to
Floor1_Switch	FastEthernet0/1	VLAN 10	Sales_PC1
Floor1_Switch	FastEthernet0/2	VLAN 20	Admin_PC1
Floor1_Switch	FastEthernet0/3	VLAN 30	IT_PC1
Floor2_Switch	FastEthernet0/1	VLAN 10	Sales_PC2
Floor2_Switch	FastEthernet0/2	VLAN 20	Admin_PC2
Floor2_Switch	FastEthernet0/3	VLAN 30	IT_PC2

 

Following are the commands I used for the configuration of this features. Also find the screenshots for reference.

Floor1_Switch(config-if)#interface fastethernet0/1

Floor1_Switch(config-if)#switchport mode access

Floor1_Switch(config-if)#switchport access vlan 10

*Assignment of the Port with VLAN*

6.2.4 Trunk configuration

The Uplink port of the Switches should be capable of handling traffic of all departments, as we have respective VLAN assigned to the department we need allow all there VLANs on uplink ports. Trunking mode of switch port will allow multiple VLAN traffic to pass through the Links. Hence I configured all uplink ports in Trunk mode with following commands. Pls refer the Screenshot for reference.

Floor1_Switch(config)#interface fastEthernet 0/24

Floor1_Switch(config-if)#switchport mode trunk

*Trunk port configurations*

6.3 Router Configuration

6.3.1 Inter-VLAN routing

As we need to use only one router in this scenario for connecting multiple Department network we need to use the Router-On-A-Stick configuration method. For ROAS configuration we need to create Sub-interfaces on the Router port GigabitEthernet0/0. Following are the details of the Sub-interfaces configurations.

Sub-interface Configurations
Sub-interface ID	Assigned VLAN	Department	IP address	Subnet Mask
GigabitEthernet0/0.10	VLAN 10	SALES	172.16.10.1	255.255.255.0
GigabitEthernet0/0.20	VLAN 20	ADMIN	172.16.20.1	255.255.255.0
GigabitEthernet0/0.30	VLAN 30	IT	172.16.30.1	255.255.255.0
GigabitEthernet0/0.40	VLAN 40	APRENTICE	172.16.40.1	255.255.255.0
GigabitEthernet0/0.50	VLAN 50	DNS	172.16.50.1	255.255.255.252

 

Following are the commands to accomplish the same on Router. Also find the Screenshot for Reference.

Campus_Router(config-subif)#Interface GigabitEthernet0/0.10

Campus_Router(config-subif)#encapsulation dot1Q 10

Campus_Router(config-subif)#ip address 172.16.10.1 255.255.255.0

*Configuration of ROAS on Router*

6.3.2 DHCP pools configuration

DHCP is the protocol to configure end devices automatically with required details to communicate in the network like IP address, Subnet mask, DNS IP etc. Here Campus router will work as the DHCP server and we need to configure DHCP Pool for each network segment on the router. Ple refer the screenshot for the reference configurations for DHCP pool.

*DHCP Pool configuration*

6.4 End Device IP Addressing

6.4.1 Dynamic addressing

To configure all the PC and respective File servers of the department we need to change the IP assignment method under IP address Option from Static to DHCP. As DHCP has been configured on the Campus Router and all the Switch has been configured with respective configuration by just selecting the DHCP option the end devices should get IP automatically from the Router.

Please refer following Screenshot for the reference.

*End Device IP configuration with DHCP option*

6.4.2 Static Addressing

As the IP address of the DNS server must remain same through the time duration network is operational, hence we need to configure IP with Static method for the DNS server. Please find the screenshot as below for the reference.

*Static IP configuration for DNS server*

6.5 Wireless Segment

6.5.1 SSID

Here I need to configure Wireless AP first with the separate SSID for both floor. I have assigned SSID for Both AP as mentioned below. After configuration of the AP the Tablets also need to be set with the correct SSID and same has been configured, Kindly check following Table and Screenshots for the same.

Access Point Configuration details
Access Point Name	SSID	Location
AP Floor1	Floor1_APR	1st Floor
AP Floor2	Floor2_APR	2nd Floor

 

*SSID configuration of the AP at 1^st Floor*

*Correct SSID configuration of Apprentice Tablet*

6.5.2 Wireless Security

The wireless network need to be configured for the secure data transfer. Here we can use authentication type & encryption method for the security purpose.

In this scenario I used Authentication Type as WPA-PSK with TKIP as encryption method. I have configured the Access Point for authentication Type and encryption method.

Kindly find below screenshot for the reference configuration done for the same.

*Authentication & Encryption Configuration of Access Point*

6.5.3 Wireless tablet configuration

Once the configuration of the security features done at the Access point the configuration of the authentication & encryption method has been done at the user table device. Kindly find below screenshot for the reference.

*Authentication & Encryption Configuration of Apprentice Tablet*

[Download not found]

Download