Академический Документы
Профессиональный Документы
Культура Документы
Report
Table of Contents
Abstract:................................................................................................................................................................................. 2
LAN configuration: ............................................................................................................................................................... 3
IP Addressing: ....................................................................................................................................................................... 3
Topology:............................................................................................................................................................................... 3
Switching/Routing: ................................................................................................................................................................ 4
DNS, VPN and ACL: ............................................................................................................................................................ 4
Wireless LAN Controllers ..................................................................................................................................................... 5
WLAN Range ........................................................................................................................................................................ 5
Channels and roaming ........................................................................................................................................................... 6
Basic security services ........................................................................................................................................................... 7
Wi-Fi Protected Access (WPA and WPA2) .......................................................................................................................... 7
Layered Approach ................................................................................................................................................................. 7
IPv4/IPv6 ............................................................................................................................................................................... 7
External Connectivity ............................................................................................................................................................ 8
VPN/Firewall Module and PCI Compliance............................................................................................................................ 8
Management Network .......................................................................................................................................................... 8
Network Management Systems ............................................................................................................................................ 9
Working of whole Network: .................................................................................................................................................. 9
Reference: .............................................................................................................................................................................. 9
Abstract:
This report consists of a network connecting the campuses of a university and every
campus has two buildings. In this report the LAN, IP Addressing, Switching/Routing, Ethernet, VLAN,
DHCP, HTTP, DNS, VPN, and ACL, etc. are discussed that how can we apply these configurations to
connect the two campuses.
LAN configuration:
We can connect the two buildings with LAN network. In the LAN network switch will be a better option to
connect each building of a single campus. So, in this way single building will be connected with router through switch.
So, a LAN network will be created.
So, the routers from either end will be connected through the internet because for WAN that will not be better option as
that will be more expensive for cables and fiber.
IP Addressing:
As the Static IP address don’t change and most IP address assigned by internet today are dynamic addressing which
results into very expensive for the ISP. In this case to connect the two campuses of university there is no need of dynamic
addressing. So, static IP addressing is better option avoiding the cost.
Now the problem is how much PCs are working and how many IP addresses are being wasted?
In this VLSM is technique in which we can avoid the wastage of IP addresses because we can not buy new IP address for
a single network. For example, lab which is single network, if 30 IPs are in use then we can not give it a single IP address
i.e. 192.168.1.0 having SM 255.255.255.0 in this case there are 255-30=225 IP addresses are being wasted.
So, to avoid this wastage an IP address 192.168.1.0 having SM 255.255.255.224 is used. In this case only 2 IP address
will be wasted.
Topology:
Switching/Routing:
The Switching is used to switch data packets between devices on the same network (or same LAN - Local Area
Network).
On the other hand, the function of Routing is to Route packets between different networks (between different LANs -
Local Area Networks).
So, in this case to select the routing protocol we can choose the static routing i.e. it has following characteristics
In static routing, network administrator manually enters the routing entries to the routing table of each router and
computer. A routing entry is an entry that specifies what the gateway that a packet must be forwarded, for it to reach a
certain destination. On each router or computer, a table called routing table exists that contains several routing entries. For
a simple small network, entering static routes to each router would be doable but it becomes too tedious with the increase
of the size and the complexity of the network. Also, if a change occurs in a network that affects routing (for example, a
router is down, or a new router is added), routing entries must be manually changed. So, in static routing, management of
routing tables must also be done by the administrator. The advantage of static routing is that there is not much processing.
The only action is to do a lookup on the routing table for a specific destination and hence the routing hardware must not
need any sophisticated processors making them cheaper.
In this case we have only two LAN networks connected with routers through internet hence static routing is better option
because it is not a too long network.
Network devices such as switches, hubs, bridges, workstations and servers connected to each other in the same network at
a specific location are generally known as LANs. A LAN is also considered a broadcast domain. A VLAN allows several
networks to work virtually as one LAN.
A VPN connects your PC, smartphone, or tablet to another computer (called a server) somewhere on the
internet and allows you to browse the internet using that computer’s internet connection. So, if that server is in a
different country, it will appear as if you are coming from that country, and you can potentially access things
that you couldn’t normally.
So how does this help you? Good question! You can use a VPN to:
• Bypass geographic restrictions on websites or streaming audio and video.
• Watch streaming media like Netflix and Hulu.
• Protect yourself from snooping on untrustworthy Wi-Fi hotspots.
• Gain at least some anonymity online by hiding your true location.
• Protect yourself from being logged while torrenting.
Most people these days are using VPN for torrenting or bypassing geographic restrictions to watch content in a
different country. They are still very useful for protecting yourself while working at a coffee shop, but that’s
hardly the primary use anymore.
DNS. (Domain Name System) The Internet's system for converting alphabetic names into numeric IP
addresses. For example, when a Web address (URL) is typed into a browser, DNS servers return the IP address
of the Web server associated with that name.
WLAN Range
The reliable coverage range for 802.11 WLANs depends on several factors;
· Data rate required and capacity.
· Sources of RF interference.
· Physical area characteristics.
Theoretical ranges are from 25meters (11Mbps) in a closed office, to 485meters (1Mbps)
in open area. Through empirical analysis the typical range for connectivity of
802.11equipment, is approximates 25 meters (163 feet) indoors. A range of 100 meters in
open space makes WLAN the ideal technology for many campus applications. It is
important to recognize that special high gain antennas can increase the range of several
miles.
As 802.11b/g and 802.11a operate in a different frequency range they are not
compatible
with each other. However, 802.11b/g and 802.11a networks can be used side by side to
increase capacity. In general both 802.11b and 802.11g (as they work in the 2.4GHz
frequency) have a greater range than 802.11a. In practice, to obtain the same network
coverage, the user may require up to four times as many access points when using an
802.11a network.
If 802.11g devices and 802.11b devices are in dialogue with each other then the data
rates
will be dictated by the 802.11b device. If two or more 802.11g devices are in dialogue
with each other but there are 802.11b devices in the same network, then 802.11g data
rates will drop but may well still be more than the practical rates of 802.11b. There are
802.11g access points, or dual or tri-band access point incorporating 802.11g which
can
be set to only recognize 802.11g equipment. This obviously prevents the 802.11b
equipment from working on the 802.11g network but there are times when this may be
desirable.
Basic security services
The three basic security services defined by IEEE for the WLAN environment are as
follows:
· Authentication
The primary goal is to provide a security service to verify the identity of
communicating client stations. This provides access control to the network by denying
access to client stations that cannot authenticate properly.
· Privacy
Privacy is a second goal of WLAN security. The intent is to prevent information
compromise from passive attack.
· Integrity
Security service developed to ensure that messages are not modified in transit
between the wireless clients and the access point in an active attack.
Layered Approach
Campus LAN architecture may span up to three layers, from desktop devices connected
to wiring closet switches at the access layer to the core layer at the center of a large
campus LAN. The hierarchical topology segments the network into physical building
blocks, simplifying operation and increasing availability. Fig 3.0 interprets connection
from access layer to the core area.
IPv4/IPv6
The LSU network uses a dual-stack implementation of IPv6, which means that the IPv6
network runs on top of the IPv4 infrastructure. From a routing perspective, IPv4 requires
OSPF version 2, and IPV6 requires OSPF version 3. Even though these two versions
essentially make the protocols independent, the OSPF network design and structure for
both protocols, as it applies to LSU, are identical.
External Connectivity
There were no major issues as it relates to external connectivity. Two minor issues were
experienced. The first issue was experienced in terms of slow internet connectivity and
was related to the Intrusion Detection and Prevention engine on the perimeter firewall.
This issue was resolved and the condition remains stable. The second issue was related to
a system crash on the supervisor engine of the main border router. The supervision
engine was found to be in good condition and continues to be in operation. To prevent the
potential of a recurring issue, a second supervisor engine was installed and should
provide the adequate redundancy.
In September of 2012 LSU’s commodity Internet bandwidth increased from 500Mbps to
1.849Gbps. This was in part as a result of the new Internet usage and charge policy as
recommended by the LONI Management Council and approved by the Board of Regents.
The new policy established two service level standards, of which LSU signed-on for the
Multiple Provider Guarantee (MPG) level.
The average Internet bandwidth usage for the spring 2013 was 982.6MBps. This is in
comparison to fall 2012, which saw an average of 815.89Mbps. Percentage increase of
Internet bandwidth usage from fall 2012 to spring 2013 can be seen in table 9. Details for
statistics on Internet bandwidth utilization at the border router are provided.
Management Network
Through difference events that have taken place over time, the management network
evolved into a network that today serves multiple purposes. As such, it cannot be
accurately described as the management network. Below is a list of a number of
applications that run on the management network:
• Network gateway for LONI’s staff
• Peering router for CYMRU
• Network gateway for management resources such as NMS, STRM, SPLUNK,
and Cisco LMS.
• Card swipe system
• VPN remote access for UNI staff
• DNS server OSPF peer
Due to the number of applications that run on the management network, the complexity
of its setup needs to be addressed and simplified. A determination needs to be made as to
which services need to be moved and where they need to be moved.
Reference:
• https://www.howtogeek.com/133680/htg-explains-what-is-a-vpn/
• https://www.google.com.pk/search?q=dns+server&oq=dns&aqs=chrome.4.69i57j69i60l2j0l3.5123j0j1&sourceid
=chrome&ie=UTF-8
• https://protechgurus.com/configure-rip-routing-cisco-packet-tracer-ripv2/