Presentation on theme: "TCS – Sunset Elementary Pat Bruen, Conor Buckley, James Gallagher"— Presentation transcript:
1 TCS – Sunset Elementary Pat Bruen, Conor Buckley, James Gallagher This is our presentation of the Threaded Case Study (TCS) which is a portion of the Cisco Academy CurriculumOur goal is to demonstrate our knowledge of Local Area Network (LAN) design and implementation. For our project we are working on Sunset Elementary School in the Washington Elementary School District.
2 Goals of the LAN designOur LAN has been designed to cope with all the needs of a modern network in mind:It will be secure (V-LANs, ACLs)It will be extremely scalableOur design is optimized for maximum bandwidth due to the large amount of video and high bandwidth traffic we anticipate.
3 WAN TopologyOur school is connected to the district WAN via a Cisco 7513 router at the district service centre. Three regional hubs are located at Shaw Butte, District Office/Data Centre and at the Service Centre. Each of these centres are connected to Cisco 7513 routers. Four leased T1 lines connect these three routers to form the WAN.
5 LAN – Cabling and Physical Topology Our LAN will have a fibre optic backbone – connecting all IDFs to the MDF in building A (fibre cable runs are represented in blue). Cat 5 E cable will run from these IDFs and the MDF to each data termination point in the building.
7 Classroom LayoutEach data termination point will have four RJ-45 wall jacks containing CAT5-E cable. In each room teachers workstations will have a dedicated wall jack and all students machines will connect into 12 port Catalyst switches which then connect into Cisco Port Enterprise switches at the MDF and IDFs.
9 Location of ServersAll our servers are located in a small server room located beside the MDF.
10 Wiring ClosetsOver the next four slides are details of our designs for an MDF and IDF in building A and two more IDFs in the Cafeteria (building C) and Administration (building B). Although only three IDFs were required according to IEEE standards for maximum distances, we decided to install another switch in building C in order to provide scalability in case of future development.
11 MDF – Building AOur MDF is located in building A. This room was chosen as it has an out-swinging door (necessary for safety reasons), appears to be adequately large and is located next to the POP.Our gateway to the WAN is a high-end Cisco 3661 AC router. This is in turn connected to a Catalyst 2948G-L3 switch – a switch which supports Layer 3 protocols including IP, RIP, IGRP, EIGRP. Because of this it can perform virtually all the routing needed within the network and can allow our router to concentrate on our link to the WAN. You will notice that the only connections to our router are the fibre optic links to the WAN and to the Catalyst 2948G-L3 switch.
12 MDF – Building AThe other three switches are 24 port Enterprise switches. These switches are capable of implementing VLANS which we will talk about later. Four CAT 5 E cable runs will run from each data termination point back to these switches.Of these four CAT5 E cable runs, one will be connected to a teachers/admin computer and the other three will be connected to 12 port Catalyst 1912 switches into which all other hosts in the room will be connected. T
15 IDFs – Buildings B and CThe smaller IDFs located in buildings B and C contain only one 24 port enterprise edition switch each. Again the rooms here are laid out in the same way as in building A. On the next slide is the layout for both of these IDFs.
17 LAN Logical TopologyThe next slide shows the logical topology for the backbone of our LAN.We did not include the classrooms in this topology as we simply wanted to show how the backbone is connected logicallyAll of the cabling shown in the drawing (in red) is fibre optic cable.
19 IP Addressing Scheme Class B Address 10.x.x.x First x = building Second x =roomThird x =host
20 IP Addressing for connections to Building A IDF Library has three connection pointsRooms are connected through the IDFThe Addressing scheme for this is as follows on next slide
21 Building A IDFAdminStudentsLibrary 1Library 2Library 3room27room28
22 IP Addressing for connections to Building A MDF Rooms 1-25 are connected to the MDFRoom numberAdminStudent1226
23 IP Addressing for connections to Building B IDF 9 workstationsAdminNetwork printer1Network printer2
24 IP Addressing for connections to Building C IDF 2 Staff workstations
25 Printer Addresses Printers in student rooms off MDF 10.1.room number.254Printers in student rooms off IDFA10.2.room number.254
26 Server Addresses Admin server 10.1.27.1 Library server 10.1.27.2 Application serverDNS serverserverFile serverDHCP
27 Internet connectivity All connectivity that is initiated from the Internet to the internal district network will be protected via ACL's on the routers that make up the double firewall architecture. Any connectivity initiated from the district to the Internet will be permitted to communicate freely..
28 Access control listsTraffic filtering capabilities can be utilized with Access Control Lists (ACL's). Support for the following network protocols are provided IP, IPX and AppleTalk. Access list configuration is used to control access to a network. ACL's can prevent certain traffic from entering or exiting a network and/or certain upper-layer protocols such as FTP, SMTP, DNS and so on.
29 Access ListExtended IP access list 101 permit eq53This permits student access to DNSUse access lists to permit access to FTP etcDeny ip any anyThis denies access to anything else
30 V LANS Two VLANS required Student VLAN Curriculum VLAN Enterprise switch needed in MDF and IDFsEight enterprise version switches needed in total with some ports left over for scalability
31 IGRPIGRP is a distance-vector dynamic routing protocol. By default, it will exchange its routing tables with its directly connected neighbors every 90 secondsFlash updates, triggered by topology changes, are also sent
32 IGRPAny routing protocol will use up some of the bandwidth otherwise available for data, and IGRP, since it has various metrics with which to monitor and adjust network traffic. But the amount of data in these updates is dwarfed by the bandwidth of the router to router connections in the school district network.However our Layer 3 backbone switch (Catalyst 2948G-L3) will perform a lot of the functions normally done by a router including the IGRP protocol.
33 SecurityInternet connectivity will utilize a double firewall implementation with all Internet-exposed applications residing on a public backbone network. All connections from the Internet into the schools private network will be denied. The network will be divided into three logical network classifications; administrative, curriculum, and external with secured interconnections between them.
34 This concludes our Threaded Case Study for Sunset Elementary School Thank you for your time.