Presentation on theme: "TCS – Sunset Elementary Pat Bruen, Conor Buckley, James Gallagher This is our presentation of the Threaded Case Study (TCS) which is a portion of the Cisco."— Presentation transcript:
TCS – Sunset Elementary Pat Bruen, Conor Buckley, James Gallagher This is our presentation of the Threaded Case Study (TCS) which is a portion of the Cisco Academy Curriculum Our goal is to demonstrate our knowledge of Local Area Network (LAN) design and implementation. For our project we are working on Sunset Elementary School in the Washington Elementary School District.
Goals of the LAN design Our LAN has been designed to cope with all the needs of a modern network in mind: It will be secure (V-LANs, ACLs) It will be extremely scalable Our design is optimized for maximum bandwidth due to the large amount of video and high bandwidth traffic we anticipate.
WAN Topology Our school is connected to the district WAN via a Cisco 7513 router at the district service centre. Three regional hubs are located at Shaw Butte, District Office/Data Centre and at the Service Centre. Each of these centres are connected to Cisco 7513 routers. Four leased T1 lines connect these three routers to form the WAN.
WAN – Logical Topology
LAN – Cabling and Physical Topology Our LAN will have a fibre optic backbone – connecting all IDFs to the MDF in building A (fibre cable runs are represented in blue). Cat 5 E cable will run from these IDFs and the MDF to each data termination point in the building.
Classroom Layout Each data termination point will have four RJ-45 wall jacks containing CAT5-E cable. In each room teachers workstations will have a dedicated wall jack and all students machines will connect into 12 port Catalyst switches which then connect into Cisco Port Enterprise switches at the MDF and IDFs.
Location of Servers All our servers are located in a small server room located beside the MDF.
Wiring Closets Over the next four slides are details of our designs for an MDF and IDF in building A and two more IDFs in the Cafeteria (building C) and Administration (building B). Although only three IDFs were required according to IEEE standards for maximum distances, we decided to install another switch in building C in order to provide scalability in case of future development.
MDF – Building A Our MDF is located in building A. This room was chosen as it has an out-swinging door (necessary for safety reasons), appears to be adequately large and is located next to the POP. Our gateway to the WAN is a high-end Cisco 3661 AC router. This is in turn connected to a Catalyst 2948G-L3 switch – a switch which supports Layer 3 protocols including IP, RIP, IGRP, EIGRP. Because of this it can perform virtually all the routing needed within the network and can allow our router to concentrate on our link to the WAN. You will notice that the only connections to our router are the fibre optic links to the WAN and to the Catalyst 2948G-L3 switch.
MDF – Building A The other three switches are 24 port Enterprise switches. These switches are capable of implementing VLANS which we will talk about later. Four CAT 5 E cable runs will run from each data termination point back to these switches. Of these four CAT5 E cable runs, one will be connected to a teachers/admin computer and the other three will be connected to 12 port Catalyst 1912 switches into which all other hosts in the room will be connected. T
MDF – building A
IDF – Building A
IDFs – Buildings B and C The smaller IDFs located in buildings B and C contain only one 24 port enterprise edition switch each. Again the rooms here are laid out in the same way as in building A. On the next slide is the layout for both of these IDFs.
IDF – Admin (Building B)
LAN Logical Topology The next slide shows the logical topology for the backbone of our LAN. We did not include the classrooms in this topology as we simply wanted to show how the backbone is connected logically All of the cabling shown in the drawing (in red) is fibre optic cable.
LAN Backbone - Logical
IP Addressing Scheme Class B Address 10.x.x.x First x = building Second x =room Third x =host
IP Addressing for connections to Building A IDF Library has three connection points Rooms are connected through the IDF The Addressing scheme for this is as follows on next slide
Building A IDFAdminStudents Library Library Library room room
IP Addressing for connections to Building A MDF Rooms 1-25 are connected to the MDF Room number AdminStudent
IP Addressing for connections to Building B IDF 9 workstationsAdmin Network printer Network printer
IP Addressing for connections to Building C IDF 2 Staff workstations
Printer Addresses Printers in student rooms off MDF 10.1.room number.254 Printers in student rooms off IDFA 10.2.room number.254
Server Addresses Admin server Library server Application server DNS server server File server DHCP
Internet connectivity All connectivity that is initiated from the Internet to the internal district network will be protected via ACL's on the routers that make up the double firewall architecture. Any connectivity initiated from the district to the Internet will be permitted to communicate freely..
Access control lists Traffic filtering capabilities can be utilized with Access Control Lists (ACL's). Support for the following network protocols are provided IP, IPX and AppleTalk. Access list configuration is used to control access to a network. ACL's can prevent certain traffic from entering or exiting a network and/or certain upper-layer protocols such as FTP, SMTP, DNS and so on.
Access List Extended IP access list 101 permit eq53 This permits student access to DNS Use access lists to permit access to FTP etc Deny ip any any This denies access to anything else
V LANS Two VLANS required Student VLAN Curriculum VLAN Enterprise switch needed in MDF and IDFs Eight enterprise version switches needed in total with some ports left over for scalability
IGRP IGRP is a distance-vector dynamic routing protocol. By default, it will exchange its routing tables with its directly connected neighbors every 90 seconds Flash updates, triggered by topology changes, are also sent
IGRP Any routing protocol will use up some of the bandwidth otherwise available for data, and IGRP, since it has various metrics with which to monitor and adjust network traffic. But the amount of data in these updates is dwarfed by the bandwidth of the router to router connections in the school district network. However our Layer 3 backbone switch ( Catalyst 2948G-L3) will perform a lot of the functions normally done by a router including the IGRP protocol.
Security Internet connectivity will utilize a double firewall implementation with all Internet- exposed applications residing on a public backbone network. All connections from the Internet into the schools private network will be denied. The network will be divided into three logical network classifications; administrative, curriculum, and external with secured interconnections between them.
This concludes our Threaded Case Study for Sunset Elementary School Thank you for your time.