Title | Assignment 2NW |
---|---|
Course | ITSS Software Development |
Institution | Trường Đại học Bách khoa Hà Nội |
Pages | 21 |
File Size | 1.3 MB |
File Type | |
Total Downloads | 393 |
Total Views | 917 |
PROGRAM TITLE: ...................................................UNIT TITLE: NetworkingASSIGNMENT NUMBER: 2ASSIGNMENT NAME: Network Design and ImplementSUBMISSION DATE: ..............................................DATE RECEIVED: ....................................................TUTORIAL LECTURER...
PROGRAM TITLE: …………………………………………… UNIT TITLE: Networking ASSIGNMENT NUMBER: 2 ASSIGNMENT NAME: Network Design and Implement SUBMISSION DATE: ………………………………………. DATE RECEIVED: ……………………………………………. TUTORIAL LECTURER: …………………………………… WORD COUNT: ……………………………………………..
STUDENT NAME: BUI THI HOAI STUDENT ID: BKC18310 MOBILE NUMBER: 0936168487
Summative Feedback:
Internal verification:
Table of Contents A.
Introduction......................................................................................................................................4
B.
Content.............................................................................................................................................4 I.
P5 Design a networked system to meet a given specification.......................................................4 1.
Recommended network devices to be used for setting up the network.....................................4
2.
Overall connection model.........................................................................................................6
II.
P6 Test and evaluate the design to meet the requirements and analyze user feedback..................6 1.
Recommended Network Devices..............................................................................................6
2.
Network Addressing implementation........................................................................................7
III. Install and configure network services and applications on your choice. Document and analyze test results against expected results. (M3 – P8).......................................................................7 1.
Configuring DHCP server.........................................................................................................7
2.
Configure network application................................................................................................12
3.
Connect outside the internet....................................................................................................15
IV. 1. V. VI.
D2. Design a maintenance schedule to support the networked system....................................18 Regular maintenance...............................................................................................................18 P7. Implement a network system based on a prepared design.....................................................19 M4. Recommend potential enhancements for the networked systems....................................19
A. -
Introduction Today, the Internet is an inseparable part of the business of most businesses. Building a standard, stable and secure network is the initial foundation for the steady development of an enterprise. Here we propose a network solution for businesses with the assumed name of a Hoplongtech company with the number of employees in the future not exceeding 260 people. The solution is built on the foundation, Cisco's reference design documents, Cisco network equipment, and is refined to suit the financial conditions of Vietnamese businesses.
-
Current Status
B.
New construction completely (or already have a network but not standardized).
The number of employees is less than 260 people.
Only 1 site requires Internet access.
Content
LO3 Design efficient networked systems. I.
P5 Design a networked system to meet a given specification.
1. Recommended network devices to be used for setting up the network. -
Access Switch Cisco Catalyst 2960: provides connectivity to end users.
Cisco Catalyst 2960-48TC-S Switch
-
Access Switch Cisco Catalyst 2960 24 port 10/100/1000: provides connection for Internal Server Block/ DMZ Block
-
Internet Router 2911: connect to the internet.
2. Overall connection model -
II.
Overview network map includes 202 hosts:
Lan1: 120 host
Lan2: 60 host
Sever private: 20 host
Router: 2 host.
P6 Test and evaluate the design to meet the requirements and analyze user feedback.
1. Recommended Network Devices -
The Catalyst 2960 Access Switches connect to Core Switch using 1 GigEthernet uplink ports with Etherchannel technology that combines these 2 links running in parallel to form a 2Gbps Links running to avoid bottlenecks form access Switch to Core Switch and provide the ability redundancy between these two connections, if one has problems the data is automatically transferred to the other, the process is transparent to the end user.
-
Router 2911 Deliver full cost saving like never before and agile networking through the intelligent integration of market-leading security, unified communications, wireless, and application services. This router provides corresponding interfaces to connect to different types of lines to the internet, for example: ADSL, FTTH, Leaseline…
2. Network Addressing implementation Using network addresses: 172.16.1.0/24 -
Lan 1 (120 host): 172.16.1.0/25
-
Lan 2 (60 host): 172.16.1.128/26
-
Sever private (20 host): 172.16.1.192/27
-
Router (2 host): 172.16.1.224/30
III.
Install and configure network services and applications on your choice. Document and analyze test results against expected results. (M3 – P8)
1. Configuring DHCP server a.
Configure address IP DHCP for LAN1
-
Configure static IP address on the DHCP server (172.16.1.202/27)
IP address: 172.16.1.202
Subnet Mask: 255.255.255.224
Default Gateway: 172.16.1.193
DNS Server: 8.8.8.8
-
Configure DHCP service
Pool name: LAN120
Default Gateway: 172.16.1.1
DNS Server: 8.8.8.8
Start IP Address: 172.16.1.0
Subnet Mask: 255.255.255.0
Maximum Number of users: 120
->on -> Add.
-
Configure ip-helper address in router allows the router to transmit DHCP discover packets to a DHCP server known by the router (unicast).
Configure in Router 3 Router(config) # int g0/2 Router (config) #ip helper-address 172.16.1.202
To enable static routing we do configure ip route Router (config-if) #ip route 0.0.0.0 0.0.0.0 172.16.1.226
Configure in Router 4 Router(config-if) #ip route 172.16.1.0 255.255.255.128 172.16.1.255
Now go to every PC and on their IP configuration tabs, enable DHCP. Every PC should be able to obtain an IP address, default gateway and DNS server Eg: PC Admin:
Test the configuration by pinging Route3 from DHCP
b. Configure address ip DHCP for LAN2 -
Configure DHCP service
Pool name: LAN2
Default Gateway: 172.16.1.129
DNS Server: 8.8.8.8
Start IP Address: 172.16.1.192
Subnet Mask: 255.255.255.0
Maximum Number of users: 60
-
Configure ip helper-address, ip route in Router 3 Router (config) #int g0/1 Router (config-if) #ip helper-address 172.16.1.202 Router(config-if) #ip route 172.16.1.128 255.255.255.192 172.16.1.255
Now go to every PC and on their IP configuration tabs, enable DHCP. Every PC should be able to obtain an IP address, default gateway and DNS server Eg: PC Tech:
Test the configuration by pinging PC Tech from DHCP
2. Configure network application a. Configure salehoplong.com
Ip address: 172.16.1.203
Subnet Mark: 255.255.255.224
Default Gateway: 172.16.1.193
DNS: 8.8.8.8
-
On HTTP , HTTPS
-
Access web service from a PC
b. Server mail.hoplong.com
Ip address: 172.16.1.203
Subnet Mark: 255.255.255.224
Default Gateway: 172.16.1.193
DNS: 8.8.8.8
- set email address for pc
3. Connect outside the internet -
Set the ip address for routers4 s0/1/0: 200.162.1.1
-
Set the ip address for routers6 s0/1/0:
Router6 g0/0
-
Routing for the router4
-
Routeing for the router6
-
Set ip address for google.com
-
Set ip address for DNS
Ping router4->DNS
-
On DNS, configure DNS service
-
Put names and ip addresses of webs
PC tech access according to the assigned domain name:
salehoplong.com
google.com
IV.
D2. Design a maintenance schedule to support the networked system.
1. Regular maintenance -
Every month, we send technicians to inspect the entire system and handle problems within the maintenance scope on a certain day.
a. Frequency check: Periodically, once a month, the company sends technicians to inspect the entire system and troubleshoot problems of the system.
During the inspection we will have a substitute product to ensure the company's operation during that time.
b. Periodic maintenance items: -
For the server:
Control access to network or servers
Test and configure network security services
Check, configure, and update to the latest versions of antivirus software…
Store professional data such as accounting, office operations, client's text file on different storage devices.
Check and optimize the garbage collection and optimize application software, office software, and protection software on computer systems
Ensuring the operation of Email, File, Document, Internet, Printing systems regularly, stably and safely for work
Backup the server configuration (to CD, DVD or tape) to ensure that the server is always operating properly.
-
Record system monitoring (maintenance book).
For network system:
Configure the network to access computers
Review all network cabling systems, ensure cabling is designed and placed in an environment that meets technical standards.
Draw a layout of the server, client, peripheral devices, and network cables.
Check and test all cables and pushers to ensure satisfactory signal transmission.
Record system monitoring (maintenance book).
LO4. Implement and diagnose networked systems. V.
P7. Implement a network system based on a prepared design. -
image simulation of the network system
-
Expected to have 180 PCs, sets up DHCP to dynamically assign addresses to users.
Lan1(120 host): 172.16.1.2->172.16.1.127 in the address range 172.16.1.0/26
Lan2(60 host): 172.16.1.129->172.16.1.190 in the address range 172.16.1.128/26
-
DHCP service has assigned dynamic addresses to the machines used successfully (presented during installation - M3 part)
VI.
M4. Recommend potential enhancements for the networked systems. -
The system can be expanded but the number should not exceed 260 people
-
Support for deploying the system in a server farm model that allows service servers to be installed on the same server system or on many different servers to help improve the system's processing power and help home. design better model implementation.
-
Building confidentiality and security in the system
Defense in depth: The system must be protected in depth, divided into many layers and separated into many different layers. Each layer and layer has different security or containment policies implemented
Using many different technologies: Do not rely on only one technology or technology product to ensure the security of a certain company's network. Because if the company's products are found vulnerable by hackers, then
similar products of that company in the network will also be penetrated easily and the stratification and stratification in the defense policy is meaningless. -
Using 2 high speed ADSL lines...