ITSU 3009 Network Design and Implementation

Design a network for a given company and test it using gns3 or packet tracer. we have to all the configurations mentioned in description. go thru the description carefully. 

SSM Australia maintains, hires out, buys and sells new and used premium branded motor vehicles in Australia. The head office of the company is situated in Sydney. The branches are located in Melbourne, Perth and Brisbane. Company wants to implement a network that can support a potential growth over the next five years and they have to hire AusNet in order to layout the network with an expectation of 50% growth of current IP requirements.

Currently there are 125 employees at department of Sales and Hire, 45 employees in department of Marketing, 20 employees within department of Vehicle Maintenance, 25 employees at the department of Business Administration and 5 employees at department of Site Security by providing their service to the head office which is also stationed in Sydney (Akyildiz Melodia & Chowdhury, 2008). All members of the department within Site Security required accessing the entire network via a wireless LAN at each site. Company has their 20 employees working for the Technical Support Group, 5 employees at each site. Sydney head office also has hosts the server farm for the network. These servers are containing in web servers and file servers from which it carries company sensitive information.

Requirements for branches – Functional / non functional

The connection between the nodes and the bus cable are known as drop line. It is very use to understand and install also. It requires very less number of cables and inexpensive. It is very slow and traffic is so high. The next one is the ring topology where the nodes are connected in the ring or circular form. All the computers are connected in the form of circle. Every computer will act as a repeater in the system. Here we cannot see any termination as the topology is in the form of ring. The hardware requirement is very less. The troubleshooting is very difficult in this system. If one computer is troubled then entire system will collapse. It is not easy to add or removes a computer from the system. The next topology is star topology, where devices are connected with cable to a centralised hub (Alabady, 2008). The packets of data are transferred to other computer through a hub. These require huge number of cables. If hub fails entire system fails. This is very costly. The next one is the hybrid topology. The hybrid topology is combination of all topology. The work efficiency is high and the traffic is maintained properly. Here the hardware complexity is there.

Topology – Design

The topology is the way how the connections are made in the network. The first type of connection is the point to point connection. The best example of this kind is the computers connecting with the modem in both the direction. The next kind of example is the work stations connected in parallel through same cable. In point to point communication there are three types of connections. They are simplex, half duplex and full duplex. The simplex connection is the basic connection in which point can only transmit the data or receive the data. The next one is the half duplex. The half duplex is one which the data can be transmitted and received in both the ways. But it cannot be done simultaneously. It can do one operation at a time only. When it is transmitting data it will not receive, similarly the opposite also. The next one is the full duplex mode. The full duplex mode is one which data can be transmitted and received simultaneously. This is the fastest way of communication.

The next one is the multipoint communication. In this three or more devices are connected in the same line. The best multi point topologies are bus topology, ring topology and the mesh topology (Ali & Alabady, 2007). The bus topology is one which has one cable and this called as trunk. This truck will help to transfer the packets of data to all computers connected in the bus network. Generally the bus topology is called as the passive topology. This is suitable for very less computers. When the number of computers added the network will not work properly. The number of computers must be limited. There should be terminators at the end of the terminals to avoid the signal bounce back. The length of the bus can be increased by using barrel connectors. The signals must be regenerated and for this function some repeaters are used. This bus network is used for the temporary purpose. It is not used for the long term purpose. It can be limited for 10 people. If the cable has problem then the entire system will not function. Hence it is not suitable for long term basis (Downes, Rad & Aghajan, 2006).

Typical network connection will have the following aspects. The network Topology is one which tells how the elements in the network are mapped from one point to the other point. The physical topology of the network is associated with the cables, connectors and the computers. The different types of the network topologies are listed below, they are bus topology, ring topology, star topology, mesh topology, tree topology and the hybrid topology. The bus topology is one which the nodes of the network are connected by a single wire. This wire is called as a linear wire. Bus topology are easy to build and very inexpensive. The main advantage is that it requires less cable. This topology is much suited for the small areas only. The disadvantage is that it supports only small area and limited systems. The next topology is the ring topology in which it has ring shape with each node has two neighbours (Esteve & Esteve, 2010).

Ring topology it uses the token ring system. It is easy to manage than the bus system. It is used for the long distance communication and it handles very high traffic. The main disadvantage of the system is that if one node fails to work then entire system is collapsed. The next topology is the star topology in which each device is connected to the centralized device known as the hub. The data flows from the hub to switch, switch to connector, connector to the node. It is easy to manage the problem can be located very easily. It is very easy to install compared with the other two. The main disadvantage of this is that it requires more cable length. It is more expensive because of the connectors. If hub fails then all the system fails.

The tree topology is like star networks connected in an hierarchy. They should not act like repeaters. Tree topology is compatible with most of the external hardware devices. Most of the schools and colleges use this type of network. It is very difficult to configure. Mesh topology is one which each node is connected in the model of a network. Implementing the mesh is very difficult and an expensive process. It can transfer the data in multiple paths. They follow some algorithms for the data transfer in the shortest path and the fastest possible way. The main advantage is that it has very less traffic problems. It has multiple links in which the data is transferred in best possible path. Here the disadvantage is that it has mesh of wiring in which it finds difficulty in managing the wire. The installation process is very difficult and the cables are very costly. The hybrid topology is mixture one more topologies. It is extremely flexible but its is very expensive at the same time (Ahmed, Namal, Ylianttila, & Gurtov, 2015).

The network configuration is a process in which the data flow is organized. The network configuration allots the data flow through the hardware and software with supporting devices and the components. The network configuration will gives the IP address for the system to get and send the data through a router. The router configuration is done for the data passing. The next one is the host configuration in which the host computer is configured. The next type is the software configuration in which the network software’s are configured. The data is transferred in terms of the packets. The two types of switching is used for the data transmission. They are circuit switching and the packet switching. The circuit switching is a continuous data transfer. The data is transferred with high data rates as the data flow is continuous. The packet switching is not a continuous data transfer. In this data is transferred in the form of bits. All the packets are again collected at the destination and arranged in the order. The data security can be maintained with help of installation of antivirus in the computers to get rid of the virus and the online threats.

Sydney – Head office 

The internet is accessed and first basic step is to connect the building through the routers. The router is the primary aspect to access the internet. The router is connected to the Ethernet and the power cables. Sometimes the router needs the bridge also. Then it is connected to the LAN, WAN and the MAN cables for the connection set up. The best place for the router is the top of the home so that it is not disturbed in any case. The router has few parts like the signal indicator which is used to indicate the signals. The signal indicator has multiple colors. The basic colors are red, green, and blue. This will help us to show the know the status of the data flow. The status may be like data flow, no data, busy and not connected. WIFI is common in all the internet routers.

The Wi-Fi indication also helps us to know the data flow. Hence the Wi-Fi and signal indicators are integrated in many of the new generation routers. The next part is the battery indication which shows the charging level of the routers. The next common part of the router is the power button to on and off the router. Generally USB ports are used for the data exchange purpose. Here the USB may be used for the charging the router also. The firewall can be generally hardware or the software. This firewall will help the end user to get protection from the internet malwares and virus. The working of the hardware firewall is different from the software firewall. In the firewall only from the secured websites only the data is exchanged. The rest of the other sites were not allowed.

It also blocks the unknown traffic also (Bukhari, Rehmani, & Siraj, 2015). The hardware firewalls are independent of the computers and the internet. They filter the information from the internet and feed to the computers and other internet accessing devices. They will examine the data and then if the data is safe the data is allowed to access by the computers. The firewall will examine the data in terms of the packets. The packets of the data are examined. There are two good advantages of the software firewalls. The basic one is the that it can monitor the out going traffic. The second advantage is that it can customize the data and the packets. Only disadvantage is that it can protect only one computer. The servers are other important devices in the networks. Here the computer is first request for the data from a page. Then the server will read the request and send the data from the requested pages. There are many servers. The first server is the application server.

These servers are not necessarily part of the world wide web or internet. The next one is the catalog servers which maintain the data in the form of tables, index and figures. This also contains the shared files and the data of the computers in the network. The next server is the communication server in which the data is communicated to the end user or not is checked. The data transfer must be checked every time because it has to maintain the good communication with end users in other words data must be successfully transfer to the systems. The next kind is the computing server, which has much impact in the computations. It has much access over the CPU of the computer. The next kind of server is the database servers. The data base servers are one which the data of the network transferred over a place can be analysed by this servers. The next kind is the fax servers in which the fax activities are maintained without the disturbance of the other servers. The next kind is the file servers.

The files and the folders of the all the computers in the network are maintained from time to time. This is one of the servers which helps in data management. The next server is the game server which helps in the game aspects of the computer like gaming allocation for the multiple players and the graphics of the players. The next one is the mail servers in which the mail access can be done in the servers. The next server is the media server. The media server will have the audio and video files management. This is used mostly in the multimedia application. The next one is the print server which helps in the print applications. The next server is the sound server in which the sound of the systems can be varied and analysed. Proxy server is the next kind of the server which acts as a intermediate server between the client and the server. The web server is used to access the web pages of the internet. The hardware requirement of the servers are the computer monitor, processor, hardware USB ports, GUI, power shell. The operating system varied from the user interests. The data from the server is shared with the clients with the help of hubs.

Configurations: Basic configuration

The network hub is one which connects the multiple networks. This is a basic model of connecting a network. The network hub is one which transfers the data from one network to other network in the form of packets. But the data security of the hub is not good. The network switch is the next element. Like the hub the network switch also a connecting device. Here the switch will sends the data to the next layer of the network. Here the data is forwarded with the filtering action. So it is more secure and strong than the hub model. The switch will have the forward table in which it tells where the packets of data are transferred to which network. The next device is the MODEM. The modem is one which performs the modulation and the demodulation operation. It also do the multiplexing and demultiplexing operation. Modems are present in both the ends. They are present in the transmitter end and also in the receiver end also. The transmitter end of the modem will modulate the data after the data encryption. The demodulation is one which the receiver end of modem has to do. Here the demodulation is followed by the decryption of data in which the encrypted code at the transmitter is required.

Table : VLSM Design

The message delivery will helps us to know the routing schemes. Some of the schemes are unicast, any cast, multicast, and geocast, broadcast. There are many types of node data delivery. Here the first one is the unicast. In unicast the message is delivered to a particular single node. It cannot deliver to multiple nodes. Only one node can receive the data. Any cast is the one which delivers message to any one node from the group of node. In general the message is delivered to the nearest mode of the system. The multicast is one which the nodes which are interested to receive the data will be delivered. Here all the interested nodes will receive the data. The next type is the geocast. In the geocast the data will be basically delivered to a geographical area. The next type is the broadcast in which the data is delivered to all the nodes of the system or network. Generally for bulk data transportation people will prefer the broadcast. But the dominant of all the type is unicast. This is the main theme of the internet.

The LAN design can provide the design solution for the small size configuration. It is better suitable for the dispersed network solutions that are made up of various elements and it varies as per the network criteria, size and capacity. The LAN design model for the infrastructure is shown below. ain site location depends on the number of the network users, speed of the network and the overall network capacity. The core layer design is based on the ico atalyst 6500 series switches.

Implementation of LAN network Infrastructure

For the deployment of the design the mandatory steps and procedure that are required in the implementation of VSS and its components are within the campus distribution and core. They are VSS identifiers, virtual switch link, control panel, multi chassis there channel and dual active detection and recovery system.

Switch ID

To deploy the switch ID each of the VSD supports the physical switches and help in the building of logical virtual switch. The switch ID value is either 1 or 2. When any two physical chassis is clustered, post VSS migration and management is done.

The configuration is presented that shows the configuration using VSS domain ID and the switch ID:

Standalone Switch 1:

VSS-Sw1 (config) switch virtual domain 10

VSS- SW1 (config –vs-domain) switch 1

Standalone Switch 2:

VSS-SW2 (config) switch virtual domain 12

VSS-SW2 (config –vs-domain) Switch 2

Ether Channel Load Balancing Matrix Support

 Routing Protocols

Table: Router Table

Table shows the routing table for the host. The host has a single adaptor network. In the network the packets of data transferred from one node to the other node, here the data is transferred from single to many, single to one, many to single or from many to many nodes. The selection of the path is for the packets of data from node to node are known as routing. Routing task is performed on various types of networks. Some of the types of the networks are circuit switched network, public switched telephone network, packet switched network, internet etc. Let us discuss the packet switching network. In the packet switching network the packets of data are transferred from the source to destination through some nodes. They follow the packet forwarding algorithm in a logical manner.

The intermediate nodes are generally the hardware devices of the network such as routers, switches, bridges, firewalls, bridges, gateways etc. The packets will not be transferred with hardware optimization (Goyal, Soperi, Celli, Choudhry, Shaikh, Hossaiei & Trivedi, 2011). The data routing is generally done on the basis of the routing tables. These routing tables generally record the path of the packets from node to node and the recorded path is used to identify the path from the source to destination. The routers memory is one which the place where the routers tables were preserved for the references. The router memory will be much useful for the multiple paths of the packets as the routes cannot be remembered easily for the multiple path.

The network router is the device one which routes the traffic from one network or to the other. The network traffic is very important phenomenon in data transfer. The bridge is a interconnecting device (Jo, 2005). It connects two different networks or the same network. The next one is the repeater. The repeater is one which is going to amplify the received signal and forward to the next node. The next type is the gateway. The gateway connects the two networks. The gateways are very complex compared with the routers and the other kind of the network switches. The gateways can convert the speeds of data and the protocols also. Multi switching is used for the higher protocols. Firewalls are the blocks which prevents the online attacks or threats on the home network. Here the packets are transferred by either the circuit switching action or the packet switching action. The circuit switching is fastest way of data transmission in which the data is transferred in an order. The speed of this one is very high. But the packet switching network is one which the data is transferred in the form of packets in random order.

AusNet Networking Company Requirements and Specifications

Your company expects you to configure eBGP peering between the enterprise and the ISP particularly on the enterprise side of the configuration. Ausnet ensures most efficient solutions for the clients and there for uses VLSM for their designs. Use table A to show the subnets that meet the company requirements. Clearly identify the subnets that are available for the future use.

Use the following specifications defined by the AusNet Networking to implement the IP address Plan.

IP Address Plan

NAT

The NAT is abbreviated as Network address translation. It is a kind of remapping technique with the modification of the network address, IP address and other modes. They are go through the traffic routing devices. This will reroute the traffic in the network without disturbing the nodes in the system. IP masquerading is the method which hides the entire IP address which has private address and public address also. The basic Nat is one which gives the one to one translation of the IP address. The basic NAT is also called as One to One NAT. The basic NAT has IP address with the checksum and also some high level checksum. They can connect the 2 PC IP networks which are not compatible. The next type is the one to many NAT. The most of the NAT are of the one to many NAT model which are public exposed the IP address. There are many types of translation models. These are some of the ways of implementing the network. In this translation few use the IP address for the data translation.

The one to one NAT is also known as Full cone NAT. In this one internal address is connected to the external address. Once the internal address and the external address are connected the data is sent in both the direction. The data is sent in the form of the packets. Here any external system can send the packets of data to any other node after the connection is established perfectly between the nodes. Initially the clients will request for the data through the NAT (Riedmuller, Brecht & Sikora,  2005). One of the servers will receive the request. It is not only the same server will respond but any server can respond and serve the data back to the client via NAT. The data is flow in both the direction here.

Restricted Cone NAT

Once the internal client is mapped with the external server, the external node will send the data to the input client. Here the both servers will respond and send the data to input client through the NAT. But this is not the case in the FUL code NAT. There only one server will take the request and the other server will be used for the data transfer. But in this server 1 is taking the data request from the input. Both the servers 1 and 2 are responded to the input request.

Port-restricted cone based NAT 

In the port restricted cone NAT the ports are restricted. The restriction will be only in the port numbers only. The client can only request the data from the source side. But the receiving mode is restricted. The packets of the data are sent to the NAT by both the servers. They can send the data only if they have the previously sent data address. Here the server 1 only will take the request but not the server 2. But the response can be given by the both.

Symmetric NAT

The symmetric Nat is one which the ports are mapped to the unique and the specific external host. Here the request is made from the internal node to the external node. The internal node which already received the data can only receive next time.

The DNAT is abbreviated as the destination NAT which changes the IP address of the destination in a transparent way such that the packets of data flow from the source to destination. The reverse operation is called as the inverse mapping in which the destination will change the IP address of the source for the data reception in return. SNAT has many meaning and it is varied from the vendors to vendors. Some of the names of the SNAT are source NAT, stateful NAT, static NAT and secure NAT. The main advantage of it is that it is a public IP address sharing. All the public can use it. It is not the case in other protocols.

The NAT is very easy to expand. Many of the networks are not easier to expand. The expansion is main thing for any network protocol. One must have a good expanding protocol. The NAT has great local area control. The local area is a small area and this is suitable for the short area but not for the longer area (Shastry, Klotz & Russell 2005). For the ISP services it has great flexibility. The flexibility for the ISP must be there. The security has increased in a great way, every network seeker will see for the security. The NAT network has the best security features. The NAT system is very transparent. The most network systems are not transparent due to their complex construction of the protocols and other code arrangement.  

The network systems will have advantages and the disadvantages also. We have already discussed the advantages of the NAT protocol. Let us discuss the disadvantages of the NAT.  The network is very huge model, hence the complexity increases with the introduction of new models and the systems. The complex part cannot be reduced due to extending applications from day to day. There are many problems due to lack of public address. There are very few public address which makes hard for the people. The over head with the security protocol. The security protocol has to be maintained vey perfectly without flaws. This system is very poor for the client access. The NAT must be improved from the client base. Or it cannot spread in the large scale market. There is a huge performance reduction also. People must take care of the network performance.  The NAT is very essential for the best data transfer between the source and destination.

Leased line

The LAN is abbreviated as local area network. This is for the small area only. It covers the local area of 1 km only not more than that. Its cost is low and having the data rates of 10 mbps. The cost of the network is very less.  The MAN is abbreviated as metropolitan area network, the MAN covers the area of 2 to 100 km. The MAN is generally used for establishing network in a town or small city. It generally has variable data transmission. The cost of the network is high. The next one is the WAN. The WAN is abbreviated as the wide area network. It covers the more area which is more than 100 kms. The data transmission is in the order of kbps to few mbps. The will generally uses the ITU standards. The cost of this one is very high. Generally the WAN is interconnection of many LANs.

Security (SSH and Port Security)

For clarity, all the requirements requested by the company is listed in point form bellow. Access Rules for Server Farm LAN must be decided as to which VLANs can access which servers in the Server Farm VLAN. The servers need to be protected from malicious computer attacks and unauthorized access. Facility to carry out audit checks needs to be provided as well so as to keep track of the exact activity along with the date and time at which an employee of QW Australia carried out a computer system based activity. The activity could include doing task(s) such as installation of new software, installing patches, taking backups and make changes in Webpage etc.

Access Rules for Group Access VLANs

• All VLANs are being permitted to access internet unless specifically denied below.?
• VLAN to VLAN access, is denied unless it is specifically permitted below.?
• PC hosts in the Sales and Hire VLAN are being permitted access to the Business Administration VLAN.?
• PC hosts in the Hire Only VLAN are permitted access to the Marketing VLAN and Sales and Hire VLANs.?
• PC hosts in the Marketing VLAN are permitted access to the Business Administration VLAN, and Hire Only LANs. ?
• PC hosts in the Business Administration VLAN are only permitted access to the Internet.
• PC hosts in Sales Only VLANs are permitted access to Marketing VLAN.?
• PC hosts in Marketing VLAN are permitted access to Sales Only VLANs.?
• PC hosts in the Site Security wireless LAN are permitted access to all VLANs. ?
• PC hosts in Technical Support VLANs are permitted access to all VLANs.?
• PC hosts in Site Security wireless LAN denied access to the Internet.?

Conclusions

During this process the network server must enable us to retrieve the lost data. Here the trash must be allowed to store in the network server for duration of time. It must be double checked before it is being deleted from the server. The network connection and the communication must be enabled between the server, trash and the storage drive. This will allow us to locate the lost file in the trash or the get back the file from trash to drive.  Hence the network communication inside the devices must be always noted.

 References

Jo, S. (2005). Security Engine Management of Router based on Security Policy, proceedings of world academy of science, engineering and technology, volume 10, ISSN 1307-688.

Riedmuller S., Brecht U., & Sikora A. (2005). Psec for Embedded Systems, in: H. Weghorn (Ed.), Proceedings of the 2nd Annual Meeting on Information Technology & Computer Science at the BA-University of Cooperative Education, ITC.

Shastry Y., Klotz S. & Russell R. (2005). Evaluating the effect of iSCSI protocol parameters on performance, In Proceedings of the Parallel and Distributed Computing and Networks.