Difference between revisions of "Página de pruebas 3"
Adelo Vieira (talk | contribs) (→WAN) |
Adelo Vieira (talk | contribs) |
||
Line 1: | Line 1: | ||
+ | ==CA - Network design for high availability== | ||
+ | |||
+ | |||
+ | <br /> | ||
+ | ===Group justification report=== | ||
To make the decision of the more suitable network design for the new data center of Dublin Computer School (DCS), we consider the following specification provided in the description of the project: | To make the decision of the more suitable network design for the new data center of Dublin Computer School (DCS), we consider the following specification provided in the description of the project: | ||
Line 9: | Line 14: | ||
− | ==Dublin== | + | <br /> |
+ | ====Dublin==== | ||
As we have already mentioned, in the Dublin LAN we are going to place the new data center; but also, this network have to be designed to provided end user devices communication (Wired and Wireless). | As we have already mentioned, in the Dublin LAN we are going to place the new data center; but also, this network have to be designed to provided end user devices communication (Wired and Wireless). | ||
Line 26: | Line 32: | ||
<br /> | <br /> | ||
− | ===VLANs=== | + | =====VLANs===== |
We created 4 VLANs: | We created 4 VLANs: | ||
Line 44: | Line 50: | ||
<br /> | <br /> | ||
− | ===Rapid spanning tree between switches=== | + | =====Rapid spanning tree between switches===== |
In our implementation, we made sure root bridge is in a suitable position. To do so, we manually configuring priority to influence the root election: | In our implementation, we made sure root bridge is in a suitable position. To do so, we manually configuring priority to influence the root election: | ||
Line 63: | Line 69: | ||
<br /> | <br /> | ||
− | ===Configuring 802 1Q trunk-based inter-VLAN routing=== | + | =====Configuring 802 1Q trunk-based inter-VLAN routing===== |
No key decisions had to be taken in this part, we just configure 802 1Q trunk-based inter-VLAN routing to provide routing for our multiple VLANs. You can verified all IP addresses and interfaces configured in the Addressing table. | No key decisions had to be taken in this part, we just configure 802 1Q trunk-based inter-VLAN routing to provide routing for our multiple VLANs. You can verified all IP addresses and interfaces configured in the Addressing table. | ||
<br /> | <br /> | ||
− | ===Wireless access for a GUEST wifi network=== | + | =====Wireless access for a GUEST wifi network===== |
The GUEST wifi network was configured using a wireless rourters attached to one of the access switches. In Figure XX we show the configuration performed. We attached the wireless router to VLAN10 and created a new wifi network. A DHCP server was also enable in the wireless router so the devices were are able to request an IP via DHCP (Figure xx) | The GUEST wifi network was configured using a wireless rourters attached to one of the access switches. In Figure XX we show the configuration performed. We attached the wireless router to VLAN10 and created a new wifi network. A DHCP server was also enable in the wireless router so the devices were are able to request an IP via DHCP (Figure xx) | ||
Line 76: | Line 82: | ||
− | ==WAN== | + | <br /> |
+ | ====WAN==== | ||
We created a WAN network connecting a total of 5 sites: Dublin, Galway, Limerick, Cork and Sligo. You can see the IP addresses in the Addressing table. They corespondent to the 10.0.0.0 network. | We created a WAN network connecting a total of 5 sites: Dublin, Galway, Limerick, Cork and Sligo. You can see the IP addresses in the Addressing table. They corespondent to the 10.0.0.0 network. | ||
Line 86: | Line 93: | ||
+ | <br /> | ||
+ | ====Addressing table==== | ||
{| class="wikitable" style="margin: 0 auto;" | {| class="wikitable" style="margin: 0 auto;" | ||
|+ | |+ |
Revision as of 16:46, 18 November 2019
Contents
CA - Network design for high availability
Group justification report
To make the decision of the more suitable network design for the new data center of Dublin Computer School (DCS), we consider the following specification provided in the description of the project:
- The fact that the business is home grown in Dublin and the organization is expanding rapidly both in Dublin and in many sites around Ireland,
- The growth expected by the Infrastructure Manager,
- The need of a new Moodle system and a CRM system for the Marketing department,
We can see that Dublin Computer School (DCS) is, without any doubt, expecting a significant growth for the next years. Therefore, based on this fact, and after evaluating the budget, we decided to go for an ambitious design that ensure not only availability and reliability but also scalability of the network. We have to take into consideration that this data center is going to be used for all the sites around Ireland, where the company is also expecting growing.
Dublin
As we have already mentioned, in the Dublin LAN we are going to place the new data center; but also, this network have to be designed to provided end user devices communication (Wired and Wireless).
In general, our design is based on the concepts described in the «Campus LAN and Wireless LAN Design Guide» of Cisco [\cite]. We built a hierarchical Three-Tier Design: Core, Distribution and Access layers.
At the beginning of the project, we though a Two-Tier Design was the most suitable option, but after consider many factors, the expected growing of the network tipped the scale in favor of the Three-Tier Design (See Figure \ref).
In Figure see we show the design for the Dublin network. Our design is composed by:
- A layer 3 switch in the core.
- Two layer 3 distribution switches.
- Four access switches.
VLANs
We created 4 VLANs:
- VLAN10 (Student)
- VLAN20 (Marketing)
- VLAN30 (HR)
- VLAN40 (Finance)
- VLAN99 (Management)
We perform the following settings:
- We configure the management interface (VLAN99) in every switch with an IP address
- 802.1Q Trunk Between the Switches (Manually configuration)
- In the access switches, we configured access ports for the end user devices and server and assigned VLANs to the correct switch interfaces (See Figure XX). The servers interfaces were assigned to the Management VLAN99.
Rapid spanning tree between switches
In our implementation, we made sure root bridge is in a suitable position. To do so, we manually configuring priority to influence the root election:
- We placed the root bridge in to core of our design for all VLANs
- We placed the root secondary in the distribution level of the network and configure Load Balancing sharing the root secondary between the 2 distribution switches.
MS1(config)#spanning-tree vlan 1,10,20,30,40,99 root primary
MS2(config)#spanning-tree vlan 1,10,20 root secondary
MS3(config)#spanning-tree vlan 30,40,99 root secondary
With this configuration, RSTP is avoiding redundant by blocking port mostly in the access layer.
Because we did load balancing sharing the root secondary between the 2 distribution switches, and because we are doing «Per-Vlan rapid spanning tree mode», the port blocked would depend on the VLAN. For example, if we consider S4. The rapid spanning tree protocol is blocking the F0/18 port for the VLANs where the root secondary is MS2. However, for the VLANs where the root secondary is MS3, rapid spanning is blocking the Fa0/14 port. That is why all the ports are shown in green in our network (none of the port in blocked for all VLANs) (See Figure XX).
Configuring 802 1Q trunk-based inter-VLAN routing
No key decisions had to be taken in this part, we just configure 802 1Q trunk-based inter-VLAN routing to provide routing for our multiple VLANs. You can verified all IP addresses and interfaces configured in the Addressing table.
Wireless access for a GUEST wifi network
The GUEST wifi network was configured using a wireless rourters attached to one of the access switches. In Figure XX we show the configuration performed. We attached the wireless router to VLAN10 and created a new wifi network. A DHCP server was also enable in the wireless router so the devices were are able to request an IP via DHCP (Figure xx)
Some security configurations were also performed:
- We configured a passphrase for the GUEST network: duboffice2019
- Enable encryption.
WAN
We created a WAN network connecting a total of 5 sites: Dublin, Galway, Limerick, Cork and Sligo. You can see the IP addresses in the Addressing table. They corespondent to the 10.0.0.0 network.
We make sure to include redundant paths between Dublin and Galway, which is the main concern of our WAN.
We configured OSPF Routing Protocol. OSPF is a widely used protocols with one of the lower Administrative Distance (110). That is why, in case of multiple routing protocols configured in a router (such as RIP or IS-IS), OSPF would be the defauld one and used to route packets. OSPF is able to determine the shortest path to a destination by adding the costs of each path to reach a destination.
Addressing table
Device | Interface | IP Address | Subnet Mask | Default Gateway | Comments | |
---|---|---|---|---|---|---|
Dublin | R1 | G0/1.1 | 172.16.1.1 | 255.255.255.0 | ||
G0/1.10 | 172.16.10.1 | 255.255.255.0 | ||||
G0/1.20 | 172.16.20.1 | 255.255.255.0 | ||||
G0/1.30 | 172.16.30.1 | 255.255.255.0 | ||||
G0/1.40 | 172.16.40.1 | 255.255.255.0 | ||||
G0/.1.99 | 172.16.99.1 | 255.255.255.0 | ||||
S0/0/0
DCE |
10.16.1.1 | 255.255.255.252 | ||||
S0/0/1 | 10.16.2.1 | 255.255.255.252 | ||||
S0/1/0
DCE |
10.16.3.1 | 255.255.255.252 | ||||
MS1 | VLAN 99 | 172.16.99.11 | 255.255.255.0 | Root primary for all VLANs | ||
MS2 | VLAN 99 | 172.16.99.12 | 255.255.255.0 | Root secondary for VLAN 1, 10, 20 | ||
MS3 | VLAN 99 | 172.16.99.13 | 255.255.255.0 | Root secondary for VLAN 30, 40, 99 | ||
S1 | VLAN 99 | 172.16.99.21 | 255.255.255.0 | |||
S2 | VLAN 99 | 172.16.99.22 | 255.255.255.0 | |||
S3 | VLAN 99 | 172.16.99.23 | 255.255.255.0 | |||
S4 | VLAN 99 | 172.16.99.24 | 255.255.255.0 | |||
Server1 | G0
(vlan99) |
172.16.99.80 | 255.255.255.0 | 172.16.99.1 | ||
G1
(vlan99) |
||||||
Server2 | G0
(vlan99) |
172.16.99.82 | 255.255.255.0 | 172.16.99.1 | ||
G1
(vlan99) |
||||||
PC1 | NIC
(vlan10) |
172.16.10.51 | 255.255.255.0 | 172.16.10.1 | ||
PC2 | NIC
(vlan20) |
172.16.20.52 | 255.255.255.0 | 172.16.20.1 | ||
PC3 | NIC
(vlan30) |
172.16.30.53 | 255.255.255.0 | 172.16.30.1 | ||
PC4 | NIC
(vlan40) |
172.16.40.54 | 255.255.255.0 | 172.16.40.1 | ||
Wireless router0 | Internet setup | 172.16.10.101 | 255.255.255.0 | 172.16.10.1 | ||
Network setup | 172.16.50.1 | 255.255.255.0 | ||||
Laptop1 | ||||||
Laptop2 | ||||||
- | ||||||
Limerik | R2 | S/0/0/0 | 10.16.1.2 | 255.255.255.252 | ||
S/0/0/1
DCE |
10.16.4.1 | 255.255.255.252 | ||||
G0/0 | 172.18.1.1 | 255.255.255.0 | ||||
PC7 | NIC | 172.18.1.57 | 255.255.255.0 | 172.18.1.1 | ||
- | ||||||
Galway | R3 | S0/0/1 | 10.16.4.2 | 255.255.255.252 | Standby router in HSRP
Slow path | |
S0/1/1 | 10.16.5.1 | 255.255.255.252 | ||||
G0/1 | 172.17.1.1 | 255.255.255.0 | ||||
R4 | S0/0/0
DCE |
10.16.6.1 | 255.255.255.252 | Active router in HSRP
(Because the other path is slow) | ||
G0/0 | 172.17.1.2 | 255.255.255.0 | ||||
Switch0 | VLAN 1 | 172.17.1.6 | 255.255.255.0 | 172.17.1.254 (virtual IP for HSRP ) |
||
Switch1 | VLAN 1 | 172.17.1.7 | 255.255.255.0 | 172.17.1.254 (virtual IP for HSRP ) |
||
PC5 | NIC | 172.17.1.55 | 255.255.255.0 | 172.17.1.254 (virtual IP for HSRP ) |
||
PC6 | NIC | 172.17.1.56 | 255.255.255.0 | 172.17.1.254 (virtual IP for HSRP ) |
||
- | ||||||
Cork | R5 | S0/0/0 | 10.16.6.2 | 255.255.255.252 | ||
S0/0/1
DCE |
10.16.2.2 | 255.255.255.252 | ||||
G0/0 | 172.19.1.1 | 255.255.255.0 | ||||
PC8 | NIC | 172.19.1.58 | 255.255.255.0 | 172.19.1.1 | ||
- | ||||||
Sligo | R6 | S0/1/0 | 10.16.3.2 | 255.255.255.252 | ||
S0/1/1
DCE |
10.16.5.2 | 255.255.255.252 | ||||
G0/0 | 172.20.1.1 | 255.255.255.0 | c | |||
PC9 | NIC | 172.20.1.59 | 255.255.255.0 | 172.20.1.1 |