The report is prepared to analyze the use of locale LAN technologies and their role in increase the performance of the organization. The project provides a detail glimpse about LAN and related evaluation techniques and models to overcome security related issues by using troubleshooting and LAN hardware such as switches, routers, voice gateways, firewalls, and other devices. These computers are getting connected with a cable through Ethernet, Fast Ethernet and Gig Ethernet or other media for local LAN
Purpose of this course is to provide an understanding on design and implementation of Local Area network, configuring network devices and to implement security in network.
Security is one of the main aspects of any network, as data security is very important from an organization point of view. This course will help to learn router configuration, packet filter, troubleshooting network, test network performance etc. This course will also help to get the understanding of an IP address/pool management, VLAN, STP, VTP or monitoring tool for a network.
1.1 Evaluate various LAN technologies available in the market. Describe the technologies in relation with scenario above.
LAN: A network is an enterprise network involving of many LANs in buildings, all are connected and all commonly in the same geographic area or network that is call LAN in other word. A company or organization typically owns the entire campus network, as well as the physical wiring. Campus networks commonly consist of Ethernet, 802.11 wireless LANs, higher-speed Fast Ethernet, Fast Ether Channel, and Gigabit Ethernet LANs
Institute of Electrical and Electronics Engineers (IEEE) Ethernet (802.3):-
Ethernet is a LAN technology based on the Institute of Electrical and Electronics Engineers (IEEE) 802.3 standard and offers a bandwidth of 10 Mbps between end users or PC, in other work in LAN Technology is provide connectivity to other PC through Ethernet technology and committed speed is 10 Mbps between every end user
Switched Ethernet can kill the likelihood of crashes stations don’t need to hear each out other to take a turn transmitting on the wire. Rather, stations can work in full-duplex mode transmitting and getting at the same time. Full-duplex mode further builds system execution with a net throughput of 10 Mbps in every heading or 20 Mbps complete throughput on every port…
Half duplex is components of LAN technologies where many gadgets are working with half duplex for instance HUB or repeater these center points are essentially multiport repeaters, they develop the transport topology idea of 10Base2 and 10Base5 by recovering the same electrical sign sent by the first sender of an edge out every other port. Subsequently, impacts can in any case happen, so CSMA/CD access principles keep on being utilized. The operation of Ethernet cards and the appended center point is critical to have a complete comprehension of the clogging issues and the requirement for full-duplex Ethernet. According to Figure plots the operation of half-duplex 10BaseT with center points.[Read more about Virtual Private Network Assignment]
Find the below step for hub duplex:
- Sending frame from network interface card (NIC)
- Looping of sent frame by NIC onto its receiving pair
- Frame receiving at Hub.
- Relaying of the frame by HUB on internal bus so that all Other NICs can receive the electrical signal
- Signal received from each receiving pair are repeated to all other devices available in network by HUB
Full-duplex execution is permitted when the likelihood of crashes is uprooted. Consider the utilization of Ethernet between couples of NICs, as opposed to cabling the NIC to a center point. Full duplex is likewise an alternative when utilizing switches. At the point when a solitary gadget is joined with the switch port, the switch can guarantee that there is no impact, which permits full duplex to work.
Since no impacts are conceivable in full duplex in the NICs handicap their loopback hardware. Both closures can send and get at the same time. This decreases Ethernet clogging and gives the favorable circumstances, when contrasted with half-duplex 10BaseT operation Collisions don’t happen time is not wasted in transmitting packets and it provides 10 Mbps in each direction, doubling the available capacity.
Fast Ethernet IEEE 802.3u:
Fast Ethernet is another innovation to increase expanded transfer speed in Ethernet environment or other word the systems administration industry added to a higher-speed Ethernet taking into account existing Ethernet measures that is called Fast Ethernet. Quick Ethernet works at 100 Mbps and is characterized in the IEEE 802.3u standard. The Ethernet cabling plans, CSMA/CD operation, and all upper-layer convention operations are kept up with Fast Ethernet. The net result is the same information join Media Access Control (MAC) layer converged with another physical layer.
Gigabit Ethernet IEEE 802.3z or IEEE 802.3ab:
Gigabit Ethernet is based on the IEEE 802.3ab and IEEE 802.3z standard and Gigabit Ethernet is supports 1000 Mbps or 1 Gbps per port of network switch and the physical layer has been modified to increase data-transmission speeds and Gigabit Ethernet can connect access-layer switches to distribution-layer switches for example Gigabit Ethernet in the switch block, core layer, and server block. [Read more about Network Management System Assignment]
10-Gigabit Ethernet IEEE 802.3ae:
Gigabit Ethernet utilizes 1000BASE-X to show the media sort, 10-Gigabit Ethernet utilizes 10GBASE-X. The diverse PMDs characterized in the standard, alongside the sort of fiber and separation limits. All the fiber-optic PMDs can be utilized as either a LAN or a WAN PHY, aside from the 10GBASE-LX4, which is just a PHY. Be mindful that the long-wavelength PMDs convey a fundamentally more noteworthy cost than the others.
This segment covers the hardware of network devices or LAN device and categorized based on OSI model in the segment find the below computer LAN hardware
- Layer 3 switches
Repeaters are the basic unit in the systems that unite single divisions. Repeaters take approaching edges, datagram or parcel and send the casing out every other interface aside from accepting port .Repeaters working at the physical layer of the OSI model. Repeaters are unconscious of datagram/parcels or casing configurations, they don’t control shows and multicast or crash spaces. Repeaters are thought to be convention straightforward in light of the fact that repeater is ignorant of upper-layer conventions, for example, IP, Internetwork Packet Exchange (IPX), and so on.
Hub is basic unit in LAN technology and they are working in Layer 1: physical of OSI module layer 1 and they can understand in bit and main difference is between hubs have more ports than basic repeaters.
Bridges are store-and-forward devices. They store the entire frame or datagram and verify the cyclic redundancy check (CRC) before forwarding. If the bridges detect a CRC error in frame or datagram they discard the frame or datagram. Bridges are protocol-transparent; they are unaware of the upper-layer protocols such as IP, IPX, and AppleTalk etc. Bridges are designed to flood all unknown and broadcast or multicast traffic.
Bridges implement Spanning Tree Protocol (STP) to manufacture a circle free system topology. Bridges correspond with one another and trading data, for example, need and scaffold interface MAC addresses. Extensions select a root scaffold and afterward execute STP.
Switch is essentially a multiport straightforward scaffold and switch port is its own Ethernet LAN fragment and disconnected from the others switch port and Frame sending is construct totally with respect to the MAC locations contained in every casing, such that the switch won’t forward an edge unless it knows the destination’s area.
Read more about Routing Protocol Assignment
Switches are more specific incorporated circuits or more insightful LAN gadget to diminish the inactivity normal to standard extensions or lessen to show area in LAN section or environment. Switches are the movement of scaffolds. Switches can keep running in cut-through mode in this mode , switches does not sit tight for the whole edge or datagram to enter its support in its place of it starts to forward the casing when the destination MAC address. Cut-through operation expands the likelihood that casings with mistakes are engendered on the system, in light of the fact that it advances the casing before the whole edge is cradled and checked for lapses. In view of these issues, most switches today perform store-and-forward operation as scaffolds do, switches are precisely the same as extensions regarding impact space and telecast area qualities. Every port on a switch is a different crash area. Naturally, all ports in a switch are in the same telecast area. Task to distinctive VLANs changes that conduct.
Broadcasts are specific edges or datagram, parcels that are bound for all gadgets on an Ethernet system. Telecasts system a MAC location of FF-FF-FF-FF-FF-FF. This is a telecast l MAC address, it is the most astounding number permitted in the 48-bit blueprint of MAC locations. In the parallel, each of the 48 bits is situated to 1.
Multicasts are specific broadcast. Multicasts are utilized by higher layer conventions to direct activity to more than one select destination, as opposed to a show, which is sent to all destinations. Application layer multicasts begin with 01-00-5E prefix. Whatever remains of the digits are allotted by the application layer convention taking care of the multicast. Be that as it may, other Layer 2-just multicast locations don’t have the prefix of 01-00-5E; for instance, STP with MAC location of 01-00-0c-cc-cc-compact disc. Generally, Ethernet systems treat multicasts like shows of course. A few higher layer conventions, for example, IGMP (Internet Group Messaging Protocol), can be utilized by changes to separate the activity and forward just multicast out particular ports.
Switches perform multilayer exchanging at Layer 3 and Layer 4. At Layer 3, the Catalyst group of switches stores activity streams taking into account IP addresses. At Layer 4, activity streams are reserved taking into account source and destination addresses, notwithstanding source and destination ports. All exchanging is performed in equipment, giving equivalent execution at both Layer 3 and Layer 4 exchanging.[Read more about Database Management System Assignment]
We can configure logical topologies with equipment’s such as router or switch. There are basically 6 types of topologies:
- Bus here each node is connected to single cable and signal from each node travels to both the direction. Since this consist of only single wire thus inexpensive to setup. These are of two types linear and distributed both are same just that in the later one the common transmission medium has more than 2 end points.
- Star in this topology one single node is connected to all other nodes which act as server and others as client. These are of two type extended star and distributed in the later nodes are connected in daisy chain with no central or top level connection point.
- Ring in this topology nods are connected in circular fashion in which data travels from one node to other until it reaches particular node in one direction in this all the nodes work as server and repeat the signals the only dis-advantage of this is each node is critical if one node stops the whole network goes down.
- Mesh in this topology each node is directly connected to the other node. There is two types in this fully connected network and partially connected network in fully connected all the nodes are inter connected directly to each other, fully connected network is practically impossible for large network as cost associated will be very high and to complex mesh will be very difficult to maintain and in the later-one its some of the nodes are connected to more than what other nodes are connected this is comparatively in expensive and still able to take advantage to redundancy provided by the fully connected mesh.
- Tree this topology has just tree like structure with root node then intermediate nodes and finally the branch nodes the outermost nodes known as leaves though there must be 3 level at least in the hierarchy to form a tree otherwise it would form star topology physically with one root node and other nodes connected to it as leaves. In this fault identification is easy as it is easy to manage nodes in hierarchy structure and it allows point to point connection of the nodes.
- Hybrid this is basically combination of any two or more of the above topology to form hybrid model but these both connected network must be of different topology. Common combinations are star-ring topology and star bus topology.
1.2 What do you understand by quality of service (QoS) and bandwidth management? Evaluate and analyze with examples why do you think it is important to perform QoS and Bandwidth Management?
Quality of service QoS:-
Quality of service (QoS), at a primary level and QoS is defined as providing better usage for priority traffic. It does this on the expense of low-priority traffic and the motivation behind QoS is to allow network and user-critical data to have consistent and reliable access to the network. QoS deployment is central to converged networks where IP telephony has merged with traditional data network. QoS helps with management of latency and bandwidth on the network. Some general terms will be outlined
QoS objectives are to provide reliable and available resources for applications and services on the network. In other word QoS should offer some obviousness of traffic flow seen on the network. Most networks today are implementing QoS for these very same reasons. Customers are looking for cheaper alternate means than simply increasing bandwidth on the network to support the various services they are supporting. However, bandwidth scarcity is not the only reason for QoS. Some applications are delay sensitive and require special handling on the network device itself.
The discussion of this chapter will be based on DiffServ model.
QoS operational model consists of five steps:
- Input scheduling
- Marking and policing
- Output scheduling
Classification is differentiate one incoming frame from another so that it can appropriately forward the packet through the switch’s port is programmed to be untrusted which means that any frame received on the port will have its CoS value reset to 0.
Data planning or input scheduling is taking care of the casing after the edge has touched base at the entrance port and accepting the port has been designed for trust. Info booking fundamentally doles out approaching casings to lines. In the event that trust-cos is not designed and the approaching edges will sidestep the Receive limit line and are sent specifically to the exchanging motor.
1.3 Discuss LAN concerns in terms of network security, availability and performance? Explain how a Hierarchical Network Design can improve on availability, security, scalability and performance
Hierarchical Network Design:-
A various leveled way to deal with system plan that empowers system originators to legitimately make a system by characterizing and utilizing layers of gadgets. The subsequent system is security, accessibility, execution, productive, smart, adaptable, and effectively oversaw. Progressive outline encourages changes. In a system plan, seclusion gives you a chance to make outline components that you can duplicate as the system develops. As every component in the system configuration obliges change, the expense and intricacy of making the redesign are contained to a little subset of the general system. In expansive, level system architectures, changes have a tendency to effect countless. Restricted cross section topologies inside of a layer or segment, for example, the grounds center or spine uniting focal locales, hold esteem even in the progressive outline models.
Organizing the system into little, straightforward components enhances issue detachment. Systems supervisors can without much of a stretch comprehend the move focuses in the system, which aides distinguish disappointment focuses.
Today’s quick merging conventions were intended for progressive topologies. To control the effect of directing convention preparing and data transfer capacity utilization, you must utilize particular various leveled topologies in light of conventions planned with these controls, for example, Open Shortest Path First (OSPF).Hierarchical network design facilitates route summarization. EIGRP and all other routing protocols benefit greatly from route summarization. Route summarization reduces routing-protocol overhead on links in the network and reduces routing-protocol processing within the routers.
The entrance layer or access layer is giving or offer client access to neighborhood fragments on the system and other word the entrance layer is giving Low cost per switch port, High port thickness, Scalable uplinks to higher layers Resiliency through various uplinks and they utilized User access capacities, for example, VLAN participation, movement and convention sifting, and QoS and over Ethernet (PoE) and assistant VLANs for VoIP. The entrance layer is portrayed by exchanged and shared-data transmission LAN portions in a grounds domain.
The appropriation/distribution layer gives interconnection in the middle of access and center layers. Gadgets in this layer, _ High Layer 3 throughput for parcel taking care of, Security and strategy based network works through access records or bundle channels, QoS elements and Scalable and strong rapid connections to the center and access layers
A center/core layer conveys integration of all appropriation layer gadgets. The center layer at times alluded to as the spine, Very high throughput at Layer 2 or Layer 3 and No immoderate or pointless bundle controls and Redundancy and strength for high accessibility
2.1 Design network infrastructure to fulfill the requirement of above scenario, including the diagram of the network infrastructure, and all devices (i.e. Switches, routers, cables, etc.)
In this above network design we have used following network resources
As per our senior we are using 5 branches Routers (Edinburgh, Birmingham, Liverpool, Manchester and Glasgow) and one new head office in Central London and all router exchange information about destination networks using routing protocols. Routers use routing protocols to build a list of destination networks and to identify the best routes to reach those destinations.
Switches: – we need these types of switches for connectivity as per our network scenario
Switch: – router are connected to switch
Switches: – all end device are connected to switch
Customer Service Switch: – As per scenario 5 device or PC are required so we can installed 24 port switch in Customer service
Accounts/Finance Switch: – This department has 34 PC and a network printer and has access to only those working in finance department
Library:- With 200 system , the library will be divided in two rooms with three 48 port switch each of which will contain 100 devices including a network printer, They should also be able print to a network printer from these machines
2.2 Critically evaluate the suitability of network components in your design in terms of Security, Scalability and Availability
An organization has a security policy in place; it can begin to apply the document and its rules to their particular environment. Organizations with truly comprehensive security policies find that what they have created is a roadmap that helps them implement the correct security appliances, mechanisms, and controls that satisfy their particular security needs. The organization will also quickly begin to find the weaknesses in their security posture through the process of identifying important resources and associated policies and tying that information to current inadequate security controls. This documentation is sure to change over time as the computing and physical environments change, which should be expected and accepted as normal security policy maintenance. . The underlying network provides a perfect place to implement core and advanced security solutions. The center of these secure network solutions includes the Adaptive Security Appliances (ASA), Integrated Services Routers (ISR), and Cisco Catalyst switches that have integrated security embedded in them. These are highly intelligent network security devices with many built-in security features that provide a framework for incorporating security throughout the network
The concept of scalability is necessary in technology as well as our origination or business settings. The base idea is reliable – the ability for a business, our origination to accept increased volume without impacting and we do any up gradation and enhancement without any outage and downtime or other word it can refer to the ability of a system to increase its total output under an improved load when resources are added. For instance we are using copper coaxial cable and now we need to upgrade it to UTP cable
Availability is signified as a percentage of time. How many days, hours, and minutes is the DC electrical infrastructure operational and supplying power over a given time period? Just as a baseball player’s batting average drops any time he or she fails to hit and safely reach base, so does a DC availability number suffer whenever the electrical infrastructure fails to provide power to the room. Unlike in baseball, a .400 average does not make you an all-star. Assuming there are no additional outages of any kind, which means that the DC is running for all but 12 of the 8760 hours in the year. That’s 99.863% of the time, or two nines of availability.
3.1 Draw a complete LAN design including servers, connecting devices, workstations, peripherals, etc. for the above scenario. Please include the configuration scripts in the appendix.
With the help of cisco packet tracer , we have design our network scenario and we are explaining this below mention scenario step by step which we design for new head office in Central London .
Frist we can installed router that is connected with service provider router and after that we configure core switch and implementing all LAN technology
- First of all we are going to connect core switch with access switch and distribution switch, at access switch all end user are connected and all server and critical device with distribution switch.
- Configure host name of core switch router and all network device
- We create new 3 VLAN (Finance Accounts, Library department, Customer Service department VLAN ) and server vlan in core switch
- After that we configure VTP domain ( virtual trunking protocol ) in core switch
- We onfigure STP in core switch so we can protract for network loop or loop free network
- All access switch should be in trunking mode so all vlan traffic will pass through trunk
- All access switch port (PC connected ) should be in access mode
3.2 Prepare a list of IP addresses, subnet IDs, Broadcast IDs for each department, Justify your choice for chosen techniques (VLSM or others)
The college will be using private IP address 192.168.0.0/16 within LAN and we will user same ip pool for accessing outside network or WAN network.
IP Address and VLSM
The term variable-length subnet mask (VLSM) describes a single Class C network in network which more than one subnet mask is used. Whenever implement a VLSM design. If you understood the previous paragraph, you already understand the concepts behind VLSM. Planning, implementing, and operating a network that uses VLSM requires a full, comfortable understanding of subnetting. [Read about Secure Shell Linux Assignment]
Now we are configure new head office in Central London with subnet mask 192.168.10.0/23
Start Host 192.168.10.1
End Hot 192.168.11.255
Subnet Mask 255.255.254.0
Finance department IP address list-: In finance department we have required 34 IP addresses for Systems and one IP address for printer. So here we have created /26 series of IP address, each block contain 64 addresses there one IP address is used for gateway & one is used for broadcasting.
Customer Service has only five work station. 192.168.11.64/26
Library department -: 200 workstation are installed in Library so we require /24 subnet IP address. 192.168.10.0/24
Server IP address: 192.168.11.128/26 File Server, Web Server, and Domain Controller
4.1 Create a performance baseline for the above company network and evaluate the designed LAN
Generating the base line of network in education university of London and a plan outlines the upgrade process from beginning to end so we have to pull the performance data of education university network traffic, bandwidth utilization, device loges and device errors. We know there was no change done after setup. We need to pull daily or weekly or motherly and quarterly performance, network bandwidth utilization and traffic analyzing reports from monitoring tools or other tool for example ticketing tools so that we check how much bandwidth or traffic has been used or consuming during the peak working hours in day also we check on other monitoring tool whether we get any breaching threshold in monitoring tools or getting error on the interfaces or not. All Distribution switch port where server are connected; those were put in monitoring tool which helps us to identify how much data have been used. Network devices which we configured during the time of setup are these using all features of network technology. Security policy which we applied on network LAN segment like mac binding or port security policies are those working or not. We ping router ip from core switch continuously to check latency and drops.
Below is the baseline parameter which was configured.
- Reviewing the applied policy through creating base line and checking breaching threshold by monitor tools
- Bandwidth thresholds on monitoring tool, it generates the alerts.
4.2 There are many tools available in the market to monitor the performance of a network, choose one and produce a performance monitoring report for your network.
Education university of London are using 2 monitoring tools solar winds , MRTG art ant tools are play main roll in network stability or availability of network device and tools are helps us to categorize any link failure and device down. MRTG checks the devices, link performance. If any abnormality occurs on the network, proactively send the alert. It helps us to the action in advance so that we can take quick action. Below are the key advantages of the monitoring tools.
- We can Audit network device configuration through monitoring tools solar winds
- We can health monitoring of network and servers device.
- It auto sends alerts of link failure and device failure.
- It provides real time monitoring and also provide historical data
- If any logs generates on the devices, it also send informal alerts.
4.3 One of the computers used in the library replaced, plan a step by step process to connect the new computer to the network and test connectivity effectively and efficiently?
As per our network scenario we can configure HO PC in DHCP is getting ip address from DHCP per VLAN (Customer Service, Accounts/Finance Library) then it is getting ip address though dhcp or DNS. as per below scenario DHCP is configured so that system can get ip dynamically .Once system gets ip address .We need to check on core switch side also because port security is configured and MAC address is binded with earlier system. So we will disable port and remove old mac address and add new system mac address. Now we will check on the system whether cross sign has been disappeared. Now system will be able to connect on the network and will be able to access intranet and internet based application.[Also read Network Management System Assignment]
5.1 Use a network simulator to simulate the designed LAN including the following
Building and configuration of devices and services within the LAN and Implementation of specialized configuration and security mechanisms within the LAN
First i configured Router, then connate core switch to router
We have configure host name of router with command
I am configuring New HO location in Central London so first I will configure Router and connected with Core switch mention below.
We have configure host name of router with command
We are configuring new HO location LAN segment so first we will configure Core switch and we can create 4 VLAN in core switch mention below.
- Carol, X, Computer‐mediated communication and social networking tools at work.Information Technology and People. 26 (2). PP.172 – 190.
- Morten H. A.,2011, Sensemaking in Networks: Using Network Pictures to Understand Network Dynamics, in Roger Baxter, Arch G. Woodside (ed.) Interfirm Networks: Theory, Strategy, and Behavior.17. Emerald Group Publishing Limited. PP.1 – 197.
- Jason B. F. And Thomas L. M., 2012. Tools for interdisciplinary design of pervasive computing. International Journal of Pervasive Computing and Communications. 8. PP.112 – 132.
- Sheynblat, L., Krasner, N. F., U.S. Patent No. 6,677,894. Washington, DC: U.S. Patent and Trademark Office.