Embed Size (px)
Citation preview
Cisco’s Threaded Case Cisco’s Threaded Case StudyStudy
Desert ViewDesert View
Andy GallAndy Gall
Ken SchroederKen Schroeder
John ByersJohn Byers
SCHOOL PLANSCHOOL PLAN
•Design a school network that will allow all connected workstations the ability to connect at a minimum of 1 Mbps.
•Design the network in such a manner that there is reliable security separating the curriculum & administrative systems.
•Design the school network at a minimum of cost to the school but one that allows for future technologies to be added easily.
A
B
Section Andrew
Section Brian
Section Charlie
Section Daniel
Section Edward
Frank
George
Cut SheetCut Sheet
Andrew A101d1 A101d2 A101d3 A101d4Brian B203d1 B203d2 A203d3 A203d4Charlie C302d1 C302d2 C302d3 C302d4Daniel D407d1 D407d2 D407d3 D407d4Edward E509d1 E509d2 E509d3 E509d4Frank F601d1 F601d2 F601d3 F601d4George G702d1 G702d2 G702d3 G702d4
IDF Sample Label
= ID F
= C AT 5 d rop s to room s (4 each )
Network EquipmentNetwork Equipment
Category 5 Plenum CableCategory 5 Plenum Cable
Fiber Optic Cable (4 pair)Fiber Optic Cable (4 pair)
Cisco RouterCisco Router
Cisco SwitchesCisco Switches
Cisco HubsCisco Hubs
Equipment racks/cabinetsEquipment racks/cabinets
Patch panelsPatch panels
Fiber Optic CableFiber Optic Cable
Connecting two pairs from school Connecting two pairs from school MDF to every IDF (total 7 locations).MDF to every IDF (total 7 locations).
Total length required: 8000 ft.Total length required: 8000 ft. Price quoted from DataComm Price quoted from DataComm
11/1/99.11/1/99.– $630/1000 foot pack {Item DBC1832}$630/1000 foot pack {Item DBC1832}
– $5040 for all Horizontal cross-connects$5040 for all Horizontal cross-connects
Category 5 Plenum CableCategory 5 Plenum Cable
31,050 ft. needed for all vertical CC31,050 ft. needed for all vertical CC Price quoted from DataComm 11/1/99Price quoted from DataComm 11/1/99
– $550/2000 foot pack$550/2000 foot pack
$8800 for entire project Cat 5 needs$8800 for entire project Cat 5 needs
Cisco RouterCisco Router
Cisco 2600 Series Router Cisco 2600 Series Router Channelized T1/E1 for connection to Channelized T1/E1 for connection to
Central Office Central Office 2 Fiber Modules for connection to LAN2 Fiber Modules for connection to LAN Gateway to InternetGateway to Internet
– Estimated cost: $6,000Estimated cost: $6,000
Cisco SwitchesCisco Switches Cisco 2924-xl-a, 24 port 10/100 Cisco 2924-xl-a, 24 port 10/100
BaseT BaseT – 50 Classroom Switches50 Classroom Switches
Cisco ws-c-2924-xl-en, 22 port Cisco ws-c-2924-xl-en, 22 port 10/100 Ethernet & 2 100BaseFX10/100 Ethernet & 2 100BaseFX– 7 IDF Switches7 IDF Switches
Cisco 2912-mf 12 portCisco 2912-mf 12 port
100BaseFx w/ 4port100BaseFx w/ 4port
100BaseT Module100BaseT Module– 2 MDF Switches 2 MDF Switches
Cisco HubsCisco Hubs
Cisco 1538 8 port 10/100BaseTCisco 1538 8 port 10/100BaseT– 50 Classroom extension hubs50 Classroom extension hubs
Rack EquipmentRack Equipment
Classroom Cabinets {x50}Classroom Cabinets {x50}– Locked cabinet w/ 32 port patch panelLocked cabinet w/ 32 port patch panel
Panduit DP32588110BPanduit DP32588110B
Intermediate Distribution Facilities {x7}Intermediate Distribution Facilities {x7}– Patch Panel--Panduit CD48BL or CD24BLPatch Panel--Panduit CD48BL or CD24BL– Fiber Panel-- Panduit FAP6WSTFiber Panel-- Panduit FAP6WST– Media Rack--Panduit CMR19X47Media Rack--Panduit CMR19X47– Cable Management --WMPVSF20 & WMPFSCable Management --WMPVSF20 & WMPFS
Hub
Laser printer
Cloud
Teacher
1924 XL Switch
1924C Switch
1924MF Switches 2621 Router
T1 Line
District O ffice
Fram e Relay
Most Students Rest of students
Hub
Laser printer
Cloud
Teacher
1924C Switch
1924MF Switches 2621 Router
T1 Line
District O ffice
Students
32 Port 10/100 Hub
Network Project CostNetwork Project Cost RouterRouter MDF SwitchMDF Switch IDF SwitchesIDF Switches Classroom SwitchesClassroom Switches HubsHubs Fiber CableFiber Cable Category 5 CableCategory 5 Cable Network EquipmentNetwork Equipment
$6,000$5356 x 2$2005 x 7$1670 x 50$500 x 50$5,040$8,800$5,000
TOTAL: $158,092
Network Project CostNetwork Project Cost RouterRouter MDF SwitchMDF Switch IDF SwitchesIDF Switches Classroom 32 Port Classroom 32 Port
HubsHubs Fiber CableFiber Cable Category 5 CableCategory 5 Cable Network EquipmentNetwork Equipment
$6,000$5356 x 2$2005 x 7
$500 x 50$5,040$8,800$5,000
TOTAL: $74,587
Central Office10.5.0.x
Administration10.6.0.x
Curriculum10.7.0.x
Cisco 2600
MagicInternet
10.7.0.110.6.0.110.5.0.1
fx0 fx1
e0
Specific IP addressesSpecific IP addresses
Network Printers: 10.7.0.100-150Students will obtain an IP address from the DHCP server.
Numbers will be in the range of 10.7.1.x to 10.7.5.x
Teacher workstations, Servers, and Printers will be Static IP addresses.
Teacher Workstations: 10.6.0.10-250
Access List LogicAccess List Logic
Basic Premise; all workstations on 10.5.x.x and workstations on 10.6.x.x have access to devices located on the 10.7.x.x subnetwork. However, ONLY port 80 will be allowed OUT of any device located on the 10.7.x.x subnetwork.
80
F.M. Internet
Access ListAccess List
In order for the curriculum and administrative portions of the network to remain segmented, an access list will be placed on the school router.
The only data that can travel from the student computers to any other part of the network is HTTP.
Access-list 105 permit TCP 10.7.0.0 0.0.255.255 any eq 80
IP Access-group 105 in
Interface fx1
Access-list 105 deny IP 10.7.0.0 0.0.255.255 10.6.0.0 0.0.255.255Access-list 105 permit IP 10.6.0.0 0.0.0.255 10.7.0.0 0.0.255.255
VLANVLAN
In order to keep the students limited to only their specified address range, the need for a Virtual LAN has been created.
The goal is to limit student activity on administrative locations, but still allow administrators to use student
services. {I.E. Printers or Library Server}
On every switch in the IDF’s, we will specify which ports are for VLAN1 (Administrative) and which ports are for VLAN2 (Curriculum).
ServersServers
NAME IPX Name IP AddressAdministrative Server: DV_Admin 10.6.0.20Curriculum Server: DV_App 10.7.0.10Library Server: DV_Lib 10.7.0.30Network Server: DV_Net 10.7.0.20
•Note:The Network Server will be running the Cisco Server Suite 1000, allowing DHCP for student machines, e-mail storage, and other WAN activities.
SPEEDSPEED
•Design a school network that will allow all connected workstations the ability to connect at a minimum of 1 Mbps. However, the TCS also requires that the LAN will grow at 1000% over the next 5 years. This breaks down to a minimum of 10 Mbps per workstation. With the system that we have designed, the network will perform at 100 Mbps to every
teacher workstation and 90% of all student workstations.
SecuritySecurity•Design the network in such a manner that there is reliable security separating the curriculum & administrative systems.
With our network design, students can perform all their activities in their network. However, they cannot access information on the Administration server because of the VLAN. They cannot access information located at the Central office because of the restrictions in the Router’s Access List. They can reach the Internet through the Network Server’s DHCP’s functions and the permissions set in the Router’s Access List.
GrowthGrowth
•Design the school network at a minimum of cost to the school but one that allows for future technologies to be added easily.
Due to the fact that we are responsible for the performance of our network, we wanted to create the best possible performing
network. With the layout of the IDF’s and classroom cabinets, upgrading the entire network could be modified by simply changing the Network components. However,
by creating a switched network NOW, the need to upgrade the network has been postponed as this design will perform
the tasks necessary for many years. We were also required to supply 24 student workstation ports. We have designed for a
possible 30 workstation in each room.
