Upload
ann-griffith
View
225
Download
5
Tags:
Embed Size (px)
Citation preview
Code : STM#116Code : STM#116
Samsung Electronics Co., Ltd.
Proposed Network ConfigurationProposed Network Configuration
Distribution
EnglishED01
© Samsung Electronics Co., Ltd. 2
ObjectivesObjectives
After successful completion of the course the trainees should be able to execute the following activities.
To understand basic technology of the network.
TBD
© Samsung Electronics Co., Ltd. 3
ContentsContents
WAN Configuration WAN Configuration
VoIP Network ConfigurationVoIP Network Configuration
Switch/Router ConfigurationSwitch/Router Configuration
Security ConfigurationSecurity Configuration
© Samsung Electronics Co., Ltd. 4
WAN ConfigurationWAN Configuration
© Samsung Electronics Co., Ltd. 5
WAN interface on the SerialWAN interface on the Serial
ISP
IP Telephony
Management
Data Service
CSU/DSU
V.35/HSSI
10.0.0.x
10.0.0.x
© Samsung Electronics Co., Ltd. 6
WAN1 and WAN2 interface with the ISPWAN1 and WAN2 interface with the ISP
Data Service
IP Telephony
DSL DSLDSL Internet
Modem Modem
MGI
LP40
MP40
Static61.77.137.81/25
Dynamic VDSL
Gateway10.0.0.1
Media Gateway10.0.0.3
Call server10.0.0.2
© Samsung Electronics Co., Ltd. 7
System to SystemSystem to System
Internet
IP Phone
165.213.109.1003202
165.213.109.1003202
Digital Phone
2001
IP Phone
10.0.0.20(DHCP)3201
#1IP : 61.77.207.154MP40 : 10.0.0.2MGI : 10.0.0.3
IP Phone
61.77.207.150(DHCP)3201
Digital Phone
2001
#2IP : 61.77.137.81MP40 : 192.168.0.2MGI : 192.168.0.3
Site #A
Site #B
ADSL
VDSLVDSL
ADSL
© Samsung Electronics Co., Ltd. 8
DSL ConfigurationDSL Configuration
GWIM
GWSM
GPLIMGPLIM
WLI
Management Data Service IP Telephony
DSLAMModem
APWIP5000M
PDA
Laptop PC
ISP
© Samsung Electronics Co., Ltd. 9
Home
Public IP PhonePublic IP Phone
LP40
MP40
MGI64
GWIM
GPLIM 16DLI
Internet
VoIP Phone
3201
Digital Phone
2001
192.168.0.1003202
IP : 10.0.0.15Public IP : 165.213.89.178
IP : 10.0.0.10Public IP : 165.213.89.178
WAN : 165.213.89.178
LAN : 10.0.0.x
LAN : 10.0.0.100
© Samsung Electronics Co., Ltd. 10
VoIP ConfigurationVoIP Configuration
© Samsung Electronics Co., Ltd. 11
NAPT for VoIP ServiceNAPT for VoIP Service
MGI(10.0.0.3)
MP(10.0.0.2)
MP40
MGI
165.213.109.186:6000U
165.213.109.186:30000~30031U
10.0.0.2:6000U10.0.0.2:9000U
10.0.0.3:30000 ~30031U
NAPT
Home
165.213.109.1003202
165.213.109.186:9000U
Public Fixed IP : 165.213.109.186Inter Private IP : 10.0.0.1/24
165.213.109.1003202
IP phone
10.0.0.203201
Digital Phone
2001
© Samsung Electronics Co., Ltd. 12
SIP ALGSIP ALG
IP Phone PC SIP
SIP standard
SIP
SIP standard
Internet
SIP
SIP standard
ADSL
LAN : 192.168.1.1
WAN : 165.213.89.218
IP : 192.168.1.180
IP : 192.168.1.181
IP : 168.219.149.225
© Samsung Electronics Co., Ltd. 13
GWIM and GSIM QoSGWIM and GSIM QoS
VoIP Group
10.0.0.0/24
APWIP5000M
PDA
Laptop PC
Internet
Auto-QoS
Auto-NAPT Service
© Samsung Electronics Co., Ltd. 14
GPLIM QoSGPLIM QoS
GPLIM
GWIM
IP phone with 5 value of 802.1p tag field
MP40
MGI
Internet
IP phone with 1 value of 802.1p tag field
port based QoS (using port priority)
© Samsung Electronics Co., Ltd. 15
Switch/Router ConfigurationSwitch/Router Configuration
© Samsung Electronics Co., Ltd. 16
Layer 3 RoutingLayer 3 Routing
IP Phones
PC
Server Farm
External Optical Cable : Sx,LxFail over & Load balancing
External Optical Cable : Sx,Lx
10/100Base-Tx with PoEMax. 2 PLIM per cabinet (24ports)
InternetPSTN
1000Base-Sx/Lx
V.35/HSSI
• GWIM : L3 Routing, QoS, Firewall/IDS, VoIP Service• GSIM : L3 Routing, QoS, VoIP Service• GPLIM : QoS, PoE
• GWIM : L3 Routing, QoS, Firewall/IDS, VoIP Service• GSIM : L3 Routing, QoS, VoIP Service• GPLIM : QoS, PoE
GWIM
GWSM
GPLIMGPLIM
GPLIM
© Samsung Electronics Co., Ltd. 17
IP Phones
PC
Layer 3 Routing with NATLayer 3 Routing with NAT
InternetPSTN
V.35/HSSI
DMZ
Mail Server Web Server
• GWIM : NAT/PT, DMZ, QoS, VoIP Service• GSIM : L3 Routing, QoS, VoIP Service• GPLIM : QoS, PoE
• GWIM : NAT/PT, DMZ, QoS, VoIP Service• GSIM : L3 Routing, QoS, VoIP Service• GPLIM : QoS, PoE
Server Farm
External Optical Cable : Sx,LxFail over & Load balancing
External Optical Cable : Sx,Lx
10/100Base-Tx with PoEMax. 2 PLIM per cabinet (24ports)
1000Base-Sx/Lx
GWIM
GWSM
GPLIMGPLIM
GPLIM
© Samsung Electronics Co., Ltd. 18
Server Access Group
Two Internal NetworkTwo Internal Network
Training Center
PC192.168.1.101
PC192.168.1.102
Server192.168.1.10
R&D Center
PC192.168.2.101
PC192.168.2.102
PC192.168.2.103
DMZ
Web Server FTP Server
192.168.0.x
Internet
LAN Configuration192.168.1.1/24192.168.2.1/24
WAN Configuration165.213.97.100192.168.1.1 (GSIM #1)192.168.2.1 (GSIM #2)
© Samsung Electronics Co., Ltd. 19
Layer2 Switching and RouterLayer2 Switching and Router
PC
IP Phones
Internet
• GWIM : NAT/PT, DMZ, IDS, QoS, VoIP Service• GPLIM : QoS, PoE• GWIM : NAT/PT, DMZ, IDS, QoS, VoIP Service• GPLIM : QoS, PoE
10/100Base-Tx with PoEMax. 2 PLIM per cabinet (24ports)
GWIM
GPLIM
GPLIM
© Samsung Electronics Co., Ltd. 20
VLAN ConfigurationVLAN Configuration
GPLIM
GWIM
PC Group
10.0.1.0/24VoIP Group
10.0.0.0/24
Test Group
10.0.2.0/24
MP40
MGI
LAN ConfigurationIP : 10.0.0.1/24Multi IP : 10.0.1.1/24 10.0.2.1/24
Internet
© Samsung Electronics Co., Ltd. 21
PC
Configures OSPF Configures OSPF
PC
192.168.30.0/24 172.16.0.0/24
30.0.0.0/2410.0.0.0/2410.0.0.100 10.0.0.100
7400 A router ospf 1 redistribute connected subnets network 192.168.30.0 0.0.0.255 area 0
7400 B router ospf 1 redistribute connected network 172.16.0.0 0.0.0.255 area 0 network 192.168.30.0 0.0.0.255 area 0
DataServer >> enable>> configure terminal>> router ospf >> network 172.16.0.0/24 area 0>> redistribute kernel >> redistribute connected
7400 A router ospf 1 redistribute connected subnets network 192.168.30.0 0.0.0.255 area 0
7400 B router ospf 1 redistribute connected network 172.16.0.0 0.0.0.255 area 0 network 192.168.30.0 0.0.0.255 area 0
DataServer >> enable>> configure terminal>> router ospf >> network 172.16.0.0/24 area 0>> redistribute kernel >> redistribute connected
7400 A Routing TableC 192.168.30.0/24 is directly connected, Serial0 172.16.0.0/24 is subnetted, 1 subnetsO 172.16.0.0 [110/49] via 192.168.30.2, 00:01:11, Serial0 10.0.0.0/24 is subnetted, 1 subnetsC 10.0.0.0 is directly connected, FastEthernet0 30.0.0.0/24 is subnetted, 1 subnetsO E2 30.0.0.0 [110/20] via 192.168.30.2, 00:01:11, Serial0
DataServer Routing TableO>* 10.0.0.0/24 [110/20] via 172.16.0.1, eth0, 00:02:31C>* 30.0.0.0/24 is directly connected, eth1C>* 127.0.0.0/8 is directly connected, loO 172.16.0.0/24 [110/10] is directly connected, eth0, 00:03:10C>* 172.16.0.0/24 is directly connected, eth0O>* 192.168.30.0/24 [110/74] via 172.16.0.1, eth0, 00:02:32
7400 A Routing TableC 192.168.30.0/24 is directly connected, Serial0 172.16.0.0/24 is subnetted, 1 subnetsO 172.16.0.0 [110/49] via 192.168.30.2, 00:01:11, Serial0 10.0.0.0/24 is subnetted, 1 subnetsC 10.0.0.0 is directly connected, FastEthernet0 30.0.0.0/24 is subnetted, 1 subnetsO E2 30.0.0.0 [110/20] via 192.168.30.2, 00:01:11, Serial0
DataServer Routing TableO>* 10.0.0.0/24 [110/20] via 172.16.0.1, eth0, 00:02:31C>* 30.0.0.0/24 is directly connected, eth1C>* 127.0.0.0/8 is directly connected, loO 172.16.0.0/24 [110/10] is directly connected, eth0, 00:03:10C>* 172.16.0.0/24 is directly connected, eth0O>* 192.168.30.0/24 [110/74] via 172.16.0.1, eth0, 00:02:32
7400 A
7400 B
7400 C
© Samsung Electronics Co., Ltd. 22
DHCP ConfigurationDHCP Configuration
IP Phone PC
LAN : 10.0.0.1/24
PC
PC
Internet
ADSL
WAN : 165.213.109.186/24
© Samsung Electronics Co., Ltd. 23
Security ConfigurationSecurity Configuration
© Samsung Electronics Co., Ltd. 24
Configure a IDSConfigure a IDS
IP Telephony Data Service
Internet
Mail server
Un-trusted Network
Management
165.213.87.230
165.213.109.0165.213.88.100
165.213.89.238
10.0.0.010.0.0.0
© Samsung Electronics Co., Ltd. 25
Configure a DMZConfigure a DMZ
DMZ
Web Server FTP Server
IP Telephony
Management
DSLAMModem
ISP
165.213.97.100
10.0.0.x10.0.0.x
192.168.0.x
© Samsung Electronics Co., Ltd. 26
VPN ConfigurationVPN Configuration
IPSec and IKE (Internet Key Exchange)
#1IP : 165.213.109.185/2410.0.0.1/24
#1IP : 165.213.89.245/24192.168.1.1
Tunneling (IPSec, PPTP, L2TP)
Samsung Electronics Co., Ltd.