* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download docx 152851_networking
Survey
Document related concepts
Wireless security wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Parallel port wikipedia , lookup
Computer network wikipedia , lookup
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
Internet protocol suite wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Nonblocking minimal spanning switch wikipedia , lookup
Serial digital interface wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Running head: NETWORKING 1 Networking Student’s Name Institutional Affiliation Course Date NETWORKING 2 XYZ is a company situated in KABWE. It has four departments, namely purchasing, accounting, IT and human resource. Currently it uses a flat network structure with network address of 191.160.5.0/24 and it has been observed that the performance of computer network is unsatisfactory. You have been contracted to solve this performance problem. Your task involves; a. developing an appropriate network design The appropriate network design would be the hierarchical topology. It is divided into three layers namely the core layer, the distribution layer. The core layer is the backbone layer made in a way that allows very fast moving of packets. This is achieved by making to be switching and high-speed. Also, no manipulation of packets is done here to avoid slowing them down. It is the distribution layer that acts as separator between the core layer and the access layer. This serves to differentiate between services done on the access layer and the function of the backbone layer. It also provides services such as access-list filtering for the core layer. The access layer provides connection of local users to the network. It provides services such as bandwidth switching and sharing. The hierarchical network works by having the network topology separated into layers. Using layers is important because each layer can then allow the right equipment to be identified. Advantages of using the minimising costs by using the right equipment and reducing wastage of bandwidth, the design of the network remains easy to understand and simple to explain to other network technicians, troubleshooting and fault isolation is done much easily in each of the three layers. NETWORKING 3 Core Layer Distribution Layer – Human Resource Distribution Layer Purchasing Distribution Layer - IT Distribution Layer Accounting Access Layer Access Layer Access Layer Access Layer Access Layer Access Layer Access Layer Access Layer NETWORKING 4 B. Configuring each of the switches To configure the switches, one must start by configuring the Management Interface. This is done on the management SVI of the switch from the Virtual LAN interface configuration mode. The following are the steps of Configuring the Management Interface: I. II. III. Enter global configuration mode =- S1# configure terminal Enter interface configuration mode for the SVI. - S1(config)# interface vlan 99 Configure the management interface IP address. - S1(config-if)# ip address 172.17.99.11 255.255.0.0 IV. V. VI. Enable the management interface. - S1(config-if)# no shutdown Return to privileged EXEC mode. - S1(config-if)# end Save the running config to the startupconfig. - S1# copy running-config startup-config One the proceeds to configure the Switch default Gateway using the following commands: I. Enter global configuration mode. - S1# configure terminal II. Configure the switch default gateway. - S1(config)# ip default-gateway 172.17.99.1 III. Return to privileged EXEC mode.- S1(config)# end IV. Save the running config to the startup config - S1# copy running-config startupconfig C. configuring each of the routers using OSPF To access the global configuration mode, use the following commands: Router>enable NETWORKING 5 Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)# Once we are in the global configuration, we can then move into the interface mode. It is in the interface mode that we can configure the FastEthernet0/0 and FastEthernet0/1. Router(config)#interface fastEthernet 0/0 Router(config-if)#ip address 192.168.0.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface fastEthernet 0/1 Router(config-if)#ip address 192.168.1.1 255.255.255.252 Router(config-if)#no shutdown Router(config-if)#exit Router(config)# The use of the Interface fastEthernet 0/0 command was to enter into the interface mode. We would then use the command ‘Ip address 192.168.0.1 255.255.255.0’ to assign IP address to interface. The ‘No shutdown’ was used to bring the interface up. The ‘Exit’ command is then used to return in global configuration mode. We then finish by assigning IP address to serial interfaces using the commands below: NETWORKING Router# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#interface serial 0/0/0 Router(config-if)#ip address 192.168.0.1 255.255.255.252 Router(config-if)#clock rate 64000 Router(config-if)#bandwidth 64 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface serial 0/0/1 Router(config-if)#ip address 192.168.2.1 255.255.255.252 Router(config-if)#no shutdown Router(config-if)#exit The command ‘Router#configure terminal’ is used to get to the Global Configuration Mode. To get to the interface mode we use the command ‘Router(config)#interface serial 0/0/0’. Ip Addresses are assigned to the interface using the command ‘Router(config-if)#ip address 192.168.0.1 255.255.255.252’. We then use the command ‘Router(config-if)#clock rate 64000’ to set the clock rate The command ‘Router(config-if)#bandwidth 64 Bandwidth’ is used to set the bandwidth which works as an influencer. It influences the metric calculation of OSPF. And to bring up the bring the interface just as before, we use the command ‘Router(configif)#no shutdown’. And finally to return to Global configuration, we use the command ‘Router(config-if)#exit’. 6 NETWORKING 7 D. configuring security on all intermediary devices. Switches 1. Ensure that you have set both the console and the Command Line access passwords – this should allow one to control the authorisations and also at the same time limit those who can make changes to the settings of the switch. 2. The next step requires securing the command line, disabling the telnet and finally ensuring that the secure shell is enabled. This will prevent anyone trying to sniff on the network. Router I. In case there happens to be risky devices on the network, then Network segmentation can be implemented. This allows the devices to be isolated. Another option would be to include Virtual Local Area Networks. II. To keep off unknown devices from the network, MAC address filtering can be implemented in the network. III. Port forwarding should be strict implemented together with IP filtering while trying to reach for services working for the computer on the background from the internet. IV. To ensure more security, one may opt to go for Custom firmware which is considered to be more secure such as Linux-based firmware which are community- maintained. NETWORKING E. configuring NAT and VLANS on part of network. Configuring NAT Step 1 Type the command ‘configure terminal’ to enter global configuration mode. Step 2 Type the command ‘interface type number’ to enter interface configuration mode. Step 3 Type the command ‘ip address ip-address subnet-mask’ to enter the IP address and subnet mask. Step 4 Type the command ‘ip nat outside’ to identify the specified interface as the NAT outside interface. Step 5 Type the command ‘exit’ to return to global configuration mode. Step 6 Type the command ‘interface vlan vlan-id’ to enter VLAN interface configuration mode. Step 7 Type the command ‘ip address ip-address subnet-mask’ to enter the IP address and subnet mask. Step 8 Type the command ‘ip nat inside’ to identify the VLAN interface as the NAT inside interface. Step 9 Type the command ‘exit’ to return to global configuration mode. Step 10 Type the command ‘ip nat inside’ to source inside-network Step 11 Type the command ‘exit’ to return to global configuration mode. Step 12 Type the command ‘show ip nat translation’ to verify the configuration. 8 NETWORKING 9 Configuring VLANs on Part of the Network I. Start by enabling routing using the command ‘ip routing’. II. Understand and note the VLANs that you would like to route between before proceeding. For example, you may want to route traffic between VLANs 2, 3 and 10. III. You then proceed to use the ‘show vlan’ command to check if the VLANs indeed do exist in the VLAN database. In case you do not find them, use the commands below to add the VLANs to the network. a. Switch#vlan database b. Switch(vlan)#vlan 2 c. VLAN 2 added: i. Name: VLAN0002 d. Switch(vlan)#vlan 3 e. VLAN 3 added: i. Name: VLAN0003 f. Switch(vlan)#vlan 10 g. VLAN 10 added: i. Name: VLAN0010 h. Switch(vlan)#exit i. APPLY completed. j. Exiting.... IV. Use the commands below to configure the VLAN interface with IP addresses required. a. Switch#configure terminal NETWORKING 10 b. Enter configuration commands, one per line. End with CNTL/Z. c. Switch(config)#interface Vlan2 d. Switch(config-if)#ip address 10.1.2.1 255.255.255.0 e. Switch(config-if)#no shutdown V. Use the commands below to configure the interface to the default router. a. Switch(config)#interface FastEthernet 0/1 b. Switch(config-if)#no switchport c. Switch(config-if)#ip address 200.1.1.1 255.255.255.0 d. Switch(config-if)#no shutdown VI. Use the command below to finally configure the default route for the switch. a. Switch(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2