Dựa trên cách tiếp cận từ trên xuống thành công, khóa học Mạng máy tính được triển khai với sự nhấn mạnh ban đầu vào các mô hình lớp ứng dụng và giao diện lập trình ứng dụng, khuyến khích trải nghiệm thực hành với các giao thức và khái niệm mạng.
LOGICAL/PHYSICAL DESIGN OF NETWORED SYSTEM (P5)
USER REQUIREMENTS
People: People: 200 students, 15 teachers, 12 marketing and administration staff, 5 higher managers, including the head of academics and the program manager, 3 computer network administrators
Resources: 50 student lab computers, 35 staff computers, 3 printers
Building: 3 floors, all computers and printers are on the ground floor apart from the IT labs – one lab located on the first floor and another located on the second floor.
Seconds Floor • Lab room 2: 25 computers (ITLab26 – ITLab50)
First Floor • Lab room 1: 25 computers (ITLab01 – ITLab25)
Ground Floor • Network administrators’ room: 3 computers
• Managers’ room: 5 computers and 1 printer
• Staff room: 12 computers and 1 printer
• Teachers’ room: 15 computers and 1 printer
LOGICAL DESIGN
The logical network design is composed of segregated networks that are implemented physically using virtual local area networks (VLANs) defined by network switches
PHYSICAL DESIGN
The physical network design as the name implies, is the physical components used for installation Physical layout of a network is the hardware on which the network topology is built The elements of a physical network design consist of routers, cables, connecting cables, laptops, desktops, switches
Figure 3 Physical topology of ground floor
Figure 4 Physical topology of ground floor
Figure 5 Physical topology of ground floor (2)
Figure 6 Physical topology of 1 st floor
Figure 7 Physical topology of 2nd floor
ADDRESS TABLE
Device Interface Address Subnet Mask Default Gateway VLAN
S-Server VLAN 99 192.168.99.11 255.255.255.0 192.168.99.1 99 S-ComNet VLAN 99 192.168.99.21 255.255.255.0 192.168.99.1 99 S-MarketAdmin VLAN 99 192.168.99.31 255.255.255.0 192.168.99.1 99 S-Teacher VLAN 99 192.168.99.41 255.255.255.0 192.168.99.1 99 S-Manager VLAN 99 192.168.99.51 255.255.255.0 192.168.99.1 99 S_ITLab1_1 VLAN 99 192.168.99.61 255.255.255.0 192.168.99.1 99 S_ ITLab1_2 VLAN 99 192.168.99.62 255.255.255.0 192.168.99.1 99 S_ ITLab2_1 VLAN 99 192.168.99.71 255.255.255.0 192.168.99.1 99 S_ ITLab2_2 VLAN 99 192.168.99.72 255.255.255.0 192.168.99.1 99 DHCP-DNS NIC 192.168.10.2 255.255.255.0 192.168.10.1 10
Mail NIC 192.168.10.4 255.255.255.0 192.168.10.1 10 File NIC 192.168.10.5 255.255.255.0 192.168.10.1 10 ComNet01 NIC 192.168.20.11 255.255.255.0 192.168.30.1 20
ComNet02 NIC 192.168.20.12 255.255.255.0 192.168.30.1 20 ComNet03 NIC 192.168.20.13 255.255.255.0 192.168.30.1 20 MA01 NIC 192.168.30.11 255.255.255.0 192.168.30.1 30 MA02 NIC 192.168.30.12 255.255.255.0 192.168.30.1 30 MA03 NIC 192.168.30.13 255.255.255.0 192.168.30.1 30 MA04 NIC 192.168.30.14 255.255.255.0 192.168.30.1 30 MA05 NIC 192.168.30.15 255.255.255.0 192.168.30.1 30 MA06 NIC 192.168.30.16 255.255.255.0 192.168.30.1 30 MA07 NIC 192.168.30.17 255.255.255.0 192.168.30.1 30 MA08 NIC 192.168.30.18 255.255.255.0 192.168.30.1 30 MA09 NIC 192.168.30.19 255.255.255.0 192.168.30.1 30 MA10 NIC 192.168.30.20 255.255.255.0 192.168.30.1 30 MA11 NIC 192.168.30.21 255.255.255.0 192.168.30.1 30 MA12 NIC 192.168.30.22 255.255.255.0 192.168.30.1 30
T01 NIC 192.168.40.11 255.255.255.0 192.168.40.1 40 T02 NIC 192.168.40.12 255.255.255.0 192.168.40.1 40 T03 NIC 192.168.40.13 255.255.255.0 192.168.40.1 40 T04 NIC 192.168.40.14 255.255.255.0 192.168.40.1 40 T05 NIC 192.168.40.15 255.255.255.0 192.168.40.1 40 T06 NIC 192.168.40.16 255.255.255.0 192.168.40.1 40 T07 NIC 192.168.40.17 255.255.255.0 192.168.40.1 40 T08 NIC 192.168.40.18 255.255.255.0 192.168.40.1 40 T09 NIC 192.168.40.19 255.255.255.0 192.168.40.1 40 T10 NIC 192.168.40.20 255.255.255.0 192.168.40.1 40 T11 NIC 192.168.40.21 255.255.255.0 192.168.40.1 40 T12 NIC 192.168.40.22 255.255.255.0 192.168.40.1 40
M01 NIC 192.168.50.11 255.255.255.0 192.168.50.1 50 M02 NIC 192.168.50.12 255.255.255.0 192.168.50.1 50 M03 NIC 192.168.50.13 255.255.255.0 192.168.50.1 50 M04 NIC 192.168.50.14 255.255.255.0 192.168.50.1 50 M05 NIC 192.168.50.15 255.255.255.0 192.168.50.1 50
ITL01 NIC 192.168.60.11 255.255.255.0 192.168.60.1 60 ITL02 NIC 192.168.60.12 255.255.255.0 192.168.60.1 60 ITL03 NIC 192.168.60.13 255.255.255.0 192.168.60.1 60 ITL04 NIC 192.168.60.14 255.255.255.0 192.168.60.1 60 ITL05 NIC 192.168.60.15 255.255.255.0 192.168.60.1 60 ITL06 NIC 192.168.60.16 255.255.255.0 192.168.60.1 60 ITL07 NIC 192.168.60.17 255.255.255.0 192.168.60.1 60 ITL08 NIC 192.168.60.18 255.255.255.0 192.168.60.1 60 ITL09 NIC 192.168.60.19 255.255.255.0 192.168.60.1 60 ITL10 NIC 192.168.60.20 255.255.255.0 192.168.60.1 60 ITL11 NIC 192.168.60.21 255.255.255.0 192.168.60.1 60 ITL12 NIC 192.168.60.22 255.255.255.0 192.168.60.1 60 ITL13 NIC 192.168.60.23 255.255.255.0 192.168.60.1 60 ITL14 NIC 192.168.60.24 255.255.255.0 192.168.60.1 60 ITL15 NIC 192.168.60.25 255.255.255.0 192.168.60.1 60 ITL16 NIC 192.168.60.26 255.255.255.0 192.168.60.1 60
ITL17 NIC 192.168.60.27 255.255.255.0 192.168.60.1 60 ITL18 NIC 192.168.60.28 255.255.255.0 192.168.60.1 60 ITL19 NIC 192.168.60.29 255.255.255.0 192.168.60.1 60 ITL20 NIC 192.168.60.30 255.255.255.0 192.168.60.1 60 ITL21 NIC 192.168.60.31 255.255.255.0 192.168.60.1 60 ITL22 NIC 192.168.60.32 255.255.255.0 192.168.60.1 60 ITL23 NIC 192.168.60.33 255.255.255.0 192.168.60.1 60 ITL24 NIC 192.168.60.34 255.255.255.0 192.168.60.1 60 ITL25 NIC 192.168.60.35 255.255.255.0 192.168.60.1 60 ITL26 NIC 192.168.70.36 255.255.255.0 192.168.70.1 70 ITL27 NIC 192.168.70.37 255.255.255.0 192.168.70.1 70 ITL28 NIC 192.168.70.38 255.255.255.0 192.168.70.1 70 ITL29 NIC 192.168.70.39 255.255.255.0 192.168.70.1 70 ITL30 NIC 192.168.70.40 255.255.255.0 192.168.70.1 70 ITL31 NIC 192.168.70.41 255.255.255.0 192.168.70.1 70 ITL32 NIC 192.168.70.42 255.255.255.0 192.168.70.1 70 ITL33 NIC 192.168.70.43 255.255.255.0 192.168.70.1 70 ITL34 NIC 192.168.70.44 255.255.255.0 192.168.70.1 70 ITL35 NIC 192.168.70.45 255.255.255.0 192.168.70.1 70 ITL36 NIC 192.168.70.46 255.255.255.0 192.168.70.1 70 ITL37 NIC 192.168.70.47 255.255.255.0 192.168.70.1 70 ITL38 NIC 192.168.70.48 255.255.255.0 192.168.70.1 70 ITL39 NIC 192.168.70.49 255.255.255.0 192.168.70.1 70 ITL40 NIC 192.168.70.50 255.255.255.0 192.168.70.1 70 ITL41 NIC 192.168.70.51 255.255.255.0 192.168.70.1 70 ITL42 NIC 192.168.70.52 255.255.255.0 192.168.70.1 70
ITL43 NIC 192.168.70.53 255.255.255.0 192.168.70.1 70 ITL44 NIC 192.168.70.54 255.255.255.0 192.168.70.1 70 ITL45 NIC 192.168.70.55 255.255.255.0 192.168.70.1 70 ITL46 NIC 192.168.70.56 255.255.255.0 192.168.70.1 70 ITL47 NIC 192.168.70.57 255.255.255.0 192.168.70.1 70 ITL48 NIC 192.168.70.58 255.255.255.0 192.168.70.1 70 ITL49 NIC 192.168.70.59 255.255.255.0 192.168.70.1 70 ITL50 NIC 192.168.70.60 255.255.255.0 192.168.70.1 70
DESIGN EVALUATION (P6)
TEST PLAN
Test ID Test case Expected Outcome Actual
1 Ping from host to host in
2 Ping from host to host in
3 Ping from host to host in
4 Ping from host to host in
5 Ping from host to host in
6 Ping from host to host in
7 Ping from host to host in
8 Ping from switch to switch in VLAN 99 Successful
9 Ping from VLAN 10 to default gateway Successful
10 Ping from VLAN 20 to default gateway Successful
11 Ping from VLAN 30 to default gateway Successful
12 Ping from VLAN 40 to default gateway Successful
13 Ping from VLAN 50 to default gateway Successful
14 Ping from VLAN 60 to default gateway Successful
15 Ping from VLAN 70 to default gateway Successful
16 Ping from VLAN 99 to default gateway Successful
17 Ping from VLAN 10 to VLAN
18 Ping from VLAN 20 to VLAN
19 Ping from VLAN 30 to VLAN
20 Ping from VLAN 40 to VLAN
21 Ping from VLAN 50 to VLAN
22 Ping from VLAN 60 to VLAN
23 Ping from VLAN 70 to VLAN
26 Ping from MA01 to Internet (8.8.8.8) Successful
32 Get IP address automatically from DHCP server Successful
EVALUATION
My design is simple, it is split into 3 floors o Ground Floor: printers, teacher, manager and staff computer o Floor 1 and 2: For students and IT lab
IP address is easy to remember and will tell where the machines are
Rooms are ping-able to each other with low latency
The network has been divided into many VLANs, making it more secure than previously
High load capacity owing to two switches and two access points on each level, which allow network devices to function normally during recess or peak hours
Incomplete firewall and security system
If all rooms are running at maximum capacity at the same time, it is simple to run out of network bandwidth
Upgrade the security and firewall system
In this design using a total of 8 switches and 1 multiple switch, it is generally quite expensive
Upgrade the system and firewall
If we have the budget, we should replace the layer 2 switch with a layer 3 switch so that the connection lines are transmitted faster, moreover it also helps the network traffic not to be congested during peak hours.
INSTALLATION AND CONFIGURATION (M3)
OVERVIEW OF SERVER
A server is a computer program or device that provides a service to another computer program and its user, also known as the client In a data center, the physical computer that a server program runs on is also frequently referred to as a server That machine might be a dedicated server or it might be used for other purposes
In the client/server programming model, a server program awaits and fulfills requests from client programs, which might be running in the same, or other computers A given application in a computer might function as a client with requests for services from other programs and as a server of requests from other programs
Defense against viruses and other threats
Protection against losing data during a disaster
Compliance with industry requirements such as PCI-DSS and HIPAA
Key business software requires processing power and storage space
Secure remote access is critical to continued growth
II CONFIGURATION DHCP_DNS Server
A DHCP Server is a network server that automatically provides and assigns IP addresses, default gateways and other network parameters to client devices It relies on the standard protocol known as Dynamic Host Configuration Protocol or DHCP to respond to broadcast queries by clients
Figure 9 Configure default gateway and dns server
The purpose of DNS is to translate a domain name into the appropriate IP address This is done by looking up the dns records of the requested domain There are typically eight steps in this DNS lookup process that follow the information path from the originating web browser to the DNS server and back again
The primary role of a web server is to store, process, and deliver requested information or webpages to end users It uses: Physical Storage: All website data is stored on a physical web server to ensure its safety
Figure 12 Configure default gateway and dns server
1 Purpose of MAIL server a mail server collects and distributes emails to their intended destination You can think of it as a computer that acts as an electronic post office for email, which allows you to control the transfer of emails within a network through different protocols
Figure 13 Configure default gateway and dns server
Figure 14 Configure services (adding email)
A file server is a computer responsible for the storage and management of data files so that other computers on the same network can access the files It enables users to share information over a network without having to physically transfer files
Figure 15 Configure default gateway and dns server
Figure 16 Configure service FTP (adding account)
CONFIGURATION OF FILE SERCER
By implementing a network maintenance plan, you can keep your network running smoothly and without problems My network maintenance programs aim to get rid of any networks that eventually end up costing your company money since they function poorly or fail when they're needed most Avoid waiting until your network fails by making use of my network maintenance plans, which include:
Repair and Maintenance Switches are used to safely shut down machines and facilities that are not directly connected to a control unit or may bare the risk, that the machine or facility starts operating during maintenance or repair activities
Physical check of your equipment Every morning go into your server room and take a look and make sure that there are no red or amber lights
Check application and system event logs
Go to your endpoint protection and delete inactive machines
Restart all servers not restarted in the past 6 months
II BENEFITS OF NETWORK MAINTENANCE
Computer networks, like other business equipment, require regular maintenance in order to perform at their peak A solid network monitoring and maintenance plan will ensure that all the critical aspects of the network are monitored for potential faults on a regular basis Some of the key areas of the network that require regular monitoring and maintenance include the system’s logs, antivirus system and the hard drives A sound maintenance plan will make your business strong enough to overcome any anticipated situations thus reducing downtime incidents.
MAINTENANCE SCHEDULA (D2)
DESIGN NETWORK MAINTENANCE
By implementing a network maintenance plan, you can keep your network running smoothly and without problems My network maintenance programs aim to get rid of any networks that eventually end up costing your company money since they function poorly or fail when they're needed most Avoid waiting until your network fails by making use of my network maintenance plans, which include:
Repair and Maintenance Switches are used to safely shut down machines and facilities that are not directly connected to a control unit or may bare the risk, that the machine or facility starts operating during maintenance or repair activities
Physical check of your equipment Every morning go into your server room and take a look and make sure that there are no red or amber lights
Check application and system event logs
Go to your endpoint protection and delete inactive machines
Restart all servers not restarted in the past 6 months
BENEFITS OF NETWORK MAINTENANCE
Computer networks, like other business equipment, require regular maintenance in order to perform at their peak A solid network monitoring and maintenance plan will ensure that all the critical aspects of the network are monitored for potential faults on a regular basis Some of the key areas of the network that require regular monitoring and maintenance include the system’s logs, antivirus system and the hard drives A sound maintenance plan will make your business strong enough to overcome any anticipated situations thus reducing downtime incidents
A proactive maintenance plan will make the network company providing this service reliable to your business, its client A proactive network monitoring and maintenance will result in satisfaction and a feeling of security The service provider too will receive negligible complaints against the machines since they are regularly monitored and maintained at a pre-set interval On the other hand, your customers and suppliers will find your business reliable and trustworthy to transact with, which is important in a competitive business environment
Waiting to hire a network support company when the entire system is down might be very costly to your business in many ways First, you will lose countless business hours during this downtime Next, you will end up paying a very high one time service fee In addition, fixing an already substantially damaged system can really drain your resources when compared to a scheduled maintenance plan that will head off issues before they escalate With a sound maintenance plan, the network maintenance provider will design a monthly package that suits your specific business needs
Poorly maintained networks usually get compromised on many security features making them more vulnerable to virus and Trojan attack as well as remote hacking whenever the network is connected to the internet However, a network monitoring and maintenance plan ensures that both the performance and security of the network are constantly under watch The last thing you want from your business is bad publicity and the lawsuits that come with a compromised business network system
Figure 17 Illustration of network maintenance
IMPLEMENT A NETWORK SYSTEM (P7)
PROOFING OF NETWORK IMPLEMENTATION
Step 1: Click on the computer
Step 2: In this part, I didn’t configure DHCP yet, so I configured static ip for IP address, Subnet Mask, default gateway, and dns server
Figure 18 Example of setting ip address for computer
Step 1: Click on the server
Step 2: Turn on the server
Step 3: Configure IP address and Subnet Mask
Step 4: Configure default gateway and DNS server
Figure 19 Example of setting ip and subnet mask
Figure 20 Example of setting default gateway and dns for server
Step 1: Click on the Printer
Step 2: Turn on the printer
Step 3: Configure IP address and Subnet Mask
Step 4: Configure default gateway and DNS server
Figure 21 Example of setting ip and subnet mask for printer
Figure 22 Example of setting default gateway and dns for printer
Step 2 interface gigabitethernet slot/port
Enters the configuration mode for a Gigabit Ethernet interface on the router
Step 3 ip address ip-address mask
Router(config-if)# ip address 192.168.10.1 255.255.255.0
Sets the IP address and subnet mask for the specified GE interface
Router(config-if)# no shutdown
Changing state from administratively down to administratively up
Exits configuration mode for the GE interface and returns to global configuration mode
Figure 23 Configure ip step by step
Step 1: Click on the multiple switch
Step 2: Assign port AC to the device
Figure 25 Illustration of assign port
Figure 26 Illustration of showing all vlans
Figure 27 Example of creating new vlan and rename
DIAGRAM
Figure 28 Total view of diagram
Figure 29 Total view of ground floor
Figure 30 Total view of 1 st floor
Figure 31 Total view of 2 nd floor
DOCUMENT AND ANALYSE TEST RESULTS (P8)
CONFIGURATION SHOWING
(*) It is really difficult to see if I show these in text format
TESTING
Test ID Test case Expected Outcome Actual
1 Ping from host to host in
VLAN 10 Successful Successful Ping from Web to
2 Ping from host to host in
VLAN 20 Successful Successful Ping from CN01 to CN02
3 Ping from host to host in
VLAN 30 Successful Successful Ping from MA01 to MA02
4 Ping from host to host in
VLAN 40 Successful Successful Ping from T01 to
5 Ping from host to host in
VLAN 50 Successful Successful Ping from M01 to
6 Ping from host to host in
VLAN 60 Successful Successful Ping from ILT01 to ILT02
7 Ping from host to host in
VLAN 70 Successful Successful Ping from ILT36 to ILT37
8 Ping from switch to switch in VLAN 99 Successful Successful
Ping from S_Server to S_Teacher
9 Ping from VLAN 10 to default gateway Successful Successful
Ping from DHCP_DNS to 192.168.10.1
10 Ping from VLAN 20 to default gateway Successful Successful Ping from CN01 to 192.168.20.1
11 Ping from VLAN 30 to default gateway Successful Successful Ping from MA01 to 192.168.30.1
12 Ping from VLAN 40 to default gateway Successful Successful Ping from T01 to
13 Ping from VLAN 50 to default gateway Successful Successful Ping from M01 to
14 Ping from VLAN 60 to default gateway Successful Successful Ping from ILT01 to 192.168.61.1
15 Ping from VLAN 70 to default gateway Successful Successful Ping from ILT36 to 192.168.71.1
16 Ping from VLAN 99 to default gateway Successful Successful
17 Ping from VLAN 10 to VLAN
Ping from DHCP_DNS to CN01
18 Ping from VLAN 20 to VLAN
30 Successful Successful Ping from CN01 to MA01
19 Ping from VLAN 30 to VLAN
40 Successful Successful Ping from MA01 to T01
20 Ping from VLAN 40 to VLAN
50 Successful Successful Ping from T01 to
21 Ping from VLAN 50 to VLAN
60 Successful Successful Ping from M01 to
22 Ping from VLAN 60 to VLAN
70 Successful Successful Ping from ITL01 to ITL36
23 Ping from VLAN 70 to VLAN
99 Successful Successful Ping from ITL27 to 192.168.99.71
24 Ping from DHCP_DNS to
Internet (8.8.8.8) Successful Successful Ping from S01 to
26 Ping from MA01 to Internet (8.8.8.8) Successful Successful
32 Get IP address automatically from DHCP server Successful Successful All pc (old or new one) receive id
1 Ping from host to host in VLAN 10
2 Ping from host to host in VLAN 20
3 Ping from host to host in VLAN 30
4 Ping from host to host in VLAN 40
5 Ping from host to host in VLAN 50
6 Ping from host to host in VLAN 60
7 Ping from host to host in VLAN 70
8 Ping from VLAN 10 to default gateway
9 Ping from VLAN 20 to default gateway
10 Ping from VLAN 30 to default gateway
11 Ping from VLAN 40 to default gateway
12 Ping from VLAN 50 to default gateway
13 Ping from VLAN 60 to default gateway
14 Ping from VLAN 70 to default gateway
15 Ping from VLAN 10 to VLAN 20
16 Ping from VLAN 20 to VLAN 30
17 Ping from VLAN 30 to VLAN 40
18 Ping from VLAN 40 to VLAN 50
19 Ping from VLAN 50 to VLAN 60
20 Ping from VLAN 60 to VLAN 70
21 Ping from DHCP_DNS to Internet (8.8.8.8)
22.Ping from CN01 to Internet (8.8.8.8)
23 Ping from MA01 to Internet (8.8.8.8)
25 Ping from ITL01 to Internet (8.8.8.8)
26 Ping from ITL36 to Internet (8.8.8.8)
POTENTIAL ENHANCEMENTS (M4)
I'll enhance my network in the future with security features like a firewall to deter hackers from breaking into it It monitors attempted access to your operating system and prevents undesired incoming traffic from unknown sources
Because my network has an IT lab so it will have a lot of classified info so I will use a proxy to prevent that data from being stolen
In the future, my network will have automatic detection and response It analyzes risks such as unknown or encrypted malware, insider threats, or compliance violations And it will have an alarm system in order to detect unknown accounts that access the network
Switches: To fairly separate the second and third floors, I'll probably install two more switches in the future I can increase the number of ports with the help of this The ping times between devices will be reduced as a result of this upgrade
Figure 50 Illustration of network enhancement