II a:oadcast server
Sci d6 ke't no'i sti' dvng hinh thuc chia se bang thong Internet (IXP)
51 Ke' ho~ch sii' dt;mg sfJIOp dja chi IP thqc:
Sfilu'<Jng dia chi IP dl! kitn xin du'<Jc ca'p trong ph~m vi 03 nam nhu' sau:
Mota Naml Nam2 Nam3 T<i'ng
c()ng
Sfi dia chi IP dung cho khu vvc e. town: 960 960 256 2,176
16 IP/ ddn vi (dvkitn: 120 ddn viva kha nang md rong)
Sfi dia chi IP dung v~n hanh cac may 256 256
chu va thitt bi m~ng (Switch, Router,
RAS)
T,... ong cQng: " 1,216 960 256 2,432
S610p dia chi (256IP/class): (4 X 256) (4 X 256) (1 X 256) (9 X 256)
61 Dung hiqng, chuc nang cung dtp djch V\1 va bi~n phap dam bao cha't hiqng
va an ninh tren m~ng:
Bi~n phap ky thu~t:
S6
Mo ta thie't bj va ca'u hinh Giai thich
lu'qng
Thie't bi m~ng cho khu vqc backbone cua e.town:
Switch layer 2/3 24-port 26 C1,1m thitt bi no'i m~ng cho cac van
101100, 112 Gigabit port, phong, ddn vi thanh vien trong toa nha
managed. e.town. Cac ddn vise du'<jc ca'p mot vai
dia chi IP thvc d€ sii' dt,mg cho cac dich
S6
Mota thie't bf va dtu hinh Giai thich
lu'<;tng
eMail server, v.v.
TO'c dQ ktt nO'i vao m~ng tn,IC tO'i thi~u la 100Mbps.
Switch Layer-3/4 - Backbone 02 * Cvm thiSt bi m~ng trung tam lam Switch: 12/16-port Gibabit, nhi~m Vl) diSu ph6i cac du li~u trao d6i 24/48-port 10/100Mbps trong toa nha va ktt nO'i ra c6ng Internet
(thong qua Firewall va Routers).
* Cac thitt bi nay c6 kha nang ki~m soat, phan lu6ng du li~u cling nhu nhiSu cong
ngh~ khac lam tang tinh an toan va hi~u
qua cua h~ thO'ng.
* SU' dvng 02 chitc d~ dlf phong slf cO'.
Thie't bf m:;tng cho c6ng ke't n6i Internet:
Internet Router: 02 WAN 02 * Dung cho cac ktt nO'i voi nha cung ca"p card (md rong len 06), 02 dich V\1 IXP.
10/1 00-ports. * TO'c dQ du'ong truySn dlf kitn ban dffu 2Mbps va tang dffn theo chu ky 06 thang.
* Dtfkitn 17/18Mbps vao nam thuba. Vi~c nang ca"p duong truySn cfi.ng tuy thUQC VaO muc dQ khai thac CUa ngu'oi Slt
dvng dich vv.
Cac h~ th6ng may chu di~u hanh:
May chu Firewall: 02 may diu chuyen dvng cua Cisco ho~c
S6
Mota thie't bf va ca'u hinh Giai thich
lu'qng
CPU (RISC ho~c Intel) CheckPoint/ Raptors Eagle.
512MB/1GB RAM. C<ic may chii nay c6 trach nhil$m dong/
2x 18GB HDD md cac d!ch VI) ke"t n6i voi Internet; H<;ln 4 x 101100 NIC che" cac truy nh~p toi cac d!a chi Internet Bam bao cho <200,000 ke"t ba't h<;1p phap, vi ph<;lm cac quy d!nh v~ an n6i tn;l'c tuye"n ninh, an toan ciia Chfnh phil; Phong ngua
cac hanh d9ng ta'n cong til' ben ngoai vao
hi$ th6ng (hacker); h.tu l<;li cac da'u ve"t
truy xua't thong tin theo yeu du an ninh,
an toan til' phfa B9 N9i VI), B() Van h6a Thong tin, v.v.
May chii DNS: 01 may chii UNIX cai d~t djch VI) DNS. HI$ di~u hanh UNIX. May chii DNS dl;l' kie"n ke"t h<;1p voi may CPU (RISC ho~c Intel) chii dang nh~p (sii' dl)ng cong nghl$ 512MB/1GB RAM. clustering) dS duy trl ho(;lt d()ng khi m9t
2 x 18GB HDD trong hai may c6 sl;l' c6.
Hai may nay se du'QC trang hi them m9t viing dia cling rieng (bao vi$ b~ng cong nghl$ RAID).
May chii eMail (Mail 01 may chii UNIX voi philn m~m Mail
Server): Server nhu': Netscape, OpenMail.
HI$ di~u hanh UNIX. May chii eMail dl;l' kie"n ke"t h9p voi may 2 x CPU (RISC ho~c Intel) chii Web ho~c may chii ling dl)ng (sii' 512MB/1GB RAM. dl)ng cong nghl$ clustering) dS dam bao
Sff
Mota thie't bf va ca'u hinh Giai thich htqng
H~ th6ng dia cling dung chung ho~c chia
se hoan toan doc l~p voi may chu.
Cac thung dia cling dung cong ngh~ Auto
RAID voi 15 khay dlfng dia cling 18GB
ho~c 36GB.
May chu Web (Web Server): 01 may chu UNIX voi phffn m~m quan tri
H~ di~u hanh UNIX. Web nhu': Netscape, Websphere,
CPU (RISC ho~c Intel) WebLogic.
512MB/1GB RAM. S6lu<;1ng may chu nay se tang theo nhu
2 x 18GB HDD (RAID) cffu si't dt,mg thlfc te'.
May chu Quan tri m~ng 01 Cai d~t cac phffn m~m HP Open View va
(Network Management Cisco Work.
Server) Bay la may tr~m chuyen dt,mg
(Workstation) c6 ca'u hlnh phu h<jp cac
ca'u hlnh yeu cffu cua phffn m~m quan tri
m~ng.
May chu n()i dung (Content 01 may chu chuyen dt,mg cua Cisco ho~c
Server/ Cache Engine) may UNIX cai d~t ph~n m~m Cache
Engine nhu' Squid.
May chu ki~m soat dang 01 may chu UNIX cai d~t phffn m~m ki~m
nh~p (Authentication soat quy~n dang nh~p cua ngu'oi si't dt,mg
Server): cua Cisco ho~c HP (Cisco SecureACS
H~ di~u hanh UNIX. ho~c HP Praesidium)
CPU (RISC ho~c Intel)
S6
Mo ta thie't bf va diu hinh Giai thich
lu'qng
2x 18GB HDD
May chu tinh cu'oc (Billing 01 may chu UNIX/ NT dti d~t phfin m~m
Server) tinh cu'oc.
Cffu hlnh phu h<Jp voi yeu du cua phffn
;:,
mem.
May chu htu tru (Backup 01 may chu UNIX voi phffn m~m qm'in tri Server): htu tru du lic$u (vi d\1: HP OmniBack)
He$ di~u hanh UNIX. May chu nay se du'<Jc l~p trlnh dS backup CPU (RISC ho~c Intel) thu'ong xuyen cac du lic$u khai thac cua
512MB/1GB RAM. CaC may chu d!ch V\1 khac.
5 x 18GB HDD Ngoai ra, n6 con la ndi nh~n cac lu6ng du Tape backup/ Optical drivers lic$u kiSm soat (logs file) tu cac may chu
d!ch V\1 nhu' eMail, Web, Firewall,
Authentication gll'i v~.
May chu Ung d\lng cho 01 may chu UNIX ch<;1y cac dich V\1 ling
e.town (Apps Server): d\lng cho ho(;lt dong cua toa nha e.town.
He$ di~u hanh UNIX. Cai d~t he$ QTCSDL, phfin m~m ling CPU (RISC ho~c Intel) d\lng ph\IC V\1 cho cac ho(;lt dong Chung
512MB/1GB RAM. cua toa nha.
PHlJ LlJC
,... ,...,