Scribd
Upload
86 views

Communication Project Documentation

This document describes the local area network (LAN) at the University of Gondar in Ethiopia. It discusses the star topology used and identifies the core, distribution, and access layers. It provides details on IP address subnetting for different campus networks. Components of the LAN include fiber optic cables for transmission and network devices like firewalls, switches, and routers configured according to the star topology to efficiently connect devices on the multiple campuses.

Uploaded by

selemon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
86 views

Communication Project Documentation

This document describes the local area network (LAN) at the University of Gondar in Ethiopia. It discusses the star topology used and identifies the core, distribution, and access layers. It provides details on IP address subnetting for different campus networks. Components of the LAN include fiber optic cables for transmission and network devices like firewalls, switches, and routers configured according to the star topology to efficiently connect devices on the multiple campuses.

Uploaded by

selemon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 46

INSTITUTE OF TECHINOLOGY

DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING


COMMUNICATION FOCUS AREA
DATA COMMUNICATION AND COMPUTER NETWORKS PROJECT

GROUP_TWO

NAME OF STUDENTS ID NUMbER(GUR)


1.BERIHUN MUCHE WORKNEH………………………………………………….…………………………….………..0201/07

2.BINIAM DESALEGN ASSEFA…………………………………………………………………………………………….0243/07

3.DANIEL MENGISTIEBITEW………………………..……………………………………………………………………0280/07

4.DEJEN KASSA ADUGNA……………………………………………………………………………………….…………0295/07

5.DEJEN YESHANEH KASSIE……………………..………………………………………………………………………0298/07

6.GETAHUN KASSA AYALEW………………………………………………………………………………………….07446/09

Submission date 12/05/2010 B.C submitted to Mr.Berihun

1
Acknowledgment

Firstly, we thank the lord of almighty of God who gives us the strength to do this
project secondly, we would like to thank Mr. Berihun for giving us the wonderful
opportunity to visit university of Gondar data center. thirdlywe would like to
thank university of Gondar data center workers especially, Mr. Gezahegni and his
friend for their patient guidance and support. This project would never have been
possible without the support and guidance of university of Gondar data center
workers.

2
Contents page

1 Introduction……………………………………………………………………………………………. 2
2 The two broad categories of communications networks………………………….3
2.1 Wide Area Networks…………………………………………………………..…….3
2.2 Local Area Networks……………………………………………………………..…..3
3 Network topology…………………………………………………………………………………..4
3.1 Ring topology……………………………………………………………………………..4
3.2 Bus topology………………………………………………………………..……………..5
3.3 Star topology……………………………………………………………………………….5
3.3.1 Fire wall…………………………………………………….…………………..7
3.3.2 Core layer…………………………………………….…….…..…………….7
3.3.3 Distribution layer……………………………………………..…………..7
3.3.4 Access layer………………………………………………………………….8
4 Ip Addressing (Subnetting)…………………………………………………..…………………11
4.1 Tewodros campus Ip address Subnetting……………….…………………..11
4.2 Fasil campus Ip address Subnetting……………………….…………………..12
4.3 Maraki campus Ip address Subnetting……………………………………….13
4.4 GC Ip address Subnetting………………………………………..………………...14
4.5 Hospital Ip address Subnetting………………………………..…………………15
4.6 Meless campus Ip address Subnetting……………………………………….16
4.7 Teacher’s condominium Ip address Subnetting…………..……………..17
5 Basic configuration of network devices………………………………..……………….19

3
1. Introduction

As its name implies, a local area network is a data communication network, typically
a packet communication network, limited in geographic scope. A local area network
generally provides high-bandwidth communication over inexpensive transmission
media. This paper discusses what local area network mean, how it be
design(Uognetwork) and Components of this Local Area Network Like any other data
communication network, this local area network is composed of three layers the
core, the distribution and the access and hardware elements: a transmission
medium that is fiber optics.

4
2.Categories of communications networks:
 Wide Area Network (WAN)
 Local Area Network (LAN)

2.1 Wide Area Networks


 span a large geographical area
 cross public rights of way
Wide area networks generally cover a large geographical area, require the crossing of public
right-of-ways, and rely at least in part on circuits provided by a common carrier. Typically, a
WAN consists of a number of interconnected switching nodes.
2.2 Local Area Networks

 smaller scope
 Building or small campus
 usually owned by same organization as attached devices

5
 data rates much higher
A LAN is a communications network that interconnects a variety of devices and provides a
means for information exchange among those devices. The scope of the LAN is small, typically a
single building or a cluster of buildings. It is usually the case that the LAN is owned by the same
organization that owns the attached devices. The internal data rates of LANs are typically much
greater than those of WANs.
LANs come in a number of different configurations. The most common are switched LANs and
wireless LANs. The most common switched LAN is a switched Ethernet LAN; others are ATM &
Fiber Channel LANs. Wireless networks provide advantages in the areas of mobility and ease of
installation and configuration.

3.Network topology
Network Topology is the shape or physical layout of the network. This is how the
computers and other devices are linked together to form a network.
Main Types of Physical Topologies
 Ring Topology
 Bus Topology
 Star Topology
3.1 Ring Topology is a ring pattern which connects the computers and other devices in a circle.
All devices are connected to one another in the shape of a closed loop, so that each device is
connected directly to two other devices, one on either side of it.

6
Advantage
 Requires less cabling and so it is less expensive
 Performs better than a bus topology under heavy network load
 Does not require network server to manage the connectivity between the
computers
Disadvantage
 If one node is down, then the entire network will not be able to function
 Moving, adding and changing of a computer or other devices can affect the
network
 Ring networks are slower than star network
3.2 Bus topology
 Bus Topology is a bus pattern connecting the computers and other devices to the
same communication line. All devices are connected in a line to a central cable,
called the bus or backbone. There is no central computer or server. The data
transmission is bidirectional.

7
Advantage
 If one of the computer or devices should stop working, this will not affect the
others
 Easy to connect or disconnect a computer or peripheral to a linear bus.
 Requires less cable length than a star topology.
Disadvantage
 Cannot connect a large number of computers this way.
 If the backbone cable fails, then the entire network fails.
 Bus networks are slower than star network

3.3 Star topology


Star Topology is a star pattern that connects everything to the host which is the
computer that handles the network’s tasks and holds the data. All devices are
connected to a hub (central device) forming a star.

8
Why we select star topology IN OUR LAN?
 As compared to Bus topology it gives far much better performance, signals don’t
necessarily get transmitted to all the workstations. A sent signal reaches the intended
destination after passing through no more than 3-4 devices and 2-3 links. Performance
of the network is dependent on the capacity of central hub.
 Easy to connect new nodes or devices. In star topology new nodes can be added easily
without affecting rest of the network. Similarly, components can also be removed
easily.
 Centralized management. It helps in monitoring the network.
 Failure of one node or link doesn’t affect the rest of network. At the same time its easy
to detect the failure and troubleshoot it.
Disadvantage
 Too much dependency on central device has its own drawbacks. If it fails whole network
goes down.
 The use of hub, a router or a switch as central device increases the overall cost of the
network.
 Performance and as well number of nodes which can be added in such topology is
depended on capacity of central device.

9
3.3.1 Fire wall
Firewalls are either hardware or software based and their main function is to keep
acomputer or network system secure from an attack. If we look closer, a hard ware
based firewall is a dedicated device with its own operating system on a
specializedplatform, whereas a software-based firewall is an additional program loaded
on a personal computer or on a network device like a router to inspect data or network
traffic.
A firewall has a great role in the implementation of a company’s security policy and
inthis case it is considered a system or a group of systems used to control network
trafficbased on the rules. The firewall is used as a protective bridge that demarks the
internalor trusted network to the external untrusted network such as the Internet. As a
checkpoint gateway, firewall analyses the IP packets and decides whether to allow
throughor not, based on the preconfigured rules. Also the firewall determines which
informationor services to be accessed from outside as well as from inside and by whom.

3.3.2Core layer
The core layer provides an optimized and reliable transport structure by forwarding
traffic at very high speeds. In other words, the core layer switches packets as fast as
possible. Devices at the core layer should not be burdened with any processes that
stand in the way of switching packets at top speed.
3.3.3Distribution Layer
• The distribution layer is a middle layer between the access and core layer of a
network.In other words, it is considered a demarcation point between these layers. It is
at thispoint where traffic flow control and access control takes place. More often, the
distribution layer is a preferred place for designing virtual LANs (VLANs) to create one or
morebroadcast domains and to configure network devices like routers to route IP
packetsacross VLANs.
• The distribution layer aggregates the data received from the access layer switches
before it is transmitted to the core layer for routing to its final destination.

10
3.3.4 Access Layer
The main task of the access layer is to connect local users to the network so that theycan access
network resources and services. This layer is designed to deliver local userpackets to the
targeted end user computer and also to ensure a legitimate access ofnetwork resources and
services. End devices such as personal computers, printersand IP phones are connected to the
access layer. Besides that, interconnecting devices such as routers, switches, hubs and wireless
access point can be part of the accesslayer.
The access layer interfaces with end devices, such as PCs, printers, and IP phones, to provide
access to the rest of the network.
• Access-list checking
• Data encryption
• Address translation
• The project topology shown in figure above is designed by considering the
characteristics and features of university of Gondar. The topology has seven
subnets such as Fasil, Tewodros, Maraki, GC, hospital, tseda and teacher’s
condominium.
According to figure, the firewall is a gateway to the external network by routing IPtraffic
in both directions. The firewall is connected to the Internet through test networkwith a
dedicated IP address. A public server is connected to the firewall with its ownsubnet
which is basically planned to offer file sharing services to public users. The firewall is
used to translate the private IP addresses of the inside and Public Server subnets to a
public IP address of the outside interface of the firewall and vice versa.Above all, the
main task of the firewall is to serve as a check point to filter out incomingand outgoing
traffics for the purpose of protection of the internal network against attacks coming
from the external network.Access layer switches (Sw1, Sw2, Sw3, Sw4, Sw5, Sw6, and
Sw7) shown in the topology figure are used to connect workstations and the internal
server to the core switch.

NAT (Network Address Translation) The rapid growth of the Internet resulted in a shortage of
available IPv4 addresses. In response, a specific subset of the IPv4 address space was
designated as private, to temporarily alleviate this problem.
A public address can be routed on the Internet. Thus, devices that must be Internet-accessible
must be configured with (or reachable by) public addresses. Allocation of public addresses is
governed by the Internet Assigned Numbers Authority (IANA).
A private address is intended for internal use within a home or organization, and can be freely
used by anyone. However, private addresses can never be routed on the Internet. In fact,
Internet routers are configured to immediately drop traffic with private addresses. Three
private address ranges were defined in RFC 1918, one for each IPv4
11
It is possible to translate between private and public addresses, using Network Address
Translation (NAT). NAT allows a host configured with a private address to be stamped with a
public address, thus allowing that host to communicate across the Internet. It is also possible
to translate multiple privately-addressed hosts to a single public address, which conserves the
public address space.
NAT provides an additional benefit – hiding the specific addresses and addressing structure of
the internal (or private) network.

Note: NAT is not restricted to private-to-public address translation, though that is the most
common application. NAT can also perform public-to-public address translation, as well as
private-to-private address translation.

Types of NAT
NAT can be implemented using one of three methods:
Static NAT – performs a static one-to-one translation between two addresses, or between a
port on one address to a port on another address.
Static NAT is most often used to assign a public address to a device behind a NAT-enabled
firewall/router.
Dynamic NAT – utilizes a pool of global addresses to dynamically translate the outbound traffic
of clients behind a NAT-enabled device.
NAT Overload or Port Address Translation (PAT) – translates the outbound traffic of clients to
unique port numbers off of a single global address. PAT is necessary when the number of
internal clients exceeds the available global addresses.

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on
TCP/IP networks whereby a DHCP server dynamically assigns an IP address and other network
configuration parameters to each device on a network so they can communicate with other IP
networks. A DHCP server enables computers to request IP addresses and networking
parameters automatically from the Internet service provider (ISP), reducing the need for a
network administrator or a user to manually assign IP addresses to all network devices. In the
absence of a DHCP server, a computer or other device on the network needs to be manually
assigned an IP address.

12
DHCP can be implemented on networks ranging in size from home networks to large campus
networks and regional Internet service provider networks small local networks as well as large
enterprise networks. A router or a residential gateway can be enabled to act as a DHCP server.
Most residential network routers receive a globally unique IP address within the ISP network.
Within a local network, a DHCP server assigns a local IP address to each device connected to the
network.
DMZ (Demilitarized Zone) is either a logical or physical sub-network that contains most of a
network’s externally connected services which connect to the Internet. The primary purpose of
the DMZ is to provide another layer of security for a local area network (LAN). If a rogue actor is
able to obtain access to services located in the DMZ, they are not able to gain full access to the
main part of the network.
What is the Purpose of a DMZ?
In most computer networks, the most vulnerable components are those computer hosts that
are responsible for providing end-user services such as web, DNS (Domain Name System), and
email servers. Due to the odds of one of these servers becoming compromised through
published or newly discovered exploits, when employing the DMZ concept, they are configured
to reside within their own subnetwork. This allows the remainder of the network to be
protected if a rogue actor or hacker is able to succeed in attacking any of the servers.
Any computer host that is placed in the DMZ will have limited connectivity to other hosts that
solely reside within the internal network. The DMZ does permit communication across hosts
located within the DMZ and to the external network or Internet. This aspect of the DMZ allows
servers to provide services to both the external and internal networks.
What Services Are Normally Placed in the DMZ?
Any network service that runs as a server requiring communication to an external network or
the Internet can be placed in the DMZ. The most common services placed in the DMZ include:
mail or email servers, FTP servers, Web Servers, and VOIP servers. The decision on what
server(s) to place within the DMZ is based on the overall computer security policy of an
organization and resource analysis of the drawbacks to placement outside of the primary
domain.
Access Control Lists (ACLs)
Access lists are a set of rules, organized in a rule table. Each rule or line in an access-list
provides a condition, either permit or deny.
Access control lists (ACLs) can be used for two purposes on Cisco devices:
• To filter traffic
• To identify traffic

13
When using an access-list to filter traffic, a permit statement is used to
“allow” traffic, while a deny statement is used to “block” traffic.
Similarly, when using an access list to identify traffic, a permit
statement is used to “include” traffic, while a deny statement states
that the traffic should “not” be included. It is thus interpreted as a
true/false statement.
VLANs
A VLAN is a group of devices on one or more LANs that are configured to communicate as if
they were attached to the same wire, when in fact they are located on a number of different
LAN segments. Because VLANs are based on logical instead of physical connections, they are
extremely flexible.
VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all
devices that will receive broadcast frames originating from any device within the set. Broadcast
domains are typically bounded by routers because routers do not forward broadcast frames.
Layer 2 switches create broadcast domains based on the configuration of the switch. Switches
are multiport bridges that allow you to create multiple broadcast domains. Each broadcast
domain is like a distinct virtual bridge within a switch.
You can define one or many virtual bridges within a switch. Each virtual bridge you create in the
switch defines a new broadcast domain (VLAN). Traffic cannot pass directly to another VLAN
(between broadcast domains) within the switch or between two switches.

4.IP Addressing(Subnetting)
Subletting based on the number of hosts
An IP address is a unique 32- bit number which is used to identify a network device onan IP
network. Each IP address consists of two parts, the host and the network portion.
The network address is used for identifying the network or the subnet where the deviceis
located and the host address helps to identify the individual device.

4.1 Tewodros campus ip Address Subnetting (10.139.0.0/16)


The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 1000
ii. Number of hosts of Library = 700

14
iii. Number of hosts of office = 200
iv. Number of hosts of Registrar= 200
v. Number of hosts of Teachers condominium= 200
We can represent 1000 in 9 bit then the new subnet mask will be
11111111.11111111.11111100.00000000 = 255.255.252.0 new subnet mask.
Table 1.3 Addressing for 10.139.0.0/16

Subnet Ip address region Hosts


1st 10.139.0.0/22 – 10.139.3.255/22 laboratory
2nd 10.139.4.0/22– 10.139.7.255/22 Library
3rd 10.139.8.0/22 – 10.139.11.255/22 11111111.11111111.11111111.00000000
subnet Ip address region hosts
1st 10.139.8.0/24 -10.139.8.255/24 Registrar
2nd 10.139.9.0/24 -10.139.9.255/24 Office
3rd 10.139.10.0/24 - Teachers
10.139.10.255/24 condominium
th
4 10.139.11.0/24 - For future use
10.139.11.255/24
4th 10.139.12.0/22 – 10.139.15.255/22 For future use

5th 10.139.16.0/22 – 10.139.19.255/22 For future use

6th 10.139.20.0/22 – 10.139.23.255/22 For future use

. .
. .
. .
Last 10.139.252.0/22 – 10.139.255.255/22 For future use

4.2Fasil campus ip Address Subnetting (10.154.0.0/16)


The subnet mask is 255.255.0.0 i.e 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 500
ii. Number of hosts of Library = 400
iii. Number of hosts of office = 100
iv. Number of hosts of Registrar= 120
We can represent 500 in 9 bit then the new subnet mask will be
11111111.11111111.11111110.00000000 255.255.254.0 new subnet mask.

15
Table 1.2 Addressing for 10.154.0.0/16

Subnet Ip address region Hosts


1st 10.154.0.0/23 – 10.154.1.255/23 Laboratory
2nd 10.154.2.0/23 – 10.154.3.255/23 Library
3rd 10.154.4.0/23 – 10.154.5.255/23 11111111.11111111.11111111.10000000
subnet Ip address region Host
st
1 10.154.4.0/25 - Registrar
10.154.4.127/25
2nd 10.154.4.128/25 Office
10.154.4.255/25
4th 10.154.6.0/23 – 10.154.7.255/23 For future use
5th 10.154.8.0/23 – 10.154.9.255/23 For future use
6th 10.154.10.0/23 – 10.154.11.255/23 For future use
. . .
. . .
. . .
Last 10.154.254.0/23 – For future use
10.154.255.255/23

4.3 Maraki campus ip Address Subnetting (10.152.0.0/16)


The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 500
ii. Number of hosts of Library = 500
iii. Number of hosts of office = 200
iv. Number of hosts of Registrar= 200

We can represent 500 in 9 bit then the new subnet mask will be
11111111.11111111.11111110.00000000 =255.255.254.0 new subnet mask.

Table 1.4 Addressing for 10.139.0.0/16

Subnet Ip address region hosts


1st 10.152.0.0/23 – 10.152.1.255/23 Laboratory
nd
2 10.152.2.0/23 – 10.152.3.255/23 Library

16
3rd 10.152.4.0/23 – 10.152.5.255/23 11111111.11111111.11111111.00000000
Subnet Ip address region host
1st 10.152.4.0/24 – 10.152.4.255/24 Registrar
2nd 10.152.5.0/24 – 10.152.5.255/24 Office
4th 10.152.6.0/23 – 10.152.7.255/23 For future use
5th 10.152.8.0/23 – 10.152.9.255/23 For future use
6th 10.152.10.0/23 – 10.152.11.255/23 For future use
. . .
. . .
. . .
Last 10.152.254.0/23 – 10.152.255.255/23 For future use

4.4 GC ip Address subletting (10.137.0.0/16)


The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 500
ii. Number of hosts of Library = 450
iii. Number of hosts of office = 200
iv. Number of hosts of Registrar= 200

We can represent 500 in 9 bit then the new subnet mask will be
11111111.11111111.11111110.00000000 =255.255.254.0 new subnet mask.

Subnet Ip address region hosts


1st 10.137.0.0/23– 10.137.1.255/23 Laboratory
2nd 10.137.2.0/23– 10.137.3.255/23 Library
3rd 10.137.4.0/23– 10.137.5.255/23 11111111.11111111.11111111.10000000
Subnet Ip address region host
1st 10.152.4.0/25 – 10.152.4.255/25 Registrar
nd
2 10.152.5.0/25 – 10.152.5.255/25 Office

17
4th 10.137.6.0/23– 10.137.7.255/23 For future use
5th 10.137.8.0/23– 10.137.9.255/23 For future use
6th 10.137.10.0/23– 10.137.11.255/23 For future use
. .
. .
. .
Last 10.137.254.0/23– 10.137.255.255/23 For future use

Table 1.5 Addressing for 10.137.0.0/16

4.5 Hospital ip Address subletting (10.136.0.0/16)


The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 500
ii. Number of hosts of office = 450
iii. Number of hosts of Card Room= 200

We can represent 500 in 9 bit then the new subnet mask will be
11111111.11111111.11111110.00000000 =255.255.254.0 new subnet mask.
Table 1.6 Addressing for 10.136.0.0/16

subnet Ip address region Hosts


1st 10.136.0.0/23– 10.136.1.255/23 Laboratory
2nd 10.136.2.0/23– 10.136.3.255/23 Office
3rd 10.136.4.0/23– 10.136.5.255/23 11111111.11111111.11111111.10000000
Subnet Ip address region host
st
1 10.136.4.0/25 – 10.136.4.255/25 Card room
nd
2 10.136.5.0/25 – 10.136.5.255/25 For future use
4th 10.136.6.0/23– 10.136.7.255/23 For future use
5th 10.136.8.0/23– 10.136.9.255/23 For future use
6th 10.136.10.0/23– 10.136.11.255/23 For future use
. .
. .
. .
last 10.136.254.0/23– 10.136.255.255/23 For future use

18
4.6 Meless Campus ip Address subletting (10.157.0.0/16)
The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: -
i. Number of hosts of laboratory = 500
ii. Number of hosts of Library = 500
iii. Number of hosts of office = 200
iv. Number of hosts of Registrar= 200

We can represent 500 in 9 bit then the new subnet mask will be
11111111.11111111.11111110.00000000 =255.255.254.0 new subnet mask.
Table 1.7 Addressing for 10.139.0.0/16

subnet Ip address region Hosts


1st 10.157.0.0/23 – 10.157.1.255/23 Laboratory
2nd 10.157.2.0/23 – 10.157.3.255/23 Library
3rd 10.157.4.0/23 – 10.157.5.255/23 11111111.11111111.11111111.00000000
Subnet Ip address region Host
1st 10.157.4.0/24 – 10.157.4.255/24 Office
2nd 10.157.5.0/24 – 10.157.5.255/24 Registrar
4th 10.157.6.0/23 – 10.157.7.255/23 For future use
5th 10.157.8.0/23 – 10.157.9.255/23 For future use
6th 10.157.10.0/23 – 10.157.11.255/23 For future use
. . .
. . .
. . .
last 10.157.254.0/23 – 10.157.255.255/23 For future use

4.7 Teachers condominium ip Address subletting (10.156.0.0/16)


The subnet mask is 255.255.0.0 = 11111111.11111111.00000000.00000000
Assume: - Number of hosts teacher’s condominium = 200
We can represent 200 in 9 bit then the new subnet mask will be
11111111.11111111.11111111.00000000 =255.255.255.0 new subnet mask.
Table 1.8 Addressing for 10.156.0.0/16

Subnet Region of ip address hosts


1st 10.156.0.0/24– 10.156.0.255/24 condominium
2nd 10.156.1.0/24– 10.156.1.255/24 For future use

19
. . .
. . .
Last 10.156.255.0/24– 10.156.255.255/24 For future use

5.Basic Configuration of Network Devices


Configuration On layer 2 switch
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.

Creat vlans
Switch(config)#vlan 2
Switch(config-vlan)#name library
Switch(config-vlan)#exit
Assign ports on vlan
Switch(config)#interface range f0/2-3
Switch(config-if-range) #switchport mode access
Switch(config-if-range)#switchport access vlan 2
Switch(config-if-range)#exit
Creat trunk port
Switch(config)#interface f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 3
Switch(config-vlan)#name labclass
Switch(config-vlan)#exit

Switch(config)#interface range f0/2-3


Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 3
Switch(config-if-range)#exit

Switch(config)#interface f0/1
Switch(config-if)#switchport mode trunk

Switch(config-if)#
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 4

20
Switch(config-vlan)#name staff
Switch(config-vlan)#exit

Switch(config)#interface range f0/2-3


Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 4
Switch(config-if-range)#exit

Switch(config)#interface f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Switch(config-if)#exit
Running configuration for layer 2 switch
Switch>
Switch>en
Switch#show run
Switch#show running-config
Building configuration...

Current configuration : 1199 bytes


!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
interface FastEthernet0/1
switchport mode trunk
!
interface FastEthernet0/2
switchport access vlan 2
switchport mode access

21
!
interface FastEthernet0/3
switchport access vlan 2
switchport mode access
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24

22
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
!
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
!
end

Layer 3 switch
Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#ip routing
Switch(config)#vlan 2
Switch(config-vlan)#exit
Switch(config)#vlan 3
Switch(config-vlan)#exit
Switch(config)#vlan 4
Switch(config-vlan)#exit
Switch(config)#interface f0/1
Switch(config-if)#switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to
"trunk" mode.
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#exit

Switch(config)#interface f0/2
Switch(config-if)#switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to
"trunk" mode.

23
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#exit

Switch(config)#interface f0/3
Switch(config-if)#switchport mode trunk
Command rejected: An interface whose trunk encapsulation is "Auto" can not be configured to
"trunk" mode.
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#exit

Switch(config)#interface vlan 2
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan2, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to up

Switch(config-if)#ip address 10.154.0.1 255.255.254.0


Switch(config-if)#no shutdown
Switch(config-if)#exit

Switch(config)#interface vlan 3
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan3, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan3, changed state to up

Switch(config-if)#ip address 10.154.2.1 255.255.254.0


Switch(config-if)#no shutdown
Switch(config-if)#exit

Switch(config)#interface vlan 4
Switch(config-if)#
%LINK-5-CHANGED: Interface Vlan4, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan4, changed state to up

Switch(config-if)#ip address 10.154.4.1 255.255.255.128


Switch(config-if)#no shutdown
Switch(config-if)#exit

Switch(config)#ip dhcp pool vlan2


Switch(dhcp-config)#network 10.154.0.0 255.255.254.0
Switch(dhcp-config)#default-router 10.154.0.1
Switch(dhcp-config)#dns-server 8.8.8.8
Switch(dhcp-config)#exit

24
Switch(config)#ip dhcp excluded-address 10.154.0.1
Switch(config)#ip dhcp excluded-address 10.154.0.254
Switch(config)#ip dhcp excluded-address 10.154.1.254

Switch(config)#ip dhcp pool vlan3


Switch(dhcp-config)#network 10.154.2.0 255.255.254.0
Switch(dhcp-config)#default-router 10.154.2.1
Switch(dhcp-config)#dns-server 10.139.5.10
Switch(dhcp-config)#exit

Switch(config)#ip dhcp excluded-address 10.154.2.1


Switch(config)#ip dhcp excluded-address 10.154.2.254
Switch(config)#ip dhcp excluded-address 10.154.2.10

Switch(config)#ip dhcp pool vlan4


Switch(dhcp-config)#network 10.154.4.0 255.255.255.128
Switch(dhcp-config)#default-router 10.154.4.1
Switch(dhcp-config) #dns-server 10.139.5.11
Switch(dhcp-config)#exit

Switch(config)#ip dhcp excluded-address 10.154.4.1


Switch(config)#ip dhcp excluded-address 10.154.4.254
Switch(config)#ip dhcp excluded-address 10.154.4.100
Switch(config)#ip dhcp excluded-address 10.154.5.1

Running configuration

Switch#show running-config
Building configuration...

Current configuration : 2512 bytes


!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
ip dhcp excluded-address 10.154.0.1
ip dhcp excluded-address 10.154.0.254
ip dhcp excluded-address 10.154.1.254
ip dhcp excluded-address 10.154.2.1
ip dhcp excluded-address 10.154.2.254

25
ip dhcp excluded-address 10.154.2.10
ip dhcp excluded-address 10.154.4.1
ip dhcp excluded-address 10.154.4.254
ip dhcp excluded-address 10.154.4.100
ip dhcp excluded-address 10.154.5.1
!
ip dhcp pool vlan2
network 10.154.0.0 255.255.254.0
default-router 10.154.0.1
dns-server 10.139.5.10
ip dhcp pool vlan3
network 10.154.2.0 255.255.254.0
default-router 10.154.2.1
dns-server 10.139.5.11
ip dhcp pool vlan4
network 10.154.4.0 255.255.255.128
default-router 10.154.4.1
dns-server 10.139.5.11
!
!
ip routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
interface FastEthernet0/1
no switchport
no ip address
duplex auto
speed auto
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q

26
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
!
interface FastEthernet0/4
no switchport
ip address 10.154.6.1 255.255.254.0
duplex auto
speed auto
!
interface FastEthernet0/5
switchport trunk encapsulation dot1q
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22

27
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
mac-address 0090.0c2b.0101
ip address 10.154.0.1 255.255.254.0
!
interface Vlan3
mac-address 0090.0c2b.0102
ip address 10.154.2.1 255.255.254.0
!
interface Vlan4
mac-address 0090.0c2b.0103
ip address 10.154.4.1 255.255.255.128
!
router ospf 1
log-adjacency-changes
network 10.154.0.0 0.0.1.255 area 0
network 10.154.2.0 0.0.1.255 area 0
network 10.154.4.0 0.0.0.127 area 0
network 10.154.6.0 0.0.1.255 area 0
!
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!

28
line vty 0 4
login
!
!
!
end

Configuration done on fasil distribution-ospf

Switch>en
Switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface f0/4
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.154.6.1 255.255.254.0
Switch(config-if)#no shutdown
switch(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface fastEthernet f0/4, changed state
to
down
%LINEPROTO-5-UPDOWN: Line protocol on Interface fastEthernet f0/4, changed state
to
up
Switch(config-if)#exit
Switch(config)#ip routing
Switch(config)#router ospf 1
Switch(config-router)# network 10.154.0.0 0.0.1.255 area 0
Switch(config--router)# network 10.154.2.0 0.0.1.255 area 0
Switch(config--router)# network 10.154.4.0 0.0.0.127 area 0
Switch(config--router)# network 10.154.6.0 0.0.1.255 area 0
Switch(config--router)#exit
Switch(config)#ex
Switch#

Switch#show running-config
Building configuration...

Current configuration : 2512 bytes


!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!

29
hostname Switch
!
!
!
ip dhcp excluded-address 10.154.0.1
ip dhcp excluded-address 10.154.0.254
ip dhcp excluded-address 10.154.1.254
ip dhcp excluded-address 10.154.2.1
ip dhcp excluded-address 10.154.2.254
ip dhcp excluded-address 10.154.2.10
ip dhcp excluded-address 10.154.4.1
ip dhcp excluded-address 10.154.4.254
ip dhcp excluded-address 10.154.4.100
ip dhcp excluded-address 10.154.5.1
!
ip dhcp pool vlan2
network 10.154.0.0 255.255.254.0
default-router 10.154.0.1
dns-server 10.139.5.10
ip dhcp pool vlan3
network 10.154.2.0 255.255.254.0
default-router 10.154.2.1
dns-server 10.139.5.11
ip dhcp pool vlan4
network 10.154.4.0 255.255.255.128
default-router 10.154.4.1
dns-server 10.139.5.11
!
!
ip routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!

30
!
!
!
!
!
interface FastEthernet0/1
no switchport
no ip address
duplex auto
speed auto
!
interface FastEthernet0/2
switchport trunk encapsulation dot1q
!
interface FastEthernet0/3
switchport trunk encapsulation dot1q
!
interface FastEthernet0/4
no switchport
ip address 10.154.6.1 255.255.254.0
duplex auto
speed auto
!
interface FastEthernet0/5
switchport trunk encapsulation dot1q
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!

31
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
mac-address 0090.0c2b.0101
ip address 10.154.0.1 255.255.254.0
!
interface Vlan3
mac-address 0090.0c2b.0102
ip address 10.154.2.1 255.255.254.0
!
interface Vlan4
mac-address 0090.0c2b.0103
ip address 10.154.4.1 255.255.255.128
!
router ospf 1
log-adjacency-changes
network 10.154.0.0 0.0.1.255 area 0
network 10.154.2.0 0.0.1.255 area 0
network 10.154.4.0 0.0.0.127 area 0
network 10.154.6.0 0.0.1.255 area 0
!
ip classless

32
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
end

Switch#

Configuration on core switch -ospf

Enter configuration commands, one per line. End with CNTL/Z.


Switch(config)#interface f0/5
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.154.6.2 255.255.254.0
Switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#

33
%LINEPROTO-5-UPDOWN: Line protocol on Interface fastEthernet f0/4, changed state
to
down
%LINEPROTO-5-UPDOWN: Line protocol on Interface fastEthernet f0/4, changed state
to
Up

Switch(config)#interface f0/1
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.139.12.2 255.255.252.0
Switch(config-if)#no shutdown
switch(config-if)#

Switch(config)#interface f0/2
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.152.6.2 255.255.255.0
Switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#

Switch(config)#interface f0/3
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.137.6.2 255.255.254.0
Switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#
Switch(config)#interface f0/4
Switch(config-if)#no switchport
Switch(config-if)#ip address 10.136.6.2 255.255.254.0
Switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#
Switch(config)#interface f0/7
Switch(config-if)#no switchport
Switch(config-if)#ip address 192.168.10.2 255.255.255.0
Switch(config-if)#no shutdown
switch(config-if)#exit
switch(config)#

Switch(config-if)#exit
Switch(config)#ip routing
Switch(config)#router ospf 2
Switch(config-router)# network 10.154.0.0 0.0.1.255 area 0
Switch(config--router)# network 10.152.6.0 0.0.0.255 area 0

34
Switch(config--router)# network 10.139.12.0 0.0.3.255 area 0
Switch(config--router)# network 10.137.6.0 0.0.1.255 area 0

Switch(config--router)# network 10.136.6.0 0.0.1.255 area 0


Switch(config--router)# network 192.168.10.0 0.0. 0.255 area 0
Switch(config--router)#exit
Switch(config)#ex
Switch#

Switch#show running-config
Building configuration...

Current configuration : 1872 bytes


!
version 12.2(37)SE1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname Switch
!
!
!
!
!
!
ip routing
!
!
!
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
35
!
!
!
interface FastEthernet0/1
no switchport
ip address 10.139.12.2 255.255.252.0
duplex auto
speed auto
!
interface FastEthernet0/2
no switchport
ip address 10.152.6.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/3
no switchport
ip address 10.137.6.2 255.255.254.0
duplex auto
speed auto
!
interface FastEthernet0/4
no switchport
ip address 10.136.6.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/5
no switchport
ip address 10.154.6.2 255.255.254.0
duplex auto
speed auto
!
interface FastEthernet0/6
!
interface FastEthernet0/7
no switchport
ip address 192.168.10.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10

36
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
router ospf 2
log-adjacency-changes
network 10.154.6.0 0.0.1.255 area 0
network 10.139.12.0 0.0.3.255 area 0
network 10.137.6.0 0.0.1.255 area 0
network 10.136.6.0 0.0.0.255 area 0
network 10.152.6.0 0.0.0.255 area 0
network 192.168.10.0 0.0.0.255 area 0
!

37
ip classless
!
ip flow-export version 9
!
!
!
!
!
!
!
line con 0
!
line aux 0
!
line vty 0 4
login
!
!
!
End

Fire wall configuration

Ciscoasa>enable
Password:
ciscoasa#conf t
ciscoasa(config)#interface vlan 1
ciscoasa(config-if)#ip address 192.168.10.1 255.255.255.0
ciscoasa(config-if)#security-level 100
ciscoasa(config-if)#ex
ciscoasa(config)#interface ethernet 0/0
ciscoasa(config-if)#switchport access vlan 1
ciscoasa(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan2, changed state to down

ciscoasa(config-if)#ex
ciscoasa(config)#interface vlan 2
ciscoasa(config-if)#ip address 213.55.79.2 255.255.255.0
ciscoasa(config-if)#no shutdown
ciscoasa(config-if)#nameif outside
ciscoasa(config-if)#security-level 0
ciscoasa(config-if)#ex
ciscoasa(config)#interface ethernet 0/2
ciscoasa(config-if)#switchport access vlan 2
ciscoasa(config)#dhcpd address 192.168.10.0 255.255.255.0
ciscoasa(config)#dhcpd dns 8.8.8.8 interface inside

38
ciscoasa(config)#ex
ciscoasa#
ciscoasa#show running-config
: Saved
:
ASA Version 8.4(2)
!
hostname ciscoasa
names
!
interface Ethernet0/0
!
interface Ethernet0/1
!
interface Ethernet0/2
switchport access vlan 2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 213.55.79.2 255.255.255.0
!
!
!
!
!
!
!
!
!
!

39
!
!
telnet timeout 5
ssh timeout 5
!
dhcpd dns 8.8.8.8
dhcpd auto_config outside
!
dhcpd dns 8.8.8.8 interface inside
dhcpd enable inside
!
!
!
!
!
!
ciscoasa#conf t
ciscoasa(config)#route outside 0.0.0.0 0.0.0.0 213.55.79.1
ciscoasa(config)#object network lan
ciscoasa(config-network-object)#subnet 192.168.10.0 255.255.255.0
ciscoasa(config-network-object)#nat (inside,outside) dynamic interface
ciscoasa(config-network-object)#ex
ciscoasa#conf t
ciscoasa(config)#access-list in_to_internet extended permit icmp any any

configurations done on isp router

Router>en
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname isp
isp(config)#interface gigabitEthernet 0/0
isp(config-if)#ip address 213.55.79.1 255.255.255.0
isp(config-if)#no shutdown

isp(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0, changed state to


up

40
isp(config-if)#ex
isp(config)#interface gigabitEthernet 0/1
isp(config-if)#ip address 8.8.8.1 255.255.255.0
isp(config-if)#no shutdown

isp(config-if)#
%LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/1, changed state to


up
isp con0 is now available
Press RETURN to get started.

isp>enable
isp#conf t
Enter configuration commands, one per line. End with CNTL/Z.
isp(config)#router ospf 1
isp(config-router)#network 213.55.79.0 0.0.0.255 area 0
isp(config-router)#network 8.8.8.0 0.0.0.255 area 0
isp(config-router)#ex
isp(config)#ex
isp#
%SYS-5-CONFIG_I: Configured from console by console

isp#sh
isp#show running-config
Building configuration...

Current configuration : 750 bytes


!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption

41
!
hostname isp
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO1941/K9 sn FTX15249DQO
!
!
!
!
!
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 213.55.79.1 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 8.8.8.1 255.255.255.0
duplex auto
speed auto
!
interface Vlan1

42
no ip address
shutdown
!
router ospf 1
log-adjacency-changes
network 213.55.79.0 0.0.0.255 area 0
network 8.8.8.0 0.0.0.255 area 0
!
ip classless
!
ip flow-export version 9

Google map for Uog campus

43
44
Conclusion
• In the design of the local area network there might be core layer, distribution layer and
access layer. And the high capacity core switch plays an important role in delivering
frames/packets as fast as possible in the center of the network. The distribution layer is
a preferred place for designing virtual LANs (VLANs) to create one or more broadcast
domains. And The main task of the access layer is to connect local users to the network.

45
References:
1. Data and Computer Communications by William Stallings 8 th edition Upper
Saddle River, New Jersey

46

You might also like