Ciscos Threaded Case Study Desert View

1
Ciscos Threaded Case StudyDesert View

• Andy Gall
• Ken Schroeder
• John Byers

2
SCHOOL PLAN
Speed

• Design a school network that will allow all
  connected
• workstations the ability to connect at a minimum
  of 1 Mbps.

Security

• Design the network in such a manner that there is
  reliable
• security separating the curriculum
  administrative systems.

Growth

• Design the school network at a minimum of cost to
  the school
• but one that allows for future technologies to
  be added easily.

3
A
B
Desert View
4
Section Andrew
Frank
Section Brian
Section Charlie
Section Daniel
Section Edward
George
5
Cut Sheet
IDF
Sample Label
6
Desert View
7
Desert View
8
Desert View
9
Network Equipment

• Category 5 Plenum Cable
• Fiber Optic Cable (4 pair)
• Cisco Router
• Cisco Switches
• Cisco Hubs
• Equipment racks/cabinets
• Patch panels

10
Fiber Optic Cable

• Connecting two pairs from school MDF to every IDF
  (total 7 locations).
• Total length required 8000 ft.
• Price quoted from DataComm 11/1/99.
• 630/1000 foot pack Item DBC1832
• 5040 for all Horizontal cross-connects

11
Category 5 Plenum Cable

• 31,050 ft. needed for all vertical CC
• Price quoted from DataComm 11/1/99
• 550/2000 foot pack
• 8800 for entire project Cat 5 needs

12
Cisco Router

• Cisco 2600 Series Router
• Channelized T1/E1 for connection to Central
  Office
• 2 Fiber Modules for connection to LAN
• Gateway to Internet
• Estimated cost 6,000

13
Cisco Switches

• Cisco 2924-xl-a, 24 port 10/100 BaseT
• 50 Classroom Switches
• Cisco ws-c-2924-xl-en, 22 port 10/100 Ethernet
  2 100BaseFX
• 7 IDF Switches
• Cisco 2912-mf 12 port
• 100BaseFx w/ 4port
• 100BaseT Module
• 2 MDF Switches

14
Cisco Hubs

• Cisco 1538 8 port 10/100BaseT
• 50 Classroom extension hubs

15
Rack Equipment

• Classroom Cabinets x50
• Locked cabinet w/ 32 port patch panel
• Panduit DP32588110B
• Intermediate Distribution Facilities x7
• Patch Panel--Panduit CD48BL or CD24BL
• Fiber Panel-- Panduit FAP6WST
• Media Rack--Panduit CMR19X47
• Cable Management --WMPVSF20 WMPFS

16
Desert View
17
Desert View
18
Network Project Cost

• Router
• MDF Switch
• IDF Switches
• Classroom Switches
• Hubs
• Fiber Cable
• Category 5 Cable
• Network Equipment

6,000 5356 x 2 2005 x 7 1670 x 50 500 x
50 5,040 8,800 5,000
TOTAL 158,092
19
Network Project Cost

• Router
• MDF Switch
• IDF Switches
• Classroom 32 Port Hubs
• Fiber Cable
• Category 5 Cable
• Network Equipment

6,000 5356 x 2 2005 x 7 500 x
50 5,040 8,800 5,000
TOTAL 74,587
20
Magic Internet
Central Office 10.5.0.x
e0
10.5.0.1
10.6.0.1
Cisco 2600
10.7.0.1
fx0
Curriculum 10.7.0.x
fx1
Administration 10.6.0.x
21
Specific IP addresses
Teacher workstations, Servers, and Printers will
be Static IP addresses.
Teacher Workstations 10.6.0.10-250
Network Printers 10.7.0.100-150
Students will obtain an IP address from the DHCP
server.
Numbers will be in the range of 10.7.1.x to
10.7.5.x
22
Access List Logic
Basic Premise all workstations on 10.5.x.x and
workstations on 10.6.x.x have access to devices
located on the 10.7.x.x subnetwork. However,
ONLY port 80 will be allowed OUT of any device
located on the 10.7.x.x subnetwork.
F.M. Internet
80
23
Access List
In order for the curriculum and administrative
portions of the network to remain segmented, an
access list will be placed on the school router.
The only data that can travel from the student
computers to any other part of the network is
HTTP.
Access-list 105 permit IP 10.6.0.0 0.0.0.255
10.7.0.0 0.0.255.255
Access-list 105 deny IP 10.7.0.0 0.0.255.255
10.6.0.0 0.0.255.255
Access-list 105 permit TCP 10.7.0.0 0.0.255.255
any eq 80
Interface fx1
IP Access-group 105 in
24
VLAN
In order to keep the students limited to only
their specified address range, the need for a
Virtual LAN has been created.
The goal is to limit student activity on
administrative locations, but still allow
administrators to use student services. I.E.
Printers or Library Server
On every switch in the IDFs, we will specify
which ports are for VLAN1 (Administrative) and
which ports are for VLAN2 (Curriculum).
25
Servers
NAME IPX Name IP Address Administrative
Server DV_Admin 10.6.0.20 Curriculum
Server DV_App 10.7.0.10 Library Server
DV_Lib 10.7.0.30 Network Server DV_Net
10.7.0.20

• Note
• The Network Server will be running the Cisco
  Server Suite 1000,
• allowing DHCP for student machines, e-mail
  storage, and other WAN activities.

26
SPEED

• Design a school network that will allow all
  connected
• workstations the ability to connect at a minimum
  of 1 Mbps. However, the TCS also requires that
  the LAN will grow at 1000 over the next 5 years.
  This breaks down to a minimum of 10 Mbps per
  workstation.

With the system that we have designed, the
network will perform at 100 Mbps to every
teacher workstation and 90 of all student
workstations.
27
Security

• Design the network in such a manner that there is
  reliable
• security separating the curriculum
  administrative systems.

With our network design, students can perform all
their activities in their network. However, they
cannot access information on the Administration
server because of the VLAN. They cannot access
information located at the Central office because
of the restrictions in the Routers Access List.
They can reach the Internet through the Network
Servers DHCPs functions and the permissions set
in the Routers Access List.
28
Growth
Due to the fact that we are responsible for the
performance of our network, we wanted to create
the best possible performing network. With the
layout of the IDFs and classroom cabinets,
upgrading the entire network could be modified
by simply changing the Network components.
However, by creating a switched network NOW, the
need to upgrade the network has been postponed
as this design will perform the tasks necessary
for many years. We were also required to supply
24 student workstation ports. We have designed
for a possible 30 workstation in each room.

• Design the school network at a minimum of cost to
  the school
• but one that allows for future technologies to
  be added easily.