I used Cisco software for the online course design I did before. For the specific file package and word, see the resources I uploaded
Campus Network Planning Scheme of Wuxi Vocational College of Science and Technology
1 Demand Analysis
1.1 General overview of campus network
Wuxi Vocational College of Science and Technology is located at No. 8 Xinxi Road, Xinwu District, Wuxi City, and its learning interior is divided into multiple floors. There are three local sites to form a large campus network, which are dormitory area, teaching area, and training area. There are many people in each department, and there are 500 people in total. These three areas are combined by three routers to form a campus website.
1.2 Basic Requirements for Campus Network
The requirements of the network itself are affected by many factors: ① network scalability ② services supported by the existing network ③ network management ④ network redundancy and disaster recovery and network security ⑤ network constraints are basic network requirements. Only after the basic network construction is completed, can the corresponding network construction be carried out on the later network. Therefore, network planning and design often need to be carried out after the basic network is built successfully.
2 Network Design Principles
2.1 Basic principles of network requirements research and system design
Start with full investigation to fully understand user business activities and user information needs.
On the basis of investigation and analysis, and under the premise of fully considering the requirements and constraints, fully verify the feasibility of network system construction and information system development to avoid blindness.
Use the concept of system to complete the planning and design of network engineering technology solutions.
According to the needs of the project time, the task of establishing the network system is arranged according to different stages of design, demonstration, implementation, acceptance, user training, and maintenance. The construction of a large-scale network system needs to hire a professional supervision company to establish the whole process of project execution .
Emphasis on documentation at all stages
Integrity and standardization of data.
2.2 General principles of network engineering design
Network engineering construction must first clarify the actual needs of users, make unified planning, build in phases, and select appropriate technologies to ensure the priority, usability, reliability, scalability, and security of network engineering construction. Therefore, the principles of network design are practicality, openness, high reliability, security, advancement and scalability.
2.1.1 Openness:
The system design should adopt open technology, open structure, open system components and open user interface, so as to facilitate the maintenance, expansion and upgrading of the network and the communication with the outside world.
Security: Under the premise of reliability, it should be able to resist internal and external attacks; the security measures adopted are effective and credible, and can realize security control at multiple levels and in various ways.
2.1.2 Reliability:
The system and network structure are relatively complex, and there are high technicalities in some subsystems, so it is necessary to ensure the stable, reliable and safe operation of the system, with a high MTBF (mean time between failures) and an extremely low MTBR (mean No failure rate), improve fault-tolerant design, support fault detection and recovery, and have strong manageability. The network must be reliable, including reliability at the network element level, such as engines, fans, boards, and totalizers, and at the network level, such as routing and switching aggregation, link redundancy, and load balancing. The network must have high enough performance to meet the needs of the business. With fault-tolerant function, it can meet the environmental and climatic conditions of the enterprise's location, and has strong anti-interference ability. It conducts unified planning and analysis on the design, selection, installation, and commissioning of the network to ensure reliable system operation.
2.1.3 Uniformity:
In the system design process, adhere to the "three unifications", that is, unified planning, unified standards, and unified export.
2.1.4 Advancement:
In the process of system selection and development, it can not only meet the application requirements of the current network, but also can be easily expanded when it needs to be expanded in the future, so as to protect all current investments; the design configuration can be flexible to adapt to other requirements of customers Require.
2.1.5 Economy:
On the premise of fully meeting the above requirements, the economic bearing capacity of the enterprise should be fully considered, and the investment should be saved as much as possible, and every penny should be spent well. Focusing on short-term goals and long-term development, select advanced equipment for the best performance combination, and use limited investment to construct a network system with the best performance.
2.1.6 Practicality:
The practical design should be able to meet the current requirements for network applications, fully realize the requirements of internal management and informatization, so that the overall performance of the network can be fully utilized as soon as possible, and it is easy to master.
2.1.7 Standardization:
The network system shall comply with Ethernet standards such as IEEE 802.3, IEEE 802.3u, and IEEE 802.3z, and network management standards such as IEEE 802.1p, IEEE 802.1q, and WBM.
3 design scheme
3.1 Network equipment selection
This is the type of server, switch, and router we used in this experiment
3.1.1 Router selection
CISCO 2811 is a multi-service router with a transfer rate of 10/100Mbps. 3.1.2 Selection of server equipment
| Basic parameters |
Function parameter |
Other parameters |
| Router type: multi-service router |
Firewall: built-in firewall |
Product memory: DRAM: maximum 760MB, default 256MB |
| Port structure: modular |
Qos support: support |
Flash memory: maximum 128MB, default 64MB |
| LAN interface: 2 |
VPN support: support |
Power supply voltage: AC 100-240V, 47-63Hz |
| Other ports: 2 fixed USB1.1 ports |
Network management: protocols Cisco ClickStart, SNMP |
Power supply: 160W |
3.1.2 Switch Selection
The Cisco Catalyst 2950 Series Smart Ethernet Switches are a family of fixed-configuration, stackable, standalone devices that provide wire-speed Fast Ethernet and Gigabit Ethernet connectivity.
3.2 Network Solution Topology Design
Figure 3-4 Network Topology
3.3 VLAN division and IP address allocation
Wuxi Vocational College of Science and Technology currently has more than 5,000 students. With the improvement of the school's teaching level, the number of students currently enrolled is gradually increasing, and IP addresses are becoming more and more scarce, because the design scale is limited. We use three different areas. Technical design. To realize the connection of the regional network.
We divide these three areas into dormitory area, teaching area and training area.
Internal LAN address: 192.168.0.0/16
| IP address |
default gateway |
illustrate |
The corresponding port number of the switch |
VLAN |
VLAN name |
| 192.168.3.1 |
192.168.3.254 |
boys dormitory |
F0/1 |
10 |
VLAN 10 |
| 192.168.4.1 |
192.168.4.254 |
girls dormitory |
F0/2 |
20 |
VLAN 20 |
| 192.168.5.1 |
192.168.5.254 |
teacher building |
F0/1 |
||
| 192.168.5.2 |
192.168.5.254 |
student building |
F0/2 |
||
| 192.168.0.1 |
192.168.0.254 |
engine room |
F0/1 |
||
| 192.168.0.2 |
192.168.0.254 |
laboratory |
F0/2 |
Figure 3-3-1 VLAN detailed division and address allocation diagram
| name of server |
IP address |
gateway |
Remark |
| Web |
192.168.1.1 |
192.168.1.254 |
browser |
| FTP |
192.168.8.1 |
192.168.8.254 |
file transfer |
| DHCP |
192.168.0.253 |
automatic allocation |
|
| DNS |
192.168.0.252 |
DNS |
Figure 3-3-2 Server IP address plan
Note: The corresponding port numbers of the above switches are just one or two of the many computers listed. There are hundreds of nodes in a network, and dozens of nodes can be divided into one VLAN instead of only one or two.
4 Network Design Scheme Design
We carry out inter-vlan communication in these three areas - "single-arm routing", configure standard ALC, and configure dynamic host DHCP. Through the experiment of these three functions, and then link the three routers together to realize the link of the entire campus network
4.1 Inter-VLAN communication - "one-arm routing"
4.1.1 Planning of dormitory network
In order to allow male dormitories and female dormitories in different VLANs to communicate with each other. We use the inter-vlan communication-one-arm routing scheme to divide VLANs on the 2950-24 switch.
- Connect the experimental topology diagram as shown in the figure, and plan the IP address of the corresponding computer, connect the router and the switch with a straight line, and connect the F0/0 port of the router to the F0/3 port of the switch.
- First divide the switch into VLANs, create VLAN 10 and VLAN 20, combine the IP planning of the computer, divide the F0/1 port of the switch into VLAN 10, divide the F0/2 port of the switch into VLAN 20, and configure the F0 of the switch The /3 port is the trunk link port
4.1.3 Add code
Create subinterfaces fa 0/0.1 and fa 0/0.2 on the router
Router#
Router#enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface f0/0.1
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.3.254 255.255.255.0
Router(config-subif)#interface f0/0.2
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.4.254 255.255.255.0
Router(config-subif)#interface f0/0
Router(config-if)#no shutdown
Switch(config-vlan)#
Switch(config-vlan)#exit
Switch(config)#no vlan 20
Switch(config)#no vlan 10
Switch(config)#exit
划分vlan10和20
Switch#enable
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#vlan 10
Switch(config-vlan)#name VLAN10
Switch(config-vlan)#vlan 20
Switch(config-vlan)#name VLAN20
Switch(config-vlan)#end
Switch#
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface range f0/1
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#interface range f0/2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#end
trunk switch fa -/3
Switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#interface f0/3
Switch(config-if)#switchport mode trunk
4.2 Configure Standard A CL
4.7.1 Planning of teacher building and student building
By configuring the ALC protocol, the teacher building can access the FTP server, but the student building cannot access the FTP server
4.7.2 Specific steps
- Configure IP address and static route on Router 3
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#no shutdown
Router(config-if)#ip address 192.168.5.254 255.255.255.0
Router(config-if)#
Router(config-if)#exit
Router(config)#interface FastEthernet0/1
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#no shutdown
- Configure IP address and static route on Router 4
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#ip address 10.0.0.2 255.0.0.0
Router(config-if)#no shutdown
Router(config-if)#
Router(config-if)#exit
Router(config)#interface FastEthernet0/1
Router(config-if)#ip address 192.168.8.254 255.255.255.0
Router(config-if)#no shutdown
- Test the connectivity between the teacher building and the student building to the FTP server
- Set the ALC protocol on Router 4
Router>enable
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#access-list 1 deny host 192.168.5.2
Router(config)#access-list 1 permit any
Router(config)#interface f0/1
Router(config-if)#ip access-group 1 out
Router(config-if)#
- Test the connectivity between the teacher building and the student building to the FTP server again
- Check the ALC related information of router 4
4.3 Dynamic host DHCP configuration
4.4.1 Laboratory and computer room planning
The laboratory and the computer room can obtain the IP address from the DHCP server set by the router, and can access the web server of the external network. By turning on DHCP, the IP address, the default gateway of the subnet mask, and the DNS server can be obtained automatically.
4.4.2 Specific steps
- Connect the experimental topology diagram as shown in the figure, and plan the IP address of the corresponding computer, and resolve the domain name of the web server to an ip address through the DNS server. Configure the automatic configuration address, default gateway, etc. for the computer room and laboratory in the LAN through the DHCP server information
- First, configure relevant information for the web server, and then add two fa0/0, fa0/1 ports for the router. Then configure the DNS and DHCP server.
4.5 Router configuration
Connect three routers in each area, router 1, router 2, and router 3. Configure ports and static routes for them respectively. The specific configuration is as follows
4.5.1 Dormitory Area Router 1
Port Gateway Configuration
Static routing configuration
4.5.2 Teaching Area Router 3
Port Gateway Configuration
Static routing configuration
4.5.3 Training Area Router 2
Port Gateway Configuration
Static routing configuration
4.6 Achieving results
4.6.1 The dormitory area can be pinged
Realize ping communication between the male dormitory and the female dormitory
4.6.2 The teaching area can be pinged
The teacher building can ping the FTP server, but the student building cannot ping
4.6.3 The training area is pinged
Realize dynamic configuration, automatically obtain ip address, etc., and log in to web browser at the same time
4.6.4 Ping all areas
Realize mutual ping between regions
5 Summary of Curriculum Design
This plan is a campus network plan for Wuxi Vocational College of Science and Technology based on the knowledge of network training in the past six months. During the design process, this paper considers a series of comprehensive one-arm communication between VLANs, dynamic configuration of DHCP, and configuration of VLA protocols. content.
During this networking process, I spent a lot of energy and time learning a lot of software operations of the Cisco PacketTrancer simulator. At the same time, in the simulation experiment of the computer network, I also learned a series of theoretical knowledge, such as the three-way handshake, subdivision Network block, the function of Spanning Tree Protocol STP, etc. At the same time, I also have a deeper understanding of the theoretical knowledge learned in class last year.
Of course, in this program design, I also encountered many difficulties. After many operations and online inquiries, many problems have been solved. Thanks to this network course design, I often benefit from this study. Thank you!