Hello everyone, I am senior Xiaohua, a blogger in the computer field. After years of study and practice, I have accumulated rich computer knowledge and experience. Here I would like to share my learning experience and skills with you to help you become a better programmer.
As a computer blogger, I have been focusing on programming, algorithms, software development and other fields, and have accumulated a lot of experience in these areas. I believe that sharing is a win-win situation. Through sharing, I can help others improve their technical level and at the same time get the opportunity to learn and communicate.
In my articles, you will see my analysis and analysis of various programming languages, development tools, and common problems. I will provide you with practical solutions and optimization techniques based on my actual project experience. I believe that these experiences will not only help you solve the problems you are currently encountering, but also improve your programming thinking and problem-solving abilities.
In addition to sharing technical aspects, I will also touch on some topics about career development and learning methods. As a former student, I know how to better improve myself and face challenges in the computer field. I will share some learning methods, interview skills and workplace experiences, hoping to have a positive impact on your career development.
My articles will be published in the CSDN community, which is a very active and professional computer technology community. Here you can communicate, learn and share with other people who love technology. By following my blog, you can get my latest articles as soon as possible and interact with me and other readers.
If you are interested in the computer field and hope to better improve your programming skills and technical level, then please follow my CSDN blog. I believe that what I share will help and inspire you, allowing you to achieve greater success in the computer field!
Let us become better programmers together and explore the wonderful world of computing together! Thank you for your attention and support!
All computer project source codes shared include documents and can be used for graduation projects or course designs. Welcome to leave a message to share questions and exchange experiences!
Summary
The rapid development of China's economy has made people's living conditions better and better, and people's demand for computer networks is increasing. With the rapid popularization of the Internet, the Internet is becoming more and more intimate in our daily lives. Networks are everywhere around us, including mobile 4G data networks, Telecom, China Mobile, China Unicom, etc.; there are traditional wired networks, rapidly developing wireless networks, as well as video surveillance and electronic eyes to protect people's safety. In recent years, people are more concerned about buying a house. How to make the houses in the developer's community sell better. Price, location and surrounding living environment are the main considerations for people. However, the network environment of the community is also a matter of concern. . There is no doubt that the ubiquity of the Internet has made our lives better, safer and more convenient. The rise of the Internet allows us to enjoy surfing the Internet in our daily lives, pay attention to some news, watch online TV and chat using communication software in our spare time. At the same time, people's demand for the Internet is also getting higher and higher.
For community networks, there are relatively many users in the community. With the development of network technology, community users' demand for network bandwidth continues to increase, and network stability requirements are getting higher and higher. In order to avoid sudden network interruptions and unstable network access, and other phenomena, building a safe, stable and high-bandwidth community network is the goal we need to work hard at present.
This time, my graduation project mainly planned and designed the network topology of the residential community. Based on the analysis of people's needs for the community network, I carried out topology planning and design of the community network, and carried out simple simulation, testing and simulation through the simulator. The software uses huawei ensp simulator.
Keywords: community network; topology planning and design; local area network
ABSTRACT
The sharply development of Chinese economy, people's living condition is getting better and better, people demand for computer network is more and more big, along with the rapid popularization of the Internet network in our daily life more and more closely. In our side, the network is everywhere, there are mobile 4 g data network, telecom, mobile, unicom, etc.; Traditional wired networks, a fierce to speed the development of wireless network, and to protect the safety of people and digital video monitoring, etc. In recent years, buying a house is a concern of the people, how to let the developer community house sell better, price, location and surrounding environment is the main factor, but the community network environment is also a concern of the people. No doubt, the network is widespread to make our life better and better, more and more safety and convenience. The rise of the network, let us in the usual life can enjoy the surf on the net, pay attention to some news, spare time to look at the Internet TV and chat in communication software, at the same time, people's demand for network is becoming more and more high.
For district network, the more the number of users in the district, with the development of network technology, improve community user demand for network bandwidth, network stability demand is higher and higher, to avoid network suddenly, the phenomenon such as network access is not stable, the construction of safe, stable and high bandwidth network is the goal we need to work on.
This time my main project network topology of residential district planning and design, according to the demand analysis of community network, community network topology of planning and design, and through the simulator to carry on the simple simulation, testing, simulation software use huawei ensp simulator.
Key words:Area network; Topology of planning and design; Local area network (LAN)
Topology planning and network design of residential areas... 1
2. Overall planning and design... 7
3.1. Analysis of network availability requirements... 8
3.2. Analysis of network stability requirements... 8
3.3. Network security requirements analysis... 8
4. Community network planning and design plan... 8
4.1. Overall architectural goals... 8
4.2. Main network technologies involved... 9
4.2.4. Inter-VLAN routing... 11
4.3.1. Key points of comprehensive wiring design... 12
4.3.2. Structured cabling system... 13
4.3.3. Workspace subsystem... 13
4.3.4. Horizontal subsystem design... 14
4.3.5. Management subsystem design... 15
4.3.6. Vertical trunk subsystem... 15
4.3.7. Equipment room subsystem design... 15
4.4. Equipment selection... 16
4.4.1. Access layer equipment... 16
4.4.2. Core layer equipment... 17
4.5.1. Network simulation design... 20
4.6. IP address planning and VLAN division... 20
4.6.2. IP address planning... 20
5. Community network design and implementation... 22
5.1. Network simulation configuration... 22
5.1.1. Access switch configuration... 22
5.1.2. Core switch configuration... 22
5.1.3. Egress router configuration... 26
6.1. Test the internal network users of the community to access the external network... 26
6.2. Test the connectivity between users within the community and the internal server... 28
6.3. Check OSPF neighbor status information on the core switch... 29
6.4. Check OSPF neighbor status information on the egress router... 30
6.5. Test telnet remote device management... 30
1. Introduction
1.1 . Overview
In recent years, LANs have been widely used in different situations. LAN topologies mainly include bus, star, and ring. Each topology has its own advantages. The star structure is most commonly used in local area networks. A failure of an end user in a star topology does not affect the normal operation of other terminals. However, there is a single point of failure in the star topology. Once the central switch network equipment fails, all end users will not be able to operate normally. Network transmission media mainly uses twisted pairs, coaxial cables and optical fibers. As people's requirements for network transmission rate and transmission distance have greatly increased, and the price of optical fiber has gradually decreased, optical fiber has been widely used in network transmission media. Twisted pairs use RJ-45 crystal connectors to connect to network equipment, and optical fibers use optical modules to connect network equipment. Depending on the user's different performance of optical fiber, optical fiber is divided into multi-mode optical fiber and single-mode optical fiber, and the corresponding modules are multi-mode module and single-mode module. Networks can be divided into wired and wireless in terms of transmission media. The design of wired networks has great limitations in wiring, and wireless networks just solve this problem. While wireless networks bring convenience, they also bring new problems to network security and stability. LAN usually uses a single transmission medium, but can also use multiple transmission media at the same time. Ethernet is the most typical and widely used local area network. With the rapid development of LAN technology, the improvement of network performance and the low price of equipment, 100Mbps, 1000Mbps and 10Gbps Ethernet have become inevitable. It is no longer a problem for users to enjoy 1000Mbps to the desktop. At the same time, with the development of wireless LAN and the improvement of security and stability. It has been widely used in local area network design, bringing a lot of convenience to users.
The rapid development of China's economy and science and technology in recent years has driven the rapid development of people's economy. In recent years, network informatization has also been developing continuously. With the development of science and technology, the price of network equipment has been greatly reduced. And people's demand for the Internet is increasing day by day. The Internet has penetrated into all walks of life. Our lives are inseparable from the Internet, and the Internet is closely related to us. The Internet plays a key role for people. Our lives are inseparable from the spread of the Internet. The Internet has increased our work efficiency, convenience, and stability, and diversified our work models. The network can not only meet people's requirements for informatization, but also provide convenient and fast information access and good performance for various application systems.
2. Overall planning and design
2.1 . Design principles
2.2.1、Advancedness
Computer network information technology is developing very rapidly, and new functions and new technologies are constantly being updated. When planning and designing community network topology, we must not only meet the needs of people in the community for the network, but also take into account the advanced nature of topology design. The advancement of technology; only in this way can we meet the needs of users and the long-term operation of the network system.
2.2.2 . Reliability
Ensure that the system runs for a long time, avoid large-scale network interruptions caused by single point failures, and reduce the scope of network interruptions. Back up network equipment configurations and databases in a timely manner. Core equipment cannot fail. Once it fails, the network will be terminated, so equipment backup or equipment redundancy solutions need to be considered.
2.2.3 . Economy
Different occasions have different requirements for network topology design and device performance. When planning and designing community network topology, the financial issue of network design is an issue we need to consider. While meeting user needs, we must also meet the economical design.
2.2.4 . Security
Network security is an issue that people have always been concerned about. When designing a community network, we should ensure the security of internal network users, prevent community user terminals from being compromised by illegal users on the external network, avoid network equipment being attacked and affecting network interruptions, and also prevent network interruption. Attacks by internal users.
2.2.5 . Scalability
With the rapid development of computer network technology, as well as the continuous updating of network technology and product technology, the network update cycle is getting shorter and shorter. In order to avoid large-scale changes in later network transformation, the scalability of the network needs to be considered during topology planning and design. Need to meet the development in the next few years.
3. Demand analysis
3.1 . Analysis of network availability requirements
It is necessary to allow users within the community to access the external network. Private addresses are allocated during planning and design for internal users in the community. If users in the community can access the external network, NAT network address translation technology needs to be configured on the egress device to achieve conversion between the private address and the external network address. . It is necessary for user terminals to automatically obtain IP address information. Manually configuring static IP addresses is cumbersome and requires users to have some knowledge of computer networks. In order to facilitate users to access the external network and work, a DHCP server needs to be configured to avoid static IP addresses. Configuration conflict.
3.2 . Analysis of network stability requirements
The stability of the network system is a concern for users. Users do not want frequent network interruptions or long-term disconnections, which will affect the user's mood when using the network. When planning and designing the topology of a community network, the stability of the network design should be considered, such as link redundancy, user gateway redundancy and hardware device hot backup.
3.3 . Analysis of network security requirements
Prevent internal host users from being attacked by external networks and prevent attacks between internal users. The egress device is configured with NAT technology to hide the internal host address and avoid attacks by illegal users. When planning the internal network of the community, it is necessary to use VLAN virtual LAN technology to divide different floors into different VLANs and present access between users through ACL access control lists to protect network security.
4. Community network planning and design plan
4.1 . Overall architectural goals
1. Core layer
The core layer is the most important layer in the entire network structure. All internal user traffic needs to be forwarded through the core layer switches. It is the core part of the three-layer network architecture and an indispensable layer. In this community network topology planning and design, considering the issue of funds, a single core switch was deployed at the core layer. The core switch is connected to the egress router, and the aggregation switches in each building are interconnected through optical fiber jumpers.
2. Aggregation layer
The aggregation layer switch is responsible for forwarding the traffic of access users in each building to the core switch, reducing the traffic pressure on the core layer. The aggregation switch connects to the floor access switch.
3. Access layer
Access layer switches are directly connected to user terminals in the community. At least one information point is planned for each household. For a large number of access layer switches, access layer switches need to be deployed based on statistics of information points.
4.2 . Main network technologies involved
4.2.1、VLAN
VLAN is virtual LAN technology. In traditional LAN, users on the same network segment belong to a broadcast domain. Once a broadcast storm occurs, all users in the network segment cannot pass through. VLAN technology solves this problem. VLAN technology realizes layer 2 isolation of users and isolates broadcast storms. Broadcast storms can only propagate within the VLAN in which they are located.
VLAN technology solves the problem of broadcast domains. Hosts with the same IP address in different VLANs cannot communicate. As shown in Figure 1, the two PCs belong to different VLANs but belong to the same network segment, but they cannot communicate. Broadcasts in each VLAN can only be propagated in the corresponding VLAN.
figure 1
4.2.2、DHCP
Dynamic Host Configuration Protocol (DHCP) is a LAN network protocol. Its main function is to assign IP addresses to internal network terminal devices and network devices. For internal school employees, not all employees will use computers to configure static IP addresses. Reduces employee workload. It also avoids IP address conflicts during the static configuration process. Generally, DHCP SERVER can be configured on network equipment or servers, and Layer 3 switches and routers generally support it.
By configuring DHCP SERVER on network devices and servers, the DHCP protocol allows DHCP client PCs to obtain the user's default gateway IP address, DNS server IP address, user IP address, subnet mask, and IP address lease period from the DHCP server. .
The working principle of DHCP is as shown in the figure
Figure-2 Working principle of DHCP
Step 1: First select the DHCP method on the PC client to obtain an IP address. The PC client will send a broadcast packet containing a DHCP request.
Step 2: After receiving the DHCP discovery message, the DHCP server responds with a DHCP offer message. Since the DHCP discovery message is sent out in a broadcast manner, multiple DHCP servers may respond to the discovery request, but the client usually selects the server that receives the first DHCP offer message as the DHCP server.
Step 3: The DHCP client communicates with the selected server by sending a DHCP request message to let the DHCP server provide IP configuration parameters.
Step 4: Finally, the DHCP server responds to the client with a DHCPACK message, which contains the response IP configuration parameters.
4.2.3、OSPF
OSPF (Open Shortest Path First ) is an Interior Gateway Protocol (IGP for short) and a link state dynamic routing protocol. During the configuration process, we only need to enable the OSPf routing protocol on the device running the OSPF protocol and declare the interfaces that need to be announced. The OSPF protocols will learn routes from each other. OSPF avoids loops through the SPF algorithm itself, and when the network topology When a change occurs, all routing information will not be sent, only the changed routing information.
OSPF routing advantages:
- There is no limit on the number of routing hops.
- Send updated routing and network information using multicast messages
- Route convergence speed = block
- Using COST as a metric
- The SPF algorithm can effectively avoid loops
- Widely used
The figure shows the process of OSPF route generation, ensuring that there are no loops in the route.
Figure-3 OSPF route generation
4.2.4 , inter-VLAN routing
Users in different VLANs cannot access each other. In order to achieve intercommunication between different VLANs, inter-VLAN routing can be implemented on a Layer 3 switch.
As shown in the figure, PC1 and PC2 belong to different VLANs and cannot access each other before inter-VLAN routing is configured. Configure the gateways for VLAN10 and VLAN20 users on the Layer 3 switch under the VLAN interface, so that PCs in VLAN10 and VLAN20 can access each other.
Figure-4 Inter-VLAN routing
4.2.5、NAT
At present, it is generally believed that NAT perfectly solves the problem of insufficient IP addresses. Indeed, it is a very useful tool. It can be said that without NAT, our network would not have developed so rapidly. However, NAT also complicates communication between hosts, leading to a reduction in communication efficiency.
Advantages of NAT: It solves the problem of lack of public network addresses, hides the IP addresses of internal users, and solves the problem of users accessing the external network.
Disadvantages of NAT: The application of NAT will occupy device resources and affect device performance. NAT cannot be used with VPN. If you want to use it, you must enable other corresponding functions.
4.3 . Integrated wiring
4.3.1 . Key points of integrated wiring design
(1) Practicality: It can support a variety of data communications, multimedia technologies and information management systems, and can realize the development of current and future technologies.
(2) Flexibility: Any information point can connect to different types of equipment, such as computers, printers, terminals, servers, monitors, etc.
(3) Openness: It can support any network product from any manufacturer and any network structure, such as bus type, star type, ring type, etc.
(4) Modularity: All connectors are modular standard parts, which are convenient for use, management and expansion.
(5) Scalability: The integrated cabling system after implementation is scalable so that equipment can be easily installed and accessed when there is greater demand in the future.
(6) Economical: One-time investment brings long-term benefits, low maintenance costs, and the overall investment is minimized.
Based on these principles, it can be determined that the enterprise's integrated cabling topology should be star-shaped to ensure the flexibility and scalability of the integrated cabling system. Since there are several teaching buildings, this plan design includes all subsystems of integrated wiring.
4.3.2 . Structured cabling system
Structured cabling is divided into six parts: work area subsystem, horizontal subsystem, vertical subsystem, equipment room subsystem, and building group subsystem.
As shown below.
4.3.3 . Workspace subsystem
The work area subsystem is also called the service area subsystem. It is composed of equipment (terminals or workstations) connected by RJ-45 jumpers and information sockets. Among them, there are many types of information sockets, such as wall type, ground type, desktop type, etc.
Consider the following points when designing your workspace:
The wire ducts in the work area should be laid out neatly and beautifully.
Information sockets and power sockets should be kept 30cm apart.
Information sockets should be designed at least 30cm above the ground (level with the power sockets).
The distance between information sockets and computer equipment should be kept within 5M.
The purchased network card type interface must be consistent with the cable type interface.
Number of information modules, back boxes, panels required for all workspaces.
Number of RJ-45 connectors required.
4.3.4 . Horizontal subsystem design
The horizontal subsystem is also called the horizontal trunk subsystem, which starts from the information socket in the work area to the distribution frame of the management room subsystem. The structure is generally a star structure. Its difference from the vertical subsystem is that the horizontal subsystem is always on one floor and is only connected to the information socket and management room. In the integrated cabling system, the horizontal subsystem usually consists of 4 pairs of UTP (unshielded twisted pair). In high-bandwidth applications, fiber optic cables can be used. The horizontal subsystem connects the management subsystem to the work area and includes horizontal cabling, information sockets, cable terminations and switching.
The design of the horizontal trunk subsystem involves the transmission medium and component integration of the horizontal subsystem. There are four main points:
(1) Determine the route direction.
(2) Determine the number and type of cables, troughs, and tubes.
(3) Determine the type and length of the cable.
(4) Order cables and cables.
The amount of cable used can be calculated using the following formula:
The amount of wire used on each floor C=[0.55×(L+S)+6]×N
L: The distance between this floor and the farthest information point from the management room.
S: The distance between this floor and the nearest information point in the management room.
N: The total number of information points on this floor.
0.55: Spare coefficient.
6: Termination tolerance.
The cable length is calculated based on the average line length of 55 meters per information point, and taking into account the amount of cable required for jumpers in the user's work area, a total of 15 boxes of twisted pairs (305 meters/box) are required. The horizontal cable extends the trunk cable to the user work area. In this project, the design uses Lucent's 8-core unshielded twisted pair (UTP), which is a Category 5e twisted pair 1061004CSL+ that complies with the EIA/TIA 568A standard. When transmitting data, it can have a standard transmission rate of 10Mbps within a range of 150 meters and a guaranteed transmission rate of 155Mbps within a range of 100 meters. In addition, it can also transmit various 70V DC voltages and weak current signals within the frequency of 10MHZ and 100MHZ at corresponding distances.
4.3.5 . Management subsystem design
The management subsystem consists of cross-links, interconnections, and I/O. The management room is the wiring room on the floor. The management subsystem provides a means for interconnection of other subsystems. It is a device that connects the vertical trunk subsystem and the horizontal trunk subsystem. Its main equipment is network equipment such as patch panels, switches, and cabinets. and power supply, etc. Cross-connects and interconnections allow communication lines to be located and relocated in different parts of the building so that communication lines can be more easily managed. I/O is located in the user's work area and in other rooms or offices, allowing easy plugging and unplugging when moving terminal equipment.
The management room generally has the following equipment:
Cabinet
floor switch
Distribution frame
power supply
Selection and installation of patch panels: In the design of the distribution line room, we adopt a more centralized and flexible management method to make full use of the capacity of the patch panels to achieve a better performance-price ratio. All horizontal and vertical UTP twisted pairs are managed using Lucent 48-port and 24-port unshielded distribution frames, so that the data points can be completely complementary, and management and maintenance are flexible and easy.
4.3.6 . Vertical trunk subsystem
The vertical subsystem is also called the vertical trunk subsystem or backbone subsystem. It provides the backbone cable of the building and is responsible for connecting the management subsystem to the equipment subsystem. Optical cables are generally used in current designs. It also provides routing options for building vertical trunk cables.
The vertical trunk subsystem is mainly used to connect wiring rooms within a building and provide network backbone connections.
4.3.7 . Equipment room subsystem design
The equipment subsystem is also called equipment subsystem. The equipment room subsystem consists of cables, connectors, and related supporting hardware. It interconnects various public and diverse devices, including optical cables, twisted pair cables, coaxial cables, program-controlled switches, etc.
When building an equipment room, pay attention to the following points:
(1) Indoor lighting and ventilation are good.
(2) A fire protection system that complies with the computer room specifications must be installed.
(3) Use fire doors and use flame retardant paint on walls.
(4) Carry out anti-static decoration.
(5) Prevent interference from electronic fields.
(6) The equipment space should maintain a barrier-free space with a height of 2.55M, the door height is 2.1m, the width is at least 90cm, and the floor load-bearing capacity is not less than 500KG/MM.
The equipment subsystem is the management center of the entire wiring system. It consists of cables, connectors and related supporting hardware in the equipment room (main wiring room). It interconnects various different devices of public system equipment. Taking into account the beauty and ease of management of the cabinet in the central computer room, we use customized RJ-45 data cables with both ends for jumpers in the management area to connect the distribution frame and network equipment.
4.4 . Equipment selection
4.4.1 . Access layer equipment
The number of ports of the access layer equipment must be greater than the number of people required to access the Internet, and the remaining ports are reserved to prevent future development and expansion of the community and changes in the number of people. In order for everyone to share resources quickly and conveniently and to consider financial issues, the access layer port rate can be configured at 100Mbps. In order to prevent some network attacks and network security, access layer equipment must support some basic network security functions, such as anti-ARP attacks and port security.
| Product number |
Quidway S3700-28TP-PWR-EI |
| product type |
Fast Ethernet switch |
| application level |
third floor |
| Transmission rate |
10/100Mbps |
| Packet forwarding rate |
6.5Mpps |
| Port structure |
non-modular |
| Number of ports |
28 |
| Transmission mode |
Full duplex/half duplex adaptive |
| Features |
Support VLAN based on port, protocol, MAC, IP subnet Support large-capacity ACLs Support OSPF, RIP routing, VRRP Support poe power supply |
4.4.2 . Core layer equipment
Core layer equipment plays a very important role in the LAN and is an essential layer among the three layers of access layer, aggregation layer and core layer. The core layer serves as the gateway for users in each building, needs to support routing functions, and has high performance requirements for switches.
| Product number |
Quidway S9303 |
| product type |
10 Gigabit Ethernet switch |
| application level |
third floor |
| Transmission rate |
10/100/1000/10000Mbps |
| Packet forwarding rate |
1200Mpps/3600Mpps |
| Port structure |
Modular |
| Number of slots |
5 |
| Transmission mode |
Full duplex/half duplex adaptive |
| Redundant design |
Power supply and main control switching network board redundancy |
| Features |
Support VLAN based on port, protocol, MAC, IP subnet Support large-capacity ACLs Support DHCP Snooping |
| IPv4 routing features |
OSPFV2 IS-IS BGPV4 Support equal cost routing Support policy routing Support routing strategy |
| reliability |
Support VRRP Support main control board 1+1 redundant backup Support power supply 1+1 redundant backup All boards support hot swapping Support RRPP |
4.4.3 . Router selection
The router is an egress device in the LAN and plays an important role in the community network. It uses NAT to convert the internal IP address of the community into an egress public network address or an address in the public network address pool to satisfy community users for online surfing.
| Router type |
Enterprise router |
| Router model |
Huawei AR2220 |
| Port structure |
Port structure: modular |
| Other ports |
3 GE (1 Combo) 2 USB2.0 ports... |
| Extension modules: |
4 SIC slots + 2 WSIC slots + 1 DSP... |
| Function parameter |
Firewall Built-in firewall error correction Qos support support error correction VPN support support error correction Network security: ACL, firewall, 802.1x authentication, MAC address authentication, Web authentication, AAA authentication, RADIUS authentication, HWTACACS authentication, broadcast storm suppression, ARP security, ICMP anti-attack, URPF, IP Source Guard, DHCP Snooping, CPCAR, hacking List, attack source tracking Network management: upgrade management, device management, Web network management, GTL, SNMP, RMON, RMON2, NTP, CWMP, Auto-Config, USB deployment, NetConf Prevent TearDrop attacks |
4.5 . Network topology
4.5.1、网络仿真设计
图-5 网络拓扑图
4.6、IP地址规划和VLAN划分
4.6.1、VLAN划分
表1 VLAN划分
| VLAN |
VLAN描述 |
备注 |
| VLAN 2 |
1号楼 |
|
| VLAN 3 |
2号楼 |
|
| VLAN 4 |
3号楼 |
|
| VLAN 5 |
4号楼 |
|
| VLAN 6 |
5号楼 |
|
| VLAN 7 |
6号楼 |
|
| VLAN 100 |
服务器 |
4.6.2、IP地址规划
表2 IP地址规划
| VLAN |
VLA描述 |
IP地址 |
子网掩码 |
网关 |
备注 |
| VLAN 2 |
1号楼 |
10.0.2.0 |
255.255.255.0 |
10.0.2.254 |
|
| VLAN 3 |
2号楼 |
10.0.3.0 |
255.255.255.0 |
10.0.3.254 |
|
| VLAN 4 |
3号楼 |
10.0.4.0 |
255.255.255.0 |
10.0.4.254 |
|
| VLAN 5 |
4号楼 |
10.0.5.0 |
255.255.255.0 |
10.0.5.254 |
|
| VLAN 6 |
5号楼 |
10.0.6.0 |
255.255.255.0 |
10.0.6.254 |
|
| VLAN 7 |
6号楼 |
10.0.7.0 |
255.255.255.0 |
10.0.7.254 |
|
| VLAN 100 |
服务器 |
10.0.100.0 |
255.255.255.0 |
10.0.100.254 |
5、小区网络设计实现
5.1、网络仿真配置
5.1.1、接入交换机配置
在接入层为了隔离广播域,防止广播风暴,将不同楼的小区用户划分到不同的VLAN。在接入层交换机上创建了VLAN,然后基于端口的划分将用户加入到对应的VLAN中。接入层交换机与上联交换机互联端口配置为中继端口,允许所有的VLAN通过,以1号楼接入交换机为例:
[XQ1-JR-SW-1]vlan 2 //创建相应的VLAN
[XQ1-JR-SW-1]interface GigabitEthernet0/0/1 //进入接口将接口配置为中继端口
[XQ1-JR-SW-1- GigabitEthernet 0/0/1] port link-type trunk
[XQ1-JR-SW-1- GigabitEthernet 0/0/1] port trunk allow-pass vlan 2 to 4094
[XQ1-JR-SW-1]interface Ethernet0/0/1 //将接口划分到VLAN2
[XQ1-JR-SW-1-Ethernet0/0/1]port link-type access
[XQ1-JR-SW-1-Ethernet0/0/1] port default vlan 2
5.1.2、核心交换机配置
核心层交换机上创建相应的VLAN,与交换机互联的端口配置为中继,用户网关配置在核心交换机上。与路由器互联的接口配置IP地址,与路由器之间配置OSPF动态路由实现互通。
[Core-SW]vlan 2 //创建相应的VLAN
在接入交换机命令行的全局配置模式下创建1号楼vlan2
[Core-SW]vlan 3
在接入交换机命令行的全局配置模式下创建2号楼vlan3
[Core-SW]vlan 4
在接入交换机命令行的全局配置模式下创建3号楼vlan4
[Core-SW]vlan 5
在接入交换机命令行的全局配置模式下创建4号楼vlan5
[Core-SW]vlan 6
在接入交换机命令行的全局配置模式下创建5号楼vlan6
[Core-SW]vlan 7
在接入交换机命令行的全局配置模式下创建6号楼vlan7
[Core-SW]interface GigabitEthernet 0/0/1
[Core-SW- GigabitEthernet 0/0/1] port link-type trunk
[Core-SW- GigabitEthernet 0/0/1] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/1]interface GigabitEthernet 0/0/2
[Core-SW- GigabitEthernet 0/0/2] port link-type trunk
[Core-SW- GigabitEthernet 0/0/2] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/2]interface GigabitEthernet 0/0/3
[Core-SW- GigabitEthernet 0/0/3] port link-type trunk
[Core-SW- GigabitEthernet 0/0/3] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/3]interface GigabitEthernet 0/0/4
[Core-SW- GigabitEthernet 0/0/4] port link-type trunk
[Core-SW- GigabitEthernet 0/0/4] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/4]interface GigabitEthernet 0/0/5
[Core-SW- GigabitEthernet 0/0/5] port link-type trunk
[Core-SW- GigabitEthernet 0/0/5] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/5]interface GigabitEthernet 0/0/6
[Core-SW- GigabitEthernet 0/0/6] port link-type trunk
[Core-SW- GigabitEthernet 0/0/6] port trunk allow-pass vlan 2 to 4094
[Core-SW- GigabitEthernet 0/0/6]interface GigabitEthernet 0/0/7
[Core-SW- GigabitEthernet 0/0/7] port link-type trunk
[Core-SW- GigabitEthernet 0/0/7] port trunk allow-pass vlan 2 to 4094
将接口Ethernet0/0/1 -7配置为中继端口
[Core-SW]interface Vlanif2
[Core-SW-Vlanif2] ip address 10.0.2.254 255.255.255.0
[Core-SW]interface Vlanif3
[Core-SW-Vlanif3] ip address 10.0.3.254 255.255.255.0
[Core-SW]interface Vlanif4
[Core-SW-Vlanif4] ip address 10.0.4.254 255.255.255.0
[Core-SW]interface Vlanif5
[Core-SW-Vlanif5] ip address 10.0.5.254 255.255.255.0
[Core-SW]interface Vlanif6
[Core-SW-Vlanif6] ip address 10.0.6.254 255.255.255.0
[Core-SW]interface Vlanif7
[Core-SW-Vlanif7] ip address 10.0.7.254 255.255.255.0
[Core-SW]interface Vlanif100
[Core-SW-Vlanif100] ip address 10.0.100.254 255.255.255.0
配置不同楼用户小区网关地址
开启OSPF动态路由协议,进程100
[Core-SW]ospf 100
[Core-SW-ospf-100] area 0.0.0.0
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.2.0 0.0.0.255
宣告用户vlan2接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.3.0 0.0.0.255
宣告用户vlan3接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.4.0 0.0.0.255
宣告用户vlan4接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.5.0 0.0.0.255
宣告用户vlan5接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.6.0 0.0.0.255
宣告用户vlan6接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.7.0 0.0.0.255
宣告用户vlan7接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.100.0 0.0.0.255
宣告用户vlan100接口地址网络
[Core-SW-ospf-100-area-0.0.0.0] network 10.0.0.0 0.0.0.3
宣告互联接口地址
[Core-SW]ip pool vlan2
[Core-SW-ip-pool-vlan2] gateway-list 10.0.2.254
[Core-SW-ip-pool-vlan2] network 10.0.2.0 mask 255.255.255.0
创建小区1号楼用户地址池,地址池名称为vlan2,用户网段为10.0.2.0,子网掩码24为,用户网关为10.0.2.254
[Core-SW]ip pool vlan3
[Core-SW-ip-pool-vlan3] gateway-list 10.0.3.254
[Core-SW-ip-pool-vlan3] network 10.0.2.0 mask 255.255.255.0
创建小区2号楼用户地址池,地址池名称为vlan3,用户网段为10.0.3.0,子网掩码24为,用户网关为10.0.3.254
[Core-SW]ip pool vlan4
[Core-SW-ip-pool-vlan4] gateway-list 10.0.4.254
[Core-SW-ip-pool-vlan4] network 10.0.4.0 mask 255.255.255.0
创建小区3号楼用户地址池,地址池名称为vlan4,用户网段为10.0.4.0,子网掩码24为,用户网关为10.0.4.254
[Core-SW]ip pool vlan5
[Core-SW-ip-pool-vlan5] gateway-list 10.0.5.254
[Core-SW-ip-pool-vlan5] network 10.0.5.0 mask 255.255.255.0
创建小区4号楼用户地址池,地址池名称为vlan5,用户网段为10.0.5.0,子网掩码24为,用户网关为10.0.5.254
[Core-SW]ip pool vlan6
[Core-SW-ip-pool-vlan6] gateway-list 10.0.6.254
[Core-SW-ip-pool-vlan6] network 10.0.6.0 mask 255.255.255.0
创建小区5号楼用户地址池,地址池名称为vlan6,用户网段为10.0.6.0,子网掩码24为,用户网关为10.0.6.254
[Core-SW]ip pool vlan7
[Core-SW-ip-pool-vlan7] gateway-list 10.0.7.254
[Core-SW-ip-pool-vlan7] network 10.0.7.0 mask 255.255.255.0
创建小区6号楼用户地址池,地址池名称为vlan7,用户网段为10.0.7.0,子网掩码24为,用户网关为10.0.7.254
5.1.3、出口路由器配置
配置路由器接口IP地址,并将接口接入相应的区域
[R1]interface GigabitEthernet0/0/0
[R1-GigabitEthernet0/0/0] ip address 10.0.0.2 255.255.255.252
[R1-GigabitEthernet0/0/0]interface GigabitEthernet0/0/1
[R1-GigabitEthernet0/0/1] ip address 200.200.200.1 255.255.255.248
路由配置
开启动态OSPF路由,进程为100.配置静态默认路由
[R1]ospf 100
[R1-ospf-100] default-route-advertise always
[R1-ospf-100] area 0.0.0.0
[R1-ospf-100-area-0.0.0.0] network 10.0.0.0 0.0.0.3
[R1 ip route-static 0.0.0.0 0.0.0.0 200.200.200.6
NAT配置
配置地址转换,将内部私有地址转换为路由器出接口公网地址
[R1]acl number 2000
[R1-acl-basic-2000]rule 5 permit source 10.0.0.0 0.0.255.255
[R1- GigabitEthernet0/0/1]nat outbound 2000
6、网络测试
6.1、测试小区内网用户访问外网
小区内网用户需要访问外网,小区内网用户PC终端通过DHCP自动获取IP地址,以1号楼小区PC为例,测试内部用户访问外网。
图-6设置小区内网PC终端自动获取IP
图-7 PC终端 IP地址信息
图-8测试小区内部用户与外网的连通性
6.2、测试小区内部用户与内部服务器连通性
小区内部网络部署FTP服务器,测试内部用户与FTP的连通性,通过ping服务器192.168.100.1。如果通的话,网络连通性就没有问题,以2号楼小区PC为例:
图-9 PC终端 IP地址信息
图-10测试小区内部用户与服务器的连通性
6.3、核心交换机上查看OSPF邻居状态信息
图-11核心交换机上ospf邻居状态信息
6.4、出口路由器上查看OSPF邻居状态信息
图-12 路由器上ospf邻居状态信息
6.5、测试telnet远程设备管理
测试用户远程管理网络设备,交换机设备都配置管理地址,在核心交换机上测试设备远程管理,在核心交换机上telnet楼层交换机。
图-13 测试网络设备telnet远程管理
7、总结
为了使小区可以有一个安全,高效且稳定的区域网络,本文举例说明了一个小区网络的搭建。文中说明智能小区在未来的一段时间中会发展出的功能以及必备的一些系统,并且搭建了一套三层网络架构为基础的企业网络,包括小区内部各部分的之间的访问以及小区各用户对外网的访问,希望可以对智能小区网络的搭建具有一定的帮助和启发。
在论文攥写撰写中学习到了拓扑的搭建以及相关网络知识如DHCP协议、FTP协议。对我国目前智能小区的现状和发展有一定的了解。
总之,本文通过拓扑的搭建和说明,对小区内对网络搭建中所用的技术和方法进行解释和描述。
参考文献
[1]柳旭东. 5G网络覆盖自优化技术研究与实现[D].南京邮电大学,2022.
[2]Xu Youbing. Research on planning, deployment and quality improvement strategies of LTE wireless network in residential areas[D]. University of Nanhua, 2020.
[3] Tian Guangguang, Li Yuan. Network planning, design and implementation of smart communities [J]. Science and Technology Innovation and Application, 2018, (36): 82-83.
[4] Dai Cong. Using Cisco simulator to realize community network design and planning [J]. Computer Knowledge and Technology, 2017, 13(10): 40-42.
[5] Wang Jinlong. Research on network planning and establishment in smart communities [J]. Communications World, 2016, (24): 53-54.
[6] Jiang Wenwen. Planning and design of telecommunications optical access network system in residential areas [D]. Lanzhou University, 2016.
[7] Zhou Jinyi. Network planning and design of small and medium-sized home communities [J]. Computer Knowledge and Technology, 2016, 12(03): 58-60.
[8] Li Zhen. Design and planning of residential broadband network [J]. Silicon Valley, 2011, (24): 64-65.
[9] He Jian. Intelligent community network design and planning [J]. Science and Technology Information, 2011, (01): 93+115.
[10] Zhang Shuwen. Network planning and design of smart communities [J]. Industry and Technology Forum, 2010, 9(06): 121-123.