1. Basic concept of campus network
What is a Campus Network
• The scale of the campus network can be large or small, as small as a SOHO (Small Office Home Office, home office), as
large as campuses, enterprise parks, parks, and shopping centers. The scale of the park is limited. Generally, large parks, such as
university parks and industrial parks, are still limited to a few square kilometers. Within this range, we can use
LAN technology to build networks. A "campus" beyond this range is generally regarded as a "metropolitan area" and requires the use of WAN
technology, and the corresponding network will be regarded as a metropolitan area network.
• Typical LAN technologies used in campus networks include Ethernet technology (wired) following the IEEE (Institute of Electrical and Electronics
Engineers) 802.3 standard and
Wi-Fi technology (wireless) following the IEEE 802.11 standard.
Typical Campus Network Architecture
• Typical layers and areas of the campus network:
▫ Core layer: It is the backbone of the campus network and the core of the campus data exchange, connecting various components of the campus network, such as
data centers, management centers, and campus exits.
▫ Convergence layer: Located in the middle layer of the campus network, it completes the function of data aggregation or exchange, and can provide some key basic
network functions, such as routing, QoS, security, etc.
▫ Access layer: Provides campus network access services for end users and is the boundary of the campus network.
▫ Egress zone: the boundary between the campus internal network and the external network, which is used to realize the access of internal users to the public network and
the access of external users to the internal network. Generally, a large number of network security devices are deployed in this area to defend against external network attacks,
such as IPS (intrusion prevention system, intrusion prevention system), Anti-DDoS devices, Firewall
(firewall), etc.
▫ Data center area: The area where servers and application systems are deployed to provide data and application
services for internal and external users of the enterprise.
▫ Network management area: The area where the network management system is deployed, including SDN controllers, wireless controllers, eLOG (log
server), etc., to manage and monitor the entire campus network.
Typical architecture of a small campus network
Typical architecture of a medium-sized campus network
Typical architecture of a large campus network
Campus network main protocols/technologies
2. Campus network project actual combat
Campus Network Project Lifecycle
• The planning and design of the network is the starting point of a project. Perfect and detailed planning will lay a solid foundation for the subsequent specific work of the project .
• Project implementation is the specific operation link for engineers to deliver projects. Systematic management and efficient processes are the
basic elements to ensure the smooth completion of project implementation.
• To ensure the normal operation of various network functions and support the smooth development of user services, it is necessary to perform daily maintenance
and troubleshooting on the network.
• The user's business is constantly developing, so the user's requirements for network functions will also be constantly changing. When the existing network cannot meet
service requirements, or some hidden dangers are exposed during network operation, network optimization is required to solve the problem.
Small Campus Network Design
Networking scheme design
• The entire network adopts a three-layer architecture
▫ The access switch at the access layer adopts S3700 to provide 100M network access for terminals such as employee PCs and printers.
▫ The aggregation layer uses S5700 equipment as the gateway of the Layer 2 network.
▫ AR2240 devices are used for the core and egress, as the egress of the entire campus network.
• Note: Agg is the abbreviation of Aggregation, which means the aggregation layer device. Acc is the abbreviation of Access, indicating the access layer device.
Basic service design: VLAN design
VLAN planning
Basic service design: IP address design
IP address planning
Basic service design: IP address allocation method design
• Dynamic IP allocation or static IP binding can be used for IP address allocation. In small and medium-sized campuses, the specific principles for assigning IP addresses
are as follows:
• Egress gateway device: The IP address of the WAN-side interface is assigned by the operator, and can be
assigned through static IP addresses, DHCP, or PPPoE. The address needs to be obtained through communication with the operator in advance.
• Servers and special terminal equipment (punching machines, print servers, IP video surveillance equipment, etc.) are recommended to be
allocated by binding static IP addresses.
• User terminal: It is recommended to deploy the DHCP server on the gateway device for the user's office PC, IP phone and other equipment, and then
dynamically allocate them uniformly through DHCP.
IP address allocation method planning
Basic service design: routing design
• The routing design of the small and medium-sized campus network includes the routing design within the campus and the
routing design between the campus egress and the Internet/WAN devices.
• Routing design within the campus: It mainly meets the intercommunication requirements of devices/terminals within the campus and can interact with external routes.
Because the network scale of small and medium-sized campuses is relatively small, the network structure is relatively simple.
▫ AP device: After assigning an IP address through DHCP, a default route will be generated by default.
▫ Switches and gateway devices: Static routing can meet the requirements without deploying complex routing protocols.
• Routing design for the egress of the campus: The egress routing design mainly meets the needs of users inside the campus to access the Internet and the WAN.
When the egress device is connected to the Internet or WAN, it is recommended to configure a static route on the egress device to meet the requirements.
WLAN design
• In addition to planning the networking and data forwarding methods, it is still necessary to carry out:
▫ Network coverage design: Design and plan for the area covered by the wireless network to ensure that the signal strength within the area coverage
can meet the user's requirements, and solve the problem between adjacent APs. co-channel interference problem.
▫ Network capacity design: According to the bandwidth requirements of wireless terminals, the number of terminals, the concurrency rate, and the performance of a single AP, the number of
APs required for network deployment is designed to ensure that the wireless network performance can meet the Internet service requirements of all terminals.
▫ AP deployment design: On the basis of network coverage design,
correct and confirm the actual AP deployment location, deployment method and power supply routing principle according to the actual situation.
▫ In addition, WLAN security design, roaming design, etc. need to be carried out, and this course will not list them one by one.
WLAN data plan
reliability design
Layer 2 Loop Avoidance
Export NAT design
security design
• Note: The security design in this case is implemented only by routers or switches.
Operation and maintenance management design
Small Campus Network Deployment and Implementation
Configuration scheme (1)
Configuration scheme (2)
Configuration scheme (3)
Configuration scheme (4)
Configuration scheme (5)
Configuration scheme (6)
Configuration scheme (7)
Small Campus Network Debugging
Small Campus Network O&M
Small Campus Network Optimization
