Robert Michaud

1
WASHINGTON
SCHOOL DISTRICT
Sunset School
Threaded Case Study

• Robert Michaud
• Lewis Overton
• Steve Wight

2
OVERVIEW

• 7 to 10 Years Functionality
• 1000 growth in the LAN's
• 100 growth in the WAN.
• 1.0 Mbps to any Host
• 100 Mbps to any Server Host
• Only Protocols TCP/IP Novell IPX

3
USER REQUIREMENTS

• 2 SEGMENTS
• Administration
• Curriculum
• ETHERNET SPECIFICATIONS (Transport Speeds)
• Ethernet 10 BaseT (10 Mbps)
• Ethernet 100 BaseT (100 Mbps)
• Ethernet 100 BaseFX (100 Mbps)

4
USER REQUIREMENTS

• MEDIA
• Horizontal Cabling - CAT5 UTP (tested to
  accommodate 100Mbps)
• Backbone Cabling - CAT5 UTP or Fiber Optic Multi
  mode cable
• Cabling shall comply with TIA/EIA-568-A and
  TIA/EIA-569 Standards
• LAN INFRASTRUCTURE
• Ethernet LAN Switching

5
USER REQUIREMENTS

• MDF
• Centrally Located - All LAN cabling connects into
  MDF
• Location of routers, switches, CSU/DSU, servers
• IDFs
• Use if horizontal link exceeds 100 meters
• Connects to MDF

6
USER REQUIREMENTS

• CLASS ROOMS
• Able to support 24 hosts
• Each room supplied with (4) CAT 5 UTP runs for
  data, (one run for teacher host)
• Cable runs terminated in the closest MDF or IDF

7
USER REQUIREMENTS

• EACH CLASSROOM POP SPECIFICATIONS
• Single location in each room will have a wiring
  point of presence
• A locked cabinet will contain all cable
  terminations, data hubs, and switches
• Data services distributed into the room via
  decorative wire molding

8
LAN WIRING DIAGRAM - Sunset School
9
LAN WIRING DIAGRAM - Building A
10
LAN WIRING DIAGRAM
11
WIRING DIAGRAM - Single Classroom
12
LAN MEDIA SPREADSHEET
13
LAN PHYSICAL TOPOLOGY
14
SERVERS

• FILE SERVERS
• Enterprise Servers - Placed in the MDF
• Workgroup Servers - Placed in the IDF closest to
  users
• DNS SERVERS E-MAIL SERVICES
• DNS and e-mail services will provide local e-mail
  services
• All regional servers will be able to communicate
  between each other

15
SERVERS

• ADMINISTRATIVE SERVERS
• Will be running TCP/IP and made available to
  teachers and staff only
• LIBRARY SERVER
• To provide an automated information and retrieval
  system (online for curriculum research)
• Will be running TCP/IP and made available to
  everyone at the school site.

16
SERVERS

• APPLICATION SERVERS
• Will be running TCP/IP
• Computer applications will be housed in a central
  server at the school site
• OTHER SERVERS
• Any additional servers are departmental
  (workgroup) servers
• Workgroup servers are to be located according to
  the user groups needs
• One server should be running DHCP

17
MDF DIAGRAM
18
IDF-A DIAGRAM
19
IDF-B DIAGRAM
20
LAN ELECTRONICS SPREADSHEET
21
ADDRESSING NETWORK MANAGEMENT

• Complete TCP/IP Addressing
• Naming scheme for all hosts, servers, and network
  interconnection devices
• Appropriate subnetting
• No unauthorized addresses allowed
• Private network numbers
• Hosts on administrative networks assigned static
  addresses
• Hosts on student network will obtain addresses
  using DHCP (each site to have a server running
  DHCP)

22
VLAN / IP ADDRESS CONFIGURATION

• VLAN 1 (Student Network)
• IP Address 172.16.9.xxx
• Dynamically Assigned by
  DHCP Server
• VLAN 2 (Administration Network)
• IP Address 172.16.8.131 through 172.16.8.180
• Statically Assigned by
  Network Administrator

23
IP ADDRESSING SCHEME
VLAN 1 Student VLAN 2 Administration
24
IP ADDRESSING SCHEME cont.
25
ROUTER INTERFACES- IPX IP Addressing
26
ACL IMPLEMENTATION

• Servers Interface e0
• Allow everyone access to WWW (HTTP) server
• Sunset(config) access-list 101 permit tcp any
  host 172.16.8.21 eq 80
• Allow everyone access to Application server
• Sunset(config) access-list 101 permit tcp any
  host 172.16.8.25
• Allow everyone access to DNS server
• Sunset(config) access-list 101 permit tcp any
  host 172.16.8.23 eq 53
• Allow everyone access to E-mail server
• Sunset(config) access-list 101 permit tcp any
  host 172.16.8.24 eq 25
• Deny all other IP packets from Student Network
• Sunset(config) access-list 101 deny ip
  172.16.9.0 0.0.0.255 any
• Permit all other hosts
• Sunset(config) access-list 101 permit ip any
  any

27
ACL IMPLEMENTATION cont.

• Bldg. B (Admin. Office/Server) Interface e3
• Allow staff access to Admin. Network
• Sunset(config) access-list 102 permit ip
  172.16.8.0 0.0.0.255 any
• Deny all IP packets from Student Network
• Sunset(config) access-list 102 deny ip
  172.16.9.0 0.0.0.255 any
• Sunset(config)int e3
• Sunset(config-if)ip access-group 102 out
• Sunset (Router) Interface s0
• Deny everyone telnet
• Sunset(config) access-list 103 deny tcp any any
  eq telnet
• Deny everyone ftp
• Sunset(config) access-list 103 deny tcp any any
  eq ftp
• Permit all other hosts
• Sunset(config) access-list 103 permit ip any any

28
LAN PROs and CONs

• We selected 2948G switches, 2924XL switches, a
  3640 Cisco router, and single mode fiber optic
  cable (for our VCC in our LAN design.) We could
  have spent less money on these items and achieved
  the same result. We believe the higher initial
  cost will prove more economical in the years to
  come because this equipment can easily be
  upgraded with minimal disruption to the LAN. The
  hardware placed in this LAN provide the option of
  future versatility and expandability.

29
SPEC. SHEET
C2924 XL -IDF A (24 Port Switch)
3640 4-slot Modular -MDF (Router)
30
SPEC. SHEET
C2912MF-XL MDF (12 Port Switch)
FastHub 400 100BaseFX module Bldg. C
31
SPEC. SHEET
Dell PowerEdge 2550 IDF-A Library Server
32
SPEC. SHEET
Dell PowerEdge 6450 MDF Enterprise Server
33
SPEC. SHEET
Dell PowerEdge 1650 IDF-B Administration
Server
34
SPEC. SHEET
WS-C1924C IDF-B 24 Port Switch