Transcript – Sunset Elementary TCS

TCS – Sunset Elementary
Pat Bruen, Conor Buckley, James Gallagher


This is our presentation of the Threaded
Case Study (TCS) which is a portion of the
Cisco Academy Curriculum
Our goal is to demonstrate our knowledge
of Local Area Network (LAN) design and
implementation. For our project we are
working on Sunset Elementary School in
the Washington Elementary School District.
Goals of the LAN design

Our LAN has been designed to cope with all the
needs of a modern network in mind:

It will be secure (V-LANs, ACLs)

It will be extremely scalable

Our design is optimized for maximum bandwidth due to
the large amount of video and high bandwidth traffic we
anticipate.
WAN Topology

Our school is connected to the district
WAN via a Cisco 7513 router at the
district service centre. Three regional
hubs are located at Shaw Butte,
District Office/Data Centre and at the
Service Centre. Each of these centres
are connected to Cisco 7513 routers.
Four leased T1 lines connect these
three routers to form the WAN.
WAN – Logical Topology
Data Centre
Cisco 7513
11 Schools including
Desert V iew and
SunnySlope
Four T1 lines
Four T1 lines
Service Centre
Cisco 7513
Shaw Butte
Cisco 7513
Four T1 lines
11 Schools including
RE Miller and Royal
Palm
11 Schools, including
Sunset, A cadia,Mt. Sky
LAN – Cabling and Physical
Topology

Our LAN will have a fibre optic
backbone – connecting all IDFs to the
MDF in building A (fibre cable runs are
represented in blue). Cat 5 E cable
will run from these IDFs and the MDF
to each data termination point in the
building.
Classroom Layout

Each data termination point will have
four RJ-45 wall jacks containing CAT5-E
cable. In each room teachers
workstations will have a dedicated wall
jack and all students machines will
connect into 12 port Catalyst switches
which then connect into Cisco 3524 24Port Enterprise switches at the MDF
and IDFs.
Classroom Layout
Location of Servers

All our servers are located in a small
server room located beside the MDF.
Wiring Closets

Over the next four slides are details of our
designs for an MDF and IDF in building A
and two more IDFs in the Cafeteria (building
C) and Administration (building B). Although
only three IDFs were required according to
IEEE standards for maximum distances, we
decided to install another switch in building
C in order to provide scalability in case of
future development.
MDF – Building A


Our MDF is located in building A. This room was chosen as
it has an out-swinging door (necessary for safety reasons),
appears to be adequately large and is located next to the
POP.
Our gateway to the WAN is a high-end Cisco 3661 AC
router. This is in turn connected to a Catalyst 2948G-L3
switch – a switch which supports Layer 3 protocols including
IP, RIP, IGRP, EIGRP. Because of this it can perform
virtually all the routing needed within the network and can
allow our router to concentrate on our link to the WAN. You
will notice that the only connections to our router are the
fibre optic links to the WAN and to the Catalyst 2948G-L3
switch.
MDF – Building A


The other three switches are 24 port Enterprise
switches. These switches are capable of
implementing VLANS which we will talk about later.
Four CAT 5 E cable runs will run from each data
termination point back to these switches.
Of these four CAT5 E cable runs, one will be
connected to a teachers/admin computer and the
other three will be connected to 12 port Catalyst
1912 switches into which all other hosts in the room
will be connected. T
MDF – building A
IDF – Building A
Fibre Optic
from MDF
Cisco 3524
PWR XL-EN
Tw o Sw itche s ar e locate d
in e ach r oom and link e d
back to this IDF. Each r oom
w ill have a de dicate d dr op
point for Adm in/Te ache r s
w hich w ill be link e d back to
a s pe cific Adm in s w itch. All
othe r hos ts w ill be link e d
via Catalys t 1912 s w itche s
back to the IDF
Cisco 3524
PWR XL-EN
Cisco 3512
PWR XL-EN
3 X Catalyst 1912
33U 19in Wiring Closet#1
12U 19in Wiring Closet#1
A lthough this IDF only
needs 44 available
ports (to service 11
rooms), w e have made
60 available, both f or
backbone connections
and f or f uture
scalability
IDFs – Buildings B and C

The smaller IDFs located in buildings
B and C contain only one 24 port
enterprise edition switch each. Again
the rooms here are laid out in the
same way as in building A. On the
next slide is the layout for both of
these IDFs.
IDF – Admin (Building B)
A gain this IDF is laid out in
the same w ay as the main
one, but simply on a smaller
scale. Here w e have one
representation of a typical
room below , connected
back to a Cisco 3524
sw itch.
3 X Catalyst 1912
12U 19in Wiring Closet#3
Cisco 3524
PWR XL-EN
12U 19in Wiring Closet#1
Fibre Optic from
M DF
LAN Logical Topology
The next slide shows the logical
topology for the backbone of our LAN.
 We did not include the classrooms in
this topology as we simply wanted to
show how the backbone is connected
logically

All of the cabling shown in the drawing
(in red) is fibre optic cable.
LAN Backbone - Logical
IP Addressing Scheme

Class B Address

10.x.x.x

First x = building

Second x =room

Third x =host
IP Addressing for connections to
Building A IDF
Library has three connection points
 Rooms 27-34 are connected through
the IDF
 The Addressing scheme for this is as
follows on next slide

Building A IDF
Library 1
Library 2
Library 3
room27
room28
Admin
10.2.37.110.2.37.127
10.2.38.110.2.38.127
10.2.39.110.2.39.127
Students
10.2.37.12810.2.37.254
10.2.38.12810.2.37.254
10.2.39.12810.2.39.254
10.2.27.110.2.27.127
10.2.28.110.2.28.127
10.2.27.12810.2.27.254
10.2.28.12810.2.28.254
IP Addressing for connections to
Building A MDF

Rooms 1-25 are
connected to the MDF
Room
number
Admin
Student
1
10.1.1.110.1.1.127
10.1.1.12810.1.1.254
2
10.1.2.110.1.2.127
10.1.2.12810.1.2.254
26
10.1.26.110.1.26.127
10.1.23.12810.1.26.254
IP Addressing for connections to Building B
IDF
9 workstations
Admin
10.3.1.1-10.3.1.9
Network printer1
10.3.1.10.
Network printer2
10.3.1.11
IP Addressing for connections to
Building C IDF
2 Staff workstations
10.4.1.1
10.4.1.2
Printer Addresses
Printers in student rooms off MDF
 10.1.room number.254
 Printers in student rooms off IDFA
 10.2.room number.254

Server Addresses
Admin server
10.1.27.1
Library server
10.1.27.2
Application server
10.1.27.3
DNS server
10.1.27.4
Email server
10.1.27.5
File server
10.1.27.6
DHCP
10.1.27.7
Internet connectivity

All connectivity that is initiated from
the Internet to the internal district
network will be protected via ACL's on
the routers that make up the double
firewall architecture. Any connectivity
initiated from the district to the Internet
will be permitted to communicate
freely..
Access control lists

Traffic filtering capabilities can be utilized
with Access Control Lists (ACL's).
Support for the following network protocols
are provided IP, IPX and AppleTalk.
Access list configuration is used to control
access to a network. ACL's can prevent
certain traffic from entering or exiting a
network and/or certain upper-layer protocols
such as FTP, SMTP, DNS and so on.
Access List
Extended IP access list 101
permit 10.1.1.128 255.255.255.127 eq53
This permits student access to DNS
Use access lists to permit access to Email FTP etc
Deny ip any any
This denies access to anything else

V LANS
Two VLANS required
 Student VLAN
 Curriculum VLAN
 Enterprise switch needed in MDF and
IDFs
 Eight enterprise version switches
needed in total with some ports left
over for scalability

IGRP
IGRP is a distance-vector dynamic
routing protocol. By default, it will
exchange its routing tables with its
directly connected neighbors every 90
seconds
 Flash updates, triggered by topology
changes, are also sent

IGRP


Any routing protocol will use up some of the
bandwidth otherwise available for data, and
IGRP, since it has various metrics with which to
monitor and adjust network traffic. But the
amount of data in these updates is dwarfed by
the bandwidth of the router to router
connections in the school district network.
However our Layer 3 backbone switch (Catalyst
2948G-L3) will perform a lot of the functions
normally done by a router including the IGRP
protocol.
Security

Internet connectivity will utilize a double
firewall implementation with all Internetexposed applications residing on a public
backbone network. All connections from the
Internet into the schools private network will
be denied. The network will be divided into
three logical network classifications;
administrative, curriculum, and external with
secured interconnections between them.
This concludes our Threaded Case
Study for Sunset Elementary School
 Thank you for your time.
