1 semester 3 threaded case study royal palm 41306-3a/3b ip siu tik tsang man wu wai hung wong lai...
TRANSCRIPT
![Page 1: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/1.jpg)
1
Semester 3Threaded Case Study
Royal Palm
41306-3A/3BIp Siu Tik
Tsang ManWu Wai Hung Wong Lai Ting
![Page 2: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/2.jpg)
2
Wide Area Network
![Page 3: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/3.jpg)
3
LAN Area Network
![Page 4: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/4.jpg)
4
LAN Wiring Scheme
![Page 5: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/5.jpg)
5
LAN Wiring Scheme
![Page 6: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/6.jpg)
6
Addressing and Network Management Class A private address 10.3.48.0/20 is assigned 7 subnets for two administrative network and five
student network 10.3.48.0/23 - Administrative Network 10.3.50.0/23 - Administrative Network 10.3.52.0/23 - Student Network 10.3.54.0/23 - Student Network 10.3.56.0/23 - Student Network 10.3.58.0/23 - Student Network 10.3.60.0/23 - Student Network
![Page 7: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/7.jpg)
7
Addressing and Network Management
Administrative Network 10.3.48.1/23 Router Interface E0 (Admin LAN)
10.3.48.2->10.3.49.254 Switches
10.3.49.10 Domain Name Server
10.3.49.11 Email Server
10.3.49.12 Web Server
10.3.49.13 Administration File Server
10.3.49.14 Administration Server
10.3.49.20->10.3.49.254 Staff PC's Static Addresses
10.3.50.1/23 Router Sub-Interface E0 (Admin LAN)
10.3.50.20->10.3.51.254 Staff PC's Static Addresses
![Page 8: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/8.jpg)
8
Addressing and Network Management
Student Network 83 classrooms and each classroom support maximum 24
computers. 1992(83X24) IP addresses are needed
![Page 9: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/9.jpg)
9
Addressing and Network Management10.3.52.1/23 Router Interface E1 (Student LAN)
10.3.52.10 Library Server
10.3.52.11 Application Server
10.3.52.12 Student File Server
10.3.52.13 DHCP Server
10.3.54.1 Router Sub-Interface E1 (Student LAN)
10.3.56.1 Router Sub-Interface E1 (Student LAN)
10.3.58.1 Router Sub-Interface E1 (Student LAN)
10.3.60.1 Router Sub-Interface E1 (Student LAN)
10.3.52.20->10.3.53.254 DHCP addresses for IDF 1
10.3.54.2->10.3.55.254 DHCP addresses for IDF 2
10.3.56.2->10.3.57.254 DHCP addresses for IDF 3
10.3.58.2->10.3.59.254 DHCP addresses for IDF 4
10.3.60.2->10.3.61.254 DHCP addresses for IDF 5
![Page 10: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/10.jpg)
10
Security
Access Lists 101: Student VLAN has no access to admin server or admin file
server
-- E0 in –router(config) # access-list 101 permit ip 10.3.48.0 0.0.3.255 anyrouter(config )# acces-list 101 deny ip any anyrouter(config )# interface e0router(config-if) # ip access-group 101 in
![Page 11: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/11.jpg)
11
Security
Access Lists 102: Any traffic leaving administration VLAN not from a valid address
on that VLAN is denied Permit Web Server (port 80), DNS(port53) and SMTP(port 25) to
be accessible from the student VLAN
--E0 out –router(config) # access-list 102 permit tcp any any eq 80router(config) # access-list 102 permit tcp any any eq 25router(config) # access-list 102 permit tcp any any eq 53router(config) # access-list 102 permit udp any any eq 53router(config) # access-list 102 deny ip 10.3.0.0 0.0.255.255router(config) # access-list 102 permit ip any anyrouter(config) # interface e0router(config-if) # ip access-group 102 out
![Page 12: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/12.jpg)
12
Security
Access Lists 103: Any traffic leaving student VLAN not from a valid address
on that VLAN is denied
--E1 in—router(config) # access-list 103 permit ip 10.3.52.0 0.0.3.255 anyrouter(config) # access-list 103 permit ip 10.3.56.0 0.0.3.255 anyrouter(config) # access-list 103 permit ip 10.3.60.0 0.0.3.2555 anyrouter(config) # interface e1router(config-if) # ip access-group 103 in
![Page 13: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/13.jpg)
13
Internet Connectivity
Double firewalls for protection Access Control Lists (ACLs) is utilized in rout
ers tcp port 53(DNS service), 80 (web server) an
d 110(e-mail service) available only Admin server cannot be accessed by student
VLAN
![Page 14: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/14.jpg)
14
Internet Connectivity
Side effect of using ACLs: increase the latency of traffic increase the CPU utilization of the routers
ACL latency effect slow down accessing to e-mail, internet & intranet
browsing, log on process
![Page 15: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/15.jpg)
15
User Counts
Location Student/Curriculum Runs
Administrative/Teacher Runs
Total Runs
Building 1 60 20 80
Building 2 36 12 48
Building 3 33 11 44
Building 4 15 5 20
Building 5 24 8 32
Science building, 6 2 8
Computer building 6 2 8
7 double portable classroom 42 14 56
Multipurpose building 18 6 24
Cafeteria 9 3 12
Total 332
![Page 16: 1 Semester 3 Threaded Case Study Royal Palm 41306-3A/3B Ip Siu Tik Tsang Man Wu Wai Hung Wong Lai Ting](https://reader035.vdocuments.site/reader035/viewer/2022062720/56649f1b5503460f94c2ffd3/html5/thumbnails/16.jpg)
16
~The End~