PACKET TRACER CAMPUS NETWORK ARCHITECTURE

CAMPUS/UNIVERSITY NETWORK DESIGN & CONFIGURATION ON PACKET TRACER SIMULATION

oluyede Segun (jr)
8 min readNov 27, 2020

--

CAMPUS NETWORK ARCHITECTURE

1. DESCRIPTION

This network design simulates a real life campus network. It contains devices needed to create the network and all associated configurations.

There are two departments and a private datacenter for the school.

2. NETWORK DEVICES USED

2.1 MULTI-LAYER SWITCH

A multilayer switch is a network device that has the ability to operate at higher layers of the OSI reference model, unlike the Data Link Layer (DLL) traditionally used by switches. A multilayer switch can perform the functions of a switch as well as that of a router at incredibly fast speeds.

It is a distribution switch which is a layer 3 switch.

Multilayer switch in packet tracer

2.2 ROUTER

A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet.

Router in packet tracer

2.3 ACCESS-SWITCH

As access switch is the one that allows your devices to connect the network, it undoubtedly supports port security, VLANs, Fast Ethernet/Gigabit Ethernet and etc. … All in all, access switch is usually a layer 2 switch.

Switch in packet tracer

2.4 SERVERS

A server is a computer that provides data to other computers. It may serve data to systems on a local area network (LAN) or a wide area network (WAN) over the Internet. Many types of servers exist, including web servers, mail servers, and file servers.

Server in packet tracer

2.5 PC’S

A personal computer (PC) is a multi-purpose computer whose size, capabilities, and price make it feasible for individual use

pc in packet tracer

2.6 ISP

The definition of an ISP is defined as an Internet Service Provider which is a company providing Internet access. An example of an ISP is the company AT&T, MTN. A company that provides subscribers with access to the Internet.

Isp cloud in in packet tracer

3. NETWORK DEVICES COMMUNICATIONS

All PC’s can ping the internet (which is avaliable at 8.8.8.8 dns)

Each devices in each vlan and each department can ping each other.

PC’s in different department cannot ping each other.

PC’s And Server are assigned ip address by dhcp.

PC’S and Servers in the schools private datacenter can only ping each other and not the outside world.

4. NETWORK CONFIGURATIONS USED

This is a campus network design which implements

4.1 HSRP

4.2 EIGRP

4.3 PORTCHANNEL

4.4 NAT

4.5 DHCP

4.6 THREE TIER NETWORK DESIGN

4.7 PORT SECURITY

4.8 PARTIAL MESH DESIGN

4.9 VLANS

4.10 IP ADDRESSSING

4.11 SPANNING-TREE ROOT-BRIDGE

4.1 HSRP:

In computer networking, the Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. Version 2 of the protocol is mostly used Version 2 of the protocol introduces stability, scalability and diagnostic improvements.

The primary router with the highest configured priority will act as a virtual router with a pre-defined gateway IP address and will respond to the ARP or ND request from machines connected to the LAN with a virtual MAC address.

E.G

ON THE FIRST ROUTER (R1)

interface Vlan3

standby 3 ip 192.168.3.1 — — assigning a virtual ip to HSRP group “3”

standby 3 priority 120 ! — — Assign a priority (120 in this case) to the router interface Vlan3! for a particular group number (3). The default is 100.

standby 3 preempt: — — Allows the router to become the active router when the priority is higher than all other HSRP-configured routers in the hot standby group. If you do not use the standby preempt command in the configuration .for a router, that router does not become the active router, even if the priority is higher than all other routers.

ON THE OTHER ROUTER (R2)

interface Vlan3

standby 3 ip 192.168.3.1 — — This becomes the standby router.

4.2 EIGRP

Enhanced Interior Gateway Routing Protocol (EIGRP) is an advanced distance-vector routing protocol that is used on a computer network for automating routing decisions and configuration. The protocol was designed by Cisco Systems as a proprietary protocol, available only on Cisco routers.

E.G

ON THE ROUTER

router eigrp 1

network 0.0.0.0

no auto-summary

4.3 PORT-CHANNEL

A port channel is an aggregation of multiple physical interfaces that creates a logical interface. You can bundle up to eight individual active links into a port channel to provide increased bandwidth and redundancy. Port channeling also load balances traffic across these physical interfaces.

It can be statically (on /off) and LACP(Active and Passively enabled)

E.G

ON THE SWITCH:

Initialise the port-channel:

switch(config)# interface port-channel 1

switch(config-if)# channel-group 1mode active

how to add an Ethernet interface 1/4 to channel group 1:

switch# configure terminal
switch (config)# interface ethernet 1/4
switch(config-if)# switchport mode trunk
switch(config-if)# channel-group 1

4.4 NAT(Network Address Translation)

Network address translation (NAT) is a method of remapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.

It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.

E.G

ON THE ROUTER

on the inside interface

interface GigabitEthernet0/1

ip address 10.0.0.62 255.255.255.252

ip nat inside

on the outside interface

interface GigabitEthernet0/1/0

description Global IP to ISP

ip address 200.0.0.1 255.255.255.252

ip nat outside

ip nat inside source list 5 interface GigabitEthernet0/1/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1/0

4.5 DHCP

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks, whereby a DHCP server dynamically assigns an IP address and other network configuration parameters to each device on the network, so they can communicate with other IP networks.

A DHCP server enables computers to request IP addresses and networking parameters automatically from the Internet service provider (ISP), reducing the need for a network administrator or a user to manually assign IP addresses to all network devices.

E.G: DHCP ON A ROUTER

ip dhcp excluded-address 192.168.3.1 192.168.3.3

ip dhcp pool VLAN3

network 192.168.3.0 255.255.255.0

default-router 192.168.3.1

dns-server 8.8.8.8 — — (Optional,for testing)

domain-name IPvZero.com — — (Optional,for testing)

4.6 THREE TIER NETWORK DESIGN

THREE TIER NETWORK DESIGN

Core Layer

Core Layer consists of biggest, fastest, and most expensive routers with the highest model numbers and Core Layer is considered as the back bone of networks. Core Layer routers are used to merge geographically separated networks. The Core Layer routers move information on the network as fast as possible. The switches operating at core layer switches packets as fast as possible.

Distribution layer:

The Distribution Layer is located between the access and core layers. The purpose of this layer is to provide boundary definition by implementing access lists and other filters. Therefore the Distribution Layer defines policy for the network. Distribution Layer include high-end layer 3 switches. Distribution Layer ensures that packets are properly routed between subnets and VLANs in your enterprise.

Access layer

Access layer includes access switches which are connected to the end devices (Computers, Printers, Servers etc). Access layer switches ensures that packets are delivered to the end devices.

4.7 PORT SECURITY

Port Security helps secure the network by preventing unknown devices from forwarding packets. When a link goes down, all dynamically locked addresses are freed. The port security feature offers the following benefits: You can limit the number of MAC addresses on a given port.

It is usually configured on a switch interface

E.G

ON THE SWITCH

switchport port-security

switchport port-security maximum 2 — — “2 Devices”

switchport port-security mac-address sticky

switchport port-security violation restrict — — “means restrict if violated”

switchport port-security mac-address sticky

spanning-tree portfast — — “enables forwarding state”

spanning-tree bpduguard enable — -”PortFast BPDU guard prevents loops when a BPDU is received on that port”

storm-control broadcast level 40

4.8 PARTIAL MESH DESIGN

In partial-mesh topology, some of the devices are connected to many devices together, but other devices are connected only to one or two devices. E.G The three tier design.

4.9 VLANS

VLANs (Virtual LANs) are logical grouping of devices in the same broadcast domain. VLANs are usually configured on switches by placing some interfaces into one broadcast domain and some interfaces into another. Each VLAN acts as a subgroup of the switch ports in an Ethernet LAN.

The purpose of implementing a VLAN is to improve the performance of a network or apply appropriate security features. They can TRUNK and ACCESS.

E.G

ON THE SWITCH

switch# configure terminal

switch(config)# vlan 5

switch(config-vlan)# name accounting

switch(config-vlan)# state active

switch(config-vlan)# no shutdown

TRUNK VLAN

switchport trunk encapsulation dot1q

switchport mode trunk

ACCESS VLAN

switchport access vlan 5

switchport mode access

4.10 IP ADDRESSSING

An IP address is an address used in order to uniquely identify a device on an IP network. The address is made up of 32 binary bits, which can be divisible into a network portion and host portion with the help of a subnet mask. The 32 binary bits are broken into four octets (1 octet = 8 bits).

It is divided into class A-D

E.G

interface FastEthernet0/3

ip address 10.0.0.5 255.255.255.252

4.11 SPANNING-TREE ROOT-BRIDGE

The Root bridge (switch) is a special bridge at the top of the Spanning Tree (inverted tree). The branches (Ethernet connections) are then branched out from the root switch, connecting to other switches in the Local Area Network (LAN). All Bridges (Switches) are assigned a numerical value called bridge priority.

Bridge Priority (Switch Priority) Value is a 16-bit binary number. By default, all Cisco Switches has a Bridge Priority (Switch Priority) value of 32,768.

The root bridge of the spanning tree is the bridge with the smallest (lowest) bridge ID. Each bridge has a configurable priority number and a MAC address; the bridge ID is the concatenation of the bridge priority and the MAC address. It is the preferred route

E.G

ON THE SWITCH

spanning-tree mode rapid-pvst

spanning-tree vlan 3,9 priority 24576

spanning-tree vlan 5,14 priority 28672

5. CONCLUSION

Very key concepts of networking were explained. Part of my revision on CCNA. download the file, and ping away.

WRITER: OLUYEDE SEGUN . A(jnr)

LINK TO PACKET TRACER FILE: https://projectsss.s3.us-east-2.amazonaws.com/campus_university+Design+CCNA.pkt

linkedin profile: https://www.linkedin.com/in/oluyede-segun-adedeji-jr-a5550b167/

twitter profile: https://twitter.com/oluyedejun1

TAGS: #NETWORKING #CCNA #CISCO #ROUTER #SWITCH #PACKETRACER #CAMPUSNETWORK

--

--

oluyede Segun (jr)
oluyede Segun (jr)

Written by oluyede Segun (jr)

Certified I.T specialist | Computer Network Admin | Cloud | Artificial intelligence ( Machine Learning & Data Science),& webdev. python/JavaScript language

No responses yet