CE231 Assignment 2: Scaling Networks

The parts that you need to fill in or content to append are:

• Complete the fields in Table 1
• Complete the fields in Table 2
• Include only the configurations and certain command outputs specified in Task 5.
• Append the explanation for Task 6.

Additionally, you must submit your working Packet Tracer file with the same configuration as that used for the output given in Task 5.

You MUST use Packet Tracer 6.1.1 (or later) for this assignment, it is available for download in Windows from the CE231 Moodle page (or Cisco Network Academy site). You must use the provided scenario.pkt file available from the CE231 Moodle page.

Marks will be awarded as follows (marks in Task 1-5 are in proportion to the correct configuration and documentation):

• 5% for Task 1 (Table 1 and Table 2)
• 10% for Tasks 2 (Basic device configuration)
• 40% for Task 3 (OSPF and router features)
• 20% for Task 4 (Switching and spanning tree)
• 5% for Task 5, Documentation and correct submission of Packet Tracer file.
• 20% for Task 6, Explanation of recovery of routing and switching after failure of primary DS switch (DS1 or DS2). 5/20 of these marks will be for good presentation including use of English and appropriate use of references. See the table in Task 6 for the marking scheme for this task.

NOTE: this document is a generic description for the whole group. Every student also has a unique combination of IP address ranges, VLAN identifiers and sizes of LANs distributed through the CE231 course pages. Under no circumstances should you use values allocated to another student – doing so will give rise to an investigation of plagiarism. You will find your own individual settings on the CE231 course page using your registration number as a key to your individual page.

Figure 1 Assignment topology

Scenario

You are to configure the routing and switching for part of the company network shown in Figure 1, in particular the wide area networking routing (including Branch and Data Centre gateways) and the switching for the Data Centre. Some of the systems are pre-configured. You must complete this assignment using Cisco Packet Tracer version 7.1 (or later). Some of the assignment (e.g some IP addresses) is specified exactly, but other parts you will have to make sensible design choices based on the scenario as described here and the methods you have learnt from the lab tasks.

You will find that the following devices are already configured and you should not change their configuration:

InternetServer, ISP, BR2, BR3, B1, B2, BPC1, DSLink.

You can see the configuration of these devices by either using username and password “donotconfigureme” or by exporting the running configuration from the Config tab. You will need to look at the configuration of BR2 and BR3 (the other switches, B1, B2 and DSLink, are just running default switching without any VLANs).

You must configure the rest of the devices.

All links are operating at the line speed of their interfaces except for the following:

The scenario only shows part of the company network, you are to assume that the actual network is very large with many branches (not shown). All the branches connect to the WAN and access the Internet through WAN2.

There is a placeholder for the Internet (InternetServer) accessed through an Internet Service Provider. The router ISP is a placeholder for the Internet Service Providers network. ISP provides one public IP address for the whole company to use (202.202.202.2 on WAN2). The company hosts should be able to access the Internet, however, it is not necessary for the Internet to access any hosts in the company network. You are to assume that security is provided by firewalls that are not shown in the scenario so that no access control lists are required (apart from selecting traffic for things like NAT).

The company network manager has specified that you use multi-area OSPF and make sure it is configured to route traffic using sensible routes (but is leaving you to determine what are sensible routes). The only detailed specifications you are given about the multi-area OSPF are that:

• the ABRs must be BR1 and DSGW;
• as the “auto-cost reference bandwidth” command does not work in Packet Tracer link costs must be set manually
• the routing configuration must be compatible with that already configured on BR2 and BR3;
• any WAN links (including those from DataCenter or Branch to WAN) must use OSPF authentication;
• network addresses (routes) between areas must be summarised using a single address that is the smallest possible summary address to encompass the networks you have been allocated (you are to assume addresses in the summary not used in your scenario are available for expansion at a future date).

The data centre needs to have a highly-reliable design and you will note that it has two systems (routers, switches and servers) so that it can cope with a single failure. PC2 is a placeholder for management terminals and only one is shown. There are only two servers and access switches (DS3 and DS4) shown although you should assume there are many more systems to be connected to DS3 and DS4 in the future and not shown. There are no clients or servers directly connected to the distribution layer switches (DS1 and DS2). You should configure the networking so that if there is a failure of any single switch, or either router DSR1 or DSR2, then any host will still have network connectivity without any need for manual intervention. (You should assume that DSGW is a highly-fault tolerant router with dual systems and connectivity that are not shown.)

On the Access switches (DS3, DS4), the lower half of the ports (fa0/1-12) are allocated to VLAN S, the upper two of the ports (fa0/23-24) are allocated to VLAN C. VLAN M is for managing the switches and routers. Other ports are free. All ports not actually connected to a device should be shutdown.

Traffic requirements in the network are to support up to 200 Mb/s total traffic between different switches in the Data Centre. The network manager is concerned that there are not enough Gigabit ports on the Data Centre switches to support this at the moment; you should note that only Fast Ethernet ports are available to interconnect the two sides of the distribution layer switches. You have been authorised to add a maximum of one additional cable between each of the Fast Ethernet ports of the switches to maximise the capacity (ie you can add up to Ethernet five cables).

You have been told to make sensible choices with the spanning tree design (but leaving you to determine what is meant by “sensible”). You should ensure that the VLANs are managed from one switch and given the names allocated to you (S, C and M).

Task 1: Complete the Addressing Scheme.

The addressing scheme for the network is partially complete, but you will need to allocate the addresses that are blank in Table 1 according to the ranges allocated to you. Fill any blanks or single letters with values that you have been allocated; fill in the WAN addresses marked with “?” using the range allocated to you. Some blank fields will require you to work out suitable values. Any non-applicable fields marked N/A should not have entries.

Document all subnet addresses in Table 1.

Table 1

Document router/switch interface and PC addresses in Table 2.

Table 2

Task 2: Configure basic device settings.

Configure the routers and switches that you have been told to configure according to the following guidelines:

• Routers and switches should be secured against unauthorised access and passwords should be stored in a secure manner. Use only the password “cisco” in your configurations.
• There is no DNS server in the network.
• Configure a message-of-the-day banner that warns against unauthorized use and states “This router is managed by 0123456”, where 0123456 is replaced with your registration number.
• Console input should not be broken with console output messages.
• Any systems that you configure should be capable of being remotely managed using the most secure manner possible. (The systems that you should not configure have not been, and should not be, configured for remote management).

Task 3: Configure routing and router features.

Configure the routing and router features to meet the requirements in the scenario using your judgment to make sensible decisions. You should make sure that your routing is compatible with the routing already configured on BR1 and BR2. Also note that “auto-cost reference <bandwidth>” does not work in Packet Tracer. Consequently, you must set OSPF costs manually for the routing to work correctly.

Task 4: Configure switching

Configure switching as specified in the scenario using your judgement to make sensible decisions.

Configure clients and servers.

Test full connectivity (e.g. company hosts can access the Internet).

Task 5: Document certain specified parts of the configurations and include in your submitted document.

You must not include all the running configurations in your submitted document. Instead you should only show the items below from the running configurations:

• the “router OSPF” block of the running configuration for the routers DSGW and BR1
• interface specifications for configured interfaces on routers DSR1 and DSR2
• any spanning tree configuration entries for DS1 and DS2 (any command starting with spanning-tree …)
• the complete running configuration of WAN2.

Additionally, you must show the output of the following commands:

• the output of show ip route on DSGW and BR1
• the output of show spanning-tree VLAN S on DS1, DS2, DS3 and DS4 (where S is your allocated VLAN).

For the first four items above (the parts of the running configurations), add comments describing the significant features in the configuration using the “!” symbol at the start of entering a line and the description command for all interfaces.

The configurations and command output should be in a fixed width font such as this. If you are simply using this document as a template you can paste the necessary output here (with a suitable title before each one).

IT IS VITAL THAT YOUR PACKET TRACER FILE CONTAINS THE SAME CONFIGURATIONS THAT YOU SUBMIT IN THE DOCUMENT. ANY FAILURE TO DO SO WILL MEAN ZERO MARKS FOR THE DOCUMENTATION PART AND THE MARKER MAY TAKE THE LOWER OF THE FUNCTIONALITY IN EITHER OF THE CONFIGURATIONS. IF YOU SIMPLY DUMP WHOLE CONFIGURATIONS, NOT IN THE LIST ABOVE, IN YOUR SUBMITTED DOCUMENT YOU WILL SCORE ZERO FOR DOCUMENTATION.

Task 6: Explain switching and routing recovery after failure of either switch DS1 or DS2

You have implemented a resilient design in the Data Centre. If either switch DS1 or DS2 fails it should still be possible for an external host such as BPC1 to contact a server without any manual intervention.

From Server 1 ping BPC1 (or another device outside the Data Centre) and determine which router (DSR1 or DSR2) is used to send the packet beyond the Data Centre using your design. Once you have determined this you must consider what happens when the neighbouring switch fails; i.e. if DSR1 is the router to send the packet to DSGW then consider what happens when DS1 fails.

Describe the recovery from failure by explaining how the routers and switches handle the failure. You should describe the protocols that are used to recover from the failure and how they operate in the context of your network. You do not need to give details of exact messages as there are too many involved; however, you should explain in general terms the messages needed to recover from the failure.

It is recommended that you attempt this part even if you do not have a complete network design. You will still receive marks for the description.

You should aim for approximately two sides for this explanation (not including any diagrams) and it should not contain unnecessary background information. It should read as a self-contained document and have a suitable structure (i.e. an introductory paragraph and a closing paragraph). You must use references for sources that support your description and would give more information to the reader – an example might be the standards documents for protocols (e.g. RFCs) and/or a textbook. Web references are not suitable. However, IETF RFC’s are allowed (even though they are normally distributed via the web).

Marking Descriptors for Task 6