PapersSpot

Capstone Project

Abstract

This project proposal details the installation and configuration of an internet-connected and wireless LAN for a small business such as a retail store. RCC retail store sells merchandise and services to the public. Due to the past years’ increase in sales the retail store decided to move to a larger office space. The project will entail installing and configuring most aspects of RCC’s LAN and wireless network, as well as their internet connection.

The ultimate goal of the project is to have a LAN and wireless connection installed at the RCC’s new office space that meets the requirements laid out by the employer. The need to move was initiated by steady growth in sales, in which in turn means as a company, they will require expansion in several areas to meet the demand of their customers. One of the expansions includes more office space so that more employees can share the same workspace.

The scope of this project is to design the RCC’s network using the network simulation tool Packet Tracer built by Cisco. This tool provides a network simulation to practice simple and complex networks. For this project, I am using the Cisco Packet version 8.1.1. Technical support constraints of Packet Tracer were encountered during the developments of this project and I had to make some sacrifices to produce the networking technology in virtual networking environment through visual simulation.

Capstone Project

RCC retail store recently occupied an office space and have to build out a new wired and wireless network. I have been tasked on the networking infrastructure and as a project proposal, I will design the network that shows with redundant networking devices installed at the site. Since the old office space of the retail store is still using an old technology in terms of network design, the proposed new technology I bring into the system will be more stable through the redundancy setup. The following list below are the departments together with the machine counts:

• IT – 2 machines
• Sales – 10 computers
• Human Resources – 10 computers
• Finance – 20 machines
• Marketing – 15 computers

• Wireless Internal – 40 IP addresses
• Wireless Guests – 50 IP addresses

This project’s network will be highly reliable in performance because its components will be chosen from Cisco company, a major and well-regarded manufacturer. The network structure used for RCC retail store will consist of the following networking devices:

Cisco ISR4331

Cisco 3650 (Layer 3 switch) with 24 ports

Cisco 2960 switch with 24 ports

Cisco 3504 Wireless Controller

Cisco 3702i Wireless Access Point

Topology

The design model is broken into two layers: Access Layer and Distribution Layer.

Access Layer:

Another name for access layer is Interface layer, where there is a direct connection of the devices such as PCs, printers etc. to provide access to the rest of the network. In this project, this layer is made up of switches and wireless access points. Generally, this layer connects all these devices to the network and controlling which devices can communicate on the network.

Distribution Layer:

Distribution switches are typically high-performance devices that have high availability and redundancy to ensure reliability. In this project, the redundancy is in the distribution switches (DS01 and DS02).

VLANs (Virtual LANs) are configured to segment the RCC’s network. VLANs is a by-product of switching technology, allowing a LAN to be subdivided into several virtual LANs. It permits segmented traffic flow on a switch into detached subnetworks. Network information security is a very important and extensive topic which contains a large amount of information. In this project, the technology was used to update an existing network to increase the network performance, security, speed and make the RCC’s network more efficient.

Network Diagram

Below is the diagram that I have used to implement the project. Attached in the submitted folder as well its PDF file for clearer view of the diagram (Main Diagram.pdf).

IP Address Space Used

Address Space:

Network Address: 172.16.8.0/23

Address Class: B

Usable Host IP Range: 172.16.8.1 – 172.16.9.254

Broadcast Address: 172.16.9.255

Subnet Mask that was used: /26 = 255.255.255.192

Subnet and VLANs Information

Assigned IP Addresses and their Connected Devices

Device

Interface

IP Address

Subnet Mask

Default Gateway

ISP_Router

G0/0/0

30.0.0.1

255.255.255.240

30.0.0.1

 

G0/0/1

40.0.0.1

255.255.255.240

40.0.0.1

R1_Primary

G0/0/0

30.0.0.2

255.255.255.240

30.0.0.1

 

lo0

1.1.1.1

255.255.255.0

1.1.1.1

R2_Secondary

G0/0/0

40.0.0.2

255.255.255.240

40.0.0.1

 

lo0

2.2.2.2

255.255.255.0

2.2.2.1

R3

Gi0/0/1

172.16.9.40

255.255.255.192

172.16.9.1

DS01

Management IP

172.16.9.4

255.255.255.192

172.16.9.1

WLC

G1/0/9 (of DS01)

172.16.9.11

255.255.255.192

172.16.9.1

DS02

Management IP

172.16.9.5

255.255.255.192

172.16.9.1

SW01

Management IP

172.16.9.6

255.255.255.192

172.16.9.1

SW02

Management IP

172.16.9.7

255.255.255.192

172.16.9.1

SW03

Management IP

172.16.9.8

255.255.255.192

172.16.9.1

SW04

Management IP

172.16.9.9

255.255.255.192

172.16.9.1

SW05

Management IP

172.16.9.10

255.255.255.192

172.16.9.1

AP01

Fa0/24 (SW02)

172.16.9.50

255.255.255.192

172.16.9.1

AP02

Fa0/24 (SW05)

172.16.9.51

255.255.255.192

172.16.9.1

*Attached in the submitted folder as well the IP Addressing Allocation Tracking Table (IP Address Allocation Tracking Table – 172.16.8.x and 172.16.9.x.xlsx) that is useful for the RCC retail store to keep track the IP addresses used and for more flexible method of allocating IP addresses in the future.

Configuration Documentation

The default routes below were configured to the following devices:

ISP_Router:

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1/0

ip route 0.0.0.0 255.255.255.0 30.0.0.2

ip route 0.0.0.0 255.255.255.0 40.0.0.2

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0

R1_Primary:

ip route 0.0.0.0 0.0.0.0 0.0.0.0

ip route 0.0.0.0 255.255.255.240 40.0.0.1

ip route 0.0.0.0 255.255.255.240 30.0.0.1

R2_Secondary:

ip route 0.0.0.0 0.0.0.0 0.0.0.0

ip route 0.0.0.0 255.255.255.240 40.0.0.1

ip route 0.0.0.0 255.255.255.240 30.0.0.1

DS01:

ip route 0.0.0.0 0.0.0.0 0.0.0.0

DS02:

ip route 0.0.0.0 0.0.0.0 0.0.0.0

The following access control lists were configured on both R1_Primary and R2_Secondary:

R1_Primary#show access-lists

Standard IP access list ACL_120

10 permit 172.16.9.0 0.0.0.63

20 permit any

Standard IP access list ACL_130

10 permit 172.16.9.0 0.0.0.63

20 permit any

R2_Secondary#show access-lists

Standard IP access list ACL_120

10 permit 172.16.9.0 0.0.0.63

20 permit any

Standard IP access list ACL_130

10 permit 172.16.9.0 0.0.0.63

20 permit any

Spanning tree was configured and DS01 is set as the root bridge for all the VLANs:

DS01#sh spanning-tree

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0010

Spanning tree enabled protocol ieee

Root ID Priority 24586

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24586 (priority 24576 sys-id-ext 10)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0020

Spanning tree enabled protocol ieee

Root ID Priority 24596

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24596 (priority 24576 sys-id-ext 20)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0030

Spanning tree enabled protocol ieee

Root ID Priority 24606

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24606 (priority 24576 sys-id-ext 30)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0040

Spanning tree enabled protocol ieee

Root ID Priority 24616

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24616 (priority 24576 sys-id-ext 40)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0100

Spanning tree enabled protocol ieee

Root ID Priority 24676

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24676 (priority 24576 sys-id-ext 100)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Gi1/0/24 Desg FWD 4 128.24 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0110

Spanning tree enabled protocol ieee

Root ID Priority 24686

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24686 (priority 24576 sys-id-ext 110)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0120

Spanning tree enabled protocol ieee

Root ID Priority 24696

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24696 (priority 24576 sys-id-ext 120)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

VLAN0130

Spanning tree enabled protocol ieee

Root ID Priority 24706

Address 0001.6344.A71E

This bridge is the root

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 24706 (priority 24576 sys-id-ext 130)

Address 0001.6344.A71E

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 20

Interface Role Sts Cost Prio.Nbr Type

—————- —- — ——— ——– ——————————–

Gi1/0/1 Desg FWD 4 128.1 P2p

Gi1/0/4 Desg FWD 4 128.4 P2p

Gi1/0/5 Desg FWD 4 128.5 P2p

Gi1/0/6 Desg FWD 4 128.6 P2p

Gi1/0/7 Desg FWD 4 128.7 P2p

Gi1/0/8 Desg FWD 4 128.8 P2p

Gi1/0/9 Desg FWD 19 128.9 P2p

Po1 Desg FWD 3 128.29 Shr

DS01#sh spanning-tree summary

Switch is in pvst mode

Root bridge for: default Sales Human_Resources Finance Marketing Infrastructure_Management IT Wireless_Internal Wireless_Guest

Extended system ID is enabled

Portfast Default is disabled

PortFast BPDU Guard Default is disabled

Portfast BPDU Filter Default is disabled

Loopguard Default is disabled

EtherChannel misconfig guard is disabled

UplinkFast is disabled

BackboneFast is disabled

Configured Pathcost method used is short

Name Blocking Listening Learning Forwarding STP Active

———————- ——– ——— ——– ———- ———-

VLAN0001 0 0 0 10 10

VLAN0010 0 0 0 10 10

VLAN0020 0 0 0 10 10

VLAN0030 0 0 0 10 10

VLAN0040 0 0 0 10 10

VLAN0100 0 0 0 11 11

VLAN0110 0 0 0 10 10

VLAN0120 0 0 0 10 10

VLAN0130 0 0 0 10 10

The following are the configuration for DHCP to assign IP addresses to the VLANs:

ip dhcp pool VLAN_Sales

network 172.16.8.0 255.255.255.192

default-router 172.16.8.1

ip dhcp pool VLAN_Human_Resources

network 172.16.8.64 255.255.255.192

default-router 172.16.8.65

ip dhcp pool VLAN_Finance

network 172.16.8.128 255.255.255.192

default-router 172.16.8.129

ip dhcp pool VLAN_Marketing

network 172.16.8.192 255.255.255.192

default-router 172.16.8.193

ip dhcp pool VLAN_Infrastucture_Management

network 172.16.9.0 255.255.255.192

default-router 172.16.9.1

ip dhcp pool VLAN_IT

network 172.16.9.64 255.255.255.192

default-router 172.16.9.65

ip dhcp pool VLAN_Wireless_Internal

network 172.16.9.128 255.255.255.192

default-router 172.16.9.129

ip dhcp pool VLAN_Wireless_Guest

network 172.16.9.192 255.255.255.192

default-router 172.16.9.193

The following are the sample configuration for VTP:

VTP Domain: vcc.ca

DS01:

DS01#sh vtp status

VTP Version capable : 1 to 2

VTP version running : 2

VTP Domain Name : vcc.ca

VTP Pruning Mode : Disabled

VTP Traps Generation : Disabled

Device ID : 0001.638E.50C0

Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00

Local updater ID is 172.16.8.2 on interface Vl10 (lowest numbered VLAN interface found)

Feature VLAN :

————–

VTP Operating Mode : Server

Maximum VLANs supported locally : 1005

Number of existing VLANs : 13

Configuration Revision : 258

MD5 digest : 0x98 0xB4 0xA6 0x03 0xAF 0xED 0x37 0x51

0x19 0x12 0x72 0x43 0x3A 0xBB 0xE5 0x09

SW01:

SW01#show vtp status

VTP Version capable : 1 to 2

VTP version running : 2

VTP Domain Name : vcc.ca

VTP Pruning Mode : Disabled

VTP Traps Generation : Disabled

Device ID : 0007.EC04.2000

Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00

Feature VLAN :

————–

VTP Operating Mode : Client

Maximum VLANs supported locally : 255

Number of existing VLANs : 13

Configuration Revision : 258

MD5 digest : 0x98 0xB4 0xA6 0x03 0xAF 0xED 0x37 0x51

0x19 0x12 0x72 0x43 0x3A 0xBB 0xE5 0x09

The following are the IP DHCP Excluded-Addresses configured in both DS01 and DS02:

ip dhcp excluded-address 172.16.8.1

ip dhcp excluded-address 172.16.8.65

ip dhcp excluded-address 172.16.8.129

ip dhcp excluded-address 172.16.8.193

ip dhcp excluded-address 172.16.9.1

ip dhcp excluded-address 172.16.9.65

ip dhcp excluded-address 172.16.9.129

ip dhcp excluded-address 172.16.9.193

ip dhcp excluded-address 172.16.8.2

ip dhcp excluded-address 172.16.8.3

ip dhcp excluded-address 172.16.8.66

ip dhcp excluded-address 172.16.8.67

ip dhcp excluded-address 172.16.8.130

ip dhcp excluded-address 172.16.8.131

ip dhcp excluded-address 172.16.8.194

ip dhcp excluded-address 172.16.8.195

ip dhcp excluded-address 172.16.9.2

ip dhcp excluded-address 172.16.9.3

ip dhcp excluded-address 172.16.9.4

ip dhcp excluded-address 172.16.9.5

ip dhcp excluded-address 172.16.9.6

ip dhcp excluded-address 172.16.9.7

ip dhcp excluded-address 172.16.9.8

ip dhcp excluded-address 172.16.9.9

ip dhcp excluded-address 172.16.9.10

ip dhcp excluded-address 172.16.9.66

ip dhcp excluded-address 172.16.9.67

ip dhcp excluded-address 172.16.9.130

ip dhcp excluded-address 172.16.9.194

ip dhcp excluded-address 172.16.9.11

ip dhcp excluded-address 172.16.9.30

ip dhcp excluded-address 172.16.9.50

ip dhcp excluded-address 172.16.9.51

ip dhcp excluded-address 172.16.9.40

As mentioned, the redundancy is in the distribution switches (DS01 and DS02) in this project. The network redundancy has been tested wherein if the link between the distribution switch and access switch went disconnected, the back up link will take over.

Example:

Gig0/1 interface of SW02 (connected to DS01) went down, the Gig0/2 interface (connected to DS02) will take over. You can see there are a couple of dropped packets when pinging the PC between the internet and it went back online after the back up link took over the connection:

*All startup configurations for all networking devices used were also attached in the submitted folder.

Summary of Router Access Credentials

Device

Username

Password

ISP_Router

 

I$Pp@ssw0rd

 

 

 

All Management Devices

 

Cisc0Pr0j3ct

 

 

 

Wireless Controller

RCCWLC

Rccwlc123

 

 

 

Wireless_Internal

Wireless@Internal

RCCStaff22!!

 

 

 

Wireless_Guest

Wireless@Guest

RCCGuest23!!

4