Capstone Project
Abstract
This project proposal details the installation and configuration of an internet-connected and wireless LAN for a small business such as a retail store. RCC retail store sells merchandise and services to the public. Due to the past years’ increase in sales the retail store decided to move to a larger office space. The project will entail installing and configuring most aspects of RCC’s LAN and wireless network, as well as their internet connection.
The ultimate goal of the project is to have a LAN and wireless connection installed at the RCC’s new office space that meets the requirements laid out by the employer. The need to move was initiated by steady growth in sales, in which in turn means as a company, they will require expansion in several areas to meet the demand of their customers. One of the expansions includes more office space so that more employees can share the same workspace.
The scope of this project is to design the RCC’s network using the network simulation tool Packet Tracer built by Cisco. This tool provides a network simulation to practice simple and complex networks. For this project, I am using the Cisco Packet version 8.1.1. Technical support constraints of Packet Tracer were encountered during the developments of this project and I had to make some sacrifices to produce the networking technology in virtual networking environment through visual simulation.
Capstone Project
RCC retail store recently occupied an office space and have to build out a new wired and wireless network. I have been tasked on the networking infrastructure and as a project proposal, I will design the network that shows with redundant networking devices installed at the site. Since the old office space of the retail store is still using an old technology in terms of network design, the proposed new technology I bring into the system will be more stable through the redundancy setup. The following list below are the departments together with the machine counts:
• IT – 2 machines
• Sales – 10 computers
• Human Resources – 10 computers
• Finance – 20 machines
• Marketing – 15 computers
• Wireless Internal – 40 IP addresses
• Wireless Guests – 50 IP addresses
This project’s network will be highly reliable in performance because its components will be chosen from Cisco company, a major and well-regarded manufacturer. The network structure used for RCC retail store will consist of the following networking devices:
Cisco ISR4331
Cisco 3650 (Layer 3 switch) with 24 ports
Cisco 2960 switch with 24 ports
Cisco 3504 Wireless Controller
Cisco 3702i Wireless Access Point
Topology
The design model is broken into two layers: Access Layer and Distribution Layer.
Access Layer:
Another name for access layer is Interface layer, where there is a direct connection of the devices such as PCs, printers etc. to provide access to the rest of the network. In this project, this layer is made up of switches and wireless access points. Generally, this layer connects all these devices to the network and controlling which devices can communicate on the network.
Distribution Layer:
Distribution switches are typically high-performance devices that have high availability and redundancy to ensure reliability. In this project, the redundancy is in the distribution switches (DS01 and DS02).
VLANs (Virtual LANs) are configured to segment the RCC’s network. VLANs is a by-product of switching technology, allowing a LAN to be subdivided into several virtual LANs. It permits segmented traffic flow on a switch into detached subnetworks. Network information security is a very important and extensive topic which contains a large amount of information. In this project, the technology was used to update an existing network to increase the network performance, security, speed and make the RCC’s network more efficient.
Network Diagram
Below is the diagram that I have used to implement the project. Attached in the submitted folder as well its PDF file for clearer view of the diagram (Main Diagram.pdf).
IP Address Space Used
Address Space:
Network Address: 172.16.8.0/23
Address Class: B
Usable Host IP Range: 172.16.8.1 – 172.16.9.254
Broadcast Address: 172.16.9.255
Subnet Mask that was used: /26 = 255.255.255.192
Subnet and VLANs Information
Assigned IP Addresses and their Connected Devices
Device
Interface
IP Address
Subnet Mask
Default Gateway
ISP_Router
G0/0/0
30.0.0.1
255.255.255.240
30.0.0.1
G0/0/1
40.0.0.1
255.255.255.240
40.0.0.1
R1_Primary
G0/0/0
30.0.0.2
255.255.255.240
30.0.0.1
lo0
1.1.1.1
255.255.255.0
1.1.1.1
R2_Secondary
G0/0/0
40.0.0.2
255.255.255.240
40.0.0.1
lo0
2.2.2.2
255.255.255.0
2.2.2.1
R3
Gi0/0/1
172.16.9.40
255.255.255.192
172.16.9.1
DS01
Management IP
172.16.9.4
255.255.255.192
172.16.9.1
WLC
G1/0/9 (of DS01)
172.16.9.11
255.255.255.192
172.16.9.1
DS02
Management IP
172.16.9.5
255.255.255.192
172.16.9.1
SW01
Management IP
172.16.9.6
255.255.255.192
172.16.9.1
SW02
Management IP
172.16.9.7
255.255.255.192
172.16.9.1
SW03
Management IP
172.16.9.8
255.255.255.192
172.16.9.1
SW04
Management IP
172.16.9.9
255.255.255.192
172.16.9.1
SW05
Management IP
172.16.9.10
255.255.255.192
172.16.9.1
AP01
Fa0/24 (SW02)
172.16.9.50
255.255.255.192
172.16.9.1
AP02
Fa0/24 (SW05)
172.16.9.51
255.255.255.192
172.16.9.1
*Attached in the submitted folder as well the IP Addressing Allocation Tracking Table (IP Address Allocation Tracking Table – 172.16.8.x and 172.16.9.x.xlsx) that is useful for the RCC retail store to keep track the IP addresses used and for more flexible method of allocating IP addresses in the future.
Configuration Documentation
The default routes below were configured to the following devices:
ISP_Router:
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1/0
ip route 0.0.0.0 255.255.255.0 30.0.0.2
ip route 0.0.0.0 255.255.255.0 40.0.0.2
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0/0
R1_Primary:
ip route 0.0.0.0 0.0.0.0 0.0.0.0
ip route 0.0.0.0 255.255.255.240 40.0.0.1
ip route 0.0.0.0 255.255.255.240 30.0.0.1
R2_Secondary:
ip route 0.0.0.0 0.0.0.0 0.0.0.0
ip route 0.0.0.0 255.255.255.240 40.0.0.1
ip route 0.0.0.0 255.255.255.240 30.0.0.1
DS01:
ip route 0.0.0.0 0.0.0.0 0.0.0.0
DS02:
ip route 0.0.0.0 0.0.0.0 0.0.0.0
The following access control lists were configured on both R1_Primary and R2_Secondary:
R1_Primary#show access-lists
Standard IP access list ACL_120
10 permit 172.16.9.0 0.0.0.63
20 permit any
Standard IP access list ACL_130
10 permit 172.16.9.0 0.0.0.63
20 permit any
R2_Secondary#show access-lists
Standard IP access list ACL_120
10 permit 172.16.9.0 0.0.0.63
20 permit any
Standard IP access list ACL_130
10 permit 172.16.9.0 0.0.0.63
20 permit any
Spanning tree was configured and DS01 is set as the root bridge for all the VLANs:
DS01#sh spanning-tree
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0010
Spanning tree enabled protocol ieee
Root ID Priority 24586
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24586 (priority 24576 sys-id-ext 10)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0020
Spanning tree enabled protocol ieee
Root ID Priority 24596
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24596 (priority 24576 sys-id-ext 20)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0030
Spanning tree enabled protocol ieee
Root ID Priority 24606
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24606 (priority 24576 sys-id-ext 30)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0040
Spanning tree enabled protocol ieee
Root ID Priority 24616
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24616 (priority 24576 sys-id-ext 40)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0100
Spanning tree enabled protocol ieee
Root ID Priority 24676
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24676 (priority 24576 sys-id-ext 100)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Gi1/0/24 Desg FWD 4 128.24 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0110
Spanning tree enabled protocol ieee
Root ID Priority 24686
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24686 (priority 24576 sys-id-ext 110)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0120
Spanning tree enabled protocol ieee
Root ID Priority 24696
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24696 (priority 24576 sys-id-ext 120)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
VLAN0130
Spanning tree enabled protocol ieee
Root ID Priority 24706
Address 0001.6344.A71E
This bridge is the root
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 24706 (priority 24576 sys-id-ext 130)
Address 0001.6344.A71E
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
—————- —- — ——— ——– ——————————–
Gi1/0/1 Desg FWD 4 128.1 P2p
Gi1/0/4 Desg FWD 4 128.4 P2p
Gi1/0/5 Desg FWD 4 128.5 P2p
Gi1/0/6 Desg FWD 4 128.6 P2p
Gi1/0/7 Desg FWD 4 128.7 P2p
Gi1/0/8 Desg FWD 4 128.8 P2p
Gi1/0/9 Desg FWD 19 128.9 P2p
Po1 Desg FWD 3 128.29 Shr
DS01#sh spanning-tree summary
Switch is in pvst mode
Root bridge for: default Sales Human_Resources Finance Marketing Infrastructure_Management IT Wireless_Internal Wireless_Guest
Extended system ID is enabled
Portfast Default is disabled
PortFast BPDU Guard Default is disabled
Portfast BPDU Filter Default is disabled
Loopguard Default is disabled
EtherChannel misconfig guard is disabled
UplinkFast is disabled
BackboneFast is disabled
Configured Pathcost method used is short
Name Blocking Listening Learning Forwarding STP Active
———————- ——– ——— ——– ———- ———-
VLAN0001 0 0 0 10 10
VLAN0010 0 0 0 10 10
VLAN0020 0 0 0 10 10
VLAN0030 0 0 0 10 10
VLAN0040 0 0 0 10 10
VLAN0100 0 0 0 11 11
VLAN0110 0 0 0 10 10
VLAN0120 0 0 0 10 10
VLAN0130 0 0 0 10 10
The following are the configuration for DHCP to assign IP addresses to the VLANs:
ip dhcp pool VLAN_Sales
network 172.16.8.0 255.255.255.192
default-router 172.16.8.1
ip dhcp pool VLAN_Human_Resources
network 172.16.8.64 255.255.255.192
default-router 172.16.8.65
ip dhcp pool VLAN_Finance
network 172.16.8.128 255.255.255.192
default-router 172.16.8.129
ip dhcp pool VLAN_Marketing
network 172.16.8.192 255.255.255.192
default-router 172.16.8.193
ip dhcp pool VLAN_Infrastucture_Management
network 172.16.9.0 255.255.255.192
default-router 172.16.9.1
ip dhcp pool VLAN_IT
network 172.16.9.64 255.255.255.192
default-router 172.16.9.65
ip dhcp pool VLAN_Wireless_Internal
network 172.16.9.128 255.255.255.192
default-router 172.16.9.129
ip dhcp pool VLAN_Wireless_Guest
network 172.16.9.192 255.255.255.192
default-router 172.16.9.193
The following are the sample configuration for VTP:
VTP Domain: vcc.ca
DS01:
DS01#sh vtp status
VTP Version capable : 1 to 2
VTP version running : 2
VTP Domain Name : vcc.ca
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0001.638E.50C0
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00
Local updater ID is 172.16.8.2 on interface Vl10 (lowest numbered VLAN interface found)
Feature VLAN :
————–
VTP Operating Mode : Server
Maximum VLANs supported locally : 1005
Number of existing VLANs : 13
Configuration Revision : 258
MD5 digest : 0x98 0xB4 0xA6 0x03 0xAF 0xED 0x37 0x51
0x19 0x12 0x72 0x43 0x3A 0xBB 0xE5 0x09
SW01:
SW01#show vtp status
VTP Version capable : 1 to 2
VTP version running : 2
VTP Domain Name : vcc.ca
VTP Pruning Mode : Disabled
VTP Traps Generation : Disabled
Device ID : 0007.EC04.2000
Configuration last modified by 0.0.0.0 at 3-1-93 00:00:00
Feature VLAN :
————–
VTP Operating Mode : Client
Maximum VLANs supported locally : 255
Number of existing VLANs : 13
Configuration Revision : 258
MD5 digest : 0x98 0xB4 0xA6 0x03 0xAF 0xED 0x37 0x51
0x19 0x12 0x72 0x43 0x3A 0xBB 0xE5 0x09
The following are the IP DHCP Excluded-Addresses configured in both DS01 and DS02:
ip dhcp excluded-address 172.16.8.1
ip dhcp excluded-address 172.16.8.65
ip dhcp excluded-address 172.16.8.129
ip dhcp excluded-address 172.16.8.193
ip dhcp excluded-address 172.16.9.1
ip dhcp excluded-address 172.16.9.65
ip dhcp excluded-address 172.16.9.129
ip dhcp excluded-address 172.16.9.193
ip dhcp excluded-address 172.16.8.2
ip dhcp excluded-address 172.16.8.3
ip dhcp excluded-address 172.16.8.66
ip dhcp excluded-address 172.16.8.67
ip dhcp excluded-address 172.16.8.130
ip dhcp excluded-address 172.16.8.131
ip dhcp excluded-address 172.16.8.194
ip dhcp excluded-address 172.16.8.195
ip dhcp excluded-address 172.16.9.2
ip dhcp excluded-address 172.16.9.3
ip dhcp excluded-address 172.16.9.4
ip dhcp excluded-address 172.16.9.5
ip dhcp excluded-address 172.16.9.6
ip dhcp excluded-address 172.16.9.7
ip dhcp excluded-address 172.16.9.8
ip dhcp excluded-address 172.16.9.9
ip dhcp excluded-address 172.16.9.10
ip dhcp excluded-address 172.16.9.66
ip dhcp excluded-address 172.16.9.67
ip dhcp excluded-address 172.16.9.130
ip dhcp excluded-address 172.16.9.194
ip dhcp excluded-address 172.16.9.11
ip dhcp excluded-address 172.16.9.30
ip dhcp excluded-address 172.16.9.50
ip dhcp excluded-address 172.16.9.51
ip dhcp excluded-address 172.16.9.40
As mentioned, the redundancy is in the distribution switches (DS01 and DS02) in this project. The network redundancy has been tested wherein if the link between the distribution switch and access switch went disconnected, the back up link will take over.
Example:
Gig0/1 interface of SW02 (connected to DS01) went down, the Gig0/2 interface (connected to DS02) will take over. You can see there are a couple of dropped packets when pinging the PC between the internet and it went back online after the back up link took over the connection:
*All startup configurations for all networking devices used were also attached in the submitted folder.
Summary of Router Access Credentials
Device
Username
Password
ISP_Router
I$Pp@ssw0rd
All Management Devices
Cisc0Pr0j3ct
Wireless Controller
RCCWLC
Rccwlc123
Wireless_Internal
Wireless@Internal
RCCStaff22!!
Wireless_Guest
Wireless@Guest
RCCGuest23!!
4