The aim of this assignment is to become familiar with subnet masking and designing small networks for fictitious organizations.
Imagine you work for a firm which provides system administration and networking services to organizations.
One day an organization which runs a hotel contracts to your organization. They provide the attached plans.
The hotel has a class C public address space. The network number is 22.214.171.124/24. The hotel provides a number of eatery, office, accommodation and conference like services. This particular organization would like to claim that all facilities have access to the Internet.
The Hotel has the following features.
1. 90 hotel rooms which have access to the Internet, spread over 5 floors (that is five floors of hotel rooms). Each room is to have one fixed Ethernet interface. Please note on each floor there is a hotelroom which has got an attached bedroom. That room will also require a fixed Ethernet connection.
2. Each floor consisting of hotel rooms has a rack in a communications closet – there is a suitable riser between floors.
3. A large conference room capable of housing up to 15 fixed users is located the ground floor. Fixed networking is required in this room.
4. The owners of the hotel recommend supporting up to 200 wireless users concurrently. Users of such facilities should have access to the Internet through out all floors of the hotel.
5. The hotel has a small office that manages reservations and the hotel’s programs/ facilities. There are no more than 20 people in these offices (very crowded) requiring access to the Internet. These offices are situated on the ground floor and are directly attached to the Administrative Offices.
6. The hotel wishes to have Internet functionality in the lobby bar providing customers with access to the Internet. There would be no more than 5 concurrent customers – these are built into the tables adjacent to the concierge desks.
7. The concierge and reception tables will require at least 3 network connections each.
8. The hotel also wishes to have machine room. The machine room would have no more than 16 hosts and is situated on the ground floor in the communications room.
CSCI322 SIM 2016 – Assignment Three Page 2
9. Your carrier gives you a high end DSL (perhaps a Juniper) router that advertises your network to the rest of the world. The external interface of your router will be bound to an address, which you nominate from your address space. The internal interface of the router should connect directly to your routing core. You not need to worry about routing from the outside world’s perspective. But you will need to worry about routing for your entire internal network. You should advise your infrastructure that the public interface is you default gateway.
A basic floor plan is attached.
You now know what the hotel requires in terms of connectivity. Using this partial specification, proposes a structure for the network to be used by the hotel. Your design of the network should describe the infrastructure you have and how it is connected from both a Layer 1 perspective. Some of the considerations to address include:
1. Do have switches on each floor?
2. How will these switches be connected to one another?
3. What kind of switches do you plan to use?
4. What media will you use to connect edge devices to the switches and/or routers?
5. What kind of routers will you use?
6. How many interfaces will they have of what type?
7. How will you distribute the cabling up the floors of the building and within the floors?
8. What components will you need in addition to the switches and routers required?
Once you have done a physical design of the network you are then to define a network structure. When doing this you are to work out network numbers and sizes along with the number of routers you wish to have. You should provide a logical diagram of this.
Once a design is complete for each device you are to provide a configuration – as this hotel has an alliance with Cisco you can assume you will be using Cisco kit. You will need to outline the routing rules you put in place (only inside and default gateway). You should aim to use as much of your address space as possible but you MAY need to use NAT/PAT.
You will also need to nominate an address for a DHCP server for both wired and wireless infrastructure, you can use the DHCP servers on the switches. You will need to set up these DHCP servers the DHCP can come hosted in the machine room. Your network configuration should include what’s needed to support this from a routing/ switching perspective.
To do this task you will have to make assumptions as to security, segmentation, isolation and other aspects.
For each assumption you make be sure justify it using common sense and/or evidence provided above. You are free to use VLANS and VLAN trunking protocols such as 802.1q where appropriate.
You will need to define appropriate ACL’s on your infrastructure. The rules are as follows:
1. Users on wireless or the open nodes adjacent to the concierge’s desk should not be able to access the hotels corporate networks.
2. Users on the hotels corporate network should only be able to talk to the machine room using protocols
DNS, DHCP, HTTP, HTTPS and SSH.
CSCI322 SIM 2016 – Assignment Three Page 3
Finally you will need to set up a DNS server. The server should be in the machine room network and assigned a static address. The server will be accessible from both inside and outside the hotel. The server will have forward and reverse zones, the forward zone will be myhotel.net. The DNS server should have a secondary server in the machine room network which is a replica of the primary. For now you can leave the zone empty. Please document your configuration.
Once complete you should submit your design documentation in ass3.pdf.