In the figure 11, main campus data center is under System & Network administrator. The work flow of main campus data center is from the president to network Administrator it is hierarchical steps.
President
Executive Director
System & Network Administrator
Case Team
Network Administrator
Figure 2.8 The work flow of main campus data center
School of Computing & Electrical Engineering IoT, BDU 21 2.4 Work piece and work tasks I have been executing
Work tasks which I have been executing during my internship period is basic switch configuration, VLAN, VTP, Trunking configuration and Microsoft window server 2008 DNS, DHCP, IIS, FTP and active Directory.
VLAN configuration
The hierarchical topology segments the network into physical building blocks, simplifying operation and increasing availability. Each layer within the hierarchical infrastructure has a specific role. By default, switches break up collision domains and routers break up broadcast domains. The supervisor said that by creating virtual local area network (VLAN) in the distribution layer, switches break up broadcast domains in a pure switched internetwork. A VLAN is a logical grouping of network users and resources connected to administratively defined ports on a switch. He said that when you create VLANs, you’re given the ability to create smaller broadcast domains within a layer 2 switched internetworks by assigning different ports on the switch to service different sub networks. A VLAN is treated like its own subnet or broadcast domain, meaning that frames broadcast onto the network are only switched between the ports logically grouped within the same VLAN.
VLANs consists of two basic goals 1. Creating the VLAN and
2. Assigning the proper port to that VLAN
In actuality, I am very concerned with the work During the Configuring of VLANs .VLANs can be created on a VTP server switch or they can be created on each individual switches but in the BDU campus area network created all VLNs on VTP server switches which makes it more manageable and scalable. I have chosen the distribution layer switches to operate on a VTP server mode and I have made all the access switches to operate in VTP clients, Hence All the VLANs configured in distribution switch will be propagated to all the respected access switches.
Note: By default, all VLANs are allowed on all trunks. You can explicitly control which VLANs are allowed on a trunk by using the switchport trunk allowed vlan vlan-id command on the interface at each end of the trunk. In addition, it can specify a native VLAN other than the
School of Computing & Electrical Engineering IoT, BDU 22 default VLAN 1, using the switchport trunk native vlan vlan-id command. These two measures can help reduce the possibility of VLAN attacks.
The Fast Ethernet ports connected to the hosts on the network can be set up as static access because they are not to be used as trunk ports. Use the switchport mode access command to set the access mode
VTP
VTP stands for VLAN trunking protocol VTP is a Cisco proprietary Layer 2 messaging protocol
that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Cisco's VLAN Trunk Protocol reduces administration loads in a switched network. When a new VLAN is created on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP provides the following benefits:
• VLAN configuration consistency across the network
• Mapping scheme that allows a VLAN to be trunked over mixed media
• Accurate tracking and monitoring of VLANs
• Dynamic reporting of added VLANs across the network
• Plug-and-play configuration when adding new VLANs
A VTP domain, also called a VLAN management domain, consists of trunked switches that are under the administrative responsibility of a switch or switches in server VTP mode. A switch can be in only one VTP domain with the same VTP domain name. The default VTP mode for the 2960 and 3560 switches is server mode. VLAN information is not propagated until a domain name is specified and trunks are set up between the devices.
School of Computing & Electrical Engineering IoT, BDU 23 The following table describes the three VTP modes.
VTP Mode Description
VTP server
You can create, modify, and delete VLANs and specific other configuration parameters, such as VTP version and VTP pruning, for the entire VTP domain.VTP servers advertise their VLAN configuration to other switches in the same VTP domain and synchronize their VLAN configuration with other switches based on advertisements received over trunk links.
VTP server is the default mode.
VTP client VTP clients behave the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.
VTP transparent
VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration nor synchronize its VLAN configuration based on received advertisements. Transparent switches do forward VTP advertisements that they receive out their trunk ports in VTP Version 2.
Table 2.2 .Description of VTP mode Trunk
Trunking is a process of connecting switches together so that they can send VLAN information between each other. A trunk port is a point to point connection between switches, a switch and a router, or even a switch and a server, and it carries the traffic of multiple VLANS.
School of Computing & Electrical Engineering IoT, BDU 24 Configuration of trunk involves identifying trunk ports and selecting the encapsulation type.
Identifying the trunk ports is a useful task in such a way that it eases VLAN configuration and administration.
He remained that, all the uplink ports connecting access switches to distribution switches, distribution switches to core switches, edge switches to core switches and DMZ switches to core switches are set to be trunk ports.
Ports on the 2960 and 3560 switches are set to dynamic auto by default. This means that they are willing to negotiate a trunk with the neighbor; however, if both sides are set to dynamic auto, the link will remain in access mode. This can be done by configuring one end of the trunk using the switchport mode trunk command. On the 3560 switches, I also need to configure the trunk encapsulation with the switchport trunk encapsulation command. The 3560 switch can use either Inter-Switch Link (ISL) or 802.1Q encapsulation, whereas the 2960 switch only supports 802.1Q.
DHCP
I spend some more time working on Dynamic host configuration protocol DHCP is defined in RFC 2131 and is built around a client/server model—hosts requesting IP addresses use a DHCP client, whereas address assignment is handled by a DHCP server.
Hosts can be manually configured to use a static IP address, subnet mask, default gateway address, and so on. That might be appropriate for some devices, such as servers, which would need stable and reserved addresses. For the majority of end user devices, static address assignment can become a huge administrative chore. Because DHCP is a dynamic mechanism, IP addresses are offered on a leased basis. Before the offered lease time expires, the client must try to renew its address; otherwise, that address may be offered up to a different client.
DHCP Design Considerations
• DHCP servers which in BDU are the distribution switches. The distribution switches are configured as a DHCP server because DHCP is designed to work within a broadcast domain. They offer the client devices in the BDU network IP address, subnet mask, and default gateway address from the respective
School of Computing & Electrical Engineering IoT, BDU 25
• DHCP excluded addresses within the IP subnet that should be reserved and not offered to clients
• DHCP pool uses a text string pool-name to define the pool or scope of addresses that will be offered. The network command identifies the IP subnet and subnet mask of the address range. The subnet should be identical to the one configured on the Layer 3 interface.
• The DHCP leas time ………..
• The DNS name of the university is
• The IP address for the DNS server is Network Address Translation
Furthermore, another lesson I have learned during my internship period at Main Campus Datacenter is that the internet is expanding at an exponential rate. As the amount of information and resources increases, it is becoming a requirement for even the smallest businesses and homes to connect to the Internet. Network Address Translation (NAT) is a method of connecting multiple computers to the internet (or any other IP network) using one IP address. This allows home users and small businesses to connect their network to the Internet cheaply and efficiently.
The impetus towards increasing use of NAT comes from a number of factors:
A world shortage of IP addresses
Security needs
Ease and flexibility of network administration
The rest of the internship period was spend working on Microsoft server 2008 configuration like DNS, DHCP, IIS, Active directory and FTP server with my supervisor. In fact, it was a very important experience to me because it expanded my practical knowledge and helped me to develop new practical skills and abilities.
Microsoft Window Server 2008 Active Directory Domain Services
Active Directory domain services are used primarily to manage Users and Resource management across Enterprise infrastructures spanning the physical subnets across the globe. Active Directory domain provides distributed database to store and manage application data, user data and computer data respectively.
School of Computing & Electrical Engineering IoT, BDU 26 Active directory structure comprises of Single forest, with multiple domains and child domains.
Administrator can configure active directory domain based on the physical subnets, it is advisable to install directory server on the physical site.
Active directory provides different security boundaries in the form of a) Forest
b) Domain
c) Organizational Units
AD plays two basic functions within a network: that of a directory service containing a hierarchical listing of all the objects within the network, and that of an authentication and security service that controls and provides access to network resources. These two roles are different in nature and focus, but they combine together to provide increased user capabilities while decreasing administrative overhead.
The Active Directory itself is defined by a schema that indicates how each object is represented within the data store. For example, a user object has, among other things, a first name, last name, logon name, e-mail address, and password. If you’re familiar with databases, you should already be familiar with the term schema since a database schema refers to the structure of the database in the same way the Active Directory schema defines the Active Directory’s structure.
Domain Name System (DNS) is a system for naming computers and network services that maps those names to network addresses and organizes them into a hierarchy of domains. DNS naming is used on TCP/IP networks, such as the Internet and most corporate networks, to locate computers and services by using user-friendly names. When a user enters the DNS name of a computer in an application, DNS can look up the name and provide other information that is associated with the computer, such as its IP address or services that it provides for the network.
This process is called name resolution.
Name systems, such as DNS, make it easier to use network resources by providing users with a way to refer to a computer or service by a name that is easy to remember. DNS looks up that name and provides the numeric address that operating systems and applications require to identify the computer on a network.
School of Computing & Electrical Engineering IoT, BDU 27 2.5 Procedures I have been following while performing my tasks
Procedures I have been using during my internship period in BDU, main campus data center performing my tasks are:-
1. Analyze each network hardware equipments in data center 2. Identified the three layer Campus hierarchical network model 3. Analyze Cisco switch command
4. Configuration of distribution layer switch 5. Configuration of access layer switch
In the first month of my internship program, it was all about study technical details regarding the application of each network hardware infrastructure in the data center as well as identified the Identified the three layers Campus hierarchical network model. While the procedures which carried out during the second month is from analyzing Cisco switch command to the study of VLAN, VTP, Trunk and configuration of distribution and access layer switch.