Você está na página 1de 8

Network Upgrade Analysis Report

WAN and VLAN Coursework Report


University of Portsmouth
Academic Year 2013/2014
Student Number 614226
Author
Alasdair Lind
Page 1 / 8

Abstract
This report will outline the analysis for the overall network upgrade to the accounting firm.
It will state why the specific areas for upgrade within the network as requested. An
explanation of the activities required to upgrade the network along with an explanation of
the overall network design.
The report will outline why the required areas which have been outlined in the
implementation and requirements list were chosen. A detailed understanding into what
these changes will allow for with in the network. It will state why these changes are needed
and how the upgrade to the network will help improve the networks overall performance
and reliability.

Page 2 / 8

Table of Contents
1, Introduction

2, Analysis of the proposed network design


3, Explanation of the required choices chosen for the core network design
4, Explanation of implementation activities
5, Conclusion

4, 5
5, 6, 7
7, 8
8

Page 3 / 8

1, Introduction
The author has been asked to upgrade an existing network for a small accountancy firm.
The current network has sixty five users. The company are about to merge with another
company taken on a further twenty two users. After the merger their will be a total of eighty
seven users. The author has allowed for 10% increase in capacity in the future and has
stated that the new upgraded network will be able to allow for ninety nine users.
The new network has been designed to meet the requirements of the company with the
required updates as stated by the company prior to the upgrade. These factors have been
taken into consideration allowing for each specific requirement to be built into the upgrade
with room for future changes and upgrades.

2, Analysis of the proposed network design


After investigating the current network the author has decided that for simplicity, scalability,
redundancy and manageability reasons they will implement a two tier network topology
model. This model will be similar to the existing model however their will be a redundancy
switch added to the core layer. So if the main switch goes down the new core switch will
provide redundancy for the network. A second access layer switch has been added to the
access layer of the network to provide the required ports for the new users. This allows for
the network to expand in the future, making the network better and easier to manage. As
there are already sixty five employees with a further twenty two users moving into the
company a fifth access switch is required as each switch only has twenty four ports. The
extra switch will provide the required ports leaving room for expansion in the future. Every
workstation will have access to the internet as requested. The two servers in the company
which are the company server and the customer server will stay connected to access
switch one. There is no need or reason to move these servers. Both servers are able to be
accessed by the required departments. The company server will have access to the
internet as required. The departments have been split up throughout each of the five
access switches simplifying the management of the network and taking the strain of the
network. Each department has been split up into their own virtual local area network
(VLAN). This will allow for access control lists (ACLs) to be added allowing for access to
be granted or denied depending on the requirements for that specific department. Using
VLANs allows for both simple management and control of each department on the
network. The specified VLAN for the accounting partners department will work well with
the ACLs as they are the only workstations that are requiring access to the customer
Page 4 / 8

server. An ACL on their VLAN will allow access to the customers server. All the other
VLANs will have an ACL to block access to the customer server from their specific
departments.
An ACL will be put in place to allow only the accounting partners access to the customer
portal on the customer server. All other VLANs will have an ACL blocking them from
accessing the customer portal. Each workstation will be able to access the companys
home page hosted on the company server.
The hardware will be reused from the current network setup to reduce the overall cost to
the company for the upgrade. The upgrade will take place at nigh time and weekends until
the major parts of the upgrade are complete. This will stop disruption on the current
network. The new network will be configured to prevent lag improving performance by
having a redundancy connection to each device. Adding the new access switch will help
take the load off the network especially when the new users join the network. Spamming
tree will be implemented to prevent any unnecessary loops from any link which should be
quiet on the network along with stopping broadcast storms on the devices.

3, Explanation of the required choices chosen for the core network design
The core network design is a two tier model due to the size of the network for the
company. A three tier model is not required as it will over complicate the network, cost
more and require more management which is unnecessary for both the network and the
company.

All of the current equipment will be reused as the equipment can handle the required
network topology upgrade. This will also reduce the overall upgrade costs allowing for
money to be spent else were in the company. Two new switches will be required to provide
expansion to the network and redundancy for the new network topology. Both switches will
cost to begin with however the company will save money for the business overtime as the
time spent monitoring and managing the network will be reduced with less network down
time.
As mentions in section two the servers will stay connected to access_sw_1. There is no
recruitment for moving these switches as the network topology is going to be very similar.
One of the new switches will be used for access_sw_5. Adding access_sw_5 will provide
the space required for the new users to join the companys network with room for further
expansion.
Access_sw_5 will help prevent disruption to the company by reducing the network load on
Page 5 / 8

the other access switches. Core_sw_2 will be connected to each individual access switch
and core_sw_1 to provide the redundancy which is required for the network. It will require
higher technical skills to manage but will be able help handle the network load better
improving the networks reliability and performance. The router will stay where it is
providing access to the internet for the company. There is no requirement to move the
router in the new topology. The network will be a layer 2. Both of the core switches will
work on both layer 2 and 3. This will help with the reliability on the network. The network
will be a partial meshed network as you dont want the router to be connected to each
individual switch. The router only needs to be connected to core_sw_1 providing internet
access to the required devices on the network.

All of the switches will be H3C model switches. Core_sw_1 will have a static rout between
core_sw_1 to RT1 providing internet access to the network. Spanning tree protocol (STP)
with multiple spanning tree protocol (MSTP) will be implemented throughout the network
as mentioned to stop loops from causing two routes accessing one destination. It will also
step in to help provide redundancy by selecting a second rout to the same destination if
the original rout goes down. As there are a number of VLANs MSTP will group the
required VLANs together for the same route into one route. Applying STP like this will
allow for only the required VLANs to use STP instead of having STP applied for the entire
network. This will prevent disruption along with increased reliability making the network
easier to manage. It will take time to implement correctly. A more skilled technician will be
required to monitor and manage the network.

One VLAN will be implemented for each individual department. This helps control the
network preventing time loss if a VLAN goes down then only that VLAN will be affected
keeping the rest of the network operational. It will only disrupt the one department.
However if a core switch goes down this will still effect the entire network. Having separate
VLANs makes it easier to manage departments needs and requirements improving
performance. It could cost more to manage but at the same time it will save money when
another VLAN has an issue as it will not effect each department in the company. Keeping
VLANs separate makes it easier to manage ACLs as required granting or denying access
to specific parts of the network. This will allow the control of each individual departments
requirements again allowing and denying them access to the data which they should or
should not be see. Trunk VLANs will be implemented between core_sw_1, core_switch_2
and each individual access switch will have an access VLAN between the access switch
Page 6 / 8

and the workstations sending the correct data to the correct VLAN and network area. This
will provide easier management of the network providing load balancing for each device
improving performance. It will take longer to implement but having trunk ports will carry the
required VLAN information between the switches with access VLANs for each individual
department on the access switches separating the network into specific areas.
GVRP will help control the VLANs on the network by tagging any frame which has data for
a specific VLAN. GVRP will let all devices with configured information of a specific VLAN
to talk to other devices on that same VLAN dynamically. Virtual routing redundancy
protocol (VRRP) has been implemented to work with the VLANs to help reduce and stop
any point of failure on each VLAN improving performance. Doing this will make the
network more stable and reliable for the employers in each department. Meaning there is
less chance of failure or loss of data transmissions between devices. Splitting up the
departments into separate VLANs will work alongside VRRP as their will be less traffic on
a specific VLAN.

Bridge aggregation has been implemented to help with the load balancing in the network.
Bridge aggregation will work alongside the default trunked VLANs to help improving both
reliability and overall network performance. Bridge aggregation will only be implemented
on core_sw_1 and core_sw_2 switches as these are the two switches which will control
the trunked VLANs.

4, Explanation of implementation activities


Each activity required to upgrade the network has been put into order starting with RT1,
moving on to core_sw_1 then moving onto core_sw_2 before each individual access
switch. Each device first needs labelled making it easier to see which device you need to
configure. Each individual interfaces needs to be assigned the correct addresses and
brought out of shutdown to be able to allow for communication. STP then needs to be
implemented on every switch to control which packets are being sent stopping broadcast
storms. STP also helps with redundancy in the network by redundant links which provide
backup if a failure in a link arises. After which each VLAN was configured to separate
specific parts of the network with a description stating what the VLAN is. This allows for
simpler management. The appropriate VRRP and GVRP functions will require
implemented so that each VLAN can run better allowing for better network performance
and load balancing. VRRP can then help by being a backup if something happens on the
Page 7 / 8

network. Implementing these two functions will increase performance and network
reliability providing more paths in which packets can be transmitted on. Their will be
separate access VLANs to allow for separation on the network. Trunk VLANs will be used
to control the traffic between the core switches. The appropriate VLANs are configured on
each individual switch as required. All the access VLANs are configured on the required
access switches for each individual VLAN as mentioned earlier.
ACLs will then be implemented to allow and deny access for specific VLAN traffic to the
specific network areas. For example only the accounting partners are allowed access to
the customer server. All other departments will be denied access to the customer server.
The VLANs are implemented to allow for ACLs to be easily changed if required in the
future. For example if a department needs access to the customer server in the future then
they can be added to the appropriate ACL which grants this access. The company server
could also be granted access or denied access through an ACL in the future if the
company decided too. If a new server gets added it will be simple to control access
through the VLAN setup.

5, Conclusion
In conclusion the upgrade to the network will see a couple of new devices brought into the
company. However these devices will allow the network to be more reliable, scalable and
provide future expansion along with providing redundancy. The company will be able to
save money as requested by keeping a lot of the current info-structure. Separating
departments will allow for better load balancing on the network. It will also make it easier to
manage the networks requirements with in the company. Keeping it a two tier topology will
not only keep the cost down but make it easier to manage with the ability to still upgrade
the network in the future.
The network will see a difference in performance with this new structure as each
department is separated. This means any changes in the department will not disrupt the
entire network.

Overall the new network will provide better performance for the entire company with
redundancy which will help the loss of data if something happens on the network. There is
also still room for expansion on the network in the future. The network is scalable with the
option to amend or delete VLANs and add ACLs if departments requirements change.

Page 8 / 8