Scribd
Upload
45 views4 pages

Chapter3 LAN Design Expanded

Chapter_3 of my project

Uploaded by

Buhari Abubakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
45 views4 pages

Chapter3 LAN Design Expanded

Chapter_3 of my project

Uploaded by

Buhari Abubakar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

CHAPTER THREE: DESIGN AND IMPLEMENTATION

3.1 Introduction
This chapter presents the detailed design, configuration, and implementation of a Local Area
Network (LAN) for a simulated banking environment using Huawei's Enterprise Network Simulation
Platform (eNSP).
The aim is to provide segmented, secure, and redundant connectivity to multiple departments of the
bank while ensuring high availability and scalability.

The implementation follows the objectives of the project:


1. VLAN creation and segmentation.
2. Inter-VLAN routing.
3. DHCP configuration.
4. Dynamic routing using RIP.
5. Access Control using ACLs.
6. Network loop prevention using STP.
7. Link aggregation with Eth-Trunk.
8. File sharing via FTP.
9. Remote access using Telnet.

3.2 Network Design Overview

3.2.1 Hierarchical Design


The proposed LAN adopts the three-layer hierarchical model:
- Core Layer: Ensures high-speed interconnection between distribution switches and provides
redundancy.
- Distribution Layer: Performs routing between VLANs and enforces security policies.
- Access Layer: Connects end devices and provides network access to staff.

3.2.2 Departmental Structure


The bank is divided into four VLAN-based departments:
1. Finance Department
2. Human Resources (HR) Department
3. IT Department
4. Customer Service Department

3.2.3 IP Addressing Scheme


Department | VLAN ID | Subnet | Gateway IP | Host Range
Finance | 10 | 192.168.10.0/24 | 192.168.10.1 | 192.168.10.2-254
Human Resources | 20 | 192.168.20.0/24 | 192.168.20.1 | 192.168.20.2-254
IT Department | 30 | 192.168.30.0/24 | 192.168.30.1 | 192.168.30.2-254
Customer Service | 40 | 192.168.40.0/24 | 192.168.40.1 | 192.168.40.2-254

[Insert Figure 3.1: Proposed Bank LAN Topology Diagram with VLAN Labels]

3.3 Device and Software Requirements


(Huawei AR Routers, Huawei S5700 Switches, PCs, FTP/DHCP Server, eNSP software)

3.4 VLAN Configuration


Purpose: To create logical network segments for each department.
Example:
<SwitchA>
[SwitchA] vlan batch 10 20 30 40
[SwitchA-GigabitEthernet0/0/1] port link-type access
[SwitchA-GigabitEthernet0/0/1] port default vlan 10

Reasoning: Each VLAN isolates departmental traffic and assigns ports accordingly.

[Insert Screenshot: VLAN configuration in eNSP]

3.5 Inter-VLAN Routing


Purpose: To allow communication between VLANs while maintaining segmentation.
Router-on-a-Stick Example:
<Router>
[Router] interface GigabitEthernet0/0/0.10
[Router-GE0/0/0.10] vlan-type dot1q 10
[Router-GE0/0/0.10] ip address 192.168.10.1 255.255.255.0

3.6 DHCP Configuration


Purpose: Automate IP allocation for each VLAN.
Example:
[Router] dhcp enable
[Router] ip pool Finance
[Router-ip-pool-Finance] network 192.168.10.0 mask 255.255.255.0
[Router-ip-pool-Finance] gateway-list 192.168.10.1

3.7 RIP Configuration


Purpose: Provide dynamic routing for multi-router scenarios.
[Router] rip 1
[Router-rip-1] version 2
[Router-rip-1] network 192.168.10.0
[Router-rip-1] network 192.168.20.0

3.8 ACL Configuration


Restrict HR VLAN from accessing IT VLAN:
[Router] acl 2000
[Router-acl-basic-2000] rule deny source 192.168.20.0 0.0.0.255 destination 192.168.30.0 0.0.0.255
[Router-acl-basic-2000] rule permit any

3.9 STP & Eth-Trunk


STP: Prevents broadcast loops.
Eth-Trunk Example:
[SwitchA] interface Eth-Trunk 1
[SwitchA-Eth-Trunk1] trunkport GigabitEthernet0/0/1
[SwitchA-Eth-Trunk1] trunkport GigabitEthernet0/0/2

3.10 FTP & Telnet


FTP: For file sharing within departments.
Telnet: For remote device management.
[Router] telnet server enable
[Router] user-interface vty 0 4
[Router-ui-vty0-4] authentication-mode password

3.11 Testing & Verification


Test | Expected Outcome | Status
PC in VLAN 10 to VLAN 20 | Success | Pass
HR to IT VLAN | Blocked | Pass
DHCP Address Assignment | Correct Range | Pass

3.12 Summary
This expanded design demonstrates end-to-end configuration for a secure and redundant banking
LAN using Huawei eNSP.
Each configuration step was validated through testing to ensure network efficiency, scalability, and
security.

You might also like