SIX MONTHS MAJOR PROJECT REPORT ON

10 G CAMPUS NETWORK
DESIGN
SUBMITTED IN PARTIAL FULFILMENT FOR AWARD DEGREE OF

BACHELOR OF TECHNOLOGY
IN

COMPUTER SCIENCE & ENGINEERING

BY
SHUBHAJIT MUKHERJEE
(1246469)

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

MALOUT INSTITUTE OF MANAGEMENT & INFORMATION
TECHNOLOGY, MALOUT

MAY 2016

CERTIFICATE
This is to certify that the project entitled Campus Network Design is the bonafide
work carried out by Shubhajit Mukherjee student of B.Tech. (CSE), Punjab Technical
University, Jalandhar during the year fourth, in partial fulfillment of the requirements for
the award of the Degree of Bachelor of Technology and the project has not formed the
basis for the award previously of any degree, diploma, associate-ship, fellowship or any
other similar title to the best of my knowledge.

Er.VIKAS GOYAL
(Assistant Professor)
Department of Computer Sc. & Engineering

ii

ABSTRACT
10 G Campus Network Design is a Network design of an organization which is
developed to optimize the present structure of network. In new campus network we have
a particular network for each department and admin can manage all the device of network
from anywhere in the network. It is being developed in Shaheed Bhagat Singh State
Technical Campus (Firozpur), to optimize the present network. That makes the campus
network faster, more secure and it provide the isolation between the two departments of
our campus. Another goal is to make the project manageable by dividing it into modules
that can be more easily maintained and change. That provides the privacy between
respective departments. That makes the communication quiet fast between the server and
the users in the campus area. The administrator can manage the network easily because of
Campus Network Design is designed in according to cisco hierarchical model structure.

Keywords: Logging synchronous, Sub-Interfaces, Network Address Translation, Routing

Protocols.

iii

ACKNOWLEDGEMENT
th

I student of CSE (8 Semester) is here to present the project report on 10 G Campus

Network Design using concept of computer networking. My project coordinator is Er.
Chandan Aggarwal, Sr. Executive Solutions Support, D-Link India Ltd. (Chd.) and I
would like to pay my sincere thanks to him as he guided me and made himself available
whenever I needed his help in preparing my project and hence project has been a
successful one. The whole procedure went under consideration of our head of department
Er. Sonia Sharma. I pay our warm regards to her for showing her keen interest towards
my project. In the last but not the least, I want to thank my Parents, without the grace of
whom nothing is possible.

Shubhajit Mukherjee

iv

TABLE OF CONTENTS
CHAPTER NO. TITLE

1.

2.

3.

PAGE NO.

Certificate

ii

Abstract

iii

Acknowledgement

iv

Table of Contents

v-vi

List of Figures

vii

INTRODUCTION

1-3

1.1. Description

1.2. Purpose

1.3. Scope

1.4. Technology Used

1.5. Overview

FEASIBILITY STUDY

4-5

2.1. Working of present system

2.2. Drawback of present system

2.3. Proposed system

2.4. Economic feasibility

TECHNOLOGY USED

6-14

3.1. Virtual Local Area Network

3.2. Inter Virtual Local Area Network Routing

3.3. Virtual Local Area Trunking Protocol

3.4. Routing Protocols

10

3.5. Network Address Translation

10

3.6. Access Control List

11

3.6.1. Standard Access Control List

13

3.6.2. Extended Access Control List

13

3.7.Virtual LAN Access Control List

4.

INTRODUCTION TO DEVICES
v

14
15-18

5.

4.1. Router

15

4.2. Switch

16

4.3. Networking Cables

17

4.3.1. Twisted pair

17

4.3.2. Fiber optic cable

17

4.3.3. Coaxial cable

17

4.3.4. Ethernet (crossover) cable

18

HARDWARE & SOFTWARE

19

REQUIREMENT

6.

5.1. Hardware requirement

19

5.2. Software requirement

19

METHODOLOGY OF WORK
6.1. Connection between routers to devices

20

6.2. Sub-interfaces and VLAN

20

6.3. Network Management Software (NMS)

20

6.3.1. D-View 7.0 new features

6.4. Configuration of routers and switches.
7.

8.

9.

20-22

PROJECT DESCRIPTION

21
22
23-24

7.1. About the project

23

7.2. Advantages of campus network design

23

CONCLUSION AND SCOPE

25

8.1. Conclusion

25

8.2. Scope

25

APPENDICES

26-47

9.1. Screen-Shots

26

REFERENCES

27

vi

LIST OF FIGURES
S.No.

Fig. No.

Description

Page No.

1.

Fig. 1.1.

Cisco 3 Layer Hierarchical Model

2.

Fig. 3.1.

IVR with separate interface

3.

Fig. 3.2.

IVR with sub interface

4.

Fig. 3.3.

Use of trunk port

5.

Fig. 3.4.

Routing protocols

10

6.

Fig. 3.5.

Network Address Translation

11

7.

Fig. 3.6.

Implementation of ACL

13

8.

Fig. 4.1.

Router

15

9.

Fig. 4.2.

Switch

16

10.

Fig. 6.3.1

Network Management Software window

21

11.

Fig. 6.3.2

Topology Diagram

22

vii

CHAPTER 1
INTRODUCTION
1.1 Description
A campus network is a proprietary local area network (LAN) serving an
organization.

College

and

university

campus

networks

interconnect

administrative buildings, academic halls, or associated building, etc. The

networking equipments and transmission media are almost entirely owned by the
campus owner: an enterprise, university, government etc.
Campus Network Design defines the network structure of a campus. MIMIT
already has a computer network infrastructure to support various activities both
administrative and academic. Infrastructure that was built has been covering all
areas of the building and the floor. With increasing number of users, the network
is getting complex, which results in heavy network traffic and loops and there is
need to optimize the network infrastructure.
The new network infrastructure that is built must guarantee the quality of
services, reliable, scalable and support future expansions. The network design is
the most important and critical parts before developing a new network
infrastructure. Analysis of user and network requirement has been done to design
the network.

1.2 Purpose
The purpose of this project is as follows:

This project is for Optimization of the current Network Structure..

The bandwidth can be used efficiently.

Reduce the loop occurrences.

Increase reliability.

It provides following facilities to:

1

Admin

Can manage the users in the network easily.

Remote access to all devices.

Easily add or removes new departments or building network.

Users

Decrease congestion.

Increased throughput.

Privacy.

Better security

1.3 Scope
The different areas where this system can be used:

In college campuses where there are number of departments.

It can be used in offices and modifications can be easily done according to

requirements.

1.4 Technology Used

Virtual Lan

Sub Interfaces

Inter Virtual Lan Routing

Routing Protocols

Access Control List

Network Access Translator

Virtual Local Area ACL

1.5 Overview
10 G Campus Network Design is developed according after the study of the
current network structure and its problem like congestion, looping.
2

Project is related to Cisco three-Layer Hierarchical Model. The building block

components of hierarchical structure network are the core layer, the distribution
layer and the access layer.
Core layer is the backbone layer of network running with high speed switching
and transfers larger amount of data, also handle the requests of distribution layer.
This layer has high Speed devices like high end routers and switches with large
modules with layer-2 and layer-3 functionality.
The distribution layer is the isolation point between the networks access layer
and core layers. Distribution layer is used for policy base services, normally
having layer-2 switching devices.
Access layer is the lower layer of Cisco 3-layer model running different networks
services and also responsible for providing access to different network resources.
This is our local and remote workgroup-access that is providing access to
different services like workgroups, WAN connectivity [5].

Fig. 1.1. Cisco 3 layer Hierarchical Model

CHAPTER 2
FEASIBILITY STUDY
In feasibility study phase we had undergone through various steps which are
Described as under:
1. Identify the origin of the information at different level.
2. Analyze the drawback of existing system (manual) system.

2.1 Working of present system

Present network structure is not well structured.

There are no VLan for each department all department are

interconnected i.e. in present network structure all users of various
departments are in same VLan or VLan 1.

In present system Access Control List is not implemented or used.

In present system not used a port security features.

2.2 Drawbacks of present system

In campus network the http request generated by a single end user firstly
move throughout the network and then reaches the server.

Due to which network congestion occur and loops are generated in

the network. This decreases the throughput of the network.

Due to the lack of different VLans for the different departments

decreases the security between two departments.

Lack of security on ports of the network switches.

Complex to expand the network in any specific way.

2.3 Proposed system

There will be major components of the system:
1. Use a cisco hierarchical model approach.
2. Different virtual local area networks for different departments.
3. Sub-Interfaces on router to reduce the cost.
4. Port Security to increase the security.

5. Remotely access of network devices to easily manage network from

anywhere through internet.
Proposed system provide following solution:
Integrated Security
- E2ES (End-to-End Security)
High Availability
- From H/W to S/W, robust L2 to L3 design
QoS
- Comprehensive traffic classification & prioritization
Manageability
- Solutions designed for SMB & big enterprise/campus networks
Green Ethernet
- Reduce IT costs and minimize the environmental impact
Affordability
IPv6 Ready from day 1 as per GR

2.3Economic feasibility
In the proposed system I used the technology through which we can reduce the
hardware devices and increase the reliability and maintenance ability.
To implement the new campus network design will not increase the cost for
hardware or any networking device cause of proposed system will not require any
extra devices, It will work on available devices no extra requirement.
So, Proposed system (Campus Network Design with FTP Server) is economically
feasible to implement in future.

CHAPTER 3
TECHNOLOGY USED
3.1. Virtual Local Area Network
In computer networking, a single layer-2 network may be partitioned to create
multiple distinct broadcast domains, which are mutually isolated so that packets
can only pass between them via one or more routers; such a domain is referred to
as a virtual local area network, virtual LAN or VLAN.
This is usually achieved on

switch or router devices. Simpler devices only

support partitioning on a port level (if at all), so sharing VLANs across devices
requires running dedicated cabling for each VLAN. More sophisticated devices
can mark packets through tagging, so that a single interconnect (trunk) may be
used to transport data for multiple VLANs.
To physically replicate the functions of a VLAN would require a separate,
parallel collection of network cables and equipment separate from the primary
network. However, unlike physically separate networks, VLANs share
bandwidth, so VLAN trunks may require aggregated links and/or quality of
service prioritization.
A VLAN allows several networks to work virtually as an LAN. One of the most
beneficial elements of a VLAN is that it removes latency in the network, which
saves network resources and increases network efficiency.
The key benefits of implementing VLANs include:

Allowing network administrators to apply additional security to network

communication.
Making expansion and relocation of a network or a network device easier.

Providing flexibility because administrators are able to configure

in a centralized environment while the devices might be located in
different geographical locations.

Decreasing the latency and traffic load on the network and the
network devices, offering increased performance.

3.2. Inter Virtual Local Area Network Routing

When a node in one VLan needs to communicate with a node in another VLAN, a
router is necessary to route the traffic between VLans.
Without the routing device, inter-VLAN traffic would not be possible. Sub
interfaces on a router can be used to divide a single physical interface into
multiple logical interfaces.
Traditionally, LAN routing has used routers with multiple physical interfaces.
Each interface needed to be connected to a separate network. Configured for a
different subnet, Each router interface is connected to a switch port, associated
with a specific VLAN. The router can accept traffic from the VLAN associated
with the switch interface it is connected to, and route the traffic to other VLANs.

Fig 3.1. IVR with separate interface

7

Fig. 3.2. IVR with sub interfaces

3.3. Virtual LAN Trunking Protocol

Trunking protocols were developed to effectively manage the transfer of frames
from different VLans on a single physical line. Trunk link does not belong to a
specific VLan. The VLAN Trunking protocol(VTP) is the protocol that switches
use to communicate among themselves about VLAN configuration.
The VLANs can communicate with each other via the Trunking connection
between the two switches using the router. For example, data from a computer on
VLAN A that needs to get to a computer on VLAN B (or VLAN C or VLAN D)
must travel from the switch to the router and back again to the switch. Because of
the transparent bridging algorithm and Trunking, both PCs and the router think
that they are on the same physical segment.
As you can see, LAN switches are an amazing technology that can really make a
difference in the speed and quality of a network.
A network switch, which is participating in VLAN Trunking Protocol (VTP), can
have three different modes.

Server Mode

Client Mode

Transparent Mode
8

Fig. 3.3. Use of trunk port

VLAN Trunking Protocol (VTP) Server Mode
VLAN Trunking Protocol (VTP) Server mode is the default VTP mode for all
Catalyst switches. At least one server is required in a VTP domain to propagate
VLAN information within the

VTP domain. We can create, add, or delete

VLANs of a VTP domain in a Switch which is in VTP Server mode and change
VLAN information in a VTP Server. The changes made in a switch in server
mode are advertised to the entire VTP domain.
VLAN Trunking Protocol (VTP) Client Mode
VLAN Trunking Protocol (VTP) client mode switches listen to VTP
advertisements from other switches and modify their VLAN configurations
accordingly. A network switch in VTP client mode requires a server switch to
inform it about the VLAN changes. We CANNOT create, add, or delete VLANs
in a VTP client.
VLAN Trunking Protocol (VTP) Transparent Mode
VLAN Trunking Protocol (VTP) transparent mode switches do not participate in
the VTP domain, but VTP transparent mode switches can receive and forward
VTP advertisements through the configured trunk links.

3.4. Routing Protocols

A routing protocol specifies

how routers communicate

disseminating information that enables them to select

with

each

other,

routes between any

two nodes on a computer network.

Routing algorithms determine the specific choice of route. Each router has a
priori knowledge only of networks attached to it directly.
A routing protocol shares this information first among immediate neighbors, and
then throughout the network. This way, routers gain knowledge of the topology of
the network.

Fig. 3.4. Routing protocols

3.5. Network Address Translation

NAT is a router function where IP addresses of IP datagrams are replaced at the
boundary of a private network.
In computer networking, network address translation (NAT) provides a method
of modifying network address information in Internet Protocol (IP) datagram
packet headers while they are in transit across a traffic routing device for the
purpose of remapping one IP address space into another.
Network Address Translation (NAT) is the process where a network device,
usually a firewall, assigns a public address to a computer (or group of computers)
inside a private network.

10

The main use of NAT is to limit the number of public IP addresses an

organization or company must use, for both economy and security purposes.
The most common form of network translation involves a large private network
using addresses in a private range (10.0.0.0 to 10.255.255.255, 172.16.0.0 to
172.31.255.255, or 192.168.0 0 to 192.168.255.255).
In its simplest configuration, the Network Address Translator (NAT) operates on a
router connecting two networks together; one of these networks (designated as
inside) is addressed with either private or obsolete addresses that need to be
converted into legal addresses before packets are forwarded onto the other
network (designated as outside) [1].

Fig. 3.5. Network Address Translation

3.6. Access Control List

Access Control lists filter network traffic. Use for security on router interfaces.
1. Standard ACL Permit or deny access for an network, subnet, and host
addresses.
2. Extended ACL Permit or deny based on where a packet originates, its
destination, protocol type, and port addresses.

11

ACLs are basically a set of commands, grouped together by a number or name

that is used to filter traffic entering or leaving an interface.
When activating an ACL on an interface, you must specify in which direction the
traffic should be filtered:

Inbound (as the traffic comes into an interface)

Outbound (before the traffic exits an interface)

Inbound ACLs:
Incoming packets are processed before they are routed to an outbound interface.
An inbound ACL is efficient because it saves the overhead of routing lookups if
the packet will be discarded after it is denied by the filtering tests. If the packet is
permitted by the tests, it is processed for routing.
Outbound ACLs:
Incoming packets are routed to the outbound interface and then processed through
the outbound ACL.
Universal fact about Access control list:
ACLs come in two varieties: Numbered and named

Each of these references to ACLs supports two types of filtering: standard

and extended.
Standard IP ACLs can filter only on the source IP address inside a packet.

Whereas an extended IP ACLs can filter on the source and destination IP

addresses in the packet.

There are two actions an ACL can take: permit or deny.

Statements are processed top-down.

Once a match is found, no further statements are processed

therefore, order is important.

12

3.6.1. Standard ACLs

A standard IP ACL is simple it filters based on source address only.
You can filter a source network or a source host, but you cannot filter based on
the destination of a packet, the particular protocol being used such as the
Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), or
on the port number.
You can permit or deny only source traffic.
3.6.2. Extended ACLs:
An extended ACL gives you much more power than just a standard ACL.
Extended IP ACLs check both the source and destination packet addresses. They
can also check for specific protocols, port numbers, and other parameters, which
allow administrators more flexibility and control.

Fig. 3.6. Implementation of ACL

Named ACLs:
One of the disadvantages of using IP standard and IP extended ACLs is that you
reference them by number, which is not too descriptive of its use. With a named
ACL, this is not the case because you can name your ACL with a descriptive
name. The ACL named DenyMike is a lot more meaningful than an ACL simply
numbered 1.
13

There are both IP standard and IP extended named ACLs. Another advantage to
named ACLs is that they allow you to remove individual lines out of an ACL.
With numbered ACLs, you cannot delete individual statements. Instead, you will
need to delete your existing access list and re-create the entire list.

3.7. Virtual Lan Access Control List

A VLAN access control list (VACL) provides access control for all packets that
are bridged within a VLAN or that are routed into or out of a VLAN.
Unlike regular Cisco IOS access control lists that are configured on router
interfaces and applied on routed packets only, VACLs apply to all packets. The
technology was developed by Cisco on the Catalyst 6500 Series switch platform.
VACLs may be used in similar fashion to a SPAN port or network tap, as a way
to replicate computer network data that is coming into and leaving from a
computer or a network. This is useful if you want to monitor traffic.Often, this
configuration is used to facilitate data loss prevention (DLP) or network-based
Intrusion prevention systems.
VACL or VACL Ports can be much more discriminating of the traffic they
forward compared to a standard SPAN port. They may be set to only forward
specific types or specific VLANs to the monitoring port.
VACL also known as VLAN access-maps, apply to all traffic in a VLAN.
VACLs can control traffic flowing within the VLAN or control switched traffic.
Three ACL actions are permitted with VACLs:

Permit

Redirect

Deny

14

CHAPTER 4
INTRODUCTION TO DEVICES
4.1. Router
Routers are networking devices used to extend or segment networks by
forwarding packets from one logical network to another. Routers are most often
used in large internetworks that use the TCP/IP protocol suite and for connecting
TCP/IP hosts and local area networks (LANs) to the Internet using dedicated
leased lines.
When a data packet comes in one of the lines, the router reads the address
information in the packet to determine its ultimate destination. Then, using
information in its routing table or routing policy, it directs the packet to the next
network on its journey.
Routers perform the "traffic directing" functions on the Internet. A data packet is
typically forwarded from one router to another through the networks that
constitute the internetwork until it reaches its destination node.
A router is a specialized networking device connected

to two or

more

networks running software that allows the router to

move data

from

one network to another. Router functions in an Internet protocol based network

operate at the network layer.

Fig. 4.1. Router

15

An example of a router would be the owner's cable or DSL router, which connects
to the Internet through an ISP. More sophisticated routers, such as enterprise
routers, connect large business or ISP networks up to the powerful core routers
that forward data at high speed along the optical fibres lines of the Internet
backbone. Though routers are typically dedicated hardware devices, use of
software-based routers has grown increasingly common.

4.2. Switch
A network switch is a

computer networking device that connects devices

together on a computer network, by using a form of packet switching to forward

data to the destination device.
A network switch is considered more advanced than a(repeater) hub because a
switch will only forward a message to one or multiple devices that need to
receive it, rather than broadcasting the same message out of each of its ports.
A network switch (also called switching hub, bridging hub, officially MAC
bridge) is a multi-port network bridge that processes and forwards data at the
data link layer (layer 2) of the OSI model. LAN switching is a form of packet
switching used in local area networks. Switching technologies are crucial to
network design, as they allow traffic to be sent only where it is needed in most
cases, using fast, hardware-based methods.

Fig. 4.2. Switch

16

4.3. Networking Cables

Networking cables are used to connect one network device to other network
devices or to connect two or more computers to share printer, scanner etc.
Different types of network cables like Coaxial cable, Optical fiber cable, Twisted
Pair cables are used depending on the network's topology, protocol and size.
The devices can be separated by a few meters (e.g. via Ethernet) or nearly
unlimited distances (e.g. via the interconnections of the Internet).
While wireless may be the wave of the future, most computer networks today still
utilize cables to transfer signals from one point to another.
4.3.1. Twisted pair
Twisted pair cabling is a form of wiring in which pairs of wires (the forward and
return conductors of a single circuit) are twisted together for the purposes of
cancelling out electromagnetic interference (EMI) from other wire pairs and from
external sources.
This type of cable is used for home and corporate Ethernet networks. There are
two types of twisted pair cables: shielded, unshielded.
4.3.2. Fiber Optic cable
An optical fiber cable consists of a center glass core surrounded by several layers
of protective material. The outer insulating jacket is made of Teflon or PVC to
prevent interference. It is expensive but has higher bandwidth and can transmit
data over longer distances.
4.3.3. Coaxial cable
Coaxial lines confine the electromagnetic wave to area inside the cable, between
the center conductor and the shield. The transmission of energy in the line occurs
totally through the dielectric inside the cable between the conductors.

17

Coaxial lines can therefore be bent and twisted (subject to limits) without
negative effects, and they can be strapped to conductive supports without
inducing unwanted currents in them and though.
The most common use for coaxial cables is for television and other signals with
bandwidth of multiple megahertz. Although in most homes coaxial cables have
been installed for transmission of TV signals, new technologies (such as the ITUT G.hn standard) open the possibility of using home coaxial cable for high-speed
home networking applications (Ethernet over coax).
In the 20th century they carried long distance telephone connections.
4.3.4. Ethernet (crossover) cable
An Ethernet crossover cable is a type of Ethernet cable used to connect
computing devices together directly where they would normally be connected via
a network switch, hub or router, such as directly connecting two personal
computers via their network adapters. Some newer Ethernet devices support the
use of cross-over cables in the place of patch cables.

18

CHAPTER 5
HARDWARE AND SOFTWARE REQUIREMENTS
5.1Hardware Requirement

Cisco 2600 series router (2 Units).

D-link DGS-1210-28 switch (Units depending upon number of users).

Ethernet Cables 10/100, 10/100/1000 (Depending upon area of campus).

CSU/DSU.

5.2Software Requirement

D-Link D-View 7 (For Network Management).

Hyper terminal or Putty (For Router Console).

19

CHAPTER 6
METHODOLOGY/PLANNING OF WORK
Steps followed to achieve the objective of the project during the project
development are following:

6.1. Connection between Routers, Switches and End Users

The working Router is connected to the main server switch and this switch is
connected to the all different department of the campus. All end devices of the
particular departments will be connected to their respective Switches.

6.2. Sub-interfaces and VLANs

The Sub-interfaces is defined on the port of the Router where the switch would be
connected. The first Switch would be the Server Switch and rest will be the
Client.
The Vlan created on the server switch will automatically get created on client
switch. And so the ports of the switches will be assigned to the different Vlans.

6.3. Network Management Software (NMS)

The D-View 7.0 SNMP Network Management System is a software tool that
facilitates the central administration of a network with various SNMP-enabled
devices. The D-View 7.0 Standard version (DV-700S) is tailored for networks
with up to 1000 nodes. Beyond that, the D-View 7.0 Professional version (DV700) provides a server-based architecture that simplifies the daily management of
the network. Flexible and versatile, D-View 6.0 provides network management to
SNMP-based devices, including third party devices.
Administrators can create a topology diagram to graphically represent planned or
existing networks with a simple click of a button. Through SNMP or ICMP, a
topology is automatically generated from your network devices. Traps can be sent
to remote network devices to obtain status information. D-View 7.0 can recognize
a devices standard (SNMP or non-SNMP), type (router or switch, wired or
wireless) and network domain. Thats only the beginning of the types of analyses
administrators can perform on all their network devices. Import a bitmap of your
buildings blueprint and display your networks topology on top of the blueprint
to provide a realistic representation of the network topology.
20

Fig. 6.3.1. NMS window

6.3.1. D-View 7.0 - New features

Performance Monitor (switch should support RFC1213

Interface and RMON)

Device Panel Simulation Module

Link Capacity Check

Get All Arp Information

Topology Import / Export

21

Fig. 6.3.2. Topology Diagram

6.4. Configuration of routers and switches

On router and switches did configuration for the each particular technology:

Virtual Local Area Network.

Inter VLAN Routing.

Routing Protocols.

Network Address Translator.

Access Control List.

VLAN Access Control List.

22

CHAPTER 7
PROJECT DESCRIPTION
7.1. About the project

Use a Cisco Hierarchical Modular Approach.

Different VLANs for different departments, buildings.

Easy to add a new building, floor, remote site, e-commerce service so on.

Troubleshooting of the Network is easy.

Minimize the size of broadcast domains.

Inter VLAN Routing and VTP is used.

VACL is used.

7.2. Advantages of Campus Network Design

Bandwidth
In the new network have many small networks logically instead of a large
network, through which number of users are less in the network so in one
network traffic congestion probability is low as compare to previous
network.

Security between different department

In new network structure implemented new LAN concept i.e. VLAN. By
the using of VLAN different departments are not interconnected to each
other, It provide isolation between two departments.

Troubleshooting
The new network is well structured and easy to understand by admin
because in this admin can understand where is the really problem is
occurred and the admin can repair that.

No Loop Occurrence
In new network have the probability of less loop occurrences and it helps
to increase the throughput of network.

23

Resolved Hosts for Telnet

In the new Campus Network enable the feature of telnet. Admin can
resolve the problem on any device by remotely access that device. Each
device has own IP address to use telnet on that device, by using ip address
admin can access that device.

Console security
In the new structure have the security on the console means any person
that unauthorized person can't access or modify the configuration of
routers and switches.

Password Encryption
For the security purpose in the new campus network have password
encryption service, it helps to protect from the cracking of password on
routers and switches all passwords are in encrypted form.

Port Security
In the new network structure have the features of port security. It allow the
port don't work if any violation occur. There are two type of port security
used in new campus network.
1. Sticky Mac Address
When an end device connect to the switch through the port then that
device is reserved for that port, if any user try to connect another device to
that port then that port not work. It can change by the admin.
2. Violation Restrict
When any end device try to connect the switch without any permission to
any port then switch restrict to the connection.

24

CHAPTER 8
CONCLUSION AND SCOPE
8.1. Conclusion
Local Area Network of Shaheed Bhagat Singh State Technical Campus
(Firozpur), to accommodate their needs. Using Cisco Three Layer Hierarchical
Model to optimize the campus network. First focus is to provide a high
availability in the network, redundant link and a fast link failure detection and
failover inside the routing protocol is required buildings need to be
interconnected. The building block components hierarchical structure network are
the core layer, the distribution layer and the access layer. Campus network design
will provide the better security than previous network.

8.2. Scope
In future if campus network design project will implement in our college then it
effect the reliability of the network. It help to remove the congestion occur in the
network, so it increase the throughput of the network system.

25

CHAPTER 9
APPENDICES
9.1. SCREENSHOTS
9.1.1. Campus Network Design Cisco Packet Tracer Screen Shot

Fig. 9.1.1. Campus Network Design Screen Shot

This figure is the screen shot of the campus network project in the simulator cisco
packet tracer. This figure shows the different departments of the institute in this
have different VLANs for different departments.
This shows the connection between the end user to the server via switches and
routers.

26

REFERENCES
[1]"Cisco IOS Network Address Translation Overview"., http://www.cisco.com/
en/US/technologies/tk648/tk361/tk438/technologies_white_paper09186a008
0091cb9.html., Technical report, September 1998.,
[2] Oppenheimer. P., "Top-Down Network Design, Second Edition, Cisco
System.".,2004
[3] Sandhu. R., 2001," The next generation of access control Models: Do we need
them and what should they be? In SACMAT01 ", SACMAT., pp. 53.
[4] Lammle. T., 2014," VLANs and Inter VLANs Routing ", Wiley India
Ltd., pp. 459.
[5] Lammle. T., 2014," The Cisco Three Layer Hierarchical Model", Wiley
India Ltd., pp. 70.

27