Design and Scheme of Network System

Journal of Computer Hardware Engineering(2018)
Original Research Article
Design and Scheme of Network System
Chunhe Tan,Yuping Liu,Wenjian Fang
School of Computer and Information, Hefei University of Technology, Anhui, China
ABSTRACT
With the development of economy and society, people's living standards are getting higher and higher, and the
phenomenon of office at home is becoming more and more common. The network plays a vital role here. Community
of network engineering to provide convenience for people at the same time, its security is also extremely important.
Technology in the continuous development of the network into every household, the study of such a daily life for the
needs of the network engineering integration program is essential. In this subject, according to the characteristics of the
district specifically designed a set of network engineering program. This paper mainly introduces the related network
technology, the choice of equipment, the network formation of the district, the division of IP address, the integrated
wiring, and the network security. According to people's daily life and management of the basic situation, designed a
safe and efficient network system to facilitate people's lives, improve people's quality of life.
KEYWORDS: campus network; protocol; server; Internet
1. Introduction
In the present knowledge of the explosion of the community, the demand for qualified personnel more and more,
need them to master a large number of various types of knowledge in education need to improve teaching efficiency.
There are many new teaching methods, in a variety of ways to improve the speed of knowledge of students in the same
time with their predecessors, master more knowledge than their predecessors, and these teaching methods, the need to
use the computer network to achieve
This requires the campus network is a very interactive and professional LAN. Multimedia teaching software
development platform, multimedia presentation classrooms, teacher preparation system, electronic reading room and
teaching and examination database, can work through the network. If a school includes a number of professional
disciplines, you can also form a number of local area networks, and through wired connection.
Campus network refers to the use of network equipment, communication media and networking technology and
protocols and a variety of system management software and a variety of terminals effectively integrated together, and
for teaching, research, school management, information sharing and distance learning Computer local area network
system.
Campus network should have teaching, management and communication three functions. For the current campus
network construction, the main focus on teaching and communication, it is difficult to achieve the digital campus as the
core of the management area.
2. Analysis
2.1. Network requirements
Xi'an Aeronautical Vocational and Technical College, in order to hot pursuit of the pace of the times, development
and inter-school, static resource sharing, dynamic information dissemination, distance learning and collaborative work
stage, the development of school education modernization, decided to build their own campus network, Early realization
of educational information. After the completion of the campus network, the computer will be introduced into all aspects
of teaching, which can lead to teaching methods, teaching methods, teaching tools, a major innovation. To improve
the quality of teaching, and promote the development of China's education modernization plays an immeasurable role.
Copyright © 2017 -. This is an Open Access article distributed under the terms of the Creative Commons Attribution-NonCommercial 4.0 International
License (http://creativecommons.org/licenses/by-nc/4.0/), permitting all non-commercial use, distribution, and reproduction in any medium, provided
the original work is properly cited.
27
4 The Design and Scheme of Network System
The network also provides an effective way for schools' managers and teachers to acquire resources and work together.
Campus network will be the school to improve the management level, work efficiency, improve the quality of teaching a
powerful means, that is, to solve the information age education problem of the basic tools.
Through the school information construction professionals to communicate, to understand the campus broadband
network users and network traffic, pay attention to the network can operate and manage the characteristics of the
campus network construction needs as follows:
1. Teaching area, dormitory area users on the campus network, education network, INTERNET visit has a
corresponding routing strategy.
2. The campus network there are a number of export needs, the campus network at least to provide China Education
and Research Network (CERNET) and INTERNET two exports.
3. The campus network security requirements are higher, requiring the device to achieve user identification and
dynamic binding functions such as through the 'IP + MAC + port' triad dynamic binding to identify the user.
4. The campus network WEB page can achieve the following functions: User Web self-service function, the user can
Web self-service page, personal information inquiries, password changes, Internet details inquiries, payment records and
online pre-registration.
5. The campus network requirements for each user's use can be audited afterwards, to locate the IP address and the
user connected to the port and login user name, limit the use of the account port.
6. The campus network requirements to achieve the dynamic control of user bandwidth.
7. The campus network to achieve multicast services.
8. The campus network requirements in the school scale continues to expand, the number of users continues to
increase, requiring the network has a very good scalability, according to the need to gradually smooth upgrade to 10
Gigabit backbone connection.
9. Network management platform to achieve the management of network resources, network security access control.
And on the platform can easily develop the required network applications.
10. After the completion of the campus network will achieve the following basic functions:
● Computer teaching, including multimedia teaching and distance learning;
● Network download and network chat;
● E-mail system: mainly with peer exchanges, technical cooperation, academic exchanges and other activities;
● File transfer FTP: the main use of FTP services to obtain important scientific and technical information and
technical documents;
● INTERNET service: schools can set up their own home page, the use of external web pages for school publicity,
to provide various types of consulting information, the use of internal web pages to manage, such as issuing a notice to
collect student opinions.
● Library access system for computer query, computer search, computer reading and so on;
2.2. Network environment
The school has 13 student dormitories, 5 floors per building, 30 students on each floor, each room to provide a
network node; teacher dormitory 2 (216) households, a total of 18 layers, each household provides a network node ;
Teaching building 5, a total of 5 layers, each layer has 10 classrooms, each classroom to provide a network node; library
and electronic reading room in the same building, a total of 1 electronic reading room, each electronic reading room
needs 10 network nodes; training building a total of 7 layers per layer requires 20 nodes. Requires campus network
backbone using 1000Mb / s fiber, 100Mb / s exchange to the desktop.
2.3. 2.3 Design goals
The implementation of this project will greatly improve the teaching and research conditions of the school. After the
completion of the system will achieve the following objectives: (1) to establish a connection to multimedia classrooms,
libraries and other places of the campus network, the backbone of the network rate of 100Mb / s. (2) to establish a
VPN server to support the teacher's mobile office. Teachers in any place, through the Modem dial-up, in the case of
authorization can access the information inside the school. (3) To establish the school's own WWW server, to provide
28
Chunhe Tan, et al
the school's home page. (4) To provide online library number of online inquiries. (5) The establishment of e-mail server
for teachers and students to provide e-mail service. (6) To provide file transfer services.
3. Campus network structure design
According to the actual situation and characteristics of the school, the construction of the campus network. In the
design process, pay attention to the practicality of the campus network and the combination of advanced, and the use of
mature network technology to ensure the practicality of the campus network.
3.1. 3.1 Overall design principles
As the school funds are not very adequate, cannot be in one step. On the other hand, the level of application of the
school is more uneven, some systems even if the installation is not used, therefore, in the construction of the campus
network process, the system should always implement the application-oriented, pragmatic approach, the principle of
economy.
The school network needs to complete, including the book information, school administrative office and other
integrated business information management system for the majority of faculty and students to provide a network
environment for teaching and research work of the advanced platform. The campus network covers the entire campus,
and the network design follows the following five basic principles:
Reliability and high performance networks must be reliable, including network-level reliability, such as engines,
fans, boards, totals, and so on; and network-level reliability such as routing, switching aggregation, link redundancy,
load Equalization and so on. The network must be of sufficient performance to meet the needs of the business.
Scalability and scalability of the system to be scalable and scalable, with the business growth and application level,
the network of data and information flow will grow exponentially, the need for a good network scalability, and can
continue to upgrade with the development of technology. Equipment should be used in line with international standards
of systems and products to ensure that the system has a long vitality and scalability to meet future requirements of the
system upgrade.
Easy to manage, easy maintenance as the campus backbone network system is large, rich and complex application,
the need for network management system has good manageability, network management system with monitoring, fault
diagnosis, fault isolation, filtering settings and other functions to facilitate the management of the system and maintain.
At the same time as far as possible to choose a high degree of integration, the module can be a common product for easy
management and maintenance. Here we use the equipment is Cisco can manage the switch, the firewall.
Security, confidentiality of the network system should have good security. As the campus backbone network for
multiple user intranet to provide interconnection and support a variety of business, requiring flexible and effective
security control, but also should support the virtual private network to provide multi-level security options. In the system
design, not only consider the full sharing of information resources, but also pay attention to the protection and isolation
of information, so the system should be different applications and different network communication environment, take
different measures, including system security mechanisms, data access the authority of the control. In the sub-campus
network assumptions, through the subnet, Vlan on the switch to achieve network security.
Flexibility, comprehensive through the use of structured, modular design forms, to meet the system and the user
needs of a variety of different, to adapt to changing requirements. To meet the system goals and functions as the goal, to
ensure that the overall program design is reasonable to meet the needs of users, while maintaining the use of the system
maintenance, as well as the future system of secondary development and transplantation.
3.2. 3.2 Hierarchical model of campus network design
The so-called 'hierarchical' model is to divide the complex network design into several levels, each of which focuses
on certain specific functions, which can make a complex big problem into many simple small problems. Hierarchical
model can be applied to both LAN design and WAN design.
In order to understand the importance of hierarchical design more clearly, it is best to understand the OSI (Open
Systems Interconnection) reference model. The OSI model simplifies the communication requirements between
computers. Similarly, the use of a hierarchical model to design a network can simplify the requirements of networking.
29
4 The Design and Scheme of Network System
3.3. Hierarchical network design
1. Cost savings. In the use of hierarchical model, the various levels of their duties, no longer in the same platform to
consider all the things. Hierarchical model the modular nature of the network to make every layer can make good use of
bandwidth, reducing the waste of system resources.
2. Easy to understand. Hierarchical design makes the network structure clear, can be implemented at different levels
of different difficulty management, reducing management costs.
3. Easy to expand. In the network design, modularity has the characteristics of network growth so that the
complexity of the network can be limited to the subnet, and will not spread to other parts of the network. And if the use
of flat and mesh design, any node changes will have a great impact on the entire network.
4. Easy to troubleshoot. Hierarchical design can break down the network topology into easy-to-understand subnets,
and network managers can easily determine the range of network failures, simplifying the troubleshooting process.
4. Solution
According to the distribution of the buildings between the schools, the central room can be set in the training
building, because the floor has 7 layers, can be set in the middle floor section, for example, 4 to 6 floor in a layer. The
remaining building blocks are connected to the core switch of the central room via fiber.
4.1. Network topology
According to the network environment, we can draw the campus network topology. Among them, we use the router
to connect with the Internet, and choose a hardware firewall to protect the network. In the network topology diagram,
you can see that more than one server is divided into a VLAN
4.2. 4.2 Campus building information needs
1000 BASE-LX: 1000 BASE-LX is usually used to support long-distance transmission of multi-mode fiber and
single-mode fiber, fiber connected to each floor wiring between the convergence layer switch. The design of each floor
is as follows:
4.2.1 Student dormitory
Student dormitory a total of five, each layer of 30 dormitories, each bedroom 1 information node. Click here to
install an access layer on each floor of the switchboard, the floor selection of floating rack. Select Cisco Access Layer
Switch catalysit 2924. Wiring between the first set, the cable selection of ultra-five unshielded twisted pair (UTP).
4.2.2 Staff dormitory
Teacher dormitory 2, 18 layer, each layer 6, a total of 216 households, each household provides a network node.
Choose 5 Cisco access layer catalyst catalyst 2924, every 3 layers of a switch to achieve the purpose of saving cable.
There is no extra room on the household floor to set the wiring closet, and the wiring closet can be set in the basement.
4.2.3 Library and electronic reading room
Library and electronic reading room in the same building, a total of 1 electronic reading room, each electronic
reading room needs 10 network nodes, the same use of an access layer switch.
4.2.4 Teaching building
Teaching building 5, a total of 5 layers, each layer has 10 classrooms, each classroom provides a network node, a
total of 250 information nodes. Each layer is configured with an access layer switch, and the wiring closes on the first
floor, and the convergence layer switch is placed. The cable also selects the ultra-five unshielded twisted pair.
4.2.5 Training building
A total of 7 layers of each building needs 20 nodes, because the network center in the training floor, two convergence
layer switches to do cascade, each layer only need to configure an access layer switch. Cable selection of ultra-five UTP
twisted pair.
30
Chunhe Tan, et al
4.3. 4.3 Description of the program
Campus network system is divided into core layer, convergence layer and access layer. The core layer
function is mainly to achieve the optimal transmission between the backbone networks, backbone layer design task is
usually the focus of redundancy, reliability and high-speed transmission. Because the school there is a lot of voice and
video transmission. Accordingly, consider that the convergence layer has good support for QoS and can provide large
bandwidth. The access layer device is the most straightforward device of the end user, and it should have plug-and-play
features and easy-to-maintain features.
5. Network equipment selection
5.1. 5.1 Switches
The campus network uses Gigabit Ethernet switching network. Configure a central switch and seven secondary
switches. Each switch supports fiber expansion ports with expansion module slots. Campus network backbone for the
Gigabit network, Fast exchange to the desktop, to protect all users at the same time call the service resources can be fast
and smooth, give full play to the role of multimedia classroom teaching; at the same time to ensure that all users at the
same time smooth Internet, the campus network function most vividly.
The number and basic performance requirements of this network engineering switch are shown in Table 1:
Project
Center switch 1
Secondary switch 7 sets
Technical requirements
48 100Mb / s port, support 3 layers of exchange, stackable. The switch provides
1Gb / s link with expansion module slot, support a large number of expansion
modules, such as Gigabit Ethernet, ATM and Layer 3 switching; support multimedia,
support 802.1p, with PACE technology and multiple access filter ; Support RMON
(class 9), including Web-based monitoring and control interface; support VLAN,
support the number of MAC addresses greater than 10000; support fiber expansion
port, congestion control based on flow control IFM and 802.3x standard
24 100Mb / s port
With expansion module slot, support for Layer 3 switching
Support RMON (class 9), including Web-based monitoring and control interface;
Support for multimedia, support for 802.1p, with PACE technology and multiple
access filter
Support VLAN, support the number of MAC addresses greater than 6000;
Support fiber expansion port, congestion control based on flow control IFM and
802.3x standard
Table 1. Number and basic performance requirements for switches
8G-L3 central switch
The Catalyst 2948G-L3 switch is a three-tier L3 Ethernet switch switch that provides wire-speed switching for
IP protocols, Internet packet-switched protocols, IPX, and IP multicast. This new Catalyst switch provides the required
high performance for a medium-sized park backbone with the appropriate port density. It is ideal for aggregating
multiple wiring closets or workgroup switches (such as Catalyst 2900, Catalyst 1900, Catalyst 3500, Catalyst4000, or
Catalyst 5000 switches). The Catalyst 2948G-L3 switch not only provides non-blocking routing and switching for IP,
IPX, and IP multicast, but also provides wire-speed Layer 2 switching for non-routable protocols such as NetBIOS and
DECnet Local Transport (LAT). This feature allows network administrators to extend their multi-protocol backbone
through the Catalyst 2948G-L3 without having to build a parallel network as if only IP switches were used.
Its characteristics are;
48 dedicated 10 / 100Mb / s Ethernet ports, and two 1000Base-X Gigabit Ethernet ports that support
Gigabit Interface Converter (CBIC), all ports have Layer 3 switching capabilities. High performance: 10Mb / s
31
4 The Design and Scheme of Network System
Layer 3 switching and routing over IP, IPX switches and IP multicast. 24Gb / s non-blocking switching matrix. High
performance CPU with CISCO IOS system software.
Quality of Service (QoS): Multiple arrays with weighted polling (WRR) scheduling. Based on the standard
CISCO WORKS2000 application of a comprehensive management tool. Optional redundant external power supply.
Line speed third layer switch.
CISCO Catalyst 2950 Series Workgroup Switch
The Catalyst 2950 Series switches are part of the Fast Ethernet Desktop Switch CISCO Catalyst 2900 Series,
which provides excellent performance and functionality for local area networks (LANs). The independent, 10 / 100Mb
/ s adaptive switch provides enhanced Quality of Service (QoS) and multicast management features, all of which are
made up of the easy-to-use, Web-based CISCO cluster management suite (CMS) and integrated CISCO IOS software To
manage. The CISCO Catalyst 2950 Gigabit copper wire with 10/100 / 1000Mbase-T uplinks provides an ideal solution
for mid-sized corporate and corporate branch offices to enable them to take advantage of existing 5-class copper Line
from Fast Ethernet to a higher-performance Gigabit Ethernet backbone.
Catalyst 2900 series of common products include: 12 10 / 100M port standalone, 24 10/100 port independent,
24 10 / 100M port plus two 100Base-FX port, 12 ports plus two GBIC ports, 24 10/100 ports plus two 10/100 /
1000Base-T ports.
Supports all Cisco IOS features
5.2. Server
Network Center configuration 2 department-level servers, respectively, to do the application server and Web
server. Its configuration and performance are as follows:
(1) Web server 1 configuration see Table 2:
Table 2. Server Configuration List
(2) Application Server 1 configuration Table 3:
5.3. Other equipment
Other equipment technical requirements see Table 4
32
Chunhe Tan, et al
Table 3. Technical requirements for other equipment
6. Network device configuration
The network center forms the backbone of the campus network, and provides connectivity to the WAN and dial-in
services. In the backbone system using Ethernet structure, the main advantages of using this approach are:
Gigabit Ethernet can provide 1Gb / s bandwidth for each port, fully meet the user's need for speed; use of the
economy, with a high cost; Gigabit Ethernet has been widely supported; from the existing Traditional Ethernet can
smoothly transition to Gigabit Ethernet, eliminating the need for new configurations, and management technologies;
Gigabit Ethernet technology has good interoperability and backward compatibility.
In the program, the central office room to prevent the central switches, servers, routers and other network equipment,
these devices to the central switch as the center, with a star topology through unshielded feet cable together. The
connection between the network center and the subnet is based on the distance from the subnet, through the fiber box
unshielded feet cable to the central switch and subnet switches connected.
6.1. Configuration of the switch
VLNA in the network management center Cisco2948G-L3 core switches, student dormitories Cisco2950 switches,
teaching building Cisco2950 switches, training building teaching building Cisco2950 switches, faculty dormitory
Cisco2950 switches, library Cisco2950 switch.
The switch is through the super terminal into the configuration state. The name is defined as follows:
•
1 student dormitory: 1xs
•
2 student dormitory: 2xs
•
3 student dormitory: 3xs
•
Comprehensive teaching building: zhl
•
Library: tsg
•
Teaching building: jxl
•
Staff dormitory: jzg
Other student dormitory switch configuration is similar to student house 1
33
4 The Design and Scheme of Network System
Teaching Suite Cisco 2950 switch configuration
Pix is Cisco's hardware firewall, hardware firewall has a fast, easy to use and so on. PIX has many models, the
number of concurrent connections is an important parameter PIX firewall. PIX525 is a typical device.
PIX firewall common interfaces are: Console, Failover, Ethernet, USB.
Network area:
Internal network: Inside
External network: Outside
Intermediate area: called DMZ (cease zone). Place the open server.
Firewall configuration rules:
No connection status (no handshake or handshake unsuccessful or illegal packets), any packet cannot pass through
the firewall.
(An internally initiated connection can be backed up. A server that is open by an ACL allows an external connection
to be initiated).
Inside can access any Outside and DMZ areas.
Inside access Dmz need to cooperate with Static (static address translation).
Outside access Dmz requires an ACL (access control list).
References
1.
2.
3.
4.
Network security based tutorials and training
Network basics
Routing protocols and concepts
Family small business network
34
Download PDF