Difference between revisions of "Galaxy Network - Network Layout"

Latest revision as of 13:53, 5 August 2009

IP Topology

Amidala

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Fast Ethernet 0/3
  • IP: 192.168.254.9 /30
  • Type: Routed
  • Description: Link to Leia
• Interface: Fast Ethernet 0/4
  • IP: 192.168.254.37 /30
  • Type: Routed
  • Description: Link to Luck
• Interface: Fast Ethernet 0/21
  • IP: 172.16.10.6 /30
  • Type: Routed
  • Description: Link to R7 (Cloud/ISP/MSPL)
• Interface: Fast Ethernet 0/22
  • IP: 192.168.254.21 /30
  • Type: Routed
  • Description: Link to HanSolo
• Interface: Fast Ethernet 0/23
  • IP: 192.168.254.17 /30
  • Type: Routed
  • Description: Link to MaceWindu
• Interface: Fast Ethernet 0/24
  • IP: 192.168.254.29 /30
  • Type: Routed
  • Description: Link to QuiGon
• Interface: Loopback 0
  • IP: 192.168.45.1 /30
  • Type: Routed
  • Description: Management interface
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Link to Anakin

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.45.0 0.0.0.3
    • 192.168.254.8 0.0.0.3
    • 192.168.254.16 0.0.0.3
    • 192.168.254.20 0.0.0.3
    • 192.168.254.28 0.0.0.3
    • 192.168.254.36 0.0.0.3

Anakin

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Fast Ethernet 0/3
  • IP: 192.168.254.5 /30
  • Type: Routed
  • Description: Link to Luke
• Interface: Fast Ethernet 0/4
  • IP: 192.168.254.1 /30
  • Type: Routed
  • Description: Link to Leia
• Interface: Fast Ethernet 0/21
  • IP: 172.16.10.2 /30
  • Type: Routed
  • Description: Link to R4 (Cloud/ISP/MSPL)
• Interface: Fast Ethernet 0/22
  • IP: 192.168.254.25 /30
  • Type: Routed
  • Description: Link to Palpatine
• Interface: Fast Ethernet 0/23
  • IP: 192.168.254.13 /30
  • Type: Routed
  • Description: Link to MaceWindu
• Interface: Fast Ethernet 0/24
  • IP: 192.168.254.33 /30
  • Type: Routed
  • Description: Link to ObiWan
• Interface: Loopback 0
  • IP: 192.168.45.5 /30
  • Type: Routed
  • Description: Management interface
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Link to Amidala

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.45.4 0.0.0.3
    • 192.168.254.0 0.0.0.3
    • 192.168.254.4 0.0.0.3
    • 192.168.254.12 0.0.0.3
    • 192.168.254.24 0.0.0.3
    • 192.168.254.32 0.0.0.3

QuiGon

Interface

• Interface: Serial 0/3/0
  • IP: 192.168.50.1 /30
  • Type: Routed
  • Description: Link to ObiWan DTC (128.000)
• Interface: Serial 0/3/1
  • IP: 192.168.50.5 /30
  • Type: Routed
  • Description: Link to ObiWan DTE
• Interface: Fast Ethernet 0/0
  • IP: DHCP
  • Type: Routed
  • Description: Link to Mercantec (WAN NAT w/ ACL 1)
• Interface: Fast Ethernet 0/1
  • IP: 192.168.254.30 /30
  • Type: Routed
  • Description: Link to Amidala
• Interface: Loopback 0
  • IP: 192.168.45.9 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.45.9 0.0.0.3
    • 192.168.50.0 0.0.0.3
    • 192.168.50.4 0.0.0.3
    • 192.168.254.28 0.0.0.3

Access List

• Access List
  • Number: 1
    • IP: 172.42.10.0
    • Wilcrad/Netmask: 0.0.0.255
    • Type:permit
    • IP: 172.42.20.0
    • Wilcrad/Netmask: 0.0.0.255
    • Type:permit

ObiWan

Interface

• Interface: Serial 0/1/0
  • IP: 192.168.50.6 /30
  • Type: Routed
  • Description: Link to QuiGon DCE
• Interface: Serial 0/1/1
  • IP: 192.168.50.2 /30
  • Type: Routed
  • Description: Link to QuiGon DTC (128.000)
• Interface: Fast Ethernet 0/0
  • IP: DHCP
  • Type: Routed
  • Description: Link to Mercantec (WAN NAT w/ ACL 1)
• Interface: Fast Ethernet 0/1
  • IP: 192.168.254.34 /30
  • Type: Routed
  • Description: Link to Anakin
• Interface: Loopback 0
  • IP: 192.168.45.13 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.45.12 0.0.0.3
    • 192.168.50.0 0.0.0.3
    • 192.168.50.4 0.0.0.3
    • 192.168.254.32 0.0.0.3

Access List

• Access List
  • Number: 1
    • IP: 172.42.10.0
    • Wilcrad/Netmask: 0.0.0.255
    • Type:permit
    • IP: 172.42.20.0
    • Wilcrad/Netmask: 0.0.0.255
    • Type:permit

MaceWindu

Interface

• Interface: Fast Ethernet 0/1
  • IP: 192.168.254.14 /30
  • Type: Routed
  • Description: Link to Anakin
• Interface: Fast Ethernet 0/2
  • IP: 192.168.254.18 /30
  • Type: Routed
  • Description: Link to Amidala
• Interface: Fast Ethernet 0/24
  • IP: None
  • Type: Switched
  • Description: Link to Cisco Call Manager
• Interface: Loopback 0
  • IP: 192.168.45.33 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.22.0 0.0.0.255
    • 192.168.45.33 0.0.0.3
    • 192.168.254.12 0.0.0.3
    • 192.168.254.16 0.0.0.3

HanSolo

Interface

• Interface: Fast Ethernet 0/0
  • IP: 192.168.254.22 /30
  • Type: Routed
  • Description: Link to Amidala
• Interface: Loopback 0
  • IP: 192.168.45.53 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 192.168.45.53 0.0.0.3
    • 192.168.254.20 0.0.0.3

Palpatine

Interface

• Interface: Fast Ethernet 0/0.10
  • IP: 172.42.10.1 /24
  • Type: Routed
  • Description: Gateway for wireless clients
• Interface: Fast Ethernet 0/0.100
  • IP: 172.42.100.1 /24
  • Type: Routed
  • Description: Gateway for Equipment
• Interface: Fast Ethernet 0/1
  • IP: 192.168.254.26 /30
  • Type: Routed
  • Description: Link to Anakin
• Interface: Loopback 0
  • IP: 192.168.45.17 /30
  • Type: Routed
  • Description: Management interface
• Interface: Wlan-Controller
  • IP: 192.168.45.21 /30
  • Type: Routed
  • Description: Management interface
• Interface: AP-Management
  • IP: 192.168.45.25 /30
  • Type: Routed
  • Description: AP Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 172.42.10.0 0.0.0.255
    • 172.42.100.0 0.0.0.255
    • 192.168.45.16 0.0.0.3
    • 192.168.45.20 0.0.0.3
    • 192.168.45.24 0.0.0.3
    • 192.168.254.24 0.0.0.3

Luke

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Fast Ethernet 0/3
  • IP: 192.168.254.6 /30
  • Type: Routed
  • Description: Link to Anakin
• Interface: Fast Ethernet 0/4
  • IP: 192.168.254.38 /30
  • Type: Routed
  • Description: Link to Amadala
• Interface: Fast Ethernet 0/23
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Fast Ethernet 0/24
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Trunk link to ?
• Interface: Port-channel
  • IP: None
  • Type: Switched
  • Description: Trunk link to ?
• Interface: Loopback 0
  • IP: 192.168.45.37 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 172.42.20.0 0.0.0.255
    • 192.168.45.8 0.0.0.3
    • 192.168.200.0 0.0.0.255
    • 192.168.254.4 0.0.0.3
    • 192.168.254.36 0.0.0.3

Leia

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 2
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 2
• Interface: Fast Ethernet 0/3
  • IP: 192.168.45.10 /30
  • Type: Routed
  • Description: Link to Amadala
• Interface: Fast Ethernet 0/4
  • IP: 192.168.45.2 /30
  • Type: Routed
  • Description: Link to Anakin
• Interface: Fast Ethernet 0/23
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Fast Ethernet 0/24
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel 1
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Trunk link to Luke
• Interface: Port-channel 2
  • IP: None
  • Type: Switched
  • Description: Trunk link to R2D2
• Interface: Loopback 0
  • IP: 192.168.45.41 /30
  • Type: Routed
  • Description: Management interface

Routing

• Protocrol: EIGRP
  • AS: 1337
  • Networks
    • 172.42.20.0 0.0.0.255
    • 192.168.200.0 0.0.0.255
    • 192.168.254.0 0.0.0.3
    • 192.168.254.8 0.0.0.3

R2D2

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Gigabit Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Gigabit Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Trunk link to ?
• Interface: Port-channel 2
  • IP: None
  • Type: Etherchannel
  • Description: Trunk link to ?
• Interface: Vlan 85
  • IP: 192.168.45.45 /30
  • Type: Routed
  • Description: Management interface

C3PO

Interface

• Interface: Fast Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Fast Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Gigabit Ethernet 0/1
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Gigabit Ethernet 0/2
  • IP: None
  • Type: Etherchannel
  • Description: Part of Port-channel ?
• Interface: Port-channel 1
  • IP: None
  • Type: Switched
  • Description: Trunk link to ?
• Interface: Port-channel 2
  • IP: None
  • Type: Etherchannel
  • Description: Trunk link to ?
• Interface: Vlan 85
  • IP: 192.168.45.49 /30
  • Type: Routed
  • Description: Management interface

VLAN Topology

In order to allow our network to be scalable, we have allocated VLAN ranges to specific areas. Please note that even though we only use a range of 1000 VLANs.

Predefined VLAN assocations

While only a few of these VLANs are actually in use, the VLAN ranges will allow our network to scale almost indefinitely.

• 1: Not in use; clear from all trunks. This is a Cisco best practice implementation (not required).
• 2-99: Management VLAN on all switches.
• 100–399: Access layer devices.
• 400–599: Data center devices.
• 600–699: Internet and partner connections.
• 700–899: Reserved for future use.
• 900–999: Point-to-point links between switches (Layer 3).

VLANs currently in use

• VLAN 45: Management VLAN used on all switches in the network.
• VLAN 100: Skywalker Enterprises.
• VLAN 101: IP Phone.
• VLAN 102: Wireless clients.
• VLAN 400: Wireless.
• VLAN 401: Wide-Area Network.
• VLAN 402: ISDN/PSTN.

Configuration of VLAN Layer-2 Security

vlan access-map NAME 10
match ip address <telnet access list>
action drop
vlan access-map 20
match ip address <ssh access list>
action forward

switchport mode access (default)
N/A (default)
no cdp enable
udld port disable

interface vlan <management vlan>

switchport trunk allowed vlan remove 1

Configuration of Interface Security

switchport mode access (default)
N/A (default)
no cdp enable
udld port disable
spanning-tree portfast
spanning-tree portfast bpduguard default

spanning-tree guard root

vtp mode transparent

no mls qos trust {default}

shutdown

Network Topology

Campus Model