Computer Engineering Department
COE 444 - Internetwork Design and Management
Fall 2004 (Term 041)
Project Frequently Asked Questions (FAQs)
Q28: How many users in the following categories: Management VLAN, CCSE Faculty and Department Staff, Administration Network, Dialup, and Test (For testing).
Management VLAN: The management VLAN consists of approximately 25 machines running at various points in the network.
CCSE Faculty and Department Staff: We'd want IP addressing space to accommodate around 500 hosts.
Administration Network: Exactly what is meant by an Administration network? Obviously this is being considered separately from the management/monitoring network. However, if the focus is on a server network, there would have to IP addressing space to accommodate ~100 hosts. My second interpretation is maybe the students would be devising an additional network [for security reasons] for system administrators and technical staff. The management network would then only be used for monitoring network devices. In that case, a subnet accommodating ~50 hosts would work fine.
Dialup: The dialup network consists of around 30 modems comprising a model pool, and 4 supporting servers providing services such as user authentication, DHCP, logging etc. As such, IP addressing for this subnet need not exceed 30 hosts. [Servers + switches + growth factor]
Test (For testing): As was mentioned in the presentation, the testing network is open-ended. I would suggest around 30 hosts.
Q26: The new Lab 416 (in 172 network) has 1GBU link, why? Why it is not connected as in LABs (room) 335+336 in as shown in172 diagram?
A26: There are four switches in the room 22-412 [Building 22:Room 412]. The switches 3Com412-126/127 are stacked together and provide connectivity for lab 22-410. There is one switch which is not labelled completely - it was left out as '3Com412-'. Its complete name should be 3Com412-168.
The Gbps link between 3Com412-164 [serving the lab 22-416], and 3Com412-168 should be considered as a stacking link. Usually stacking, which is done to increase port density, is accomplished by connecting two switches using a 'Matrix Port' on the back of the switches. This matrix port provides a 1.5- 2Gbps link between the two switches [as in the case of 3Com412-126/127]. Newer switches are however doing away with 'matrix ports' and provide stacking using specially designated Gbps Copper ports [as in the case of 3Com412-164 and 3Com412-168].
In the attached zipped file (172.16.0.0Net.zip) is an updated version of the 172.16.0.0 Network reflecting the above changes. The Gbps link is changed to a stacking link and the switch has been properly labeled as 3Com412-168.
Q27: We need a diagram for faculty and admin. Networks!!! Or should we assume that their networks spread all over buildings 22 and 23.
A27: The servers diagram contains the details of the admin network. [22.214.171.124]. Regarding Faculty networks, the figure showing the CCSE BackBone gives an idea about faculty machines on the CCSE network. Regarding servers on this network, please refer to the Servers Diagram.
The RFP mentioned that building 23 consists of only 172.16.0.0 network. One of the design objectives is to extend connectivity for other networks into that area.
Q18: How many access points for each network on each floor?
A18: Regarding the APs on each floor, we would have to take into consideration how many are required to provide maximum coverage on the floors. As such, our studies have covered only building 22's complete Level 5 and parts of Level 4. Level 5 will require approximately 9 access points, and level 4 will require 5 access points. However, as I'd mentioned earlier, its best not to go into the details of the wireless network besides allocating it as a subnet within the overall CCSE network. Wireless network design would require various new parameters, most importantly - exact locations of the AP, power requirements, channel settings etc.
Q19: Can you clarify where exactly each server (DNA, Active Directory, Mail, Web, printers and so on ...) are?
A19: Information regarding servers on the CCSE network, and their layout was added to the project section of WebCT.
Q20: Can you specify what type of management tools that been used by CCSE?
A20: The management tools used by CCSE at the present and some that we intend to use are:
Q21: Can you specify what types of servers are used and can we change these servers?
A21: Information regarding servers on the CCSE network, and their layout was added to the project section of WebCT.
Q22: Does the current cabling system follow ANSI/EIA/TIA-568-A?
A22: Yes. Regarding cabling, we use Multimode Fiber optic [for gigabit connections], with Copper connections using Category 5e [for both gigabit and Fast Ethernet connections]. All switch closets are per ANSI/EIA standards.
Q23: We want to know whether we should provide connection for CCSE staff on the second floor of building 23.
A23: Building 23, second floor, presently only has connections belonging to the 172.16.0.0 Network. Using VLANs, you would have to extend connectivity to this area for all the various subnets you have designed.
Q24: It was stated in the class presentation that the application on the network segment can be seen from the list of servers. However, only a couple of these is clear while the other server names are regular names: e.g., what are: Ccse-EXCH "email exchange server", ccse-CONF, ccse-PDC
Where can I find the servers that run the following: Active directory, DNS, WINS, DHCP, Print sever,
, SMB NIS
Most of these servers are in the ITC building in the "Servers Farm"
A24: Information regarding servers on the CCSE network, and their layout was added to the project section of WebCT.
Q25: Another thing the number of UNIX machines is unknown...
A25: In addition to the servers that were mentioned in the server diagram, there are 35 UNIX/Solaris/Mac/Linux workstations available in the 22-413 lab and departmental areas. All of these are on the 126.96.36.199 network.
Q17: In a pervious answer you said the other servers belongs to Unix network except 3 servers belongs to RAS network. But in the excel sheet it is mentioned that the servers (Sunfire0, ... Sunfire9) are used for (Remote Access Workstation through VNC) dose not mean that these servers also belong to the RAS network?
A17: The Remote Access VNC machines - sunfire0, sunfire1, etc, are not related to the RAS connection. These machines run VNC [Virtual Network Client] servers which allow anyone using a windows or Linux machine [running a VNC client] to emulate a Solaris desktop on their own computer.
The RAS connection refers to the servers/switches related to the Dialup service provided by CCSE.
Q11: About the required applications, what other than the following applications we need to consider in our project? And base in what we have to assume the percentage of users for each application? 1/Internet 2/Intranet inside the Building 3/Intranet outside the Building 4/DB service 5/File sharing 6/Video Conferencing.
A11: Information regarding servers on the CCSE network, and their layout was added to the project section of WebCT.
Q12: How can we get the details for the servers and workstations?
A12: Information regarding servers on the CCSE network, and their layout was added to the project section of WebCT.
Q13: What is the subnet for remote access network? Because in the RFP it is written as 192.168.200.0/24, and in the class presentation it is written as 10.22.0.0/24
A13: The subnet for RAS is 10.222.0.0/24. Apologies for the mistake in the RFP.
Q14: How can we know which server belongs to which network in the case of the servers which are not demonstrated in the server chart. (i.e., what are the servers attached to laptop area network and wireless network). Every server should fit in a network.
A14: Every server listed in the Excel sheet is shown in the Servers chart. The only exception is the RAS servers [Topaz, Milk, and Coffee].
Q15: When we analyze the traffic how can we know what services the students are to access and what are not to access. The server charts do not give us a clear idea about the application and services the students access, especially there are some (main purpose) of some servers this is the first time I heard about.
A15: The servers should be further clarified as per their exact purpose, the community they serve [Students/Faculty/Both]. Already asked the network admins for this info.
Q16: It is really confusing. For example look at the mail servers. We have:
POP3 Server, Mailbox Server, CCSE Network Time server, Internal Webmail, mail server (Backup Mail Delivery Agent), Mailbox Backup Server, SMTP Server (Mail Transport Agent), IMAP Server. And it is not given which one in which network. We need a clear schema of the services that the student, faculty...etc to access to be able to analyze the traffic.
A16: Sorry, should've shown the 188.8.131.52 Network more clearly. The unmarked diagram area, [unshaded portion of the chart] is the 184.108.40.206 network.
Q1: Are there plans for Video Conferencing?
A1: No, presently there are no plans for introducing Video Conferencing in the immediate future, but the 1Gbps backbone and CCSE-ITC uplink, we could introduce and support this application at later stages.
Q2: What do you mean by wireless growth?
A2: Presently, there are only 5 wireless access points located in the 4 departmental areas and the conference room. The present subnet for this wireless network is 192.168.100.0/24, allowing only 253 hosts. Wireless Growth would mean provisioning for larger number of hosts to accommodate more number of faculty and student machines.
Q3: What do you mean by growth in general? Is it going to be adding new access points, or new floors, or building...?
A3: Growth in general, refers to more labs and more offices for faculty as the college grows [reflecting increasing enrollment of students in CCSE]. This again would mean more appropriate IP addressing instead of the 220.127.116.11 network, which accommodates 253 hosts. We don’t expect any new buildings, but as seen in the diagrams, the college network may expand on Floor 4 of Building 22.
Q4: IP address scheme only for CCSE Network or it will be similar to the one used within the KFUPM?
A4: The ITC uses the network 10.0.0.0 with varying subnet masks for the university. The CCSE has its own IP scheme as mentioned in the RFP. However, we’d like to use the private 172.16.0.0 network instead of the various 18.104.22.168, 22.214.171.124 etc. The 172 Network can be subneted for segmenting the network.
Q5: What are the workgroups & domains, and what is the difference between them?
Q6: What's the dedicated management and monitoring network?
A6: The Mngmnt and Monitoring network presently is accommodated on the 126.96.36.199/24 network. The applications running here are Data Collection stations, network management stations, and the sort. At the same time, this network is shared by the Windows group when they’re testing new applications and servers. We’d want a separate dedicated network meant for the management applications. The specifications here would be adequate bandwidth, and security.
Q7: What are the specs for the test segment or network?
A7: Examples of ongoing applications for the test segment [presently the 188.8.131.52 Network] are:
Ø Implementing and testing a RADIUS/TACACS+ authentication server for access control to switches and servers.
Ø Experimenting with DHCP/DNS server settings
Ø Experimenting with Security products such as SNORT Intrusion Detection System
Hence, the test segment should be fairly isolated from the rest of the CCSE network
Q8: Will we use a separate subnet address for both monitoring and testing networks? Should the monitoring network be separated from the testing network as well?
A8: Yes, the monitoring network has to be separate from the testing network
Q9: What's the number of laptops accessing the network, and what's the type of access they have, is there a statistics for that?
A9: Laptop access is required for students who want to access the CCSE/KFUPM Networks using their own laptops. Access to the Internet is not allowed. Presently only 3 connections for laptops are provided in 22-333. Not many students use these connections as Internet access is disabled. However, for scalability this could be increased to about 5-7 connections.
Q10: We have a single layer-3 switch in one of the rooms in bldg 22 connecting to a server in ITC. Can we connect another layer-3 switch to the same server to provide backup?
A10: Regarding redundancy and fail-over issues, you can recommend better designs.