Group Members: -

1. Anil Rijal - 41799

2. Sanjay Tripathee - 44070

3. Janak Lamichhane- 44132

4. Prajwal Mainali- 43281

5. Suman Thapaliya – 43783

ITNE3006
DESIGN NETWORK INFRASTRUCTURE
Group Project
 THE NETWORK DESIGN
OF KATHMANDU
UNIVERSITY
[Document subtitle]
Abstract

The kathmandu university already has a network infrastructure for both administrative and
academic sector to support various activities. The infrastructure that was built already has
been covering all areas of the university which all the floors of the three buildings. With the
enhancement of technology university need to adjust with the new technology. This project
will guarantee the goals of network design and selection of network architecture.
Table of Contents
Introduction..........................................................................................................................................4
Organisational Structure.......................................................................................................................4
Problem.................................................................................................................................................5
Background Information.......................................................................................................................5
Network Requirement..........................................................................................................................5
Design model........................................................................................................................................7
Switching...............................................................................................................................................8
Security:................................................................................................................................................9
IP addressing.......................................................................................................................................11
QOS and VoIP:.....................................................................................................................................12
Email....................................................................................................................................................12
Wireless...............................................................................................................................................12
NETWORK MANAGEMENT:................................................................................................................12
FUTURE CONSIDERATIONS:................................................................................................................13
Summary.............................................................................................................................................13
References..........................................................................................................................................14
Introduction.

With the increasing demand in high performance network has demand the network
researchers to design architecture that is good enough to deliver a high quality of service.
This project includes the network design of one of the prestigious university of Nepal which
is Kathmandu University, it includes seven different departments. As per the demand of the
university client-server network is used which will meet the client’s expectation. One of the
main reason behind success of this university is that they want to produce high level of
manpower who can face different challenging situation. For that they have used different
method like multimedia teaching, different presentation, online library access system and
many more. For further improvement in quality of the Kathmandu University we will design
the network infrastructure which provides the effective ways for different level people to
use the resources. In this paper we report on a case study of Kathmandu University
considering to enhancement network design, implementation, and network performance
improvement.

Organisational Structure

As it is reputed university of Nepal which holds many students, staffs and other
personalities, the university has divided the university into seven different departments
which are: -
1. IT
2. Finance
3. Human Resources
4. Management
5. Faculty
6. Students
7. Research and Development
Problem

As per the discussion with the university clients we are able to figure out that the university
has seven departments which has 50-200 users in each but they lack the system to
communicate with each other via LAN. Moreover, they need to have access to wifi
connectivity so that they can use the different resources. So our team will work together to
create network design for this university which will meet their expectation.

Background Information

The Kathmandu University of three different buildings which are located nearby. Moreover,
each building consist of two to four floor. Furthermore, the university has an existing ADSK
internet connection which is shared between different departments of the university where
each department consist of 50-200 users in each. From the information we have we can
guess that there is no segmentation in the network or in another way there is flat network
structure.

Network Requirement

First goal of our network design is to provide high availability, redundant link and fast link
which can assure network security as the university contains highly sensitive data. For the
security purpose device will be enables with user identification through dynamic binding of
IP+ , MAC+ port triplet such as the authentication of the access user. Kathmandu university
network covers hierarchical layers. The component of the buildings is access layer,
distribution layer and core layer. The core devices consist of different numbers of routers
and switches which can provide high availability and performance in the Kathmandu
university.
Switches:
It is a networking device which transfers data only to the host where it is being addressed
which checks the destination address to route the packet appropriately.
There are various advantages of Switches. It increases available network along with network
performance bandwidth and reduce the workload on individuals’ computers. Moreover, it
connects directly to workstations. Furthermore, the disadvantages of the switches are, it is
more expensive compare to the network bridges. Furthermore, broadcast traffic may be
troublesome. If switches are in promiscuous mode, they are vulnerable to security attacks.
Proper design and configuration is needed in order to handle multicast packets

Routers: Computers can be connected to each other via a switch or a router. A router is a
hardware device which is designed to receive and analyse and move income packets to
another network which is further used to convert the packets to another network interface,
drop them and perform other actions relating to a network. A router has a more capabilities
than other network devices such as a hub or switch that are only able to do basic network
functions. There are various types of routers such as Wireless (Wi-Fi) routers, Core router,
edge router and virtual routers.

As we know there are three different buildings with several departments we will be having
different network for different network. Furthermore, we will be using Virtual local area
network which will be beneficial for our network design. VLAN
VLAN is a networking device. VLAN is an intelligent gathering of systems administration
gadgets. At the point when we make VLAN, we really break huge communicate area in littler
communicate spaces. Consider VLAN as a subnet. Same as two diverse subnets can't speak
with one another without switch, distinctive VLANs additionally expects switch to convey.
Some advantages of VLAN are:

 Tackle communicate issue.

 Lessen the size of communicate areas.
 Permit us to include extra layer of security.
 Make gadget the executives simpler.
 Permit us to actualize the legitimate gathering of gadgets by work rather than area.

Moreover, all the device in the university will be joined by domain so that students and staff
will login and access all the device using their username and password. All the user will be
managed using different group policies. Finally, VPN server will be implemented to secure all
the important communication.

Finally, we will be using EIGRP as our communication protocol between different buildings
of our university. EIGRP can work very efficiently in large networks. EIGRP has been efficient
because it sends non-periodic updates. That means EIGRP generates information only to
those routes that have changed and only if change to report. So in an overall it uses only
little amount of bandwidth which will be beneficial for network like we are going to
implement.

Design model

Our network follows hierarchal model which have core layer, access layer and distribution
layer. Here we have three different building for the university with the 7 different
departments. First building has finance and HR departments on first and second floor which
have connection with VLAN using EIGRP. Second building has management and IT
department on the third floor which have connection from layer three switch of core layer.
Third building has three departments namely faculty, student and R and D on the fourth
floor of the building which has connection through VLAN using EIGRP. Firewall is used while
connecting between edge router and layer three switch for the security purpose. University
itself has ADSL internet connection which is being shared with different departments. We
have made the intercommunication via LAN for each department. Network of each
department have 50-200 users. We have used the network of CIDR value 24 so that
maximum number of users can use it easily. They can easily connect to each other via
wireless medium too. We have use layer three switch in each department so that it helps in
the routing of different VLANs, reduce traffic volumes of broadcasts. VLANs of CIDR value
/24 is used here. We have used EIGRP routing protocol so that routers can exchange
information and make router decision. Finally, we have 5 access points in each building
which will cover all the staff including students.

Switching

The switches within the university are all three of the hierarchical layers. Layer2/3 switches
have been used in our design.
For the high speed of connection core layer play a vital role. As we saw layer 2 switches can
be used at the access layer and layer 3 switches at the distribution and core layer. There are
24 ports in each switch and minimum 8 switch been used in each department. Switch is
known as networking device which share only data to the host and check the destination
address to the route in which it is been addressed the packet.
There are different advantages of switches which are shown below:
1. Switches uses larger network are having VLAN function and provide more bandwidth
and are having up to 48 ports.
Some disadvantages are:
1. To compare to the network bridges, it is more expensive, there can be the security
attack e.g. Spoofing IP address. Broadcast traffic may be troublesome.

Router
Bagus mulayan 2018[1] says that router is a networking/hardware device in which
computer is connected and it is design to receive and analyses and move income packets to
another network which is further used to convert the packets to another network interface,
drop them and perform other actions relating to a network. It can choose best path across
an internetwork using dynamic routing techniques, can reduce traffic by creating collision
domain and broadcast domain.
Some of the disadvantages of router is:
Routers works only with routable network protocols, not all protocols are routable. It is
more expensive than bridges or repeaters. Likewise, dynamic routers communication causes
additional network traffic. It is slower than bridges or repeaters because they must analyze a
data transmission from the physical to the network layer. Furthermore, repeaters and
bridges only need to read two layers of information which is data link and Physical.

Security:

In advance technology generation our network might suffer from different types of attack
and theft due to which security has become important part for the network. So, in this
university network we have applied some security factors to protect our system.

Demilitarized zone (DMZ):

The purpose of DMZ is to add extra layer of security to protect our university network which
helps to expose untrusted network and also helps to reduce and control to access the
system. Benefits of DMZ are given below,
1. Access control for university network
2. Prevent attackers from performing network reconnaissance.
3. Protect against IP spoofing

Firewall:
Firewall is a network security which is used to monitor and controls incoming and outgoing
network traffic. Firewall develops barrier between trusted internal network and untrusted
external network which prevents from external users gaining access to network. Firewall is
connected to LAN in this network. The main drawbacks of Firewall is that it cannot protect
our network from internal threats.
We also can use various security measures in this network which are backup and recovery
mode, password encryption, antivirus and so on. In this network design we also have
configured Access control list to protect our system from attackers which is described
below:

The feature of IOS that is used to filter the network traffic is ACL. There are two types of
ACLs named as Standard ACLs and Extended ACLs. Standard ACLs are used for normal
filtering where the packets are filtered based on its source address. Extended ACLs filters
the packet based on its source address, destination address, port number, protocol and so
on.

ACLs create various conditions for various network. It can allow permit or deny permit for
the network to get accessed. In our project R&D department is restricted to access network
whereas other departments can access the network.
IP addressing

DEPARTMENTS VLAN NETWORK ADDRESS CIDR

IT 10 192.168.1.0-192.168.1.255 /24
Management 20 192.168.2.0-192.168.2.255 /24
Finance 30 192.168.3.0-192.168.3.255 /24
Human
40 192.168.4.0-192.168.4.255 /24
Resource
Faculty 50 192.168.5.0-192.168.5.255 /24
Student 60 192.168.6.0-192.168.6.255 /24
R&D 70 192.168.7.0-192.168.7.255 /24
VoIP 80 192.168.8.0-192.168.8.255 /24
QOS and VoIP:
QOS is one of the important factors in VoIP application. VIT 2020 [2] QOS enables routers to
prevent unwanted noises and increase the quality of VoIP connections. QOS helps to reach
the packet to the destination and delays the packet based on priority provided. So we have
configured QOS on our network to improve the voice quality.

Email

Incoming email will go through DMZ so that relay server will check all the viruses that are
coming in, VIT 2020 [2]. In addition, head office users will get their email from corporate e-
mail server. While, branch office email will get their email through a secured network
medium which will keep us safe from cyber-attack.

Wireless
Wireless access is provided through all the buildings which includes 5 in each building that
will cover the maximum user we are expecting to join.

NETWORK MANAGEMENT:

The process of managing, controlling and operating computer networks while providing the services
like- maintaining quality of service, performance management, fault analysis and provisioning of
networks is known as network management. It is all about reliability, compliance, security, and
smooth business operation which help the user to complete their task more efficiently. It is
important to be update about the hardware as well as software for errors, failures, viruses, and
online threats as per maintenance functions. Furthermore, it helps in decreasing the possibility of
downtime by detecting, isolating and fixing any failure that occur in addition with setting up and
keeping tract of connections in a network which includes tracking and managing the equipment in
the network such as- information about programs, versions and updates installed in network
computers. However, network management covers the whole network process and operates with
any trouble in the work, it is really important to conduct performance monitoring to know how the
key components of the network have been working. In this project, we have used a firewall to
ensure safety, prevent from outsider attacker as it blocks the access to unauthorized user and for
inside attacker we have configured ACL and had install antivirus to protect our network from
malware and virus. We also can prioritize the traffic for efficiency of network.
FUTURE CONSIDERATIONS:

The implementation of this project helps to enhance the standard of services not just only
to the students but also to the staffs. It can establish a connection to the different buildings
within the university. In this modern world are more connected to the technologies created
than ever before and seeks for the access to the university email and data while they are
out of the office, Peter (2018) [3]. It’s a big challenge to balance the people’s needs while
maintaining security which has to be discussed within the design phase which includes
where data is stored, who are able to access it and so on. So, Firewall and access server has
to be secured without affecting any other operations. Furthermore, we have installed same
kind of computers and the software which helps to ensure that the network runs smoothly
while reducing the costs associated with maintenance, update and repairs. Even though it’s
a small network or a big network, important data should be backed up daily or a full weekly
while having a backup device in place in case of any kind of critical situation. Some of the
major points which needs to be kept in attention are as follows:
a. Connectivity and Security
b. Standardization of Hardware and Software
c. Redundancy and Backing Up
d. Disaster Recovery Plan

Summary

We have designed a network architecture for Kathmandu university which has three buildings. We
have followed the hierarchical method as it will be easy for us to handle the traffic that are coming
and going. Moreover, we have provided firewall to secure our network in which different
infrastructure are installed to meet the client expectation.
References
[1] B. Mulyawan, “Campus Network Design And Implementation Using Top Down
Approach: A Case Study Tarumanagara University.”
[2] “(No Title).” https://e-
learning.vit.edu.au/pluginfile.php/337352/mod_resource/content/1/Lesson_09
Lecture.pdf (accessed May 30, 2020).
[3] “Three Ways to Manage Your Campus Network Efficiently -- Spaces4Learning.”
https://spaces4learning.com/articles/2018/02/01/managing-campus-networks.aspx?
m=1&fbclid=IwAR1jMWhxFHMhXuH4hJf5oLo8IF41RQgl6J_cjxyzOCbSJilypcEuDxi0s_0
(accessed May 30, 2020).