CHAPTER 1

INTRODUCTION

An organization that invested on a proper network infrastructure design invested on a magic

bullet that actually works. Having a proper network infrastructure design, an organization’s

management will not only enjoy being on top of its activities but also enjoy the advantages of

having a scalable, secure, and resilient network that the organization invested on in the first place.

What better organization will benefit from a proper network infrastructure than an

expanding school? The city of Bacoor is a hotspot for learning centers and or institutions which

mostly cater to children of age 5 to 11. According to DepEd Region IV-A CALABARZON and

excluding private schools, the city of Bacoor has 27 public-elementary schools.

God only knows the number of students eager to learn in their respective schools every

weekday in the city of Bacoor. Tens of thousands? More? How is network infrastructure design

relevant to this? There are three things which are certain: (1) teachers and information technology

staffs are very few and are in demand (2), there are sparse number of information technology assets

which are available for both the faculty and the students, and (3) these schools could use proper

planning in the context of network infrastructure which can be a challenge since most small to

medium-scale businesses in the Philippines are unfortunately late-adopters of this technology most

especially those that are established in non-greater-Manila cities. It is always a question of

efficiency in the face of challenged quantity. The less you have, more management is required.

Auspiciously, private learning institutions in the city of Bacoor, like Ruther E. Esconde

School of Multiple Intelligences, Incorporated - Dulong Bayan, invested in a working network

1
infrastructure which not only supports its various administrative and academic activities but also

ensures that their staffs and students enjoy being on top of everything they are good at.

REESMII – Dulong Bayan is part of an expanding organization. As such, its existing

network infrastructure, which currently supports various activities within its premises, can be

enhanced to accommodate their growing need for a scalable, secure, and resilient network.

1.1 Context

According to Bagus Mulyawan, a professor of information technology in Tarumanagara

university in Jakarta, Indonesia: There are many types of campus network designs that provide

high-availability, flexibility, scalability and manageability. “The design of each option depends on

(the) functionality available in the network nodes and also it can be varied by the network designer

or architect to achieve the optimal performance in a given network, or sometimes to reduce design

costs.”

This thesis provides a framework to develop a feasible design to improve Ruther E. Esconde

School of Multiple Intelligences, Incorporated - Dulong Bayan’s existing network infrastructure

in a way such that it can adhere to the school’s growing need for a scalable, secure, and resilient

network.

2
1.2 Background

Figure 1.2.1: REESMII – Dulong Bayan

Ruther E. Esconde School of Multiple Intelligences, Incorporated - Dulong Bayan is part of

a growing corporation of five schools: REESMI – Dulong Bayan, REESMI – Alima, REESMI –

Poblacion, REESMI – Cavite City, and REESMI – Pag-asa respectively.

REESMI – Dulong Bayan is a building complex. It currently has a network infrastructure

that functions for its administrative activities. Although it is only limited to the accounting and

administrator’s office, which also includes the director’s office and the cahier’s office, REESMII

- Dulong Bayan also has several more information technology assets located in different areas of

the school that are not connected in any network. Thus, REESMI – Dulong Bayan could use a

network infrastructure optimization to connect the rest of its assets into the network.

3
 Figure 1.2.2: Mr. Michael Alcoriza (in red) and the Proponents

In his interview, Mr. Michael Alcoriza, the information technology administrator of the

school, expressed his interest to improve their current network structure to supplement the learning

experience of their students and the overall productivity of their staffs.

According to him, this will be better realized if: (1) the computers in the computer room will

be connected to the internet, (2) if the school will have a secure wifi internet connection for its

guests, staffs, and students, and (3) if this wifi connection will not adversely affect their network

infrastructure.

Figure 1.2.3: REESMII – Dulong Bayan’s Current Network Infrastructure

4
1.3 Network Infrastructure Design Criteria

The proponents must make a scalable, secure, and resilient network infrastructure design for

Ruther E. Esconde School of Multiple Intelligences, Incorporated - Dulong Bayan.

1.3.1 Scalable Network Design

A growing organization like REESMI – Dulong Bayan will indubitably need to expand its

information technology network. Its challenge is whether it will have to start from scratch in order

to add new information technology assets as the network grows. Another challenge is whether the

new assets added will negatively affect other users and or the network per se. The proponents

designed a network topology which will enable the school to expand its network infrastructure

without the need to re-design it and without having to fear consequences (e.g. slowing the entire

network) when the management decides to add more assets. According to Cormac Long of

TechTarget: “A scalable network is capable of adequately supporting growth without having to be

radically re-designed.” Employing dynamic host configuration protocol (DHCP) will ensure

scalability for the new network infrastructure design.

5
 Figure 1.3.2: An Illustration of a Scalable Network

1.4 Secure Network Design

According to Matthew Pascucci of TechTarget: “The segmentation of systems based upon

their function and the sensitivity of the data they store, process and transmit is an important step.”

A secure network is like an onion – it must have layers. Each one of the layers must have protocols

to limit and monitor the data it transmits and receives. Imagine a guest computer connected to a

switch which is connected to the internal server of an organization. That’s a no-no. Employing

VLAN segmentation, ACL protocol, NAT, and switchport security protocol will ensure security

for the new network infrastructure design.

1.5 Resilient Network Design, Backup, and Quality of Service (QoS)

According to Cormac Long of TechTarget: “A highly specified network might have to meet

an availability target of 99% for all applications with a 'zero-downtime' requirement for mission

6
critical applications.” Network resiliency is the ability of a network to adapt to changes during and

after an error was corrected - a failover.

1.5.1 Backup

A resilient network thrives in the face of unforeseen challenges like abundant-human errors

in IP-addressing and the dreaded active link failures. Putting these in consideration, a resilient

network must have backups. To make sure this happens, the proponents implemented the following

protocols: (1) network path redundancy, (2) HSRP, and (3) STP.

1.5.2 Quality of Service (QoS)

The quality of service (QoS) of a network is greatly dependent on its holistic resilience.

However, the proponents posit that it is in itself a criterion but not entirely removed from resilience

because QoS is a benchmark status achieved by a system as it delivers presumably uninterrupted

services. To improve the services in the network - in the context of productivity - the proponents

implemented link aggregation.

1.6 Goal

The proponents’ goal is both simple and feasible. To design an implementable network

infrastructure for Ruther E. Esconde School of Multiple Intelligences, Incorporated - Dulong

Bayan before the 1st semester of the school year 2018-2019 concludes and before the appointed

thesis defense date to adhere with the specifications required to unconditionally pass the partial

fulfilment of the requirements for the degree of Bachelor of Science in Information Technology.

1.7 General Objective

To design a scalable, secure, and resilient network infrastructure for Ruther E. Esconde

School of Multiple Intelligences, Incorporated - Dulong Bayan.

7
1.8 Specific Objectives

The proponents’ specific objectives are as follows:

1.8.1 Making a Scalable Network

To make a scalable network infrastructure for REESMII – Dulong Bayan, the proponents

must employ dynamic host configuration protocol (DHCP) to the new network infrastructure

design of REESMII – Dulong Bayan.

1.8.2 Making a Secure Network

To make a secure network infrastructure for REESMII – Dulong Bayan, the proponents must do

the following:

 Apply virtual local area network (VLAN) segmentation to the new network

infrastructure design of REESMII – Dulong Bayan.

 Apply access control list (ACL) protocol to the new network infrastructure

design of REESMII – Dulong Bayan.

 Apply switchport security protocol to the new network infrastructure design of

REESMII – Dulong Bayan.

 Apply network address translation (NAT) to the new network infrastructure

design of REESMII – Dulong Bayan.

1.8.3 Making a Resilient Network

To make a resilient network infrastructure for REESMII – Dulong Bayan, the

proponents must do the following:

 Apply network path redundancy to the new network infrastructure design of

REESMII – Dulong Bayan.

8
  Apply hot standby routing protocol (HSRP) to the new network infrastructure

design of REESMII – Dulong Bayan.

 Apply spanning tree protocol (STP) to the new network infrastructure design of

REESMII – Dulong Bayan.

 Apply link aggregation to the new network infrastructure design of REESMII –

Dulong Bayan.

1.9 Deliverables

The following deliverables are to be honored to select individuals:

 Certificate of appreciation. Softcopy and framed.

 Network simulation of the new network infrastructure design of REESMII – Dulong

Bayan. A .pkt file. Softcopy.

 Network infrastructure design implementation manual. Softcopy and hardbound.

1.9.1 The School Director

Mr. RutherE. Esconde will receive the following deliverables:

 Certificate of appreciation. Softcopy and framed.

 Network infrastructure design implementation manual. Softcopy and hardbound.

1.9.2 The School Head

Ms. Edith A. Fauni will receive the following deliverables:

 Certificate of appreciation. Softcopy and framed.

1.9.3 The Information Technology Administrator

Mr. Michael Alcoriza will receive the following deliverables:

9
  Certificate of appreciation. Softcopy and framed.

 Network simulation of the new network infrastructure design of REESMII – Dulong

Bayan. A .pkt file. Softcopy.

 Network infrastructure design implementation manual. Softcopy and hardbound.

1.9.4 The Future Researchers

The future researchers may contact the proponents. Depending on their needs, the

proponents may entertain interviews and may elect to provide a softcopy of the thesis – some parts

of which may be omitted by the proponents without notice.

1.10 Scope and Limitations

1.10.1 Scope

This thesis provides a framework to develop a feasible design to improve Ruther E. Esconde

School of Multiple Intelligences, Incorporated - Dulong Bayan’s existing network infrastructure

in a way such that it can adhere to the school’s growing need for a scalable, secure, and resilient

network during the 1st semester of the school year 2018-2019 of De La Salle University –

Dasmariñas.

1.10.2 Limitations

The proponents will only employ the following to the new network infrastructure of

REESMII – Dulong Bayan: (1) Dynamic host configuration protocol (DHCP) for dynamic IPv4

addressing and to foster a scalable network. (2) Virtual local area network (VLAN) segmentation,

switchport security protocol, access list control (ACL), and network address translation (NAT) for

security. (3) Network path redundancy, hot standby routing protocol (HSRP), spanning tree

protocol (STP), and link aggregation for resiliency.

10
 The proponents will only use Cisco packet tracer version 7.1.1 to create and design a reliable

network.

This study will only present a working simulation of an actual design of the network

infrastructure of Ruther E. Esconde School of Multiple Intelligences, Incorporated - Dulong

Bayan.

11
 CHAPTER II

REVIEW OF RELATED LITERATURE

Finding a related literature which reinforces the vision of any dissertation is a gem on its

own. Review of local and foreign applications and studies with objectives that are similar to the

proponents’ thesis are discussed in this chapter.

2.1 Foreign Literature

2.1.1 The influence of topology and information diffusion on networked game dynamics.

(D. Kasthurirathna, 2016)

This thesis studies the influence of topology and information diffusion on the strategic

interactions of agents in a population. It shows that there exists a reciprocal relationship between

the topology, information diffusion and the strategic interactions of a population of players. The

structure of a population of players is abstracted by the topology and the information flow of the

networks of players while the dynamics are denoted by the strategic interactions of the players in

the population. While topology represents a static structure, the information flows are used to

model a more dynamic and volatile structure of the population. In order to evaluate the influence

of topology and information flow on networked game dynamics, strategic games are simulated on

populations of players where the players are distributed in a non-homogeneous spatial

arrangement. Game theory, network science and information theory are the three pillars of science

used to build the underlying theoretical basis in this research.

12
 Since the proposal focuses on creating a topology, information flow is also an idea

associated in creating a network. The said thesis aims to see the relation of topology on a networked

game dynamic which can also be used to relate on the proponent’s objective.

2.1.2 The Influence of Network Topology on the Operational Performance of the Low Voltage
Grid.

(I. Okeke, 2014)

The present Low Voltage (LV) grid, which until recently was mainly composed of passive

electrical components (consumers), is being gradually overrun by active electrical components

(prosumers), who not only consume but also generate and share power locally. This development

is introducing changes in the operational dynamics of the LV grid that could result in voltage

stability problems and the violation of infrastructural constraints if not well managed. A re-design

of the present LV grid is, therefore, imperative to enable it to meet these new requirements. This

thesis was aimed at studying the influence of topological metrics on the operational performance

of the LV grid in view of current developments in energy consumer behavior with a view to

proposing the topological changes and/or modifications in network architecture that would yield

optimal outcomes. The proponents modelled the present LV grid as a radial network and compared

it to three other network models -random, small-world and scale-free networks- under different

loading scenarios. The proponents proposed novel structural and operational metrics that are

suitable for the LV grid, and analyzed the networks in terms of these metrics. The proponents also

compared their robustness under different attack scenarios and demonstrated the correlation

between the structural and the operational metrics, thus, identifying important structural metrics

that need to be optimized to improve the future LV grid performance. Finally, the proponents then

investigated the possible modifications of the radial network model of the present LV grid that

13
would yield similar results. The results highlighted the structural weaknesses of the present LV

grid under futuristic and simultaneous loading conditions and presented the scale-free model as

the most suitable architecture for the future LV grid as it out-performed all the other network

models under similar loading conditions. They also showed that the insertion of additional links at

critical positions in the radial network achieved similar results. We therefore proposed this

structural modification as a more cost-effective approach to improved operational performance of

the LV grid.

The Influence of Network Topology on the Operational Performance of the Low Voltage

Grid states that, LV grid is gradually losing its efficiency and is overrun by active electrical

components. They think of a way on how they would relate network topology while using LV grid,

which can help prove its worth and avoid losing its uses. If we align our thesis to the LV grid, it

would help us design a network topology that can potentially improve the school’s worth.

2.1.3 Faculty of Science Computer and Mathematics: Champs SDN BHD Network Design

(A. Lemuel, 2015)

Currently Champs SdnBhd has opened another branch in Johor Bharu, which currently

houses 50 employees, including executives and managers including the others end devices such as

faxes, printers, phones, and so on. However, their existing networks are frequently receiving issues

such as breach of data, tapping and recently the system has been hacked and caused one of the

servers to shut down. Network to access the server are also often affected by many users who

want to access at one time, this problem often occurs during peak time, causing a most of business

stalled or delayed. Furthermore, Johor Bharu prone to flooding, so position them as server

hardware and system console itself is in a vulnerable area.

14
 Due to all the problems, we were hired by Champ to redesign a new network for them. We

are given RM 650 000 as the cost budget. The aim for new network besides to solve all the problem

above is the new network must capable to provide an internet and internet access for top and middle

level manager while the staff only have access to intranet only.

This paper taught the proponents that designing a network is serious business. Mishaps, no

matter how small, can be critical and therefore must not be allowed in the development.

2.1.4 Network Design for Airport

(S. Kothapali, 2014)

The airport authority maintains a server which handles the flight management controls. The

flight service providers should have access only to the specific server in the airport authority

network and not to any other systems. The guest users should have wireless access to a high speed

internet connection, which should be shared among all the users in all the departments.

The wireless access should be using a common password. The guest users should not have

access to the other two departments. The users should obtain IP addresses automatically. The

airport authority has 20 users, the flight service providers have 40 users and the maximum numbers

of guests are estimated to be 100.

This paper taught the proponents that designing a network is serious business. Security must

not be left unchecked or else it’s as good as there’s nothing there.

15
2.2 Local Literature

2.2.1 A Survey of Computer Network Topology and Analysis Examples

(B. Meador, 2014)

This paper presents an introduction to Computer Network Topology. Definitions of Physical

and Logical Topologies are provided. Additionally, common Computer Network realizations of

Physical Topologies are reviewed. This is followed by a discussion of Graph Theory and its

relation to topological analysis. A discussion of analysis examples follows with an emphasis on

message routing issues, network sizing, and virus analysis. These examples are discussed to

underscore the importance of topological design when constructing a new computer network or

adding to an existing one.

The examples are discussed to underscore the importance of topological design when

constructing a new computer network or adding to an existing one such as the projects the

proponents are working on specially in emphasizing the “routing issues” the proponents

encountered while building the system.

2.2.2 Internet Security Awareness of Filipinos: A Survey Paper

(C.Omorog, 2018)

This paper examines the Internet security perception of Filipinos to establish a need and

sense of urgency on the part of the government to create a culture of cybersecurity for every

Filipino. Method – A quantitative survey was conducted through traditional, online and phone

interviews among 252 respondents using a two-page questionnaire that covers basic

demographic information and two key elements - (1) Internet usage and (2) security practices.

Results – Based on findings, there is a sharp increase of Internet users for the last three years

16
 (50%) and most access the Internet through mobile (94.4%). Although at home is the most

frequent location for Internet access (94.4%), a good percentage still use free WiFi access

points available in malls (22.2%), restaurants (11.1%), and other public areas (38.9%) doing

Internet services (email and downloading) that are vulnerable to cyber attacks. The study 15

also revealed that although respondents may have good knowledge of Internet security

software, proper implementation is very limited. Conclusion – Filipinos are susceptible to

cyber attacks, particularly to phishing and malware attacks. Also, majority of the respondents’

Internet security perception is derivative- they practice online measure but with limited

understanding of the purpose. Therefore proper education, through training and awareness, is

an effective approach to remedy the situation. Recommendations – The Philippine government

must now take actions and tap industries to educate Filipinos about Internet security before

any negative consequences happen in the future. Research Implications – The information

collected sets a clear picture on the importance of cybersecurity awareness from a regional to

a global perspective.

After reading this paper, the proponents realized that implementing effective firewalls is

paramount to the design. The proponents believe that employees need to be educated about

network security in order to prevent attacks on their network and lower the risk of data breach

within the said network.

2.2.3 Wide Area Network Design for Bureau of Fire Protection

(M. Lunar, P. Dacayo, G. Idmilao, 2015)

This project is focused on the design and implementation of an enterprise wide network that

covers all 18 national and regional offices of the Bureau of Fire Protection. This network shall

utilize a combination of virtual private network (VPN) and leashed line connection and frame relay

17
technologies for a cost efficient and secured data transmission inter-office. Upon the

implementation of this project, it is anticipated that the resources, information and application

sharing within BFP will improve. Specifically, the creation of this enterprise wide network is

projected to have the following benefits on BFP and its quality of service to the public. Enterprise

Wide Network (EWN) will extend the communication process of BFP. EWN will facilitate peer

contact thereby promoting a well-informed decision-making activities. EWN will support the

integration of BFP as one single government agency.

This project does not include the design and implementation of local area network (LAN)

within its respectively regional and national office.

2.2.4 Network Infrastructure Design for Litware Limited

(J. Dela Rosa, 2017)

This study was conducted to determine the costs and benefits in investing in a network

infrastructure of Litware Limited. The company is a startup business process outsourcing company

that performs basic office tasks. This network design only complies at the need of the company

that is to share resources through a local network. Any transactions that are not part of the local

network will not be part of the study.

This paper helped the proponents realize that there are no other companies who need

network topologies more than startup companies.

18
2.3 Foreign Studies

2.3.1 A Study and Analysis on Computer Network Topology for Data Communication

(S.Santra, P.Acharya, 2013)

In recent days for computing, distributed computer systems have become very important

and popular issue. It delivers high end performance at a low cost. Autonomous computers are

connected by means of a communication network in a distributed computing environment which

is arranged in a geometrical shape called network topology. In the present paper a detailed study

and analysis on network topologies is presented. Definitions of Physical and Logical Topologies

are also provided.

Data communication is needed in a company enterprise, instead of having an employee to

go to each department, it would be more time-efficient if there would be a computer network for

data communication. Traditional door-to-door data delivering is not helpful in a company filled

with a thousand employees.

This paper has become one of the frameworks of the proponents’ work. Most of the

principles applied here were also applied in the development of the project.

2.3.2 Analyzing Network Monitoring Systems and Objects for A Telecommunications Company

(A. David, 2017)

The goal with this thesis work has been to identify what a telecommunications company

should monitor and to find a network monitoring system that can monitor these identified objects

on two different platforms: Windows and Linux. The network monitoring system has been

implemented in a telecommunications company’s environment and this thesis presents how the

19
system monitors their environment. The subject for this thesis work is within network monitoring.

The problem formulation has been answered by conducting a literature study and by testing

network monitoring systems’ features in a lab environment. The sources used in the literature study

consists of scientific articles and other articles found on the web. The lab environment consisted

of virtual machines that runs Linux or Windows as an operating system.

The purpose of the work was to enlighten Cellip in what objects they should monitor and to

help the company to monitor them by implementing a network monitoring system. Cellip is a

telecommunications company that provides IP-telephony services through Session Initiation

Protocol. The limits of this thesis work are based on what their environment supports in terms of

monitoring. Cellip’s environment consists of Linux and Windows servers, Cisco switches and

firewalls, and Sonus Session Border Controllers.

This paper made the proponents realize that the project they are working is relevant and

therefore important not only in the IT industry, but also in vital industries such as healthcare etc.

2.3.3 Analytical Study of Different Network Topologies

(Nivedita Bisht, Sapna Singh, 2015)

A network is the interconnection of two or more devices. The study of arrangement or

mapping of elements (links, nodes) of a network is known as network topology. For

communication distribution of computers has become very important issue which deliver end to

end performance at a low cost, hence distribution system performance is influenced by the

technology adopted by network interconnection, so distribution of computers is done according to

communication network arranged in a geometrical manner known as network topology.

20
 This paper provides an analytical study of different types of basic network topologies on the

basis of their advantages, disadvantages and different factors which differentiate them. This helped

the proponents to differentiate what’s really important from what they can omit from the project.

2.3.4 Computer Network Design for Universities in Developing Countries

(R. Al Sarhan, 2016)

Technology has reached its highest peak of development, especially in making life easier

for people. Well implemented technology is faster than human in processing calculation and is

more accurate. Technology has become an important concept in our life. It assists in connecting

communities together. Obviously, people have started to use technology in every field of life

including education, health, the military, etc. The computer network represents a component,

especially on how it enhances the functional performance in different fields and organizations,

such as companies and schools. A school’s computer network performs so many functions, such

as connecting students with the university, faculty, and the library. Most universities today use the

network to provide online education by connecting widely dispersed students with their professors

directly. For this reason, computer networks play a vital role in the education area by providing

efficient communications for the university environment.

The article aims to design a network with high-quality security and low cost. The said

article helped the proponents to design a network that employs low-cost solutions without

compromises in security or quality.

21
2.4 Local Studies

2.4.1 A Network Topology Design for Ron.net Internet Café

(J. Pascual, 2015)

Mr. Fracisco, the owner of the café, started his business in 2005 in a rented space in Villalon

Mayantoc, Tarlac. He started with 10 brand-new computers designed for office and non-hardcore

games. At first, the shop’s growth was sparse, but as time went by, students from nearby schools

began to flock the café. After few months, Mr. Francisco realized that people flocked the shop

mostly for games. So, in the succeeding years he invested in more gaming-cable machines.

Investing more in gaming, the shop yielded bigger profit! But along with this, a couple of

moderate to major issues as well: computer lagging, viruses, file-sharing complications, and a lot

of new network-related challenges.

This study helped the proponents familiarize with typical network issues like layer 2 loops.

The proponents figured that since they will be working on a network topology design, they might

as well consider taking hints from an established computer shop with a working network topology.

2.4.2 The Influence of the Network Topology on the Agility of a Supply Chain

(J.Hernandez, C.Pedroza, 2014)

The right performance of a supply chain depends on the pattern of relationships among

firms. Although there is not a general consensus among researchers yet, many studies point that

scale-free topologies, where few highly related firms are combined with many low-related firms,

assure the highest efficiency of a supply chain. This paper studies the network topology that leads

to the highest agility of the supply chain when sudden demand changes occur. To do this, an agent-

based model of a supply chain with restricted relationship between agents is built. The model

22
includes three tiers, where the flow of material is distributed from the bottom supplier to the final

customer passing necessarily through firms in every tier. Agility is measured in the model

simulations through the order fulfillment rate. Unlike to previous theoretical and lab results, the

simulation of the model shows that the highest levels of agility are not obtained with a scale-free

topology. Instead, homogeneous distribution of links, such as those induced by regular or Poisson

probability laws, shows higher agility values than heterogeneous distributions. Other previous

recommendations, such as redundancy or having multiple suppliers, are confirmed by the

simulations. The general conclusion is that the most suitable network topology in terms of agility

depends on the specific conditions of the supply chain and the aspects of the performance to be

analyzed.

2.4.3 Design and implementation of a low-cost and reliable wireless mesh network for first-
response communications

(A. Dela Cruz, M. Parabuac, N. Tiglao, 2017)

The Philippines' location makes it prone to disasters, especially typhoons. Despite

preparations made, thousands of lives are still lost. In situations like these, fast and uninterrupted

communication is a must. Proper first response communication is vital in saving more lives. Yet

the first response communications in place today are still dependent on telecommunication

infrastructures, which are prone to problems like snapped wires and overloaded networks.

Telecommunication infrastructures were originally not designed to handle situations like these;

they cannot differentiate the priority of disaster-related messages and normal messages. In line

with this, we proposed a backup or alternative for first response communications: wireless mesh

networks. This method of communication is preferred for disaster scenarios because it is not totally

23
dependent on infrastructures has self-healing and self-configuring capabilities. The wireless mesh

network needs a mesh router or wireless access point, where the mesh clients (Android devices)

can connect and an interface/application where the client and router will interact. This project

established the wireless mesh network points using available hardware and develop an

accompanying application. Features such as message caching were added. The network has also

been tested for reliability, especially the MQTT messaging.

The article aims to design a network with low cost and reliable. The said article helped the

proponents to design a network that employs low-cost solutions and establish a tested reliable

network.

2.4.4 For the Local Area Network (I-AN) Cabling and Rehabilitation

(S. Bandolin, 2016)

This project intends to rehabilitate the Local Area Network (LAN) of the MTRCB office

to mend the existing cabling structure for better sharing and communication between the servers

and workstations. It aims to provide the bidder a better general understanding of the requirements

needed for the installation of a structured network cabling for MTRCB office. This also includes

requirements for the horizontal cabling, design, engineering, and installation practices needed to

satisfactorily complete the project.

The paper is all about the Local Area Network of the MTRCB office. The proponents used

this as a guide to the design the topology to meet the proponents’ objectives and to gain more

knowledge about structured network cabling.

24
 CHAPTER 3

METHODOLOGY

An impeccable way to get a big picture of the scheme of things is to know what to prioritize

first. The proponents decided to employ Agile method, particularly Kanban, to develop the new

network infrastructure design of Ruther E. Esconde School of Multiple Intelligences, Incorporated

- Dulong Bayan.

3.1 Agile Method

Figure 3.1.1: Illustration of Agile Method

The proponents chose agile method as the project’s development methodology because: (1)

the proponents need the customer, in this case the REESMII – Dulong Bayan’s IT administrator,

Mr. Michael Alcoriza, available throughout the project. (2) The design must be handed down to

25
REESMII – Dulong Bayan in the earliest time possible. (3) A three-man group is small. As such,

it is more feasible to employ agile method than the waterfall method.

The known stages of a typical agile method are: (1) requirements, (2) planning, (3)

designing, (4) development, (5) releasing, and (6) tracking and monitoring.

3.2 Requirements

Aside from the having to interview and to update REESMII – Dulong Bayan’s IT

administrator, Mr. Michael Alcoriza, from time to time, the proponents needed to know the

complete inventory of the information technology assets of the school, the exact locations of these

assets, and floorplans of the school to begin the planning stage.

3.2.1 The Information Technology Assets of the School

The following assets may or may not be connected to any network. According to Mr.

Michael Alcoriza, improving the current state of the computer room of the school, in the context

of network design, must be prioritized.

Floor No. 1
Room/Location Administrator’s Office
Assets Connected With With Internet?
Router Switch & Internet Yes & Wifi
Switch Router and PCs Yes
Accounting PC 1 Switch Yes
Accounting PC 2 Switch Yes
Cahier’s PC Switch Yes
Printer’s PC Switch Yes
Sir Ruther’s PC Switch Yes

Table 1: Administrator’s Office

26
Floor No. 1
Room/Location Lower-Elementary Department
Assets Connected With With Internet?
Teacher’s PC N/A N/A

Table 2: Lower-Elementary Department

Floor No. 2
Room/Location Upper-Elementary Department
Assets Connected With With Internet?
Teacher’s PC N/A N/A

Table 3: Upper-Elementary Department

Floor No. 1
Room/Location Computer Room
Assets111 Connected With With Internet?
Student’s PC 1 N/A N/A
Student’s PC 2 N/A N/A
Student’s PC 3 N/A N/A
Student’s PC 4 N/A N/A
Student’s PC 5 N/A N/A
Student’s PC 6 N/A N/A
Student’s PC 7 N/A N/A
Student’s PC 8 N/A N/A
Student’s PC 9 N/A N/A

Table 4: Computer Room

27
 Floor No. 1
Room/Location Preschool Department
Assets Connected With With Internet?
Teacher’s PC N/A N/A
PC 1 N/A N/A
PC 2 N/A N/A

Table 5: Pre School Department

3.2.2 Mapping REESMII – Dulong Bayan’s Floor Plans

The proponents requested copies of REESMII – Dulong Bayan’s floor plans to map the current

locations of the information technology assets that are required to develop the new network

infrastructure design for the school.

Figure 3.3.3: Lower REESMII - Dulong Bayan Building

28
 Figure 3.3.4: Upper REESMII - Dulong Bayan Building

3.3 Planning Phase

The planning stage involves determining the feasible ways to make the new network

infrastructure design of REESMII – Dulong Bayan achieve the proponents’ set criteria: (1)

scalability, (2) security, and (3) resiliency.

3.4 Designing Phase

The proponents used Cisco Packet tracer Version 7.1.1 to design the new network

infrastructure of REESMII – Dulong Bayan.

29
3.4.1 Cisco Packet Tracer Version 7.1.1

Figure 3.5.1.1: An Illustration of Network Path Redundancy

This cross-platform visual simulation tool designed by Cisco Systems allows users to create

network topologies and imitate modern computer networks. The software allows users to simulate

the configuration of Cisco routers and switches using a simulated command line interface. This

simulator allowed the proponents to design a new network for REESMII – Dulong Bayan without

needlessly scaring the school’s management into thinking that the proponents will have to design

the new network infrastructure by directly accessing the school’s valuable IT assets.

3.5 Development Phase

At this point, the proponents developed the topology based on the demands of the

stakeholders. The feedbacks came after this phase.

30
3.6 Releasing Phase

At this point, the network design for REESMII – Dulong Bayan has been released. The

proponents conducted weekly briefings in order to keep track of the stakeholders’ demands and

feedbacks for the duration of the phase.

3.7 Tracking and Monitoring Phase

At this point, the design is expected to be running smoothly as planned. The proponents may

be requested to add new features in this post-release phase depending on the preference of the

stakeholders. Suggestions will be considered as well as feedbacks. Upon the demand of the

stakeholders, the proponents may be directed to restart the whole project if the need arises, but this

will require another agreement because a demand such as this is already out of the project’s scope.

31
 CHAPTER 4

DEVELOPMENT OF THE PROJECT

4.1 Project Development

The design of the topology was based from these sections of REESMII – Dulong Bayan’s

buildings: Administrator’s Office, Lower-Elementary Department, Upper-Elementary

Department, Computer Room, and Upper-Elementary.

Figure 4.1.1: REESMII – Dulong Bayan’s Network Topology Design

32
4.2 Device Configurations

4.2.1 Dynamic Host Configuration Protocol (DHCP) and The Network’s Scalability

REESMII – Dulong Bayan’s information technology assets’ unique-unicast-IP addresses

were manually configured. While this still works for the school, when it grows bigger the

management will have to add more IT assets and or move other IT assets around the campus which

means more IT assets to manually configure. For instance, a computer which is removed from a

network and then added to another will need a new unique-unicast-IP address and subnet mask

(e.g. IP address: 192.0.2.1 and Subnet mask: 255.255.255.0) and the old IP address and subnet

mask will have to be reclaimed. Without dynamic host configuration protocol (DHCP), these

processes will have to be done manually.

Imagine having to configure 100 desktop computers – that’s 400 processes! If one process

was done erroneously, that means two processes will fail and one desktop computer will not be

connected to the network. If there are overlapping processes, that means the assets which share the

same IP addresses will be affected. Human error is usually the main attrition and risk when it

comes to manual configuration in the absence of DHCP. This makes network scalability for most

organizations challenging.

With a dynamic host configuration protocol (DHCP), these processes will be automated and

will be managed centrally. This is the magic bullet to have a scalable network.

Employing dynamic host configuration protocol (DHCP) to the new network infrastructure

design of REESMII – Dulong Bayan will provide the following benefits for the school:

33
  A more reliable IP address configuration. DHCP eliminates configuration errors caused

by manual IP address configuration, such as typographical errors, or address conflicts

caused by the overlapping IP address assignments.

 A reduced network administration. DHCP includes the following features to reduce

network administration:

 A centralized and automated TCP/IP configuration

 The ability to define TCP/IP configurations from a central location.

 The ability to assign a full range of additional TCP/IP configuration values by

means of DHCP options.

 The efficient handling of IP address changes for clients that must be updated

frequently, such as those for portable devices that move to different locations on a

wireless network.

4.2.2 Virtual Local Area Network (VLAN) Segmentation and the Network’s Security

Segmenting a network into small-separate-manageable networks is the beginning of

investing in a secure network. With segmented VLANs, separated IT assets’ connection may now

be fully controlled. If one segment has the risk of being com111promised, then block all the

segments connected to it which poses the threat, no sweat!

34
 Figure 4.2.2.1: An Illustration of a Segmented Network

Employing virtual local area network (VLAN) segmentation to the new network

infrastructure design of REESMII – Dulong Bayan will provide the following benefits for the

school:

 VLANs enable logical groupings. When users on a VLAN move to a new physical

location but continue to perform the same job function, the end-stations of those users do

not need to be reconfigured. Similarly, if users change their job functions, they need not

physically move: changing the VLAN membership of the end-stations to that of the new

team makes the users' end-stations local to the resources of the new team. If the accounting

staff of REESMII – Dulong Bayan suddenly wants to be a cashier, the IT staff will just

configure his or her desktop PC to the VLAN group of the cashiers!

 VLANs reduce the need to have routers deployed. Flooding of a packet is limited to the

switch ports that belong to a VLAN. REESMII – Dulong Bayan only needs one router to

connect all assets.

35
  Confined broadcast domains. By confining the broadcast domains, end-stations on a

VLAN are prevented from listening to or receiving broadcasts not intended for them.

Moreover, if a router is not connected between the VLANs, the end-stations of a VLAN

cannot communicate with the end-stations of the other VLANs. This is the type of security

which REESMII – Dulong Bayan should invest in because this will improve their current

setup.

4.2.3 Access Control List (ACL) and The Network’s Security

Access control list (ACL) is especially important to a school’s network because to put it

simply, you do not want your students to be accessing files which they do not need to learn in the

school’s premises. According to Nanci Ellen of TechTarget: “An access control list (ACL) is a

table that tells a computer operating system which access rights each user has to a particular system

object, such as a file directory or individual file.” Each object has a security attribute that identifies

its access control list. “The list has an entry for each system user with access privileges. The most

common privileges include the ability to read a file - or all the files in a directory - to write to the

file or files, and to execute the file - if it is an executable file, or program.”

Employing access control list (ACL) protocol to the new network infrastructure design of

REESMII – Dulong Bayan will provide the following benefits for the school:

 It provides a basic level of security. If you do not configure access lists on your router,

all packets passing through it could be allowed onto all parts of your network. Take for

example a guest’s computer, if there is no ACL, what stops him or her from accessing the

accounting office’s assets?

36
  It monitors and limits assets’ access to the network. In Figure 5, host A can access the

Human Resources network, and host B is prevented from accessing the Human Resources

network.

Figure 4.2.3.1: ACL in action

4.2.4 Switchport Security Protocol and The Network’s Security

While conventional network security often focuses more on routers (e.g. ACL) and blocking

traffic from the outside. Switches are internal to the organization, and designed to allow ease of

connectivity, therefore limited security measures may be applied.

Switchport security makes it possible to limit the number and type of devices that are

allowed on the individual switchports. This enables to keep out an unauthorized entry into the

network.

Figure 4.2.4.1: An Illustration of Switchport Security

37
 As for the new network infrastructure design of REESMII – Dulong Bayan, the proponents

decided to combine the power of access control list (ACL) and switchport security protocol to

secure the network adhering to a hierarchical, top-down approach model. This also added

sophistication in the security aspect of the network by ensuring two layers of protection: (1) the

router and every switch connected to it and (2) the switches and all the assets connected.

Figure 4.2.4.1: ACL and Switchport Security

Employing switchport security protocol to the new network infrastructure design of

REESMII – Dulong Bayan will provide the following benefits for the school:

 Fosters network availability. Reduce campus wide network outages caused by broadcast

storms by blocking non-standard hubs and switches. No denial-of-service DoS attack can

stop important activities from happening within REESMII – Dulong Bayan’s premises.

 Fosters network reliability. Network port bandwidth can be guaranteed if limited to one

MAC address. Every assets’ internet speed can be limited provided these are connected to

a switch with a switchport security enabled.

38
  Fosters DHCP availability. Reduce the risk of over subscription of DHCP IP Address per

VLAN by limiting one MAC address per port. No non-member of a VLAN group can just

join the session without proper authentication.

 Fosters network security. Limiting one MAC address per switch port is an attack

mitigation strategy. Password encryption and banner motd just to name a few of its

functions.

4.2.5 Network Address Translation (NAT) and The Network’s Security

Network address translation (NAT) is the process where a network device, usually a firewall,

assigns a public address to a computer (or group of computers) inside a private network. The main

use of NAT is to limit the number of public IP addresses an organization or company must use,

for both economy and security purposes.

The most common form of network translation involves a large private network using

addresses in a private range (10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, or

192.168.0to 192.168.255.255). The private addressing scheme works well for computers that must

access resources inside the network. For instance, REESMI – Dulong Bayan’s cashier computers

needing access to file servers and printers. Routers inside the private network can route traffic

between private addresses with no trouble. However, to access resources outside the network, like

the Internet, these computers must have a public address in order for responses to their requests to

return to them. This is where NAT comes into play.

Employing network address translation (NAT) to the new network infrastructure design of

REESMII – Dulong Bayan will provide the following benefits for the school:

39
  Restricts access to other services. A lack of complete bi-directional connectivity offered

by NAT is desirable as it restricts direct access to the LAN resources. Allocation of a static

IP address makes the network resource a potential target for hackers. The presence of an

intermediate Proxy server makes the situation tricky.

 Generates sufficient IP addresses. The Network Address Translation process offers a

simple yet effective solution to the nagging problem of limited telephone address space

offered by the contemporary network protocols such as the IPv4. The NAT process

generates sufficient IP addresses to be used locally that are subsequently mapped to the

real IP addresses for communications over the Internet.

4.2.6 Network Path Redundancy and The Network’s Resiliency: Backup

Network path redundancy is a process through which additional or alternate instances of

network devices, equipment and communication mediums are installed within network

infrastructure. It is a method for ensuring network availability in case of a network device or path

failure and unavailability. As such, it provides a means of network failover.

Typically, network path redundancy is achieved through the addition of alternate network

paths, which are implemented through redundant standby routers and switches. When the primary

path is unavailable, the alternate path can be instantly deployed to ensure minimal downtime and

continuity of network services.

Employing network path redundancy to the new network infrastructure design of REESMII

– Dulong Bayan will provide the following benefits for the school:

40
  Peace of mind. Business will not stop abruptly when the primary path becomes

unavailable. Staffs and students of REESMII – Dulong Bayan can count on that.

 Minimal downtime. Gone are the days when an organization requires to make a day worth

of maintenance to fix an error. With network path redundancy, an alternate path on standby

can be powered up instantly as soon as the primary path becomes unavailable due to an

error or a failure in order to secure the activity while it is being repaired.

Figure 3.4.5.1: An Illustration of Network Path Redundancy

4.2.7 Hot Standby Routing Protocol (HSRP) and The Network’s Resiliency: Backup

Hot standby routing protocol (HSRP) is a routing protocol that provides backup to a router

in the event of failure. Using HSRP, several routers are connected to the same segment of an

Ethernet, FDDI or token-ring network and work together to present the appearance of a single

virtual router on the LAN. The routers share the same IP and MAC addresses, therefore in the

event of failure of one router, the hosts on the LAN are able to continue forwarding packets to a

consistent IP and MAC address. The process of transferring the routing responsibilities from one

device to another is transparent to the user.

41
 The proponents posit that HSRP is essential to REESMI – Dulong Bayan’s design since one

link failure alone can potentially disrupt its administrative processes. A down-time is not welcome

in any institution.

4.2.8 Spanning Tree Protocol and The Network’s Resiliency: Backup

The spanning tree protocol (STP) was introduced into the networking world as a means to

prevent layer 2 network loops - frame broadcast storms - from disrupting the service of a local area

network. STP uses clever mechanisms to prevent loops by virtually disconnecting redundant links.

The proponents posit that STP is essential to REESMI – Dulong Bayan’s design since a lot

of devices were added to the network. Needless to mention, a lot of connections as well.

Therefore, despite the new design being more effective than its previous network infrastructure, it

will become more susceptible to broadcast storms which STP prevents.

Figure 3.4.8.1: An Illustration of Spanning Tree

42
4.2.9 Link Aggregation and The Network’s Resiliency: QoS

Link aggregation or EtherChannel is the process used to bundle ports together in an ethernet

switch to achieve higher bandwidth. Link aggregation is useful when interconnecting switches

together and when interconnecting other devices to a switch. EtherChannel help improves the

quality of operation when ethernet switches are interconnected using multiple physical interfaces.

The proponents posit that out of the different improvements implemented in the design, link

aggregation is the only improvement which directly addresses quality of service because its

application is for the purpose of making a specific operation faster.

Figure 4.2.9.1: An Illustration of Link Aggregation or EthernetChannel

4.3 Development Planning

4.3.1 Listing and Costing of Equipment

Table 6: Equipment

Item Description Unit Quantity Price/Unit Price

Dell Computer Set 16 Php 11,268 Php180,288
Cisco Switch – 24 ports Box 8 Php 2,990 Php23,920
Tp-Link Router Box 3 Php 2,998 Php8,994
Ubiquiti Wireless Access Point Box 2 Php 3,000 Php 6,000
Straight-through Cable Reel 2 Php 3,137 Php 6,274
Crossover Cable Reel 2 Php 1,997 Php 3,994

43
 RJ45 Set of 100 Box 2 Php 970 Php 1,940
Gigabyte R220-X31 Server Box 3 Php 24,990 Php 74,970
Total Price = Php 306,380

4.3.2 Return of Investment (ROI)

The proponents estimated the annual gains of REESMII – Dulong Bayan to calculate for

the simple return of investment using the formula:

Gains − Investment Costs

Simple Return of Investment (ROI) = Investment Costs

Since the proponents used the following information to calculate for the ROI: (1) REESMI

– Dulong Bayan’s added annual gains after the improvement and (2) equipment’s total price, let

Gains be equal to Added Annual Gains (AAG) and let Investment Costs be equal to Total Price.

Therefore, the formula that the proponents actually used is:

Added Annual Gains − Total Price

Simple Return of Investment (ROI) = Total Price

The proponents calculated REESMII – Dulong Bayan’s annual gains after the improvement

under the assumption that: (1) advertisements about the improvements took place and (2) more

students flocked the school. The proponents did not include the school’s expenses.

44
 Figure: 4.3.3: Academic Expenses

According to SmartParentingPH, the average-annual tuition fee for preschool (private) is

Php 40,000 and the average-annual tuition fee for elementary (private) is Php 80,000.

The proponents assumed that REESMI – Dulong Bayan will have an additional of 5 preschool

students and an additional of 10 elementary students (grades 1 to 6) after the improvement.

Computing for the added annual gains (AAG) of REESMII – Dulong Bayan:

Added Annual Gains = (Preschool Students * Php 40,000) + (Elementary Students * Php 80,000)

AAG = (5 * Php 40,000) + (10 * Php 80,000)

AAG = Php 200,000 + Php 800,000

AAG = Php 1,000,000

45
Computing for the simple ROI:

Added Annual Gains − Total Price

Simple Return of Investment (ROI) = x 100
Total Price

Php 1,000,000 – Php306,380

Simple Return of Investment (ROI) = x 100
Php 306,380

Php 693,620
Simple Return of Investment (ROI) = Php 306,380 x 100

Simple Return of Investment (ROI) = 2.264 x 100

Simple Return of Investment (ROI) = 226.392%

The annual return of investment is a whopping 226.392%! Although this figure was

calculated in the absence of the school’s annual expense and is only an assumption - particularly

the students that enrolled after the assumed advertisement - it can still be concluded that investing

on a new design is possibly profitable.

46
 CHAPTER 5

RESULT AND DISCUSSION

This chapter tackles the overall evaluation of the new-network topology for REESMII –

Dulong Bayan. The strengths and opportunities of the design was discussed here. Everything that

was written in this section was based from the data gathered from the evaluation form handed to

the Ruther E. Esconde School of Multiple Intelligences Inc.’s prime information technology

head, Ms. Karen C. Flores. Although the scores given by the prime IT head was based from her

preference and expectations, this chapter is free from uneducated speculation.

Table 7: Evaluation Result and Discussion

1-Not Observed | 2-Below Average | 3-Average | 4-Above Average | 5-Excellent

Criteria Score Interpretation
1. Functionality 4 The design works more than the school intends it to. Wireless-
area-network access and secure connections for the computer
room – just to name a few.
2. Reliability 4 The design is highly reliable. Now, faulty switches and or
routers have less impact over the business.
3. Usability 5 The design’s usability exceeds the school’s expectations. Non-
steep learning curve; easy implementation.
4. Efficiency 4 The design is highly efficient. No device will connect to the
network without getting any provision.
5. Maintainability 4 The design is highly maintainable. The network schemes are
flexible enough such that it can be modified to meet the school’s
needs.
6. Portability 4 The design is highly portable. The network can support
additional devices at any given time with less effort.

47
 CHAPTER 6

CONCLUSION

Having a scalable, secure, and resilient network is not only an asset to an organization, but

also a wise investment most especially if the means to acquire one is not out of question.

The design is highly functional. Based from the data gathered from the evaluation form, the

design works more than the school intends it to. Wireless-area-network access and secure

connections for the computer room – just to name a few. More importantly, no student can access

unsanctioned sites in the internet while using the assets in the computer room thanks to access

control list (ACL) protocol.

The design is highly reliable. Based from the data gathered from the evaluation form, faulty

switches and or routers now have less impact over the business. School staffs can now rest easy

thanks to hot standby routing protocol (HSRP).

The design’s usability exceeds the school’s expectations. Based from the data gathered from

the evaluation form, the learning curve to understand the inner workings of the design is not steep.

Therefore, there should be no real issues as far as implementation is concerned.

The design is highly efficient. Based from the data gathered from the evaluation form, no

device will connect to the network without getting any provision.

The design is highly maintainable. Based from the data gathered from the evaluation form,

the network schemes are flexible enough such that it can be modified to meet the school’s needs.

The design is highly portable. Based from the data gathered from the evaluation form, the

network can support additional devices at any given time with less effort.

48
 With provably high functionality, high reliability, high efficiency, high maintainability, high

portability, and exceedingly high usability, the proponents indubitably conclude that the new

network topology for REESMII – Dulong Bayan is a scalable, secure, and resilient design which

the school can adopt any time – guilt free.

49
 APPENDICES

IP Address Table

Static IP Address Distribution

Table 8: The Static IP Address Distribution

Name Interface IP Address Subnet Mask

R1 Gig 0/0.10 10.10.10.1 255.255.255.0
R1 Gig 0/0.20 10.10.20.1 255.255.255.0
R1 Gig 0/0.30 10.10.30.1 255.255.255.0
R1 Gig 0/0.40 10.10.40.1 255.255.255.0
R1 Gig 0/0.50 10.10.50.1 255.255.255.0
R1 Gig 0/0.50 10.10.60.1 255.255.255.0
R1 Gig 0/0.50 10.10.100.1 255.255.255.0
Name VLAN IP Address Subnet Mask
Admin_Switch 10 10.10.10.250 255.255.255.0
Accounting_Switch 20 10.10.20.250 255.255.255.0
Academic_Switch 30 10.10.30.250 255.255.255.0
Com_Lab_Switch 40 10.10.40.250 255.255.255.0

VLAN Table

Table 9: The VLAN Table

VLAN Name VLAN

Admin_Switch 10
Accounting_Switch 20
Academic_Switch 30
Com_Lab_Switch 40
Corporate_AP 50
Guest_AP 60

50
Network Address Translation Table

Table 10: The Network Address Translation Table

Network Address Translation Private IP

DNS Server 172.16.100.254
WEB Server 172.16.100.252
Google Server 100.100.100.100

DHCP IP Address Distribution

Table 11: The DHCP IP Address Distribution Table

Name VLAN IP Address Subnet Mask

Director 10 10.1010.103 255.255.255.0
Printer 10 10.10.10.104 255.255.255.0
Cashier 10 10.10.10.102 255.255.255.0
Acct.PC1 20 10.10.20.101 255.255.255.0
Acct.PC2 20 10.10.20.100 255.255.255.0
PreschoolDeptPC 30 10.10.30.4 255.255.255.248
P1 30 10.10.30.5 255.255.255.248
P2 30 10.10.30.9 255.255.255.0
LowerElemDeptPC 30 10.10.30.7 255.255.255.0
PC1 40 10.10.40.113 255.255.255.0
PC2 40 10.10.40.108 255.255.255.0
PC3 40 10.10.40.110 255.255.255.0
PC4 40 10.10.40.109 255.255.255.0
PC5 40 10.10.40.116 255.255.255.0
PC6 40 10.10.40.111 255.255.255.0
PC7 40 10.10.40.112 255.255.255.0
PC8 40 10.10.40.115 255.255.255.0
PC9 40 10.10.40.114 255.255.255.0

51
Evaluation

52
53
54
Evaluation Photoshoot

55
 Network Topology

REESMII - Dulong Bayan’s Network Topology

ISP

56
Building A

Building B - 1st floor

57
Building B - 2nd floor

58
 Device Configuration

R1 ip address 10.10.20.1 255.255.255.0

ip helper-address 172.16.100.253
! ip nat inside
version 15.1 standby 20 ip 10.10.20.3
no service timestamps log datetime msec standby 20 priority 105
no service timestamps debug datetime msec standby 20 preempt
no service password-encryption standby 20 track GigabitEthernet0/2
! !
hostname Pri_Router interface GigabitEthernet0/0.30
! encapsulation dot1Q 30
! ip address 10.10.30.1 255.255.255.0
! ip helper-address 172.16.100.253
! ip nat inside
! standby 30 ip 10.10.30.3
! standby 30 priority 105
! standby 30 preempt
! standby 30 track GigabitEthernet0/2
ip cef !
no ipv6 cef interface GigabitEthernet0/0.40
! encapsulation dot1Q 40
! ip address 10.10.40.1 255.255.255.0
! ip helper-address 172.16.100.253
! ip nat inside
license udi pid CISCO2911/K9 sn FTX152466JP standby 40 ip 10.10.40.3
! standby 40 priority 105
! standby 40 preempt
! standby 40 track GigabitEthernet0/2
! !
! interface GigabitEthernet0/0.50
! encapsulation dot1Q 50
! ip address 10.10.50.1 255.255.255.0
! ip helper-address 172.16.100.253
! ip nat inside
! standby 50 ip 10.10.50.3
! standby 50 priority 105
spanning-tree mode pvst standby 50 preempt
! standby 50 track GigabitEthernet0/2
! !
! interface GigabitEthernet0/0.60
! encapsulation dot1Q 60
! ip address 10.10.60.1 255.255.255.0
! ip helper-address 172.16.100.253
interface GigabitEthernet0/0 ip access-group Guest_Wifi_Access in
no ip address ip nat inside
duplex auto standby 60 ip 10.10.60.3
speed auto standby 60 priority 105
! standby 60 preempt
interface GigabitEthernet0/0.10 standby 60 track GigabitEthernet0/2
encapsulation dot1Q 10 !
ip address 10.10.10.1 255.255.255.0 interface GigabitEthernet0/0.100
ip helper-address 172.16.100.253 encapsulation dot1Q 100
ip nat inside ip address 172.16.100.1 255.255.255.0
standby 10 ip 10.10.10.3 standby 100 ip 172.16.100.3
standby 10 priority 105 standby 100 priority 105
standby 10 preempt standby 100 preempt
standby 10 track GigabitEthernet0/2 standby 100 track GigabitEthernet0/2
! !
interface GigabitEthernet0/0.20 interface GigabitEthernet0/1
encapsulation dot1Q 20 no ip address

59
duplex auto Pri_Switch
speed auto
! !
interface GigabitEthernet0/1.60 version 12.2
no ip address no service timestamps log datetime msec
! no service timestamps debug datetime msec
interface GigabitEthernet0/2 no service password-encryption
ip address 1.1.1.1 255.255.255.248 !
ip nat outside hostname Pri_Core
duplex auto !
speed auto enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0
! !
interface Vlan1 !
no ip address !
shutdown ip dhcp pool AdminPool
! !
interface Vlan10 !
mac-address 00e0.a375.8d01 spanning-tree mode rapid-pvst
no ip address spanning-tree extend system-id
! spanning-tree vlan 1,20,30,40 priority 0
ip nat inside source list Internet_Access interface spanning-tree vlan 2-19,21-29,31-39,41-1024 priority
GigabitEthernet0/2 overload 24576
ip classless !
ip route 0.0.0.0 0.0.0.0 1.1.1.3 interface Port-channel1
! switchport mode trunk
ip flow-export version 9 !
! interface FastEthernet0/1
! switchport mode trunk
ip access-list extended Guest_Wifi_Access !
deny ip 10.10.60.0 0.0.0.255 host 172.16.100.252 interface FastEthernet0/2
permit ip any any switchport mode trunk
ip access-list standard Internet_Access !
permit 10.10.60.0 0.0.0.255 interface FastEthernet0/3
permit 10.10.10.0 0.0.0.255 switchport mode trunk
permit 10.10.20.0 0.0.0.255 !
permit 10.10.30.0 0.0.0.255 interface FastEthernet0/4
permit 10.10.50.0 0.0.0.255 switchport access vlan 50
! switchport mode access
! !
! interface FastEthernet0/5
! switchport mode trunk
! !
line con 0 interface FastEthernet0/6
! switchport mode trunk
line aux 0 !
! interface FastEthernet0/7
line vty 0 4 switchport mode trunk
login !
! interface FastEthernet0/8
! switchport mode trunk
! !
end interface FastEthernet0/9
switchport mode trunk
!
interface FastEthernet0/10
switchport mode trunk
!
interface FastEthernet0/11
switchport mode trunk
!
interface FastEthernet0/12
switchport mode trunk

60
!
interface FastEthernet0/13
switchport mode trunk Admin_Switch
!
interface FastEthernet0/14 !
switchport mode trunk version 12.2
! no service timestamps log datetime msec
interface FastEthernet0/15 no service timestamps debug datetime msec
switchport mode trunk no service password-encryption
! !
interface FastEthernet0/16 hostname Admin_Switch
switchport mode trunk !
! enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0
interface FastEthernet0/17 !
switchport mode trunk !
! !
interface FastEthernet0/18 !
switchport mode trunk username cisco privilege 1 password 0 cisco
! !
interface FastEthernet0/19 !
switchport mode trunk spanning-tree mode rapid-pvst
! spanning-tree extend system-id
interface FastEthernet0/20 spanning-tree vlan 1-1024 priority 61440
switchport mode trunk !
channel-group 1 mode desirable interface FastEthernet0/1
! switchport mode trunk
interface FastEthernet0/21 !
switchport mode trunk interface FastEthernet0/2
channel-group 1 mode desirable switchport mode trunk
! !
interface FastEthernet0/22 interface FastEthernet0/3
switchport mode trunk switchport access vlan 10
! switchport mode access
interface FastEthernet0/23 !
switchport mode trunk interface FastEthernet0/4
! switchport access vlan 10
interface FastEthernet0/24 switchport mode access
switchport access vlan 60 !
switchport mode access interface FastEthernet0/5
! switchport access vlan 10
interface GigabitEthernet0/1 switchport mode access
! !
interface GigabitEthernet0/2 interface FastEthernet0/6
! switchport access vlan 10
interface Vlan1 switchport mode access
no ip address !
shutdown interface FastEthernet0/7
! !
! interface FastEthernet0/8
! !
! interface FastEthernet0/9
line con 0 !
! interface FastEthernet0/10
line vty 0 4 !
login interface FastEthernet0/11
line vty 5 15 !
login interface FastEthernet0/12
! !
! interface FastEthernet0/13
! !
End interface FastEthernet0/14
!

61
interface FastEthernet0/15 enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0
! !
interface FastEthernet0/16 !
! !
interface FastEthernet0/17 !
! username cisco privilege 1 password 0 cisco
interface FastEthernet0/18 !
! !
interface FastEthernet0/19 spanning-tree mode pvst
! spanning-tree extend system-id
interface FastEthernet0/20 spanning-tree vlan 1-1024 priority 61440
! !
interface FastEthernet0/21 interface FastEthernet0/1
! switchport mode trunk
interface FastEthernet0/22 !
! interface FastEthernet0/2
interface FastEthernet0/23 switchport mode trunk
! !
interface FastEthernet0/24 interface FastEthernet0/3
switchport access vlan 10 switchport access vlan 20
! switchport mode access
interface GigabitEthernet0/1 !
! interface FastEthernet0/4
interface GigabitEthernet0/2 switchport access vlan 20
! switchport mode access
interface Vlan1 !
no ip address interface FastEthernet0/5
shutdown !
! interface FastEthernet0/6
interface Vlan10 !
mac-address 0060.4701.6401 interface FastEthernet0/7
ip address 10.10.10.250 255.255.255.0 !
! interface FastEthernet0/8
ip default-gateway 10.10.10.3 !
! interface FastEthernet0/9
! !
! interface FastEthernet0/10
! !
line con 0 interface FastEthernet0/11
! !
line vty 0 4 interface FastEthernet0/12
login local !
transport input telnet interface FastEthernet0/13
line vty 5 15 !
login interface FastEthernet0/14
! !
! interface FastEthernet0/15
! !
end interface FastEthernet0/16
!
interface FastEthernet0/17
!
Accounting_Switch interface FastEthernet0/18
!
! interface FastEthernet0/19
version 12.2 !
no service timestamps log datetime msec interface FastEthernet0/20
no service timestamps debug datetime msec !
no service password-encryption interface FastEthernet0/21
! !
hostname Accounting_Switch interface FastEthernet0/22
! !

62
interface FastEthernet0/23 !
! interface FastEthernet0/3
interface FastEthernet0/24 switchport access vlan 30
! switchport mode access
interface GigabitEthernet0/1 !
! interface FastEthernet0/4
interface GigabitEthernet0/2 switchport access vlan 30
! switchport mode access
interface Vlan1 !
no ip address interface FastEthernet0/5
shutdown switchport access vlan 30
! switchport mode access
interface Vlan20 !
mac-address 0001.9641.7701 interface FastEthernet0/6
ip address 10.10.20.250 255.255.255.0 switchport access vlan 30
! switchport mode access
ip default-gateway 10.10.20.3 !
! interface FastEthernet0/7
! !
! interface FastEthernet0/8
! !
line con 0 interface FastEthernet0/9
! !
line vty 0 4 interface FastEthernet0/10
login local !
transport input telnet interface FastEthernet0/11
line vty 5 15 !
login interface FastEthernet0/12
! !
! interface FastEthernet0/13
! !
End interface FastEthernet0/14
!
interface FastEthernet0/15
!
Academic_Switch interface FastEthernet0/16
!
! interface FastEthernet0/17
version 12.2 !
no service timestamps log datetime msec interface FastEthernet0/18
no service timestamps debug datetime msec !
no service password-encryption interface FastEthernet0/19
! !
hostname Academic_Switch interface FastEthernet0/20
! !
enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0 interface FastEthernet0/21
! !
! interface FastEthernet0/22
! !
! interface FastEthernet0/23
username cisco privilege 1 password 0 cisco !
! interface FastEthernet0/24
! !
spanning-tree mode rapid-pvst interface GigabitEthernet0/1
spanning-tree extend system-id !
spanning-tree vlan 1-1024 priority 61440 interface GigabitEthernet0/2
! !
interface FastEthernet0/1 interface Vlan1
switchport mode trunk no ip address
! shutdown
interface FastEthernet0/2 !
switchport mode trunk interface Vlan30

63
mac-address 00e0.8fe2.7601 switchport mode access
ip address 10.10.30.6 255.255.255.248 !
! interface FastEthernet0/7
ip default-gateway 10.10.30.3 switchport access vlan 40
! switchport mode access
! !
! interface FastEthernet0/8
! switchport access vlan 40
line con 0 switchport mode access
! !
line vty 0 4 interface FastEthernet0/9
login local switchport access vlan 40
transport input telnet switchport mode access
line vty 5 15 !
login interface FastEthernet0/10
! switchport access vlan 40
! switchport mode access
! !
End interface FastEthernet0/11
switchport access vlan 40
Com_Lab_Switch switchport mode access
!
! interface FastEthernet0/12
version 12.2 switchport access vlan 40
no service timestamps log datetime msec switchport mode access
no service timestamps debug datetime msec !
no service password-encryption interface FastEthernet0/13
! switchport access vlan 40
hostname Com_Lab_Switch switchport mode access
! !
enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0 interface FastEthernet0/14
! switchport access vlan 40
! switchport mode access
! !
! interface FastEthernet0/15
username cisco privilege 1 password 0 cisco switchport access vlan 40
! switchport mode access
! !
spanning-tree mode rapid-pvst interface FastEthernet0/16
spanning-tree extend system-id switchport access vlan 40
spanning-tree vlan 1-1024 priority 4096 switchport mode access
! !
interface FastEthernet0/1 interface FastEthernet0/17
switchport mode trunk switchport access vlan 40
! switchport mode access
interface FastEthernet0/2 !
switchport mode trunk interface FastEthernet0/18
! switchport access vlan 40
interface FastEthernet0/3 switchport mode access
switchport access vlan 40 !
switchport mode access interface FastEthernet0/19
! switchport access vlan 40
interface FastEthernet0/4 switchport mode access
switchport access vlan 40 !
switchport mode access interface FastEthernet0/20
! switchport access vlan 40
interface FastEthernet0/5 switchport mode access
switchport access vlan 40 !
switchport mode access interface FastEthernet0/21
! switchport access vlan 40
interface FastEthernet0/6 switchport mode access
switchport access vlan 40 !

64
interface FastEthernet0/22 switchport mode trunk
switchport access vlan 40 !
switchport mode access interface FastEthernet0/2
! switchport mode trunk
interface FastEthernet0/23 !
switchport access vlan 40 interface FastEthernet0/3
switchport mode access switchport access vlan 100
! switchport mode access
interface FastEthernet0/24 !
switchport access vlan 40 interface FastEthernet0/4
switchport mode access switchport access vlan 100
! switchport mode access
interface GigabitEthernet0/1 !
! interface FastEthernet0/5
interface GigabitEthernet0/2 !
! interface FastEthernet0/6
interface Vlan1 !
no ip address interface FastEthernet0/7
shutdown !
! interface FastEthernet0/8
interface Vlan40 !
mac-address 0090.0cd6.ad01 interface FastEthernet0/9
ip address 10.10.40.250 255.255.255.0 !
! interface FastEthernet0/10
ip default-gateway 10.10.40.3 !
! interface FastEthernet0/11
! !
! interface FastEthernet0/12
! !
line con 0 interface FastEthernet0/13
! !
line vty 0 4 interface FastEthernet0/14
login local !
transport input telnet interface FastEthernet0/15
line vty 5 15 !
login interface FastEthernet0/16
! !
! interface FastEthernet0/17
! !
end interface FastEthernet0/18
!
interface FastEthernet0/19
!
Server_Switch interface FastEthernet0/20
!
! interface FastEthernet0/21
version 12.2 !
no service timestamps log datetime msec interface FastEthernet0/22
no service timestamps debug datetime msec !
no service password-encryption interface FastEthernet0/23
! !
hostname Server_Switch interface FastEthernet0/24
! switchport access vlan 100
enable secret 5 $1$mERr$hppjZ6qgFKiQvLDBJrS7O0 switchport mode access
! !
! interface GigabitEthernet0/1
! !
! interface GigabitEthernet0/2
! !
spanning-tree mode pvst interface Vlan1
spanning-tree extend system-id no ip address
! shutdown
interface FastEthernet0/1

65
! speed auto
! !
! interface GigabitEthernet0/1
! no ip address
line con 0 duplex auto
! speed auto
line vty 0 4 shutdown
login !
line vty 5 15 interface GigabitEthernet0/2
login ip address 1.1.1.3 255.255.255.248
! duplex auto
! speed auto
! !
End interface Vlan1
no ip address
shutdown
!
ISP router bgp 300
bgp log-neighbor-changes
! no synchronization
version 15.1 neighbor 1.1.1.1 remote-as 65535
no service timestamps log datetime msec network 0.0.0.0 mask 255.255.255.255
no service timestamps debug datetime msec network 100.100.100.0 mask 255.255.255.0
no service password-encryption !
! ip classless
hostname Router !
! ip flow-export version 9
! !
! !
! !
! !
! !
! !
! !
ip cef line con 0
no ipv6 cef !
! line aux 0
! !
! line vty 0 4
! login
license udi pid CISCO2911/K9 sn FTX1524E17G
! !
! !
! !
!
! End
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 100.100.100.1 255.255.255.0
duplex auto

66
 BIBLIOGRAPHY

Al Sarhan, R. (2016). Computer Network Design for Universities in Developing Countries. pp.1-

73.

Bandolin, S. (2016). For the Local Area Network (I-AN) Cabling and Rehabilitation. pp.1-61.

Bisht, N. and Singh, S. (2015). Analytical Study of Different Network Topologies. pp.1-127.

David, A. (2017). Analyzing Network Monitoring Systems and Objects for A

Telecommunications Company. pp.1-96.

Dela Cruz, A., Parabuac, M. and Tiglao, N. (2017). Design and implementation of a low-cost

and reliable wireless mesh network for first-response communications. pp.1-148.

Dela Rosa, J. (2017). Network Infrastructure Design for Litware Limited. pp.1-58.

Hernandez, J. and Pedroza, C. (2014). The Influence of the Network Topology on the Agility of

a Supply Chain. pp.1-86.

Kasthurirathna, D. (2016). The influence of topology and information diffusion on networked

game dynamics. pp.13-24.

Kothapali, S. (2014). Network Design for Airport. pp.1-45.

Lemuel, A. (2015). Faculty of Science Computer and Mathematics: Champs SDN BHD Network

Design. pp.1-77.

Lunar, M., Dacayo, P. and Idmilao, G. (2015). Wide Area Network Design for Bureau of Fire

Protection. pp.1-134.

67
Meador, B. (2014). A Survey of Computer Network Topology and Analysis Examples. pp.1-103.

Okeke, I. (2014). The Influence of Network Topology on the Operational Performance of the

Low Voltage Grid. pp.1-67.

Omorog, C. (2019). Internet Security Awareness of Filipinos: A Survey Paper. pp.1-46.

Pascual, J. (2015). A Network Topology Design for Ron.net Internet Café. pp.1-39.

Santra, S. and Acharya, P. (2013). A Study and Analysis on Computer Network Topology for

Data Communication. pp.1-114.

68