Cisco Subnetting Project: The Application of Efficient VLAN and IT Networks in a Large Company Network

Executive Summary

The chief problem with the Sub-netting setup provided is an overall lack of organization and sloppy implementation. Most notably, the large routing tables due to misconfiguration is causing massive performance and network issues. The lack of a VLAN structure means that the additional segmentation services normally seen only in LAN configurations is not functioning as needed, and as a result, traffic-flow management is very inefficient, and the network itself is much less secure. Because of the size of XUMC, the software-defined network must be configured to allow for a great deal of traffic, and this means ensuring that the four departments of XUMC: sales, finance, human resources, and research and development, are all handled and managed separately in order to ensure maximum security and performance. The failure of the WAN transport is one of the most glaring offenders in this regard. Because the WAN transport is responsible for sending data throughout the entire XUMC network, making sure it can accommodate heavy traffic should be a high priority. In addition, having the IP addresses in the network statistically assigned means that making changes are a costly affair due to the fact that the addresses are static and difficult to change. To solve these problems, it is important to keep in mind that there are three classes of networks, which are, quite simply, class A for the largest networks, B for medium-sized networks, and C for small networks. From here, it will be necessary to assign the largest and most important networks to class A, slightly smaller ones for B, and so on. Also, one important facet of sub-netting to keep in mind is the concept of network masking. Network masking allows address space to be managed much more efficiently, and is also useful in this specific scenario, where many sub-networks are controlled by different people in a large organization. The first part of this paper will examine the concept of IP subnet masking and how it is necessary in order to solve some of the problems presented here.

Technical Details and Abstract

Subnet masking is a subdivision of an IP network. Scott M. Ballow (1997) explains some of the benefits of subnet masking. “In IP sub-netting, bits are taken from the host number of the IP address and used as if they are part of the network number. For example, recall that the class A network 10.0.0.0 has 8 bits of network number and 24 bits of host number. Engineers realized they could subdivide this network by taking 8 bits of the host number and adding them to the network number” (p.10). This is significant because it represents one of the best ways to make the process more efficient: subdivision. Since the San Francisco location of XUMUC has so many more IP addresses required and is, thus, a much larger network. It is prudent to utilize the resources from San Francisco for the smaller and poorly managed Houston and Denver locations. Assigning IP Addresses

Assigning IP addresses in order to offset some of the careless decision making is tricky, but doable with the right application of logic. Y. Rekhter, B. Moskowitz, D. Karrenberg, T.J. Watson Research Center, and G. de Groot (1994) define IP subnetworking as it will be applied here. “The current practice is to assign globally unique addresses to all hosts that use TCP/IP. There is a growing concern that the finite IP address space might become exhausted. Therefore, the guidelines for assigning IP address space have been tightened in recent years” (p.2-3) Using the concepts provided here, it is possible to assign IPs to the routers using /30 while part of the subnet.

(Diagram omitted for preview. Available via download)

Next, it is necessary to determine the summarization routes. Summarization routes reduce strain on routers because it causes fewer entries in the routing table. However, in order to properly use summarization routes, there are a few requirements that must be met first, as documented by Diane Tearne and Catering Paquet (2004). “For summarization to work correctly, the following requirements must be met:

• Multiple IP addresses must share the same highest-order bits.

• Routing protocols must base their routing decisions on a 32-bit IP address and a prefix length that can be up to 32 bits.

• Routing updates must carry the prefix length (the subnet mask) along with the 32-bit IP address” (p.3)

By working within these parameters, it is possible to form a rudimentary summarization route for the network.

(Diagram omitted for preview. Available via download)

The route to San Francisco should be placed at the San Francisco router. Similarly, the route for Denver must be placed at the Denver router. Finally, the Houston router must be placed at the Houston router summarization point.

Solving the VLAN Structure Problem

Next, it is necessary to develop an efficient VLAN structure in order to properly isolate broadcast traffic. To do this, it is important to understand some of the applications as well as limitations of VLAN. For starters, VLAN is best used on extremely large networks. That is, LAN networks with more than 200 devices on the LAN. Each VLAN network should be its own subnet, and doing this allows for LAN devices to be in separate locations, which is crucial for the networking setup that is in place at XUMUC. Thus, the solution is simple: use routers to segment the LANs into more manageable networks. However, this technology solution alone is not enough. In order to ensure maximum efficiency and security, it is necessary to utilize what is called “frame tagging.” Essentially, frame tagging is the process of labeling Ethernet packets via 4 bytes, inserted into the header of the packet. In doing so, the switch the data is being sent to will know what to do with the packet, because it has already been tagged. Allied Tellesis (2008) details some of the aspects of what exactly tagging entails. “[tags contain] the user priority, canonical format indicator, and the VLAN ID (p.8-9).” Allied Tellesis also designed a simple graph to help illustrate the proper use of frame tagging. According to Allied Tellesis, “The tag makes it very easy for the second switch to know what to do with the packet, because the tag marks this packet as belonging to VLAN 47, and switch 2 knows exactly what it should do with packets that belong to VLAN 47 (p.9)”

(Diagram omitted for preview. Available via download)

Assigning IPs in this matter is much more efficient than the method that was previously being used. By better segmenting network functions among the smaller offices, greater security and efficiency is achieved.

Business Impact

By making virtually every process in the company’s IT infrastructure more efficient, it can be expected that there will be a substantial increase in both speed and security throughout all networks within the company. In addition, the use of frame tagging will allow for much more versatility in regards to the IT network. In fact, the benefits of a server-based network with smaller workloads per server and efficient servers are well documented, as evidenced by an article by Dell (2008). “A well-equipped server with a high performance processor and hard drive as well as sufficient memory speeds up applications and file access, especially when compared to the types of peer-to-peer networks that many small businesses use (p.1)” This means that having up-to-date equipment can be just as important as having a network that is as efficient as possible. In addition, an article by Diane Teare (2012) maintains that simply using the Cisco network model is the first step to making a business efficient in its IT operations. “Cisco provides an enterprise wide systems architecture that helps companies to protect, optimize, and grow the infrastructure that supports their business processes (p.43-48)

Conclusion

When making changes to an IT network it is important to not lose sight of the basics. That is, to keep things running as efficiently and smoothly as possible. Sometimes this involves taking a route that is less popular, but more specific to the needs of the company.

References

Allied Telesis (2008) The Purpose of VLANs, Overview of VLANs p.2-3

Ballow, S. M. (1997). The Basics of IP Networking, Managing IP Networks with Cisco Routers, p.4-15

Dell, Inc. (2013) Benefits of Server-Based Networking, How Server-Based Networks Boost Small Businesses (p.1-2)

Tearne, D. and Paquet, C. (2004) CCNP Self Study: Advanced IP Addressing p.3

Teare, D. (2012) Routing Services, Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide p.43-49.

Y. Rekhter, B. Moskowitz, D. Karrenberg, T.J. Watson Research Center, and G. de Groot (1994) Address Allocation for Private Internets, Network Working Group Request for Comments p. 2-3.