Site Device and STP Configurations

1519 words (6 pages) Essay in Information Systems

23/09/19 Information Systems Reference this

Disclaimer: This work has been submitted by a student. This is not an example of the work produced by our Essay Writing Service. You can view samples of our professional work here.

Any opinions, findings, conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of UK Essays.

Springfield Site Device and STP Configurations

Table of Contents

  1. Site Details and Challenges
  2. Site Solutions and Technologies
  3. Sample Configuration
  4. Supporting Tables/Diagrams
  5. Conclusion
  6. Bibliography
  1. Site Details and Challenges

 

I have been recently hired as a network administrator for the xAcme Technology Trade School. The local xAcme system admins of the Springfield site have asked me, there network admin to help configure their Cisco network devices. Springfield network topology is below.

Figure 1: Springfield Network  Topology

List of Network Devices at Springfield

-          Cisco 2811 router

-          (2960) Switch 1 with 24 ports

-          (2960) Switch 2 with 24 ports

-          (2960) Switch 3 with 24 ports

-          (2960) Switch 4 with 24 ports

-          Instructional VLAN, 211 devices attached

-          Administrative VLAN, 55 devices attached

-          Server VLAN, 38 devices attached

-          Faculty VLAN, 20 devices attached

Springfield has been assigned a network of 10.30.0.0 /16 with a subnet mask of 255.255.0.0. It has four vlans with a total of 324 devices attached. Springfield has incorrect device configurations, wrong STP implementation and no password security or any security measures to prevent bogus BPDU attacks.

  1. Site Solutions and Technologies

In order to the solve Springfield’s site network problems, I will start by implementing device hostnames to match the xACME educational topology labels. A MOTD banner and login banner must be configured on one of the switches. Security is a must have when configuring any network, so I will help the system admins by implementing device passwords on both console port (out-of-band communications) and VTY (Telnet/in-band communications) and it will be encrypted.

The local xAcme system admins are also having trouble placing switch 1 as the root. I will explain the advantages and purpose of the STP and help them with their switch problem. To better understand the importance of each step, I have defined below the main configs I will make changes to.

Hostnames– Names to assign network devices so we don’t have to use the IP address. (3)

Banners – Banners can be used to inform people how to use the device properly, it can be used to warn potential intruders that they are not allowed to access the network, or also be used a decorative piece. [2]. For Springfield, we will be using the banner to display the message of the day (MOTD). Below is an example decorative banner for the company I work for.

Figure 2: Decorative Banner

Secured (Encrypted) Passwords– Passwords are one of the first line of defense. Passwords control who can access the network.

Spanning Tree Protocol (STP)– This helps prevent loops which can cause a slow network

  1. Sample Configurations

Configuring Hostname for Switch

Enter the commands to change the host name.

switch# enable

switch# configure terminal

switch# hostname Springfield Switch 1       

Springfield Switch 1(config)# exit

Springfield Switch 1(config)# copy running-config startup-config

I used the same commands to edit the hostname of each switch when I logged into them. In the end, I had the hostnames of Springfield Switch 1, Springfield Switch 2, Springfield Switch 3, and Springfield Switch 4.

 

Configuring Message of the day (MOTD banner

switch# enable

switch# configure terminal

switch(config)# banner MOTD #Welcome to xAcme. Unauthorized access to this device is frowned upon!#

switch(config)# #banner login#

switch(config)# exit

switch# copy run start

Configure Login Banner

switch# enable

switch# configure terminal

switch(config)# banner login #enter your password#

switch(config)# exit

switch# copy run start

 

Configure Devices Passwords on both Console and VTY. (Encrypt Passwords)

switch# enable

switch# configure terminal

switch(config)# line con 0

switch(config)# enable secret [email protected]$

switch(config)# login

switch(config)# service password-encryption

switch(config)# login

switch(config)# line vty 0

switch(config)# enable secret [email protected]$

switch(config)# login

switch(config)# service password-encryption

switch(config)# exit

switch# copy run start

Implementation of Spanning Tree Protocol (STP) and Configuration

The spanning tree protocol is to protect the layer 2 infrastructure from disaster if it has redundancy. Redundancy is good in a network topology because it eliminates single points of failures, but redundant topologies can also have negative side effects. For example, it can cause major loops in the system causing multiple frame copies, broadcast storms, latency, and MAC address instability problems. [1]

The STP is a loop-prevention protocol and provides a loop free redundant network by placing certain ports in a block state.

This config will help set Switch 1 as the root bridge.

switch# enable

switch# configure terminal

switch(config)# spanning-tree vlan 1 priority 4096

switch(config)# exit

switch(config)# copy running-config startup-config

Configuring Bridge Protocol Data Units (BPDU)

This helps block attacks from bogus BPDU. I was able to run these commands on all 4 switches.

switch# enable

switch# configure terminal

switch(config)# spanning-tree portfast bpduguard default

switch(config)# exit

switch# copy run start

  1. Supporting Tables/ Diagrams

 

Cisco 2800 Series Integrated Services

Interfaces Ports Available

4 Fast Ethernet Interfaces
(Per Router)

2 Serial Interfaces
(Per Router)

fa0/0

s0/0/0

fa0/1

s0/0/1

fa1/0

fa1/1

Figure 3: Routers Per Site

 

 

Cisco Catalyst 6500 Series

Ports Available

96 Total Gigabit Ethernet
Ports Per Switch

Module 1 = gi0/1 – gi0/24

Module 2 = gi1/1 – gi1/24

Module 3 = gi2/1 – gi2/24

Module 4 = gi3/1 – gi3/24

Figure 4: Switch Per site

  1. Conclusion

xAcme’s Springfield site is functioning a lot better now after I made the proper network changes to their infrastructure. Their network security and settings have been enhanced. Even though we can still improve the security features, what I have implemented is a good base start. Some example security enhancements I have suggested in the future are firewall for the core router. This will help against network attacks. We can also set up the connection to the cisco devices through SSH(secure shell). I look forward to helping the xAcme’s team throughout this big project.

  1. Bibliography

[1] Nicosia, G., Fabrizio, G., Oriolo, G. and Sanità, L. (2019). Stable routing under the Spanning Tree Protocol. [online] Www-sciencedirect-com.ezproxy.umuc.edu. Available at: https://www-sciencedirect-com.ezproxy.umuc.edu/science/article/pii/S0167637710000568 [Accessed 10 Sep. 2010].

[2] “Cisco Networking: Banner Configuration,” dummies. [Online]. Available: https://www.dummies.com/programming/networking/cisco/cisco-networking-banner-configuration/. [Accessed: 02-Feb-2019].

[3] “Configuring the Hostname of a Router or Switch by Using a Configuration Group,” Configuring the Hostname, 18-Oct-2018. [Online]. Available: https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/junos-software-router-hostname-configuring.html. [Accessed: 02-Feb-2019].

“TestOut LabSim”, Cdn.testout.com, 2019. [Online]. Available: https://cdn.testout.com/client-v5-1-10-551/startlabsim.html [Accessed: 1- Feb- 2019].

Cite This Work

To export a reference to this article please select a referencing stye below:

Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.
Reference Copied to Clipboard.

Related Services

View all

DMCA / Removal Request

If you are the original writer of this essay and no longer wish to have the essay published on the UK Essays website then please: