PDF

Module 6: Designing the Physical Network
Contents Overview Lesson: Preparing to Design a Network Infrastructure Lesson: Creating an IP Addressing Design Lesson: Designing a DHCP Infrastructure Lesson: Designing a Change Management Structure for Networking Lab A: Designing the Physical Network 1 2 14 26 35 41
Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2003 Microsoft Corporation. All rights reserved. Microsoft, MS-DOS, Windows, Windows NT, Windows Server, Active Directory, BackOffice, Microsoft Press, MSDN, PowerPoint, Visio, and Windows Media are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
iii
Instructor Notes
Presentation: 120 minutes Lab: 40 minutes This module provides students with the knowledge and skills necessary to design the physical network. The module introduces basic network design principles, including the network life cycle and components of a network design. It describes the types of data that need to be gathered and the business requirements that must be determined before a design for the physical network is created. Then the module then explores how to create an Internet Protocol (IP) addressing design and how to design a Dynamic Host Configuration Protocol (DHCP) infrastructure. Finally, the module describes how to design a change management structure for networking. After completing this module, students will be able to: Explain the preparation necessary to design a network infrastructure.
! ! !
Create an IP addressing scheme. Design a DHCP infrastructure. Design a change management structure for networking.
Required materials
To teach this module, you need Microsoft PowerPoint file 2282A_06.ppt. Important It is recommended that you use PowerPoint 2002 or later to display the slides for this course. If you use PowerPoint Viewer or an earlier version of PowerPoint, all features of the slides might not be displayed correctly.
Preparation tasks
To prepare for this module:

! ! !
Read all the materials for this module. Complete the practices. Complete the lab, practice discussing the answers, and become familiar with the lab environment.
Consider reading appropriate sections in the additional resource referenced in this module:
!
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference by Joseph Davies and Thomas Lee, Microsoft Press, Copyright 2003
Classroom setup
The information in this section provides setup instructions that are required to prepare the instructor computer or classroom configuration for a lab. The computers in the classroom should be set up in the configuration specified in the Customization Information section at the end of the Automated Classroom Setup Guide for Course 2282A, Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure. No additional classroom setup is required to perform the lab in this module.
iv
How to Teach This Module

This section contains information that will help you to teach this module. This module begins the second half of the course; it focuses on designing the physical network infrastructure that supports Microsoft Active Directory directory service. Note Students might wonder why Active Directory design was covered first in this course, and then network infrastructure design, when in real life they are integrated and often performed at the same time. You can explain that although these subjects could have been covered in the opposite sequence, a decision was made when this course was designed to cover the logical Active Directory design process first, and then the physical network design process.
Warning Be aware that many of the topics in this module can generate a lot of student discussion. Students, particularly those who have a high level of knowledge about connectivity strategies and associated hardware devices, can discuss these topics forever. This provides a challenge to the instructor to manage class time carefully while presenting this module.
Lesson: Preparing to Design a Network Infrastructure

This section describes the instructional methods for teaching this lesson. This lesson describes the network life cycle and how design tasks fit into it. It describes the components of a network design and presents guidelines for creating a successful design. The Network Life Cycle Point out that the network life cycle parallels the Active Directory life cycle. This is because both life cycles are based on the phases of the Microsoft Solutions Framework (MSF) process model. Because it has been a few days since you covered the MSF phases in Module 1, it might be a good idea to review them here. Note that the team model used for network design teams is based on the MSF model. The team model used for the Active Directory design team was not based on the MSF model, but was based on a design team model developed by Microsoft specifically for Active Directory design and deployment projects. Many of the design tasks listed are the same as Active Directory design tasks. However, the last three tasks are specific to the design process for networks. Ask students if theyve ever constructed a diagram of an existing network. Emphasize that business requirementsnot the latest and greatest technology must always drive IT decisions. Point out that the components of a network infrastructure design are different from the components of an Active Directory design. You might also want to mention that in todays corporate environment, the security plan is one of, if not the most, critical pieces of an organizations network infrastructure design.
The MSF Network Design Team
Design Tasks for Networks
Components of a Network Infrastructure Design
Interaction of Network Infrastructure and Active Directory Designs
Call attention to the key point in this topic, which is that the network infrastructure must support the Active Directory design. Also remind students that no network is 100 percent pure when it comes to the hardware and software it uses. Virtually every network uses hardware manufactured by different vendors, and uses software or network services or both that have interoperability requirements, as well. These interoperability issues must be planned for when designing the physical network. Point out that just as it was important to have detailed information about the current network infrastructure before you could create an Active Directory design, you also need this information before you can design the physical network. Where are a companys server farms located? Where are its data centers located? These are two common questions that need to be answered when inventorying an organizations network servers. Emphasize that in order for the physical network to support the software used by an organization, its vital to know exactly what types of software, particularly server-based applications and specialized or custom applications, are used and must be supported.
Gathering Data about the Network
Guidelines for Designing a Network Infrastructure
Consider asking students if planned growth in an organization is always the same as actual growth. In addition to the guidelines presented, consider asking students if they have other guidelines they would recommend for designing a network infrastructure.
Lesson: Creating an IP Addressing Design

This section describes the instructional methods for teaching this lesson. This lesson explores the many details that must be considered when designing a Transmission Control Protocol/Internet Protocol (TCP/IP) solution for connecting an organizations networks. The lesson describes considerations for IP subnetting, contrasts public and private IP addressing schemes, explores various address allocation methods, and provides guidelines on creating an IP addressing design and an IP subnetting design. Considerations for IP Subnetting Public and Private Addressing Schemes Explain that, to optimize TCP/IP on your network, two key determinations must be made: the number of hosts per subnet, and the number of subnets. Future growth must be taken into account as these decisions are made. Stress that using public IP addresses can be expensive, and that having a large number of public IP addresses is usually not necessary. Except for the few public IP addresses necessary for hosts that require direct access to the Internet, most businesses use a private IP addressing scheme for security and costs reasons. If students are not familiar with the term summarize, as it is used to refer to IP address allocation, explain that summarizing refers to combining multiple IP ranges into a single, large range of addresses. This is also called supernetting. Explain that using classless IP addressing eliminates the need to use class A, class B, and class C IP addresses. Use this section to summarize the key points covered in this lesson and to discuss best practices for creating an IP subnetting design. In this practice, students create an IP addressing design for Northwind Traders through answering a series of questions.
Address Allocation Methods Guidelines for Creating an IP Addressing Design Guidelines for Creating an IP Subnetting Design Practice
vi
Lesson: Designing a DHCP Infrastructure

This section describes the instructional methods for teaching this lesson. This lesson explores the many details that must be considered when designing a DHCP infrastructure for an organizations network. The lesson compares options for placing DHCP servers, describes the role of redundancy in DHCP server placement, and discusses factors that influence the number of DHCP servers needed. DHCP Server Locations Point out that the most efficient DHCP infrastructure combines a centralized and distributed DHCP infrastructure and is based on the physical characteristics of the LAN or WAN infrastructure. Discuss split scopes and ask students if their companies use this method, and if so, how effective it is for their organization. Mention that using Windows Clustering provides a higher level of availability for individual DHCP servers, and provides greater fault tolerance than using split scopes. The Number of DHCP Servers Guidelines for Designing a DHCP Infrastructure Practice Use the table to explain the requirements and conditions in which a company can use a single DHCP server, and when it must use multiple DHCP servers. Use this section to review the key points of this lesson, and to emphasize best practices for designing a DHCP infrastructure. In this practice, students design a DHCP infrastructure for Northwind Traders.
DHCP Server Redundancy
Lesson: Designing a Change Management Structure for Networking

This section describes the instructional methods for teaching this lesson. In this lesson, students learn how to design a change management structure for networking. The lesson describes the impact of changing requirements on network infrastructure, addresses the necessity and elements of network usage monitoring, and provides strategies and guidelines for designing change management policies. How Change Affects a Network Infrastructure Monitoring Network Usage Emphasize that organizationsand their networkschange over time. To meet the ever-changing business needs of an organization, you must plan for flexibility and change when it comes to the physical network. Point out that, when developing a network monitoring design, it is vital to specify who will review the monitored data and the frequency of review. The data that is gathered through monitoring is absolutely worthless unless its analyzed. Highlight one of the key guidelines for a change management structure: including a backout plan in any design for change. You hope youll never need it, but if something goes terribly wrong during a deployment and you do need a backout, youll be glad you took the time to create this plan. Take this opportunity to discuss with the class the strategies for creating a change management structure for networking. Have students share their own work experiences with the class.
Guidelines for Designing a Change Management Structure for Networking Discussion
vii
Lab A: Designing the Physical Network

In this lab, students design an IP addressing scheme and a DHCP infrastructure for Tailspin Toys. After completing this lab, students will be able to:
! !
Design an IP addressing scheme. Design a DHCP infrastructure.
Note To prevent confusion, at the start of the lab, remind students that in the practices they have been working with Northwind Traders, but in the labs they are working with Tailspin Toys. To begin the lab, open Microsoft Internet Explorer and then, on the Web page that appears, click the link for this lab. Play the video interview for students, and then instruct students to begin the lab with their lab teams. Note that:
!
The exercise does not require students to design for public IP addresses, only for the private IP addresses that will be used by Tailspin Toys. The e-mail message from Linda Meisner provides the specific tasks that must be accomplished in this lab. The e-mail message from Linda Meisner points out that all of the companys routers can be configured to forward DHCP/BOOTP packets. Because of this, DHCP relay agents will not be needed.
Give students approximately 20 to 25 minutes to complete their designs. Then spend approximately 10 to 15 minutes discussing the students designs as a class. Student answers will vary because there are several possible IP addressing schemes and DHCP infrastructure designs and no single correct solution. After the teams develop their designs, ask one person from each team to present their designs to the class. General lab suggestions For general lab suggestions, see the Instructor Notes for the Module 1 lab titled Preparing to Design an Active Directory Infrastructure in Course 2282A, Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure. Those notes contain detailed suggestions for facilitating the lab environment in this course.
viii
Customization Information
This section identifies the lab setup requirements for a module and the configuration changes that occur on student computers during the labs. This information is provided to assist you in replicating or customizing Microsoft Official Curriculum (MOC) courseware. The lab in this module is dependent on the classroom configuration specified in the Customization Information section at the end of the Automated Classroom Setup Guide for Course 2282A, Designing a Microsoft Windows Server 2003 Active Directory and Network Infrastructure. Important Although no computer configuration changes occur on student computers during the labs, the information gathered and many of the solutions produced in a lab carry forward to subsequent labs in the course. Therefore, if this course is customized and all of the modules are not used, or they are presented in a different order, when the instructor begins a lab the instructor might need to provide students with a possible answer from the previous lab(s) to use as a starting point for the current lab.
Overview
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This module introduces the process of designing a network infrastructure, including design tasks, components, and guidelines. The network infrastructure must support your design for the Microsoft Active Directory directory service. To begin, you gather and analyze business requirements and other data and then use that data to guide the design of your physical network design. When designing the network infrastructure, you must include an Internet Protocol (IP) addressing design and a Dynamic Host Configuration Protocol (DHCP) infrastructure. After you have completed your design, you must also create a process for managing changes to the network, so that you maintain your network and keep it up to date. Objectives After completing this module, you will be able to:
!
Explain the preparation necessary in order to design a network infrastructure. Create an IP addressing scheme. Design a DHCP infrastructure. Design a change management structure for networking.
! ! !
Lesson: Preparing to Design a Network Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction This lesson introduces the network life cycle, the network design team, and design tasks for networks. Your network design must support the needs of your organization, and it must also support Active Directory. Gathering relevant data is an essential step in the design of your network. After completing this lesson, you will be able to:
! ! ! ! ! ! !
Lesson objectives
Describe the network life cycle. Describe the roles on a design team. Describe network design tasks. Describe the components of a network infrastructure design. Describe the role of a network infrastructure in an Active Directory design. Explain the information you need to gather for your network design. Describe the guidelines for designing a network infrastructure that will support Active Directory.
The Network Life Cycle
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Phases of the network life cycle The five phases of the network life cycle are based on the principles of Microsoft Solutions Framework (MSF). Using a model such as this helps facilitate understanding of network designs complexity. The phases include:
!
Envisioning. You begin by defining high-level objectives that guide and drive the project. A specific example might be deploy a network infrastructure in our two new branch offices by the time those offices open at the end of the year. A general, long-term goal might be to reduce network administration costs. Planning. In this phase, you gather detailed information and then analyze business requirements. These requirements help determine choices for key components of your design, such as hardware, software, network services, and topology. At the end of this phase, you should have a functional specification document that lists what the project will accomplish, a master project plan that includes specifics, and a master project schedule. The design of your network infrastructure is completed in this phase. Developing. In this phase, you work out the details for implementing the design and select vendors to provide components for your network. Limited testing of the planned infrastructure occurs in a lab environment. Training materials and end-user documentation are also produced during this phase. Stabilizing. During this phase you test the network infrastructure plan to ensure that it meets the business requirements of your organization. The focus shifts from constructing the plan to improving its quality. You also pilot the network infrastructure plan to a small number of computers and users in the organization and make any required modifications. Deploying. In the deployment phase you incorporate changes identified during stabilization and then implement the network infrastructure design solution. This is a highly logistical process in which all members of the deployment team must work together to ensure a successful deployment.
The maintenance of the network infrastructure continues until the organization resumes the envisioning phase for an upgrade of its network infrastructure.
The MSF Network Design Team
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Team roles The MSF team model calls for six roles on a design team, with each role corresponding to a major project goal. Depending on the complexity of the design project, multiple people might contribute to a single role, or an individual might assume more than one role. Communication among all roles is integral to the structure of the design team and essential to team success. The six team roles include:
!
Product management. Works to satisfy customers. In a network infrastructure design project, the organization is the customer. If the design meets the business needs of the organization, then the customer is satisfied. Product management identifies requirements of the organization, articulates a vision for the network design project, develops and maintains the business reasons for initiating the project, owns the communication plan, and manages the expectations of the organization. Program management. Delivers the network infrastructure design on time and within budget. They secure resources that the team needs to complete the design, and own the master project plan, schedule, and budget. Development. Constructs the network solution according to the given specifications. Development provides technical expertise and input for the technology decisions that will affect the network design, and evaluates the design for implementation feasibility. Test. Approves the project solution for implementation only after all quality issues are identified and addressed. They help determine criteria for a successful design, outline the test strategy, and test the design. Release management. Responsible for effective piloting and deployment of the network project solution and ongoing management. They communicate with operations groups that will be affected by the implementation of the design in order to determine those groups requirements for the design.

!
User experience. Ensures effectiveness of the network solution for users. They strive to make the final implemented network design deliver maximum benefit and ease of use. During the design process, user experience functions as a user advocate and communicates the needs of users to the design team as various network options are considered. User experience also begins to plan for user documentation and necessary training.
Assembling a design team
Assembling a design team is an important process, because the design team will ultimately be responsible for developing a successful network infrastructure design for the organization. Assembling a successful design team involves several tasks:
!
Determining the skill set needs for the design team. What level of networking skill do team members need? What level of Active Directory knowledge do team members need? What other types of knowledge and skills are needed? These are the kinds of questions you must answer to determine the skill set needs for a specific network infrastructure design project. Identifying team members to fill each of the six team roles. Once the skill set needs are determined, you can begin to identify potential team members and determine if individuals are qualified. If personnel within the organization do not possess the networking skill sets needed for the design project, the organization might need to train individuals to fill the roles or look outside itself for individuals with the necessary skill sets. Explaining team role concepts to potential team members. Every prospective team member needs to have an understanding of the team roles, especially the role he or she is being asked to fill, and the types of tasks and responsibilities he or she will have throughout the design project. Assessing team readiness. Once the team members are selected, you should evaluate the collective preparedness of the team to complete the design project successfully.
Design Tasks for Networks
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Tasks in the network infrastructure design process The network infrastructure design process includes many tasks. Some of these tasks you are already familiar with from previous lessons:
! ! ! ! ! !
Collecting organizational information Analyzing organizational information Analyzing design options Selecting a design Developing and refining the design Assessing risk
Additional design tasks specific to the network infrastructure design process include:
!
Validating the technology. Validating the technology that is specified in the design plan helps ensure that the features and functions perform as stated in the documentation. The purpose of this validation is to eliminate potential design flaws or architecture errors. Diagramming the existing network. Most organizations already have a network in place. The following pages in this lesson list information you need to gather about your existing infrastructure. Comparing the existing network infrastructure with the business requirements for your design. After you perform this comparison, you can determine the changes that must be made to the existing network infrastructure. Then you can transfer these changes to the network infrastructure diagrams so that they form a blueprint for your network infrastructure design.
Components of a Network Infrastructure Design
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Definition A network infrastructure design contains several distinct design plans, each of which contains detailed specifications for the various components of a network infrastructure. The plans listed below are typical; depending on the size and complexity of the organization, and its business requirements, the design team might include a variable number of plans in its network infrastructure design. The team might combine some of these plans, or it might call these plans by different names. Most network infrastructure designs, however, will include the detailed information contained in the following plans:
!
Components of a network infrastructure design
Hardware plan. Specifies all hardware required to meet the network infrastructure design solution, including: server computers; client computers; and network connection devices and links, such as network adapters, network cabling, modems, the hardware required for wide area network (WAN) links, hubs, bridges, switches, and routers. Topology plan. Specifies the physical layout of all network infrastructure components and the cabling pattern that will connect these components. Important design choices include determining the appropriate transport mechanism/network technology that will be used, such as 100-megabit Ethernet, Gigabit Ethernet, or fiber optic; determining where to locate firewalls and routers; and determining how and where to attach the servers and workstations. Operating system plan. Specifies the operating system or systems that will be used, and provides solutions for their interoperability. Included in this plan are specifications for the operating system that will be run on server computers, client computers, and computers and devices that perform specialized functions for the organization. Directory services plan. Specifies the directory service (such as Active Directory) that will be used throughout the network, and details how the directory service will be structured and implemented to meet the business needs of the organization.

!
Network protocols and services plan. Specifies in detail the various network protocols and services that will be used and supported in the network infrastructure. Depending on the business requirements of the organization and the network protocols and services needed, this plan might specify: TCP/IP infrastructure, including TCP/IP security Routing strategies IP addressing scheme IP configuration strategy, including the use of DHCP How Domain Naming Server (DNS) will be implemented and used How Windows Internet Naming Service (WINS) will be implemented and used How network availability will be ensured where it is critical Any voice and video applications that will be used Other network protocols and services configuration details Server-based applications plan. Specifies the server-based applications that will be used, such as e-mail, firewalls, and proxy servers, and how and where these applications will be implemented. Intranet connectivity plan. Specifies how to connect the private internal network of the organization to the Internet and how the private network will be secured from unauthorized access through the Internet. Extranet connectivity plan. Specifies how an external user, such as a supplier, vendor, business partner, or customer will connect to your private network and access some of or all the private data that it contains. The plan specifies the connection method to be used, such as a private Web server or a virtual private network (VPN) connection. Security plan. Specifies the detailed measures necessary to protect the organizations network and its resources. It specifies hardware and software that will be used to provide security; network configuration strategies, such as the placement of firewalls; and company policies that will be used to enhance network security.
Additional reading
For more information about network design, see Designing a TCP and IP Network under Additional Reading on the Web page on the Student Materials compact disc.
Interaction of Network Infrastructure and Active Directory Designs
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Role of network infrastructure An organizations network infrastructure design and its Active Directory design are inherently related. The network infrastructure provides the foundation for your Active Directory design and deployment. The existing network infrastructure is a consideration during the Active Directory design process and might influence the design. However, one the primary design goals of your network infrastructure must be that it supports your Active Directory design. To that end, your Active Directory design will determine, to some extent, some elements of your network infrastructure design. Elements crucial to successful interaction The following table describes the network infrastructure components that are vital to a successful Active Directory design.
Element Network topology Description The physical layout of computers, cables, switches, routers, and other physical components of the network must support the Active Directory design. The forest plan, domain plan, and domain controller capacity plan components of an Active Directory design specify how many domain controllers your organization requires to implement its Active Directory design. To support Active Directory, the network infrastructure must have the minimum number of server computers specified in the design to function as domain controllers. In addition, these servers must have adequate resources to function as domain controllers.
Domain controllers
10
Module 6: Designing the Physical Network (continued) Element Physical communication links Description Includes cables and the paths of analog and digital lines; and WAN links. The domain plan and site plan components of an Active Directory design specify how network communication and replication will take place. In order for communication and replication to take place as designed, the network infrastructure must have an adequate number of links that have sufficient speed and available bandwidth. Operating system or systems Network protocols and services Active Directory requires a network that runs either Microsoft Windows 2000, or, for best functionality, the Windows Server 2003 operating system. Active Directory relies extensively on several critical network protocols and services. These protocols and services must be provided by the network infrastructure in order for Active Directory to perform essential functions: TCP/IP: Active Directory requires TCP/IP for all network communications. DNS: Active Directory uses DNS as its primary name resolution service. It uses DNS to locate domain controllers for authentication and replication, locate global catalog servers for performing searches, to locate file and print services, and to perform lookups for external computer names. DHCP: Active Directory uses DHCP to manage large numbers of IP addresses, along with associated information such as gateway, DNS, and WINS addresses for client computers; and to balance client load effectively across DHCP, WINS, and DNS. WINS: Active Directory uses WINS to provide name resolution services for NetBIOS-based clients and applications within the organization. Whenever a Microsoft client or server operating systems prior to Windows 2000 is part of the environment, WINS is required.
11
Gathering Data about the Network
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Key points To design a network infrastructure that supports future growth for your Active Directory deployment, you must have a detailed picture of the resources you currently have in place. The following table describes diagrams that might aid you in designing your future network infrastructure.
Network diagram Physical network diagram Gather the following: Details of physical communication links, such as cable length, grade, and approximation of physical paths of the wiring; analog, and Integrated Services Digital Network (ISDN) lines. Servers, with computer name, RAM, and location. Locations of devices such as printer, hubs, switches, modems, routers, bridges, and proxy servers that are on the network. WAN communication links and the available bandwidth between sites, including VPN links. Firmware versions, throughput, and any special configuration requirements for any devices on the network, including any static IP addresses assigned to any of these devices.
12
Module 6: Designing the Physical Network (continued) Network diagram Logical network diagram Gather the following: Details of physical communication links, such as cable length, grade, and approximation of physical paths of the wiring; analog, and ISDN lines. Servers, with computer name, IP address (if static), domain membership, RAM, and location. Locations of devices such as printer, hubs, switches, modems, routers, bridges, and proxy servers that are on the network. WAN communication links and the available bandwidth between sites, including VPN links. Firmware versions, throughput, and special configuration requirements for devices on the network, including any static IP addresses assigned to any of these devices. Security Resource access security. Internet security. Network encryption methods, including IPSec. Firewall and proxy server configurations. Network monitoring methods and information.
Software applications
When gathering information about your organizations software applications, consider the following:
!
What types of network (client and server) software applications exist? For example, office workers might use office productivity applications that access document servers or Web servers, and backup software accesses network file and print servers.
What are the network software requirements? Determine any specific requirements that the software applications might have. For example, determine if backup applications require accessing the document servers continuously or periodically and what type of name resolution method the applications require. Determine the network services required by software applications.
What are the network software security requirements? For example, determine if the accounting network software authenticates the users accessing the system, and if so, what type of authentication it uses.
13
Guidelines for Designing a Network Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Network infrastructure design guidelines Use the following guidelines to help increase the likelihood of your success in designing and implementing an effective network infrastructure:
!
Consider the planned growth or contraction of the organization. Analyze both the existing size and characteristics of the organization, and any known or planned changes, such as growth, acquisitions, organizational structure reorganizations, downsizing, and sales of divisions. Consider the interoperability of network infrastructure with Active Directory. Keep in mind the network components required by Active Directory, such as the Windows Server 2003 operating system, TCP/IP, DNS, and so on, as you create your network infrastructure design. For example, your organizations DNS design might include DNS components from different DNS vendors. Consider how these DNS vendor components will interoperate with Active Directory. Also be aware of hardware interoperability concerns. For example, you might have routers from different vendors in place on your network. Do they require physical network changes that affect your network design? Build security into your design. Protect your network at all times from external and internal attacks. You want to provide Internet access to all authorized users but protect your network resources from unauthorized users and intruders. There might also be security concerns regarding interoperability. For example, you might build authentication software using certificates from different vendors to create a complete security solution. One vendor will supply the smart cards, another vendor will supply the readers, and still another vendor supplies the software. This case would require a careful examination of interoperability. Consider total cost of ownership (TCO) of network components, as well as their initial investment cost. Often, network components that initially appear more expensive than alternate choices actually end up costing less to own and operate in the long run. Performing a cost analysis before purchasing network components might be beneficial, especially if you need to justify design and deployment expenses to upper management.
14
Lesson: Creating an IP Addressing Design
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction When designing the physical network, one of the first design decisions is the type of TCP/IP solution to use for connecting networks. Designing an IP addressing solution includes creating an IP subnetting design and an IP addressing design. After completing this lesson, you will be able to:
! ! ! ! !
Lesson objectives
Discuss considerations for IP subnetting. Contrast public and private IP addressing schemes. Evaluate various address allocation methods. Create an IP addressing design. Create an IP subnetting design.
15
Considerations for IP Subnetting
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction An IP-routed network design requires that you examine the relationship between the number of hosts per subnet and the number of subnets. Your network design must optimize the number of subnets and the number of hosts per subnet. When designing an IP network and selecting the masks that are required to permit routing, you might be limited by several factors, including the number of physical subnets that exist, the number of logical subnets that you can create, and the host population on both physical and logical subnets. A good subnet mask design does not restrict expected growth in either the number of subnets or the number of hosts per subnet. You must adjust the subnet mask to provide for expected host population and network growth. Considerations for determining the number of hosts per subnet Consider the following when determining the number of hosts per subnet:
!
Network design specifications. Create your network design specifications to meet required performance goals. This requires analyzing the bandwidth utilization, broadcast domain size, routing configuration, distance vector delays, and application data flow requirements. Router performance. Evaluate the number of hosts supported by any new or existing routers. To determine the maximum number of hosts supported per subnet, divide the total number of hosts on any local area network (LAN) by the number of subnets supported by the router or routers. If this number exceeds the host capacity of a subnet or limits performance, redesign the network to increase the number of subnets. Future growth. Examine the subnet mask to determine whether the number of hosts per subnet provides for current needs, performance expectations, and future growth.
16
Considerations for determining the number of subnets
Consider the following when determining the number of subnets in a routed IP network:
!
Subnet for each WAN connection. Examine the network design for any remote connectivity. To support routing, each remote connection requires a subnet. Overloaded segments. Evaluate the number of hosts supported by any new or existing router. To determine the minimum number of routers required at any single location, divide the total number of hosts by the number of hosts optimally supported by the router. Future growth. Examine the subnet mask to determine if the number of subnets and the number of hosts per subnet provide for growth. If possible, design for an excess of subnets, because router technology usually limits the number of hosts per subnet.
Additional reading
For more information about considerations for IP subnetting, see Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference by Joseph Davies and Thomas Lee, Microsoft Press.
17
Public and Private Addressing Schemes
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Public addressing schemes When creating an IP addressing design, you can use public and private addressing schemes. Hosts that are connected directly to the Internet require a public, globally unique IP address. Any network connected to the Internet has a minimum of one public address for Internet connectivity. To enhance security, a private network that uses public addresses and is connected to the Internet requires isolation from the Internet by a firewall, a screened subnet, or a packet-filtering router. Use a public addressing scheme if your organization contains:
! !
A large number of hosts that require direct Internet access. A sufficient number of registered public addresses that can be assigned to all network hosts.
If the network design requires that a large number of IP addresses be accessible from the Internet, you must obtain a suitable range of public IP addresses. You can apply for public IP addresses from an Internet service provider (ISP) or Internet registry. However, having a large number of public addresses is expensive to maintain and, in most cases, unnecessary. Organizations that use a public addressing scheme must also anticipate the amount of network growth. The total number of available addresses could restrict your network growth. After you assign all the public addresses, you cannot add devices to the network unless you acquire more public addresses.
18
Private addressing schemes
Most organizations do not require each host to be accessible from the Internet. You can improve network security by preventing direct Internet access for hosts on the private network. Use a private addressing scheme if the organization contains:
! !
Few hosts that require direct Internet access. Insufficient public addresses for all private network hosts. Using a private addressing scheme for the intranet is inexpensive and can be designed to accommodate virtually unlimited network growth. RFC 1918 lists the IP address ranges that are reserved by the Internet Engineering Task Force (IETF) and available for use in private addressing schemes. RFC 1918 defines the following three private address blocks: 10.0.0.0/8. This private network is a Class A network ID that supports the following range of valid IP addresses: 10.0.0.1 through 10.255.255.254. The 10.0.0.0/8 private network has 24 host bits that a private organization can use for any subnetting scheme within the organization. 172.16.0.0/12. This private network can be interpreted either as a block of 16 Class B network IDs or as a 20-bit assignable address space (20 host bits) that can be used for any subnetting scheme within the private organization. The 172.16.0.0/12 private network supports the following range of valid IP addresses: 172.16.0.1 through 172.31.255.254. 192.168.0.0/16. This private network can be interpreted either as a block of 256 Class C network IDs or as a 16-bit assignable address space (16 host bits) that can be used for any subnetting scheme within the private organization. The 192.168.0.0/16 private network supports the following range of valid IP addresses: 192.168.0.1 through 192.168.255.254. In addition to the addresses in RFC 1918, the Internet Assigned Numbers Authority (IANA) reserves the use of the 169.254.0.0/16 range for Automatic Private IP Addressing (APIPA) on private networks.
Any IP address can be used on a private network that is isolated from the Internet by the use of a network address translation (NAT) device. The use of the addresses shown in RFC 1918 is recommended because these addresses are not routed on the Internet. Additional reading For more information about public and private addressing schemes, see:
!
Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference by Joseph Davies and Thomas Lee, Microsoft Press. Designing a TCP and IP Network, under Additional Reading on the Web page on the Student Materials compact disc.
For more information about the IP address ranges that are reserved by the IETF and available for use in private addressing schemes, see:
! !
The Internet Engineering Task Force Web site at http://www.ietf.org. The Internet Assigned Numbers Authority Web site at http://www.iana.org.
19
Address Allocation Methods
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Key points You must choose an address allocation method that best fits your structured address model. You can choose one of the following methods or combine two or more of them.
!
Random address allocation. Allows you to assign blocks of addresses randomly. A commonly used method, it might be appropriate for a small network where no significant growth is anticipated. However, if the network grows, this method can cause extra work for network administrators. With numerous routes being advertised to the core tier of routers, this method can cause routing stability issues, because it is almost impossible to summarize the random collection of routes. Summarizing routes is the process of combining several subnets that exist in a single location into a single larger supernet. This process is sometimes called supernetting. Addressing by organization chart. Allows you to create subnets based on a pool of addresses that are preassigned to a department or team in your organization. For example, the address of the sales team is designated as 10.2.0.0/16, with a subnet address of 10.2.1.0/24 for the sales team at one site and a subnet address of 10.2.2.0/24 for the sales team at another site. Because many contiguous subnets might remain unassigned, this addressing scheme does not scale well. Addressing by geographical region. Allows you to use an address structure based on location. This method provides a greater degree of summarization. However, as the internetwork of a geographically diverse organization continues to grow, fewer routes are available for summarization. Addressing by topology. Allows you to use an address structure based on your routing topology. This is the best way to make sure that summarization can occur and that an internetwork remains effectively scalable and stable.
20
Guidelines for Creating an IP Addressing Design
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Guidelines When you create an IP addressing design, use a combination of one or more of the following guidelines:
!
Use classless IP addressing. This will enable you to make more efficient use IP addressing by subnetting appropriately. Use classless routing protocols. Using classless routing protocols on your routers will enable you to use classless IP addressing on your network. Most current routing protocols with the exception of Routing Information Protocol for IP version 1 (RIPv1) support classless IP addressing. Use variable-length subnetting to divide IP range. This will let you customize your subnets based on the number of hosts on each segment. Use supernetting to combine IP ranges supernetting. By using supernetting, you can combine multiple IP address ranges into a large single range of addresses. This is called summarizing. This will enable you to combine multiple routing entries into a single entry. Use public addresses if you use a direct (routed) connection to the Internet. Public addresses are reachable on the Internet; private addresses are not. Use private addresses if you use an indirect connection to the Internet, such as a proxy server or NAT. Private addresses are strongly recommended for this application to prevent conflicts with public addresses which might already be in use on the Internet.
21
Guidelines for Creating an IP Subnetting Design
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Guidelines When creating an IP subnetting design, use the following guidelines:
!
Determine the appropriate TCP/IP infrastructure. Evaluate your Internet accessibility needs, the use of routers, and public address availability. To allow peer-to-peer communication, all hosts in a TCP/IP network require unique IP addresses. Determine the number of physical subnets: Create network design specifications to meet required performance goals. This requires analyzing the bandwidth utilization, broadcast domain size, routing configuration, distance vector delays, and application data flow requirements. Evaluate the number of hosts that are supported by any new or existing routers. To determine the maximum number of hosts supported per subnet, divide the total number of hosts on any LAN by the number of subnets supported by the router(s). If this number exceeds the host capacity of a subnet or limits performance, redesign the network to increase the number of subnets.
Determine the validity of a subnet mask in an IP-routed network. Consider the following: Subnet for each WAN connection. Examine the network design for any remote connectivity. To support routing, each remote connection requires a subnet. Overloaded segments. Evaluate the number of hosts supported by any new or existing router. To determine the minimum number of routers required at any single location, divide the total number of hosts by the number of hosts optimally supported by the router.
22

!
Anticipate growth. Examine the subnet mask to determine whether: The number of hosts per subnet provides for current needs, performance expectations, and future growth. The number of subnets and the number of hosts per subnet provide for growth.
Know your limits for growth. Your network design must optimize the number of subnets and the number of hosts per subnet. As you design an IP network and select the masks that are required to permit routing, you might be limited by: The number of physical subnets. The number of logical subnets that you can create. The host population on both physical and logical subnets.
23
Practice: Creating an IP Addressing Design
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Scenario In this practice, you will create an IP addressing design for the proposed Northwind Traders office in Houston, Texas. Northwind Traders plans to open a new office in Houston, Texas. This new office will spread out over four office buildings in downtown Houston, and will be connected by leased lines as shown in the diagram on the slide. To design a functional TCP/IP solution for connecting networks, you must determine the number of subnets required for each office building and the number of public and private IP addresses required for the design. Your design must meet the following requirements:
!
Design requirements
The network will use addresses from the 172.20.0.0/16 private address range for all host addresses in the Houston office. The number of hosts per subnet must be limited to 200 or fewer.
24
Practice
Based on the scenario, create an IP addressing design by answering the following questions. Be prepared to discuss your results as a class. 1. For this design, what is the minimum number of subnets required in each location, based on router performance? Building A: ___________ Building C: ___________ Building B: _____________ Building D: _____________
Total Subnets:________________ Building A: 5 (6 with WAN) Building B: 7 (9 with WAN and Internet) Building C: 1 (2 with WAN) Building D: 4 (5 with WAN) 2. Choose an appropriate subnet mask for hosts in this design. a. /16 b. /19 c. /21 d. /24 The correct answer is d, /24 ____________________________________________________________ ____________________________________________________________ 3. What is the total number of required private host IP addresses? a. 7 private IP addresses b. 1,204 private IP addresses c. 2,903 private IP addresses d. 4,032 private IP addresses The correct answer is c, 2,903 private IP addresses, which is calculated as follows: Building A: 808 Building B: 1,311 Building C: 129 Building D: 655
Note that students might arrive at an answer of 2,907 if they include the IPs for the WAN. ____________________________________________________________ ____________________________________________________________
25
4. What is the minimum number of required public IP addresses? a. 1 public IP address b. 2 public IP addresses c. 2,903 public IP addresses d. 4,032 public IP addresses The correct answer is a, 1 public IP address. ____________________________________________________________ ____________________________________________________________ 5. At maximum, how many hosts per subnet does the subnet mask in the design provide? a. 254 hosts per subnet b. 1,022 hosts per subnet c. 6,398 hosts per subnet d. 65,534 hosts per subnet The correct answer is a. The subnet mask design allows a maximum of 254 hosts per subnet. ____________________________________________________________ ____________________________________________________________ 6. Management has suggested that a new private address could be chosen. Which of the following private IP network addresses is appropriate for the design? (Choose all that apply.) a. 10.0.0.0 b. 230.120.0.0 c. 69.254.0.0
d. 192.168.0.0192.168.255.0
The correct answers are a and d. ____________________________________________________________ ____________________________________________________________
26
Lesson: Designing a DHCP Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction In your physical network design, you must determine the placement, redundancy, and sizing of DHCP servers, so that all computers on the network can obtain IP addressing information by using DHCP. In this lesson, you will learn about and apply guidelines for designing a DHCP infrastructure. After completing this lesson, you will be able to:
! ! ! !
Lesson objectives
Compare options for placing DHCP servers. Describe the role of redundancy in DHCP server placement. Compare the options in determining the sizing of DHCP servers. Design a DHCP infrastructure.
27
DHCP Server Locations
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Distributed DHCP infrastructure The location of your DHCP servers will be determined in part by your choice of DHCP infrastructure. For a distributed DHCP infrastructure, locate a DHCP server on each subnet. Distributed infrastructures require a greater number of servers than centralized networks. For example, a network that includes 30 subnets and is using a true distributed topology requires at least 30 DHCP servers, and possibly more to provide for redundancy. In a centralized DHCP infrastructure, DHCP servers are placed in a central location. A centralized DHCP topology requires you to implement a method to forward DHCP broadcasts from client computers to the DHCP server. In most cases, the routers that are positioned between each subnet can perform this function. If the routers cannot relay DHCP messages, you can configure a computer running Windows Server 2003 to act as a DHCP/bootstrap protocol (DHCP/BOOTP) relay agent. Combining distributed and centralized DHCP infrastructures provides maximum efficiency for your network. In a combined DHCP infrastructure, the locations for DHCP servers are based on the physical characteristics of the LAN or WAN infrastructure. The locations are not dependent on the logical groupings defined by the Active Directory logical structure. You do not need DHCP servers for every subnet if the connecting routers support DHCP/BOOTP relay agents. For more information about guidelines on location of DHCP servers, see Deploying DHCP under Additional Reading on the Web page on the Student Materials compact disc.
Centralized DHCP infrastructure
Combined DHCP infrastructure
Additional reading
28
DHCP Server Redundancy
*****************************ILLEGAL FOR NON-TRAINER USE****************************** When designing DHCP server redundancy, you can increase the fault tolerance and availability of your design by using one or more of the following options, depending on your fault tolerance requirements and hardware cost considerations. Split Scopes You can increase fault tolerance by splitting DHCP scopes between multiple DHCP servers. With a split-scope configuration, if one server becomes unavailable, the other server can take its place and continue to lease new IP addresses or renew existing clients. Splitting DHCP scopes also helps to balance server loads. When splitting the IP address pool of a scope between two servers, assign the same scope to both servers, and exclude opposite portions of the address range. You also need to make identical reservations at both DHCP servers, so that either server can assign the reserved IP address, ensuring that the intended device receives the address that is reserved for its use. A common practice when balancing a single network and scope range of addresses between two DHCP servers is to have 80 percent of the addresses distributed by one DHCP server and the remaining 20 percent provided by a second. Windows Clustering Windows Clustering provides a higher level of availability for individual DHCP servers. Windows Clustering allows two or more physical servers to be managed as a single logical server. This solution, however, generally requires more computing resources than multiple DHCP servers with split scopes. By using clustering support for DHCP, you can implement a local method of DHCP server failover to achieve greater fault tolerance and to minimize disruptions and work stoppages. Windows Clustering creates a virtual DHCP server so that if one of the clustered nodes fails, the namespace and all the services contained in that node are automatically transferred to a second node. No changes are visible to the client, which sees the same IP address for the clustered DHCP servers.
29
To further enhance DHCP fault tolerance and availability, combine DHCP server clustering with a remote failover configuration, such as a split scope configuration across different segments of your network. Although combining server clustering with a split scope configuration increases DHCP availability, you must consider whether the benefits to your organization outweigh the hardware costs involved. Standby server A standby server and its scopes are not activated for use under normal conditions, but are activated by the administrator only when needed, such as when a DHCP server fails or is taken offline for an extended period of time. Because standby servers require manual administration to ensure failover transition, they might not be as effective as other failover methods such as split scopes and clustered servers. To use a standby configuration, configure an additional DHCP server as a backup if the primary server goes offline. You can either configure the standby server to be identical to your primary DHCP server or configure the standby server with unused scopes to temporarily replace the primary DHCP server. If you are configuring the standby server with a scope that is identical to your primary DHCP server, you must implement server-side address conflict detection to prevent the assigning of duplicate addresses.
30
The Number of DHCP Servers
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction A single DHCP server can serve an almost unlimited number of clients. However, factors such as the size and layout of your network, the IP address class selected for use, and the volume of traffic on your network can affect the performance of the DHCP server. Do not assign more than 10,000 clients to an individual DHCP server. This maximum number limit ensures the best possible DHCP server performance in most networks. You can extend the length of the lease time and the renewal duration to improve the performance of a DHCP server. You can deploy multiple DHCP servers to reduce the volume of DHCP-related traffic across your network and create faster response times for DHCP messages. Deploying multiple DHCP servers also creates fault tolerance on your network. If you choose to deploy more than one DHCP server, it is important to weigh the benefits of increased response times against the costs required for additional hardware. Factors influencing DHCP server numbers When deciding how many DHCP servers to include in your solution, consider the following factors:
!
Speed of the DHCP server disk drives. The primary contributing factor to improving DHCP server performance is the speed of the server disk drives. For this reason, you should carefully evaluate disk access time and average times for disk read/write operations when sizing and planning your DHCP server hardware specifications. Often, this is more important than other server requirements, such as memory and processor. Generally, each DHCP server should have no more than 1,000 scopes defined for use. Each scope creates a corresponding need for incremental increases to the amount of disk space used for the DHCP server registry and for the server paging file. Keep this in mind when creating a large number of scopes.

!
31
Location of routers. The location of routers on the network and whether you want a DHCP server in each subnet is the primary factor in determining the number of DHCP servers. If you place a DHCP server on each subnet, the number of DHCP servers required increases dramatically. To decrease the number of DHCP servers required, extend the use of a DHCP server across more than one subnet. To accomplish this, you often must configure DHCP relay agents on your routers, and in some cases, use superscopes as well. Transmission speed between the segments for which DHCP service is provided. If you have slow WAN links or dial-up links, you typically need a DHCP server on both sides of these links to service clients locally. Network constraints. There is no fixed limit to the maximum number of clients that a single DHCP server can serve. However, your network can have practical constraints based on the IP address class selected for use and other server configuration details. For example, you should have a DHCP server in each location to avoid sending DHCP traffic over your WAN links. Use the information in the following table to determine whether your network requires a single DHCP server or multiple DHCP servers.
Solution Single DHCP server Considerations Requires relay agents or routers forwarding subnet broadcasts to support a routed network. Requires high-speed, persistent connections. Requires a server that has enough hard disk space, memory, processing power, and network bandwidth availability to support all the client computers on the network. Multiple DHCP servers Requires relay agents or routers forwarding broadcasts to provide total coverage, as determined by the number of servers and subnets. Permits a DHCP server at each location. This allows you to service DHCP clients locally if you have slow WAN links, dial-up links, or a geographically dispersed network. Allows you to scale the design to support any number of clients and subnets.
Single versus multiple DHCP servers
32
Guidelines for Designing a DHCP Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Guidelines When placing DHCP servers in your design, use the following guidelines:
!
If you are deploying a distributed DHCP infrastructure, place a DHCP server on each subnet. If you are deploying a centralized DHCP infrastructure, place DHCP servers in a central location. Configure a computer running Windows Server 2003 to act as a DHCP/BOOTP relay agent if the routers cannot relay DHCP messages. If you are deploying a combined DHCP infrastructure, establish your DHCP server locations based on the physical characteristics of the LAN or WAN infrastructure, and not on the logical groupings defined by the Active Directory logical structure. Provide redundancy for your DHCP servers by using distributed scopes, Windows Clustering, standby servers, or a combination of any of these technologies. Define no more than 1,000 scopes for use on each DHCP server. Limit your clients to 10,000 per DHCP server to get the best possible performance in most networks.
! !
33
Practice: Designing a DHCP Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Scenario In this practice, you will design a DHCP infrastructure for the proposed Northwind Traders office in Rio De Janeiro, Brazil. Northwind Traders plans to open an office in Rio De Janeiro, Brazil. The new office will occupy three different floors of a large office building in the heart of the city. The existing network has several subnets as shown in the diagram on the PowerPoint slide. All routers can be configured to forward DHCP requests to a DHCP server. Based on the scenario, determine how you can plan a DHCP solution for automated host IP configuration in the new office by answering the following questions. Be prepared to discuss your results as a class 1. Given the scenario, and ignoring reliability considerations, how many DHCP Servers are required for a DHCP solution? Only one server is required. One DHCP server can service up to 10,000 client computers. ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ 2. Given the scenario, and ignoring reliability considerations, how many DHCP relay agents are required for a DHCP solution? Zero. You do not need any DHCP/BOOTP relay agent because all of the routers will forward DHCP broadcasts. ____________________________________________________________ ____________________________________________________________ ____________________________________________________________
Practice
34
3. Given the number of subnets, what is the minimum number of DHCP scopes required for a DHCP solution? Three scopes are required. ____________________________________________________________ ____________________________________________________________ ____________________________________________________________ 4. You are tasked with providing a fault-tolerant DHCP configuration for this office. However, management wants to limit costs for the solution as much as possible. How will you specify fault tolerance for this DHCP implementation? To implement fault tolerance for this network while limiting costs, you should implement two DCHP servers, each with scopes for each subnet. Use the 80/20 design rule for balancing scope distribution of addresses between the two DHCP servers. ____________________________________________________________ ____________________________________________________________ ____________________________________________________________
35
Lesson: Designing a Change Management Structure for Networking
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Because organizations change over time, you need to design a change management structure that is flexible enough to accommodate growth and other changes. A change management structure includes policies for monitoring network usage and for making decisions when change is occurring. After completing this lesson, you will be able to:
! ! ! !
Lesson objectives
Describe the impact of changes in network requirements. Describe the necessity for and elements of network usage monitoring. Compare choices for designing a change management policy. Create a change management structure for networking.
36
How Change Affects a Network Infrastructure
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Introduction Every change, great or small, that is made to the physical network has an impact. Change management strives to minimize those impacts by managing how and when changes are made to a system. Because of the dynamic nature of both organizations and networks, changes to one often affect the other. For example, the reorganization of a department or the acquisition of a company might necessitate a change in the physical structure of the network. Although a flexible network design is important, you also must design a change management structure that can methodically and effectively handle change decisions. Ensure that your change management design for your network infrastructure includes the following elements:
!
Elements of a change management design
Monitoring. You need to identify when changes in use of the network infrastructure occur that might necessitate a change of the physical network. To identify these changes, monitor all portions of your network infrastructure, including your routers, switches, and servers that provide network services, such as DHCP, DNS, WINS and Active Directory. The change management design should specify what needs to be monitored, how often the data needs to be collected, and how long the collected data will be retained. The tools you use to monitor the network might be part of a larger management system, such as Microsoft Systems Management Server, Microsoft Operations Manager, or be solutions provided by third parties.

!
37
Analysis. Analyze the data you collect to verify network operation, and use trend analysis to predict when changes will need to be made to the network infrastructure. Ongoing review and analysis of the collected data is imperative to a successful change management design. Your design should specify how often the data is reviewed, and which group or individual is responsible for this task.
Response. Respond to changes in utilization by making the appropriate changes to the network design and the network infrastructure. To prevent unmanaged change to the network infrastructure, specify in your design how future changes to the network infrastructure will be submitted, approved, and implemented.
38
Monitoring Network Usage
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Network monitoring design requirements To ensure that your system can accommodate change smoothly, you must monitor the use of your organizations network. For example, if an evening production shift and a day production shift are combined into one shift, the increased network traffic could change the dynamics of the network. If you have been monitoring network usage, you can make an educated estimate about the impact of combining the two shifts, and plan accordingly. When you design a system for monitoring your organizations network activity, include a plan for monitoring both the physical and logical network. For the physical network, monitor devices such as client computers and domain controllers. For the logical network structure, monitor events such as the creating of user accounts, and changes to the organizations business model, such as increased productivity and company acquisitions. This information will enable you to anticipate changes in network requirements. Elements of a network monitoring design A change management design for network monitoring should specify:
!
What to monitor. Specify which network devices and services to monitor, and which specific statistics for that device or service to monitor. Gathering too much data makes analysis difficult. When to monitor. Specify how often and at what times of the day to monitor the network. Perform monitoring at various times of the day, week, month and year. This will help you understand how the network infrastructure is used throughout the business cycle and will help you determine trends in usage. How to monitor. Specify tools or types of tools to use to monitor the network infrastructure, such as: The Windows Server 2003 Performance administrative tool Microsoft Systems Management Server (SMS) Microsoft Operations Manager Event Viewer
39
Guidelines for Designing a Change Management Structure for Networking
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Guidelines Use the following guidelines in your change management structure for your network infrastructure design:
!
Specify how trend analysis is to be performed. For monitoring to be effective, you must analyze the data. Include a method for analyzing data and how to identify utilization trends that require changes to the network design and infrastructure. Specify how potential changes will be communicated, requested, and approved. You need to define how personnel will communicate the potential need for a change to the network, request that a specific network change be made to the network, and ultimately approve changes to the network. This component should also include the person or team to which communications and requests should be submitted, and the person or team who has the authority to approve changes to the network. Specify how changes will be tested, implemented, and documented. Specify a detailed process for implementing a change to the network, which might include such restrictions as: the personnel who are authorized to perform specific types of changes, the days of the week or month on which change can or cannot be implemented, and the time of day that changes can or cannot be implemented. Also include a process for documenting, logging, and tracking changes. Specify a backout plan. This critical part of the change management structure specifies how an implemented change will be undone if it produces unwanted or unexpected consequences.
40
Discussion: Designing a Change Management Structure for Networking
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Discussion Discuss as a class the strategies for creating a change management structure for networking. Use the following questions to guide your discussion: 1. What is the procedure for requesting a change to the network in your organization? How do changes get approved and implemented? 2. What type of network monitoring does your organization use? How is data gathered? When is it gathered? 3. Which group in your organization is responsible for reviewing or auditing the network monitoring data? Does your organization use this data to anticipate future needs? Answers may vary based on the work experience of the students who are participating in the class.
41
Lab A: Designing the Physical Network
*****************************ILLEGAL FOR NON-TRAINER USE****************************** Objectives After completing this lab, you will be able to:
! !
Create a design to implement IP addressing. Design a DHCP infrastructure.
Scenario
You are a consultant who has been hired to create an IP addressing design and a DHCP infrastructure design for Tailspin Toys. The lab uses an interactive application to convey scenario-based information. To begin this lab, open Internet Explorer, and then, on the Web page that appears, click the link for this lab. View the video, read the e-mail messages, and then, using the exercises below as a guide, complete the tasks that are assigned in the e-mail messages.
Estimated time to complete this lab: 40 minutes
Your instructor will break the class into groups to do the lab. Each group should be prepared to present their design to the class at the end of the lab.
42
Exercise 1 Creating an IP Addressing Design

In this exercise, you will create a private IP addressing design for all of the locations at Tailspin Toys. Use the information you have gathered in previous labs and the new information presented in the scenario to create your IP addressing design. Ensure that your design takes advantage of supernetting between sites and that it supports subnets of approximately 200 hosts. For each location, use the worksheet below to specify the following:
! ! !
The specific ranges of IP addresses that will be used at each location. The subnet mask that will be used. How you will supernet the IP addresses for routing between locations.
Answers may vary. The solution in the table below represents one possible answer that meets the stated requirements of the exercise, based on the number of workstations at each location, is easy to administer, and allows for growth at each location.
Location New York IP address ranges 10.1.1.1 through 10.1.1.254 10.1.2.1 through 10.1.2.254 10.1.3.1 through 10.1.3.254 10.1.4.1 through 10.1.4.254 10.1.5.1 through 10.1.5.254 10.1.6.1 through 10.1.6.254 10.1.7.1 through 10.1.7.254 10.1.8.1 through 10.1.8.254 Fayetteville 10.2.1.1 through 10.2.1.254 10.2.2.1 through 10.2.2.254 10.2.3.1 through 10.2.3.254 10.2.4.1 through 10.2.4.254 10.2.5.1 through 10.2.5.254 Singapore 10.3.1.1 through 10.3.1.254 10.3.2.1 through 10.3.2.254 10.3.3.1 through 10.3.3.254 10.3.4.1 through 10.3.4.254 10.3.5.1 through 10.3.5.254 10.3.6.1 through 10.3.6.254 10.3.7.1 through 10.3.7.254 10.3.8.1 through 10.3.8.254 10.3.9.1 through 10.3.9.254 10.3.10.1 through 10.3.10.254 10.3.11.1 through 10.3.11.254 10.3.12.1 through 10.3.12.254 255.255.0.0 255.255.255.0 10.3.0.0 255.255.0.0 255.255.255.0 10.2.0.0 255.255.0.0 Subnet mask 255.255.255.0 Supernet address range and subnet mask 10.1.0.0
Module 6: Designing the Physical Network (continued) Location Dublin IP address ranges 10.4.1.1 through 10.4.1.254 10.4.2.1 through 10.4.2.254 10.4.3.1 through 10.4.3.254 10.4.4.1 through 10.4.4.254 10.4.5.1 through 10.4.5.254 10.4.6.1 through 10.4.6.254 Wicklow 10.5.1.1 through 10.5.1.254 10.5.2.1 through 10.5.2.254 255.255.0.0 Osaka 10.6.1.1 through 10.6.1.254 10.6.2.1 through 10.6.2.254 10.6.3.1 through 10.6.3.254 10.6.4.1 through 10.6.4.254 10.6.5.1 through 10.6.5.254 10.6.6.1 through 10.6.6.254 10.6.7.1 through 10.6.7.254 10.6.8.1 through 10.6.8.254 10.6.9.1 through 10.6.9.254 10.6.10.1 through 10.6.10.254 Kobe 10.7.1.1 through 10.7.1.254 10.7.2.1 through 10.7.2.254 10.7.3.1 through 10.7.3.254 10.7.4.1 through 10.7.4.254 10.7.5.0 through 10.7.5.254 Istanbul 10.8.1.1 through 10.8.1.254 10.8.2.1 through 10.8.2.254 10.8.3.1 through 10.8.3.254 Monterrey 10.9.1.1 through 10.9.1.254 10.9.2.1 through 10.9.2.254 10.9.3.1 through 10.9.3.254 10.9.4.1 through 10.9.4.254 255.255.0.0 255.255.255.0 255.255.0.0 10.9.0.0 255.255.255.0 10.8.0.0 255.255.0.0 255.255.255.0 10.7.0.0 255.255.0.0 255.255.255.0 10.6.0.0 255.255.255.0 10.5.0.0 255.255.0.0 Subnet mask 255.255.255.0 Supernet address range and subnet mask 10.4.0.0
43
44
Exercise 2 Designing a DHCP Infrastructure

In this exercise, you will design a DHCP infrastructure for Tailspin Toys. Use the information you have gathered in previous labs and the new information presented in the scenario to create your DHCP infrastructure design. All of the companys routers can be configured to forward DHCP/BOOTP packets. In the worksheet below, specify the following:
! !
The number of DHCP servers that will be used in each location. How you will provide for DHCP server redundancy in each location. The New York office requires maximum availability and fault tolerance for its DHCP servers. The total minimum number of DHCP servers that will meet the requirements of Tailspin Toys.
Answers may vary. The answer in the table below represents one possible solution; however, many other possible DHCP design solutions can be created and justified. The answer in the table below specifies two DHCP servers for each location, except Wicklow, to provide fault tolerance. Because New York has the highest fault tolerance requirements, Windows Clustering is used in New York. All other locations except Dublin and Wicklow use split scopes for fault tolerance because it is less expensive than Windows Clustering. For Dublin and Wicklow fault tolerance is provided by a single stand-by server located in Dublin that has scopes configured for both locations. This method was chosen for these cities for its cost savings, and because the small size of the Wicklow office doesnt justify a local DHCP server for fault tolerance. Note: DHCP relay agents are not required because all of the companys routers can be configured to forward DHCP/BOOTP packets.
Location New York Number of DHCP servers Fault tolerance method Windows Clustering
Fayetteville
Split scope
Singapore
Split scope
Dublin
1 active DHCP server, and 1 stand-by DHCP server that serves both Dublin and Wicklow
Module 6: Designing the Physical Network (continued) Location Wicklow Number of DHCP servers Fault tolerance method Stand-by DHCP server in Dublin
45
1 local DHCP server
Osaka
Split scope
Kobe
Split scope
Istanbul
Split scope
Monterrey
Split scope
Total Number of DHCP Servers
17
-------------
THIS PAGE INTENTIONALLY LEFT BLANK

PDF

Caricato da

Informazioni sul documento

Descrizione originale:

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

PDF

Caricato da

Copyright:

Formati disponibili

Module 6: Designing the Physical Network

Module 6: Designing the Physical Network

To prepare for this module:

Module 6: Designing the Physical Network

How to Teach This Module

Lesson: Preparing to Design a Network Infrastructure

The MSF Network Design Team

Design Tasks for Networks

Components of a Network Infrastructure Design

Module 6: Designing the Physical Network

Interaction of Network Infrastructure and Active Directory Designs

Gathering Data about the Network

Guidelines for Designing a Network Infrastructure

Lesson: Creating an IP Addressing Design

Module 6: Designing the Physical Network

Lesson: Designing a DHCP Infrastructure

DHCP Server Redundancy

Lesson: Designing a Change Management Structure for Networking

Guidelines for Designing a Change Management Structure for Networking Discussion

Module 6: Designing the Physical Network

Lab A: Designing the Physical Network

Design an IP addressing scheme. Design a DHCP infrastructure.

Module 6: Designing the Physical Network

Module 6: Designing the Physical Network

Module 6: Designing the Physical Network

Lesson: Preparing to Design a Network Infrastructure

Module 6: Designing the Physical Network

The Network Life Cycle

Module 6: Designing the Physical Network

The MSF Network Design Team

Module 6: Designing the Physical Network

Assembling a design team

Module 6: Designing the Physical Network

Design Tasks for Networks

Module 6: Designing the Physical Network

Components of a Network Infrastructure Design

Components of a network infrastructure design

Module 6: Designing the Physical Network

Module 6: Designing the Physical Network

Interaction of Network Infrastructure and Active Directory Designs

Module 6: Designing the Physical Network

Gathering Data about the Network

Module 6: Designing the Physical Network

Guidelines for Designing a Network Infrastructure

Module 6: Designing the Physical Network

Lesson: Creating an IP Addressing Design

Module 6: Designing the Physical Network

Considerations for IP Subnetting

Module 6: Designing the Physical Network

Considerations for determining the number of subnets

Module 6: Designing the Physical Network

Public and Private Addressing Schemes

Module 6: Designing the Physical Network

Private addressing schemes

Module 6: Designing the Physical Network

Address Allocation Methods

Module 6: Designing the Physical Network

Guidelines for Creating an IP Addressing Design

Module 6: Designing the Physical Network

Guidelines for Creating an IP Subnetting Design

Module 6: Designing the Physical Network

Module 6: Designing the Physical Network

The correct answers are a and d.