Tugas: Topologi Diagnosa WAN: Dedicated Router

Pendahuluan:

Hierarki Network

A.Backbone (Core) Layer 

Core Layer merupakan layer high-speed switching backbone dan harus didesain  untuk dapat mengirimkan paket data (switch packets) secepat dan sebanyak mungkin tanpa ada hambatan. Pada layer ini, manipulasi paket data (seperti: access list dan filtering) tidak boleh dilakukan, karena hal ini akan menghambat dan memperlambat proses pengiriman paket data (Switching Packet).

Interface yang digunakan di perangkat layer ini Misalnya fast ethetnet 100Mbps (Not Recommended), Gigabit Ethetnet, FDDI atau ATM. Pada lalu lintas data dapat juga menggunakan switch karena penyampaiannya pasti mendukung banyak port dan cepat. Disini toloransi kesalahan/kegagalan juga patut dipertimbangkan Untuk toleransi kesalahan digunakan peralatan jalur ganda . Oleh sebab itu swicth dikonfigurasikan dengan menggunakan Spanning Tree Topology dimana dapat diciptakan jalur ganda untuk mencegah looping pada network.

B. Distribution Layer

Distribution Layer merupakan titik pemisah (demarcation point) antara access Layer dengan core layers dan membantu dalam mendefinisikan dan membedakan  Core Layer. Layer ini mendefinisikan daerah dimana manipulasi paket data (packet manipulation) dapat dilakukan. 

Fungsi Distribusi Layer antara lain adalah: 

•  Address atau Area Jaringan LAN   

•  Akses ke Workgroup ata Departemen.   

•  Mendefinisikan Broadcast/multicast domain.  

•  Routing dari Virtual LAN (VLAN)  

•  Titik temu beberapa media berbeda yang digunakan didalam jaringan  

•  Network Security

•  Titik dimana Akses secara Remote ke Jaringan dapat dilakukan.

C. Access Layer 

Access Layer merupakan titik dimana Local -End User dapat masuk ke Jaringan. Layer ini juga dapat menerapkan access lists atau filtering untuk dapat mengoptimasi kinerja jaringan. Fungsi Access Layer antara lain: 

•  Shared bandwidth  

•  Switched bandwidth  

•  MAC layer filtering  

•  Microsegmentation


Design:


Topologi yang kami rancang adalah sebagai berikut:

Di dalam setiap layer terdapat perangkat router dan switch khusus, topologi diatas menggunakan perangkat-perangkat:

A. Core Layer Router

Cisco 7606 Router

Description:

The Cisco 7600 Series is the industry's only edge router that delivers robust, high performance IP/MPLS features for a range of service provider edge and enterprise MAN/WAN applications. Coupled with the broadest set of interfaces and innovative adaptive network processing technology the Cisco 7600 leads the industry with integrated Ethernet, private line and subscriber aggregation capabilities. The Cisco 7600 Series is a natural evolution for existing Cisco 7500 Series customers–with Cisco IOS feature parity and FlexWAN support for existing Cisco 7200/7500 Series port adapters

The Cisco 7606 Router features 480 Gbps of switching capacity in a NEBS-compliant 40 Gigabit/slot configuration, delivering the needed capacity to power robust edge services for IP/MPLS networks. This compact 6-slot, 1/6 rack system delivers 30 Mpps centralized processing coupled with distributed processing for line-rate 10 & 1 Gigabit Ethernet services.

B. Distribution Layer Router:

Cisco ASR 1002 Router

Description:

The Cisco ASR 1002 Router in a 2-rack unit (RU) form factor comes with an integrated route and serial interface processors. It houses three shared port adapter (SPA) slots supporting single height and dual height SPAs. Configurable with either the 5 Gbps or 10 Gbps embedded services processor and four built-in Gigabit Ethernet ports, it is an ideal solution for a large branch office or as a managed high-speed customer premises equipment (CPE) device to support enhanced features such as security, deep packet inspection, and firewall.

Running on Cisco IOS XE Software, the Cisco ASR 1002 router supports software redundancy and in-service software upgrades (ISSU) without redundant hardware.

C. Distribution Layer Switch

 1. Cisco Catalyst 6513 Switch

The 13-slot Cisco Catalyst 6513 Switch chassis is ideally suited for high-performance, high port density Fast Ethernet and Gigabit Ethernet aggregation in all parts of the network, including the access, distribution, and backbone layers as well as the server farm and data center environments. With up to 12 payload slots available, the 13-slot chassis offers industry-leading 10/100/1000 Gigabit Ethernet and 10 Gigabit Ethernet port densities while providing high levels of network resilience.
Important Features
Supports all Cisco Catalyst 6500 Series modules, including:

• Supervisor engines
• Fast Ethernet modules (with IEEE 802.3af Power over Ethernet [PoE])
• Gigabit Ethernet modules (with IEEE 802.3af PoE)
• 10 Gigabit Ethernet modules
• Flex WAN modules
• Shared Port Adaptors/SPA Interface Processors
• Multi-Gigabit services modules (content services ,firewall, intrusion detection, IP Security [IPSec], VPN, network analysis, and Secure Sockets Layer [SSL] acceleration)

Cisco Catalyst 6513 switches support both Cisco Catalyst OS and Cisco IOS Software. They also support up to a 6000W power supply, thus providing the ability to support a large number of IEEE 802.3af PoE devices.
Cisco Catalyst 6513 switches provide maximum uptime with redundancy and rapid (1 to 3 seconds) stateful failover across supervisor engines. They support modular Cisco IOS Software to minimize unplanned downtime through self-healing processes and simplify software changes through subsystem in-service software upgrades.
The Cisco Catalyst 6513 Firewall Security System is a 13-slot model providing an easily deployed solution that integrates a Cisco Catalyst 6500 Series Supervisor Engine 720 (with integrated policy and multilayer switch feature cards [PFC3/MSFC3] for system control, routing services, and dual Gigabit Ethernet ports); a Cisco Catalyst 6500 Series Firewall Services Module providing 5 Gbps of firewall services; and 11 additional open slots for further customization.
Cisco Catalyst IPSec VPN systems take advantage of the Cisco 7600/Catalyst 6500 IPSec VPN Services Module and provide up to 2 Gbps of Triple Data Encryption Standard (3DES) encryption. The IPSec VPN systems provide a broad suite of services and a multitude of I/O interfaces.

D. Access Layer Switch

 1. Cisco Catalyst 2960 Series

Feature Set	Model	Total 10/100 Ethernet Ports	Uplinks	AC Power Supply Rating
LAN Base Layer 2	WS-C2960-24TT-L	24	2x1000 BT	30W
	WS-C2960-48TT-L	48		45W
	WS-C2960-24TC-L	24	2 Dual Purpose	30W
	WS-C2960-48TC-L	48		45W
LAN Lite Entry Layer 2	WS-C2960-24TC-S	24		30W
	WS-C2960-24-S	24	None
	WS-C2960-48TC-S	48	2 Dual Purpose	45W
	WS-C2960-48TT-S	48	2 x1000BT
LAN Base Layer 2	WS-C2960-48PST-L	48 PoE	2x1000BT and 2xSFP	370W
	WS-C2960-24PC-L	24 PoE	2 Dual Purpose
	WS-C2960-24LT-L	24 PoE	2x1000BT	123W
LAN Lite Entry Layer 2	WS-C2960-48PST-S	48 PoE	2x1000BT and 2xSFP	370W
	WS-C2960-24PC-S	24 PoE	2 Dual Purpose	370W
	WS-C2960-24LC-S	24 PoE		123W
LAN Base Layer 2	WS-C2960-8TC-L	8	1 Dual Purpose	20W
	WS-C2960PD-8TT-L	8	1x1000BT PoE	11W PoE Input
	WS-C2960G-8TC-L	7 10/100/1000	1 Dual Purpose	30W
LAN Lite Entry Layer 2	WS-C2960-8TC-S	8		20W