Welcome, Guest. Please Login or Register
 
Dark Shadows
Pages: 1 2 3 ... 5
Send Topic Print
Forum Network Upgrades - (Now With Pictures!) (Read 73072 times)
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Forum Network Upgrades - (Now With Pictures!)
Oct 12th, 2007 at 3:15pm
 
In preparation for my CCNA (Cisco) exam, I've been buying some old Cisco equipment to do some training with.  Most of it will arrive early next week, and I'll be replacing my Linksys/3Com stuff with it over the next couple weeks.  There will be some downtime on certain evenings while I get everything swapped out and get the Cisco router and switch programmed correctly.

Here's a few pictures (from the eBay ads) of my new toys:

...

This is the Cisco 1760 router I found.  I got a pretty good deal on it.  This will connect directly to the cable modem until I buy a PIX firewall sometime toward the end of the year.


...

This is the switch I bought.  I needed to get a pretty specific model that would support all of the features I have to study.  I've done a lot of work on Cisco routers, but switches are a whole new matter.


...

This is the adapter card that allows the router to communicate with Ethernet devices, such as the switch and the cable modem.  I bought these from a guy in Hong Kong, so I can only hope they work right.


...

These bad boys go in the expansion bays on the switch and allow me to use fiber optic cabling to connect to other network devices.  I don't actually have any of those devices yet, but I'm thinking about adding a fiber optic NIC to the server for some extra fun.



Once everything arrives and I get it all put together, I'll take some pics of the final products!

-b0b
(...is excited!)
Back to top
« Last Edit: Nov 11th, 2007 at 9:26pm by b0b »  

Cisco.zip (116 KB | )

...
WWW JamesRRogers2  
IP Logged
 
computerjuvenile
GeekCrew Luser
***
Offline



Posts: 154
Houghton, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #1 - Oct 14th, 2007 at 6:38pm
 
Do you find it useful to even use switches?  Switches only have one broadcast domain I believe, so in my class they recommend when you can just to use routers. 

For that NIC that you showed that allows ethenet devices to connect like a router to a switch, you use a rollover cable right?

Sorry I'm just a student, trying to learn.
Back to top
 

And that, knowing the time, that now it is high time to awake out of sleep: for now is our salvation nearer than when we believed.
WWW computerjuvenile attebiz  
IP Logged
 
Vendex
GeekCrew n00b
*
Offline


Got r00t?

Posts: 22
Marcellus, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #2 - Oct 14th, 2007 at 6:46pm
 
Oh my gosh... I like the new toys Bob.

I have been in the process of building my new super duper computer. I think I went a little over the top on picking out a case. It is huge and has some weight to it!!! It is a Cooler Master Cosmos case. The case is the size of a Dell 2800 Server and weighs just under 40 lbs. Here is a list of my componets:

Intel Core 2 Duo E6750 @ 2.6 GHz
2 GB of RAM
NVIDIA GeForce 8800GTS with 340 MB memory
2 500 GB SATA drives in RAID 1 (I want some protection)
SATA DVD+RW Burner
Gigabyte GA-P35-DS4 Motherboard
Floppy
750 W PC Power & Cooling Power Supply
Windows Vista Ultimate

After Rebates, taxes, shipping, sweat equity, the final total is just under $1,500.

Back to top
 

DCP_2021_001.JPG (194 KB | )
DCP_2021_001.JPG
WWW Rodney5437  
IP Logged
 
Vendex
GeekCrew n00b
*
Offline


Got r00t?

Posts: 22
Marcellus, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #3 - Oct 14th, 2007 at 6:52pm
 
Cool
Back to top
 

DCP_2023.JPG (388 KB | )
DCP_2023.JPG
WWW Rodney5437  
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #4 - Oct 14th, 2007 at 7:00pm
 
Wow, Rod, that's an awesome case setup!  I'm completely jealous of the specs!

My system is getting badly outdated, but I'm planning on building a new system next spring.

My switch is supposed to arrive Wednesday, and I'm guessing the other cards will arrive sometime next week.

It's good to see you again, Rodney!  Come around more often!

-b0b
(...points out that you've been registered for 666 days.  Spooky!)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
Stick@school
GeekCrew Pedestrian
**
Offline


Personal Text:

Posts: 91
Re: Forum Network Upgrades
Reply #5 - Oct 15th, 2007 at 10:08am
 
That was the exact rig I was going to build here pretty soon but my tuition bill prevented that.  I would say I was going to get all the same hardware except I was going to go with one 500GB HDD and probably wouldn't get that case(overkill).  That case is sweet though, top of the line.

What did the cost come out to?
Back to top
 

Signatures are displayed at the bottom of each post or Personal Message. YaBBC code may be be used in your signature.  Duh!
 
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #6 - Oct 15th, 2007 at 11:45am
 
Nice Dell PowerEdge by the way.  It should strike you as cruelly ironic that your desktop weighs more than your server!

-b0b
(...thinks his PC weighs 3x as much as his server.)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #7 - Oct 15th, 2007 at 11:57am
 
Sorry, I somehow managed to entirely overlook your post.  Let me see if I can answer your question.

computerjuvenile wrote on Oct 14th, 2007 at 6:38pm:
Do you find it useful to even use switches?  Switches only have one broadcast domain I believe, so in my class they recommend when you can just to use routers.


Routers and switches are entirely different beasts.  They're typically used in conjunction with one another, and in most modern networks, having one is useless without the other.

A switch is just a glorified hub (the full name of a switch is a "switching hub") and it only serves to connect a bunch of devices together.  It only has one broadcast domain (by default) because it only has one domain to interact with.  Physically speaking, the switch is the domain.  Managed switches like the Cisco Catalyst and HP ProCurve can have multiple broadcast domains by using VLAN's (virtual LAN's), separating one group of ports from another.

A router, on the other hand, has at least two domains by its very definition.  A router routes packets from one domain to another.  A bigger router like a Cisco 1700 series can route to three, four, even five domains through expansion ports.

A broadcast domain is just a logical network segment.  When you connect your computer to a switch, any other device you can contact without going through a router (like another PC, a server, or a printer) is on the same broadcast domain.  Routers strip out broadcast packets to reduce WAN traffic, so your packet leaves the broadcast domain when it passes through the router.

95% of the time, there is no reason to have more than one broadcast domain for a small/medium-sized network.  Unless you're connecting multiple offices together in different geographical locations, you can use a single broadcast domain and cut down on your TCP overhead!


Quote:
For that NIC that you showed that allows ethenet devices to connect like a router to a switch, you use a rollover cable right?


No, that WIC (WAN Interface Card) uses the same cabling as any other router.  Rollover cables are only commonly used to connect to a console port.  For instance, the cable that runs from the 1760's console port to a serial port adapter is a rollover cable.

Quote:
Sorry I'm just a student, trying to learn. 


Hey, we all have to learn somehow!

-b0b
(...hopes he's been helpful.)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #8 - Oct 15th, 2007 at 12:03pm
 
By the way, if it helps, I can post a Visio document to help illustrate what I'm talking about.

-b0b
(...shrugs.)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #9 - Oct 16th, 2007 at 8:57am
 
Here's the example I was talking about...

...


This is a schematic that shows how I intend to build out my home network.  You'll see two broadcast domains that separate my "secure" systems from the web-accessible server.  The only natively inbound traffic that will be allowed through the second router is e-mail and Active Directory traffic from the DMZ server.

The only reason why you would ever break up a broadcast domain simply for the sake of breaking one up would be when your network grows over 750-1,000 devices on a single logical segment.  At that point, you'll have enough broadcast traffic that you'll probably start to saturate your backbone.

A lot of older networking books (or older network folks, for that matter) will tell you to break up your broadcast domain at 150-200 hosts, but that's a very outdated number.  These days, the typical PC sends out a lot less broadcast traffic than they used to, relying instead on directed communications.  Moreover, most enterprise switches (even cheap-o unmanaged switches) use integrated ARP tables to respond to MAC resolution requests, so it's very possible that IP-to-MAC resolutions will be handled at the same switch the PC is on.  That would prevent it from being propagated across the entire network segment, thereby significantly reducing broadcast traffic on a network-wide scale.  Another nail in the coffin is simple bandwidth growth.  Back in the day when your entire network was on a 14MB Token Ring MAU, there was a good reason to keep broadcast traffic to a minimum.  With gigabit ethernet becoming the norm, there is really no reason to overcomplicate a smaller network simply to reduce broadcast traffic that is no longer representing a significant portion of overall network traffic.

If you want a bigger version of the schematic I posted above (so you can actually read the text), click here.

-b0b
(...will attach a bigger version of the schema in the next post.)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
computerjuvenile
GeekCrew Luser
***
Offline



Posts: 154
Houghton, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #10 - Oct 16th, 2007 at 10:14pm
 
hey, thanks for the posts.  I appreciate the help, networking is finally starting to get fun for me.

In my networking class, which happens to be my first one, we're finishing up the basics like the OSI model, tcp layers, DoD layers, ethernet packets and stuff like that.  We're starting to use protocals like FTP, SSH, andand other protocals and getting into IP addressing.  I actually just subnetted my first network (just on Visio), which I'm sort of proud of. 

This is what he had us do.  He gave us the devices, I just had to come up with the design, and the IP addresses.  Don't laugh too hard.

...

I just hope it's right

Back to top
 

And that, knowing the time, that now it is high time to awake out of sleep: for now is our salvation nearer than when we believed.
WWW computerjuvenile attebiz  
IP Logged
 
Stick@school
GeekCrew Pedestrian
**
Offline


Personal Text:

Posts: 91
Re: Forum Network Upgrades
Reply #11 - Oct 17th, 2007 at 9:01am
 
The internet is in northern russia?! I knew it.
Back to top
 

Signatures are displayed at the bottom of each post or Personal Message. YaBBC code may be be used in your signature.  Duh!
 
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #12 - Oct 17th, 2007 at 11:05am
 
That looks like a good start, Attebizzle!

I've got a question, though.  Why do you have a serial connection running between the two 2621 routers?  You've segmented your two broadcast domains with a firewall at the edge of each, but then you connect the two together a second time using a serial connection.  That seems to defeat the purpose of having a second firewall.  What kind of traffic will you be passing over the serial connection?

One tip:  When you're adding cabling to your Visio diagram, you can tuck the line behind the devices it is attached to.  Right click on the line and select Shape, then Send to Back.  It improves the appearance of network diagrams a thousand-fold.  Typically, the only time you want your lines to overlay a device would be when you're connecting to a specific port on that device and you need your illustration to be exact.  I'll attach an example.

In the image below, the lines are on top of the 2620 router because the ethernet cabling must run to specific ports (FE0/0, FE1/0, etc) for the network to function properly.  Since I added the WIC's to the router stencil in Visio, I can actually run the lines to the ports they're going to plug into.  On the server, however, there is no visible port.  The line runs to the server and is then "tucked" underneath the server stencil, leading to a cleaner diagram.

-b0b
(...thinks your diagram looks great!)
Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
b0b
GeekCrew Administrator
FTP Server
*****
Offline


The revolution will not
be televised.

Posts: 7464
Battle Creek, Michigan
Gender: male
You're Not Going to Believe This!
Reply #13 - Oct 17th, 2007 at 6:39pm
 
The new switch arrived today.  I've only been playing with it for a few minutes, but I found something interesting...

The distributor I bought it from on eBay wiped the configuration before he sent it to me, which is expected.  Before I reconfigured the router for my network, I wanted to copy the IOS (operating system) over to my PC so I could have a backup copy available in case the one on the router somehow became damaged.

As I was copying over the IOS file, I noticed this...

...


Do you see the very last file on the list, config.old?  As the name implies, that was an old copy of the configuration file that used to run on the router.  Some administrator had probably created a copy of the switch configuration before he made some changes.

Being the curious guy that I am, I copied the old config over to my PC and cracked it open to see if I could figure out who used to own my switch.  Sure enough, I found this...


Quote:
!
! Last configuration change at 08:26:42 EST Mon Feb 13 2006 by mAl!bu
! NVRAM config last updated at 08:29:18 EST Mon Feb 13 2006 by mAl!bu
!
version 12.0
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
!
hostname russ-agg-sc-1
!
logging buffered notifications
logging console informational
logging monitor informational
logging trap notifications
logging 156.33.217.57
logging 156.33.243.25
enable secret 5
<Redacted by b0b>

!
username mAl!bu password 7
<Redacted by b0b>

!
!
!
!
clock timezone EST -5
clock summer-time EDT recurring
spanning-tree uplinkfast
!
no spanning-tree vlan 557
no spanning-tree vlan 558
no spanning-tree vlan 564
no spanning-tree vlan 566
no spanning-tree vlan 569
no spanning-tree vlan 570
no spanning-tree vlan 571
no spanning-tree vlan 573
no spanning-tree vlan 576
no spanning-tree vlan 577
no spanning-tree vlan 579
no spanning-tree vlan 580
no spanning-tree vlan 585
no spanning-tree vlan 590
no spanning-tree vlan 591
no spanning-tree vlan 592
no spanning-tree vlan 594
no spanning-tree vlan 599
no spanning-tree vlan 612
no spanning-tree vlan 753
no spanning-tree vlan 763
no spanning-tree vlan 773
no spanning-tree vlan 800
no spanning-tree vlan 806
no spanning-tree vlan 824
no spanning-tree vlan 842
no spanning-tree vlan 846
no spanning-tree vlan 848
no spanning-tree vlan 851
no spanning-tree vlan 852
no spanning-tree vlan 968
no spanning-tree vlan 969
no spanning-tree vlan 970
no spanning-tree vlan 971
no spanning-tree vlan 992
no spanning-tree vlan 993
no spanning-tree vlan 995
no spanning-tree vlan 996
no spanning-tree vlan 998
no spanning-tree vlan 1000
no spanning-tree vlan 780
no spanning-tree vlan 572
no spanning-tree vlan 72
no spanning-tree vlan 565
no spanning-tree vlan 19
no spanning-tree vlan 519
no spanning-tree vlan 81
no spanning-tree vlan 793
ip subnet-zero
ip domain-name senate.gov
ip name-server 156.33.189.135
ip name-server 156.33.250.10
!
!
!
interface FastEthernet0/1
description talent-sc3
no logging event link-status
duplex full
speed 100
switchport access vlan 50
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/2
description rules
no logging event link-status
duplex full
speed 100
switchport access vlan 146
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/3
no logging event link-status
duplex full
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/4
description hutchison
no logging event link-status
duplex full
speed 100
switchport access vlan 85
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/5
description clinton
no logging event link-status
duplex full
speed 100
switchport access vlan 64
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/6
description clinton
no logging event link-status
duplex full
speed 100
switchport access vlan 64
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/7
description chambliss
no logging event link-status
duplex full
speed 100
switchport access vlan 20
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/8
description chambliss
no logging event link-status
duplex full
speed 100
switchport access vlan 20
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/9
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/10
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/11
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/12
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/13
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/14
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/15
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/16
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/17
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/18
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/19
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/20
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/21
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/22
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/23
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet0/24
no logging event link-status
duplex full
speed 100
no snmp trap link-status
spanning-tree portfast
!
interface FastEthernet1/1
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface FastEthernet1/2
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface VLAN1
no ip address
no ip directed-broadcast
no ip route-cache
shutdown
!
interface VLAN780
ip address 10.3.255.101 255.255.255.0
no ip directed-broadcast
no ip route-cache
ntp broadcast client
!
ip default-gateway 10.3.255.254
no ip http server
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 1 permit 172.16.0.0 0.15.255.255
access-list 1 permit 156.33.187.0 0.0.0.255
access-list 1 permit 156.33.188.0 0.0.0.255
access-list 1 permit 156.33.222.64 0.0.0.31
access-list 1 permit 156.33.240.0 0.0.0.255
access-list 1 permit 156.33.241.0 0.0.0.255
access-list 1 permit 156.33.243.0 0.0.0.255
access-list 1 permit 156.33.250.0 0.0.0.255
access-list 1 permit 156.33.251.0 0.0.0.255
access-list 1 permit 156.33.252.0 0.0.0.255
access-list 1 permit 156.33.253.0 0.0.0.255
access-list 10 permit 156.33.243.0 0.0.0.63
access-list 10 permit 156.33.217.48 0.0.0.15
snmp-server engineID local
<Redacted by b0b>

snmp-server community
<Redacted by b0b>

snmp-server community
<Redacted by b0b>

snmp-server enable traps snmp authentication linkdown linkup coldstart
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps hsrp
snmp-server enable traps c2900
snmp-server enable traps mac-notification
snmp-server enable traps vtp
snmp-server enable traps cluster
snmp-server host 156.33.217.55 trap
<Redacted by b0b>

snmp-server host 156.33.243.13 trap
<Redacted by b0b>

!
line con 0
transport input none
stopbits 1
line vty 0 3
access-class 1 in
login local
transport preferred none
line vty 4
access-class 1 in
password 7 030C5E2A0A1B29551D
login
line vty 5 15
login local
transport preferred none
!
ntp clock-period 22518031
ntp server 156.33.243.130
ntp server 156.33.216.203
end


The IP address resolves back to the US Senate Sergeant at Arms in Washington, DC.  The interface names almost undoubtedly refer to Saxby Chambliss, Kay Bailey Hutchison, and - get this - Hillary frickin' Clinton.

Yeah, that's right - I've got Hillary Clinton's switch sitting in my office right now.

This might be the craziest thing that's ever happened.

-b0b
(...can't believe it.)

Back to top
 

...
WWW JamesRRogers2  
IP Logged
 
computerjuvenile
GeekCrew Luser
***
Offline



Posts: 154
Houghton, Michigan
Gender: male
Re: Forum Network Upgrades
Reply #14 - Oct 17th, 2007 at 6:51pm
 
That's pretty flippin' cool.  James Rogers, one of the most conservative people I know, connected (sort of) to Hilliary Clinton. 

Our professor actually just introduced is to IOS, and wants us to play with it. 

He gave us a program that the CNSA program found that allows you to emulate routers, and networks and such.  I think the program is called packet sniffer.
Back to top
 

And that, knowing the time, that now it is high time to awake out of sleep: for now is our salvation nearer than when we believed.
WWW computerjuvenile attebiz  
IP Logged
 
Pages: 1 2 3 ... 5
Send Topic Print