In any given organization, it is of great importance to implement a good network for efficient utilization of resources. A good proposal of the company network will reduce the cost, increase the output of the network and will also be of great importance in the determination of the required resources and projection of the achievable output. A network that is well configured and designed will achieve all these. Based on given corporate network design architecture, a proposal on the resolution and the implementation of the various aspects of the network is discussed in this paper. The various deliverables of the proposal are discussed in the following subheadings. For this proposal, the routers in the architecture have been named with initials R1 to R10 for identification purposes.
Deliverable 1: Multiprotocol Operational Network
There are various operational networks that can be created using EIGRP, OSPF and RIPv2 protocols in the network. Using OSPF protocol, there will be a faster convergence, efficient use of bandwidth and the routing in the system will be entirely based on the best path selection. The implementation of OSPF protocol in the network will be done by first discovering the neighbor, then link-state information exchange and then finally the best path calculation in the system. The network has been divided into two layers, area0 and area1 and this is of importance especially on the minimization of routing table entries, hierarchical network design requirements and the localization of the impact of topology change within the given network
An operational network based on multiple protocols can be achieved through appropriate routing design. This design enables the network to achieve the basic objective of end to end communication. The design also helps to achieve other fundamental objectives that include;
Ensuring that the network is resilient and gives predictable outcome under various conditions of faults and loads.
Ensures stable and efficient routing operations.
Combines the different variables associated with the different protocols to build a credible routing table within the network.
Therefore, for this proposal, routing design begins with identifying and configuring the various nodes with respective protocols. The protocols used in this network are; RIP version 2, OSPF and EIGRP for the internal network and BGP protocol for external network to the ISP.
The various protocols per router are as below.
For router 1: Router 1 configuration shall contain only RIPv2 configurations. For this to function, the network address between R1 and router 2 is specified.
For router 2: Router 2 configuration shall contain only RIPv2 configurations. Advertised routes are between R2 and R1 and between R2 and R3
Router 3: An OSPF configuration is configured in this router with area 1. Networks advertised are;
Between R3 and R2
Between R3 and R4
Router 4: Protocol configured is OSPF area 1 and OSPF area 0. Area 1 will advertise networks between R4 and R3 and area 0 will advertise networks between R4 and R5 and R4 and R7.
Router 5: This router will have OSPF area 0 advertising network to R4 and OSPF area 2 advertising network to R6.
Router 6: OSPF area 2 will be configured on this router with advertised network between R6 and R5.
Router 7: Router 7 will have both OSPF area 0 advertising network to R5 and EIGRP advertising networks to R8 and R9
Router 8: This router is purely EIGRP configured with networks advertised being those connected to R9 and R7
Router 9 and Router 10: These routers will have both EIGRP and BGP protocols configured. EIGRP advertises networks connected to R8 and R 10 for R9 and BGP advertises network to ISP. On the other hand, R10`s EIGRP advertises network connected to R9 and R7 and BGP advertises network to the ISP.
Deliverable 2: OSPF and EIGRP Secure Updates.
There is need for a secure update of OSPF and EIGRP protocols. This is because these protocols can also be attacked like by false information, denial of service, routing conditions and then man-in-the-middle attack.
Secure updates “ensures that routers only accept routing messages from other routers that know the same pre-shared key”.To avoid invalid updates where EIGRP and OSPF protocols are configured, I propose the use of MD5 authentication method. The choice of this is based on the fact that it’s the only authentication method accepted by EIGRP and also because it`s the most secured method used by OSPF. The configuration will be done on all interfaces that participate in EIGRP and or OSPF routing. This will ensure only authenticated neighbors send and receive updates hence avoiding the risk of exposing the local network to the external network and also ensure loops are avoided.
Deliverable 3: Virtual Link
A virtual link is used to connect a router outside the backbone network to the backbone through another router. For this proposal, Router 6 is under area 2 which is not directly connected to a router under area 0. Therefore, we will implement a virtual link to connect R6 to R 4 though R5. The link involves specifying a path to Router 4 through router 5. To do this, the use of virtual link command is used with Router ID of R5 while identifying the area as area 0 which is the OSPF area of R4s.
The same virtual link configuration is done on router 4 and identifies the other area to which the virtual link is destined as area 2.
The other viable method is using tunneling where GRE tunnels can be created between router 6 and router 5.
Deliverable 4: Redistribution Solution.
Router 2 participates in two routing protocols RIPv2 and OSPF. This way, network updates from RIPv2 cannot be understood by OSPF as well as the routing metrics used. It therefore requires that a redistribution method be implemented as follows.
On router 2, RIPv2 is redistributed to OSPF so that OSPF table contains networks seen by router 2.This redistribution requires that the metric is set to the metrics of the OPSF protocol.
On router 3, OSPF is distributed to RIPv2 so that router 2 routing table has OSPF routes of router 3. In this way, the metric is made as low as 1.
Router 4 operates OSPF area 0 while router 7 operates on EIGRP. This becomes a problem during the building of routing tables since they are directly connected. To achieve a standard routing table between the two routers, redistribution of OSPF routes to EIGRP and vice versa is required. To achieve this, OSPF networks in router 4 are redistributed to EIGRP. Likewise, on router 7, EIGRP networks are redistributed to OSPF.
Deliverable 5: BGP connection.
BGP configurations are done on routers 9 and 10 and should include routes to both ISPs. In this way, the routers decide the best ISP to reach a resource hence maximizing on the efficiency of the internet usage .
Deliverable 6: Filtering Traffic.
The best solution to ensure that the network does not act as the transit hub for BGP external routes is by the filtration of the traffic. This can also be done through import filtering where the routers will be prevented from learning invalid router paths. This is done by carrying out sanity checks to update the route paths in the network appropriately. Routers 9 and 10 will advertise local network to the ISPs. This poses a threat where the ISPs will start routing internet traffic to other paths using the local router. This scenario causes the router to experience huge traffic which will deplete its resources. To avoid this, we propose the implementation of route-map local only command on the two routers. This will filter traffic coming to the router as those that are destined for the network only.
Conclusion
Given the IP plan for the company, we can provide a sample configuration for these protocols that show the above solutions as viable and achievable for a stable and secure network. The equipment’s recommended are Cisco routers with series dependent on the size of the users and financial ability. The various deliverables tackled in the design of the network not only does it improve on the performance of the network, but also increases the security of the system. The proposals can then be used in the implementation of the routing specified deliverables on the various routers in the network. This is of great importance especially in the projection and control of services in the corporate network.
References
Cisco. (2007, March 01). EIGRP Message Authentication Configuration Example. Retrieved June 29, 2016, from http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/82110-eigrp-authentication.html
Cisco Engineers. (2005, August 23). Sample Configuration for Authentication in OSPF. Retrieved June 29, 2016, from http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13697-25.html
Cisco Inc. (2012, October 24). Redistributing Routing Protocols. Retrieved June 29, 2016, from cisco.com: http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/8606-redist.html
Cisco Support Community. (2009, June 22). Configuring EIGRP Authentication | WAN, Routing and Switching | Cisco Support Community | 5991| 25311. Retrieved June 29, 2016, from cisco.com: https://supportforums.cisco.com/document/25311/configuring-eigrp-authentication
Maltz, D., Xie, G., Zhan, J., Zhang, H., & Hjalmtysson, G. (2004). Routing Design in Operational Networks:A Look from the Inside. SIGCOMM’04. Oregon: ACM.
Teare, D., Vachon, B., & Graziani, R. (2010). Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide: Foundation Learning for the ROUTE 642-902 exam.
Wallace, K., & Lacoste, R. (2015). CCNP Routing and Switching TSHOOT 300-135 Official Cert Guide. Indianapolis: Pearson Education Inc.