Shulou(Shulou.com)06/01 Report--

I. definition of campus network

Compared with the wide area network and vertical network, the campus network usually refers to the campus network of the university or the intranet (intranet) of the enterprise.

Second, the construction of campus network

The campus network is generally subdivided into three types of networks: internal network, external network and equipment network.

1. The intranet is the internal office network and business network of enterprises and units, with the purpose of safe isolation and ensuring high-speed transmission of information.

2. The extranet is used for various websites, and the elements are fast download and controllable behavior.

3. The equipment network is generally divided separately from the internal network and is used for monitoring and other equipment.

The three types of networks are connected through a switch or a firewall with forwarding function.

Third, the equipment architecture in the campus network

1. The network architecture is basically divided into three layers: the underlying access layer, the middle convergence layer, and the top core layer.

1. Access: user access, security control

2. Aggregation: traffic aggregation, policy, FW/IPS

3. Core: high-speed data forwarding

2. Key technologies

Layer 2: VLAN partition, MSTP+VRRP (gateway backup and load balancing)

2. Layer 3: OSPF, NAT, port mapping, ACL

3. Manage IP

The price of fixed IP is higher, and small and medium-sized enterprises recommend intranet management. In order to log in and manage the network devices remotely, the key network devices can be mapped to the exit firewall, that is, the network devices can be logged in through the firewall port for management.

It is better to keep a static IP+mac address + user name on record when planning.

4. Network design process:

According to the requirements, design the topology → to determine the number of switches and interfaces according to the personnel and bandwidth, → to set up × ×, determine the link bandwidth → to determine the backbone core equipment.

5. Network security

1. Network security: × × gateway, Internet behavior management

2. * Security: firewall, Internet authentication, host security monitoring

3. Application security: tamper proof of web pages and database audit.

4. Data security: remote disaster recovery backup

6. Load balancing

1. Generally divided into outbound load balancer (transparent DNS, intelligent routing) and inbound load balancer (server load balancer, intelligent DNS)

2. Mainstream optimized manufacturers

1. Domestic: Huawei, Huasan USG, Ruijie ACE/EG

2. Abroad: Citrix, Radware, Cisco, F5

Fourth, establish wireless coverage in the park.

1. Determine the networking scheme (mostly wired and wireless integration, that is, shared switches)

2. Determine the number and location of wireless AP through geological prospecting.

3. It should be noted that there are only 3 non-coincident channels in 2.4G band and 5 non-overlapping channels in 5G/5.8G band.

The channel must be staggered and non-adjacent when deployed, so as to reduce the co-channel interference.

4. The devices that need to establish a wireless architecture are:

1. AC controller: for roaming, security authentication, centralized control of AP

2. AP signal point: convert wired signal into wireless signal

3. POE switch: used for power supply, or PoE module can be added separately

4. Network management equipment

5. Wireless network scenario

1. High population density and large space such as large classrooms and gymnasiums: you can't simply deploy a large number of AP, you need large capacity AP.

2. Small number of precision offices and high wireless quality requirements: Wall-AP fine deployment

3. Hotel, dormitory and other room-intensive corridors: deploy Zhifen AP in each room.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.