Koforidua Technical University (Ktu) : Waps Networks Training Academy 4 5 November 2022

KOFORIDUA TECHNICAL UNIVERSITY(KTU)
DEPARTMENT OF COMPUTER SCIENCE AN

INTERNSHIP REPORT CARRIED OUT AT
KWAPS NETWORKS TRAINING ACADEMY
4TH October – 25TH November 2022
BY
DUAH-OWUSU EPHRAIM
Index Number: 04/2020/1733D

Level: 200
Session: Morning
Telephone: 0240240898
Email: ephraim0420201733d@ktu.edu.gh
AN INTERNSHIP REPORT SUBMITTED TO THE FACULTY OF APPLIED SCIENCE

AND TECHNOLOGY DEPARTMENT OF COMPUTER SCIENCE IN PARTIAL
FULLFILMENT OF THE REQUIREMENTS LEADING
TO THE AWARD OF HIGHER NATIONAL DIPLOMA IN
COMPUTER NETWORK MANAGEMENT
AT KOFORIDUA TECHNICAL UNIVERSITY
SUPERVISOR: MR GABRIEL GODZI

TABLE OF CONTENTS
ACKNOWLEDGEMENT…………………………………………………………………………iv
INTRODUCTION……………………………………………………………………………….....v
PROCEDURE TO INDUSTRIAL TRIANING.............................................................................vi
OBJECTIVES OF THE INDUSTRIAL ATTACHMENT………………………………………vi
LIST OF ABBREVIATION/ ACRONYMS...................................................................................vii
CHAPTER ONE
1.0 Brief Historical Background………………………………………………………………………..1

1.1 KWAPS Networks Academy Background…………………………………………..…….1
1.2 Corporate Vision, Mission, Objectives, People Objective and Core Values of Kwaps
Networks Training Academy………………………………………………………….….....1-2
1.3 KWAPS CISCO Training Courses....................................................................................................2
1.4 Major Activities / Concerns……………………………………………………………...2-5
1.5 Main Customers of KWAPS Networks Academy.............................................................................5
CHAPTER TWO
DESCRIPTION OF INTERNSHIP TRAINING

2.0 Orientation.........................................................................................................................................6
2.1 What Networking is...........................................................................................................................6
2.2 Duties performed at Internships.........................................................................................................7
2.3 What is a Computer Network.............................................................................................................7
2.3.1 Network Devices.........................................................................................................................7-8
2.4 Network Infrastructure Analysis and Design...............................................................................8-10
2.4.1 Basic Equipment needed…………………………………………………………………….10-11
2.4.2 Intra-Building & Inter-Building Network…………………………………………………........12
2.4.3 Network Topology……………………………………………………………………………....12
2.5 Fiber Optic Cable………………………………………………………………………………….13
2.5.1 Types of Fiber Optic Cable………………………………………………………………….13-14
2.5.2 How fibers are splicing end to end………………………………………….………………14-15
2.6 Active Directory Domain……………………………………………………………………..15-16
2.7 Switch Configuration…………………………………………………………………………….16
2.7.1 VLAN Configuration……………………………………………………………………….16-17
2.7.2 Trunk………………………………………………………………………………………..17-18
2.7.3 Advantages of using VLANs…………………………………………………………………..19
2.7.4 Sample Network Diagram of VLAN………………………………………………………..19-20
2.7.5 Security of VLAN Network…………………………………………………………………….20
i
2.8 Internet Protocol Networking Basics……………………………………………………………...20
2.8.1 Internet Protocol Addresses………………………………………………………………….20-22
2.8.1.1 Netmask……………………………………………………………………………………22-23
2.8.1.2 Subnet Addressing…………………………………………………………………………23-25
2.8.1.3 What are Valid Host……………………………………………………………………….25-26
2.8.1.4 Variable Length Subnet Mask……………………………………………………………..26-27
2.8.2 Private IP Addresses…………………………………………………………………………….27
2.8.3 Single IP Addresses using NAT……………………………………………………………..27-28
2.8.4 MAC Addresses……………………………………………………………………………..28-29
2.9 Internet Security…………………………………………………………………………………..29
2.9.1 What is a Firewall………………………………………………………………………………29
CHAPTER THREE
NETWORK DESIGN
3.1 Network Design Overview using Packet Tracer………………………………………………30-31
3.1.1 Core Layer…………………………………………………………………………………...31-32
3.1.2 Distribution Layer……………………………………………………………………………32-33
3.1.3 Access Layer…………………………………………………………………………………33-34
3.2 Project Summary…………………………………………………………………………………..34
3.3 Introduction………………………………………………………………………………………..34
3.4 Problem Statement………………………………………………………………………………...35
3.5 Objective of the Project…………………………………………………………………………....35
3.5.1 General Objective……………………………………………………………………………….35
3.5.2 Specific Objective……………………………………………………………………………….35
3.6 Literature Review………………………………………………………………………………….35
3.7 Methodology…………………………………………………………………………………...35-36
3.8 Result & Conclusions………………………………………………………………………….36-40
3.9 Practical Assignments……………………………………………………………………………..40
3.9.1 Work Assignment 1………………………………………………………………………….40-42
3.9.2 Work Assignment 2………………………………………………………………………….42-45
3.9.3 Work Assignment 3………………………………………………………………………….45-47
3.9.4 Work Assignment 4………………………………………………………………………….47-48
3.9.5 Work Assignment 5………………………………………………………………………….49-52
ii
CHAPTER FOUR
THE OVERALL INTERNSHIP EXPERIENCE

4.1. How good I was…………………………………………………………………………………..53
4.2 Challenges…………………………………………………………………………………………53
4.3 Benefits I Gained………………………………………………………………………………….53
4.3.1 Practical Skill……………………………………………………………………………………54
4.3.2 Theoretical Knowledge………………………………………………………………………….54
4.3.3 Interpersonal Communication Skills………………………………….........................................55
4.3.4 Leadership Skills………………………………………………………………………………...55
4.3.5 Work Ethics Related Issue………………………………………………………………………55
4.3.6 Entrepreneurship Skills………………………………………………………………………….56
CHAPTER FIVE
CONCLUSION AND RECOMMENDATION

5.1 Conclusion……………………………………………………………………………………….57
5.2 Recommendations……………………………………………………………………………….57
5.2.1 Recommendation for the future interns………………………………………………………..57
5.2.2 Recommendation for the Academy (KWAPS)…………………………………………….57-58
5.2.3 Recommendation for the University (KTU)…………………………………………………...58
Appendixes…………………………………………………………………………………………..59
iii
ACKNOWLEDGEMENT
I would be ungrateful if my appreciation is not expressed to those who helped in diverse ways
in making my attachment with KWAPS NETWORKS TRAINING ACADEMY a successful
one.
My first and foremost thanks goes to the Almighty God for His care and guidance during the
period of the attachment for without Him there would not have been the perfect peace, love
understanding and cooperation I enjoyed.
I wish to acknowledge my sincere thanks to my lectures, management and staff of Koforidua
Technical University and the whole of Computer Science Department, for arranging
Organizational attachment (Internship-program) that facilitates integration of theoretical
knowledge with real life situation.
Finally, I owe so much to my whole family for their undying support, their unwavering belief
that I can achieve so much unfortunately, I cannot thank everyone by name because it would
take a lifetime but, I just want you all to know that you count so much, had it not been for all
your prayers, love and help, I would never have completed this report. So, thank you all
iv
INTRODUCTION
As a nation, we have made very little progress in our attempt to develop over the years. For
any meaningful social and economic advancement in the environment in which we find
ourselves, it was realized that there is the need to increase and improve the country’s middle
level manpower. The implementation of Higher National Diploma (HND) courses in the
country was aimed at raising the working force of the middle level manpower both in quality
and quantity. In view of this, every student pursuing a course in the HND is to undertake six
months practical training in their field of study. This helps the students to acquire skills,
knowledge and current technological development in our various industries and leads to the
appreciation of some phases of their course outside the lecture halls.
Industrial Attachment, simply put, means attaching oneself to an industry. It involves
students spending their long vacation days with an industry or an establishment with the aim
of acquiring working experience in their field of study. It is aimed at bringing the students
into real contact with the activities of their chosen field of study. It also exposes the students
to real life problems which are anticipated in their chosen career.
This report is divided into a number of chapters. It begins with orientation and followed by
description of job offered. Problems encountered before and during the period of the
attachment then follow. In the final analysis the experiences I acquired in undertaken the
attachment are summarized. These helped me to make my recommendations and conclusion
v
PROCEDURE TO INDUSTRIAL TRIANING
 The Liaison Officer issues an introductory letter to each student to be forwarded to the
organization.
 I made enquiries about the organization and its facilities available to enable me to
have a successful attachment.
 My application was sent to the place of training; Kwaps Networks Training Academy,
Koforidua and it was approved.
OBJECTIVES OF THE INDUSTRIAL ATTACHMENT
 To help the student develops positive attitude and knowledge for living and self-
confidence and to develop entrepreneurial skills that can make the student take
initiative in job creation to promote expansion in the private sector.
 To guide and assist the student undertake the required learning and practical activities
as outlined in the relevant external syllabus to enable the student write the
examination set the external examining board.
 To enable the student, acquire relevant and adequate technical professional skills that
will give the student the opportunity to perform as a middle – level management and
supervisory personnel in an appropriate establishment and hence be able to contribute
to the technological and commercial development of the nation.
vi
LIST OF ABBREVIATION/ ACRONYMS
• QOS Quality of Service
• MS Microsoft
• VTP Virtual Trucking Protocol
• VMWare Virtual Machine Software
• AD Active Directory
• DS Domain Service
• AD DS Active Directory Domain Service
• VLAN Virtual Local Area Network
• POE Power over Ethernet
• NAT Network Address Translation
• RJ-45 Registered Jack-45
• IP Address Internet Protocol Address
• DHCP Dynamic Host configuration protocol
• KTU Koforidua Technical University
• HND Higher National Diploma

• FTP File Transfer protocol
• L2 layer2
• L3 layer 3
• IP Internet Protocol
• WCS Wireless Control System
• VSS Virtual Switching System
• ARP Address Resolution Protocol
• MAC Media Access Control
vii
CHAPTER ONE
BREIF HISTORICAL BACKGROUND
1.1 KWAPS NETWORK ACADEMY BACKGROUND
As the training arm of CISCO, KWAPS Network Training Academy carries forth a legacy of
excellence spanning across more than ten decades. KWAPS is an initiative that enables individuals
and organizations to benefit from KWAPS's deep expertise in the IT space. Among the fastest
growing IT education brands in Ghana, KWAPS offers a complete spectrum of quality training
programs on software, hardware, networking as well as global certifications in association with
leading IT organizations worldwide. Empowered with strategic alliances with leading IT
organizations in Ghana and abroad, KWAPS training solutions cater to diverse consumer profiles
including individuals, enterprises, academic institutions and Government enterprises. As the
fountainhead of the most significant pursuit of human mind (IT), KWAPS strongly believes, "Only
a Leader can transform you into a Leader". KWAPS Network Academy is a formalization of this
experience and credo which has been perfected over many decades.
1.2 CORPORATE VISION, MISSION, OBJECTIVES, PEOPLE OBJECTIVE AND

CORE VALUES OF KWAPS NETWOKS TRAINING ACADEMY
VISION
“Join force with other organizations in IT research, develop cutting edge content, and provide
community trainings needed to solve developmental needs of the less privileged African.”
MISSION
“To endow our students with the skillset to become more competitive, effective employable, and
resourceful in their chosen career”
OBJECTIVES
"To fuel initiative and foster activity by allowing individuals freedom of action and innovation in
attaining defined objectives."
Page | 1
PEOPLE OBJECTIVE
"To help people and share in the company's successes, which they make possible; to provide job
security based on their performance; to recognize their individual achievements; and help them
gain a sense of satisfaction and accomplishment from their work."
CORE VALUES
• We shall uphold the dignity of the individual.

• We shall honor all commitments.
• We shall be committed to Quality, Innovation and Growth in every Endeavor.
• We shall be responsible corporate citizens
1.3 KWAPS CISCO TRAINING COURSES
Cisco is a leading provider of IT products and services that ensures business benefits and helps in
overcoming various IT challenges. Cisco also offers a variety of certification programs for
professionals, employees and students. Cisco offers five levels of IT certification with eight different
career paths including routing and switching, design, network security, service provider, service
provider operations, storage networking, voice and wireless. The five levels of Cisco certification are
Entry, Associate, Professional, Expert and Architect. Cisco certification is one of the most demanded
technology certifications in the global job market. KWAPS offers Cisco training courses for CCNA,
CCNP and CCIE
1.4 MAJOR ACTIVITIES / CONCERNS OF KWAPS NETWORKS TRAINING
A network is a system that transmits any combination of voice, video and/or data between
users. The main field on which I was working was networking and the course was CCNA
which includes all the parts of networking.
In a typical LAN, there are various types of network devices available as outlined below.
1. Hub Repeat signals received on each port by broadcasting to all the other connected
ports.
2. Repeaters Used to connect two or more Ethernet segments of any media type, and to
Page | 2
provide signal amplification for a segment to be extended. In a network that uses repeater, all
members are contending for transmission of data onto a single network. We like to call this single
network a collision domain. Effectively, every user can only enjoy a percentage of the available
bandwidth. Ethernet is subject to the "5-4-3" rule regarding repeater placement, meaning we can
only have five segments connected using four repeaters with only three segments capable of
accommodating hosts.
3. Bridge A layer 2 device used to connect different networks types or networks of same
type. It maps the Ethernet addresses of the nodes residing on each segment and allows only the
necessary traffic to pass through the bridge. Packet destined to the same segment is dropped. This
"store-and-forward" mechanism inspects the whole Ethernet packet before making a decision.
Unfortunately, it cannot filter out broadcast traffic. Also, it introduces a 20 to 30 percent latency
when processing the frame. Only 2 networks can be linked with a bridge.
4. Switch Can link up four, six, eight or even more networks. Cut-through switches run
faster because when a packet comes in, it forwards it right after looking at the destination address
only. A store-and-forward switch inspects the entire packet before forwarding. Most switches
cannot stop broadcast traffic. Switches are layer 2 devices.
5. Routers Can filter out network traffic also. However, they filter based on the protocol
addresses defined in OSI layer 3(the network layer), not based on the Ethernet packet addresses.
Note that protocols must be routable in order to pass through the routers. A router can determine
the most efficient path for a packet to take and send packets around failed segments.
6. Brouter Has the best features of both routers and bridges in that it can be configured to
pass the unroutable protocols by imitating a bridge, while not passing broadcast storms by acting
as a router for other protocols.
7. Gateway Often used as a connection to a mainframe or the internet. Gateways enable
communications between different protocols, data types and environments. This is achieved via
protocol conversion, whereby the gateway strips the protocol stack off of the packet and adds the
appropriate stack for the other side. Gateways operate at all layers of the OSI model without
making any forwarding decisions.
Page | 3
Work assigned was:
• To design a coaxial cable and twisted cable.
• To design a LAN.
• To design a WAN.
• To design a MAN.
• To program router.
• To design network.
• To break password of router and switches.
A computer network is a connection of two or more computers through a cable or wireless

connection. Computer network enable computer users to share hardware, resources and
information. Aside sharing information, the computer network enables users to share internet
access. The importance of networking two or more computers cannot be overemphasized.
Networking in computer is unavoidable. We need networks in most things we do in life.
I wonder what the world of computer will be without computer networks. In computing,
networking is a way of connecting two or more computers together. When you network computers
together, the computers can share information and resources with one another. Networking is a
very vital and delicate area in computing.
We cannot really quantify the importance of networking two or more PC. Computer network is
very important for every business, no matter how small a business may be. Computer network
helps in sharing resources. With computer network, so many computers can share one printer,
scanner and some other hardware, which might be expensive for a company to acquire for every
computer user.
It is quite obvious that computer network helps to save cost for an organization. Instead of buying
all hardware for each computer, one can just share one via the computer network in addition to
this, let us just think of additional space that will be occupied by providing printers or scanners for
each of the computers in an organization. Networking two or more computer not only saves money
but also saves space. This in addition makes the user's environment friendly.
Page | 4
Do we ignore the communication aspect? No! Networking enhances effective communication
among members of an organization or a company. With appropriate software, each computer user
can communicate with other members or staff of an organization or company. In addition to this,
Computer network gives users the opportunity to use remote programs and remote databases either
of the same organization or from other enterprises or public sources. The importance of having
computer networks are really numerous.
Thus, it is a necessity for every organization or company. It makes effective communication

possible and helps to eliminate unnecessary waste of time and duplication or resources. The desire
result was obtained in every experiment and work as a result we made a successful network capable
of strong communications. A network engineer handles all of the “plumbing” for a company’s
computers, connecting offices with T1 lines, hooking them up to the Internet, and configuring all
internal systems such as net routers and firewalls. This was very interesting field and I covered a
subject known as Data Communication and Network which I have studied in 2nd semester taught
by Mr. Kobby.
1.5 MAIN CUSTOMERS OF KWAPS NETWORKS ACADEMY

The customers of Kwaps Networks Training Academy are divided in different groups of actors,
who are linked to the educational process being the main: current students, potential students,
employees, employers, government and industry. Which have classified the customers in internal
and external, emphasizing that the internal customer who are work to the satisfaction of external
customers. Besides, to the authors the customers can be classified in primary ones and secondary
ones, based on their location being as internal customers or external ones and based on the
frequency of interaction that the institution has with them too. While consider that the product of
higher education is the education and then, depending on the role developed by them during the
course, the students can be classified as internal or external.
Page | 5
CHAPTER TWO
DESCRIPTION OF INTERNSHIP TRAINING
2.0 Orientation
By definition, Orientation refers to the planned introduction of new people to their jobs, their peers
and to the company. The Orientation and briefing Exercise was conducted by the workplace
supervisor who welcomed the interns to the training center and briefed the interns about the goals,
aims, Mission of his organization, guidelines through the internship and Areas of coverage during
the period.
2.1 What Networking Is
Networking are Connection-oriented" and "Connectionless" communications.

A connection-oriented communication has the following characteristics:
• A session is guaranteed.
• Acknowledgements are issued and received at the transport layer, meaning if the sender
does not receive an acknowledgement before the timer expires, the packet is retransmitted.
• Phrases in a connection-oriented service involves Call Setup, Data transfer and Call
termination.
• All traffic must travel along the same static path.
• A failure along the static communication path can fail the connection.
• A guaranteed rate of throughput occupies resources without the flexibility of dynamic
allocation.
• Reliable = SLOW (this is always the case in networking).
In contrast, a connectionless communication has the following characteristics:
• Often used for voice and video applications.
• NO guarantee nor acknowledgement.
• Dynamic path selection.
• Dynamic bandwidth allocation.
• Unreliable = FAST.
Page | 6
• The layer which is important for networking are
2.2 Duties Performed at Internships

Internships, apprenticeships, learner-ships, are all terms used to define gaining of work experience
before being employed full-time. Internship mean to enable the transfer of learning and knowledge
by apply what I have learn in the classroom to the “real world” and to work experiences that may
prove useful in finding full-time employment thereafter
Duties I can perform while I was at internship in KWAPS include:

 Expanding computer network.
 Attending to minor internet issues such as, distributing of patch cords, re-crimping of
damaged cable terminators (RJ-45), etc. generally I participated into different networking
and network installations such;
 In Block 105 and 106 network expansion and configuration in instructor’s room and
student classes.
 Fiber installation and configuration.
 Windows server configuration and administration.
 Cisco packet tracer configuration and installation.
 VLAN configuration using ordinary switch.
 Internet Protocol (IP) Networking Basics
2.3. What is a Computer Network?

A computer network is the connection of computer systems (hardware and software) and
accessories for the purpose of resource sharing and ease of communication. A computer network
can be large enough to accommodate millions of computers and accessories (Internet) it can also
be as small as 2 computers. Meanwhile, a local area network is a type of computer network that
is confined to a limited geographical area.
2.3.1. Network Devices

Router: a router traditionally translates network packets from one network to another. In other
words, it receives information from the internet, and transfers it to the right recipient on the Local
Page | 7
Area network (LAN). Here the router used has the capability of implementing the adaptive security
appliances (ASA) capabilities and other security policies.
Switch: A switch does almost the same job the router. It distributes packets to peripherals. But
most importantly it serves as a central connection point for cables from workstations, other
switches etc.
Wireless Access Point (WAP): The wireless access point serves as an extension of the LAN to
devices that cannot connect to the network by the use of cables. The WAP becomes the part of the
network that visitors are allowed to connect to with limited security but with some security too.
Cables: The cables to be used here would be majorly, the unshielded twisted pair CAT5 (CAT5
UTP) because of its speed, and relatively low cost as well as reliability. If there would be a need
for running cables externally (exposed) then the shielded CAT5 twisted pair cables would be
employed. The RJ45 would be used in terminating the cables
2.4. Network Infrastructure Analysis and Design

Before creating anything (in this case a network of computers) it is necessary to design a logical
representation of the project to make sure it is workable. Then next, consider its feasibility. To
do this, you want to consider the financial implications of creating a network, the manpower, the
importance and necessity, the cost of maintenance and so on. In the design phase; deciding what
topology you want to use is necessary as well as, what kind of cables you would need and what
network devices you need to purchase.
So that network installation has been implemented to be extremely careful of the expected
outcome before we had gone ahead and laying down the foundation for a computer network
To do so this network installation in optimal way, I have been done step by step as follow.
 Select the suitable room for switch arrangement
 Label the shortest path for trucking which 65cm above and trunk it.
 Label each UTP cables in both sides i.e.; to the node and to the UTP punch panel.
Page | 8
 Punch the terminals of the UTP in to the female and male RJ-45 connector by using puncher
and clamper.
 While I was punching UTPs to RJ-45 connector; separate the accessories and trunks i.e.;
accessories to users or nodes and trunks for giving connection from one floor to another
one by the case of FSP (Small Factor Protocol) module.
The way in which UTP cables are twisted (which pin on one end is connected to which pin on
the other end) have two modes (standards); these standard A&B.
Standard B color arrangements standard A color arrangements
Pin # Color Pin # Color
1 White with orange stripe 1 White with green stripe
2 Orange 2 Green
3 White with green stripe 3 White with orange stripe
4 Blue 4 Blue
5 White with blue stripe 5 White with blue stripe
6 Green 6 Orange
7 White with brown stripe 7 White with brown stripe
8 Brown 8 Brown
Page | 9
color arrangements for standard A and B
Standard-B cabling: means straight through cabling. The cable wire goes through straight
transmission wires over to the reception end. It uses for inter connecting of dissimilar devices.
Standard-A cabling: means crossover cabling. It uses for inter connecting similar devices i.e.,
switch with switch, PCs with PCs.
The steps that I have been made for nominal network cabling are:
1. Striping(remove) the outside insulation
2. Untwisted the wires
3. Sorting the wire based on standards and insert in to the RJ-45 connector
A Networked computer carries an array of benefits including:

• Increased productivity
• Reduced costs
• Higher data security
• Centralized data backup etc.
2.4.1. Basic equipment that have been used are includes
Stripper, clamper, node connector, UTP punch panel, puncher, scotch, bits(screws), drill, cutter,
trunk, node holder, saw, UTP CAT-6 cable, etc.
stripper used for removing the insulation of cables
Page | 10
Clamper used for crimping network cables
RJ-45 connectors used as connector (for switches and nodes)
UTP punch panel (front side) used as switches and bridge.
Back side of UTP punch panel
UTP CAT-6 cables used for expand the network connection. It has
two wounded conductors for the purpose of canceling out or reduces the noise from external
source.
Drill: used for making holes for the UTP cable expansion and bit holder on
the wall.
Cutter for cutting exceptional wire
Saw: used for cutting of trunk
Node holder & node cover: used for hold and cover to the jack of RJ-45
Page | 11
2.4.2. Intra-Building and Inter-Building Network Installation
Hence, we didn’t implement the inter-building & intra-building network installation but as I
understand:
 Inter-building network installation: while SMF cable is arrived from the mini-DCs the SMF
is spliced into the fiber patch panel which is in 1st floor the 2nd and 3rd floor are arrived
network connections by the case of SFP module to the fiber patch panel of other one.
 Intra-building network installation: among buildings the network installation is healed by

splicing MMF from the block which is already connected with the min-DCs to another one
2.5 Network Topology
Topologies in computer networks refer to the physical arrangement of computers and the
network devices. There are various topology types, such as bus topology (linear), star topology,
Star topology is implemented throughout the network infrastructure for the following reasons;
 Security
 Ease of expansion
Page | 12
 Cheaper to maintain even though it costs more to set up due to purchase of so many
hardware devices
2.5 Fiber Optic Cable and Fiber Splicing

Introduction:
Fiber optic technology is simply the use of light to transmit data. Advances in fiber technology,
lower production costs, and installation have all contributed to the wide use of fiber. The
continuous increase of bandwidth used by consumers, government and enterprises causes a rapidly
expanding worldwide optical fiber telecommunications network.
Optical fiber is composed of several elements. The construction of a fiber optic cable consists of a
core, cladding, coating buffer, strength member and outer jacket. The optic core is the light
carrying element at the center. The core is usually made up of a combination of silica and germania.
The cladding surrounding the core is made of pure silica
2.5.1. Types of fiber optic cables

There are two types of fiber optics i.e.; SMF and MMF
Single-Mode Fiber (SMF): Single mode fiber has a very small core causing light to travel in a
straight line and typically has a core size of 8 or 10 microns. It has unlimited bandwidth that can
go unrepeated for over 80km, depending on the type of transmitting equipment. Single mode fiber
has enormous information capacity, more than multimode fiber.
Page | 13
Multi-Mode Fiber (MMF): Multimode fiber supports multiple paths of light and has a much
larger core and has a core size of 50 or 62.5 microns. The light travels down a much larger path in
multimode fiber, allowing the light to go down several paths or modes.
Characteristics of SMF and MMF

Characteristics SMF MMF
Band width High Lower
Signal Quality High Lower
Application Long transmission Short transmission
2.5.2. How fibers are splicing (connecting) end to end?

Fibers can be connected to each other by fusion splicing, mechanical splicing and by the use of
connectors. Of these three, fusion splicing is the commonly used method and we have been used
during our work. Because fusion splicer have advanced in ease of use and speed, people who are
responsible for and those who perform fusion splicing do need specific knowledge about fiber,
splicing and testing of the results.
Fusion splicing of optical fibers
Fusion splicing is the method of joining two optical fibers end-to-end using heat. The goal is to
join the two fibers together in such a way that optical signal passing through the fibers is not
attenuated or reflected back by the splice. The splice and the region surrounding should be almost
as strong as the fiber itself. The source of the necessary heat is usually an electric arc.
Page | 14
The following steps are necessary to splice optical fiber:
 Strip the coating off the two fibers that will be spliced together
 Clean the stripped fiber
 Each fiber must be cleaved so that its end-face is perfectly flat and perpendicular to the
axis of the fiber
 Aligning of two end-faces of the fibers. This is normally done by the splicing machine by
means of: fixed V-groove, optical core alignment, cladding alignment or local injection
and detection of light (LID)
 The two fibers are fused together
 Visual inspection of the splice and splice loss estimation (available on most splicing
machine). Redo the splice (step 1 to 6) in case an error is found
 Check mechanical strength of the splice (normally done by the splicing machine)
 The bare fiber area around the splice is protected with a splice protector.
Alternatives to fusion splicing include using optical fiber connectors or mechanical splices both
of which have in general higher insertion losses, lower reliability and higher return losses than
fusion splicing. During installation, the splice loss is estimated by the optical image processing
system of the splicer unit. Based on this estimation, the splice can be approved or rejected. Since
while we have been splicing the fiber cable the splice loss is 0.00db-0.02db.
2.6. Microsoft Window Server Active Directory Domain Services

Active Directory domain services are used primarily to manage Users and Resource management
across Enterprise infrastructures spanning the physical subnets across the globe. Active Directory
domain provides distributed database to store and manage application data, user data and computer
data respectively.
Active directory structure comprises of Single Forest, with multiple domains and child domains.
Administrator can configure active directory domain based on the physical subnets; it is advisable
to install directory server on the physical site. Active directory provides different security
boundaries in the form of a) Forest b) Domain c) Organizational Units. It plays two basic functions
Page | 15
within a network: that of a directory service containing a hierarchical listing of all the objects
within the network, and that of an authentication and security service that controls and provides
access to network resources. These two roles are different in nature and focus, but they combine
together to provide increased user capabilities while decreasing administrative overhead. The
Active Directory itself is defined by a schema that indicates how each object is represented within
the data store. For example, a user object has, among other things, a first name, last name, logon
name, e-mail address, and password. If you’re familiar with databases, you should already be
familiar with the term schema since a database schema refers to the structure of the database in the
same way the Active Directory schema defines the Active Directory’s structure. Domain Name
System (DNS) is a system for naming computers and network services that maps those names to
network addresses and organizes them into a hierarchy of domains. DNS naming is used on TCP/IP
networks, such as the Internet and most corporate networks, to locate computers and services by
using user-friendly names. When a user enters the DNS name of a computer in an application,
DNS can look up the name and provide other information that is associated with the computer,
such as its IP address or services that it provides for the network. This process is called name
resolution. Name systems, such as DNS, make it easier to use network resources by providing
users with a way to refer to a computer or service by a name that is easy to remember. DNS looks
up that name and provides the numeric address that operating systems and applications require to
identify the computer on a network.
2.7. Switch Configuration

2.7.1. VLAN configuration
The hierarchical topology segments the network into physical building blocks, simplifying
operation and increasing availability. Each layer within the hierarchical infrastructure has a
specific role. By default, switches break up collision domains and routers break up broadcast
domains. The supervisor said that by creating virtual local area network (VLAN) in the distribution
layer, switches break up broadcast domains in a pure switched internetwork. AVLAN is a logical
grouping of network users and resources connected to administratively defined ports on a switch.
He said that when you create VLANs, you’re given the ability to create smaller broadcast domains
within a layer 2 switched internetworks by assigning different ports on the switch to service
different sub networks. A VLAN is treated like its own subnet or broadcast domain, meaning that
Page | 16
frames broadcast onto the network are only switched between the ports logically grouped within
the same VLAN.
VLANs consists of two basic goals

 Creating the VLAN and
 Assigning the proper port to that VLAN
VLANs can be created on a VTP server switch or they can be created on each individual switches,
hence I can implement on simple ordinary switch. Hence all the VLANs configured in distribution
switch will be propagated to all the respected access switches. By default, all VLANs are allowed
on all trunks. You can explicitly control which VLANs are allowed on a trunk by using the switch
port trunk allowed vlavlan-id command on the interface at each end of the trunk.
2.7.2. Trunk
Trunking is a process of connecting switches together so that they can send VLAN information
between each other. A trunk port is a point-to-point connection between switches, a switch and a
router, or even a switch and a server, and it carries the traffic of multiple VLANS. Configuration
of trunk involves identifying trunk ports and selecting the encapsulation type. Identifying the trunk
ports is a useful task in such a way that it eases VLAN configuration and administration.
Simple example
An employer has a single ordinary switch with 20 ports and single IP address with no subnetting.
He needs to create 4 VLANs, i.e., VLAN1, VLAN2, VLAN3, VLAN4 named as ICT, HRM,
Account, and Teachers respectively; with 5 users per VLAN and VLAN3 is need to communicate
with other VLAN of its organization through port fa0/24. Write the appropriate step by step
vlavvlan-id command to confirm this task.
Solution:
Firstly, create the 4 VLANs:
 Enable
 Conf t
 Hostname employer
 Vlan1
 Name ICT
Page | 17
 Exit
 Vlan2
 Name HRM
 Exit
 Vlan3
 Name Account
 Exit
 Vlan4
 Name Teachers
 Exit
Secondly assigning the proper port to that VLAN
 Conf t
 Int range fa0/1-5
 Switch port mode access
 Swichport access vlan1
 Ctrl+z
 Conf t
 Ctrl+z
 Conf t
 Ctrl+z
 Conf t
 Ctrl+z
Hence the employer needs to interface or communicate VLAN3 through port fa0/24, from the
concept of trunk I can implement as:
 Conf t
 Int fa0/24
 Switch port mode trunk
 Switch port mode trunk allow Vlan3
Page | 18
2.7.3. Advantage of using VLANs
VLANs have the following benefits
 Performance: Routers that forward data in software becomes a bottleneck as LAN data
rates increase. Doing away with the routers removes this bottleneck.
 Formation of virtual workgroups: Because workstations can be moved from one VLAN
to another just by changing the configuration on switches, it is relatively easy to put all the
people working together on a particular project all into a single VLAN. They can then more
easily share files and resource with each other. To be honest though virtual workgroups
sound like a good idea in theory, but often do not work well in practice. It turns out that
users are usually more interested in accessing company-wide resource than files on each
other’s PCs.
 Greater flexibility: If users move their desks, or just move around the place with their
laptops, then if the VLANs are set up the right way they can plug their PC in at new
location, and still be within the same VLAN. This is much harder when a network is
physically divided up by routers.
 Ease of partitioning off resources: If there are servers or other equipments to which the
network administrator wishes to limit access, then they can be put off into their own VLAN.
Then users in other VLANs can be given access selectively.
2.7.5. Sample Network Diagram of VLAN
Page | 19
From the network diagram above we see that the local area network is linked with the internet
(The external) through the Internet Service Provider (ISP) the connection comes into the local
network through the Cisco router that has ASA (Adaptive security Appliance) enabled. The
connection flows through to the core switch which serves as a central connection point for other
workstation switches. Obviously, there are three departments in this simulated network and one
public wireless access point.
2.7.6. Security of VLAN Network

For the sake of growth and well-being, owners as well as managers of a company need to pay
special attention to the security system of their computer network. Network security is concerned
with the protection of network resources and services from natural and human caused disasters.
To do so, the security designer has to look carefully at the vulnerability of the network system
and design security measures to protect disaster on the company. All network devices used in the
simulated network have been configured with a basic configuration. The basic configuration
includes the names of the devices, the IP addresses, user names and their encrypted passwords,
VTY and console ports passwords, default routes, access and trunk ports as described earlier the
simulated network would make use of CISCO Adaptive security appliance router. Therefore, it is
necessary to keep them secure. Unused ports must be monitored regularly, if need be, they must
be shut down. For the purpose of this network, the unused ports are shut down. Security must be
configured on open ports to avoid spoofing, sniffing and MAC address flooding.
2.8. Internet Protocol (IP) Networking Basics

Basic terminologies
 Address: the unique number ID assigned to one host or interface in a network
 Subnet: a portion of a network sharing a particular subnet address
 Subnet mask: a 32bit combination used to describe which portion of an address to the
subnet and which part refers to the host.
 Interface: a network connection
2.8.1. Internet Protocol (IP) Addresses
An IP address is an address used in order to uniquely identify a device on a network. Because
TCP/IP networks are interconnected across the world, each computer on the Internet must have a
Page | 20
unique address (called an IP address) to make sure that transmitted data reaches the correct
destination. Blocks of addresses are assigned to organizations by the Internet Assigned Numbers
Authority (IANA). Individual users and small organizations may obtain their addresses either from
the IANA or from an Internet service provider (ISP). The Internet Protocol (IP) uses a 32bit address
structure. The address is usually written in dot notation (also called dotted-decimal notation), in
which each group of eight bits is written in decimal form, separated by decimal points. For
example, the following binary address: 11000011 00100010 00001100 00000111 is normally
written as: 195.34.12.7 The latter notation is easier to remember and easier to enter into your
computer. In addition, the 32 bits of the address are subdivided into two parts. The first part of the
address identifies the network, and the second part identifies the host node or station on the
network. The dividing point may vary depending on the address range and the application.
There are five standard classes of IP addresses. These address classes have different ways of
determining the network and host sections of the address, allowing for different numbers of hosts
on a network. Each address type begins with a unique bit pattern, which is used by the TCP/IP
software to identify the address class. After the address class has been determined, the software
can correctly identify the host section of the address. The figure below shows the three main
address classes, including network and host sections of the address for each address type.
Page | 21
The five address classes are:
 Class A Class A addresses can have up to 16,777,214 hosts on a single network. They use
an 8-bit network number and a 24-bit node number. Class A addresses are in this range:
1.x.x.x to 126.x.x.x.
 Class B Class B addresses can have up to 65,354 hosts on a network. A Class B address
uses a 16-bit network number and a 16-bit node number. Class B addresses are in this
range: 128.1.x.x to 191.254.x.x.
 Class C Class C addresses can have up to 254 hosts on a network. A Class C address uses
a 24-bit network number and an 8-bit node number. Class C addresses are in this range:
192.0.1.x to 223.255.254.x.
 Class D Class D addresses are used for multicasts (messages sent to many hosts). Class D
addresses are in this range: 224.0.0.0 to 239.255.255.255.
 Class E Class E addresses are for experimental use. This addressing structure allows IP
addresses to uniquely identify each physical network and each node on each physical
network.
For each unique value of the network portion of the address, the base address of the range (host
address of all zeros) is known as the network address and is not usually assigned to a host. Also,
the top address of the range (host address of all ones) is not assigned, but is used as the broadcast
address for simultaneously sending a packet to all hosts with the same network address.
2.8.1.1. Netmask
In each of the address classes previously described, the size of the two parts (network address and
host address) is implied by the class. This partitioning scheme can also be expressed by a netmask
associated with the IP address. A netmask is a 32-bit quantity that, when logically combined (using
an AND operator) with an IP address, yields the network address. For instance, the netmasks for
Class A, B, and C addresses are 255.0.0.0, 255.255.0.0, and 255.255.255.0, respectively. For
example, the address 192.168.170.237 is a Class C IP address whose network portion is the upper
24 bits. When combined (using an AND operator) with the Class C netmask, as shown here, only
the network p o r t i o n o f t h e a d d r e s s r e m a i n s : 11000000 1 0 1 0 1 0 0 0 1 0 1 0 1 0 1 0
11101101 (192.168.170.237) combined with: 11111111 11111111 11111111 00000000
(255.255.255.0) equals: 11000000 10101000 10101010 00000000 (192.168.170.0) As a shorter
alternative to dotted-decimal notation, the netmask may also be expressed in terms of the number
of ones from
Page | 22
the left. This number is appended to the IP address, following a backward slash (/), as “/n.” In the
example, the address could be written as 192.168.170.237/24, indicating that the netmask is 24
ones followed by 8 zeros.
2.8.1.2 Subnet Addressing

By looking at the addressing structures, you can see that even with a Class C address, there are a
large number of hosts per network. Such a structure is an inefficient use of addresses if each end
of a routed link requires a different network number. It is unlikely that the smaller office LANs
would have that many devices. You can resolve this problem by using a technique known as subnet
addressing.
Subnet addressing allows us to split one IP network address into smaller multiple physical
networks known as subnet works. Some of the node numbers are used as a subnet number instead.
A Class B address gives us 16 bits of node numbers translating to 64,000 nodes. Most organizations
do not use 64,000 nodes, so there are free bits that can be reassigned. Subnet addressing makes use
of those bits that are free, as shown below.
A Class B address can be effectively translated into multiple Class C addresses. For example, the
IP address of 172.16.0.0 is assigned, but node addresses are limited to 255 maximum, allowing
eight extra bits to use as a subnet address. The IP address of 172.16.97.235 would be interpreted
as IP network address 172.16, subnet number 97, and node number 235. In addition to extending
the number of addresses available, subnet addressing provides other benefits. Subnet addressing
allows a network manager to construct an address scheme for the network by using different
subnets for other geographical locations in the network or for other departments in the
organization. Although the preceding example uses the entire third octet for a subnet address, note
that you are not restricted to octet boundaries in subnetting. To create more network numbers, you
need only shift some bits from the host address to the network address. For instance, to partition a
Class C network number (192.68.135.0) into two, you shift one bit from the host address to the
Page | 23
network address. The new netmask (or subnet mask) is 255.255.255.128. The first subnet has
network number 192.68.135.0 with hosts 192.68.135.1 to 129.68.135.126, and the second subnet
has network number 192.68.135.128 with hosts 192.68.135.129 to 192.68.135.254.
Note: The number 192.68.135.127 is not assigned because it is the broadcast address of the first
subnet. The number 192.68.135.128 is not assigned because it is the network address of the second
subnet.
The following table lists the additional subnet mask bits in dotted-decimal notation. To use the
table, write down the original class netmask and replace the 0-value octets with the dotted decimal
value of the additional subnet bits. For example, to partition your Class C network with subnet
mask 255.255.255.0 into 16 subnets (four bits), the new subnet mask becomes 255.255.255.240.
The following table displays several common netmask values in both the dotted-decimal and the
mask length formats for class C. Configure all hosts on a LAN segment to use the same netmask
for the following reasons:
Netmask Notation Translation Table for One Octet
Number of Bits Dotted-Decimal Value
1 128
2 192
3 224
4 240
5 248
6 252
7 254
8 255
The following table displays several common netmask values in both the dotted-decimal and the
mask length formats.
Dotted decimal Mask length

255.0.0.0 /8
255.255.0.0 /16
Page | 24
255.255.255.0 /24
255.255.255.128 /25
255.255.255.192 /26
255.255.255.224 /27
255.255.255.240 /28
255.255.255.248 /29
255.255.255.252 /30
255.255.255.254 /31
255.255.255.255 /32
Configure all hosts on a LAN segment to use the same netmask for the following reasons:
 So that hosts recognize local IP broadcast packets When a device broadcasts to its
segment neighbors, it uses a destination address of the local network address with all ones for the
host address. In order for this scheme to work, all devices on the segment must agree on which
bits comprise the host address.
 So that a local router or bridge recognizes which addresses are local and which are
remote
2.8.1.3 What are the valid hosts?

Valid hosts are the numbers between the subnets, omitting the all 0s and all 1s. For example, if 16 is
the subnet number and 31 is the broadcast address, then 17-30 is the valid host range – it’s always
the numbers between the subnet address and the broadcast address.
Fixed-length subnet mask (FLSM)

The first significant feature retrofitted in the IPv4 address space was the introduction of support for
a third tier in its architecture. “Classical IP: The Way It Was,” the IP address space features a two-
tier hierarchy in which each address consists of a network address and a host address within its 32-
bit structure. Such flatness distinctly limits scalability in a number of ways.
Example
Step 1: Router R1 needs 20 network addresses. So, 25= 32-2 (2 is subtract form 32 because in
FLSM all 0’s and all 1’s are not considered) = 30
Step 2: Now borrow 5 bit from the host part of the IP address.
172.16.00000 000.00000000
Step 3: So the subnet mask is change, now new subnet mask is 255.255. (128+64+32+26+8)
000.00000000 255.255.248.0
Page | 25
Step 4: After calculating subnet mask, the first network address is, Put 1 at the rightmost bit of the
network part, like 172.16.00001 000.00000000
IP is 172.168.8.0/21 (CIDR is 21 because 8 bit + 8 bit + 5 bit)
Step 5: Now the first host address of this network address is

172.16.8.00000001 = 172.16.1/21 (Fast host address)
172.16.8.00000010 = 172.16.8.2/21
172.16.8.00000011 = 172.16.8.3/21
.
.
.
172.16.8.11111110 = 172.16.8.254/21 (Last host address)
Step 6: Second network calculation goes like this, put 1 in the second bit if the network part like
172.16.00010 000.00000000
So, IP: 172.16.16.0/21
Step 7: Go to step 5 for host address calculation
Step 8: Do the same method for R2 router.
2.8.1.4 Variable – length subnet mask (VLSM)

A VLSM is a sequence of numbers of variable length that streamlines packet routing within the
subnets of a proprietary network. A subnet can be a geographically defined local area network
(LAN). Alternatively, a subnet may define security boundaries, departmental boundaries, multicast
or hardware security parameters.
Step1: In VLSM, considered the maximum number of host present in a network.

Here R2 router has maximum number of hosts.
So, requirements is 50 hosts
26 = 64
Step2: So, we have to leave 6 bit form the host part of the IP
172.168.00000000.00 000000
So, the subnet mask is 8+8+8+2 = 26
Now network address for R2 is 172.168.0.0 / 26
Step3: Now calculate the 2nd network address from 172.168.0.0 / 26

172.168.00000000.00000000 / 26
Put 1 at the last bit of network part.
172.168.00000000.01000000 / 26
So, 2nd network address is 172.168.0.64 / 26
Step4: Now we calculate the network address of R1 for 2nd network address.
172.168.00000000.01000000 / 26
Page | 26
Requirement of R1 is 28 hosts.
25 = 32
172.168.00000000.010 00000
So, network address for r1 is 172.168.0.64 / 27
Step5: Repeat step 3 for calculate 3rd network address and step 4 for calculate network
address between two routers.
2.8.2. Private IP Addresses

If your local network is isolated from the Internet (for example, when using Network Address
Translation, NAT, which is described below), you can assign any IP addresses to the hosts without
problems. However, the IANA has reserved the following three blocks of IP addresses specifically
for private networks: 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 -
192.168.255.255 Choose your private network number from this range. Some NETGEAR
products have DHCP servers that are preconfigured to automatically assign private addresses.
Regardless of your particular situation, do not create an arbitrary IP address; always follow the
guidelines explained here.
2.8.3. Single IP Address Operation Using NAT

In the past, if multiple computers on a LAN needed to access the Internet simultaneously, you had
to obtain a range of IP addresses from the ISP. This type of Internet account is more costly than a
Page | 27
single-address account typically used by a single user with a modem, rather than a router.
NETGEAR products use an address-sharing method called Network Address Translation (NAT).
This method allows several networked computers to share an Internet account using only a single
IP address, which may be statically or dynamically assigned by your ISP. The router does this by
translating the internal LAN IP addresses to a single address that is unique on the Internet. The
internal LAN IP addresses can be either private addresses or registered addresses. The following
figure illustrates a single IP address operation
This scheme offers the additional benefit of firewall-like protection because the internal LAN
addresses are not shown to the Internet connection. This filtering can prevent intruders from
probing your system. However, using port forwarding, you can allow one computer (for example,
a Web server) on your local network to be accessible to outside users.
2.8.4. Media Access Control (MAC) Addresses and Address Resolution Protocol
An IP address alone cannot be used to deliver data from one LAN device to another. To send data
between LAN devices, you must convert the IP address of the destination device to its MAC
address. Each device on an Ethernet network has a unique MAC address, which is a 48-bit number
assigned to each device by the manufacturer. The technique that associates the IP address with a
Page | 28
MAC address is known as address resolution. Internet Protocol uses the Address Resolution
Protocol (ARP) to resolve MAC addresses. If a device sends data to another station on the network
and the destination MAC address is not yet recorded, ARP is used. An ARP request is broadcast
onto the network. All stations (computers, for example) on the network receive and read the
request. The destination IP address for the chosen station is included as part of the message so that
only the station with this IP address responds to the ARP request. All other stations discard the
request.
The station with the correct IP address responds with its own MAC address directly to the sending
device. The receiving station provides the transmitting station with the required destination MAC
address. The IP address data and MAC address data for each station are held in an ARP table. The
next time data is sent, the address can be obtained from the address information in the table.
2.9. Internet Security and Firewalls

When your LAN connects to the Internet through a router, an opportunity is created for outsiders
to access or disrupt your network. A NAT router provides some protection because by the very
nature of the process, the network behind the router is shielded from access by outsiders on the
Internet. However, there are methods by which a determined hacker can possibly obtain
information about your network or at the least can disrupt your Internet access. A greater degree
of protection is provided by a firewall router.
2.9.1. What is a Firewall?

A firewall is a device that protects one network from another while allowing communication
between the two. A firewall incorporates the functions of the NAT router, while adding features
for dealing with a hacker intrusion or attack. Several known types of intrusion or attack can be
recognized when they occur. When an incident is detected, the firewall can log details of the
attempt, and it can optionally send e-mail to an administrator to report the incident. Using
information from the log, the administrator can take action with the ISP of the hacker. In some
types of intrusions, the firewall can fend off the hacker by discarding all further packets from the
hacker’s IP address for a period of time
Page | 29
CHAPTER THREE
NETWORK DESIGN
3.1. Campus Hierarchical Network Design Overview Using Packet Tracer

Cisco introduced the hierarchical design model, which uses a layered approach to network design
in 1999 (Figure 3.1). The building block components are:
 The access layer,
 The distribution layer,
 And the core (backbone) layer.
The principal advantages of this model are its hierarchical structure and its modularity
Fig3.1. Hierarchical Campus Network Design

In a hierarchical design, the capacity, features, and functionality of a specific device are optimized
for its position in the network and the role that it plays. This promotes scalability and stability. The
number of flows and their associated bandwidth requirements increase as they traverse points of
aggregation and move up the hierarchy from access to distribution to core.
Functions are distributed at each layer. A hierarchical design avoids the need for a fully-meshed
network in which all network nodes are interconnected. The building blocks of modular networks
are easy to replicate, redesign, and expand. There should be no need to redesign the whole network
Page | 30
each time a module is added or removed. Distinct building blocks can be put in-service and taken
out-of-service without impacting the rest of the network. This capability facilitates
troubleshooting, problem isolation, and network management.
3.1.1. Core Layer

In a typical hierarchical model, the individual building blocks are interconnected using a core layer.
The core serves as the backbone for the network, as shown in Fig 3.2. The core needs to be fast
and extremely resilient because every building block depends on it for connectivity. Current
hardware accelerated systems have the potential to deliver complex services at wire speed.
However, in the core of the network a “less is more” approach should be taken. A minimal
configuration in the core reduces configuration complexity limiting the possibility for
operational error.
Fig3.2. Core Layer

Although it is possible to achieve redundancy with a fully-meshed or highly-meshed topology, that
type of design does not provide consistent convergence if a link or node fails. Also, peering and
adjacency issues exist with a fully-meshed design, making routing complex to configure and
difficult to scale. In addition, the high port count adds unnecessary cost and increases complexity
as the network grows or changes. The following are some of the other key design issues to keep
in mind:
Page | 31
 Design the core layer as a high-speed, Layer3 (L3) switching environment utilizing only
hardware-accelerated services. Layer3 core designs are superior to Layer2 and other
alternatives because they provide:
 Faster convergence around a link or node failure.
 Increased scalability because neighbor relationships and meshing are reduced.
 More efficient bandwidth utilization
Use redundant point-to-point L3 interconnections in the core (triangles, not squares) where ever
possible, because this design yields the fastest and most deterministic convergence results. Avoid
L2 loops and the complexity of L2 redundancy, such as Spanning Tree Protocol (STP) and indirect
failure detection for L3 building block peers
3.1.2. Distribution Layer

The distribution layer aggregates nodes from the access layer, protecting the core from high-
density peering (Fig3.3). Additionally, the distribution layer creates a fault boundary providing a
logical isolation point in the event of a failure originating in the access layer. Typically deployed
as a pair of L3 switches, the distribution layer uses L3 switching for its connectivity to the core of
the network and L2 services for its connectivity to the access layer. Load balancing, Quality of
Service (QoS), and ease of provisioning are key considerations for the distribution layer.
Fig 3.3. Distribution Layer

High availability in the distribution layer is provided through dual equal-cost paths from the
distribution layer to the core and from the access layer to the distribution layer. This results in fast,
deterministic convergence in the event of a link or node failure. When redundant paths are present,
Page | 32
failover depends primarily on hardware link failure detection instead of timer-based software
failure detection. Convergence based on these functions, which are implemented in hardware, is
the most deterministic.
3.1.3. Access Layer

The access layer is the first point of entry into the network for edge devices, end stations, and IP
phones. The switches in the access layer are connected to two separate distribution layer switches
for redundancy. If the connection between the distribution layer switches is an L3connection, then
there are no loops and all uplinks actively forward traffic.
Fig3.4. Access Layer

A robust access layer provides the following key features:
 High availability (HA) supported by many hardware and software attributes.
 Inline power (POE) for IP telephony and wireless access points, allowing customers to
converge voice onto their data network and providing roaming WLAN access for users.
 Foundation services. The hardware and software attributes of the access layer that support
high availability include the following:
 System-level redundancy using redundant supervisor engines and redundant power
supplies. This provides high-availability for critical user groups.
 Default gateway redundancy using dual connections to redundant systems (distribution
layer switches). This provides fast failover from one switch to the backup switch at the
distribution layer.
 Operating system high-availability features, such as Link Aggregation (Ether Channel
or802.3ad), which provide higher effective bandwidth while reducing complexity.
Page | 33
 Prioritization of mission-critical network traffic using QoS. This provides traffic
classification and queuing as close to the ingress of the network as possible.
Security services for additional security against unauthorized access to the network through the
use of tools such as 802.1x, port security, DHCP snooping, Dynamic ARP Inspection, and IP
Source Guard.
 Efficient network and bandwidth management using software features such as Internet
Group Membership Protocol (IGMP) snooping. IGMP snooping helps control multicast
packet flooding for multicast applications.
3.2 Short summary of the project

Network designs vary depending on the size, topology and requirements of the organizations. The
Cisco hierarchical (three-layer) internetworking model is an industry wide adopted model for
designing a reliable, scalable, and cost-efficient internetwork. It involved identification,
determination and specification of data communication products and services that best satisfy user
need in a way that gives room for network scalability, redundancy and effective manageability.
So, my project focuses on the design of a hierarchical network by effectively deploying
technologies and protocols as Access Control Lists, OSPF routing, Inter VLAN routing, Subnet
masking, Network Address Translation, use of DHCP server, pool and wireless routing.
3.3 Introduction
The design that I was simulating for campus uses a three-layer hierarchical logical model known
as cisco three tier model containing Access, Distribution and Core Layer and the diagram I used
was containing all the three layers each performing different task. The Diagram Consists of IP
Services like Dynamic Host Configuration Protocol, Network Address Translation and Routing
(OSPF). To share the traffic flow load on different layers each service should be implemented on
different layers. The Dynamic Host Configuration Protocol & DNS Services are delivered by
distribution switches of each campus and Network Address Translation is better to be handled by
the ASA firewall (2911 serious router used in our particular case).
To note here what I wanted to emulate is the knowledge I gained in the internship by taking my
university as task sampler performing the tasks, I already knew in my 2 months internship period
Page | 34
3.4 Problem Statement
When network devices communicate with many other devices, the workload required of the CPUs
on the devices are burdensome. The modular nature of the hierarchical design model is to enable
accurate capacity planning within each layer of the hierarchy, thus reducing wasted bandwidth,
reducing costs, increasing network speed, scalability, security, reliability and easy management
system.
3.5 Objective of the project

3.5.1 General objective
The overall objective of the Project is to Design and Implement a VLSM Addressing Scheme
Simulation of Hierarchical Network Design Using Packet Tracer
3.5.2 Specific objective
• Configure addressing on network devices and hosts
• Verify IP connectivity
• Troubleshoot connectivity issues as required
3.6 Literature review

Hierarchical network design model used to break the design up into modular groups or layers.
Breaking the design up into layers allows each layer to implement specific functions, which
simplifies the network design deployment and network management. Modularity in network
design allows us to create design elements that can be replicated throughout the network.
Replication provides an easy way to scale the network as well as a consistent deployment method.
In flat or meshed network architectures, changes tend to affect many systems.
Hierarchical design helps constrain operational changes to a subset of the network, which makes
it easy to manage as well as improve resiliency.
3.7 Methodology
Hardware requirement
 Switch (network access device)
 Router (inter networking device)
 Multilayer switch (chasse board switch)
Page | 35
 UTP (network media)
 Access point
 PC (personal computer)
Software requirement
 Cisco packet tracer 8.2.0.0162
Systems of methods used in this project are;
 drag and drop network devices in cisco packet tracer
 connecting network devices using automatically choose connection type cable
 Then configure the IOS command line interfaces in each device
Instructions
You have been given the network address 172.19.67.0/24 by your customer. The host address
requirements are:
Note: Some of the information is provided in the Packet Tracer instructions for your topology.
Requirements
Host Requirements:
LAN Number of Addresses Required

PD-1 LAN 19
PD-2 LAN 23
PS-101 LAN 11
PS-115 LAN 7
Design Requirements
• Create the addressing design. Follow guidelines provided in the curriculum regarding
the order of the subnets.
• The subnets should be contiguous. There should be no unused address space between
subnets.
• Provide the most efficient subnet possible for the point-to-point link between the
routers.
Page | 36
Note: You will configure addressing on all devices and hosts in the network.
• Assign the first usable IP addresses in the appropriate subnets to Police for the two
LAN links and the WAN link.
• Assign the first usable IP addresses in the appropriate subnets to Schools for the two
LANs links. Assign the last usable IP address for the WAN link.
• Assign the second usable IP addresses in the appropriate subnets to the switches.
• The switch management interface should be reachable from hosts on all of the LANs.
• Assign the last usable IP addresses in the appropriate subnets to the hosts.
If the addressing design and implementation are correct, all hosts and devices should be reachable
over the network.
3.8 Results & Conclusions
Configuration process as to the above resulted diagram

police
en
conf t
int g0/0
Page | 37
ip add 172.19.67.1 255.255.255.224
no shut
int g0/1
ip add 172.19.67.33 255.255.255.224
no shut
int s0/0/0
ip add 172.19.67.97 255.255.255.252
no shut
…………………….
schools
en
conf t
int g0/0
ip add 172.19.67.65 255.255.255.240
no shut
int g0/1
ip add 172.19.67.81 255.255.255.240
no shut
int s0/0/0
ip add 172.19.67.98 255.255.255.252
no shut
………………….
PD-1
en
conf t
int vlan 1
ip add 172.19.67.2 255.255.255.224
no shut
ip def 172.19.67.1
.............................
Page | 38
PD-1-11
IP Address: 172.19.67.30
Subnet Mask: 255.255.255.224
Default Gateway: 172.19.67.1
............................
PD-2
en
conf t
int vlan 1
ip add 172.19.67.34 255.255.255.224
no shut
ip def 172.19.67.33
..............................
PD-2-23
IP Address: 172.19.67.62
Subnet Mask: 255.255.255.224
..............................
PS-101-87
IP Address: 172.19.67.78
Subnet Mask: 255.255.255.240
.............................
PS-101
en
conf t
int vlan 1
ip add 172.19.67.66 255.255.255.240
no shut
ip def 172.19.67.65
...............................
Page | 39
PS-115
en
conf t
int vlan 1
ip add 172.19.67.82 255.255.255.240
no shut
ip def 172.19.67.81
...............................
PS-115-12
IP Address: 172.19.67.94
Subnet Mask: 255.255.255.240
3.9 Practical Assignments Carried Out Using Cisco Packet Tracer

3.9.1 Work Assignment -1 Network Representation
Objectives
The network model in this activity incorporates many of the technologies that you will master in your
CCNA studies. It represents a simplified version of how a small to medium-sized business network
might look. Feel free to explore the network on your own. When you are ready, proceed through the
following steps and answer the questions.
Note: It is not important that you understand everything you see and do in this activity. Feel free to
explore the network on your own. If you wish to proceed more systematically, follow the steps below.
Answer the questions to the best of your ability.
Page | 40
Instructions and Solutions
Step 1: Identify common components of a network as represented in Packet Tracer.

The icon toolbar at the bottom left-hand corner has various categories of networking components. You
should see categories that correspond to intermediary devices, end devices, and media.
The Connections category (with the lightning bolt icon) represents the networking media supported by
Packet Tracer. There is also an End Devices category and two categories specific to Packet
Tracer: Custom Made Devices and Multiuser Connection.
Questions:
a. List the intermediary device categories.
 Routers, Switches, Hubs, Wireless Devices, and WAN Emulation
b. Without entering into the internet cloud or intranet cloud, how many icons in the topology represent
endpoint devices (only one connection leading to them)?
 15
c. Without counting the two clouds, how many icons in the topology represent intermediary devices
(multiple connections leading to them)?
 11
d. How many end devices are not desktop computers?
 8
e. How many different types of media connections are used in this network topology?
 4
Step 2: Explain the purpose of the devices.

Questions:
a. In Packet Tracer, only the Server-PT device can act as a server. Desktop or Laptop PCs cannot act
as a server. Based on your studies so far, explain the client-server model.
 In modern networks, a host can act as a client, a server, or both. Software installed on the
host determines the role it plays on the network. Servers are hosts that have software
installed that enables them to provide information and services, like email or web pages, to
other hosts on the network. Clients are hosts that have software installed that enables them
to request and display the information obtained from the server. A client could also be
configured as a server simply by installing server software
b. List at least two functions of intermediary devices.
 Regenerate and retransmit data signals; maintain information about what pathways exist
through the network and internetwork; notify other devices of errors and communication
failures; Direct data along alternate pathways when there is a link failure; Classify and
direct messages according to QoS priorities; Permit or deny the flow of data, based on
security settings.
c. List at least two criteria for choosing a network media type.
 The distance the media can successfully carry a signal. The environment in which the
media is to be installed. The amount of data and the speed at which it must be transmitted.
The cost of the media and installation
Page | 41
Step 3: Compare and contrast LANs and WANs.tions:
a. Explain the difference between a LAN and a WAN. Give examples of each.
 LANs provide access to end users in a small geographical area. A home office or school
campus are examples of LANs. WANs provide access to users in a wide geographical area
over long distances spanning a few miles to thousands of miles. A Metropolitan Area
Network and the Internet are examples of WANs. A company’s intranet may also connect
multiple remote sites using a WAN.
b. In the Packet Tracer network, how many WANs do you see?
 There are two: the Internet and the Intranet WANs.
c. How many LANs do you see?
 There are three, easily identifiable because each has a border and label.
d. The internet in this Packet Tracer network is overly simplified and does not represent the structure
and form of the real internet. Briefly describe the internet.
 The Internet is mostly used when we need to communicate with a resource on another
network. The Internet is a global mesh of interconnected networks (internetworks).
e. What are some of the common ways a home user connects to the internet?
 Cable, DSL, dial-up, cellular, and satellite.
f. What are some common methods that businesses use to connect to the internet in your area?
 Dedicated leased line, Metro-E, DSL, Cable, Satellite
3.9.2 Work Assignment -2 Configure Initial Switch Settings
Objectives
Part 1: Verify the Default Switch Configuration
Part 2: Configure a Basic Switch Configuration
Part 3: Configure a MOTD Banner
Part 4: Save Configuration Files to NVRAM
Part 5: Configure S2
Solution
Part 1: Verify the Default Switch Configuration

Step1: (a). Click S1 and then the CLI tab. Press Enter.
(b). Enter privileged EXEC mode by entering the enable command:
Open Configuration Window for S1
Switch> enable
Switch#
Page | 42
Step2: (a). Enter the show running-config command.
Switch# show running-config
Part 2: Create a Basic Switch Configuration

Step 1: Assign a name to a switch.
To configure parameters on a switch, you may be required to move between various configuration
modes. Notice how the prompt changes as you navigate through the switch.
Switch# configure terminal
Switch(config)# hostname S1
S1(config)# exit
S1#
Step 2: Secure access to the console line.
To secure access to the console line, access config-line mode and set the console password to letmein.
S1# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# line console 0
S1(config-line)# password letmein
S1(config-line)# login
S1(config-line)# exit
S1(config)# exit
%SYS-5-CONFIG_I: Configured from console by console
S1#
Step 3: Verify that console access is secured.
Exit privileged mode to verify that the console port password is in effect.
S1# exit
Switch con0 is now available
Press RETURN to get started.
User Access Verification

Password:
S1>
Note: If the switch did not prompt you for a password, then you did not configure the login parameter in
Step 2.
Step 4: Secure privileged mode access.

Set the enable password to c1$c0. This password protects access to privileged mode.
Page | 43
Note: The 0 in c1$c0 is a zero, not a capital O. This password will not grade as correct until after you
encrypt it in Step 8.
S1> enable
S1# configure terminal
S1(config)# enable password c1$c0
S1(config)# exit
S1#
Step 5: Verify that privileged mode access is secure.
a. Enter the exit command again to log out of the switch.
b. Press <Enter> and you will now be asked for a password:
User Access Verification
Password:
c. The first password is the console password you configured for line con 0. Enter this password to
return to user EXEC mode.
d. Enter the command to access privileged mode.
e. Enter the second password you configured to protect privileged EXEC mode.
f. Verify your configuration by examining the contents of the running-configuration file:
S1# show running-config
Notice that the console and enable passwords are both in plain text. This could pose a security risk if
someone is looking over your shoulder or obtains access to config files stored in a backup location.
Step 6: Configure an encrypted password to secure access to privileged mode.
The enable password should be replaced with the newer encrypted secret password using the enable
secret command. Set the enable secret password to itsasecret.
S1# config t
S1(config)# enable secret itsasecret
S1(config)# exit
S1#
Note: The enable secret password overrides the enable password. If both are configured on the switch,
you must enter the enable secret password to enter privileged EXEC mode.
Step 7: Verify that the enable secret password is added to the configuration file.
Enter the show running-config command again to verify the new enable secret password is configured.
Note: You can abbreviate show running-config as
S1# show run
Questions:
Step 8: Encrypt the enable and console passwords.
As noticed in step7 the enable secret password was encrypted, but the enable and console passwords
were still in plain text. We will now encrypt these plain text passwords using the service password-
encryption command.
Page | 44
S1# config t
S1(config)# service password-encryption
S1(config)# exit
Question:
Part 3: Configure a MOTD Banner

Step 1: Configure a message of the day (MOTD) banner.
The Cisco IOS command set includes a feature that allows you to configure messages that anyone
logging onto the switch sees. These messages are called message of the day, or MOTD banners. Enclose
the banner text in quotations or use a delimiter different from any character appearing in the MOTD
string.
S1# config t
S1(config)# banner motd "This is a secure system. Authorized Access Only!"
S1(config)# exit
S1#
Part 4: Save and Verify Configuration Files to NVRAM

Step 1: Verify that the configuration is accurate using the show run command.
Save the configuration file. You have completed the basic configuration of the switch. Now back up the
running configuration file to NVRAM to ensure that the changes made are not lost if the system is
rebooted or loses power.
S1# copy running-config startup-config
Destination filename [startup-config]?[Enter]
Building configuration...
[OK]
Part 5: Configure S2
I followed the same procedure in configuration S1 for the configuration of S2
3.9.3 Work Assignment -3 VLSM Design and Implementation Practice
Objectives
Part 1: Examine the Network Requirements
Part 2: Design the VLSM Addressing Scheme
Part 3: Assign IP Addresses to Devices and Verify Connectivity
Background
In this activity, I was given a /24 network address to use to design a VLSM addressing scheme. Based on
a set of requirements, you will assign subnets and addressing, configure devices and verify connectivity
Page | 45
The steps I followed in configuring the above task
Building 1 -configuration
en
conf t
int g0/0
ip add 10.11.48.97 255.255.255.240
no shut
int g0/1
ip add 10.11.48.65 255.255.255.224
no shut
.....................
ASW3 -configuration
en
conf t
int vlan 1
ip add 10.11.48.114 255.255.255.248
no shut
ip def 10.11.48.113
Page | 46
.......................
Host-D configuration
IP Address: 10.11.48.62
Subnet Mask: 255.255.255.192
3.9.4 Work Assignment -4 Subnetting Scenario
Objectives
Part 1: Design an IP Addressing Scheme
Part 2: Assign IP Addresses to Network Devices and Verify Connectivity
Scenario
In this activity, I was given the network address of 192.168.100.0/24 to subnet and provide the IP
addressing for the Packet Tracer network. Each LAN in the network requires at least 25 addresses for
end devices, the switch and the router. The connection between R1 to R2 will require an IP address for
each end of the link.
Page | 47
The steps I followed in configuring the above task is as follows
R1 -configuration
enable
configure terminal
R1(config)#interface gigabitEthernet 0/0
R1(config-if)#ip address 192.168.100.1 255.255.255.224
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface gigabitEthernet 0/1

R1(config-if)#ip address 192.168.100.33 255.255.255.224
R1(config-if)#no shutdown
........................................
S3 -configuration
S3>enable
S3#configure terminal
S3(config)#interface vlan 1
S3(config-if)#ip address 192.168.100.66 255.255.255.224
S3(config-if)#no shutdown
S3(config-if)#exit
S3(config)#ip default-gateway 192.168.100.65
............................................
PC4 -configuration
IP address: 192.168.100.126
subnet mask: 255.255.255.224
Default gateway: 192.168.0.97
Page | 48
3.9.5 Work Assignment -5 Skills Integration Challenge
Background / Scenario
The router Central, ISP cluster, and the Web server from the above diagram are completely configured. I
was to create a new IPv4 addressing scheme that will accommodate 4 subnets using the 192.168.0.0/24
network. The IT department requires 25 hosts. The Sales department needs 50 hosts. The subnet for the
rest of the staff requires 100 hosts. A Guest subnet will be added in the future to accommodate 25 hosts.
I was to also finish the basic security settings and interface configurations on R1 as well. Then, will
configure the SVI interface and basic security settings on switches S1, S2, and S3 respectively.
The steps I followed to configure the above-mentioned task

R1 Configuration
 enable
 config t
 service password-encryption
 security passwords min-length 10
 hostname R1
 login block-for 180 attempts 4 within 120
 enable secret 5 $1$mERr$Amm/da5NtiazLuZDbgqZ60
 ipv6 unicast-routing
 username Admin1 secret 5 $1$mERr$Ty/EkWXcSXEwIckISrps8/
 no ip domain-lookup
 ip domain-name CCNA-lab.com
 interface GigabitEthernet0/0
 ip address 192.168.0.1 255.255.255.128
 duplex auto
 speed auto
 ipv6 address FE80::1 link-local
 ipv6 address 2001:DB8:ACAD::1/64
 no shutdown
 ip address 192.168.0.129 255.255.255.192
 duplex auto
 speed auto
Page | 49
 ipv6 address 2001:DB8:ACAD:1::1/64
 no shutdown
 ip address 192.168.0.193 255.255.255.224
 duplex auto
 speed auto
 ipv6 address 2001:DB8:ACAD:2::1/64
 no shutdown
 interface Serial0/0/1
 ip address 172.16.1.2 255.255.255.252
 ipv6 address 2001:DB8:2::1/64
 no shutdown
 banner motd #Router R1#
 line con 0
 exec-timeout 5 0
 password 7 0802455D0A1606181C1B0D517F
 login
 line vty 0 4
 login local
 transport input ssh
 exit
 crypto key generate rsa general-keys modulus 1024
 end
...................................................
S1 Configuration
 enable
 conf t
 hostname S1
 interface Vlan1
 ip address 192.168.0.2 255.255.255.128
 no shutdown
 ip default-gateway 192.168.0.1
 line con 0
 password 7 0802455D0A1606181C1B0D517F
 login
 line vty 0 4
 login
 line vty 5 15
 login
 end
.............................................
Page | 50
S2 Configuration
 enable
 conf t
 hostname S2
 interface Vlan1
 ip address 192.168.0.130 255.255.255.192
 no shutdown
 line con 0
 password 7 0802455D0A1606181C1B0D517F
 login
 line vty 0 4
 login
 line vty 5 15
 login
 end
.............................................
S3 Configuration
 enable
 conf t
 hostname S3
 interface Vlan1
 ip address 192.168.0.194 255.255.255.224
 no shut
 line con 0
 password 7 0802455D0A1606181C1B0D517F
 login
 line vty 0 4
 login
 line vty 5 15
 login
 end
.....................................
PC Configurations
IT PC
 IP Address: 192.168.0.195
 Subnet Mask: 255.255.255.224
 Default Gateway: 192.168.0.193
Page | 51
 IPv6 Address: 2001:db8:acad:2::2/64
 IPv6 Gateway: fe80::1
 Link Local Address: fe80::2
Sales PC
 IP Address: 192.168.0.131
 Subnet Mask: 255.255.255.192
 IPv6 Address: 2001:db8:acad:1::2/64

Staff PC
 IP Address: 192.168.0.3
 Subnet Mask: 255.255.255.128
 IPv6 Address: 2001:db8:acad::2/64

Page | 52
CHAPTER FOUR
THE OVERALL INTERNSHIP EXPERIENCE
4.1. How good I have been in performing my tasks

During my internship program I work my tasks in hobby, as well as my supervisor is such a truthful
man when I ask a question he answered courteously. All in all, I did my task effectively and
efficiently, and I was punctual when I performed my tasks.
4.2. Challenges I have faced while performing my tasks

I can truly say that during my internship with KWAPS Networks that I was challenged, and
through all those challenges I grew as a person as well as a student. Not only was the work that I
was doing beneficial to gain knowledge, but it also made me have to work hard to get the right
knowledge. I learned how to configured distribution layer and access layer switch and also how to
multi-task and manage my time.
4.3. The Overall Benefits I gained From the Internship

During my internship at KWAPS Networks Academy I had gain so many benefits from the
internship. During these two months of my internship program, I was able to bridge the gap
between student life and professional life. This internship program provided me a platform to
introduce myself in professional field. I greatly benefited from working with the dedicated
professionals in the academy. The academy has provided a conductive working atmosphere among
the staffs. This has opened doors for me to understand what is waiting for me when I finish my
graduate studies at this field. This internship experience has made me respect the academy advisor
stream more and more throughout these two months. I am very glad to get opportunity to be a part
of this internship program. Having a dedicated advisor and mentors made the outcome of this
experience very fruitful. I had the opportunity to ask question. In short, this internship works more
interesting rather than being tedious and routines. In overall within these two months, I had the
opportunity to improve my theoretical knowledge, my interpersonal communication skills, team
playing skills, leadership skills and etc. In the next pages I will try to describe what I have learnt
in the different aspects that I have mentioned before.
Page | 53
Introduction
Internship is the beginning of the road that will take me to the point I want to be at after my
graduation. Internship is a practice I need to perform, because it prepares me for the business life
that I aim at.
4.3.1 Practical Skill

The Internship will have the opportunity to connect classroom theory with current industry
challenges, and have exposure to the latest technologies. Opportunities to converse and interact
with a large pool of talented experienced department members will provide a deeper insight to the
overall operation, as well as provide a valuable pool of resources to assist in completion of
internship program. This internship program was exactly what I needed to nurture the lack of
practical skills I had. I can acquire practical experience to complement the theoretical content of
my studies, some of these:
 Network design, expansion and configuration
 I can understand how window server configuration and administration
 Cisco switch configuration
 VMWAR (Virtual Machine Software) configuration
 Basic fiber splicing etc.
4.3.2 Theoretical Knowledge

During my internship period, the theoretical knowledge I gain was, what a network and networking
is, components of network, what a local area network is, what an internet is, how data are
transmitted through the internet and through the network, about a networking medium, what an IP
address is and class of IP address, sub netting, the flow, as well as what looks like campus
enterprise network which the three Cisco hierarchy layers, the configuration of distribution and
access switch and Microsoft window server DNS, DHCP, FTP and Active directory domain
service.
Page | 54
4.3.3 Interpersonal Communication Skills
During my internship period the Interpersonal skills, which are the life skills I use every day to
communicate and interact with other people, individually and in groups are good for me. Not only
how I communicate with others, but also, I got confidence and my ability to listen and understand.
Problem solving, decision making and personal stress management are also considered
interpersonal skills. Through this internship, I found that I matured and I gained many new
perspectives, such as problem-solving skill, diversity, effective communication, teamwork and
service recovery, attention to detail, time management, personal empowerment, self-confidence,
responsibility and cultural sensitivity. My supervisor was so kind to answer with patience and
teach me much that made this internship so enjoyable. I had gotten a wonderful internship that
spent such a happy moment with all of them. Though, still have so much to learn, I think this
challenge was what should include in my career. This helped much on my future planning
4.3.4 Leadership Skills

Leadership skills are the tool, behaviors, and capabilities that a person needs in order to be
successful at motivating and directing others. Yet true leadership skills involve something more;
the ability to help people grow in their own abilities. It can be said that the most successful leaders
are those that drive other to active their own success. I gained leadership skills from my supervisor
during the internship period which includes managing time, motivating individuals, giving
feedback and building teams.
4.3.5 Work Ethics Related Issue

My supervisor was always advising me that I should be an ethical and responsible professional for
the future. He has been showing how to develop this good behavior during my stay at the academy
with him. And also, he told me lots of practical cases that related to work ethic that he could see
when he was working in different company. On my stay there, I was very punctual, daily attendant
of the work and responsible to my profession. During this program I had developed my work
ethics.
Page | 55
4.3.6 Entrepreneurship Skills
Entrepreneurship is the ability to create and build something from practically nothing. It is
initiating, doing, achieving and building an enterprise or organization, rather than just watching,
analyzing or describing one. It is the knack of sensing an opportunity where others see chaos,
contradiction and confusion. It is the ability to build a founding team to complement your own
skills and talents. It is the know-how to find, marshal and control resources and to make sure you
don’t run out of money when you need it most.
Finally, it is the willingness to take calculated risks, both personal and financial, and then to do
everything possible to get the odds in your favor.
An entrepreneurship education program consists of wide-ranging subjects, and in every
entrepreneurship education program, learning something at outside classroom like internship in a
company plays an important role, as well as normal lectures in classroom. Of course, in this
respect, the good relationship between educational institutions and business society is very
important for the purpose of implementing an internship program as a part of curriculum. Interns
gain firsthand understanding of entrepreneurship along with enhanced technical, professional, and
communication skills. In this internship I have gained self-confidence, information seeking,
problem seeking and sees and acts on opportunities of business in networking. Though helping me
to clarify my vision and decided whether or not to forge ahead with the idea.
Page | 56
CHAPTER FIVE
CONCLUSION AND RECOMMENDATION
5.1. Conclusion
In this world of today where so the internet has gotten so many users and we are just like pebbles
in an ocean of information. Majority of the users of the internet do not understand how exactly it
works some others don’t care, the few who understands the background working system of internet
either exploits the vulnerability of other users or help to protect others or just don’t care about
others. Therefore, it is necessary to ensure that security is air tight before deploying the network.
Otherwise, the organization’s information is vulnerable and attacks would easy. It is necessary for
the network administrator to understand the best security practice. More so, I learnt new concepts
and new ways of working. During this internship period I acquired practical experience to
complement the theoretical content of my study of local area network (LAN) and network security
of Kwaps Networks. To conclude, I think that this internship was very beneficial to me as I learnt
a lot, and it made me discover works in a real world.
5.2. Recommendations
The following are the intern’s recommendation for improvement of field attachment, Academy
(KWAPS), and the University
5.2.1 Recommendation for future interns

 Student should always ensure good supervisory relationship as this is very important
to the successful completion of your degree, diploma or any other academic award.
 They get into the habit of documenting whatever task you do on daily basis. This is
because records made are not only important and useful when writing your report, but
also very important as a reference in future when faced with similar tasks
5.2.2 Recommendation for the Academy (KWAPS)

 I recommend that the academy should improve on the infrastructure because its current
office is too small which leads to congestion during working hours.
 The academy should also buy enough computers so that it can cater for future internee’s
who do not have their computers.
Page | 57
 The company should also buy other networking equipment’s especially a tester, Rooters,
and more switches so that the future internees can gain much in the networking field.
5.2.3 Recommendation for the University
 The university should carefully evaluate each proposed internship Centers prior to
approving it as an internship station for its students. This because the workplace
supervisors obviously play a major role in the internship course and experience to students.
 The University should be holding pre-internship sessions with students at which the course
is discussed and packets containing the various internship documents are distributed in
order for the students to understand what internship is, before them going for internship.
 The University should make at least one on-site visit prior to internship. A site visits to the
internship location by the instructor or a designated representative has important benefits
to all involved and should be a requirement of the internship program
Page | 58
Appendix
Basic Set-Up of Cisco Switch that I can perform
From this trainee, I learn how to configure and deploy Cisco switch step by step using the cisco
packet tracer:
1. Connect your switch to computer using roll over cable or using console (serial to utp connector)
2. Right click my computer, go to Device manager and check the Port (COM & LPT)
3. Remember the com port number and use it for the putty later
Do the following:
1. Security (priv mode, con, vty)
2. Banner
3. Hostname
4. Vlan IP
5. Default Gateway
6. Interface Setup
Delete the current config to create new

switch#write erase
switch# reload
switch>enable
switch# conf t (this will go to global configuration)
switch(config)#enable secret cisco
console configuration
switch(config)#line console 0
switch(config- line)#password cisco
switch(config- line)#login
switch(config- line)#logging synchronous
switch(config- line)#exec-timeout 30 0
switch(config- line)#^Z
vty configuration
switch#conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# line vty 0 4
switch(config- line)# password cisco
switch(config- line)# logging synchronous
switch(config- line)# exec-timeout 30 0
switch(config- line)# exit
switch(config)#^Z
switch# show running-config
Building configuration...
Page | 59
Current configuration: 1115 bytes
!
version 12.1
no service timestamps log datetimemsec
no service timestamps debug datetimemsec
no service password-encryption
!
hostname Switch
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4wqbXKX7m0
!
!
!
interface FastEthernet0/1
!
!
!
interface Vlan1
noip address
shutdown
!
!
line con 0
password cisco
logging synchronous
login
exec-timeout 30 0
!
linevty 0 4
exec-timeout 30 0
password cisco
logging synchronous
login
linevty 5 15
login
switch#conf t
switch(config)#service password-encryption
Switch(config)#^Z
Switch#
Switch#show running-config
interface Vlan1
noip address
Page | 60
shutdown
!
!
line con 0
password 7 0822455D0A16
logging synchronous
login
exec-timeout 30 0
!
linevty 0 4
exec-timeout 30 0
password 7 0822455D0A16
logging synchronous
login
linevty 5 15
login
!
!
end
switch#copy running-config startup-config
Putting a banner
switch#conf t
Switch(config)# banner motd [
Enter TEXT message. End with the character '['.
**********************************
Computer Studies Department!!!!
**********************************[
Configuring hostname
switch#hostname sw1
sw1(config)# ^Z
Assigning VLAN IP
sw1#show ip interface brief
Vlanl unassigned YES manual administratively down
sw1# conf t
sw1(config)#interface vlan 1
sw1(config- if)#ip address 192.168.1.1 255.255.255.0
sw1(config- if)#no shutdown
sw1(config- if)#^Z
Vlan1 192.168.1.1 YES manual up down
Configure Gateway to the switch
sw1#conf t
sw1(config)#ip default-gateway 192.168.1.254
sw1(config- if)# ^Z
sw1#conf t
sw1(config)#intfastEthernet 0/5
Page | 61
sw1# copy running-config startup-config
VLANs and Trunking
Types of VLANs:
Default VLAN,
By the default all port of the switch are all part of the VLAN 1
1002 fddi-default - this is VLAN used for FDDI
1003 token-ring-default - this is VLAN used for token ring
1004 fddinet-default - this is VLAN used for FDDIinet
1005 trnet-default - this is VLAN used for token ring inet
Note : to see this execute the command show vlan in the cli
Create different vlan
sw1# conf t
sw1(config)#vlan 50
sw1(config-vlan)# name student
sw1(config-vlan)# vlan100
sw1(config-vlan)# name teacher
sw1(config-vlan)# vlan 150
sw1(config-vlan)# name staff
sw1(config-vlan)# vlan500
sw1(config-vlan)# name admin
sw1(config-vlan)# exit
sw1(config)# ^Z
sw1#show run
sw1# show vlan
sw1# conf t
sw1(config)#interface fastEthernet 0/1
sw1(config- if)#switchport mode access
sw1(config- if)#switchport access vlan 50
sw1(config- if)#^Z
sw1# show vlan
sw1# conf t// configure the switch to be a vlan 500
sw1(config)#interfacevlan 500
sw1(config- if)#ip address 192.168.1.5 255.255.255.0
sw1(config- if)#^Z
sw1#show run
interface Vlan500//this is what you will see in the bottom part
ip address 192.168.1.5 255.255.255.0
Configure Trunk
sw1# conf t
sw1(config)#interface fastEthernet 0/24
sw1(config- if)#switchport mode trunk
sw1(config- if)#switchport trunk allowed vlan 1-500
sw1(config- if)# end
sw1# show run
sw1# show interface trunk
Native VLAN,
Page | 62
Data VLAN,
Management VLAN
Voice VLAN
Steps to perform Active Directory (AD) configuration

After installing window server, we have to perform Active Directory configuration as
follow:
1. Assign an IP to the server that you are going to deploy the AD
2. Install the active Directory roles. Use sever manager option roles before you run dcpomo,
i.e, click on start menu, then select the server manager, then select the roles from the right
hand panel and click on “add role” option, select “Active Domain Directory Domain
Services”, then click Next, Next, Next: it will take few minutes to complete and when it’s
done you will get this con figuration and the click on close.
3. Open server manager then click on “Active directory service” and then click on the link
, i.e., ……. (dcpromo.exe), then Next, next then select the option “Create a New Domain in
a New Forest”, then click Next; provide the name for your domain controller on the given
space of FQDN of the forest root domain then Next, Activate DNS server then Next,
click “yes”
4. Specify the folder that will contain the active directory domain controller data base, log
files, and SYSVOL, then click on Next after you changes.
5. Fill the directory service restore mode password (it is important from back up in server
crash), click Next after you fill it, Next
6. Then it will start the installation of AD, it will take some time to complete. After
complete of the installation perform a server reboot, then you can login to the domain.
How to create new user account in active directory

1. Open server manager
2. Open up the “roles” then “Active Directory Users and computers” then finally “Active
Directory Users and Computers”
3. Click on users then right click on the blank section “New” then users
4. Create user accounts, when you fill click Next then fill appropriate password and activate
“user must change password at next logon” then Next, finish
5. Repeat step 3&4 as much as the number of users
How to create a user template in AD

1. Perform steps in “How to create new user account in active directory” step one-to-three
2. Type user name and click Next
3. Create the template’s password and do not forget to check the box next to the “Account is
disenabled” option, when ready click Next
4. Once the account is created, you can go ahead and add the properties you need for that
template. To do so, double click on that account and navigate to a specific tab, once you
do click OK.
Page | 63

Koforidua Technical University (Ktu) : Waps Networks Training Academy 4 5 November 2022

Uploaded by

Copyright:

Available Formats

Koforidua Technical University (Ktu) : Waps Networks Training Academy 4 5 November 2022

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Koforidua Technical University (Ktu) : Waps Networks Training Academy 4 5 November 2022

Uploaded by

Copyright:

Available Formats

KOFORIDUA TECHNICAL UNIVERSITY(KTU)

DEPARTMENT OF COMPUTER SCIENCE AN

Index Number: 04/2020/1733D

AN INTERNSHIP REPORT SUBMITTED TO THE FACULTY OF APPLIED SCIENCE

SUPERVISOR: MR GABRIEL GODZI

1.0 Brief Historical Background………………………………………………………………………..1

DESCRIPTION OF INTERNSHIP TRAINING

THE OVERALL INTERNSHIP EXPERIENCE

CONCLUSION AND RECOMMENDATION

OBJECTIVES OF THE INDUSTRIAL ATTACHMENT

• QOS Quality of Service

• VTP Virtual Trucking Protocol

• VMWare Virtual Machine Software

• AD DS Active Directory Domain Service

• VLAN Virtual Local Area Network

• POE Power over Ethernet

• NAT Network Address Translation

• RJ-45 Registered Jack-45

• IP Address Internet Protocol Address

• DHCP Dynamic Host configuration protocol

• KTU Koforidua Technical University

• HND Higher National Diploma

1.1 KWAPS NETWORK ACADEMY BACKGROUND

1.2 CORPORATE VISION, MISSION, OBJECTIVES, PEOPLE OBJECTIVE AND

resourceful in their chosen career”

attaining defined objectives."

• We shall uphold the dignity of the individual.

1.3 KWAPS CISCO TRAINING COURSES

1.4 MAJOR ACTIVITIES / CONCERNS OF KWAPS NETWORKS TRAINING

A computer network is a connection of two or more computers through a cable or wireless

Thus, it is a necessity for every organization or company. It makes effective communication

1.5 MAIN CUSTOMERS OF KWAPS NETWORKS ACADEMY

2.1 What Networking Is

Networking are Connection-oriented" and "Connectionless" communications.

2.2 Duties Performed at Internships

Duties I can perform while I was at internship in KWAPS include:

2.3. What is a Computer Network?

2.3.1. Network Devices

2.4. Network Infrastructure Analysis and Design

Standard B color arrangements standard A color arrangements

Pin # Color Pin # Color

1 White with orange stripe 1 White with green stripe

3 White with green stripe 3 White with orange stripe

5 White with blue stripe 5 White with blue stripe

7 White with brown stripe 7 White with brown stripe

2. Untwisted the wires

A Networked computer carries an array of benefits including:

2.4.1. Basic equipment that have been used are includes

stripper used for removing the insulation of cables

RJ-45 connectors used as connector (for switches and nodes)

UTP punch panel (front side) used as switches and bridge.

Back side of UTP punch panel

Cutter for cutting exceptional wire

Saw: used for cutting of trunk

 Intra-building network installation: among buildings the network installation is healed by

2.5 Network Topology

2.5 Fiber Optic Cable and Fiber Splicing

2.5.1. Types of fiber optic cables

Characteristics of SMF and MMF