Running head: WAN NETWORK DEPLOYMENT PLAN

WAN NETWORK DEPLOYMENT PLAN

Hal Hagood
U03a1

WAN NETWORK DEPLOYMENT PLAN

The first step in designing of the network for EverGreen will be to understand the various
locations and a Wide Area Network overview of these locations. EverGreen Financial is a smaller
company in New York with approximately 20-30 employees specializing in financial products and services
and needs a basic Cisco network built for the local office and two satellite offices in Atlanta and San
Francisco each with approximately 10 employees respectively. EverGreen has purchased Cisco devices
such as Cisco 2960 switches, a 2811 router, and a wireless LAN controller. These need to be set up,
along with a TFTP server.
The companys internet connectivity has been lacking with email transaction delays and
download problems with various media on the internet. The proposed WAN has identified potential leased
line between locations. Between the offices in Atlanta and San Francisco and the HQ office it is
recommended for that a fractional Frame Relay be used.
The bandwidth required between these sites is dependent on the amount of traffic, users, and
potential applications being used simultaneously between sites. The recommended Frame Relay
connection would be no less than 768Kbps or point to point T1 connections. A list of approximate users is
also required to properly identify the bandwidth requirements.
There are three locations for this small business that need to be interconnected. Within these
three locations there may be multiple groups. These may need to be separated with Virtual LAN's on
switches to ensure logical separation of groups in different areas. A sufficient firewall device must also be
considered for the main site and a redundancy solution for each other site. This is assuming that each
has its own internet connectivity.
The proposed routing devices for the various locations would be a 2811 series router with an
internal T1 Wan Interface Card. This would be for connected directly to the home office. The 2811 router
can be used as a dynamic firewall if the redundancy option is considered. Sites should have at least a
single VLAN capable switch that can run 1Gbps link speeds, if needed. The proposed switches are the
2960 series Cisco equipment that allows the use of VLAN's to separate different groups for added
security. The reasoning behind this is that VLAN's can be isolated into different groups. In this way only
authorized personnel are able to access certain resources on the network.

WAN NETWORK DEPLOYMENT PLAN

For the home office location, switches can be the same as the other locations using the Cisco
2960. The router at the home office building has the ability to support VPN connectivity, firewalling, and
multiple T1 connections. The suggested router would be the 3845 series Cisco router. Consequently
since all sites are running Cisco routers then the proposed routing protocol would be the same. Cisco's
proprietary protocol EIGRP would be used.
If by chance there are any legacy networks or different vendors in the future the proposed routing
protocol would be Open Shortest Path First (OSPF) rather than EIGRP (Cisco).Additionally Cisco devices
can be utilized from data only networks to voice and data combined networks if need be. It is
recommended that a single standard vender be used for all three sites to reduce overhead and cost of the
WAN.
Regarding the various protocols a routable protocol is a network protocol which can carry data
from one network and can pass through the router to reach another network and be delivered to a
computer in that remote network. Examples of routable protocols: Internet Protocol (IP -IPv4 and IPv6),
IPX, AppleTalk, VINES Internetwork Protocol (VIP), DECnet
A non-routable protocols data cannot be passed through a router to reach a remote network. This
is mainly because of the lack of capability of protocol (almost all non-routable protocols are designed long
back which will not fit well in current networks) and the addressing scheme the non-routable protocol is
using. Non-routing protocols reachability limit is its own network and they are designed in such a way to
think that all computers they communicate are on the same network as the source computer (omnisecu,
2014).
In the area of wide area networking there are two basic environments or domains; the public
domain and the private domain. Reflection for the use public or private must be evaluated at all levels of
networking. Most would consider the local connection between a private facility, the customer site, and
the carrier, to be private however even this private line is carried in a public domain to some extent. That
means that security at all levels must be considered.

WAN NETWORK DEPLOYMENT PLAN

Using public carrier network infrastructure can be more cost effective than using privately owned
infrastructure, but this is all dependent upon the customers relationship with the carrier and what they
already have negotiated and may currently be using. In general, public carrier networks allow many
subscribers to share the costs of installing, managing, and maintaining the carrier infrastructure so that
often times they are lower in cost to each customer using that infrastructure.
Often times the two domains, public and private, are combined to gain the best of both. For
example, a customer may want to consider some redundancy between sites. This redundancy could take
the form of a primary private network that is backed up by the public Internet. The configuration could be
such that the private network is the primary route and the public Internet is secondary.
In the most general sense, a Wide Area Network (WAN) is a geographically dispersed
telecommunications network. For the purposes of this paper a WAN is generally defined as a network
created to connect two or more Local Area Networks (LANs). WAN discussion could also include the
interconnection between carriers (HP, 2014).
There are several differences between LAN and Wan but in general WAN differs from a LAN in
areas regarding reoccurring costs, performance and span. Since there is often a recurring cost to building
a WAN. A LAN is typically installed and the customer owns the wire and underlying switches. In a WAN
you work with a vendor and pay them rent; the customer leases the lines and services required to get
from point A to point B.
DHCP strategy is an essential part of an organizations network and once implemented can go
unnoticed, functioning behind the scenes day after day, month after month. There are several things to be
considered when designing a DHCP infrastructure. What type of users and workstations will be used and
what about mobile users and network devices? Large scale implementations requires a look at the
network topology because it dictates where DCHP servers and relays must be placed. Also fault tolerance
must be considered because DHCP is a critical service. Once DHCP is implemented, it quickly becomes
a service that the entire network is dependent on. As such there are steps can be taken to ensure that
DHCP will be available at all times.

WAN NETWORK DEPLOYMENT PLAN

EverGreens strategy is to use DHCP in two ways, first by taking advantage of lower
administrative costs and second by using standardized IP configurations throughout the entire enterprise.
Smaller and larger organizations both benefit from standardized IP configurations. Using standardized
configurations minimizes connectivity problems relating to incorrect IP addresses, subnet masks, and
default gateways. It also diminishes name resolution errors resulting from incorrect DNS and WINS
addresses.
Small, medium and even large sized companies can benefit from DHCP because of the lower
administrative burden. Most small companies cannot afford a full time network administrator who knows
the ins and outs of IP addressing. Typically they delegate network administration to the one person in the
office who is the most computer-savvy, whether or not he or she has technical training or experience with
networking. By utilizing DHCP, the day-to-day administration of IP addressing and associated
configuration details is handled automatically without any intervention from office personnel (Oreilly,
2001).
DHCP can also benefit organizations with a mobile workforce. With valid IP addresses in short
supply, assigning static addresses to users with laptops would be both inefficient and foolish. The very
nature of mobile users dictates that they will be connecting to the corporate network intermittently. Thus
they do not require the constant exclusive use of an IP address. By using DHCP, an administrator can
configure the DHCP server to reclaim these IP addresses after a short period of time. For example, for a
company with 500 mobile users and 200 valid IP addresses to allocate, the administrator can set up the
DHCP server to allocate these 200 IP addresses to mobile users. The administrator configures the lease
time for the mobile users scope to a short duration, say one day. When a mobile user connects to the
network, the DHCP client on the user's laptop negotiates an IP address lease from the DHCP server. The
mobile user then proceeds to access network resources, such as email and file services. When the user
is finished, he disconnects from the network. The DHCP server then reclaims the IP address once the
one-day lease period expires (Oreilly, 2001).
Another option for a mobile workforce is to utilize a DHCP User Class, a feature found in the
Windows 2000 DHCP server. It allows one to assign additional configuration data to a particular set of

WAN NETWORK DEPLOYMENT PLAN

users. Instead of configuring a separate scope for the 200 IP addresses, the administrator could create a
DHCP User Class for the mobile users. The user class would specify a lease period that is shorter in
duration than the rest of the scope. The administrator would then configure each laptop's DHCP client to
specify that the laptop is a member of this user class.
Appropriate DHCP addressing and routing architecture that includes IP addressing strategies for
both servers and personal computers is of key importance. Once the IP addressing plan, network
topology, and DHCP client needs have been defined, it is time to start defining the various scopes.
Address Ranges:
When defining a scope, the most important information to define is the address range of the
scope. The address range will be used by the DHCP server to determine which IP address to assign to a
DHCP client. The address range is defined by the subnet the scope will be servicing. For example, if the
subnet is 10.64.0.0/11, the valid range of IP addresses for this scope is 10.64.0.1 through 10.95.255.254.
For any statically configured network devices on that subnet, exemptions have to be created. An
exemption designates an IP address not to be assigned to a DHCP client. If a static IP address was not
exempted, the DHCP server may assign the IP address to a DHCP client. As a result, an IP address
conflict could occur and cause connectivity problems for the two computers involved (Oreilly, 2001).
If the IP addressing plan calls for using dynamic address allocation for this subnet, simply assign
the address range to the scope. If the IP addressing plan calls for using manual address allocation,
reservations need to be created for each network device.
Fault Tolerance:
With DCHP being such a critical service it is important to make it fault tolerant. By default
DHCP does not have a built-in method of fault tolerance. There are however ways to create fault tolerant
configuration. It is the process of creating two scopes, one on each DHCP server. By splitting scopes, one
for each DHCP server fault tolerance can be created. The two scopes both service the same subnet, but
the range of addresses is divided. If one DHCP server becomes unavailable, the remaining DHCP server

WAN NETWORK DEPLOYMENT PLAN

continues to service DHCP client requests using its portion of the address range. So where is the address
range split? That is determined by the needs of the network implementation.
Another method, the 50/50 configuration provides both fault tolerance and load balancing for
DHCP servers. In this method, 50% of the available address range is given to one scope, and the
remaining 50% is given to the other scope. Typically this method is used when both DHCP servers are
centrally located on the same subnet. When a DHCP client requests an IP address, the request is
received by both servers and both respond with an offer. The client then accepts one of the offers (i.e., the
first offer received). The selected DHCP server allocates the address and sends the acknowledgement to
the client. The 50/50 method of splitting scopes can only be implemented where the number of available
IP addresses is plentiful. This allows each scope to fully service the number of DHCP clients requesting
addresses in the event that one of the DHCP servers fails (Oreilly, 2001).
Finally the 80/20 method of splitting scopes provides fault tolerance in a submitted environment.
In the 80/20 method, two DHCP servers are configured. One DHCP server resides on the subnet the
scope is servicing. The other DHCP server is on another remote subnet. 80% of the available address
range is allocated to the local DHCP server. The remaining 20% is allocated to the remote DHCP server.
The router connecting the subnets is configured with a DHCP relay agent that will forward DHCP requests
to the remote DHCP server. When a DHCP client on the local subnet sends out a DHCP request, the local
DHCP server responds first with an offer.
The remote DHCP server's request arrives later since it needs to traverse the WAN. The DHCP
client then accepts the offer from the local DHCP server. In the event that the local DHCP server fails, the
client eventually receives a response from the remote DHCP server (Oreilly, 2001). The downside of the
80/20 method is that the remote DHCP server, with only 20% of the available address space, will not be
able to handle all DHCP requests from the subnet.
EverGreens strategy for leasing addresses is one of Dynamic IP Addressing with Automatic
allocation. Dynamic allocation uses DHCP as the mechanism to allocate IP addresses. The administrator
assigns a range of addresses to the DHCP server. The DHCP server, in turn, assigns an IP address in the
range to DHCP clients upon request. This range is known as a scope. For example, if an administrator

WAN NETWORK DEPLOYMENT PLAN

has workstations on a network and wants to assign these workstations addresses in the 192.168.1.0/24
subnet, he creates a DHCP scope that consists of the IP addresses 192.168.1.1 through 192.168.1.254.
When a DHCP client requests an address from the DHCP server, the server assigns one of these
addresses.
The use of dynamic address allocation in DHCP means a whole new way of thinking about
addresses. A client no longer owns an address, but rather leases it. This means that when a client
machine is set to use DHCP dynamic addressing, it can never assume that it has an address on a
permanent basis. Each time it powers up, it must engage in communications with a DHCP server to begin
or confirm the lease of an address. It also must perform other activities over time to manage this lease
and possibly terminate it.
The administrator, when defining a scope, also specifies the lease duration for any IP address
assignments from the scope. A lease duration is the amount of time that a DHCP client has exclusive use
of an IP address. With DHCP, the client has two opportunities to extend the lease, first when the lease
duration is 50% complete and then again when the lease duration is 87.5% complete. After the lease
duration has expired, the DHCP client must request a new lease from a DHCP server.
The administrator, if needed, can also exempt certain addresses from the scope. These
addresses may be network devices or hosts whose IP addresses should not change, for example,
network printers, routers, and servers. The administrator can set aside a portion of the scope, say
192.168.1.1 through 192.168.1.25, for these devices. Now when a DHCP client requests an IP address,
the DHCP server assigns an address between 192.168.1.26 through 192.168.1.254. Another option for
network devices such as these would be to configure a DHCP reservation, where the DHCP server
allocates the same IP address to the device's MAC address.
Lease durations determine when the DHCP server can reclaim the allocated IP address. Usually
the default time period, 8 days, is more than sufficient for most scopes. Setting the lease duration too long
will cause IP addresses to be shown as allocated, thus unable to be reclaimed. Setting the lease duration
too short may cause excessive DHCP traffic on the network as DHCP clients attempt to renew their
address leases. There are some lease considerations, including the clients usage patterns, networks

WAN NETWORK DEPLOYMENT PLAN

goals, availability of servers and network (IP) addresses. Another important consideration is that clients
attempt to renew their leases half-way through the lease duration. The longer the lease, the longer it
takes for client configuration changes to be registered with the DHCP server. Another issue to consider
concerns outages and access to the DHCP server. If a client loses access to its DHCP server before
renewing its lease, it must stop using the network after the lease expires. If a client is turned on and
connected to the network at the time of the outage, however, the lease does not expire.
The longest lease provided by a DHCP server determines the length of time you might have to
wait before configuration changes can be propagated within a network. This length of time could mean
manually restarting every client or waiting the amount of time required for all leases to be renewed before
the changes take effect. If your site policy is to turn off workstation power at the end of the day, clients
could acquire configuration changes at least once per day (novell, 2014).
The DHCP Lease "Life Cycle":
Calling dynamic address assignments leases is a good analogy, because a DHCP IP address
lease is similar to a real world lease in a number of respects. For example, when you rent an apartment,
you sign the lease. Then you use the apartment for a period of time. Typically, assuming you are happy
with the place, you will renew the lease before it expires, so you can keep using it. If by the time you get
near the end of the lease the owner of the apartment has not allowed you to renew it, you will probably
lease a different apartment to ensure you have somewhere to live. And if you decide, say, to move out of
the country, you may terminate the lease and not get another at all.
DHCP leases follow a similar lease life cycle, which generally consists of the following phases:
Allocation: A client begins with no active lease, and hence, no DHCP-assigned address. It
acquires a lease through a process of allocation.
Reallocation: If a client already has an address from an existing lease, then when it reboots or
starts up after being shut down, it will contact the DHCP server that granted it the lease to confirm the
lease and acquire operating parameters. This is sometimes called reallocation; it is similar to the full
allocation process but shorter.

WAN NETWORK DEPLOYMENT PLAN

10

Normal Operation: Once a lease is active, the client functions normally, using its assigned IP
address and other parameters during the main part of the lease. The client is said to be bound to the
lease and the address.
Renewal: After a certain portion of the lease time has expired, the client will attempt to contact the
server that initially granted the lease, to renew the lease so it can keep using its IP address.
Rebinding: If renewal with the original leasing server fails (because, for example, the server has
been taken offline), then the client will try to rebind to any active DHCP server, trying to extend its current
lease with any server that will allow it to do so.
Release: The client may decide at any time that it no longer wishes to use the IP address it was
assigned, and may terminate the lease, releasing the IP address. Like the apartment-renter moving out of
the country, this may be done if a device is moving to a different network, for example. Of course, unlike
DHCP servers, landlords usually don't let you cancel a lease at your leisure, but hey, no analogy is
perfect (tcpipguide, 2014).
Finally addressing Wan troubleshooting techniques when theres any trouble the finger pointing
usually starts. Isolating the root cause of the performance issue is critical, and having the right tools or
managed services in place is essential. Those tools can help determine whether the root cause of the
problem lies in the application; the carrier network infrastructure; on a switch, router, firewall, or other
network device; or human error.
When trying to isolate a trouble ticket, these are some must-have items on the checklist: Is the
server that is hosting the application healthy and performing well? Is the problem isolated to a user or
group at a particular location, or is it affecting all users there? If an affected user sits at an unaffected
user's desktop, does the problem follow him or her? Are users in multiple locations -- or just one location
-- affected? Are other applications affected or just one? If there is a local service to test (file sharing in a
workgroup, etc.), is that fast or slow? Does monitoring software show any WAN or LAN usage spikes that
correspond to trouble times? And always, the Meta question: Has anything changed recently in the
infrastructure between app and user, including user PC (was it re-imaged)?

WAN NETWORK DEPLOYMENT PLAN

11

Also is there a NIC malfunction on a PC in question? Is spyware/malware choking a machine's

performance? This tends to hit one machine but not others, so it can help isolate the cause of a
performance issue. Is malware/zombie machine flooding a local network segment, WAN link, or Internet
connection? A well-configured network will contain the damage as much as possible. Is there a
malfunction in edge switch or intermediate distribution switch? This can cause problems with a group,
floor, or building. Is the bandwidth shaper misconfigured, or is it putting too low a priority on critical traffic?
Is there a legitimate WAN problem? Is there congestion from legitimate use of an application? Is it time
(or past time) to upgrade circuits? Are security measures placing traffic in quarantine when they should
not? Is someone sending unusually large chunks of data when you don't have QoS set properly to deal
with it? Do you need bandwidth-optimization to address latency of real-time traffic?
(searchenterprisewan, 2014).
These tools, along with system, application, and device-specific products and carrier networkmanagement portals, help network managers isolate and resolve problems. That makes it easier to
determine whether a problem stems from the application, the carrier network, a router, or other areas.

WAN NETWORK DEPLOYMENT PLAN

Proposed WAN Network

12

WAN NETWORK DEPLOYMENT PLAN

13
Reference

Hewlett Packard, (2014). Retrieved April 24, 2014 from

http://www.hp.com/rnd/pdfs/WANDesignGuide.pdf
Novell, (2014). Retrieved April 24, 2014 from
http://www.novell.com/documentation/oes/dhcp_enu/
Omnisecu, (2014), Retrieved April 24, 2014 from http://www.omnisecu.com/cisco-certifiednetwork-associate-ccna/difference-between-routable-protocol-and-nonroutable-protocol.php
Oreilly, (2001). Retrieved April 24, 2014 from
http://oreilly.com/catalog/dhcpwin2000/chapter/ch04.html
Searchenterprise, (2014). Retrieved April 24, 2014 from
http://searchenterprisewan.techtarget.com/tip/Troubleshooting-WAN-performance-issues
Tcpipguide, (2014). Retrieved April 24, 2014 from
http://www.tcpipguide.com/free/t_DHCPLeaseLifeCycleOverviewAllocationReallocationRe.htm