AKSUM UNIVERSITY

Aksum Institute of Technology (AIT)

Faculty of Electrical and Computer Engineering

Department of Computer Engineering

Internship hosting company: Aksum university ICT directorate

Internship Project On

ENHANCED LOCAL AREA NETWORK(LAN)DESIGN for

AKSUM UNIVERSITY MAIN CAMPUS

Submitted by

MULUALEM ERMIYAS [AKU1109194]

KIROS AREAYA [AKU1001807]

BETHLEHEM LEUL [AKU1001637]

BRUKTAWIT TESFAMIKAEL [AKU1002590]

Adviser: Mr. ZELEALEM H.

Aksum, Tigray, Ethiopia

January 2024
 DECLARATION
We, 5th year Electrical and Computer Engineering students, have undertaken our
internship experience in AKSUM UNIVERSITY ICT Directorate for a period of
October 15, 2016 to January 29, 2016 E.C under the guidance of Mr. ZELEALEM H.
(Advisor). We certify that our work is original and done according to the internship
report writing guidelines.

Name of the Student Signature Date

MULUALEM ERMIYAS [AKU1109194] ______ ______

KIROS AREAYA [AKU1001807] _______ _______

BETHLEHEM LEUL [AKU1001637] ______ ________

BRUKTAWIT TESFAMIKAEL [AKU1002590] ______ ________

Name of the Advisor Signature Date

Mr. ZELEALEM. H _______ ______

i
 EXECUTIVE SUMMARY
This internship report provides a comprehensive overview of our internship
experience at Aksum University, specifically within the Aksum university ICT
department. The report outlines the background of the university, its mission and
vision, the overall workflow, the main products and services offered, and the
organization structure. It also delves into the aim and objectives of the data center, the
role of Aksum university ICT directorate, and the organization's governance structure
within the ICT department. Additionally, the report discusses our internship
experience, impact, contribution and discusses our project with theoretical
explanation.

ii
 ACKNOWLEDGMENT
We would like to express our sincere gratitude to Mr. ZELEALEM H. and Mr.
AREAYA for their guidance, support, and valuable insights throughout our internship
at Aksum University ICT directorate. Their expertise and mentor ship have been
instrumental in shaping our learning experience. We extend our appreciation to Mr.
ABRHA BELAY and Mr. GEBRETSADKAN as well as the entire team at Aksum
University ICT directorate for their cooperation and assistance during our internship.

iii
 ACRONYMS
AKU - Aksum University
BPDU - bridge protocol data unit
DHCP – dynamic host configuration protocol
ICT - Information and Communication Technology
ID - identification
IEEE - institute of electrical and electronics engineers
IP - internet protocol
LAN - Local Area Network
MAC - media access control
PC - personal computer
RSTP - rapid spanning tree
STP - spanning tree
VLAN - virtual LAN

VTP - VLAN trunking protocol

iv
 Table of Contents
DECLARATION ...................................................................................................................... i
EXECUTIVE SUMMARY ..................................................................................................... ii
ACKNOWLEDGMENT ........................................................................................................ iii
ACRONYMS .......................................................................................................................... iv
Table of figures ...................................................................................................................... vii
CHAPTER ONE ...................................................................................................................... 1
BACKGROUND INFORMATION of AKSUM UNIVERSITY ......................................... 1
1.1 Brief History Of AKU ............................................................................................. 1
1.2 Vision and Mission of Aksum University .............................................................. 1
1.3 Main products and services .................................................................................... 2
1.4 Main Customers of Aksum University .................................................................. 2
1.5 The overall organizational structure and work flow of Aksum University......... 2
1.6 Objective of Aksum university ICT directorate ................................................... 3
1.7 Organization Governance Structure of ICT ......................................................... 3
CHAPTER TWO ..................................................................................................................... 6
THE OVER ALL INTERNSHIP EXPERIENCE ................................................................ 6
2.1 How We Got into the Company ................................................................................... 6
2.2 Procedures and methods ............................................................................................... 6
2.3 How good we have been performing our tasks ........................................................... 7
2.4 Challenges we have been facing while performing our tasks .................................... 8
2.5 Measures taken to overcome challenges ...................................................................... 8
2.6 Network topology of AKU main campus..................................................................... 8
CHAPTER THREE .............................................................................................................. 10
ENHANCED DESIGN OF LOCAL AREANETWORK (LAN) FOR AKSUM
UNIVERSITY MAIN CAMPUS .......................................................................................... 10
3.1 Introduction ................................................................................................................. 10
3.2 Statement of problem .................................................................................................. 10
3.3 Objective of the Project............................................................................................... 11
3.4 Scope and Limitation of the Project .......................................................................... 11
3.5 Significant of the Project............................................................................................. 12
3.6 Literature Review ........................................................................................................ 12
3.7 Methodology................................................................................................................. 12
3.8 Result and discussion .................................................................................................. 20
CHAPTER FOUR ................................................................................................................. 22
OVERALL BENEFITS GAINED........................................................................................ 22
4.1 Improving practical skills ........................................................................................... 22

v
 4.2 Improving interpersonal communication skills ........................................................ 22
4.3 Improving team playing skills .................................................................................... 22
4.4 Improving leadership skills ........................................................................................ 22
4.5 Understanding work ethics related issues ................................................................. 23
4.6 Entrepreneurial skills.................................................................................................. 23
CHAPTER FIVE ................................................................................................................... 24
CONCLUSION AND RECOMMENDATION ................................................................... 24
5.1 Conclusion .................................................................................................................... 24
5.2 Recommendation ......................................................................................................... 24
REFERENCE ........................................................................................................................ 27
Appendix ................................................................................................................................ 28

vi
 Table of figures
Figure 1.1 MAIN Customers of AKU ........................................................................... 2
Figure 2.1AKU network topology ................................................................................. 9
Figure 3.1 Over all execution procedure flowchart ..................................................... 13
Figure 3.2 Current AKU main campus network systems ............................................ 18
Figure 3.3 Enhanced AKU main campus network systems ......................................... 19
Figure 3.4 Communication between the same VLANs ............................................... 21

vii
 CHAPTER ONE
BACKGROUND INFORMATION of AKSUM
UNIVERSITY
1.1 Brief History of AKU
Aksum University is a public higher educational institution located in the city of
Aksum (approximately 1024 kilometers away from the capital city of Addis Ababa,
recognized for its historical significance and heritage sites), Tigray, Ethiopia. Aksum
University is one of the public higher educational institutions of Ethiopia, established
in 1999 E.C.

The university has four campuses: the main campus, Referral campus, Shire campus,
and Adwa campus. It offers a variety of undergraduate and postgraduate programs,
with a focus on providing a global perspective to its approximately 12,000 students in
regular programs and 8,000 students in summer and extension programs. The
university is supported by a staff of 702 academic and 1,271 administrative personnel.
Aksum University is actively involved in national initiatives and emphasizes the use
of information technology to enhance its educational activities. It offers a diverse
range of 49 undergraduate and 24 postgraduate programs, aiming to provide a
comprehensive educational experience for its students.

1.2 Vision and Mission of Aksum University

Mission

The mission of Aksum University is to provide quality education, conduct research,

and offer community services that promote sustainable development and contribute to
the betterment of society. The university envisions becoming a center of excellence in
education, research, and innovation, making significant contributions to local and
global development.

Vision

Aksum University aims to establish itself as the preferred university for students
seeking a high-quality learning and research environment, along with a strong sense
of community. The university takes charge of overseeing and organizing information
resources within the institution, and it assumes a leadership role in the field of ICT to
ensure the efficient utilization of technology for academic and business purposes.
Moreover, Aksum University seeks to elevate its status and reputation, aspiring to
become one of the leading universities. It aims to achieve this through the creation of an
exceptional learning and research environment, fostering entrepreneurship, and establishing
partnerships with national and international institutions.

1.3 Main products and services

Aksum University offers a diverse range of products and services to meet the
educational needs of its students and the community. These include undergraduate
and postgraduate programs, academic research, community outreach programs, and
consultancy services. The university strives to provide high-quality education, foster
research and innovation, and contribute to the socioeconomic development of the
region.

1.4 Main Customers of Aksum University

The main customers of Aksum University are its students, both undergraduate and
postgraduate, who seek quality education and professional development. Additionally,
the university serves the wider community by providing various services, such as
academic research, training programs, and consultancy services.

The customers of Aksum University can be categorized into various groups based on
their involvement in the educational process.

Figure 1.1 MAIN Customers of AKU

1.5 The overall organizational structure and work flow of Aksum University
Aksum University has a well-defined organizational structure that facilitates effective
management and decision-making. The structure comprises various departments,
faculties, administrative units, and support services. The hierarchical arrangement

2
ensures clear lines of authority, efficient communication, and coordination among
different units and personnel. And it also follows a well-defined workflow to ensure
efficient operations and the delivery of quality services. The workflow encompasses
various departments and units, including academic departments, administrative
offices, and support services. To ensures smooth functioning and effective
coordination among different entities within the university, a system that support
processes are established.

The university's top management comprises the president, three vice-presidents,

deans/directors for academic units, and process owners. The main objective of the
management team is to enhance efficiency in key administrative areas such as budget
utilization, procurement, finance, registrar functions, and decision-making processes
in a transparent manner.

The primary process in AKU's ICT inventory management system begins with the
store head and progresses down to the lower-level storekeeper as well.

1.6 Objective of Aksum university ICT directorate

General objective

The objective of Aksum university ICT directorate is to provide reliable IT services,

supporting academic and administrative functions, and ensuring the security and
integrity of information systems.

Specific objective

 To provide excellent customer-centered services.

 To maintain an effective staff development program.
 To promote the integration of ICT in teaching and development.
 To establish dedicated service applications.
 To enhance students' competency, intake capacity, innovation, enhancing
instructional resources and facilities, improving physical infrastructure, and
enhancing staff capacity.
1.7 Organization Governance Structure of ICT
The ICT department at Aksum University follows a well-defined governance structure
to ensure effective management and decision-making related to information and
communication technology. The governance structure outlines the roles and

3
responsibilities of key personnel, establishes policies and procedures, and promotes
accountability and transparency in ICT operations.

Figure1.2 Over All Organizational Structure of AKU ICT

Roles and responsibilities of the ICT Development executive Director

Provide leadership and management to the ICT Development.

Insure that ICT provides, operates and maintains the ICT infrastructure, systems
and solutions to meet the needs of the administrative, educational, and research
programs of the University.
Review and enforce ICT related strategic policies and guidelines.
Keep up with the ever-changing Information and Communication Technology.
ICT Infrastructure and service steam Responsibilities

 Create and manage the physical layer connectivity.

 Create and manage the IP layer connectivity.
 Secure the network from Internal and external threats.
 Log and audit network access and Creating acceptable use policy for the
network and Internet.

4
Roles and responsibilities of business Applications Development and
administration team

 Verify the compatibility, scalability and Integrity the different business

automation application going to be implemented in the University.
 Developing and customizing applications.
Roles and responsibilities of teaching and learning technologies team

 Work with the academic departments for course material preparation and
uploading.
 Plan, implement and manage E-learning and digital library infrastructure.
 Create the technical infrastructure within campuses, inter-campuses and
inter universities for video conferencing and tele-education.
Roles and responsibilities of technical support and maintenance team

 Provide quick services to provide problem identification, support and

resolution functions to its customers.
 Record, monitor problems being reported to ICT, update users on status of
problems.
 Maintain failed office equipment (printer, computer, laptops, network
devices).
 Perform preventive maintenance regularly
 Prepare depreciation, discarding and replacement plan for equipment.
Roles and responsibilities of training and consultancy team

 Arrange training, and Inter-ICT team knowledge exchange.

 Arrange and implement Student Internship programs.
 \ Create a space for campus society creative activities and projects.

5
 CHAPTER TWO
THE OVER ALL INTERNSHIP EXPERIENCE
2.1 How We Got into the Company
We studied electrical and computer engineering for four years before participating in
a three-month internship in Aksum University. We were searching for a company that
can provide us the necessary knowledge we need in respect to our field of study and
help us to integrate the theoretical knowledge we have with practical work. We found
the AKU ICT directorate a convenient place for us so we submitted a request letter,
which then they reviewed and granted us their acceptance.

The primary objective of our internship in Aksum University ICT Data Center was to
gain practical knowledge and contribute some values to the network infrastructure.
Our internship primarily focused on the main data center and ICT development.

2.2 Procedures and methods

We first familiarized ourselves with the employees and overall workings of the ICT
directorate. and with the guidance of the personnel of the data center we were mainly
working on focusing on the network infrastructure of the campus as our interest field.
So, we followed the following procedures and method to help us reach our goal of
gaining practical knowledge on overall workings of a data center and contributing a
value as well.

Network Audit and Analysis:

Procedure: Assess the existing network infrastructure, including network topology

and performance metrics.

Methods: inquire the maintenance team personnel and observe the infrastructure to
collect data.

Network Design Proposal:

Procedure: Develop a network design proposal that outlines recommended changes

and improvements to the network infrastructure.

Methods: Conduct research on industry best practices and standards for network
design. Consider factors such as scalability, reliability, security, and cost-

6
effectiveness. Collaborate with the ICT team to gather requirements and align the
proposed design with the university's needs.

Documentation:

Procedure: Document the processes made during the internship, and prepare a
comprehensive report.

Methods: Maintain documentation of network configurations, device inventories, and

network diagrams. Document the steps followed during the network audit, design
proposal, processes. Including visual representations, such as network diagrams, to
enhance the clarity of the report. Summarize the findings, recommendations, and
lessons learned throughout the internship experience.

Collaboration and Communication:

Procedure: Collaborate with the ICT team, supervisors to ensure effective
communication and coordination.

Methods: Attend regular group members meetings; work with the ICT team when
they are performing tasks like managing the data center and also with cabling and
maintenance. seek guidance and explanation when needed by asking questions.
Communicate findings, recommendations, and implementation plans in a clear and
concise manner.

2.3 How good we have been performing our tasks

Our performance during the internship was worthy, characterized by effective
collaboration and successful outcomes. We successfully delivered a project, received
positive feedback from our advisers, and gained valuable insights for future growth.
Key factors such as collaborative environment, effective planning and organization,
adaptability and resilience played significant role in the success of our team during
our internship.

By reflecting on our performance and the lessons learned, we are better equipped to
face future challenges and contribute positively to success of projects. We will
continue to build on our strengths, address areas for improvement, and strive for
excellence in our profession.

7
2.4 Challenges we have been facing while performing our tasks
Limited Experience: we had lack of experience regarding on working with real-world
network implementations and it made it challenging to understand and apply network design
principles effectively.
Ineffective collaboration, lack of communication, problem solving, time management and
documenting skills.

2.5 Measures taken to overcome challenges

Overcoming challenges during an internship requires a proactive and solution-
oriented approach. Here are some strategies that helped us overcome the challenges.

1. Communication and Collaboration: we became familiar with the ICT

directorate's communication channels and processes. And improve our
communication skills by actively listening, asking questions, seeking feedback, and
sharing progresses of our project with our group members as well.

2. Taking Initiative: We showed willingness to acquire technical skill knowledge on

some areas by using online resources and also taking responsibility on a project.

3. Time Management: we started prioritizing tasks, creating a schedule, and setting

achievable goals. We broke down larger projects into smaller, manageable tasks with
specific deadlines. We utilized time management techniques to stay organized and
meet deadlines.

4. Building Confidence: by recognizing our strengths and accomplishments and

remembering that everyone starts with limited experience, and each task is an
opportunity to learn and grow. So, we took on challenging tasks and project.

5. Seeking Guidance: by asking for advice and clarifications on our subjects from
our mentors.

6. Adaptability and Problem-Solving: by embracing unexpected changes or

challenges as opportunities for growth, we approach problems with a positive
mindset, brainstorming alternative solutions, and collaborate to find the best way
forward.

2.6 Network topology of AKU main campus

AKU main campus utilizes a star topology for its network, consisting of three layers:
the core layer, distribution layer, and access layer. The network structure follows a

8
collapsed hierarchical model. At the top of the network, a firewall is employed for
routing and network security purposes. To minimize costs, an internal router is not
used, as the firewall fulfills both functions.

The firewall is connected to the internet via a fiber link. In the DMZ (Demilitarized
Zone), the mail and web servers are directly connected to the firewall through a public
switch, allowing them to be accessed from the internet creating the separation
between internal network and external network. Conversely, servers in the server
farm, including DNS, File, and Application servers, are grouped together and can only
be accessed from the local area network (LAN). These servers are connected to the
collapsed core switches.

However, it is worth noting that the current network architecture lacks redundancy as
the distribution switches has just one path from the core switch. In the event of
network failures, this setup may not adequately sustain network activities.

Figure 2.1 AKU network topology

9
 CHAPTER THREE

ENHANCED DESIGN OF LOCAL AREANETWORK

(LAN) FOR AKSUM UNIVERSITY MAIN CAMPUS
3.1 Introduction
This chapter focuses on the enhanced design of the local area network (LAN) for
Aksum University Main Campus, with a specific emphasis on transitioning from the
existing star topology to a hybrid of star ring topology. The objective of this enhanced
design is to improve the network infrastructure to meet the demands of the university
and provide enhanced performance, fault tolerance, and scalability.

The design of the campus network at Aksum University was initiated in 2005 E.C by
the ICT center team. The primarily utilized topology is a star topology due to its
convenience of design in current case.

The transition to a hybrid star ring topology offers several advantages over the
existing star topology. The property of the ring topology enhances fault tolerance by
eliminating single points of failure and providing redundancy through multiple paths.
This ensures uninterrupted network connectivity and minimizes the impact of link or
device failures. And the property of the star topology improves scalability, allowing
for seamless expansion and accommodating the university's growing user base and
increasing network traffic.

To facilitate this transition, careful consideration has been given to the redundancy
and resiliency. Measures are incorporated into the design to ensure high availability
and minimize network disruptions. Necessary techniques are also applied to maintain
its performance.

Comprehensive documentation, including network diagrams, configuration files, will

be provided to facilitate future maintenance, troubleshooting, and knowledge transfer.

3.2 Statement of problem

Aksum university network system currently lacks reliable continuous service access.
This is because of the network infrastructure design implemented which is star
topology. The star topology starts from the digital library where the data center is
located and pass through its three distribution blocks (21,50 ,70). In this case if a path

10
to one of the distributors failed the whole connection of the blocks in access layer
which is connected to it fails without having backup network feed. The existing star
topology has limitations in terms redundancy options, lacks resilience in case of
network failures, and network segmentation necessitating the need for improvement.

3.4 Objective of the Project

General Objective of the Project

The main objective of this project is to design LAN topology of Aksum University
main campus by designing a hybrid of star & ring topology and utilize the necessary
techniques for its optimum performance.

Specific Objective of the Project

 To decrease network down time by implementing redundant paths.

 To optimize network performance by utilizing appropriate techniques.

3.5 Scope and Limitation of the Project

Scope of the Project

This project focuses on designing of hybrid topology, which combines elements of

ring and star topology. The project also involves necessary network enhancement
technologies that are suitable for Aksum University's main campus for improved
connectivity access for the university community to engage in various activities. In
today's interconnected world, connectivity plays a crucial role, and this project aims
to ensure uninterrupted internet service to meet the needs of the customers.

Limitation of the project

It is important to acknowledge the limitations encountered to provide comprehensive

understanding of the project scope and its potential areas for further improvement.
The limitations are as follows:

Limited redundancy on access switches: due to budget constraints, it was noy feasible
to implement redundant paths for each access switch within the network
infrastructure. As a result in the event of failure on a specific access switch link, there
may be a temporary loss of connectivity until the issue is resolved.

11
Insufficient security mechanisms: Given the projects time constraints, it was not
possible to implement robust security mechanisms to their full extent. The
deployment of advanced security measures, such as comprehensive access control
was beyond our projects scope.

Future considerations and enhancement could focus on addressing these limitations.

3.6 Significant of the Project

This project enhances the daily experiences of Aksum University's customers by
providing better network access, reducing maintenance expenses, facilitating seamless
data exchange and communication, enabling students to easily engage with
technology and related activities through continuous services. Additionally, this
initiative fosters knowledge acquisition through direct interaction with individuals
involved in networking. Students benefit from uninterrupted internet connectivity in
various campus locations such as the library, computer labs.

3.7 Literature Review

The findings from research studies validate the chosen approaches and consistently
report significant improvements.

The star topology has been the traditional choice for LAN designs, but recent studies
have highlighted its limitation in terms of single point failures. In response, the ring
star topology has emerged as a promising alternative. The ring topology offers
redundancy and fault tolerance by providing multiple links between switches ensuring
uninterrupted connectivity. It’s also scalable, allowing for easy integration of new
switches as the network grows.

Virtual local area networks (VLANs) have gained attention in LAN design for their
ability to enhance network segmentation reducing broadcast traffic, optimizing
bandwidth utilization security, simplifying network management and efficiency (1).

3.8 Methodology
Data Gathering Methodology

Observation: We observed the actual working environment, conditions of network

system, and then we identified the problems and came up with recommend solutions.

12
Online research: we reviewed some related helpful information and technologies on
the internet.
Interview: we collected the required information from the team members of the ICT
center who work on the infrastructure of the network closely through questioning.
Design procedure and approach

We used systematic approach to design the enhanced LAN infrastructure.

1. Requirement Gathering: Engage with network administrators to understand their

network requirements.

2. Network Assessment: to gain valuable insights into network traffic patterns.

3. Technology Research: to identify the appropriate networking technologies and

protocols that aligns with the design goals.

4. Design Development: using simulation tool.

Figure 3.1 over all execution procedure flowchart

13
Technology used

1. Switching Technology: Cisco catalyst switches are employed to form the access,
distribution, and core layers of the network infrastructure. These switches support
comprehensive features, such as VLANs to enhance performance and manage
network traffic effectively.

2. VLAN trunking protocol (VTP): VTP was employed to simplify VLAN

configuration and management by transmitting VLAN information across the
network. This protocol ensured consistent VLAN configurations on all switches
within the network.

3. Network security: access control mechanism was implemented to protect the LAN
from unauthorized access and network attack by segmented the network into VLANS.

Requirements, Design Analysis and principles

We followed a systematic methodology, leveraging appropriate technologies, and

considering the specific performance requirements, scalability Requirements, fault
tolerance and redundancy, network security analysis, cost analysis and design analysis
to ensure the successful implementation of the enhanced LAN design for Aksum
University Main Campus.

Requirement of Equipment

Hardware requirement

 Pc
 Flash drive
Software Requirement

 Cisco Packet tracer 8.2.1

 Window 10
 Microsoft Office
 Wonder share Edrawmax

Network Overview

Loops A loop is a situation where a packet or a frame is continuously circulating among

network devices without reaching its intended destination or being discarded. Loops can

14
occur when there are redundant or multiple paths between switches or routers in a network.
And if not properly managed, these redundant paths can create loops.

One of the consequences of loops is broadcast storms. When a device broadcasts a frame,
such as an Address Resolution Protocol (ARP) request, in a looped network, the frame
circulates indefinitely being continuously forwarded by switches onto all available paths
resulting in a broadcast storm. This can lead to network congestion, decreased overall
network performance.

Switches use MAC address tables to determine the destination port for forwarding frames. In
a looped network, a switch receives a frame with a destination MAC address that it has
already learned on multiple ports. As the frame circulates through the loop, the switch keeps
updating its MAC table with conflicting information, which leads to instability and incorrect
forwarding decisions (2) (1)

To prevent loops and mitigate their impact, network protocols like Spanning Tree Protocol
(STP) and its variants (RSTP, MSTP) are used. These protocols detect and block redundant
paths, allowing only one active path while blocking others to prevent loops. By eliminating
loops, STP ensures stable and reliable network operation.

Spanning Tree Protocol (STP): STP includes the following operations.

Root Bridge Selection: Each switch in the network participates in the STP process
and exchanges Bridge Protocol Data Units (BPDU) messages to determine the root
bridge.

The root bridge is the reference point for path calculations in the spanning tree.
Switches compare the Bridge IDs (a combination of bridge priority and MAC
address) in the BPDU messages to elect the root bridge. Thus; the switch with the
lowest Bridge ID becomes the root bridge (3).

Spanning Tree Calculation:

After the root bridge is elected, each switch determines its root port, which is the port
with the best path to reach the root bridge.

The path cost is calculated based on the cumulative link costs from the switch to the
root bridge.

Each switch then selects designated ports for each network segment, which are the
ports providing the shortest path to the root bridge.

15
Redundant ports, which would create alternate paths and potential loops, are blocked
by STP. These blocked ports are in a listening state and do not forward data (4).

Port States:

Blocking: Blocked ports receive BPDU messages but not forwarding data. They
prevent loops by blocking redundant paths.

Listening: Ports in the listening state prepare to participate in the spanning tree. They
do not forward data but still receive BPDU messages.

Learning: Ports in the learning state start populating the MAC address table by
learning source MAC addresses. They do not forward data yet.

Forwarding: Ports in the forwarding state actively participate in data forwarding and
forwarding BPDU messages. They are part of the active path for data transmission.

Disabled: Ports those are administratively disabled or not connected.

Convergence: Convergence is the process of STP reaching a stable state after

changes in the network, such as link failures or network topology changes.

When a link fails, STP recalculates the spanning tree by determining new root ports
and designated ports.

Convergence time refers to the time required for the spanning tree to stabilize after a
change.

STP convergence can take several seconds, during which network traffic might
experience disruptions or delays.

Limitations of STP:

STP has a slow convergence time, which means it takes time to recalculate the
spanning tree if there are changes in the network, such as link failures or new
switches.

Rapid spanning tree protocol (RSTP)

RSTP, also known as IEEE 802.1w, is an evolution of the Spanning Tree Protocol
(STP) designed to improve upon its limitations.

16
RSTP maintains backward compatibility with STP, allowing switches running RSTP
to interoperate with switches running STP.

RSTP Operation:

RSTP introduces new port states (discarding, learning, and forwarding) to enhance the
convergence process.

RSTP uses a faster convergence algorithm, which reduces the time required to
transition ports to the forwarding state when there are changes in the network.

RSTP introduces the concept of edge ports, which are designated as non-participating
in the STP and immediately transition to the forwarding state when connected devices
are detected (5)

Port States in RSTP:

RSTP introduces new port states to enhance the convergence process and improve
network responsiveness.

Discarding: Similar to STP's blocking state, discarding ports do not forward data but
still receive and process BPDU messages. They prevent loops by blocking redundant
paths.

Learning: Learning ports start populating the MAC address table by learning source
MAC addresses. They do not forward data yet.

Forwarding: Forwarding ports actively participate in data forwarding and forwarding

BPDU messages. They are part of the active path for data transmission.

Alternate and Backup Ports:

RSTP introduces the concepts of alternate ports and backup ports to provide backup
paths and improve network resiliency.

Alternate ports are non-designated ports that are placed in a backup role for the root
port. They are ready to transition to the forwarding state if the current root port fails.

Backup ports are backup designated ports for a particular segment. They are placed in
a backup role and are ready to take over the forwarding role if the current designated
port fails (3).

17
Simulation process
The use of simulation in Cisco Packet Tracer provided us valuable platform for
network design, prototyping, training, and troubleshooting. It offers a safe and
efficient way to experiment with network configurations, validate designs, and
enhance understanding of networking concepts, ultimately leading to more robust and
optimized network implementations. This simulation allows us to visualize and test
the network configuration before implementing it in a real-world scenario.

We followed these steps to implement our design.

1. Launch Cisco Packet Tracer:

 Open Cisco Packet Tracer on our computer to begin the simulation.

2. Build sample of the Existing Star Topology:

Figure 3.2 Current AKU main campus network systems

3. Introduce the Ring Topology:

To introduce the ring topology, connect each of the distribution switches.

18
 Figure 3.3 Enhanced AKU main campus network systems

4. Configure Rapid Spanning Tree Protocol (RSTP):

Configure Rapid Spanning Tree Protocol (RSTP) on each of the distribution

multilayer switches and also on the core multilayer switch because it is part of the
redundant topology to prevent loops and ensure a loop-free topology.

Choose the core switch as the root bridge for each of VLANs that we have and adjust
the RSTP priorities accordingly.

5. Configure VLANS

 Create 5 VLANs namely staff, student, management, wireless, lab.

 Assign interface (ports) to VLANs on each of the distribution and access
switches. Then we configure trunk links between each switch.

6. Configure DHCP

 Enable DHCP service in core switch Create DHCP pool

 Specify network and subnet mask for the DHCP pool
 Define the default gateway (router interface) for DHCP clients
 Set DNS-server
 Configure IP helper on distribution switches.
7. Enable port fast and BPDU guard

We enabled port fast to allow the ports to bypass the spanning tree delay and directly
transition to forwarding state. And BPDUguard for additional security to prevent from

19
unauthorized networking device connecting to the port and cause possible loop in the
non trunking access links.

The port will transition from a blocking to a forwarding state immediately,

eliminating the typical 30 second delay in the listening and learning states. Port Fast
should only be enabled on ports connected to a host. If enabled on a port connecting
to a switch or hub, loops may occur resulting a broadcast storm.

BPDU Guard will set a port in an errdisable state if a BPDU is received indicating
there is networking device connected. BPDU Guard should be enabled on any port
with Port Fast enabled.

8. Verify Connectivity: verify connectivity between devices in the network to ensure

proper communication.

We shut down a path from the core switch to a distribution switch and the distribution
switch still gets connectivity through another alternate route.

We did a real time simulation test to observe data communication from one end
device to another.

3.9 Result and discussion

The hybrid of star ring topology improved network resilience by providing alternate
paths and reducing the impact of single link failures. In the event of a link failure, the
network quickly re converges, ensuring minimal disruption to network services. This
increased network availability and reliability, leading to improved user experience
and reduced down time.

The introduction of VLANs significantly improved network segmentation and

security within the campus. Each VLAN represents specific user group, ensuring that
network traffic remains isolated and unauthorized access is prevented. Due to this
network congestion was reduced, resulting in optimized bandwidth utilization, better
network management and improved overall network performance

The VLAN also provides scalability and flexibility to accommodate future growth
and changing network requirement. Additional VLANs can be easily created to
support new user groups or services, ensuring the network remains adaptable. It also

20
simplifies network administration tasks by providing logical grouping easier to exert
security measures separately.

We did a successful ping test to see if PCs which are in the same VLANs are able to
communicate. And successful ping tests that indicate hosts in different VLANs are not
communicating.

We observed real time packet transmission from one client to another in the same VLAN,
how fast the topology converges in case of link failure, how fast a pc gets active when
connected to port fast enabled port and how the link shuts down when a switch is connected
to a port guard enabled port.

Figure 3.4 Communication between the same VLANs

21
 CHAPTER FOUR

OVERALL BENEFITS GAINED

This internship experience has been a useful foundation equipping us with
competence values and contributed to our personal and professional growth in terms
of:

4.1 Improving practical skills

During our internship, we had an opportunity to observe how the theoretical theories
work in real words. We got introduced to data center infrastructure and how it works,
networking devices and participated in practical network operations such as cable
management, rack organization.

4.1 Improving interpersonal communication skills

Effective communication is vital when working in team-oriented environment.
Throughout our internship, we collaborated closely with network administration and
IT support staff to address network related issues and fulfill their connectivity
requirement. Through these interactions, we improved our communication skills,
learning to convey technical and non-technical information in clear and concise
manner.

4.3 Improving team playing skills

Successful network infrastructure management requires collaboration and team work.
During our internship, we participated in a team project and learned how to
effectively contribute to group discussions, leverage the strength of team members,
and collectively solve complex network challenges. Moreover, we gained insights into
conflict resolution and negotiation techniques, fostering a harmonious team dynamic
and enhancing overall productivity.

4.4 Improving leadership skills

As an intern, we had an opportunity to demonstrate leadership capabilities. We took
the initiative to lead a project and this experience allowed us to develop valuable
leadership skills, such as task delegation, project coordination, and effective
communication with team members. These responsibilities helped us to gain

22
confidence in our abilities to guide and motivate others, setting a foundation for future
leadership roles.

4.5 Understanding work ethics related issues

Ethics and professionalism are integral to any work environment, including network
infrastructure management. We demonstrated commitment to work ethics by
maintaining the best interest of the university and adhering to data privacy regulation.
This understanding has helped us shape our approach to work and instilled sense of
responsibility and integrity in our professional practice.

4.6 Entrepreneurial skills

The internship experience fostered an entrepreneurial mindset and skills, such as
critical thinking, problem solving, and resourcefulness. We had an opportunity to
identify areas for optimization with cost effective measures. We learned to approach
network infrastructure challenges with a proactive mindset, identifying opportunities
for improvement and implementing solutions that aligned with the university’s goals
and budget.

23
 CHAPTER FIVE

CONCLUSION AND RECOMMENDATION

5.1 Conclusion
Throughout this internship, the focus was primarily on working with network
infrastructure, specifically enhancing the VLAN of the main campus. This experience
provided valuable Insights into the design and management of VLANs as well as the
opportunity to apply theoretical knowledge to real worlds scenarios.

This internship fostered the development of critical thinking, such as problem solving,
team work. Communication and collaboration with the data center teams to
understand the requirements and translating them into design also sharpened our skill
in usage of industry standard protocols and technologies. The experience gained
during this internship will undoubtedly serve as a solid foundation for future uses in
the fields of network infrastructure.

Our project of designing enhanced LAN for the main campus transformed the star
topology to hybrid of ring and star while implementing VLANs and necessary
techniques. The hybrid star ring topology introduced redundancy and increased
network availability by providing alternate paths and rapid network convergence
during link failures. The VLAN configuration enabled efficient network
segmentation, isolating different user groups and services, and preventing
unauthorized access.

This project yields significant benefits including enhanced network resilience,

optimized traffic flows, and strengthen security measures, thus, align with the ICT
directorate goals and the satisfaction of meeting customer needs.

5.2 Recommendation
Based on our experiences gained from our internship and project the following
recommendations are provided for further over all enhancement of the VLAN.

Enhanced mentor ship program

One of the key recommendations for improving the internship experience within the
data center is Implementation of structured mentor ship program. This can be

24
designed to match interns with mentors based on their specific areas of interest,
allowing for targeted guidance and support.

Dedicated training and feedback sessions, plenty of hands on exercises would create
robust learning environment for interns, empowering them to develop essential skills,
deepen their knowledge, and prepare for future careers.

Additionally, organizing sessions of experience delivery by professionals within the

data center would foster a culture of knowledge sharing and encourage interns to
explore new concepts and technologies.

Resource library and online platform

To facilitate continues learning, the data center should establish a resource library or
online platform specifically intended for interns. This repository could include
relevant technical documentation, research papers and online courses that interns can
access to supplement their learning experience and provide discussion platforms.
Regular updates and additions to the resource library should be made to ensure access
to latest information.

These initiatives will not only enhance the interns’ learning experience but also
contribute to the overall growth and development of the data center.

Regular network monitoring and maintenance

To ensure the continued effectiveness of the enhanced VLAN configuration, it is

recommended to establish a regular network monitoring and maintenance plan. This
includes monitoring VLAN performance, identifying and addressing any performance
bottlenecks or security vulnerabilities, and updating VLAN configuration as needed.

Deploying advanced network monitoring and analysis tools, performance testing tools
to gain deeper insights into VLAN performance, traffic patterns, and security events is
crucial. Then utilizing network analysis to proactively identify and resolve
performance bottlenecks, optimize traffic flows, deploying quality of service
protocols and improve overall network efficiency would have benefits immensely.

Quality of Service (QoS)techniques should also be considered to prioritize and

manage network traffic based on specific requirements and application needs.

25
Network security audits and advanced security mechanisms

Periodic network security audits should be conducted to assess the effectiveness of the
VLAN based security measures and identifying any potential weaknesses. This will
help maintain a robust security posture and ensure the protection of the sensitive data
and resources. Additionally, ongoing training and awareness programs for network
users and administrators should be implemented to promote best practices and
proactive security measures.

Careful planning and maintaining of access control lists and firewall rules needs to be
implemented to restrict and control the flow of traffic between VLANs. keeping up
with advanced security technologies such as intrusion detection and prevention
systems, network segmentation with virtual firewalls, network access control
solutions to address evolving future requirements is beneficial as well.

Future network expansion and scalability

As the university’s network requirements evolve, it is essential to plan for future

network expansion and scalability in advance. This includes considering the addition
of new VLANs to accommodate new user groups or services. Evaluating the
scalability of the VLAN configuration and ensuring that the network infrastructure
can support future growth will help maintain a flexible and adaptable network
environment.

26
 REFERENCE
1. Behrouz A. Forouzan. Data Communications and Networking, Fourth Edition. s.l. :
McGraw-Hill companies., 2007.
2. Balchunas, Aaron. spanning tree version 3.1.3. s.l. : ([email protected]).
3. acadamy, cisco. Campus Network for High Availability Design Guide, . s.l. : ccan Cisco
Systems, Inc., , 2008.
4. buor.z. Data Communication and Computer Network . s.l. : www.tutorialspoint.com.
5. tour.tg. Cisco Networking Academy, CCNA SWITCH Lab .

27
 Appendix
Configuration commands

1. Enable RSTP on the core and distribution switches.

Switch>enable

Switch# conf t

Switch(config)# spanning-tree mode rapid-pvst

Switch (config) #end

Set the core switch to be the root bridge for each VLANs for centralized control.

Switch# conf t

Switch(config)# spanning-tree vlan 1-99 root primary

Switch(config)# end

2. Configure port fast and port guard on access switches at necessary ports.

Switch(config)# interface range fa 0/10-20

Switch(config-if-range) # Switchport mode access

Switch(config-if-range) # Spanning-tree portfast

Switch(config-if-range) # end

Switch# conf t

Switch(config)# interface range fa 0/10-20

Switch(config-if-range) # spanning-tree bpduguard default

Switch(config-if-range) # end

Check if the switches are operating RSTP using the show command.

Switch# show spanning-tree

3. Configure DHCP

Conf t

Sevice dhcp

28
exit

Conf t

Interface vlan 5

Ip address 192.168.5.1 255.255.255.0

No shutdown

Exit

Conf t

Interface vlan 10

Ip address 192.168.10.1 255.255.255.0

No shutdown

Exit

Conf t

Interface vlan 20

Ip address 192.168.20.1 255.255.255.0

No shutdown

Exit

Conf t

Interface vlan 30

Ip address 192.168.30.1 255.255.255.0

No shutdown

Exit

Conf t

Interface vlan 40

Ip address 192.168.40.1 255.255.255.0

29
No shutdown

Exit

Conf t

Ip dhcp pool vlan5-pool

Network 192.168.5.0 255.255.255.0

Default-router 192.168.5.1

Dns-server 8.8.8.8

Ip DHCP excluded-address 192.168.5.1 192.168.5.9

Exit

Conf t

Network 192.168.10.1 255.255.255.0

Default-router 192.168.10.0

Dns-server 8.8.8.8

Ip DHCP excluded-address 192.168.10.1 192.168.5.9

Exit

Conf t

Network 192.168.20.1 255.255.255.0

Default-router 192.168.20.0

Dns-server 8.8.8.8

Ip DHCP excluded-address 192.168.20.1 192.168.5.9

Exit

Conf t

Network 192.168.30.1 255.255.255.0

30
Default-router 192.168.30.0

Dns-server 8.8.8.8

Ip DHCP excluded-address 192.168.30.1 192.168.5.9

Exit

Network 192.168.40.1 255.255.255.0

Default-router 192.168.40.0

Dns-server 8.8.8.8

Ip DHCP excluded-address 192.168.40.1 192.168.5.9

Exit

Conf t

Interface vlan 5

Ip helper-address 192.168.5.1

Exit

Conf t

Interface vlan 10

Ip helper-address 192.168.10.1

exit

Conf t

Interface vlan 20

Ip helper-address 192.168.20.1

exit

Conf t

Interface vlan 30

Ip helper-address 192.168.5.1

31
exit

Conf t

Interface vlan 40

Ip helper-address 192.168.5.1

exit

4. Create the VLANs

switch(config)# vlan 5

switch(config-vlan) # name staff

switch(config-vlan) # exit

Repeat for each VLAN.

5. Assign interfaces to VLANs

switch(config)# interface range fa 0/1-7

switch(config-if-range) # switchport mode access

switch(config-if-range) # switchport access vlan 5

switch(config-if-range) # end

Repeat for each VLAN.

configure trunk interfaces on core

Switch(config)# interface range fa 0/7-9

switch(config-if-range) # switchport trunk encapsulation dot1q

switch(config-if-range) # switchport mode trunk

switch(config-if-range) # end

Follow the same procedure to configure trunk interfaces on access switches as well.

Show command to see and check the VLANs.

Switch# show vlan brief

32
33