CIS 505 Assignment 3: Elastic and Inelastic Traffic
Due Week 5 and worth 60 points
Write a three to four (3-4) page paper in which you:
1. Outline a plan for the development of an addressing and naming model in an environment of the following scenario:
a. Ten (10) departments in a 1,000-employee organization
b. Equal separation by geography
c. Use a common data center of twenty (20) backend enterprise servers
2. Analyze the functional problems of throughput, delay, and packet loss as it pertains to your plan.
3. Analyze and explain how you would use DNS in your plan.
4. Compose a two-paragraph executive summary highlighting the main ...view middle of the document...
Here are a few alternate domain structures that can be considered for the company. The best way to show how all of these concepts come together is by walking through an example. The network shows how DNS servers might be deployed and configured for a company having anywhere from two to 1,000 employees. My example has two sub domains, one for engineering and one for marketing. Like most companies, it uses private addresses for its internal systems and public IP addresses for the services it provides to the outside world. It uses a combination of BIND and Microsoft Active Directory to support both Windows desktops and other servers and workstations. External authoritative name server’s, domain registration information points to the minimum of two name servers, in this case a master that’s in the company’s DMZ and one that’s located far away across the Internet so that a failure that takes the company offline doesn’t make the domain disappear. There should always be a slave name server on a different network (a different ISP backbone) in a different location than your master. If you don’t want to host one yourself, there are DNS hosting services that will do it for a fee. The authoritative name servers should be protected with a firewall, but don’t hide them with network address translation. You want them to be available at the same address whether accessed from inside or outside of your network.
◦Equal separation by geography
First, don’t confuse domain structure with site structure. The Active Directory site structure should always mimic an organization’s geographic topology. For every wide area network (WAN) link between offices, there should be a corresponding site link within Active Directory. Furthermore, the computers that reside within a physical office should be placed within a common Active Directory site. Ideally, each location should make use of a dedicated subnet because a single subnet can’t span multiple Active Directory sites (P. Mockapetris, 1987).
Active Directory site structure is important because the site structure has a direct impact on the volume of Active Directory replication traffic that will flow across the WAN links. For example, imagine the company with multiple branch offices. The company choses to configure its Active Directory as a single domain, which isn’t wrong. In a situation like this, company Alpha could potentially make updates to Active Directory on any writable DC within the entire organization. When an update does occur, it’s the DC’s responsibility to make the update available to the other DCs (J.C. Klensin, 2003).
Domain Name System (DNS) zones
DNS zones are categorized by where information is stored, whether they are able to be written to, and the type of data they send and receive. Zones can be kept in Active Directory or in text files. A DNS server can be configured with several zone types or none at all, depending on the role it will have in your network. For instance, it is highly...