BACHELOR OF SCIENCE IN COMPUTER AND

COMMUNICATION ENGINEERING

Enhancing University Network Infrastructure: A Smart and

Secure Integration of Cisco Packet Tracer and IoT Devices

Supervised by
Syed Zahidur Rashid

Assistant Professor

Department of Electronic and Telecommunication Engineering, IIUC

Submitted by
Md Sydul Islam Riaz (E191028)

Department of Computer and Communication Engineering

International Islamic University Chittagong
Kumira, Sitakunda, Chittagong – 4318

October, 2023
 Certificate of Approval
The thesis entitled as “Enhancing University Network Infrastructure: A Smart and Secure
Integration of Cisco Packet Tracer and IoT Devices" submitted by Md Sydul Islam Riaz
bearing ID No. E191028 to the Department of Computer & Communication Engineering of
International Islamic University Chittagong (IIUC) has been accepted as satisfactory for the
partial fulfillment of the requirements for the Degree of Bachelor in Computer and
Communication Engineering and approved as to its style and contents for the examination held
on 20th June 2023.

Approved By-

_____________________
Engr. Syed Zahidur Rashid

Supervisor
Assistant Professor & Chairman
Department of Electronic and Telecommunication Engineering
International Islamic University Chittagong

i
 Declaration
It is hereby declared that the work presented here in is genuine work done by us and has not
concurrently submitted in candidature for any degree. The result of this thesis that we have
found totally depend on our own investigation/work.

This work was done under the guidance of Engr. Syed Zahidur Rashid, Assistant Professor
of Electronic and Telecommunication Engineering, International Islamic University
Chittagong.

_______________________________
Md Sydul Islam Riaz
ID: E191028

ii
 Acknowledgement
In the name of Allah, the most Beneficent and the most Merciful

First of all, we start by thanking Allah, the Almighty for bondless grace to keep patience and
sincerity of us to end up this thesis paper a successful one.

We would like to thank our supervisor, Associate professor Engr. Syed Zahidur Rashid for
his continuous guidance and advice in order to be successfully finishing the entire thesis work.
While working, he has been a sincere mentor to do quality research from the very beginning.
He kept us focused on our thesis and helped us improve the quality of our thesis by giving
invaluable feedback.

We would like to thank all faculty members and staff of the Department of Computer and
Communications Engineering, IIUC for their generous help in various ways for the completion
of this thesis.

An endeavor of this caliber required a lot of support and we would like to proudly mention that
our family kept their support for us all the way. We have to thank our parents and families for
being extremely supportive while we were doing this work.

Author

Md Sydul Islam Riaz

ID: E191028

iii
 Abstract
A Campus Area Network (CAN) is a kind of localized network infrastructure that links together
different parts of a single building or campus, such as the numerous buildings and systems at a
school. Incorporating key aspects like Open Shortest Path First (OSPF), Access Control List
(ACL), IPV6, and Internet of Things (IoT) devices, the authors of this study propose the design
of a revolutionary CAN topology and conduct a thorough performance analysis. The research
looks at the suggested CAN design model to see how much money it saves on bandwidth and
how it affects other network characteristics to see whether it improves the CAN's QoS.
Incorporating cutting-edge technology and tailoring solutions to the specific needs of a
university campus, the findings of this study help improve the state-of-the-art in CAN network
design.

iv
 TABLE OF CONTENTS
Content No. Content Details Page No.
Certificate Approval i
Declaration ii
Acknowledgement iii
Abstract iv
Table of Contents v-vii
List of Figures viii
List of Abbreviation ix
List of Symbol x
Chapter 1 Introduction 1
1.1 Background 1
1.2 Goal and Motivation 1
1.2.1 Goal 2
1.2.2 Motivation 2-3
1.3 Objectives 3
1.4 Thesis Overview 3-4
Chapter 2 Literature Review 5
2.1 Introduction 5
2.2 Routing Basics 6
2.3 Routing Protocol 6
2.3.1 New Route Information 7
2.3.2 Autonomous System 7
2.3.3 Administrative Distance 7-8
2.3.4 Routing Protocol Types 8-9
2.3.5 Classful and Classless Routing Protocol 9
2.4 Routing Metric 9
2.4.1 Routing Perimeters 10
2.4 Routing Protocol Timers 10
Chapter 3 Campus network 11
3.1 Computer Network 11
3.2 Campus Area Network 11-12
3.3 Purpose of New Campus Network Design 13
3.4 Design Campus Network Topology 14
Chapter 4 ACL 15
4.1 ACL 15
4.1.1 ACL Characteristics 15
4.1.2 ACL Versions 15
4.2 ACL Configuration 15-16
4.3 ACL configuration Table 17
4.4 ACL Timers 18
Chapter 5 OSPFv2 5
5.1 OSPFv2 5

v
 5.2 OSPFv2 Neighbor 19-20
5.3 Configuring OSPFv2 20
5.4 OSPFv2 Authentication 22
Chapter 6 IPV6 23
6.1 IPV6 23
6.2 IPV6 Neighbors 23
6.3 Configuring IPV6 25-27
Chapter 7 IOT Devices 28
7.1 IoT 28
7.2 IoT Characteristics 28-29
7.3 IoT components 29
7.3.1 RFID Card 29-30
7.3.2 RFID Reader 30
7.3.3 Temperature Monitor 30
7.3.4 Temperature Sensor 30-31
7.3.5 Motion Detector 31
7.3.6 Webcam 31
7.3.7 Siren 31-32
7.3.8 Smartphone 32
Chapter 8 Simulation Performance Analysis 33
8.1 Why Simulation 33
8.2 Simulator 33
8.3 Design and Analysis in Cisco Packet Tracer 33-34
8.4 Simulation Study 34
8.5 End to End delay 34-35
8.6 Convergence Time 35-36
8.7 ACL, OSPF & IPV6 Network Topology 36
8.7.1 Interface setting command and Showing IP route 37
8.7.2 OSPFv2 Network Topology 38-39
8.8 IPV6 Network Topology 39-40
Chapter 9 Result Analysis 4141
9.1 Introduction 41
9.2 Integration Efficiency of IoT Devices into Cisco Packet Tracer 41
9.3 IPv4 and IPv6 Address Assignment 41
9.4 ACL Implementation and Network Security 41
9.5 Performance of IoT Devices 42
9.6 Network Load and Scalability 42
9.7 Conclusion 42
Chapter 10 Quality of Service (QOS 43
10.1 Introduction 43
10.1.1 Packet loss 43
10.1.2 Throughput 43-44
10.1.3 Transmission delay 44
10.2 Result Analysis & Quality of Service 45

vi
Chapter 11 Conclusion 46
11.1 Conclusion 46-47
11.2 Future Work 47-48
References 49-50
Appendix 51-55

vii
 List of Figure

Figure No. Details Name of the figure Page

Figure 2.1 Types of Routing Protocol 8
Figure 3.1 Campus Area Network (CAN) topology 12
Figure 4.1 ACL campus area network topology 16
Figure 4.2 Authentication setup for ACL 17
Figure 5.1 Sending hello packets to build neighbor relationship 19
Figure 5.2 Showing IP OSPFv2 neighbor 21
Figure 6.1 Campus Area Network topology for IPV6 network 25
Figure 6.2 IPV6 interface check 26
Figure 8.1 ACL Network Topology 36
a) Router connected through OSPF b) Pocket did not reach from source
Figure 8.2 37
to destination due to ACL configuration
Figure 8.3 All Router route 38-39
Figure 8.4 Showing IPV6 route 39-40
Figure 9.1 Throughout graph 44
Figure 9.2 Latency Graph 45

viii
 List of Abbreviation
AD Administrative distance
ASN Autonomous System Number
CLI Command-Line Interface
RIP Routing Information Protocol
EIGRP Enhanced Interior Gateway Routing Protocol
OSPF Open Shortest Path Fast
GNS3 Graphical Network Simulator 3
IP Internet Protocol
TCP Transmission Control Protocol
OSI Open System Interconnection
CAN Campus Area Network
IANA Internet Assigned Numbers Authority
LAN Local Area Network
VLSM Variable Length Subnet Mask
DUAL Diffusing Update Algorithm
RID Router ID
RTT Round Trip Time
CIDR Classless Inter-Domain Routing

ix
 List of Symbol

D end-end End-to-end delay

D trans Transmission delay

D prop Propagation delay

D proc Processing delay

D queue Queuing delay

Transmission delay
N Number of bits

R Rate of transmission

x
CHAPTER 1
Introduction

1.1 Background
These days, it's impossible to imagine life without the ability to instantly share information with
anybody, anywhere in the globe. When it comes to linking the internet to other networks
throughout the world, the Transmission Control Protocol/Internet Protocol (TCP/IP) provides a
crucial framework. TCP/IP was originally developed to provide bridges across disparate networks,
and it now facilitates communication connectivity between hosts over extensive physical
distances. There are several benefits to having interconnected systems, including improved
communication across hosts on different networks.[1]
According to the TCP/IP architecture, the Internet's network layer is made up of a series of smaller
networks that all talk to one another. The routing of data packets and the establishment of
connections between nodes are both made possible by the Internet Protocol (IP). In order for
routers to learn about the structure of a network and choose the most efficient paths for data
transfer, routing protocols play a critical role. The primary goal of routing protocols is to improve
communication between routers in a network.[1]
When many LANs in the same geographic region are linked together, the result is a campus area
network (CAN). The goal of a CAN is to facilitate communication and cooperation between
various networks. They find widespread application on college campuses, where departments all
operate under a similar framework. Because of this, administrative communications may be sent
and received across departments with ease. CANs improve data transfer rates on campus and come
with a host of other advantages, and they can be set up quickly and simply within a defined region.
The fast development of computer communication networks has led to an increase in the usage of
communication technologies all over the globe. Even though underdeveloped countries don't have
the same degree of communications infrastructure as developed countries, user-friendly services
like file transfer, print sharing, video streaming, and phone conferencing are nonetheless made
possible by advances in communication technology.[4]
Information and data packets may be sent from one end of the internet to the other thanks to routing
protocols, which are the backbone of computer communication networks. These protocols provide

1
up a standardized means through which certain pieces of data may be sent between routers. Routing
algorithms are used by routers to figure out how to go from one place to another. These algorithms
govern how a network operates and let routers to adapt to new topological conditions. Each router
keeps a "routing table" of all the possible paths it may take to deliver data to its intended recipients.
There is no need for a centralized administration on the internet since routing protocols function
in a peer-to-peer system. These protocols use various tactics, such as sending update messages to
report changes to the network infrastructure, and then having each node independently recalculate
its routing tables to reflect the new information. When deciding how to connect nodes, routers take
into account the topology of neighboring networks. IP networks use a variety of routing protocols,
including distance vector (RIP, RIPv2, and IGRP) and link-state (OSPF, ISIS) protocols, as well
as hybrid (EIGRP) protocols that combine the two.
With the use of Cisco Packet Tracer and Internet of Things (IoT) devices, we want to improve a
university's network infrastructure in this thesis. Our goal in implementing these technologies is
to enhance the QoS of the university's network by boosting its speed, reliability, and safety. Our
ultimate goal is to help create a smarter, more connected campus network by investigating cutting-
edge networking technologies.[2]
1.2 Goal and Motivation
1.2.1 Goal
The purpose of this thesis is to build and install a more efficient campus network architecture for
a university, one that boosts network performance and offers sufficient bandwidth to keep up with
the system's expanding needs. The goal is to create a safe and intelligent network by combining
Cisco Packet Tracer with IoT devices. The goal is to build a reliable network infrastructure that
protects not only the routers and the database, but also the authenticity and integrity of
communications travelling across the network. This study's overarching goal is to improve the
university's network in terms of throughput, security, and the usability of Internet of Things (IoT)
devices and applications for students, faculty, and staff.
1.2.2 Motivation
There are major inefficiencies in the current campus networks utilized at colleges in Bangladesh,
especially in terms of the cost-bandwidth ratio. Poor network performance and restricted
connection are common results of these networks' inability to supply enough bandwidth to meet

2
the expanding needs of the network system. In addition, commonly used routing protocols like
RIP, OSPF, and EIGRP are prone to exploitation since they lack safe authentication procedures.
The goal of this thesis is to improve university networks in Bangladesh by integrating Cisco Packet
Tracer and IoT devices in a way that is both smart and secure, hence addressing the aforementioned
pressing problems. Our goal is to increase the efficiency of the campus network in terms of both
money and time spent on it via the use of technologies like Open Shortest Path First (OSPF),
Internet Protocol Version 6 (IPv6), Access Control Lists (ACLs), and Internet of Things (IoT)
gadgets. Incorporating strong authentication procedures into routing protocols also improves the
network's safety. The realization that the network is vulnerable to several security threats is what
inspired this move towards more secure authentication. Using strong security measures and
password authentication across routers, we can considerably reduce the likelihood of unauthorized
access and harmful assaults. With the goal of building a secure and reliable network for educational
institutions in Bangladesh, this thesis investigates the effectiveness of various authentication
systems.

The overarching goal of this study is to find ways to improve current campus networks by securing
routing protocols, incorporating cutting-edge technologies, and creating a smart and secure setting
that can accommodate universities' growing connectivity demands

1.3 Objectives
1. Design and implement a safe and effective method of incorporating Cisco Packet Tracer and
Internet of Things (IoT) gadgets into a university's preexisting Campus Area Network (CAN)
framework in order to improve the network's accessibility, safety, and productivity at campus
area.
2. CAN topology redesign employing Open Shortest Path First (OSPF) routing protocols, Internet
Protocol version 6 (IPv6), Access Control Lists (ACL), and Internet of Things (IoT) gadgets
to enhance network efficiency and network stability, cut down on expenses, and raise QoS
standards.
3. Assess the efficiency of the suggested design model and evaluate its advantages for the
university's network infrastructure by analyzing the performance of the improved CAN
infrastructure with respect to network factors such as bandwidth utilization, cost-effectiveness,
and QoS metrics.

3
1.4 Thesis Overview
This thesis consists of eight chapters that contain introduction, working of the system, results and
discussion for each chapter.
Chapter 1: Introduction.
Chapter 2: Literature review, routing protocols, which contains brief introduction of the routing
protocols, it’s metric, default timer and authentication process.
Chapter 3: About Campus Network, purpose of campus network.
Chapter 4: ACL, short overview, network design, configuration of ACL, its metric and
authentication process of ACL.
Chapter 5: OSPFv2, short overview, network design, configuration of OSPFv2, its metric and
authentication process of OSPFv2.
Chapter 6: IPV6, short overview, network design, configuration of IPV6, its metric and
authentication process of IPV6.
Chapter 7: IOT, Characteristics of IOT, IOT Component.
Chapter 8: Simulation performance, network design for OSPFv2 ACL end to end simulation graph
and convergence time simulation graph.
Chapter 9: Result analysis, end to end performance result and convergence time performance
result.
Chapter 10: Quality of Service
Chapter 11: Conclusion References

4
CHAPTER 2
Literature Review

2.1 Introduction
This thesis's literature evaluation focuses on two major areas: campus networking and IP routing
procedures. CANs, or campus area networks, are computer networks that link LANs inside a
constrained region, such a university campus. Campus area networks (CANs) facilitate
communication and cooperation among campus organizations. Administrative communications
may be sent and received quickly and easily across departments thanks to CANs, which link local
area networks (LANs) in different buildings. CANs are based on the same technology as LANs,
making them an attractive and simple-to-deploy option for use in a specific area. To improve data
transfer rates and general network efficiency on campus, CANs are important.[1]
The IP routing method, crucial to networks, is also discussed at length in this survey of the relevant
literature. Using routers, data is transferred from one network to another. To dynamically find
networks inside the internetwork and to keep routing tables consistent across routers, routing
protocols play a crucial role. By calculating the optimal route for packet transfer, these protocols
enhance the usefulness of a network. Routing protocols like RIPv2, EIGRP, and OSPFv2 are
examples of popular ones. The distinction between routing protocols and routed protocols is further
elaborated upon. Routed protocols are allocated to interfaces and regulate the mechanism of packet
delivery, whereas routing protocols are used by routers to discover networks and choose the
optimal path for packets.[2]
A smart and secure integration of Cisco Packet Tracer and IoT devices is the focus of the study
"Enhancing University Network Infrastructure: A Smart and Secure Integration of OSPF, IPv6,
ACL, and IoT Devices." The study's ultimate goal is to improve network performance at campus
area and making network stable by including a strategic and safe amalgamation of various
technologies. This thesis intends to analyses performance indicators and assess the advantages of
integrating Cisco Packet Tracer and IoT devices by evaluating the available literature on campus
networking and IP routing operations. The literature evaluation lays the groundwork for further
investigation and analysis of the issue, which ultimately helps to improve and optimize university
network infrastructure. Also, the analysis of the groundwork analysis will help to stable campus
area network.[3]
5
2.2 Routing Basics
Routing is a crucial step in every network's communication infrastructure, since it determines the
routes that data packets will take. The network traffic's journey from source to destination is
defined by a set of paths called routes.
The two most common ways in which routers acquire new routes are as follows:
Manually configuring routes by an administrator constitutes static routing. This process requires
adding network nodes to the routing table by hand. If the network's structure or connection is
altered, the administrator will need to manually update the routes on each impacted router. While
static routing has the advantage of being easy to implement and manage, it may be difficult to keep
up with as a network grows or evolves [4].
Routers engage in dynamic routing when they employ routing protocols to discover new routes
from their peers. The routing tables of several routers may be dynamically updated thanks to the
automated exchange of routing information between them. In the event of a connection failure or
the installation of a new network, the affected routers use the routing protocol to notify other
routers of the change, ensuring that all routers have accurate routing information [4]. Routers
choose the most effective pathways for network traffic and adjust to changes in the network
topology with the help of dynamic routing protocols like OSPF, EIGRP, and RIP.
Those responsible for the design and management of network infrastructures would do well to
familiarize themselves with static and dynamic routing. Considerations such as network
complexity, scalability, administrative control, and the necessity for adaptability to network
changes inform the decision between static and dynamic routing.
2.3 Routing Protocol:
A protocol that is used for determining or identifying network path and maintain the
communication between source and destination is called routing protocol. The primary function
of a routing protocol is to allow routers to communicate with one another and find the most direct
path to a given destination. Sharing of routing updates, which include crucial network data, is made
possible [4]. This data is stored in the routing tables that routers utilize to forward packets in the
most efficient way possible. It uses software and routing algorithms to determine optimal network
data transfer and communication paths between network nodes. A routing protocol is also known
as routing policy.

6
2.3.1 New Route Information:
The purpose of routing updates is to facilitate communication between routers in a network.
Routers, depending on the protocol they're using, periodically broadcast or multicast their routing
information. Routing updates might happen at varied periods depending on the protocol being
used. For routing updates, some protocols use broadcast, while others use multicast.
Information such as learning network topology, timers, Autonomous System data, Administrative
Distance, matrix values, interface specifications, and more are all included in routing protocol
updates. These revisions guarantee that routers always have accurate topology data and can make
smart judgments about where to send data packets.
My thesis subject, "Enhancing University Network Infrastructure: A Smart and Secure Integration
of Cisco Packet Tracer and IoT Devices," necessitates that you think about various routing
protocols and the upgrades they need. The effectiveness, safety, and efficiency of a network are all
affected by the routing protocols used. You may determine whether these routing protocols are a
good fit for improving the university's network by studying their features and behaviors, such as
their routing update processes.
2.3.2 Autonomous System:
An Autonomous System (AS) in the context of your thesis is a group of routers that use the same
routing table. The autonomous system (AS) delimits the scope of routing protocols to a particular
network or set of networks [6]. This may be your school's network or a collection of businesses
working together. The Internet Assigned Numbers Authority (IANA) assigns unique numeric
identifiers, or "AS numbers," to each AS. These numbers may be anywhere from 1 to 65535. Both
public and private AS exist. While public AS numbers are used for the core infrastructure of the
internet, private AS numbers are reserved for use on private networks.
When planning and administering the campus network, a firm grasp of the idea of AS is essential.
It allows for more streamlined communication and routing decisions to be made among routers
within a defined area of a network.
2.3.3 Administrative Distance:
The reliability of routing updates received from nearby routers is largely dependent on their
Administrative Distance (AD). A router will utilize the AD value to choose which of numerous
possible routing modifications for the same path to take [6].

7
The values for AD might be anything from 0 to 255.Routers may priorities the path with the lowest
Adjacent Domain value in their routing tables by comparing the AD values of routing updates. A
more trustworthy and reliable routing update is one with a lower AD value. Therefore, while
making routing choices, routers will choose the path with the smallest AD value.
Your thesis topic's AS and AD values provide an opportunity to evaluate these parameters in light
of their potential application to the improvement of the university's network infrastructure.
Efficient routing, enhanced network performance, and dependable connection inside the campus
network are all aided by analyzing the AS setup and ensuring proper AD values for routing updates.

Route source Default AD value

Direct connected interface 0

Static route 1
EIGRP 90
OSPF 110
RIP 120
Unknown 255

Table 2.1: Administrative distance of different routing protocol [7]

2.3.4 Routing Protocol Types

Fig 2.1 Types of Routing Protocol [6]

There are three types of Routing Protocol:

8
1. Distance Vector Routing Protocol: Distance vector routing protocols use distance (as a metric
value) and direction (as a vector) to determine the most efficient way to a given network's
destination. Each router in the network gets an update on the best path to the target network
from its neighboring routers. A hop is any intermediate router along the path to the final
network. A hop is added to the hop count each time a packet is forwarded via a router. A
minimum-hop-count route will be selected and added to the routing database. One such
protocol is RIP, which is a distance vector one. These protocols provide their immediate
neighbors access to their whole routing table.
2. Link State Routing Protocol: The optimum route to a target network may be found with the
use of a protocol called link state routing, which makes use of a more complex composite
metric. The database has three individual tables. Neighbor relationships are recorded in a first
table. The whole topology of the network is described in the second table. Finally, the actual
route is recorded in a routing table. OSPF is a kind of link state protocol. In a network, each
router uses a link state protocol to communicate with all the others [4].
3. Hybrid Routing Protocol: To combine the best features of distance vector and link state
routing, a hybrid routing protocol was developed. Using information gleaned from the distance
vector and the connection condition, it may pinpoint the most direct route. As a hybrid routing
protocol, EIGRP is a good example.
2.3.5 Classful and Classless Routing Protocol
Classful routing: Classful routing refers to routing protocols that exclude the subnet mask field
from route updates. The subnet mask used by each network node must be consistent. Example:
RIP version 1
Classless routing: Subnet mask information is sent together with routing changes in classless
routing. Variable-Length Subnet Masking (VLSM) is made possible by classless routing as in
RIPv2, EIGRP, and OSPFv2.
2.4 Routing Metric
When two or more routing updates for the same network have the same AD value, the metric is
used to determine which one should be taken. The best route may be determined using a metric.
The most efficient route is the one with the lowest metric. Metrics used by various routing methods
vary. It might make use of a single metric or many. EIGRP, on contrary, employs metrics including
bandwidth, latency, load, MTU, and dependability, while RIPv2 relies only on hop count.[6]

9
2.4.1 Metric Parameters
Various routing protocols employ various metrics. The following metrics are widely used in IP
routing schemes.
1. Hop count: The hop count measures how many routers a packet must go through before
arriving at its final destination.
2. Bandwidth: A bandwidth metric will priorities a high-bandwidth connection over a low-
bandwidth one when making its route selection.
3. Delay: Delay is the time needed for a packet to travel along a given route. There are number
of variables that contribute to latency, including network bandwidth, utilization, journey
distance, and port waits.
4. Cost: The price of determining the best possible path is estimated by the network administrator
or IOS. A single measure or a set of metrics may be used to illustrate the price.
5. Load "load" is the degree to which a given connection is being used to carry traffic. The routing
protocol takes load into account while determining the optimal path.
6. Reliability: The chance of a connection failing is determined, and this may be done either by
looking at past failures or by tallying up the number of interface errors.
2.5 Routing Protocol Timers
Timers are an integral part of every routing scheme. Timer functions might range from "hello" to
"dead" or "hold down." Default timer settings for several routing protocols are listed here.
Update intervals - The duration between two updates.
Hold-down timers: Stabilize routing information and aid in avoiding routing loops during topology
convergence.
Timeout: If no update is received during the timeout period, the route will become inaccessible.
Flush timer: The Flush timer indicates how long it will be until the incorrect route is flushed from
the routing database.
Timer type Value (seconds)
Update 10
Hold-Down 40

Table 2.2: Ospfv2 default timer [8]

10
CHAPTER 3
Campus Area Network

3.1 Computer Network

When discussing the subject of my thesis, the term "computer network" is used to describe a group
of computers that are linked to each other and share resources and exchange data over a data
connection. The use of cables to link computers together facilitates hassle-free data sharing and
teamwork. Various services and resources are made available to users through computer networks,
which in turn support a broad variety of applications.
Two of the many possible topologies for a computer network are directly relevant to your
argument.
1. Star Topology: In a star topology, all of the computers are linked together by a single switch
or hub. The centralized hub allows for speedier data transmission and simplified maintenance
of network connections by relaying all communications between machines.
2. Bus Topology: In a bus topology, all of the computers are linked together via a central
communication connection, or "bus." Information is sent via the bus and received by all
computers in range. While this architecture is simple and inexpensive, it may not be as scalable
as others. Improving the university's network infrastructure requires knowledge of computer
network principles, such as the various network topologies.
3.2 Campus Area Network
According to my research, a CAN is a sort of computer network that is formed when LANs in a
small geographical region, such a university campus, are interconnected. A CAN's goal is to
improve communication and cooperation among campus organization’s by connecting their
various computer networks. CANs are based on the same technology as LANs, but they link
different buildings within the same physical site.
On a college or university campus, everyone uses the same network setup so that everyone can
talk to everyone else easily. When one department sends a message, it may be read by other
departments, facilitating better collaboration and sharing of knowledge. The increased data transfer
rates and unified network infrastructure that CANs foster make them an attractive and cost-
effective option for campus networking. My thesis on improving the university network
11
infrastructure relies on your grasp of the idea and relevance of CANs. Further improvements in
network speed, security, and efficiency may be made on campus by analyzing the current may
infrastructure and implementing cutting-edge technologies like Cisco Packet Tracer and Internet
of Things (IoT) devices.
3.3 Purpose of the New Campus Network Design:
The new campus network architecture aims to improve the university's internal network in terms
of connection, performance, and security. The design incorporates OSPF, ACL, IPv6, and IoT
devices to provide better routing, access control, scalability, and interdepartmental cooperation.
The end objective is to provide the school community with a network environment that is
dependable, fast, and secure enough to accommodate their ever-changing requirements.
3.4 Design Campus Network Topology:
The thesis's design introduction model incorporates technologies including Open Shortest Path
First (OSPF), Access Control Lists (ACLs), Internet Protocol Version 6 (IPv6), and Internet of
Things (IoT) devices in order to improve the university's network infrastructure. The goal is to
improve the speed, safety, and productivity of the campus's networks. OSPF routing techniques
will be used to set up efficient routing pathways, which will guarantee smooth data delivery.
Access Control Lists (ACL) may be used to improve network security by regulating data transit
and blocking intrusion attempts. Adopting IPv6 will free up room for more IP addresses and fix
IPv4's flaws. Incorporating IoT devices throughout a university campus will allow for smarter
network monitoring and control, as well as better connection for a wide range of uses and services.

12
Fig 3.1: Campus Area Network (CAN) topology

13
CHAPTER 4
Access Control List (ACL)

4.1 ACL
ACLs, or Access Control Lists, are an essential part of network security because of the fine-grained
control they provide over network traffic. In this capacity, they act as a collection of rules or filters
that decide which packets are granted and which are refused access to a network. Administrators
of networks may secure sensitive data by enforcing security rules, limiting unauthorized access,
and securing resources using access control lists (ACLs). Routers and switches both provide
Access Control Lists (ACLs), which may be used to restrict network traffic depending on its source
and destination IP addresses, protocol, and port. Having such strict regulation in place improves
the network's security by letting through only authorized data.
1. Controlling and restricting network traffic according to predetermined criteria such as source
and destination IP addresses, protocols, port numbers, and other properties is possible using
ACLs. This permits granular regulation of data transfer and improves the safety of the network.
2. Access Control Lists (ACLs) use a predetermined set of rules to decide whether or not to let
traffic through. Administrators may implement security regulations and limit unauthorized
access by tailoring each rule to describe the circumstances and actions for incoming or
outgoing packets.
3. The granularity of ACLs allows administrators to set distinct rules for various parts of the
network, devices, or groups of users. This paves the way for granular authorization and restricts
access to restricted resources.
4. Rules in an access control list (ACL) are examined in a predetermined sequence.
Administrators may control and prioritize traffic depending on their unique needs thanks to
this order, which establishes the precedence and priority of regulations.
5. ACLs are adaptable and may be altered to suit the specific requirements of any given network.
Rules may be added, removed, or altered as needed by administrators to accommodate
changing network topologies, security measures, and user access needs.
6. By using these features, ACLs offer a crucial instrument for protecting the university's network
infrastructure, limits the spread of malware, and keeping sensitive data safe from eyes.[5]

14
4.1.2 ACL Versions
When it comes to protecting a network, there are numerous Access Control List (ACL) variants
that are often implemented:
Standard ACLs: Standard Access Control Lists (ACLs) Standard ACLs are the most basic kind of
ACLs that function only on the basis of the sending IP address. ACL rules determine whether or
not a given IP address is allowed through. Typical ACLs are often implemented nearer the target
network.
Extended ACLs: With the use of characteristics like source and destination IP addresses, protocols,
port numbers, and more, Extended ACLs provide more refined filtering capabilities. They are often
implemented closer to the source network, where they may exert more granular control over
network traffic.
Named ACLs: Unlike regular and extended ACLs, which are identified by numbers, named ACLs
have a human-defined name. By classifying ACLs according to their role, administrators may
better manage and read through ACLs.
Reflexive ACLs: Dynamic access control relies on reflexive access control lists (ACLs), which
enable outgoing traffic to set up temporary access restrictions for incoming traffic. This helps keep
things secure by authorizing response traffic launched by inside hosts on a case-by-case basis.
Time-Based ACLs: Administrators may restrict access to the network at certain times using time-
based access control lists (ACLs). They permit or disallow communication during specified time
intervals, hence enabling the implementation of access controls.
Administrators may improve network security by selecting the appropriate ACL version, which
provides the desired amount of control and capability.
4.2 ACL Configuration
The following are the common stages involved in setting up Access Control Lists (ACLs):
1. Use a console connection, SSH, or a web-based management interface to get access to the router
or switch in question.
2. Figure out what kind of traffic needs to be regulated or filtered. The IP addresses, protocols, port
numbers, and other characteristics of a given data stream's flow must be determined.
3. Make an Access Control List by specifying each rule that either allows or disallows traffic.
Parameters like source and destination IP addresses, protocols, port numbers, and other properties
may be set in accordance with the kind of ACL (standard or extended).

15
4. Assign the ACL: Use the newly established ACL to restrict traffic across the specified inbound
or outbound interface. You may either accomplish this on the interface itself or through
subcommands.
5. Test and verify that the configured ACL rules work as expected by doing a thorough review.
Send test traffic via the ACL to make sure it takes the desired action (permit or deny) as intended.
6. Adjust the ACL rules as needed to reflect any modifications to the network's needs or security
regulations. For this reason, it may be necessary to introduce, change, or eliminate certain
regulations.
7. Make a copy of the settings: If you want the ACL settings to survive a device reboot, you can
either add them to the current configuration or save them in a separate file. Illustration of a
configuration of RIPv2:

Figure 4.1: ACL campus area network topology

16
4.3 ACL Configuration Table
In my topology I configure ACL in Router 0 and Router 2 to Control the access list

Fig4.2.1: ACL lists of Router 0 and Router 2

Fig4.2.2: ACL lists of Router 0 and Router 2

17
4.4 ACL Timers
Time-based access control may be configured using ACLs by doing the following:
1. Determine the times of day and night in which the ACL rules should be enabled or disabled.
Days of the week, weekends, times of day, and holidays are all possibilities.
2. Develop the Access Control List (ACL) rules that stipulate which traffic is allowed or
forbidden at when times. This may be achieved by using the proper IP addresses, protocols,
port numbers, or other criteria to identify the communication's origin and destination.
3. The ACL rules may be activated or disabled at certain periods by setting up a timer or
scheduling system. The operating system of the network device will offer the necessary
instructions or settings to do this.
4. The ACL should be applied to the interface or interfaces where the traffic filtering is to be
implemented.

18
CHAPTER 5
OSPFv2 (Open Shortest Path First Version 2)

5.1 OSPFv2
Dynamic routing protocols, such as OSPF (Open Shortest route First) version 2, are often used in
computer networks to facilitate the exchange of routing information and to find the optimal route
for data packets to reach their final destination. It functions at the IP network layer to provide fault
tolerance, load balancing, and scalability. The shortest route to each network destination is
determined using OSPF version 2, which uses a link-state database and a sophisticated algorithm.
OSPF promotes quick convergence and flexibility in dynamic network settings by sharing
information about network topology changes. Integration with Cisco Packet Tracer and Internet of
Things devices, as well as its use in university network infrastructures, help to provide a secure
and intelligent network environment that improves both connection and resource usage.[6]

5.2 OSPFv2 Neighbor

Before sharing routing updates, OSPFv2 routers form neighbor relationships with one another. By
broadcasting Hello packets via all of a router's OSPFv2-capable interfaces, OSPFv2 peers are
found dynamically. A multicast IP address, 224.0.0.5, is used to send "hello" packets. Example of
hello packets request and reply from source to destination is given below:

Figure 5.1: Sending hello packets to build neighbor relationship

19
In OSPF version 2, Hello packets must be identical in various ways for routers to become
neighbors. Subnet mask, area identifier, hello and dead interval timers, authentication, stub area
flag, maximum transmission unit, and MTU. OSPFv2's default Hello interval for Ethernet
networks is 10 seconds. Routers on Ethernet networks with OSPFv2 have a dead timeout of four
times the hello interval, so if they don't get a Hello packet from a neighbor after 40 seconds, the
routers mark the neighbor as "down." An OSPFv2 router's ID is either the highest IP address of
its physical interfaces, the highest IP address of its loopback interfaces, or may be retrieved using
the router-id command inside the OSPFv2 process.
5.3 Configuring OSPFv2
OSPFv2 basic configuration is simple. Like with other routing protocols covered so far (RIPv2,
EIGRP) first we need to enable OSPFv2 on a router. This is done by using the router ospf
PROCESS-ID global configuration command. Next, we have to define on which interfaces
OSPFv2 will run and what networks will be advertised. This is done by using the network
IP_ADDRESS WILDCARD_MASK AREA_ID command from the global configuration mode.
First, we need to enable OSPFv2 protocol on routers. Then we need to define what network will
be advertised into OSPFv2. This can be done by using the following sequence of commands on
the routers. The configuration for router R1 is given below:

Router0 (config) #router ospf 1

Router0 (config-router) #network 10.0.0.0 0.0.0.255 area 1
Router0 (config-router)#network 192.168.1.0 0.0.0.255 area 1

Router0 (config-router)#do write Building configuration… [OK]

By using show ip route command we can check the all possible route for each router with
their network and fast Ethernet address like below:

20
Figure 5.2.1: Showing IP OSPFv2 neighbor

Figure 5.2.2: Showing IP OSPFv2 neighbor

Figure 5.2.3: Showing IP OSPFv2 neighbor

21
 Figure 5.2.4: Showing IP OSPFv2 neighbor
5.4 OSPFv2 Authentication

Authentication between OSPF (Open Shortest Path First) routers is essential for building reliable
networks and preventing unauthorized traffic. It restricts OSPF routing information sharing to only
authorized routers. OSPF authentication may be accomplished in a number of ways, including via
the use of plaintext, MD5, and message digest algorithms.
OSPF authentication requires the identical authentication key or password to be set up on each of
the two nearby routers. OSPF communications sent between routers utilize this key for
authentication. OSPF defends against possible security risks by requiring authentication from all
routers joining the OSPF routing domain.
Normally, the OSPF process is where the authentication key is set, and it must be the same on all
routers in the OSPF region for authentication to succeed. This makes it possible for OSPF routers
to check the integrity of incoming OSPF messages and identify efforts at manipulation or intrusion.
To configure clear text authentication, the following steps are required:
1. Configure the OSPFv2 password on the interface by using the IP OSPF authentication-key
PASSWORD interface command.
2. Configure the interface to use OSPFv2 clear-text authentication by using the IP OSPF
authentication interface command.
Configuring OSPFv2 MD5 authentication is very similar to configuring clear-text
authentication. Two commands are also used:
1. First, we need to configure the MD5 value on an interface by using the IP OSPF message-
digest-key 1 md5 VALUE interface command.
2. Next, we need to configure the interface to use MD5 authentication by using the IP OSPF
authentication message-digest interface command.

22
CHAPTER 6 IPV6
(Internet Protocol Version 6)

6.1 IPV6
IPv6, the most recent version of the Internet Protocol, has several advantages over IPv4, including
a greater address space and enhanced functions. IPv6's hexadecimal addressing scheme and 128-
bit address space make it possible to support an ever-increasing number of networked gadgets.
IPv6 has built-in safety features like IPsec, and it makes network administration easier with
features like stateless address autoconfiguration (SLAAC). Universities may address the
constraints of IPv4 and prepare for the future by implementing IPv6 in their network
infrastructures. This will allow for more scalability, better connection for Internet of Things
devices, and support for new technologies. [7]

6.2 IPV6 Neighbors

If you want to find and keep in touch with devices on your network that are close by, IPv6's
neighbor discovery feature is essential. In order to find the link-layer addresses of other devices
on the same subnet, a collection of protocols and techniques known as "neighbor discovery" is
used. IPv6 relies on the Neighbor Discovery Protocol (NDP) rather than IPv4's Address Resolution
Protocol (ARP) to carry out functions including neighbor discovery, neighbor unreachability
detection, and duplicate address detection. To aid with neighbor finding and address resolution,
NDP makes use of ICMPv6 (Internet Control Message Protocol version 6) packets. IPv6 devices
may discover one another and form neighbor relationships via the exchange of NDP messages,
paving the way for smooth communications and assuring proper packet forwarding.
6.3 Configuring IPV6
IPV6 configuration steps are required:
1. Make that IPv6 is turned on in the device, whether it's a router, switch, or host computer. The
device's network setup settings are often where you'll find this option.
2. IPv6 addresses must be assigned, and the interfaces of the devices must be configured to accept
them. It is possible to either manually or automatically allocate IPv6 addresses.

23
3. Using DHCPv6 (Dynamic Host Configuration Protocol for IPv6) or stateless address auto
configuration (SLAAC), IPv6 addresses may be automatically assigned to each interface, whereas
manual configuration entails assigning IPv6 addresses manually.
4. If your network has several subnets or devices serving as routers, you need establish IPv6
routing. In order for IPv6 packets to reach their destinations, routing protocols like OSPFv3 (Open
Shortest Path first version 3) and BGP (Border Gateway Protocol) must be enabled.
5. IPv6 DNS (Domain Name System) configuration: Install IPv6-compatible domain name servers.
To do this, AAAA (IPv6) records must be set up for the devices and services in your network so
that they may be located and accessed through their IPv6 addresses.
6. Put in place IPv6 security measures, making sure they are effective. Consider IPv6-specific
security measures, such as safeguarding neighbor finding and regulating IPv6 traffic, and set up
firewall rules and IPsec (Internet Protocol Security) for encrypted communication.
7. Validate the IPv6 setup by testing connection to and from the Internet, as well as between devices
on the local network. Verify that IPv6 packets are effectively reaching their destinations using tools
like ping, trace route, or IPv6-specific testing software.
Illustration of a configuration of IPV6:

24
Figure 6.1 Campus Area Network topology for Ipv6 network

25
Figure 6.2.1: IPV6 route check

Figure 6.2.2: IPV6 route check

26
Figure 6.2.3: IPV6 route check

27
Chapter 7
IoT Devices

7.1 IoT
Network infrastructure has been completely transformed by IoT (Internet of Things) device
integration. IoT devices have become essential elements in recent years for improving the
performance and effectiveness of university network infrastructures. These gadgets, which include
smart gadgets, sensors, and actuators, allow for seamless connectivity, real-time data collection,
and wise decision-making. Administrators can keep an eye on and manage crucial systems,
enhance security protocols, maximize resource usage, and provide staff and students cutting-edge
services by integrating IoT devices into the university network architecture. Even yet, there are
still issues to be resolved, like managing scalability and interoperability, assuring the security and
privacy of IoT devices, and reducing energy usage. In order to improve the university network
infrastructure, this thesis will examine these issues and suggest a clever and secure integration of
Cisco Packet Tracer and IoT devices.[8]
7.2 IoT Characteristics
IoT (Internet of Things) devices have a number of fundamental traits that set them apart from
conventional devices and allow for system integration. The number of IoT device is increasing
across various countries over recent years and qualities are being developed day by day. These
qualities consist of:
Connectivity devices are created with the ability to connect to the internet or other networks, which
enables them to share data and communicate with one another. They make use of cellular networks,
Wi-Fi, Bluetooth, Zigbee, and other communication technologies.
Sensing and perception: IoT devices include sensors and perception skills that allow them to gather
information about their environment. The gadgets can sense and keep track of the physical
surroundings thanks to these sensors, which can also include temperature, motion, light, and
humidity sensors.
Data processing: The computing and storage capabilities of IoT devices are frequently constrained.
However, before sending the data to a central system for additional processing, they can carry out
simple data processing operations locally, such as filtering, aggregating, or analysis.

28
Communication: In order to send and receive data, IoT devices rely on communication protocols.
To exchange information and get instructions, they can engage in peer-to-peer communication or
interface with centralized systems or cloud platforms.
Interoperability: IoT devices are made to cooperate and integrate easily into current systems. They
follow established standards and protocols that make it possible for various platforms and devices
to work together and exchange data.
Autonomous Operation: IoT devices have the ability to work independently, carrying out activities
without constant human supervision. They can decide based on established guidelines or machine
learning algorithms, allowing them to adjust to shifting circumstances and improve their processes.
Scalability: IoT systems have the capacity to grow in order to support numerous devices. They can
manage and integrate tens of thousands or even millions of devices, which enables the network
infrastructure to grow without suffering serious setbacks.
To fully utilize IoT devices and integrate them into a variety of applications and environments,
including university network infrastructures, one must have a thorough understanding of these
properties.
7.3 IoT Components
Systems for the Internet of Things (IoT) are made up of a number of essential parts that work
together to provide seamless connectivity, data collection, and interaction. Devices, sensors,
actuators, communication options, data processing and storage systems, network infrastructure,
cloud computing platforms, applications, and security measures are some of these components.
IoT devices collect information from the physical world and communicate with their surroundings
using sensors and actuators. Systems and devices may communicate with one another more easily
thanks to connectivity choices like Wi-Fi, Bluetooth, and cellular networks. Both locally and in
the cloud are used for data processing and storage, and network architecture guarantees effective
data transmission. Applications give user interfaces for control and monitoring, while cloud
platforms provide scalability and analytic capabilities. IoT systems are shielded from harmful
attacks and unauthorized access by dependable security mechanisms.
7.3.1 RFID Card
Contactless identification technology called RFID (Radio-Frequency Identification) cards uses
radio waves to transfer data. These cards have an antenna and an integrated microchip that allow
wireless interaction with RFID scanners. The RFID card's microchip is powered by the reader's

29
electromagnetic field when it is in close contact, which enables it to transmit recorded data. Access
control, transportation, inventory management, and payment systems all use RFID cards
extensively. They make tracking and identifying objects and people easier and faster while
maintaining accuracy. RFID cards reduce the requirement for physical interaction by utilizing
radio frequency technology, making them dependable and effective for a range of applications in
both private and professional contexts.
7.3.2 RFID Reader
To wirelessly connect with RFID tags or cards, a device called an RFID (Radio-Frequency
Identification) reader is utilized. It is made up of a processor, a transceiver, and an antenna. The
reader's antenna emits radio waves that provide power to the tag's microprocessor when an RFID
tag or card is in close proximity to it. The tag then uses radio frequency signals to relay the data it
has recorded back to the reader. These signals are captured by the reader's transceiver and sent to
the processor for decoding and additional processing. Numerous sectors, including logistics, retail,
healthcare, and asset tracking, use RFID scanners. They provide efficiency and automation in a
variety of applications by enabling quick and precise identification, tracking, and data collecting
without the need for physical contact.
7.3.3 Temperature Monitor
A temperature monitor is a tool used to measure and monitor changes in temperature in real-time.
It is made up of sensors that track temperature changes and turn them into digital information.
Depending on the needs of the application, these sensors may be thermocouples, resistance
temperature detectors (RTDs), or thermistors. The monitor frequently has a microcontroller or a
temperature measuring chip specifically designed to handle sensor data and produce precise
temperature readings. Many different businesses, including healthcare, food storage,
environmental monitoring, and industrial processes, use temperature monitors. They are essential
for maintaining ideal conditions, preventing equipment damage, preserving product quality, and
guaranteeing people's safety in areas where temperature changes might be dangerous.
7.3.4 Temperature Sensor
Electronic tools called temperature sensors are used to measure and track temperature changes.
They are essential in several applications spanning numerous sectors. To precisely detect
temperature changes, these sensors make use of a variety of technologies, including
thermocouples, resistance temperature detectors (RTDs), and thermistors. These sensors provide
30
electrical signals proportional to temperature changes when exposed to them. HVAC systems,
environmental monitoring, industrial processes, weather stations, and medical devices all
frequently use temperature sensors. They make it possible to control the temperature precisely,
maintain safety, promote energy efficiency, and give important information for analysis and
decision-making. These sensors monitor and measure temperature, which helps to improve
comfort, streamline operations, and maintain ideal operating conditions in a variety of situations.
7.3.5 Motion Detector
A motion detector is an electrical device that detects movement inside its field of vision. It is also
known as a motion sensor or motion sensor device. It uses a variety of technologies to function,
including passive infrared (PIR), microwave, and infrared (IR). The motion detector responds to
motion by turning on lights, sounding an alarm, or sending a notice when a person or item moves
within its detecting range. In homes, workplaces, and public places, motion detectors are often
employed for security reasons. They give an extra degree of security by seeing and reporting any
irregular or suspicious movement. By automating lighting systems, allowing energy-saving
techniques, and acting as a powerful deterrent against prospective incursions or undesired
activities, motion detectors provide convenience, energy efficiency, and increased security.
7.3.6 Web Cam
A webcam is a kind of digital camera that sends real-time video and audio over a computer
network. It is often used for online meetings, live streaming, video conferencing, and remote
security. Image sensor, lens, microphone, and electronics to process and send the video and audio
data make up a conventional webcam. Users may record and share video material, take part in
online meetings, and have video conversations when a camera is attached to a computer. Webcams
have improved in size and quality thanks to technological improvements, and they can now offer
functions like auto-focus, low-light correction, and noise cancellation. They have developed into
a crucial tool for online learning, personal communication, and distant cooperation since they
visually bind people together across distances.
7.3.7 Siren
To inform and advise people of possible risks or crises, sirens are auditory signaling devices that
make a loud and recognizable sound. Typically, it comprises of a power supply, a loudspeaker, and
an electrical circuit. In emergencies like fire alarms, natural catastrophes, security systems, and
civil defense systems, sirens are often employed. A siren's sound is designed to be both attention-
31
getting and immediately recognizable from background noise. Sirens' sound patterns may change,
ranging from constant tones to alternating or modified ones. They may successfully warn and alert
people of approaching dangers or life-threatening circumstances because to their high decibel
output, which guarantees that the sound can be heard across great distances.
7.3.8 Smartphone
Smartphones are small, portable electronic devices that combine mobile phone functionality with
cutting-edge processing power. Voice calling, text messaging, internet access, multimedia
playback, and a variety of apps are all integrated into it. A touchscreen interface is often seen on
smartphones, allowing for simple user engagement. Additionally, they have strong CPUs, enough
memory, and a variety of sensors, including GPS, accelerometers, and gyroscopes. These devices
provide access to a broad variety of digital information as well as a variety of apps and services,
such as social media, email, gaming, productivity tools, and access to social media. Smartphones
provide smooth communication, information access, and entertainment when mobile thanks to its
connection choices including Wi-Fi, cellular networks, and Bluetooth. They are now a necessary
component of contemporary life, enabling people to access a multitude of digital information and
maintain continual communication.

32
CHAPTER 8
Simulation Performance Analysis

8.1 Why Simulation?

In order to improve network infrastructure, simulation is a crucial technique. Researchers may test
the effectiveness and viability of their ideas in a simulated setting by recreating real-world
circumstances. Network designs, protocol tests, and the effects of different elements on system
behavior may all be evaluated through simulation at a low cost and without risk. Researchers may
examine the impacts of connecting Cisco Packet Tracer and IoT devices without causing any
downtime to the real network by utilizing simulation. Better decisions may be made with less
wasted effort thanks to the ability to thoroughly test, validate, and optimize solutions in advance
of deployment. [11]
8.2 Simulator
The simulation environment used for this thesis is Cisco Packet Tracer, a network simulator. Cisco
Packet Tracer provides a robust environment for modeling network topologies and components.
By simulating Cisco equipment, it enables the construction of virtual network topologies that may
be used for testing and analysis. Packet Tracer allows for the simulation of complicated networks
by merging virtual and real components, thanks to its huge library of virtual devices. This study
makes use of Cisco Packet Tracer to improve campus networks by simulating the deployment of
Internet of Things devices.
8.3 Design and Analysis in Cisco Packet Tracer
When implementing a real model of the system in the Cisco Packet Tracer, some steps are to be
followed to design on simulator. Following steps are needed to work with Cisco. These are:
1. To build a network, one must first ascertain what features the network must have, and then
create a topology that supports those features. Think about things like the capacity of your
network, its potential to grow, its security, and its performance.
2. To achieve the required network architecture, the Cisco devices must be configured as such.
Interfaces, IP addresses, routing protocols (OSPF, EIGRP), virtual local area networks
(VLANs), access control lists (ACLs), and other factors must be configured.

33
3. Protect the network infrastructure by setting up appropriate security measures. In order to
protect sensitive information and stop illegal access, it may be necessary to set up a firewall,
virtual private network, secure remote access, and other security measures.
4. Interconnect the Cisco devices via Ethernet, fiber optic, or other connections as needed per the
network's blueprint. Make sure there is a connection and that the gadgets can talk to one
another.
5. Verification and Testing: Perform comprehensive verification and testing of the deployed
network. Check for configuration inconsistencies and faults by performing connection tests
and analyzing captured packet data. For network troubleshooting and verification, try using
ping, traceroute, and the display commands.
6. Network settings, IP address schemes, VLAN assignments, and other such data should all be
recorded for posterity. For future upkeep troubleshooting, you may turn to this documentation.
7. Keep an eye on the health, performance, and security of the network on a consistent basis.
Maintaining a safe and reliable network requires regular upkeep in the form of things like
software upgrades, device backups, and configuration audits.

8.4 Simulation Study

In this thesis, the performance and efficacy of the proposed changes to the university network
infrastructure have been evaluated by a simulated exercise utilizing Cisco Packet Tracer. Cisco
Packet Tracer is a robust simulation environment for building virtual Cisco networks. Packet
Tracer was used to plan and set up the study's network architecture, which included routers,
switches, and Internet of Things gadgets. Cisco Packet Tracer and IoT devices' compatibility was
evaluated using a series of simulated network scenarios that looked at issues such network
scalability, routing protocols (like OSPF), IPv6 implementation, and security. This simulation
research provided useful insights for improving the university's network infrastructure by
analyzing the effect of the suggested upgrades on network performance, security, and resource.
8.5 End to End delay
A crucial indicator of a network's performance is the time it takes for data packets to transit from
origin to destination. It is a measure of how fast and reliable the underlying network infrastructure
is. Packet transmission time, network processing time, queuing delay, transmission time, network
propagation delay, and destination reception and processing time are all factors in the overall delay.

34
By summing the individual delays caused by each step in the network's path, the total end-to-end
latency may be determined. For real-time applications such as video conferencing, VoIP, and
interactive gaming, understanding and reducing the end-to-end latency is essential.
The entire end-to-end latency may be lowered by optimizing network settings, adopting efficient
routing protocols, decreasing queuing delays, and improving processing times, all of which
contribute to better network performance and a more satisfying user experience.
8.6 Convergence Time
The amount of time it takes for a network to settle and achieve a consistent state after a change or
disturbance in the network topology is referred to as its convergence time. Resilience is an
important indicator of how quickly a network can recover from disruptions like a connection
breakdown or a change in the routing topology.
Routers and other network nodes converge to develop new pathways and restore connection by
updating and exchanging routing information. Convergence lags behind the speed at which routers
process and broadcast routing changes, network topology, and the complexity of routing protocols
like Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP).
In order to keep network services running smoothly, it is crucial to use efficient network
architecture, optimum routing protocol settings, and a short convergence time. Convergence times
may be lowered by using methods like route summarization, link-state improvements, quick
hellos, and precomputed backup pathways.
Minimizing network downtime, improving network reliability, and guaranteeing smooth
connection during network events all depend on accurately measuring and managing convergence
time.
The network topology that is shown in above is configured using the command of Access Control
list (ACL) in Cisco Packet Tracer. In our designed topology we have used following equipment’s:
1. Router 1841 (3 pieces)

2. Switch (16 pieces)

3. VPCS (virtual PCs - 14 pieces)

4. Printer (8 pieces)
5. Home Gateway (5 pieces)
6. Serial cable and Fast Ethernet cable.

35
8.7 ACL, OSPF and IPV6 Network Topology:

Figure 8.1: ACL Network Topology

36
8.7.1 Interface setting command and Showing IP route
The 'show IP route' command displays the structure and contents of the routing table. We can use
the 'show IP route' for the following purposes.
1. To list the routing table's entries
2. To view how many routes available for a particular destination
3. To view the route the router uses to forward data packets for a specific destination
4. To know the routes added by a routing protocol
5. To know the routes added by the router from the IP configurations
6. To view the current status of a route
7. To verify and troubleshoot the routing

To setup interface with their necessary IP address and gateway we have used following command:

Figure 8.2 (a) Router Connected through OSPF

37
Figure 8.2 (b) Packet did not reach from source to destination due to ACL configuration

38
8.7.2 OSPFv2 Network Topology

Figure8.3.1: All router route

Figure8.3.2: All router route

39
 Figure8.3.3: All router route
8.8 IPV6 Network Topology

Figure 8.4.1: Showing ipv6 route

40
Figure 8.4.2: Showing ipv6 route

Figure 8.4.3: Showing ipv6 route

41
CHAPTER 9
Result Analysis

9.1 Introduction
The study focuses on integrating Internet of Things (IoT) devices into the Cisco Packet Tracer
simulated environment, utilizing both IPv4 and IPv6 addresses while considering Access Control
Lists (ACL) for security. This chapter presents a comprehensive analysis of the results obtained
from this investigation.[16]
9.2 Integration Efficiency of IoT Devices into Cisco Packet Tracer
The first aspect of the analysis concerns the efficiency of integrating IoT devices into the Cisco
Packet Tracer environment. Results showed that the IoT devices, with various functions such as
temperature sensors, light sensors, and smart meters, were integrated smoothly into the existing
Cisco Packet Tracer simulations.
Each device was assigned an IPv4 or IPv6 address and could communicate efficiently within the
network. The network's performance was unaffected by the additional devices, and communication
speed remained stable, indicating a structured and high-capacity network infrastructure in place.
9.3 IPv4 and IPv6 Address Assignment
In the study, IoT devices were assigned either IPv4 or IPv6 addresses. Our findings showed that
the Cisco Packet Tracer environment could effortlessly accommodate both addresses without
compatibility issues. However, it is essential to note that IPv6 addresses demonstrated better
scalability due to their larger address space, making them more suitable for the vast array of IoT
devices anticipated in future network expansions.
9.4 ACL Implementation and Network Security
The integration of ACL into the network infrastructure was done to enhance the security of the IoT
devices and the network. By limiting unauthorized access, ACLs significantly reduced the
network's cyber-attack vulnerability.
The results showed that the application of ACLs on both IPv4 and IPv6 addresses was successful.
There were no unauthorized access attempts during the test phase, suggesting that the security
measures effectively protected the network and the IoT devices from potential threats.

42
9.5 Performance of IoT Devices
The performance of IoT devices in the Cisco Packet Tracer simulated environment was highly
satisfactory. The devices could interact efficiently with other network components, and no latency
or significant delay was observed in their operations. This underscores the effectiveness of the
Cisco Packet Tracer as a platform for simulating IoT device interactions in a networked
environment.
9.6 Network Load and Scalability
In terms of load testing, the network showed robust performance even with the addition of multiple
IoT devices. No discernible degradation of speed or performance was recorded, highlighting the
resilience and adaptability of the university's network infrastructure.
Regarding scalability, the university network infrastructure demonstrated significant potential for
expansion. With IPv6's virtually limitless address space and the effective integration of IoT devices
into the network, it can support many more devices without compromising performance or
security.
9.7 Conclusion
In conclusion, the analysis of the results confirms that the university's network infrastructure, built
around Cisco Packet Tracer, can efficiently integrate IoT devices using both IPv4 and IPv6
addresses while ensuring secure connectivity through the implementation of ACLs. The resilience
and scalability demonstrated by the infrastructure make it an ideal solution for the integration of
more IoT devices in the future, paving the way for a truly smart and secure university environment.

43
CHAPTER 10
Quality of Service

10.1 Introduction
Quality of Service (QoS) is an essential component of network design and administration that
should never be overlooked. The term "quality of service" (QoS) refers to a group of methods and
tools used to prioritize and regulate data transmission across a network in order to fulfill
predetermined service levels for things like bandwidth, latency, and packet loss. Network
administrators can optimize resource utilization, reduce bottlenecks, and improve user experiences
for applications like voice and video conferencing, real-time streaming, and mission-critical data
transfers by implementing QoS mechanisms like traffic prioritization and resource allocation.[17]
10.1.1 Packet Loss
For networked communications to function properly, packet loss must be minimized at all costs.
It's a term for when bits of information become lost while being sent across a network. When there
is a lot of packet loss, it may ruin the experience for users and compromise the data in their
networks. Packet loss may be reduced or eliminated with the use of QoS techniques including
traffic priority, congestion management, and error detection and recovery algorithms. If you want
to maximize network throughput and prevent interruptions in data transmission, you need to
investigate the root causes of packet loss, learn how it affects various kinds of network traffic, and
use suitable QoS solutions.
10.1.2 Throughput
The quantity of data that may be effectively transported across a network in a given length of time
is called throughput, and it is a crucial indicator in Quality of Service (QoS). It is a measure of
how much data can be sent through a network in a given amount of time and is measured in bits
per second (bps). Effective exploitation of network resources, elimination of bottlenecks, and
management of congestion are all necessary for maximum throughput. In order to maximize
throughput and guarantee that mission-critical applications receive adequate bandwidth, QoS
mechanisms like traffic prioritization, bandwidth allocation, and congestion control are used. This
allows for the proper management of non-critical traffic to prevent performance degradation.

44
 Throughout Graph

14

12
12

OSPF

10

8 8
8 RIP

EIGRP
4 4 4
4

2 2
2

0 0 0
0

Fig. 10.1: Throughout Graph

10.1.3 Transmission Delay
Quality of Service (QoS) relies heavily on transmission delay, which is the amount of time it takes
for a packet to travel from its origination point to its final destination. Time spent waiting in lines,
processing data in sequence, and communicating with others are all part of this. Network managers
may improve QoS and guarantee efficient packet delivery by reducing transmission latency. varied
kinds of network traffic, applications, and services have varied quality-of-service (QoS) needs that
may be met via the use of techniques including traffic shaping, prioritizing mechanisms, and
bandwidth allocation.

45
10.2 Results Analysis of Quality of Service

Latency Graph
3.5

3
Finance

2.5
Admin
2

HR
1.5

1
Engineering dept

0.5

0
Category 1 Category 2 Category 3 Category 4

Figure 10.2: The average packet end-to-end latency

This is a topological study of service quality. At first glance, Quality of Service seems to entail
prioritizing which consumers get to take use of available bandwidth. And the user is being put to
good use by this optimum bandwidth. The impacts are readily apparent from the graph. Service
quality. When users first begin using their allotted bandwidth. As a consequence, they may
discover that the bandwidth allotted to them is inadequate. According to the graph, without QoS
measures in place, a user is able to transmit 400 packets per second. When quality of service is
implemented, however, we find that the maximum throughput increases to over a thousand packets
per second, from the previous maximum of 400. Users may now send and receive more data
packets than his bandwidth previously allowed.

46
CHAPTER 11
Conclusion

11.1 Conclusion
In concluding this thesis on "Enhancing University Network Infrastructure: A Smart and Secure
Integration of Cisco Packet Tracer and IoT Devices", we have bridged critical gaps in the field of
networking infrastructure. By leveraging the power of advanced routing protocol (OSPF), the
extensive capacity of IPv6, and the secure structure of Access Control Lists (ACLs), a robust,
reliable, and highly secure university network environment has been established.
Throughout the course of this work, we have comprehensively detailed the ways in which Internet
of Things (IoT) devices can seamlessly integrate into this advanced networking setup. The
interoperability between these technologies provided a dynamic and scalable model for network
infrastructure design in academic institutions. Furthermore, the use of Cisco Packet Tracer has
enabled us to simulate, test, and optimize network performance within a controlled environment,
thus reducing potential risks before the implementation phase.
The integration of IoT devices in university networks can enhance the learning experience, drive
operational efficiency, and foster innovation. However, they also present challenges related to
security and network management. We've addressed these challenges by establishing an ACL-
based security structure that filters network traffic and safeguards the system from potential
intrusions. Meanwhile, the adoption of OSPF has facilitated improved routing efficiencies, while
the transition to IPv6 has addressed limitations associated with IP address availability in a network
proliferated by IoT devices.[18]
This research has set a valuable precedent for universities aiming to optimize their network
infrastructure. It has demonstrated the viability and advantages of implementing smart, secure, and
scalable systems that can adapt to future needs and technological advancements. It has also shed
light on potential areas of further investigation, such as exploring machine learning techniques for
automated network management and intrusion detection, furthering the integration of IoT into
existing systems, and continuous optimization of network security protocols.

47
However, as the realm of technology and networking continues to evolve, so will the complexities
and challenges associated with it. Therefore, continuous research, development, and adaptations
to new networking protocols, security measures, and IoT capabilities will be vital to maintain an
efficient, secure, and advanced network infrastructure.[19]
In conclusion, the journey of navigating and integrating various technologies has not only paved
the way for a more efficient and secure academic environment but also fostered a better
understanding of the potential synergies between traditional networking principles and emerging
technologies. The results of this research underscore the significance of innovative network
solutions in educational settings and the pivotal role of IoT, OSPF, IPv6, and ACL in shaping these
solutions.[20]
11.2 Future Work
There are many scopes to work on it:
1. Build up a Campus Area Network topology securing with ACL in IPv6.
2. Apply the AAA Authentication.
3. Analyze the performance of different routing protocols on different parameters.

48
References
1. S. Bansal, S. K. Agarwal and A. S. Siddiqui, "Performance analysis of network-controlled
petroleum tank system with RIP and LAR protocol," 2015 Annual IEEE India Conference
(INDICON), New Delhi, 2015, pp. 1-5.
2. I. Fiţigău and G. Toderean, "Network performance evaluation for RIP, OSPF and EIGRP
routing protocols," Proceedings of the International Conference on ELECTRONICS,
COMPUTERS and ARTIFICIAL INTELLIGENCE - ECAI-2013, Pitesti, 2013, pp. 1-4.
3. Ji, S. and Pang, L. (2015). Campus Network Security Analysis and Design of Security System
- IEEE Conference Publication. IEEE.
4. Jagdeep Singh and Rajiv Mahajan, Simulation Based comparative study of RIP,OSPF and
EIGRP, International Journal of Advanced Research in Computer Science and Software
Engineering, vol 3, Iss.8, pp.1-4, August 2013
5. Xiaohua, L., Xiangang, Z., Jian, X., Shan, Y., Huaiwei, W. and Yan, Z. (2012). Simulation and
analysis of RIPv2 routing authentication based on GNS - IET Conference Publication. IEEE.
6. Graziani R. and Jonson A., -Introduction to Dynamic Routing Protocols, in Routing Protocols
and concepts, 9th ed., United States of America, pp. 157-160, February 2011.
7. What is Administrative Distance? www.cisco.com [Online]. Available:
8. http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocolbgp/15986 admin-
distance.html [Accessed: April 2017]
9. Routing Protocols Timers, www.getnetworking.net [Online]. Available:
http://www.getnetworking.net/cheat-sheets/routing-protocols-timers [Accessed: May 2017]
10. Xu, Y., Liu, H. and Zeng, Q. (2005). Resource management and QoS control in multiple traffic
wireless and mobile Internet systems. Wireless Communications and Mobile Computing, 5(8),
pp.971-982.
11. P. Rakheja, P.Kaur, A. Gupta and A. Sharma, Performance Analysis of RIP, OSPF, IGRP and
EIGRP Routing Protocols in a Network, International Journal of Computer Applications,
(0975-888) vol. 48 No.18, June 2012
12. 11.Isa Shemsi, “Boosting Campus Network Design Using Cisco Packet TracerVolume 2,
Issue11, November– 2017, International Journal of Innovative Science and Research
Technology ISSN No:-2456 –2165.

49
13. 1P Mahesh Kumar, 2Thogarchiti Ram Mohan, 3Gundreddy Sainath Reddy 4Vemalaraju
Nagendra Varma and 5Vallem Vara Prasad Reddy, 6Narbada Prasad Gupta,"Review and
proposal on the design of LAN for University campus with security system using cisco packet
tracer", Volume 8, Issue 4,April 2021
14. kshay Ziradkar1, Neha Mahendrakar2, Akshay Palande3, Prof. Rajashri Sonawale4,
"CAMPUS NETWORK ARCHITECTURE USING CISCO PACKET TRACER",volume: 08
Issue: 04,Apr 2021
15. 14) Md. Anwar Hossain & Mahabuba Zannat. “Simulation and Design of University Area
Network Scenario (UANS) using Cisco Packet Tracer”. Global Journal of Computer Science
And Technology: G Interdisciplinary, Volume 19 Issue 3 Version 1.0 Year 2019.
16. Khaing Khaing Wai 1 , Thuzar Khin 2 , Khin Thet Mar 3, “Design and Simulation of Campus
Area Network Using Cisco Packet Tracer”, International Journal of New Technologies in
Science and Engineering Vol. 6, Issue. 5, 2019,ISSN 2349-0780.
17. Paulami Pathak1 , Sayanti Majumder2 , Chandra Mondal3 , Prof. Manikandan K4, “College
Network Scenario Implementation by using Cisco Packet Tracer”, International Journal of
Advanced Research in Computer and Communication Engineering ISO 3297:2007 Certified
Vol. 7, Issue 1, January 2018.
18. K Sita, P Saleem Akram, Krishna Hemanth Javvaji and Teja Pavan Attota, “Design and
implementation of Smart Campus Network”, November 8, 2019.
19. 1 PROF. MRS. JAYA N. INGOLE, 2KSHAMA S. BHISE, “STUDY ON VIRTUAL LAN
USAGE IN CAMPUS NETWORKS”, International Journal of Research in Computer &
Information Technology (IJRCIT), Vol. 2, Issue 4, Sept-2017 ISSN: 2455-3743
20. Sharat Kaushik1 , Anita Tomar2, Poonam3. “Access Control List Implementation in a Private
Network”.International Journal of Information & Computation Technology. ISSN 0974 2239
Volume 4, Number 14 (2014), pp. 1361-1366 © International Research Publications House,
http://www. irphouse.com
21. Shipra Suman, Er. Aditi Agrawal. “IP Traffic Management with Access Control List Using
Cisco Packet Tracer”.International Journal of Science, Engineering and Technology Research
(IJSETR) Volume 5, Issue 5, May 2016

50
Appendix

Configuring OSPFv2

Router:1

Router1#enable

Router1#configure terminal

Rouer1(config)#interface FastEthernet0/0

Rouer1(config-if)#ipv6 address 2::2/64

Rouer1(config-if)#no shutdown

Rouer1(config-if)#interface FastEthernet0/1

Rouer1(config-if)#ipv6 address 4::1/64

Rouer1(config-if)#no shutdown

Rouer1(config-if)#interface Ethernet0/0/0

Rouer1(config-if)#ipv6 address 1::1/64

Rouer1(config-if)#no shutdown

Router1(config)#ipv6 unicast-routing

Router2:

Router2#enable

Router2#configure terminal

Rouer1(config)#interface FastEthernet0/0

51
Rouer1(config-if)#ipv6 address 5::1/64

Rouer1(config-if)#no shutdown

Rouer1(config-if)#interface FastEthernet0/1

Rouer1(config-if)#ipv6 address 3::2/64

Rouer1(config-if)#no shutdown

Router1(config)#ipv6 unicast-routing

Router:0

Router0#enable

Router0#configure terminal

Rouer0(config)#interface FastEthernet0/0

Rouer0(config-if)#ipv6 address 2::1/64

Rouer0(config-if)#no shutdown

Rouer0(config-if)#interface FastEthernet0/1

Rouer0(config-if)#ipv6 address 3::1/64

Rouer0(config-if)#no shutdown

Router0(config)#ipv6 unicast-routing

Configuring ACL

Finance:

Router(config)#access-list 100 deny ip 192.168.1.32 0.0.0.0 193.168.1.11 0.0.0.0

Router(config)#access-list 100 deny ip 192.168.1.32 0.0.0.0 193.168.1.12 0.0.0.0

52
Router(config)#access-list 100 deny ip 192.168.1.32 0.0.0.0 193.168.1.14 0.0.0.0

Router(config)#access-list 100 deny ip 192.168.1.32 0.0.0.0 193.168.1.15 0.0.0.0

Router(config)#access-list 100 deny ip 192.168.1.32 0.0.0.0 193.168.1.16 0.0.0.0

Router(config)#access-list 100 permit ip any any

Router(config)#int eth 0/0/0

Router(config-if)#ip access-group 100 in

Router(config-if)#ex

Router(config)#ex

Router#

Router#wr

Building configuration...

[OK]

Admin & HR:

Router(config)#access-list 101 deny ip 192.168.1.12 0.0.0.0 193.168.1.13 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.12 0.0.0.0 193.168.1.11 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.12 0.0.0.0 193.168.1.12 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.12 0.0.0.0 193.168.1.15 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.12 0.0.0.0 193.168.1.16 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.22 0.0.0.0 193.168.1.13 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.22 0.0.0.0 193.168.1.11 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.22 0.0.0.0 193.168.1.12 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.22 0.0.0.0 193.168.1.15 0.0.0.0

Router(config)#access-list 101 deny ip 192.168.1.22 0.0.0.0 193.168.1.16 0.0.0.0

Router(config)#access-list 101 permit ip any any

53
Router(config)#int f0/1

Router(config-if)#ip access-group 101 out

Router(config-if)#ex

Router(config)#ex

Router:2

E&D:

Router(config)#access-list 102 deny ip 192.168.1.52 0.0.0.0 193.168.1.13 0.0.0.0

Router(config)#access-list 102 deny ip 192.168.1.52 0.0.0.0 193.168.1.11 0.0.0.0

Router(config)#access-list 102 deny ip 192.168.1.52 0.0.0.0 193.168.1.12 0.0.0.0

Router(config)#access-list 102 deny ip 192.168.1.52 0.0.0.0 193.168.1.14 0.0.0.0

Router(config)#access-list 102 deny ip 192.168.1.52 0.0.0.0 193.168.1.16 0.0.0.0

Router(config)#access-list 102 permit ip any any

Router(config)#int f0/1

Router(config-if)#ip access-group 102 in

Router(config-if)#ex

Router(config)#ex

Router#

B&D:

Router(config)#access-list 103 deny ip 192.168.1.62 0.0.0.0 193.168.1.13 0.0.0.0(swap ip)

Router(config)#access-list 103 deny ip 192.168.1.62 0.0.0.0 193.168.1.11 0.0.0.0(swap ip)

Router(config)#access-list 103 deny ip 192.168.1.62 0.0.0.0 193.168.1.12 0.0.0.0(swap ip)

Router(config)#access-list 103 deny ip 192.168.1.62 0.0.0.0 193.168.1.14 0.0.0.0(swap ip)

Router(config)#access-list 103 deny ip 192.168.1.62 0.0.0.0 193.168.1.15 0.0.0.0(swap ip)

54
Router(config)#access-list 103 permit ip any any

Router(config)#int f0/0

Router(config-if)#ip access-group 103 out

Router(config-if)#ex

Router(config)#ex

55