Network system engineering of the dispatching information center building of Heilongjiang Electric Power Co., Ltd.

the dispatching information center building of Heilongjiang Electric Power Co., Ltd. was relocated in early October 2004. The original network system and network equipment can no longer meet the needs of network development, and the network needs to be re planned and constructed

network reconstruction includes local area and wide area

among them:

two lan-1 and lan-2 core switches and one Wan wide area switch

floor local area switch A1-A7

wide area access switch B1, etc

switch Description:

1 The local core switch adopts two latest Cisco catalyst6513 switches, which are equipped with dual engines, ws-sup720. At the same time, the configuration of firewall and intrusion detection module will also cause friction and resistance

2. The wide area switch adopts a catalyst6513 with dual engines, ws-sup720, and is configured with firewall, intrusion detection module, content engine and ATM module

local area solution

local area adopts two catalyst6513 high-performance switches. This scheme establishes several completely independent networks in the core local area through multi VRF technology, including central server network, financial network, company leadership network and user access network. Several networks realize network information flow through the firewall module of the core switch, and realize the protection of important networks through the deployment of firewall module security strategy

the floor switch connects with the core local area analysis method through trunk or routing. The user can set the switch catalyst6513 dual link connection by himself before analysis, so as to realize the redundancy of data link layer or network layer, and realize load balancing. Two local core switches enable the HSRP function

wide area solution

wide area connection network through multi VRF technology and VLAN technology, the wide area connection network is divided into several independent VPNs, namely internal network, external service network, access unit network, Dongdian network, power plant access network, e-government network and Internet. The interconnection and security control of these areas are realized through the wide area exchange firewall module

switch module installation

catalyst6513 switch uses the latest switch engine 720g, which can only be installed in the seventh and eighth slots of the switch. Other module installation may also require special positions

core local network routing implementation

building local routing design realizes network link redundancy and load balancing through routing metric, and adopts OSPF routing protocol. The core local area adopts dynamic routing based on VPN, and each VPN realizes dynamic routing exchange with the central firewall through the core switch

wide area routing implementation

wide area connection network routing implementation is divided into the following two levels:

(1) wide area connection routing centered on the wide area fire prevention electro-hydraulic servo universal experimental machine, which is a high-precision instrument wall with optical, mechanical and electrical connections: the wide area firewall provides secure access to the internal core local area, subordinate units, power plants, provincial government affairs and the Internet, and uses static routing to realize the connection of several networks

(2) connection route of subordinate units centered on wide area switch: the wide area switch provides access to subordinate units and mutual cosmetics access between subordinate units, which is realized by the combination of dynamic route and static route, in which the access of units such as urban power communication adopts static route; The ATM network access of local bureaus adopts OSPF dynamic routing, and the wide area switch is directly connected to the wide area backbone area Area0, and the default routing is issued to local bureaus at the same time; The backup route of ATM network adopts static route; The access of dial-up network adopts static route

