Scenario: Designing a Reliable Network for a Live Streaming Event

Overview: A production company has hired you to design and implement a network infrastructure for a large-scale live-streaming event. The event will involve multiple audio and video feeds from cameras, microphones, and soundboards. These feeds must be transmitted to a central server, processed, and broadcast live to an online audience. Hundreds of viewers will be tuning in simultaneously, so network reliability and low latency are critical.

Requirements:

  • High Bandwidth: The network must support the high-quality audio and video streams being sent in real-time.
  • Low Latency: To ensure the live stream doesn’t experience delays, your network should minimize latency as much as possible.
  • Redundancy: Given the importance of the event, there needs to be redundancy in case of hardware or network failure.
  • Security: The video streams and the broadcast server must be secured to prevent unauthorized access or data breaches.
  • Remote Access: Audio engineers and video editors may need remote access to the network to make adjustments during the event.

Scenario Task:

You are tasked with:

  1. Designing the Network Architecture:
    • Decide the type of network topology (e.g., star, mesh) you would use to ensure efficient data flow.
    • Choose the appropriate networking equipment (e.g., switches, routers) to handle the bandwidth and streaming needs.
    • Determine whether a wired or wireless setup (or a combination) would be optimal for transmitting video and audio feeds to the central server.
  2. Implementing Firewalls and Network Security:
    • Set up firewalls and other security measures to protect the audio and video data during transmission.
    • Implement access controls to ensure only authorized personnel can connect to the network.
  3. Ensuring Redundancy and Reliability:
    • Plan a backup solution in case one part of the network fails, such as setting up a secondary internet connection or using load balancing.
    • Consider any specific techniques for video/audio packet prioritization to avoid disruptions in the live stream.
  4. Testing and Monitoring:
    • Develop a plan to monitor network performance during the event, including bandwidth usage, latency, and any potential security breaches.
    • Explain how you would test the network beforehand to ensure it can handle the load.
  5. Providing Remote Access:
    • Configure secure remote access for audio and video professionals to control aspects of the live stream from different locations.

Deliverables:

  • A detailed network design diagram that outlines how you would structure the event’s networking setup.
  • A brief explanation of the security measures you implemented and why they are important.

 

Table of Devices and Connections:

Device Model Interface IP Address Subnet Mask Gateway Connected to Description
Router (2911) Cisco 2911 Router GigabitEthernet 0/0 192.168.10.1 255.255.255.0 GigabitEthernet 0/1 of Layer 3 Switch 1 First subnet interface connecting to Layer 3 Switch 1
GigabitEthernet 0/1 192.168.20.1 255.255.255.0 GigabitEthernet 0/1 of Layer 3 Switch 2 Second subnet interface connecting to Layer 3 Switch 2
Virtual IP (HSRP) 192.168.10.254 255.255.255.0 HSRP configuration across Router and Switch 1 Virtual IP for redundancy on Subnet 10
Virtual IP (HSRP) 192.168.20.254 255.255.255.0 HSRP configuration across Router and Switch 2 Virtual IP for redundancy on Subnet 20
Layer 3 Switch 1 Cisco 3560 Multilayer Switch GigabitEthernet 0/1 192.168.10.2 255.255.255.0 192.168.10.1 GigabitEthernet 0/0 of Router (2911) Connects devices in the first subnet (audio/video feeds)
FastEthernet 0/1 Ethernet 0 of PC (Audio/Video 1) Connects to first Audio/Video feed PC (Subnet 10)
FastEthernet 0/2 Ethernet 0 of PC (Audio/Video 2) Connects to second Audio/Video feed PC (Subnet 10)
FastEthernet 0/3 Ethernet 0 of PC (Audio/Video 3) Connects to third Audio/Video feed PC (Subnet 10)
FastEthernet 0/4 Ethernet 0 of Central Server Connects to Central Server for streaming audio/video
Layer 3 Switch 2 Cisco 3560 Multilayer Switch GigabitEthernet 0/1 192.168.20.2 255.255.255.0 192.168.20.1 GigabitEthernet 0/1 of Router (2911) Connects devices in the second subnet (remote engineers)
FastEthernet 0/1 Ethernet 0 of PC (Remote Engineer 1) Connects to first Remote Engineer PC (Subnet 20)
FastEthernet 0/2 Ethernet 0 of PC (Remote Engineer 2) Connects to second Remote Engineer PC (Subnet 20)
FastEthernet 0/3 Ethernet 0 of PC (Remote Engineer 3) Connects to third Remote Engineer PC (Subnet 20)
Central Server Generic Server Ethernet 0 192.168.10.100 255.255.255.0 192.168.10.1 FastEthernet 0/4 of Layer 3 Switch 1 Processes and streams the audio/video feeds
PC (Audio/Video 1) Generic Desktop PC Ethernet 0 192.168.10.10 255.255.255.0 192.168.10.1 FastEthernet 0/1 of Layer 3 Switch 1 Audio/Video feed device (Subnet 10)
PC (Audio/Video 2) Generic Desktop PC Ethernet 0 192.168.10.11 255.255.255.0 192.168.10.1 FastEthernet 0/2 of Layer 3 Switch 1 Audio/Video feed device (Subnet 10)
PC (Audio/Video 3) Generic Desktop PC Ethernet 0 192.168.10.12 255.255.255.0 192.168.10.1 FastEthernet 0/3 of Layer 3 Switch 1 Audio/Video feed device (Subnet 10)
PC (Remote Engineer 1) Generic Desktop PC Ethernet 0 192.168.20.10 255.255.255.0 192.168.20.1 FastEthernet 0/1 of Layer 3 Switch 2 Remote engineer accessing network remotely (Subnet 20)
PC (Remote Engineer 2) Generic Desktop PC Ethernet 0 192.168.20.11 255.255.255.0 192.168.20.1 FastEthernet 0/2 of Layer 3 Switch 2 Remote engineer accessing network remotely (Subnet 20)
PC (Remote Engineer 3) Generic Desktop PC Ethernet 0 192.168.20.12 255.255.255.0 192.168.20.1 FastEthernet 0/3 of Layer 3 Switch 2 Remote engineer accessing network remotely (Subnet 20)

 


Key Connection Points:

  1. Router:
    • GigabitEthernet 0/0 connects to GigabitEthernet 0/1 of Layer 3 Switch 1 (for Subnet 10).
    • GigabitEthernet 0/1 connects to GigabitEthernet 0/1 of Layer 3 Switch 2 (for Subnet 20).
  2. Layer 3 Switch 1:
    • FastEthernet 0/1 connects to PC (Audio/Video 1).
    • FastEthernet 0/2 connects to PC (Audio/Video 2).
    • FastEthernet 0/3 connects to PC (Audio/Video 3).
    • FastEthernet 0/4 connects to Central Server.
  3. Layer 3 Switch 2:
    • FastEthernet 0/1 connects to PC (Remote Engineer 1).
    • FastEthernet 0/2 connects to PC (Remote Engineer 2).
    • FastEthernet 0/3 connects to PC (Remote Engineer 3).

 

Step-by-Step Guide to Implement the Network in Packet Tracer


Step 1: Setup Network Topology

  • Objective: Create a network with a central server and multiple devices representing audio/video feeds and remote users.
  1. Open Cisco Packet Tracer.
  2. Add devices to the workspace:
    • 1 Router (e.g., 2911 Router)
    • 2 Layer 3 Switches for redundancy (3560 MultiLayer Switch)
    • 1 Central Server (for live streaming processing)
    • 3 Desktop PCs (representing remote engineers)
    • 4 Cameras/Microphones (represented by PCs or laptops for simulation)
    • 1 External Router connected to the internet (Simulates the internet for remote access).
  3. Connect the devices:
    • Connect Layer 3 switches to the Router.
    • Connect the central server and audio/video devices (PCs) to the Layer 3 switches.
    • Connect remote engineers’ PCs to the internet-facing Router.

Step 2: Configure IP Addresses

  • Objective: Assign IP addresses to each device in the network.
  1. On Router (2911):
    enable
    configure terminal
    • This command enters privileged mode and global configuration mode to allow configuring the router.
    interface gigabitEthernet 0/0
    • This command selects the first network interface on the router.
    ip address 192.168.10.1 255.255.255.0
    • Assign the IP address 192.168.10.1 to this interface with a subnet mask of 255.255.255.0.
    no shutdown
    • This command activates the interface, allowing traffic to flow through it.
    exit
    • This exits the interface configuration mode.
    interface gigabitEthernet 0/1
    • Select the second interface on the router.
    ip address 192.168.20.1 255.255.255.0
    • Assign the IP address 192.168.20.1 to this interface for the second subnet.
    no shutdown
    • Activate the second interface as well.
    exit
    • Exit the configuration mode for the interface.

  1. On the Layer 3 Switches:
    • Enable IP routing on the switches to allow communication between VLANs.
    enable
    configure terminal
    ip routing
    • The ip routing the command enables Layer 3 switching capabilities.
    interface vlan 10
    ip address 192.168.10.2 255.255.255.0
    no shutdown
    • Create VLAN 10 (a virtual LAN) and assign the IP address 192.168.10.2.
    exit
    • Exit VLAN 10 configuration mode.
    interface vlan 20
    ip address 192.168.20.2 255.255.255.0
    no shutdown
    • Create VLAN 20 and assign the IP address 192.168.20.2.
    exit

  1. On the PCs (Audio/Video Feeds):
    • Go to the PC Desktop tab, click IP Configuration, and set:
      • IP Address: 192.168.10.X (for the first group of devices)
      • Subnet Mask: 255.255.255.0
      • Gateway: 192.168.10.1
    • Repeat for the second group of devices with 192.168.20.X and gateway 192.168.20.1.

  1. On the Server (Central Server):
    • Assign an IP address manually to the server.
    ip address 192.168.10.100 255.255.255.0
    gateway 192.168.10.1
    • This command sets the server IP address to 192.168.10.100 with a gateway of 192.168.10.1.

Step 3: Configure Redundancy (HSRP)

  • Objective: Implement redundancy using Hot Standby Router Protocol (HSRP).
  1. On the Router (2911):
    • Enter the interface configuration mode for the first interface.
    interface gigabitEthernet 0/0
    • Configure HSRP on the first interface with virtual IP 192.168.10.254.
    standby 1 ip 192.168.10.254
    standby 1 priority 110
    standby 1 preempt
    • The standby commands configure HSRP, set a priority, and allow this router to take over as the active router if it fails.
    exit
    • Exit the configuration for this interface.
  2. Repeat for the second interface:
    interface gigabitEthernet 0/1
    standby 2 ip 192.168.20.254
    standby 2 priority 110
    standby 2 preempt
    exit
    • This configures HSRP for the second subnet (192.168.20.0/24).

Step 4: Implement Access Control (Security)

  • Objective: Set up Access Control Lists (ACLs) to restrict unauthorized access.
  1. On the Router (2911):
    • Create an access list to permit only devices from 192.168.10.0/24 to access the central server.
    access-list 100 permit ip 192.168.10.0 0.0.0.255 any
    access-list 100 deny ip any any
    • access-list 100 permit allows traffic from the 192.168.10.0 network, and the second line denies all other traffic.
    • Apply the ACL to the relevant interface.
    interface gigabitEthernet 0/0
    ip access-group 100 in
    exit
    • The ip access-group the command applies ACL 100 to the incoming traffic on the first interface.

Step 5: Prioritize Video/Audio Traffic (QoS)

  • Objective: Implement Quality of Service (QoS) to prioritize video and audio traffic.
  1. On the Router (2911):
    • Create a class map to match audio/video traffic, assuming streaming uses UDP port 5000.
    class-map match-any AV-traffic
    match access-group 101
    exit
    • The class-map command creates a traffic class named AV-traffic.
    • Create an access list to match video/audio traffic.
    access-list 101 permit udp any any eq 5000
    • access-list 101 allows UDP traffic over port 5000.
    • Create a policy map to prioritize this traffic.
    policy-map AV-priority
    class AV-traffic
    priority 1000
    exit
    • The priority 1000 command reserves 1000 Kbps for this traffic.
    • Apply the policy map to the outgoing interface.
    interface gigabitEthernet 0/0
    service-policy output AV-priority
    exit
    • The service-policy command applies the QoS policy to prioritize audio/video traffic.

Step 6: Configure Remote Access (SSH)

  • Objective: Enable remote engineers to securely access the central server using SSH.
  1. On the Router (2911):
    • Set up SSH for remote access.
    hostname StreamingRouter
    ip domain-name liveevent.com
    crypto key generate rsa
    • These commands configure the hostname and domain,  and then generate an RSA key for SSH encryption.
    • Create a user for remote access.
    username engineer password cisco123
    • This creates a user named engineer with password cisco123.
    • Enable SSH on the VTY lines.
    line vty 0 4
    login local
    transport input ssh
    exit
    • login local uses the local username for SSH login, and transport input ssh ensures SSH is the only access method.

Step 7: Test the Network

  • Objective: Test network connectivity and performance.
  1. Ping Test:
    • Use the Ping tool in Packet Tracer to test connectivity between devices and the central server.
  2. QoS Test:
    • Simulate traffic load and check that audio/video traffic is prioritized using Simulation Mode in Packet Tracer.