This Cisco-based project created in GNS3 presents a medium-sized company network infrastructure. It builds on earlier work and demonstrates a multi-layer topology using dynamic routing, segmented VLAN design, Linux-based internal services, and structured security policies.
The goal is to model a realistic company environment where routing, switching, server services, and access control operate together as a stable and manageable system.
The network implements VLAN segmentation with inter-VLAN routing via subinterfaces, OSPF single-area routing, DHCP relay, local DNS and HTTP services on an Xubuntu Server, and NAT/PAT for external connectivity. Layered security is applied using port security, ACL-based segmentation, device hardening, and a dedicated management VLAN.
VLAN 99 is used for management and as an OSPF backup path. If the primary point-to-point link between R1 and R2 fails, OSPF automatically shifts adjacency to VLAN 99, preserving full routing and inter-VLAN communication.
The design also includes RSTP, PortFast on edge ports, controlled BPDU handling, and intentionally added troubleshooting scenarios to reflect realistic Layer 2 operation. The project further demonstrates practical work with GNS3 VM integration, Cisco IOSv and IOSv-L2 appliances, Linux server configuration, and structured diagnostics across the topology.
Zones clearly define device roles and which parts of the network communicate together.
- ISP Zone – simulated external connectivity
- Server Zone (VLAN 10) – Xubuntu server providing DNS, DHCP and HTTP
- Admin Zone (VLAN 20) – Xubuntu-Admin workstation with full administrative access
- User VLANs – Executive, Development, Finance, Printers, Logistics, Warehouse, Sales
- Routing/Switching Zone – Routers R1/R2 and all Layer 2 interconnections
- Network Topology and Devices
- Addressing and VLAN Planning
- Basic Device Configuration
- VLAN and Trunk Configuration
- Advanced Switching Features
- Inter-VLAN Routing and OSPF
- Core Server Services
- NAT/PAT and External Connectivity
- Wireshark Monitoring
- Network Security
- Troubleshooting
- Conclusion and Summary
- VLAN segmentation and trunk links across all switches
- Inter-VLAN routing with subinterfaces
- Switching features including RSTP, PortFast, and BPDU behavior
- OSPF single-area internal routing with VLAN 99 as backup path
- DHCP relay for all VLANs
- DNS(Bind 9) and HTTP services on Linux
- NAT/PAT translation for outbound traffic
- Port security and administrative hardening
- ACL-based segmentation between VLANs
- Full diagnostics and packet analysis in Wireshark
- Troubleshooting of routing, DHCP, VLAN and addressing issues
-
GNS3 version 2.2.54
-
Wireshark Version 4.2.2
-
Xubuntu VM (kernel-based QEMU virtual machine inside GNS3)
-
Cisco IOSv Router
- VIOS-ADVENTERPRISEK9-M, Version 15.9(3)M6
-
Cisco IOSv-L2 Switch
- vios_l2-ADVENTERPRISEK9-M, Version 15.2(20170321)
-
Visual Studio Code (documentation editing)
-
Obsidian (notes, summaries and screenshots)
This project was a very important step in my learning. It is the biggest and most complex network I have built so far in GNS3. It was also the first time I worked with OSPF in a network of this size and it showed me how routing really behaves when there are two routers and more paths to choose from.
I found it very interesting to implement VLAN 99 as the management network and also as a backup path for OSPF. When I tested what happens if the main link between R1 and R2 goes down, I learned how OSPF moves the traffic to the backup path and how priority decides which route becomes active. This gave me real practical skill in understanding routing failover and how important a well planned design is.
Some parts were difficult, especially setting up BIND9 for DNS. I had moments when it was really stressful, but solving these problems helped me understand the network much better. This project also showed me how much I have improved compared to my first project.
Working on this topology gave me confidence and a clearer idea of what I want to try next. I am excited to see what the next challenge will be in my upcoming project.
© 2025 – Lukas Dula | Home Network Project & Portfolio