Medium Business Network | Benjamin Graydon

Overview

This project expands on a smaller network design by modeling a more realistic business environment with more departments, more policy decisions, and a greater need for organized Layer 3 control. The network uses a Layer 3 core to support VLAN interfaces, route between internal segments, and enforce access policy more cleanly than a simpler router-on-a-stick design.

The focus was on building a design that looked and behaved more like a real business network rather than a basic classroom topology.

Topology

Architecture Highlights

Separate VLANs for multiple departments and services
SVIs on a Layer 3 switch for inter-VLAN routing
DHCP relay to centralize address assignment
Guest isolation and service segmentation
ACLs to restrict traffic based on business need

Technologies Used

Implementation Approach

I used separate VLANs to organize departments and services, then created switched virtual interfaces on the Layer 3 switch so each segment had a gateway. From there, I configured routing between VLANs and applied ACLs to allow only the communication that made sense.

I also accounted for centralized services by using DHCP relay, which let client networks receive IP configuration without needing a DHCP server in every VLAN. This helped the design feel more intentional and scalable.

Policy and Validation

Confirmed hosts could reach their default gateways
Tested inter-VLAN access where it should be allowed
Verified guest or restricted networks could not reach protected areas
Checked that central services were reachable where required
Used troubleshooting commands to verify VLAN and interface state

What I Learned

This project strengthened my understanding of how network design scales as the environment becomes more complex. It also helped me connect segmentation, routing, service placement, and ACL policy into one coherent design instead of treating them as isolated topics.

Medium Business Network - Layer 3 Core and ACL Policy