Professional Documents
Culture Documents
LI NI U
S bng n ca Internet trong vi thp k qua lm cho khi nim
Mng my tnh ngy cng tr nn thn thuc vi mi ngi. Internet l
mt h thng thng tin ton cu c th c truy nhp cng cng, gm
cc mng my tnh c lin kt vi nhau v truyn thng tin theo
phng thc chuyn mch gi (Packet Switching) da trn mt giao thc
lin mng c chun ha (giao thc IP). H thng ny bao gm
hng triu triu mng my tnh nh hn ca cc doanh nghip, vin
nghin cu, trng i hc, cc chnh ph trn ton cu v c ngi
dng c nhn
Vi mc ch trang b cho Sinh vin, Hc vin Cao hc chuyn
ngnh Cng ngh Thng tin, Khoa hc My tnh, Tin hc, Ngi s
dng... nhng kin thc c bn v mng my tnh thit k cc mng
my tnh trong thc tin; Nhm tc gi Khoa Cng ngh Thng tin,
Trng i hc Duy Tn; Khoa Ton C Tin hc, Trng i hc
Khoa hc T nhin, i hc Quc gia H Ni phi hp vi Nh xut
bn Thng tin v Truyn thng xut bn cun Gio trnh Thit k
Mng. Ni dung gio trnh gm 4 chng, c th nh sau:
Chng 1: Tng quan v Thit k mng
Chng 2: Thit k Mng cc b
Chng 3: Mng cc b khng dy
Chng 4: Thit k Mng din rng
Sau khi nghin cu gio trnh ny, ngi c c th nm vng v
vai tr, nguyn l trao i thng tin gia cc thnh phn tham gia vo
Chng 1
Chng ny nhm gii thiu tng quan v tin trnh thit k mng
my tnh. Tin trnh xy dng mt mng my tnh cng tri qua cc giai
on nh vic xy dng v pht trin mt phn mm. l cc qu trnh
Thu thp yu cu ca khch hng (Cng ty, x nghip c yu cu xy
dng mng), Phn tch yu cu, Thit k gii php mng (thit k m
hnh logic, thit k m hnh vt l), Ci t mng, Kim th v cui cng
l Bo tr mng.
Chng 1 s gii thiu s lc v nhim v ca tng giai on ta
c th hnh dung c tt c cc vn c lin quan trong tin trnh xy
dng mng.
1.1. TIN TRNH XY DNG MNG
Ngy nay, mng my tnh tr thnh mt h tng c s quan
trng ca tt c cc c quan, x nghip. N tr thnh mt knh trao
i thng tin khng th thiu c trong thi i cng ngh thng tin.
Mc yu cu an ton mng.
Rng buc v bng thng ti thiu trn mng.
1.1.3. Thit k gii php
Thit k gii php mng cung cp chi tit gii php v vt l cho
kin trc mng. Thit k mng l khu quan trng tip ni cc bc phn
tch v kin trc mng. Qu trnh thit k bao gm cc ti liu v bn v
k thut ca h thng mng, la chn nh cung cp thit b v dch v,
la chn thit b (bao gm loi thit b v cu hnh tng ng ).
Trong qu trnh thit k mng, nn s dng qui trnh nh gi i
vi nh cung cp thit b, nh cung cp dch v cng nh la chn thit
b da trn u vo ca qui trnh phn tch v kin trc mng.
Chng ta s tm hiu lm th no thit lp mc tiu thit k,
chng hn nh gim thiu chi ph mng nhng li ti u ha hiu nng
mng, cng nh lm th no t c cc mc tiu ny, thng qua
hiu sut mng v chc nng vi mc tiu thit k mng.
Thit k gii php tha mn nhng yu cu t ra trong bng
c t yu cu h thng mng. Vic chn la gii php cho mt h
thng mng ph thuc vo nhiu yu t, c th lit k nh sau:
Kinh ph dnh cho h thng mng.
Cng ngh ph bin trn th trng.
Thi quen v cng ngh ca khch hng.
Yu cu v tnh n nh v bng thng ca h thng mng.
Rng buc v php l.
Ty thuc vo mi khch hng c th m th t u tin, s chi phi
ca cc yu t s khc nhau dn n gii php thit k s khc nhau.
Tuy nhin cc cng vic m giai on thit k phi lm th ging nhau.
Chng c m t nh sau:
1.1.3.1. Thit k s mng mc logic
Thit k s mng mc logic lin quan n vic chn la m
hnh mng, giao thc mng v thit t cc cu hnh cho cc thnh phn
nhn dng mng.
10
11
12
Chng 2
THIT K MNG CC B
14
Phm vi a l nh
Tc cao v ng tin cy
Ethernet, Wifi, FDDI, ATM
Mng th MAN (Metropolitan Area Network): l mng d liu
bng rng c thit k cho phm vi trong thnh ph, th x. Khong
cch thng nh hn 50 km. Xt v quy m a l, MAN ln hn
mng LAN nhng nh hn mng WAN, MAN ng vai tr kt ni 2
mng LAN v WAN vi nhau hoc kt ni gia cc mng LAN. Kt ni
gia cc phn t ca mng MAN thng s dng loi khng dy
(Wireless) hoc s dng cp quang (Optical Fiber).
Mng din rng WAN (Wide Area Network): l mng d liu c
thit k kt ni gia cc mng th (mng MAN), gia cc khu vc
a l cch xa nhau.
Phm vi a l rng ln
Tc m bo t l li chp nhn c
Cng ngh chuyn mch
Mng LAN s dng k thut mng qung b (Broadcast network),
trong cc thit b cng chia s mt knh truyn chung. Khi mt my
tnh truyn tin, cc my tnh khc u nhn c thng tin. Ngc li,
mng WAN s dng k thut Mng chuyn mch (Switching Network),
c nhiu ng ni kt cc thit b mng li vi nhau. Thng tin trao i
gia hai im trn mng c th i theo nhiu ng khc nhau. Chnh v
th cn phi c cc thit b c bit nh ng i cho cc gi tin, cc
thit b ny c gi l b chuyn mch hay b chn ng (router).
Ngoi ra gim bt s lng ng ni kt vt l, trong mng WAN cn
s dng cc k thut a hp v phn hp.
2.1.2. Phn loi mng my tnh theo topology mng
Mng dng hnh sao (Star topology): dng hnh sao, tt c cc
trm c ni vo mt thit b trung tm c nhim v nhn tn hiu t
15
16
17
18
19
20
21
u ni RJ-45 v cc chun bm cp
Straight Cable
Crossover Cable
Rollover Cable
22
2.3.2. Repeater
Repeater l loi thit b phn cng n gin nht trong cc thit b lin
kt mng, n c hot ng trong tng vt l ca m hnh h thng m
OSI. Repeater dng ni 2 mng ging nhau hoc cc phn mt mng
cng c mt nghi thc v mt cu hnh. Khi Repeater nhn c mt tn
hiu t mt pha ca mng th n s pht tip vo pha kia ca mng.
Repeater khng c x l tn hiu m n ch loi b cc tn hiu mo,
nhiu, khuch i tn hiu b suy hao (v c pht vi khong
cch xa) v khi phc li tn hiu ban u. Vic s dng Repeater lm
tng thm chiu di ca mng.
23
24
25
26
27
28
29
Type
Ports
-------- -----
Fa0/1
2.3.6. Router
Router l mt thit b hot ng trn tng mng, n c th tm c
ng i tt nht cho cc gi tin qua nhiu kt ni i t trm gi
thuc mng u n trm nhn thuc mng cui. Router c th c s
dng trong vic ni nhiu mng vi nhau v cho php cc gi tin c th
i theo nhiu ng khc nhau ti ch.
30
31
32
33
34
Network Layer
LLC
MAC
Physical Layer
802.5
Token
Ring
35
36
37
38
39
40
41
42
43
44
Cp quan a ch 62.5/125 m
Cp quan n ch 8.3/125 m
45
46
47
48
49
2.6.3. Cp mng
Cp l phng tin qua thng tin c di chuyn t mt thit b
mng ny ti mng khc. Mt s loi cp, thng c dng vi mng
LAN. Trong mt s trng hp, mt mng s s dng ch mt loi cp;
cc mng khc s s dng nhiu loi cp khc nhau. Cc loi cp chn
cho mt mng li lin quan n topology ca mng, giao thc, v kch
c. S hiu bit c im ca loi cp v lm th no lin kt n cc
vng khc ca mt mng l cn thit cho s pht trin thnh cng ca
mt mng.
2.6.3.1. Cable xon i khng v bc
Cable UTP c th khc nhau t in thoi, lp dy t ti tc
cao. Loi cable ny c 4 cp bn trong v bc. Mi cp xon c nh
s khc nhau/inch gip loi b s nhiu t cp bn cnh v cc thit b
in khc.
UTP c th h tr in thoi, 4 & 16 Mbit/s Token Ring, Ethernet,
100 Mbit/s Ethernet, FDDI li ng (CDDI), 155 Mbit/s ATM. Cp UTP
c EIA/TIA chun ha. Trong s nhng gi tr tt nht v gi c l
CAT 3 v CAT 5. Tuy nhin, CAT 3 c xp vo loi 10 MHz, ph
hp vi Ethernet (10 Mbit/s), v CAT 5 100 MHz, thch hp cho Fast
Ethernet (100 Mbit/s) v ATM (155 Mbit/s).
Ngoi ra cn c CAT5e (Enhanced Category 5). y l tiu chun
c ph duyt gn y, thit k cho vic trao i an ton hn khi truyn
Fast Ethernet song cng. S khc bit chnh gia CAT 5 v CAT 5e c
th thy trn cc thng s k thut v hiu sut c nng ln mt cht.
Cp UTP ni chung l c dy trong topology star v nhng li th x l
s c lin kt trong topology star.
2.6.3.2. Cp xon i bc li
Mt bt li ca UTP l n d b nhiu sng tn s v tuyn in.
Cp xon i bc li ph hp cho cc mi trng c s nh hng ca
in. N c mt mng che chn c th chn cc nhiu in, nhng iu
ny khin cho cp cng knh v thng rt kh giao tip vi mt kt
ni d liu. Tuy nhin, mt phin bn mi ca STP cp c gii thiu
50
51
Thit k h tr cho ng
dng mng c th
CAT 3
Thoi, 10Base-T
1991
CAT 4
1993
CAT 5
1994
CAT 5E
1998
CAT 6,7
Cha xut
Cha xc nh
52
1000Base-SX (802.3z)
Si a mode
Thng 6 - 1998
1000Base-LX (802.3z)
Si n v a mode
Thng 6 - 1998
1000Base-CX (802.3z)
Thit b ni vi
Thng 6 - 1998
1000Base-T (802.3ab)
Nm 1999
53
Chi ph
Ci t
Cng sut
di
EMI
Thinnet
ng
t hn STP
R, d dng
10Mbit/s
185m
D hng
hc hn
UTP
Thicknet
ng
Cao hn
STP, t hn
cable si
D dng
10Mbit/s
500m
D hng
hc hn
UTP
Xon i
bc v
(STP)
Cao hn
UTP, it hn
thicknet
D dng
16-500Mbit/s
100m
D hng
hc hn
UTP
Xon i
khng bc
v (UTP)
Thp nht
R/d dng
10-100Mbit/s
100m
Kh h
hng
Si quang
Tn km
nht
t/Kh
khn
100-200.000
Mbit/s
10s/km
Khng
hng hc
54
55
2.7.2 V tr t Hub
Vic t hub/switch trong phng hoc closets nhm bo m an ton
t truy cp tri php. cng l mong mun c switch/hub t nht l 1 m
i t bt k bng chuyn mch trung tm. Nhn vo bn nt min, la
chn v tr tim nng ban u cho hub/switch, chng hn nh vn phng,
phng lu tr, tt hn l gn trung tm my tnh. nhng cng trnh a
tng, cc v tr trung tm ni chung s c t gn li.
V mt vng trn bn knh 50 m t mi v tr hub v m bo tt c
cc nt nm trong vng trn. Mt s outlet c th nm bn ngoi bn
knh ny, nhng khng qu 15m.
Xem xt cc v tr trung tm nhm loi tr cc v tr chng ln nhau.
Nhiu my c th phc v nhiu hn mt tng, cung cp mt ng cp
dn dc gia chng.
Chn mt hub l hub trung tm. Nn t ti v tr d s dng cho
ngi c kh nng chu trch nhim qun tr mng, nhng cng phi d
dng tip cn cho vic b sung cp xng sng trong tng lai, v tt
nht l hng vo v tr trung tm. Trn cc min ln, ngi ta thng
t trong phng my tnh.
Hub c th phc v nhiu hn mt c s, v vy cn cung cp ng
cp kh thi gia cc ta nh, cng trnh chia s v phn phi chung t
ngun. Kh nng ny bao gm:
Ci t di t vi ng dn tn ti hay lp t mi.
ng dn mi thng c yu cu ph bin (d dng nht
c ci t nu tuyn ng l c hay qua vn). c bit cp
CAT 5 ngm phi c s dng bo v chng li thit hi do
m gy ra.
Chy cable trong ng dn hay ghim cht trn ba ng dn hnh
ch nht theo ng i an ton c nh sn trc.
Cc mc xch nn t ln trn bn gia ta nh (c th l
phng php ch thc hin vi nhng cng trnh c th di ng).
2.7.3 Chn tuyn ng xng sng
Vic chn v tr cc hub nh sn, ng ngha vi vic kt ni cc
workgroup hub vi hub trung tm. Trc y, iu ny c thc hin
56
57
58
59
60
61
Bn ghi tn v v tr outlet.
Bt c chng nhn thc hin (v d nh kt qu kim tra cp Cat5).
S hin th mi quan h ca cc my trm lm vic, cc my
ch file, my in v cc thit b khc trong mng vi nhau.
S hin th lm cch no m mi hub, bridge, switch, router bt
k kt ni mng (c th c hin th trn h thng qun l mng).
Bn ghi giy php phn mm v cc phin bn ca phn mm
c ci t.
Cu hnh ca card mng my trm.
Tr tin cho bn sao ca tiu chun c ngh cho qun tr
h thng.
2.8.3 Cc bn ghi dy ni v u cm
Bn ghi dy ni nn c gi li mi bng v li hoc kt ni
ngang. Nhim v ca chng l xc nh cc mi quan h gia hub v cc
cng ca switch, cng ni dy, v cc thit b u cui. C th dng bng
tnh t ng ha qu trnh ny. C s d liu v h thng qun l cp
c s dng cung cp s tinh t nht, nhng c th mang li s rm
r nhp v duy tr d liu.
2.8.4 Qun tr h thng
Nhu cu ca mng my tnh khng ch n gin l kt ni mt
nhm cc my tnh vi nhau ti mt thit b kt ni trung tm. Mng i
hi phn mm c bit gi l h iu hnh mng (NOS), cho php lin lc
gia cc thit b khc nhau. Cc phn mm NOS khng n gin l t n
c th chy. N i hi mt ngi gi l qun tr h thng thc hin
chc nng qun tr bng cch s dng phn mm NOS thc hin cc tc
v nh sao lu tp tin, gi cho lu lng mng n nh, v m bo nhiu
ngi s dng c quyn truy cp, giao tip vi my in, Internet, v vi cc
my tnh khc. Khi h thng my tnh b treo, qun tr h thng s khi
phc n tr li trng lm vic nh trc. Khong thi gian v k nng cn
thit ca qun tr h thng ph thuc vo kch c ca mng. i vi mt
mng li gm 10 my tnh trung bnh ch yu cu mt gi/tun. i vi
62
<2kVA
2-5kVA
>5kVA
ng dy in khng c bc v
hoc thit b in gn nhau m
hoc ng dn phi kim loi
5 inche hoc
12.7cm
12 inche hoc
30.5 cm
24 inche hoc
61 cm
ng dy in khng bc v hoc
thit b in gn ng ng kim loi
2.5 inche
hoc 6.4 cm
6 inche hoc
15.2 cm
12 inche hoc
30.5 cm
ng dy in km theo mt ng
ng kim loi (che chn tng ng)
gn v tr t ng ng kim loi
6 inche hoc
15.2 cm
12 inche hoc
30.5 cm
n hunh quang
My bin p v ng c in
40 inche hoc1.02 m
63
KHNG NN
Xc nh v tr kt ni cho chnh gn
trung tm ca ta nh gii hn
khong cch cp
Khng t v tr kt ni cho vt qu
khong cch ti a cho php.
ng bt c cp dy no tho xon
(Gi xon cho n gn nhng im
cui).
Ct v bc gn gng cp ngang vi bn
knh un cong ti thiu l 4 ln ng
knh cp
64
65
66
67
68
69
70
71
Mt u th na i vi cc switch bt i xng l n c h tr
mt s cng c thng lng ln dnh cho cc server hoc cc cp chiu
dng ni ln cc switch / router mc cao hn.
72
73
Connection
Cable
ID
Cross Connection
(Paired# / Port #)
Type of
Cable
Status
Port
Speed
203-1
HCC1 / Port 13
CAT5 UTP
Used
10
Mbit/s
203-2
HCC1 / Port 14
CAT5 UTP
Not Used
10
Mbit/s
203-3
HCC2 / Port 3
CAT5 UTP
Not Used
10
Mbit/s
IDF1 to MDF
IDF1-1
VCC1 / Port 1
Multimode
Fiber
Used
100
Mbit/s
IDF1 to MDF
IDF1-2
VCC1 / Port 2
Multimode
Fiber
Used
100
Mbit/s
74
75
76
77
78
79
Up
Phng Gim c
P.Trc ban
Phng IT
Phng hp
80
81
82
Thit b
Cng
1 -> 11
Switch Layer 2
VLAN
101
Mc ch
Kt ni my tnh cc phng ban
12
101
13->17
103
18
103
19 -> 20
102
D phng
21
102
22
102
23
102
24
102
FW UTM
Port
Zone
0/0
Trust
0/1
ERP
0/2
TaiChinh
0/3
DMZ
0/4
0/5
0/6
Port
Switch
12
VLAN
Mc ch
101
Kt ni cc phng ban
102
Kt ni cc modem ERP, Ti
chnh, Bn hng
103
Kt ni phng ti chnh
104
Kt ni my ch Tai chinh
UnTrust
105
WiFi
106
N/A
D phng
24
18
83
VLAN
101
a ch
192.168.1.0/24
Mc ch
Cc phng ban
102
192.168.2.0/24
Kt ni ERP
103
192.168.3.0/24
Phng Ti chnh
104
192.168.4.0/24
My ch ti chnh
105
192.168.5.0/24
Kt ni Modem Internet
106
192.168.6.0/24
WiFi
a ch VLAN 101
Bng 3.4. Quy hoch a ch VLAN 101
STT
T a ch - n a ch
Subnetmask
Mc ch
192.168.1.10192.168.1.60
255.255.255.0
192.168.1.1
255.255.255.0
192.168.1.2
255.255.255.0
a ch qun l ca Switch
My trm
a ch IP
Subnetmask
Mc ch
192.168.2.1
255.255.255.0
192.168.2.2
255.255.255.0
192.168.2.3
255.255.255.0
192.168.2.4
255.255.255.0
192.168.2.5
255.255.255.0
192.168.2.10
255.255.255.0
a ch Server o
84
a ch VLAN 103
Bng 3.6. Quy hoch a ch VLAN 103
STT
T a ch - n a ch
Subnetmask
Mc ch
192.168.3.10192.168.3.60
255.255.255.0
My trm
192.168.3.1
255.255.255.0
a ch IP
Subnetmask
Mc ch
192.168.4.1
255.255.255.0
192.168.4.2
255.255.255.0
My ch Ti Chnh
a ch IP
Subnetmask
Mc ch
192.168.5.1
255.255.255.0
192.168.5.2
255.255.255.0
a ch IP
Subnetmask
Mc ch
192.168.6.1
255.255.255.0
192.168.6.10192.168.6.60
255.255.255.0
85
Lp mng/subnet
Next-hop/Thit b
Mc ch
0.0.0.0/0
192.168.5.2
Truy cp Internet
10.2.0.0/27
192.168.2.3
Truy cp ERP
10.2.0.1/32
192.168.2.4
Truy cp my ch TC
192.168.176.0/24
192.168.2.5
192.168.131.0/24
Chnh sch kim sot truy nhp, trao i thng tin gia cc
vng (zone)
o
86
To
From
a ch ngun
a ch ch
Giao thc
Ghi ch
To UnTrust
192.168.1.0/24
- Permit Any
10.2.0.0/27
Any
192.168.2.0/24
Any
Qun l Modem
0.0.0.0/0
- Chn Email
ngoi, chat
0.0.0.0/0
Trust
- Chn Email
ngoi, chat
To ERP
192.168.1.0/24
To UnTrust
192.168.3.0/24
- Permit Any
To ERP
TaiChinh
192.168.3.0/24
10.2.0.0/27
Any
SQL(1433)
Trao i vi my ch
Ti chnh chi nhnh
To DMZ
192.168.3.0/24
192.168.4.2/32
Terminal
Service (3389)
To TaiChinh
192.168.4.2/32
DMZ
192.168.3.0/24
SQL(1433)
Trao i vi zone Ti
chnh
SQL(1433)
Trao i vi my ch
Ti chnh TCT
To ERP
192.168.4.2/32
10.2.0.1/32
Terminal
Service (3389)
To DMZ
ERP
10.2.0.1/32
192.168.4.2/24
SQL, Terminal
Service
Trao i vi my ch
Ti chnh TCT
87
C ch NAT a ch IP
Nh chng ta bit, trong qu trnh trao i d liu, khi gi tin
i t trong mng LAN ra bn ngoi thng qua Modem, a ch
IP ngun ca gi tin b NAT sang a ch WAN ca modem.
modem thc hin vic NAT a ch th mt yu cu t ra
na l: Gi tin c NAT a ch phi c a ch ngun thuc
cng mng vi a ch LAN ca Modem.
Trong khi , trong mng LAN ca chng ta s dng rt nhiu lp
mng khc nhau, c phn tch bi thit b Firewall. Nh vy
mt vn t ra l, Firewall phi thc hin vic NAT cc a ch
IP ca gi tin nu gi tin mun gi ti v i qua modem.
i vi cc my tnh trong mng LAN:
o Cc gi tin khi i t my tnh trong VLAN 101 v VLAN 103
ra hng VLAN 102 (hng ti cc modem ERP) s c
NAT a ch IP ngun thnh a ch IP ca giao din Firewall
kt ni vi VLAN 102.
o Cc gi tin khi i t my tnh trong VLAN 101 v VLAN 103
ra hng VLAN 105 (hng ti modem Internet) s c
NAT a ch IP ngun thnh a ch IP ca giao din Firewall
kt ni vi VLAN 105.
i vi Server Ti chnh:
o Server Ti chnh t trong vng DMZ, trn UTM SSG phi
trin khai c ch NAT 1-1 t a ch Server TaiChinh
(192.168.4.2) trong vng DMZ ra a ch o (VirtualIP) ngoi
giao din ERP, khi cc my ti trung tm (TCT) mi kt
ni c vi Server trong DMZ nh c ch Virtual server
trn Modem tr vo a ch VirtualIP.
88
89
90
n v thc hin
Ban DCNTT, cc
chi nhnh
Cc chi nhnh
2.1
2.2
2.3
Ban DCNTT
Cc chi nhnh
4.1
Ghi ch
4.3
4.4
4.5
4.6
4.7
4.8
Bo co kt qu thc hin
X l cc s c mng.
91
Ban DCNTT,
Cc chi nhnh
V. Kim th mng
Sau khi ci t xong phn cng v cc my tnh c ni vo
mng. Bc k tip l kim tra s vn hnh ca mng.
Trc tin, kim tra s ni kt gia cc my tnh vi nhau. Sau
, kim tra hot ng ca cc dch v, kh nng truy cp ca ngi
dng vo cc dch v v mc an ton ca h thng.
Ni dung kim th da vo bng c t yu cu mng c xc
nh lc u.
Kim tra cc kt ni t chi nhnh v TCT.
Kim tra cc Rule trn Firewall c ng nh thit k ban u khng.
VI. Bo tr mng
Mng sau khi ci t xong cn c bo tr mt khong thi gian
nht nh khc phc nhng vn pht sinh xy trong tin trnh thit
k v ci t mng.
Cn theo di h thng v bo co kt qu v TCT.
92
93
Thit b yu cu:
Km mng RJ-45
Thit b test cp mng
20m dy cp CAT5e, chia lm 4 on, mi on 5m
32 u ni RJ-45, mi nhm 8 u ni
8 my tnh c card mng, mi nhm 2 my tnh thc hnh ni
trc tip 2 my
2 hub/switch
Kho st cc loi Card mng v cc cng giao tip m n h tr.
Lp Card mng v ci t driver.
Kim tra card mng xem hot ng c cha, ghi nhn nh sn
xut card mng v tc kt ni ti a m n h tr.
Kho st cp mng CAT5, phn bit mu sc ca cc dy trong n.
Kho st u cp RJ-45 ca cp CAT5.
Dng km mng thc hin mt on cp Crossover Cable (cp
cho) u ni trc tip 2 PC.
Dng on cp trn ni trc tip 2 PC thng qua card mng ca
chng. Sau cu hnh a ch IP tnh ca 2 PC theo lp C sao cho
94
95
Switch#delete vlan.dat
Delete filename [vlan.dat]?
Delete flash:vlan.dat? [confirm]
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
Switch#reload
Proceed with reload? [confirm]
System configuration has been modified. Save? [yes/no]: n
:2
Configuration Revision
:0
96
Maximum VLANs supported locally : 250
Number of existing VLANs
:5
: Server
: Disabled
VTP V2 Mode
: Disabled
: Disabled
MD5 digest
:1
:5
: Server
: dtu
: Disabled
VTP V2 Mode
: Enabled
: Disabled
: 0x14 0x8E 0xDA 0xC9 0x0A 0x42 0xAF 0xE7
97
SW2(config)#vtp version 2
SW2(config)#vtp domain dtu
Changing VTP domain name from NULL to dtu
SW2(config)#vtp password thietkemang
Setting device VLAN database password to thietkemang
SW2(config)#vtp mode client
Setting device to VTP CLIENT mode.
Kim tra li thng tin VTP trn SW2
SW2#show vtp status
VTP Version
:2
Configuration Revision
:1
Maximum VLANs supported locally : 250
Number of existing VLANs
:5
VTP Operating Mode
: Client
VTP Domain Name
: dtu
VTP Pruning Mode
: Disabled
VTP V2 Mode
: Enabled
VTP Traps Generation
: Disabled
MD5 digest
: 0x14 0x8E 0xDA 0xC9 0x0A 0x42 0xAF 0xE7
Configuration last modified by 0.0.0.0 at 3-1-93 00:05:26
SW2#show vtp password
VTP Password: thietkemang
SW3:
Switch>enable
Switch#config terminal
Switch(config)#hostname SW3
SW3(config)#vtp version 2
SW3(config)#vtp domain dtu
Changing VTP domain name from NULL to dtu
SW3(config)#vtp password thietkemang
Setting device VLAN database password to thietkemang
SW3(config)#vtp mode transparent
Device mode already VTP TRANSPARENT.
SW3#show vtp status
98
99
100
SW2#show vtp status
SW3#show vlan
SW3#show vtp status
Lp li bc 6 trn cc Switch cn li
Kim tra li bng lnh show vlan trn c 3 Switch
SW1#show vlan
Protocol
up
Protocol
up
101
102
P HONE 1 P HONE 2
10BaseT
ACT 5V
103
104
2.12. CU HI N TP
Cu 1: Ti sao li phi ti u h thng mng ca chng ta?
Cu 2: Ti sao vic kim tra h thng l quan trng?
Cu 3: Ti sao ni vic lp ti liu trong thit k mng l quan trng?
Cu 4: Cc ni dung chnh trong ti liu thit k mng l g?
Cu 5: Vn thit k a ch IP trong mng c quan trng khng? Ti sao?
Chng 3
MNG CC B KHNG DY
106
107
108
109
110
111
Phm vi
ca IEEE
802.11
112
2.4 GHz
11 Mbit/s
~35 m
113
5 GHz
23 Mbit/s
54 Mbit/s
~35 m
2.4 GHz
23 Mbit/s
54 Mbit/s
~35 m
114
Op. Frequency
Data Rate
(Typ)
Range
(Indoor)
74 Mbit/s
300 Mbit/s
(2 streams)
~70 m
115
Chun
Phn loi
Ch thch
IEEE 802.11
Kt ni
Tn s: 2,4 GHz
Tc ti a: 2 Mbit/s
Tm hot ng: khng xc
nh
Chun l thuyt
IEEE 802.11a
Kt ni
Tn s: 5 GHz
Tc ti a: 54 Mbit/s
Tm hot ng: 25-75 m
IEEE 801.11b
Kt ni
Tn s: 2,4 GHz
Tc ti a: 11 Mbit/s
Tm hot ng: 35-100 m
Tng thch vi
802.11g
IEEE 802.11g
Kt ni
Tn s: 2,4 GHz
Tc ti a: 54 Mbit/s
Tm hot ng: 25-75 m
IEEE
8021.11n
Kt ni
Tn s: 2,4 GHz
Tc ti a: 540 Mbit/s
Tm hot ng: 50-125 m
IEEE 802.11d
Tnh nng
b sung
H tr bi mt s thit
b 802.11a v
802.11a/g
IEEE 802.11h
Tnh nng
b sung
Chn tn s ng (dynamic
frequency selection: DFS) v
iu khin truyn nng lng
(transmit power control: TPC)
hn ch vic xung t vi
cc thit b dng tn s 5 GHz
khc
H tr bi mt s thit
b 802.11a v
802.11a/g
116
WPA
Enterprise
Bo mt
WPA
Personal
Bo mt
WPA2
Enterprise
Bo mt
Da trn 802.11i
WPA2
Personal
Bo mt
Da trn 802.11i
EAP-TLS
Bo mt
Extensible Authentication
Protocol Transport Layer
Security
EAPTTLS/MSCHA
Pv2
Bo mt
EAP-Tunneled TLS/Microsoft
Challenge Authentication
Handshake Protocol
S dng cho
WPA/WPA2 Enterprise
EAP-SIM
Bo mt
S dng cho
WPA/WPA2 Enterprise
WMM
Multimedia
Mt thnh phn ca
bn tho 802.11e
WLAN Quality of
Service
117
118
119
120
121
122
123
124
125
126
127
128
129
Phone 2.4GHz
Camera khng dy
Cc thit b y hc
ng c thang my
130
131
132
133
134
135
136
137
3.5.4. TKIP
TKIP (Temporal Key Integrity Protocol) l gii php ca IEEE c
pht trin nm 2004. L mt nng cp cho WEP nhm v nhng vn
bo mt trong ci t m dng RC4 trong WEP. TKIP dng hm bm
(hashing) IV chng li vic gi mo gi tin, n cng cung cp phng
thc kim tra tnh ton vn ca thng ip MIC (Message Integrity
Check) m bo tnh chnh xc ca gi tin. TKIP s dng kha ng
bng cch t cho mi frame mt chui s ring chng li dng tn
cng gi mo.
3.5.5. AES
Trong mt m hc, AES (Advanced Encryption Standard - Tiu
chun m ha tin tin) l mt thut ton m ha khi c chnh ph
Hoa k p dng lm tiu chun m ha. Ging nh tiu chun tin nhim
DES, AES c k vng p dng trn phm vi th gii v c
nghin cu rt k lng. AES c chp thun lm tiu chun lin bang
bi Vin tiu chun v cng ngh quc gia Hoa K (NIST) sau mt qu
trnh tiu chun ha ko di 5 nm.
Thut ton c thit k bi hai nh mt m hc ngi B: Joan
Daemen v Vincent Rijmen (ly tn chung l "Rijndael" khi tham gia
cuc thi thit k AES). Rijndael c pht m l "Rhine dahl" theo phin
m quc t (IPA: [aindal]).
3.5.6. 802.1X v EAP
802.1x l chun c t cho vic truy nhp da trn cng (port-based)
c nh ngha bi IEEE. Hot ng trn c mi trng c dy truyn
thng v khng dy. Vic iu khin truy nhp c thc hin bng
cch: Khi mt ngi dng c gng kt ni vo h thng mng, kt ni
ca ngi dng s c t trng thi b chn (blocking) v ch cho
vic kim tra nh danh ngi dng hon tt.
138
139
3.5.7. WPA
WEP c xy dng bo v mt mng khng dy trnh b nghe
trm. Nhng nhanh chng sau ngi ta pht hin ra nhiu l hng
cng ngh ny. Do , cng ngh mi c tn gi WPA (Wi-Fi Protected
Access) ra i, khc phc c nhiu nhc im ca WEP.
Trong nhng ci tin quan trng nht ca WPA l s dng hm thay
i kho TKIP. WPA cng s dng thut ton RC4 nh WEP, nhng m
ho y 128 bit. V mt c im khc l WPA thay i kho cho
mi gi tin. Cc cng c thu thp cc gi tin ph kho m ho u
khng th thc hin c vi WPA. Bi WPA thay i kho lin tc nn
hacker khng bao gi thu thp d liu mu tm ra mt khu.
Khng nhng th, WPA cn bao gm kim tra tnh ton vn ca
thng tin (Message Integrity Check). V vy, d liu khng th b thay
i trong khi ang trn ng truyn. WPA c sn 2 la chn: WPA
Personal v WPA Enterprise. C 2 la chn u s dng giao thc TKIP,
v s khc bit ch l kho khi to m ha lc u. WPA Personal thch
hp cho gia nh v mng vn phng nh, kho khi to s c s dng
ti cc im truy nhp v thit b my trm. Trong khi , WPA cho
doanh nghip cn mt my ch xc thc v 802.1x cung cp cc kho
khi to cho mi phin lm vic.
Lu : C mt l hng trong WPA v li ny ch xy ra vi WPA
Personal. Khi m s dng hm thay i kho TKIP c s dng to
ra cc kho m ho b pht hin, nu hacker c th on c kho khi
to hoc mt phn ca mt khu, h c th xc nh c ton b mt
khu, do c th gii m c d liu. Tuy nhin, l hng ny cng s
b loi b bng cch s dng nhng kho khi to khng d on (ng
s dng nhng t nh "P@SSWORD" lm mt khu).
iu ny cng c ngha rng k thut TKIP ca WPA ch l gii
php tm thi, cha cung cp mt phng thc bo mt cao nht. WPA
ch thch hp vi nhng cng ty m khng truyn d liu "mt" v nhng
thng mi, hay cc thng tin nhy cm... WPA cng thch hp vi
nhng hot ng hng ngy v mang tnh th nghim cng ngh.
140
3.5.8. WPA2
Mt gii php v lu di l s dng 802.11i tng ng vi
WPA2, c chng nhn bi Wi-Fi Alliance. Chun ny s dng thut
ton m ho mnh m v c gi l Chun m ho nng cao AES. AES
s dng thut ton m ho i xng theo khi Rijndael, s dng khi m
ho 128 bit, v 192 bit hoc 256 bit. nh gi chun m ho ny, Vin
nghin cu quc gia v Chun v Cng ngh ca M, NIST (National
Institute of Standards and Technology), thng qua thut ton m i
xng ny.
Lu : Chun m ho ny c s dng cho cc c quan chnh ph
M bo v cc thng tin nhy cm.
Trong khi AES c xem nh l bo mt tt hn rt nhiu so vi WEP
128 bit hoc 168 bit DES (Digital Encryption Standard). m bo v mt
hiu nng, qu trnh m ho cn c thc hin trong cc thit b phn cng
nh tch hp vo chip. Tuy nhin, rt t ngi s dng mng khng dy
quan tm ti vn ny. Hn na, hu ht cc thit b cm tay Wi-Fi v
my qut m vch u khng tng thch vi chun 802.11i.
3.5.9. Lc (Filtering)
Lc l c ch bo mt c bn c th s dng cng vi WEP. Lc
hot ng ging nh Access list trn router, cm nhng ci khng mong
mun v cho php nhng ci mong mun. C 3 kiu lc c bn c th
c s dng trong wireless lan:
Lc SSID
Lc a ch MAC
Lc giao thc
3.5.9.1. Lc SSID
Lc SSID l mt phng thc c bn ca lc v ch nn c s
dng cho vic iu khin truy nhp c bn.
SSID ca client phi khp vi SSID ca AP c th xc thc v
kt ni vi tp dch v. SSID c qung b m khng c m ha
141
142
143
Basic Security
- No encryption
- WPA Passphase
- Basic anthentication
- WEP Encryption
- Public hotspots
- Home use
Enhanced Security
Remote Access
- 802.1x EAP
- Virtual Private
- Mutual Anthentication Network (VPN)
- Business Traveler
- TKIP Encrytion
- WPA/WPA2
- Telecommuter
- 802.11i Security
- Enterprise
144
145
146
147
148
him, v chun 802.11b cng khng nm ngoi qui lut trn. Cn nhng
m rng ca chun G nh Wireless-G vi SpeedBooster, Wireless-G vi
SRX ca Linksys chng hn th khng phi tt c cc Wireless Client u
tn dng c kh nng ny. V li ta cng nhn mc ch chnh ca cc
Wireless Client truy nhp mng y ch yu l truy nhp Internet chia
s vi tc ti a Vit Nam 2 Mbit/s. Do vy, u t mng khng dy
cho khu vc ny vi nhng chun cho kh nng cao hn 802.11g hin ti
s gy lng ph u t. Ta chn chun 802.11g cho kt ni khng dy vi
tc 54 Mbit/s ti khu vc ny. Cng nh mc trc ta cng nn chn
thit b c kh nng tng thch ngc vi chun 802.11a/802.11b.
3.6.3. Xc nh phn cng
3.6.3.1. Cho kt ni hai mng cc b li vi nhau
p ng cc iu trn ta chn thit b nh sau:
Cisco Aironet 1300 Series Outdoor Wireless Bridge c c im k thut:
Tng thch
Chun khng dy
Bng tn
iu bin khng dy
Vi 802.11b:
- Tri ph phn tn trc tip (DSSS - direct sequence spread
spectrum)
+ Differential Binary Phase Shift Keying (DBPSK) at 1
Mbit/s
+ Differential Quadrature Phase Shift Keying (DQPSK) at
2 Mbit/s
+ Complementary Code Keying (CCK) at 5.5 and 11 Mbit/s
Vi 802.11g
- OFDM Orthogonal Frequency Divisional Multiplexing:
+ BPSK h tr 6 v 9 Mbit/s
+ QPSK h tr 12 v 18 Mbit/s
+ 16-quadrature amplitude modulation (QAM) h tr 24 v
36 Mbit/s
+ 64-QAM h tr 48 v 54 Mbit/s
CSMA/CA
M ha/Bo mt
149
Bng tn
khuch i
u ni
Phn cc
13,5 dBi
RP-TNC
Dc
Lp t
di cp t WB n Antenna
0,6m
Tc
2 Mbit/s
11 Mbit/s
54 Mbit/s
150
S lng Cilent kt ni n
Antenna tch hp
Uplink
Bng tn h tr
Tun th bo mt
Chun 802.11g
54
24
30
48
45
53
36
60
76
24
69
84
18
76
100
12
84
107
91
114
100
122
5.5
128
134
137
151
ta s lp 02 Access Point (AP) phc v tng trt, sn, tin snh v ging
ng A. AP s c t cch mt t 5.2m AP ny s phc v c n
tng 02 ca c hai ta nh vi bo m kt ni. Ta cn cu hnh hai AP
ny hot ng hai knh khc nhau trnh giao thoa v ti mt im
bt k ca khu ny c 02 sng pht ra t 02 AP khc nhau. Nh vy ta
lp theo m hnh ny s tn dng c kh nng ca mi AP v gia tng
lu lng kt ni ln gp i, gnh vc kt ni cho nhau khi mt trong
hai AP b qu ti. Ti tng 06 ca ta nh pha X ta lp thm mt AP
na. AP ny s phc v c cc kt ni ca phn cn li trong ta nh
ny v cc tng trn ca ta nh pha X. Lu : Khi lp hon thnh cc
AP ny ta cn dng cc cng c kim tra tn s kt ni m bo cht
lng tn hiu v khng phi thc hin cc bin php bo mt, quyn
truy nhp hin c trn AP m bo tt c cc Wireless Client nhng
khu vc u truy nhp c vo mng v s dung Internet chia s.
Ngoi ra cn c mt s thit b ph tr khc i km cc thit b c
bn trn phi c cc thit b ny c th vn hnh c: B cp ngun
qua Ethernet, Adapter ri km theo AP, c gi Antenna, cp Antenna,
u ni
3.6.4. Thit k chi tit kt ni WLAN
3.6.4.1. S phn b thit b ti im X
152
153
154
Tng 6:
155
156
3.8. CU HI N TP
Cu 1: Cc chun mng WLAN no c s dng ph bin nht Vit
Nam? Cho v d v trnh by c im?
Cu 2: Trnh by qu trnh chng thc 802.1x EAP.
Cu 3: Theo bn th hin nay gii php bo mt no dnh cho WLAN l
tt nht? To sao?
Cu 4: Theo bn th gii php bo mt no l tt nht trin khai cho
mng khng dy trong gia nh v cc doanh nghip nh?
Chng 4
158
WAN Specification
X.21
SMDS
Physical Layer
SDLC
MAC
Sublayer
PPP
LAPB
HDLC
Network Layer
Frame Relay
X.25
OSI Layers
EIA/TIA-232,
EIA/TIA-449,
V.24, V.35,
HSSI,
G.703,
EIA-530
159
160
161
cng ngh thng tin, nhm gim chi ph thit b v ph truyn thng,
gim thiu ti nguyn con ngi cho vic vn hnh h thng.
4.3.3. Bo mt
Vic m bo an ninh, xy dng chnh sch an ninh v thc hin an
ninh th no phi c tnh n ngay t bc thit k.
4.4. MT S CNG NGH KT NI WAN
4.4.1. Mng chuyn mch knh
Mng chuyn mch knh (Circuit Switching Network) thc hin
vic lin kt gia hai im nt qua mt ng ni tm thi hay ginh
ring gia im nt ny v im nt kia. ng ni ny c thit lp
trong mng th hin di dng cuc gi thng qua cc thit b chuyn
mch.
Mt v d ca mng chuyn mch knh l hot ng ca mng in
thoi, cc thu bao khi bit s ca nhau c th gi cho nhau v c mt
ng ni vt l tm thi c thit lp gia hai thu bao.
Vi m hnh ny mi nt mng c th kt ni vi bt k mt nt
khc. Thng qua nhng ng ni v cc thit b chuyn dng ngi ta
c th to ra mt lin kt tm thi t ni gi ti ni nhn, kt ni ny
duy tr trong sut phin lm vic v c gii phng ngay sau khi phin
lm vic kt thc. thc hin mt phin lm vic cn c cc th tc
y cho vic thit lp lin kt trong c vic thng bo cho mng
bit a ch ca nt gi v nt nhn. Hin nay c 2 loi mng chuyn
mch l chuyn mch tng t (analog) v chuyn mch s (digital).
4.4.1.1. Chuyn mch tng t (Analog)
162
163
Thng lng
Ghp knh
T0
56 kbit/s
1 ng thoi
T1
1.544 Mbit/s
24 ng T0
T2
6.312 Mbit/s
4 ng T1
T3
44.736 Mbit/s
28 ng T1
T4
274.176 Mbit/s
168 ng T1
164
165
166
Tc
144 Mbit/s i xng
1,544 Mbit/s i xng
2,048 Mbit/s i xng
1,544 Mbit/s i xng
Khong cch
5 km
3,6 km 4,5 km
3,6 km 4,5 km
S i
dy ng
1 i
2 i
3 i
2 i
167
ADSL
VDSL
13 52 Mbit/s ng xung
1,5 2,3 Mbit/s ng ln
3 i
3 km
7 km
5 km
300 m 1,5 km
(ty tc )
1 i
1 i
1 i
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
Firewalls
Phisical protection
data encryption
login/password
INFORMATION
Access rights
Kim sot kh nng truy nhp ngi s dng gia hai mng.
195
196
197
thc kt ni mng din rng khc nhau hin c ti Vit Nam nh Leased
line, v tuyn tri ph, ISDN, Frame Relay, VPN, Dialup ...
Cc h thng u c n nh, chnh xc cao
Phi bo ton c u t ban u cho h thng ca chng ta.
4.7.2.2. Cc yu cu ca h thng
Kt ni c vi Internet
C th truy nhp vo trung tm mng qua mng in thoi cng
cng PSTN
H thng c c thit k nh mt ISP c nh.
H thng kt ni v truy nhp phi c tc cao, hot ng n nh,
m bo cc yu cu v bo mt thng tin, an ton tuyt i cho d liu
v cc thng tin quan trng
H thng mng c thit k v xy dng m bo c th p
ng mt cch y nhu cu khai thc thng tin, cng nh tc truy
xut thng tin t trung tm mng ti cc chi nhnh v ti Internet
H tr cc cch thc kt ni mng din rng vi cc chi nhnh hin
c ti Vit Nam v tng lai nh Leased line, ISDN, Frame Relay,
xDSL, dialup qua mng in thoi cng cng ...
C kh nng m rng v p ng c yu cu ca cc ng dng
i hi tc cao hin nay v trong tng lai s trin khai th vin in
t, cc ng dng a phng tin, truyn hnh hi ngh, ... m khng b
ph v cu trc thit k ban u
Phn mng truy nhp cc phn mng nh phi c bo v qua h
thng tng la thng qua chnh sch an ninh cht ch i vi tng phn
mng.
ng kt ni vi Internet phi m bo tc cao, n nh v
sn sng cao thng qua hai knh thu ring ti hai nh cung cp IXP/ISP
khc nhau. c th thc hin cc mc tiu nh Qung b Website: Cho
php ngi dng t ngoi Internet (bao gm trong v ngoi Vit Nam) c
th truy nhp n cc trang Web t ti my ch trong h thng. y
198
chnh l mi trng qung b thng tin, chnh sch, v.v... nhanh nht,
tin li nht. Truy nhp Internet: Cho php ngi s dng trong ni b
mng c kh nng truy nhp cc thng tin trn Internet. Cho php ngi
dng trong mng s dng cc dch v Internet nh Web, FTP, trao i
thng tin, din n tho lun, ... v cui cng l bng thng ng truyn
kt ni Internet phi c m bo, cho php cc h thng dch v nh
H thng tm kim (Search Engine) dng thu thp thng tin trn
Internet, cp nht Website, v.v...
Cc thit b kt ni v truy nhp c chn la t cc hng cung cp
thit b mng ni ting c uy tn trn th gii nh Cisco, Nortel, .. m
bo n nh, bn v d dng nng cp khi cn thit.
Hin nay c 2 phng n trin khai c s h tng Cng ngh thng
tin cho cc chi nhnh l: Gii php phn tn - u t phn cng, phn
mm ti chi nhnh v Gii php tp trung - tp trung phn cng, phn
mm ng dng ti DataCenter v cung cp dch v cho chi nhnh.
199
200
201
202
203
204
205
206
207
208
TI LIU THAM KHO
[1] Nguyn Thc Hi (1997), Mng my tnh v cc h thng m, NXB
Gio dc
[2] Phm Th Qu (2008), Cng ngh Mng my tnh, NXB Bu in
[3] Ng B Hng (2005), Gio trnh Thit k - Ci t mng, i hc
Cn Th
[4] Cisco Press Top (2011), Down Network Design 3nd Edition
[5] CCIE Network Design (Cisco)
[6] Wireless LAN Design (Cisco)
[7] IP Network Design Guide (June 1999), IBM
[8] Joshua Backfield (2008), Network Security Mode, SANS Institute
[9] http://www.rhyshaden.com/ppp.htm
[10] http://www.interfacebus.com/Design_HDLC.html
[11] Mt s ti liu trn Internet.
MC LC
Li ni u.......................................................... ....... ....................................3
Chng 1: TNG QUAN V THIT K MNG ...................................... 5
1.1. Tin trnh xy dng mng................................................................. 5
1.1.1. Thu thp yu cu ca khch hng ............................................ 6
1.1.2. Phn tch yu cu ..................................................................... 7
1.1.3. Thit k gii php..................................................................... 8
1.1.4. Ci t mng .......................................................................... 10
1.1.5. Kim th mng....................................................................... 11
1.1.6. Bo tr h thng...................................................................... 11
1.2. Cu hi n tp.................................................................................. 11
Chng 2: THIT K MNG CC B.................................................... 13
2.1. Phn loi mng................................................................................ 13
2.1.1. Phn loi mng theo vng a l ............................................ 13
2.1.2. Phn loi mng my tnh theo topology mng....................... 14
2.1.3. Phn loi mng my tnh theo chc nng .............................. 16
2.2. Mng cc b v giao thc iu khin truy cp ng truyn....... 16
2.2.1. Giao thc CSMA/CD............................................................. 17
2.2.2. Giao thc truyn th bi (Token passing) .............................. 17
2.2.3. Giao thc FDDI...................................................................... 18
2.3. Cc loi thit b s dng trong mng LAN .................................... 19
2.3.1. Network Adapter.................................................................... 19
2.3.2. Repeater.................................................................................. 22
2.3.3. Hub......................................................................................... 23
2.3.4. Bridge..................................................................................... 24
2.3.5. Switch..................................................................................... 27
2.3.6. Router..................................................................................... 29
2.4. Cc t chc chun ha v mng..................................................... 31
NG M HNH
NGUYN TIN S
Trnh by sch:
Sa bn in:
NGUYN TH VIT
Thit k ba: