|For the concept of Router>> WS 2008 >> Switch>>PC, actually I'm also not sure why because I just listen to other team to do like that to make make the server as main server that provide firewall, dhcp, dns.|
Ok, that's what I figured. Personally, I wouldn't rely on the server for your firewall. I would use a firewall appliance, or more likely in my case, teamed (redundant) OpenBSD (UNIX) servers with failover running the pf filter. I would also use them to do the routing. If I were setting this up, it would look as follows:
External >> Router/Firewall >> Switch >> Server & Clients
With this setup the server which will be a Domain Controller (DC) if you make it an AD (active directory) integrated domain. With a DC, you don't want to run any more services on it than you have to and the added load of handling all traffic in this scenario, plus doing the firewall, would slow everything else down on the DC. Your DC should only be doing DNS and DHCP. For redundancy sake, you should have a second (redundant) DC in your network. If you require a mail server, that should run on another, separate, server just like the firewall and NAT should be done on any server not a DC.
I see several things in this assignment that annoy me. Why is it instructors insist on giving out such unrealistic assignments?
Nobody is using IPv6 yet. Yes, the day will come for it, but for now everyone is still using IPv4 and that's what you should be using for this assignment.
Just a quick overview of your assignment tells me you have several single points of failure. You have a single router and a single server acting as the firewall through which all traffic passes. If your server dies, no domain client can logon to the domain and external traffic stops flowing. If the router dies, all external traffic stops.
It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.