CFTS

Network Architecture Masterclass: 8 Weeks to Becoming an Architect

Most network training teaches you HOW—how to click buttons in a GUI, how to enter commands that someone else wrote, how to memorize CCNA flashcards. But it rarely teaches you WHY. Why does a packet move from one subnet to another? Why does BGP prefer one route over another? Why does RADIUS work where simple password authentication fails? This gap between knowledge and understanding is why 80% of network engineers cannot troubleshoot production incidents when the GUI fails.

The CFTS Uganda Network Architecture Masterclass is different. Over 8 weeks, working 6 hours per week across three 2-hour sessions, four engineers will build a real, functioning network infrastructure from the ground up. Not simulated. Not virtual. Real Cisco 3650 switches. Real Cisco 2800 routers configured on a stick. Real Raspberry Pi 4s running production-grade services. Real packets flowing across real Ethernet cables.

You will own 8 physical ports on the 48-port switch for the entire 8 weeks. Every problem on those ports is YOUR problem. If you misconfigure a VLAN, your Nginx server goes down—not because "the network is broken," but because YOU need to understand what you built. This is operational accountability. This is how architects think.

By week 8, each engineer will have built a complete network stack: Layer 1 physical topology, Layer 2 VLANs and switching, Layer 3 OSPF dynamic routing, Layer 4 transport protocols, and Layers 5-7 running Bind9 DNS, SAMBA file sharing, Nginx web servers, Asterisk VoIP, and FreeRADIUS authentication. You will see your Asterisk phone register across OSPF routes YOU configured. You will run DNS queries that YOU set up. You will understand the entire OSI model because you built it, piece by piece, in hardware.

This is not about certifications. This is about transformation. By the end of 8 weeks, you will think like an architect, troubleshoot like an expert, and understand networking at a depth that separates true engineers from button-clickers.

Why This Path?

  • check_circleProduction-grade equipment: Real Cisco routers and switches, not simulators
  • check_circlePersonal ownership: 8 dedicated ports ensure accountability and deep learning
  • check_circleComplete stack: From physical layer to application services in 8 weeks
  • check_circleHands-on troubleshooting: Learn why packets move, not just that they do
  • check_circleCloudflare integration: Connect your lab to global infrastructure
8 Weeks

Intensive Training

6 Hours

Per Week

4 Engineers

Per Cohort

48 Ports

Cisco 3650

Core Topics & Technologies

Master these technologies through hands-on, hardware-based learning

dns

Bind9 DNS

Domain Name System infrastructure and DNS query resolution. Learn authoritative nameservers, recursive resolvers, zone files, DNS records (A, AAAA, MX, CNAME, TXT), DNSSEC for security, and how your network resolves hostnames to IP addresses across the internet.

  • Zone configuration and management
  • Forward and reverse DNS lookups
  • DNS security extensions (DNSSEC)
folder_shared

SAMBA

Windows file sharing protocol (SMB/CIFS) on Linux. Enable your network to share files with Windows machines, implement user authentication, manage access controls, and understand how enterprise file sharing works across heterogeneous networks.

  • SMB/CIFS protocol implementation
  • User authentication and permissions
  • Share management across platforms
language

Nginx Web Server

High-performance web server and reverse proxy. Configure virtual hosts, SSL/TLS encryption, load balancing, and understand how HTTP requests traverse your network infrastructure. See how web traffic flows through your VLAN setup.

  • Virtual host configuration
  • SSL/TLS certificates and HTTPS
  • Reverse proxy and load balancing
phone_in_talk

Asterisk VoIP

Private Branch Exchange (PBX) for Voice over IP. Set up phone extensions, manage SIP trunks, configure IVR (Interactive Voice Response), and see real voice packets traverse the network infrastructure you built. Experience the OSI model delivering actual communications.

  • SIP (Session Initiation Protocol) endpoints
  • Extension configuration and routing
  • IVR scripts and call handling
security

FreeRADIUS & 802.1X

Authentication, Authorization, and Accounting (AAA) infrastructure. Implement RADIUS servers for centralized user authentication, integrate 802.1X port-based network access control, and understand how enterprises enforce network security at Layer 2. Learn why stolen passwords don't compromise your entire network.

  • RADIUS authentication and accounting
  • 802.1X port-based access control
  • EAP (Extensible Authentication Protocol)
settings

Systemctl & Services

Linux service management, systemd initialization system, and operational automation. Learn to manage, monitor, and troubleshoot services, configure startup behavior, and understand logging through journalctl. Essential for production network administration.

  • Service lifecycle management
  • System logging and journalctl
  • Service dependencies and ordering
share_location

OSPF Routing

Open Shortest Path First—the dynamic routing protocol used in enterprise networks. Configure routers to automatically discover network topology, calculate optimal paths, adapt to link failures, and distribute routes. See how your network becomes intelligent and resilient.

  • OSPF areas and router types
  • Link State Advertisement (LSA)
  • Shortest Path First (SPF) algorithm
public

BGP Internet Routing

Border Gateway Protocol—the routing protocol that powers the entire internet. Learn how Autonomous Systems (AS) exchange routes, understand path selection, communities, and policy-based routing. Understand the internet's backbone.

  • iBGP and eBGP peering
  • BGP attributes and path selection
  • Route filtering and policy
router

IPv4 Fundamentals

Internet Protocol version 4—the foundation of modern networking. Subnetting, CIDR notation, NAT, routing tables, and packet forwarding. Understand why your network is organized the way it is and how every device finds every other device.

  • Subnetting and CIDR notation
  • RFC 1918 private addressing
  • NAT and IP address translation
code_blocks

Git & GitHub

Version control and collaborative development. Learn Git fundamentals—commits, branches, merging, and conflict resolution. Master GitHub for team collaboration, pull requests, code reviews, and distributed development workflows. Essential skill for modern engineering teams and documentation of your network configurations.

  • Git workflows and branching strategies
  • GitHub pull requests and code reviews
  • Configuration backup and version history

Pricing & Investment

This is an intensive, hands-on program with production equipment and dedicated infrastructure. The investment reflects the quality and outcomes.

1.5UGX / week

Total: 12 UGX for the entire 8-week program (1.5 UGX × 8 weeks)

What's Included

  • checkReal Hardware Access: 48-port Cisco 3650 switch, Cisco 2800 router, Raspberry Pi 4s, network cables, and laboratory space
  • check8 Dedicated Ports: Personal, dedicated switch ports for the entire 8 weeks—your infrastructure to configure and troubleshoot
  • checkInstruction & Mentorship: Expert-led sessions, guidance on troubleshooting, and architectural consulting
  • checkProduction Services: Bind9 DNS, SAMBA file servers, Nginx web servers, Asterisk VoIP, and FreeRADIUS running on instructor infrastructure for your learning
  • checkCloudflare Integration: Connect your lab network to global edge infrastructure and learn modern CDN and DDoS protection
  • checkHands-on Labs: Real packet capture, route troubleshooting, service configuration, and production-grade scenarios

Why This Investment?

A single Cisco 3650 switch costs 8,000-12,000 USD. A Cisco 2800 router costs 3,000-5,000 USD. The annual maintenance and electricity for this lab environment is substantial. More importantly, your learning will be deeper than any online course or certification prep. You're not just learning networking—you're becoming a network architect. By the end, you'll be worth significantly more in the job market.

trending_up

Investment Breakdown

  • Week 1-2 (Foundations): 1.5 UGX/week
  • Week 3-5 (Routing): 1.5 UGX/week
  • Week 6 (Advanced): 1.5 UGX/week
  • Week 7-8 (Services): 1.5 UGX/week
  • Total (8 weeks): 12 UGX
auto_awesome

What You Get

  • circle Complete network architecture mastery
  • circle Real hands-on production experience
  • circle Portfolio-building project
  • circle Certification-ready knowledge
  • circle Architect-level troubleshooting skills
  • circle Job market competitive advantage

8-Week Curriculum

Progressive learning from physical layer foundations through production services

Weeks 1-2

Foundations: Layers 1-2

  • arrow_rightPhysical layer cabling
  • arrow_rightSwitch hardware
  • arrow_rightVLAN configuration
  • arrow_rightYour 8 ports are yours
Week 3

Git & GitHub Workflows

  • arrow_rightGit basics and commits
  • arrow_rightBranching and merging
  • arrow_rightGitHub collaboration
  • arrow_rightBacking up configs to GitHub
Week 4

Layer 3: IPv4 & Subnetting

  • arrow_rightIPv4 addressing
  • arrow_rightCIDR notation
  • arrow_rightRouting table basics
  • arrow_right/24 to /30 networks
Week 5

Router-on-a-Stick: VLANs Across Routers

  • arrow_rightSubinterfaces on Cisco 2800
  • arrow_rightInter-VLAN routing
  • arrow_rightVLAN trunking
  • arrow_rightWhy packets move
Week 6

OSPF Dynamic Routing

  • arrow_rightLink-state routing
  • arrow_rightOSPF areas
  • arrow_rightNeighbor discovery
  • arrow_rightAutomatic failover
Week 7

BGP & Internet Scale

  • arrow_rightAutonomous Systems
  • arrow_rightBGP peering
  • arrow_rightPath attributes
  • arrow_rightInternet backbone
Week 8

Production Services & Integration

  • arrow_rightBind9 DNS queries
  • arrow_rightSAMBA file sharing
  • arrow_rightNginx & Asterisk
  • arrow_rightFreeRADIUS 802.1X