CIS460 – NETWORK ANALYSIS AND DESIGN CHAPTER 10 Selecting Technologies and Devices for Enterprise Networks
Introduction We are going to look at the technologies for remote-access and WAN components of an enterprise network design We will talk about physical and data link layer protocols and enterprise network devices such as remote-access servers, routers and WAN switches What you select will depend on bandwidth and quality of service requirements, network topology, business requirements and constraints and technical goals
Remote Access Technologies Have become a more important ingredient of many network designs It is important to recognize the location and number of full and part time telecommuters and the extent that mobile users need to access the network How often and amount of time on the network will drive what you give them
Point-to-Point Protocol Standard data-link-layer protocol for transporting various network-layer protocols across serial, point-to-point links Can be used for a single user or a group can be used with ISDN, analog lines, digital leased line, and other WAN technologies
Point-to-Point Protocol (Cont’d) Provides following services: Network-layer protocol multiplexing, link configuration, link quality testing, link-option negotiation, authentication, header compression and error detection Four functional layers: Physical layer encapsulation of network-layer datagrams Link Control Protocol Network Control Protocols
Multilink PPP and Multichassis Multilink PPP Adds support for channel aggregation to PPP which can be used for load-balancing and providing extra bandwidth MPPP ensures packets arrive in order Multichassis is a Cisco enhancement to MPPP that allows channel aggregation across multi-remote-access servers at a central site
Multilink PPP and Multichassis Multilink PPP (Cont’d) Multichassis MPPP allows multiple access servers to be grouped into a single stack group Uses Stack Group Bidding Protocol (SGBP) to elect a server to handle aggregation for an application SGBP can be weighted so that CPU intensive process are offloaded to routers designated as offload servers
Password Authentication Protocol and Challenge Handshake Authentication Protocol Supports both PAP and CHAP authentication CHAP is more secure than PAP. PAP can be used if remote station does not support CHAP CHAP is superior. PAP sends password in plain text. An intruder can use a protocol analyzer to capture and use it CHAP uses a connect, challenge, hashed response and accept/deny reply
Integrated Services Digital Network PPP is often used with ISDN since it provides data encapsulation, link integrity and authentication for ISDN Cost effective solution for high transmission speed and quick connection requirements Charge is a basic monthly fee and a usage time charge MPPP can be used to aggregate ISDN channels
ISDN Components Terminal equipment type 1 (TE1)(compliant) Non-ISDN terminal equipment Type 2 (TE2) (non compliant) NT1 devices (physical-layer & connect user) NT2 devices (Layer 2 and 3 protocols) Reference point interfaces
Cable Modem Remote Access Another option that uses coax cable used for cable TV Much faster than analog and usually faster than ISDN some cable-network service providers offer hybrid fiber/coax (HFC) systems that connect CATV networks to the service-providers high-speed fiber-optic network
Challenges Associated with Cable Modem Systems It’s a new technology and there are many standards that do not interoperate with each other the CATV infrastructure is designed for TV signals in one direction Usually more bandwidth is offered downstream than upstream Number of users on system
Digital Subscriber Line Remote Access Growing in popularity with home users Have to use a DSL modem or other device DSL uses sophisticated modulation schemes to offer much higher speeds than ISDN, 32Mbps for downstream traffic and 15Kbps to 1.5 Mbps for upstream Comes in different flavors (ADSL, HDSL, VDSL, SDSL, RADSL, IDSL, and CDSL)
Asymmetric Digital Subscriber Line Has three channels high-speed downstream from 1.5 to 9 Mbps medium speed duplex from 16 Kbps to 640 Kbps POTS 64 Kbps channel for voice
High-Bit-Rate Digital Subscriber Line Provides same upstream and downstream 1.544 over 2 wire pair or 2.048 Mbps over 3 wire pairs Has a 12,000 to 15,000 operating distance which is shorter than ADSL’s 18,000 feet Telco can install repeaters for a price
Selecting Devices for Remote Users Users using for less than 2 hours a day can use an analog modem Before selecting a modem read reviews for reliability, interoperability with other brands of modems, interoperability with typical services, speed and throughput, latency, ease of setup, support for advanced features and cost
Selecting Devices for Remote Users (Cont’d) Faster access requires cable modems, DSL or a small router that has an ISDN or other type of WAN port for a router look at: protocol support, support for a remote user or remote LAN, channel aggregation, ease of configuration, security, reliability, interoperability and cost
Selecting Devices for the Central Site Generally includes remote access servers. Five types of services Remote node services- various devices Terminal services - Telnet, rlongin X.25, etc Protocol translation services - access hosts Asynchronous routing services - layer 3 routing functionality Dialout services - share access server modems
Selecting Devices for the Central Site (Cont’d) Additional criteria number of ports and type support for services configuration flexibility and modularity support for network address translation (NAT) or port address translation (PAT) for hosts on remote networks, Dynamic Host Configuration Protocol and multimedia features and protocols
WAN Technologies Variety of common and established WAN technologies Newer technologies are growing such as Wireless WAN Low-orbit satellite, cellular and radio-frequency wireless will probably become popular option of voice, pager and data services
Systems for Provisioning WAN Bandwidth Must select correct bandwidth required.Varies depending on location. Europe uses 30 B-channels and 1 d-channel for admin purposes, the U.S. uses 24 b-channels and 1 d-channel for admin purposes the number of digital streams multiplexed together determine network speed
Leased Lines A dedicated circuit that a customer leases from a carrier for a predetermined amount to time usually for months or years line is dedicated to that customer Mature and are proven technology Dedicated to a single customer
Synchronous Optical Network Physical layer specification for high-speed synchronous transmission of packets or cells over fiber-optic cabling can be ATM or packet-based networks provides more sophisticated multiplexing and demultiplexing of individual signals 4 layer protocol stack - photonic layer, section layer, line layer and path layer Usually connected in a ring topology
Switched Multimegabit Data Service SMDS is a physical and data link layer WAN technology alternative to leased lines which runs on fiber or copper media usually positioned as a high-speed, low-latency, cost effective solution for connecting LANs and MANs over a cell relay WAN can have just one physical connection to the service provider’s network
Frame Relay High-performance WAN protocol that operates at the physical and data-link layers of OSI offers a cost-effective method for connecting remote sites typically at speeds from 64Kbps to 1.544 Mbps it is efficient, flexible and has low latency
Frame Relay Hub-and-Spoke Topologies and Subinterfaces Frame relay is often designed in hub and spoke topology A central site router can have many logical connections to remote sites with only one physical connection to the WAN One problem is that split horizon can limit routing. Distance vector routing protocols do not repeat information out the interface it was received on
Frame Relay Hub-and-Spoke Topologies and Subinterfaces (Cont’d) A solution to split-horizon is to use a full-mesh design with physical circuits between each site use subinterface which is a logical interface that is associated with a physical interface. The router then applies the split horizon rule based on logical interfaces instead of physical ones Downside is that router configurations are more complex
Frame Relay Congestion Control Mechanisms A frame relay device has the ability to transmit data at its physical access rate for extended periods of time Includes congestion control mechanisms to ensure fair bandwidth allocation and feedback mechanisms Forward-explicit congestion notification Backward-explicit congestion notification
Frame Relay Bandwidth Allocation Most frame relay networks provides some guarantee of band width availability Committed information rate (CIR) is the guarantee At or below CIR will accept it Leaky bucket some providers offer zero CIR (inexpensive) only make a best effort
Frame Relay/ATM Interworking As ATM gains popularity WANs that use both ATM and Frame Relay technologies are becoming more popular Frame Relay/ATM Interworking is used to describe the protocols and processes for connecting ATM and Frame Relay WANs With network interworking 2 or more frame relay networks are connected via an ATM core network With service interworking an ATM network connects to a Frame Relay network
ATM Wide Area Networks Support ver high bandwidth requirements copper cabling T3 or above Fiber optic - speed up to 9.952 Gbps and beyond Facilitates efficient sharing of bandwidth among applications with various QoS requirements Save money spent on monthly tariffs for WAN circuits
Selecting Devices and Service Providers for an Enterprise WAN Design An enterprise WAN design is based on high-performance routers and WAN switches
Selecting Routers for an Enterprise WAN Design High throughput, high availability and advanced features to optimize the utilization of expensive WAN circuits select to support bandwidth requirements, appropriate packets-per-second level and adequate memory and processing power to forward data and handle routing protocols Also provide advanced features such as advanced switching and queuing techniques, traffic shaping express forwarding
Selecting WAN Switches for an Enterprise WAN Design Multiservice WAN switches that handle ATM, Frame Relay and remote-access technologies are gaining in popularity support a variety of data types, interfaces and services and optimize bandwidth utilization Intelligent queue-handling algorithms that take into account the behavior of different types of applications Reallocate buffers as needed
Selecting a WAN Service Provider Cost of service but may not be the most important extent of services and technologies offered geographical areas covered reliability and performance characteristics of providers internal network level of security offered level of technical support
Selecting a WAN Service Provider (Cont’d) Characteristics of provider’s network: physical routing of network links redundancy extend relies on other providers for redundancy level of over subscription bandwidth allocation mechanisms for QoS
Selecting a WAN Service Provider (Cont’d) types of switches and optimization features frequency and typical causes of outages security methods from intrusion security methods for privacy disaster recovery plans
Selecting a WAN Service Provider (Cont’d) Service Level Support Agreements (SLAs) experience level of installation and support staff experience with your particular protocols and applications dedicated single-point of contact received ISO 9002 certification How difficult to provision and price new services Offer a customer training program
Summary There are many options of LANs and WANs No single technology or device is the right answer for all circumstances The physical design depends on business objectives, technical requirements, traffic characteristics, and traffic flows The physical design builds on the logical design