Presentation is loading. Please wait.

Presentation is loading. Please wait.

Switched Multimegabit Data Service (SMDS) Defined b b SMDS offers the ability to eliminate the geographic restrictions of distributed high-speed data communications.

Published byThomasine Freeman Modified over 9 years ago

Similar presentations

Presentation on theme: "Switched Multimegabit Data Service (SMDS) Defined b b SMDS offers the ability to eliminate the geographic restrictions of distributed high-speed data communications."— Presentation transcript:

1 Switched Multimegabit Data Service (SMDS) Defined b b SMDS offers the ability to eliminate the geographic restrictions of distributed high-speed data communications at native LAN speeds b b SMDS, in its most common form as a public, connectionless, cell-switched data service, allows data to be switched between multiple public-addressed subscribers at multimegabit per second speed b b SMDS offers the capability to virtually extend the LAN, at direct connect LAN speeds, across the MAN and WAN

2 Origins of SMDS b b SMDS was created as a Metropolitan Area Network (MAN) service by Bellcore as a service and not a protocol b b The first realization of SMDS was defined using the DQDB technology, as specified in the IEEE 802.6 standard. b b The IEEE 802.6 DQDB standard defines connectionless data-transport service using 53-byte slots to provide integrated data, video, and voice services over a MAN, which is typically a geographic area of diameter less than 150 km

3 Origins of SMDS (Continue…) b b SMDS is a form of cell switching. Cell switching is defined in terms of standards, underlying architectures, initial services implementation (such as SMDS), and protocols. b b Cell switching has taken two development paths: connectionless data transport in the form of IEEE 802.6 (DQDB) connection-oriented and connectionless in the form of Asynchronous Transfer Mode (ATM) b b SMDS services use the IEEE 802.6 DQDB CL (Connectionless) service

4 Origins of SMDS (Continue…) b b Central-office switch vendors such as Siemens Stromberg-Carlon were the primary players for the first versions of cell switching to hit the telecommunications market: Switched Multimegabit Data Service (SMDS) using the DQDB architecture as access b b These switches first made use of DQDB’s ConnectionLess (CL) service b b Versions of SMDS service have been offered by IXCs, LECs, and PTTs worldwide, including MCI Communications, Brotish Telecom, Telecom Ireland, and Deutsch Telecom

5 What is a MAN? b b The interconnection of multiple SMDS or DQDB subnetworks forms a Metropolitan Area Network (MAN). b b The MAN can provide shared media for voice, data, and video transmissions over a local geographic area, as well as high-speed extension of each LAN and WAN attached b b Cells are routed through the MAN wideband channels similar to packets in a packet-switched network, except that the bandwidth is 155 Mbps b b Refer to Figure 12.1 (p. 470)

6 What is a MAN? (Continue…) b b MANs interconnect LANs and WANs, while providing switching, concentration, and high-speed data transport. b b The MAN operates on a shared DQDB bus. This bus operates as a LAN, where each station on the bus has equal access to all available bandwidth b b MANs implementing DQDB architecture to support SMDS will cut switched-network costs

7 SMDS Service-Public versus Private b b SMDS is primarily a public data network offering, but could also be used in a private network. b b SMDS will connect multiple nodes, referred to as Customer Access Nodes (CANs). b b SMDS can provide transport for a variety of customer network access methods, including packet-switched networks, synchronous data transport, ISDN, and LANs such as Ethernet and Token Ring b b SMDS is publicly offered by several RBOCs (Ameritech, Bell Atlantic, BellSouth, GTE, Pacific Bell, and SNET) and only one IntereXchange Carrier (IXC), MCI Communications

8 Subscriber Interface and Access Protocols b b There are six major methods for users to access an SMDS network SMDS Subscriber Network Interface (SNI) SMDS Interface Protocol (SIP) Data eXchange Interface (DXI) SIP Relay Access ATM UNI Access b b Refer to Figure 12.2 (p. 473)

9 SMDS L3_PDU b b The L3_PDU carries the real protocol value of SMDS b b Refer to Figure 12.3 (p. 474) b b The three most common types of transport for the L3 PDU are the DXI frame, 802.6 cell, and ATM cell SMDS Subscriber Network Interface (SNI) b b The SNI is the subscriber physical and administrative interface and boundary to the SMDS network or service provider b b Standard SNI access methods use the access DQDB protocol and standard CSU/DSU b b Refer to Figure 12.2 (p. 473)

10 SMDS Interface Protocol (SIP) b b SIP Provides for many CPE devices to communicate over the SNI using the DQDB protocol. b b SIP operation is primarily the exchange of L3_PDUs between CPE and SMDS network switching nodes b b This operation is called an “Access DQDB”, which is distinguished as CPE-to-MAN Switching System access b b The SMDS access DQDB is based on the open bus topology b b If there are multiple customers at a site, each customer must be provided a separate access DQDB into the SMDS network b b Refer to Figure 12.2 (p. 473) b b Refer to Figure 12.4 (p. 475)

11 Data eXchange Interface (DXI) b b The Data eXchange Interface (DXI) was developed by the SMDS Interest Group as a cost-effective access method b b It required only the upgrade of the CSU/DSU equipment and software on the CPE device rather than a hardware upgrade to the CPE device b b This allowed for easy integration and upgrade capability to SMDS for the existing router base b b Refer to Figure 12.2 (p. 473)

12 Data eXchange Interface (DXI) (Continue…) b b The DXI Local Management Interface (LMI) protocol is used for signaling across the DXI b b A High Speed Serial Interface (HiSSI) can also provide transport for DS3 DXI access, and is used by providers such as MCI Communications b b The DXI is an enhanced version of the standard HDLC protocol and frame b b Refer to Figure 12.5 (p. 476)

13 Data eXchange Interface (DXI) (Continue…) b b MCI Communications improved the specification by eliminating the need for a special CSU/DSU for speeds of 56 kbp. 476s to 1.544 Mbps b b DXI SMDS service is offered by some LECs, such as Bell Atlantic and Pacific Bell b b Both vendors provide an access server technology to convert the customer DXI into an SMDS Interface Protocol (SIP) b b Refer to Figure 12.6 (p.476)

14 Frame Relay Access b b SIP Relay is the method of using a frame relay protocol as an access to an SMDS service b b Refer to Figure 12.2e (p. 473) b b This method passes L3_PDUs into the FR frame and extracts them out of a FR frame at the destination end b b Refer to Figure 12.7 (p. 477) b b Refer to Figure 12.8 (p. 477) b b This allows the use of a single interface port for both frame relay and SMDS access to a public network

15 The Customer Premises Environment (CPE) b b The user environment, CPE, typically contains multiple applications using diverse protocols, and riding multiple subnetworks b b The customer’s requirements can either be satisfied by interfaces directly into the SMDS network or by concentration via a variety of devices (routers, bridges, DSUs, CSUs, etc.) b b Many vendors now support the SIP, DXI, and frame relay SIP interfaces

16 Addressing and Traffic Control b b The addressing scheme used by the SMDS network is formatted using the same structure as the North American Numbering Plan (NANP) b b This scheme was chosen to speed the integration of SMDS into the telephone network addressing infrastructure for integration of voice and data operations b b CPE interface methods to an SMDS network device via multiple access protocols across the SNI include SIP, DXI, SIP relay, ISDN, and ATM

17 Addressing and Traffic Control (Continue…) b b The SMDS service provider will have full control over the use or more unique addresses b b The subscriber will have full control over the use of each individual address, and may assign multiple SMDS addresses per CPE b b SMDS can assign a group address to multiple devices so that they can multicast their data to other members of their group address b b There are many addressing functions available, such as unicasting and multicasting

18 Unicasting and Multicasting (Group Addressing) b b SMDS offers either a point-to-point datagram delivery service called unicasting or a point-to-multipoint service defines as a group multicast address b b Group-addressed data unit transport provides the CPE capability to transmit to a maximum of 128 individual recipient addresses

19 Source Address Validation and Address Screening b b The SMDS source address is screened by the network to ensure that it is valid for the source SMDS access line b b SMDS customers can screen incoming data and only accept data from specific source SMDS addresses or block data b b SMDS users can also limit the destination SMDS addresses

20 SIR Access Classes as Traffic and Congestion Control b b SMDS controls congestion and traffic through the use of an open loop flow control mechanism called Sustained Information Rate (SIR) regulated through the assignment of classes b b SMDS SIR is based on the aggregate of all data originating on the SMDS access line regardless of it’s destination b b SIRs are defined by access class

21 Access Classes b b Access classes are a method of providing bandwidth priorities for times when there is network congestion at the SNI b b Network congestion occurs when there is an attempt by the network to transfer one or more SMDS data units without an interval of time between the units b b The access class places a limit per user on the rate of sustained information transfer available b b In actual practice on an SNI, the SMDS CSU/DSU chooses the access class and then clocks and meters the traffic from the router to average the traffic to meet the SIR rate

22 SMDS Addressing b b The public phone network uses an addressing, or numbering, scheme called E.164 that basically has a country code part and then a nationally assigned part for each country b b Today, SMDS 10-digit numbers do not coincide with the national phone number 10-digit system. b b Some moves by carriers such as MCI Communications are trying to change the system to be more in line with public phone numbers b b Refer to Figure 12.10 (p. 484)

23 SMDS and DQDB Protocol Structures b b The IEEE 802.6 standard is one of the 802.X series of LAN and MAN standards, which has been further modified for operation over the WAN IEEE 802.6 Compared to the OSIRM b b IEEE 802.6 is part of the IEEE defined 802.X suite of LAN and MAN protocols. b b The IEEE 802.6 MAN protocol spans both the physical layer and media access control (MAC) sublayer. b b Refer to to Figure 12.11 (p. 485)

24 Structure of SMDS and IEEE 802.6 b b SMDS and the IEEE 802.6 DQDB protocol have one- to-one mapping to each other b b Refer to Figure 12.12 (p. 485) SMDS and DQDB Architecture b b SMDS is defined as a service, and therefore can be offered with multiple access protocols and over multiple backbone transport technologies b b Today, SMDS service is offered over both DQDB and ATM network transport architectures

25 SMDS Backbone Architecture b b SMDS public network backbone design can be composed of multiple MAN Switching Systems (SSs) connected by InterCarrier Interface (ICI) transport. b b Users interface to the network via SMDS CPE over the SMDS access protocols. b b Refer to Figure 12.16 (p. 489) b b Access DQDB refers to the use of the DQDB protocol as the basis for the SMDS interface protocol providing access to the SMDS service

26 SMDS Backbone Architecture (Continue…) b b Bellcore standards define the SMDS Switching System (SS) as a collection of equipment that provides high-speed packet switching function in a network supporting SMDS b b Switching Systems (SSs) can be configured in a distributed architecture where multiple SSs would form the SMDS network b b Refer to Figure 12.17 (p. 491)

27 SMDS Backbone Architecture (Continue…) b b SSs operate in either a store-and-forward mode where the SS reads in the entire L3-PDU on the SNI before transmitting it on to the next SS or end CPE device b b This technique of reassembly adds store-and-forward delay. b b One method of eliminating this delay is through pipe-lining, where the switch immediately starts forwarding part of the L3_PDU before the entire L3_PDU is received into the switch b b Switching systems can also take the form of a single switch in a centralized architecture b b Refer to Figure 12.18 (p. 491)

28 DQDB and SMDS Functions b b The DQDB architecture is based on a 45/155/622 Mbps dual bus which operates similarly to token ring architecture b b Fixed-length cells are placed within time slots that move from a time slot generator on one end of the bus to a terminator on the other end b b There are three implementations of the DQDB: the point-to-point bus, the open-dual bus, and th elooped dual (folded) bus b b Refer to Figure 12.19 (p. 492) b b Refer to Figure 12.20 (p. 492)

29 DQDB Architecture – Bus Defined b b There are two unidirectional buses, A and B, that interconnect a number of nodes, often configured in a physical ring. b b Even though the physical configuration may be a ring, logical operation is bus-oriented. b b Nodes read from both buses, usually passing along any data onto the next node in the bus b b Each node may become the Head Of Bus (HOB) or End Of Bus (EOB) b b The HOB generates 53-octet slots in a framing structure to which the other nodes synchronize. The EOB node simply terminates the bus b b Refer to Figure 12.21 (493)

30 DQDB Architecture – Bus Defined (Continue…) b b Although the bus appears to pass through each node on the bus, in fact it only passes by each node. This provides for a highly reliable network, as a node failure will not affect the operation of the rest of the network b b The looped architecture provides a common point for timing into the network to ensure network synchronization, as well as a self-healing, fault isolation mechanism inherent to the architecture

31 SMDS Internetworking – Bridging and Routing b b Bridging can be accomplished either with MAC bridging or simple encapsulation b b Routing can be accomplished with simple encapsulation of IP

32 SMDS Bridging with TCP/IP b b SMDS bridging is one method of extending the LAN environment through SMDS using a bridge b b Some protocols require bridging such as DEC LAT and NetBIOS. b b The local end-user device will send the IP packets within the IEEE 802.3 Ethernet frames to the local bridge. b b The bridge will use encapsulation bridging into SMDS SIP frames b b Refer to Figure 12.25 (p. 498)

33 SMDS Routing with TCP/IP b b The router provides the conversion from the MAC protocol to the SMDS SIP. Using the SIP, the router now uses a DQDB providing SMDS to allow high- speed connectivity over large geographic areas b b The router does pay attention to the LLC and IP addresses when making its routing decision, rather than forwarding the frames received b b The router makes the SMDS transport look like just another LAN segment b b Refer to Figure 12.26 (p. 499)

34 Cisco Managing Traffic with Access Lists

35 Objectives b b Configure IP standard access lists b b Configure IP extended access lists b b Configure IPX SAP filters b b Monitor & verify access lists

36 Access Lists b b Purpose: Used to permit or deny packets moving through the router Permit or deny Telnet (VTY) access to or from a router Create dial-on demand (DDR) interesting traffic that triggers dialing to a remote location

37 Important Rules b b Packets are compared to each line of the assess list in sequential order b b Packets are compared with lines of the access list only until a match is made Once a match is made & acted upon no further comparisons take place b b An implicit “deny” is at the end of each access list If no matches have been made, the packet will be discarded

38 Types of Access Lists b b Standard Access List Filter by source IP addresses only b b Extended Access List Filter by: – –Source IP – –Destination IP – –Protocol Field – –Port Number

39 Application of Access Lists b b Inbound Access Lists Packets are processed before being routed to the outbound interface b b Outbound Access Lists Packets are routed to the outbound interface & then processed through the access list

40 ACL Guidelines b b One access list per interface, per protocol, or per direction b b More specific tests at the top of the ACL b b New lists are placed at the bottom of the ACL b b Individual lines cannot be removed b End ACLs with a permit any command b Create ACLs & then apply them to an interface b ACLs do not filter traffic originated from the router b Put Standard ACLs close to the destination b Put Extended ACLs close the the source

41 Standard IP Access Lists Router#config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#access-list ? IP standard access list IP extended access list IPX SAP access list Extended 48-bit MAC address access list IPX summary address access list Protocol type-code access list DECnet access list Appletalk access list 48-bit MAC address access list IPX standard access list IPX extended access list

42 Standard IP Access Lists b Creating a standard IP access list: Router(config)#access-list 10 ? deny Specify packets to reject deny Specify packets to reject permit Specify packets to forward permit Specify packets to forward b Permit or deny? Router(config)#access-list 10 deny ? Hostname or A.B.C.D Address to match Hostname or A.B.C.D Address to match any any source host any any source host host A single host address host A single host address b Using the host command Router(config)#access-list 10 deny host 172.16.30.2

43 Wildcards b What are they??? Used with access lists to specify a….Used with access lists to specify a…. –Host –Network –Part of a network

44 Block Sizes 64321684 b Rules: When specifying a range of addresses, choose the closest block sizeWhen specifying a range of addresses, choose the closest block size Each block size must start at 0Each block size must start at 0 A ‘0’ in a wildcard means that octet must match exactlyA ‘0’ in a wildcard means that octet must match exactly A ‘255’ in a wildcard means that octet can be any valueA ‘255’ in a wildcard means that octet can be any value The command any is the same thing as writing out the wildcard: 0.0.0.0 255.255.255.255The command any is the same thing as writing out the wildcard: 0.0.0.0 255.255.255.255

45 Example b 172.16.30.5 0.0.0.255 The 0’s tell the router to match the 1st three octets exactlyThe 0’s tell the router to match the 1st three octets exactly The 255 tells the router the 4th octet can be any valueThe 255 tells the router the 4th octet can be any value This shows how a full subnet (172.16.30.0) is specifiedThis shows how a full subnet (172.16.30.0) is specified

46 Specifying a Range of Subnets (Remember: specify a range of values in a block size) Requirement: Block access in the range from 172.16.8.0 through 172.16.15.0 = block size 8 through 172.16.15.0 = block size 8 Network number = 172.16.8.0 Wildcard = 0.0.7.255 **The wildcard is always one number less than the block size

47 Examples b b RouterA(config)#access-list 10 deny 172.16.10.0 0.0.0.255 b b RouterA(config)#access-list 10 deny 172.16.0.0 0.0.255.255 b b RouterA(config)#access-list 10 deny 172.16.16.0 0.0.3.255 b b RouterA(config)#access-list 10 deny 172.16.16.0 0.0.7.255 b b RouterA(config)#access-list 10 deny 172.16.32.0 0.0.31.255 b b RouterA(config)#access-list 10 deny 172.16.64.0 0.0.63.255

48 Examples Acme#config t Acme(config)#access-list 10 deny 172.16.40.0 0.0.0.255 Acme(config)#access-list 10 permit any (permit any ~ Acme(config)#access-list 10 permit 0.0.0.0 255.255.255.255) Acme(config)#int e0 Acme(config-if)#ip access-group 10 out

49 Controlling VTY (Telnet) Access b Why?? Without an ACL any user can Telnet into the router via VTY and gain accessWithout an ACL any user can Telnet into the router via VTY and gain access b Controlling access Create a standard IP access listCreate a standard IP access list –Permitting only the host/hosts authorized to Telnet into the router Apply the ACL to the VTY line with theApply the ACL to the VTY line with the access-class command access-class command

50 Example RouterA(config)#access-list 50 permit 172.16.10.3 RouterA(config)#line vty 0 4 RouterA(config-line)#access-class 50 in (implied deny)

51 Extended IP Access Lists b Allows you to choose... –IP Source Address –IP Destination Address –Protocol –Port number

52 Extended IP ACLs Router(config)#access-list ? IP standard access list IP extended access list IPX SAP access list Extended 48-bit MAC address access list IPX summary address access list Protocol type-code access list DECnet access list Appletalk access list 48-bit MAC address access list IPX standard access list IPX extended access list Router(config)#access-list 110 ? deny Specify packets to reject dynamic Specify a DYNAMIC list of PERMITs or DENYs permit Specify packets to forward

53 Extended IP ACLs Router(config)#access-list 110 deny ? An IP protocol number ahp Authentication Header Protocol eigrp Cisco's EIGRP routing protocol esp Encapsulation Security Payload gre Cisco's GRE tunneling icmp Internet Control Message Protocol igmp Internet Gateway Message Protocol igrp Cisco's IGRP routing protocol ip Any Internet Protocol ipinip IP in IP tunneling nos KA9Q NOS compatible IP over IP tunneling ospf OSPF routing protocol pcp Payload Compression Protocol tcp Transmission Control Protocol udp User Datagram Protocol Router(config)#access-list 110 deny tcp ? A.B.C.D Source address any Any source host host A single source host

54 Extended IP ACL Steps #1: Select the access list: RouterA(config)#access-list 110 #2: Decide on deny or permit: RouterA(config)#access-list 110 deny #3: Choose the protocol type: RouterA(config)#access-list 110 deny tcp #4: Choose source IP address of the host or network: RouterA(config)#access-list 110 deny tcp any #5: Choose destination IP address RouterA(config)#access-list 110 deny tcp any host 172.16.30.2 #6: Choose the type of service, port, & logging RouterA(config)#access-list 110 deny tcp any host 172.16.30.2 eq 23 log

55 Steps (cont.) RouterA(config)#access-list 110 deny tcp any host 172.16.30.2 eq 23 log RouterA(config)#access-list 110 permit ip any 0.0.0.0 255.255.255.255 RouterA(config)#ip access-group 110 in or RouterA(config)#ip access-group 110 out

56 Example Acme#config t Acme(config)#access-list 110 deny tcp any host 172.16.10.5 eq 21 Acme(config)#access-list 110 deny tcp any host 172.16.10.5 eq 23 Acme(config)#access-list 110 permit ip any any Acme(config)#int e0 Acme(config-if)#ip access-group 110 out

57 Monitoring IP Access Lists b Display all access lists & their parameters show access-list b Show only the parameters for the access list 110 show access-list 110 b Shows only the IP access lists configured show ip access-list b Shows which interfaces have access lists set show ip interface b Shows the access lists & which interfaces have access lists set show running-config

58 Summary b Configured IP standard access lists b Configured IP extended access lists b Configured IPX SAP filters b Monitored & verified access lists

Download ppt "Switched Multimegabit Data Service (SMDS) Defined b b SMDS offers the ability to eliminate the geographic restrictions of distributed high-speed data communications."

Similar presentations

Student Guide www.visioninfosystems.org Access List.

Student Guide Access List.
Access Control List (ACL)

Access Control List (ACL)
OSI Model Discuss the major influences of user requirements on network evolution Identify at least 3 reasons why the industry uses a layered network.

OSI Model Discuss the major influences of user requirements on network evolution Identify at least 3 reasons why the industry uses a layered network.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
Chapter 7 Data Link Layer

Chapter 7 Data Link Layer
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.

NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
CCNA 2 v3.1 Module 11.

CCNA 2 v3.1 Module 11.
Chapter 1 Read (again) chapter 1.

Chapter 1 Read (again) chapter 1.
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.

Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
LAN Risanuri Hidayat. LAN-Local Area Network A LAN is a high-speed data network that covers a relatively small geographic area. It typically connects.

LAN Risanuri Hidayat. LAN-Local Area Network A LAN is a high-speed data network that covers a relatively small geographic area. It typically connects.
Internetworking Devices that connect networks are called Internetworking devices. A segment is a network which does not contain Internetworking devices.

Internetworking Devices that connect networks are called Internetworking devices. A segment is a network which does not contain Internetworking devices.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
1 K. Salah Module 1.0: Introduction Definition Communication Model Type of networks –WAN –MAN –LAN, WLAN –PAN, WPAN Networking Technologies Network Switching.

1 K. Salah Module 1.0: Introduction Definition Communication Model Type of networks –WAN –MAN –LAN, WLAN –PAN, WPAN Networking Technologies Network Switching.
Access Lists Lists of conditions that control access.

Access Lists Lists of conditions that control access.
TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.

TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Similar presentations

Ads by Google