* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Module A
Survey
Document related concepts
Multiprotocol Label Switching wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Deep packet inspection wikipedia , lookup
Internet protocol suite wikipedia , lookup
Network tap wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Telephone exchange wikipedia , lookup
Computer network wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Spanning Tree Protocol wikipedia , lookup
Transcript
Local Internets Cabletron SmartSwitch 2100 1 Local Internets Internet System of subnets such that any station on any subnet can communicate with any station on any other subnet by placing the receiver’s address in a message Subnets are individual networks in an internet 2 Local Internets Local Internets Links LAN LAN LAN LAN multiple LANs at a single site Entirely on customer premises Planned and managed by the owner Company has no limits Company has all the headaches High-speed transmission (roughly LAN speeds) 3 Why a Local Internet? Overcome distance limitations Overcome congestion and latency 100Base-T networks span only 500 meters Individual shared media networks running around 100 Mbps become saturated at 200-300 stations. Connect dissimilar LANs Link Ethernet and Token-Ring Network LANs 4 Local Internetting to Increase Distance Spans 100Base-T LAN in Headquarters Building (500 m maximum distance) Internetting Device HQ LAN 100Base-T LAN in Factory Building (500 m maximum distance) Internetting Device Transmission Link (no max distance) Factory LAN 5 A Congested Shared Media LAN Department 1: 150 Stations A Stations B B transmits to A Before: Single LAN Department 2: 150 Stations C Stations D All stations in Department 2 hear the message Each station hears the traffic of 300 stations: Heavily congested. 6 Internetting keep most traffic within LANs Department 1: 150 Stations A Stations B B transmits to A Traffic of 150 stations: Not Congested After Resegmentation Internetting Device Department 2: 150 Stations C Stations D Internetting Device Blocks the Transmission of this message to Department 2 Traffic of 150 stations: Not Congested 7 Internetting Devices: Bridges Simple, automatic, inexpensive, fast Usually only two ports A fast, cost-effective choice for small internets See CISCO whitepaper for more details 8 Multiple Bridges LAN 2 LAN 1 X LAN 3 LAN 4 No Loops Allowed Problematic for large bridged internets LAN 5 9 Multiple Bridges Route Between LANs 1, 5 LAN 2 X LAN 3 LAN 1 No loops means only one path between LANs No alternative routing if failures, congestion No way to optimize routing for security, etc. LAN 5 10 802.1 Spanning Tree Standard Route Between LANs 1, 5 LAN 2 LAN 3 LAN 1 Backup Link Allows backup links Disabled during normal operation If a failure occurs, automatically initiated LAN 5 11 Bridging LANs with Different Physical and MAC Layers Bridge Hub 802.3 10Base-T Ethernet LAN 10Base-T Connection 802.5 Token-Ring Network 802.5 Connection 12 Bridging LANs with Different Physical and MAC Layers 802.2 LLC Standard LLC Layer (Same) 802.2 LLC Standard 802.1 Bridging Standard Bridging Layer (Same) 802.1 Bridging Standard 802.3 MAC Layer (CSMA/CD) MAC Layer (Different) 802.5 MAC Layer (Token-Passing) 10Base-T Connection to Hub Physical Layer (Different) 802.5 Connection to Access Unit 13 Problems of Bridges Do Not Stop Broadcast Messages Servers broadcast their existence about twice a minute In contrast to normal messages, which are designed to go to single stations, broadcast messages go to all stations. Goes to all stations on the network; bridges pass these messages on Problematic in large bridged intranets 14 Problems of Bridges Do Not Stop Any Client from Logging into Any Server Poor security. Only password protection on servers Bad if servers hold grades in a university Bad for departmental servers holding key personnel or financial data in a firm 15 Switches Solve Bridge Problems Begin as Multiport Bridges Add broadcast reduction, security 16 Simple Switched Internet Connection 1 LAN A Connection 1 No Waiting! Switches can carry messages between several pairs of LANs simultaneously. LAN C LAN B Connection 2 Connection 2 LAN D 17 Switched Internet with Multiple Switches Switch A Switch B Switch C Switch D LAN 1 Switches are arranged in a hierarchy Only one route between any two LANs No routing around failure, congestion No optimization of routes LAN 2 Route: 1-B-A-C-2 18 Switch Hierarchy Switches can be arranged hierarchically Levels of Switches Desktop switches (only a few MAC addresses can be supported) Workgroup switches (MAC addresses for members of a department) Enterprise switches (large number of MAC addresses) 19 Virtual LANs Reduce Broadcasting Stations are Divided into Groups Called Virtual LANs (VLANs) Server, other broadcasts limited to VLANs Not to all stations on all ports LAN A LAN B LAN C LAN D Server only broadcasts to its VLAN stations on LAN A, LAN C 20 VLANs Add Security Only stations on the same VLAN as a server can reach it to log in On VLAN 7 LAN A On VLAN 36 X LAN B LAN C LAN D Client can only reach server if they are on the same VLAN 21 Routers Most sophisticated internetting devices Provide Used services for linking thousands of subnets in the worldwide Internet, also within firms Efficient for long-distance transmission Provide wide range of management services to give relatively automatic operation By far the most expensive internetting devices 22 Route End-to-End Connection 1 LAN A LAN B 2 3 4 LAN D LAN A - 1 - 3 - 5 - LAN D 5 23 Alternative Routes Multiple Ways to Get from LAN A to LAN D 1 LAN A LAN B 2 A-1-3-5-D A-1-3-4-D A-2-5-D Etc. 3 4 LAN D 5 24 Advantages of Alternative Routing Routing Around Failures Failed Routing Around Congestion More switches, trunk lines connecting switches common than outright failures Route Optimization Least cost route Most reliable route Most secure route, etc. 25 Mixing Switches and Routers Site A LAN LAN Site B Switch LAN Router Switch Router LAN Site C Router 26 Distributed Backbone Network LAN 1 Router FDDI Backbone Ring Router LAN 2 Router LAN 3 27 Backbone Network Network that Links Subnets Subnets take the place of stations Distributed Backbone Backbone runs past all stations If a single router (or other internetting device) fails, only that station is disconnected FDDI is popular because of its possible 200 km circumference, 100 Mbps speeds, but Gigabit Ethernet gaining. 28 Local Internet Using Collapsed Backbone LAN A LAN B Routers at LANs LAN C Routers at LANs Central Switch or Router 29 Collapsed Backbone Single point of maintenance Easy Single point of failure If to maintain the network the central device fails, serious problems Types of central devices Switches Routers 30 Backbone Network Architectures Identifies the way backbone interconnects LANs Defines how it manages packets moving through BB Fundamental architectures Bridged Backbones Routed Backbones Collapsed Backbones Rack-based Chassis-based Virtual LANs Single-switch VLAN Multiswitch VLAN 31 Backbone Architecture Layers Access Layer (not part of BB) Closest to the users; Backbone Design Layers Distribution Layer Connects the LANs together (often in one building Core Layer (for large campus/enterprise networks) Connects different BNs together (building to building) 32 Bridged Backbone bus topology Entire network is just one subnet 33 Bridged Backbones Move packets between networks based on their data link layer addresses Cheaper (since bridges are cheaper than routers) and easier to install (configure) Just one subnet to worry Change in one part may effect the whole network Performs well for small networks For large networks broadcast messages (e.g., address request, printer shutting down) can lower performance Formerly common in the distribution layer 34 Example of a routed BB at the Distribution layer Routed Backbone Usually a bus topology Each LAN is a separate subnet 35 Routed Backbones Move packets using network layer addresses Commonly used at the core layer Connecting LANs in different buildings in the campus Can be used at the distribution layer as well LANs can use different data link layer protocols Main advantage: LAN segmentation Each message stays in one LAN; unless addressed outside the LAN Easier to manage 36 Most common type BB mainly used in distribution layer Collapsed Backbone A connection to the switch is a separate point-to-point circuit Star topology 37 Collapsed Backbones Replaces the many routers or bridges of the previous designs Backbone has more cables, but fewer devices No backbone cable used; switch is the backbone. Advantages: Improved performance (200-600% higher) Simultaneous access; :switched” operations A simpler more easily managed network – less devices Two minor disadvantages Use more and longer cables Reliability: If the central switch fails, the network goes down. 38 Rack-Based Collapsed Backbones Places all network equipment (hubs and switch) in one room (rack room) Easy maintenance and upgrade Requires more cables (but cables are cheap) Main Distribution Facility (MDF) or Central Distribution Facility Another name for the rack room Place where many cables come together Patch cables used to connect devices on the rack Easier to move computers among LANs Useful when a busy hub requires offloading 39 Chassis-Based Collapsed Backbones Use a “chassis” switch instead of a rack A collection of modules Number of hubs with different speeds L2 switches Example of a chassis switch with 710 Mbps capacity 5 10Base-T hubs, 2 10Base-T switches (8 ports each) 1 100Base-T switch (4 ports), 100Base-T router ( 5 x 10) + (2 x 10 x 8) + (4 x 100) + 100 = 710 Mbps Flexible Enables users to plug modules directly into the switch Simple to add new modules 40 Virtual LANs (VLANs) A type of LAN-BN architecture Made possible by high-speed intelligent switches Computers assigned to LAN segments by software Often faster and provide more flexible network management Much easier to assign computers to different segments More complex and so far usually used for larger networks Basic VLAN designs: Single switch VLANs Multi-switch VLANs 41 Single Switch VLAN Collapsed Backbone acting as a large physical switch Switch Computers assigned to different LANs by software 42 Types of Single Switch VLANs Port-based VLANs (Layer 1 VLANs) Use physical layer port numbers on the front of the VLAN switch to assign computers to VLAN segments Use a special software to tell the switch about the computer - port number mapping MAC-based VLANs (Layer 2 VLANs) Use MAC addresses to form VLANs Use a special software to tell the switch about the computer - MAC address mapping Simpler to manage Even if a computer is moved and connected to another port, its MAC address determines which LAN it is on 43 Types of Single Switch VLANs IP-based VLANs (Layer 3 VLANs, protocol based VLANs) Use IP addresses of the computers to form VLANs Similar to MAC based approach (use of IP instead of MAC address) Application-based VLANs (Layer 4 VLANs, policy-based VLANs) Use a combination of the type of application (Indicated by the port number in TCP packet) and The IP address to form VLANs Complex process to make assignments 44 Multi-switch VLAN-Collapsed Backbone Switch Switch Switch Switch 45 Multi-switch VLAN Operations Inter-switch protocols Must be able to identify the VLAN to which the packet belongs Use IEEE 802.1q When a packet needs to go from one switch to another 16-byte VLAN tag inserted into the 802.3 packet by the sending switch When the IEEE 802.1q packet reaches its destination switch Its header (VLAN tag) stripped off and Ethernet packet inside is sent to its destination computer 46 VLAN Operating Characteristics Advantages of VLANs Faster performance Precise management of traffic flow Ability to allocate resources to different type of applications Traffic prioritization (via 802.1q VLAN tag) Include in the tag: a priority code based on 802.1p Can have QoS capability at MAC level Similar to RSVP and QoS capabilities at network and transport layers Drawbacks Cost Management complexity 47