NETWORK TYPES

CHAPTER 5

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 1

NETWORK TYPES

• Networks are classified according to their geographic coverage and size.

LAN
WLAN
PAN
VLAN
DMZ
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 2
LAN (LOCAL AREA NETWORK)

• A local-area network (LAN) is a data network that is restricted to a single

geographic location and typically encompasses a relatively small area, such
as an office building or school.
• The function of the LAN is to interconnect workstation computers for the
purpose of sharing files and resources.
• Because of its localized nature, the LAN typically is high speed and cheaper
to set up than a WAN.
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 3
FIGURE 5.1 SHOWS AN EXAMPLE OF A LAN.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 4

WLAN(WIRELESS LAN)

• Instead of being wholly dependent on wiring for your local network, the wireless LAN
(WLAN) provides a flexible and secure data communications system that augments
an Ethernet LAN or, in some cases, replaces it altogether.
• Wireless transmissions send and receive data using radio frequency (RF) signals,
freeing you from wired solutions, and are dependent on a hotspot.
• That hotspot can be in a coffee shop, a train station, a restaurant, or almost any
public place. Security should be a prime concern of public hotspot users, and
encryption should be used everywhere possible.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 5

WIRELESS IMPLEMENTATION
• A wireless transceiver (transmitter/receiver), known as an access point,
connects to the wired network from a fixed location using standard cabling.
• The wireless access point receives and then transmits data between the
wireless LAN and the wired network infrastructure.
• Client systems communicate with a wireless access point using wireless LAN
adapters. Such adapters are built in to or can be added to laptops and other
mobile devices or desktop computers.
• Wireless LAN adapters provide the communication point between the client
system and the airwaves via an antenna.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 6

WAN (WIDE AREA NETWORK)

• A wide-area network (WAN) is a network that spans more than one

geographic location, often connecting separated LANs.
• WANs are slower than LANs and often require additional and costly
hardware, such as
• routers,
• dedicated leased lines, and
• complicated implementation procedures.
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 7
FIGURE 5.2 SHOWS AN EXAMPLE OF A WAN.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 8

MAN (METROPOLITAN-AREA NETWORK )

• A WAN will be called a metropolitan-area network (MAN)

• when it is confined to a certain geographic area, such as a university campus or city.
• No formal guidelines dictate the differences between a MAN and a WAN;
• technically, a MAN is a WAN. Perhaps for this reason, the term MAN is used less often than
WAN.
• If any distinction exists, it is that a MAN is smaller than a WAN.
• A MAN is almost always bigger than a LAN and usually is smaller than or equal to a WAN.
• MANs utilize an Internet service provider (ISP) or telecommunications (telco) provider.
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 9
PAN (PERSONAL-AREA NETWORK )

• A personal-area network (PAN) is essentially a LAN created to share data

among devices associated with you.
• Wireless technologies have taken PAN further and introduced a new term—
• wireless personal-area network (WPAN).
• WPAN refers to the technologies involved in connecting devices in very close
proximity to exchange data or resources, usually through the use of Bluetooth,
infrared, or near-field communication (NFC).

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 10

• An example is connecting a laptop with a smartphone to synchronize an
address book.
• Because of their small size and the nature of the data exchange,
• WPAN devices lend themselves well to ad hoc wireless networking.
• Ad hoc wireless networks are those that have devices connect to each other
directly, not through a wireless access point.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 11

DMZ (DEMILITARIZED ZONE )
• An important firewall-related concept is the demilitarized zone (DMZ),
sometimes called a perimeter network.
• A DMZ is part of a network where you place servers that must be accessible
by sources both outside and inside your network.
• However, the DMZ is not connected directly to either network, and it must
always be accessed through the firewall.
• The military term DMZ is used because it describes an area that has little or
no enforcement or policing.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 12

• Using DMZs gives your firewall configuration an extra level of flexibility,
protection, and complexity.
• By using a DMZ, you can create an additional step that makes it more difficult
for an intruder to gain access to the internal network.
• Although it is not impossible for an intruder to gain access to the internal
network through a DMZ, it is difficult.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 13

THE AREA BETWEEN THE TWO FIREWALLS IS
CALLED A DMZ OR DEMILITARIZED ZONE.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 14

VLAN (VIRTUAL LOCAL-AREA NETWORKS )

• VLANs are used for network segmentation,

• A strategy that significantly increases the network’s performance capability, removes
potential performance bottlenecks, and can even increase network security.
• A VLAN is a group of connected computers that act as if they are on their own
network segment, even though they might not be.
• For instance, suppose that you work in a three-story building in which the advertising
employees are spread over all three floors.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 15

• A VLAN can enable all the advertising personnel to be combined and access
network resources as if they were connected on the same physical segment. T
• his virtual segment can be isolated from other network segments.
• In effect, it would appear to the advertising group that they were on a
network by themselves.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 16

• VLANs offer some clear advantages.
• Logically segmenting a network gives administrators flexibility beyond the restrictions
of the physical network design and cable infrastructure.
• VLANs enable easier administration because the network can be divided into well-
organized sections.
• Furthermore, you can increase security by isolating certain network segments from
others.
• For example, you can segment the marketing personnel from finance or the
administrators from the students.
• VLANs can ease the burden on overworked routers and reduce broadcast storms
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 17
 BENEFITS OF VLAN
Advantages
Increased security
Increased performance
Organization
Description
With the creation of logical (virtual) boundaries, network segments can
be isolated.
By reducing broadcast traffic throughout the network, VLANs free up
bandwidth.
Network users and resources that are linked and that
communicate frequently can be grouped in a VLAN.

Simplified With a VLAN the network administrator’s job is easier when

moving users between LAN segments, recabling, addressing new
administration stations, and reconfiguring switches and routers.
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 18
TRUNKING

• Trunking falls under 802.1Q and a trunk port is one that is assigned to carry
traffic for a specific switch (as opposed to an access port).
• The trunk port is usually fiber optic and used to interconnect switches to make
a network, to interconnect LANs to make a WAN, and so on.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 19

VLAN MEMBERSHIP
• You can use several methods to determine VLAN membership or how devices are
assigned to a specific VLAN.
• Protocol-based VLANs: With protocol-based VLAN membership, computers are
assigned to VLANs using the protocol in use and the Layer 3 address. For example,
this method enables a particular IP subnet to have its own VLAN.
• Port-based VLANs: Port-based VLANs require that specific ports on a network switch
be assigned to a VLAN. For example, ports 1 through 4 may be assigned to
marketing, ports 5 through 7 may be assigned to sales, and so on. Using this method,
a switch determines VLAN membership by taking note of the port used by a
particular packet. Figure 5.2 shows how the ports on a server could be used for port-
based VLAN membership.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 20

FIGURE 5.2 PORT-BASED VLAN MEMBERSHIP

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 21

• MAC address-based VLANs: The Media Access Control (MAC) address is a unique 12-digit
hexadecimal number that is stamped into every network interface card.
• Every device used on a network has this unique address built in to it. It cannot be modified in
any way. As you may have guessed, the MAC address type of a VLAN assigns membership
according to the workstation’s MAC address.
• To do this, the switch must keep track of the MAC addresses that belong to each VLAN.
• The advantage of this method is that a workstation computer can be moved anywhere in an
office without needing to be reconfigured. Because the MAC address does not change, the
workstation remains a member of a particular VLAN.
• TABLE 5.2 provides examples of the membership of MAC address-based VLANs.
BASIC NETWORKING APPLIED COLLEGE 3/20/2023 22
TABLE 5.2 MAC ADDRESS-BASED VLANS

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 23

VLAN SEGMENTATION
• The capability to logically segment a LAN provides a level of administrative
flexibility, organization, and security.
• Whether the LAN is segmented using the protocol, MAC address, or port, the
result is the same: the network is segmented.
• The segmentation is used for several reasons, including security, organization,
and performance.
• To give you a better idea of how this works, Figure 5.4 shows a network that
doesn’t use a VLAN.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 24

FIGURE 5.4 NETWORK CONFIGURATION WITHOUT
USING A VLAN

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 25

FIGURE 5.5 NETWORK CONFIGURATION USING A VLAN
• In Figure 5.4, all systems on the network can see each other. That is, the
students can see the finance and administrator computers. Figure 5.5 shows
how this network may look using a VLAN.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 26

NAT (NETWORK ADDRESS TRANSLATION )
• The basic principle of Network Address Translation (NAT) is that many
computers can “hide” behind a single IP address.
• The main reason you need to do this (as pointed out earlier in the section “IP
Addressing”) is that there aren’t enough IPv4 addresses to go around.
• Using NAT means that only one registered IP address is needed on the
system’s external interface, acting as the gateway between the internal and
external networks.
• Figure 5.6 shows an example of enabling NAT on a SOHO router.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 27

FIGURE 5.6 NAT CONFIGURATION ON A SOHO ROUTER

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 28

• NAT enables you to use whatever addressing scheme you like on your internal
networks; however, it is common practice to use the private address ranges.
• When a system is performing NAT, it funnels the requests given to it to the
Internet. To the remote host, the request looks like it is originating from a single
address.
• The system performing the NAT function keeps track of who asked for what
and makes sure that when the data is returned, it is directed to the correct
system.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 29

• Servers that provide NAT functionality do so in different ways.
• For example, you can statically map a specific internal IP address to a
specific external one (known as the one-to-one NAT method) so that outgoing
requests are always tagged with the same IP address.
• Alternatively, if you have a group of public IP addresses, you can have the
NAT system assign addresses to devices on a first-come, first-served basis.
Either way, the basic function of NAT is the same.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 30

• Tunneling can be used for transmitting packets of one type (such as IPv6) over
another network (such as IPv4). 6to4 is one such tunneling technology, allowing
IPv6 packets to be transmitted over an IPv4 network without having to create
a complex tunnel.
• It is often used during the transition period when a network is being updated
and is not intended to be a permanent solution. Its counterpart is 4to6.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 31

• For a more long-term solution, there is a transition technology known as
Teredo that gives full IPv6 connectivity for IPv6-capable hosts, which are on
the IPv4 Internet but lack direct native connection to an IPv6 network.
• The distinguishing feature of Teredo is that it can do this from behind NAT
devices (such as home routers).
• One of the most popular Teredo implementations is Miredo; it is a client
designed to allow full IPv6 connectivity to systems that are strictly IPv4-based.

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 32

 THANKYOU

BASIC NETWORKING APPLIED COLLEGE 3/20/2023 33