Professional Documents
Culture Documents
Computer Networking is a very vast project in the present developing era of electronics and
communication. Now a days, computers are used in a wider range. All the organizations are
using multiple computers within their departments to perform their day to day work.
Computer network allows the user to share data, share folders and files with other users
connected in a network with high security. Computer Networking has bound the world in a
very small area with it wide networking processes like LAN, MAN, WAN.
In this concept it is possible for the networker to check the incoming & the outgoing traffic
and to maintain some security concepts as well. In this logic we use the multiple Routing
Protocols in different areas of the Hospital Network. Now it will show the proper movement
of the packet from one part of the hospital to the other part of the hospital. The project
initiates from the Billing Department of the Hospital. The Network is established using the
RIP Protocol through which all the different departments which are distinguished based on
different VLANs. The Inter-VLAN Routing has been implemented in the Network along with
the Frame Tagging so that the different VLANs will be able to communicate with each other.
Hence, each & every department can communicate with each other. The Wireless end point
Technology has also been implemented to let the admin part & the important terms & Staff
would be allowed to utilize the Network Resources at the time of urgency. The important
security concepts have also been implemented so that the forbidden information of the
Hospital Record would not be accessible for the Clients of the Hospital.
CHAPTER 1
Introduction to WAN based troubleshooting project
A wide area network (WAN) is a network that covers a broad area (i.e., any
telecommunications network that links across metropolitan, regional, or national boundaries)
using private or public network transports. Business and government entities utilize WANs to
relay data among employees, clients, buyers, and suppliers from various geographical
locations. In essence, this mode of telecommunication allows a business to effectively carry
out its daily function regardless of location. The Internet can be considered a WAN as well,
and is used by businesses, governments, organizations, and individuals for almost any
purpose imaginable.
In this project we are trying to explain the whole structure of Wide Area network, how it
actually works in different cities or countries based on the policies and strategies applied by
organizations or Internet Service Providers, to achieve the best possible services at possible
lowest investments for better outputs..
SCREENSHOT OF PROJECT
APPARATUS USED
1. Routers
Router is a small physical device that joins multiple networks together.
Technically, a router is a Layer 3 gateway device, meaning that it connects two or
more networks and that the router operates at the network layer of the OSI model.
2. Switches
Switch is a computer networking device that links network segments or network
devices. The term commonly refers to a multi-port network bridge that processes
and routes data at the data link layer (layer 2) of the OSI model. Switches that
additionally process data at the network layer (layer 3) and above are often
called layer-3 switches or multilayer switches.
3. Cables:
Cable is most often two or more wires running side by side and bonded,
twisted, or braided together to form a single assembly.
STRAIGHT
1. RIP: It stands for routing information protocol. It is a distance vector routing protocol. It
has a max hop count of 15.After every 30 sec full updates are send. It has an AD value of
120. It is used for very small networks.
2. OSPF: It stands for open shortest path first. It is a link state protocol. Its hop count is
limitless and can be used for very large networks. Route selection is based on hops count
as well as cost of link. The best path is chosen by dijkstra algorithm.
3. REDISTRIBUTION: It is the mechanism that allows to connect different domains, so as
the different Routing protocol can exchange and advertise routing updates as if they are a
single protocol. The redistribution is performed on the router that lies at the boundary
between different domains or runs multiple protocols.
4. DHCP: DHCP stands for dynamic host configuration protocol.It is used to configure
devices connected to a network.It is actually a network protocol that enables the server to
automatically assign IP address to a computer from a given range of number that has been
configured for a given network.It is used for both IPv4 and IPv6.DHCP allows a
computer to join an IP-based network without having a pre-configured IP address.
5. DNS Server: The DNS translates Internet domain and host names to IP addresses. DNS
automatically converts the names we type in our Web browser address bar to the IP
addresses of Web servers hosting those sites.DNS implements a distributed database to
store this name and address information for all public hosts on the Internet. DNS assumes
IP addresses do not change.
6. NAT: NAT allows an IP network to maintain public IP addresses separately from private
IP addresses. NAT is a popular technology for Internet connection sharing. It is also
sometimes used in server load balancing applications on corporate networks. In its most
common configuration, NAT maps all of the private IP addresses on a home network to
the single IP address supplied by an ISP. This allows computers on the home LAN to
share a single Internet connection.
7. Wireless Routers: A wireless router is a device that performs the functions of a router but
also includes the functions of a wireless access point. It is commonly used to provide
access to the Internet or a computer network. It does not require a wired link, as the
connection is made wirelessly, via radio waves. It can function in a wired LAN in a
wireless-only LAN, or in a mixed wired/wireless network, depending on the manufacturer
and model.
8. VLANS: It is a virtual local area network. A switch can be partitioned to create multiple
distinct broadcast domains, which are mutually isolated so that packets can only pass
between them via one or more routers such a domain is referred to as a Virtual Local Area
Network, Virtual LAN.VLAN is a group of end stations with a common set of
requirements, independent of physical location. VLANs have the same attributes as a
physical LAN but allow you to group end stations even if they are not located physically
on the same LAN segment.
9. IP phones: This is an IP phone commonly known as voice over IP phone. A VoIP phone
or IP Phone uses voice over IP (VoIP) technologies for placing and transmitting
telephone calls over an IP network, such as the Internet. This can be simple software-
based soft phones or purpose-built hardware devices. It looks very similar to an ordinary
phone. These are commonly used in colleges, schools, institutes, companies etc.
10. Inter-Vlan routing: if we want two communicate between two different Vlans we need a
Router which will help in communication between the two different vlans and this
concept is known as Inter-Vlan routing. Inter-VLAN routing is a method to enable
communication between two different VLANs connected in a network device like
network switch. Inter-Vlan Routing is the capability to route traffic between vlans. It is a
process of forwarding network traffic from one VLAN to another VLAN using a router
or layer 3 device.
11. Access Control List: ACLs are basically a set of commands, grouped together by a
number or name that is used to filter traffic entering or leaving an interface. There are a
variety of reasons for which we use ACLs. The primary reason is to provide a basic level
of security for the network. ACLs are not as complex and in depth of protection as
stateful firewalls, but they do provide protection on higher speed interfaces where line
rate speed is important and firewalls may be restrictive. ACLs are also used to restrict
updates for routing from network peers and can be instrumental in defining flow control
for network traffic.
12. Telnet: Telnet is a service which is used to access the devices remotely. Telnet is an
application protocol which performs the function on an application layer of the OSI
model.It provides a logical configurable port for a router device.It is basically used for
troubleshooting.
13. Security: Enable secret password: It is used to protect the privilege mode of a router
It is in encrypted format.It is implemented before the privilege mode.
Console password: It is used to protect the IOS and user mode of a router device.
1.1 BRIEF ABOUT THE NETWORKING TECHNOLOGY
1.1.1 What is a Network?
A network, often simply referred to as a computer network, is a collection of
computers and devices connected by communications channels that facilitates
communications among users and allows users to share resources with other users. A
computer network allows sharing of resources and information among devices
connected to the network.
Local area network (LAN): A local area network is a network that connects
computers and devices in a limited geographical area such as home, school, computer
laboratory, office building, or closely positioned group of buildings. Each computer or
device on the network is a node. Current wired LANs are most likely to be based on
Ethernet technology, although new standards like ITU-TG.hn also provide a way to
create a wired LAN using existing home wires (coaxial cables, phone lines and power
lines).
All interconnected devices must understand the network layer (layer 3), because they
are handling multiple subnets (the different colors). Those inside the library, which
have only 10/100 Mbit/s Ethernet connections to the user device and a Gigabit
Ethernet connection to the central router, could be called "layer 3 switches" because
they only have Ethernet interfaces and must understand IP. It would be more correct
to call them access routers, where the router at the top is a distribution router that
connects to the Internet and academic networks' customer access routers. The defining
characteristics of LANs, in contrast to WANs (Wide Area Networks), include their
higher data transfer rates, smaller geographic range, and no need for leased
telecommunication lines. Current Ethernet or other IEEE 802.3 LAN technologies
operate at speeds up to 10 Gbit/s. This is the data transfer rate. IEEE has projects
investigating the standardization of 40 and 100 Gbit/s.
Wide area network (WAN): The term Wide Area Network (WAN) usually refers to a
network which covers a large geographical area, and use communications circuits to
connect the intermediate nodes. A major factor impacting WAN design and performance
is a requirement that they lease communications circuits from telephone companies or
other communications carriers. Transmission rates are typically 2 Mbps, 34 Mbps, 45
Mbps, 155 Mbps, 625 Mbps (or sometimes considerably more). Numerous WANs have
been constructed, including public packet networks, large corporate networks, military
networks, banking networks, stock brokerage networks, and airline reservation networks.
Some WANs are very extensive, spanning the globe, but most do not provide true global
coverage. Organisations supporting WANs using the Internet Protocol are known as
Network Service Providers (NSPs).
Personal area network (PAN): A personal area network is a computer network used for
communication among computer devices, including telephones and personal digital
assistants, in proximity to an individual's body. The devices may or may not belong to the
person in question. The reach of a PAN is typically a few meters. PANs can be used for
communication among the personal devices themselves (intrapersonal communication),
or for connecting to a higher level network and the Internet (an uplink). Personal area
networks may be wired with computer buses such as USB and FireWire.
Fig 1.1.4: Personal Area Network
Bus network: A bus network topology is a network architecture in which a set of clients are
connected via a shared communications line, called a bus. There are several common
instances of the bus architecture, including one in the motherboard of most computers, and
those in some versions of Ethernet networks. Bus networks are the simplest way to connect
multiple clients, but may have problems when two clients want to transmit at the same time
on the same bus. Thus systems which use bus network architectures normally have some
scheme of collision handling or collision avoidance for communication on the bus, quite
often using Carrier Sense Multiple Access or the presence of a bus master which controls
access to the shared bus resource. A true bus network is passive – the computers on the bus
simply listen for a signal; they are not responsible for moving the signal along. However,
many active architectures can also be described as a "bus", as they provide the same logical
functions as a passive bus; for example, switched Ethernet can still be regarded as a logical
network, if not a physical one. Indeed, the hardware may be abstracted away completely in
the case of a software bus.
Fig 1.2.1:Bus Topology
Star network: Star networks are one of the most common computer network topologies.
In its simplest form, a star network consists of one central switch, hub or computer, which
acts as a conduit to transmit messages. Thus, the hub and leaf nodes, and the transmission
lines between them, form a graph with the topology of a star. If the central node is
passive, the originating node must be able to tolerate the reception of an echo of its own
transmission, delayed by the two-way transmission time (i.e. to and from the central
node) plus any delay generated in the central node. An active star network has an active
central node that usually has the means to prevent echo-related problems. The star
topology reduces the chance of network failure by connecting all of the systems to a
central node. When applied to a bus-based network, this central hub rebroadcasts all
transmissions received from any peripheral node to all peripheral nodes on the network,
sometimes including the originating node. All peripheral nodes may thus communicate
This configuration is common with twisted pair cable. However, it can also be used with
coaxial cable or optical fibre cable.
Ring network: A ring network is a network topology in which each node connects to
exactly two other nodes, forming a single continuous pathway for signals through
each node - a ring. Data travels from node to node, with each node along the way
handling every packet. Because a ring topology provides only one pathway between
any two nodes, ring networks may be disrupted by the failure of a single link. A node
failure or cable break might isolate every node attached to the ring. FDDI networks
overcome this vulnerability by sending data on a clockwise and a counter clockwise
ring: in the event of a break data is wrapped back onto the complementary ring before
it reaches the end of the cable, maintaining a path to every node along the resulting
"C-Ring". 802.5 networks -- also known as IBM Token Ring networks -- avoid the
weakness of a ring topology altogether: they actually use a star topology at the
physical layer and a Multistation Access Unit (MAU) to imitate a ring at the data link
layer. Many ring networks add a "counter-rotating ring" to form a redundant topology.
LITERATURE REVIEW
A network element is usually defined as a manageable logical entity uniting one or more
physical devices. This allows distributed devices to be managed in a unified way using one
management system. Elements of the network include the entities on which the network runs
upon. This includes routers, switches, hubs, bridges, network cards, repeaters, filters,
modems, connecting cables. All of these network components are discussed in detail below:
Routers :- A router is a device that interconnects two or more computer networks, and
selectively interchanges packets of data between them. Each data packet contains address
information that a router can use to determine if the source and destination are on the same
network, or if the data packet must be transferred from one network to another. Where
multiple routers are used in a large collection of interconnected networks, the routers
exchange information about target system addresses, so that each router can build up a table
showing the preferred paths between any two systems on the interconnected networks. A
router is a networking device whose software and hardware are customized to the tasks of
routing and forwarding information. A router has two or more network interfaces, which may
be to different physical types of network or different network standards. Each network
interface is a small computer specialized to convert electric signals from one form to another.
Routers connect two or more logical subnets, which do not share a common network address.
The subnets in the router do not necessarily map one-to-one to the physical interfaces of the
router. The term "layer 3 switching" is used with the term "routing". The term switching is
generally used to refer to data forwarding between two network devices that share a common
network address. This is also called layer 2 switching or LAN switching.
Switches:- A network switch or switching hub is a computer networking device that connects
network segments. Switches may operate at one or more OSI layers, including physical, data
link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more
than one of these layers is known as a multilayer switch. In switches intended for commercial
use, built-in or modular interfaces make it possible to connect different types of networks,
including Ethernet, Fibre Channel, ATM, ITU-T G.hn and 802.11. This connectivity can be
at any of the layers mentioned. While Layer 2 functionality is adequate for speed-shifting
within one technology, interconnecting technologies such as Ethernet and token ring are
easier at Layer 3. Interconnection of different Layer 3 networks is done by routers. If there
are any features that characterize "Layer-3 switches" as opposed to general-purpose routers, it
tends to be that they are optimized, in larger switches, for high-density Ethernet connectivity.
Hubs:- A hub, essentially an network hub is a device for connecting multiple twisted pair or
fiber optic Ethernet devices together and making them act as a single network segment. Hubs
work at the physical layer (layer 1) of the OSI model. The device is a form of multiport
repeater. Repeater hubs also participate in collision detection, forwarding a jam signal to all
ports if it detects a collision. A network hub is a fairly unsophisticated broadcast device.
Hubs do not manage any of the traffic that comes through them, and any packet entering any
port is broadcast out on all other ports. Since every packet is being sent out through all other
ports, packet collisions result—which greatly impedes the smooth flow of traffic. The need
for hosts to be able to detect collisions limits the number of hubs and the total size of a
network built using hubs (a network built using switches does not have these limitations). For
10 Mbit/s networks, up to 5 segments (4 hubs) are allowed between any two end stations.
Bridges:- A Network Bridge connects multiple network segments at the data link layer
(Layer 2) of the OSI model. In Ethernet networks, the term Bridge formally means a device
that behaves according to the IEEE 802.1 D standards. A bridge and switch are very much
alike; a switch being a bridge with numerous ports. Switch or Layer 2 switch is often used
interchangeably with Bridge. Bridges are similar to repeaters or network hubs, devices that
connect network segments at the physical layer; however, with bridging, traffic from one
network is managed rather than simply rebroadcast to adjacent network segments. Bridges
are more complex than hubs or repeaters. Bridges can analyze incoming data packets to
determine if the bridge is able to send the given packet to another segment of the network.
Network Cables:- Communication is the process of transferring signals from one point to
another and there must be some medium to transfer those signals. In computer networking
and especially in the local area networking, there are certain communication mediums.
This section provides the basic overview of the network cables, LAN communication
system and other transmission mediums in LAN and WAN. Today many standardized
communication cables and communication devices are in use the according to the needs
of a computer network. LAN data communication systems there are different types of
cables are used. The most common types of the LAN cables are the Ethernet UTP/STP
cables. An Ethernet cable is a twisted pair cable that is consist of eight cables that are
paired together to make four pairs. A RJ-45 connector is joined with both ends of the
cables and one end of the connector is connected with the LAN card of the computer and
the other end of the cable is connected with the hub or switch. Cable testers are used to
test the performance of each cable. The preferable cable in the Ethernet networking is the
100baseT, which provides the best communication speed. UTP/STP is a standardize cable
in which data is transferred which provides the transmission speed of 10/100 mbps. The
most commonly used cable in the star topology is the UTP/STP cable. UTP/STP cables
are same in functionality only a slight difference is that an extra protective silver coated
layer surrounds the cable. UPT/STP cables are further divided into straight over and cross
over cables. The most common use of the UTP/STP cables is the serial transmission,
Ethernet, ISDN, fixed and modular interfaces in the WAN networking. Straight over
Fig 2.1.4: Types of Cables
The TCP/IP Model- This model is sometimes called the DOD model since it was
designed for the department of defence. It is also called the internet model because
TCP/IP is the protocol used on the internet.
OSI Network Model - The International Standards Organization (ISO) has defined a
standard called the Open Systems Interconnection (OSI) reference model. This is a
seven layer architecture listed in the next section.
The TCP/IP model is a description framework for computer network protocols created in the
1970s by DARPA, an agency of the United States Department of Defense. It evolved from
ARPANET, which were the world's first wide area network and a predecessor of the Internet.
The TCP/IP Model is sometimes called the Internet Model or the DoD Model. The TCP/IP
model, or Internet Protocol Suite, describes a set of general design guidelines and
implementations of specific networking protocols to enable computers to communicate over a
network. TCP/IP provides end-to-end connectivity specifying how data should be formatted,
addressed, transmitted, routed and received at the destination. Protocols exist for a variety of
different types of communication services between computers.
Fig 2.3: TCP/IP Model
Data Link Layer: The Data Link Layer is the networking scope of the local network
connection to which a host is attached. This regime is called the link in Internet literature.
This is the lowest component layer of the Internet protocols, as TCP/IP is designed to be
hardware independent. As a result TCP/IP has been implemented on top of virtually any
hardware networking technology in existence. The Data Link Layer is used to move packets
between the Internet Layer interfaces of two different hosts on the same link. The processes
of transmitting and receiving packets on a given link can be controlled both in the software
device driver for the network card, as well as on firmware or specialized chipsets. These will
perform data link functions such as adding a packet header to prepare it for transmission, and
then actually transmit the frame over a physical medium.
Network Layer:- The Network Layer solves the problem of sending packets across one or
more networks. Internetworking requires sending data from the source network to the
destination network. This process is called routing. In the Internet Protocol Suite, the Internet
Protocol performs two basic functions: Host addressing and identification and Packet routing.
IP can carry data for a number of different upper layer protocols. These protocols are each
identified by a unique protocol number: for example, Internet Control Message Protocol
(ICMP) and Internet Group Management Protocol (IGMP) are protocols 1 and 2,
respectively.
Application Layer:- The TCP/IP network interface layer provides network functions such as
frame synchronization, media access, and error control. It is sometimes referred to as the
network access layer, and is roughly equivalent to the Open System Interconnection (OSI)
model's data link layer. The network interface layer's functionality is divided between the
network interface card–driver combination and the low-level protocol stack driver.
Application Layer protocols generally treat the transport layer (and lower) protocols as "black
boxes" which provide a stable network connection across which to communicate, although
the applications are usually aware of key qualities of the transport layer connection such as
the end pointIP addresses and port numbers. As noted above, layers are not necessarily
clearly defined in the Internet protocol suite.
The Open System Interconnection (OSI) reference model describes how information from a
software application in one computer moves through a network medium to a software
application in another computer. The OSI reference model is a conceptual model composed
of seven layers, each specifying particular network functions. The model was developed by
the International Organization for Standardization (ISO) in 1984, and it is now considered the
updated without adversely affecting the other layers. The following diagram details the seven
layers of the Open System Interconnection (OSI) reference model:
The seven layers of the OSI reference model can be divided into two categories: upper layers
and lower layers. The upper layers of the OSI model deal with application issues and
generally are implemented only in software. The highest layer, the application layer, is
closest to the end user. Both users and application layer processes interact with software
applications that contain a communications component. The term upper layer is sometimes
used to refer to any layer above another layer in the OSI model. The lower layers of the OSI
model handle data transport issues. The lowest layer, the physical layer, is closest to the
physical network medium and is responsible for actually placing information on the medium.
Physical Layer: It defines the electrical and physical specifications for devices. In particular,
it defines the relationship between a device and physical medium. Physical layer
specifications define characteristics such as voltage levels, timing of voltage changes,
physical data rates, maximum transmission distances, and physical connectors. Physical layer
implementations can be categorized as either LAN or WAN specifications. The major
functions and services performed by the Physical Layer are establishment and termination of
a connection to a communications medium Participation in the process whereby the
communication resources are effectively shared among multiple users, modulation and
conversion between the representation of digital data in user equipment and the
corresponding signals transmitted over a communications channel.
Data Link Layer: The data link layer provides reliable transit of data across a physical
network link. Different data link layer specifications define different network and protocol
characteristics, including physical addressing, network topology, error notification,
sequencing of frames, and flow control. Physical addressing (as opposed to network
addressing) defines how devices are addressed at the data link layer. Network topology
consists of the data link layer specifications that often define how devices are to be physically
connected, such as in a bus or a ring topology. Error notification alerts upper-layer protocols
that a transmission error has occurred, and the sequencing of data frames reorders frames that
Network Layer: The network layer defines the network address, which differs from the
MAC address. Some network layer implementations, such as the Internet Protocol (IP),
define network addresses in a way that route selection can be determined systematically by
comparing the source network address with the destination network address and applying the
subnet mask. Because this layer defines the logical network layout, routers can use this layer
to determine how to forward packets. Because of this, much of the design and configuration
work for internetworks happens at Layer 3, the network layer.
Transport Layer: The transport layer accepts data from the session layer and segments the
data for transport across the network. Generally, the transport layer is responsible for making
sure that the data is delivered error-free and in the proper sequence. Flow control generally
occurs at the transport layer. Flow control manages data transmission between devices so that
the transmitting device does not send more data than the receiving device can process.
Multiplexing enables data from several applications to be transmitted onto a single physical
link. Virtual circuits are established, maintained, and terminated by the transport layer. Error
checking involves creating various mechanisms for detecting transmission errors, while error
recovery involves acting, such as requesting that data be retransmitted, to resolve any errors
that occur.
Session Layer: The session layer establishes, manages, and terminates communication
sessions. Communication sessions consist of service requests and service responses that occur
between applications located in different network devices. These requests and responses are
coordinated by protocols implemented at the session layer. Some examples of session-layer
implementations include Zone Information Protocol (ZIP), the AppleTalk protocol that
coordinates the name binding process; and Session Control Protocol (SCP), the DECnet
Phase IV session layer protocol.
Presentation Layer: The system. Some examples of presentation layer coding and
conversion schemes include presentation layer provides a variety of coding and conversion
functions that are applied to application layer data. These functions ensure that information
sent from the application layer of one system would be readable by the application layer of
another common data representation formats, conversion of character representation formats,
common data compression schemes, and common data encryption schemes. Common data
representation formats, or the use of standard image, sound, and video formats, enable the
interchange of application data between different types of computer systems. Conversion
schemes are used to exchange information with systems by using different text and data
representations, such as EBCDIC and ASCII. Standard data compression schemes enable
data that is compressed at the source device to be properly decompressed at the destination.
Standard data encryption schemes enable data encrypted at the source device to be properly
deciphered at the destination.
Application Layer: The application layer is the OSI layer closest to the end user, which
means that both the OSI application layer and the user interact directly with the software
application. This layer interacts with software applications that implement a communicating
component. Such application programs fall outside the scope of the OSI model. Application
layer functions typically include identifying communication partners, determining resource
availability, and synchronizing communication.
The three top layers in the OSI model—the Application Layer, the Presentation Layer and the
Session Layer—are not distinguished separately in the TCP/IP model where it is just the
Application Layer. While some pure OSI protocol applications, such as X.400, also combined
them, there is no requirement that a TCP/IP protocol stack needs to impose monolithic
architecture above the Transport Layer. For example, the Network File System (NFS)
application protocol runs over the Xternal Data Representation (XDR) presentation protocol,
which, in turn, runs over a protocol with Session Layer functionality, Remote Procedure Call
(RPC). RPC provides reliable record transmission, so it can run safely over the best-effort
User Datagram Protocol (UDP) transport. The Session Layer roughly corresponds to the
Telnet virtual terminal functionality which is part of text based protocols such as the HTTP
and SMTP TCP/IP model Application Layer protocols.
CHAPTER 3
ROUTING
3.1 DEFINITION
Routing (or routeing) is the process of selecting paths in a network along which to send
network traffic. Routing is performed for many kinds of networks, including the telephone
network, electronic data networks (such as the Internet), and transportation networks. Here
we are concerned primarily with routing in electronic data networks using packet
switching technology In packet switching networks, routing directs packet forwarding, the
transit of logically addressed packets from their source toward their ultimate destination
General-purpose computers with multiple network cards can also forward packets and
perform routing, though they are not specialized hardware and may suffer from limited
performance. The routing process usually directs forwarding on the basis of routing
CLASSIFICATION OF ROUTING
Routing can be classified on the basis of route telling scheme to the router about
neighbouring networks. This can be done in two ways, either we can tell the router about the
neighbouring networks statically or they can be told dynamically. Hence the classification
comes out to be:
Static routing and dynamic routing
Static routing:
Small networks may involve manually configured routing tables (static routing) or Non-
Adaptive routing, while larger networks involve complex topologies and may change rapidly,
making the manual construction of routing tables unfeasible. Nevertheless, most of the public
switched telephone network (PSTN) uses pre-computed routing tables, with fallback routes if
the most direct route becomes blocked (see routing in the PSTN).
Dynamic routing:
Adaptive routing or Dynamic routing attempts to solve this problem by constructing routing
tables automatically, based on information carried by routing protocols, and allowing the
network to act nearly autonomously in avoiding network failures and blockages. For larger
networks, static routing is avoided. Examples for (Dynamic routing) or Adaptive
routing algorithms are Routing Information Protocol (RIP), Open Shortest Path First
(OSPF).
Link-state algorithms:
When applying link-state algorithms, each node uses as its fundamental data a map of the
network in the form of a graph. To produce this, each node floods the entire network with
information about what other nodes it can connect to, and each node then independently
assembles this information into a map. Using this map, each router then independently
determines the least-cost path from itself to every other node using a standard shortest
paths algorithm such as Dijkstra's algorithm. The result is a tree rooted at the current node
such that the path through the tree from the root to any other node is the least-cost path to that
node.
Comparison of routing algorithms
Distance-vector routing protocols are simple and efficient in small networks, and
require little, if any management. However, distance-vector algorithms do not scale well (due
to the count-to-infinity problem), have poor convergence properties and are based on a 'hop
count' metric rather than a 'link-state' metric thus they ignore bandwidth (a major drawback)
when calculating the best path. This has led to the development of more complex but more
scalable algorithms for use in large networks. Interior routing mostly uses link-state routing
protocols such as OSPF and IS-IS. A more recent development is that of loop-free distance-
vector protocols (e.g. EIGRP). Loop-free distance-vector protocols are as robust and
manageable as distance-vector protocols, while avoiding counting to infinity and hence
having good worst-case convergence times. Path selection involves applying a routing
metric to multiple routes, in order to select (or predict) the best route.
The routing table stores only the best possible routes, while link-state or topological
databases may store all other information as well. Because a routing metric is specific to a
given routing protocol, multi-protocol routers must use some external heuristic in order to
select between routes learned from different routing protocols. Ciscos routers, for example,
attribute a value known as the administrative distance to each route, where smaller
administrative distances indicate routes learned from a supposedly more reliable protocol. A
local network administrator, in special cases, can set up host-specific routes to a particular
machine which provides more control over network usage, permits testing and better overall
security. In some networks, routing is complicated by the fact that no single entity is
responsible for selecting paths: instead, multiple entities are involved in selecting paths or
even parts of a single path.
Limitations
Without using RIP-MTI, Hop count cannot exceed 15, in case if it exceeds it will be
considered invalid.
Most RIP networks are flat. There is no concept of areas or boundaries in RIP
networks.
Without using RIP-MTI, RIP has slow convergence and count to infinity problems.
Implementations
Routed, included in most BSD Unix systems.
Routing and Remote Access, a Windows Server feature, contains RIP support.
Quagga, a free open source routing software suite based on GNU Zebra.
Cisco IOS, software used in Cisco routers (supports version 1, version 2 and RIPng)
Cisco NX-OS software used in Cisco Nexus data center switches (supports RIPv1 and
RIPv2)
CHAPTER 4
EIGRP PROTOCOL
4.1 INTRODUCTION
Enhanced Interior Gateway Routing Protocol - (EIGRP) is a Cisco proprietary routing
protocol loosely based on their original IGRP. EIGRP is an advanced distance-vector routing
protocol, with optimizations to minimize both the routing instability incurred after topology
changes, as well as the use of bandwidth and processing power in the router. Routers that
support EIGRP will automatically redistribute route information to IGRP neighbours by
converting the 32 bit EIGRP metric to the 24 bit IGRP metric. Most of the routing
optimizations are based on the Diffusing Update Algorithm (DUAL) work from SRI, which
guarantees loop-free operation and provides a mechanism for fast convergence.
Neighbour Table: Stores data about the neighbouring routers, i.e. those directly
accessible through directly connected interfaces.
Topology Table: Confusingly named, this table does not store an overview of the
complete network topology; rather, it effectively contains only the aggregation of the
routing tables gathered from all directly connected neighbours. This table contains a
list of destination networks in the EIGRP-routed network together with their
respective metrics. Also for every destination, a successor and a feasible successor are
identified and stored in the table if they exist. Every destination in the topology table
can be marked either as "Passive", which is the state when the routing has stabilized
and the router knows the route to the destination, or "Active" when the topology has
changed and the router is in the process of (actively) updating its route to that
destination.
Routing table: Stores the actual routes to all destinations; the routing table is
populated from the topology table with every destination network that has its
successor and optionally feasible successor identified (if unequal-cost load-balancing
is enabled using the variance command). The successors and feasible successors serve
as the next hop routers for these destinations.
Unlike most other distance vector protocols, EIGRP does not rely on periodic route dumps in
order to maintain its topology table. Routing information is exchanged only upon the
establishment of new neighbour adjacencies, after which only changes are sent.
Multiple metrics
K1 = Bandwidth modifier 12
Minimum Bandwidth (in kilobits per second)
K2 = Load modifier
K3 = Delay modifier
K4 = Reliability modifier
K5 = MTU modifier
Minimum path Maximum Transmission Unit (MTU) (though not actually used in the
calculation)
By default, only total delay and minimum bandwidth are enabled when EIGRP is started on a
router, but an administrator can enable or disable all the metrics as needed.
For the purposes of comparing routes, these are combined together in a weighted formula to
produce a single overall metric:
Where the various constants (K1 through K5) can be set by the user to produce varying
behaviours. An important and totally non-obvious fact is that if K5 is set to zero, the term
is not used (i.e. taken as 1).
The default is for K1 and K3 to be set to 1, and the rest to zero, effectively reducing the above
formula to (Bandwidth + Delay) * 256.
Obviously, these constants must be set to the same value on all routers in an EIGRP system,
or permanent routing loops will probably result. Cisco routers running EIGRP will not form
an EIGRP adjacency and will complain about K-values mismatch until these values are
identical on these routers.
EIGRP also maintains a hop count for every route; however, the hop count is not used
in metric calculation. It is only verified against a predefined maximum on an EIGRP router
(by default it is set to 100 and can be changed to any value between 1 and 255). Routes
having a hop count higher than the maximum will be advertised as unreachable by an EIGRP
router
Successor
A successor for a particular destination is a next hop router that satisfies these two conditions:
The first condition can be satisfied by comparing metrics from all neighbouring routers that
advertise that particular destination, increasing the metrics by the cost of the link to that
respective neighbour, and selecting the neighbour that yields the least total distance. The
second condition can be satisfied by testing a so-called Feasibility Condition for every
neighbour advertising that destination. There can be multiple successors for a destination,
depending on the actual topology.
Feasible Successor
A feasible successor for a particular destination is a next hop router that satisfies this
condition:
Thus, every successor is also a feasible successor. However, in most references about EIGRP
the term "feasible successor" is used to denote only those routers which provide a loop-free
path but which are not successors (i.e. they do not provide the least distance). From this point
of view, for a reachable destination there is always at least one successor, however, there
might not be any feasible successors.
The feasible successor effectively provides a backup route in the case that existing successors
die. Also, when performing unequal-cost load-balancing (balancing the network traffic in
inverse proportion to the cost of the routes), the feasible successors are used as next hops in
the routing table for the load-balanced destination. By default, the total count of successors
and feasible successors for a destination stored in the routing table is limited to four. This
limit can be changed in the range from 1 to 6. In more recent versions of Cisco IOS (e.g.
12.4), this range is between 1 and 16.
CHAPTER 5
SWITCHING
Standardization
This is a combination card that supports both coaxial-based using a 10BASE2 (BNC
connector, left) and twisted pair-based 10BASE-T, using an RJ45 (8P8Cmodular connector,
right).Ethernet was originally based on the idea of computers communicating over a shared
coaxial cable acting as a broadcast transmission medium. The methods used show some
similarities to radio systems, although there are fundamental differences, such as the fact that
it is much easier to detect collisions in a cable broadcast system than a radio broadcast. The
common cable providing the communication channel was likened to the ether and it was from
this reference that the name "Ethernet" was derived.
The advantage of CSMA/CD was that, unlike Token Ring and Token Bus, all nodes could
"see" each other directly. All "talkers" shared the same medium - a single coaxial cable -
however, this was also a limitation; with only one speaker at a time, packets had to be of a
minimum size to guarantee that the leading edge of the propagating wave of the message got
to all parts of the medium before the transmitter could stop transmitting, thus guaranteeing
that collisions (two or more packets initiated within a window of time which forced them to
overlap) would be discovered. Minimum packet size and the physical medium's total length
were thus closely linked.
Above the physical layer, Ethernet stations communicate by sending each other data packets,
blocks of data that are individually sent and delivered. As with other IEEE 802 LANs, each
Ethernet station is given a single 48-bit MAC address, which is used to specify both the
destination and the source of each data packet. Network interface cards (NICs) or chips
normally do not accept packets addressed to other Ethernet stations. Adapters generally come
programmed with a globally unique address, but this can be overridden, either to avoid an
address change when an adapter is replaced, or to use locally administered addresses.
Due to the ubiquity of Ethernet, the ever-decreasing cost of the hardware needed to support it,
and the reduced panel space needed by twisted pair Ethernet, most manufacturers now build
the functionality of an Ethernet card directly into PC motherboards, eliminating the need for
installation of a separate network card.
Ethernet originally used a shared coaxial cable (the shared medium) winding around a
building or campus to every attached machine. A scheme known as carrier sense multiple
accesses with collision detection (CSMA/CD) governed the way the computers shared the
channel. This scheme was simpler than the competing token ring or token bus technologies.
When a computer wanted to send some information, it used the following algorithm:
1. Continue transmission until minimum packet time is reached (jam signal) to ensure
that all receivers detect the collision.
2. Increment retransmission counter.
3. Was the maximum number of transmission attempts reached? If so, abort
transmission.
4. Calculate and wait random back off period based on number of collisions.
5. Re-enter main procedure at stage 1.
This can be likened to what happens at a dinner party, where all the guests talk to each other
through a common medium (the air). Before speaking, each guest politely waits for the
current speaker to finish. If two guests start speaking at the same time, both stop and wait for
short, random periods of time (in Ethernet, this time is generally measured in microseconds).
The hope is that by each choosing a random period of time, both guests will not choose the
same time to try to speak again, thus avoiding another collision. Exponentially increasing
back-off times (determined using the truncated binary exponential back off algorithm) are
used when there is more than one failed attempt to transmit.
Since all communications happen on the same wire, any information sent by one computer is
received by all, even if that information is intended for just one destination. The network
interface card interrupts the CPU only when applicable packets are received: the card ignores
information not addressed to it unless it is put into "promiscuous mode". This "one speaks, all
listen" property is a security weakness of shared-medium Ethernet, since a node on an
Ethernet network can eavesdrop on all traffic on the wire if it so chooses. Use of a single
cable also means that the bandwidth is shared, so that network traffic can slow to a crawl
when, for example, the network and nodes restart after a power failure.
While repeaters could isolate some aspects of Ethernet segments, such as cable breakages,
they still forwarded all traffic to all Ethernet devices. These created practical limits on how
many machines could communicate on an Ethernet network. Also as the entire network was
one collision domain and all hosts had to be able to detect collisions anywhere on the
network, the number of repeaters between the farthest nodes was limited. Finally segments
joined by repeaters had to all operate at the same speed, making phased-in upgrades
impossible. To alleviate these problems, bridging was created to communicate at the data link
layer while isolating the physical layer. With bridging, only well-formed Ethernet packets are
forwarded from one Ethernet segment to another; collisions and packet errors are isolated.
Bridges learn where devices are, by watching MAC addresses, and do not forward packets
across segments when they know the destination address is not located in that direction.Early
bridges examined each packet one by one using software on a CPU, and some of them were
patterns are symmetrical (which in reality they rarely are). The elimination of the collision
domain also means that all the link's bandwidth can be used and that segment length is not
limited by the need for correct collision detection (this is most significant with some of the
fiber variants of Ethernet).
Simple switched Ethernet networks, while an improvement over hub based Ethernet, suffer
from a number of issues:
They suffer from single points of failure. If any link fails some devices will be unable
to communicate with other devices and if the link that fails is in a central location lots
of users can be cut off from the resources they require.
It is possible to trick switches or hosts into sending data to a machine even if it's not
intended for it (see switch vulnerabilities).
Large amounts of broadcast traffic, whether malicious, accidental, or simply a side
effect of network size can flood slower links and/or systems.
o It is possible for any host to flood the network with broadcast traffic forming a
denial of service attack against any hosts that run at the same or lower speed
as the attacking device.
o As the network grows, normal broadcast traffic takes up an ever greater
amount of bandwidth.
o If switches are not multicast aware, multicast traffic will end up treated like
broadcast traffic due to being directed at a MAC with no associated port.
o If switches discover more MAC addresses than they can store (either through
network size or through an attack) some addresses must inevitably be dropped
and traffic to those addresses will be treated the same way as traffic to
unknown addresses, that is essentially the same as broadcast traffic (this issue
is known as fail open).
They suffer from bandwidth choke points where a lot of traffic is forced down a
single link.
Spanning-tree protocol to maintain the active links of the network as a tree while
allowing physical loops for redundancy.
Various port protection features, as it is far more likely an attacker will be on an end
system port than on a switch-switch link.
VLANs to keep different classes of users separate while using the same physical
infrastructure.
Fast routing at higher levels to route between those VLANs.
Link aggregation to add bandwidth to overloaded links and to provide some measure
of redundancy, although the links won't protect against switch failure because they
connect the same pair of switches.
The only difference between a layer 3 switch and router is the way the administrator creates
the physical implementation. Also, traditional routers use microprocessors to make
forwarding decisions, and the switch performs only hardware-based packet switching.
However, some traditional routers can have other hardware functions as well in some of the
higher-end models. Layer 3 switches can be placed anywhere in the network because they
handle high-performance LAN traffic and can cost-effectively replace routers. Layer 3
switching is all hardware-based packet forwarding, and all packet forwarding is handled by
hardware ASICs. Layer 3 switches really are no different functionally than a traditional router
and perform the same functions, which are listed here
The Spanning tree protocol (STP) is a link layer network protocol that ensures a loop-free
topology for any bridged LAN. Thus, the basic function of STP is to prevent bridge loops and
ensuing broadcast radiation. In the OSI model for computer networking, STP falls under the
OSI layer-2. It is standardized as 802.1D. As the name suggests, it creates a spanning tree
within a mesh network of connected layer-2 bridges (typically Ethernet switches), and
disables those links that are not part of the spanning tree, leaving a single active path between
any two network nodes. Spanning tree allows a network design to include spare (redundant)
links to provide automatic backup paths if an active link fails, without the danger of bridge
loops, or the need for manual enabling/disabling of these backup links. Bridge loops must be
avoided because they result in flooding the internet network.
The computed spanning tree has the property that messages from any connected device to the
root bridge traverse a least cost path, i.e., a path from the device to the root that has minimum
cost among all paths from the device to the root. The cost of traversing a path is the sum of
the costs of the segments on the path. Different technologies have different default costs for
network segments. An administrator can configure the cost of traversing a particular network
segment.
The property that messages always traverse least-cost paths to the root is guaranteed by the
following two rules.
Least cost path from each bridge. After the root bridge has been chosen, each bridge
determines the cost of each possible path from itself to the root. From these, it picks
the one with the smallest cost (the least-cost path). The port connecting to that path
becomes the root port (RP) of the bridge.
Least cost path from each network segment. The bridges on a network segment
collectively determine which bridge has the least-cost path from the network segment
to the root. The port connecting this bridge to the network segment is then the
designated port (DP) for the segment.
Disable all other root paths. Any active port that is not a root port or a designated port
is a blocked port (BP).
Modifications in case of ties. The above rules over-simplify the situation slightly,
because it is possible that there are ties, for example, two or more ports on a single
bridge are attached to least-cost paths to the root or two or more bridges on the same
network segment have equal least-cost paths to the root. To break such ties:
Breaking ties for root ports. When multiple paths from a bridge are least-cost paths,
the chosen path uses the neighbour bridge with the lower bridge ID. The root port is
thus the one connecting to the bridge with the lowest bridge ID. For example, in
figure 3, if switch 4 were connected to network segment d, there would be two paths
of length 2 to the root, one path going through bridge 24 and the other through bridge
92. Because there are two least cost paths, the lower bridge ID (24) would be used as
the tie-breaker in choosing which path to use.
Breaking ties for designated ports. When more than one bridge on a segment leads to
a least-cost path to the root, the bridge with the lower bridge ID is used to forward
messages to the root. The port attaching that bridge to the network segment is the
designated port for the segment. In figure 4, there are two least cost paths from
network segment d to the root, one going through bridge 24 and the other through
bridge 92. The lower bridge ID is 24, so the tie breaker dictates that the designated
port is the port through which network segment d is connected to bridge 24. If bridge
IDs were equal, then the bridge with the lowest MAC address would have the
designated port. In either case, the loser sets the port as being blocked.
The final tie-breaker. In some cases, there may still be a tie, as when two bridges are
connected by multiple cables. In this case, multiple ports on a single bridge are
candidates for root port. In this case, the path which passes through the port on the
neighbour bridge that has the lowest port priority is used.
Blocking - A port that would cause a switching loop, no user data is sent or received
but it may go into forwarding mode if the other links in use were to fail and the
spanning tree algorithm determines the port may transition to the forwarding state.
BPDU data is still received in blocking state.
Listening - The switch processes BPDUs and awaits possible new information that
would cause it to return to the blocking state.
Learning - While the port does not yet forward frames (packets) it does learn source
addresses from frames received and adds them to the filtering database (switching
database)
Forwarding - A port receiving and sending data, normal operation. STP still monitors
incoming BPDUs that would indicate it should return to the blocking state to prevent
a loop.
Disabled - Not strictly part of STP, a network administrator can manually disable a
port
To prevent the delay when connecting hosts to a switch and during some topology changes,
Rapid STP was developed and standardized by IEEE 802.1w, which allows a switch port to
rapidly transition into the forwarding state during these situations.
6.2 VIRTUAL LAN
A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of
requirements that communicate as if they were attached to the same broadcast domain,
regardless of their physical location. A VLAN has the same attributes as a physical LAN, but
it allows for end stations to be grouped together even if they are not located on the same
network switch. Network reconfiguration can be done through software instead of physically
relocating devices.
Uses
VLANs are created to provide the segmentation services traditionally provided by routers in
LAN configurations. VLANs address issues such as scalability, security, and network
management. Routers in VLAN topologies provide broadcast filtering, security, address
summarization, and traffic flow management. By definition, switches may not bridge IP
traffic between VLANs as it would violate the integrity of the VLAN broadcast domain.
This is also useful if someone wants to create multiple Layer 3 networks on the same Layer 2
switch. For example, if a DHCP server (which will broadcast its presence) is plugged into a
switch it will serve any host on that switch that is configured to get its IP from a DHCP
server. By using VLANs you can easily split the network up so some hosts won't use that
DHCP server and will obtain link-local addresses, or obtain an address from a different
DHCP server. Virtual LANs are essentially Layer 2 constructs, compared with IP subnets
which are Layer 3 constructs. In an environment employing VLANs, a one-to-one
relationship often exists between VLANs and IP subnets, although it is possible to have
multiple subnets on one VLAN or have one subnet spread across multiple VLANs. Virtual
LANs and IP subnets provide independent Layer 2 and Layer 3 constructs that map to one
another and this correspondence is useful during the network design process.
By using VLANs, one can control traffic patterns and react quickly to relocations. VLANs
provide the flexibility to adapt to changes in network requirements and allow for simplified
administration.
The protocol most commonly used today in configuring virtual LANs is IEEE 802.1Q. The
IEEE committee defined this method of multiplexing VLANs in an effort to provide
multivendor VLAN support. Prior to the introduction of the 802.1Q standard, several
proprietary protocols existed, such as Cisco's ISL (Inter-Switch Link) and 3Com's VLT
(Virtual LAN Trunk). Cisco also implemented VLANs over FDDI by carrying VLAN
information in an IEEE 802.10 frame header, contrary to the purpose of the IEEE 802.10
standard.
Both ISL and IEEE 802.1Q tagging perform "explicit tagging" - the frame itself is tagged
with VLAN information. ISL uses an external tagging process that does not modify the
existing Ethernet frame, while 802.1Q uses a frame-internal field for tagging, and so does
modify the Ethernet frame. This internal tagging is what allows IEEE 802.1Q to work on
both access and trunk links: frames are standard Ethernet, and so can be handled by
commodity hardware.
The IEEE 802.1Q header contains a 4-byte tag header containing a 2-byte tag protocol
identifier (TPID) and 2-byte tag control information (TCI). The TPID has a fixed value of
0x8100 that indicates that the frame carries the 802.1Q/802.1p tag information. The TCI
contains the following elements:
Inter-Switch Link (ISL) is a Cisco proprietary protocol used to interconnect multiple switches
and maintain VLAN information as traffic travels between switches on trunk links. This
technology provides one method for multiplexing bridge groups (VLANs) over a high-speed
backbone. It is defined for Fast Ethernet and Gigabit Ethernet, as is IEEE 802.1Q.
Static VLANs
Dynamic VLANs
Static VLANs are also referred to as port-based VLANs. Static VLAN assignments are
created by assigning ports to a VLAN. As a device enters the network, the device
automatically assumes the VLAN of the port. If the user changes ports and needs access to
the same VLAN, the network administrator must manually make a port-to-VLAN assignment
for the configuration.
Port-based VLANs With port-based VLAN membership, the port is assigned to a specific
VLAN independent of the user or system attached to the port. This means all users attached
to the port should be members of the same VLAN. The network administrator typically
performs the VLAN assignment. The port configuration is static and cannot be automatically
changed to another VLAN without manual reconfiguration. As with other VLAN approaches,
the packets forwarded using this method do not leak into other VLAN domains on the
network. After a port has been assigned to a VLAN, the port cannot send to or receive from
devices in another VLAN without the intervention of a Layer 3 device.
CHAPTER 7
WIDE AREA NETWORKS
7.1 INTRODUCTION
A wide area network (WAN) is a computer network that covers a broad area (i.e., any
network whose communications links cross metropolitan, regional, or national boundaries).
This is in contrast with personal area networks (PANs), local area networks (LANs), campus
area networks (CANs), or metropolitan area networks (MANs) which are usually limited to a
room, building, campus or specific metropolitan area (e.g., a city) respectively.
WANs are used to connect LANs and other types of networks together, so that users and
computers in one location can communicate with users and computers in other locations.
Many WANs are built for one particular organization and are private. Others, built by
Internet service providers, provide connections from an organization's LAN to the Internet.
WANs are often built using leased lines. At each end of the leased line, a router connects to
the LAN on one side and a hub within the WAN on the other. Leased lines can be very
expensive. Instead of using leased lines, WANs can also be built using less costly circuit
switching or packet switching methods. Network protocols including TCP/IP deliver
transport and addressing functions. Protocols including Packet over SONET/SDH, MPLS,
ATM and Frame relay are often used by service providers to deliver the links that are used in
WANs. X.25 was an important early WAN protocol, and is often considered to be the
"grandfather" of Frame Relay as many of the underlying protocols and functions of X.25 are
still in use today (with upgrades) by Frame Relay.
High-Level Data Link Control (HDLC) is a bit-oriented synchronous data link layer protocol
developed by the International Organization for Standardization (ISO). The original ISO
standards for HDLC are:
The current standard for HDLC is ISO 13239, which replaces all of those standards. HDLC
provides both connection-oriented and connectionless service.
History
HDLC is based on IBM's SDLC protocol, which is the layer 2 protocol for IBM's Systems
Network Architecture (SNA). It was extended and standardized by the ITU as LAP, while
ANSI named their essentially identical version ADCCP. Derivatives have since appeared in
innumerable standards. It was adopted into the X.25 protocol stack as LAPB, into the V.42
protocol as LAPM, into the Frame Relay protocol stack as LAPF and into the ISDN protocol
stack as LAPD. It was the inspiration for the IEEE 802.2LLC protocol, and it is the basis for
the framing mechanism used with the PPP on synchronous lines, as used by many servers to
connect to a WAN, most commonly the Internet.
Framing
HDLC frames can be transmitted over synchronous or asynchronous links. Those links have
no mechanism to mark the beginning or end of a frame, so the beginning and end of each
frame has to be identified. This is done by using a frame delimiter, or flag, which is a unique
sequence of bits that is guaranteed not to be seen inside a frame. This sequence is '01111110',
or, in hexadecimal notation, 0x7E. Each frame begins and ends with a frame delimiter. A
frame delimiter at the end of a frame may also mark the start of the next frame. A sequence of
7 or more consecutive 1-bits within a frame will cause the frame to be aborted.
Frame Sequence
This is used by modems to train and synchronize their clocks via phase-locked loops.
Some protocols allow the 0-bit at the end of a frame delimiter to be shared with the start of
the next frame delimiter, i.e. '011111101111110'.
Synchronous framing
On synchronous links, this is done with bit stuffing. Any time that 5 consecutive 1-bits
appear in the transmitted data, the data is paused and a 0-bit is transmitted. This ensures that
no more than 5 consecutive 1-bits will be sent. The receiving device knows this is being
done, and after seeing 5 1-bits in a row, a following 0-bit is stripped out of the received data.
If the following bit is a 1-bit, the receiver has found a flag.
Asynchronous framing
When using asynchronous serial communication such as standard RS-232serial ports, bits are
sent in groups of 8, and bit-stuffing is inconvenient. Instead they use "control-octet
transparency", also called "byte stuffing" or "octet stuffing". The frame boundary octet is
01111110, (7E in hexadecimal notation). A "control escape octet", has the bit sequence
'01111101', (7D hexadecimal). If either of these two octets appears in the transmitted data, an
escape octet is sent, followed by the original data octet with bit 5 inverted.
Structure
Data is usually sent in multiples of 8 bits, but only some variants require this; others
theoretically permit data alignments on other than 8-bit boundaries. The frame check
sequence (FCS) is a 16-bit CRC-CCITT or a 32-bit CRC-32 computed over the Address,
Control, and Information fields. It provides a means by which the receiver can detect errors
that may have been induced during the transmission of the frame, such as lost bits, flipped
bits, and extraneous bits. However, given that the algorithms used to calculate the FCS are
such that the probability of certain types of transmission errors going undetected increases
with the length of the data is being checked for errors, the FCS can implicitly limit the
practical size of the frame.
Synchronous Data Link Control (SDLC) was originally designed to connect one computer
with multiple peripherals. The original "normal response mode" is a master-slave mode
where the computer (or primary terminal) gives each peripheral (secondary terminal)
permission to speak in turn. Because all communication is either to or from the primary
terminal, frames include only one address, that of the secondary terminal; the primary
terminal is not assigned an address. There is also a strong distinction between commands sent
by the primary to a secondary, and responses sent by a secondary to the primary. Commands
and responses are in fact indistinguishable; the only difference is the direction in which they
are transmitted.
Normal response mode allows operation over half-duplex communication links, as long as
the primary is aware that it may not transmit when it has given permission to a secondary.
Asynchronous response mode is an HDLC addition for use over full-duplex links. While
retaining the primary/secondary distinction, it allows the secondary to transmit at any time.
Asynchronous balanced mode added the concept of a combined terminal which can act as
both a primary and a secondary. There are some subtleties about this mode of operation;
while many features of the protocol do not care whether they are in a command or response
frame, some do, and the address field of a received frame must be examined to determine
whether it contains a command (the address received is ours) or a response (the address
received is that of the other terminal).
Information frames, or I-frames, transport user data from the network layer. In
addition they can also include flow and error control information piggybacked on
data.
Supervisory Frames, or S-frames, are used for flow and error control whenever
piggybacking is impossible or inappropriate, such as when a station does not have
data to send. S-frames do not have information fields.
Unnumbered frames, or U-frames, are used for various miscellaneous purposes,
including link management. Some U-frames contain an information field, depending
on the type.
Unbalanced, which consists of one primary terminal, and one or more secondary
terminals.
Balanced, which consists of two peer terminals.
An additional link configuration is Disconnected mode. This is the mode that a secondary
station is in before it is initialized by the primary, or when it is explicitly disconnected. In this
mode, the secondary responds to almost every frame other than a mode set command with a
"Disconnected mode" response. The purpose of this mode is to allow the primary to reliably
detect a secondary being powered off or otherwise reset..
Basic Operations
Frame Relay is a standardized wide area networking technology that specifies the physical
and logical link layers of digital telecommunications channels using a packet switching
methodology. Originally designed for transport across Integrated Services Digital Network
(ISDN) infrastructure, it may be used today in the context of many other network interfaces.
Network providers commonly implement Frame Relay for voice (VoFR) and data as an
encapsulation technique, used between local area networks (LANs) over a wide area network
(WAN). Each end-user gets a private line (or leased line) to a frame-relay node. The frame-
relay network handles the transmission over a frequently-changing path transparent to all
end-users.
With the advent of MPLS, VPN and dedicated broadband services such as cable modem and
DSL, the end may loom for the Frame Relay protocol and encapsulation. However many
rural areas remain lacking DSL and cable modem services. In such cases the least expensive
type of "always-on" connection remains a 64-kbit/s frame-relay line. Thus a retail chain, for
instance, may use Frame Relay for connecting rural stores into their corporate WAN.
Design
The designers of Frame Relay aimed to a telecommunication service for cost-efficient data
transmission for intermittent traffic between local area networks (LANs) and between end-
points in a wide area network (WAN). Frame Relay puts data in variable-size units called
"frames" and leaves any necessary error-correction (such as re-transmission of data) up to the
end-points. This speeds up overall data transmission. For most services, the network provides
a permanent virtual circuit (PVC), which means that the customer sees a continuous,
dedicated connection without having to pay for a full-time leased line, while the service-
provider figures out the route each frame travels to its destination and can charge based on
usage.
An enterprise can select a level of service quality - prioritizing some frames and making
others less important. Frame Relay can run on fractional T-1 or full T-carrier system
Each Frame Relay Protocol data unit (PDU) consists of the following fields:
Flag Field. The flag is used to perform high-level data link synchronization which
indicates the beginning and end of the frame with the unique pattern 01111110. To
ensure that the 01111110 pattern does not appear somewhere inside the frame, bit
stuffing and destuffing procedures are used.
Address Field. Each address field may occupy either octet 2 to 3, octet 2 to 4, or octet
2 to 5, depending on the range of the address in use. A two-octet address field
comprises the EA=ADDRESS FIELD EXTENSION BITS and the
C/R=COMMAND/RESPONSE BIT.
1. DLCI-Data Link Connection Identifier Bits. The DLCI serves to identify the
virtual connection so that the receiving end knows which information
connection a frame belongs to. Note that this DLCI has only local
significance. A single physical channel can multiplex several different virtual
connections.
2. FECN, BECN, DE bits. These bits report congestion:
FECN=Forward Explicit Congestion Notification bit
BECN=Backward Explicit Congestion Notification bit
DE=Discard Eligibility bit
Information Field. A system parameter defines the maximum number of data bytes
that a host can pack into a frame. Hosts may negotiate the actual maximum frame
length at call set-up time. The standard specifies the maximum information field size
(supportable by any network) as at least 262 octets. Since end-to-end protocols
typically operate on the basis of larger information units, Frame Relay recommends
that the network support the maximum value of at least 1600 octets in order to avoid
the need for segmentation and reassembling by end-users.
Frame Check Sequence (FCS) Field. Since one cannot completely ignore the bit
error-rate of the medium, each switching node needs to implement error detection to
avoid wasting bandwidth due to the transmission of erred frames. The error detection
mechanism used in Frame Relay uses the cyclic redundancy check (CRC) as its basis.
The Frame Relay network uses a simplified protocol at each switching node. It achieves
simplicity by omitting link-by-link flow-control. As a result, the offered load has largely
determined the performance of Frame Relay networks. When offered load is high, due to the
bursts in some services, temporary overload at some Frame Relay nodes causes a collapse in
network throughput. Therefore, frame-relay networks require some effective mechanisms to
control the congestion.
Congestion control in frame-relay networks includes the following elements:
Admission Control. This provides the principal mechanism used in Frame Relay to
ensure the guarantee of resource requirement once accepted. It also serves generally
to achieve high network performance. The network decides whether to accept a new
connection request, based on the relation of the requested traffic descriptor and the
network's residual capacity. The traffic descriptor consists of a set of parameters
communicated to the switching nodes at call set-up time or at service-subscription
time, and which characterizes the connection's statistical properties. The traffic
descriptor consists of three elements:
Committed Information Rate (CIR). The average rate (in bit/s) at which the network
guarantees to transfer information units over a measurement interval T. This T
interval is defined as: T = Bc/CIR.
Committed Burst Size (BC). The maximum number of information units transmittable
during the interval T.
Excess Burst Size (BE). The maximum number of uncommitted information units (in
bits) that the network will attempt to carry during the interval.
Once the network has established a connection, the edge node of the Frame Relay network
must monitor the connection's traffic flow to ensure that the actual usage of network
resources does not exceed this specification. Frame Relay defines some restrictions on the
user's information rate. It allows the network to enforce the end user's information rate and
discard information when the subscribed access rate is exceededvoid data accumulation
inside the network. FECN means Forward Explicit Congestion Notification. The FECN bit
can be set to 1 to indicate that congestion was experienced in the direction of the frame
transmission, so it informs the destination that congestion has occurred. BECN means
Backwards Explicit Congestion Notification. The BECN bit can be set to 1 to indicate that
congestion was experienced in the network in the direction opposite of the frame
transmission, so it informs the sender that congestion has occurred.
X.25 provides quality of service and error-free delivery, whereas, Frame Relay was designed
to relay data as quickly as possible over low error networks. Frame Relay eliminates a
number of the higher-level procedures and fields used in X.25. Frame Relay was designed for
use on links with error-rates far lower than available when X.25 was designed.X.25 packet
switched networks typically allocated a fixed bandwidth through the network for each X.25
access, regardless of the current load. This resource allocation approach, while apt for
applications that require guaranteed quality of service, is inefficient for applications that are
highly dynamic in their load characteristics or which would benefit from a more dynamic
resource allocation. Frame Relay networks can dynamically allocate bandwidth at both the
physical and logical channel level.
A virtual private network (VPN) links two computers through an underlying local or wide-
area network, while encapsulating the data and keeping it private. It is analogous to a pipe
within a pipe. Even though the outer pipe contains the inner one, the inner pipe has a wall that
blocks other traffic in the outer pipe. To the rest of the network, the VPN traffic just looks
like another traffic stream.
VPN classifications
VPN technologies have myriad protocols, terminologies and marketing influences that
define them. For example, VPN technologies can differ in:
Security Mechanisms:
IPSec (Internet Protocol Security) was originally developed for IPv6, which requires
it. This standards-based security protocol is also widely used with IPv4. L2TP
frequently runs over IPSec.
Transport Layer Security (SSL/TLS) can tunnel an entire network's traffic, as it does
in the Open VPN project, or secure an individual connection. A number of vendors
provide remote access VPN capabilities through SSL. An SSL VPN can connect from
locations where IPSec runs into trouble with Network Address Translation and
firewall rules. However, SSL-based VPNs use Transmission Control Protocol (TCP)
and so may be vulnerable to denial-of-service attacks because TCP connections do not
authenticate.
Datagram Transport Layer Security (DTLS), is used in Cisco's next-generation VPN
product, Cisco Any Connect VPN, to solve the issues SSL/TLS has with tunneling
TCP over TCP.
Microsoft's Microsoft Point-to-Point Encryption (MPPE) works with their PPTP and
in several compatible implementations on other platforms.
Microsoft introduced Secure Socket Tunneling Protocol (SSTP) in Windows Server
2008 and Windows Vista Service Pack 1. SSTP tunnels Point-to-Point Protocol (PPP)
or L2TP traffic through an SSL 3.0 channel.
MPVPN (Multi Path Virtual Private Network). Ragula Systems Development
Company owns the registered trademark "MPVPN".
Secure Shell (SSH) VPN – Open SSH offers VPN tunnelling to secure remote
connections to a network or inter-network links. This should not be confused with
port forwarding. Open SSH server provides limited number of concurrent tunnels and
the VPN feature itself does not support personal authentication.
Authentication
Tunnel endpoints must authenticate before secure VPN tunnels can establish. User-created
remote access VPNs may use passwords, biometrics, two-factor authentication or other
cryptographic methods. Network-to-network tunnels often use passwords or digital
certificates, as they permanently store the key to allow the tunnel to establish automatically
and without intervention.
Routing
Tunnelling protocols can be used in a point-to-point topology that would theoretically not be
considered a VPN, because a VPN by definition is expected to support arbitrary and changing
sets of network nodes. But since most router implementations support software-defined
tunnel interface, customer-provisioned VPNs often are simply defined tunnels running
conventional routing protocols. On the other hand provider-provided VPNs (PPVPNs), need
to support coexisting multiple VPNs, hidden from one another, but operated by the same
service provider.
Mobile VPNs handle the special circumstances when an endpoint of the VPN is not fixed to a
single IP address, but instead roams across various networks such as data networks from
cellular carriers or between multiple Wi-Fi access points. Mobile VPNs have been widely
used in public safety, where they give law enforcement officers access to mission-critical
applications, such as computer-assisted dispatch and criminal databases, as they travel
between different subnets of a mobile network. They are also used in field service
management and by healthcare organizations among other industries.
Increasingly, mobile VPNs are being adopted by mobile professionals and white-collar
workers who need reliable connections. They allow users to roam seamlessly across networks
and in and out of wireless-coverage areas without losing application sessions or dropping the
secure VPN session. A conventional VPN cannot survive such events because the network
tunnel is disrupted, causing applications to disconnect, time routor fail, or even cause the
computing device itself to crash.