‫ِيم ِ۔ َّح ِ ِرل ٰن ہلمَّ ل ِح لر ِ ِ م‬

‫بس‬

“Acquire knowledge and

impart it to the people.”
Holy Prophet Mohammed (- ‫ﷺ‬Sallallaho
Alaihi Wa’Sallam)
 Group Name:
THE TRANSWORKERS
Muhammad
Ahad
BSITF13MM031
Content:
• Introduction to Data Centre.
• Data Center Network Design.
• Data Center Network Application
Architecture Models.
• Data Center Architecture.
• Data Center Topologies.
• Data Center Services.
 Data Center:
• A data center is a centralized
repository, either physical or virtual,
for the storage, management, and
dissemination of data and
information organized around a
particular body of knowledge or
pertaining to a particular business or
education.
Data Centre can be Classified as either:
• Enterprise (Private):
Privately owned and operated by private corporate, institutional
or government entitles.

• Co-Location/Hosting (Public):
Owned and operated by Telco’s or service providers.

• Data Centers house critical computing resources in controlled

environments and under centralized management, which
enable enterprises to operate around to the clock or according
to their business/educational needs.

• These computing resources include mainframes, web and

application servers, file and print servers, messaging servers,
application software and the operating systems that run them,
storage subsystems, and the network infrastructure, whether IP
or storage-area network (SAN).
Additionally, a number of servers support network
operations and network-based applications.

Network operation applications include:

• Network Time Protocol (NTP).

• Terminal Emulator (TN3270).
• File transfer protocol (FTP).
• Domain Name System (DNS).
• Dynamic Host Configuration Protocol (DHCP).
• Simple Network Management Protocol (SNMP).
• Trivial File Transfer Protocol (TFTP).
• Network File System (NFS).
• Network-based applications, including IP telephony,
video streaming over IP, IP video conferencing.
Data Centre Network Design:
The following section summarizes some of the technical
considerations for designing a modern day data center network.
• Infrastructure Services: Routing, switching, and server-farm
architecture.
•Application Services: Load balancing, Secure Socket Layer
(SSL) offloading, and caching.
• Security Services: Packet filtering and inspection, intrusion
detection, and intrusion prevention.

• Storage Services: SAN architecture, Fiber Channel switching,

backup, and archival.
• Campus Continuance: SAN extension, site selection, and Data

Center interconnectivity.

Data Center Roles:

Figure 1 presents the different building blocks used in the
enterprise network and illustrates the location of the Data Center
within that architecture.
The building blocks of this typical enterprise network include:
• Campus Network:
• Private WAN:
Data Centre Network Design:
• Remote Access:
• Internet Server Farm:
• Extranet Server Farm:
• Intranet Server Farm:

• Data Centers typically house many components that support

the infrastructure building blocks, such as the core switches of
the campus network or the edge routers of the private WAN.

• Data Center designs can include any or all of the building

blocks in Figure 1-1, including any or all server farm types.

• Each type of server farm can be a separate physical

entity, depending on the business requirements of the
enterprise.

• For example, a company might build a single Data Center and

share all resources, such as servers, firewalls, routers,
switches, and so on. Another company might require that the
three server farms be physically separated with no shared
equipment.
Figure 1-1:
Data Center Network Application Architecture
Models:
• Architectures are constantly evolving, adapting to new
requirements, and using new technologies.

• The most pervasive models are the client/server and n-tier

models that refer to how applications use the functional
elements of communication exchange.

• The client/server model, in fact, has evolved to the n-tier model,

which most enterprise software application vendors currently
use in application architectures.

The Client/Server Model and Its Evolution:

The classic client/server model describes the communication

between an application and a user through the use of a server and
a client. The classic client/server model consists of the
following:

• A thick client that provides a graphical user interface (GUI) on

top of an application or business logic where some processing
occurs.
The Client/Server Model and Its
Evolution:

• A server where the remaining business logic resides.

• A thick client is then a portion of the application code running at

the client’s computer that has the responsibility of retrieving
data from the server and presenting it to the client.

• The thick client code requires a fair amount of processing

capacity and resources to run in addition to the management
overhead caused by loading and maintaining it on the client
base.

• The server side is a single server running the presentation,

application, and database code that uses multiple internal
processes to communicate information across these distinct
functions.

• The most fundamental changes to the thick client and single-

server model started when web-based applications first
appeared.
The Client/Server Model and Its
Evolution:
• Web-based applications rely on more standard interfaces and
message formats where applications are easier to share.
i.e. HTML and HTTP.

The migration from the classic client/server to a web-based

architecture implies the use of thin clients (web browsers), web
• servers, application servers, and database servers. The web
browser interacts with web servers and application servers, and
the web servers interact with application servers and database
servers.
The n-tier Model:

• Part b of Figure 2 shows the n-tier model. Figure 2 presents the

evolution from the classic client/server model to the n-tier
model.

• The n-tier model uses a thin client and a web browser to

access the data in many different ways.

• The server side of the n-tier model is divided into distinct

functional areas that include the web, applicationand
database servers.

• The n-tier model relies on a web architecture where the web

browser formats and presents the information received from the
web server.

• The server side in the web architecture consists of multiple and

distinct servers that are functionally separate. The n-tier model
can be the client and a web server; or the client, the web
server, and an application server.

• This model is more scalable and manageable it enables

application environments to evolve toward distributed
computing environments.
The n-tier Model:
Multitier Architecture Application Environment:

• Multitier architectures refer to the Data Center server farms

supporting applications that provide a logical and physical
separation between various application functions, such as
web, application, and database (n-tier model).

• For each server-side tier, there is a one-to-one mapping to a

network segment that supports the specific application function
and its requirements.

• Figure 4 presents the mapping from the n-tier model to the

supporting network segments used in a multitier design.
Multitier Architecture Application Environment:

• The web server tier is mapped to the front-end segment, the

business logic to the application segment, and the database tier
to the back-end segment.

• Notice that all the segments supporting the server farm connect
to access layer switches, which in a multitier architecture are
different access switches supporting the various server
functions.

Types of Server Farms:

• As depicted in Figure 1, three distinct types of server farms

exist:
• Internet Server Farm.
• Extranet Server Farm.
• Intranet Server Farm.

• Server farms are at the heart of the Data Center.

• In fact, Data Centers are built to support at least one type of
server farm.
• Although different types of server farms share many architectural
requirements, their objectives differ.
Types of Server
Farms:
• Each type of server farm has a distinct set of infrastructure,
security, and management requirements that must be
addressed in the design of the server farm.

• Although each server farm design and its specific topology

might
be different, the design guidelines apply equally to them all.

Internet Server Farms:

• As their name indicates, Internet server farms face the Internet.
This implies that users accessing the server farms primarily are
located somewhere on the Internet and use the Internet to reach
the server farm.

• The server farm services and their users rely on the use of web
interfaces and web browsers, which makes them pervasive on
Internet environments.

Two distinct types of Internet server farms exist:

• Dedicated Internet Server Farm.

• DMZ Server Farms (demilitarized zone).
Dedicated / DMZ Internet Server Farm :
• The dedicated Internet server farm, shown in Figure is built to
support large-scale Internet-facing applications that support the
core business function. Typically, the core business function is
based on an Internet presence or Internet commerce.

• Security and scalability are a major concern in this type of server

farm. On one hand, most users accessing the server farm are
located on the Internet, thereby introducing higher security risks;
on the other hand, the number of likely users is very high, which
could easily cause scalability problems.

• The Data Center that supports this type of server farm is often
referred to as an Internet Data Center (IDC).

• The next type of Internet server farm, shown in Figure 6, is built

to support Internet-based applications in addition to Internet
access from the enterprise. This means that the infrastructure
supporting the server farms also is used to support Internet
access from enterprise users. These server farms typically are
located in the demilitarized zone (DMZ) because they are part of
the enterprise network yet are accessible from the Internet.
These server farms are referred to as DMZ server farms, to
differentiate them from the dedicated Internet server farms.
Dedicated Internet Server
Farm :
DMZ Internet Server Farm :
Intranet Server Farm :
• The evolution of the client/server model and the wide adoption of
web-based applications on the Internet was the foundation for
building intranets.
• Intranet server farms resemble the Internet server farms in their
ease of access, yet they are available only to the enterprise’s
internal users.
• Notice that the intranet server farm module is connected to the
core switches that form a portion of the enterprise backbone and
provide connectivity between the private WAN and Internet Edge
modules.
• Internet users typically are not permitted access to the intranet;
however, internal users using the Internet as transport have
access to the intranet using virtual private network (VPN)
technology.
• The Internet Edge module supports several functions that
include the following:
• Securing the enterprise network
•Controlling Internet access from the intranet
• Controlling access to the Internet server farms

• The Data Center provides additional security to further protect

the data in the intranet server farm. This is accomplished by
applying the security policies to the edge of the Data Center as
well as to the applicable application tiers when attempting to
harden communication between servers on different tiers.
Intranet Server Farm :
Extranet Server
Farm : a functional perspective, extranet server farms sit between
• From
Internet and intranet server farms. Extranet server farms
continue the trend of using web-based applications, but, unlike
Internet- or intranet-based server farms, they are accessed only
by a selected group of users that are neither Internet- nor
intranet-based.

• The main purpose for extranets is to improve business-to-

business communication by allowing faster exchange of
information in a user-friendly and secure environment.

• The purpose of the extranet is to provide server farm services to

trusted external end users, there are special security
considerations.

• Many factors must be considered in the design of the extranet

topology, including scalability, availability, and security.
Dedicated firewalls and routers in the extranet are the result
of a highly secure and scalable network infrastructure for partner
connectivity.

• Notice that the extranet server farm is accessible to internal

users, yet access from the extranet to the intranet is prevented
or highly secured. Typically, access from the extranet to the
intranet is restricted through the use of firewalls.
Extranet Server
Farm :
Muhammad
Asif
BSITF13MM033
 Data Center Architecture
• Aggregation Layer

1) aggregation point for devices that provide

services.(multilayer switches, firewalls, load balancers)

2) multilayer switches referred as aggregation switches

because of the aggregation function they
perform.

3) Service devices are shared by all server

farms.

4) Support traditional switching, packets on Layer 3 Layer2.

5) support Layer 3 and Layer 2 connectivity, protocols and

features.
Data Center Architecture
 Data Center Architecture
Access Layer
1) Front-End Segment
2) Application Segment
3) Back-End Segment
 Data Center Architecture
• Storage Layer

1) consists of the storage infrastructure (switches

,
routers, iSCSI, FCIP).
2) Storage network devices provide the connectivity to
servers.
3) network used by these storage devices is referred to as a
SAN.
4) The Data Center is the location where the consolidation
of applications, servers, and storage occurs.
5) The current trends in server and storage consolidation
are the result of the need for increased efficiency in the
application environments and for lower costs
of operation.
 Data Center Architecture
• Data Center environments are expected to
support high-speed communication between
servers and storage and between storage
devices.
 Data Center Architecture
Transport Layer
• Builds on the network layer to deliver the data
across the networks.
• Provide end-to-end connectivity across the
network. And segments carry the data from
one network to another.
• Different kind of transport services TCP and
UDP.
• 4) D-C transport layer includes the transport
technologies such as,
1)Communication between distributed Data
Centers for rerouting client-to-server traffic.
2)Communication between distributed server
farms located in distributed Data Centers.
• Transport technologies must support a wide
range of requirements for bandwidth and
latency depending on the traffic profiles.
 Data Center Architecture
• For user-to-server communication, the possible
technologies include Frame Relay, ATM, DS
channels in the form of T1/E1 circuits, Metro
Ethernet, and SONET.
• For server-to-server and storage-to-storage
communication, the technologies required are
dictated by server media types and the transport
technology that supports them transparently.
Systems Connectivity (ESCON), GE, and ATM.
 Data Center Topologies
• Generic Layer 3/Layer 2 Designs:
 Data Center Topologies
• Forwarding packets based on Layer 3 information
between the server farm and the rest of the network,

1) Maintaining a “view” of the routed network that is

expected to change dynamically as network changes
take place.
2) Supporting default gateways for the server farms.

• The key Layer 2 performed by the

functions aggregation as
switches are follows,
1) Spanning Tree Protocol (STP) 802.1d between
aggregation and access switches to build a loop-free
forwarding topology.
2) STP enhancements beyond 802.1d that improve the
default spanning-tree behavior, such as 802.1s,
802.1w, Uplink fast, Backbone fast, and Loop guard.
3) VLANs for logical separation of server farms.
4) Other services, such as multicast and ACLs for services
such as QoS, security, rate limiting, broadcast
suppression, and so on.
Nauman
Ansar
BSITF13MM016
 Topic # 1
Multiple Tier Designs
Multiple-tier
designs
Most applications conform to either the client/server model or
the n-tier model, which implies most networks, and more server
farms needed who support these application environments
The tiers supported by the Data Center infrastructure are driven by
the specific applications and could be any combination of
applications from the client/server to the client/web
server/application server/database server.
 The communication requirements between tiers are typically
highe security(firewalling), scalability and performance(load
balancers).
Multiple Tier
Design
Example::
I. Suppose that you have multiple types of web servers supporting
different applications, and some of these applications follow
the n-tier model.
II. The server farm could be partitioned along the lines of
applications
or functions.
 All web servers, regardless of the application(s) they
support, could be part of the same server farm
 the application servers could be part of a separate server
III. Thefarm
sameon a different
logic used to subnet
scale the web tier, a load balancer
logically could be placed between the web tier and the
application tier to scale the application tier from the web tier
perspective.
 Topic # 2
Expanded Multi Tier Designs
 Expanded Multi Tier Design:

 In Figure that there is physical separation between the tiers

of servers.

 Physical separation is used to achieve greater control over

the
deployment and scalability of services.

 The expanded design is more costly because it uses more

devices, yet it allows for more control and better scalability

 For example, placing a firewall between tiers is regarded as a

more secure approach because of the physical separation between
the Layer 2 switches
Expanded Multi Tier Design:
 Topic # 3
Collapsed Multi Tier Designs
Collapsed Multitier
Design
 A collapsed multitier design is one in which all the server farms
are directly connected.There Is no physical separation between
the Layer 2 switches
 The services are concentrated at the aggregation layer
 The service devices are used by the front-end tier and between
tiers
 Using a collapsed model, there is no need to have a set of
load balancers dedicated to a particular tier.
 This reduces cost but management of devices is more
challenging
and the performance demands are higher.
 The service devices, such as the firewalls, protect all server
tiers from outside the Data Center, but also from each other.
Collapsed Multi Tier design
 Topic # 4
Fully Redundant Layer 2 and Layer 3 Designs
 Redundancy

 Up to this point, all the topologies that have been

presented are fully redundant. By Looking at
these aspects we want to answer following
question::

 Why We Need Of Redundancy???

 Answer It With An Example..

The Need Of
Redundancy
 Following Figure explains the steps for building a
redundant topology
 We Will make the topology Redundant By Following
SOME logical steps
 There is a single NIC and a single switch, and if the NIC or
switch
fails, the server and applications become unavailable
 Step 1: Make dual power supplies Add a
second switch (Figure Part b)
 In options a and b, the port density is limited to the
capacity of the
two switches
 Step 2: Add Layer 2 access switches to the topology to
provide direct server connectivity.(Figure Part c)
Redundancy:
The need of
redundancy
 The design described in option c still has a problem If the Layer
2
switch fails, the servers lose their only means of communication.

 Step 3: The solution is to dual-home servers to two

different Layer 2 access switches (Figure Part d)
Anas Nawaz
BSITF13MM012
Data Center Services
• This section presents an overview of the services supported by the
Data Center architecture Related technology and features make up
each service.

• Data Center Services is that

– IP Infrastructure Services
– Application Services
– Security Services
– Storage Services
 IP Infrastructure Services:
• The IP infrastructure represents a key boundary between a
communications medium and the applications that are built upon this
medium.

• The basic unit of the IP infrastructure is the "packet".

• A packet is like an envelope for mail.

• The IP infrastructure features are organized as follows:

– Layer 2
– Layer 3
– Intelligent Network Services
 Layer
2
• Layer 2 is a data link layer

• Layer 2 refers to the Data Link layer of the commonly-referenced

multilayered communication model, Open Systems Interconnection (OSI).
The Data Link layer is concerned with moving data across the physical links
in the network.

• The Open Systems Interconnection model (OSI model) is a

conceptual model that characterizes and standardizes the communication
functions of a telecommunication or computing.

• Layer 2 features support the Layer 2 adjacency between the server farms
and the service devices virtual local area network (VLANs),Media Access
Control (MAC), Spanning Tree Protocol (STP).
OSI Model
VLAN
• A VLAN is a group of devices on one or more LANs that are configured
to communicate as if they were attached to the same wire, when in fact
they are located on a number of different LAN segments.
Spanning Tree Protocol (STP)
• Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on
bridges and switches.

• The main purpose of STP is to ensure that you do not create loops
when you have redundant paths in your network.

• The specification for STP is IEEE(Institute of Electrical and Electronics

Engineers) 802.1D
Layer
•3 Layer 3 is a network layer

• The network layer is responsible for packet forwarding including routing

through intermediate routers, whereas the data link layer is responsible for
media access control, flow control and error checking.
• Connection model
– connectionless communication
• Host addressing
– Every host in the network must have a unique address that determines
where it is
• Message forwarding
– Since many networks are partitioned into sub-networks and connect to
other networks for wide-area communications, networks use
specialized hosts, called gateways or routers, to forward packets
between networks
Figure 6.4
Intelligent Network Services
• The most common features are QoS and multicast
• Quality of service (QoS)
• is the overall performance of a telephony or computer network,
particularly the performance seen by the users of the network.
• important intelligent network services such as private
VLANs (PVLANs) and policy-based routing (PBR)
• private VLANs:
Private VLANs also known as port isolation, is a technique in computer
networking where a VLAN contains switch ports that are restricted such
that they can only communicate with a given "uplink". The restricted
ports are called "private ports"
• policy-based routing:
including source or destination network, source or destination address,
source or destination port, packet size, and packet classification among
others
Intelligent Network Services
Figure 6.6
Multicast
• multicast (one-to-many or many-to-many distribution) is
group communication where information is addressed to
a group of destination computers simultaneously

• Multicast in the Data Center enables the capabilities

needed to reach multiple users concurrently
Application Services
• The following is a list of those features
• Load balancing
• Caching
• SSL termination
• Load balancing:
Load balancing is dividing the amount of work that a computer has to do
between two or more computers so that more work gets done in the same
amount of time and, in general, all users get served faster.
• Load balancers perform two core functions:
1. Scale and distribute the load to server farms
2. Track server health to ensure high availability.
You also can add new servers, thus scaling the capacity of a server farm,
without any disruption to existing services.
• Caching:
Caching is an area of a computer’s memory devoted to temporarily storing
recently used information.

• SSL(Secure Sockets Layer) termination:

SSL termination refers to the process that occurs at the server end of
an SSL connection, where the traffic transitions between encrypted and
unencrypted forms.
Figure 6.8
• Service Deployment Options
• Design Considerations with Service Devices

Intrusion Detection
System
Security Services
• Access control lists
An access control list (ACL), with respect to a computer file system, is a list
of permissions attached to an object. An ACL specifies which users or
system processes are granted access to objects , as well as what
operations are allowed on given objects.
ACLs filter packets. Packet filtering through ACLs can prevent unwanted
access to network infrastructure devices.
• Firewalls
A firewall is a system designed to prevent unauthorized access to or from a
private network. Firewalls can be implemented in both hardware and
software, or a combination of both.
Security Services
• Secure management
– Simple Network Management Protocol (SNMP)
it is a standard way of monitoring hardware and software
• Provide Read/Write abilities configure IP addresses
• Collect information on how much bandwidth is being used
• devices can send alerts to a monitoring station on error conditions
– Secure shall (SSH)
sometimes known as Secure Socket Shell, is a UNIX-based command
interface and protocol for securely getting access to a remote
computer. It is widely used by network administrators to control Web
and other kinds of servers remotely.
– authentication authorization and accounting (AAA)
The transactions of all authorized and authenticated users are
logged for accounting purposes, for billing, or for postmortem analysis
Storage Services
• Storage
– storage is the place where data is held in an electromagnetic or optical
form for access by a computer processor
• Storage services include the capability of consolidating direct attached
disks by using disk arrays that are connected to the network.
• SAN(storage area network) is a high-speed network of storage devices
that also connects those storage devices with servers. It provides block-
level storage that can be accessed by the applications running on any
networked servers.
• Types of managed storage
• locally managed storage
Advantages of this type of storage include a high-speed access to data and greater
control over data availability. A disadvantage is that additional space is required at local
site
to store the data
• remotely managed storage
Advantages of this type of storageare that it may be used an off site backup, it offers global
access (depending upon configuration) and adding storage will not require
additionalspace
at the local site. However, if the network providing connectivity to the remote data is
interrupted, there will be data availability issues, unless distributed file systems are in
use.
 Cost:
.
Description Material cost Labor cost Total cost

Engineering 3,00,000 2,00,000/ 5,00,000/-

Web server 1,00,000 1,00,000 2,00,000/-

All Devices & wire 12,00,000 8,00,000 20,00,000/-

Network equipment 4,00,000 1,00,000 5,00,000/-

Database Server 5,00,000 1,00,000 6,00,000/-

App server 1,00,000 4,00,000 5,00,000/-

CCTV system 2,00,000 50,000 2,50,000/-

Total 45,50,000/-
Thank you for giving your precious time.