Panko Bdnt7e ch07

Wide Area Networks
(WANs)
© 2009 Pearson Education, Inc. Publishing as Prentice Hall 7-1

7-1: Wide Area Networks (WANs)
1
• Wide Area Networks (WANs)

– Connect different sites
– (LANs connect hosts within sites)
• WAN Purposes
– Provide remote access to individuals who are off site
– Link sites within the same corporation
– Provide Internet access
7-2
© 2009 Pearson Education, Inc. Publishing as Prentice Hall
• WANs and the Telephone Network

– Most WANs use the PSTN transport system for
transmission
– Public data carrier services add switching and

management to create a WAN
7-3
• Carriers
– Beyond their physical premises, companies must use the
services of regulated carriers for transmission
– Companies are limited to whatever services the carriers

provide
– Prices for carrier services often change abruptly and

without technological reasons
– Prices and service availability vary from country to

country
7-4
• High Costs and Low Speeds

– High cost per bit transmitted, compared with LANs
– Consequently, lower speeds (most commonly 256 kbps

to about 50 megabits per second)
7-5
7-2: Leased Line Networks for Voice and Data
7-6
7-2: Leased Line Networks for Voice and Data
7-7
7-3: Full Mesh and Pure Hub-and-Spoke
Topologies for Leased Line Data Networks
Site A Site B
Full Mesh Topology
OC3 Leased Line
In a full mesh topology, T3

there is a leased line Leased
Line
between each pair of sites T3
Leased T1
Highly reliable Line Leased
T1 expensive Line
Highly
Leased
Line
Site C Site D
7-8
7-3: Full Mesh and Pure Hub-and-Spoke
Topologies for Leased Line Data Networks
1
In a pure hub-and-spoke
topology, there is only
one leased line from the
hub site to each other site
Very inexpensive
Very unreliable
Few companies use either of these extreme topologies.

They have some backup links
7-9
• Evolution of WAN Technology

– Layer 1: Leased line service and networks
– Layer 2: Public switched data networks (PSDNs)
– Layer 3: Virtual Private Networks (VPNs) over the

Internet and IP carrier networks
7-10
Leased Lines
Layer 1 Carrier WAN Service

Leased Lines
• Circuits between two sites

• Always on
• All-digital
• High speeds
• Physical layer operation only
– Companies must add their own switching and
management
7-12
7-4: Leased Line Speeds
North American Digital Hierarchy

Line Speed Typical Transmission
Medium
56 kbps or 64 kbps 56 kbps or 64 kbps *2-Pair Data-Grade UTP
(rarely offered)
T1 1.544 Mbps *2-Pair Data-Grade UTP
Fractional T1 128 kbps, 256 kbps, *2-Pair Data-Grade UTP
384 kbps, 512 kbps,
768 kbps
Bonded T1s (multiple Small multiples of *2-Pair Data-Grade UTP
T1s acting as a 1.544 Mbps
single line)
T3 44.736 Mbps *Optical Fiber
*Usually must be pulled to the customer’s premises. This is expensive
7-13
CEPT Hierarchy
Line Speed Typical Transmission

Medium
64 kbps 64 kbps 2-Pair Data-Grade UTP
E1 2.048 Mbps 2-Pair Data-Grade UTP
E3 34.368 Mbps Optical Fiber
The CEPT hierarchy is widely used in Europe
7-14
SONET/SDH Speeds
Line Speed (Mbps) Typical Transmission Medium

OC3/STM1 155.52 Optical Fiber
OC12/STM4 622.08 Optical Fiber
OC48/STM16 2,488.32 Optical Fiber
Above 50 Mbps, the world uses the same standard,

which has two slight variations: SONET (UH) and SDH (Europe).
These two variants interoperate without problems.
7-15
7-5: Connecting to a Leased Line
Routers need CSU/DSUs to connect to leased lines.

The CSU terminates the telephone line and protects the telephone
system from harmful voltages and signals.
The DSU converts between the router’s data signals and the digital
Signals that the PSTN is expecting to receive from the firm.
Conversion is needed because digital signals can vary in
transmission speed, voltage levels, clock cycle duration, etc.
7-16
Figure 7-6: ADSL versus Business-Class
Symmetric Digital Subscriber Line (DSL) Services
ADSL HDSL HDSL2 SHDSL

Uses existing 1-pair Yes* Yes* Yes* Yes*
voice-grade UTP
telephone access line
to customer premises?*
Target Market Residences Businesses Businesses Businesses
Downstream A few 768 kbps 1.544 Mbps 384 kbps–
Throughput megabits per 2.3 Mbps
second
Upstream Throughput Slower than 768 kbps 1.544 Mbps 384 kbps–
downstream 2.3 Mbps
QoS Throughput No Yes Yes Yes
Guarantees?
*By definition,
ALL DSLs use 1-pair voice-grade UTP residential access lines
7-17
Public Switched Data
Networks (PSDNs)
Layer 2 Carrier WAN Services

Public Switched Data Networks (PSDNs)
1
• Leased Line Data Networks
– Use many leased lines, which must span long distances
between sites
– This is very expensive
– Company must design and operate its leased line
network
• Public Switched Data Networks (PSDNs)

– Carrier does more of the operational and management
work
– Total cost of technology, service, and management
usually lower than leased line networks
7-19
7-8: Public Switched Data Network (PSDN)
Site A Site B
POP POP
Network (PSDN)
POP One Private

Point of Presence POP
Line Access
Line per Site
In Public Switched Data Networks,
the PSDN carrier handles all switching.
Reduces the load on the network staff.
The PSDN central core is shown as a cloud

to indicate that the user firm does not
Site
have toCknow how the network Siteoperates.
D Site E
7-20
7-8: Public Switched Data Network (PSDN)
Site A Site B
POP POP
Network (PSDN)
POP One Private

Point of Presence POP
Line Access
Line per Site
In Public Switched Data Networks,

the customer needs a single leased line
from Site
eachC
site to one of the PSDN
Site D
carrier’s Site E
points of presence (POPs)
7-21
7-7: PSDNs
• PSDNs Typically Offer Service Level Agreements
– Guarantees for throughput, availability, latency, error
rate, etc.
– An SLA might guarantee a latency of no more than 100

ms 99.99 percent of the time
• SLA guarantees no worse than a certain worst-case
level of performance
7-22
7-9: Virtual Circuit Operation
Virtual
Circuit
Switch A Switch B
Frame with
VC Number 47
Switch C
Switch D Virtual
The internal cloud network
Circuit
is a mesh of switches.
Switch A Switching Table Switch E
Virtual Circuit Port This creates multiple alternative paths.
Server
47 2
270 3
This gives reliability.
982 3
5 1
7-23
Virtual
Circuit
Switch A Switch B
Frame with
VC Number 47
Switch C
Switch D Virtual
Mesh switching is slow because
Circuit
Switch A Switching Table each switch must evaluate each
Switch E
available alternative paths
Virtual Circuit Port Server
47 2
and select the best one.
270 3
This creates expensive switching.
982 3
5 1
7-24
Before communication begins between
sites, the PSDN computes
Virtual
Circuit a best path, called a virtual circuit.
Switch A All frames travelSwitch

along B this virtual circuit.
Frame with
VC Number 47
Switch C
Switch D Virtual
Circuit
47 2
270 3
982 3
5 1
7-25
Virtual Each frame has a virtual circuit number

Circuit instead of a destination address.
Switch A Switch B
Frame with
VC Number 47 Each switch looks up the VC number
in its switching table, sends the frame
out the indicated port.
Switch C
VCs greatly reduce switching costs.

Switch D Virtual
Circuit
47 2
270 3
982 3
5 1
7-26
7-10: Frame Relay
• There are several PSDN services

– Frame Relay
– ATM
– Metropolitan area Ethernet
7-27
7-10: Frame Relay
• Frame Relay Is the Most Popular PSDN Service
Today
– 56 kbps to 40 Mbps
– This fits the range of greatest corporate demand for

WAN speed
– Usually less expensive than a network of leased lines
– Grew rapidly in the 1990s, to be come equal to leased

line WANs in terms of market share (about 40%)
– Carriers have recently raised prices, reducing growth
7-28
7-11: Frame Relay Network Elements
The access device usually

1. Consists of a router and CSU/DS
Customer Access Device Or a Frame Relay Access
Premises A Device (FRAD) and a CSU/DSU
Switch
POP
Customer Customer
Premises B Premises C
Customer 2.
Premises A Leased Access
Line to POP
Switch
POP
There is a leased access line

from each site to the POP
Customer Customer
3.
Port
Customer Speed
Premises A Charge at
POP
Switch
POP has a switch with ports
Switch
POP
The port speed charge is based
on the port speed used
The port speed charge usually

Is the biggest part of PSDN costs
Customer Customer
7-12: ATM
• Asynchronous Transfer Mode

• For Speeds Greater than Frame Relay Can
Provide
– 1 Mbps up to several gigabits per second
• Not a Competitor for Frame Relay

– Most carriers provide both FR and ATM
– May even interconnect the two services
7-32
7-12: ATM
Payload Header
53 Octets 5 Octets
• Short Frames
– Most frames have variable length
– All ATM frames are a very short 53 octets in length
• 5 octets of header
• 48 octets of data (payload)
• No trailer
• 53 octets total
– Short length minimizes latency (delay) at each switch
7-33
7-12: ATM
• ATM Has Strong Quality of Service (QoS)

Guarantees for Voice Traffic
– Not surprising because ATM was created for the PSTN’s
transport core, and voice needs high quality of service
– For pure data transmission, however, ATM does not

provide QoS guarantees
• Data gets whatever is left over after guaranteed
capacity for voice and video
7-34
7-12: ATM
1
• Manageability, Complexity, and Cost

– Very strong management tools for large networks
(designed for the PSTN)
– Too complex and expensive for most firms
• ATM’s Future?
– May flourish after firms outgrow Frame Relay speeds
– However, metropolitan area Ethernet should be a strong
competitor
– ATM is flourishing in a different market, the PSTN core
• Rapidly replacing circuit switching in the PSTN core
7-35
7-13: Metropolitan Area Ethernet
• Metropolitan Area Network (MAN)

– A carrier network limited to a large urban area and its
suburbs
– Metropolitan area Ethernet (metro Ethernet) is available

for this niche
– Metro Ethernet is relatively new, but is growing very

rapidly
7-36
1
• Services
– E-Line Service
• Provides a point-to-point connection between sites, as
leased lines do
– E-LAN Service
• Links multiple sites simultaneously
7-37
• Attractions of Metropolitan Area Ethernet

– Low prices per bit transmitted
– High speeds
– Familiar technology for networking staff
– Rapid provisioning
• Rapid capacity increases for special events
7-38
• Carrier Class Service

– Basic metro Ethernet standards are insufficient for large
WANs (wide area networks)
– Quality of service and management tools must be

developed
– The goal: To provide carrier class services that are

sufficient for customers
7-39
• 802.3ad standard
– Ethernet in the first mile
– Standard for transmitting Ethernet signals over PSTN
access lines
– 1-pair voice-grade UTP, 2-pair data-grade UTP, optical
fiber
7-40
Layer 3 Carrier WAN Service
IP Carrier Networks
The Internet with Virtual Private Networks

7-14: The Internet Versus IP Carrier
Networks
• IP Is Increasingly Important
– Companies know it and are comfortable with it
• A common mantra is “IP over everything”
– There are two ways to use IP at Layer 3 for WAN
transmission:
• IP carrier networks are like PSDNs but work at Layer
3 instead of Layer 2
• Companies can communicate over the Internet,
adding a cryptographic VPN for security
7-42
7-14: The Internet Versus IP Carrier
Networks
• Advantages using of the Internet as a WAN

– Low cost per bit transmitted because of economies of
scale in the Internet
– Access to other companies, nearly all of which are
connected to the Internet
– IP carrier networks can offer QoS SLAs
• IP is only a best-effort protocol
• But companies can engineer their networks for full QoS
• Customers must connect all sites to the same ISP for
this to work
7-43
7-14: The Internet versus IP Carrier
Networks
• Security
– If companies act on their own, they can add virtual
private network (VPN) protection to their transmissions
– IP Carrier Network Security
• IP Carrier Networks have some inherent security
– Restrict access to business customers
• However, for real security, virtual private networks
(VPNs) are needed
– IP carrier networks provide cryptographic
equipment at each site
7-44
7-15: Route-Based Virtual Private
Network (VPN) in an IP Carrier Network
7-45
7-16: Cryptographic Virtual Private Networks
(VPNs)
Site-to-Site
VPN
Tunnel
Protected VPN VPN Protected
Server Gateway Internet Gateway Client
Corporate Corporate
Site A Site B
Host-to-Host
VPN Remote
Access
VPN
A VPN is communication over the
Remote access VPNs Remote
Internet with added security
Corporate
protect traffic for individual users
PC
7-46
7-16: Cryptographic Virtual Private Networks
(VPNs)
Site-to-Site
VPN
Tunnel
Protected VPN VPN Protected
Server Gateway Gateway Client
Internet
Site-to-site VPNs
Corporate Corporate
Site A
protect traffic between sites Site B
Will dominate VPN traffic

Host-to-Host
VPN Remote
Access
VPN
A VPN is communication over the
Remote
Internet with added security
Corporate
PC
7-47
Cryptographic VPN Technologies
1
• IPsec for any type of VPN

– Offers very high security
– Complex and expensive
• SSL/TLS for low-cost transmission

– Secure browser-server transmission
– Remote access VPNs
– Uses the Internet but does not use IP directly
7-48
7-17: IPsec Transport and Tunnel Modes
Site Transport Mode

Site
Network Network
Secure Connection
Secure Secure
Extra Extra
in Site in Site
Software, Secure on Software,
Network Network
Digital the Internet Digital
Certificate, Certificate,
and Setup and Setup
Required IPsec is the strongest VPN security technology. Required
IPsec transport mode gives host-to-host security
however, software must be added to each host,
each host must be given a digital certificate,
and each host must be setup (configured).
This is expensive if a firm has many hosts.
7-49
7-17: IPsec Transport and Tunnel Modes
IPsec Tunnel Mode IPsec

Gateway Gateway
Site Site
Network Tunneled
Network
Connection
No Extra No No No Extra
Software, Security Security Software,
Digital in Site Secure on in Site Digital
Certificate, Network the Internet Network Certificate,
or Setup or Setup
Required In IPsec tunnel mode, there is only security over Required
the Internet between IPsec gateways at each site
No security within sites, but no
software, setup or certificates on individual hosts
Inexpensive compared to transport mode
7-50
7-18: SSL/TLS for Browser–Webserver
Communication
2. Webserver
PC with
Protects All Application Layer Traffic with Built-in
Browser Already
Installed That Is SSL/TLS Aware SSL/TLS Support
(WWW and Sometimes E-Mail)
1. SSL/TLS Operates at the Transport Layer
No additional software is needed on the user PC.
IPsec works at the internet layer.

SSL/TLS works at the transport layer.
SSL/TLS only protects SSL/TLS-aware applications.
This primarily means HTTP and some e-mail.
SSL/TLS is built into every browser and webserver,
So no setup on clients.
7-51
7-19: SSL/TLS with a Gateway
The Internet
3.
HTTP Server
2.
SSL/TLS Browser
3.
Gateway Connection
4. Database to Webserver
Server
4.
1,
Webified
Client
Output
With
Browser
SSL/TLS gateways turn SSL/TLS into a remote access VPN technology,

Gives access to multiple internal webservers.
Can “webify” some other applications for viewing on browsers as webpages.
Can give access to other servers.
7-52
Figure 7-20: Market Perspective
• Leased Line Networks

– Dominated WAN transmission until the 1990s
– But leased line networks are difficult to set up and
expensive to run
– Recent spurt in use because of reduced leased line
prices and rising Frame Relay prices
– Also, growing use for access lines in PSDNs and VPNs
anyway
7-53
• Frame Relay
– Grew explosively in the 1990s
– Became very widely used
– FR prices have risen recently in an effort by carriers to
increase their profit margins
– Widely used and familiar, but now considered a legacy
technology
7-54
• ATM
– Very high speeds, but very high price
– Not thriving in the corporate market
7-55
• Metro Ethernet
– Price and speed are very attractive
– Growing very rapidly
– Limited to metropolitan area networking, at least for now
– Still somewhat immature technically
7-56
• Internet Transmission
– The Internet offers a very low cost per bit transmitted
• VPNs provide security for Internet transmission
– Companies can build their own IP WANs by transmitting
over the Internet
• Must add cryptographic VPN security
– Companies can also subscribe to IP carrier services

• IP carrier services also offer QoS
– IP WAN usage is growing rapidly
7-57
Topics Covered

WANs
• Wide Area Networks
– Carry data between different sites, usually within a
corporation
– High-cost and low-speed lines
• 256 kbps to about 50 megabits per second
– Carriers
– Purposes
• Internet access, site-to-site connections, and remote
access for Individuals
– Technologies
• Leased line networks, public switched data networks,
and IP service with VPNs
7-59
Leased Line Networks
• Leased Lines are Long-Term Circuits
– Point-to-Point
– Always On
– High-speeds
• Operate at Layer 1
• Device at Each Site
– PBX for leased line voice networks
– Router for leased line data networks
• Pure Hub-and-Spoke, Full Mesh, and Mixed

Topologies
7-60
Leased Line Networks
• Many Leased Line Speeds

– Fractional T1, T1, and bonded T1 dominate in the U.S.
– Slowest leased lines run over 2-pair data-grade UTP
– Below about 3 Mbps, 2-pair data grade UTP
– Above 3 Mbps, run over optical fiber
– North American Digital Hierarchy, CEPT, and other
standards below 50 Mbps
– SONET/SDH above 50 Mbps
– Symmetrical DSL lines with QoS
7-61
Public Switched Data Networks
• PSDNs
– Operate at Layer 2
– Services offered by carriers
– Customer does not have to operate or manage
– One leased line per site from the site to the nearest POP
– By reducing corporate labor, often cheaper than leased
line networks
– Service Level Agreements
– Virtual circuits reduce costs
7-62
Frame Relay PSDNs
• Frame Relay
– Most popular PSDN
– 56 kbps to about 40 Mbps
– Access devices, CSU/DSUs, leased access lines, POP
ports, virtual circuits, management
• Usually POP port speed charges are the biggest cost
component
• Second usually are PVC charges
– Leased line must be fast enough to handle the speeds of
all of the PVCs multiplexed over it
7-63
Other PSDNs
• ATM
– High speed and cost
– Low use
• Metro Ethernet
– Extending Ethernet to MANs
– Very attractive speeds and prices
– Small but growing rapidly
– Still immature management tools
• Carrier IP Networks
– Essentially, private Internets with QoS and security
– Carriers want to use it to replace Frame Relay
7-64
IP Transmission
• Transmission at Layer 3
– Trend toward IP over everything
• Carrier IP Networks
– Essentially, private Internets with QoS
– Typically, offer noncryptographic VPNs
• Virtual private networks
• Hide routing from different subscribers
• Not good security
– Carriers want to use carrier IP networks to replace Frame
Relay
7-65
Virtual Private Networks (VPNs)
• The Internet is inexpensive and universal

– Cryptographic VPNs add security to transmission over
the Internet (or any other untrusted network)
• IPsec
– The strongest security for VPNs
– Tunnel mode between sites is inexpensive
– Transport mode between hosts is expensive
• SSL/TLS
– First for browser communication with a single webserver
– SSL/TLS gateways make it a full remote access VPN
7-66
Market Perspective
• Stagnant
– Leased line networks
– Frame Relay
– ATM
• Rapid Growth
– Metro Ethernet
– Corporate transmission over the Internet with VPNs
– Carrier IP networks
7-67

Panko Bdnt7e ch07

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Panko Bdnt7e ch07

Uploaded by

Copyright:

Available Formats

Wide Area Networks

© 2009 Pearson Education, Inc. Publishing as Prentice Hall 7-1

• Wide Area Networks (WANs)

• WANs and the Telephone Network

– Public data carrier services add switching and

– Companies are limited to whatever services the carriers

– Prices for carrier services often change abruptly and

– Prices and service availability vary from country to

• High Costs and Low Speeds

– Consequently, lower speeds (most commonly 256 kbps

OC3 Leased Line

In a full mesh topology, T3

Few companies use either of these extreme topologies.

• Evolution of WAN Technology

– Layer 2: Public switched data networks (PSDNs)

– Layer 3: Virtual Private Networks (VPNs) over the

Layer 1 Carrier WAN Service

© 2009 Pearson Education, Inc. Publishing as Prentice Hall 7-11

• Circuits between two sites

North American Digital Hierarchy

Line Speed Typical Transmission

E1 2.048 Mbps 2-Pair Data-Grade UTP

E3 34.368 Mbps Optical Fiber

The CEPT hierarchy is widely used in Europe

Line Speed (Mbps) Typical Transmission Medium

Above 50 Mbps, the world uses the same standard,

Routers need CSU/DSUs to connect to leased lines.

ADSL HDSL HDSL2 SHDSL

Layer 2 Carrier WAN Services

© 2009 Pearson Education, Inc. Publishing as Prentice Hall 7-18

• Public Switched Data Networks (PSDNs)

POP One Private

The PSDN central core is shown as a cloud

POP One Private

In Public Switched Data Networks,

– An SLA might guarantee a latency of no more than 100

Switch A All frames travelSwitch

Virtual Each frame has a virtual circuit number

VCs greatly reduce switching costs.

• There are several PSDN services

– This fits the range of greatest corporate demand for

– Grew rapidly in the 1990s, to be come equal to leased

The access device usually

There is a leased access line

The port speed charge usually

• Asynchronous Transfer Mode

• Not a Competitor for Frame Relay

• ATM Has Strong Quality of Service (QoS)

– For pure data transmission, however, ATM does not

• Manageability, Complexity, and Cost

• Metropolitan Area Network (MAN)

– Metropolitan area Ethernet (metro Ethernet) is available

– Metro Ethernet is relatively new, but is growing very

• Attractions of Metropolitan Area Ethernet

• Carrier Class Service

– Quality of service and management tools must be

– The goal: To provide carrier class services that are

© 2009 Pearson Education, Inc. Publishing as Prentice Hall 7-41

• Advantages using of the Internet as a WAN

Will dominate VPN traffic

• IPsec for any type of VPN

• SSL/TLS for low-cost transmission