Download presentation
Presentation is loading. Please wait.
1
1 Network Architecture and Design Scope To cover the complete network design process from the initial drawings to the final implementation. To learn how to effectively combine all the “cutting edge” technologies to produce a functional network. Ten (10) Lectures Five (5) Intermediate Reports (IRs) An Overall Project (OP) Performance: 50%OP + 50%IRs
2
2 Network Architecture and Design IRs and OP An IR will extend the presented topics The OP will apply the obtained knowledge for solving an actual network design problem.
3
3 Network Architecture and Design Basic Tasks Gathering information Designing the network Assembling the network components Building the network Network monitoring
4
4 Network Architecture and Design Gathering Information Preparation and analysis Site survey Collection of requirements Organization and interpretation of the collected information Drawing up the project (time plan, resources, etc.) Submit the proposal
5
5 Network Architecture and Design Designing the Network Network hardware Hubs, bridges, switches, routers, etc. Protocols TCP/IP, IPX, NetBEUI, etc. Technologies ISDN, Frame Relay, DSL, etc. Host hardware and software Operating system Remote/Internet connectivity Dial-in, VPN, DNS, etc. Security Filtering routers, firewalls, etc.
6
6 Network Architecture and Design Assembling the Components Choosing hardware vendors Choosing software plan Licensing Find contractors Creating the final proposal (Release network specifications)
7
7 Network Architecture and Design Building the Network Ordering the equipment Cabling the workspace Assembling the servers Testing Final walk-through
8
8 Network Architecture and Design Network Monitoring Traffic monitoring Tracking important events Network resource management Firewalls Proxies Upgrade/maintenance
9
9 Network Architecture and Design The Course Focus on…… Designing a Network Using Modern Technologies
10
10 Network Architecture and Design IP – Overview Communication between computers on the internet: Internet Protocol (IP) Telephone network: Each user owns a unique telephone number Internet Each computer owns a unique IP address
11
11 Network Architecture and Design IP Overview IP in OSI model Application Layer Transport Layer Network Layer Physical Layer Presentation Layer Session Layer Logical Link Layer TCP, UDP IP Network Adapter Device Driver Application HTTPSMTPTELNETSNMPNFSFTPDNS
12
12 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP Telephony (VoIP)
13
13 Network Architecture and Design IPv4 Since today addressing is made according to version 4 of the Internet Protocol (IPv4) 4 Bytes 4.3 billions different addresses e.g. 169.21.54.69 17.232.89.22
14
14 Network Architecture and Design IPv4 Each address is constituted of the network prefix and the node prefix The number of bits of each prefix depends on the address class
15
15 Network Architecture and Design IPv4 Classes 7 bits24 bits Network prefix Node prefix 0 Class A 14 bits16 bits Network prefix Node prefix 10 21 bits8 bits Network prefix Node prefix 110 0.X.X.X – 127.X.X.X Class B 128.X.X.X – 191.X.X.X Class C 192.X.X.X – 223.X.X.X
16
16 Network Architecture and Design IPv4 Classes Α Class: 126 networks with 16 billions nodes Β Class: 16.000 networks with 16.000 nodes C Class: 2 billion networks with 256 nodes
17
17 Network Architecture and Design IPv4 -Example 195.23.5.17 195.23.5.25 135.5.7.69 135.5.7.34 135.5.6.X Internet Backbone Router Class C NetworkClass B Network Class C Subnetwork 135.5.7.X 195.23.5.X Class C Subnetwork 135.5.X.X
18
18 Network Architecture and Design IPv4 Packet Header Vers = 4IHLType of ServiceTotal Length IdentificationFlags Fragment Offset Time to LiveProtocolHeader Checksum Source Address Destination Address Options
19
19 Network Architecture and Design Limitations of IPv4 No global addressability Difficult do deploy new internet-wide applications No more addresses Address space will be exhausted by 2008 Too big routing tables
20
20 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP Telephony
21
21 Network Architecture and Design The need of Address Mapping Global addressing is too complex to be implemented on the whole internet No more addresses left Need of address reusing
22
22 Network Architecture and Design Network Address Translation (NAT) NAT: the process of swapping one address for another in the IP packet header NAT is used to allow privately-addressed hosts in the Internet Effective when connecting a small office or home office (SOHO) to the corporate network. By using NAT, a company does not have to allocate a "real" IP address for each of its remote users
23
23 Network Architecture and Design ΝΑΤ Devices (NAT boxes) This swapping process is performed by a device running specialized NAT software or hardware Examples of NAT boxes: Router Unix System Win2000 server
24
24 Network Architecture and Design Network Address Translation (NAT) Outside Addresses: Registered by a company or leased from a provider Inside addresses: Set aside to be used by anyone Two networks, or two million networks, can each use the same inside address Inside addresses cannot be used on the public Internet
25
25 Network Architecture and Design Network Address Translation (NAT) Inside Local Address – The IP address of an inside host as it appears to the other hosts of the network Inside local addresses can be used in other networks too
26
26 Network Architecture and Design Network Address Translation (NAT) Inside global address - The IP address of an inside host as it appears to outside networks Allocated from a globally unique address space, typically provided by the ISP
27
27 Network Architecture and Design Network Address Translation (NAT) Outside local address - The IP address of an outside host as it appears to the inside network Outside global address - The configured IP address assigned to a host in the outside network
28
28 Network Architecture and Design ΝΑΤ - Example 117.13.8.10 117.13.8.11 175.35.4.133 144.3.23.9 144.3.23.10 A B C NAT Inside local address Inside global address 117.13.8.10144.3.23.9 117.13.8.11 144.3.23.10 NAT TABLE Outside Global Inside Local
29
29 Network Architecture and Design Static ΝΑΤ A specific inside local address maps to a pre-specified inside global address The inside local and inside global addresses are statically mapped one for one Easy to implement Need of too many local addresses Local addresses = global addresses
30
30 Network Architecture and Design Dynamic ΝΑΤ Translations don't exist in the NAT translation table until the router receives traffic that requires translation Dynamic translations are temporary, and will eventually time out Only a few number of global addresses is needed
31
31 Network Architecture and Design NAT Overload Use Port Address Translation (PAT), which allows multiple inside addresses to map to the same global address This is sometimes called A "many-to-one" NAT Address overloading
32
32 Network Architecture and Design NAT Overload 117.13.8.10:13 117.13.8.11:25 117.13.8.12 :21 144.3.23.9:21 144.3.23.9:13 144.3.23.9:25 A B C NAT Inside local address Inside global address 117.13.8.10144.3.23.9 117.13.8.11144.3.23.9 117.13.8.12144.3.23.9 Communication port 13 25 21 TRANSLATION TABLE
33
33 Network Architecture and Design NAT Overload Over 65,000 inside addresses can theoretically map to a single outside address However, the actual number of translations supported is approximately 4,000 local addresses per global address
34
34 Network Architecture and Design NAT overload NAT overload can be used in conjunction with dynamic mapping: Use a one-to-one dynamic mapping until the available addresses are almost depleted, at which time NAT can overload the remaining address or addresses Overload the first address until it's maxed out, and then move on to the second address, and so on
35
35 Network Architecture and Design Limitations of NATs They wont work for a large number of “servers” (devices that are “called” by others, e.g. IP phones) They break most current IP multicast and IP mobility They break many existing applications They limit the market for new applications and services They compromise the performance, robustness and security of the Internet
36
36 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP Telephony
37
37 Network Architecture and Design Challenges to IP Addresses needed for 21 st century Estimated 20 billion people Multiple interfaces/node Multiple addresses/interface Internet devices will be more numerous, and not adequately handled by NATs mobile phones cards residential servers The solution: IPv6
38
38 Network Architecture and Design IPv6 IPv6 Address: 128 bits 3,4x10^38 different addresses Allows: multiple interfaces per host multiple addresses per interface Advanced routing functions unicast multicast anycast
39
39 Network Architecture and Design IPv6 Notation X:X:X:X:X:X:X:X where X is Hex values of 16 bits, e.g. FEDC:BA98:7654:3210:FEDC:BA98:7654:3210 Skip one sequence of zero words, e.g. FEDC:0000:0000:0000:9876:0000:0000:ABCD = = FEDC::9876:0000:0000:ABCD
40
40 Network Architecture and Design IPv6 Address Types According to the prefix there are 5 types of addresses Provider-based (global): Prefix:010 Local use: Link local: Prefix: 1111 1110 10 Site local: Prefix: 1111 1110 11 Multicast: Prefix: 1111 1111 Reserved unspecified, loop back, IPv6 with embedded IPv4 addresses: Prefix: 0000 0000
41
41 Network Architecture and Design IPv6 Address Types Global - Forwarded anywhere Link Local – Not forwarded outside the link Site Local – Not forwarded outside the site Link-LocalSite-Local Global
42
42 Network Architecture and Design IPv6 Provider Based Address Forwarded anywhere Variable size partitions Registry ID Provider ID Subscriber ID Subnet ID Interface ID 00010 3 5 16824 81648
43
43 Network Architecture and Design IPv6 - Link Local Address Not forwarded outside the link Notation: FE:80::xxx Interaface ID 01111 1110 10 10 bits n bits 118-n bits
44
44 Network Architecture and Design IPv6 - Site Local Address Not forwarded outside the site Notation: FE:C0::xxx Interaface ID 01111 1110 11 10 bits n bits 118-n bits
45
45 Network Architecture and Design IPv6 – Multicast Addresses Flag: 000T T=0 for permanent address T=1 for transient address Scope: 1: Node Local 2: Link Local 8: Org Local E: Global FlagsScopeGroup ID1111 8 bits 4 bits4bits 112 bits
46
46 Network Architecture and Design IPv6 Packet Header Version (4 bits)Priority (4 bits)Flow Label (24 bits) Payload Length (16 bits)Next Header (8 bits)Hop Limit (8 bits) Source Address (128 bits) Destination Address (128 bits) Vers = 4IHLType of ServiceTotal Length IdentificationFlags Fragment Offset Time to LiveProtocolHeader Checksum Source Address Destination Address Options IPv6 IPv4 Shaded fields are absent from IPv6 header
47
47 Network Architecture and Design IPv6 Header Types Header Types Hop-by-Hop = 0 Routing Header = 43 Fragment Header = 44 Authentication Header = 51 Encrypted Payload = 52 TCP =6 UDP =17
48
48 Network Architecture and Design IPv6 Extension Headers IPv6 Header Next Header = TCP TCP Header + Data IPv6 Header Next Header = Routing Routing Header Next Header = TCP TCP Header + Data IPv6 Header Next Header = Routing Routing Header Next Header = Fragment Fragment Header Next Header = TCP Fragment of TCP Header + Data Options field of IPv4 is replaced by extension headers, used for special purposes: Extension headers are chained together
49
49 Network Architecture and Design IPv6 Extension Headers Hop – by - Hop Routing Fragment Destination Options Authentication Encryption Security Payload
50
50 Network Architecture and Design IPv6 Flow Label Header Field IPv6 header gives the ability of labeling traffic flow (24 bits) Flow label indicates that packets need special handling: Real time service Special QoS
51
51 Network Architecture and Design IPv6 – Priority Header Field 4 bit priority field Enables source to identify the desired delivery priority of it’s packets relative to other packets from the same source Two ranges 0 through 7 specifies priority of packets (no real time) 8 through 15 specify priority of real time packets
52
52 Network Architecture and Design IPv6 Vs IPv4 Expanded addressing capabilities Simplified header format Reduction in processing cost Flow labeling Support for authentication and privacy Support for improved options and extensions Support of all IPv4-based mechanisms IPsec – diffserv – QoS features
53
53 Network Architecture and Design IPv6 and IPv4 Co-existence IPv4 and IPv6 will exist together As time goes by: Devices support only IPv4 Devices support IPv4 and IPv6 Devices support only IPv6 Coexistence using: Dual stack approach Applications choose version to use Tunneling approach Encapsulation of IPv6 in IPv4 packets Translation approach Extended NAT techniques for translating IPv6 to IPv4
54
54 Network Architecture and Design End of First Lecture
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.