Backbone Networks, MAN, WAN PSTN, T-carriers, ATM, Frame Relay, VPN

Key Concepts Understand various types of backbones and the devices they use Understand VLANs and the devices they use Understand various MAN and WAN services, including T-carriers, frame relay, ATM, and High-speed Ethernet Be familiar with virtual private network services

Backbone Networks Backbone networks are high speed networks that link an organization’s LANs and also provide connections to other backbones, MANs, WANs and the Internet. Network designers view networks as made of three technology layers: The access layer which is the technology used in LANs The distribution layer which is the part of the backbone that connects the LANs together The core layer connects different backbone networks together, often between buildings

Backbone network design layers

Collapsed Backbones Collapsed backbones use a star topology, usually with a high speed switch at the center Collapsed backbones can use either layer-2 switches or layer-3 routing switches The two main advantages are: each connection to the switch becomes a separate point-to-point circuit also giving much higher performance the network has far fewer devices and so is much simpler to manage Two minor disadvantages are: 1) use more cable and the cable runs for longer distances, 2) if the central switch fails, the network goes down

Rack-mounted collapsed backbone architecture

Multi-Switch Ethernet LAN C3-2D-55-3B-A9-4F Switch 2, Port 5 A1-44-D5-1F-AA-4C Switch 1, Port 2 E5-BB-47-21-D3-56 Switch 3, Port 6 D4-55-C4-B6-9F Switch 3, Port 2 B2-CD-13-5B-E4-65 Switch 1, Port 7 Switch 1 Switch 2 Switch 3 Port 7 on Switch 2 to Port 4 on Switch 3 Port 5 on Switch 1 to Port 3 on Switch 2

Virtual LANs Single-switch VLANs Multiswitch VLANs VLANs are a new type of LAN architecture using intelligent, high-speed switches Unlike other LAN types, which physically connect computers to LAN segments, VLANs assign computers to LAN segments by software VLANs have been standardized as IEEE802.1q and IEEE802.1p The two basic designs are: Single-switch VLANs Multiswitch VLANs

Server Broadcasting without VLANS Client A Client B Client C Server D Server E Server Broadcast Frame is Broadcast Goes to all stations Creates congestion

Server Multicasting with VLANS Multicasting (some), not Broadcasting (all) Client A on VLAN1 Client B on VLAN2 Client C Server D Server E Server Broadcast

VLANs Computers can be assigned to VLANs in four ways: Port-based VLANs assign computers according to the VLAN switch port to which they are attached MAC-based VLANs assign computers according to each computer’s data link layer address IP-based VLANs assign computers using their IP-address Application-based VLANs assign computers depending on the application that the computer typically uses. This has the advantage of allowing precise allocation of network capacity

VLANs Single-Switch or Multiswitch Main advantages Drawbacks Simpler to manage the broadcast traffic Precisely allocate resources to different types of traffic Drawbacks Cost and management complexity

FDDI Topology FDDI operates at 100 Mbps over a fiber optic cable. FDDI can attach a maximum of 1000 stations over a maximum path of 200 km. A repeater is need every 2 km. FDDI uses dual counter-rotating rings (called the primary and secondary). Data normally travels on the primary ring. Stations can be attached to the primary ring as single attachment stations (SAS) or both rings as dual attachment stations (DAS).

Optical cable topology for an FDDI LAN

FDDI’s Self Healing Rings Copper Distributed Data Interface (CDDI) is a related protocol using cat 5 twisted wire pairs. An important feature of FDDI is its ability to handle a breaks in the network by forming a single temporary ring out of the pieces of the primary and secondary rings. Once the stations detect the break, traffic is rerouted through a new ring formed out of the parts of the primary and secondary rings not affected by the break. The network then operates over this temporary ring until the break can be repaired.

Managing a broken circuit

Asynchronous Transfer Mode (ATM) ATM was originally designed to carry both voice and data traffic over WANs. It is also used in backbone networks. In the WAN, ATM almost always uses SONET as its hardware layer. An ATM gateway is needed to convert TCP/IP and Ethernet frames into ATM cells and then converts them back once they have reached their destination network. The translation creates significant delays.

ATM Media Access Control To handle circuit congestion, ATM prioritizes transmissions based on Quality of Service (QoS) Real time applications, such as voice, get a high priority, since it cannot allow delays. E-mail gets a lower priority, since small delays don’t matter very much.

ATM in the backbone

Current Backbone Technology Trends The following trends in backbone technologies have been taking place in recent years: Organizations are moving to collapsed backbones or VLANs Gigabit Ethernet use is growing FDDI seems to be on its way out. ATM, while still popular in WANs, is losing ground to Gigabit Ethernet as a backbone technology Taken together, it appears that Ethernet use will dominate both the LAN and backbone environments

Effective data rates for backbone technologies Technology Effective Data Rate Full Duplex 1 GbE 1.8 Gbps Full Duplex 10 GbE 18 Gbps FDDI 7-70 Mbps depending on traffic ATM (155 Mbps, Full Duplex) 160 Mbps ATM (622 Mbps, Full Duplex) 760 Mbps  Assumes: collapsed backbone connecting Ethernet LANs transmitting mostly large frames

Backbone Recommendations The best practices are recommended for backbones: Architecture: collapsed backbone or VLAN. Technology: gigabit Ethernet. ATM and FDDI use has started to fall off over the past year. The ideal network design combines use of layer-2 and layer-3 Ethernet switches. The access layer (LANs) uses 10/100 layer-2 switches using cat 5e or cat 6 twisted pair cables (cat 6 is needed for 1000BaseT). The distribution layer uses layer-3 Ethernet switches that use 1000BaseT or fiber, Cat 6 or Cat 7 TP. The core layer uses layer-3 Ethernet switches running 10GbE or 40GbE over fiber. Network reliability is increased using redundant switches and cabling.

MAN & WAN Metropolitan area networks (MANs) typically span from 3 to 30 miles and connect backbone networks (BNs), and LANs. Wide area networks (WANs) connect BNs and MANs across longer distances, often hundreds of miles or more. Most organizations cannot afford to build their own MANs and WANs, so they rent or lease circuits from common carriers such as AT&T, BellSouth or SBC.

WAN Purposes Link sites (usually) within the same corporation Provide remote access to individuals who are off-site Internet access 1. Link Sites 2. Remote Access 3. Internet

WANs WAN Technologies Ordinary telephone line and telephone modem Point-to-Point Leased lines Public switched data network (PSDN) Send your data over the Internet securely, using Virtual Private Network (VPN) technology PSDN VPN Point-to-Point

Telephone Modem Communication Need modem at each end up to 33.6 kbps For 56 kbps download speed server must have a digital connection, not a modem PSTN Client A Server A Telephone 33.6 kbps Modem Binary Data Analog Modulated Signal

Leased Line Networks Leased Line Point-to-point connection Always on Usually faster (56 kbps or more) Usually digital instead of analog Lower cost per bit transmitted than dial-up service But speeds are higher, so higher total cost Must be provisioned (set up)

Leased Line Networks Trunk Line-Based Leased Lines 56 kbps Leased Lines Fractional T1 lines offer low-speed choices between 56 kbps and T1, typically: 128 bps, 256 kbps, 384 kbps, 512 kbps, 768 kbps T1 Leased Lines (1.544 Mbps) T3 Leased Lines (44.7 Mbps) SONET Leased Lines operate at multiples of 51.84 Mbps Use either optical fiber or data-grade copper

Leased Line Networks Digital Subscriber Lines (DSLs) Broadband speeds over single pair of voice-grade copper UTP Less expensive than trunk line-based leased lines Asymmetric DSL (ADSL) Downstream (to customer): 256 kbps to over 1.5 Mbps Upstream (from customer): 64 kbps or higher

ASDL with Splitter Data 256 kbps to 1.5 Mbps Subscriber Premises Telephone Company End Office Switch Data WAN 64 kbps to 256 kbps ADSL Modem PC DSLAM Splitter PSTN Ordinary Telephone Service Telephone

Leased Line Networks HDSL (High-rate DSL) SHDSL (Super High-rate DSL) Symmetric speed (768 kbps both ways) over one voice-grade twisted pair Designed for business use with speed guaranteed SHDSL (Super High-rate DSL) Single voice-grade twisted pair; longer distances than ASDL, HSDL Symmetric, guaranteed speed Variable speed ranging from 384 kbps to 2 Mbps

Cable Modem Services ISP 2. Optical 4. Coaxial Fiber to Cable to Neighborhood 4. Coaxial Cable to Premises 3. Neighborhood Splitter 1. Cable Television Head End 5. Cable Modem Subscriber Premises PC 6. Requires NIC or USB port

Leased Line Networks Cable Modem Delivered by cable television operator High asymmetric speed Up to 10 Mbps downstream 64 kbps to 256 kbps upstream Speed is shared by people currently downloading in a neighborhood In practice, medium ADSL speed or higher

Leased Line versus Public Switched Data Networks Multisite Leased Line Mesh Network Site B Site A OC3 Leased Line T3 Lease Line T1 Leased Line 56 kbps Leased Line 56 kbps Leased Line Site C T1 Leased Line 56 kbps Leased Line Site D Site E

Leased Line versus Public Switched Data Networks Public Switched Data Network (PSDN) Site A Site B Public Switched Data Network (PSDN) POP POP POP POP Point of Presence One leased line per site Site D Site E Site C

Leased Line versus Public Switched Data Networks Leased Line Network Many leased lines Individual leased line spans long distances Company must plan, buy switching equipment, and operate the network Public Switched Data Network Only need one leased line from each site to a POP Few and short-distance leased lines PSDN carrier provides planning, switching, and operation of the network

Popular PSDN Services Service Typical Speeds Circuit- or Packet- Switched Reliable or Unreliable Virtual Circuits? Relative Price X.25 9,600 kbps to about 40 Mbps Packet Reliable Yes Moderate Frame Relay 56 kbps to about 40 Mbps Packet Unreliable Yes Low X.25 (Obsolete): Slow because of reliability Frame Relay Services are offered by all the major carriers

Popular PSDN Services Service Typical Speeds Circuit- or Packet- Switched Reliable or Unreliable Virtual Circuits? Relative Price ATM 1 Mbps to about 156 Mbps Packet Unreliable Yes High Ethernet 10 Gbps and 40 Gbps Packet Unreliable No Probably Low ATM is faster than Frame Relay grow in demand as corporate demand outgrows FR Ethernet MANs are appearing offer lower prices for comparable speeds

Popular PSDN Services Service Typical Speeds Circuit- or Packet- Switched Reliable or Unreliable Virtual Circuits? Relative Price ISDN Two 64 kbps B channels One 16 kbps D channel Circuit Unreliable No Moderate ISDN Expensive for its slow speed Has niche in backup connections because Dial-Up, so only pay for when needed

Virtual Private Network 1. Site-to-Site VPN Server Tunnel Internet VPN Server Corporate Site B Corporate Site A 3. Remote Corporate PC 2. Remote Customer PC (or site) Remote Access for Intranet Extranet

Virtual Private Network Virtual Private Network (VPN) Transmission over the Internet with added security Why VPNs? PSDNs are not interconnected Only good for internal corporate communication But Internet reaches almost all sites in all firms Low transmission cost per bit transmitted

Virtual Private Network VPN Problems Latency and Sound Quality Internet can be congested Creates latency, reduces sound quality Use a single ISP to reduce problems Security PPTP for remote access is popular IPsec for site-to-site transmission is popular

ISP-Based PPTP Remote Access VPN Remote Access VPNs User dials into a remote access server (RAS) RAS often checks with RADIUS server for user identification information. Allows or rejects connection Local Access RADIUS Server PPTP RAS Secure Tunnel Remote Corporate PC Internet ISP PPTP Access Concentrator Corporate Site A

Virtual Private Network Point-to-Point Tunneling Protocol Available in Windows since Windows 95 No need for added software on clients Provided by many ISPs PPTP access concentrator at ISP access point Some security limitations No security between user site and ISP No message-by-message authentication of user Uses unprotected TCP control channel

Hosts Need No Extra Software IPsec in Tunnel Mode Tunnel Mode IPsec Server IPsec Server Local Network Local Network Secure Tunnel Tunnel Only Between Sites Hosts Need No Extra Software No Security In Site Network No Security In Site Network

Virtual Private Network IP Security (IPsec) A network layer, so protects information at higher layers Transparent: upper layer processes do not have to be modified HTTP SMTP FTP SNMP TCP UDP Protected Network Layer with IPsec Protection

Virtual Private Network Security associations: Agreement on how security options will be implemented May be different in the two directions Governed by corporate policies Security Association (SA1) for Transmissions From A to B Security Association (SA2) for Transmissions From B to A Party B Party A

MAN/WAN Recommendations For small networks, POTS may still be reasonable alternative For moderate volume networks, several choices are popular: VPNs are a good choice when cost is important and reliability is less of an issue Frame relay is used when demand is unpredictable T-Carriers are used if network demand is predictable For high volume networks Ethernet/IP packet networks are becoming the dominant choice. Some organizations also may prefer ATM for their high volume networks.