Module 4: Designing Routing and Switching Requirements

Connectivity Requirements Branch Office Corporate Headquarters Web Server Internet Server LAN Remote User VPN Wireless User Locally Remotely Across the Internet Evaluate how users connect

Types of Network Devices DeviceOSI layerDefinition Hub Physical (layer 1) Extends the network by retransmitting the signal Does not process the data Switch Data-link (layer 2) Forwards frames according to the destination MAC address Supports simultaneous conversations without collisions Router Network (layer 3) Used to link WANs and dissimilar LANs Sends packets based on logical addressing Layer 3 switch Network (layers 2 and 3) Is a limited-purpose hardware-based IP router with bridging capabilities Also performs layer 2 switching

Reasons for Using Routers Use routers to: Isolate networks from each other Provide a start for a secure network implementation Traditional uses of routers Connecting WANs Segmenting LANs

Internet Security and Acceleration for Internet Connectivity Intranet ISA Server maps to ISA has additional features over NAT: Application traffic monitoring Internet content caching User-based control

Strategies for Designing Firewalls Bastion host Web Server LAN Multi-homed firewall LAN Web Server Back-to-back firewall Web Server LAN Internet

Strategies for Designing Extranet OptionDescription VPN Encrypted communication over the Internet Dial-up Computer communication over phone lines Secure Web server Authenticated access to a Web server RPC over HTTP RPC communication tunnelled in HTTP for an application Terminal services Remote access to an application ADFS Active Directory authentication for Web applications

Determining Connection Methods Connection methodUse when: Leased lines Security is important Speed and reliability are required No budget constraints Tunneling Security is important No modem infrastructure Demand-dial -on demand Limited traffic Per-instance fee pricing structure Demand-dial -persistent Ample traffic Flat fee pricing structure

Selecting a Site-to-Site VPN Tunnel VPN tunnel type Criteria VPN with PPTP tunnel is used if: All routers support PPTP passthrough User-based authentication is sufficient Support for non-IP protocols is required VPN with L2TP/IPSec tunnel is used if: All routers support passthrough of IPSec Computer-based authentication is required Support for non-IP protocols is required VPN with IPSec in tunnel mode is used if: All routers support passthrough of IPSec Only computer-based authentication is required Support for only TCP/IP is required

Factors Affecting Network Performance Factors affecting network performance Bandwidth Latency Throughput Capacity Wire speed Utilization Jitter Jabber Bottleneck Collisions Efficiency Frame rate

Network Upgrade Considerations When determining how to upgrade a network, consider: Current utilization rates at various times of day Appropriate target utilization rates Flow of traffic through the network Future growth Potential repercussions

Calculating Actual Data Throughput Actual data throughput formula ADT = net utilization * efficiency rating * wire speed Net utilization = (utilization - collisions) Efficiency rating based on frame size Actual Data Throughput (ADT) shows you how much usable data is actually being carried on the network Adding nodes and header information affects throughput You should measure throughput after data transmission

What Is Quality of Service? Quality of Service (QoS): Prioritizes network traffic for network routing by adding a DSCP value Uses throttling to limit bandwidth usage on a host Can be based on: Sending application Source or destination IPv4 or IPv6 addresses Protocol (TCP or UDP) Source or destination ports

What Is a QOS Policy? A QoS policy: Is defined as part of a Group Policy Can be applied to users or computers Can include specific IPv4 or IPv6 addresses or networks to apply to Lets you define a DSCP value for network traffic Lets you define a throttle rate for network traffic