Network Analysis and Design

1
Network Analysis and Design

• Introduction to Network Design

2
Network Design

• A network design is a blueprint for building a
  network
• The designer has to create the structure of the
  network and decide how to allocate resources
  and spend money

3
Elements of Good Network Design

• Deliver the services requested by users
• Deliver acceptable throughput and response times
• Cost efficiency
• Reliable
• Expandable
• Manageable
• Well-documented

4
Network Design Issues

• User requirements
• Locations of devices
• Characteristics of applications
• Types of traffic
• Topologies
• Routing protocols
• Budget
• Performance
• Etc.

5
Classifications of Network Design

• Build a new network
• Expand or upgrade the existing network
• Create the overlay network
• Virtual Private Network (VPN)

6
Types of Networks

• Access network
• The ends or tails of networks that connect the
  small sites into the network
• LAN, campus network
• Backbone network
• The network that connects major sites
• Corporate WAN

7
Objectives

• How to design a network using the correct
  techniques?
• Some common guidelines applicable for all types
  of network design

8
Top-Down Network Design Methodology

• A complete process that matches business needs to
  available technology to deliver a system that
  will maximize an organizations success
• Dont just start connecting the dots
• In the LAN, it is more than just buying a few
  devices
• In the WAN, it is more than just calling the
  phone company

9
Top-Down Network Design Methodology (Contd.)

• Analyze business and technical goals first
• Explore divisional and group structures to find
  out who the network serves and where they reside

10
Top-Down Network Design Methodology (Contd.)

• Determine what applications will run on the
  network and how those applications behave on a
  network
• Focus on applications, sessions, and data
  transport before the selection of routers,
  switches, and media that operate at the lower
  layers

11
Network Design Phases

• Requirement analysis
• Logical network design
• Physical network design

12
Phase I - Requirement Analysis Phase

• Analyze goals and constraints
• Characterize the existing network
• Characterize network traffic

13
Phase II - Logical Network Design Phase

• Map the requirements into the conceptual design
• Design a network topology
• Node locations
• Capacity assignment

14
Phase III - Physical Network Design Phase

• Select technologies and devices for your design
• Implementation

15
Business Goals

• Increase revenue
• Reduce operating costs
• Improve communications
• Shorten product development cycle
• Expand into worldwide markets
• Build partnerships with other companies
• Offer better customer support or new customer
  services

16
Recent Business Priorities

• Mobility
• Security
• Resiliency (fault tolerance)
• Business continuity after a disaster
• Networks must offer the low delay required for
  real-time applications such as VoIP

17
Business Constraints

• Budget
• Staffing
• Schedule
• Politics and policies

18
Information

• Goals of the project
• What problem are they trying to solve?
• How will new technology help them be more
  successful in their business?
• Scope of the project
• Small in scope Allow sales people to access
  network via a VPN
• Large in scope An entire redesign of an
  enterprise network
• Does the scope fit the budget, capabilities of
  staff and consultants, schedule?

19
Information (Contd.)

• Applications, protocols, and services
• Current logical and physical architecture
• Current performance

20
Technical Goals

• Scalability
• Availability
• Performance
• Security
• Manageability
• Usability
• Adaptability
• Affordability

21
Scalability

• Scalability refers to the ability to grow
• Network must adapt to increases in network usage
  and scope in the future
• Flat network designs dont scale well
• Broadcast traffic affects the scalability of a
  network

22
Availability

• Availability is the amount of time a network is
  available to users
• Availability can be expressed as a percent up
  time per year, month, week, day, or hour,
  compared to the total time in that period
• 24/7 operation
• Network is up for 165 hours in the 168-hour week
• Availability is 98.21

23
Availability (Contd.)

• Different applications may require different
  levels
• Some enterprises may want 99.999 or Five Nines
  availability

24
Availability (Contd.)

• An uptime of 99.70
• Downtime 0.003 x 60 x 24 x 7
• 30.24 mins per week
• An uptime of 99.95
• Downtime 0.0005 x 60 x 24 x 7
• 5.04 mins per week
• An uptime of 99.999
• Downtime 0.00001 x 60 x 24 x 365
• 5.256 mins per year

25
Availability (Contd.)

• System availability (R) is calculated from the
  component availability (Ri)
• Series
• R ? Ri
• Parallel
• R 1 ?(1 Ri)

26
Availability (Contd.)

• R1 99.95, R2 99.5
• Series
• R 0.9995 x 0.995 99.45
• Decreases system availability
• Parallel
• R 1 (1 0.9995) x (1 0.995) 99.99975
• Increases system availability

27
Availability (Contd.)

• 99.999 may require high redundancy (and cost)

ISP 1
ISP 2
ISP 3
Enterprise
28
Availability (Contd.)

• Availability can also be expressed as a mean time
  between failure (MTBF), and mean time to repair
  (MTTR)
• Availability MTBF / (MTBF MTTR)
• A typical MTBF goal for a network that is highly
  relied upon is 4000 hours. A typical MTTR goal is
  1 hour.
• 4000 / 4001 99.98 availability

29
Network Performance

• Common performance factors include
• Bandwidth
• Throughput
• Bandwidth utilization
• Offered load
• Accuracy
• Efficiency
• Delay (latency) and delay variation
• Response time

30
Bandwidth Vs. Throughput

• They are not the same thing
• Bandwidth is the data carrying capacity of a
  circuit
• Usually specified in bits per second
• Fixed
• Throughput is the quantity of error free data
  transmitted per unit of time
• Measured in bps, Bps, or packets per second (pps)
• Varied

31
Other Factors that Affect Throughput

• The size of packets
• Inter-frame gaps between packets
• Packets-per-second ratings of devices that
  forward packets
• Client speed (CPU, memory, and HD access speeds)
• Server speed (CPU, memory, and HD access speeds)
• Network design
• Protocols
• Distance
• Errors
• Time of day
• etc.

32
Throughput of Devices

• The maximum PPS rate at which the device can
  forward packets without dropping any packets
• Theoretical maximum is calculated by dividing
  bandwidth by frame size, including any headers,
  preambles, and interframe gaps

33
Throughput of Devices (Contd.)
Frame Size (Bytes) Theoretical Max PPS (100-Mbps Ethernet)
64 148,800
128 84,450
256 45,280
512 23,490
768 15,860
1024 11,970
1280 9,610
1518 8,120
34
Bandwidth, Throughput, Load
100 of Capacity
Throughput
Actual
Ideal
100 of Capacity
Offered Load
35
Throughput Vs. Goodput

• Most end users are concerned about the throughput
  for applications
• Goodput is a measurement of good and relevant
  application layer data transmitted per unit of
  time
• In that case, you have to consider that bandwidth
  is being wasted by the headers in every packet

36
Utilization

• The percent of total available capacity in use
• For WANs, optimum average network utilization is
  about 70
• For hub-based Ethernet LANs, utilization should
  not exceed 37, beyond this limit, collision
  becomes excessive

37
Utilization (Contd.)

• For full-duplex Ethernet LANs, a point-to-point
  Ethernet link supports simultaneous transmitting
  and receiving
• Theoretically,
• Fast Ethernet means 200 Mbps available
• Gigabit Ethernet means 2 Gbps available
• 100 of this bandwidth can be utilized
• Full-duplex Ethernet is becoming the standard
  method for connecting servers, switches, and even
  end users' machines

38
Efficiency

• Large headers are one cause for inefficiency
• How much overhead is required to deliver an
  amount of data?
• How large can packets be?
• Larger better for efficiency (and goodput)
• But too large means too much data is lost if a
  packet is damaged
• How many packets can be sent in one bunch without
  an acknowledgment?

39
Efficiency (Contd.)
Small Frames (Less Efficient)
Large Frames (More Efficient)
40
Delay from the Users Point of View

• Response Time
• The time between a request for some service and a
  response to the request
• The network performance goal that users care
  about most
• A function of the application and the equipment
  the application is running on, not just the
  network
• Most users expect to see something on the screen
  in 100 to 200 ms
• The 100-ms threshold is often used as a timer
  value for protocols that offer reliable transport
  of data

41
Delay from the Engineers Point of View

• Propagation delay
• Signal travels in a cable at about 2/3 the speed
  of light in a vacuum
• Relevant for all data transmission technologies,
  but especially for satellite links and long
  terrestrial cables
• Geostationary satellites propagation delay is
  about 270 ms for an intercontinental satellite
  hop
• Terrestrial cables propagation delay is about 1
  ms for every 200 km

42
Delay from the Engineers Point of View (Contd.)

• Transmission delay
• Also known as serialization delay
• Time to put digital data onto a transmission line
• Depends on the data volume and the data rate of
  the line
• It takes about 5 ms to output a 1,024 byte packet
  on a 1.544 Mbps T1 line

43
Delay from the Engineers Point of View (Contd.)

• Packet-switching delay
• The latency accrued when switches and routers
  forward data
• The latency depends on
• the speed of the internal circuitry and CPU
• the switching architecture of the internetworking
  device
• the type of RAM that the device uses
• Routers tend to introduce more latency than
  switches
• QoS, NAT, filtering, and policies introduce delay

44
Delay from the Engineers Point of View (Contd.)

• Queueing delay
• The average number of packets in a queue on a
  packet-switching device increases exponentially
  as utilization increases

45
Queuing Delay and Bandwidth Utilization

• Number of packets in a queue increases
  exponentially as utilization increases

46
Delay Variation (Jitter)

• The amount of time average delay varies
• Users of interactive applications expect minimal
  delay in receiving feedback from the network
• Users of multimedia applications require a
  minimal variation in the amount of delay
• Delay must be constant for voice and video
  applications
• Variations in delay cause disruptions in voice
  quality and jumpiness in video streams

47
Delay Variation (Jitter) (Contd.)

• Short fixed-length cells, for example ATM 53-byte
  cells, are inherently better for meeting delay
  and delay-variance goals
• Packet size tradeoffs
• Efficiency for high-volume applications versus
  low and non-varying delay for multimedia

48
Delay Variation (Jitter) (Contd.)

• Audio/video applications minimize jitter by
  providing a buffer that the network puts data
  into
• Display software or hardware pulls data from the
  buffer

49
Accuracy

• Data received at the destination must be the same
  as the data sent by the source
• Error fames must be retransmitted, which has a
  negative effect on throughput
• In IP networks, TCP provides retransmission of
  data
• For WAN links, accuracy goals can be specified as
  a bit error rate (BER) threshold
• Fiber-optic links about 1 in 1011
• Copper links about 1 in 106

50
Accuracy (Contd.)

• On shared Ethernet, errors often result from
  collisions
• Collisions happen in the 8-byte preamble of the
  frames (not counted)
• Collisions happen past the preamble and somewhere
  in the first 64 bytes of the data frame (legal
  collision)
• Collisions happen beyond the first 64 bytes of a
  frame (late collision)

51
Accuracy (Contd.)

• Late collisions are illegal and should never
  happen (too large network)
• A goal for Ethernet collisions less than 0.1
  affected by a legal collision
• Collisions should never occur on full-duplex
  Ethernet links
• In wireless LAN 802.11 CSMA/CA, collisions can
  still occur

52
Security

• Security design is one of the most important
  aspects of enterprise network design
• Security problems should not disrupt the
  company's ability to conduct business
• The cost to implement security should not exceed
  the cost to recover from security incidents

53
Security (Contd.)

• Network Assets
• Hardware
• Software
• Applications
• Data
• Intellectual property
• Trade secrets
• Companys reputation

54
Affordability

• Affordability is sometimes called
  cost-effectiveness
• A network should carry the maximum amount of
  traffic for a given financial cost
• Financial costs include nonrecurring equipment
  costs and recurring network operation costs
• Campus networks low cost is often more important
  than availability and performance.
• Enterprise networks availability is usually more
  important than low cost

55
Affordability (Contd.)

• Monthly charges for WAN circuits are the most
  expensive aspect of running a large network
• How to save
• Use a routing protocol that minimizes WAN traffic
• Improve efficiency on WAN circuits by using such
  features as compression
• Eliminate underutilized trunks
• Use technologies that support oversubscription

56
Adaptability

• Avoid incorporating any design elements that
  would make it hard to implement new technologies
  in the future
• Change can come in the form of new protocols, new
  business practices, new traffic patterns

57
Usability

• The ease of use with which network users can
  access the network and services
• Usability might also include a need for mobility
• Some design decisions will have a negative affect
  on usability
• Strict security, for example

58
Characterizing a Network (Why?)

• Verify that a customer's technical design goals
  are realistic
• Understand the current topology
• Locate existing network segments and equipment
• Locate where new equipment will go
• Develop a baseline of current performance

59
Characterizing a Network (What?)

• Infrastructure
• Addressing and naming
• Wiring and media
• Architectural and environmental constraints
• Health

60
Infrastructure

• Develop a set of network maps
• Learn the location of major internetworking
  devices and network segments

61
Infrastructure (Contd.)

• Information to collect
• Geographical locations
• LAN, WAN connections
• Buildings and floors, and possibly rooms
• Location of major servers or server farms
• Location of routers and switches
• Location of mainframes
• Location of major network-management stations
• Location and reach of virtual LANs (VLANs)
• Etc.

62
Infrastructure (Contd.)
Medford Fast Ethernet 50 users
Roseburg Fast Ethernet 30 users
Frame Relay CIR 56 Kbps DLCI 5
Frame Relay CIR 56 Kbps DLCI 4
Gigabit Ethernet
Grants Pass HQ 16 Mbps Token Ring
Grants Pass HQ Fast Ethernet 75 users
FEP (Front End Processor)
IBMMainframe
T1
Web/FTP server
Eugene Ethernet 20 users
Internet
T1
63
Addressing and Naming

• IP addressing for major devices, client networks,
  server networks
• What to consider?
• Private/public address
• Classless/classful addressing
• Variable-length subnet mask (VLSM)
• Route aggregation or supernetting
• Discontiguous subnets

64
Discontiguous Subnets
Area 0 Network 192.168.49.0
Router B
Router A
Area 1 Subnets 10.108.16.0 - 10.108.31.0
Area 2 Subnets 10.108.32.0 - 10.108.47.0
65
Wiring and Media

• Document the types of cabling in use as well as
  cable distances
• Distance information is useful when selecting
  data link layer technologies based on distance
  restrictions

66
Wiring and Media (Contd.)

• Single-mode (SM) fiber
• Multi-mode (MM) fiber
• Shielded twisted pair (STP) copper
• Unshielded-twisted-pair (UTP) copper
• Coaxial cable
• Microwave
• Laser
• Radio
• Infra-red

67
Architectural Constraints

• Make sure the following are sufficient
• Air conditioning
• Heating
• Ventilation
• Power
• Protection from electromagnetic interference

68
Architectural Constraints (Contd.)

• Make sure theres space for
• Cabling conduits
• Patch panels
• Equipment racks
• Work areas for installing and troubleshooting
  equipment

69
Wireless Installations

• Reflection
• Signal bounces back and interferes with itself
• Metal surfaces such as steel girders,
  scaffolding, shelving units, steel pillars, and
  metal doors
• Implementing a WLAN across a parking lot can be
  tricky because of metal cars that come and go

70
Wireless Installations (Contd.)

• Absorption
• Energy of the signal can be absorbed by the
  material in objects through which it passes
• Reduces signal level
• Water has significant absorption properties, and
  objects such as trees or thick wooden structures
  can have a high water content
• Implementing a WLAN in a coffee shop can be
  tricky if there are large canisters of liquid
  coffee

71
Wireless Installations (Contd.)

• Refraction
• RF signal is bent when it passes from a medium
  with one density into a medium with another
  density
• The signal changes direction and may interfere
  with the nonrefracted signal
• It can take a different path and encounter other,
  unexpected obstructions, and arrive at recipients
  damaged or later than expected

72
Wireless Installations (Contd.)

• Diffraction
• Similar to refraction
• Like refraction, the signal is bent around the
  edge of the diffractive region and can then
  interfere with that part of the signal that is
  not bent

73
Wireless Installations (Contd.)

• Boost the power level to compensate for variable
  environmental factors
• The additional power added to a transmission is
  called the fade margin

74
Health

• Performance
• Availability
• Bandwidth utilization
• Accuracy
• Efficiency
• Response time
• Status of major routers, switches, and firewalls

75
Develop a Performance Baseline

• How much better the new internetwork performs
  once your design is implemented
• Baseline of normal performance should not include
  nontypical problems caused by exceptionally large
  traffic loads
• The decision whether to measure normal
  performance, performance during peak load, or
  both, depends on the goals of the network design

76
Characterize Availability
Cause of Last Major Downtime
Date and Duration of Last Major Downtime
MTBF
MTTR
Enterprise Segment 1 Segment
2 Segment n
77
Utilization

• Measurement of how much bandwidth is in use
  during a specific time interval
• Different tools use different averaging windows
  for computing network utilization
• Trade-off between amount of statistical data that
  must be analyzed and granularity

78
Utilization in Minute Intervals
79
Utilization in Hour Intervals
80
Utilization (Contd.)

• The size of the averaging window depends on your
  goals
• When troubleshooting network problems, keep the
  interval very small, either minutes or seconds
• For performance analysis and baselining purposes,
  use an interval of 1 to 5 minutes
• For long-term load analysis, to determine peak
  hours, days, or months, set the interval to 10
  minutes

81
Bandwidth Utilization by Protocol
Relative Network Utilization
Absolute Network Utilization
Multicast Rate
Broadcast Rate
Protocol 1 Protocol 2 Protocol
3 Protocol n
82
Accuracy

• Bit error rate (BER)
• Frame error rate (FER)
• Packet loss
• Collision
• Runt (partial) frame
• Healthy network should not have more than one bad
  frame per megabyte of data

83
Characterize Packet Sizes

• Increasing the maximum transmission unit (MTU) on
  router interfaces can also improve efficiency
• Increasing MTU can increase serialization delay

84
Characterize Packet Sizes (Contd.)
85
Characterize Packet Sizes (Contd.)

• Small frames consist of control information and
  acknowledgments
• Data frames fall into the large frame-size
  categories
• Frame sizes typically fall into what is called a
  bimodal distribution

86
Characterize Response Time

• A more common way to measure response time is to
  send ping packets and measure the round-trip time
  (RTT)
• Variance measurements are important for
  applications that cannot tolerate much jitter
• You can also document any loss of packets

87
Characterize Response Time (Contd.)
Node A
Node B
Node C
Node D
Node A Node B Node
C Node D
X
X
X
X
node router, server, client, or mainframe
88
Checking Status of Major Devices

• CPU utilization
• How many packets it has processed
• How many packets it has dropped
• Status of buffers and queues
• You can use SNMP or commands in the devices

89
Characterizing Network Traffic (Why?)

• Analyze network traffic patterns to help you
  select appropriate logical and physical network
  design solutions to meet a customer's goals

90
Network Traffic Factors

• Location of traffic sources and sinks
• Traffic load
• Traffic behavior

91
Traffic Flow

• Information transmitted between communicating
  entities during a single session
• Flow attributes
• addresses for each end of the flow
• direction
• symmetry
• path
• number of packets or bytes

92
Traffic Flow Types

• Terminal/host
• Client/server
• Peer-to-peer
• Server/server
• Voice over IP

93
Terminal / Host

• Examples Telnet, ssh
• Usually asymmetric terminal sends a few
  characters and the host sends many characters
• In some full-screen terminal applications, the
  terminal sends characters typed by the user and
  the host returns data to repaint the screen
• The screen is usually 80 characters wide by 24
  lines long, which equals 1920 characters
• The full transfer is a few thousand bytes

94
Client / Server

• Examples FTP, HTTP
• Usually bidirectional and asymmetric
• Requests are typically small frames except when
  writing data to the server
• Responses range from 64 bytes to 1500 bytes or
  more, depending on the MTU of the data link layer

95
Peer-to-Peer

• Examples Workgroup, videoconferencing, P2Ps
• No hierarchy and no dedicated server
• Usually bidirectional and symmetrical
• Another example is a meeting between business
  people at remote sites using videoconferencing
  equipment
• Information dissemination in a class is a
  client/server model

96
Server / Server

• To implement directory services, to cache heavily
  used data, to mirror data for load balancing and
  redundancy, to back up data, and to broadcast
  service availability
• Generally bidirectional
• With most server/server applications, the flow is
  symmetrical, but in some cases there is a
  hierarchy of servers, with some servers sending
  and storing more data than others

97
VoIP

• The flow associated with transmitting the audio
  voice is separate from the flows associated with
  call control
• The voice flow for transmitting the digital voice
  is essentially peer-to-peer
• The call control flow for call setup and teardown
  is a client/server flow

98
Traffic Load

• Network capacity is sufficient to avoid
  bottleneck
• Key parameters
• Number of stations
• Average time that a station is idle between
  sending frames
• Time required to transmit a message once medium
  access is gained
• Application usage patterns

99
Traffic Load (Contd.)

• Traffic load caused by applications
• Terminal screen 4 Kbytes
• Simple e-mail 10 Kbytes
• Simple web page 50 Kbytes
• High-quality image 50,000 Kbytes
• Database backup 1,000,000 Kbytes or more

100
Traffic Load (Contd.)

• Protocol overhead
• IPX 30 bytes
• TCP 20 bytes
• IP 20 bytes
• Ethernet 18 8-byte preamble 12-byte
  interframe gap (IFG)
• HDLC 10 bytes

101
Traffic Behavior

• Broadcast
• Goes to all network stations on a LAN
• All ones data-link layer destination address
• FF FF FF FF FF FF
• Doesnt necessarily use huge amounts of bandwidth
• But does disturb every CPU in the broadcast domain

102
Traffic Behavior (Contd.)

• Multicast
• Goes to a subset of stations
• 01000CCCCCCC (Cisco Discovery Protocol)
• Should just disturb NICs that registered to
  receive it
• Requires multicast routing protocol on
  internetworks

103
Traffic Behavior (Contd.)

• Broadcast/multicast traffic is necessary and
  unavoidable
• share topology information
• advertise services
• locate services
• addresses and names
• No more than 20 of the network traffic,
  otherwise segment the network using routers or
  VLANs

104
Traffic Behavior (Contd.)

• Layer 2 devices, such as switches and bridges,
  forward broadcast and multicast frames out all
  ports
• Router does not forward broadcasts or multicasts
• All devices on one side of a router are
  considered part of a broadcast domain
• VLANs can also limit the size of a broadcast
  domain based on membership