Networks

1
Networks

• Chapter 18

2
18.1 The Basics

• Basic Goal when building network
• -to provide a reliable, well-documented, easy to
  maintain network that has plenty of capacity and
  room for growth
• There are big differences between WAN and LAN
  design.
• Components of the network design interact with
  each other with the design of the services that
  run on top of the network.

3
18.1.1 The OSI Model

• Open Standards Interconnection (OSI) model look
  at the network as logical layers .
• Network devices decide what path that data
  travels along the physical network, consisting of
  cables, wireless links, and network devices.
• A network device that makes those decisions based
  on hardware or MAC addresses of the host, is the
  layer 2 device
• A device that makes decisions based on the IP(or
  AppleTalk, or DECnet) address of the source or
  destination host is known as a layer 3 device.
• One that uses transport such as TCP port numbers
  is a layer 4 device.
• Refer to Table 18.1 on pg. 375 of text on the OSI
  model.

4
18.1.2 Clean Architecture

• A network architecture should be as clean as
  simple to understand.
• Should be possible to briefly describe approached
  used in designing the network and simple pictures
  to illustrate that design.
• Clean architecture makes debugging network
  problems much easier.
• Clean architectures encompass both physical and
  logical network topologies.

5
18.1.3 Network Topologies

• Network topologies changes as technologies and
  cost structures change.
• Refer to pgs. 377-380 figures 18.2-18.5.
• Star often seen in wide area, campus area, and
  local area networks. Building or piece of
  network hardware is at the center of the star and
  all other sites are connected to the center
• For WAN if all Wide area connectivity is brought
  into 1 building , that building is the center of
  the star.

6
18.1.3 Star

• A star has an obvious single-point-of-failure
  problem -A failure at the center of the star
  disrupts all connectivity between the points of
  the star.
• If all host in a building are connected to a
  single switch all connectivity is lost.
• Star topology is easy to understand, simple, and
  cost-effective to implement.
• May work well with relatively small organizations

7
18.1.3 Ring

• Ring topologies are not uncommon.
• Often used for low-level topologies such as SONET
  rings, and found in local area and campus area
  networks.
• Each network entity (piece of network hardware,
  building or site) is connected to 2 others so it
  forms a ring.
• Anyone 1 link or entity can fail without
  affecting connections between members of the ring.

8
18.1.3 Network Topology

• Adding new members to ring, in a WAN, can involve
  reconfiguring connectivity at multiple sites.
• There are many other possible network topologies,
  including the chaos, largely describes the
  topology of the Internet in the year of 2001.
• Chaotic topology proceeds when each node can pick
  anyone or more willing upstream nodes to use as
  a path to the rest of the networks.
• If no one can draw of describe it without aids,
  it is not a clean architecture.

9
Network Topology

• The Internet survives, because it is highly
  adaptive and fault tolerant.
• The chaos approach is not a reliable model to use
  in a network where availability of every
  components matters.

10
18.1.3 Logical Network Topology

• LNT is what is normally drawn as the network
  map.
• Shows only network devices that operate at layer
  3 and above (ex. Routers).
• Represents each subnetwork that is handled by 1
  or more layer 2 devices (ex. Switches) as a
  single entity.
• Simple rule of thumb about limiting network
  complexity

11
Logical Network Topology

• Network architects and senior network
  administrators at a site should all be able to
  sketch without aids the key features and basic
  structure of the network topology.
• If the need to resort to sources of information,
  the architecture is not clean and easy to
  understand.
• Logical network topology cannot be designed in
  isolation.
• Architecture of network services such as email,
  Internet access, printing, and directory services
  must influence and be influenced by the network
  architecture.

12
Flat Topology

• Flat topology, there are not layer 3 devices
  except at the egress (act of coming or going out)
  point(s).
• All machines reside in the same address block
  with the same network number and network mask.
• Ex. Machines with IP addresses 10.1.1.1 and
  10.1.1.2 and network masks of 255.255.255.0 are
  both in the 10.1.1.0/24 network block.
• Machines with the addresses 10.1.1.1 and 10.1.2.1
  with network masks of 255.255.0.0 are not in the
  same network block. One is in the 10.1.1.0/24
  block and the other is in the 10.1.2.0/24 block.

13
Flat

• All machines in a network block must have the
  same network mask.
• A flat topology has only one network block with
  all the machines in it.
• All services, file, print, authentication, and
  name services are provided by servers on the
  network.

14
Location-based topology/Functional group-based
topology

• Layer 2 networks are assigned based on physical
  location.
• All of the machines on the same floor of a
  building would be in the same network address
  block.
• Machines on different floors would be in
  different network address blocks and communicate
  through at least one layer 3 device.
• Function Group Based - Each member of a group
  that works as a functional unit is connected to
  the same (flat) network regardless of location
  (within reason).

15
18.1.4 Intermediate Distribution Frame

• IDF, fancy name for a wiring closet.
• Distribution system is the set of network closets
  and wiring that brings network connectivity out
  to the desktops.
• New innovations in network hardware require
  higher-quality copper of fiber wiring to operate
  at increased speeds.
• If you use the newest and highest quality it is
  reasonable to expect it to last for 5 years
  before network technology outpaces it.

16
Intermediate Distribution Frame

• Using cheaper, older, lower-grade requires to up
  grade sooner than if you had selected better
  cabling.
• Sites that saved money by installing cat-3
  copper when cat-5 was available paid heavily to
  convert there cable plants when Fast Ethernet
  became common.
• Primary debate on wiring in an IDF is whether to
  use punch down blocks or standard network jacks
  to terminate the connections to the desktops.

17
Intermediate Distribution Frame

• Punch down block separately terminates each of
  the individual wires that go to each network
  jack.
• Ex. Cat-5 network jack uses 8 wires, each of
  which would be terminated separately on the punch
  down block using a special tool.
• Making a connection to the desktop involves
  terminating another eight wires in the right
  place on the punch down block.

18
Intermediate Distribution Frame

• The other approach is to terminate all
  connections to desktops directly onto patch
  panels, without going through a punch down block.
  
• Bringing a network port live simply involves
  running a patch cord between the appropriate jack
  and switch.
• Refer to pgs 385-388 on IDFs and MDFs (main
  distribution frame)

19
Wiring to the Desktop

• Extra wiring to the closet is very expensive and
  disruptive to add later.
• Rather than trying to determine, for example,
  that engineering offices will have more jacks
  than marketing offices, install the same number
  of jacks at every desk and have the same amount
  in the ceiling.
• Some sites run fiber the desk but only terminate
  what they actually plan on using.

20
Wiring to the Desktop

• All wiring contractors promise a book of test
  data, but only few deliver it.
• Go to sites that they have previously wired, look
  at the work, and ask to see their test book
  before you decide which contractor to choose.
• Often the one who is the most expensive will be
  the only one to pass the test.
• Building wiring is expensive, and is not a place
  for cost and saving because the expense of fixing
  it later, or trying to debug network problems
  that turn out to be caused by the building
  wiring, is even more expensive.

21
Wiring to the Desktop

• Another thing to consider about install network
  jacks is there orientation.
• Jacks are installed in a termination box or
  face-plate, which determines which way the jacks
  face.
• If the face plat is flush, a cable that plugs
  into it will stick out from the wall, requiring
  space to make sure that the cable is not bent or
  crimped.
• Make sure that space is available.
• If the jacks are on the side of the box they can
  face up, down, left, or right.
• Jacks that face upward become buckets that catch
  dust and construction particles, which is bad.
• If they face down, it can be difficult for people
  to see how to insert cables in to them and loose
  connections will fall out.
• They recommend have jacks on the left or right of
  the termination box.

22
Main Distribution Frame

• The MDF is what connects the IDFs together and to
  the Data Center(s).
• Should be plenty of cabling between the MDF and
  the IDFs.
• Not uncommon for part of the DC to be the MDF.
  In a DC, the MDF is often referred to as the
  network row or network racks. See fig 18.7 on pg
  390.
• The MDF must have protected power because it
  connects all the server network that are on the
  protected power to each other it often connects
  the Internet, WANs, and remote access customers
  to the DCs.
• It also needs adequate cooling.

23
Main Distribution Frame

• Typically, there is a single MDF per campus.
• Large campus or one that is concerned about
  redundancy, may have more than one, with high
  bandwidth between them and redundant links to
  each of the IDFs and to Wide-Area, remote access,
  or Internet connections.
• MDF should have the same level of restricted
  access as the DC. It is the core of the network.
• Only the network administration team should need
  access to it.

24
18.1.6 Demarcation Points

• Demarcation point is the boundary between your
  organization and a utility company, such as
  telephone company, or network provider.
• Can be a fiber cabinet, a set of punch down
  blocks, a board in a jack, a piece of network
  hardware or a small plastic box (often termed as
  a brick or a biscuit) on the wall with a jack
  or socket for plugging in a cable.
• Telephone co. responsible for wiring up to its
  demarcation pt. (demarc).

25
Demarcation Points

• If you have a fault with a line, you need to be
  able to show the service engineer where the
  correct demarc is so that he doesnt end up
  trying to test and fix another operational line.
• Main thing to know about you demarcation points.
  is where they are.

26
18.1.7 Documentation

• Network documentation takes many forms. Most
  fundamental of which is labeling.
• Maps of both the physical and logical networks
  should be part of the network documentation.
• Physical network map should show where the wires
  go, and the end points or ranges of the wireless
  links.
• The amount and type of connectivity available for
  each link should be indicated.

27
Documentation

• For ex. If there are 200 pairs of copper wires
  and 20 pairs of fiber optic cables between a pair
  of buildings, the documentation should specify
  how both sets are rated and terminated and the
  distances between the termination points.
• The logical network map should show the logical
  network topology, which network numbers, names,
  and speeds.
• Should show routing protocols and administrative
  domains if those vary across the network.
• Physical and Logical network maps should reach to
  the perimeter of the organizations network and
  identify its outer boundaries.

28
Documentation

• Labeling is single most important component of
  the network documentation.
• Clear consistent labeling on patch panels and
  long-distance connections is important.
• Patch panel should indicate the physical location
  of the corresponding patch panel or jacks, and
  each connection on the panel should be clearly
  labeled at both ends.
• Long-distance connections should clearly indicate
  where the circuit goes, who to report problems
  to, and what information is required when
  reporting problems, such as circuit ID and where
  it terminates.

29
Documentation

• Less-permanent connections such as network
  connections for each host on the network, also
  should be labeled.
• Labeling on each wire is easier to maintain in a
  relatively static environment. Incorrect labels
  are worse than none at all.
• Network cables are often difficult to label.
• One of the most effective ways is to use a cable
  tie with a protruding flat tab, to which sticky
  labels can be affixed.

30
18.1.8 Simple Host Routing

• Routing within a site should be kept simple,
  predictable, and easy to understand and diagnose.
• Use simple routing techniques on hosts.
• If a host is single-homed (one with a single
  network interface that has and IP address on a
  single network or subnet.) it should have a
  single default route.
• Multi-homed host, should not route packets from
  other hosts. It should only accept traffic
  addressed to it.
• Simple host routing makes debugging network
  problems easier and more predictable.

31
Simple Host Routing

• There is also a performance problem with
  requiring hosts to perform routing.
• As the number of routes in network grows, the
  routing protocol updates be come more difficult
  to process.
• If subnet contains exactly 1 router, there is no
  need for it to broadcast the routing protocol to
  that subnet, it can be used passive mode.
• If the routing protocol uses broadcasts
  (advertising), there can be a noticeable
  performance issue even if the hosts are not
  configured to speak any routing protocols.

32
18.1.9 Use Network Devices

• Building blocks of any modern network should be
  dedicated to network devices, such as routers and
  switches, rather than general-purpose hosts that
  have been configured to do routing.
• Network devices are optimized to more packets as
  quickly as possible, they integrate better into
  network management tools, provide better
  monitoring facilities, and are simpler devices.
• One common exception to rule is fire walls
  because they are often more involved in the
  application layer than a highly tuned network
  device can be.

33
18.1.10 Overlay Networks

• An overlay network is a logical topology that
  rides on top of a physical one.
• Examples include VLAN, Frame Relay, and ATM.
• You can build a simple flat physical network and
  then construct overlay networks on top of the
  solid base to give the appearance of the more
  complicated connections that are needed.
• On the LAN level, and overlay network usually
  means creating a simple flat physical topology
  and using IEE 802.1q VLAN protocols.

34
18.1.11 Number of Vendors

• The more vendors whose equipment is on the
  network , the more interoperability problems you
  are likely to experience.
• Minimizing the number of vendor makes the network
  more reliable and easier to maintain.
• It gets the company bigger discounts on equipment
  thanks to larger volume purchasing.

35
Number of Vendors

• Exclusive use of a single vendor has its own
  problems.
• A single vendor cannot possibly make the best
  product in every area.
• Some where between extremes is a reasonable
  balance. Some sites find choosing a single
  vendor for each protocol layer or each tier of
  the network works well.

36
18.1.13 Monitoring

• To build a fast reliable network you need network
  monitoring.
• There are two primary types of network
  monitoring.
• One is real-time availability monitoring and
  alerting.
• The other is gathering data to do trend analysis
  to predict future demand or for usage-based
  billing purposes.

37
Monitoring

• For companies providing services across the
  Internet, whether it be ISPs, application service
  providers, or e-commerce sites, both types of
  monitoring are an essential part of running the
  business.
• Real-time monitoring should be incorporated into
  any existing trouble ticket and alerting system
  at your site.
• At minimum it should be able to alert you to
  network interface state transitions.

38
18.1.14Single Administrative Domain

• A network should be a single organism that moves
  traffic around in a logical, coordinated fashion.
• Having a single administrative domain means have
  a single, closely tied network administration
  team with a single management structure.
• When parts of the network team are managed by
  management structures that me at CEO level
  different parts of the company inevitably go in
  different directions following there own set of
  policies and practices.

39
Single Administrative Domain

• Security issues associated with not having a
  single administrative domain
• When different groups have control of different
  parts of the network, they probably will also
  have different policies with respect to
  connecting other networks to their piece of
  network and the security that should surround
  those connections.

40
18.2 The Icing

• There are a few additional thing beyond the basic
  task that are involved in building a network you
  can do to further improve you network.
• You must strike a balance between the risk of
  using cutting-edge, hot technologies and
  staying with older but more reliable equipment
  and technologies.

41
18.3 Conclusion

• We have look at the various aspects of designing
  and building a network.
• Because network technology changes rapidly, some
  of these areas change significantly over time.
• In this chapter we have discussed ways that
  technology as changed networks, as well as the
  areas that always need to be considered.

42
Email Service

• Chapter 19