Network Management
Download
Report
Transcript Network Management
Chapter (4)
Layer 2 LAN Technologies
A LAN interconnects network components located
geographically close, such as the floor of a building, within
a building, or on a campus.
The LAN infrastructure used is built and owned by a
company or other organization. Typically, no external
provider, such as a telephone company, is used to connect
different parts of the LAN. LANs can scale from very small
sizes, such as a small office/home office (SOHO), to a large
corporation spanning multiple buildings on a campus,
commonly referred to as an enterprise LAN.
Common components you’ll find in a LAN include computers (PCs and
servers), interconnections (network interface cards and media types
such as cabling and wireless), network devices (routers, switches, hubs,
firewalls, intrusion detection/ prevention systems, and so on), and
protocols (Ethernet and TCP/IP).
The main function of all of these components is to allow users to access
applications and data, to share resources such as printers and network
storage, and to connect to other networks if necessary.
Ethernet Operation
Ethernet is a LAN technology that functions at the data
link layer.
Ethernet uses the Carrier Sense Multiple Access/Collision
Detection (CSMA/CD) mechanism to send information in
a shared environment. Ethernet was initially developed
with the idea that many devices would be connected to the
same physical piece of wiring.
The short form CSMA/CD describes the actual process of
how Ethernet operates on a shared medium.
Collision Domains
Because Ethernet experiences collisions, networking
devices that share the same medium (are connected to the
same physical segment) are said to belong to the same
collision or bandwidth domain. This means that, for better
or worse, traffic generated by one device in the collision
domain can adversely affect other devices in the same
domain
Framing
One of the main differences between IEEE’s and Ethernet
implementation of Ethernet is the framing used. that framing defines
the format of information as it’s carried across a data link layer
medium.
A frame standardizes the fields in the frame and their lengths so that
every device understands how to read the contents of the frame. The
next sections discuss the framing that IEEE uses with the 802.3 and
802.2 standards and what Ethernet uses.
Addressing
Recall from Chapter 2 that Ethernet, as well as other
LAN technologies such as FDDI and Token Ring, use
MAC, or hardware, addresses to uniquely identify
devices on a segment (physical or logical). MAC
addresses are represented using a hexadecimal
addressing scheme.
You should be familiar with decimal, binary, and
hexadecimal numbering, since you might be expected
to convert decimal numbers to binary (and vice versa),
decimal to hexadecimal (and vice versa), and binary to
hexadecimal (and vice versa).
Bit Values
Before you can begin to understand the conversion process, you
need to understand binary mathematics. Computers and
networking components process everything in binary. In 1 byte
(octet), there are 8 bits. Each bit in a byte, when enabled (turned
on), represents a specific decimal value. Table 3-5 shows the
conversion of a specific bit position, in a byte, when it is enabled.
In this table, the bit positions are labeled from left to right, where
the leftmost bit is the most significant and the rightmost bit is the
least significant. A bit can contain one of two values: 0 or 1. If it is
enabled (set to 1), then that equates to a particular decimal value,
shown in the second row of
Table 3-5. If it is disabled (set to 0), then this equates to a decimal
value of 0. Higher order bits have a higher-numbered bit position
(such as bit position 8), while lower order bits have a lowernumbered bit position (such as bit position 1).
* To convert the binary byte value to a decimal value, you look at all
the bits that are turned on and add up the equivalent decimal
values.
Problems and Limitations of Ethernet:
Even though Ethernet is the main layer 2 technology used in
LAN networks for many years, it does have two main
disadvantages:
■ Distance
■ Collisions
The following sections discuss these two problems in depth,
and the rest of the chapter will cover some unique solutions
commonly found in Ethernet-based networks today.
Distance and Extension of LANs:
One of the initial problems with Ethernet was that you were limited
to the length of a segment because copper was used as a media
type: 10Base5 supported 500 meters and 10Base2 supported 185
meters. When 10BaseT was introduced, using unshielded twisted
pair (UTP) cabling, the distance limitation shrunk even further:
100 meters.
One issue of using copper as a transmission medium is that as
the signal travels down the copper wire, the signal slowly
degrades because of noise in the line, the signal losing strength,
and issues with devices not specifically following the rules defined
by CSMA/CD.
One solution is to use a physical layer repeater to repeat the signal to
deal with noise and signal strength. With 10BaseT, a hub, a multiport
physical layer repeater, is used to perform this function. A hub takes a
signal received on one interface and repeats it across all other
available interfaces. The main problem with a hub is that if the signal
is bad, the hub repeats the bad signal: bad in, bad out.
CSMA/CD also causes issues. For example, with CSMA/CD, when a
device places a frame on a wire, it listens on the wire for a
predetermined time period to determine whether a collision occurs. If
no collision is detected during this time period, the source assumes
that everyone on the segment successfully received the frame.
Solutions to Collision Problems:
Bridges were originally used to solve collision and bandwidth problems.
Each port connected to a bridge is a separate collision domain. When a
frame is pulled into a port on a bridge, the bridge checks the frame’s
field checksum sequence (FCS), and if the FCS if valid, the frame is
forwarded out of a destination port or ports. Recall from Chapter 3 that
the FCS is a checksum to ensure that the destination can check that the
Ethernet frame has not been corrupted.
Basically, the bridge is creating the illusion that all physical segments to
which it is connected are actually one large logical segment. All devices
connected to this logical segment are in the same broadcast domain—
this makes sense because bridges flood broadcasts. Note that if you are
having problems with large amounts of broadcasts, bridges will not
solve these problems.
The problem with this implementation is that the longer the cable is,
the longer the time period required to accommodate the signal
traveling to the two endpoints of the cable. Therefore, the cable
can’t be of infinite length. Because of this issue, we have different
standards of Ethernet that allow for maximum lengths of the cable. If
a device has a 10Base5 interface, its NIC knows that it must listen
on the wire based on the amount of time it takes for an electrical
signal to travel 500 meters, whether or not the cable happens to be
this long.
Network ..Subnet
A subnet is a logical organization of network address
ranges used to separate hosts and network devices
from each other to serve a design purpose. In many
cases, subnets are created to serve as physical or
geographical separations similar to those found
between rooms, floors, buildings, or cities.
Subnetting is used to break the network into smaller
more efficient subnets to prevent excessive rates of
Ethernet packet collision in a large network. Such
subnets can be arranged hierarchically, with the
organization's network address space partitioned into
a tree-like structure. Routers are used to manage traffic
and constitute borders between subnets.
And this is sample shows an IP address represented in both
binary and decimal.
10. 1. 23. 19 (decimal) 00001010.00000001.00010111.00010011
(binary) These octets are broken down to provide an
addressing scheme that can accommodate large and small
networks. There are five different classes of networks, A to E.
This document focuses on addressing classes A to C, since
classes D and E are reserved and discussion of them is beyond
the scope of this document.
Network Masks
A network mask helps you know which portion of the address
identifies the network and which portion of the address
identifies the node. Class A, B, and C networks have default
masks, also known as natural masks, as shown here:
Class A: 255.0.0.0 Class B: 255.255.0.0 Class C: 255.255.255.0
An IP address on a Class A network that has not been
subnetted would have an address/mask pair similar to:
8.20.15.1 255.0.0.0. To see how the mask helps you identify the
network and node parts of the address, convert the address
and mask to binary numbers.
8.20.15.1 = 00001000.00010100.00001111.00000001 255.0.0.0 =
11111111.00000000.00000000.00000000 Once you have the address
and the mask represented in binary, then identifying the network
and host ID is easier. Any address bits which have corresponding
mask bits set to 1 represent the network ID. Any address bits that
have corresponding mask bits set to 0 represent the node ID.
8.20.15.1 = 00001000.00010100.00001111.00000001 255.0.0.0 =
11111111.00000000.00000000.00000000 ----------------------------------net id | host id netid = 00001000 = 8 hostid =
00010100.00001111.00000001 = 20.15.1
-Decimal&Hexadecimal Convert the decimal number 650 to hexadecimal by
repeated division by 16.
650 = 40.625
0.625 x 16 = 10 = A (LSD)
16
40 = 2.5
0.5 x 16 = 8 =
8
16
2 = 0.125
0.125 x 16 = 2 = 2 (MSD)
16
The hexadecimal number is 28A
A network bridge connects multiple network segments at the data
link layer (layer 2) of the OSI model, and the term layer 2 switch is
very often used interchangeably with bridge. Bridges are similar to
repeaters or network hubs, devices that connect network segments at
the physical layer; however, with bridging, traffic from one network is
managed rather than simply rebroadcast to adjacent network
segments. In Ethernet networks, the term "bridge" formally means a
device that behaves according to the IEEE 802.1D standard—this is
most often referred to as a network switch in marketing literature
Bridges tend to be more complex than hubs or repeaters.
Bridges can analyze incoming data packets to determine if
the bridge is able to send the given packet to another
segment of the network.
Since bridging takes place at the data link layer of the OSI
model, a bridge processes the information from each frame
of data it receives. In an Ethernet frame, this provides the
MAC address of the frame's source and destination. Bridges
use two methods to resolve the network segment that a
MAC address belongs to.
Bridging (networking)
Bridging is a forwarding technique used in packet-switched computer
networks .Unlike routing ,bridging makes no assumptions about where in a
network a particular address is located. Instead, it depends on flooding and
examination of source addresses in received packet headers to locate unknown
devices. Once a device has been located, its location is recorded in a table
where the MAC address is stored so as to preclude the need for further
broadcasting.
The utility of bridging is limited by its dependence on flooding, and is thus
only used in local area networks .Currently, two different bridging technologies
are in widespread use .Transparent bridging predominates in Ethernet
networks, while source routing is used in token ring networks. Thus, bridging
allows you to connect two different networks seamlessly on the data link layer ,
e.g. a wireless access point with a wired network switch by using MAC
addresses as an addressing system. A bridge and switch are very much alike.
Bridging versus routing
Bridging and routing are both ways of performing data control, but work
through different methods. Bridging takes place at OSI Model Layer 2( DataLink Layer) while Routing takes place at the OSI Model Layer 3( Network
Layer). This difference means that a bridge directs frames according to
hardware assigned MAC addresses while a router makes its decisions according
to arbitrarily assigned IP Addresses .As a result of this, bridges are not
concerned with and are unable to distinguish networks while routers can.
When designing a network, one can choose to put multiple segments into one
bridged network or to divide it into different networks interconnected by
routers. If a host is physically moved from one network area to another in a
routed network, it has to get a new IP address; if this system is moved within a
bridged network, it doesn't have to reconfigure anything. These days bridges
are replaced by switches
switch is a marketing term rather than a technical one.[citation needed]
Switches may operate at one or more OSI layers, including physical,
data link, network, or transport (i.e., end-to-end). A device that
operates simultaneously at more than one of these layers is called a
multilayer switch, although use of the term is diminishing.[citation
needed]
In switches intended for commercial use, built-in or modular interfaces
make it possible to connect different types of networks, for example
Ethernet, Fibre Channel, ATM, ITU-T G.hn and 802.11. This
connectivity can be at any of the layers mentioned. While Layer 2
functionality is adequate for speed-shifting within one technology,
interconnecting technologies such as Ethernet and token ring are
easier at Layer 3.
Interconnection of different Layer 3 networks is done by routers. If
there are any features that characterize "Layer-3 switches" as opposed
to general-purpose routers, it tends to be that they are optimized, in
larger switches, for high-density Ethernet connectivity.
In some service provider and other environments where there is a need
for much analysis of network performance and security, switches may
be connected between WAN routers as places for analytic modules.
Some vendors provide firewall, network intrusion detection, and
performance analysis modules that can plug into switch ports. Some of
these functions may be on combined modules.
In other cases, the switch is used to create a mirror
image of data that can go to an external device. Since
most switch port mirroring provides only one mirrored
stream, network hubs can be useful for fanning out
data to several read-only analyzers, such as intrusion
detection systems and packet sniffers.
Connectionless Forwarding
This is termed destination-based connectionless
forwarding
How does each router know the correct local
forwarding decision for any possible destination
address?
Through knowledge of the topology state of the network
This knowledge is maintained by a routing protocol
Routing Protocols
Distribute the knowledge of the current topology state
of the network to all routers
This knowledge is used by each router to generate a
forwarding table, which contains the local switching
decision for each known destination address
Routing Protocols
correct operation of the routing state of a network is
essential for the management of a quality network
service
accuracy of the routing information
dynamic adjustment of the routing information
matching aggregate traffic flow to network capacity
ISP Routing Tasks
customers
internal
peer / upstream
Exterior routing
Interior routing
Customer routing
Interior Routing
discovers the topology of a network through the
operation of a distributed routing protocol
Path Selection
R1
R4
5
R7
40
45
5
10
20
5
6
R6
R2
A
10
4
15
10
R3
5
R5
Minimum cost from A to B is 39 units
10
B
R8
Dynamic Path Adjustment
R1
R4
5
R7
40
45
5
10
20
5
6
R6
R2
A
10
15
B
R8
4
R3
5
R5
10
If R5 – R7 breaks, minimum cost path from A to B is
Now 46 units
Interior Routing Protocols
describe the current network topology
Routing protocols distribute how to reach address
prefix groups
Routing protocols function through either
distributed computing model (distance vector)
parallel computing model (link state)
Routing Protocols
Distance Vector Routing Protocols
Each node sends its routing table (dest, distance) to all
neighbors every 30 seconds
Lower distances are updated with the neighbor as next
hop
cannot scale
cannot resolve routing loops quickly
RIP is the main offender
Routing Protocols
Link State Routing Protocols
Each link, the connected nodes and the metric is
flooded to all routers
Each link up/down status change is incrementally
flooded
Each router re-computes the routing table in parallel
using the common link state database
OSPF is the main protocol in use today
Suggestions
Just engineering a physical link does not ensure that
traffic will flow
some system somewhere must provide routing
information about how to reach the newly connected
network
Installing backup circuits is easy, making the routing
work may not be
Suggestions
need a clear understanding of how the client networks
want their traffic to flow before you can start making
routing configuration changes
Interior and Exterior Routing
Protocols
Interior
Route
AS1
Space
Interior
Route AS1221
Space
Exterior Routing Space
Interior
Route
Space
Interior
Route
AS3561
Space
AS2402
Interior
Route
Space
AS701
Exterior Routing Protocols
You tell me all the address prefixes you can reach, but don’t
tell me the path you use to get there
I’ll tell you the same
If anything changes, please let me know
If you tell me an address I’ll send you traffic destined to
that address.
If I tell you an address I will accept traffic destined to that
address
Exterior Routing Protocols
Border Gateway Protocol version 4 (BGP4)
Each interior route collection is described by an
Autonomous System (AS) number
Internal topology is hidden
Routes are announced with associated AS value
139.130.0.0/16 + AS 1221
BGP example
AS 1221
139.130.0.0/16
203.10.60.0/24
148.10.0.0/16 3561
24.192.36.0/24 3561
202.23.45.0/23 3561
AS 3561
148.10.0.0/16
24.192.36.0/24
202.23.45.0/23
139.130.0.0/16 1221
203.10.60.0/24 1221
BGP Example of TRANSIT
AS 3561
AS 1221
139.130.0.0/16 i
203.10.60.0/24 I
148.10.0.0/16 3561
24.192.36.0/24 3561
202.23.45.0/23 3561
210.10.0.0/16 3561,5727
139.1.0.0/16 3561,5727
148.10.0.0/16 i
24.192.36.0/24 i
202.23.45.0/23 i
AS 5727
210.10.0.0/16 5727
130.1.0.0/16 5727
139.130.0.0/16 1221
203.10.60.0/24 1221
210.10.0.0/16 i
130.1.0.0/16 I
148.10.0.0/16 3561
24.192.36.0/24 3561
202.23.45.0/23 3561
139.130.0.0/16 3561,1221
203.10.60.0/24 3561,1221
Exterior Routing Protocols
Internal transit paths use I-BGP
A
AS 1221
AS 3561
B
AS 5727
Q: How does router A tell router B about AS1221 addresses?
A: Router A sets un an INTERIOR BGP session with router B
Exterior Routing Protocols
AS 1221
AS 1
I-BGP
E-BGP
AS3561
AS 2402
AS 701
Exterior
Routing
Protocols
Normally chose minimal AS path length
203.10.60.0/24 701,3561,1221
203.10.60.0/24 5727,1221
Selected path is via peer session to AS 5727 as this
Is 1 AS shorter that the other path
Exterior POLICY
How can I share the traffic load between 2 or more exterior
providers?
How can I create a backup link to support my main exterior
link?
You can bias minimal path selection by AS path filter lists
or community attributes or local preferences
Exterior Routing Protocols plus
Policy
AS 1
Accept AS paths
1221
2402
1221,3561
2402,701
AS 1221
AS 3561
AS 2402
AS 701
external Routing Protocols plus
Policy
policy settings control
what you advertise to your immediate peers
What you accept from your immediate peers
What transits you will accept (send traffic)
you cannot control
transit path of received traffic
symmetry of transit policy