Transcript ITEC275v2

ITEC 275
Computer Networks – Switching,
Routing, and WANs
Week 2
Robert D’Andrea
Winter 2016
Agenda
• Review Chapter #1 and 2
– Business Goals
– Business Constraints
• Analyzing Technical Goals Chapter #2
– Technical Goals
– Technical Constraints
• Introduce homework problems
• Lab Meetings
Typical Business Goals
•
•
•
•
•
•
•
•
Increase revenue
Increase profits
Reduce costs
Improve communications
Shorten product development cycle
Expand into worldwide markets
Build partnerships with other companies
Offer better customer support or new customer
services
Typical Business Goals
•
•
•
•
•
•
•
Improve in house training for employees
Use a JIT manufacturing approach
Avoid material shortages
Improve security
Modernize technologies
Improve data center operations
Monitor and reduce network traffic
Network Design and Implementation
Cycle
Analyze
requirements
Monitor and
optimize
network
performance
Develop
logical
design
Develop
physical
design
Implement
and test
network
Test, optimize,
and document
design
Network Design Steps
• Phase 1 – Analyze Requirements
– Analyze business goals and constraints
– Analyze technical goals and tradeoffs
– Characterize the existing network
– Characterize network traffic
Network Design Steps
• Phase 2 – Logical Network Design
– Design a network topology
– Design models for addressing and naming
– Select switching and routing protocols
– Develop network security strategies
– Develop network management strategies
Network Design Steps
• Phase 3 – Physical Network Design
– Select technologies and devices for campus
networks
– Select technologies and devices for enterprise
networks
Network Design Steps
• Phase 4 – Testing, Optimizing, and
Documenting the Network Design
– Test the network design
– Optimize the network design
– Document the network design
Top-Down Software Design Steps
The PDIOO Network Life Cycle
Plan
Design
Retire
Optimize
Implement
Operate
Software Life Cycle
Software Life Cycle Costs
Recent Business Priorities
•
•
•
•
•
Mobility
Security
Resiliency (fault tolerance/robustness)
Business continuity after a disaster
Network projects must be prioritized based on
fiscal goals
• Networks must offer the low delay required
for real-time applications such as VoIP and
video
Business Constraints
•
•
•
•
Budget
Staffing
Schedule
Politics and policies
Cisco Enterprise 3 Layer Design
Cisco Enterprise 3 Layer Design
Core Layer:
• Core of the network
• Responsible for transporting large amounts of
traffic reliably and quickly.
• Switch traffic as fast as possible
• If there is a failure at the core layer, every single
user can be affected.
Cisco Enterprise 3 Layer Design
Distribution Layer:
• Communication point between the Core and
Access Layer
• Provide routine
• Provide filtering
• WAN access
• Determine how packets can access the core
Cisco Enterprise 3 Layer Design
Access Layer:
• Controls user and workgroup access to
internetwork resources
• Sometimes referred to as the desktop layer
• Resources usually are accessible locally
Cisco Enterprise 3 Layer Design
Cisco Enterprise 3 Layer Design
Cisco Enterprise 3 Layer Design
Cisco Enterprise 3 Layer Design
Cisco Enterprise 3 Layer Design
Network Technical Goals
•
•
•
•
•
•
•
•
Scalability
Availability
Performance
Security
Manageability
Usability
Adaptability
Affordability
Scalability
Scalability refers to the ability to grow a network with
existing hardware and software.
• How much growth is anticipated within the next 5
years? To ask a company to predict it’s growth for the
next 5 years is a difficult prediction.
• Large companies expand more rapidly (users,
applications, external networks, and new sites) than
smaller ones.
• Expanding Access to Data
1970 - 1980 data stored on mainframes
1980 – 1990 data stored on servers
1990 – present data stored on centralized
mainframes and servers
2010 – present data stored on cloud
Scalability
• 80/20 Rule
Is based on 80 percent local in-house usage
and 20 percent external Internet use. At the
present time, the 80/20 Rule is moving to the
other side of the scale. There is more external
Internet access by employees in companies on a
daily basis (20/80) than allowed or tolerated in
the past.
Some companies allow access with other
companies, resellers, suppliers, and strategic
customers. Introduction of the extranet.
The extranet is used to describe an internal
internetwork that is accessible by outside users.
Scalability
The business goal of making
data available to more departments,
employees, and off site offices often
results in a technical goal of using
the mainframe as a powerful
database server.
Scalability
• Some technologies are more scalable than others.
Flat network designs at Layer 2 ( switch), do
not scale well.
Top-down network design offers more
flexibility in accommodating changes such as
hardware, software, and support staff. Top-down
network design is an iterative process. Scalability
goals and solutions are re-evaluated on a regular
basis throughout the phases of the network design
process.
Scalability Constraints
Constraints often affect scalability inherent in
network technologies.
Selecting technologies that meet the customers
scalability goals initially is a difficult process,
especially if it is done without some planning. If
there is a radical departure made in the design from
the initial plan, the cost factor for enhancing the
network could be significant.
Scalability
During the initial design phase, extract
information from the customer about their site. A
network designer needs information about current and
future network activity.
- Number of sites to be added in the next 5
years
- What functionality will be needed at
each of these sites?
- How many users will be added in the next
5 years?
- How many more servers and mainframes will be
added to a server farm or individual
departments?
Availability
Availability is the amount of time a network is
operational – that is, how long it is transferring data
or other transactions. Availability can be expressed
as a percent of uptime per year, month, week, day, or
hour, compared to the total time in that period.
For example:
• 24/7 operation
• Network is up for 165 hours in the 168-hour
week
• Availability is 98.21%
Availability
• Different applications and areas of a network may
require different levels of availability. Availability
could be considered a critical goal for a network
design customer if indicated by the customer.
• Some enterprises may want 99.999% or “Five
Nines” availability
Availability
From a customers perspective, they want to
know how much time the network will be
operational.
Availability is linked to reliability.
• Reliability addresses a list of issues, which include
accuracy, error rates, stability, and the time
between failures.
Availability
• Redundancy is a solution to a goal of high
availability. In this manner, redundancy means
adding duplicate links or devices to a network
configuration to avoid network outages.
• Disaster Recovery
Natural disaster – floods, fires, hurricanes,
and earth quakes.
Satellite outages – meteorite storms,
collisions in space, solar flares, and
system failures
Availability
• Unnatural disaster – bombs, terrorist attacks,
riots, or hostage situation.
• Resiliency is the amount of stress a network can
handle over time and how quickly the network can
rebound or spring back from security breaches,
natural and unnatural disasters, human error, and
catastrophic software or hardware failures.
Availability
Note: Bank check clearing process after 9/11.
A main goal in the planning process would be
to recognize which parts of the network are more
critical than others.
The disaster recovery plan should include
keeping data backed up in one or more places that
are unlikely to be affected by the disaster. Secondly,
the technologies affected by the disaster should be
resumed by another site with similar technologies.
Note: Canada’s underground facility.
Availability
Personnel must be considered an important
resource when planning for a disaster recovery. Eyes
on the ground are essential.
Consider using Virtual Private Network
(VPN) to access the corporate office when disaster
recovery occurs.
Providing VPN service to mission critical staff
to work from home or a remote location. VPN
service in the case of a disaster would allow this staff
to begin building the damaged system without being
involved at the site where there may be disease and
contamination.
Availability
Why Do People Use VPNs?
Virtual Private Network is used to secure your
connection and increase the privacy there of.
In addition to the use cases we highlighted
above (securely accessing a remote network as if you
were connected to the network as a local user) there
are also some very valuable use cases that are more
outwardly focused. Why would someone want to, as
we mentioned above, use their computer in Sydney,
Australia but appear (to all the websites and services
they use) as if they were in the United States?
Availability
Why Do People Use VPNs?
Many services are geographically blocked. If
you’re a reader outside the US who has visited a
popular YouTube video only to be informed “This
video is not available in your country,” or some
variant thereof, you’ve experienced geo-blocking.
You’ve also experienced it if you’ve attempted to
watch Netflix in a country not currently supported by
Netflix.
Availability
Why Do People Use VPNs?
Even when you can access a service like
Netflix in your country there are often incongruences
between what is available in the primary market
(typically the US) and the market you’re in. In
addition to absent videos many people (we’re
looking at you, Australians) have to deal with
insanely high import taxes on software that see them
paying twice (or more) what US consumers pay for
the same products.
Availability
Why Do People Use VPNs?
On a more serious note, an unfortunately large
number of people live in countries with high levels
of overt censorship and monitoring (like China) and
countries with more convert monitoring (like the
US); one of the best ways to get around censorship
and monitoring is to use a secure tunnel to appear as
if you’re from somewhere else altogether.
Availability
Why Do People Use VPNs?
In addition to hiding your online activity from
a snooping government it’s also useful for hiding
your activity from a snooping Internet Service
Provider (ISP). If your ISP likes to throttle your
connection based on content (tanking your file
downloads and/or streaming video speeds in the
process) a VPN completely eliminates that problem
as all your traffic is traveling to a single point
through the encrypted tunnel and your ISP remains
ignorant of what kind of traffic it is.
Availability
Why Do People Use VPNs?
In short a VPN is useful anytime you want to
either hide your traffic from people on your local
network (like the person who controls the free Wi-Fi
at the shop you’re working at), your ISP, or your
government and it’s also incredibly useful to trick
services into thinking you’re right next door when
you’re an ocean away.
Availability
Availability
Availability
• A virtual private network (VPN) extends a private
network across a public network, such as the Internet. It
enables a computer or network-enabled device to send and
receive data across shared or public networks as if it were
directly connected to the private network, while benefiting
from the functionality, security and management policies
of the private network. A VPN is created by establishing a
virtual point-to-point connection through the use of
dedicated connections, virtual tunneling protocols, or
traffic encryptions. Major implementations of VPNs
include OpenVPN and IPsec.
Availability
Availability
• Testing
It is important to require employees to be part
of drills in the event of a disaster. This
includes visiting remote sites, and utilizing
the available equipment. Keeping the remote
equipment hardware and software at release
levels similar to the main operations center.
• Availability Requirements
Uptime 99.95 % - network is down 5 minutes
per week
Availability
• Uptime Five Nines(99.999) - hard to achieve.
Involves staff, equipment redundancy, and
software.
24/7 equals 8760 hours
- Hot swappable boards
- No maintenance window
- In-service updates
- Triple Redundancy
One active
One active standby
One standby or maintenance
Availability
• Cost of Downtime
– Each critical application should be documented. How
much money the company loses per minute/hour of
downtime.
– Third party network management
Availability
• MTBF is mean time before failure
– 4000 hours goal
• MTTR is mean time to repair
– One hour goal
MTBF and MTTR are used to calculate
available goals when the customers wants to specify
explicit periods of uptime and downtime, rather than
a simple percent uptime value.
Availability = (MTBF / (MTBF + MTTR))
Availability
• A typical MTBF equals 4000hours.
• A typical MTTR is 1 hour
Availability = MTBF / (MTBF + MTTR)
Availability = 4000 / (40000 + 1)
Goal 99.98 percent
• Mean times might be different in different parts of
the network. The goal of a Cisco core layer in an
enterprise network are more stringent than those
goals for a switch.
Availability
• Vendors provide MTBF and MTTR estimates for
their products.
• It is advisable to research independent lab results
for MTBF and MTTR estimates before making a
final conclusion about a product.
Network Performance
Network performance refers to measures of service
quality of component(s) as seen by the customer.
• The performance of a circuit-switched network would
involve the number of rejected calls as a measure of how
well the network is performing under heavy traffic loads.
Other types of performance measure might include noise,
and echo.
• The ATM network performance can be a measure by line
rate, QoS, data throughput, connect time, stability,
technology, modulation technique.
Network Performance
• Performance of a network also includes accuracy,
efficiency, delay, and response time.
• Common performance factors include
– Bandwidth (capacity)
– Throughput
– Bandwidth utilization
– Offered load
– Accuracy
– Efficiency
– Delay (latency) and delay variation
– Response time
Network Performance
• Utilization is normally specified as a percent of capacity.
• Optimum average network utilization is approximately 70
percent. This means that peaks in the network traffic can
probably be handled without noticeable performance
degradation.
• Normally, WANs have less capacity than LANs. When
setting up the utilization estimate for a WAN links, more
consideration is required regarding the bandwidths. WAN
links are designed with bandwidths that offer little, if any
extra capacity for incidental traffic because WAN links are
expensive.
• LANs are overbuilt with full-duplex Giga-bit Ethernet
links to servers and 100-Mbps Giga-bit Ethernet links to
clients.
Network Performance
• Point-To-Point transmission is a full duplex
link that connects a switch to a server or
some other switch. It is possible to consume
all the bandwidth, depending on the traffic
load or behavior. At times, network traffic is
appears in bursts.
Network Performance
• Throughput is the quantity of error-free data
that is transmitted per unit of time. The
assessment of the amount of data that can be
transmitted per unit of time. Throughput is
typically the same as capacity. Customers
specify throughput goals in terms of number
Packets Per Second (PPS).
• Vendor use either PPS or Cells Per Second
(CPS) from their independent tests conducted
on their product(s). Many internetwork devices
can forward packets a theoretical maximum,
which is called wire speed.
Network Performance
• Bandwidth means capacity and is normally
fixed. A measure of the width of a range of
frequencies.
Example: PVC pipe with water running
through it.
• Capacity depends on the physical IOS layer.
The capacity of a network should be
adequate to handle bursts of data.
Network Performance
• Goodput is the number of useful bits of
information at the application layer
considered throughput. This information is
delivered by the network to a certain
destination, per unit of time. This is related
to the amount of time from the first bit of
the first packet is sent until the last bit of the
last packet is delivered. Goodput is a
measure of good and relevant application
layer data transmitted per unit of time.
Network Performance
• Application Layer Throughput
Vendors refer to the application layer
throughput as goodput. Being called
goodput, heightens the fact that it is a
measure of good and relevant
application layer data transmitted per
unit of time. Throughput means bytes
per second (BPS). Applications using
throughput as goodput would file
transfers and data base applications.
Network Performance
Factors that constrain the application layer
throughput.
• End-to-end error rates
• Protocol functionality, handshaking, windows, and
acknowledgements
• Protocol parameters, frame size and
retransmission timers
• Packets Per Second (pps) and Cells Per Second
(cps) rate of internetworking devices
• Lost packets or cells at the internetworking
devices
• Workstation and server performance factors
Network Performance
• Accuracy is paramount when sending and receiving
data. The data sent over the wire is expected to be
identical to the data received at the destination.
• Typical causes of data errors.
- Power surges or spikes
- Impedance mismatches
- Poor physical connections
- Failing devices
- Noise from electrical devices
- Some specific software bugs
Network Performance
• WANs links accuracy is based on bit error rate
(BER). WAN links are on a serial interface, and
collision errors should never occur.
Analog links BER threshold 1 in 105 (100,000)
Copper links BER threshold 1 in 106 (1,000,000)
Fiber optic links BER threshold 1 in 1011
Digital BER threshold is considerably lower than
analog links
Network Performance
• LANs links accuracy is based on frames and not
bits. A good threshold is 1 in 106
Network Performance
• Ethernet errors usually result from
collisions. The error is termed, Cyclic
Redundancy Check (CRC).
• Errors can occur at the preamble, past the
preamble, and beyond the 64 bytes after the
preamble.
Network Performance
Not registered - First eight byte preamble of a
frame
Registered – First sixty four bytes of a data
frame (considered a runt frame)
Illegal (late) – after the first 64 bytes
Collisions should never occur when using
full-duplex Ethernet
WAN collisions should never occur.
Network Performance
• Accuracy refers to the number of error-free frames
transmitted relative to the total number of frames
transmitted.
• Efficiency is a measurement of how effective an operation
is in comparison to the cost in effort, energy, time, and
money.
Note: Large and small frame sizes.
Large frame make better use of bandwidth and improve
application throughput. Bigger frames introduce more bit
errors and a need for an elaborate recovery procedure.
• Response delays are expected to be minimal.
– Variations in delay, called jitter
Network Performance
- Jitter causes disruptions in voice and
video streams.
- Telnet protocol
- Customer perspective on running any
delay-sensitive applications
Delays in voice and video streams will
be a major consideration to be discussed with
the customer.
Network Performance
Serialization delay is the time to put
digital data on a transmission line. Using too
large of data frame can cause delays if the
shared transmission line includes time
sensitive data (like voice or video).
Network Performance
• Propagation delay is the amount of time it
takes for the head of the signal to travel from
the sender to the receiver (186,000 miles per
second)
• Serial delay is the time to put digital data onto
a transmission line.
• Packet-switching delay is the latency accrued
when switches and routers forward data.
– DRAM
– SRAM
Dynamic Random Access Memory
• Dynamic random-access memory (DRAM) is a type
of random-access memory that stores each bit of data
in a separate capacitor within an integrated circuit.
The capacitor can be either charged or discharged;
these two states are taken to represent the two values
of a bit, conventionally called 0 and 1. Since
capacitors leak charge, the information eventually
fades unless the capacitor charge is refreshed
periodically. Because of this refresh requirement, it is
a dynamic memory as opposed to SRAM and other
static memory.
Dynamic Random Access Memory
• The advantage of DRAM is its structural simplicity;
only one transistor and a capacitor are required per
bit, compared to four or six transistors in SRAM.
Static Random Access Memory
• Static Random Access Memory (Static RAM or
SRAM) is a type of RAM that holds data in a static
form, that is, as long as the memory has power.
Unlike dynamic RAM, it does not need to be
refreshed. SRAM stores a bit of data on four
transistors using two cross-coupled inverters. The two
stable states characterize 0 and 1. During read and
write operations another two access transistors are
used to manage the availability to a memory cell.
Static Random Access Memory
• To store one memory bit it requires six metal-oxidesemiconductorfield-effect transistors (MOFSET).
MOFSET is one of the two types of SRAM chips; the
other is the bipolar junction transistor. The bipolar
junction transistor is very fast but consumes a lot of
energy. MOFSET is a popular SRAM type. The term
is prononuced "S-RAM", not "sram."
Network Performance
• Queuing delay is the time a job waits in
a queue until it can be executed.
A good rule is to inform the customer
that they should experience less than
delay 1 or 2 percent
• Response time is the network performance
goal that users are interested in. Users begin
to get frustrated if the response is longer
then 1/10th (100 ms) of a second.
Security
• Focus on requirements first (MD5 / AES combined)
• Detailed security planning later (Chapter 8)
• Identify network assets
– Including their value and the expected cost
associated with losing them due to a security
problem.
• Analyze security risks
– Hackers compromise a network device, such as a
switch, router, server, firewall, or IDS.
Network Assets
•
•
•
•
•
•
•
Hardware
Software
Applications
Data
Intellectual property
Trade secrets
Company’s reputation
Security Risks
• Hacked network devices
– Data can be intercepted, analyzed, altered, or
deleted
– User passwords can be compromised
– Device configurations can be changed
• Reconnaissance attacks
• Denial-of-service attacks
• Security should not disrupt the company’s
business.
Note: BOTNETS and high capacity servers.
Manageability
Some customer goals are specific. They want to visualize problems
occurring on the network. They use SNMP to capture the number of
bytes each router receives and sends.
• Fault management – detecting, isolating, and correcting
problems.
• Configuration management – controlling, operating, identifying,
and collecting data
• Accounting management – accounting of network usage to
allocate costs to network users and/or plan for changes in
capacity requirements.
• Performance management – analyze traffic and application
behavior to optimize a network, meet service-level agreements,
and plan for expansion.
• Security management- Monitoring and testing security and
protection policies, maintaining passwords, encryption keys, and
auditing adherence to security policies.
Usability
• Usability: the ease of use with which network users
can access the network and services. VPN might be a
consideration for flexible access.
• Networks should make users’ jobs easier
• Some design decisions will have a negative affect on
usability:
– Strict security, for example financial institutions
and government offices
Adaptability
• Avoid incorporating any design elements that
would make it hard to implement new
technologies in the future.
• Change can come in the form of new
protocols, new business practices, new fiscal
goals, new legislation.
• A flexible design can adapt to changing traffic
patterns and Quality of Service (QoS)
requirements.
Affordability
• A network should carry the maximum amount
of traffic possible for a given financial cost.
• Affordability is especially important in campus
network designs.
• WANs are expected to cost more, but costs can
be reduced with the proper use of technology
– Quiet routing protocols, for example
Making Tradeoffs
• Scalability
• Availability
• Network performance
• Security
• Manageability
• Usability
• Adaptability
• Affordability
Total (must add up to 100)
20
30
15
5
5
5
5
15
100
Making Tradeoffs
Mimic Lab Assignments
Lab #1:
Due date: February 7, 2016
Lab #2:
Due date: March 13, 2016
Lab #3:
Due date: April 10, 2016
Midterm Exam February 22 - 27, 2016
Final Exam April 11 – 16, 2016
This Week’s Outcomes
•
•
•
•
•
•
Business Goals
Business Constraints
Technical Goals
Technical Constraints
Cisco’s Three Tier Network Design
Network Performance
Due this week
• 1-3 – Concept questions 1
Next week
• Read Chapters 3 and 4 in
Top-Down Network Design
• 2-1 – Concept questions 2
Q&A
• Questions, comments, concerns?
Q&A
Q&A