900 likes | 1.02k Views
ITEC 275 Computer Networks – Switching, Routing, and WANs. Week 5 Robert D’Andrea. Some slides provide by Priscilla Oppenheimer and used with permission. Agenda. Learning Activities Network Design Document, logical design, and top-down network design methodology.
E N D
ITEC 275 Computer Networks – Switching, Routing, and WANs Week 5 Robert D’Andrea Some slides provide by Priscilla Oppenheimer and used with permission
Agenda • Learning Activities • Network Design Document, logical design, and top-down network design methodology. • Hierarchical Network Design, network topology consisting of many interrelated components. This task might be easier to divide and conquer the problem and develop it. • Spanning Tree Protocol, fast convergence network routers. • VLANs, small bandwidths to switches rather than broadcasting. • Redundancy, provides availability, performance, and scalability. • VPNs, use a third party communication media securring data.
Documenting Your Design • If you are given a request for proposal (RFP), respond to the request in the exact format that the RFP specifies • If no RFP, you should still write a design document • Describe your customer’s requirements and how your design meets those requirements • Document the budget for the project • Explain plans for implementing the design
Typical RFP Response Topics • A network topology for the new design • Information on the protocols, technologies, and products that form the design • An implementation plan • A training plan • Support and service information and plan • Prices and payment options • Qualifications of the responding vendor or supplier • Recommendations from other customers • Legal contractual terms and conditions
Contents of a Network Design Document • Executive summary • Project goal • Project scope • Design requirements • Current state of the network • New logical and physical design • Results of network design testing • Implementation plan • Project budget
Design Requirements • Business goals explain the role the network design will play in helping an organization succeed • Technical goals include scalability, performance, security, manageability, usability, adaptability, and affordability
Logical and Physical Design • Logical design • Topology • Models for addressing and naming • Switching and routing protocols • Security strategies • Network management strategies • Physical design • Actual technologies and devices
Implementation Plan • Recommendations for deploying the network design • Project schedule • Including any dates and times for service provider installations • Any plans for outsourcing (offshore or in country) • Training • Risks • A fallback plan if the implementation should fail • A plan for evolving the design as new requirements arise
Possible Appendixes • Detailed topology maps • Device configurations • Addressing and naming details • Network design testing results • Contact information • Pricing and payment options • More information about the company that is presenting the design • Annual reports, product catalogs, press releases • Legal contractual terms and conditions
Topology • A branch of mathematics concerned with those properties of geometric configurations that are unaltered by elastic deformations such as stretching or twisting • A term used in the computer networking field to describe the structure of a network
What is a Topology? Definition of Topology A topology is a map of an internetwork that indicates network, segments, interconnection points, and user communities. The purpose of the map is to show the geometry of the network, not the physical geography or technical implementation.
Detail Description of External Network Topology How packets travel in a network http://www.youtube.com/watch?v=Pbfug-sIxGA
What is Convergence? Definition of Convergence The speed and ability of a group of internetworking devices running a specific routing protocol to agree on the topology of an un-internetwork after a change in the topology. Spanning Tree Protocol http://www.youtube.com/watch?v=uIr3u9bXESo
Scope of Convergence Video topics: Convergence Power over Ethernet (POE) Quality of Service (QoS) Parallel Networks • Individual switches • One switch set up to operate several VLANs http://www.youtube.com/watch?v=7crmi_-fUHo
Network Topology Design Themes • Hierarchy • Redundancy • Modularity • Well-defined entries and exits • Protected perimeters
Why Use a Hierarchical Model? • Reduces workload on network devices • Avoids devices having to communicate with too many other devices (reduces “CPU adjacencies”) • Constrains on broadcast domains • Enhances simplicity and understanding • Facilitates changes • Facilitates scaling to a larger size
Why Use a Hierarchical Model? When networks grow without a plan or purpose, they develop into an unstructured format. According to Dr. Peter Welcher, the author of network design and technology articles for Cisco World, the unstructured design becomes a fur-ball network.
Why Use a Hierarchical Model? What are the disadvantages of fur-ball topology? • Too many CPU adjacencies – the network devices communicate with too many other devices (broadcast packets). • Workload required of the CPU on the device can be overloading. • Affected devices are routers, workstations, and servers.
Why Use a Hierarchical Model? When trying to meet a customers business and technical goals for a corporate network design, it might be necessary to recommend a network topology of many interrelated components. The task is made easier if you can “divide and conquer” the job and develop the design in independent layers. Network design experts can develop a hierarchical network design model in layers to better understand and select the discrete layers.
Hierarchical Network Design Enterprise WAN Backbone Core Layer Campus A Campus B Campus C Distribution Layer Campus C Backbone Access Layer Building C-1 Building C-2
Cisco’s Hierarchical Design Model • A core layer of high-end routers and switches that are optimized for availability and speed. Avoid connecting packet filters or network monitors at this layer. • A distribution layer of routers and switches that implement policies and segment traffic. This is a demarcation point between access and core layer of the network.
Cisco’s Hierarchical Design Model • An access layer that connects users via hubs, switches, routers, and other devices. Switches are usually implemented at the access layer in campus networks to divide up bandwidth domains to meet the demands of applications that need a lot of bandwidth or cannot handle the delay associated with sharing a bandwidth. A network design guideline would be to design the access layer first, then the distribution, and core layer.
Cisco’s Hierarchical Design Model • Controlling a Network Diameter Provides low and predictable latency. Predict routing paths Traffic flows Capacity requirements
Headquarters in Medford Headquarters in Medford Grants Pass Branch Office Klamath Falls Branch Office Ashland Branch Office Grants Pass Branch Office Klamath Falls Branch Office Ashland Branch Office White City Branch Office Flat Versus Hierarchy Flat Loop Topology Hierarchical Redundant Topology
Mesh Versus Hierarchical-Mesh Topologies • Mesh Topologies Full-mesh topology provides complete redundancy and good performance. There is only a single link delay between two sites. Costly to implement a full-mesh topology. Partial-mesh topology has fewer connections between sites. To reach another switch or router, traffic flow would experience more traversing of intermediate links.
Mesh Designs Full-Mesh Topology Partial-Mesh Topology
A Partial-Mesh Hierarchical Design Headquarters (Core Layer) Regional Offices (Distribution Layer) Branch Offices (Access Layer)
Company Structure • Small and Medium-Sized Companies Recommend a hierarchical model that reflects a hub-and-spoke topology. Usually, corporate headquarters or a data center form the center hub. Links extended from the hub connect to remote offices and telecommuters’ locations. See slide Hub-and-Spoke Hierarchical Topology
A Hub-and-Spoke Hierarchical Topology Corporate Headquarters Branch Office Home Office Branch Office
Scope of Access • Control Access Layer Diameter The most likely place for network design violations to occur are at the access layer. Users and network administrators are more likely to add networks to the internetwork and connect remote networks together. This is known as adding a chain. Avoid backdoors. A backdoor connection is a connection between devices in the same layer. A hub is considered a backdoor.
Avoid Chains and Backdoors Core Layer Distribution Layer Access Layer Backdoor Chain
How Do You Know When You Have a Good Design? • When you already know how to add a new building, floor, WAN link, remote site, e-commerce service, and so on • When new additions cause only local change, to the directly-connected devices • When your network can double or triple in size without major design changes • When troubleshooting is easy because there are no complex protocol interactions to wrap your brain around
Flat Network Use • A flat network topology is adequate for small networks. Each network device functions the same, and the network is not divided into layers or modules. A flat network is easy to design. Flat network designers are most difficult when there is network growth, and the lack of hierarchy makes trouble shooting more difficult.
Flat WAN Networks • Flat WAN Topologies A WAN for a small company consists of a few sites connected in a loop. Each site has it’s own WAN router, routing protocols can converge quickly, and communication with any other site can recover when a link fails. Caveat: If only one link fails, recovery is possible. If two or more links fail, recovery is more difficult. The flat loop topology goals are low cost and reasonably good availability. See slide -Flat verses Hierarchical.
Flat LAN Networks • Flat LAN Topologies In the 1990s, a typical LAN configuration was to connect PCs and servers to one or more hubs. The PCs and servers implemented a media-access control process like token passing or carrier sense multiple access with collision detection (CSMA/CD) to control access to a shared bandwidth. This configuration had the potential to negatively affect delay and throughput for other devices. Today, designers recommend connecting PCs and servers to the data link layer (Layer 2) switches .
Layer 2 Configuration • Characterizing Layer 2 Network Traffic Devices connected in a switched or bridged network are all in the same broadcast domain. Switches forward broadcasting frames out from every port. Routers on the other hand, separate segments into separate broadcast domains. The recommended limit for devices connected to one single broadcast domain is a couple hundred devices. Broadcasted traffic needs to be limited and watched closely on flat loop topologies, otherwise frames can be dropped or lost. Rule of Thumb – limit broadcast traffic to 20% of the traffic on each link.
CISCO SAFE Security Architecture Cisco SAFE is a security reference architecture that provides prescriptive validated design guides that address how organizations can plan, design, and deploy security solutions that meet the unique requirements of different places in the network, such as campuses, the Internet edge, branches, and data centers. These defense-in-depth blueprints also provide best practices for securing critical data and transactions as they travers the entire networked infrastructure.
Campus Topology Design • Use a hierarchical, modular approach • Minimize the size of bandwidth domains • Minimize the size of broadcast domains • Provide redundancy • Backup paths • Mirrored servers • Mirror stored data • Multiple ways for workstations to reach a router for off-net communications
Campus Topology Design • Cisco SAFE Security Reference Architecture - Used to simplify the complexity of a large internetwork - SAFE is concerned with security • Defense-in-depth approach were multiple layers of protection are strategically located through-out the network. • See page 134 for major design modules
A Simple Campus Redundant Design Host A LAN X Switch 1 Switch 2 LAN Y Host B
Bridges and Switches use Spanning-Tree Protocol (STP) to Avoid Loops Host A LAN X X Switch 1 Switch 2 LAN Y Host B
What is Spanning Tree Protocol? Spanning Tree Protocol (STP) is a layer2 protocol that prevents logical loops in switched networks that have redundant links. Redundancy in a network may appear to be harmless and needed to maintain connectivity with other devices. One problem occurs when a broadcast frame is sent on the network. Device A sends an ARP request to find the MAC address of device B. The ARP request is sent as a broadcast. Both switches receive the broadcast and both switches flood the broadcast to all of its other connected ports. The end result is a broadcast storm.
What is Spanning Tree Protocol? A second problem occurs with redundant topologies is a single device will receive multiple copies of the same frame. The third problem occurs within the switch itself. The MAC address table can change rapidly and contain wrong information. What happens when neither switch has learned about devices A and B’s location? Device A sends data to device B. Each switch learns about device A is on port 1, and each records this in its MAC address table. The switches haven’t learned about device B yet. Both switches flood the frame to discover device B on their port 2.