slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Unit 14 - LAN Internetworking INTERNETWORKING DESIGN PowerPoint Presentation
Download Presentation
Unit 14 - LAN Internetworking INTERNETWORKING DESIGN

Unit 14 - LAN Internetworking INTERNETWORKING DESIGN

173 Vues Download Presentation
Télécharger la présentation

Unit 14 - LAN Internetworking INTERNETWORKING DESIGN

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Unit 14 - LAN Internetworking • INTERNETWORKING DESIGN • (Overall Internetworking Design Strategies, Bridging, Routing, Switching) • INTERNETWORKING TECHNOLOGY • (Internetworking Technology and the OSI Model, Repeaters, Bridges, Routers)

  2. INTERNETWORKING DESIGN • Reasons to investigate internetworking solution: • Shared media network architecture (Ethernet, Token Ring, FDDI, etc.) becomes too congested and network performance begins to suffer. • Independently established and operated LANs wish to begin to share information. • Key Challenges: • Numerous incompatibilities caused by the multiple vendor hardware and software technologies that comprise the individual LANs to be linked. • If transparent LAN-to-LAN interoperability to be achieved, each LAN protocol in a given LAN’s protocol stack must be either matched or converted in order to transparently interoperate with the corresponding protocol in the neighboring LAN in linking.

  3. INTERNETWORKING DESIGN • Overall Internetworking Design Strategies • To improve performance on overburdened shared media LANs, several proven design strategies can be followed: • Segmentation : Fewer workstations per segment results in less contention for the shared bandwidth. Some type of internetworking device (e.g. bridge or router) is required to link the LAN segments. • Microsegmentation: Taking segmentation to the extreme of limiting each LAN segment to only a single workstation. • Server Isolation: only selected high-performance devices such as servers are assigned to their own segment. Isolating servers on their own segments guarantees access to network bandwidth. • Hierarchical networking: • isolates local LAN traffic on a local network architecture (Ethernet or Token Ring) while transmitting internetwork traffic over a higher-speed network architecture such as FDDI.

  4. INTERNETWORKING DESIGN • Servers directly connect to the backbone network while individual workstations access the backbone network through routers. • See Figure 13-1 for the overall internetworking design strategies • Bridging, routing, and switching are the three primary internetworking processes which offer LAN segmentation and isolation of network resources. • Their use of network addresses, overall sophistication, and advantages and limitations will be reviewed here.

  5. Figure 13.1 Overall Internetworking Design Strategies

  6. Bridging • first internetworking or LAN segmentation strategy to minimize the amount of internetwork traffic and avoid producing an internetwork bottleneck. • 80% of all LAN traffic to stay local, with no more than 20% of overall traffic requiring processing and forwarding by the bridge. • Addressing • Bridging is a data-link layer process, making forwarding decisions based on the destination address contents of the MAC layer or data-link layer addresses. • it then decides whether the destination is local or remote and allows only those data frames with nonlocal destination addresses to cross the bridge to the remote LAN. • it only processes data-link layer addresses while transparently forwarding any variety of upper layer protocols embedded within the data field of the data-link layer frame. • Data-link protocols contain source addresses as well as the destination addresses within the predefined frame layout. • A bridge checks the source address of each frame it receives and adds that source address to a table of known local nodes. Some bridges broadcast requests to all locally attached workstations, forcing response which can be stored in the table. • Read the destination address and compare with the content in the known local nodes tables to determine the frame should be allowed to cross the bridge (forward-if-not-local devices) • See Figure 13-2 for the use of data-link layer frame addresses.

  7. Figure 13.2 Use of Data Link Addressing by Bridges

  8. Advantages • bridges are relatively easy to install and configure, for quick, cost-effective relief of overburdened network segments. • extends network segment length by repeating, retiming, and regenerating received signals before forwarding them across the bridge. • translate between different network architectures (Token Ring to Ethernet) and different media types (UTP to fiber). • Limitations • In the case of a destination node many LANs and connecting bridges away from its source workstation, all workstations between the source and destination workstation will be broadcast with the frame bound for the distant destination. • Frames improperly addressed or destined for nonexistent addresses can be infinitely perpetuated or flooded onto all bridged LANs (broadcast storm). • Bridge are generally not able to support networks containing redundant paths, since the multiple active loops between LANs can lead to the propagation of broadcast storms.

  9. Routing • Routing and Bridging differ significantly in several key functional areas: • a router first confirms the existence of the destination address and the latest information on available network “paths” to reach that destination. • Based on the latest network traffic conditions, it chooses the best path for the data packet to reach its destination and sends the data packet on its way. • Addressing • routers base their forwarding decisions on the contents o f the network layer addresses embedded within the data field of the data-link layer frame. • How do data packets arrive at a router? • The destination address on an Ethernet or Token Ring packet must be the MAC address of the router which will handle further internetwork forwarding. A router is addressed in the data-link layer destination address field.

  10. The router then discards this MAC sublayer “envelope” which contained its address and proceeds to read the contents of the frame data field (network layer destination address). • After reading the network layer destination address, the router consults its routing tables to determine the best path on which to forward this data packet. Routing tables contains at least some of the following fields: • Network number of the destination network. It serves as the key field or lookup field to find the proper record concerning the best path to this network. • MAC address of the next router along the path to this target network. • Port of this router out of which the readdressed data-link layer frame should be sent.

  11. Number of hops, or intermediate routers, to the destination network • The age of this entry, to avoid basing routing decisions on outdated information. • Once it’s found the best path, the router has the ability to repackage the data packet as required for that delivery route (best path). A fresh data-link frame is created (the MAC address of the next router) but the network layer addresses remain unchanged. • the router confirms the viability of the destination address and the quality of the intended path before it releases a data packet onto the internetwork (forward-if-proven-remote logic). • See Figure 13-3 for the use of Data-Link and Network Layer Addresses.

  12. Figure 13-3 Router’s Use of Data Link and Network Layer Addresses

  13. Advantages • routing makes more efficient use of bandwidth on large networks containing redundant paths to perform load balancing of total network traffic. • router’s “best path” decision determined by number of hops, transmission cost, and current line congestion. • routers dynamically maintain routing tables, adjusting performance to changing network conditions. • routers can better keep misbehaving or misaddressed traffic off the network by filtering network layer address (filter unwanted broadcast packet). Routers are more likely to be used to interface to the WAN link as they can keep off unnecessary traffic off the relatively low-speed, high-cost WAN links. • routers can create firewalls to protect connected LANs. • discriminate and prioritize packet processing according to network layer protocol. • provide security by filtering packets by either data-link or network layer addresses.

  14. can forward more sophisticated and informative management information to enterprise NMS via SNMP. • are able to process multiple network layer protocols(e.g. IP, IPX, AppleTalk) simultaneously. Provide transparent interconnection between LANs. • Limitations • the no. of routers increases in a router-based network, the complexity of network management increases proportionately. To be able to process multiple network layer protocols, they must have all supported protocol stacks installed and properly configured. • the router’s sophisticated processing also has an impact on the sophistication and cost of the router technology compared with bridging technology.

  15. Switching • similar to bridging. The key difference is that switching is done in hardware, or application-specific integrated circuit (ASIC) chips and extremely fast. • it increases available bandwidth within a shared-media LAN by implementing microsegmentation on the local LAN. • Addressing • it reads the destination MAC addresses on incoming data-link layer frames and quickly build a switched connection to the switched LAN segment which contains the destination workstation. • When a LAN switch receives a data-link frame bound for a destination off the local network, it merely builds a switched connection to the switch port to which a router is connected or a virtual router within the switch where the switch’s routing functionality can be accessed. • it switch for bandwidth and route for filtering and internetwork segmentation.

  16. Advantages • produce dramatic increases in bandwidth compared shared-media LANs • Virtual LANs are enabled by the LAN switch’s ability to quickly make any two workstations or servers appear to be physically attached to the same LAN segment. • Limitations • cannot perform sophisticated filtering or security based on network layer protocols because LAN switches are unable to read network layer protocols. • cannot discriminate between multiple paths and make best path decisions. • management information LAN switches offer enterprise NMS is minimal compared with that available from routers.

  17. INTERNETWORKING TECHNOLOGY • Internetworking Technology and the OSI Model • The following internetworking devices can be categorized in this way with the following OSI layers: • Repeaters OSI Layer 1 Physical Layer • Bridges OSI Layer 2 Data-link Layer • Routers OSI Layer 3 Network Layer • See Figure 13-4 the relationship between the OSI model and internetworking devices. • Repeaters • Functionality • Repeat the digital by regenerating and retiming the incoming signal. • Pass all signals between all attached segments • Do not read destination addresses of data packets • Allow for the connection of and translation between different types of media • Effectively extend overall LAN distance by repeating signals between LAN segments

  18. Figure 13-4 Relationship between the OSI Model and Internetworking Devices

  19. Reasons for employing a repeater • To increase the overall length of the network media by repeating signals across multiple LAN segments. In Token Ring LAN, several MAUs can be linked together by repeaters to increase the size of the LAN. • To isolate key network resources onto different LAN segments, to ensure greater survivability • To translate between different media types supported for a given network architecture. • See Figure 13-5 for the typical installations of repeaters.

  20. Figure 13-5 Repeater Installations

  21. Bridges • Functionality • bridges are more discriminating than repeaters. • bridges come in many varieties, as determined by the characteristics of the two LANs joined by a particular bridge. • Bridge performance is generally measured by two criterias: • Filtering Rate: measured in packets/sec or frames/sec. When a bridge reads the destination address on a packet and decides whether or not that packet should be allowed access to the internetwork (filtering). It ranges from 7000 to 60,000 frames per second • Forwarding Rate: measured in packets/sec or frames/sec. A bridge performs a separate operation of forwarding the packet onto the internetwork medium, whether local or remote. It ranges from 700 to 30,000 packets per second

  22. Spanning Tree Algorithm (STA) • STA has been standardized as IEEE 802.1 for the purpose of controlling redundant paths in bridged networks to reduce the possibility of broadcast storms. • STA implemented as software installed on STA-compliant bridges, senses multiple paths and disables all but one. • Should the primary path between two LANs become disabled, the spanning tree algorithm can reenable the previously disabled redundant link, thereby preserving the inter-LAN link. • This path management accomplish by communicating with each other via configuration bridge protocol data units

  23. Source Route Bridging • the Source Route Bridges delineates the chosen path to the destination address is captured by the source device, usually a LAN-attached PC. • The PC sends out a special explorer packet and propagates through all source routing bridges until they reach their destination workstation. • Along the journey, each source routing bridge enters its address in the routing information field of the explorer packet. The destination workstation sends the completed RIF field back directly to the source workstation. • All subsequent data messages include the suggested path to the destination embedded within the header of the Token Ring frame. • the source PC sends the data message along with the path instructions to the local bridge, which forwards the data message according to the received path instructions.

  24. Source routing bridges can only include 7 hop locations in the path to any remote destination due to the limited space in the router information field (RIF). Therefore, larger internetworks will usually employ routers with larger routing table capacity. • See Figure 13-7 for the typical bridge installations. • Figure 13-8 in textbook identifies some of the technology analysis issues that should be considered to purchasing bridge technology: • transparent bridges: connect LANs of similar data-link format • multiprotocol bridges or translating bridges: includes a format converter and can bridge between Ethernet and Token Ring • encapsulating bridge: a bridge between Ethernet and FDDI networks. It manipulate and rewrite the data-link layer frame. It merely takes the entire Ethernet data-link layer frame and stuffs it in an “envelope”(data frame) which conforms to the FDDI data-link protocol. • source routing bridges: connect Token Ring LANs which have source routing enabled. • source routing transparent (SRT) bridges: support links between source routed Token Ring LANs or transparent LANs. These bridges are able to identify whether frames are to be bridged transparently or source routed by reading the flags setting in the data-link frame header.

  25. Figure 13-7 Bridge Installations

  26. Wireless Bridges • An increasingly popular alternative for bridging remote LANs up to 50 miles are wireless bridges. • It use spread spectrum radio transmission between LAN sites and are primarily limited to Ethernet networks at this time. • New wireless bridges using the 2.41 GHz or 5.81GHz frequency ranges can transmit at T-1 speed (1.544 Mbps) for up to 50 miles. • Most wireless bridges support: • the spanning tree algorithm, filtering by MAC addresses, protection against broadcast storms, SNMP management, encryption, a variety of different Ethernet network media • It must be used in pairs.

  27. Routers • Functionality • the most important is routers’ ability to discriminate between multiple network layer protocols. • routers are made to read specific network layer protocols to maximize filtering and forwarding rates. Different network layer protocols have different packet structures. Some more sophisticated router (multiprotocol routers) have the capability to interpret, process and forward data packets of multiple protocols. • Some common network layer protocols and their associated NOSs or supper protocols: IPX (NetWare), IP (TCP/IP), VIP (Vines), AFP (AppleTalk), XNS (3Com), OSI (Open Systems) • Routers can process non-routable protocols by either acting as bridges or encapsulating the non-routable data-link layer frame’s upper layer protocols in a routable network layer protocol such as IP. • Some common non-routable protocols and their associated networking environments: LAT (Digital DecNet), SNA/SDLC (IBM SNA), NetBIOS (DOS-based LANs) and NetBEUI (LAN Manager)

  28. Routing Protocols • Routers manufactured by different vendors need a way to talk to each other to exchange routable table information concerning current network conditions. • Some common routing protocols and their associated protocol suites or network environments: • Routing Information Protocol RIP (XNS, NetWare, TCP/IP), • Open shortest path first OSPF (TCP/IP), • NetWare link state protocol NLSP (NetWare 4.1), • Intermediate system to intermediate system IS-IS (DECnet, OSI), • Routing table maintenance protocol RTMP (AppleTalk), • Router table protocol RTP (Vines).

  29. Routing Information Protocol (RIP) • at one time the most popular router protocol standard • uses a distance vector algorithm which measures only the number of hops to a distant router (maximum 16). • requires each router to maintain a table listing the distance in hops (sometimes link cost) between itself and every other reachable network. • However, all routers don’t always know of changes in the network immediately because of the delays caused by routers recalculating their routing tables before retransmitting updated information to neighbouring routers (slow convergence).

  30. Open shortest path first (OSPF) • able to handle larger internetworks as well as a smaller impact on network traffic for routing table updates. • uses a more comprehensive link state algorithm which can decide between multiple paths to a given router based on variables (e.g. delay, capacity, throughput, reliability of the circuits connecting the routers). • uses much less bandwidth to keep routing tables up to date. • employ network information received from all routers on a given network. • See Figure 13-10 for the installation of various types of routers.

  31. Figure 13-10 Router Installations

  32. Dial-Up Routers • dial-up routers may be used when the amount of inter-LAN traffic from a remote site does not justify the cost of a leased line. E.g. Dial-UP ISDN Link • ISDN basic rate interface(BRI) provides up to 144 Kbps of bandwidth on demand, and primary rate interface (PRI) provides up to 1.536 Mbps of usable digital bandwidth on demand. • Spoofing: filter chatty or unwanted protocols (e.g. RIP, SAP, Watchdog, Serialization) from the WAN link while ensuring remote programs that require ongoing communication from these filtered protocols are still re-assured via emulation of these protocols by the local dial-up routers. • These unwanted protocols can easily establish or keep a dial-up line open, leading to excessive line charges. See Figure 13-12 for the combination of filtering and emulation.

  33. Figure 13-12 Dial-Up Router Spoofing

  34. Occasionally, updated information such as session status or service availability must be exchanged between dial-up routers so that packets are not routed in error and sessions are not terminated incorrectly. • Different dial-up routers use different update mechanisms. They are: • Timed updates - performed at regular predetermined intervals. • Triggered updates - performed whenever a certain programmable event, such as a change in available services, occurs. • Piggyback updates - performed only when the dial-up link has already been established for exchanging user data.

  35. Routing Evolution • Distinct layer 2 switching and layer 3 routing: separate layer 2 switches and layer 3 routers cooperatively contribute what each does best to deliver internetwork traffic as efficiently as possible. • Distributed routing: layer 2 switching and layer 3 routing, functionality combine into a single device sometimes referred to as a multilayer switch • Route servers: which provide a centralised repository of routing information while edge switches deployed within the LANs are programmed with minimal routing information. • These three internetworking design scenarios combining switching and routing are shown in Figure 13-13.

  36. Figure 13-13 Routing Evolution Scenarios

  37. IP Switching and Quality of Service • By implementing IP routing software directly on ATM switching hardware, IP switching combines switching and routing capabilities into a single device and discriminates between which traffic should be switched and which should be routed. • Cisco’s Tag Switching protocol became known as MPLS (Multiprotocol label switching) is a common protocol to distinguish traffics. • MPLS provides the following functionality: • Uses labels to provide shortcuts to specific circuits for fast routing of IP packets without the typical packet-by-packet routing table lookups. • Labels can also be used to represent QoS (Quality of Service) requirements or a Virtual Private Network through the Interent. • Defined for use over frame relay, ATM, and PPP (Point-to-Point Protocol) WAN connections and IEEE 802.3 LANs. • Supports explicit routing that allows certain types of traffic (e.g. video) to be explicitly assigned to specific circuits.

  38. Diff-Serv (Differentiated Services) is another common protocol. • Diff-Serv provides the following functionality: • Uses the type of service (ToS) bits already in the IP header to differentiate between different levels of service required by different applications. • Allows service level agreements between users and service providers to be supported. • MPLS is a layer 2 solution, whereas Diff-Serv is a layer 3 solution. • MPLS will work with or without Diff-Serv on layer 3. • The best solution may be for the two protocols to work together with MPLS-enabling switching labels for circuit assignment after reading the ToS bits in the layer 3 IP header.

  39. Virtual LANs • Basic Functionality: • It depends on a physical device, the LAN switch. • Virtual LANs are software definable through configuration software contained within the LAN switch. • Allows workgroup members to be assigned to more than one workgroup quickly and easily. Each virtual workgroup is assigned some portion of the LAN switch’s backplane capacity. • Use OSI layer 2 bridging functionality to logically segment the traffic within the switch into distinct virtual LANs. • Logically defined broadcast/multicast groups within layer 2 LAN switches, since point-to-point traffic is handled by switched dedicated connections.

  40. Virtual LANs • Limitations: • The virtual LAN configuration information must be shared among multiple LAN switches if members of the same virtual LAN are physically connected to separate LAN switches. • Only proprietary switch-to-switch protocols between a single vendor’s equipment is possible for multi-switch virtual LANs. • It is difficult if not impossible to monitor transmissions in real time by traditional means. One solution is traffic duplication in which traffic between two switch ports is duplicated onto a third port to which traditional LAN analyzers can be attached. • Figure 13-14 shows the differences between a LAN switch, a virtual LAN, and a multiswitch virtual LAN.

  41. Figure 13-14 LAN Switches and Virtual LANs

  42. Transmission Between Virtual LANs: • Virtual LANs are built using LAN switches which are OSI layer 2 devices able only to distinguish between MAC layer addresses. • LAN switches can offer only the “forward-if-not-local” internetworking logic of bridges. • Transmit traffic between virtual LANs will need routing functionality by an external router or by specialised router software in LAN switch (layer 3 switches). • Classification of Virtual LANs: • Are often classified by the OSI layer, which represents their highest level of functionality. • Layer 2 virtual LANs: are built using LAN switches, which act as microsegmenting bridges. No differentiation is possible based on layer 3, network layer, protocols.

  43. Layer 3 virtual LANs: • Are built using LAN switches, which can process layer 3 network addresses. • Such devices may be called IP switches or routing switches. • Since these devices perform filtering based on network layer protocols and addresses, they can support multiple virtual LAN using different network layer protocols. • Figure 13-15 shows the architecture differences between layers 2 and 3 virtual LANs. See Figure 13-16 for the functional differences between the two virtual LAN designs.

  44. Figure 13-15 Layer 2 vs. Layer 3 Virtual LANs: An Architectural Comparison

  45. Layer 3 and Layer 4 Switches • Based on Layer 2 switching, VLAN initially required a separate layer 3 routing device to allow traffic to flow between VLANs. • LAN switches that include routing capabilities, known as layer 3 switches or routing switches, perform the traditional routing process for the first packet in a series, add the layer 2 addresses to an address table, and switching the remaining packets in the data flow at layer 2. • Layer 3 switching can provide routing between LAN segments at a speed much faster than traditional routers. • Routing functionality delivered on ASIC (application specific integrated circuits) chips. Significant price/performance gains can be realised when migrating from traditional software-based routers to layer 3 switches. • More ability such as analyze traffic flows based on the type of flow (by port number) was added to LAN switch. • Layer 4 switches provide a means to prioritize traffic flows based on traffic type, increasing security by filtering, and collect application level traffic statistics on a per port basis.

  46. Layer 3 and Layer 4 Switches • Layer 4 switch uses a virtual IP address to balance traffic across multiple servers based on session information and status – service-based load balancing. • It is capable of determining which session is being requested and submitting that request to the most available server by substituting the IP address of the virtual server with the IP address of the actual server to which the request is being forwarded. • Layer 4 switching is sometimes referred to as application redirection. It can examine content above layer 4 and make switching decisions accordingly. • It can be used to provide filtering of unwanted layer 4 protocols (e.g. IPX SAP) or can also be used to provide prioritization. • It will assign prioritization with an 802.1p priority tag (layer 2) or set the priority in the IP ToS field in the IP header (layer 3). • It classify data traffic according to port number and then assigns guaranteed and excess bandwidth amounts along with a prioritization number to each of these traffic classes. • It controls smooth traffic flow.

  47. ATM Switching on the LAN • ATM will serve as the high-speed switched backbone network service to connect geographically dispersed corporate networks. • Routing capabilities must be added to the underlying switching capabilities ATM offers. • ATM LAN Emulation: • Through a process known as ATM LAN emulation, virtual LANs can be constructed over an ATM switched network regardless of the geographic scope of that network. • ATM LAN emulation is considered a bridging solution since traffic is switched based on MAC layer addresses. However, the MAC layer addresses must be translated into, or resolved into, ATM addresses in a process known as ATM address resolution. • In ATM LAN emulation, the ATM switching fabric adds an entire layer of its own addressing schemes, which forward virtual LAN traffic to its proper destination. • ATM emulation, like other virtual LAN architectures built on layer 2 switching, is basically a bridged topology which suffers from the same limitations as other layer 2 switched networks: • Flat network topology • Broadcast storms (although limited to a particular virtual LAN) • No layer 3 filtering for security or segmentation

  48. ATM LAN emulation supports, or transports, multiple network layer protocols between virtual LANs because it does not discriminate between network layer (layer 3) protocols. • ATM LAN emulation offers no routing capabilities. Each virtual LAN which is emulated using ATM emulation, must still have a dedicated connection to a router which can process layer 3 addresses and make appropriate route determination and forwarding decisions between virtual LANs. • Layer 3 Protocols over ATM Networks • Classical IP over ATM • The Internet Engineering Task Force (IETF) Request for Comment (RFC) 1577 is known as classical IP over ATM. It allows IP networks, as well as all upper layer TCP/IP protocols, utilities, and APIs encapsulated by IP, to be delivered over an ATM network without requiring modification to the TCP/IP protocols. • Classical IP treats the ATM network like just another subnet or data-link protocol such as Ethernet or Token Ring. • IP routers see the entire ATM network as only a single hop, regardless of the actual size of the ATM network. • IP subnets established over ATM networks using this protocol are known as logical IP subnets (LIS). • It works only within a given subnet. It is a significant limitation. • An IP router must still be employed to use IP addresses to properly route data between classical IP subnets.

  49. Like ATM LAN emulation, it also requires address resolution. A new protocol, ATM address resolution protocol (ATMARP) runs on a server in the logical IP subnet and provides address resolution between IP and ATM addresses. • The ATM addresses may be the virtual circuit ID numbers of the virtual circuits or connections established on the ATM network between two ATM end-points. • Multiprotocols over ATM (MPOA) • The ATM Forum is currently working on MPOA, which not only will support IP, IPX, AppleTalk and other network protocols over ATM, but also will be able to route data directly between virtual LANs, precluding the need for additional external routers. • Figure 16-16 shows the key components in the MPOA architecture: • Edge devices: a kind of hybrid hub, switch, and router acting as interfaces or gateways to establish new virtual circuits between LANs and the ATM networks.

  50. Figure 13-18 Multiprotocol Over ATM Architecture