Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
• Schedule This could include the phasing out of older applications, hiring of new
personnel, and so forth.
• People Considerations include who will install and operate the network, what skills they
have, whether they require training, whether any of these tasks will be outsourced, and so
forth.
• Legal Issues include any restrictions on the use and storage of data collected, whether the
organization has contractual obligations or opportunities related to the network (for
example, long-term maintenance or lease contracts), and so forth.
• History Factors include examining the existing network's structure and determining whether
any person or group will block changes or additions.
• Policies Consider whether current organizational policies might restrict the network design.
Preparing the Preliminary Design
• Consider network requirements and constraints
• Network owner is consulted, and together optimal
solution is chosen
• Two models can be used for network design:
-A top-down approach requirements are considered
first, with the applications and network solutions that
will run on the network.
- A bottom up approach : first devices, features, cabling
and so on are selected and then try to fit applications
to this network.
(Redesign and increased costs)
Completing the final design
Development
producing detailed drawings, configuration specifications, costing,
addressing plans, and any other information required for
implementation.
• Physical
– Network diagram
– Network redundancy
– Physical connectivity to existing network
– Post-design hardware inventory documenting device location, type,
number of ports and type of ports
• Logical
– Addressing scheme(s)
– Supported Protocol(s)
– Routing protocol(s)
– Bridging group(s)
– Virtual Local Area Network (VLAN) architecture
Deploying the network
• Include details of what has to be done and how it has
to be done
- Scheduling- when things will be done, who will do
them, what impact of deployment will have on existing
network.
- Contingency plans- plans for what happens if a
problem occur during implementation.
- Testing
- Training
- Contracts – outsourcing, internet connectivity,
maintenance, and so forth.
Monitoring and Redesign
• After the network is operating, baseline
operational statistics should be gathered so
that the values for a working network are
known.
• If problem, anomalies occur or if a redesign is
done entire design process is repeated.
Maintaining design documentation
• Design Guide
- Security requirement
- Redundancy requirements and design
- Logical connectivity with in a LAN
environment
- Implementation of any required equipment
software advanced features
- Connectivity to the gateway
- Configuration to each device
Modular Network design
• Modular Network design separates the network
into various functional network modules, each
targeting a specific place or purpose in network.
• A module is a component of a composite
structure.
• Modular network design involves creating
modules that can then be put together to meet
the requirements of the entire network.
• The module represent areas which have different
physical or logical connectivity.
Benefits of modular network design
Firewall Router
Workgroup Switch
Hierarchical Network Design
Enterprise WAN
Core Layer
Backbone
Campus A Campus B
Campus C
Distribution Layer
Campus C Backbone
Access Layer
• Enterprise Edge: This area contains all the functions required for
communication between the Enterprise Campus and remote
locations, including the Internet, remote employees, other
campuses, partners, and so forth.
Multilayer
Switch
Enterprise campus consist of
1. Management
2. Campus Infrastructure
i) Building Access
ii) Building Distribution
iii) Core
3. Server Farm
4. Edge Distribution
Campus Infrastructure Module
• Building Access — Contains access switches and end-user devices
(including PCs and IP phones, Layer2 switches ). This group is responsible
for ensuring that only users who are authorized to access the network are
admitted.
• Building Distribution— Includes distribution multilayer switches(Layer3
switches and router) to provide access between workgroups and to the
Core. Routing is implemented in this sub-module.
• Filtering of routes: Router filtering is the process by which certain routes
are not considered for inclusion in the local route database.
• Summarizing of routes
• Building Distribution and Building access make a building module
• Core— Typically uses layer 3 switching. Also called the backbone, provides
a high-speed connection between buildings themselves, the Server Farm
and Edge Distribution modules. Redundancy is implemented.
Contd.
• Edge Distribution— The interface between the Enterprise Campus
and the Enterprise Edge functional areas. This module concentrates
connectivity to and from all branches and teleworkers (delivers
secure voice and data services) accessing the campus via a WAN or
the Internet. Typically uses layer 3 switching.
2. Corporate Internet
4. WAN
Asynchronous Transfer Mode (ATM )
• ATM is a network switching technology that uses a cell based methodology to
quantize data. ATM data communication consists of fixed size cells of 53 bytes. An
ATM cell contains a 5 byte header and 48 bytes of ATM payload. This smaller size,
fixed-length cells are good for transmitting voice, image and video data as the delay
is minimized.
• ATM is a connection oriented protocol and therefore a virtual circuit should be
established between sending and receiving points. It establishes a fixed route
between two points when the data transfer starts.
• Another important aspect of ATM is its asynchronous operation in time division
multiplexing. Therefore cells are transmitted only when data is available to be sent
unlike in conventional time division multiplexing where synchronization bytes are
transferred if there data is not available to be sent.
• ATM is designed to be convenient for hardware implementation and therefore
processing and switching have become faster. Bit rates on ATM networks can go up
to 10 Gbps. ATM is a core protocol used over the SONET/SDH backbone of the ISDN.
• ATM provides a good quality of service in networks where different types of
information such as data, voice, and are supported. With ATM, each of these
information types can pass through a single network connection.
Frame Relay
• Frame relay is a packet switching technology for connecting network
points in Wide Area Networks (WAN).
• It is a connection oriented data service and establishes a virtual circuit
between two end points.
• Data transfer is done in packets of data known as frames. These frames
are variable in packet size and more efficient due to flexible transfers.
• In frame relay, connections are called as ‘Ports’. All the points which
need to connect to the frame relay network needs to have a port. Every
port has a unique Address.
• A frame is made of two parts which can be called as ‘actual data’ and
the ‘frame relay header’..
• Frame relay can create multiple redundant connections among various
routers, without having multiple physical links. Since frame relay is not
specific for media, and provides means to buffer speed variations, it has
the possibility to create a good interconnect medium between different
types of network points with different speeds.
• Difference between ATM and Frame Relay
• Data link layer of OSI model defines the ways of encapsulating data for transmission between two
endpoints and the techniques of transferring the frames. Both Asynchronous Transfer Mode (ATM)
and Frame relay are data link layer technologies and they have connection oriented protocols. Each
technique has its own application dependent advantages and disadvantages.
• 1. Although both techniques are based on end to end delivery of quantized data, there are many
differences in terms of sizes of the data quanta, application network types, controlling techniques
etc.
• 2. Although ATM uses fixed size packets (53 bytes) for data communication, frame relay uses
variable packet sizes depending on the type of information to be sent. Both information blocks have
a header in addition to data block and transfer is connection oriented.
• 3. Frame Relay is used to connect Local Area Networks (LAN) and it is not implemented within a
single area network contrast to ATM where data transfers are within a single LAN.
• 4. ATM is designed to be convenient for hardware implementation and therefore, cost is higher
compared to frame relay, which is software controlled. Therefore frame relay is less expensive and
upgrading is easier.
• 5. Frame relay has a variable packet size. Therefore it gives low overhead within the packet which
results it an efficient method for transmitting data. Although fixed packet size in ATM, can be useful
for handling video and image traffic at high speeds, it leaves a lot of overhead within the packet,
particularly in short transactions.
Enterprise Edge
• The E-commerce module includes the devices and services necessary for
an organization to support e-commerce applications, such as online
ordering. The devices in this module usually include web servers,
application servers, and security devices such as firewalls and IDS
appliances.
• The Corporate Internet module provides Internet access for the users and
passes VPN traffic from remote users to the VPN/Remote Access module.
Typical servers in this module include e-mail, File Transfer Protocol (FTP),
and Domain Name System (DNS) servers.
• The VPN/Remote Access module terminates VPN traffic and dial-in
connections from external users. Typical devices in this module include
dial-in access and VPN concentrators to terminate the remote user
connections, and firewalls and IDS appliances to provide security.
• The WAN module provides connectivity between remote sites and the
main site over various WAN technologies. This module does not include
the WAN connections; rather, it provides the interfaces to the WANs.
Service Providers Edge
The three modules within the Service Provider Edge
functional area are as follows:
• Internet Service Provider (ISP) module represents
connection to internet. Redundant connections to
multiple ISP can be made to ensure service capability.
• Public Switched Telephone Network (PSTN) module
represents all dial up connectivity, analog phone,
cellular phone and ISDN connections.
• Frame Relay/ATM module all permanent connections
to the remote locations, including frame relay, ATM,
leased lines and cable, DSL, and wireless connections.
ECM advantage
ECM divides functional areas of the LAN into
modules. This allows for easier implementation
of other network functions, such as security on a
module-by-module basis, rather then attempting
to do so all at once on the entire network.
ECM provide several advantages:
1. Dividing functional areas into modules and
connecting them together over a high speed
backbone.
2. The ECM allows network scalability.
3. Adding one or more functions more easily.
UNIT II
• Technologies –
Switching Design: Switching Types - Layer 2 and 3 Switching
Spanning Tree Protocol
Redundancy in Layer 2 Switched Networks
STP Terminology and Operation
Virtual LANs – Trunks –
Inter-VLAN Routing
Multilayer Switching
Cisco Express Forwarding –
Switching Security - Switching Design Considerations
• IPv4 Routing Design:
IPv4 Address Design - Private and Public Addresses –
NAT - Subnet Masks - Hierarchical IP Address Design –
IPv4 Routing Protocols – Classification - Metrics - Routing Protocol
Comparison - IPv4 Routing Protocol Selection.
Switching Design
• Switches Concept
• Ethernet switches are extremely fast bridges
with many port.
Switch basics
Hub Switch
layer Physical layer Data link Layer
Data Transmission Electrical Signals or bits Frame Layer2 and Packets Layer3
form
Ports 4/12 ports Multiport Bridge(24/48 Port)
Transmission Type Frame flooding: may be First Broadcast: then unicast and
multicast, unicast or multicast as needed
broadcast
Device Type Without Software With Software and Networking
Device
Table No Table Content Accessible Memory which is
accessed by Application Specific
Integrated chips
Speed 10 Mbps 10/100 Mbps, 1Gbps
Layer Network Layer (Layer 3 devices) Data Link Layer. Network switches operate at Layer 2 of the
OSI model.
Device Type Networking device Active Device (With Software) & Networking device
Table Store IP address in Routing table Switches use content accessible memory CAM table which is
and maintain address at its own typically accessed by ASIC (Application Specific integrated
chips).
Transmission mode Full duplex Half/Full duplex
Broadcast Domain In Router, every port has its own Switch has one broadcast domain [unless VLAN implemented]
Broadcast domain.
Used for Connecting two or more Connecting two or more nodes in the same network or
networks different network
Switch A Switch B
Node 1
Switching Loop
• Switches A, B and C
Switch A Switch B broadcast node 1’s frame
out every port
Switch C
Node 1
Switching Loop
Node 1
Good Switching Loops
• But you can take advantage of loops!
– Redundant paths improve resilience when:
• A switch fails
• Wiring breaks
• How to achieve redundancy without creating
dangerous traffic loops?
What is a Spanning Tree
• “Given a connected,
undirected graph, a
spanning tree of that graph
is a subgraph which is a tree
and connects all the
vertices together”.
• A single graph can have
many different spanning
trees.
Bridge protocol data unit (BPDU)
• Bridge protocol data unit (BPDU) is a data
message transmitted across a local area network
to detect loops in network topologies.
• A BPDU contains information regarding ports,
switches, port priority and addresses
BPDUs contain the information necessary to
configure and maintain spanning tree topology.
The information is used by switches to calculate
their own BPDUs for information passing.
Bridge Protocol Data Units
• When devices are initially attached to switch ports, they do not
start data transmission immediately. Instead, they moves through
different states while BPDU processing determines the network
topology.
Switch A
Switch B Switch C
32678.0000000000BB 32678.0000000000CC
1 Switch A 2
Cost=19 Cost=19
1 1
Switch B Switch C
2 2
32678.0000000000BB Cost=19 32678.0000000000CC
1 Swtich A 2
Cost=19 Cost=19
1 Switch A 2
Cost=19 Cost=19
1 1
Switch B Switch C
2 2
32678.0000000000BB Cost=19 32678.0000000000CC
Cost=19 Cost=19
1 1
Switch B Switch C
2 2
32678.0000000000BB Cost=19 32678.0000000000CC
Designated
Port
In the B-C link, Switch B has the lowest Bridge
ID, so port 2 in Switch B is the Designated Port
Blocking a port
• Any port that is not elected as either a Root
Port, nor a Designated Port is put into the
Blocking State.
• This step effectively breaks the loop and
completes the Spanning Tree.
Designated Ports on each segment (802.1d)
32678.0000000000AA
1 Switch A 2
Cost=19 Cost=19
1 1
Switch B
2 2
Switch C
• Port 2 in Switch C is then put into the Blocking State because it is neither
a Root Port nor a Designated Port
Spanning Tree Protocol States
• Disabled
– Port is shut down
• Blocking
– Not forwarding frames
– Receiving BPDUs
• Listening
– Not forwarding frames
– Sending and receiving BPDUs
Spanning Tree Protocol States
• Learning
– Not forwarding frames
– Sending and receiving BPDUs
– Learning new MAC addresses
• Forwarding
– Forwarding frames
– Sending and receiving BPDUs
– Learning new MAC addresses
STP Topology Changes
• Switches will recalculate if:
– A new switch is introduced
• It could be the new Root Bridge!
– A switch fails
– A link fails
Root Bridge Placement
• Using default STP parameters might result in
an undesired situation
– Traffic will flow in non-optimal ways
– An unstable or slow switch might become the root
• You need to plan your assignment of bridge
priorities carefully
Bad Root Bridge Placement
Out to router
Root
Bridge
DP Root
Proposal
RP
Agreement
Switch Switch
Switch Switch
Rapid Spanning Tree (802.1w)
DP Root DP Proposal
RP Agreement
RP
Switch Switch
Switch Switch
Rapid Spanning Tree (802.1w)
DP Root DP
RP RP
Switch Switch
DP
Proposal Agreement
RP
Switch Switch
Rapid Spanning Tree (802.1w)
DP Root DP
RP RP
Switch Switch
DP DP
Proposal Agreement
RP RP
Switch Switch
Rapid Spanning Tree (802.1w)
• Prefer RSTP over STP if you want faster
convergence
• Always define which ports are edge ports
Multiple Spanning Tree (802.1s)
• Allows separate spanning trees per VLAN
group
– Different topologies allow for load balancing
between links
– Each group of VLANs are assigned to an “instance”
of MST
• Compatible with STP and RSTP
Multiple Spanning Tree (802.1s)
Vlan A Vlan B
Multiple Spanning Tree (802.1s)
• MST Region
– Switches are members of a region if they have the
same set of attributes:
• MST configuration name
• MST configuration revision
• Instance-to-VLAN mapping
– A digest of these attributes is sent inside the
BPDUs for fast comparison by the switches
– One region is usually sufficient
Multiple Spanning Tree (802.1s)
• CST = Common Spanning Tree
– In order to interoperate with other versions of
Spanning Tree, MST needs a common tree that
contains all the other islands, including other MST
regions
Multiple Spanning Tree (802.1s)
• IST = Internal Spanning Tree
– Internal to the Region, that is
– Presents the entire region as a single virtual bridge
to the CST outside
Multiple Spanning Tree (802.1s)
• MST Instances
– Groups of VLANs are mapped to particular
Spanning Tree instances
– These instances will represent the alternative
topologies, or forwarding paths
– You specify a root and alternate root for each
instance
Multiple Spanning Tree (802.1s)
MST Region
IST
IST
802.1D switch
Multiple Spanning Tree (802.1s)
• Design Guidelines
– Determine relevant forwarding paths, and
distribute your VLANs equally into instances
matching these topologies
– Assign different root and alternate root switches
to each instance
– Make sure all switches match region attributes
– Do not assign VLANs to instance 0, as this is used
by the IST
Virtual LAN
• Trunks
• Inter-VLAN Routing
• Multilayer Switching
• Cisco Express Forwarding
• Switching Security
• Switching Design Considerations
What Is a VLAN?
• A virtual local area network (VLAN) is a logical grouping
of ports which is independent of location. A single
VLAN (and the nodes connected in a single VLAN) will
behave in the same way as if it was a separate Layer 3
network.
• VLAN membership need not be limited to sequential
ports or even ports on the same switch. a very
common deployment in which nodes are connected to
a switch and the switch is connected to a router.
Looking at the left side, the automatic assumption
would be that all of the nodes are on the same IP
network since they all connect to the same router
interface.
Unit II- IPv4 Routing Design
IPv4 Address Design - Private and Public
Addresses – NAT - Subnet Masks -
Hierarchical IP Address Design –