Monthly Archives: February 2012
Hey guys check out my blog for all your networking informmations.
TCP/IP uses the client/server model of communication in which a computer user (a client) requests and is provided a service (such as sending a Web page) by another computer (a server) in the network. TCP/IP communication is primarily point-to-point, meaning each communication is from one point (or host computer) in the network to another point or host computer. TCP/IP and the higher-level applications that use it are collectively said to be “stateless” because each client request is considered a new request unrelated to any previous one (unlike ordinary phone conversations that require a dedicated connection for the call duration). Being stateless frees network paths so that everyone can use them continuously. (Note that the TCP layer itself is not stateless as far as any one message is concerned. Its connection remains in place until all packets in a message have been received.)
Many Internet users are familiar with the even higher layer application protocols that use TCP/IP to get to the Internet. These include the World Wide Web’s Hypertext Transfer Protocol (HTTP), the File Transfer Protocol (FTP), Telnet (Telnet) which lets you logon to remote computers, and the Simple Mail Transfer Protocol (SMTP). These and other protocols are often packaged together with TCP/IP as a “suite.”
Personal computer users with an analog phone modem connection to the Internet usually get to the Internet through the Serial Line Internet Protocol (SLIP) or the Point-to-Point Protocol (PPP). These protocols encapsulate the IP packets so that they can be sent over the dial-up phone connection to an access provider’s modem.
Protocols related to TCP/IP include the User Datagram Protocol (UDP), which is used instead of TCP for special purposes. Other protocols are used by network host computers for exchanging router information. These include the Internet Control Message Protocol (ICMP), the Interior Gateway Protocol (IGP), the Exterior Gateway Protocol (EGP), and the Border Gateway Protocol (BGP).
CATERGORY 3 CABLE
Catergory 3 cable is used as telephone cable and has a 100mhz bandwidth, using an RJ11 connector. It is UTP cable, with a max distance of 100M (300 feet) before the signal starts to degrade and can use 10Base-T LAN applications with a max speed of 4mbps.
CATERGORY 4 CABLE
Catergory 4 cable is rarely used anymore, and has been wiped out by Cat5+ and has a 100mhz bandwidth. It is UTP cable, with a max distance of 100M (300 feet) before the signal starts to degrade and can use 10Base-T LAN applications with a max speed of 16mbps.
CATERGORY 5 CABLE
Catergory 5 cable is a little old nowadays, but it still used widely in networks and has a 100mhz bandwidth. Cat 5 is UTP cable, with a maximum length of 100M (300 feet) before the signal starts to degrade. Cat 5 can be used in 10BaseT, 100Base-Tx, ATM and CDDI LAN applications.
CATERGORY 5e CABLE
Catergory 5e cable is the most common type of cable used today in networks and has a 100mhz bandwidth. Cat 5e is UTP cable, with a maximum length of 100M (300 feet) before the signal starts to degrade, and can be used in 10Base-T and 100Base-T LAN applications.
CATERGORY 6 CABLE
Catergory 6 cable is the up and coming cable with a 250mhz bandwidth. It is full duplex cable which means that it can be used with gigabit routers. It has two 4 wires paths instead of 2 2-wire paths like the cabling before. Cat 6 is UTP cable, with a maximum length of 100M (300 feet) before the signal starts to degrade. Cat 6 can be used in 10BaseT, 100Base-T, and 1000Base-T LAN applications.
CATERGORY 7 CABLE
Catergory 7 is not being used yet. It is a hybrid cable with a 600mhz bandwidth. It is ScTP cable with a maximum length of 100M (300 feet) before the signal starts to degrade. Cat 7 can be used in 1000Base-T LAN applications.
A device attached to a long cable run, which works just like a repeater to re-boost the signal so that the signal can be carried over a longer distance.
In general, a hub is the central part of a wheel where the spokes come together. The term is familiar to frequent fliers who travel through airport “hubs” to make connecting flights from one point to another. In data communications, a hub is a place of convergence where data arrives from one or more directions and is forwarded out in one or more other directions. A hub usually includes a switch of some kind. (And a product that is called a “switch” could usually be considered a hub as well.) The distinction seems to be that the hub is the place where data comes together and the switch is what determines how and where data
is forwarded from the place where data comes together. Regarded in its switching aspects, a hub can also include a router.
1) In describing network topologies, a hub topology consists of a backbone (main circuit) to which a number of outgoing lines can be attached (“dropped”), each providing one or more connection port for device to attach to. For Internet users not connected to a local area network, this is the general topology used by your access provider. Other common network topologies are the bus network and the ring network. (Either of these could possibly feed into a hub network, using a bridge.)
2) As a network product, a hub may include a group of modem cards for dial-in users, a gateway card for connections to a local area network (for example, an Ethernet or a token ring), and a connection to a line (the main line in this example).
A bridge is used to connect two networks together. Just like a bridge connects two roads, this bridge can join two different networks to extend the network. Say you have two home networks, one in the basement and one upstairs. You can put a bridge in the middle of the house, and then transfer files between networks while still having two seperate networks. The only disadvantage to doing is, is that the collision domain becomes larger (more chance of packets colliding) since the network is much larger.
A repeater is like a router, but is used to re-strengthen a signal over a long distance. There are analog repeaters, which can only amplify the signal and there are digital repeaters that can restore a signal to near original quality. Some hubs can act as repeaters aswell. Repeaters cannot route internet like a router can though, they are strictly used to regenerate a signal. A repeater should be used when cat5e cabling is over 300feet (100metres) in length. A wireless repeater can be placed between the router and the computer, when length is an issue and the signal is degraded.
NAT (Network Address Translation or Network Address Translator) is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, a company maps its local inside network addresses to one or more global outside IP addresses and unmaps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP addressin its communication with the world.
NAT is included as part of a router and is often part of a corporate firewall. Network administrators create a NAT table that does the global-to-local and local-to-global IP address mapping. NAT can also be used in conjunction with policy routing. NAT can be statically defined or it can be set up to dynamically translate from and to a pool of IP addresses. Cisco’s version of NAT lets an administrator create tables that map:
- A local IP address to one global IP address statically
- A local IP address to any of a rotating pool of global IP addresses that a company may have
- A local IP address plus a particular TCP port to a global IP address or one in a pool of them
- A global IP address to any of a pool of local IP addresses on a round-robin basis
NAT is described in general terms in RFC 1631. which discusses NAT’s relationship to Classless Interdomain Routing (CIDR) as a way to reduce the IP address depletion problem. NAT reduces the need for a large amount of publicly known IP addresses by creating a separation between publicly known and privately known IP addresses. CIDR aggregates publicly known IP addresses into blocks so that fewer IP addresses are wasted. In the end, both extend the use of IPv4 IP addresses for a few more years before IPv6 is generally supported.
Vrtual Private Networking, or VPN, is a technology that lets people access their office’s computer network over the Internet while at home or traveling. Accessing a network in this way is referred to as remote access. (For comparison, another common form of remote access is dialing in to the office network over a telephone line.)
But VPN is useful for more than just remote access. It can also be used to link two separate offices over a distance. This is sometimes called a “persistent VPN tunnel”, or “site-to-site VPN”.
VPN for Remote Access
So why would you want to use VPN for remote access? Let’s say you want users to be able to work from home. Or maybe someone needs to retrieve a file while traveling. Without VPN, in order to make resources on the office network available to users, the network administrator would have to weaken the security of your network by opening holes in your firewall — which isn’t usually a good idea. Or the remote user would have to dial in over a phone line, sometimes incurring long-distance charges.
With VPN, the integrity of your office network remains intact, but you can allow remote users to act as part of the office network. After connecting over VPN, remote users can access files, print to printers, and generally do anything with their computers that they would be able to do in the office.
Still, using VPN is not the same as being in the office. Most office networks are pretty fast. Most Internet connections are not. Even the fastest DSL and cable connections are around one-tenth the speed of your average office LAN. This means that accessing resources on the LAN will be much slower over VPN. It would also depend on the “upstream” or upload speed of your office’s network connection. As opposed to working on files directly over the VPN connection, it is often more time-efficient to to copy them to your computer over the VPN connection. When you are done working with them you would copy them back to the file server.
How It Works
In a small office network, VPN is most frequently implemented through a router. Just about every small office that shares an Internet connection with more than one computer already has a router of some kind, but most of them don’t include VPN. For example, small office/home office (SOHO) routers by Linksys, Netgear, or D-Link are popular choices, offering DHCP, NAT, and basic security features in a single device, but they don’t always include VPN support.
Once the VPN router is in place, individual computers can be set up to connect to it from outside the network. Depending on the router and the computers involved, you might need to install software on the computers that will use VPN. Sometimes computers have the ability to connect built-in. Either way, once the hardware and software has been set up, the remote user can initiate a VPN connection.
How a VPN session is initiated depends on how the computer is connected to the Internet. Usually it works something like this: the user double-clicks on a shortcut and the VPN connection window appears. The user enters a username and password and hits “connect.” If the computer has an always-on connection like DSL or cable, the VPN connection is immediately established. If the computer dials in to an ISP in order to access the Internet, that connection is established first and then the VPN connection is established on top of that. Once users are connected to the office network over VPN, they can access files and other resources.
When users are done working, they simply disconnect the VPN connection.
VPN As a Persistent Tunnel
VPN technology can also be used to link two separate networks over the Internet so they operate as a single network. This is useful for organizations that have two physical sites. Rather than set up VPN connections on every person’s computer, the connection between the two sites can be handled by routers, one at each location. Once configured, the routers maintain a constant tunnel between them that links the two sites. In this scenario, users don’t have to do anything to initiate the VPN session because it is always on.
Security and Encryption
There are mainly two kinds of VPN: Point to Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP). Both can link a remote computer to a network, but only L2TP offers strong security. If you must transmit sensitive information, do not use PPTP. Remember that when you set up VPN, you’re offering a way into your office network. To minimize the risk of unauthorized parties poking around your network, choose and enforce a strong password policy.
If you allow home users to connect to the office network via VPN, you have to consider viruses or other security threats that could come from the user’s home. One way to address this risk is by giving home users a computer that is owned and maintained by the organization, so is certified as up-to-date and virus-free.
Before you implement VPN, evaluate the benefits to your organization and weigh it against the costs of equipment, installation time, and staff training. Maybe you’re considering VPN because your executive director wants to be able to access files on the server while traveling. Maybe VPN would be a good solution. Or perhaps it would work just as well for your executive director to call the office and ask the receptionist to e-mail the file. Given the plethora of online collaboration tools and web-based technologies available now, VPN may not be the only method to access documents off site. However, VPN remains to be the industry standard that is established, scaleable, and secure. Before deciding on any of these technologies, determine the many risks and rewards first.
Once you have decided to implement VPN, determine whether you need help or not. If someone on your staff understands TCP/ IP networking well and can set up the new router, you might be set. If not, consider finding a trusted consultant to help set it up.
In order to use VPN, your Internet connection should have a static IP address. Most types of Internet connections — dial-up, DSL, and cable — provide you with a numerical address on the Internet that changes from time to time. This is called a dynamic IP address. In order to provide VPN access to remote users it is preferable to have an address that doesn’t change, a static IP. Alternately, you can use a dynamic DNS (DDNS) service that can map a domain name to a dynamic IP. There are free services that can map a fixed domain to an account, which your router can update as it obtains different IP addresses. Consult your router or firewall documentation if DDNS is supported
To obtain a static IP address for your Internet connection, talk to your Internet service provider. It may require an additional monthly fee of a few dollars. If you have a friendly ISP, sometimes you can talk it into just giving you a static IP. Occasionally, an ISP will try to sell you much more expensive DSL service, possibly bundled with equipment, when you ask about a static IP. The company might call it a “business class” of service. If the upgrade is too expensive, test the VPN functionality in a pilot phase if DDNS is supported, only then should you decide to pay for the upgrade if necessary.
The Ethernet protocol is by far the most widely used. Ethernet uses an access method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection). This is a system where each computer listens to the cable before sending anything through the network. If the network is clear, the computer will transmit. If some other node is already transmitting on the cable, the computer will wait and try again when the line is clear. Sometimes, two computers attempt to transmit at the same instant. When this happens a collision occurs. Each computer then backs off and waits a random amount of time before attempting to retransmit. With this access method, it is normal to have collisions. However, the delay caused by collisions and retransmitting is very small and does not normally effect the speed of transmission on the network.
The Ethernet protocol allows for linear bus, star, or tree topologies. Data can be transmitted over wireless access points, twisted pair, coaxial, or fiber optic cable at a speed of 10 Mbps up to 1000 Mbps.
To allow for an increased speed of transmission, the Ethernet protocol has developed a new standard that supports 100 Mbps. This is commonly called Fast Ethernet. Fast Ethernet requires the use of different, more expensive network concentrators/hubs and network interface cards. In addition, category 5 twisted pair or fiber optic cable is necessary. Fast Ethernet is becoming common in schools that have been recently wired.
Local Talk is a network protocol that was developed by Apple Computer, Inc. for Macintosh computers. The method used by Local Talk is called CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance). It is similar to CSMA/CD except that a computer signals its intent to transmit before it actually does so. Local Talk adapters and special twisted pair cable can be used to connect a series of computers through the serial port. The Macintosh operating system allows the establishment of a peer-to-peer network without the need for additional software. With the addition of the server version of AppleShare software, a client/server network can be established.
The Local Talk protocol allows for linear bus, star, or tree topologies using twisted pair cable. A primary disadvantage of Local Talk is speed. Its speed of transmission is only 230 Kbps.
The Token Ring protocol was developed by IBM in the mid-1980s. The access method used involves token-passing. In Token Ring, the computers are connected so that the signal travels around the network from one computer to another in a logical ring. A single electronic token moves around the ring from one computer to the next. If a computer does not have information to transmit, it simply passes the token on to the next workstation. If a computer wishes to transmit and receives an empty token, it attaches data to the token. The token then proceeds around the ring until it comes to the computer for which the data is meant. At this point, the data is captured by the receiving computer. The Token Ring protocol requires a star-wired ring using twisted pair or fiber optic cable. It can operate at transmission speeds of 4 Mbps or 16 Mbps. Due to the increasing popularity of Ethernet, the use of Token Ring in school environments has decreased.
Fiber Distributed Data Interface (FDDI) is a network protocol that is used primarily to interconnect two or more local area networks, often over large distances. The access method used by FDDI involves token-passing. FDDI uses a dual ring physical topology. Transmission normally occurs on one of the rings; however, if a break occurs, the system keeps information moving by automatically using portions of the second ring to create a new complete ring. A major advantage of FDDI is speed. It operates over fiber optic cable at 100 Mbps.
Asynchronous Transfer Mode (ATM) is a network protocol that transmits data at a speed of 155 Mbps and higher. ATM works by transmitting all data in small packets of a fixed size; whereas, other protocols transfer variable length packets. ATM supports a variety of media such as video, CD-quality audio, and imaging. ATM employs a star topology, which can work with fiber optic as well as twisted pair cable.
ATM is most often used to interconnect two or more local area networks. It is also frequently used by Internet Service Providers to utilize high-speed access to the Internet for their clients. As ATM technology becomes more cost-effective, it will provide another solution for constructing faster local area networks.
The most recent development in the Ethernet standard is a protocol that has a transmission speed of 1 Gbps. Gigabit Ethernet is primarily used for backbones on a network at this time. In the future, it will probably be used for workstation and server connections also. It can be used with both fiber optic cabling and copper. The 1000BaseTX, the copper cable used for Gigabit Ethernet, is expected to become the formal standard in 1999.