Monitoring And Maintenance Of Internet Services With Hardware And Software Configurations

CHAPTER 1

INTRODUCTION

1.1 History

In the past, most ISP's were run by the phone company. Now, ISPs can In addition to

Internet access via various technologies such as dial-up and DSL, they may provide a

combination of services including Internet transit, domain name registration and hosting, web

hosting, and collocation. In the fifties and early sixties, prior to the widespread inter-

networking that led to the Internet, most communication networks were limited by their

nature to only allow communications between the stations on the network. ISPs, so that users

who traveled abroad could save on long-distance connect charges. Peering arrangements were

established between ISPs who agreed to ISPs also formed alliances to network and share their

customers with other carry each other's traffic.

Prior to ISPs, access to the Internet required an account at a university or government

agency and a working knowledge of UNIX. The Internet began accepting commercial traffic

in the early 1990s, but commercial users had to honor the peering protocol of swapping data

free of charge. The National Science Foundation commissioned four private companies in

1994 to build public Internet access points, and in 1995 the federal government closed its

own Internet backbone. The first dial-up ISP, world.std.com, were opened in 1989.

Fig 1.1: Number of Internet Hosts.

According to Boardwatch, the number of ISPs increased from about 1,400 in early 1996 to

3,000 at the bigimming of 1997. By mid – 1997 there were an estimated 4,000 ISPs in the

United State and Canada. Many of them were small operations that served consmures and

small business in local markets by leasing and reselling the Internet services of large

ISPs.Earthlink Network Icn. Emerged as one of the largest national ISPs serving consumers,

with 320,000 customers[1].

1.2 ISP Industry of Bangladesh

In 1998 the Internet Service Providers Association of Bangladesh was organized for

the general purpose of improving business conditions of Internet Service Providers operating

in Bangladesh by such activities as serving the common business interest of its Members by

promoting higher business standards In the early nineties, Bangladesh had access to email via

dialup to Bulletin Board Systems (BBS) of a few local providers. The combined Internet

users of all the email-only service providers were not more then 500.

In June 1996, the Government allowed VSAT's to be operated in the Private Sector,

albeit to be provided solely by the Government owned Telephone Operator, BTTB. Only a

handful of ISPs were connected within the first year. However, more liberal Government

policies were followed in the subsequent years which led to a rapid expansion of this

industry, eventually resulting in over 180 registered ISP's by 2005. ISPs are currently

regulated by the Bangladesh Telecommunication Regulatory Commission (BTRC) through

the Bangladesh Telecommunications Act. The government has decided to provide internet

protocol (IP) telephony licenses to help reduce the costs of international calls substantially

and augment legal calls through internet. The Bangladesh Telecommunication Regulatory

Commission will provide the IP telephony licenses only to the internet service providers

(ISPs) as part of its drive to legalise voice over internet protocol (VoIP) across the country

[1].

1.3 ISP

In this chapter, the topic about Local Area Network, Wide Area Network, Topology,

Internetworking, DSL and Media have been discussed. The brief description of the above

mentioned points have been given below.

1.3.1 Local Area Network

A local area network (LAN) is usually privately owned and links the device in a

single office, building, or campus. Depending on the needs of an organization and the type of

technology used, a LAN can be as simple as two PCs and a printer in the someone’s home

office; or it can extended throughout a company and include audio and video peripherals.

Currently, LAN size is limited in few kilometers. LANs are designed to allow resources to be

shared between personal computers or workstation. The resources to be shared can include

hardware, software and data [2].

1.3.2 Wide Area Network

A wide area network (WAN) provides long-distance transmission of data, voice

image over video information over large geographic areas that may comprise a country,

continent, or over the whole world. In contest to LANs WANs may utilize public, leased or

private communication equipment, usually in combinations, and can therefore span an

unlimited number of miles.

1.3.3 Topology

Topology is the geometric arrangement of devices on the network. There are two

kinds of topology physical and logical [3].

1.3.4 Internetworking

An internetwork is a collection of individual networks, connected by intermediate

networking devices, that functions as a single large network. Internetworking refers to the

industry, products, and procedures that meet the challenge of creating and administering

internetworks [3].

1.3.5 DSL

Digital Subscriber Line (DSL) technology is a broadband technology that uses existing

twisted-pair telephone lines to transport high-bandwidth data to service subscribers. DSL

service is considered broadband, as opposed to the baseband service for typically LANs.

Broadband refers to a technique which uses multiple frequencies with in the same physical

medium to transmit data. The term xDSL covers a number of similar yet competing forms of

DSL technologies:

● Asymmetric DSL (ADSL)

● Symmetric DSL (SDSL)

● High Bit Rata DSL (HDSL)

● ISDN (like) DSL (IDSL)

● Consumer DSL (CDSL), also called DSL-lite or G.lite

DSL technology allows the service provider to offer high-speed network services to

customers, utilizing installed local loop copper lines. DSL technology allows the local loop

line to be used for normal telephone voice connected and always on connection for instant

network connectivity [4].

1.3.6 Media

Twisted-pair wire, coaxial cables, or fiber optic cables can connect devices. Some

networks do without connecting media altogether, communicating instead via radio waves

[4].

1.4 Applications of ISP

In a word Internet service provider, a company that provides

1. Access to the Internet.

2. Services to individuals and companies on to the web.

3. It will offer web hosting (web pages stored on its web servers).

4. Access to news group, access to FTTP server and electronic mail.

5. It owns or hires a permanent TCP/IP connection and uses servers

permanently.

1.5 Aim of the Internship

The main objectives of this internship are as follows:

To establish and test dial-up connection.

To support client service e.g. troubleshooting, connectivity test etc.

To set up broadband connection.

To establish shared and dedicated Internet connection.

To set up intranet connection.

To configure web server using LINUX.

1.6 Organization of Report

In Chapter 2 all types of ISP Hardware have been described. After that different types

of networking media and topology have been depicted in Chapter 3. In Chapter 4 connection

and establishment procedures of Local Area Network (LAN) have been elaborately

described. In the same chapter switch configuration has also been depicted. The Wide Area

Network (WAN) and Configuration of Router have been explained in Chapter 5. At last a

depiction has been made on Server Configuration using LINUX in Chapter 6.

CHAPTER 2

ISP HARDWARE

2.1 Introduction

An Internet service provider (abbr. ISP, also called Internet access provider or

IAP) is a business or organization that sells to consumer’s access to the Internet and related

services. This involves one or more servers using the FTP, SMTP, POP3 etc. protocol. ISPs

are also called IAPs (Internet Access Providers). But from a conceptual viewpoint, the roles

are different. The IAP, being a gate to the Internet, will route all traffic from the Internet

subscriber, while the ISP will only be aware of what happens on its servers.

The Internet uses can be an individual accessing the net from home, generally using

temporary TCP/IP connection (and thus dynamic IP address) via a modem, a terminal adaptor

(ISDN) or a permanent connection (thus static IP address) through xDSL, Cable TV, etc.

Connection via a mobile phone, whilst generally more expensive is also possible. An

organization, a public administration or a company, which uses Internet not only to provide

or to look for information but also to collect data for the purpose of its tasks activities

(administrative procedures, selling of goods or provision of services, publication directories,

small ads, sending out and questionnaires, etc) [5].

Figure 2.1: ISP.

2.2 ISP Hardware Elements

VSAT

Router

Switch

Hub

Bridge

Cable & Connector

Bandwidth Manager

Servers

SDSL/ADSL

Wireless

Access Server

UPS

2.2.1 VSAT

A Very Small Aperture Terminal VSAT is small-sized telecommunication earth

station that transmits and receives via satellite. The terminal size is usually 1.2 to 4.2 meter in

diameter. VSAT network may transmit and receive voice, data, fax, or video. There are three

major signal bands available for VSAT Technology. They are C-band, KU-band and the KA-

band. VSAT is a collection of outdoor and indoor equipments.

Outdoor:

Antenna

Feed horn

ODU

Low Noise Amplifier (LNA)

Low Noise Block Down converter (LNB)

Block Up Converter (BUC)

Indoor:

Satellite Modem

Port of ODU

VSAT is the only technology for in depended Internet connection in Bangladesh. All the ISPs

of Bangladesh running their service via VSAT [3].

Figure 2.2: a.

VSAT Antenna b. VSAT Modem

2.2.2 Router

It is a device that determines the next network and forward packets to the destinations.

The router connects at least two networks and determines which way to send each data packet

based on routing table. Router are responsible for routing data packet from source to

destination within the LAN, and providing connectivity to WAN. A router reads the Layer3

network address information in every packet that it receives and determines. If it is to be

forwarded, the router looks in it routing table to find the best route between a sender and a

receiver. Router creates or maintains a table of the available routers and uses this information

to determine the route for data packet [3].

Figure2.3: Router.

2.2.3 Switch

It is a network device that filters, forwards and floods frames based on the MAC

destination address of each frame. A switch operates at the data-link layer of the OSI model.

A switch has many ports with many network segments connect to them. A switch chooses the

ports which the destination device or workstation is connected [3].

Figure 2.4: Switch.

2.2.4 Bridge

A bridge is a device that connects and passes frames between two network segments.

It operates both physical and data-link layer. As a physical layer device, it regenerates the

signal it receivers. As a data-link layer device, the bridge can check the physical (MAC)

address contained in the frame [3].

Figure 2.5: Bridge.

2.2.5 Hub

Hubs are actually multiport repeaters. IT is normally use to create connections

between stations in physical star topology. Hubs can also be used to create multiple levels of

hierarchy. Hubs concentrate connections [3].

Figure 2.6: Hub.

2.2.6 Cable and Connector

A company can use Cat3, 4, 5 or six all its extended standard cable. Now days Cat 5

cables are most popular. Cat5E also work fine. It is best for any ISP company if they use Cat6

cable for their ISP LAN. The RJ45 end an 8 position that looks like a large phone plug. There

is a couple of variations available. The primary variation that needs to pay attention that

whether the connector is intended braided or soil wire. For braided/stranded wires, the

connector has contacts that actually pierce the wire. For soil wires, the connector has fingers,

which pierce the insulation and make contact with the wire by grasping it from both sides.

The connector is a weak point in an Ethernet connection, choosing the wrong one will often

cause grief leter [3].

Figure 2.7: Cable and Connector.

2.2.7 Bandwidth Manager

Proper bandwidth management is mandatory is mandatory requirement for an ISP.

Every ISP Company should have a proper planning and management for this purpose.

Hardware bandwidth Manager is a special device, which will be used for traffic /bandwidth

control only. Some bandwidth manager provides firewall facilities. There are many

bandwidth controllers in the market. ET (Emerging Technology) is the most use hardware

bandwidth controller in Bangladeshi ISP. It has software as well as hardware solution [6].

2.2.8 Wireless

Wireless has a very large variety of product range. Bangladeshi ISPs are using more

than six types of Wireless Equipments. Any company can select Point-to-Point or Point-to-

Multipoint wireless product. Be clear with they need and then take decision. For example if

they need Point-to-Point product they concentrate about frequency, data transfer rate, power

supply, outdoor safety and area/distance [6].

2.2.9 xDSL

Bangladeshi ISP uses two technology of xDSL group; ADSL and SDSA Some ISP

started to using VDSL (Very high-rate Digital Subscriber Line).

ADSL: Most Bangladeshi ISP uses “zyxel” ADSL concentrator and CPE for providing

Internet access. Connector is ISP End Equipment and CPE is client end equipment. Zyxel has

two types of CPE, ADSL router and ADSL modem. Prices are almost same of those

equipments.

SDSL: Most Bangladeshi ISP use DASAN, Zyxel SDSL Point-to-Point equipment. If

any company wishes to use SDSL concentrator, they can choose DASAN [4].

2.2.10 Servers

Server selection is most important for each server service. Every company needs to

concentrate about following meters before choosing server.

Hard Disk: Nowadays all IBE hard disk are speedy enough to handle complex

storage requirement. If any company want to more optimum performance they san choose

SCASII hard disk.

Processor: Most server service demand mid range processor. It today depends on

traffic and usages.

RAM: Day-by-day applications are being large which requires big RAM run. So the

amount of RAM heavily affects system performance [6].

2.2.11 Access Server

Access server is required for dial-up service. There are two major differences between

access servers.

Internal Modem pool: If any company does not wish to face hassle of external

modems, you may choose a complete access server (with internal modem pool). These kinds

of access server are always a bit costly. It is think about manageably, there is no other

alternative than this type. In a large environment more than 100 phones, this type will be best

choice 3Con & US Robotics access server are commonly use in Bangladesh.

Figure 2.8: 3Com Total Control.

External Modem: It is a bit cost effective access method for small scale for small

scale ISP. Most hazardous part this type is modem management. Cisco 2500 and 2600

provides this facility with an extra module. Lucent Technologies Postmaster is the most

popular product in Bangladesh [6].

Figure 2.9: Lucent Postmaster.

2.2.12 UPS

Choosing a good UPS (Uninterruptible Power Supply) very important. The UPS

should be specifically designed for power sensitive equipment and application. A normal Off-

Line UPS can work well for clone server.

Figure 2.10: UPS.

BTTB recently started E1 facility in Bangladesh. So every company needs to consider

future planning. If any company wishes to use E1 for dialup, purchase E1 (European Telecom

Standard) supported postmaster or access server (recent postmasters and Cisco access servers

support this facility) [3].

CHAPTER 3

NETWORKIG MEDIA AND TOPOLOGY

3.1 Introduction

In networking media include twisted-pair cable, coaxial cable, and optical fiber cable

that provide a conduct from one device to another, a signal traveling along any of these media

is directed and contain by the physical limits of the medium. Twisted-pair cable coaxial cable

use metallic (copper) conductors that accept and transport signals in the form of electric

current. Optical fiber is a glass cable that accepts and transports signals in the form of light.

On the other hand wireless media transports electromagnetic wave without using a physical

conductor. Network topology defines the structure of the network. One part of the topology

definition is the physical topology, which is the actual layout of the wire or media. The other

part is the logical topology, which defines how the hosts access the media to send data.

3.2 Twisted-Pair Cable

A twisted-pair consists of two conductors, each with its own plastic insulation,

twisted together. One of the wires is used to carry signals to the receiver, and other is used to

a grounded interface. The receiver uses at the difference betweens two levels. In additional to

the signal send by the sender on the one of the wires, interference and cross talk may affect

both wires and create unwanted signals. The receiver at the end operates only difference

between these unwanted signals. There are two types of twisted pair cable, unshielded

twisted-pair (UTP) cable and shielded twisted-pair (STP) cable.

3.2.1 Unshielded Twisted-Pair (UTP) Cable

The most common twisted pair used in communication is called unshielded twisted-

pair able. UTP is a four-pair wire medium used in a variety of networks. Each of the eight

copper wires in the UTP cable is covered by insulating material. In addition, each pair of

wires is twisted around each other.

Figure 3.1: UTP cable.

UTP cable has many advantages. It is easy to install and is less expensive than other

types of networking media. In fact, UTP costs less per meter than any other type of LAN

cabling. However, the real advantage is the size.

There are some disadvantages of twisted-pair cabling. UTP cable is more prone to

electrical noise and interference than other types of networking media, and the distance

between signal boosts is shorter for UTP than it is for coaxial and fiber optic cables. Twisted

pair cabling was once considered slower at transmitting data than other types of cable. This is

no longer true. In fact, today, twisted pair is considered the fastest copper-based media [7].

3.2.2 Shielded Twisted-Pair (STP) Cable

STP cable has a metal foil or braided-mesh covering that encases each pair of

insulated conductors. It is usually 150-ohm cable. Although metal casing improves the

quality of cable by preventing the penetration of noise or crosstalk. The metallic shielding

materials in STP need to be grounded at both ends.

Figure 3.2: STP cable.

STP cable shares many of the advantages and disadvantages of UTP cable. STP

provides more protection from all types of external interference. However, STP is more

expensive and difficult to install than UTP [7].

3.3 Coaxial Cable

Coaxial cable carries signals of higher frequency ranges than twisted-pair cable, in

part because the two media are constructed quite differently. Instead of having two wires,

coax has central core conductor of solid or stranded wire (copper) enclosed in an insulating

sheath. This second layer or shield also reduces the amount of outside electromagnetic

interference. Covering this shield is the cable jacket.

Figure 3.3: Coaxial cable.

For LANs, coaxial cable offers several advantages. It can be run longer distances than

shielded twisted pair, STP, unshielded twisted pair, UTP, and screened twisted pair, STP,

cable without the need for repeaters. Coaxial cable is less expensive than fiber-optic cable. It

has been used for many years for many types of data communication such as cable television.

The speed and throughput of coaxial cable is upto10-100 Mbps, and maximum cable length is

500m [7].

3.4 Optical Fiber

It is made of glass or plastic and transmits signals in form of light. Light travels in a

straight line as long as it is moving through a single uniform substance. If the ray of light

travels along one substance to another the ray changes its direction.

Figure 3.4: Optical fiber cable.

The core of the optical fiber has to have a large index of reflection than material that

surrounds it. The material that surrounds the core of the fiber is called the cladding. The core

of the fiber is large enough so that there are many paths that light can take through the fiber,

the fiber is called "multimode" fiber. Single-mode fiber has a much smaller core that only

allows light rays to travel along one mode inside the fiber. Single mode optical fiber has

small core, less dispersion and suited for long distance (up to 3km). Multimode optical fiber

has large core than single mode cable, allow greater dispersion and therefore loss of sign,

used for long distance application but shorter than single mode (up to 2km) and uses LEDs

for lighting source [7].

3.5 Wireless

A wireless network may consist of as few as two devices. - The

nodes could simply be desktop workstations or notebook computers.

Equipped with wireless NICs, an ‘ad hoc’ network could be established

which compares to a peer-to-peer wired network. Both devices act as

servers and clients in this environment. Although it does provide

connectivity, security is at a minimum along with throughput. Another

problem with this type is connectivity. Many times NICs from different

manufacturers are not compatible. Three types of wireless transmission

are radio wave, microwave and infrared.

3.6 Physical Topology

The term physical topology refers to the way in which a network

is laid out physically. Two or more device connect to a link; two or more

link from a topology.

Figure 3.5: Physical topology.

Bus Topology: In a bus topology one long cable act as a backbone to link all the devices in

the network. All the hosts are connected directly to this backbone.

Ring Topology: In a ring topology, each device has a dedicated point-to-point connection

only with the two devices on either side of it. A signal passed along the ring in one direction

from device to device, until it reached it destination.

Star Topology: In a star topology, each device has dedicated point-to-point link only to a

central controller. The devices are not directly linked one another.

Extended Star Topology: An extended star topology links individual stars together by

connecting the hubs or switches.

Hierarchical Topology: A hierarchical topology is similar to an extended star. However,

instead of linking the hubs or switches together, the system is linked to a computer that

controls the traffic on the topology.

Mesh Topology: In a mash topology, every device has a dedicated point-to-point link to

every other device. As seen in the graphic, each host has its own connections to all other

hosts. Although the Internet has multiple paths to any one location, it does not adopt the full

mesh topology [2].

3.7 Logical Topology

The logical topology of a network determines how the hosts communicate across the

medium. The two most common types of logical topologies are broadcast and token passing.

CHAPTER 4

LOCAL AREA NETWORK ESTABLISHMENT

4.1 Introduction

LAN design has evolved. Network designers until very recently used hubs and

bridges to build networks. Now switches and routers are the key components in LAN design,

and the capabilities and performance of these devices continue to improve. Even though each

LAN is unique, there are many design aspects that are common to all LANs. For example,

most LANs follow the same standards and use the same components. This module presents

information on elements of Ethernet LANs and common LAN devices [7].

4.2 LAN Technologies

There are three types of common LAN Technologies:

Ethernet – uses a logical bus topology to control information flow on a liner bus and

a physical star or extended star topology for the cables.

Token Ring – uses a logical ring topology to control information flow and a physical

star topology.

FDDI – uses a logical ring topology to control information flow and physical dual-

ring topology [7].

Figure 4.1: Common LAN Technologies.

4.3 Ethernet LAN Developments

The earliest LAN technologies used either thick Ethernet or thin

Ethernet infrastructures. It is important to understand the limitations of

these infrastructures. In order to understand the advancements in LAN

switching. The addition of hubs or concentrators into the network offered

an improvement on thick and thin Ethernet technology. A hub is a Layer 1

device and is sometimes referred to as an Ethernet concentrator or a

multiport repeater. Hubs allow better access to the network for more

users. Hubs regenerate data signals which allow networks to be extended

to greater distances.

Ethernet is fundamentally a shared technology where all users on a

given LAN segment compete for the same available bandwidth. This

situation is analogous to a number of cars that try to access a one-lane

road at the same time. Since the road has only one lane, only one car can

access it at a time. As hubs were added to the network, more users

competed for the same bandwidth.

Figure 4.2: Develop LAN Topology.

Collisions are a by-product of Ethernet networks. If two or more

devices try to transmit at the same time, a collision occurs. This situation

is analogous to two cars that try to merge into a single lane and cause a

collision. Traffic is backed up until the collision can be cleared. Excessive

collisions in a network result in slow network response times. This

indicates that the network is too congested or has too many users who

need to access the network at the same time.

Layer 2 devices are more intelligent than Layer 1 devices. Layer 2

devices make forwarding decisionsbased on Media Access Control (MAC)

addresses contained within the headers of transmitted data frames. A

bridge is a Layer 2 device used to divide, or segment, a network. Bridges

collect and selectively pass data frames between two network segments.

In order to do this, bridges learn the MAC address of devices on each

connected segment..

Bridges do not restrict broadcast traffic. However, they do provide

greater traffic control within a network. A switch is also a Layer 2 device

and may be referred to as a multi-port bridge. Switches make forwarding

decisions based on MAC addresses contained within transmitted data

frames. Switches learn the MAC addresses of devices connected to each

port and this information is entered into a switching table. Switches create

a virtual circuit between two connected devices that want to

communicate. When the virtual circuit is created, a dedicated

communication path is established between the two devices [4].

4.4 Ethernet In The Campus

Ethernet is the most widely used LAN technology. Ethernet was first implemented by

the Digital, Intel, and Xerox group (DIX). DIX created and implemented the first Ethernet

LAN specification, which was used as the basis for the Institute of Electrical and Electronics

Engineers (IEEE) 802.3 specification. A network may require an upgrade to one of the faster

Ethernet topologies.

The new generation of multimedia, imaging, and database products can easily

overwhelm a network that operates at traditional Ethernet speeds of 10 and 100 Mbps.

Network administrators may choose to provide Gigabit Ethernet from the backbone to the

end user. Installation costs for new cables and adapters can make this prohibitive.

There are several ways that Ethernet technologies can be used in a campus network:

1. An Ethernet speed of 10 Mbps can be used at the user level to provide good

performance.

2. Clients or servers that require more bandwidth can use 100-Mbps Ethernet.

Fast Ethernet is used as the link between user and network devices. It can support the

combination of all traffic from each Ethernet segment. Fast Ethernet can be used to connect

enterprise servers. This will enhance client-server performance across the campus network

and help prevent bottlenecks. Fast Ethernet or Gigabit Ethernet should be implemented

between backbone devices, based on affordability [4].

4.5 Host Connectivity

The function of a NIC is to connect a host device to the network medium. A NIC is a

printed circuit board that fits into the expansion slot on the motherboard or peripheral device

of a computer. The NIC is also referred to as a network adapter. On laptop or notebook

computers a NIC is the size of a credit card. NICs are considered Layer 2 devices because

each NIC carries a unique code called a MAC address. This address is used to control data

communication for the host on the network. More will be learned about the MAC address

later. NICs control host access to the medium [4].

4.5.1 Peer-to-Peer Connection

When LAN and WAN technologies are used, many computers are interconnected to

provide services to their users. To accomplish this, networked computers take on different

roles or functions in relation to each other. Some types of applications require computers to

function as equal partners.

Figure 4.3: Peer to Peer Environment.

Other types of applications distribute their work so that one computer functions to serve a

number of others in an unequal relationship. Two computers generally use request and

response protocols to communicate with each other. One computer issues a request for a

service, and a second computer receives and responds to that request. The requestor acts like

a client and the responder acts like a server.

In a peer-to-peer network, networked computers act as equal partners, or peers. As

peers, each computer can take on the client function or the server function. Computer A may

request for a file from Computer B, which then sends the file to Computer A. Computer A

acts like the client and Computer B acts like the server. At a later time, Computers A and B

can reverse roles.

In a peer-to-peer network, individual users control their own resources. The users may

decide to share certain files with other users. The users may also require passwords before

they allow others to access their resources. Since individual users make these decisions, there

is no central point of control or administration in the network. In addition, individual users

must back up their own systems to be able to recover from data loss in case of failures. When

a computer acts as a server, the user of that machine may experience reduced performance as

the machine serves the requests made by other systems.

Peer-to-peer networks are relatively easy to install and operate. No additional

equipment is necessary beyond a suitable operating system installed on each computer. Since

users control their own resources, no dedicated administrators are needed. As networks grow,

peer-to-peer relationships become increasingly difficult to coordinate. A peer-to-peer network

works well with ten or fewer computers [4].

4.5.2 Client/Server Connection

In a client/server arrangement, network services are

located on a dedicated computer called a server. The server

responds to the requests of clients. The server is a central

computer that is continuously available to respond to requests

from clients for file, print, application, and other services.

Most network operating systems adopt the form of a

client/server relationship. Typically, desktop computers function as clients and one or more

computers with additional processing power, memory, and specialized software function as

servers.

Figure 4.4: Client to Server Connection.

Servers are designed to handle requests from many clients simultaneously. Before a

client can access the server resources, the client must be identified and be authorized to use

the resource. Each client is assigned an account name and password that is verified by an

authentication service. The authentication service guards access to the network. With the

centralization of user accounts, security, and access control, server-based networks simplify

the administration of large networks.

The concentration of network resources such as files, printers, and applications on

servers also makes it easier to back-up and maintain the data. Resources can be located on

specialized, dedicated servers for easier access. Most client/server systems also include ways

to enhance the network with new services that extend the usefulness of the network.

The centralized functions in a client/server network has substantial advantages and

some disadvantages. Although a centralized server enhances security, ease of access, and

control, it introduces a single point of failure into the network. Without an operational server,

the network cannot function at all. Servers require a trained, expert staff member to

administer and maintain. Server systems also require additional hardware and specialized

software that add to the cost [4].

4.6 Connection Media

The connector on a NIC may not match the media to which it needs to connect. The

AUI connector allows different media to connect when used with the appropriate transceiver.

A transceiver is an adapter that converts one type of connection to another. A transceiver will

usually convert an AUI to an RJ-45, a coax, or a fiber optic connector. On 10BASE5

Ethernet, or Thicknet, a short cable is used to connect the AUI with a transceiver on the main

cable [4].

4.7 UTP Implementation

EIA/TIA specifies an RJ-45 connector for UTP cable. The letters RJ stand for

registered jack and the number 45 refers to a specific wiring sequence. The RJ-45 transparent

end connector shows eight colored wires. Four of the wires, T1 through T4, carry the voltage

and are called tip. The other four wires, R1 through R4, are grounded and are called ring. Tip

and ring are terms that originated in the early days of the telephone. Today, these terms refer

to the positive and the negative wire in a pair. The wires in the first pair in a cable or a

connector are designated as T1 and R1. The second pair is T2 and R2, the third is T3 and R3,

and the fourth is T4 and R4.

The RJ-45 connector is the male component, which is crimped on the end of the

cable. When a male connector is viewed from the front, the pin locations are numbered from

8 on the left to 1 on the right. as seen in Figure 4.5.

The jack is the female component in a network device, wall outlet, or patch panel as

seen in Figure 3.3. Figure 4.6 shows the punch-down connections at the back of the jack

where the Ethernet UTP cable connects.

Figure 4.5: Internal View of RJ-

45.

For electricity to run between the connector and the

jack, the order of the wires must follow T568A or

T568B color code found in the EIA/TIA-568-B.1 standard. To determine the EIA/TIA

category of cable that should be used to connect a device, refer to the documentation for that

device or look for a label on the device near the jack. If there are no labels or documentation

available, Category 5E or greater can be used as higher categories in place of lower ones.

Then it is determine whether to use a straight-through cable or a crossover cable.

Figure 4.6: Wire Combination of UTP.

If the two RJ-45 connectors of a cable are held side by side in the same orientation,

the colored wires will be seen in each. If the order of the colored wires is the same at each

end, then the cable is a straight-through.

In a crossover cable, the RJ-45 connectors on both ends show that some of the wires

are connected to different pins on each side of the cable. Figure4.5 shows that pins 1 and 2 on

one connector connect to pins 3 and 6 on the other [4].

Figure 4.7: Wire Connection of RJ-45.

Straight-through cables are used for the following connections:

Switch to router

Switch to PC or server

Hub to PC or server

Crossover cables are used for the following connections:

Switch to switch

Switch to hub

Hub to hub

Router to router

PC to PC

Router to PC

4.8 Cabling Hubs

Hubs are actually multiport repeaters. The difference between hubs and repeaters is

usually the number of ports that each device provides. A typical repeater usually has two

ports. A hub generally has from 4 to 24 ports. Hubs are most commonly used in Ethernet

10BASE-T or 100BASE-T networks.

The use of a hub changes the network from a linear bus with each device plugged directly

into the wire to a star topology. Data that arrives over the cables to a hub port is electrically

repeated on all the other ports connected to the network segment.

Figure 4.8: Hub Connection.

A passive hub serves as a physical connection point only. It does not manipulate or

view the traffic that crosses it. It does not boost or clean the signal. A passive hub is used

only to share the physical media. A passive hub does not need electrical power. An active hub

must be plugged into an electrical outlet because it needs power to amplify a signal before it

is sent to the other ports. Intelligent hubs are sometimes called smart hubs. They function like

active hubs with microprocessor chips and diagnostic capabilities. Intelligent hubs are more

expensive than active hubs. They are also more useful in troubleshooting situations. Devices

attached to a hub receive all traffic that travels through the hub. If many devices are attached

to the hub, collisions are more likely to occur. A collision occurs when two or more

workstations send data over the network wire at the same time. All data are corrupted when

this occurs. All devices that are connected to the same network segment are members of the

same collision domain. Sometimes hubs are called concentrators since they are central

connection points for Ethernet LANs [4].

4.9 Cabling Bridges

In many times it is necessary to break up a large LAN into smaller and more easily

managed segments.  This decreases the amount of traffic on a single LAN and can extend the

geographical area past what a single LAN can support. The devices that are used to connect

network segments together include bridges, switches, routers, and gateways. Switches and

bridges operate at the data link layer of the OSI model. The function of the bridge is to make

intelligent decisions about whether or not to pass signals on to the next segment of a network.

Figure 4.9: Bridge

Connection.

When a bridge receives a frame on the network, the destination MAC address is looked up in

the bridge table to determine whether to filter, flood, or copy the frame onto another segment

[4].

4.10 Cabling Switches

A switch is sometimes described as a multiport bridge. A typical bridge may have

only two ports that link two network segments. A switch can have multiple ports based on the

number of network segments that need to be linked. Like bridges, switches learn information

about the data packets that are received from computers on the network. Switches use this

information to build tables to determine the destination of data that is sent between computers

on the network

Although there are some similarities between the two, a switch is a more sophisticated

device than a bridge. A bridge determines whether the frame should be forwarded to the other

network segment based on the destination MAC address. A switch has many ports with many

network segments connected to them. A switch chooses the port to which the destination

device or workstation is connected. Ethernet switches are popular connectivity solutions

because they improve network speed, bandwidth, and performance.

Figure 4.10: Switch Connection.

Switching is a technology that alleviates congestion in Ethernet LANs. Switches

reduce traffic and increase bandwidth. Switches can easily replace hubs because switches

work with the cable infrastructures that are already in place. This improves performance with

minimal changes to a network. All switching equipments perform two basic operations. The

first operation is called switching data frames. This is the process by which a frame is

received on an input medium and then transmitted to an output medium. The second is the

maintenance of switching operations where switches build and maintain switching tables and

search for loops.

Switches operate at much higher speeds than bridges and can support new

functionality, such as virtual LANs. An Ethernet switch has many benefits. One benefit is

that it allows many users to communicate at the same time through the use of virtual circuits

and dedicated network segments in a virtually collision-free environment. This maximizes

the bandwidth available on the shared medium. Another benefit is that a switched LAN

environment is very cost effective since the hardware and cables in place can be reused [4].

4.11 Configuring The Switch

4.11.1 Verifying The Catalyst Switch Default Configuration

When powered up for the first time, a switch has default data in the running

configuration file. The default hostname is Switch. No passwords are set on the console or

virtual terminal (vty) lines. A switch may be given an IP address for management purposes.

This is configured on the virtual interface, VLAN 1. By default, the switch has no IP address.

The switch ports or interfaces are set to auto mode , and all switch ports are in VLAN

1. VLAN 1 is knownas the default management VLAN.

The flash directory by default, has a file that contains the IOS image, a file called env_vars,

and a subdirectory called html. After the switch is configured, the flash directory will contain

a file called config.textas well as a VLAN database. As seen in Figure , the flash directory

does not contain a config.text file or a VLAN database file called vlan.dat. The IOS version

and the configuration register settings can be verified with the show version command.

For small networks, the default configuration may be sufficient. The benefits of better

performance with microsegmentation are obtained immediately [4].

Figure 4.11: Default Running Configuration and Default Interface.

Figure 4.12: Default VLAN

4.11.2 Configuring the Catalyst Switch

A switch may be preconfigured and only passwords may need to be

entered for the User EXEC or Privileged EXEC modes. Switch configuration

mode is entered from Privileged EXEC mode. In the CLI, the default

Privileged EXEC mode prompt is Switch#. In User EXEC mode the prompt

is

Switch>.

The following steps will ensure that a new configuration will

completely overwrite the current

configuration:

To remove the current VLAN information, delete the VLAN database file

called vlan.dat from the flash directory

Erase the back up configuration file called startup-config

Restart the switch with the reload command

Security, documentation, and management are important for every

network device. A switch should be given a hostname, and passwords

should be set on the console and vty lines.

To allow the switch to be accessible by Telnet and other TCP/IP

applications, IP addresses and a default gateway should be set. By

default, VLAN 1 is the management VLAN. In a switch-based network, all

network devices should be in the management VLAN. This allows a single

management workstation to access, configure, and manage all the

network devices.

The Fast Ethernet switch ports default to auto-speed and auto-

duplex. This allows the interfaces to negotiate these settings. Network

administrators can manually configure the interface speed and duplex

values if necessary.

Some network devices can provide a web-based interface for

configuration and management purposes. Once a switch is configured

with an IP address and gateway, it can be accessed in this way. A web

browser can access this service using the IP address and port 80, the

default port for http. The HTTP service can be turned on or off, and the

port address for the service can be chosen.

Any additional software such as an applet can be downloaded to the

browser from the switch. Also, the switch can be managed by a browser

based graphical user interface (GUI) [4].

Figure 4.13: Switch Hostname, Password, IP Address and Default gateway.

CHAPTER 5

WIDE AREA NETWORK ESTABLISHMENT

5.1 Introduction

A WAN is a data communications network that operates beyond the geographic scope

of a LAN. One primary difference between a WAN and a LAN is that a company or

organization must subscribe to an outside WAN service provider in order to use WAN carrier

network services. A WAN uses data links provided by carrier services to access the Internet

and connect the locations of an organization to each other, to locations of other organizations,

to external services, and to remote users. WANs generally carry a variety of traffic types,

such as voice, data, and video. Telephone and data services are the most commonly used

WAN services.

5.2 WAN Technologies

Devices on the subscriber premises are called customer premises equipment (CPE).

The subscriber owns the CPE or leases the CPE from the service provider. A copper or fiber

cable connects the CPE to the service provider’s nearest exchange or central office (CO).

This cabling is often called the local loop, or "last-mile". A dialed call is connected locally to

other local loops, or non-locally through a trunk to a primary center. It then goes to a

sectional center and on to a regional or international carrier center as the call travels to its

destination.

In order for the local loop to carry data, a device such as a modem is needed to

prepare the data for transmission. Devices that put data on the local loop are called data

circuit-terminating equipment, or data communications equipment (DCE). The customer

devices that pass the data to the DCE are called data terminal equipment (DTE). The DCE

primarily provides an interface for the DTE into the communication link on the WAN cloud.

The DTE/DCE interface uses various physical layer protocols, such as High-Speed Serial

Interface (HSSI) and V.35. These protocols establish the codes and electrical parameters the

devices use to communicate with each other [4].

Figure 5.1: WAN Technology.

5.3 WAN Devices

WANs are groups of LANs connected together with communications links from a

service provider. Because the communications links cannot plug directly into the LAN, it is

necessary to identify the various pieces of interfacing equipment.

LAN-based computers with data to transmit send data to a router that contains both

LAN and WAN interfaces. The router will use the Layer 3 address information to deliver the

data on the appropriate WAN interface. Routers are active and intelligent network devices

and therefore can participate in network management. Routers manage networks by providing

dynamic control over resources and supporting the tasks and goals for networks. Some of

these goals are connectivity, reliable performance, management control, and flexibility.

Figure 5.2: WAN Devices.

The communications link needs signals in an appropriate format. For digital lines, a

channel service unit (CSU) and a data service unit (DSU) are required. The two are often

combined into a single piece of equipment, called the CSU/DSU. The CSU/DSU may also be

built into the interface card in the router. A modem is needed if the local loop is analog rather

than digital. Modems transmit data over voice-grade telephone lines by modulating and

demodulating the signal. The digital signals are superimposed on an analog voice signal that

is modulated for transmission [4].

5.4 Router

Routers are responsible for routing data packets from source to destination within the

LAN, and for providing connectivity to the WAN. Within a LAN environment the router

contains broadcasts, provides local address resolution services, such as ARP and RARP, and

may segment the network using a subnetwork structure. In order to provide these services the

router must be connected to the LAN and WAN [4].

5.4.1 Router User Interface Modes

The Cisco IOS software separates the EXEC sessions into two access levels. These levels

are user EXEC mode and privileged EXEC mode. The privileged EXEC mode is also known

as enable mode. The following are the features of the user EXEC mode and privileged EXEC

mode:

The user EXEC mode allows only a limited number of basic monitoring commands.

This is often referred to as a view only mode. The user EXEC level does not allow

any commands that might change the configuration of the router. The user EXEC

mode can be identified by the > prompt.

The privileged EXEC mode provides access to all router commands. This mode can

be configured to require a password. For added protection, it can also be configured to

require a user ID. This allows only authorized users to access the router. Configuration and

management commands require that the network administrator be at the privileged EXEC

level. Global configuration mode and all other more specific configuration modes can only be

reached from the privileged EXEC mode. The privileged EXEC mode can be identified by

the # prompt.

To access the privileged EXEC level from the user EXEC level, enter the enable

command at the > prompt [4].

Figure 5.3: Router Enable Mode.

5.4.2 Configure a Cisco Router

Global configuration mode commands are used in a router to apply configuration

statements that affect the system as a whole. The following command moves the router into

global configuration mode and allows entry of commands from the terminal:

Router#configure terminal

Router(config)#

The prompt will change to indicate that the router is in global configuration mode [4].

5.4.3 Configuring a Router Name

A router should be given a unique name as one of the first configuration tasks. This

task is accomplished in global configuration mode with the following command:

Router(config)#hostname daffodil

Tokyo(config)#

Figure 5.4: Configure Host Name.

When the Enter key is pressed, the prompt will change from the default host name,

which is Router, to the newly configured host name, which is Daffodil.

5.4.4 Configuring Router Passwords

Passwords restrict access to routers. Passwords should always be configured for

virtual terminal (vty) lines and the console line. Passwords are also used to control access to

privileged EXEC mode so that only authorized users may make changes to the configuration

file.

The following commands are used to set an optional but recommended password on the console line:

Router(config)#line console 0

Router(config-line)#login

Router(config-line)#password <password >

Figure 5.5: Configure Password.

A password must be set on one or more of the vty lines for users to gain remote access

to a router through Telnet. Most Cisco routers support five vty lines numbered 0 through 4.

The following commands are used to set a password on vty lines:

Router(config)#line vty 0 4

Router(config-line)#login

Router(config-line)#password <password >

The enable password and enable secret commands are used to restrict access to the privileged

EXEC mode. The enable password is only used if the enable secret has not been set. The

enable secret command should be used because the enable secret command is encrypted. The

enable password command is not encrypted. The following commands are used to set the

passwords:

Router(config)#enable password <password >

Router(config)#enable secret <password >

Sometimes it is undesirable for passwords to be shown in clear text in the output from the

show running-config or show startup-config commands. This command is used to encrypt

passwords in configuration output:

Router(config)#service password-encryption

The service password-encryption command applies a weak encryption to all unencrypted

passwords. The enable secret <password > command uses a strong MD5 algorithm for

encryption [5].

5.4.5 Configuring a Serial Interface

To configure a serial interface these steps are global configuration mode is entered,

interface mode is entered, the interface address and subnet mask are specified, clock rate is

set if a DCE cable is connected. This step is skipped if a DTE cable is connected and the

interface is turned on.

Each connected serial interface must have an IP address and subnet mask to route packets.

Configure the IP address with the following commands:

IP Router(config)#interface serial 0/0

Router(config-if)#ip address <ip address > <netmask >

In the lab environment, the clockrate setting that will be used is 56000. The commands that

are used to set a clock rate and enable a serial interface are as follows:

Router(config)#interface serial 0/0

Router(config-if)#clock rate 56000

Router(config-if)#no shutdown

5.5 WAN Standards

WANs use the OSI reference model, but focus mainly on Layer 1 and Layer 2. WAN

standards typically describe both physical layer delivery methods and data link layer

requirements, including physical addressing, flow control, and encapsulation. WAN

standards are defined and managed by a number of recognized authorities. The physical layer

protocols describe how to provide electrical, mechanical, operational, and functional

connections to the services provided by a communications service provider. Some of the

common physical layer standards are listed in Figure.

The data link layer protocols define how data is encapsulated for transmission remote

sites, and the mechanisms for transferring the resulting frames. A variety of different

technologies are used, such as ISDN, Frame Relay or Asynchronous Transfer Mode (ATM).

These protocols use the same basic framing mechanism, high-level data link control (HDLC),

an ISO standard, or one of its sub-sets or variants [4].

Table 5.1: WAN Standards and WAN Physical Layer Standards

Figure 5.6: WAN Data Link Layer. 5.6 WAN Link Options

Circuit switching establishes a dedicated physical connection for voice or data

between a sender and receiver. Before communication can start, it is necessary to establish

the connection by setting the switches. This is done by the telephone system, using the dialed

number. ISDN is used on digital lines as well as on voice-grade lines.

To avoid the delays associated with setting up a connection, telephone service

providers also offer permanent circuits. These dedicated or leased lines offer higher

bandwidth than is available with a switched circuit. Examples of circuit-switched connections

include:

Plain Old Telephone System (POTS)

ISDN Basic Rate Interface (BRI)

ISDN Primary Rate Interface (PRI) [4].

Figure 5.7: WAN Link Option.

5.7 ISDN

The internal connections, or trunks, of the PSTN have changed from carrying analog

frequency-division multiplexed signals, to time-division multiplexed (TDM) digital signals.

An obvious next step is to enable the local loop to carry digital signals that result in higher

capacity switched connections. Integrated Services Digital Network (ISDN) turns the local

loop into a TDM digital connection. The connection uses 64 kbps bearer channels (B) for

carrying voice or data and a signaling, delta channel (D) for call set-up and other purposes.

Basic Rate Interface (BRI) ISDN is intended for the home and small enterprise and

provides two 64 kbps B channels and a 16 kbps D channel. For larger installations, Primary

Rate Interface (PRI) ISDN is available. The BRI D channels underutilized, as it has only two

B channels to control. Some providers allow the D channel to carry data at low bit rates such

as X.25 connections at 9.6 kbps.

Figure 5.8: BRI and PRI.

Another common application of ISDN is to provide additional capacity as needed on a

leased line connection. The leased line is sized to carry average traffic loads while ISDN is

added during peak demand periods. ISDN is also used as a backup in the case of a failure of

the leased line. ISDN tariffs are based on a per-B channel basis and are similar to those of

analog voice connections. With PRI ISDN, multiple B channels can be connected between

two end points. This allows for video conferencing and high bandwidth data connections with

no latency or jitter. Multiple connections can become very expensive over long distances [4].

Figure 5.9: WAN with ISDN.

5.8 Leased Line

When permanent dedicated connections are required, leased lines are used with

capacities ranging up to 2.5 Gbps. A point-to-point link provides a pre-established WAN

communications path from the customer premises through the provider network to a remote

destination. Point-to-point lines are usually leased from a carrier and are called leased lines.

Leased lines are available in different capacities. These dedicated circuits are generally priced

based on bandwidth required and distance between the two connected points. Point-to-point

links are generally more expensive than shared services such as Frame Relay [4].

Figure 5.10: WAN with a Leased Line.

5.9 X.25

In response to the expense of leased lines, telecommunications providers introduced

packet-switched networks using shared lines to reduce costs. The first of these packet-

switched networks was standardized as the X.25 group of protocols. X.25 provides a low bit

rate shared variable capacity that may be either switched or permanent. X.25 is a network-

layer protocol and subscribers are provided with a network address. Virtual circuits can be

established through the network with call request packets to the target address. The resulting

SVC is identified by a channel number. Data packets labeled with the channel number are

delivered to the corresponding address. Multiple channels can be active on a single

connection. Subscribers connect to the X.25 network with either leased lines or dialup

connections. X.25 networks can also have pre-established channels between subscribers that

provide a PVC. X.25 can be very cost effective because tariffs are based on the amount of

data delivered rather than connection time or distance. X.25 technology is no longer widely

available as a WAN technology in the US. Frame Relay has replaced X.25 at many service

provider locations [4].

Figure 5.11: WAN with X.25.

5.10 Frame Relay

With increasing demand for higher bandwidth and lower latency packet switching,

communications providers introduced Frame Relay. Although the network layout appears

similar to that for X.25, available data rates are commonly up to 4 Mbps, with some providers

offering even higher rates. Frame Relay differs from X.25 in several aspects. Most

importantly, it is a much simpler protocol that works at the data link layer rather than the

network layer.

Most Frame Relay connections are PVCs rather than SVCs. The connection to the

network edge is often a leased line but dialup connections are available from some providers

using ISDN lines. The ISDN D channel is used to set up an SVC on one or more B channels.

Frame Relay tariffs are based on the capacity of the connecting port at the network edge.

Additional factors are the agreed capacity and committed information rate (CIR) of the

various PVCs through the port. Frame Relay provides permanent shared medium bandwidth

connectivity that carries both voice and data traffic. Frame Relay is ideal for connecting

enterprise LANs. The router on the LAN needs only a single interface, even when multiple

VCs are used. The short-leased line to the Frame Relay network edge allows cost-effective

connections between widely scattered LANs [4].

Figure 5.12 Frame Relay.

5.11 DSL

Digital Subscriber Line (DSL) technology is a broadband technology that uses

existing twisted-pair telephone lines to transport high-bandwidth data to service subscribers.

DSL service is considered broadband, as opposed to the baseband service for typical LANs.

Broadband refers to a technique which uses multiple frequencies within the same physical

medium to transmit data. The term xDSL covers a number of similar yet competing forms of

DSL technologies:

1. Asymmetric DSL (ADSL)

2. Symmetric DSL (SDSL)

3. High Bit Rate DSL (HDSL)

4. ISDN (like) DSL (IDSL)

5. Consumer DSL (CDSL)

The two basic types of DSL technologies are asymmetric (ADSL) and symmetric (SDSL).

All forms of DSL service are categorized as ADSL or SDSL and there are several varieties of

each type.

Table 5.2: Download and Upload of DSL

The different varieties of DSL provide different bandwidths, with capabilities

exceeding those of a T1 or E1 leased line. The transfer rates are dependent on the actual

length of the local loop and the type and condition of its cabling. For satisfactory service, the

loop must be less than 5.5 kilometers (3.5 miles). Generally, a subscriber cannot choose to

connect to the enterprise network directly, but must first connect to an Internet service

provider (ISP). From here, an IP connection is made through the Internet to the enterprise.

Thus, security risks are incurred. To address security concerns, DSL services provide

capabilities for using Virtual Private Network (VPN) connections located at the corporate site

[4].

Figure 5.13: DSL Technology

5.12 Cable Modem

Coaxial cable is widely used in urban areas to distribute television signals. Network

access is available from some cable television networks. This allows for greater bandwidth

than the conventional telephone local loop. Enhanced cable modems enable two-way, high-

speed data transmissions using the same coaxial lines that transmit cable television. Some

cable service providers are promising data speeds up to 6.5 times that of T1 leased lines. This

speed makes cable an attractive medium for transferring large amounts of digital information

quickly, including video clips, audio files, and large amounts of data. Information that would

take two minutes to download using ISDN BRI can be downloaded in two seconds through a

cable modem connection.

Figure 5.14: Cable Modem.

5.13 WAN Design

5.13.1 WAN Communication

WANS are considered to be a set of data links connecting routers on LANs. User end

stations and servers on LANs exchange data. Routers pass data between networks across the

data links. Because of cost and legal reasons, a communications provider or a common carrier

normally owns the data links that make up a WAN. The links are made available to

subscribers for a fee and are used to interconnect LANs or connect to remote networks. WAN

data transfer speed (bandwidth) is considerably slower than the 100 Mbps that is common on

a LAN. The charges for link provision are the major cost element of a WAN and the design

must aim to provide maximum bandwidth at acceptable cost. Pressure to provide more

service access at higher speeds and management pressure to contain cost, determining the

optimal WAN configuration is not an easy task [4].

Figure 5.15: Modern WAN.

5.13.2 Steps in WAN Design

Designing a WAN can be a challenging task, but approaching the design in a

systematic manner can lead to superior performance at a reduced cost. Many WANs have

evolved over time, therefore many of the guidelines discussed here may not have been

considered. Every time a modification to an existing WAN is considered, the steps in this

module should be followed. WAN modifications may arise from changes such as an

expansion in the enterprise the WAN serves, or accommodation of new work practices and

business methods. Enterprises install WAN connectivity because there is a need to move data

in a timely manner between external branches. In designing the WAN, it is necessary to know

what data traffic must be carried, its origin, and its destination. WANs carry a variety of

traffic types with varying requirements for bandwidth, latency, and jitter.

Table 5.3: Comparing WAN Traffic Types

For each pair of end points and for each traffic type, information is needed on the

various traffic characteristics. Determining this may involve extensive studies of and

consultation with the network users. The design often involves upgrading, extending, or

modifying an existing WAN. Much of the data needed can come from existing network

management statistics. Knowing the various end points allows the selection of a topology or

layout for the WAN. [4].

Table 5.4: WAN Technology

CHAPTER 6

SERVER CONFIGURATION

6.1 Introduction

Here various types of servers configuration and what theirs functions are discussed.

They are DNS server, Web server, Mail server, Proxy server, FTP server and DHCP server.

6.2 DNS Server

The Domain name System (DNS) is a distributed Internet directory service. DNS is

used mostly to translate between domain names and IP addresses, it also control Internet

email delivery. Most Internet services rely on DNS to work, and if DNS fails, most of the

service fails, and the total operation stalls.

DNS converts machine manes into IP addresses that all machines on the net have. It

translates from name to the address and address to name, and some other things.

A mapping is simply an association between two things, in this case a machine name,

like ftp.linux.org and the machine’s IP address (or address) 199.249.150.4. DNS also contain

the other way from the IP number to the machine name; this is called a “reverse mapping”.

A DNS server is also known as nameserver (NS). These servers come in three

varieties;

Master (also called primary)

Slave (also called secondary)

Caching [6]

6.2.1 Configuration of Caching only DNS

Caching DNS server stores most frequently information to reduce lookup overload of

subsequent queries. Setting up a caching DNS server is fairly straightforward and works

weather or not the ISP providers are static or dynamic Internet IP address. It works only to

translate IP address and name from other name server. All DNS server runs with checking

only name server facilities by default [6].

6.2.2 Configuration of Master DNS (Primary)

If any company wishes to run e-mail and website for registered domain then it needs

to an automotive name server. If they are running a broadband ISP, they are not running their

own e-mail and web, they just need authoritative name server. A caching nameserver is used

only as reference and regular nameservers are used as the authoritative source of

information. Edit “/etc/named.conf” files as follws

#/etc/named.conf

// generated by named-bootconf.pl

options {

directory "/var/named";

* If there is a firewall between you and nameservers you want

* to talk to, you might need to uncomment the query-source

zone "." IN {

type hint;

file "named.ca";

};

zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

};

zone "sufi.com.bd" IN {

type master;

file "sufi.com.bd.zone";

allow-update { 203.91.147.4; };

};

zone "147.91.203.in-addr.arpa" IN {

type master;

file "sufi.com.bd.rev";

allow-update { 203.91.147.4; };

}; [6].

6.2.3 Configuration of Slave DNS (Secondary)

Secondary DNS server backups a copy of primary name servers zone files. It can

resolve all queries like primary name server. It always transfer newly configured /edited zone

files of primary.

Install all required packages required for DNS. It needs to configure/etc/named.com file.

#etc/named.conf

// generated by named-bootconf.pl

options {

directory "/var/named";

query-source address * port 53;

};

zone "." IN {

type hint;

file "named.ca";

};

zone "sufi.com.bd" IN {

type slave;

file "sufi.com.bd.zone";

masters { 203.91.147.3 ; };

allow-update { 203.91.147.3; };

};

zone "0.0.127.in-addr.arpa" IN {

type slave;

masters { 203.91.147.3 ; };

file "named.local";

allow-update { 203.91.147.3; };

};

zone "147.91.203.in-addr.arpa" IN {

type slave;

masters { 203.91.147.3 ; };

file "sufi.com.bd.rev";

allow-update { 203.91.147.3; };

};

Now restart the name service to reload the configuration

[root@nsl src] # killall named

[root@nsl src] # service name start [6].

6.3 Web Server

A web server satisfies web browsers query by sending web page. Web servers also

support some server side modules, which is required forward advanced operation.

Apache is the most popular web server on the Internet. The Apache HTTP Server

project is an effort to develop and maintain an open source HTTP server for modern

operating systems including UNIX and Windows NT [8].

6.3.1 Configuration of Web Server

The main configuration file used by apache is “/etc/http/conf/ httpd.conf”. Some other

configuration file is ““/etc/httpd/conf.d/*”” [6].

6.3.2 Configuration of Virtual Host

Virtual host means hosting many wavesites in a single server.There are two type of

virtual hosting available, “Name Based” and “IP based”. Name based virtual hosting is the

most popular hosting because it reduce IP wastes. Virtual hosting works in a very sequential

procedure.As explained on the apache website: “When a request arrives, the server will first

check if it is using an IP address. That matches the NameVirtualHost. If it is, then it will look

at each <VirtualHost> section with a matching IP address and try to find one where

ServerName matches the requested hostname. If it finds one, then it uses the configuration for

that server. If no matching virtual host is found, then the first listed virtual host that matches

the IP address will be used” [6].

NameVirtualHost:

This directive specifics the web srver’s IP and port for Virtual web hosting. This is

usually web servers IP address. Port number is optional is sometime. NameVirtualhost

202.161.151.3: 80

<VietualHost>:

This section in the file tells Apache where it should look for web pages, used

on each we site. It contains log location also. It must be satisfied that the IP

address for which each <VirtualHost> section applied. The format of virtual hosting:

<VirtualHost 202.161.151.3>

Directives for site #1

</VirtualHost>

Examples of virtual hosting is given below:

#Virtual Host for Default Web

<VirtualHost 203.91.147.3>

ServerAdmin webmaster@sufi.com.bd

DocumentRoot "/var/www/html

ServerName www.sufi.com.bd

ErrorLog logs/www.sufi.com.bd_log

TransferLog logs/www.sufi.com.bd.access

</VirtualHost>

#Virtual for Mail

<VirtualHost 203.91.147.3>

ServerAdmin webmaster@sufi.com.bd

DocumentRoot "/var/www/html/mail”

ServerName mail.sufi.com.bd

ErrorLog logs/mail.sufi.com.bd_log

TransferLog logs/mail.sufi.com.bd.access

</VirtualHost> [6].

6.4 Mail Server

Electronics e-mail is the most continent method in today’s communication. It is one of

the most important public service for an ISP. Every service provider need to provide facility

for sending and receiving mail for each other. Sendmail is an incredibly powerful mail

program. Sendmail is responsible for sending mail to a remote user’s mailbox and receiving

mail from them. Mail server mainly uses POP and SMTP service [8].

Configuration Sendmail by.mc Approach

/etc/mail/sendmail.cf is the main configuration file of sendmail daemon. There are

some other supported configurations files exist in the same directory. The files are

combination of three types of architecture. The main configuration and few files are macro

files(m4). The “m4” command is generating macros according to “sendmail.me” files.

[root@mxlusr] # m4 /etc/mail/sendmail.mc >/etc/mail/sendmail.cf

[root@mxlusr] # service sendmail restart

When find the server being used to really mail for SPAM email sights. Configuring the

/etc/mail/access file will not stop SPAM is coming, only spam flowing through it [9].

Localhos.localdomain RELAY

localhost RELAY

127.0.0.1 RELAY

203.91.147.55 RELAY

202.161.151 RELAY

info.com.bd RELAY

6.5 Proxy Server

Proxy Server satisfies web browser’s query by sending requests web page. Proxy does

not main operations. First option is to reduce internet bandwidth charge. And the second

options is to limit web access to authorized user/pc. Proxy servers can dramatically improve

performance for groups of users. This is because it saves the results of all requests for a

certain amount of time. A case is considered where both user X and user Y can access the

World Wide Web through a proxy server. First user X requests a certain Web page, which is

called Page 1. Sometime later, user Y requests the same page. Instead of forwarding the

request to the Web server where Page 1 resides, which can be a time-consuming operation,

the proxy server simply returns the Page 1 that it already fetched for user X. Since the proxy

server is often on the same network as the user, this is a much faster operation. Real proxy

servers support hundreds or thousands of users. Proxy servers can also be used to filter

requests. For example, a company may use a proxy server to prevent its employees from

accessing a specific set of Web sites.

Squid is a high performance proxy-caching server for web clients, supporting, FTP

data, gopher and HTTP data objects. Squid handle all requests in a single, non-blocking ,

I/O-driven process[6].

Configuring Squid

Configure it to run each time when systems boots

[root@proxy tmp] # rmp -Uvh squid-2.5.STABLE1-2.i368.rmp

[root@squid] # chkconfig squid on

The main configuration file is “ squid.conf”. This file is heavenly commented.

# TAG: http_port

# Usage: port

# hostname:port

# 1.2.3.4:port

# The socket addresses where Squid will listen for HTTP client

# requests. You may specify multiple socket addresses.

# There are three forms: port alone, hostname with port, and

# IP address with port. If you specify a hostname or IP

# address, then Squid binds the socket to that specific

# address. This replaces the old 'tcp_incoming_address'

# option. Most likely, you do not need to bind to a specific

# address, so you can use the port number alone.

# number listed here. That option will NOT override an IP

# address, however.

# You may specify multiple socket addresses on multiple lines.

# If you run Squid on a dual-homed machine with an internal

# and an external interface then we recommend you to specify the

# internal address:port in http_port. This way Squid will only be

# visible on the internal address.

#Default:

http_port 8080 [6]

6.6 FTP Server

Nowadays it is essential to keep some important files like CV, Adders book, personal

profile in some place that would be available for everywhere in the world. It is possible

through the Internet. If any person transfers to large number/size of files over Internet, he

needs FTP. FTP is the most convenient for transferring private/public files. Private files can

be shared by username and password authentication. All ftp servers by default support this

method.

If any one wishes to share public files, he needs to autonomous FTP server. Sites that

need to exchange files with numerous unknown remote users use autonomous FTP.

Configuring vsftpd

Vfsed onlyreadsthe contentsof its /etc/vsftpd.comf or /etc/vsftpd/vsftpd.conf

configuration file when it starts. By default,VSFTP run as an anonymous FTP server. Any

remote user to log into his default FTP directory using a username of “ananoymous” and a

password that’s same as their email address .The configuration file’s anonymous_enable

instruction can be command out by using a “#” to disable this feature. By default, VSFTP

only allows anonymous FTP downloads to remote users, not uploads from them. Also by

default, VSFTP doesn’t allow remote users to create directories on the FTP server and it logs

FTP access to the /var/log/vsftpd.log log file.

The configuration file is fairly straight forward. Remove/add the “# at the beginning

of the line to “activate/deactivate” the feather of each line[2].

## Example config file /etc/vsftpd.conf

#

# The default compiled in settings are very paranoid. This sample file

# loosens things up a bit, to make the ftp daemon more usable.

#

# Allow anonymous FTP?

# anonymous_enable=YES

#

# Uncomment this to allow local users to log in.

local_enable=YES

# Activate directory messages - messages given to remote users when they

# go into a certain directory.

dirmessage_enable=YES

#

# Activate logging of uploads/downloads.

xferlog_enable=YES

#

# Make sure PORT transfer connections originate from port 20 (ftp-data).

connect_from_port_20=YES

#

# You may override where the log file goes if you like. The default is shown

# below.

xferlog_file=/var/log/vsftpd.log [2].

6.7 DHCP Server

The Dynamic Host Configuration Protocol (DHCP) provides a framework for passing

configuration information to the host on a TCP/IP network. DHCP consists of two

components: a protocol for delivering host-specific configuration parameters and a

mechanism for allocation of network address.

If any company has 100 computers and they need to assign regular all IP and other

parameters manually, it will become nightmare. They can solve it easily with DHCP Server.

DHCP can assign those 100 computers automatically. Nowadays DHCP server supports

many security features, which allows administrator to assign specific IP address specific host

[6].

Installing and configuring DHCPD

DHCP server and client are included into RedHat CD ROM .Install the .rmp.

Configure to run at boot time.

[root @dhcp usr] # rmp-Uvh dhcp-3.0pll-20.i386.rmp

[root @dhcp usr] # checkconfig dhcpd on

When DHCP starts, it reads the file the file/etc/dhcp/.conf. This file contains

configuration of DHCP server. Normally there is find a simple coppy of dhcpd.conf in the

“/user/share/doc/dhcp- <version-number>/” directory. Coppy it into /etc fplder as dhcpd.conf.

[root @dhcp usr] # cp /usr/share/doc/dhcp-

version/dhcpd.conf.sample /etc/dhcpd.conf

Here is a quick explation of the “dhcp.conf” file: Most importantly, there must be a

“subnet” section for each interface of the server.

subnet 192.168.1.0 netmask 255.255.255.0 {

  # The range of IP addresses the server will issue to clients

range 192.168.1.201 192.168.1.220;  # Set time in seconds that a client may keep the IP address

default-lease-time 86400; max-lease-time 86400;  # Set the NTP server to be used by clients

Now restart “dhcpd” daemon to take effect. To restart DHCPD every time change to

the conf file.

[root@ dhcp usr] # /etc/init.d/dhcpd restart

Finally, always remember to set the PC to get its IP address via DHCP.

”/var/log/message” can be seen to find error and exception occurrencnce with DHCP [6].

CHAPTER 7

CONCLUSION

In this internship, a network of an ISP(Internet Service Provider) has been set up. An ISP

gives us Internet facilities, which help us to communicate with other network in the world.

In our country ICT sector growing vast for this, needs of an ISP is more essential to

improve this sector. At present Information Technology (IT) is a subject of widespread

interest in Bangladesh. A tremendous activity is going on in every sector including e-

commerce, e-governance, computer networking, Internet, web browsing, web applications,

multimedia product development etc. In this sense the project on ISP has been undertaken. In

this project switch and routers have also been configured. And different kinds of application

servers have also been configured under LINUX environment. It also has been shown that

how can an ISP give the client facilities and distribute services.

By doing this internship lot of experiences has been gathered. There many technical

problems have been faced and the corresponding solutions of these problems have been made

which extensively improve the knowledge and skill during this project. Finally it has been

learned by deploying the networking capabilities using LINUX how a corporate network can

be implemented which provides the best security and service.

REFERENCES

[1] http://en.wikipedia.org/wiki/History_of_the_Internet

[2] Behrouz A. Frouzan “Data Communication and Networking”,Third Edition, Tata

McGrawPublishing Company Limited (2004).

[3] CGS communication.

H # 43, R # 4A, Dhanmondi R/A, Dhaka-1209.

[4] www.cisco.netacat.net

[5] Abu Jafar Md. Masud Karim, “Internet and Intranet Connections in ISP”, B.Sc. Thesis,

Department of Electronics and Telecommunication Engineering, Daffodil International

University, June 2007.

[6] “Sufi Faruq Ibon Abubakar, “ISP Setup Manual”(First Edution), Sufi & Associates

Interworking Series, June 2005.

[7] Cisco “CCNA Cource Material” (Student Version 3.1)

[8] RedHat 7.3 Documentation provided by RedHat Inc.

[9] Top-Down Network Design, Priscilla Oppenheiment,Techmedia.

[10] http://linux.about.com