Report
-
Upload
aditya-pratap-singh -
Category
Documents
-
view
135 -
download
0
Transcript of Report
SUMMER TRAINING REPORT ON
“NETWORKING INFRASTRUCTURE
OF ONGC”
SUMMER TRAINING REPORT
ON
“NETWORKING INFRASTRUCTURE
OF ONGC”
Submitted in the partial fulfillment of the requirement for the award of degree
BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE & ENGINIEERING
SUPERVISED BY: SUBMITTED BY:Mr. HARISH KUMAR ADITYA PRATAP SINGHChief Engineer (E & T) 0581152707Corporate Infocom Services ONGC
Bharati Vidyapeeth College of Engineering GGS Indraprastha University, Delhi – 6 (2007-2011)
ACKNOWLEDGEMENT
I take this opportunity to express my profound sense of gratitude and appreciation to all those who helped me throughout the duration of this project.My thanks to the HEAD ONGC Academy, Dehradun for allowing me to undergo 8 weeks training in ONGC Delhi.First and foremost, I would like to express my thanks to Shri Harish Kumar, Chief Engineer (E & T), Corporate Infocom Services, ONGC, DELHI for providing guidance and expert supervision for this project and giving crucial feedback that are critical in the development of the project, without which I would not have been able to complete the project.I would also like to give my special thanks to Mr M. THYAGARAJ, Executive Director - Chief Infocom Officer, ONGC for his encouragement, support and providing necessary facilities.I am truly thankful to the entire networking team of ONGC, New Delhi for their support and timely help in solving problems related to Computer Networks and Data Centre from time to time. I would specially like to thanks Mr.Sajjan Singh of networking team for continuous efforts and guidance in respect of understanding theoretical and practical aspects of computer networking.This report acknowledges to the intense driving and technical competence of the entire individuals that have contributed to it. It would have been almost impossible to make a report without the support of these people. Last but not the least, I would like to thanks my H.O.D Alok Basu for helping me understand the organisational networking needs and encouraging me for undergoing the training.
Aditya Pratap Singh
CERTIFICATE
Certified that this project entitled “NETWORKING INFRASTRUCTURE
OF ONGC” submitted by Mr. Aditya Pratap Singh 05811520707 in the partial
fulfillment of the requirement for the award of Bachelor of Technology
(Computer Science &Engineering) degree of BVCOE, GGSIPU, Delhi is a
record of students own study carried under my supervision & guidance. This
report has not been submitted to any other university or institution for the
award of any degree.
PROJECT LEAD PROJECT GUIDEMr. HARISH KUMAR Mr. SAJJAN SINGHChief Engineer (E & T) Network AdministratorCorporate Infocom Services ONGCONGC
CONTENTS
1. ONGC
1.1 History
1.2 ONGC videsh
1.3 International rankings
1.4 Institutes of ONGC
2. Computer Networking and Reference Models
2.1 Definition
2.2 History of computer netwoks
2.3 OSI and TCP/IP models
3. Local Area Network (LAN)
3.1 Definition
3.2 LAN topologies
3.3 LAN technologies
4. Wide Area Network (WAN)
4.1 Definition
4.2 WAN design options
4.3 WAN connection techniques
5. Virtual LAN (VLAN)
5.1 Definition
5.2 Advantages
6. Routers and Routing
6.1 Definition
6.2 Routers at Layer 3
6.3 Router Hardware
6.4 Startup Procedure of a Router
6.5 Packet Flow in a routed networks
6.6 Routing Protocols
7. LAN Switching
7.1 Definition
7.2 L2 switching
7.3 L3 switching
7.4 L4 switching
7.5 Multilayer Switching
8. Virtual Private Networks (VPN)
8.1 History
8.2 Classification
8.3 Security mechanism
9. ONGC Network Diagrams
9.1 SM data center infocom
9.2 SM data center server connectivity
9.3 SM floor connectivity
9.4 SM WAN links
9.5 WAN links Delhi
10. LOTUS- The mailing system at ONGC
10.1 Definition
10.2 Features
11. Conclusion
OIL AND NATURAL GAS
CORPORATION LIMITED
(ONGC)
Oil and Natural Gas Corporation Limited (ONGC) (incorporated
on 23 June 1993) is a state-owned oil and gas company in India. It is a
Fortune Global 500 company ranked 152nd, and contributes 77% of
India's crude oil production and 81% of India's natural gas production.
It is the highest profit making corporation in India. It was set up as a
commission on 14 August 1956. Indian government holds 74.14%
equity stake in this company.
ONGC is one of Asia's largest and most active companies involved in
exploration and production of oil. It is involved in exploring for and
exploiting hydrocarbons in 26 sedimentary basins of India. It
produces about 30% of India's crude oil requirement. It owns and
operates more than 11,000 kilometres of pipelines in India.
History
Foundation
In August 1960, the Oil and Natural Gas Commission was formed.
Raised from mere Directorate status to Commission, it had enhanced
powers. In 1959, these powers were further enhanced by converting
the commission into a statutory body by an Act of Indian Parliament.
1960-2007
Since its foundation stone was laid, ONGC is transforming India’s
view towards Oil and Natural Gas by emulating the country’s limited
upstream capabilities into a large viable playing field. ONGC, since
1959, has made its presence noted in most parts of India and in
overseas territories. ONGC found new resources in Assam and also
established the new oil province in Cambay basin (Gujarat). In 1970
with the discovery of Bombay High (now known as Mumbai High),
ONGC went offshore. With this discovery and subsequent discovery
of huge oil fields in the Western offshore, a total of 5 billion tonnes of
hydrocarbon present in the country was discovered. The most
important contribution of ONGC, however, is its self-reliance and
development of core competence in exploration and production
activities at a globally competitive level.
Post-1990
Post 1990, the liberalized economic policy was brought into effect,
subsequently partial disinvestments of government equity in Public
Sector Undertakings were sought. As a result, ONGC was re-
organized as a limited company and after conversion of business of
the erstwhile Oil & Natural Gas Commission to that of Oil and
Natural Gas Corporation Ltd in 1993, 2 percent of shares through
competitive bidding were disinvested. Further expansion of equity
was done by 2 percent share offering to ONGC employees. Another
big leap was taken in March 1999, when ONGC, Indian Oil
Corporation (IOC) and Gas Authority of India Ltd.(GAIL) agreed to
have cross holding in each other’s stock. Consequently the
Government sold off 10 per cent of its shareholding in ONGC to IOC
and 2.5 per cent to GAIL. With this, the Government holding in
ONGC came down to 84.11 per cent. In 2002-03 ONGC took over
Mangalore Refinery and Petrochemicals Limited (MRPL) from Birla
Group and announced its entrance into retailing business. ONGC also
went to global fields through its subsidiary, ONGC Videsh Ltd.
(OVL).
In 2009, ONGC discovered a massive oil field, with up to 1 billion
barrel reserves of heavy crude, in the Persian Gulf off the coast of
Iran. Additionally, ONGC also signed a deal with Iran to invest US$3
billion to extract 1.1 billion cubic feet of natural gas from the Farzad
B gas field.
ONGC Videsh
ONGC Videsh is the international arm of ONGC. ONGC has made
major investments in Vietnam, Sakhalin and Sudan and earned its first
hydrocarbon revenue from its investment in Vietnam.
International rankings
ONGC has been ranked at 198 by the Forbes Magazine in their
Forbes Global 2000 list for the year 2007.
ONGC has featured in the 2008 list of Fortune Global 500
companies at position 335, a climb of 34 positions from rank of
369 in 2007.
ONGC is ranked as Asia’s best Oil & Gas company, as per a
recent survey conducted by US-based magazine ‘Global
Finance’
2nd biggest E&P company (and 1st in terms of profits), as per
the Platts Energy Business Technology (EBT) Survey 2004
Ranks 24th among Global Energy Companies by Market
Capitalization in PFC Energy 50 (December 2004).
Economic Times 500, Business Today 500, Business Baron 500
and Business Week recognize ONGC as most valuable Indian
corporate, by Market Capitalization, Net Worth and Net Profits.
Various Institutes Of ONGC
IRS: Institute of Reservoir Studies
The Institute of Reservoir Studies (IRS) was founded in 1978 as a
single-source and multi-service reservoir engineering agency with the
objectives to:
Maximize hydrocarbon recovery at minimum cost
Provide holistic reservoir description through integration of all data
Maximize the value of proven reserves with conventional and
improved recovery techniques
Enhance the skills and knowledge for better reservoir management
Since its inception, IRS has contributed effectively in the
development of new concepts and innovative techniques besides
adopting state-of-the-art technological advancements as part of its
concern. All investment decisions of ONGC regarding hydrocarbon
exploitation are based on the recommendations given by the IRS.
IRS's resources include 12 modern laboratories with latest equipment
supported by comprehensive engineering services. Over 15 multi-
disciplinary teams, for field development planning and continuous
reservoir management, utilize the latest workstations configured over
an institute wide network. A 400 seat Technical Seminar Hall,
equipped with the latest audio-visual facilities and interpreter desks
provides an ideal setup for technical presentations and conferences.
The IRS library contains a wide range of books ranging from
exploration to revenue management. It also subscribes to various
petroleum industry related journals and magazines. A full set of SPE
papers on microfiche and compact disks are available in the library.
Seamless access to the internet is also available throughout the
Institute through a lease line.
The Institute has been modeled around the concept of 'collaboration
and interaction' to accelerate the process of completing the studies,
improve confidence by using the strengths of latest software and
hardware and increase the accuracy of forecasting. IRS has a
membership and technology transfer agreement with M/s Computer
Modelling Group (CMG) Calgary, Canada. The Institute also has a
technical collaboration for investigation in High-Pressure Air
Injection (HPAI) as Improved Oil Recovery (IOR) process in medium
and light oil reservoirs with the University of Calgary, Canada.
IEOT: Institute of Engineering and Ocean Technology
The Institute of Engineering and Ocean Technology (IEOT) was
founded in 1983 to achieve self-reliance in technology by innovation,
development and acceleration of the future plans of ONGC. The
Institution has developed expertise in the fields of Concept Evaluation
& Risk Analysis, Geo-technical Engineering, Structural Engineering
and Materials& Corrosion Engineering.
The major strength of IEOT lies in its highly qualified, trained and
motivated technical manpower and various advanced laboratories and
the state-of-the-art software for analytical studies.
In search of excellence, IEOT has acquired ISO-9001 Certificate
through implementation of quality assurance system. The Geo-
technical Laboratory and Materials & Corrosion laboratory of IEOT
have both been accredited by National Accreditation Board for
Testing and Calibration Laboratories (NABL) of Department of
Science & Technology, Government of India.
The Institute is abreast with the advanced technologies through in-
house and collaborative R&D efforts and institutional cooperation
programmes with national and international institutes.
IEOT has collaborations with premier research and academic
institutions like Indian Institute of Technology, Mumbai; Bhaba
Atomic Research Centre, Mumbai; Structural Engineering
Research Centre, Chennai; Central Electrochemical Research
Institute, Karaikudi and various other universities for carrying out
studies on different problems related to engineering in oil and gas
industry.
The Institute has also entered into collaboration with Norwegian
Geotechnical Institute (NGI), Norway in the areas like deep-water
soil testing and foundation design. More such collaborations are on
the anvil with Norwegian Institutes in the areas of offshore structural
engineering and Risk & Reliability analysis.
IEOT has already opened its doors to offer specialized services to
outside industry clients and towards that end, it has geared itself to
provide a cutting edge through innovative and radical technologies in
its value added services to the esteemed clients.
IOGPT: Institute of Oil and Gas Production Technology
To meet the technological requirements of oil and gas production, the
Institute of Oil & Gas Production Technology (IOGPT) was
established in 1984 at Panvel about 50 km from Mumbai airport
amidst picturesque surroundings on the Mumbai-Pune Highway. The
objective was to improve the economics of operations and boost
indigenous hydrocarbon production. This is the first institute in the
country to provide integrated R&D support to the entire spectrum of
oil and gas production, beginning with well/field production analysis
to transmission to consumer point. The Institute has the distinction of
providing specialized training including simulator based training to
production engineers.
IOGPT has equipped itself with advanced information technology
tools to keep pace with the ever-changing technology. While
sophisticated computing facilities cater to the computational needs, a
well-designed library with electronic information search facility
through Internet and CD-ROMs and well-stocked books and
international journals on petroleum technology cater to the
information needs. The Institute also has collaboration with many
national/international premier research institutions to share the latest
technological developments in its gamut of operations.
Beyond the quality focus, in pursuit of excellence, IOGPT has also
been awarded the prestigious ISO-9001 Certification.
Over the years, IOGPT has completed about 600 projects related to
various aspects of petroleum technology. Software worth over $0.9
million has also been developed by the Institute.
Some other institutes of ONGC are:
Keshava Deva Malavia Institute of Petroleum Exploration
(KDMIPE), Dehradun.
Institute of Drilling Technology (IDT), Dehradun.
Geo- data Processing and Interpretation Center (GEOPIC),
Dehradun.
ONGC academy, Dehradun.
Institute of Petroleum Safety, Health and Environment
Management, Goa.
Institute of Biotechnology and Geotectonic Studies, Jorhat.
School of Maintenance practices, Vadodara.
Regional Training Institutes, Navi Mumbai, Chennai, Sivasagar
and Vadodara.
COMPUTER NETWORKING AND
REFERENCE MODELS
Computer Networking is the engineering discipline concerned with
the communication between computer systems or devices. A
computer network is any set of computers or devices connected to
each other with the ability to exchange data. Computer networking is
sometimes considered a sub-discipline of telecommunications,
computer science, information technology and/or computer
engineering since it relies heavily upon the theoretical and practical
application of these scientific and engineering disciplines. The three
types of networks are: the Internet, the intranet, and the extranet.
Examples of different network methods are:
Local area network (LAN), which is usually a small network
constrained to a small geographic area. An example of a LAN
would be a computer network within a building.
Metropolitan area network (MAN), which is used for medium
size area. examples for a city or a state.
Wide area network (WAN) that is usually a larger network that
covers a large geographic area.
Wireless LANs and WANs (WLAN & WWAN) are the wireless
equivalent of the LAN and WAN.
All networks are interconnected to allow communication with a
variety of different kinds of media, including twisted-pair copper wire
cable, coaxial cable, optical fiber, power lines and various wireless
technologies. The devices can be separated by a few meters (e.g. via
Bluetooth) or nearly unlimited distances (e.g. via the interconnections
of the Internet). Networking, routers, routing protocols, and
networking over the public Internet have their specifications defined
in documents called RFCs.
Views of networks
Users and network administrators often have different views of their
networks. Often, users who share printers and some servers form a
workgroup, which usually means they are in the same geographic
location and are on the same LAN. A community of interest has less
of a connection of being in a local area, and should be thought of as a
set of arbitrarily located users who share a set of servers, and possibly
also communicate via peer-to-peer technologies.
Network administrators see networks from both physical and logical
perspectives. The physical perspective involves geographic locations,
physical cabling, and the network elements (e.g., routers, bridges and
application layer gateways that interconnect the physical media.
Logical networks, called, in the TCP/IP architecture, subnets, map
onto one or more physical media. For example, a common practice in
a campus of buildings is to make a set of LAN cables in each building
appear to be a common subnet, using virtual LAN (VLAN)
technology.
Both users and administrators will be aware, to varying extents, of the
trust and scope characteristics of a network. Again using TCP/IP
architectural terminology, an intranet is a community of interest under
private administration usually by an enterprise, and is only accessible
by authorized users (e.g. employees). Intranets do not have to be
connected to the Internet, but generally have a limited connection. An
extranet is an extension of an intranet that allows secure
communications to users outside of the intranet (e.g. business
partners, customers).
Informally, the Internet is the set of users, enterprises,and content
providers that are interconnected by Internet Service Providers (ISP).
From an engineering standpoint, the Internet is the set of subnets, and
aggregates of subnets, which share the registered IP address space and
exchange information about the reachability of those IP addresses
using the Border Gateway Protocol. Typically, the human-readable
names of servers are translated to IP addresses, transparently to users,
via the directory function of the Domain Name System (DNS).
Over the Internet, there can be business-to-business (B2B), business-
to-consumer (B2C) and consumer-to-consumer (C2C)
communications. Especially when money or sensitive information is
exchanged, the communications are apt to be secured by some form
of communications security mechanism. Intranets and extranets can
be securely superimposed onto the Internet, without any access by
general Internet users, using secure Virtual Private Network (VPN)
technology.
When used for gaming one computer will have to be the server while
the others play through it.
History of computer networks
Before the advent of computer networks that were based upon some
type of telecommunications system, communication between
calculation machines and early computers was performed by human
users by carrying instructions between them. Many of the social
behaviors seen in today's Internet were demonstrably present in the
nineteenth century and arguably in even earlier networks using visual
signals.
In September 1940 George Stibitz used a teletype machine to send
instructions for a problem set from his Model at Dartmouth College in
New Hampshire to his Complex Number Calculator in New York and
received results back by the same means. Linking output systems like
teletypes to computers was an interest at the Advanced Research
Projects Agency (ARPA) when, in 1962, J.C.R. Licklider was hired
and developed a working group he called the "Intergalactic Network",
a precursor to the ARPANet.
In 1964, researchers at Dartmouth developed the Dartmouth Time
Sharing System for distributed users of large computer systems. The
same year, at MIT, a research group supported by General Electric
and Bell Labs used a computer DEC's to route and manage telephone
connections.
Throughout the 1960s Leonard Kleinrock, Paul Baran and Donald
Davies independently conceptualized and developed network systems
which used datagrams or packets that could be used in a network
between computer systems.
1965 Thomas Merrill and Lawrence G. Roberts created the first wide
area network (WAN).
The first widely used PSTN switch that used true computer control
was the Western Electric introduced in 1965.
In 1969 the University of California at Los Angeles, SRI (in
Stanford), University of California at Santa Barbara, and the
University of Utah were connected as the beginning of the
ARPANET network using 50 kbit/s circuits. Commercial services
using X.25 were deployed in 1972, and later used as an underlying
infrastructure for expanding TCP/IP networks.
Computer networks, and the technologies needed to connect and
communicate through and between them, continue to drive computer
hardware, software, and peripherals industries. This expansion is
mirrored by growth in the numbers and types of users of networks
from the researcher to the home user.
Today, computer networks are the core of modern communication.
All modern aspects of the Public Switched Telephone Network
(PSTN) are computer-controlled, and telephony increasingly runs
over the Internet Protocol, although not necessarily the public
Internet. The scope of communication has increased significantly in
the past decade, and this boom in communications would not have
been possible without the progressively advancing computer network.
OSI AND TCP/IP MODEL:
The Open Systems Interconnection reference model is a layered,
abstract representation created as a guideline for network protocol
design. The OSI model divides the networking process into seven
logical layers, each of which has unique functionality and to which
are assigned specific services and protocols.
In this model, information is passed from one layer to the next,
starting at the Application layer on the transmitting host, and
proceeding down the hierarchy to the Physical layer, then passing
over the communications channel to the destination host, where the
information proceeds back up the hierarchy, ending at the Application
layer.
The Application layer
This is the top layer of both the OSI and TCP/IP models. It is the
layer that provides the interface between the applications we use to
communicate and the underlying network over which our messages
are transmitted. Application layer protocols are used to exchange data
between programs running on the source and destination hosts. There
are many Application layer protocols and new protocols are always
being developed.
Although the TCP/IP protocol suite was developed prior to the
definition of the OSI model, the functionality of the TCP/IP
application layer protocols fit roughly into the framework of the top
three layers of the OSI model: Application, Presentation and Session
layers.
Most TCP/IP application layer protocols were developed before the
emergence of personal computers, graphical user interfaces and
multimedia objects. As a result, these protocols implement very little
of the functionality that is specified in the OSI model Presentation and
Session layers.
The Presentation Layer
The Presentation layer has three primary functions:
Coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by the appropriate
application on the destination device.
Compression of the data in a manner that can be decompressed by the
destination device.
Encryption of the data for transmission and the decryption of data
upon receipt by the destination.
Presentation layer implementations are not typically associated with a
particular protocol stack. The standards for video and graphics are
examples. Some well-known standards for video include QuickTime
and Motion Picture Experts Group (MPEG). QuickTime is an Apple
Computer specification for video and audio, and MPEG is a standard
for video compression and coding.
Among the well-known graphic image formats are Graphics
Interchange Format (GIF), Joint Photographic Experts Group (JPEG),
and Tagged Image File Format (TIFF). GIF and JPEG are
compression and coding standards for graphic images, and TIFF is a
standard coding format for graphic images.
The Session Layer
As the name of the Session layer implies, functions at this layer create
and maintain dialogs between source and destination applications.
The Session layer handles the exchange of information to initiate
dialogs, keep them active, and to restart sessions that are disrupted or
idle for a long period of time.
Most applications, like web browsers or e-mail clients, incorporate
functionality of the OSI layers 5, 6 and 7.
The Transport Layer
The Transport layer provides for the segmentation of data and the
control necessary to reassemble these pieces into the various
communication streams. Its primary responsibilities to accomplish
this are:
Tracking the individual communication between applications on the
source and destination hosts
Segmenting data and managing each piece
Reassembling the segments into streams of application data
Identifying the different applications
The Network Layer
The Network layer, or OSI Layer 3, provides services to exchange the
individual pieces of data over the network between identified end
devices. To accomplish this end-to-end transport, Layer 3 uses four
basic processes:
Addressing
Encapsulation
Routing
Decapsulation
The Data Link Layer
The Data Link layer provides a means for exchanging data over a
common local media.
The Data Link layer performs two basic services:
Allows the upper layers to access the media using techniques such as
framing
Controls how data is placed onto the media and is received from the
media using techniques such as media access control and error
detection
The physical layer
The Physical layer provides the means to transport across the network
media the bits that make up a Data Link layer frame. This layer
accepts a complete frame from the Data Link layer and encodes it as a
series of signals that are transmitted onto the local media. The
encoded bits that comprise a frame are received by either an end
device or an intermediate device.
The delivery of frames across the local media requires the following
Physical layer elements:
The physical media and associated connectors
A representation of bits on the media
Encoding of data and control information
Transmitter and receiver circuitry on the network devices
Local Area Network
(LAN)
A local area network (LAN) is a computer network covering a small
physical area, like a home, office, or small groups of buildings, such
as a school, or an airport. The defining characteristics of LANs, in
contrast to wide area networks (WANs), include their usually higher
data-transfer rates, smaller geographic area, and lack of a need for
leased telecommunication lines.
Network scenario in ONGC
Devices used - Two Cisco 4506 L3 switches with optical
module Fifty 3-COM 4400 series L2 switches
with optical module.
Floor cabling used - Multi –mode Fiber for providing connectivity
floor 5th Floor to 15th Floor core 3 West side
and Core -4 East Copper RJ interconnectivity
of Core 3 west and core 4 East
Servers cabling used- Multi-mode Fiber and copper RJ-45
for single NIC connectivity of each server
from either of L3 switch
Optical module case - Sixteen for housing optical fibers
LAN TOPOLOGIES
There are four common types of LAN topologies
– Bus topology
– Tree topology
– Star topology
– Ring topology
Bus and Tree Topology
Bus and Tree Topology
Star Topology (LAN)
Center: hub, repeater, or concentratorTypically used in both Ethernet and Token Ring5 to 100+ devices
Star Topology
Redundant ring to avoid network failure
Ring Topology
LAN TECHNOLOGIES
There are different types of LAN technologies, the prominent ones are
mentioned below:
Ethernet - Ethernet is a 10Mbps LAN that uses the Carrier Sense
Multiple Access with Collision Detection (CSMA/CD) protocol to
control access network. When an end station (network device)
transmits data, every end station on the LAN receives it. Each end
station checks the data packet to see whether the destination address
matches its own address. If the addresses match, the end station
accepts and processes the packet. If they do not match, it disregards
the packet. If two end stations transmit data simultaneously, a
collision occurs and the result is a composite, garbled message. All
end stations on the network, including the transmitting end stations,
detect the collision and ignore the message. Each end station that
wants to transmit waits a random amount of time and then attempts to
transmit again. This method is usually used for traditional Ethernet
LAN.
Token Ring - This is a 4-Mbps or 16-Mbps token-passing method,
operating in a ring topology. Devices on a Token Ring network get
access to the media through token passing. Token and data pass to
each station on the ring. The devices pass the token around the ring
until one of the computer who wants to transmit data, takes the token
and replaces it with a frame. Each device passes the frame to the next
device, until the frame reaches its destination. As the frame passes to
the intended recipient, the recipient sets certain bits in the frame to
indicate that it received the frame. The original sender of the frame
strips the frame data off the ring and issues a new token.
Fast Ethernet - This is an extension of 10Mbps Ethernet standard
and supports speed up to 100Mbps. The access method used is
CSMA/CD .For physical connections Star wiring topology is used.
Fast Ethernet is becoming very popular as an up gradation from
10Mbps Ethernet LAN to Fast Ethernet LAN is quite easy.
FDDI (Fibre Distributed Data Interface) - FDDI provides data
speed at 100Mbps which is faster than Token Ring and Ethernet
LANs. FDDI comprise two independent, counter-rotating rings: a
primary ring and a secondary ring. Data flows in opposite directions
on the rings. The counter-rotating ring architecture prevents data loss
in the event of a link failure, a node failure, or the failure of both the
primary and secondary links between any two nodes. This technology
is usually implemented for a backbone network
Wide Area Network
(WAN)
A Wide Area Network (WAN) is a computer network that covers a
broad area (i.e., any network whose communications links cross
metropolitan, regional, or national boundaries). This is in contrast
with personal area networks (PANs), local area networks (LANs),
campus area networks (CANs), or metropolitan area networks
(MANs) which are usually limited to a room, building, campus or
specific metropolitan area (e.g., a city) respectively.
WAN design options
WANs are used to connect LANs and other types of networks
together, so that users and computers in one location can
communicate with users and computers in other locations. Many
WANs are built for one particular organization and are private.
Others, built by Internet service providers, provide connections from
an organization's LAN to the Internet. WANs are often built using
leased lines. At each end of the leased line, a router connects to the
LAN on one side and a hub within the WAN on the other. Leased
lines can be very expensive. Instead of using leased lines, WANs can
also be built using less costly circuit switching or packet switching
methods. Network protocols including TCP/IP deliver transport and
addressing functions. Protocols including Packet over SONET/SDH,
MPLS, ATM and Frame relay are often used by service providers to
deliver the links that are used in WANs. X.25 was an important early
WAN protocol, and is often considered to be the "grandfather" of
Frame Relay as many of the underlying protocols and functions of
X.25 are still in use today (with upgrades) by Frame Relay.
Academic research into wide area networks can be broken down into
three areas: Mathematical models, network emulation and network
simulation.
Performance improvements are sometimes delivered via WAFS or
WAN optimization.
WAN connection technology options
There are also several ways to connect Non-stop S-series servers to
WANs, which provides WAN client connectivity to servers that have
Ethernet ports and appropriate communications software. Several
options are available for WAN connectivity:
Option: Description Advantages Disadvantages Bandwidth range
Sample protocols used
Leased line Point-to-Point connection between two computers or Local Area Networks (LANs)
Most secure Expensive PPP, HDLC, SDLC, HNAS
Circuit switching
A dedicated circuit path is created between end points. Best example is dialup connections
Less Expensive Call Setup 28 - 144 kbps PPP, ISDN
Packet switching
Devices transport packets via a shared single point-to-point or point-to-multipoint link across a carrier internetwork. Variable length packets are transmitted over Permanent Virtual Circuits (PVC) or
Shared media across link
X.25 Frame-Relay
Switched Virtual Circuits (SVC)
Cell relay Similar to packet switching, but uses fixed length cells instead of variable length packets. Data is divided into fixed-length cells and then transported across virtual circuits
Best for simultaneous use of voice and data
Overhead can be considerable
ATM
Transmission rates usually range from 1200 bps to 24 Mbps, although
some connections such as ATM and Leased lines can reach speeds
greater than 156 Mbps. Typical communication links used in WANs
are telephone lines, microwave links & satellite channels.
Recently with the proliferation of low cost of Internet connectivity
many companies and organizations have turned to VPN to
interconnect their networks, creating a WAN in that way. Companies
such as Cisco, New Edge Networks and Check Point offer solutions
to create VPN networks.
VIRTUAL LOCAL AREA
NETWORKS (VLAN)
VIRTUAL LAN
Figure 1 - Typical Routed Network
To understand VLANs, it is first necessary to have an understanding
of LANs. A Local Area Network (LAN) can generally be defined as
a broadcast domain. Hubs, bridges or switches in the same physical
segment or segments connect all end node devices. End nodes can
communicate with each other without the need for a router.
Communications with devices on other LAN segments requires the
use of a router. Figure 1 illustrates a typical LAN environment
connected by routers.
In Figure 1, each LAN is separated from the other by a router. This
represents the current UCDNet topology. The individual LANs and
broadcast domains are represented by the areas bounded by the dotted
lines and numbered 1 through 5 for future reference. Note that the
router interface for each LAN is included as part of the LAN and
broadcast domain.
As networks expand, more routers are needed to separate users into
broadcast and collision domains and provide connectivity to other
LANs. In Figure 1, LANs 4 and 5 illustrate the use of a router to
separate users in a single building into multiple broadcast domains.
One drawback to this design is that routers add latency, which
essentially delays the transmission of data. This is caused by the
process involved in routing data from one LAN to another. A router
must use more of the data packet to determine destinations and route
the data to the appropriate end node.
Virtual LANs (VLANs) can be viewed as a group of devices on
different physical LAN segments which can communicate with each
other as if they were all on the same physical LAN segment. VLANs
provide a number of benefits over the network described in Figure 1,
which we will discuss in the next section. In order to take advantage
of the benefits of VLANs, a different network topology is needed.
Figure 2 - Typical Switched Network
Using the same end nodes as in Figure 1, the switched network in
Figure 2 provides the same connectivity as Figure 1. Although the
network above has some distinct speed and latency advantages over
the network in Figure 1, it also has some serious drawbacks. The most
notable of these for the purposes of this discussion is that all hosts
(end nodes) are now in the same broadcast domain. This adds a
significant amount of traffic to the network that is seen by all hosts on
the network. As this network grows, the broadcast traffic has the
potential impact of flooding the network and making it essentially
unusable.
Switches using VLANs create the same division of the network into
separate broadcast domains but do not have the latency problems of a
router. Switches are also a more cost-effective solution. Figure 3
shows a switched network topology using VLANs.
Figure 3 - Switched Network with VLANs
ADVANTAGES OF VLANS
As we have seen, there are several benefits to using VLANs. To
summarize, VLAN architecture benefits include:
Increased performance
Improved manageability
Network tuning and simplification of software configurations
Physical topology independence
Increased security options
Increased performance
Switched networks by nature will increase performance over shared
media devices in use today, primarily by reducing the size of collision
domains. Grouping users into logical networks will also increase
performance by limiting broadcast traffic to users performing similar
functions or within individual workgroups. Additionally, less traffic
will need to be routed, and the latency added by routers will be
reduced.
Improved manageability
VLANs provide an easy, flexible, less costly way to modify logical
groups in changing environments. VLANs make large networks more
manageable by allowing centralized configuration of devices located
in physically diverse locations.
Network tuning and simplification of software configurations
VLANs will allow LAN administrators to "fine tune" their networks
by logically grouping users. Software configurations can be made
uniform across machines with the consolidation of a department's
resources into a single subnet. IP addresses, subnet masks, and local
network protocols will be more consistent across the entire VLAN.
Fewer implementations of local server resources such
as BOOTP and DHCP will be needed in this environment. These
services can be more effectively deployed when they can span
buildings within a VLAN.
Physical topology independence
VLANs provide independence from the physical topology of the
network by allowing physically diverse workgroups to be logically
connected within a single broadcast domain. If the physical
infrastructure is already in place, it now becomes a simple matter to
add ports in new locations to existing VLANs if a department expands
or relocates. These assignments can take place in advance of the
move, and it is then a simple matter to move devices with their
existing configurations from one location to another. The old ports
can then be "decommissioned" for future use, or reused by the
department for new users on the VLAN.
Increased security options
VLANs have the ability to provide additional security not available in
a shared media network environment. By nature, a switched network
delivers frames only to the intended recipients, and broadcast frames
only to other members of the VLAN. This allows the network
administrator to segment users requiring access to sensitive
information into separate VLANs from the rest of the general user
community regardless of physical location. In addition, monitoring of
a port with a traffic analyzer will only view the traffic associated with
that particular port, making discreet monitoring of network traffic
more difficult.
It should be noted that the enhanced security that is mentioned above
is not to be considered an absolute safeguard against security
infringements. What this provides is additional safeguards against
"casual" but unwelcome attempts to view network traffic.
ROUTERS & ROUTING
• Routing is:
– Finding a path between a source and
destination (path determination)
– Moving information across an internetwork
from a source to a destination (switching)
– Very complex in large networks because
of the many potential intermediate nodes
• A router is:
– A network layer device that forwards packets
from one network to another and determines
the optimal path for forwarding network traffic
A router is a more sophisticated device than a hub or a switch. It
determines the appropriate network path to send the packet
along by keeping an up-to-date network topology in memory, its
routing table.
Routers keep track of each other’s routes by alternately
listening, and periodically sending, route information
Bridging is faster than Routing, but unlike Bridging, Routing
provides LAN Segmentation, Broadcast Control, Security and
Scalability.
Routing Table192.168.3.0Frame Relay192.168.1.0Ethernet192.168.2.0FDDI
Network 192.168.2.0FDDI
Remote Location
Network 192.168.1.0Ethernet
Main Site
Routers—Layer 3
ROUTERS AT LAYER 3
System Bus
InterfaceNetwork Controller
Interface:Network Controller
Interface:Network Controller
Flash
NVRAM
ROM
CPU
RAMBus
Interface
ROUTER HARDWARE
ROM MonitorDiagnostic, Console Setup, Memory Sizing
Config Register Check.Loads RxBoot, or stays in ROMMON
RxBootBuilds Basic Data Structures, Interface Setup,
Host Mode Functionality, Startup-config Check.Loads CISCO IOS or Stays in RxBoot
Prompt[router (boot)]
IOSInterface Setup, Router Functionality, Allocate Buffers, Loads
Startup-config.Boot Process Completes. [Router>] Prompts Appears
STARTUP PROCEDURE FOR A ROUTER
X Y
AA
BB
CC
Presentation
Data LinkPhysical
Data LinkPhysical
A B C
Data LinkPhysical
Data LinkNetworkTransportSessionPresentationApplication
PhysicalData LinkNetworkTransportSession
Application
Physical
Network Network Network
PACKET FLOW IN ROUTED NETWORK
• Routers encapsulate and de-encapsulate data packets as they are
transferred from system X to system Y
From the OSI model reference point of view -
• The router de-encapsulates and examines the frame to
determine what type of network layer data is being carried.
The network layer data is sent to the appropriate network
layer process, and the frame itself is discarded.
• The network layer process examines the header to
determine the destination network and then references the
routing table that associates networks to outgoing
interfaces.
• The packet is again encapsulated in the link frame for the
selected interface and sent on.
ROUTING PROTOCOLS
A routing protocol is a protocol that specifies how routers
communicate with each other, disseminating information that enables
them to select routes then any two nodes on a computer network, the
choice of the route being done by routing algorithms. Each router has
a priori knowledge only of networks attached to it directly. A routing
protocol shares this information first among immediate neighbors, and
then throughout the network. This way, routers gain knowledge of the
topology of the network.
The term routing protocol may refer specifically to one operating at
layer three of the OSI model, which similarly disseminates topology
information between routers.
Although there are many types of routing protocols, three major
classes are in widespread use on IP networks:
Interior gateway routing via link-state routing protocols, such as
OSPF and IS-IS
Interior gateway routing via path vector or distance vector
protocols, such as RIP, IGRP and EIGRP
Exterior gateway routing. BGP v4 is the routing protocol used
by the public Internet.
Many routing protocols are defined in documents called RFCs.
The specific characteristics of routing protocols include
the manner in which they either prevent routing loops from
forming or break them up if they do
the manner in which they select preferred routes, using
information about hop costs
the time they take to converge
how well they scale up
many other factors
Routed versus routing protocols
In some cases, routing protocols can themselves run over routed
protocols: for example, BGP runs over TCP which runs over IP; care
is taken in the implementation of such systems not to create a circular
dependency between the routing and routed protocols. That a routing
protocol runs over particular transport mechanism does not mean that
the routing protocol is of layer (N+1) if the transport mechanism is of
layer (N). Routing protocols, according to the OSI Routing
framework, are layer management protocols for the network layer,
regardless of their transport mechanism:
IS-IS runs over the data link layer
OSPF, IGRP, and EIGRP run directly over IP; OSPF and
EIGRP have their own reliable transmission mechanism while
IGRP assumed an unreliable transport
RIP runs over UDP
BGP runs over TCP
Examples
Interior routing protocols
Interior Gateway Protocols (IGPs) exchange routing information
within a single routing domain. A given autonomous system can
contain multiple routing domains, or a set of routing domains can be
coordinated without being an Internet-participating autonomous
system. Common examples include:
IGRP:
Interior Gateway Routing Protocol (IGRP) is a distance vector
interior routing protocol (IGP) invented by Cisco. It is used by routers
to exchange routing data within an autonomous system.
IGRP is a proprietary protocol. IGRP was created in part to overcome
the limitations of RIP (maximum hop count of only 15, and a single
routing metric) when used within large networks. IGRP supports
multiple metrics for each route, including bandwidth, delay, load,
MTU, and reliability; to compare two routes these metrics are
combined together into a single metric, using a formula which can be
adjusted through the use of pre-set constants. The maximum hop
count of IGRP-routed packets is 255 (default 100), and routing
updates are broadcast every 90 seconds (by default).
IGRP is considered a classful routing protocol. Because the protocol
has no field for a subnet mask, the router assumes that all interface
addresses within the same Class A, Class B, or Class C network have
the same subnet mask as the subnet mask configured for the interfaces
in question. This contrasts with classless routing protocols that can
use variable length subnet masks. Classful protocols have become less
popular as they are wasteful of IP address space.
EIGRP
Enhanced Interior Gateway Routing Protocol - (EIGRP) is a
Cisco proprietary routing protocol loosely based on their original
IGRP. EIGRP is an advanced distance-vector routing protocol, with
optimizations to minimize both the routing instability incurred after
topology changes, as well as the use of bandwidth and processing
power in the router. Routers that support EIGRP will automatically
redistribute route information to IGRP neighbors by converting the 32
bit EIGRP metric to the 24 bit IGRP metric. Most of the routing
optimizations are based on the Diffusing Update Algorithm (DUAL)
work from SRI, which guarantees loop-free operation and provides a
mechanism for fast convergence.
OSPF:
OSPF is an interior gateway protocol that routes Internet Protocol (IP)
packets solely within a single routing domain (autonomous system). It
gathers link state information from available routers and constructs a
topology map of the network. The topology determines the routing
table presented to the Internet Layer which makes routing decisions
based solely on the destination IP address found in IP datagrams.
OSPF was designed to support variable-length subnet masking
(VLSM) or Classless Inter-Domain Routing (CIDR) addressing
models.
OSPF detects changes in the topology, such as link failures, very
quickly and converges on a new loop-free routing structure within
seconds. It computes the shortest path tree for each route using a
method based on Dijkstra's algorithm, a shortest path first algorithm.
The link-state information is maintained on each router as a link-
state database (LSDB) which is a tree-image of the entire network
topology. Identical copies of the LSDB are periodically updated
through flooding on all OSPF routers.
The OSPF routing policies to construct a route table are governed by
link cost factors (external metrics) associated with each routing
interface. Cost factors may be the distance of a router (round-trip
time), network throughput of a link, or link availability and reliability,
expressed as simple unit less numbers. This provides a dynamic
process of traffic load balancing between routes of equal cost.
An OSPF network may be structured, or subdivided, into routing
areas to simplify administration and optimize traffic and resource
utilization. Areas are identified by 32-bit numbers, expressed either
simply in decimal, or often in octet-based dot-decimal notation,
familiar from IPv4 address notation.
By convention, area 0 (zero) or 0.0.0.0 represents the core or
backbone region of an OSPF network. The identifications of other
areas may be chosen at will, often, administrators select the IP address
of a main router in an area as the area's identification. Each additional
area must have a direct or virtual connection to the backbone OSPF
area. Such connections are maintained by an interconnecting router,
known as area border router (ABR). An ABR maintains separate link
state databases for each area it serves and maintains summarized
routes for all areas in the network.
OSPF does not use a TCP/IP transport protocol (UDP, TCP), but is
encapsulated directly in IP datagrams with protocol number 89. This
is in contrast to other routing protocols, such as the Routing
Information Protocol (RIP), or the Border Gateway Protocol (BGP).
OSPF handles its own error detection and correction functions.
OSPF uses multicast addressing for route flooding on a broadcast
network link. For non-broadcast networks special provisions for
configuration facilitate neighbor discovery. OSPF multicast IP
packets never traverse IP routers, they never travel more than one
hop. OSPF reserves the multicast addresses 224.0.0.5 for IPv4 or
FF02::5 for IPv6 (all SPF/link state routers, also known as
AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6
(all Designated Routers, AllDRouters), as specified in RFC 2328
and RFC 5340.
For routing multicast IP traffic, OSPF supports the Multicast Open
Shortest Path First protocol (MOSPF) as defined in RFC 1584.[5]
Neither Cisco nor Juniper Networks include MOSPF in their OSPF
implementations. PIM (Protocol Independent Multicast) in
conjunction with OSPF or other IGPs, (Interior Gateway Protocol), is
widely deployed.
The OSPF protocol, when running on IPv4, can operate securely
between routers, optionally using a variety of authentication methods
to allow only trusted routers to participate in routing. OSPFv3,
running on IPv6, no longer supports protocol-internal authentication.
Instead, it relies on IPv6 protocol security (IPsec).
OSPF version 3 introduces modifications to the IPv4 implementation
of the protocol.[2] Except for virtual links, all neighbor exchanges use
IPv6 link-local addressing exclusively. The IPv6 protocol runs per
link, rather than based on the subnet. All IP prefix information has
been removed from the link-state advertisements and from the Hello
discovery packet making OSPFv3 essentially protocol-independent.
Despite the expanded IP addressing to 128-bits in IPv6, area and
router identifications are still based on 32-bit values.
RIP:
RIP is a distance-vector routing protocol, which employs the hop
count as a routing metric. The hold down time is 180 seconds. RIP
prevents routing loops by implementing a limit on the number of hops
allowed in a path from the source to a destination. The maximum
number of hops allowed for RIP is 15. This hop limit, however, also
limits the size of networks that RIP can support. A hop count of 16 is
considered an infinite distance and used to deprecate inaccessible,
inoperable, or otherwise undesirable routes in the selection process.
RIP implements the split horizon, route poisoning and holddown
mechanisms to prevent incorrect routing information from being
propagated. These are some of the stability features of RIP. It is also
possible to use the so called RIP-MTI (Minimal Topology
Information) algorithm to cope with the count to infinity problem.
With its help, it is possible to detect every possible loop with a very
small computation effort.
Originally each RIP router transmitted full updates every 30 seconds.
In the early deployments, routing tables were small enough that the
traffic was not significant. As networks grew in size, however, it
became evident there could be a massive traffic burst every 30
seconds, even if the routers had been initialized at random times. It
was thought, as a result of random initialization, the routing updates
would spread out in time, but this was not true in practice. Sally Floyd
and Van Jacobson showed in 1994 that, without slight randomization
of the update timer, the timers synchronized over time. In most
current networking environments, RIP is not the preferred choice for
routing as its time to converge and scalability are poor compared to
EIGRP, OSPF, or IS-IS (the latter two being link-state routing
protocols), and (without RIP-MTI) a hop limit severely limits the size
of network it can be used in. However, it is easy to configure, because
RIP does not require any parameters on a router unlike other
protocols.
RIP is implemented on top of the User Datagram Protocol as its
transport protocol. It is assigned the reserved port number 520.
Versions
There are three versions of the Routing Information Protocol: RIPv1,
RIPv2, and RIPng.
RIP version 1
The original specification of RIP, defined in RFC 1058, uses classful
routing. The periodic routing updates do not carry subnet information,
lacking support for variable length subnet masks (VLSM). This
limitation makes it impossible to have different-sized subnets inside
of the same network class. In other words, all subnets in a network
class must have the same size. There is also no support for router
authentication, making RIP vulnerable to various attacks.The RIP
version 1 works when there is only 16 hop counts(0-15).If there are
more than 16 hops between two routers it fails to send data packets to
the destination address.
RIP version 2
Due to the deficiencies of the original RIP specification, RIP version
2 (RIPv2) was developed in 1993 and last standardized in 1998. It
included the ability to carry subnet information, thus supporting
Classless Inter-Domain Routing (CIDR). To maintain backward
compatibility, the hop count limit of 15 remained. RIPv2 has facilities
to fully interoperate with the earlier specification if all Must Be Zero
protocol fields in the RIPv1 messages are properly specified. In
addition, a compatibility switch feature allows fine-grained
interoperability adjustments.
In an effort to avoid unnecessary load on hosts that do not participate
in routing, RIPv2 multicasts the entire routing table to all adjacent
routers at the address 224.0.0.9, as opposed to RIPv1 which uses
broadcast. Unicast addressing is still allowed for special applications.
(MD5) authentication for RIP was introduced in 1997.
RIPv2 is Internet Standard STD-56.
Route tags were also added in RIP version 2. This functionality
allows for routes to be distinguished from internal routes to external
redistributed routes from EGP protocols.
RIPng
RIPng (RIP next generation), defined in RFC 2080, is an extension of
RIPv2 for support of IPv6, the next generation Internet Protocol. The
main differences between RIPv2 and RIPng are:
Support of IPv6 networking.
While RIPv2 supports RIPv1 updates authentication, RIPng
does not. IPv6 routers were, at the time, supposed to use IPsec
for authentication.
RIPv2 allows attaching arbitrary tags to routes, RIPng does not;
RIPv2 encodes the next-hop into each route entries, RIPng
requires specific encoding of the next hop for a set of route
entries.xxx
IS-IS:
IS-IS is an Interior Gateway Protocol (IGP) meaning that it is
intended for use within an administrative domain or network. It is not
intended for routing between Autonomous Systems (RFC 1930), a job
that is the purpose of an Exterior Gateway Protocol, such as Border
Gateway Protocol (BGP).
IS-IS is a link-state routing protocol, meaning that it operates by
reliably flooding Link State information throughout a network of
routers. Each router then independently builds a picture of the
network's topology. Packets or datagrams are forwarded based on the
best topological path through the network to the destination.
IS-IS uses Dijkstra's algorithm for computing the best path through
the network.
LAN
SWITCHING
LAN switching is a form of packet switching used in local area
networks. Switching technologies are crucial to network design, as
they allow traffic to be sent only where it is needed in most cases,
using fast, hardware-based methods.
Layer 2 switching
Layer 2 switching is hardware based, which means it uses the media
access control address (MAC address) from the host's network
interface cards (NICs) to decide where to forward frames. Switches
use application-specific integrated circuits (ASICs) to build and
maintain filter tables (also known as MAC address tables). One way
to think of a layer 2 switch is as a multiport bridge.
Layer 2 switching provides the following
Hardware-based bridging (MAC)
Wire speed
High speed
Low latency
Low cost
Layer 2 switching is highly efficient because there is no modification
to the data packet, only to the frame encapsulation of the packet, and
only when the data packet is passing through dissimilar media (such
as from Ethernet to FDDI). Layer 2 switching is used for workgroup
connectivity and network segmentation (breaking up collision
domains). This allows a flatter network design with more network
segments than traditional 10BaseT shared networks. Layer 2
switching has helped develop new components in the network
infrastructure
Server farms — Servers are no longer distributed to physical
locations because virtual LANs can be created to create
broadcast domains in a switched internetwork. This means that
all servers can be placed in a central location, yet a certain
server can still be part of a workgroup in a remote branch, for
example.
Intranets — Allows organization-wide client/server
communications based on a Web technology.
These new technologies allow more data to flow off from local
subnets and onto a routed network, where a router's performance can
become the bottleneck.
Limitations
Layer 2 switches have the same limitations as bridge networks.
Bridges are good if a network is designed by the 80/20 rule: users
spend 80 percent of their time on their local segment.
Bridged networks break up collision domains, but the network
remains one large broadcast domain. Similarly, layer 2 switches
(bridges) cannot break up broadcast domains, which can cause
performance issues and limits the size of your network. Broadcast and
multicasts, along with the slow convergence of spanning tree, can
cause major problems as the network grows. Because of these
problems, layer 2 switches cannot completely replace routers in the
internetwork.
Layer 3 switching
The only difference between a layer 3 switch and router is the way the
administrator creates the physical implementation. Also, traditional
routers use microprocessors to make forwarding decisions, and the
switch performs only hardware-based packet switching. However,
some traditional routers can have other hardware functions as well in
some of the higher-end models. Layer 3 switches can be placed
anywhere in the network because they handle high-performance LAN
traffic and can cost-effectively replace routers. Layer 3 switching is
all hardware-based packet forwarding, and all packet forwarding is
handled by hardware ASICs. Layer 3 switches really are no different
functionally than a traditional router and perform the same functions,
which are listed here
Determine paths based on logical addressing
Run layer 3 checksums (on header only)
Use Time to Live (TTL)
Process and respond to any option information
Update Simple Network Management Protocol (SNMP)
managers with Management Information Base (MIB)
information
Provide Security
The benefits of layer 3 switching include the following
Hardware-based packet forwarding
High-performance packet switching
High-speed scalability
Low latency
Lower per-port cost
Flow accounting
Security
Quality of service (QoS)
Layer 4 switching
Layer 4 switching is considered a hardware-based layer 3 switching
technology that can also consider the application used (for example,
Telnet or FTP).
Layer 4 switching provides additional routing above layer 3 by using
the port numbers found in the Transport layer header to make routing
decisions.
These port numbers are found in Request for Comments (RFC) 1700
and reference the upper-layer protocol, program, or application.
Layer 4 information has been used to help make routing decisions for
quite a while. For example, extended access lists can filter packets
based on layer 4 port numbers. Another example is accounting
information gathered by NetFlow switching in Cisco's higher-end
routers.
The largest benefit of layer 4 switching is that the network
administrator can configure a layer 4 switch to prioritize data traffic
by application, which means a QoS can be defined for each user.
For example, a number of users can be defined as a Video group and
be assigned more priority, or band-width, based on the need for video
conferencing.
Multi-layer switching (MLS)
Multi-layer switching combines layer 2, 3, and 4 switching
technologies and provides high-speed scalability with low latency. It
accomplishes this high combination of high-speed scalability with
low latency by using huge filter tables based on the criteria designed
by the network administrator.
Multi-layer switching can move traffic at wire speed and also provide
layer 3 routing, which can remove the bottleneck from the network
routers. This technology is based on the idea of "route once, switch
many".
Multi-layer switching can make routing/switching decisions based on
the following
MAC source/destination address in a Data Link frame
IP source/destination address in the Network layer header
Protocol field in the Network layer header
Port source/destination numbers in the Transport layer header
There is no performance difference between a layer 3 and a layer 4
switch because the routing/switching is all hardware based.
VIRTUAL PRIVATE NETWORKS
(VPN)
History
A virtual private network (VPN) links two computers through an
underlying local or wide-area network, while encapsulating the data
and keeping it private. It is analogous to a pipe within a pipe. Even
though the outer pipe contains the inner one, the inner pipe has a wall
that blocks other traffic in the outer pipe. To the rest of the network,
the VPN traffic just looks like another traffic stream.
The term VPN can describe many different network configurations
and protocols. Some of the more common uses of VPNs are described
below, along with the various classification schemes and models
VPN classification
VPN technologies have myriad protocols, terminologies and
marketing influences that define them. For example, VPN
technologies can differ in:
The protocols they use to tunnel the traffic
The tunnel's termination point, i.e., customer edge or network
provider edge
Whether they offer site-to-site or remote access connectivity
The levels of security provided
The OSI layer they present to the connecting network, such as
Layer 2 circuits or Layer 3 network connectivity
Security mechanism
Secure VPNs use cryptographic tunneling protocols to
provide confidentiality by blocking intercepts and packet sniffing,
allow sender authentication to block identity spoofing, and
provide message integrity by preventing message alteration.
Secure VPN protocols include the following:
IPsec (Internet Protocol Security) was originally developed
for IPv6, which requires it. This standards-based security
protocol is also widely used with IPv4. L2TP frequently runs
over IPsec.
Transport Layer Security (SSL/TLS) can tunnel an entire
network's traffic, as it does in the OpenVPN project, or secure
an individual connection. A number of vendors provide remote
access VPN capabilities through SSL. An SSL VPN can connect
from locations where IPsec runs into trouble with Network
Address Translation and firewall rules. However, SSL-based
VPNs use Transmission Control Protocol (TCP) and so may be
vulnerable to denial-of-service attacks because TCP connections
do not authenticate.
Datagram Transport Layer Security (DTLS) is used in Cisco's
next-generation VPN product, Cisco AnyConnect VPN, to solve
the issues SSL/TLS has with tunneling TCP over TCP.
Microsoft's Microsoft Point-to-Point Encryption (MPPE) works
with their PPTP and in several compatible implementations on
other platforms.
Microsoft introduced Secure Socket Tunneling Protocol (SSTP)
in Windows Server 2008 and Windows Vista Service Pack 1.
SSTP tunnels Point-to-Point Protocol (PPP) or L2TP traffic
through anSSL 3.0 channel.
MPVPN (Multi Path Virtual Private Network).
Secure Shell (SSH) VPN -- OpenSSH offers VPN tunneling to
secure remote connections to a network or inter-network links.
This should not be confused with port forwarding. OpenSSH
server provides limited number of concurrent tunnels and the
VPN feature itself does not support personal authentication
ONGC – NETWORK DIAGRAMS
LOTUS - THE MAILING SYSTEM AT
ONGC
Lotus Software (called Lotus Development Corporation before its
acquisition by IBM) is a software company with headquarters in
Westford, Massachusetts.
Lotus is most commonly known for the Lotus 1-2-3 spreadsheet
application, the first feature-heavy, user-friendly, reliable and
WYSIWYG-enabled product to become widely available in
The early days of the IBM PC, when there was no Graphical user
interface. Such a useful tool certainly helped to spread the adoption of
the PC, both for administrative and scientific applications. Much later,
in conjunction with Ray Ozzie's Iris Associates, Lotus also released a
groupware and email system, Lotus Notes. IBM purchased the
company in 1995 for $3.5 billion, primarily to acquire Lotus Notes
and to establish a presence in the increasingly important client–server
computing segment, which was rapidly making host-based products
like IBM's Office Vision obsolete.
Features
Lotus Notes can be used for email, calendaring, PIM, instant
messaging, Web browsing, and a variety of feature-rich custom
applications. It can be used to access both local- and server-based
applications and data. The current version of Lotus Notes is 8.5.
In the early days of the product, the most common applications were
threaded discussions and simple contact management databases.
Today, Notes also provide blogs, wikis, RSS aggregators, CRM and
Help Desk systems, and organizations can build a variety of custom
applications for Notes using Domino Designer.
Lotus Notes can be used as an IMAP and POP e-mail client with non-
Domino mail servers. Recipient addresses can be retrieved from any
LDAP server, including Active Directory. The client also does web
browsing, although it can be configured to launch the default browser
instead.
Features include group calendaring and scheduling, SMTP/MIME-
based e-mail, NNTP-based news support, and automatic HTML
conversion of all documents by the Domino HTTP task.
Notes integration with IBM's Sametime instant messaging allows
users to see other users online and chat with one or more of them at
the same time. Beginning with Release 6.5 this functionality is built
into Notes and presence awareness is available in email and other
Notes applications for users in organizations that use both Notes and
Same time.
Since version 7, Notes has provided a web services interface. Domino
can be a web server for HTML files too; authentication of access to
Domino databases or HTML files uses Domino's own user directory
and external systems such as Microsoft's Active Directory.
A design client is available to allow rapid development of databases
consisting of forms, which allow users to create documents; and
views, which display selected document fields in columns.
In addition to being a groupware system (e-mail, calendaring, shared
documents and discussions), Notes/Domino is also a platform for
developing customized client–server and web applications. Its use of
design constructs and code allows easier construction of "workflow"-
type applications, which typically have complex approval processes
and routing of data.
Since Release 5, Lotus server clustering has been able to provide
geographic redundancy for servers.
Important files of Lotus
NOH.INI
NAMES.NIF
BOOKMARK.NSF
DESKTOP.NDK
ID FILE
ARCHIEVE.NSF
ONGC is using Lotus as their official mailing system
CONCLUSION
Computer Network can be used for numerous services, both for
organization and individuals. For organization, network of personal
computer using shared servers often provide access to corporate
information. Typically they follow the client- server model with
client workstation on employee desktop accessing powerful servers in
the machine room. For individual, network offer access the internet
by calling up an ISP using a modem although increasingly many
people have a fixed connection at home. An up and coming area is
wireless networking with new application such as mobile e-mail and
m- commerce
Roughly speaking, network can be divided up into LANs, MANs,
WANs and internetworks with their own characteristics,
technologies, speed and niches.
Network software consists of protocols, which are rules by which
processes communicate. Protocols are either connectionless or
connection oriented, most network support hierarchies, with each
layer providing service to the layer above it and insulating them from
the details of protocol used in the lower layers.