Networking Technology for Broadcast Engineers"

Transcription

1 Networking Technology for Broadcast Engineers" Wayne M. Pecena, CPBE, CBNE Texas A&M University - KAMU Office of Information Technology Educational Broadcast Services - KAMU

2 "Networking Technology for Broadcast Engineers" Advertised Presentation Scope: This presentation focuses on TCP/IP based networking fundamentals in an Ethernet environment. Topics include TCP/IP and UDP Fundamentals, IP Addressing, Sub-netting Basics, an Introduction to IPv6, Switching Fundamentals, VLAN Use, Routing Fundamentals, Quality of Services (QoS) Basics, and Networking Security Concerns. Where appropriate, the application focus will be oriented towards a broadcast technical plant. My Goals & Deliverables for This Afternoon: - An awareness of major IP networking topics (broadcast focused) - A basic understanding of topic fundamentals and principles - Suggested network design best practices - Suggestions on where to obtain further knowledge 2

3 "What You Need to Know About IP Networking Tutorial Outline: Introduction: IP Networking Models & Standards Data Flow Focus: Layer 1 The Physical Infrastructure Layer 2 Physical Addressing & Ethernet Switching Layer 3 Virtual Addressing & IP Routing Layer 4 TCP and UDP Transport Building a Segmented IP Network Infrastructure Bonus Topics: IPv6 QoS Takeaways, Questions, and Maybe Some Answers 3

4 Introduction: IP Networking Models & Standards 4

5 5 Things Required To Build a Network Send Host Receive Host Message or Data to Send Between Hosts Media to Interconnect Hosts Protocol to Define How Data is Transferred Media Protocols Media Send Host DATA Receive Host A Network is a Group of Host Devices That Share a Common Addressing Scheme A Host is Any Device That Can Be Connected to That Network 5

6 The Internet 6

7 Standards Organizations De Jure & De Facto IETF Internet Engineering Task Force The Internet Standard RFC s IEEE- Institute of Electrical & Electronic Engineers Ethernet & Wireless LAN Standards ISO International Standards Organization OSI Reference Model ITU International Telecommunications Union Global Telecommunications Standards (ie PSTN) EIA Electronic Industries Association Focused on Physical Layer Standards 7

8 IETF Internet Engineering Task Force Request for Comments RFC s The Standards Bible of the Internet Used to Explain All Aspects of IP Networking Nomenclature RFC xxxx Requirement Levels: Required Recommended Elective Limited Use Deprecated / Not Recommended 8

9 IEEE- Institute of Electrical & Electronic Engineers Project 802 Ethernet Standards: Bridging Ethernet Wireless 9

10 Network Landscape 70 s / 80 s / 90 s 10

11

12 The OSI Model Open Systems Interconnection (OSI) Model Developed by the International Organization for Standardization (ISO) A Conceptual Model Abstract in Nature Modular in Structure Provides Layer Swapping Partitions Communications Function - Defines How Data Traverses From An Application to the Network Networking Focus 12

13 Open Systems Interconnection OSI Model Application Presentation Session Transport Network Data Link Physical User Application Interaction Standardizes Data Encoding/Decoding/ Compression/Encryption Tracks User Sessions Inter-Host Communications Manages End-End Connections: TCP, UDP, & Flow Control Provides Internetwork Routing (path) Provides Virtual Addressing (IP) Provides Network Access Control, Physical Address (MAC), & Error Detection Interfaces to Physical Network, Moves Bits Onto & Off Network Medium 13

14 Intra-Layer Communications 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical NO 14

15 The Protocol Data Unit Layer PDU 4 Segment Source Port Destination Port Data 3 Packet Source IP Destination IP Protocol Segment 2 Frame Destination MAC Source MAC Ether Type Packet FCS 1 Bit

16 Encapsulation Data is Encapsulated As It Travels Through the Stack From Application 16

17 Encapsulation & De-Encapsulation TCP Header Upper Level Data Upper Level Data Application Presentation Session Transport PDU Segment Application Presentation Session Transport Upper Level Data IP Header Data Network Packet Network LLC Header Data CS MAC Header Data CS Data Link Frame Data Link Physical Bits Physical 17

18 TCP/IP Model or TCP/IP Stack OSI Model TCP/IP Model Application Presentation Application Session Transport Network Data Link Physical Transport Internet Network Interface TCP/IP Ethernet Focused 18

19 The Real World OSI Model RFC 2321 A Description of the usage of Nondeterministic Troubleshooting and Diagnostic Methodologies ID10T Errors Occur Here 19

20 Data Flow Focus: Layer 1 The Physical Infrastructure 20

21 Ethernet Is the Standard Today! Conceptually Based Upon ALOHA NET Developed as a Wireless Network by Norman Abramson & colleagues Developed in 1968 & Deployed at the University of Hawaii in 1971 Later Refined at Xerox PARC in 1973 to Become Ethernet Bob Metcalf & David Boggs Fathers of Ethernet 21

22 Ethernet Media Evolution Thicknet Vampire Tap Thinnet Topology Also Migrates from Bus to Star Based 22

23 Ethernet Physical Standards IEEE Standard Physical Standard Cable Type Speed Maximum Length 802.3a 10-Base-2 Coax (thin-net) 10 Mbps 185m Base-5 Coax (thick-net) 10 Mbps 500m 802.3i 10-Base-T Twisted Pair 10 Mbps 100m 802.3u 100-Base-TX Twisted Pair 100 Mbps 100m 802.3u 100-Base-T4 Twisted Pair 100 Mbps 100m 802.3u 100-Base-FX MM Fiber 100 Mbps m 802.3u 100-Base-SX MM Fiber 100 Mbps 500m 23

24 Ethernet Physical Standards continued IEEE Standard Physical Standard Cable Type Speed Maximum Length 802.3ab 1000-Base-T Twisted Pair 1 Gbps 100m 802.3z 1000-Base-SX MM Fiber 1 Gbps 500m 802.3z 1000-Base-LX MM Fiber 1 Gbps 500m 802.3z 1000-Base-LX SM Fiber 1 Gbps Several Km 802.3an 10G-Base-T Twisted Pair 10 Gbps 100m 802.3ae 10G-Base-SR MM Fiber 10 Gbps 300m 802.3ae 10G-Base-LR SM Fiber 10 Gbps Several Km and 20 Gigabit, 40 Gigabit, & 100 Gigabit Ethernet.. 24

25 Wireless Fidelity Networking Standards Ghz 2 Mbps (maximum) b 2.4 Ghz 11 Mbps a 5 Ghz 54 Mbps g 2.4 Ghz 54 Mbps n 2.4 MIMO 300 Mbps 802.ac 2.4 / 5 Ghz 450 / 1300 Mbps Frequency Bands (ISM): 2.4 Ghz Ghz 5 Ghz Ghz 25

26 Data Flow Focus: Layer 2 Physical Addressing & Ethernet Switching 26

27 Layer 2 is Unique! Contains 2 Sub-Layers Data Link Layer Logical Link Control Sub-Layer - LLC Media Access Control Sub-Layer - MAC Logical Link Control Sub-Layer - Flow Control - Acknowledgment - Error Check CRC Media Access Control Sub-Layer - Access Control - Frame Synchronization - Addressing 27

28 Ethernet Media Access Control Protocol Carrier Sense Multiple Access with Collision Detection CSMA/CD CSMA/CD Process: Listen Before Sending Detect Collisions Jam Signal & Random Backoff 28

29 Ethernet Network Physical Addressing MAC Address 6 Bytes Hexadecimal Notation - 00:12:3F:8D:4D:A7 Layer 2 Physical Address Fixed Burned-in-Address Assigned by NIC Mfg. Local in Scope Simplified Representation FF:FF:FF:FF:FF:FF 00:12:3F:8D:4D:A DATA Trailer Destination MAC Source MAC Source IP Destination IP IP Packet Ethernet Frame 29

30 The Ethernet Frame The Ethernet Frame Comes in Flavors: Raw Early Novell Netware IPX LLC IEEE Ethernet SNAP IPX, AppleTalk v2 Ethernet II (DIX) TCP/IP 64 byte minimum Preamble Header Payload FCS Multiple Frame Types Can Coexist on a Network 30

31 The Layer 2 Ethernet II (DIX) Frame An Ethernet II (DIX) Frame Preamble Destination Source Type Address Address Data CRC 8 BYTES 6 BYTES 6 BYTES 2 BYTES BYTES VARIABLE 4 BYTES Invalid FRAME Lengths: < 64 BYTES = RUNT FRAME > 1518 BYTES = GIANT FRAME Note Preamble Not Used in Frame Length Calculation Destination Source Type Address Address Data CRC 64 Byte Minimum 1518 Byte Maximum Be Aware That Other Frame Types Exist! 31

32 MAC Address Formats Always 48 Bits Expressed as Hexadecimal Can Be Represented in Several Formats: 00:A0:C9:14:C8:29 00-A0-C9-14-C A0.C914.C829 6 Bytes Byte 6 Byte 5 Byte 4 Byte 3 Byte 2 Byte 1 Organization Unique Identifier OUI Network Interface Controller NIC 32

33 Media Access Control (MAC) Address 48 bits Organization Unique Identifier (OUI) Mfg. Assigned 24 bits 24 bits 6 hexadecimal digits 6 hexadecimal digits A4 : 67 : 06 AB : 41 : D5 OUI A4:67:06 = Apple, Inc.

34 Ethernet Switch Functions Learn MAC Addresses Filter Ethernet Frames Forward Ethernet Frames Flood Ethernet Frames Allow Redundancy (Avoid loops where redundant links exist) Can Provide Port Security Features

35 Application Application Presentation Presentation Session Session Transport Transport Network Network Data Link Data Link Data Link Data Link Data Link Data Link Physical Physical Physical Physical Physical Physical 35

36 Frame Flow Through Network P R E Destination MAC 00:00:0C:C1:00:20 Source MAC 00:00:0C:C1:00:10 T Y P E Source IP Destination IP DATA C R C 00:00:0C:C1:00: :00:0C:C1:00: :00:0C:C1:00: MAC Address Changes As Frame Passes Through the Network 00:00:0C:C1:00: HOST A 00:06:5B:01:02: :06:5B:11:22: HOST B P R E Destination MAC 00:06:5B:11:22:33 Source MAC 00:00:0C:C1:00:30 T Y P E Source IP Destination IP DATA C R C P R E Destination MAC 00:00:0C:C1:00:01 Source MAC 00:06:5B:01:02:03 T Y P E Source IP Destination IP DATA C R C 36

37 Managed vs Un-Managed Ethernet Switches Managed Switch User Configurable Provides Ability to Control & Monitor Host Communications Port Configuration, Security, & Monitoring VLAN Implementation Redundancy Supported (STP) QoS (Prioritization) Implementation Port Mirroring Un-Managed Switch Fixed Configuration Plug & Play Provides Basic Host Communications Cheaper 37

38 Learning a MAC Address Switch MAC Address Table Content Addressable Memory (CAM) Table A1 A2 A3 A4 MAC ADDRESS 08-3e-8e e-8e e-8e e-8e PORT A1 A2 A3 A4 08-3e-8e e-8e A Real MAC Address Table 08-3e-8e e-8e NOTE VLAN 1 is Special

39 Virtual Local Area Network VLAN Allows Separation or Segmentation of Networks Across a Common Physical Media Creates Subset of Larger Network VLAN Control of Broadcast Domains Each VLAN is a Broadcast Domain Architecture Flexibility Security Static Port Based VLAN(s) Most Popular Manual Configuration Switch Port Security Features Dynamic Port Based MAC-Based VLAN(s) Assignment Based Upon MAC Address Protocol-Based VLAN(s) Assignment Based Upon Protocol 39

40 VLAN Example Access / Untagged Trunk / Tagged Switch Port Type Configuration: Cisco Terminology Access Link Member of One VLAN Only Connects to a Host Trunk Link Carries Traffic From Multiple VLANS Between Switches HP Terminology Untagged Port Member of One VLAN Only Connects to a Host Tagged Port - Carries Traffic From Multiple VLANS Between Switches 40

41 Switch Interface Configuration Switch 2 Switch 1 Switch 3 41

42 Switch Interface Configuration Interface Config: TRUNK / TAGGED Blue VLAN Green VLAN Interface Config: TRUNK / TAGGED Blue VLAN Red VLAN Green VLAN Switch 2 Switch 1 Switch 3 Access / Un-Tagged Interface Access / Un-Tagged Interface Access / Un-Tagged Interface 42

43 Adding the VLAN Tag ETHERNET FRAME PREAMBLE DESTINATION MAC ADDRESS SOURCE MAC ADDRESS TYPE DATA CRC 802.1Q ETHERNET FRAME PREAMBLE DESTINATION MAC ADDRESS SOURCE MAC ADDRESS TAG TYPE DATA CRC 4 bytes 802.1Q TAG TPID 0X8100 PRI C F I VLAN ID VLAN ID = 12 bits Yields 4,096 Possible VLAN(s) 43

44 Broadcast Domains Broadcast Domains Blue VLAN Green VLAN Red VLAN No Connectivity Exists Between Broadcast Domain, Networks, or Subnets! 44

45 VLAN Configurations Physical Separate Networks VLAN Implementation LAN #1 LAN #2 VLAN #1 VLAN #2 VLAN #1 VLAN #2 Inter-Switch Links VLAN #1 VLAN #2 VLAN #1 VLAN #2

46 Trunk or Tagged Link VLAN #1 & #2 Trunk Inter-Switch Links VLAN #1 VLAN #2 VLAN #1 VLAN #2 VLAN #1 VLAN #2 Trunk or Tagged Link VLAN #1 & #2 Trunk Inter-Switch Links VLAN #1 VLAN #2 VLAN #1 VLAN #2

47 Trunk or Tagged Link VLAN #1 & #2 Trunk or Tagged Link VLAN #1 & #2 Trunk Inter-Switch Links VLAN #1 VLAN #2 VLAN #1 VLAN #2 Internet Trunk or Tagged LinkVLAN #1 & #2 Trunk or Tagged Link VLAN #1 & #2 Trunk Inter-Switch Links VLAN #1 VLAN #2 VLAN #1 VLAN #2

48 Data Flow Focus: Layer 3 Virtual Addressing & IP Routing 48

49 IP Network Virtual Addressing IPv4 Address 4 Bytes Doted Decimal Notation Layer 3 Logical Address Can Change Determined by Network - Assigned by User Global in Scope Simplified Representation FF:FF:FF:FF:FF:FF 00:12:3F:8D:4D:A DATA Trailer Destination MAC Source MAC Source IP Destination IP IP Packet Ethernet Frame 49

50 IP Addressing Rules Each Network MUST Have a Unique Network ID Each Host MUST Have a Unique Host ID Every IP Address MUST Have a Subnet Mask Implied for a Classful Network Explicit Stated for Classless Network An IP Address Must Be Unique Globally If Host on the Public Internet 50

51 The IPv4 Address 32 Bit Binary Address and 32 Bit Binary Mask 2 32 Yields 4,294,967,296 Addresses 32 Bits Divided Into Four (4) Octets or Bytes Expressed in Dotted Decimal Notation 32 bit IP Address Octet 1 Octet 2 Octet 3 Octet Bytes

52 2-Part IPv4 Address 32 bit IP Address Octet 1 Octet 2 Octet 3 Octet Bytes Network Address Subnet Mask Determines Host Address 52

53 IPv4 Address Classes 32 bits Class A 8 bits 8 bits 8 bits 8 bits NETWORK HOST HOST HOST Class B NETWORK NETWORK HOST HOST Class C NETWORK NETWORK NETWORK HOST Class D Multicast Class E Experimental 53

54 IPv4 Default Mask Class A 8 bits 24 bits NETWORK HOST HOST HOST Default Mask: Class B NETWORK 16 bits NETWORK HOST 16 bits HOST Default Mask: bits 8 bits Class C NETWORK NETWORK NETWORK HOST Default Mask:

55 Classful IPv4 Addressing First Octet Range Network Range Available Networks ,384 2,097,152 Available Hosts/Network 16,777,214 65, Network Bits Host Bits 24 Class 16 B Class 8 C Default Mask

56 VLSM RFC 1009 Variable Length Subnet Masking (VLSM) Host Addressing & Routing Inside a Routing Domain Allowed Classless Subnetting Mask Information is Explicit Must Be Specified Allows More Efficient Use of Address Space Taylor Address Space to Fit Network Needs Allows You to Subnet a Subnet Subnetting Borrows Host Bits to Create More Networks VLSM Allows Mask To Be Moved 56

57 VLSM Allows Mask to Be Determined on a Bit Basis Remember: Classful Addressing Specified Network/Host Boundary A B C Octet 1 Octet 2 Octet 3 Octet 4 Network Host Classless Addressing Allows Network/Host Boundary to Be Specified at an Individual Bit Network Host Octet 1 Octet 2 Octet 3 Octet 4 19 Subnet Mask Bits =

58 CIDR RFC 1517, 1518, 1519, 1520 Classless Interdomain Routing (CIDR) Class System No Longer Applies Routing Between Routing Domains Allows Supernets To Be Created Combining a Group of Class C Addresses Into a Single Block CIDR Notation (slanted notation): /19 Mask:

59 IPv4 Address Mask Formats Classful Addressing: (Implied Mask ) VLSM Addressing: (Explicit Mask CIDR Notation : /19 Number of Mask Bits

60 IPv4 Address Subnet Mask Example VLSM - Each IP Address Must Have a Subnet Mask to Define the Network and the Host 32 Bit Subnet Mask Expressed in Decimal as (4) 8-bit Octets using Doted Decimal Notation IP Address: / /19 or Network Host

61 IPv4 Address Block Size Based Upon 2 n LSB 2 n

62 All Valid IPv4 Subnet Masks 62

63 Private IPv4 Address Space RFC 1918 Established Private Address Space Class A: to Class B: to Class C: to Private Address Space or 1918 Space : Private IP Address Space Is NOT Routable to the Global Internet Widely Used: Hide Host IP Address Security by Obscurity Minimize Public IP Use May Be Translated With Network Address Translation (NAT) Techniques: One-One Network Address Translation (NAT) Static & Dynamic Many-One Port Address Translation (PAT) 63

64 Network Address Translation NAT RFC 3022 Inside Network (private) Outside Network Public Address Space (Usually) RFC 1918 Addressed Hosts Gateway Router w/ NAT Services NAT Allows a Host Without a Valid Public IP Address to Communicate With a Host That Has a Public IP Address by Simply Changeing the IP Addresses as Packet Passes Through the NAT Device Why Use? Conserve Public IP Address Space Security by Obscurity (hide actual host IP address) NAT Types: Static One-to-One Translation Dynamic Pool of Public Addresses Made Available to Outbound Traffic Client Traffic NAT Overloading or Port Address Translation (PAT) Translates to a Single Public IP by Use of a Unique Port Number 64

65 Special Use Reserved IPv4 Address Space RFC /8 Network Address This Network or Wire Address /8 Private IP Address Space (RFC 1918) /8 Loopback Address /16 IETF Zero Configuration Address Space (RFC 3927) /16 Private IP Address Space (RFC 1918) /16 Private IP Address Space (RFC 1918) /4 Multicast Address Space /4 Experimental Address Space /32 Broadcast Address Yields About 3.7 Billion Useable IPv4 Addresses 65

66 The IPv4 Loop Back Address What is Special About ? Known as a Loop-Back Address Actually Any /8 Address Works OR the Range of to Useful For to Test Local IP Stack and Network Adapter 66

67 Routing Routing is Simply the Moving Packets Between Different Networks (Subnets or Broadcast Domains) by A Routing Protocol Using a Routed Protocol by Determining the Best Route to the Destination. OSI Model Layer 3 Defined Inter-Networking Process Routing Types: Static Routing Dynamic Routing Routing Protocol Classes: Interior Gateway Protocol (IGP) Exterior Gateway Protocols (EGP) 67

68 Broadcast Domains Broadcast Domains Blue VLAN Green VLAN Red VLAN No Connectivity Exists Between Broadcast Domain, Networks, or Subnets! 68

69 Add Connectivity Between Broadcast Domains Add Router GE0 GE2 Network #1 Network #3 GE1 Network #2 FE0 Blue VLAN Green VLAN Red VLAN 69

70 Application Application Presentation Presentation Session Session Transport Transport Network Network Network Network Data Link Data Link Data Link Data Link Physical Physical Physical Physical 70

71 Packet Flow Through Network P R E Destination MAC 00:00:0C:C1:00:20 Source MAC 00:00:0C:C1:00:10 T Y P E Source IP Destination IP DATA C R C 00:00:0C:C1:00: :00:0C:C1:00: :00:0C:C1:00: HOST A IP Address Does Not Change As Packet Passes Through the Network (except if NAT is involved) 00:06:5B:01:02: :06:5B:11:22: :00:0C:C1:00: HOST B P R E Destination MAC 00:06:5B:11:22:33 Source MAC 00:00:0C:C1:00:30 T Y P E Source IP Destination IP DATA C R C P R E Destination MAC 00:00:0C:C1:00:01 Source MAC 00:06:5B:01:02:03 T Y P E Source IP Destination IP DATA C R C 71

72 Routing Types Static Routing Appropriate for Small & Simple Networks Minimal Router CPU/Memory No Routing Update Overhead Appropriate for Stable Networks Often Used in Stub Networks Human Intervention / Administration Required Yy Dynamic Routing Appropriate for Changing Topology Environments Automatically Adapts to Changes Desirable When Multiple Paths Exist More Scalable Hardware More Complex Less Configuration Error Prone 72

73 Dynamic Routing Categories Distance Vector Routing Protocol Periodic Routing Table Updates Distance Used as a Metric Neighbors Trust Neighbors Slow Convergence Link State Routing Protocol Routing Table Updates As Changes Occur Maintains Neighbor, Topology, & Shortest-Path Tables Each Router Updates From All Others Cost Used as a Metric 73

74 Routing Metrics & Administrative Distance Determines The Best Path to Target Host Cost Metrics: Hop Count The Number of Routers in a Path Bandwidth Throughput (bps) Load Traffic Flowing Through a Router Delay Network Latency (distance or congestion) Reliability Amount of Downtime of a Network Path Administrative Distance Indicates Believability of the Route Often Used When Multiple Protocols Are Used Often Used to Prefer A Certain Path When Multiple Paths Exist Routing Protocols Have Default Administrative Distances Smaller Metrics = Best Route Lower Administrative Distance = More Believed 74

75 Hop Count May Not Be The Best Metric! Ethernet 100 Mbps DS-3 45 Mbps DS-3 45 Mbps T Mbps T Mbps 75

76 The Routing Protocol Learn the route to each subnet in the internetwork (build routing table) Determine the best route (one route) Remove routes that are no longer valid Update routing table to reflect changes Perform updates quickly Prevent routing loops

77 The Routing Table Each Router Maintains It s Own Routing Table Routing Table Contents: Destination Network Cost and/or Metric Gateway or Next Hop Address Route Types: Direct Connected Remote Routes Simplified Routing Table Example Destination Network Next Hop Address Metric 77

78 Routing Table Examples Router A Router B / /30 Router C IP Configuration: mask default gateway / / /24 Router B /24 Routing Destination Table Network Static Routing Table Manually Entered Destination Network /24 Next Hop Address /30 Metric / /24 Next Hop Address /24 Metric / Router A sends Network / / /30 0 Router B sends Network /24 Dynamic Routing Table Generated by Routing Updates from All Routers 78

79 IGP and EGP Protocols Exterior Gateway Protocol RIP IGRP EIGRP OSPF IS-IS BGP RIP IGRP EIGRP OSPF Interior Gateway Protocol Interior Gateway Protocol 79

80 Routing Protocol Selection Which One is Best? Static Routing EGP BGP Dynamic Routing IGP Distance Vector Protocol: Link State Protocol: RIP IGRP OSPF IS-IS Standards Based Proprietary Hybrid Protocol: EIGRP 80

81 Routing Protocol Choices Most Popular Interior Distance Vector Interior Link State Exterior Path Vector Classful RIP IGRP EGP Classless RIP v2 EIGRP OSPF v2 IS-IS BGP v4 IPv6 RIPng EIGRP v6 OSPF v3 IS-IS v6 BGP v4 Our Focus 81

82 Practical Routing Protocol Choices Common IGP Protocols VLSM Support RIP v2 EIGRP (Cisco) OSPF v2 Type: Distance Vector Hybird Link-State Metric: Hop Count Bandwidth/Delay Cost Administrative Distance: Hop Count Limit: None Convergence: Slow Fast Fast Updates: Full Table Every 30 Seconds Send Only Changes When Change Occurs Send Only When Change Occurs, But Refreshed Every 30m RFC Reference: RFC 1388 N/A RFC

83 What Is A Layer 3 Switch? IMHO Marketing Terminology Applied to a One Box Solution: OSI Model Defines Layer 2 Switching OSI Model Defines Layer 3 Routing A Layer 3 Switch Incorporates Both! Multilayer Switch Port Types: Switchport: Layer 2 Port MAC Addresses Learned Layer-3 Port: Routing Port Switched Virtual Interface: VLAN Virtual Interface Not for All Environments: Limited to Ethernet Ports/Interfaces Limited to OSPF and RIP Protocols 83

84 When to Route When to Switch? Router Broadcast Domain 1000-Full Full Broadcast Domain 10 Half 100 Full 1000 Full 100 Full 100 Full 1000 Full Switch 10 - Half Route to Limit a Broadcast Domain or Provide Interoperability Between Networks Collision Domain Hub Switch to Create a Zero Collision Domain 10 Half 10 Half 10 Half 100 Full Capable

85 Data Flow Focus: Layer 4 TCP and UDP Transport 85

86 TCP Basics Transmission Control Protocol RFC 675 and later v4 in RFC 793 Connection Oriented Protocol Connection Establishment Segmentation & Sequencing Acknowledgement Flow Control or Windowing Guaranteed Or Reliable Data Delivery Acknowledgment of Packet Receipt Retransmission Occurs if Packet Not Received High Overhead Requires Establishment of a Session TCP Windowing Feature Dynamic Window Sizing Slow-Start 86

87 TCP 3-Way Handshake Host 1 Host 2 Host 1 Initiates Connection to Host 2 Host 2 Responds With Acknowledgement Plus Sends It s Own Synchronization Message to Host 1 SYN SYN + ACK ACK Host 1 Sends Synchronize Message to Host 2 Host 1 Completes the 3-Way Handshake By Sending Acknowledgement to Host 2 87

88 UDP Basics User Datagram Protocol RFC 768 Connectionless Protocol Simple or Lightweight, but Inherently Unreliable Best Effort Data Delivery Low Overhead, Thus Low Latency Why Use? Required for Real-Time Applications: VOIP or Video Over IP or Voice Over IP AOIP or Audio Over IP Latency More Detrimental Than Data Loss 88

89 UDP Session Network SYN ACK SYN + ACK TCP Used to Establish UDP Session Data Data Data Data Data Time 89

90 TCP vs UDP TCP Connection Oriented Guaranteed Delivery Acknowledgments Sent Reliable, But Higher Latency Segments & Sequences Data Resends Dropped Segments Provides Flow Control Performs CRC Uses Port Numbers for Multiplexing UDP Connectionless Not Guaranteed No Acknowledgements Unreliable, But Low Latency No Sequencing No Retransmission No Flow Control Performs CRC Uses Port Numbers for Multiplexing 90

91 Building a Segmented IP Network Infrastructure 91

92 Hubs, Switches, & Routers Hub Layer 1 Device Acts as a Repeater - All Incoming Frame FWD Out Every Other Port Half-Duplex Based CSMA/CD Algorithm Controlled No Intelligence Collision & Broadcast Domain Across All Ports Switch Layer 2 Device Originally Called Forwarding - Then Bridging - Now Called Switching Full Duplex Based Intelligence Based Selectively Forwards Frame to a Port Each Port is a Collision Domain (assuming one device per port) Each Switch is Within a Broadcast Domain Router Layer 3 Device Forwards Packets Between Different Networks Creates Broadcast Domains Each Interface is a Broadcast Domain X 92

93 The Legacy Flat Network /25 A Single Broadcast Domain 93

94 The Hierarchical Network /25 Organize By: Policy Regulation Security Performance 94

95 ISP S1 S /25 FE 0 Network: Broadcast: Useable Range (126 hosts): FE 1 FE 0 FE3 FE 2 S0 S1 S2 35 Hosts Sales 17 Hosts Engineering 27 Hosts Production VLAN 1 VLAN 2 VLAN 3 95

96

97 VLAN 1 Subnet Number: Subnet Mask: First IP Address: Last IP Address: Broadcast IP Address: VLAN 2 Subnet Number: Subnet Mask: First IP Address: Last IP Address: Broadcast IP Address: / / /26 VLAN 3 Subnet Number: Subnet Mask: First IP Address: Last IP Address: Broadcast IP Address:

98

99 Bonus Topics: IPv6 & QoS 99

100 IPv6 Address Space IETF - RFC 2460 IPv6 Provides Expanded IP Address Space = 340,282,366,920,938,463,463,374,607,431,768,211,456 (three hundred forty UNDECILLION addresses) 3.4 x But, IPv6 is More Than Expanded Address Space: An Opportunity to Re-Engineer IPv4 Improved Support for Multicasting, Security, & Mobile Aps Multiple Addresses per Interface Host Auto-Configuration Capability Security Incorporated MTU Discovery Incorporated Traffic Engineering Provisions Incorporate

101 The IPv6 Address 128-Bit Address Binary Format: Subdivide Into Eight (8) 16-bit Groups: Convert Each 16-bit Group to Hexadecimal: (separate with a colon) 2607:b800:0faa:0003:2195:9887:bc48:28f1 2607:b800:faa:3:2195:9887:bc48:28f1

102 Address Summarization 128-Bit Address Represented as a 32 Hexadecimal Digits Subdivided Into Eight Groups (Chunks, Quads, Quartets) of Four Hexadecimal Digits (separated by colon) 2001:0000:0000:0000:0DB8:8000:200C:417A or 2001:0:0:0:DB8:8000:200C:417A or 2001::DB8:8000:200C:417A

103 Routed vs Host portion Every IPv6 Address is Divided Into: Routed Portion Host Portion The Block Size To-Be-Routed Specified by the Mask The Host Portion is the Interface Identifier 128 bits Network Portion Host Portion Provider Site 0x001 IANA Allocated Global Routing Prefix SLA (Subnet ID) Interface ID 3 bits 45 bits 16 bits 64 bits EXAMPLE: Global Unicast Address Format (Aggregatable & Routable)

104 IPv6 Address Mask Every IPv6 Address is Divided Into Routed Portion & Host Portion Mask Specifies the Block Size To-Be-Routed IPv4 Classful Addressing Network Subnet Host Classful Network + Subnet IPv4 Classless Addressing Prefix Prefix Length Host IPv6l Addressing Prefix Host (Interface ID) Prefix Length 128 bits Network Portion Host Portion Provider Site 0x001 IANA Allocated Global Routing Prefix SLA (Subnet ID) Interface ID 3 bits 45 bits 16 bits 64 bits EXAMPLE: Global Unicast Address Format (Aggregatable & Routable)

105 What Happened to Version 5 or IPv5 of the Internet Protocol? IPv5 Simply Does Not Exist! Version 5 was intentionally skipped to avoid confusion, or at least to rectify it. The problem with version 5 relates to an experimental TCP/IP protocol called the Internet Stream Protocol, Version 2, originally defined in RFC This protocol was originally seen by some as being a peer of IP at the Internet Layer in the TCP/IP architecture and these packets were assigned IP version 5 to differentiate them from normal IPv4 packets. This protocol never went anywhere, but to be absolutely sure that there would be no confusion, version 5 was skipped over in favor of version 6.

106 IPv4 and IPv6 IPv4 Developed: Deployed: or 4.3 Billion Addresses More Than Anyone Could Possibly Use Address Based Assignment Unit /32 IPv6 Developed: mid 1990 s Deployed: or 340 Undecillion Addresses More Than Anyone Could Possibly Use Network Based Assignment Unit /64

107 Vinton Cerf One of the Fathers of the Internet "Who the hell knew how much address space we needed for an experiment? The experiment has not ended Vint Cerf comments on his & colleagues 1977 decision to use 32-bit IP Numbers

108 An Ipv6 Address You Can Remember The IPv6 Loopback Address ::1 Summarized from: 0000:0000:0000:0000:0000:0000:0000:0001

109 Quality of Service QoS Why QoS? All IP Packets Are Created Equal, But The Application Data Contained Within an IP Packet May Not Be. Q0S Allows Network Traffic to Be Prioritized Based Upon the Application Streaming Media (Audio over IP Video Over IP) IP Telephony (Voice over IP) Real-Time Control (automation control) Mission Critical Applications 109

110 Why is QoS Important? Why is QoS Important for Broadcasters? Broadcasters Handle Real Time Media Create It, Manipulate It, Distribute It Network Factors Impacting Quality of Experience (QoE): Throughput or Bandwidth Errors Dropped Packets or Packet Loss Latency Jitter Packet Delivery Out-of-Order 110

111 Implementing QoS Implementing QoS VLAN Implementation Bandwidth Over Provisioning Traffic Shaping DiffServ Implementation Mark Packets According to Type of Service Assigned to Multiple Queues Queue Scheduling Algorithms: Techniques Raise or Lower Queue Priority PQ Priority Queuing WFQ - Weighted Fair Queuing Class Based Weighted Fair Queuing WRR Weighted Round Robin HFSC Hierarchical Fair Service Curve General IP Traffic Prioritized Traffic Guaranteed Applications BEST EFFORT DIFFERENTIATED GUARANTEED The Network 111

112 End To End QoS LAN QoS Network QoS LAN QoS End End QoS 112

113 Implementing QoS TOTAL BANDWIDTH Provider Service Levels SQL Data Packets Video over IP (VoIP) Data Packets Preminum Platinum http / SMTP / POP Data Packets Audio over IP (AoIP) Data Packets ICMP Data Packets Scavenger Data Packets Gold Bronze Silver Best Effort Implementation Architecture Packet Type Identification & Marking Network Element Provisioning End-End Policy Management 113

114 Takeaways Questions Maybe Some Answers 114

115 Takeaway Points Hierarchical or Segmented Networks Are Desirable! Network Traffic May Be Isolated Because of: Policy Regulations Security Performance VLANs Allow a Common Physical Infrastructure to Support Multiple Isolated Networks Each VLAN is an Isolated Network or Subnet and is a Broadcast Domain With a Unique IP Address Scheme Physical Addressing Provided by Layer 2 MAC Address Ethernet Switches Eliminate or Minimize Collision Domains Virtual Addressing Provided by Layer 3 IP Address IP Routers Create Broadcast Domains An IP Address Has 2-Parts: Network Address & Host Address The IP Address Mask Determines the Network Address Host Address Separation Remember Block Sizes When Addressing The Power of 2 n 115

116 Application Presentation Session Layer 2 Device Layer 3 Device Layer 2 Device Application Presentation Session Transport Transport Network Network Network Network Data Link Data Link Data Link Data Link Data Link Data Link Data Link Data Link Physical Physical Physical Physical Physical Physical Physical Physical 116

117 Don t Forget Security! Insure User Switch Ports Are Set as Access or Non-Trunking Disable Any Un-Used Switch Ports Place Unused Ports in a Non-Used Black Hole VLAN Never Used VLAN 1 Create a Secure Management Environment: SSH Access (Secure Shell) OUB Access (Out of Band) Use ACLs (Access Control Lists) Change Default Logins Disable Services Not Required Understand & Know Your Network Baseline Utilize Switch Port Security 117

118 Knowledge & Expertise Where Do You Fit? Source: Simon Wardley (2008) 118

119 There is More to Know! A Few Areas I Have Not Mentioned Today.. IP System Protocols Firewall Implementation Security Best Practices Implementing QoS IP Multicast MPLS TCP/IP In More Depth Sequencing, Windowing Ethernet Switching in More Depth Spanning Tree Routing in More Depth Access Control Lists ACL IPv6 In More Depth Implementation Approaches 119

120 120

121 My Favorite Reference Sources: IEEE Ethernet References: IETF Resources: RFC References: MAC OUI Look-Up: IPv4 Address Block Size: Cisco Oriented Guides: Subnetting Chart: On-Line Subnet Calculator: The Mask IOS Subnet Calculator: 121

122 My Favorite Reference Texts: 122

123 SBE Networking Certifications CBNT Certified Broadcast Networking Technician This certification is designed for persons who wish to demonstrate a basic familiarity with networking hardware as utilized in business and audio/video applications in broadcast facilities. Exam Focus: Network topologies and layouts Common network protocols Wiring standards and practices Maintenance, troubleshooting and connectivity issues Challenges unique to broadcastbased networks CBNE Certified Broadcast Networking Engineer This certification is an Advanced level that reflects the skill and knowledge that will be required in today's world of converged IT and broadcast engineering. Exam Focus: Audio/Video over IP Digital Content Management Video Systems in an IT World Data Transmission Systems General IT Hardware 123

124 ? Questions? Thank You for Attending! Wayne M. Pecena Texas A&M University