Architecting the Network Part 2

Similar documents
Chapter 3 LAN Configuration

Virtual Private Networks (VPNs)

Chapter 7 LAN Configuration

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Provisioning Flows Topics

ISP and IXP Design. Point of Presence Topologies. ISP Network Design. PoP Topologies. Modular PoP Design. PoP Design INET 2000 NTW

Virtual private networks

Antelope Consulting FINAL, JULY Appendix K: Glossary

Hands-On TCP/IP Networking

Cisco Technologies, Routers, and Switches p. 1 Introduction p. 2 The OSI Model p. 2 The TCP/IP Model, the DoD Model, or the Internet Model p.

Chapter 3 LAN Configuration

IP & DCN Planning for Microwave Networks

Statewide WAN + Remote Dial-in connectivity

THE MPLS JOURNEY FROM CONNECTIVITY TO FULL SERVICE NETWORKS. Sangeeta Anand Vice President Product Management Cisco Systems.

PPPoA Baseline Architecture

RIPv2. Routing Protocols and Concepts Chapter 7. ITE PC v4.0 Chapter Cisco Systems, Inc. All rights reserved. Cisco Public

Unifying the Distributed Enterprise with MPLS Mesh

CISCO Certified Network Associate (CCNAX)

Automating VPN Management

Internet. 1) Internet basic technology (overview) 3) Quality of Service (QoS) aspects

A Flexible Model for Resource Management in Virtual Private Networks. Presenter: Huang, Rigao Kang, Yuefang

isco Cisco PPPoE Baseline Architecture for the Cisco UAC

AT&T SD-WAN Network Based service quick start guide

Service Description Safecom Customer Connection Version 3.5

Introduction to IP Routing. Geoff Huston

Case Study A Service Provider s Road to IPv6

Configuring Redundant Routing on the VPN 3000 Concentrator

Small additions by Dr. Enis Karaarslan, Purdue - Aaron Jarvis (Network Engineer)

L2F Case Study Overview

Cisco PPPoE Baseline Architecture for the Cisco UAC 6400

Top-Down Network Design

OUR CUSTOMER TERMS M2M VPN SOLUTION

NT1210 Introduction to Networking. Unit 9:

aaa max-sessions maximum-number-of-sessions The default value for aaa max-sessions command is platform dependent. Release 15.0(1)M.

Cisco 5921 Embedded Services Router

H3C AR18 Series Branch Access Routers Introduction. Date: Security Level: Normal H3C Technologies Co., Limited.

DHCP Overview. Information About DHCP. DHCP Overview

Spectrum Enterprise SIP Trunking Service Vertical TM Wave IP500TM / Wave IP2500 TM Release 4.0, 4.5 IP PBX Configuration Guide

So Your Customer Wants a VPN. Howard C. Berkowitz

Intranets and Virtual Private Networks (VPNs)

WAN Edge MPLSoL2 Service

Routing on the Internet! Hierarchical Routing! The NSFNet 1989! Aggregate routers into regions of autonomous systems (AS)!

Wide Area Networking Technologies

Identify the features of network and client operating systems (Windows, NetWare, Linux, Mac OS)

Implementing Hub and Spoke topologies in Virtual Private Network using Enhanced Interior Gateway Routing Protocol

Routing. Jens A Andersson Communication Systems

Q-Balancer Range FAQ The Q-Balance LB Series General Sales FAQ

Network Services. Geoff HUSTON

TCP/IP Networking. Training Details. About Training. About Training. What You'll Learn. Training Time : 9 Hours. Capacity : 12

Remote Access MPLS-VPNs

Texas Health Resources

Scope and Sequence: CCNA Discovery v4.0

QUESTION: 1 You have been asked to establish a design that will allow your company to migrate from a WAN service to a Layer 3 VPN service. In your des

Interconnection and Roaming

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

WT-2000R Turbo-G Broadband Router

Cisco 5921 Embedded Services Router

Patrick Grossetete Cisco Systems Cisco IOS IPv6 Product Manager 2003, Cisco Systems, Inc. All rights reserved.

MPLS in the DCN. Introduction CHAPTER

Course: CCNA Bootcamp (Intensive CCNA)

Agenda. Networking Intro MPLS Tech MPBN WAN MPBN Functionality Security Monitoring

IT220 Network Standards & Protocols. Unit 9: Chapter 9 The Internet

Routing Unicast routing protocols

BGP Case Studies. ISP Workshops

CCNA Exploration Network Fundamentals

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Platform Leaders in Broadband Aggregation

Implementing Cisco IP Routing (ROUTE)

Secure VPNs for Enterprise Networks

Cisco Certified Network Associate ( )

Introduction to Segment Routing

User Guide IP Connect CSD

IP Routing & Bridging

Introduction to BGP ISP/IXP Workshops

Internet Connectivity in LDCs. Bram Dov Abramson

internet technologies and standards

PassReview. PassReview - IT Certification Exams Pass Review

Remote Connectivity for SAP Solutions over the Internet Technical Specification

VoIP / RoIP for Technicians

Note on. Alternative of BRI Connection For MAX-NG subscriber

Vigor2900 Series Broadband Security Router Highly integrated broadband security router, combining high-speed routing technology with a comprehensive

Aggregate Load Balance with BGP and MPLS MUM ID Oktober 2018 Yogyakarta, Indonesia

Fundamental Issues. System Models and Networking Chapter 2,3. System Models. Architectural Model. Middleware. Bina Ramamurthy

MPLS VPN Half-Duplex VRF

Huawei GB Design Enterprise-level Networks. Download Full Version :

2001, Cisco Systems, Inc. All rights reserved. Copyright 2001, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.

CCE1030 Computer Networking

Deployments and Network Topologies

Wireless a CPE User Manual

Internet Routing Protocols Lecture 01 & 02


NetPro. from Wireless Logic. Available on a per SIM license basis. No CAPEX. Retain your Airtime Contracts with your existing providers

Digital Advisory Services Professional Service Description SIP IP Trunk with Field Trial for Legacy PBX Model

CCNA Routing and Switching (NI )

Module Overview. works Identify NAP enforcement options Identify scenarios for NAP usage

Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model

Routing Basics ISP/IXP Workshops

Contact Center SIP Migration SYNERGY DRIVES SUCCESS

Configuring Security on the GGSN

IP Core Expertise From WireIE

Transcription:

Architecting the Network Part 2 Geoff Huston Chief Scientist, Internet Telstra ISOC Workshop

Abstract Design Router Interface design model Peer Network Interface Network Infrastructure Client Interface

The Client Interface

The Client Interface Single Homed Clients Permanently connected clients using any one of: leased line radio link permanent modem connection Client uses single service provider who offers the client a "default" network service Client's networks are advertised to the Internet exclusively via the provider

The Client Interface Clear demarcation of boundary between client and network is required for consistency of service Single demarcation model is required for the network to ensure manageability and operability. The network service should never transit a client network

The Client Interface The POP Access Model Client is responsible for CPE router and tail loop Network Provider provides router attachment points at a number of locations Network Boundary located at POP interface

The Client Interface The Comprehensive Service Model Network provider installs and operates CPE router and tail loop Network provider attaches to client LAN Network Boundary located at LAN attachment point

The Client Interface The Confused Model Network Provider installs tail loop Network Provider installs router interface card in client router Client and network provider operate client router simultaneously

The Client Interface POP or end-to-end service model depends on: telco bulk purchase tariff discounting router vendor bulk purchase discounting staff availability client expertise levels defined service level Client Site service model is preferable from a commercial perspective

The Client Interface You can do both POP and end-to-end as long as all routing integrity is maintained within the POP locations for all clients The integrity of the system is maintained within a set of "core" routers

The Client Interface The client has a network with some IP addresses You operate a network with some IP addresses How do you join these two networks together at the IP level? This is a ROUTING problem

The Client Interface Routing Filters Network POP Router Tail Loop Client Site Router Host Access Filters Firewall Filters Service Definition Filters Client Network

The Client Interface Choice of client boundary routing protocol Use of RIP as Network / client boundary routing protocol? simple widely implemented NOT applicable in all cases no support for classless address exchange

The Client Interface Choice of client boundary routing protocol Use of RIPv2 as Network / client boundary routing protocol? simple not yet widely implemented NOT applicable in all cases no support for classless address exchange

The Client Interface Choice of client boundary routing protocol Use of STATIC ROUTES as Network / client boundary routing protocol? simple widely implemented can support classless address advertisements requires careful design to scale cannot support dynamic multi-homed connections

The Client Interface Choice of client boundary routing protocol Use of Classless Client boundary routing protocol? EIGRP - proprietary B-F Distance Vector OSPF - IETF Std Link State RIPV2 - IETF Std B-F Distance Vector BGP4 - IETF Std Inter Domain Routing Protocol Issue of clean separation between interior routing environment and client boundary routing environment may dictate use of BGP4

The Client Interface A proposed client interface routing architecture use static routes for all singly homed clients use statics of specifics plus aggregates for multiple connections to the same provider use BGP4 for multiply homed clients using multiple providers

The Client Interface 150.10.0.0 Static routing (plus sink) single connection 0.0.0.0 (default) ip route 150.10.0.0 255.255.0.0 serial1 ip route 150.10.0.0 255.255.0.0 loopback0 230 Client Network 150.10.0.0

The Client Interface Dynamic Routing Guidelines Use of inbound routing filters to preserve network integrity prevent client advertising bogus routes preserve integrity of client network

The Client Interface Dynamic Routing Guidelines Use of outbound static default route to simplify client routing stability of presented service simplicity of presented service client sees only an external default path

The Client Interface 150.10.0.0 Dynamic routing single connection 0.0.0.0 (default) Input Routing Filter 150.10.0.0 all else RIP 150.10.0.0 Client Network

The Client Connection Routers provide: security capability management capability routing management traffic management service management efficiency integration

The Client Connection SLIP / PPP implementations in hosts cheap! Capital price differential between hosts and router is small Operating cost is higher using hosts as routers use as single end host access system

Routing to the Client Multiple client interfaces split of client and provider network - multiple default paths asymmetric routes can be generated client network internal breakage causes black hole routing requires careful management and clear understanding of the routing issues need to use CIDR routing to best advantage!

Routing to the Client Multiple providers Only one provider can provide "default" other connected providers must resort to explicit provision of routes to enumerated networks All providers must ensure that the client is not used as a transit facility through explicit route management on the part of all providers

Distributed Client support Virtual Private Network architecture issues VPNs via filtering - unwise! VPNs via tunnelling VPNs via MPLS

Variations Address translation technologies at the interface Combined firewall / routing interfaces Encryption at the interface

Dial Access

Dial Access Management PSTN dial access ISDN dial access Support issues are similar: user authentication and user access profile accounting and billing records infrastructure support for intermittent access

Dial Access Components Dial Access Server Radius Servers Client Device Service Provider Network Mail, News servers

Access Mechanisms Modem banks entry level for small ISPs high management cost ISDN Primary Rate access higher cost more reliable high manageability smaller size and power budget combine PSTN and ISDN service requirements

Authenticating the User PPP component of link setup pass authentication details to access server access server consults Radius servers Radius server providers answer: no / yes with profile loaded into access server Session accounting enabled Radius Accounting provides per session accounting at session termination

User Accounting Collect session accounting record: user identification location of session service (server and port) start time duration session termination reason volume counters IP address assigned for session

Address Management Address Pools configured per ISDN PRI port Dynamic address assignment per session this has service implications, as the client cannot assume a permanent name / address association Client LAN connection is not readily supported dynamic route filter loading is required

Client Services Required Services Mail server POP access and account management Proxy Domain name services NEWS browser access WEB server access

Other Services Other services WEB proxy systems News servers ftp servers game servers...

Dial Access Services Service Intensive Environment The Helpdesk is the major cost component of a dial access service Highly Competitive Environment Small startup capital costs for new players Linking of equipment retail with access service High service margins are now a myth

Dial Access Directions commodity low margin market virtual dial pops via L2 tunneling from CO telco port banks QoS on dial access

Other Access Models Cable shared infrastructure speed matching third party ISP access voice / data integration integration with CATV rollout

Other Access Models xdsl non-uniform service model speed matching third party ISP access PSTN impact CATV impact IP infrastructure impact use existing copper infrastructure

Other Access Models wireless spread spectrum, packet radio, GSM data high utility model limited spectrum availability limited coverage with LOS earth facilities limited available bandwidth But no wires!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback