Network Topologies

Home , Network topology

Network Topologies

Table of Contents

Network Design and Architectures ...... 2

Network Topology...... 3

Bus ...... 7

Ring ...... 9

Bus ...... 11

Ring ...... 12

Dual-Ring ...... 13

Star ...... 14

Extended Star ...... 16

Mesh ...... 18

Wireless ...... 20

Notices ...... 22

Page 1 of 22 Network Design and Architectures

Network Design and Architectures

**004 So first we'll start with network design and architecture. This is an availability concept: How do we get these things in place, and what is reasonable? When you're attacking availability, what we usually talk about in the case of network design and architectures is, is the physical cable plant or devices protected? So you have to think about the tools that you would use at the physical layer to protect all of this cabling.

Don't think that you can shove some wires up into the ceiling and everything will be okay. Don't think that you can put one lock on the

Page 2 of 22 server room door and everything will be okay. You're going to have to apply defense-in-depth in order to protect these assets. It's not just one control.

Network Topology

Network topology defines a network’s layout • Affects security, scalability, resiliency to failure, and complexity Many different kinds of topologies exist, including hybrids Usually defined by physical parameters • Distance between buildings • Operating environment • Cost of cabling

**005 So let's start with topology. This is the network's layout. And we have to separate the physical layout from the logical layout. And also, by the way, in certain instances, the physical layout looks like one thing, but is entirely different.

There are limitations to our physical wiring plant and the distance from one node to another or from one hub

Page 3 of 22 or switch or router to another, and that's based upon basic physics. Sound can only travel down-- I mean, light can only travel down a particular piece of fiber before there's some sort of degradation of signal. Not because light has these properties, but because our ability to manufacture accurately-- well, it's not perfect. So light's perfect, but we're not. When we talk about copper cabling, when we're sending an electrical signal down the line, at this point we do have some physical limitations based on the concept of resistance, and we don't want to mess around with too much resistance, so what we do is we say, "Okay, we're only going to push across this piece of copper for this distance at this resistance," and then after that what we'll say is, "That's too long. Start over again. Add something into the mix." Which is nice, because we've got plenty of networking technologies that will actually help us to get further distances. We'll talk about the network technologies after the network topology.

So we have to know what the distance between our buildings is. That means that we work with our physical plant people. When we're going from building to building, we don't want to do things like hang the piece of copper out the window of one building and shoot it over to the other building, and leave that arc there-- which is also called a circuit-- for lightning to come by and strike.

Page 4 of 22 About 15 years ago, when I was working with a car dealership, they decided to put up a second building. And that's exactly what they did. They wanted to make the service department be able to communicate with the showroom floor department, and they actually ran a piece of conduit between two buildings. The buildings were three-story buildings, so they said, "Oh, well we won't have any problem with trucks rolling through here." It was three stories, and then they literally had a piece of conduit going from one building to another. I said, "You can't do it. You're going to be susceptible to lightning strikes." They go, "It's such a little tiny bit of copper." I said, "No, but you've turned this into a giant circuit, so now both of those buildings now become places to actually zap and then run between them." And what would happen-- and what happened to them-- was they put up these piece of conduit, and sure enough they got lightning strikes, and it would knock out their network over and over and over again.

By the way, when you do lightning strikes, on that you could also damage the equipment. So we've got to think about where this is going to be run.

Now, most of us don't have that problem. Most of us run within the physical context of a building and the building designers are smart enough to give us removable ceiling tiles and all the other good stuff that goes along with that.

Page 5 of 22 When you're dealing with cable installation, know the concepts, but know the people that you hire to actually do the physical wiring in the cable plant. They will know these constraints for you. So consult them before you set this stuff up. If you're inheriting somebody else's stuff, you need to make sure that the copper run is actually accurate and the correct length, and you should get somebody to come in and test that.

You can use all sorts of testing tools. One of the things that we use is a time domain reflectometer. That's a fancy way of saying copper-- you can send a signal down the copper and it will tell you exactly how long it is because of the repeat back.

Page 6 of 22 Bus

Bus

Logical layout Physical layout is usually a star Considerations • One node transmits, all receive (broadcast) • Only a single node can transmit at a time • Cable failure breaks the entire network • Addressed by link-layer encryption or different topology

**006 So first let's start with the simplest. And I used to, about five or six years ago, say, "Well, nobody uses a bus anymore-- a straight line layout. But what happens is you find out that the physical layout is usually a star, which means it goes from me to you-- that's still one continuous line-- and then it goes from me to you-- and that's the line again-- and from me to you-- so that's one piece of zigzagged infrastructure that comes back to a central location.

Well, why would it come back to me? I don't know what the answer is, but it may be that it can be physically laid out as a star.

Page 7 of 22 Where you see the bus topology still in play today in a lot of locations is with your local cable companies. They run that one big piece of copper all the way down the telephone poles, and then hang a node off the end. Your cable box that sits inside of your house is one of these nodes that we see here.

Now, we go back in history before that, and we talk about thin net and thick net. We actually used coax cable of different ohm ratings that would actually set up just like this for our computers. So, the end point for your house could theoretically be a computer. And in some cases, for telecom, it actually is, when it does things like splitting off the phone, and if you've got Voice Over IP. But that's still a bus architecture. It's one node that transmits, and all receive.

Now, the cable companies have put things in place to protect themselves from the fact that neighbors want to snoop on neighbors. That's an entirely different setup that's not our normal network that we pay attention to. But the problem is-- and the good thing is-- is that when one node transmits on a bus, all the other nodes hear all of the traffic. Makes it easy to communicate. But if we pile too many nodes onto that network and everybody's listening to everybody, what'll happen then? We'll get contention. We'll get packets crashing into each other. And therefore we want to limit the number of nodes on a particular bus when we're doing it from a networking standpoint.

Page 8 of 22 Now, when we try to do encryption here, we don't do it at the physical layer, we do it at a layer up, which will be discussed in the protocols.

Ring

Same physical and logical layout Commonly implemented as Token Ring network Considerations • One node transmits, all receive (broadcast) • Each node transmits in turn • Failure in a node affects the entire ring

**007 What about a ring?

I won't say, "Token Ring is dead." I won't say that anymore. But what I'll say is it's less used today. The great thing about ring topologies is that they don't have to actually be physically laid out like a ring, but they can be.

In older technologies, instead of a hub for a ring, what they use is

Page 9 of 22 something called a MAU, where the wire is actually run back to the centralized location, and then connected through a series of loops. The beautiful thing about ring is, is that each node on that particular network retransmits the signal, and so they're doing kind of double duty at that point.

Now, since it is a ring, it will go looping around that ring, and you'll have a token on that ring. When we get up to layer two, you'll have a way for everybody to know that it's their turn to talk or not. You don't do it in contention-based; you do it with a token, and whoever gets the token, or what we call the talking stick, can communicate that.

Now, here's the problem with ring, and it's almost the same problem as with bus, is that a single node that goes down on this network, since it's retransmitting, since every node retransmits, could make the entire network fail. Let's back up for a second and look at bus.

Page 10 of 22 Bus

Bus

**006 Now, a single node, if left disconnected could theoretically kill off the bus, but if you disconnect it properly-- in other words, you know it's not misbehaving. You say, "Oh, I'm going to take this computer off"-- then then bus will operate as planned.

Page 11 of 22 Ring

Ring

**007 In ring, if any one node dies and it's not properly terminated, basically pulling the cables away and connecting them on the end, then every node will die from then on out, because you need the ring to finish the topology.

Page 12 of 22 Dual-Ring

Dual-Ring

Same physical and logical layout Commonly implemented as Fiber Distributed Data Interface (FDDI) Considerations • High availability • Good failure protection

**008 Now, what you could do for redundancy purposes is you could create two rings, and those rings would be counter-rotating. So that's what's implemented in fiber- distributed data interface, or what we all call FIDI. Now, it's an excellent technology, but the thing is that it uses fiber-- there's a copper version, by the way. It uses fiber, so that's going to be more expensive. That gives us a higher availability, which is an excellent, excellent tool for when we are worried about cables being cut by mistake or problems that we run into. So we get a little failure protection there, but it is at a cost. Everything that has a redundancy or

Page 13 of 22 resiliency built into it actually costs us a little bit more.

Star

Physical layout Logical layout may be ring or bus Considerations • Failure in one node doesn’t affect the others • Failure of the central device will affect the others • Requires more cabling than bus

**009 Here we are. This is where we are. This is where we live today because of the way that the propagation of TCP/IP and the propagation of Ethernet as a concept and a conduct have basically made most of what we do today a star.

Physical layout is a star and you need a centralized location for your star. If any one of the nodes fails on the outside, it does not affect the network; only that node fails at that moment in time. But if the central

Page 14 of 22 node fails-- this could be a hub or a switch-- well then, all objects on the network cease to communicate through that piece of network.

The problem is that this is going to require a little bit more cabling than a bus, but the good news is that you could lose a node and everything would be just fine. You can keep on computing at that point. And we use the star topology today in most cases. We don't see it as a star, and if anybody out there does a lot of Cisco work, they talk about core distribution and access layer. Each one of those-- core distribution and access layers-- is actually one of these stars, only at the end of one of the stars then it will branch off again. And we call that a mesh. So that's the real name for it.

Page 15 of 22 Extended Star

Extended Star

Physical layout Logical layout may be ring or bus Commonly implemented in Ethernet network Considerations • Must have redundancy (multiple paths) • Core area usually contains servers • Outer nodes are usually workstations

**010 You could call it an extended star, which is common in most Ethernet networks, where we put a bunch of tools in the middle. So it's still physically-- physical layout is going to actually be this star layout; it's just kind of an extended star.

I always look at this and I say, "Oh, that looks like a mind map to me," because that's-- I'm used to doing mind maps. It's commonly implemented for all of our Ethernet networks, and one of the key considerations here is figuring out how to deal with and how to have multiple paths.

Page 16 of 22 Today's switching environments will allow us to communicate to a node through a separate switch, basically routing around failure within our network. What's great about that is now we've got redundant paths. What's great about that is now we can have the extra equipment. What's bad about that is it could be that we create a looping statement for a packet that doesn't know how to get to its destination and it bounces back and forth, so therefore we have to add brains into those switches to say, "I won't create these loops structures."

Now, in this extended star we don't see any looping structures, but I'm sure you can add in a couple more switches or look at one of your networks and say, "Ah, look. I've got switches communicating to switches and that switch talks back to the other switch. And so there's a potential for a loop." Well, when those potentials occur, the switching brains will help us out and we can actually talk to the switch and say, "Do you see any loops? If you do, use these particular protocols to stop that looping." Now, that protocol has to be smart enough-- and this is going up into layer two and layer three-- that protocol has to be smart enough to say that if there's a failure on a node, now we need that extra loop, and it kind of self-heals.

Page 17 of 22 Mesh

Mesh

Same logical and physical layout Full mesh – each device is connected to every other device Partial mesh – critical devices are interconnected Considerations • Expensive and complex due to cabling • Limited scalability • Very fault tolerant

Partial Full

**011 Mesh is kind of where we live today, because we connect multiple nodes to multiple networks in a lot of cases. Most of the time today we live in a partial mesh. Well, what's a full mesh? Well, every node is connected to every other node. That's what a mesh is all about. That's great for redundancy, because they can all communicate and they don't need a centralized repository.

The problem is, is that's incredibly expensive, because in our full mesh diagram that we have right here, notice how many network cards we would need in each machine in order to make them all communicate. We

Page 18 of 22 would need three in each machine. That could be very costly, and if you decided to add a fifth node, you'd have to add not just one more network card, but one more network card to every single device in this setup. So what we tend to use today are partial meshes, and we use them and we bolt in things like extra switches, redundancy on our switches. We also may even create wireless local loops.

So meshes happen today. Now, we're talking about physical layout here. When we get to the wireless side of things, we do talk about mesh happening all the time. Mesh is expensive. It has a limited scalability. But if you really need fault tolerance here, mesh is your person.

Page 19 of 22 Wireless

Wireless

Can achieve mesh topology by overlapping access points Usually supplement wired topologies due to flexibility Considerations • Usually cheaper than installing cable • Wireless traffic can be intercepted • Without controls, any node can use the wireless access point

**012 Ah, speaking of wireless. Well, wireless-- when we look at it, when we talk about the access point- - the access point is on some other network. One side of it connects to our physically wired network, and then the other side connects to all of those devices that are within range of it. So you could say that the other side, that's supplying service to the wireless clients, well, that's a star, because it's signaled back and forth.

Some people would say that this is a mesh, and what I would say is there are implementations of that, but that's not really-- that's not really what's going on there, because

Page 20 of 22 they're actually adding extra layers to it. So you may have an overlap in signal, and then you could call that a mesh at that point.

The great thing about wireless is that we don't have to run any wires. The bad thing about wireless is that since we don't have to run any wires, people can listen in on our conversation. Anytime we put any kind of wireless into the network, we realize that we could have a rogue node-- in other words, an evil laptop or an evil device actually connecting up to that-- and so we need to put in strong, heavy authentication mechanisms at that access point that works in conjunction with our overall authentication scheme.

Page 21 of 22 Notices

Notices

© 2015 Carnegie Mellon University This material is distributed by the Software Engineering Institute (SEI) only to course attendees for their own individual study. Except for the U.S. government purposes described below, this material SHALL NOT be reproduced or used in any other manner without requesting formal permission from the Software Engineering Institute at [email protected]. This material was created in the performance of Federal Government Contract Number FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. The U.S. government's rights to use, modify, reproduce, release, perform, display, or disclose this material are restricted by the Rights in Technical Data-Noncommercial Items clauses (DFAR 252-227.7013 and DFAR 252-227.7013 Alternate I) contained in the above identified contract. Any reproduction of this material or portions thereof marked with this legend must also reproduce the disclaimers contained on this slide. Although the rights granted by contract do not require course attendance to use this material for U.S. government purposes, the SEI recommends attendance to ensure proper understanding. THE MATERIAL IS PROVIDED ON AN “AS IS” BASIS, AND CARNEGIE MELLON DISCLAIMS ANY AND ALL WARRANTIES, IMPLIED OR OTHERWISE (INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, RESULTS OBTAINED FROM USE OF THE MATERIAL, MERCHANTABILITY, AND/OR NON-INFRINGEMENT). CERT ® is a registered mark owned by Carnegie Mellon University.

Page 22 of 22