DOCSLIB.ORG

01 Myhre.Qxp

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
01 Myhre.Qxp ONE Using Cisco for Remote Access In This Chapter As technology increases in importance to businesses, wide area network (WAN) connectivity becomes a pri- N Overview of WAN mary factor in implementing business practices. WANs Connections are used to connect multiple sites together with a N WAN Considerations medium that can carry data over longer distance than N Product Selection is possible with local area network (LAN) technology. As businesses expand to new geographic regions, thereby becoming more competitive in the market- place, the types of connectivity through WANs can dif- fer greatly. In this chapter we will examine the differ- ent types of WANs that can be used and the consid- erations a business (or consultant) must make to effectively choose the right type. Overview of WAN Connections Although connecting all users to a LAN is ideal because of the high speed and low cost, it is impractical to do so across large distances. These distances can be as close as an office 1 2 Chapter 1 • Using Cisco for Remote Access across the street or as far as an international branch office halfway around the world. These distances require us to examine the types of WANs that are available. For each type, we must keep in mind • Availability: Is the technology available in the area? • Bandwidth: How much do we need, and how much do we get for that type of WAN connection? • Cost: Is there a cheaper connection type that still takes into account future growth? • Ease of management: Is the initial configuration as well as normal oper- ation easy or difficult to maintain? • Quality of Service (QoS): How critical is the actual data itself, and is there a way to ensure low or no data loss with this WAN type? • Security: What measures need to be in place to provide security of com- pany data, while still allowing users and customers to access the data they need? • Reliability: Is the WAN link a critical link, and do we need an addition- al link in the event of failure? • Application traffic: What is the primary type of data being sent across the WAN, and can this WAN handle that type? Connection Types WAN connections can be broken down into three different types, depending on how they carry data: dedicated, circuit-switched, and packet-switched. We will examine each quickly and describe the different types of protocols that each type can provide. We will examine many of these protocols in detail throughout the rest of the book. DEDICATED CONNECTIONS • The first type of connection is a dedicated con- nection that is used to provide full connectivity between two sites in a point- to-point fashion. Also known as a leased line, this type of connection is pur- chased from the telephone company (telco) and uses a permanent path through the telco’s infrastructure, from one site to another (Figure 1-1). There is no call setup and teardown, which means the circuit is always available. Since the company owns the line, it has full use of the bandwidth, whether it is used or not. The speed of the link can range up to a T3, which is approximately 45 Mbps. If the company is underutilizing that bandwidth, then the cost of the dedicated line is high. The cost of the line can also be too great, even if the bandwidth is being properly used, due to distance limita- tions. As the distance increases and the possibility of crossing geographic (and telco) boundaries appears, the price increases. Therefore, these lines tend to be best used in short distances with a higher volume of traffic or a steady flow of traffic. Overview of WAN Connectors 3 CSU/DSU CSU/DSU FIGURE 1-1 Dedicated connection using CSU/DSU. This type of connection is usually done with a synchronous serial type of connection. Cisco supports this type with virtually all of their routers, using one or more different types of synchronous serial connections, including • EIA/TIA-232 • V.35 • X.21 • EIA/TIA-449 • X.21 • EIA-530 • HSSI CIRCUIT-SWITCHED CONNECTIONS • There are two types of circuit-switched connections available: asynchronous and ISDN (Integrated Services Digital Network). In both cases the circuit, or dedicated path, is created when the call is initiated to the remote site and the circuit is destroyed when the call ends. The best example of a circuit-switched network is the Public Switched Telephone Network (PSTN) that we use every day in our lives. Asynchronous circuits for data transfer are accomplished through a modem and the use of the telephone network (Figure 1-2). Since telephones exist in virtually every city in the world, connecting to remote sites is always a possibility. While the cost of the telephone service is very cheap when com- pared to other types of WAN connections, the real limiting factor is the small bandwidth that is available. Depending on the setup of the connection, the best that can be accomplished is 56 Kbps. Because of this, this type of con- nection is best used when other WAN types are not available, small amounts of data are exchanged, or cost is a primary issue. ISDN has two flavors that are used for WAN connections. The first is Basic Rate Interface (BRI) and has a maximum bandwidth of 128 Kbps. This is at 4 Chapter 1 • Using Cisco for Remote Access FIGURE 1-2 Circuit-switched through provider, using modems. least twice as fast as a modem, and the call setup and teardown are much quicker. In addition, having a BRI connection not only allows for data transfer, but analog voice can be used at the same time to cut phone costs to remote sites. BRI tends to be more expensive than asynchronous calls and has limited availability, although ISDN is becoming more available throughout the U.S. The second type of ISDN is known as Primary Rate Interface (PRI) and can reach speeds up to 2 Mbps. This type of WAN connection is ideal for com- bining multiple BRI channels and asynchronous calls into the same router, using only one physical interface. There is one other potential use for both asynchronous and BRI net- works. In the event that a primary link fails, they may act as a backup link to ensure connectivity. PACKET-SWITCHED CONNECTIONS • Packet-switching (Figure 1-3) is a method where two or more sites are connected through a shared network, typically called a cloud. By shared network, we mean that more than one company has access to the cloud. Remote sites are connected via a virtual circuit (VC) that allows data to traverse the cloud and arrive at the correct location. Within the cloud, each packet can take a different path to reach the final destination. Because the data travels through a shared cloud, the cost tends to be lower than the same bandwidth used for a dedicated line. Packet switching can be considered the common ground between ded- icated lines and circuit-switched. Although usually more expensive and not as freely available as circuit-switched networks, the additional bandwidth (up to T1 speeds) makes it an attractive alternative. Also, it is cheaper over longer distances than dedicated lines, which again makes it a nice alternative. Overview of WAN Connectors 5 FIGURE 1-3 Packet switching using provider cloud such as Frame relay. Protocols Used on WANs There are many different types of protocols used throughout the world, depending on location, type of WAN, and administrator knowledge. These protocols all operate at layer 2 (at least) of the OSI model (data-link layer). We will briefly review them here, and other chapters will dedicate more dis- cussion to the more common of them. POINT-TO-POINT PROTOCOL (PPP) • PPP is used with both dedicated lines and circuit-switched networks. It is a standard protocol that vendors can use to interoperate their equipment with other vendors. In addition, PPP supports multiple network layer protocols such as TCP/IP and IPX/SPX, as well as authentication and compression mechanisms. Because PPP is such a versatile protocol, we will examine it more thoroughly in later chapters. SERIAL LINE INTERNET PROTOCOL (SLIP) • One of the earliest protocols used in point-to-point connections, SLIP is being phased out due to some of its seri- ous drawbacks. These drawbacks include support only for TCP/IP and lack of security. SLIP can be used over dedicated and circuit-switched networks. We will not examine SLIP in this book. HIGH-LEVEL DATA LINK CONTROL (HDLC) • Although HDLC is a standard, the limiting factor of that standard is the support for only a single protocol. Because of this, Cisco has modified it to support multiple protocols over point-to-point links. This is the default encapsulation protocol on serial links with Cisco routers. Because of this modification, though, Cisco products may not interoperate with other vendors’ equipment. In this situation, PPP is the better protocol. HDLC is supported over dedicated lines, but not over circuit- switched or packet-switched networks. HDLC is a simple protocol, and there- fore we will not examine it in much more detail in this book. 6 Chapter 1 • Using Cisco for Remote Access FRAME RELAY (FR) • Frame Relay was a protocol derived from ISDN speci- fications and has evolved to become the dominant layer 2 protocol over packet-switched networks. As a standard, it has become widely available throughout the United States and many other parts of the world. Frame Relay is a protocol that should be thoroughly understood, and so we will examine it in later chapters. X.25 • X.25 protocol is an older protocol that can still be found throughout the world.
Load more

Recommended publications
  • Multimedia, Internet, On-Line
    Section IV: Multimedia, the Internet, and On-Line Services High-End Digital Video Applications Larry Amiot Electronic and Computing Technologies Division Argonne National Laboratory The emphasis of this paper is on the high-end applications Internet and Intranet that are driving digital video. The research with which I am involved at Argonne National Laboratory is not done on dig- The packet video networks which currently support many ital video per se, but rather on how the research applications applications such as file transfer, Mbone video (talking at the laboratory drive its requirements for digital video. The heads), and World Wide Web browsing are limiting for high- paper will define what digital video is, what some of its com- quality video because of the low throughput one can achieve ponents are, and then discuss a few applications that are dri- via the Internet or intranets. Examples of national packet ving the development of these components. The focus will be switched networks developed in the last several years include on what digital video means to individuals in the research the National Science Foundation Network (NSFNet). The and education community. Department of Energy had its own network called ESNET, and the National Aeronautics and Space Administration The Digital Video Environment (NASA) had a network as well. Recently, the NSFNet was de- commissioned, and commercial interests are now starting to In 1996, a group of people from several universities in the fill that void. Research and education communities are find- Midwest and from Argonne formed a Video Working Group. ing, however, that this new commercial Internet is too re- This body tried to define the areas of digital video of impor- stricting and does not meet their throughput requirements; it tance to their institutions.
    [Show full text]
  • Point-To-Point Connections
    CHAPTER 3 Point-to-Point Connections Objectives Upon completion of this chapter ■ What are the fundamentals of point-to-point ■ How is a PPP session established? serial communications across a WAN? ■ How do you configure PPP encapsulation on ■ How do you configure HDLC encapsulation a point-to-point serial link? on a point-to-point serial link? ■ How do you configure PPP authentication ■ What are the benefits of using PPP over protocols? HDLC in a WAN? ■ How are the show and debug commands ■ What is the PPP layered architecture and the used to troubleshoot PPP? functions of LCP and NCP? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary. point-to-point connections page 80 primary station page 99 clock skew page 82 Cisco 7000 page 103 time-division multiplexing (TDM) page 85 trunk lines page 105 statistical time-division multiplexing Link Control Protocol (LCP) page 105 (STDM) page 85 Network Control Protocols (NCPs) page 105 data stream page 85 Novell IPX page 105 transmission link page 85 SNA Control Protocol page 105 demarcation point page 88 Password Authentication Protocol null modem page 91 (PAP) page 119 DS (digital signal level) page 94 Challenge Handshake Authentication Protocol (CHAP) page 119 E1 page 95 fragmentation page 119 E3 page 95 reassembly page 119 bit-oriented page 97 message digest 5 (MD5) page 130 Synchronous Data Link Control (SDLC) page 97 TACACS/TACACS+ page 135 004_9781587133329_ch03.indd4_9781587133329_ch03.indd 7799 33/13/14/13/14 22:56:56 AAMM 80 Connecting Networks Companion Guide Introduction (3.0.1.1) One of the most common types of WAN connections, especially in long-distance communications, is a point-to-point connection, also called a serial or leased line connection.
    [Show full text]
  • Section II WAN Physical and Data Link Circuits
    s Section II WAN Physical and Data Link Circuits Internet Access and Internetworking Remote Sites Each site to be internetworked over the public Internet will require a physical connection to the Internet through an Internet Service Provider (ISP). This section deals with the equipment, connection types and services offered. Setting up access will require that you choose an Internet service provider and obtain a circuit for network access that connects to your provider. In most cases, some equipment will need to be procured for each site. The typical components to internetworking are: Customer Premises Equipment (CPE) CPE devices include a router, firewall, and depending on the circuit, a bridge, multiplexer (MUX) or Channel Service Unit/Digital Service Unit (CSU/DSU). Typically the customer owns, installs and maintains the equipment at the customer site, though often the telecommunications carrier will lease the equipment to the customer as an option. CPE is located where the provider service enters the location and is termed the ‘Demarcation Point’. Telecommunications Company (Telecom Carrier) A Telecom Carrier may offer a variety of choices to the customer that suits different price and performance levels. The simplest is of course, dial-up analog. Most WAN circuit choices are digital such as DS-X, ATM, T-1, T-3, Frame Relay, ISDN-BRI, ISDN-PRI, DSL and Wireless. This circuit can either connect to another of your sites directly in a private network configuration, or it can connect through the Internet via an Internet Service Provider (ISP). The installed circuit is terminated at the customer site demarcation point and connects to the CPE.
    [Show full text]
  • Connecting to the WAN
    CHAPTER 2 Connecting to the WAN Objectives Upon completion of this chapter ■ What is the purpose of a WAN? ■ How do the link connection options available from private WAN infrastructures and public ■ How does a circuit-switched network differ WAN infrastructures differ? from a packet-switched network? ■ What questions should you answer when ■ How do service provider networks connect choosing a WAN link connection? to enterprise networks? Key Terms This chapter uses the following key terms. You can find the definitions in the glossary. service provider page 38 broadband modem page 48 digital subscriber line (DSL) page 40 channel service unit / data service unit (CSU/ DSU) page 48 Point-to-Point Protocol (PPP) page 45 circuit-switched network page 48 Frame Relay page 45 Integrated Services Digital Network Asynchronous Transfer Mode (ATM) (ISDN) page 49 page 45 packet-switched network (PSN) page 50 High-Level Data Link Control (HDLC) page 45 virtual circuit (VC) page 50 customer premises equipment (CPE) private WAN infrastructure page 51 page 46 public WAN infrastructure page 51 data communications equipment Synchronous Optical Networking (DCE) page 46 (SONET) page 52 data terminal equipment (DTE) page 46 Synchronous Digital Hierarchy (SDH) demarcation point page 46 page 52 local loop page 47 light-emitting diodes (LEDs) page 52 central office (CO) page 47 dense wavelength-division multiplexing (DWDM) page 53 toll network page 47 leased lines page 54 dialup modem page 47 Basic Rate Interface (BRI) page 57 access server page 48 003_9781587133329_ch02.indd3_9781587133329_ch02.indd
    [Show full text]
  • Master Thesis Electrical Engineering November, 2007
    Master thesis Electrical Engineering November, 2007. Security for Broadband Metropolitan and Wide Area Network at the Access Interface Level Abdulazeez Olayinka and Adenuga Kehinde Department of Electrical Engineering School of Engineering Blekinge institute of technology Se-371 79 karlskrona Sweden. 1 This thesis is submitted to the Department of Electrical Engineering, School of Engineering at Blekinge Institute of Technology in partial fulfillment of the requirements for the degree of Master of Science in Electrical Engineering. Contact Information: Author(s): Abdulazeez Olayinka E-mail: [email protected] Adenuga Kehinde E-mail: [email protected] Advisor: Adrian Popescu E-mail: [email protected] Department of Electrical Engineering. Department of Internet: www.bth.se/tek Electrical Engineering Phone: +46 455 38 50 00 School of Engineering Fax: +46 455 38 50 57 Blekinge institute of technology Se-371 79 karlskrona Sweden. 2 Abstract These thesis report deals with a range of secure high-speed networking over a metropolitan or wide area. Since this is quite active research area, a full report is given of the interfaces that thrive in removing the bandwidth burden from long distance networks. Only those with the status or potential of a standard are taking into consideration. Next, the position of security is evaluated. It is recommended that the access Interface enjoys certain advantages over the upper layers. Hence, the results of this work are directly applicable to virtually any layered communication architecture Amongst the security protocols that are available, the IEEE802.11 represents the only viable solution to have the CLS service properly secured. This protocol is designed for a different type of environment and the implications of this are known.
    [Show full text]
  • Internet and Intranet Administration
    Internet and Intranet Administration Course Designer and Acquisition Editor Centre for Information Technology and Engineering Manonmaniam Sundaranar University Tirunelveli Internet and Intranet Administration Centre for Information Technology and Engineering, Manonmaniam Sundaranar University CONTENTS Lecture 1 1 Internet Linking to the Internet Internet address Internet tools Information retrieval tools Communication tools Multimedia information tools Information search tools Lecture 2 12 Intranet Intranet Vs. Groupware Intranet Hardware Intranet Software Intranet Services Extranet Lecture 3 25 Internet server Web protocols Browser Future of internet and intranet Lecture 4 51 The evolution of TCP/IP The rise of the internet TCP/IP protocol architecture TCP/IP core protocols TCP/IP application interfaces Lecture 5 72 IP addressing Basic Address scheme Address classes Dotted-decimal notation Networking basics Host restrictions Subnets Domain name system Lecture 6 90 Subnet mask Subnetting Centre for Information Technology and Engineering, Manonmaniam Sundaranar University Variable length subnetting Supernetting and classless interdomain routing Public & private addresses Lecture 7 110 Internet protocol The ip header Address resolution Tcp source and destination port FTP Telnet Http Lecture 8 127 Network infrastructure Component of network infrastructure Ethernet Token ring Fiber distributed data interface Fast Ethernet Asymmetric digital subscriber line Lecture 9 147 ISP Need of ISP Basic connections Bulletin board systems Not-so-basic
    [Show full text]
  • 2003 Eligible Services List
    Eligible Services List Of the Schools and Libraries Support Mechanism Overall eligibility requirements for all categories of service: The Eligible Services List indicates whether specific products or services may be able to receive discounts under the Schools and Libraries Support Mechanism. If a product or service is not eligible under program rules, it is labeled “Not Eligible.” If no indication of ineligibility is provided, the product or service may be eligible, depending on details of its use.1 This version of the Eligible Services List is dated October 18, 2002. Items in Bold indicate a modification or clarification of product or service eligibility from the previous Eligible Services List of October 17, 2001. TELECOMMUNICATIONS SERVICES Eligibility Requirements for All Telecommunications Services: To be eligible for support, Telecommunications Services must be provided by an eligible telecommunications provider, that is, one who provides Telecommunications Service on a common carriage basis. A provider/carrier is providing services on a common carriage basis if it holds itself out to provide service generally to the public for a fee. A State commission may upon its own motion or upon request designate a common carrier that meets the requirements as set forth in the Communications Act of 1934, Section 214 {47 U.S.C. 214} (e) (2) Designation of Eligible Telecommunications Carriers. Telecommunications is defined as “the transmission, between or among points specified by the user, of information of the user’s choosing, without change in the form or content of the information as sent and received” [47 U.S.C. 153]. Eligibility in this category of service is for the procurement of Telecommunications Services, and not component purchases by applicants.
    [Show full text]