Thursday, October 3, 2019
Wide Area Network (WAN)
Wide Area Network (WAN)    1. Abstract  WAN  Wide Area Network is a communication network that make use of existing technology to connect local area network into a larger working network which may cover both national and international location.  Wide Area Network allows a company to make use of common resources in order to operate, internal functions such as sales, production, development, marketing and accounting can be shared with authorized locations through this sort of network application. So thats why it is so important today.  In this paper, I am going to demonstrates the techniques required for computer network from technology, architecture, media, protocol and routing algorithm based on the OSI seven layer model.  2. Introduction  Bambi Co., Ltd. decided to implement a Wide Area Network between their two site in two different countries. As the network engineer of the company, is responsible to study, plan, design and implementation of a Wide Area Network for connecting two sites local area network. The requirement by the company that made the WAN a necessity are enumerated. The choice of WAN, hardware and the software is explained within the context of the needs of the company. Finally the benefits accruing to the company are identified and determined.  3. Company Background  Bambi Co., Ltd. has two sites located in two different countries. Site A, the main office which located in Hong Kong and Site B, a factory which located in Shenzhen, the mainland China.  In Site A, there are around 10 client workstations and Site B around 40 client workstations.  There are three servers located in Site A, they are the domain server, email server and content management server. Another domain server also located in Site B, it mainly provide the services for Shenzhen users.  4. User requirement  4.1 Functionality  On most of the users, their main concern is application available from the network. This including the following matters:  4.1.1 Fast response time  Response time is the time between entering a command or keystroke and the execution of the command deliver a response. For users on Bambi Co., Ltd. environment, response time is the response running application or access from/to the servers, transmission of information as well as access to Internet.  4.1.2 High throughput  The throughput environment on the company can be expected to be high. It can be expected that the throughput usage on the network will involve many users frequently access to the server and also to the Internet at same time.  4.2 Scalability  The WAN implementation is expected to be function for a minimum of 5 years without the needs of upgrade the network equipments or rewiring the horizontal or vertical cable.  4.3 Adaptability  The WAN implementation must be flexible enough to meet the demand of ever-growing needs of technologies when they become available. It might included with newer switching technology, more secure or faster router incorporating with new routing protocols and etc. Therefore, the WAN solution should be modular which allow added or swapped new network equipment with a minimum of network downtime.  4.4 Security  The information transfer must be protected through the WAN environment. This is very important as to prevent the company data from stolen from their competitors.  4.5 Manageability  The WAN implementation must be manageable and able to monitor by the network administrator.  4.6 Reliability  Reliability of the WAN is important. The WAN must include fault-tolerance function and elements to give the stability of the network to reduce any unnecessary network downtime.  5. WAN solution  5.1 Regional Private Network  Service Provider: Pacnet  Type: MPLS VPN  Bandwidth: 2Mbps  Description: Connect between Bambi Co., Ltd. Site A and B  5.1.1 Introducing of MPLS and architecture  MPLS stands for Multiprotocol Label Switching. It has been around for several years. It is standardized by IETF. (The Internet Engineering Task Force) Why multiprotocol? Since at the OSI 7 layer model, it operates between the layer 2 (Data Link Layer) and the layer 3 (Network Layer), so it often view as a 2.5 layer protocol.  Conventional data packets are routed based on IP address and other information in the header. MPLS simplifies the forwarding function by taking a total different approach by introducing a connection oriented mechanism inside the connectionless IP network. Label switching indicates that the packets switched are no longer IPv4 or IPv6 packets and even Layer 2 frames when switched, but they are labeled. Below showing the MPLS header format.  First 20-bits: Label value  20  22 bits: Three Experimental (EXP) bits, use for quality of service (QoS)  23 bit: Bottom of Stack (Bos) bit, 1 for bottom label, 0 otherwise  24 to 31 bits: Time To Live (TTL)  5.1.2 MPLS components and operation  MPLS network comprise the following elements:  Label Edge Router (LER): Router placed at the edge of the MPLS network  Label Switching Router (LSR): MPLS capable router  Label Switch Path (LSP): An ordered sequence of LSRs  Label Distribution Protocol (LDP): Set of procedures by which LSRs establish LSPs  In MPLS network, an optimal path is firstly determine and tag. When packets enter the MPLS network, the input router and switch uses the layer 3 header to assign the packets to one of this predetermine path. MPLS using a label stacking process to better handle the traffic. A label is attached to the end to end path information in the packet. The label together with the data packet as it cross the network. All other routers along the path use the label to determine the next hop address instead of the IP address. Since this device only operates on the information in the label, processor-intensive analysis and classification of the layer 3 header occur only at the entrance to the network. This remove much of the overhead used in the network and therefore, speed up the overall processing of data.  5.1.3 MPLS Protocols  MPLS use 2 protocols to establish the LSP, they are:  MPLS Routing protocol  Distribute topology information only. Interior gateway protocol such as OSPF, IS-, BGP-4 is normally use.  MPLS Signaling protocol  Information for program the switching fabric. RSVP-TE and LDP is used.  5.1.4 MPLS VPN  MPLS Virtual Private Networks (VPN) is the most popular and widespread implementation of MPLS technology. A VPN provide communication at OSI layer 2 or 3. VPN is protected by strong encryption. In general, the data travel across the VPN is not visible and encapsulated. MPLS is well suited for VPN because of its characteristics.  5.2 Internet Connection  Service Provider: Pacnet  Type: SHDSL  Bandwidth: 4Mbps downstream/4Mbps upstream  Description: Applied at Site A. By the way, the WAN connection will be allowed the Internet share with Site B office.  In order to fulfill both sites demand, Single High Speed Digital Subscriber Line (SHDSL) has chosen. SHDSL is one of the DSL family technology. Similar with other SDSL service, the upstream and downstream data rates are equal. One of its advantage of SHDSL is its high symmetric data rates with guaranteed bandwidth and low interference. In Bambi Co., Ltd. a 4M/4M speed line is using for their Internet connection.  6. Ethernet Standard  CAT 6 (Category 6) twisted-pair UTP is using under Bambi Co., Ltd. LAN environment. Its Gigabit Ethernet cable standard which bandwidth up to 400MHz and over a range of 100 m. It meet up the ANSI/TIA-568-B.2-1 performance specification.  7. Network Environment Overview  7.1 Entire Network Diagram  7.2 Hardware/Software description  7.3 Network configuration  7.3.1 Protocol and LAN segments  With the popularity of the Internet, TCP/IP become the most popular protocol. In Bambi Co., Ltd. only TCP/IP protocol allowed to be implement on the network environment. All servers and desktop PCs located on Site A and B will have static addresses, while notebook PCs will obtain addresses by utilizing Dynamic Host Configuration Protocol (DHCP).  IPv4 will be chosen as the type. Compare with IPv6, IPv4 had been around for many years, there are much more hardware and software supports.  8. Security  The following is the security arrangement for protect companys data:  8.1 Authentication  Each staff sign an individual login id for access their workstation and server resource like the email. The password establishes complexity level with minimum length of 5 characters. The password will enforce change every 3 months.  8.2 Authorization  Only some authorize staffs with Internet connection. This prevent the data disclose by FTP, web mail or any online storage.  8.3 Audit  The email server is able to keep logging which allow the administrative staff trace whether any company important data disclose by email.  8.4 Monitor  The firewall and switch are able to monitor the network for suspicious activity. For example, if the firewall detect heavy traffic or overload session, it will send email alert to the network administrator.  8.5 Virus Protection  Some kind of computer virus will steal infected computers data. So every servers and client workstations has install a memory resident antivirus software for protection. The UMT firewall also provide gateway antivirus function which prevent virus from the layer 2 level.  8.6 Encryption  The MPLS VPN deployed to be high security network tunnel. The data transmit between site A and B office with strong encryption.  9. Conclusion  In the user requirement chapter, 6 requirements were outlined. We summarize the benefits from applying the MPLS as below:  9.1 Functionality    No performance bottleneck of CPE VPN devices  Reduced network latency  Guaranteed SLA (Service level agreement) for time critical applications  Supports the delivery of services with QoS (Quality of service) guarantees    9.2 Scalability  Highly scalable since no site to site peering is required and reconfiguration of VPN devices.  9.3 Adaptability  Multiple connection type and bandwidth selection (e.g. ATM, Metro Ethernet, Broadband, etc.)  9.4 Security  Private network completely isolated from Internet.  9.5 Manageability  Customer is able to complete control their own routing.  9.6 Reliability  Enable fast restoration from failures  The network design presented here meets all those objectives. Both for today and in the future.  10. Reference    Rosen, E., Viswanathan, A. and Callon, R. (2001) Multiprotocol Label Switching Architecture, IETF Documents, [Online] Available from: http://tools.ietf.org/html/rfc3031, [accessed on 07/03/10]  PACNET 2010: Pacnet Domestic IP VPN Available on: http://hk.pacnet.com/network/domestic-ip-vpn/, [accessed on 13/03/10]  Bates, R. (2002) Broadband Telecommunications Handbook. 2nd edition. McGraw-Hill Professional, Columbus.  Guichard, B. PepeInjak, I. and Apcar, J. (2003) MPLS and VPN Architectures, Volume II. Cisco Press, Indiana.  Ghein, L. (2007) MPLS Fundamentals. Cisco Press, Indiana.  Jamison, S. Cardarelli, M. and Hanley, S. (2007) Essential SharePoint 2007. Pearson Education, Inc., Boston.    
Subscribe to:
Post Comments (Atom)
 
 
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.