Figure 2-6 LANLANs are designed to do the following: ■ Operate within a limited geographic area ■ Allow many users to access high-bandwidth media ■ Provide full-time connectivity to loca
Trang 1Starting in the 1960s and continuing through the 1990s, the U.S Department of
Defense (DoD) developed large, reliable WANs for military and scientific reasons
This technology was different from the point-to-point communication used in bulletin
boards It allowed multiple computers to be connected using many different paths The
network itself determined how to move data from one computer to another Instead of
being able to communicate with only one other computer at a time, many computers
could be reached using the same connection The DoD’s WAN eventually became the
Internet
Network Protocols
Protocol suites are collections of protocols that enable network communication from
one host through the network to another host A protocol is a formal description of a
set of rules and conventions that govern a particular aspect of how devices on a
net-work communicate Protocols determine the format, timing, sequencing, and error
control in data communication Without protocols, the computer cannot create or
rebuild the stream of incoming bits from another computer into the original data
Protocols control all aspects of data communication They determine how the physical
network is built, how computers connect to the network, how the data is formatted
for transmission, and how that data is sent These network rules are created and
main-tained by many different organizations and committees:
■ Institute of Electrical and Electronic Engineers (IEEE)
■ American National Standards Institute (ANSI)
■ Telecommunications Industry Association (TIA)
■ Electronic Industries Alliance (EIA)
■ International Telecommunications Union (ITU), formerly known as the CCITT
(Comité Consultatif International Téléphonique et Télégraphique)
Local-Area Networks (LANs)
LANs consist of computers, network interface cards, peripheral devices, networking
media, and network devices Figure 2-6 illustrates a LAN
LANs make it possible for businesses that use computer technology to locally share
files and printers efficiently and make internal communications possible, such as e-mail
LANs tie together data, local communications, and computing equipment
Trang 2Figure 2-6 LAN
LANs are designed to do the following:
■ Operate within a limited geographic area
■ Allow many users to access high-bandwidth media
■ Provide full-time connectivity to local services
■ Connect physically adjacent devices Some common LAN technologies are
■ Ethernet
■ Token Ring
■ FDDI
Wide-Area Networks (WANs)
WANs interconnect LANs, which then provide access to computers or file servers in other locations Because WANs connect user networks over a large geographic area, as shown in Figure 2-7, they make it possible for businesses to communicate across great distances
Trang 3Figure 2-7 WAN
Using WANs allows computers, printers, and other devices on a LAN to share and be
shared with distant locations WANs provide instant communications across large
geo-graphic areas The ability to send an instant message (IM) to someone anywhere in the
world provides the same communication capabilities that used to be possible only if
people were in the same physical office Collaboration software provides access to
real-time information and resources that allow meetings to be held remotely instead of
in person Wide-area networking has also created a new class of workers called
tele-commuters—people who never have to leave home to go to work.
WANs are designed to do the following:
■ Operate over large, geographically separated areas
■ Allow users to engage in real-time communication with other users
■ Provide full-time remote resources connected to local services
■ Provide e-mail, World Wide Web, file transfer, and e-commerce services
Here are some common WAN technologies:
■ Modems
■ Integrated Services Digital Network (ISDN)
■ Digital Subscriber Line (DSL)
Corporate Headquarters Dallas
Branch Office San Francisco Branch OfficeMiami
Trang 4■ Frame Relay
■ T (U.S.) and E (Europe) carrier series—T1, E1, T3, E3, and so on
■ Synchronous Optical Network (SONET)—Synchronous Transport Signal level 1 (STS-1) (Optical Carrier [OC]-1), STS-3 (OC-3), and so on
Metropolitan-Area Networks (MANs)
A MAN is a network that spans a metropolitan area, such as a city or a suburban area MANs are networks that connect LANs separated by distance and that are located within a common geographic area, as shown in Figure 2-8 For example, a bank with multiple branches might use a MAN Typically, a service provider connects two or more LAN sites using private communication lines or optical services A MAN also can be created using wireless bridge technology by beaming signals across public areas The higher optical bandwidths that are currently available make MANs a more func-tional and economically feasible option than in the past
The following features differentiate MANs from LANs and WANs:
■ MANs interconnect users in a geographic area or region larger than that covered
by a LAN but smaller than the area covered by a WAN
■ MANs connect networks in a city into a single larger network (which can then also offer efficient connection to a WAN)
■ MANs also are used to interconnect several LANs by bridging them with back-bone lines
More Information: Emerging Home Networking Applications
People now design and build their homes to be Internet homes, wiring them for Ethernet con-nectivity People integrate their computer(s) with their phone system, security system, home theater system, heating and air conditioning, lighting, and other electronic components to be able to control them all with the click of a mouse or even via a voice command.
Service providers have built cellular- and satellite-based carrier networks that offer sophisticated services, such as wireless Internet access Local exchange carriers (LECs) (commonly known as local telephone companies) are implementing high-speed services for data transfer, such as DSL services, at a cost low enough to market to home users Many cable operators, in addition to cable TV, now provide high-speed Internet access that can be shared among networked home computers Cisco products support the latest wireless, DSL, and cable technologies.
People also are integrating PC, telephone, and fax capabilities, allowing for automatic answer-ing and message storage and retrieval via computer In addition, the Internet phone, which uses IP telephony technology and Voice over IP (VoIP), allows people to bypass telephone lines entirely with an Internet connection through cable, wireless, or some other medium to make long distance calls without paying long distance charges.
Trang 5Figure 2-8 MAN
Specialized Networks Located Within the LAN
There are times when smaller and more specialized networks might reside within the
LAN Most notably, these specialized networks are used for access to storage systems,
data center technology systems and devices, intranets or extranets, and VPNs These
various specialized networks are covered in this section
Storage-Area Networks (SANs)
Astorage-area network (SAN) is a dedicated, high-performance network that moves
data between servers and storage resources Because it is a separate dedicated network,
it avoids any traffic conflict between clients and servers, as shown in Figure 2-9
SAN technology allows high-speed storage, storage-to-storage, or
server-to-server connectivity This method uses a separate network infrastructure that relieves
any problems associated with existing network connectivity
SANs offer the following features:
■ Performance—SANs enable concurrent access to disk or tape arrays by two or
more servers at high speeds, providing enhanced system performance
■ Availability—SANs have disaster tolerance built in, because data can be mirrored
using a SAN up to 10 kilometers (km) (6.2 miles) away
■ Scalability—Like a LAN/WAN, a SAN can use a variety of technologies This
allows easy relocation of backup data operations, file migration, and data repli-cation between systems
Long-Haul Network
POP 1
Customer Premises
POP 2
Customer Premises
Access Network Metropolitan-Area
Network
Site
Trang 6Figure 2-9 SAN
Data Center Technology
Adata center, as shown in Figure 2-10, is a globally coordinated network of devices
designed to accelerate the delivery of information over the Internet infrastructure By taking advantage of services in the core IP network, enterprises and service providers can accelerate and improve the use of rich content such as broadband streaming media Data center technology improves network performance and eliminates the need to stream media on the infrastructure
A data center bypasses potential sources of congestion by distributing the load across a collection of content engines that are located close to the viewing audience Rich web and multimedia content is copied to the content engines, and users are routed to an optimally located content engine
Storage-Area Network Internet IP Front-EndNetwork
Server
Trang 7Figure 2-10 Data Center
For example, when downloading a movie from an Internet service provider (ISP),
instead of waiting for hours for the big movie file to download, the same movie might
take only minutes to download if the ISP is using data center technology, because a
data center can accelerate the delivery of information
Intranets and Extranets
One common configuration of a LAN is an intranet Intranet web servers differ from
public web servers in that the public does not have access to an organization’s intranet
without the proper permissions and passwords Intranets are designed to be accessed
by users who have access privileges to an organization’s internal LAN Within an
intranet, web servers are installed in the network, and browser technology is used as
the common front end to access information such as financial data or graphical,
text-based data stored on those servers
Anextranet is an intranet that is partially accessible to authorized outsiders Whereas
an intranet resides behind a firewall and is accessible only to people who are members
of the same company or organization, an extranet provides various levels of
accessibil-ity to outsiders You can access an extranet only if you have a valid username and
password, and your identity determines which parts of the extranet you can view
Extranets help extend the reach of applications and services that are intranet-based but
that employ extended, secure access to external users or enterprises This access is
usu-ally accomplished through passwords, user IDs, and other application-level security
Therefore, an extranet is the extension of two or more intranet strategies with a secure
interaction between participant enterprises and their respective intranets The extranet
Content Delivery Services Web Hosting E-Commerce Streaming Application
Highly Available, Scalable, Performance Network of Layer 2/3
Content Networks L2/L3 Networks
Intelligent Network Services
Content Distribution and Management ContentRouting SwitchingContent Edge DeliveryContent
Mobile Fixed Wireless Cable DSL Dedicated/ATM/FR ISDN/Dial
Trang 8maintains control of access to the intranets within each enterprise in the deployment Extranets link customers, suppliers, partners, or communities of interest to a corporate intranet over a shared infrastructure using dedicated connections
Figure 2-11 illustrates an intranet and an extranet
Figure 2-11 Intranet and Extranet
Virtual Private Networks
Avirtual private network (VPN) is a private network that is constructed within a public network infrastructure such as the global Internet For example, using a VPN,
a telecommuter can access the company headquarters’ network through the Internet
by building a secure tunnel between the telecommuter’s PC and a VPN router in the headquarters
Cisco products support the latest in VPN technology A VPN is a service that offers secure, reliable connectivity over a shared public network infrastructure such as the Internet VPNs maintain the same security and management policies as a private net-work They are the most cost-effective method of establishing a point-to-point connec-tion between remote users and an enterprise customer’s network
Three main types of VPNs exist, as shown in Figure 2-12:
■ Access VPNs provide remote access for a mobile worker and small office/home
office (SOHO) to the headquarters’ intranet or extranet over a shared infrastruc-ture Access VPNs use analog dialup, ISDN, DSL, mobile IP, and cable technolo-gies to securely connect mobile users, telecommuters, and branch offices
Company A Remote Site
Company B
Extranet
Intranet
Company A Core Site
Trang 9■ Intranet VPNs link regional and remote offices to the headquarters’ internal
net-work over a shared infrastructure using dedicated connections Intranet VPNs differ from extranet VPNs in that they allow access only to the enterprise cus-tomer’s employees
■ Extranet VPNs link business partners to the headquarters’ network over a shared
infrastructure using dedicated connections Extranet VPNs differ from intranet VPNs in that they allow access to users outside the enterprise
Figure 2-12 VPN Technologies
VPNs have the following advantages:
■ A single VPN technology can provide privacy for multiple TCP/IP applications
Providing privacy for multiple TCP/IP applications is especially important
in environments in which you want to provide secure access for partners or telecommuters
■ Encryption services can be provided for all TCP/IP communications between the
trusted client and the VPN server This scenario has the advantage of being trans-parent to the end user Because encryption is turned on, the server can enforce it
■ VPN provides mobility to employees and allows employees to access the
corpo-rate network securely
Remote Office with Cisco Router
Regional Office with Cisco PIX Firewall
POP
Corporate
Business Partner with Cisco Router
SOHO with Cisco ISDN/DSL Router
Mobile Worker with Cisco Secure VPN Client on Laptop computer
Cisco PIX Firewall
VPN Concentrator
Perimeter Router
Main Site VPN
Intranet VPN
Extranet VPN
Intranet VPN
Access VPN
Trang 10Digital Bandwidth
LANs and WANs have always had one thing in common: the use of the term
band-width to describe their capabilities This term is essential to understanding networks,
but it can be confusing at first The following sections take a detailed look at this con-cept before delving too far into networking
The Importance of Bandwidth
Bandwidth is defined as the amount of information that can flow through a network connection in a given period of time This definition might seem simple, but you must understand the concept of bandwidth when studying networking Why is it so impor-tant to understand bandwidth?
■ Bandwidth is finite—Regardless of the medium used to build the network, there
are limits on that network’s capacity to carry information Bandwidth is limited both by the laws of physics and by the technologies employed to place informa-tion on the medium For example, a conveninforma-tional modem’s bandwidth is limited
to about 56 kilobits per second (kbps) by both the physical properties of twisted-pair phone wires and by voice modem technology The technologies employed by DSL also use the same twisted-pair phone wires, yet DSL provides much greater bandwidth than is available with conventional modems The frequency range (bandwidth) that DSL uses is much wider than the frequency range used for voice (and used by the POTS modem) That is why you can send more bits per second (bps) over DSL Optical fiber has the physical potential to provide virtu-ally limitless bandwidth Even so, the bandwidth of optical fiber cannot be fully realized until technologies are developed to take full advantage of its potential
■ Bandwidth is not free—It is possible to buy equipment for a LAN that will
pro-vide nearly unlimited bandwidth over a long period of time For WAN connec-tions, it is almost always necessary to buy bandwidth from a service provider In either case, an understanding of bandwidth, and changes in demand for band-width over a given time, can save an individual or business a significant amount
of money A network manager needs to make the right decisions about the kinds
of equipment and services to buy
■ Bandwidth is a key factor in analyzing network performance, designing new networks, and understanding the Internet—A networking professional must
understand the tremendous impact of bandwidth and throughput on network performance and design Information flows as a string of bits from computer to computer throughout the world The Internet is trillions upon trillions of bits,