Академический Документы
Профессиональный Документы
Культура Документы
Private Network
Infosys Pune Wipro Mumbai
Infosys Hyderabad
Infosys Mumbai
Private Network
Advantages :
Security. Privacy and Guaranteed QoS.
Disadvantages :
Leased lines are very expensive. No. of links grows exponentially if full mesh connectivity is required and network expands. Network complexity increases as network grows. For a new site addition all existing sites requires reconfiguration.
Public Network
Connectionless network : Each IP packet is routed independently. Delay : Multiple packets originated from the same source for the single destination may follow different paths. Loss of Information : Some of the packets may also fail to reach the destination. Out of Sequence : bad for VoIP and Video.
e.g. Internet
Internet : Weaknesses
An open and shared network. Any person from anywhere can access any part of network. It is not controlled by any single agency. No security mechanism, it is left to the customer who adopts different means for data protection depending upon how important the data is? L3-Routing protocols are used. Forwarding is based on the destination address only. Destination based Routing lookups are performed on every hop.
Internet Devices
Firewalls To avoid unauthorized intrusions
Switches To connect LANs Routers To route the traffic from Source to Destination
Customer Expectations
The customer today wants :
QoS Security
Cost effectiveness
Manageability.
VPN
VPN technologies :
IPSec, GRE, Socks, PPTP, L2TP and now MPLS.
MPLS emerged from IETFs effort to standardise set of proprietary multi layer switching solutions without compromising on Security . MPLS nicely integrates the control of IP routing with a simplicity of L2 switching. MPLS reduces the complexity of N/w operation and does Resource allocation to assure CIR.
VPN (FR/ATM)
City-B City-A
Org-X
PVCs
City-C
Org-X
City-D
Org-X
VPN (FR/ATM)
Each office is connected to the network with a single physical line
Number of physical lines to connect n sites = n
Each office is connected with other offices by Virtual circuits, pre established by network administrator
Number of VCs to connect n sites = n(n-1)/2
Provide moderate amount of security and QoS. L2 devices have no knowledge of L3 routing information.Network administrator has to configure PVCs manually at every node involved in the network
Difficult to implement if number of sites are more.
VPN (FR/ATM)
To add a new office site, network administrator has to configure new virtual circuits at each every concerned node. Frame Relay & ATM technologies are very complex, expensive and so not deployed everywhere particularly in third world countries.
Internet
Shared Infrastructure
Infosys Mumbai
Disadvantages:
Highly insecure environment. No guarantee of Privacy and QoS. Any unauthorized traffic can enter in private network.
VPN Tunnels
Tunneling is the mechanism to encapsulate IP datagrams inside another packet so that original datagram is not visible to network. Every packet is authenticated to ensure that it is coming from right source and optionally packets can be encrypted also for data confidentiality if required
X-Y X-Y X-Y X-Y A-B A-B X-Y X-Y X-Y X-YX-YX-YX-Y X-Y X-Y X-Y
Firewall
Internet
Firewall
Firewalls
Internet
Infosys Mumbai
Wipro Bangalore
Wipro Chennai
Infosys Bangalore
VPN Tunnel-Analogy
Encapsulating Protocol Original Packet
Carrier Protocol
VPN Tunnel
VPN Tunnel Encrypted Data
Authentication Information
Carrier Protocol
Data Integrity
Ensures that information being transmitted over the link is not altered in any way during transit
Data Confidentiality
Protects the privacy of information being exchanged between communicating parties
Varanasi
Shimla
Si
Allahabad
Si
Chandigarh
Shilong
Guwahati Siliguri
Noida
Ahmedabad Indore
Ranchi Durgapur
Si
Mumbai
Si
Kolkata
Bhubneshwar Jamshedpur
Nagpur
Si
Pune
Banglore
Chennai
Ernakulam
Si
Coimbtore
Manglore
Si
Vijaywada
Hyderabad
Si
Madurai Trichy
Pondicherry
Kolhapur
Raipur
Nashik Vizag Rajmundary Tirupati Belgaum Hubli Mysore Kalikat Palghat Trivandrum Trichur
Chennai
Ernakulam Hyderabad
Chennai
Router Links
Advantages of MPLS
MPLS Labels usually corresponds to IP destination networks (equal to traditional IP forwarding) Labels can also correspond to other parameters such as QoS, FEC, Source address. Traffic can be forwarded based on these other parameters. Load sharing across unequal paths can be achieved. MPLS is designed to support forwarding of other protocols as well. MPLS gives network operators (BSNL) a great deal of flexibility to divert and route traffic around link failures, congestion, and bottlenecks.
Label Switching Routers (LSR) : The routers which support the MPLS protocol. Types of LSRs : ingress, transit, penultimate, and egress.
MPLS Routers
Ingress Router :
The Entry point for user data traffic into MPLS. It is a start point of LSP. Egress Router : The Exit point for user data traffic from MPLS domain. It is a End point of LSP. Transit Router : The routers located along the LSP to swap the MPLS labels. Penultimate Router : One of the transit routers in an LSP which has a special function called Penultimate Hop Popping to perform.
MPLS : Terminology
Label :
Header created by the edge LSR and used by the LSRs to forward packets. Identifies the path a packet should traverse.
MPLS Network
MPLS Architecture
MPLS Architecture is divided into two planes: 1. Control Plane : Create Labels and LSPs 2. Data Plane : Forwarding Labeled Packets MPLS takes help of many Protocols: 1. Routing Protocols 2. Signaling Protocols LDP or RSVP
L2 Header
MPLS Header
32-bits
IP Packet
Fields
20 bit Label. 3 bit Experimental field (CoS-Class of Service) 1 bit Bottom of the Stack bit. 8 bit TTL field (Time to live)
FTP
Role of QoS
Protect mission-critical applications
Voice, ERP, data warehouse, sales force automation