Professional Documents
Culture Documents
ITT550 - Chapter04 RY-Logical Network Design
ITT550 - Chapter04 RY-Logical Network Design
ITT550
Chapter 4:
Logical Network Design
Overview of the Logical Design Phase
Objectives
Network
Design Goals Design Constraints
Design
Current Network
Keep it Simple
Some sophisticated security implementations are not
worth the extra expense.
Physical security such as locks, is nearly always
inexpensive and easy to accomplish.
The security plan must be compatible with the political
structure and culture of the organization.
Broadcast Traffic
Broadcast traffic, sometimes called background traffic,
is the “administrative overhead” that does not carry
useful data.
Some technologies generate more broadcast frames
than others.
Connection Type
Connectionless protocols, such as IP spend no time
establishing a virtual circuit.
Connection-oriented protocols such as Asynchronous
Transfer Mode (ATM), take longer to establish each
point-to-point connection.
Scalability
The design must accommodate the company’s current
and future capacity needs, by ensuring the network and
its applications can be easily expanded.
Alternative Design
A good designer presents optional designs to the
customer.
There are usually several different possibilities that can
be explored for meeting the customers needs.
When multiple designs are presented to the client, they
must be clear and concise, otherwise the choices might
be confusing.
Physical Media
The Physical Media Comparison Table lists some of
the most important factors to consider when choosing
the wiring for your network.
Workgroup Environments
A workgroup is a collection of users that share
computing resources.
Routing Solutions
The router is configured with a dedicated high-speed
interface for the server and a large number of standard
Ethernet interfaces assigned to each hub segment and
power user.
By installing a router, the network administrator divides
the large broadcast/collision domain into several smaller
broadcast/collision domains.
Each small domain will notice improved traffic
performance between nodes in the same domain.
Switching Solutions
3 reasons why a switch is a better choice than a
router.
1. First, a switch is cheaper than a router.
2. Switch is faster than a router.
3. Switch is simpler than a router.
Departmental Workgroups
A departmental workgroup is a large workgroup
composed of several smaller workgroups.
Physical Segmentation
The Physical Segmentation Diagram illustrates how a
router physically segments a network into broadcast
domains.
Logical Segmentation
A more flexible way to divide a network into broadcast
domains is by using a router to connect separate virtual local
area networks (VLANs) created with switches.
A VLAN, allows the creation of virtual broadcast domains
within a switched environment, irrespective of the physical
infrastructure.
With VLANs, the network administrator can define a
workgroup based on a logical grouping of individual
workstations rather than physical network connections.
Traffic within a VLAN is switched at wire speed among
members of the VLAN.
A router forwards traffic between different VLANs.
Backbone Implementation
Organizations have been deploying collapsed backbone
building architectures in the data center for several
years.
In a collapsed backbone environment, large amounts of
data are transmitted across the backplane of a central
high-performance backbone device.
The device performing the collapsed backbone function
may be a switch or a router.
A collapsed backbone design centralizes complexity,
increases performance, reduces costs, and supports the
server farm model.
LANs WANs
Compression
One way to squeeze more bandwidth out of a narrow
WAN link is to use data compression.
In an intranet environment, two fundamental types of
compression are typically used:
Bandwidth Aggregation
Data communications traffic is bursty
Bandwidth aggregation builds on Multilink Point-to-Point
Protocol (PPP) (RFC 1717) to provide a network
administrator with tremendous flexibility in defining link
speeds.
Data Prioritization
Prioritization provides the flexibility to give time-sensitive
traffic higher priority in the WAN transmission queue.
Protocol Reservation
Protocol reservation lets a network administrator
guarantee that a portion of a WAN link's bandwidth will be
available for a specific protocol or application.
Session Fairness
Session fairness is an enhancement to the protocol
reservation scheme; it ensures traffic is forwarded evenly
from all users, so that no single user is allowed to
monopolize WAN bandwidth.
Exercise:
List all the IPv4 classes. Out of the classes, list the
private addresses (describe private address)
Subnet Mask
A 32-bit subnet mask tells a host or router how to
distinguish subnet addresses from host addresses.
The 32 bits of the subnet mask correspond to the 32 bits of
the IP address.
If bits in the subnet mask are set to 1, a device treats the
corresponding bits in the IP address as part of the network
number or subnet number.
If bits in the mask are set to 0, a device treats the
corresponding IP address bits as part of the host number.
Subnet Host
Address Network Portion
Portion Portion
IP Address: 205.169.85.21 11001101 10101001 01010101 XXXX XXXX
Number of
CIDR Prefix
Host Addresses
/27 32
/26 64
/25 128
... ...
/20 4,096
/19 8,192
... ...
/14 262,144
/13 524,288
◦ Denial of service
This type of attack leads to disruption of system availability
by crashing or overloading a critical device such as a server,
router, or firewall.
◦ Theft of information
The attacker, often an insider, acquires proprietary
information such as trade secrets or business plans. This can
be done by eavesdropping on network transmissions,
masquerading as an authorized entity, or a brute-force attack
such as the use of a computer program that guesses
passwords.
◦ Corruption of data
The attacker either destroys or corrupts data stored on disk
or corrupts data as it is transmitted across a network.