CNAP~Tutorial « Maoels VIP blog

Kunjungi juga

October 15, 2009

Berhubung banyak yang nyari duit VIA blog, dan notabene menggunakan blogger. Keknya aq juga pindah ke blogger. Ini link q :

http://simaoels.blogspot.com/

http://gamecotica.blogspot.com

http://maoels.blogspot.com

http://tugasmutugasku.blogspot.com

http://learn-g-ads.blogspot.com

Leave a Comment » | A~Not~Her, CNAP~Tutorial, CNAP~sMt~1, CNAP~sMt~2, CisCo~tUtOrIaL, CoM~nEt~tUtOrIaL, Delphi Programming, ElEmEnTaRy~TuToRiAl, HiStOrY, IsLaM, TrIcK & TiPs, Un~CaTeGoRiZeD | Permalink
Posted by maoels

Any active Internet connection for a computer can make that computer a target for malicious activity. Malware, or malicious software such as a computer virus, worm, or spyware, can arrive in an email or be downloaded from a website. Problems that cause large scale failures in service provider networks often originate from unsecured desktop systems at the ISP customer locations.

If the ISP is hosting any web or e-commerce sites, the ISP may have confidential files with financial data or bank account information stored on their servers. The ISP is required to maintain the customer data in a secure way.

ISPs play a big role in helping to protect the home and business users that utilize their services. The security services that they provide also protect the servers that are located at the service provider premise. Service providers are often called upon to help their customers secure their local networks and workstations to reduce the risks of compromise.

There are many actions that can be taken both at the local site and the ISP to secure operating systems, as well any data stored on operating systems, and any data transmitted between computer systems.

If an ISP is providing web hosting or email services for a customer, it is important that the ISP protect that information from malicious attack. This can be complicated because often an ISP will use a single server, or cluster of servers, to maintain data that belongs to more than one customer.

To help prevent attacks on these vulnerabilities, many ISPs provide managed desktop security services for their customers. An important part of an on-site support technician’s job is to implement security best practices on client computers. Some of the security services that an ISP support technician can provide include:

Helping clients to create secure passwords for devices

Securing applications using patch management and software upgrades

Removing unnecessary applications and services that can create vulnerabilities

Ensuring applications and services are available to the users that need them and no one else

Configuring desktop firewalls and virus checking software

Performing security scans on software and services to determine vulnerabilities that the technician must protect from attack

Best Practise For Security

If an ISP is providing web hosting services, or email services for a customer, it is important that the ISP protect that information from malicious attack. This can be complicated because often an ISP will use a single server, or cluster of servers, to maintain data that belongs to more than one customer.

Common data security features and procedures include:

Encrypting data stored on server hard drives

Using permissions to secure access to files and folders

Permit or deny access based on the user account or group membership

If access is permitted, assign various levels of access permissions based on a the user account or on group memberships

When assigning permissions to files and folders, a security best practice is to apply permissions based on the principle of least privilege. This means giving a user access to only those resources that are required for the user to be able do their job. It also means giving the appropriate level of permission, for example read only access or write access. Additional permissions that the user does not require are not required.

Authentication, authorization, and accounting (AAA) is a three-step process used by network administrators to make it difficult for attackers to gain access to a network.

Authentication

Requires users to prove their identity using a username and password. Authentication databases are typically stored on servers called RADIUS or TACACS.

Authorization

Gives a user rights to use specific resources and perform specific tasks.

Accounting

Tracks which applications are used and length of time they are used.

For example, Authentication acknowledges that a user named student exists and is able to log on. Authorization services specify that user student can access host serverXYZ using Telnet. Accounting tracks that user student accessed host serverXYZ using Telnet on a specific day for 15 minutes.

AAA can be used on various types of network connections. AAA requires a database to keep track of user credentials, permissions, and account statistics. Local authentication is the simplest form of AAA and keeps a local database on the gateway router. If an organization has more than a handful of users authenticating with AAA, the organization must use a database on a separate server.

Data Encryption

ISPs must also be concerned with securing data that is transmitted to and from their servers. By default, data sent over the network is unsecured and transmitted in clear text. Unauthorized individuals can intercept unsecured data as it is being transmitted. Capturing data in transit bypasses all file system security that is set on the data. There are methods available to protect against this security issue.

Digital encryption is the process of encrypting all transmitted data between the client and the server. Many of the protocols used to transmit data offer a secure version that uses digital encryption. As a best practice, use the secure version of a protocol whenever the data being exchanged between two computers is confidential.

For example: If a user must submit a username and password to log onto an e-commerce web site, a secure protocol is required. This protects the username and password information from being captured. Another example is any time a user must submit a credit card or bank account information.

When surfing the Internet and viewing publicly accessible web sites, securing the transmitted data is not necessary. Using a secure protocol in this situation can lead to slower response times and additional computational overheads.

There are many network protocols used by applications. Some offer secure versions and some do not.

Web Servers

Web servers use the HTTP protocol by default. This is not a secure protocol. Switching to HTTPS enables the exchange of data to be done securely.

Email Servers

Email servers use several different protocols, including SMTP, POP3 or IMAP. When a user logs on to an email server, POP3 and IMAP require a username and password for authentication. By default, this submission is sent without security and can be captured. POP3 can be secured by using Secure Socket Layer (SSL). SMTP and IMAP can use either SSL or Transport Layer Security (TLS) as a security protocol.

Telnet Servers

Using telnet to remotely log into a Cisco router or Cisco switch creates an unsecure connection. Telnet sends authentication information, as well as any commands a user types across the network in basic clear text. Use SSH to authenticate and work with the router or switch securely.

FTP Server

The FTP protocol is also an unsecure protocol. When logging in to an FTP server, authentication information is sent in clear text. FTP can use SSL to securely exchange authentication and data. Some versions of FTP can also use SSH.

File Servers

File servers can use many different protocols to exchange data, depending on the computer’s operating system. In most cases, file server protocols do not offer a secure version.

Another security protocol exists called IP security (IPSEC). IPSEC is a network layer security protocol that can be used to secure any Application Layer protocol used for communication. This includes file server protocols that do not offer any other security protocol version.

Access List And Port Filtering

In spite of AAA and the use of encryption, there are many different types of attacks that an ISP must protect against. ISPs are especially vulnerable to Denial of Service attacks, because the ISP may host sites for many different registered domain names that may or may not require authentication. Currently there are three key types of denial of service attacks.

DoS

A standard denial-of-service (DoS) attack takes place when a server or service is attacked to prevent legitimate access to that service. Some examples of standard DoS attacks are SYN flood, ping flood, LAND attack, bandwidth consumption attacks, and buffer overflow attacks.

DDoS

A distributed denial-of-service (DDoS) attack occurs when multiple computers are used to attack a specific target. In DDoS attacks, the attacker has access to many compromised computer systems, usually on the Internet. Because of this, the attacker can remotely launch the attack. DDoS attacks are usually the same kinds of attacks as standard DoS attacks, except that DDoS attacks are run from many computer systems simultaneously.

DRDoS

A distributed reflected denial-of-service (DRDoS) attack occurs when an attacker sends a spoofed, or mock, request to many computer systems on the Internet, with the source address modified to be the targeted computer system. The computer systems that receive the request will respond. When the computer systems respond to the request, all of the requests are directed at the target computer system. Due to the reflection of the attack, it is very difficult to determine the originator of the attack.

The ISP must be able to filter out network traffic, such as Denial of Service attacks, that can be harmful to the operation of the ISP network or servers. This can be done using port filtering and access lists to control traffic to servers and networking equipment.

Port Filtering

Port filtering is the ability to control the flow of traffic based on a specific TCP or UDP port. Many server operating systems provide options to restrict access using port filtering. In this way, the server can provide the needed services while still being protected. Port filtering is also used by network routers and switches to help control traffic flow and to secure access to the device.

Access Lists

Access lists are used to define traffic that is permitted or denied through the network based on the source and/or destination IP addresses. Access Lists can also permit or deny traffic on the source and/or destination port of the protocol being used. Administrators create access lists on network devices, such as routers, to control whether or not traffic is forwarded or blocked.

Access lists are only the first line of defense and are not enough to secure a network. Access lists only prevent access to a network; they do not protect the network from all types of malicious attacks.

Firewall

A firewall is network hardware or software that defines what traffic can come into and go out of sections of the network, as well as how traffic is handled.

Access-lists are one of the tools used by firewalls. Using access-lists, the type of traffic that is allowed to pass through the firewall is controlled. In addition, the direction the traffic is allowed to travel is also controlled. In a medium-sized network, the amount of traffic and networking protocols needing to be controlled is quite large and firewall access lists can become very complicated.

Firewalls use access lists to control which traffic is passed or blocked. They are constantly evolving as new capabilities are developed and new threats are discovered.

Different firewalls offer different types of features. For example, a dynamic packet filter firewall or stateful firewall keeps track of the actual communication process occurring between the source and destination devices. It does this by using a state table. Once a communication stream is approved, only traffic that belongs to one of these communication streams is permitted through the firewall. The Cisco IOS Firewall software is embedded in Cisco IOS software and allows the user to turn a router into a network layer firewall with dynamic or stateful inspection.

The more functionality of the firewall, the more time it takes for packets to be processed.

Firewalls can provide perimeter security for the entire network, as well as for internal local network segments, such as server farms.

Within an ISP network or a medium-sized business, firewalls are typically implemented in multiple layers. Traffic that comes in from an untrusted network first encounters a packet filter on the border router. Permitted traffic goes through the border router to an internal firewall to route traffic to a demilitarized zone (DMZ). A DMZ is used to store servers that users from the Internet are allowed to access. Only traffic that is permitted access to these servers is permitted into the DMZ. Firewalls also control what kind of traffic is permitted into the protected, local network itself. The traffic that is allowed into the internal network is usually traffic that is being sent due to a specific request by an internal device. For example, if an internal device requests a web page from an external server, the firewall will permit the web page to enter the internal network.

Some organizations can choose to implement internal firewalls to protect sensitive areas. Internal firewalls are used to restrict access to areas of the network that need to have additional protection. Internal firewalls separate and protect business resources on servers from users inside the organization. Internal firewalls prevent external and internal hackers, as well as unintentional internal attacks and malware.

IDS And IPS

ISPs also have a responsibility to prevent, when possible, intrusions into their networks and the networks of customers who purchase managed services. There are two tools often utilized by ISPs to accomplish this.

An intrusion detection system (IDS) is a software- or hardware-based solution that passively listens to network traffic. Network traffic does not pass through an IDS device. Instead, the IDS device monitors traffic through a network interface. When the IDS detects malicious traffic, it sends an alert to a preconfigured management station.

An intrusion prevention system (IPS) is an active physical device or software feature. Traffic travels in one interface of the IPS and out the other. The IPS examines the actual data packets that are in the network traffic and works in real time to permit or deny packets that want access into the network

IDS and IPS technologies are deployed as sensors. An IDS or an IPS sensor can be any of the following:

A router configured with Cisco IOS version IPS

An appliance (hardware) specifically designed to provide dedicated IDS or IPS services

A network module installed in an adaptive security appliance (ASA), switch, or router

IDS and IPS sensors respond differently to incidences detected on the network, but both have roles within a network.

IDS

IDS solutions are reactive when it comes to detecting intrusions. They detect intrusions based on a signature for network traffic or computer activity. They do not stop the initial traffic from passing through to the destination, but react to the detected activity.

When properly configured, the IDS can block further malicious traffic by actively reconfiguring network devices such as security appliances or routers, in response to malicious traffic detection. It is important to realize that the original malicious traffic has already passed through the network to the intended destination and cannot be blocked. Only subsequent traffic will be blocked. In this regard, IDS devices cannot prevent some intrusions from being successful.

IDS solutions are often used on the untrusted perimeter of a network, outside of the firewall. Here the IDS can analyze the type of traffic that is hitting the firewall and determine how attacks are executed. The firewall can be used to block most malicious traffic. An IDS can also be placed inside the firewall to detect firewall misconfigurations. When the IDS sensor is placed here, any alarms that go off indicate that malicious traffic has been allowed through the firewall. These alarms mean that the firewall has not been configured correctly.

IPS

Unlike IDS solutions, which are reactive, IPS solutions are proactive. They block all suspicious activity in real time. An IPS is able to examine almost the entire data packet from Layer 2 to Layer 7 of the OSI model. When the IPS detects malicious traffic, the IPS can block the malicious traffic immediately. The IPS is then configured to send an alert to a management station about the intrusion. The original and subsequent malicious traffic is blocked as the IPS proactively prevents attacks.

An IPS is an intrusion detection appliance, not software. It is most often placed inside the firewall. This is because the IPS can examine the entire data packet and can therefore be used to protect server applications. The firewall typically does not examine the entire data packet, whereas the IPS does. The firewall will drop most of the packets that are not allowed, but may still allow some malicious packets through. The IPS will have a smaller number of packets to examine, but will examine the entire packet. This allows the IPS to immediately drop new attacks that the firewall cannot stop or could not be configured to stop.

Wireless Security

Some ISPs offer services to create wireless hot spots for customers to log onto Wireless Local Area Network (WLANs). A wireless network is easy to implement, but is vulnerable when not properly configured. Since the wireless signal travels through walls, it can be accessed outside the business premises. The following ways are used to secure a wireless network:

MAC Address Filtering

MAC Address Filtering prevents unwanted computers from connecting to your network by restricting MAC addresses. It is possible however, to clone a MAC address; therefore, other security measures should be implemented along with MAC Address Filtering.

WEP

Wired Equivalent Privacy (WEP) provides data security by encrypting data that is sent between wireless nodes. WEP uses a 64, 128 or 256 bit pre-shared hexadecimal key to encrypt the data. There are many WEP cracking tools available on the Internet. WEP should only be used with older equipment that does not support newer wireless security protocols.

WPA

Wifi Protected Access (WPA) is a newer wireless encryption protocol that uses an improved encryption algorithm called Temporal Key Integrity Protocol (TKIP). TKIP generates a unique key for each client and rotates the security keys at a configurable interval. WPA provides a mechanism for mutual authentication and since both the client and the access point have the key, the key is never transmitted.

WPA2

Wifi Protected Access 2 (WPA2) is a new, improved version of WPA. WPA2 uses the more secure Advanced Encryption Standard (AES) encryption technology.

Host security

Regardless of the layers of defense that exist on the network, all servers are still susceptible to attack if they are not properly secured. ISP servers are especially vulnerable because they are generally accessible from the Internet. New vulnerabilities for servers are discovered every day so it is critical for an ISP to protect its servers from known and unknown vulnerabilities whenever possible. One way they accomplish this is through the use of host-based firewalls.

A host-based firewall is software that runs directly on a host operating system. It protects the host from malicious attacks that might have made it through all other layers of defense. Host-based firewalls control inbound and outbound network traffic. These firewalls allow filtering based on a computer’s IP address and port, therefore offering additional protection over regular port filtering.

Host-based firewalls typically come with predefined rules that block all incoming network traffic. Exceptions are added to the firewall rule set to permit the correct mixture of inbound and outbound network traffic. When enabling host-based firewalls, it is important to balance the need to allow network resources required to complete job tasks, with the need to prevent applications from being left vulnerable to malicious attacks. Many server operating systems are preconfigured with a simple host-based firewall with limited options. More advanced third party packages are available.

ISPs use host-based firewalls to restrict access to the specific services a server offers. By using a host-based firewall, the ISP protects their servers and their customers’ data, by blocking access to the extraneous ports that are available.

ISP servers that utilize host-based firewalls are protected from a variety of different types of attacks and vulnerabilities.

Known Attacks

Host-based firewalls recognize malicious activity based on updatable signatures or patterns. They detect a known attack and block traffic on the port used by the attack.

Exploitable Services

Host-based firewalls protect exploitable services running on servers by preventing access to the ports that the service is using. Some host-based firewalls can also inspect the contents of a packet to see if it contains malicious code. Web and email servers are common targets for service exploits, and can be protected if the host-based firewall is capable of performing packet inspection. This inspection confirms whether or not the packet contains malicious code.

Worms and Viruses

Worms propagate by exploiting vulnerabilities in services and other weaknesses in operating systems. Host-base firewalls prevent worms from gaining access to servers. They can also help prevent the spread of worms and viruses by controlling outbound traffic originating from a server.

Back Doors and Trojans

Back doors or Trojans allow hackers to remotely gain access to servers on a network. The software typically works by sending a message to let the hacker know of a successful infection. It then provides a service that the hacker can use to gain access to the system. Host-based firewalls can prevent a Trojan from sending a message by limiting outbound network access. It can also prevent the attacker from connecting to any services.

In addition to host-based firewalls, Anti-X software can also be installed on the host. Anti-X software is software that protects computer systems from viruses, worms, spyware, malware, phishing, and even spam. Many ISPs offer customers Anti-X software as part of their comprehensive security services. Not all Anti-X software protects against the same threats. The ISP should constantly review what threats the Anti-X software actually protects against and make recommendations based on a threat analysis of the company.

Many Anti-X software packages allow for remote management. This includes a notification system that can alert the administrator or support technician about an infection, via email or pager. Immediate notification to the proper individual can drastically reduce the impact of the infection. Using Anti-x software does not diminish the number of threats to the network but reduces the risk of being infected.

Occasionally infections and attacks will still occur and can be very destructive. It is important to have an incident management process to track all incidences and the corresponding resolutions, to help prevent that infection from re-occurring. Incident management is required by ISP’s that manage and maintain customer data, because the ISP has committed to the protection and the integrity of the data they host for their customers. For example, if the ISP network was the target of a hacker and, as a result, thousands of credit card numbers that were stored in a database that the ISP manages were stolen, the customer would need to be notified so they could notify the card holders.

Service Level Agreement

An ISP and a user typically have a contract known as a service level agreement (SLA). It clearly documents the expectations and obligations of both parties. The parts of a typical SLA include:

Service Description

Costs

Tracking and Reporting

Problem Management

Security

Termination

Penalties for Service Outages

Availability, Performance, and Reliability

The SLA is an important document that clearly outlines the management, monitoring, and maintaining of a network.

Monitoring Network Line Performance

The ISP is responsible for monitoring and checking device connectivity. This would include any equipment that belongs to the ISP, as well as equipment at the customer end that the ISP agreed to monitor in the SLA. Monitoring and configuration can be performed either out-of-band with a direct console connection, or in-band using a network connection.

Out-of-band management is useful in initial configurations, if the device is not accessible via the network, or if a visual inspection of the device is necessary.

Most ISPs are not able to visually inspect or have physical access to all devices. An in-band management tool allows for easier administration because the technician does not require a physical connection. For this reason, in-band management is preferred over out-of-band management for managing servers that are accessible on the network. Additionally, conventional in-band tools can provide more management functionality than may be possible with out-of-band management, such as an overall view of the network design. Traditional in-band management protocols include Telnet, SSH, HTTP, and simple network management protocol (SNMP).

There are many embedded tools, commercial tools, and shareware tools available that utilize these management protocols. For example, HTTP access is through a web browser. Some applications, such as Cisco SDM, use this access for in-band management.

Selecting In-Band And Out-Of-Band Tools

SNMP is a network management protocol that enables network administrators to gather data about the network and corresponding devices. SNMP management system software is available in tools such as CiscoWorks. There are free versions of CiscoWorks available for download on the Internet. SNMP management agent software is often embedded in operating systems on servers, routers, and switches.

SNMP is made up of four main components:

Management station – computer, with the SNMP management application loaded, is used by the administrator to monitor and configure the network.

Management agent – software installed on a device managed by SNMP

Management information base (MIB) – a database that a device keeps about itself concerning network performance parameters

Network management protocol – the communication protocol used between the management station and the management agent.

The management station would contain the SNMP management applications that the administrator uses to configure devices on the network. It would also store data about those devices. The management station collects information by polling the devices. A poll occurs when the management station requests specific information from an agent.

The agent’s task is to report to the management station by responding to the polls. When the management station polls an agent, the agent will call on statistics that have accumulated in the MIB.

Agents can also be configured with traps. A trap is an alarm-triggering event on an agent. Certain areas of the agent are configured with thresholds, or maximums, that must be maintained, such as the amount of traffic that can access a specific port. If the threshold is exceeded, the agent sends an alert message to the management station. This frees the management station from continuously polling network devices.

Management stations and managed devices are identified by a community ID, called a community string, that permits access to the devices.

Storing device logs and reviewing them periodically is an important part of network monitoring. Syslog is the standard for logging system events. Like SNMP, Syslog is an Application Layer protocol that enables devices to send information to a Syslog Daemon that is installed and running on a management station.

A Syslog system is composed of Syslog servers and Syslog clients. These servers accept and process log messages from Syslog clients. Clients are the devices that are monitored. A Syslog client generates and forwards log messages to Syslog servers.

Log messages normally consist of a log message ID, type of message, a time stamp (Date, Time), which device has sent the message, and the message text. Depending on which network equipment is sending the Syslog messages, a Syslog message can contain more items than those listed.

Backup Media

Network management and monitoring helps ISPs and businesses identify and correct network issues. This software can also help to correct the causes of network failures. This includes failures caused by malware and malicious activity, network functionality and other issues such as failed devices.

Regardless of the cause of failure, an ISP that hosts web sites or email for customers must protect the web and email content from being lost. Losing the data stored on a web site could mean hundreds, or even thousands, of man hours recreating the content, not to mention the lost business that will result from the downtime while the content is being recreated.

Losing email messages that were stored on the ISP’s email server could potentially be crippling for a business that relies on the data within the emails. Some businesses are legally required to maintain records of all email correspondence, so losing that email data would not be acceptable.

Data backup is essential. An IT professional’s job is to try to reduce the risks of data loss and provide mechanisms for quick recovery of any data that is lost.

When an ISP needs to backup its data, the cost of a backup solution and its effectiveness must be balanced. The choice of backup media can be complex since there are many factors that affect the choice.

Some of the factors include:

Amount of data

Cost of media

Performance of media

Reliability of media

Ease of offsite storage

There are many types of backup media available, including the use of tape media, optical media, hard disk media, and solid state media.

Tape Media Backup

Tape remains one of the most common types of backup media available. Tapes have large capacities and remain the most cost-effective media on the market. For data volumes in excess of a single tape, tape autoloaders and libraries can swap tapes during the backup procedure, allowing the data to be stored on as many tapes as required. These devices can be expensive and are not typically found in small to medium-sized businesses. However, depending on the volume of data, there may be no alternative other than an autoloader or library.

Tape media is prone to failure, and tape drives require regular cleaning to maintain functionality. Tapes also have a high failure rate as they wear through use. Tapes should only be used for a fixed amount of time before removing them from circulation. Some of the different types of tapes are

Digital data storage (DDS)

Digital audio tape (DAT)

Digital linear tape (DLT)

Linear tape-open (LTO)

These all have different capacities and performance characteristics.

Optical

Optical media is a common choice for smaller amounts of data. CDs have a storage capacity of 700MB, DVDs can support up to 8.5GB on a single-sided dual layer disk, and HD-DVD and Blu-Ray disks can have capacities in excess of 25GB per disk. ISPs may use optical media for transferring web content data to their customers. Customers may also use this media to transfer web site content to the ISP web hosting site. Optical media can easily be accessed by any computer system with a CD or DVD drive built in.

Hard Disk

Hard disk-based backup systems are becoming more and more popular due to the low cost of high capacity drives. However, hard disk-based backup systems make offsite storage difficult. Large disk arrays such as Direct Attached Storage (DAS), Network Attached Storage (NAS), and Storage Area Networks (SANs) are not transportable.

Many implementations of hard disk-based backup systems work in conjunction with tape backup systems for offsite storage. Using both hard disks and tapes in a tiered backup solution can give you a quick restore time with the data available locally on the hard disks, as well as a long term archival solution.

Solid State

Solid state storage refers to all non-volatile storage media that does not have any moving parts. Examples of solid state media range from small postage-stamp sized drives holding 1GB of data, to router-sized packages capable of storing 1000GB (1TB) of data.

Solid state storage is ideal for storage of data when fast storage and retrieval is important. Applications for solid state data storage systems include database acceleration, high definition video access and editing, data retrieval, and SANS. High capacity solid state storage devices can still be extremely expensive, but as the technology matures, the prices will come down.

Methode Of File Backup

Once a backup solution is chosen, a decision must be made on how to perform the backups. There are three methods choose from.

Normal (full)

A normal (or full) backup copies all selected files and marks each file as having been backed up. With normal backups, only the most recent backup is required to restore all files, speeding up and simplifying the restore process. However, since all data is being backed up, a full backup takes the most amount of time.

Differential

A differential backup copies only the files that have been changed since the last full backup. With differential backups, a normal full backup on the first day of the backup cycle is necessary. Only the files that are created or changed since the time of the last full backup are saved. The differential backup process continues until another full backup is run. This reduces the amount of time required to perform the backup. When it is time to restore data, the last normal backup is restored and the latest differential backup restores all changed files since the last full backup.

Incremental

An incremental backup differs from a differential backup on one important point. Whereas a differential backup saves files that were changed since the last full backup, an incremental backup only saves files that were created or changed since the last incremental backup. This means that if an incremental backup is run every day, the backup media would only contain files created or changed on that day. Incremental backups are the quickest backup. However, they take the longest time to restore because the last normal backup and every incremental backup since the last full backup must be restored.

Backup systems require regular maintenance to keep them running properly. Some steps to ensure the successful completion of backup include:

Swap Media

Many backup scenarios require daily swapping of media to maintain a history of backed up data. Data loss could occur if the tape or disk is not swapped daily. Since swapping the tapes is a manual task, it is prone to failure. Users need to use a notification method, such as calendar or task scheduling.

Review Backup Logs

Virtually all backup software produces backup logs. Regularly review backup logs. These logs report on the success of the backup, specifying where the backup failed. Regular monitoring of backup logs allows for quick identification of any backup issues that require attention.

Perform Trial Restores

Monitoring backup logs regularly does not mean that the procedure was successful. To verify that backup data is usable and that the restore procedure works, periodically perform a trial restore of data. This ensures the backup procedures work.

Perform Drive Maintenance

Many backup systems require special hardware to perform the backups. Tape backup systems use a tape backup drive to read and write to the tapes. Tape drives can become dirty from use and can lead to mechanical failure. Perform routine cleaning of the tape drive using designated cleaning tapes. Hard drive-based backup systems can benefit from an occasional defragmentation to improve the overall performance of the system.

Best ractice For Disaster Recovery

Data backup is an important part of any disaster recovery plan. A disaster recovery plan is a comprehensive document that describes how to restore operation quickly and keep a business running during or after a disaster occurs. The objective of the disaster recovery plan is to ensure the business can smoothly adapt to the physical and social changes a disaster causes. The disaster can include anything from natural disasters that affect the network structure to malicious attacks on the network itself.

The disaster recovery plan can include information such as offsite locations where services can be moved, information on switching out network devices and servers, as well as backup connectivity options. It is important when building a disaster recovery plan to fully understand the services that are critical to maintaining operation. Services that might need to be available during a disaster include:

Database

Application servers

System management servers

Web

Data stores

Chapter Seven (smt2)

September 26, 2008

ISP Services

Once the connection is made to the ISP, the business or customer must decide which services they would need from the ISP.

ISPs serve several markets. Individuals in homes make up the consumer market. Large, multi-national companies make up the Enterprise market. In between are smaller markets, such as small to medium-sized businesses, or larger non-profit organizations. Each of these customers have different service requirements.

Escalating customer expectations and increasingly competitive markets are forcing service providers to offer new services. These services enable the ISPs to increase revenue and to differentiate themselves from their competitors.

Email, web hosting, media streaming, IP telephony, and file transfer are key services that ISPs can provide to all customers. These services are important for the ISP consumer market and for the small to medium-sized business that does not have the expertise to maintain their own services.

Many organizations, both large and small, find it expensive to keep up with new technologies, or they simply prefer to devote resources to other parts of the business. ISPs offer managed services that enable these organizations to have access to the leading network technologies and applications without having to make large investments in equipment and support.

When a company subscribes to a managed service, the service provider manages the network equipment and applications according to the terms of a service level agreement (SLA). Some managed services are also hosted, meaning that the service provider hosts the applications in its facility instead of at the customer site.

The following are three scenarios that describe different ISP customer relationships:

Scenario 1: The customer owns and manages all of their own network equipment and services. These customers only need reliable Internet connectivity from the ISP.

Scenario 2: The ISP provides Internet connectivity to the customer, but in this scenario, the ISP also owns and manages the network equipment installed at the customer site. Service provider responsibilities include setting up, maintaining, and administering the equipment for the customer. The customer is responsible for monitoring the status of the network and the applications, and receives regular reports on the performance of the network.

Scenario 3: The customer owns the network equipment, but the applications that the business relies on are hosted by the ISP. In this scenario, the actual servers that run the applications are located at the ISP facility. These servers may be owned by the customer or the ISP, although the ISP maintains both the servers and the applications. Servers are normally kept in server farms in the ISP network operations center (NOC), and will be connected to the ISPs network with a high-speed switch.

Reliability And Availability

Creating new services can be challenging. Not only must ISPs have a strong understanding of what their end customers want, but they must have the ability and the resources to provide them. As business and Internet applications become more complex, an increasing number of ISP customers rely on the services provided or managed by the ISP.

ISPs provide services to customers for a fee and guarantee a level of service in the SLA. To meet this expectation, ISPs service offerings have to be reliable and available.

Reliability

Reliability can be thought of in terms of two measures: mean time between failure (MTBF) and mean time to repair (MTTR). Equipment manufacturers specify MTBF from tests they perform as part of manufacturing. The measure of equipment robustness is fault tolerance, the longer the MTBF, the greater the fault tolerance. The time to repair is established by warranty or service agreements.

When there is an equipment failure, and the network or service becomes unavailable, it impacts the ability of the ISP to meet the terms of the SLA. To prevent this, an ISP may purchase expensive service agreements for critical hardware to ensure rapid manufacturer or vendor response. An ISP may also choose to purchase redundant hardware and keep spare parts onsite.

Availability

Availability is normally measured in the percentage of time that a resource is accessible. A perfect availability percentage would be 100%, meaning that the system is never down or unreachable. Traditionally, telephone services are expected to be available 99.999% of the time. This is called the five-9’s standard of availability. With this standard, only a very small percentage, .001%, of downtime is acceptable. As ISPs offer more critical business services, such as IP telephony, or high volume retail sale transactions, ISP services must meet the higher expectations of their customers. ISPs ensure accessibility by doubling up on network devices and servers using technologies designed for high availability. In redundant configurations, if one device fails, the other one can take over the functions automatically.

Review Of TCP/IP Protocols

Today, ISP customers are using mobile phones as televisions, PCs as telephones, and televisions as interactive gaming stations with a host of different entertainment options. As network services become more advanced, ISPs must accommodate these customer preferences. The development of converged IP networks enables all of these services to be delivered over a common network.

To provide support for the multiple end-user applications that rely on TCP/IP for delivery, it is important for the ISP support personnel to be familiar with the operation of the TCP/IP protocols.

ISP servers need to be able to support multiple applications for many different customers. In order to do this, they must use functions provided by the two TCP/IP transport protocols, TCP and UDP. Common hosted applications, like web serving and email accounts, also depend on underlying TCP/IP protocols to ensure their reliable delivery. In addition, all of the IP services rely on domain name servers, hosted by the ISPs, to provide the link between the IP addressing structure and the URLs that customers used to access them.

Clients and servers use specific IP protocols and standards in the process of exchanging information. The TCP/IP protocols can be represented using a four-layer model. Many of the key services provided to ISP customers depend on protocols that reside at the Application and Transport Layers of the TCP/IP model.

Application Protocols

Application Layer protocols specify the format and control information necessary for many of the common Internet communication functions. Among these TCP/IP protocols are:

Domain Name Service Protocol (DNS) is used to resolve Internet names to IP addresses.

Hypertext Transfer Protocol (HTTP) is used to transfer files that make up the Web pages of the World Wide Web.

Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail messages and attachments.

Telnet, a terminal emulation protocol, is used to provide remote access to servers and networking devices.

File Transfer Protocol (FTP) is used for interactive file transfer between systems.

Transport Layer Protocols

Different types of data can have unique requirements. For some applications, communication segments must arrive in a very specific sequence in order to be processed successfully. In other cases, all of the data must be received for any of it to be of use. Sometimes, an application can tolerate the loss of a small amount of data during transmission over the network.

In today’s converged networks, applications with very different transport needs may be communicating on the same network. Different Transport Layer protocols have different rules to enable devices to handle these diverse data requirements.

Additionally, the lower layers are not aware that there are multiple applications sending data on the network. Their responsibility is to get the data to the device. It is the job of the Transport Layer to deliver the data to the appropriate application.

The two primary Transport Layer protocols are TCP and UDP.

The TCP/IP model and the OSI model have many similarities and differences.

Similarities

Use of layers to visualize the interaction of protocols and services

Comparable Transport and Network Layers

Used in the networking field when referring to protocol interaction

Differences

OSI model breaks the function of the TCP/IP Application Layer into separate distinct layers. The upper three layers of the OSI model specify the same functionality as the Application Layer of the TCP/IP model.

The TCP/IP protocol suite does not specify protocols for the physical network interconnection. The two lower layers of the OSI model are concerned with access to the physical network and the delivery of bits between hosts on a local network.

TCP/IP model is based on actual protocols and standards developed, whereas the OSI model is a theoretical guide for how protocols interact.

TCP

Different applications have different transport needs. There are two TCP/IP protocols at the transport layer, TCP and UDP.

TCP

TCP is a reliable, guaranteed-delivery protocol. TCP specifies the methods hosts use to acknowledge the receipt of packets, and requires the source host to resend packets that are not acknowledged. TCP protocols also govern the exchange of messages between the source and destination hosts to create a communication session. TCP is often compared to a pipeline, or a persistent connection, between hosts. Because of this, TCP is referred to as a connection-oriented protocol.

TCP requires overhead to keep track of the individual conversations between source and destination hosts and to process acknowledgements and retransmissions. In some cases, the delays caused by this overhead cannot be tolerated by the application. These applications are better suited to UDP.

UDP

UDP is a very simple, connectionless protocol. It has the advantage of providing for low overhead data delivery. Because UDP is a “best effort” Transport Layer protocol, UDP datagrams may arrive at the destination out of order, or may even be lost all together. UDP does not provide guaranteed data delivery or flow control. Applications that use UDP can tolerate small amounts of missing data. An example of a UDP application is Internet radio. If a piece of data is not delivered, there may only be a minor effect on the quality of the broadcast.

Applications, such as databases, web pages, and email, need to have all data arrive at the destination in its original condition, in order for the data to be useful. Any missing data can cause the messages to be corrupt or unreadable. These applications are designed to use a Transport Layer protocol that implements reliability. The additional network overhead required to provide this reliability is considered a reasonable cost for successful communication.

The Transport Layer protocol is determined based on the type of application data being sent. For example, an email message requires acknowledged delivery and therefore would use TCP. An email client, using SMTP, sends an email message as a stream of bytes to the Transport Layer. At the Transport Layer, the TCP functionality divides the stream into segments.

Within each segment TCP identifies each byte, or octet, with a sequence number. These segments are passed to the Internetwork Protocol Layer, which places each segment in a packet for transmission. This process is known as encapsulation. At the destination, the process is reversed and the packets are de-encapsulated. The enclosed segments are sent through the TCP process, which converts the segments back to a stream of bytes to be passed to the email server application.

Before a TCP session can be used, the source and destination hosts exchange messages to set up the connection over which data segments can be sent. To do this, the two hosts use a three step process.

In the first step, the source host sends a type of message called a SYN, to begin the TCP session establishment process. The message serves two purposes:

Indicates the intention of the source host to establish a connection with the destination host over which to send the data.

Synchronizes the TCP sequence numbers between the two hosts, so each host can keep track of the segments sent and received during the conversation.

For the second step, the destination host replies to a SYN message with a synchronization acknowledgement, or SYN-ACK message.

In the last step, the sending host receives the SYN-ACK, and it sends an ACK message back to complete the connection setup. Data segments can now be reliably sent.

This SYN, SYN-ACK, ACK activity between the TCP processes on the two hosts is called a three-way handshake.

When a host sends message segments to a destination host using TCP, the TCP process on the source host starts a timer. The timer allows sufficient time for the message to reach the destination host and for an acknowledgement to be returned. If the source host does not receive an acknowledgement from the destination within the allotted time, the timer expires and the source assumes the message is lost. The portion of the message that was not acknowledged is then re-sent.

In addition to acknowledgement and retransmission, TCP also specifies how messages are reassembled at the destination host. Each TCP segment contains a sequence number. At the destination host, the TCP process stores received segments in a TCP buffer. By evaluating the segment sequence numbers, the TCP process can confirm there are no gaps in the received data. When data is received out of order it can also reorder the segments as necessary.

Differences Between TCP And UDP

UDP is a very simple protocol. Because it is not connection-oriented and does not provide the sophisticated retransmission, sequencing, and flow control mechanisms of TCP, UDP has a much lower overhead.

UDP is often referred to as an unreliable delivery protocol; because there is no guarantee that a message has been received by the destination host. This does not mean that applications that use UDP are unreliable. It simply means that these functions are not provided by the Transport Layer protocol and must be implemented elsewhere if required.

Although the total amount of UDP traffic found on a typical network is often relatively low, key Application Layer protocols that use UDP include:

Domain Name System (DNS)

Simple Network Management Protocol (SNMP)

Dynamic Host Configuration Protocol (DHCP)

Routing Information Protocol (RIP)

Trivial File Transfer Protocol (TFTP)

Online games

Supporting Multiple Service

The task of managing multiple simultaneous communication processes is done by the Transport Layer. The TCP and UDP services keep track of the various applications that are communicating over the network. To differentiate the segments and datagrams for each application, both TCP and UDP have header fields that can uniquely identify these applications for data communications purposes.

In the header of each segment or datagram, there is a source and destination port. Port numbers are assigned in various ways, depending on whether the message is a request or a response. When a client application sends a request to a server application, the destination port contained in the header is the port number that is assigned to the application running on the server. For example, when a web browser application makes a request to a web server, the browser uses TCP and port number 80. This is because TCP port 80 is the default port assigned to web-serving applications. Many common applications have default port assignments. Email servers, using SMTP, are usually assigned to TCP port 25.

As segments are received for a specific port, TCP or UDP places the incoming segments in the appropriate queue. For instance, if the application request is for HTTP, the TCP process running on a web server places incoming segments in the web server queue. These segments are then passed up to the HTTP application as quickly as HTTP can accept them.

Segments with port 25 specified will be placed in a separate queue that is directed toward email services. In this manner, Transport Layer protocols enable servers at the ISP to host many different applications and services simultaneously.

In any Internet transaction, there is a source host and a destination host, normally a client and a server. The TCP processes on the sending and receiving hosts are slightly different. Clients are active and request connections, while servers are passive, and listen for and accept connections.

Server processes are usually statically assigned well-known port numbers from 0 to 1023. Well-known port numbers enable a client application to assign the correct destination port when generating a request for services.

Clients also require port numbers to identify the requesting client application. Source ports are dynamically assigned from the port range 1024 to 65535. This port assignment acts like a return address for the requesting application. The Transport Layer keeps track of the source port and the application that initiated the request, so that when a response is returned, it can be forwarded to the correct application.

The combination of the Transport Layer port number and the host’s Network Layer IP address uniquely identifies a particular application process running on an individual host device. This combination is called a socket. A socket pair, consisting of the source and destination IP addresses and port numbers, is also unique and identifies the specific conversation between the two hosts.

A client socket might look like this, with 7151 representing the source port number:

192.168.1.1:7151

The socket on a web server socket might be:

10.10.10.101:80.

Together these two sockets combine to form a socket pair:

192.168.1.1:7151, 10.10.10.101:80.

With the creation of sockets, communication endpoints are known so that data can move from an application on one host to an application on another. Sockets enable multiple processes running on a client to distinguish themselves from each other, and also multiple connections to a server process to be distinguished from each other.

TCP/IP Host Name

Communication between source and destination hosts over the Internet requires a valid IP address for each host. However, numeric IP addresses, especially the hundreds of thousands of addresses assigned to servers available over the Internet, are difficult for humans to remember. Human-readable domain names, like cisco.com, are easier for people to use. Network naming systems are designed to translate human-readable names into the machine-readable IP addresses that can be used to communicate over the network.

Humans use network naming systems every day when surfing the web or sending email messages, and may not even realize it. Naming systems work as a hidden but integral part of network communication. For example, to browse to the Cisco Systems, Inc. website, open a browser and enter http://www.cisco.com in the address field. The www.cisco.com is a network name that is associated with a specific IP address. Typing the server IP address into the browser brings up the same web page.

Network naming systems are a human convenience to help users reach the resource they need without having to remember the complex IP address.

In the early days of the Internet, host names and IP addresses of computers on the network were managed through the use of a single HOSTS file located on a centrally administered server.

The central HOSTS file contained the mapping of host name and IP address for every device connected to the early Internet. Each site could download the HOSTS file and use it to resolve host names on the network. When a hostname was entered, the sending host would check the downloaded HOSTS file to obtain the IP address of the destination device.

At first, the HOSTS file was acceptable for the limited number of computer systems participating in the Internet. As the network grew, so did the number of hosts needing name-to-IP translations. It became impossible to keep the HOSTS files up-to-date. As a result, a new method to resolve host names to IP addresses was developed. The Domain Name System (DNS) was created for domain name to address resolution. DNS uses a distributed set of servers to resolve the names associated with these numbered addresses. The single, centrally administered HOSTS file is no longer needed.

However, the HOSTS file is still used by virtually all computer systems. A local HOSTS file is created when TCP/IP is loaded on a host device. As part of the name resolution process on a computer system, the HOSTS file is scanned even before the more robust DNS service is queried. A local HOSTS file can be used for troubleshooting or to override records found in a DNS server.

DNS

Domain Name Service (DNS) is a hostname resolution system that solves the shortcomings of the HOSTS file. The structure of DNS is hierarchical, with a distributed database of hostname to IP mappings spread across many DNS servers all over the world. This is unlike the HOSTS files, which required all mappings to be maintained on one server.

DNS uses domain names to form the hierarchy. The naming structure is broken down into small, manageable zones. Each DNS server maintains a specific zone database file and is only responsible for managing name-to-IP mappings for that small portion of the entire DNS structure. When a DNS server receives a requests for a name translation that is not within that DNS zone, the DNS server can forwarded the request to another DNS server within the proper zone for translation.

The ability for resolution of the hosts names to be spread across multiple servers makes the DNS system very scalable.

The domain naming system is made up of three components:

Resource Records and Domain Namespace

A resource record is a data record in the DNS zone database file. It is used to identify a type of host, a host’s IP address, or a parameter of the DNS database. The domain namespace refers to the hierarchical naming structure for organizing resource records. The domain namespace is made up of various domains, or groups, and the resource records within each group.

Domain Name Servers

These servers maintain the databases that store resource records and information about the domain namespace structure. DNS servers attempt to resolve client queries using the domain namespace and resource records it maintains in its zone database files. If the name server does not have the requested information in its DNS zone database, the name server uses additional predefined name servers to help resolve the name-to-IP query.

Resolvers

Resolvers are applications or operating system functions that run on DNS clients and DNS servers. When a domain name is used, the Resolver queries the DNS server to translate that name to an IP address. A resolver is loaded on a DNS client, and is used to create the DNS name query that is sent to a DNS server. Resolvers are also loaded on DNS servers. If the DNS server does not have the name-to-IP mapping requested, it will use the resolver to forward the request to another DNS servers.

The Domain Name System uses a hierarchical system to provide name resolution. The hierarchy looks like an inverted tree with the root at the top and branches below.

At the top of the hierarchy, the root servers maintain records about how to reach the top-level domain servers, which in turn have records that point to the secondary level domain servers.

The different top-level domains represent either the type of organization or the country or origin. Examples of top-level domains are:

.au – Australia

.co – Colombia

.com – a business or industry

.jp – Japan

.org – a non-profit organization

After top-level domains are second-level domain names, and below them are other lower-level domains.

The root DNS server may not know exactly where the host H1.cisco.com is located, but it does have a record for the .com top level domain. Likewise, the servers within the .com domain may not have a record for H1.cisco.com either, but they do have a record for the cisco.com domain. The DNS servers within the cisco.com domain do have the record for H1.cisco.com and can resolve the address.

The Domain Name System relies on this hierarchy of decentralized servers to store and maintain these resource records. The resource records contain domain names that the server can resolve, and alternative servers that can also process requests.

The name H1.cisco.com is referred to as a fully qualified domain name (FQDN) or DNS name, because it defines the exact location of the computer within the hierarchical DNS namespace.

DNS Name Resolution

When a host needs to resolve a DNS name, it uses the resolver to contact a DNS server within its domain. The resolver knows the IP address of the DNS server to contact because it is preconfigured as part of the host’s IP configuration.

When the DNS server receives the request from the client resolver, it first checks the local DNS records it has cached in its memory. If it is unable to resolve the IP address locally, the server uses its resolver to forward the request to another preconfigured DNS server. This process continues until the IP address is resolved. The name resolution information is sent back to the original DNS server, which uses the information to respond to the initial query.

During the process of resolving a DNS name, each DNS server caches, or stores, the information it receives as replies to the queries. The cached information enables the DNS server to reply more quickly to subsequent resolver requests because the server first checks the cache records, before querying other DNS servers.

DNS servers only cache information for a limited amount of time. DNS servers should not cache information for too long since hostname records do periodically change. If a DNS server had old information cached, it may give out the wrong IP address for a computer.

In the early implementations of DNS, resource records for hosts were all added and updated manually. However, as networks grew and the number of host records needing to be managed increased, it became very inefficient to maintain the resource records manually. ‘Furthermore, when DHCP is used, the resource records within the DNS zone have to be updated even more frequently. To make updating the DNS zone information easier, the DNS protocol was changed to allow computer systems to update their own record in the DNS zone through dynamic updates.

Dynamic Updates enable DNS client computers to register and dynamically update their resource records with a DNS server whenever changes occur. In order to use dynamic update, the DNS server and the DNS clients, or DHCP server, must support the dynamic update feature. Dynamic updates on the DNS served are not enabled by default, and must be explicitly enabled. Most current operating systems support the use of dynamic updates.

DNS servers maintain the zone database for a given portion of the overall DNS hierarchy. Resource records are stored within that DNS zone.

DNS zones can be either Forward lookup, or Reverse lookup zones. They can also be either a primary or a secondary forward or reverse lookup zone. Each zone type has a specific role within the overall DNS infrastructure.

Forward Lookup Zones

A forward lookup zone is a standard DNS zone that resolves fully qualified domain names to IP addresses. This is the zone type that is most commonly found when surfing the Internet. When typing a web site address, such as www.cisco.com, a recursive query is sent to the local DNS server to resolve that name to an IP address so as to connect to the remote web server.

Reverse Lookup Zones

A reverse lookup zone is a special zone type that allows you to resolve an IP address to a fully qualified domain name. Some applications use reverse lookups to identify computer systems who are actively communicating with them. There is an entire reverse lookup DNS hierarchy on the Internet that will enable any publicly registered IP address to be resolved. Many private networks choose to implement their own local reverse lookup zones to help identify computer systems within their network. Reverse lookups on IP addresses can be found using the ping -a <ip address> command.

Provisioning DNS Server

There are several ways to implement DNS solutions.

Using ISP DNS servers

ISPs typically maintain caching-only DNS servers. These servers are configured to forward all name resolution requests to the root servers on the Internet. Results are cached and used to reply to any future requests. Since ISPs typically have many customers, the number of cached DNS lookups is high. The large cache reduces network bandwidth by reducing the frequency that DNS queries that are forwarded to the root servers. Caching-only servers do not maintain any authoritative zone information, meaning that they do not store any name-to-IP mappings directly within their database.

Using Local DNS servers

A business may run its own DNS server. The client computers on that network will be configured to point to the local DNS server rather than the ISP DNS server. The local DNS server may maintain some authoritative entries for that zone, so will have name-to-IP mappings of any host within the zone. Requests that the DNS server receives that it cannot resolve will be forwarded. The cache required on a local server is relatively small, compared to the ISP DNS server, due to the smaller number of requests hitting the local DNS server.

It is possible to configure local DNS servers to forward requests directly to the root DNS server. However, some administrators configure local DNS servers to forward all DNS requests to an upstream DNS server, such as the ISP’s DNS server. That way the local DNS server benefits from the large number of cached DNS entries of the ISP, rather than having to go through the entire lookup process starting from the root server.

Losing access to DNS servers affects the visibility of public resources. If a user types in a domain name that cannot be resolved, they cannot access the resource. For this reason, when an organization registers a domain name on the Internet, a minimum of two DNS servers must be provided with the registration. These servers are the ones that will hold the DNS zone database. Redundant DNS servers ensure that if one fails, the other will still be available for name resolution. This practice provides fault tolerance. While two are required, if hardware resources permit, even more DNS servers within a zone can provide additional protection and organization.

It is also a good idea to make sure that multiple DNS servers that host the zone information are located on different physical networks. For example, the primary DNS zone information can be stored on a DNS server on the local business premises. Usually a customer’s ISP hosts an additional secondary DNS server to ensure fault tolerance.

DNS is a critical network service. As such, DNS servers must be protected through the use of firewalls and other security measures. If DNS fails, other web services are not accessible.

Services

In addition to providing private and business customers with connectivity and DNS services, ISPs provide many business-oriented services to customers. These services are enabled by software installed on servers. Among the different services provided by ISPs are:

email hosting

web site hosting

e-commerce sites

file storage and transfer

message boards and blogs

streaming video and audio services

TCP/IP Application Layer protocols enable many of these ISP services and applications. The most common TCP/IP Application Layer protocols are HTTP, FTP, SMTP, POP3, and IMAP4.

Some customers have greater concern about security, so these Application Layer protocols also include secure versions such as FTPS and HTTPS.

Supporting Http And Https

The Hypertext Transfer Protocol (HTTP), one of the protocols in the TCP/IP suite, was originally developed to enable the retrieval of HTML formatted web pages. It is now used for distributed, collaborative information sharing. The HTTP protocol has evolved through multiple versions. The version currently used by most ISPs to provide web-hosting services is HTTP version 1.1. Unlike earlier versions, this version enables a single web server to host multiple web sites. It also permits persistent connections, so that multiple request and response messages can use the same connection, reducing the time it takes to initiate new TCP sessions.

HTTP specifies a request/response protocol. When a client, typically a web browser, sends a request message to a server, the HTTP protocol defines the message types the client uses to request the web page. The HTTP protocol also defines the message types the server uses to respond.

Although it is remarkably flexible, HTTP is not a secure protocol. The request messages send information to the server in plain text that can be intercepted and read. Similarly, the server responses, typically HTML pages, are also sent unencrypted.

For secure communication across the Internet, the Secure HTTP (HTTPS) protocol is used for accessing or posting web server information. HTTPS can use authentication and encryption to secure data as it travels between the client and server. HTTPS specifies additional rules for passing data between the Application Layer and the Transport Layer.

When contacting an HTTP server to download a web page, a uniform resource locator (URL) is used to locate the server and a specific resource. The URL identifies:

Protocol being used

Domain name of the server needing to be accessed

Location of the resource on the server, such as http://example.com/example1/index.htm

Many web server applications are available that allow for short URLs. Short URLs are popular because they are easier to write down, remember, or share. With a short URL, a default resource page is assumed when a specific URL is typed. When a user types in a shortened URL, like http://example.com, the default page that is sent to the user is actually the http://example.com/example1/index.htm web page.

HTTP supports proxy services. A proxy server allows clients to make indirect network connections to other network services. A proxy is a device in the communications stream that acts as a server to the client and as a client to a server.

The client connects to the proxy server and requests from the proxy a resource on a different server. The proxy connects to the specified server and retrieves the requested resource. It then forwards the resource back to the client.

The proxy server can cache the resulting page or resource for a configurable amount of time. This enables future clients to access the web page quickly, without having to access the actual server where the page is stored. Proxies are used for three reasons:

Speed – caching allows resources requested by one user to be available to subsequent users without having to access the actual server where the page is stored.

Security – proxy servers can be used to intercept computer viruses and other malicious content and prevent them from being forwarded onto clients.

Filtering – proxy servers can view incoming HTTP messages and filter unsuitable and offensive web content.

HTTP sends clear text messages back and forth between a client and a server. These text messages can be easily intercepted and read by unauthorized users. To safeguard data, especially confidential information, some ISPs provide secure web services. To support secure web services ISPs use HTTPS (HTTP over secure sockets layer (SSL)). HTTPS uses the same client request-server response process as HTTP, but the data stream is encrypted with SSL before being transported across the network.

When the HTTP data stream arrives at the server, the TCP layer passes it up to SSL in the server’s Application Layer, where it is decrypted.

The maximum number of simultaneous connections that a server can support for HTTPS is less than that for HTTP. HTTPS creates additional load and processing time on the server due to the encryption and decryption of traffic. To keep server performance up, HTTPS should only be used when necessary, such as when exchanging confidential information.

Supporting FTP

FTP is a connection-oriented protocol that uses TCP to communicate between a client FTP process and an FTP process on a server. FTP implementations include the functions of a protocol interpreter (PI) and a data transfer process (DTP). PI and DTP define two separate processes that work together to transfer files. As a result, FTP requires two connections to exist between the client and server, one to send control information and commands, and a second one for the actual file data transfer.

Protocol Interpreter (PI)

The PI function is the main control connection between the FTP client and the FTP server. It establishes the TCP connection and passes control information to the server. Control information includes things such as commands to navigate through a file hierarchy, as well as renaming or moving files. The control connection, or control stream, stays open until closed by the user. When a user wants to connect to an FTP server:

1. The user-PI sends a connection request to the server-PI on well-known port 21.

2. The server-PI replies and the connection is established.

3. With the TCP control connection open, the server-PI process begins the login sequence.

4. The user enters credentials through the user interface and completes authentication.

5. Now the data transfer process can begin.

Data Transfer Process (DTP)

DTP is a separate data transfer function. This function is enabled only when the user wants to actually transfer files to or from the FTP server. Unlike the PI connection, which remains open, the DTP connection closes automatically when the file transfer is complete.

The two types of data transfer connections supported by FTP are active data connections and passive data connections.

Active Data Connections

In an active data connection, a client initiates a request to the server and opens a port for the expected data. The server then connects to the client on that port and the data transfer begins.

Passive Data Connections

In this instance, the FTP Server opens a random source port (greater than 1023). The server forwards its IP address and this random port to the FTP client over the control stream. The server then waits for a connection from the FTP client in order to begin the data file transfer.

ISPs typically support passive data connections to their FTP servers. Firewalls often do not permit active FTP connections to hosts located on the inside network.

Supproting SMTP, POP3, And IMAP

One of the primary services offered by an ISP is email hosting. Email is a store and forward method of sending, storing, and retrieving electronic messages across a network. Email messages are stored in databases on mail servers. ISPs often maintain mail servers that support many different customer accounts.

Email clients communicate with mail servers in order to send and receive email. Mail servers communicate with other mail servers to transport messages from one domain to another. In other words, an email client does not communicate directly with another email client when sending email. Both clients must rely upon the mail server for transport of the messages. This is true even when both users are in the same domain.

Email clients send messages to the email server configured in the application settings. When the server receives the message, it checks to see if the recipient domain is located on its local database. If it is not, it sends a DNS request to determine the mail server for the destination domain. Once the IP address of the destination mail server is known, the email is sent to the appropriate server.

Email supports three separate protocols for operation: SMTP, POP3, and IMAP4. The Application Layer process that sends mail, either from a client to a server or between servers, implements the SMTP protocol. A client retrieves email using one of two application layer protocols: POP3 or IMAP.

The functions specified by the Simple Mail Transfer Protocol (SMTP) enable the transfer of mail reliably and efficiently. For SMTP applications to do this, two conditions must be met:

The mail message must be formatted properly

SMTP processes must be running on both client and server

SMTP message formats require a message header and a message body. While the message body can contain any amount of text, the message header must have a properly formatted recipient email address and a sender address. Any other header information is optional.

When a client sends email, the client SMTP process connects with a server SMTP process on well-known port 25. Once the connection is made, the client attempts to send mail to the server across the connection. Once the server receives the message, it either places the message in a local account or forwards the message using the same SMTP connection process to another mail server.

The destination email server may not be online, or may be busy, when email messages are sent. Therefore, SMTP provides for the spooling of messages to be sent at a later time. Periodically, the server checks the queue for messages and attempts to send them again. After a predetermined expiration time, if the message is still undelivered, it will be returned to the sender as undeliverable.

One of the required fields in an email message header is the recipient email address. The structure of an email address includes the email account name or an alias, as well as the domain name of the mail server. An example of an email address:

recipient@cisco.com.

The @ symbol separates the account and the domain name of the server.

When a message is sent to recipient@cisco.com, the domain name is sent to the DNS server in order to obtain the IP address of the domain mail server. Mail servers are identified in DNS by an MX record indicator. When the destination mail server receives the message, it stores the message in the appropriate mailbox. The mailbox location is determined based on the account specified in the first part of the email address, in this case, the recipient account. The message will remain in the mailbox until the recipient connects to the server to retrieve the email.

If the mail server receives an email message that references an account that does not exist, the email is returned to the sender as undeliverable.

The Post Office Protocol – Version 3 (POP3) is used to enable a workstation to retrieve mail from a mail server. With POP3, mail is downloaded from the server to the client and then deleted on the server.

The server starts the POP3 service by passively listening on TCP port 110 for client connection requests. When a client wishes to make use of the service, it sends a request to establish a TCP connection with the server. Once the connection is established, the POP3 server sends a greeting. The client and POP3 server then exchange commands and responses until the connection is closed or aborted.

Since email messages are downloaded to the client and removed from the server, this means that there is not a centralized location where email messages are kept. This makes the POP3 protocol undesirable in a centralized backup solution for a small business.

The POP3 protocol is desirable for an ISP since it alleviates the ISP’s responsibility of managing large amounts of storage for their email servers.

Internet Message Access Protocol (IMAP4) is another protocol that describes a method to retrieve email messages. However, unlike POP3, when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually deleted. Users view copies of the messages in their email client software.

Users can create a file hierarchy on the server to organize and store mail. That file structure is duplicated on the email client as well. When a user decides to delete a message, the server synchronizes that action and deletes the message from the server.

For small to medium-sized businesses, there are many advantages to the IMAP protocol. IMAP can lead to long-term storage of email messages on mail servers and allow for centralized backup. It also enables employees to access email messages from multiple locations, using different devices or client software. The mailbox folder structure that a user is used to seeing is available for viewing regardless of how the user accesses the mailbox.

For an ISP, IMAP may not be the protocol of choice. It can be expensive to purchase and maintain the disk space to support the large number of stored emails. Additionally, if customers expect their mailboxes to be backed up routinely, that can further increase the costs to the ISP.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter Six (smt2)

September 26, 2008

Routing

Routing is the method by which network devices direct messages across networks to arrive at the correct destination.

All routers must make routing decisions. They do this by looking up information stored in their routing tables. Every router contains a table of all locally-connected networks and the interfaces that connect to them. These routing tables also contain information about the routes, or paths, that the router uses to reach other remote networks that are not locally attached.

These routes can be statically assigned to the router by an administrator, or they can be dynamically given to the router by another router via a program called a routing protocol.

Every router uses a routing table to make decisions where to send packets. The routing table contains a set of routes, where each route describes which gateway or interface the router needs to use to reach a specified network.

A route has four main components:

Destination value

Mask

Gateway or interface address

Route cost or metric

To direct a message to the correct destination, the router looks at the destination IP address in the packet and then looks for a matching route in the routing table.

The destination values in a routing table refer to destination network addresses.

In order for the router to determine if it has a route to the destination IP address in its table, it must first find out which bits represent the destination network address.

The router looks up the subnet mask assigned to each potential route in the table. The router applies each subnet mask to the destination IP address in the packet. The resulting network address is then compared to the network address of the route in the table.

If a match is found, the packet is forwarded out the correct interface, or to the appropriate gateway.

When the network address matches more than one route in the routing table, the router uses the route that has the most specific, or longest, network address match from its routing table.

Sometimes there is more than one equal cost route to the same destination network. There are routing protocol rules that determine which route the router will use.

If none of the route entries match, the router directs the message to the gateway specified by the default route if it has been configured.

For a Cisco router, the IOS command show ip route displays the routes in the routing table. There are several types of routes that can appear in the routing table:

Directly-Connected Routes

When the router powers up, the configured interfaces are enabled. As they become operational, the router stores the directly attached local network addresses as connected routes in the routing table. For Cisco routers, these routes are identified in the routing table with the prefix C. These routes are automatically updated whenever the interface is reconfigured or shutdown.

Static Routes

A network administrator can manually configure a static route to a specific network. A static route does not change until the administrator manually reconfigures it. These routes are identified in the routing table with the prefix S.

Dynamically-Updated Routes (Dynamic Routes)

Dynamic routes are automatically created and maintained by routing protocols. Routing protocols are implemented in programs that run on routers and that exchange routing information with other routers in the network. Dynamically-updated routes are identified in the routing table with the prefix that corresponds to the type of routing protocol that created the route, for example R is used for the Routing Information Protocol (RIP).

Default Route

The default route is a type of static route which specifies a gateway to use when the routing table does not contain a path to use to reach the destination network. It is common for default routes to point to the next router in the path to the Internet Service Provider. If a subnet has only one router, then that router is automatically the default gateway, because all network traffic to and from that local network has no option but to travel through that router.

Configuring Static Routes

The steps to configure a static route on a Cisco router are as follows:

1. Connect to the router using a console cable.

2. Open a HyperTerminal window to connect with the first router that you want to configure.

3. Enter privileged mode, by typing enable at the Router1> prompt. Note how the > symbol changes to a # to indicate that privilege mode is operative.

Router1>enable

Router1#

4. Enter global configuration mode.

Router1#config terminal

Router1(config)#

5. Use the ip route IOS command to configure the static route, with the following format:

ip route [destination_network] [subnet_mask] [gateway_address]

For example, to enable Router1 to reach a host on network 192.168.16.0, the administrator configures a static route on Router1 with the following IOS command in the global configuration mode:

Router1(config) #ip route 192.168.16.0 255.255.255.0 192.168.15.1

To enable two-way communication with a host on network 192.168.16.0, the administrator also configures a static route on Router 2.

Since static routes are configured manually, network administrators must add and delete static routes to reflect any changes in network topology. On small networks with few possible changes, static routes require very little maintenance. In a large network, the manual maintenance of routing tables could require significant administrative time. For this reason, larger networks generally use dynamic routing rather than static routes.

Routing Protocols

Routes can change very quickly. Problems with cables and hardware failures can make destinations unreachable through the designated interface. Routers need a way to quickly update routes that does not depend on the administrator to make changes.

Routers use routing protocols to dynamically manage information received from their own interfaces and from other routers. Routing protocols can also be configured to manage manually entered routes.

Dynamic routing makes it possible to avoid the time-consuming and exacting process of configuring static routes. Dynamic routing enables routers to react to changes in the network and to adjust their routing tables accordingly, without the intervention of the network administrator.

A dynamic routing protocol learns all available routes, places the best routes into the routing table, and removes routes when they are no longer valid.

The method that a routing protocol uses to determine the best route to a destination network is called a routing algorithm.

There are two main classes of routing algorithms: distance vector and link state. Each type uses a different method for determining the best route to a destination network.

The routing algorithm is very important to dynamic routing. Whenever the topology of a network changes because of reconfiguration or failure, the routing tables in all the routers must also change to reflect an accurate view of the new topology. When all the routers in a network have updated their tables to reflect the new route, the routers are said to have converged.

In order for two routers to exchange routes, they must be using the same routing protocol and therefore the same routing algorithm.

The distance vector routing algorithm passes periodic copies of a routing table from router to router. These regular updates between routers communicate topology changes.

The distance vector algorithm evaluates the route information it receives from other routers in terms of two basic criteria:

Distance – How far away is the network from this router?

Vector – In what direction should the packet be sent to reach this network?

The distance component of a route is expressed in terms of a route cost, or metric, that can represent:

Number of hops

Administrative cost

Bandwidth

Transmission speed

Likelihood of delays

Reliability

The vector or direction component of a route is the address of the next hop along the path to the network named in the route.

An analogy for distance vectors are the highway signs found at intersections. A sign points toward a destination and indicates the distance that must be traveled to reach that destination. Further down the highway, another sign points toward the same destination, but now the distance remaining to that destination is shorter. As long as the distance is shorter, the traffic is on the best path.

Each router that uses distance vector routing communicates its routing information to its neighbors. Neighbor routers share a directly connected network. The interface that leads to each directly connected network has a distance of 0.

Each router receives a routing table from its directly connected neighbor routers. For example, Router R2 receives information from Router R1. Router R2 adds to the metric, in this case hop count, to show that there is now one more hop to get to the destination network. Then Router R2 sends this new routing table to its neighbors, including Router R3. This same step-by-step process occurs in all directions between neighbor routers.

Eventually, each router learns about other more remote networks based on the information that it receives from its neighbors. Each of the network entries in the routing table has an accumulated distance vector to show how far away that network is in a given direction.

As the distance vector discovery process proceeds, routers discover the best path to destination networks based on the information they receive from each neighbor. The best path is the path with the shortest distance or smallest metric.

Routing table updates also occur when the topology changes, for example, when a new network is added or when a router fails, causing a network to be no longer reachable. As with the network discovery process, topology change updates proceed step-by-step by sending copies of routing tables from router to router.

Common Interior Routing Command

RIP

Routing Information Protocol (RIP) is a distance vector routing protocol that is used in thousands of networks throughout the world.

The key characteristics of RIP include the following:

Initially specified in RFC 1058

Is a distance vector routing protocol

Uses hop count as the metric for path selection

Defines a hop count greater than 15 as an unreachable route

Sends routing table contents every 30 seconds, by default

When a router receives a routing update that includes a new or changed route, the router updates its routing table to reflect this new route. At each router, the hop count value is increased by one. The router uses the local network address of the directly connected router which sent the update as the next hop address.

After updating its routing table, the router immediately begins transmitting routing updates in order to inform other network routers of the change. These updates, called triggered updates, are sent independently of the regularly scheduled updates that RIP routers forward.

The RIP protocol is simple, easy to implement, and is available free of cost with most routers. These advantages make RIP a widely used and popular routing protocol.

However, RIP has several disadvantages:

Allows a maximum of 15 hops, so it can only be used for networks that connect no more than 16 routers in series.

Periodically sends complete copies of the entire routing table to directly connected neighbors. In a large network, this can cause a significant amount of network traffic each time there is an update.

Converges slowly on larger networks, when the network changes.

There are currently two versions of RIP available. These are known as RIPv1 and RIPv2. RIPv2 has many advantages over RIPv1 and is usually used unless the equipment cannot support RIPv2. The most significant difference between RIP version 1 and 2 is that RIPv2 can support classless routing, because it includes the subnet mask information in routing updates. RIPv1 does not send subnet mask information in the updates; therefore it must rely on the classfull default subnet masks.

EIGRP

Enhanced Interior Gateway Routing Protocol (EIGRP) is a Cisco proprietary enhanced distance vector routing protocol. EIGRP was developed to address some of the limitations of other distance vector routing protocols such as RIP. These limitations include the use of the hop count metric and the maximum network size of 15 hops.

Instead of hop count, EIGRP uses a number of metrics, including a configured bandwidth value, and the delay encountered when a packet travels a particular route.

The key characteristics of EIGRP are:

Uses a variety of metrics to calculate the cost of a route

Combines the next hop and metric features of distance vector protocols, with additional database and update features

Has a maximum hop count of 224 hops

Unlike RIP, EIGRP does not rely only on the routing table in the router to hold all of the information it needs to operate. EIGRP creates two additional database tables: the neighbor table and the topology table.

The neighbor table stores data about the neighboring routers that are on directly connected local networks. This neighbor table includes information such as the interface IP addresses, interface type and bandwidth.

EIGRP builds the topology table from each of the advertisements of its neighbors. The topology table contains all of the routes advertised by the neighbor routers. EIGRP depends on a routing algorithm called Diffused Update Algorithm (DUAL) to calculate the shortest path to a destination within a network and to install this route into the routing table. The topology table enables a router running EIGRP to find the best alternate path quickly when a network change occurs. If no alternate route exists in the topology table, EIGRP queries its neighbors to find a new path to the destination.

Unlike RIP, which is limited to small simple networks of less than 15 hops, EIGRP is ideal for larger, more complex networks up to 224 hops in size that require fast convergence.

Routers that use the distance vector routing algorithm have little information about distant networks and none about distant routers. The link-state routing algorithm maintains a full database of distant routers and how they interconnect.

Link-state routing uses the following features:

Routing table – List of the known paths and interfaces

Link-state advertisement (LSA) – Small packet of routing information that is sent between routers. LSAs describe the state of the interfaces (links) of a router, as well as other information, such as the IP address of each link

Topological database – Collection of information gathered from all the LSAs received by the router

SPF (Shortest Path First) algorithm – Calculation performed on the database that results in the SPF tree. The SPF tree is a map of the network as seen from the point of view of the router. The information in this tree is used to build the routing table

When LSAs are received from other routers the SPF algorithm analyzes the information in the database to construct the SPF tree. Based on the SPF tree, the SPF algorithm then calculates the shortest paths to other networks. Each time a new LSA packet causes a change to the link-state database; SPF recalculates the best paths and updates the routing table.

OSPF

Open Shortest Path First (OSPF) is a non-proprietary link-state routing protocol described in RFC 2328. The key characteristics of OSPF are:

Uses the SPF algorithm to calculate the lowest cost to a destination

Sends routing updates only when the topology changes; does not send periodic updates of the entire routing table.

Provides fast convergence

Supports VLSM and discontiguous subnets

Provides route authentication

In OSPF enabled networks, routers send link state advertisements to each other when a change occurs, for example:

A new neighbor is added

A link fails

A link is restored

If the network topology changes, for example if a link goes down or a new router is added, those routers affected by the change send update LSAs to the rest of the network. All routers update their topology databases accordingly, regenerate their SPF trees to find new shortest paths to each network, and update their routing tables with the changed routes.

Routing Within Organization

Choosing one routing protocol over another can be difficult even for expert network designers. The following guidelines may help when designing a network.

Small networks with only one gateway to the Internet can probably use static routes. Such a topology rarely needs dynamic routing.

As an organization grows and adds routers to its network topology, RIPv2 can be used. It is easy to configure and in small networks can work well. When a network begins to exceed 15 routers, RIP is no longer a good choice.

For larger networks, EIGRP and OSPF are common, but there is no simple principle that makes it obvious to choose one over the other. Each network has to be considered independently, and the three main criteria in helping settle on a protocol are:

Ease of management – What information does the protocol keep about itself? What show commands are available?

Ease of configuration – How many commands will the average configuration require? Is it possible to configure several routers in your network with the same configuration?

Efficiency – How much bandwidth does the routing protocol take up while in steady state, and how much could it take up, when converging in response to a major network event?

Configure And Verify RIP

RIP is a popular distance vector protocol supported by most routers. It is an appropriate choice for small networks containing multiple routers. Before configuring RIP on a router, think about the networks a router serves, and the interfaces on the router that connect to these networks.

The figure shows three routers. Each router serves a separate private local network, so there are three LANs. The routers are connected by separate networks as well, so there are a total of six networks shown.

With a topology like this, be careful not to assume that R1 links directly to 10.0.0.0/8 and 172.16.17.0/16. R1 will be able to reach those networks once RIP routing is properly configured.

Before configuring RIP, assign an IP address and enable all the physical interfaces that will participate in routing. On serial links, set the clock rate on the master router. After this is done, configure RIP.

For the most basic RIP configuration, there are three commands to remember:

Router(config)#router rip

Router (config-router)#version 2

Router(config-router)#network [network-number]

Enter the router rip command in global configuration mode to enable RIP on the router. Enter the network command from router configuration mode to tell the router which networks will be part of the RIP routing process. The routing process associates specific interfaces with the network-numbers and begins to send and receive RIP updates on these interfaces.

Once a configuration is done, it is a good idea to compare the running configuration with an accurate topology diagram to verify network numbers and interface IP addresses. This is good practice because, sometimes, it is easy to make a simple data entry error.

There are several ways to verify that RIP is functioning properly in the network.

If the configuration is correct, one way to verify that routing is working properly is to ping devices on remote networks. If a ping is successful, it is likely that routing is working.

Run the IP routing verification commands show ip protocols and show ip route at the CLI command prompt.

The show ip protocols command verifies that RIP routing is configured, that the correct interfaces are sending and receiving RIP updates, and that the router is advertising the correct networks.

The show ip route command shows the routing table, which verifies that routes received by RIP neighbors are installed in the routing table.

The debug ip rip command can be used to observe the networks advertised in the routing updates as they are sent and received. Debug commands display router activity in real time. Because debug activity uses router processor resources, debug should be used with care in a production network, because it can affect network operation.

Atonomous System

Internet routing architecture has evolved over the years into a distributed system of interconnected networks. The Internet is now so vast and involves so many networks that it would be impossible for a single organization to manage all the routing information needed to reach every destination around the world.

Instead, the Internet is divided up into collections of networks called Autonomous Systems (AS) that are independently controlled by different organizations and companies.

An AS is a set of networks controlled by a single administrative authority using the same internal routing policy throughout. Each AS is identified by a unique AS number (ASN). ASNs are controlled and registered on the Internet.

The most common example of an AS is the ISP. Most businesses connect to the Internet through an ISP, and so become part of the routing domain of that ISP. The AS is administered by the ISP and therefore not only includes its own network routes, but also manages the routes to all the business and other customer networks that are connected to it.

The same ASN applies to all network devices within the AS routing domain.

ISP A is an AS whose routing domain includes a local business that directly connects to that ISP for Internet access. That business does not have a separate ASN. Instead it uses the AS number of ISP A (ASN 100) in its routing information.

Also shown is a large global business with corporate offices located in Hong Kong and New York. Because they are located in different countries, each office connects to a different local ISP for Internet access. This means that the business is connected to two ISPs. Which AS does it belong to and which ASN does it use?

Because the company communicates through both ISP B and ISP C, this will cause routing confusion in terms of connectivity. Traffic from the internet does not know which AS to use to reach the large global business. To solve the problem, the business registers as an AS in its own right and is assigned an ASN of 400.

Routing Between Atonoous System

Interior Gateway Protocols (IGP) are used to exchange routing information within an autonomous system or individual organization. The purpose of an interior routing protocol is to find the best path through the internal network. IGPs run on the interior routers, that is, the routers inside an organization. Examples of interior gateway protocols are RIP, EIGRP and OSPF.

By contrast, exterior gateway protocols (EGP) are designed to exchange routing information between different Autonomous Systems. Because each AS is managed by a different administration and may use different interior protocols, networks must use a protocol that can communicate between diverse systems. The EGP serves as a translator for ensuring that external routing information gets successful interpreted inside each AS network.

EGP protocols run on the exterior routers, that is, the routers that are located at the border of an AS. Exterior routers are also called border gateways.

Unlike interior routers, which exchange individual routes with each other using IGPs, exterior routers exchange information about how to reach various networks using exterior protocols. Exterior routing protocols seek to find the best path through the Internet as a sequence of Autonomous Systems.

The most common exterior routing protocol on the Internet today is Border Gateway Protocol (BGP). It is estimated that 95% of Autonomous Systems use BGP. The most current version of BGP is version 4 (BGP-4) for which the latest description is provided in RFC 4271.

Routing Accross The Internet

Each AS is responsible for informing other ASs about which networks they can reach through that AS. ASs exchange this reachability information with each other through exterior routing protocols that run on dedicated routers, called border gateways.

Packets are routed across the Internet in several steps:

1. The source host sends a packet destined for a remote host located in another AS.

2. Since the destination IP address of the packet is not a local network, the interior routers keep passing the packet along their default routes, until eventually it arrives at an exterior router at the edge of the local AS.

3. The exterior router maintains a database for all the Autonomous Systems with which it connects. This reachability database tells the router that the path to the destination network passes through several ASs, and that the next hop on the path is through a directly-connected exterior router on a neighboring AS.

4. The exterior router directs the packet to its next hop on the path, which is the exterior router at the neighboring AS.

5. The packet arrives at the neighboring AS, where the exterior router checks its own reachability database and forwards the packet to the next AS on the path.

6. The process is repeated at each AS until the exterior router at the destination AS recognizes the destination IP address of the packet as an internal network in that AS.

7. The final exterior router then directs the packet to the next hop interior router listed in its routing table. From then on, the packet is treated just like any local packet and is directed through interior routing protocols through a series of internal next hops until it arrives at the destination host.

Exterior Routing Protocols And The ISP

Exterior gateway protocols provide many useful features for ISPs. Not only do exterior protocols allow traffic to be routed across the Internet to remote destinations, but they also provide the method by which ISPs can set and enforce policies and local preferences so that the traffic flow through the ISP is efficient and that none of the internal routes are overloaded with transit traffic.

Business customers insist on reliability for their Internet service, and so ISPs must make sure that the Internet connection for those customers is always available. They do this by providing backup routes and routers in case the regular route fails. During normal conditions, the ISP advertises the regular route to other Autonomous Systems. If that regular route fails, then the ISP sends an exterior protocol update message to advertise the backup route instead.

The flow of messages in the Internet is called traffic. Internet traffic can be categorized in one of two ways:

Local Traffic – Traffic carried within an AS that either originated in that same AS, or is intended to be delivered within that AS. This is like local traffic on a street.

Transit Traffic – Traffic that was generated outside that AS and can travel through the internal AS network in route to be delivered to destinations outside the AS. This is like through traffic on a street.

The flow of traffic between Autonomous Systems is carefully controlled. It is important to be able to limit or even prohibit certain types of messages from going to or from an AS, for security reasons or to prevent overloading.

Many Autonomous Systems are not willing to carry transit traffic. Transit traffic can cause routers to overload and fail, if those routers do not have the capacity to handle large amounts of traffic.

Configurte And Verify BGP

When an ISP puts a border router at a customer location, they usually configure it with a default static route to the ISP. Sometimes, though, an ISP may want the router to be included in its autonomous system and to participate in BGP. In these cases, it is necessary to configure the customer premise router with the commands necessary to enable BGP.

The first step in enabling BGP on a router is to configure the AS number. This step is done with the command:

router bgp [AS number]

The next step is to identify the ISP router that is the BGP neighbor with which the Customer Premise Equipment (CPE) router exchanges information. The command to identify the neighbor router is:

neighbor [IP Address] remote-as [AS number]

When an ISP customer has its own registered IP address block, it may want the routes to some of its internal networks to be known on the Internet. To use BGP to advertise an internal route, a network command is needed. The format of the network command is:

network [network address]

Once all of the customer premise equipment is installed and the routing protocols configured, the customer has both local and Internet connectivity. Now the customer is able to fully participate in other services the ISP may offer.

The IP addresses used for BGP are normally registered, routable addresses which identify unique organizations. In very large organizations private addresses may be used in the BGP process as illustrated. On the Internet, BGP should never be used to advertise a private network address.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter One (smt2)

September 15, 2008

The Internet And Standards

The Internet is a worldwide, publicly accessible network of networks. It enables individuals and businesses alike, through interconnected computer networks, to share information, resources, and services.

In the beginning, the Internet was used strictly for scientific, educational, and military research.

In 1991, regulations changed to allow businesses and consumers to connect as well. The Internet has grown rapidly, and is now global. New technologies are continuously being developed that make the Internet easier and more attractive to use. Online applications are available to the Internet user, including email, web browsing, streaming music and video, online gaming, and instant messaging.

The way people interact, share information, and even do business is changing to keep up with the continuous evolution of this global network. The Internet is creating a wider audience and consumer base for whatever message, product or service can be delivered. For many businesses, having Internet access has become critical, not only for communication, but also just for day-to-day operation. Some of the business uses of the Internet include:

E-Commerce

Communications

Collaboration and Training

With the increasing number of new devices and technologies coming online, how is it possible to manage all the changes and still reliably deliver services such as email? The answer is Internet standards.

A standard is a set of rules for how something must be done. Networking and Internet standards ensure that all devices connecting to the network use the same set of rules. By having standards, it is possible for different types of devices to send information to each other over the Internet. For example, the way an email is formatted, forwarded, and received by all devices is done in a standardized manner. If one individual sends an email via a personal computer, another individual can use a mobile phone to receive and read the e-mail as long as the mobile phone uses the same standards.

An Internet standard is the end result of a comprehensive cycle of discussion, problem solving, and testing. When a new standard is proposed, each stage of the development and approval process is recorded in a numbered Request for Comments (RFC) document so that the evolution of the standard is tracked.

There are thousands of Internet standards that help define the rules for how devices communicate on networks. These different standards are developed, published, and maintained by a variety of different organizations. By these organizations creating and maintaining standards, millions of individuals are able to connect to the Internet using a variety of devices including personal computers, cellular phones, handheld personal digital assistants (PDAs), MP3 players, and even televisions.

ISP And ISP Service

Regardless of the type of device that an individual or business uses to connect to the Internet, the device must connect through an Internet service provider (ISP). An ISP is a company or organization through which a subscriber obtains Internet access. A subscriber can be a business, a private consumer, a government body, or even another ISP.

In addition to offering connection to the Internet, an ISP can offer other services to subscribers including:

Equipment co-location – A business may opt to have some or all internal network equipment physically located on the ISP premises.

Web hosting – The ISP provides the server and application software for storing web pages and web content for the business website.

FTP hosting – The ISP provides the server and application software for the FTP site of a business.

Applications and media hosting – The ISP provides the server and software to allow a business to provide streaming media such as music, video or applications, such as online databases.

Voice over IP – A business can save on long distance telephone charges, especially for internal calls between geographically distant offices, by using Voice over IP (VoIP).

Technical support – Many businesses do not have the in-house technical expertise to manage large internal networks. Some ISPs provide technical support and consulting services for an additional fee.

Delivering Internet Service To End User

To gain access to the Internet, it is first necessary to have a connection to an ISP. ISPs offer various connection options. The main connection methods used by home and small business users are:

Dialup access

Dialup access is an inexpensive option that uses any phone line and a modem. To connect to the ISP, a user calls the ISP access phone number. Dialup is the slowest connection option, and is typically used by mobile workers and in areas where higher speed connection options are not available.

DSL

DSL is more expensive than dialup, but provides a faster connection. DSL also uses telephone lines, but unlike dialup access, DSL provides a continuous connection to the Internet. This connection option uses a special high-speed modem that separates the DSL signal from the telephone signal and provides an Ethernet connection to a host computer or LAN.

Cable modem

A cable modem is a connection option offered by cable television service providers. The Internet signal is carried on the same coaxial cable that delivers cable television to homes and businesses. A special cable modem separates the Internet signal from the other signals carried on the cable and provides an Ethernet connection to a host computer or LAN.

Satellite

Satellite connection is an option offered by satellite service providers. The user’s computer connects through Ethernet to a satellite modem that transmits radio signals to the nearest POP within the satellite network.

Bandwidth is measured in bits per second (bps). Higher bandwidth speeds are measured in kilobits per second (kbps), megabits per second (Mbps), or gigabits per second (Gbps).

There are three main types of high bandwidth connection options that are used by businesses:

T1 connections transmit data up to 1.544 Mbps. T1 connections are symmetrical, meaning that the upload bandwidth is the same as the download bandwidth. A medium-sized business may need only one T1 connection. E1 is a European standard that transmits data at 2.048 Mbps.

T3 connections transmit data up to 45 Mbps. Although considerably more expensive than a T1 connection, a larger business may need a T3 connection to accommodate the number of employees. Large businesses with multiple locations might use a combination of T1 and T3 lines. E3 is a European standard that transmits data at 34.368 Mbps.

Metro Ethernet offers a wide range of high-bandwidth options, including Gbps links. Large companies with many branches in the same city, such as banks, use Metro Ethernet. Metro Ethernet connects the main office location and all the branches using switched technology. Metro Ethernet allows the transfer of large amounts of data faster and less expensively than other high-bandwidth connection options.

After the type of connection is established, it is necessary to connect to the ISP to get access to the Internet. Individual computers and business networks connect to the ISP at a POP. POPs are located at the edge of the ISP’s network and serve a particular geographical region. They provide a local point of connection and authentication (password control) for multiple end users. An ISP may have many POPs, depending on the size of the POP and the area that it services.

Within the ISP network, high-speed routers and switches move data between the various POPs. Multiple links interconnect the POPs to provide alternate routes in case one of the links becomes overloaded with traffic or fails.

Internet Hierarcy

The Internet has a hierarchical structure. At the top of this hierarchy are the ISP organizations. The ISP POPs connect to an Internet Exchange Point (IXP). In some countries, this is called a Network Access Point (NAP). An IXP or NAP is where multiple ISPs join together to gain access to each other’s networks and exchange information. There are currently over 100 major exchange points located worldwide.

The Internet backbone consists of this group of networks owned by various organizations and interconnected through IXPs and private peering connections.

The Internet backbone is like an information super highway that provides high-speed data links to interconnect the POPs and IXPs in major metropolitan areas around the world. The primary medium that connects the Internet backbone is fiber-optic cable. This cable is typically installed underground to connect cities within continents. Fiber-optic cables also run under the sea to connect cities between continents.

ISPs are classified into different tiers according to how they access the Internet backbone:

Tier 1 ISPs are the top of the hierarchy. Tier 1 ISPs are huge organizations that connect directly with each other through private peering, physically joining their individual network backbones together to create the global Internet backbone. Within their own networks, the Tier 1 ISPs own the routers, high-speed data links, and other pieces of equipment that join them to other Tier 1 ISP networks. This includes the undersea cables that connect the continents.

Tier 2 ISPs are the next tier in terms of backbone access. Tier 2 ISPs can also be very large, even extending across several countries, but very few have networks that span entire continents or between continents. To provide their customers with global Internet access, some Tier 2 ISPs pay Tier 1 ISPs to carry their traffic to other parts of the world. Some Tier 2 ISPs exchange global traffic with other ISPs less expensively through public peering at IXPs. A large IXP may bring together hundreds of ISPs in a central physical location for access to multiple networks over a shared connection.

Tier 3 ISPs are the farthest away from the backbone. Tier 3 ISPs are generally found in major cities and provide customers local access to the Internet. Tier 3 ISPs pay Tier 1 and 2 ISPs for access to the global Internet and Internet services.

Indentifying The Structure Of The Internet

Network utilities create a map of the various interconnections to visualize how ISP networks interconnect. These utilities also illustrate the speed at which each connecting point can be reached.

The ping command tests the accessibility of a specific IP address. The ping command sends an echo request packet to the destination address and then waits for an echo reply packet to return from that host. It measures the time that elapses between when the request packet is sent and the response packet is received. The ping command output indicates whether the reply was received successfully and displays the round-trip time for the transmissions.

To use the ping command, enter the following command at the Cisco command line interface (CLI) router prompt or at the Windows command prompt:

ping <ip address>

where <ip address> is the IP address of the destination device.

If a packet does not reach the destination, or if delays are encountered along the way, how is it determined where the problem is located or through which routers the packet has passed?

The traceroute utility displays the path that a packet takes from the source to the destination host. Each router that the packet passes through is called a hop. Traceroute displays each hop along the way. It also calculates the time between when the packet is sent and when a reply is received from the router at each hop.

If a problem occurs, use the output of the traceroute command to help determine where a packet was lost or delayed. The output also shows the various ISP organizations that the packet must pass through during its journey from source to destination.

The Windows tracert utility works the same way. There are also a number of visual traceroute programs that provide a graphical display of the route that a packet takes.

ISP Requirements

An ISP requires a variety of devices to accept input from end users and provide services. To participate in a transport network, the ISP must be able to connect to other ISPs. An ISP must also be able to handle large volumes of traffic.

Some of the devices required to provide services include:

Access devices that enable end users to connect to the ISP, such as a DSL Access Multiplexer (DSLAM) for DSL connections, a Cable Modem Termination System (CMTS) for cable connections, modems for dialup connections, or wireless bridging equipment for wireless access.

Border gateway routers to enable the ISP to connect and transfer data to other ISPs, IXPs, or large business enterprise customers.

Servers for such things as e-mail, network address assignment, web space, FTP hosting, and multimedia hosting.

Power conditioning equipment with substantial battery backup to maintain continuity if the main power grid fails.

High capacity air conditioning units to maintain controlled temperatures.

ISPs, like other businesses, want to expand so that they can increase their income. The ability to expand their business depends on gaining new subscribers and selling more services. However, as the number of subscribers grows, the traffic on the ISP’s network also grows.

Eventually, the increased traffic may overload the network, causing router errors, lost packets, and excessive delays. In an overloaded network, subscribers can wait for minutes for a web page to load, or may even lose network connection. These customers may choose to switch to a competing ISP to get better performance.

Loss of customers directly translates to loss of income for an ISP. For this reason, it is important that the ISP provide a reliable and scalable network.

Scalability is the ability to allow for future change and growth. A scalable network can expand quickly to support new users and applications without impacting the performance of the service being delivered to existing users.

The most scalable devices are those that are modular and provide expansion slots for adding modules. Different modules can have different numbers of ports. In the case of a chassis router, some modules also offer different interface options, allowing for different connection options on the same chassis.

Roles And Responsibilities Within AN ISP

ISP organizations consist of many teams and departments who are responsible for ensuring that the network operates smoothly and that the services that the ISP offers are available.

Network support services are involved in all aspects of network management, including planning and provisioning of new equipment and circuits, adding new subscribers, network repair and maintenance, as well as customer service for network connectivity issues.

When a new business subscriber orders ISP services, the various network support service teams work together to ensure that the order is processed correctly and that the network is ready to deliver those services as quickly as possible.

Each of the network support service teams have their own roles and responsibilities:

Customer Service receives the order from the customer and ensures that the customer’s specified requirements are accurately entered into the order tracking database.

Planning and Provisioning determines whether the new customer has existing network hardware and circuits or whether new circuits need to be installed.

The On-site Installation is advised of which circuits and equipment to use and then installs them at the customer site.

The Network Operations Center (NOC) monitors and tests the new connection and ensures that it is performing properly.

The Help Desk is notified by the NOC when the circuit is ready for operation and then contacts the customer to guide them through the process of setting up passwords and other necessary account information.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter Two (smt2)

September 15, 2008

ISP Helpdek Organization

Connection to the local network, as well as the Internet, is critical to most business operations. Solving network problems is a top priority for businesses.

Since ISPs provide the Internet connection for businesses, they also provide support for problems that occur with that connectivity. This support usually includes assistance with customer equipment problems. ISP support is typically provided through the ISP help desk.

ISP help desk technicians have the knowledge and experience to fix problems and get users connected. ISP help desk technicians provide solutions to customers’ problems with the goal of network optimization and customer retention. Whether the problem is connecting to the Internet or getting email, the ISP help desk is usually the first place a user or business turns to for help.

A good help desk team ensures that problems are resolved quickly and to the customer’s satisfaction. Providing Internet services is a highly competitive business, and poor services can cause the ISP to lose customers to competing ISPs.

At an ISP, there are usually three levels of customer support:

Level 1 is for immediate support handled by junior-level help desk technicians.

Level 2 handles calls that are escalated to more experienced telephone support.

Level 3 is for calls that cannot be resolved by phone support and require a visit by an on-site technician.

In addition to ISPs, many other types of medium to large businesses employ help desk or customer support teams. The titles assigned to the technicians may vary from those described here, although the three-level hierarchy is the most common structure. Depending on the size of the organization, the help desk can consist of one person that performs all three levels of support, or it can be a comprehensive call center with elaborate call routing facilities and escalation rules. Some ISPs and businesses contract out their help desk functions to a third-party call center company, which provides the services of Level 1 and Level 2 technicians.

Roles Of ISP Technician

When a user initially contacts the help desk to resolve an issue, the call or message is usually directed to a Level 1 support technician. Level 1 support is usually an entry-level position that provides junior technicians with valuable experience. The duties and responsibilities of the Level 1 technician include the following:

Diagnose basic network connectivity issues

Diagnose and document the symptoms of hardware, software, and system problems

Resolve and document any basic user issues

Help customers complete online order forms to attain various systems, services, hardware, software, reports, and entitlements

Escalate any issues that cannot be resolved to the next level

Many customer issues are resolved by the Level 1 support technician. Level 2 support typically has fewer agents available, but they are at a higher skill level. The duties and responsibilities of the Level 2 technician are similar to that of the Level 1 technician. These agents are expected to solve problems that are more challenging and require more problem-solving capabilities than the normal end-user issues.

Some smaller ISPs and businesses may combine Level 1 and Level 2 support, requiring that all technicians have the higher technical capabilities.

Many larger service providers have expanded their businesses to include managed services or on-site support of a customer network. When an ISP is providing managed services, it often requires technicians to visit customer sites for the purpose of installation and support. This represents Level 3 support.

The duties and responsibilities of the on-site installation and support technician include the following:

Diagnose and resolve problems that have been escalated by Level 1 and Level 2 technicians

Survey network conditions for analysis by a senior network technician for more complex problems

Install and configure new equipment, including customer premise equipment upgrades, when necessary.

Level 3 support is usually in accordance with a Service Level Agreement (SLA). A SLA resembles an insurance policy because it provides coverage, or service, in the case of a computer or network problem.

Interacting With Customers

Help desk technicians may be required to provide phone support, email support, web-based support, online chat support, and possibly onsite support. They are often the first point of contact for frustrated and anxious customers. Until a problem is solved, help desk technicians may continue to get calls and correspondence asking for status updates and time estimates to resolve an issue.

The help desk technician must be able to keep focused in an environment with frequent interruptions and perform multiple tasks efficiently and accurately. It can be difficult to consistently maintain a positive attitude and provide a high level of service. The help desk technician has to have excellent interpersonal skills and effective communication skills, both oral and written. The technician must also be able to work independently as well as part of a team.

It is also important for the help desk technician to be able to handle customer issues with speed, efficiency, and professionalism.

Basic incident management procedures should be followed every time a help desk technician receives a call and begins troubleshooting issues. Incident management includes techniques such as opening a trouble ticket and following a problem-solving strategy. Problem-solving techniques include using troubleshooting flowcharts, addressing questions in a template format, and maintaining proper ticket escalation procedures.

In addition to technical ability, help desk technicians need other skills to be successful.

Customer service and interpersonal skills are important when handling difficult clients and incidents. Help desk technicians must be able to greet customers pleasantly and maintain a professional and courteous demeanor throughout the call until the customer request is resolved or escalated. They must also know how to relieve customer stress and respond to abusive customers. Some of the skills that are consistently used in successful help desk communication include:

Preparation

Courteous greeting

Opening a trouble ticket

Listening to the customer

Adapting to the customer’s temperament

Correctly diagnosing a simple problem

Logging the call

Opening trouble tickets and logging information on the tickets are critical to help desk operation. When there are many calls relating to a single problem or symptom, it is helpful to have information on how the problem was resolved in the past. It is also important to relay to the customer what is being done to solve the problem. Good information on open trouble tickets helps communicate accurate status, both to the customer and other ISP personnel.

Using Teh OSI Models

When a network connectivity problem is reported to the help desk, there are many methods available to diagnose the problem. One common method is to troubleshoot the problem using a layered approach. Using a layered approach requires that the network technician be familiar with the various functions that occur as messages are created, delivered, and interpreted by the network devices and hosts on the network.

The process of moving data across a network is highly structured. It is best visualized using the seven layers of the Open Systems Interconnection (OSI) model, commonly referred to as the OSI model. The OSI model breaks network communications down into multiple processes. Each process is a small part of the larger task.

For example, in a vehicle manufacturing plant, one person does not assemble the entire vehicle. The vehicle moves from station to station, or levels, where specialized teams add various components. Each station adds their assigned components, and then passes the vehicle to the next station. The complex task of assembling a vehicle is made easier by breaking it into more manageable and logical tasks. When a problem occurs in the manufacturing process, it is possible to isolate the problem to the specific task where the defect was introduced, and then fix it.

In a similar manner, the OSI model can be used as a reference when troubleshooting to identify and resolve network problems.

The seven layers of the OSI model can be divided into two parts: upper layers and lower layers.

The upper layer is sometimes used to refer to any layer above the transport layer of the OSI model. The upper layers of the OSI model deal with application functionality and generally are implemented only in software. The highest layer, the application layer, is closest to the end user.

The lower layers of the OSI model handle data transport functions. The physical and data link layer are implemented in both hardware and software. The physical layer is closest to the physical network medium, or network cabling. The physical layer actually places information on the medium.

End stations, like clients and servers, usually work with all seven layers. Networking devices are only concerned with the lower layers. Hubs work on Layer 1, switches on Layers 1 and 2, routers on Layers 1 to 3, and firewalls are concerned with Layers 1, 2, 3 and 4.

OSI Models Protocols And technologies

When using the OSI model as a framework for troubleshooting, it is important to understand which functions are performed at each layer, and what network information is available to the devices or software programs performing these functions. For example, many processes must occur for email to successfully travel from the client to the server. Let us look at how the OSI model breaks the common task of sending and receiving email into separate and distinct steps.

Step 1: Upper layers create the data.

When a user sends an email message, the alphanumeric characters within the message are converted to data that can travel across the network. Layers 7, 6 and 5 are responsible for ensuring that the message is placed in a format that can be understood by the application running on the destination host. This process is called encoding. The upper layers then send the encoded messages to the lower layers for transport across the network. Transporting the email to the correct server relies on the configuration information provided by the user. Problems that occur at the application layer are often related to errors in the configuration of the user software programs.

Step 2: Layer 4 packages the data for end-to-end transport.

The data that comprises the email message is packaged for network transport at Layer 4. Layer 4 breaks the message down into smaller segments. A header is placed on each segment indicating the TCP or UDP port number that corresponds to the correct application layer application. Functions in the transport layer indicate the type of delivery service. Email utilizes TCP segments, therefore packet delivery is acknowledged by the destination. Layer 4 functions are implemented in software that runs on the source and destination hosts. However, firewalls often use the TCP and UDP port numbers to filter traffic. Therefore, problems that occur at Layer 4 can be caused by improperly configured firewall filter lists.

Step 3: Layer 3 adds the network IP address information.

The email data received from the transport layer is put into a packet that contains a header with the source and destination logical IP addresses. Routers use the destination address to direct the packets across the network along the appropriate path. Incorrectly configured IP address information on the source or destination systems can cause Layer 3 problems to occur. Since routers also use IP address information, router configuration errors can also cause problems at this layer.

Step 4: Layer 2 adds the data link layer header and trailer.

Each network device in the path from the source to the destination, including the sending host, encapsulates the packet into a frame. The frame contains the physical address of the next directly-connected network device on the link. Each device in the chosen network path requires framing in order for it to connect to the next device. Switches and network interface cards (NICs) use the information in the frame to deliver the message to the correct destination device. Incorrect NIC drivers, interface cards themselves, or hardware problems with switches can cause Layer 2 issues to occur.

Step 5: Layer 1 converts the data to bits for transmission.

The frame is converted into a pattern of 1s and 0s (bits) for transmission on the medium. A clocking function enables the devices to distinguish these bits as they travel across the medium. The medium can change along the path between the source and destination. For example, the email message can originate on an Ethernet LAN, cross a fiber campus backbone, and cross a serial WAN link until it reaches its destination on another remote Ethernet LAN. Layer 1 problems can be caused by loose or incorrect cables, malfunctioning interface cards, or electrical interference.

At the receiving host, the process described in steps 1 through 5 are reversed, with the message traveling back up the layers to the appropriate application.

Troubleshooting Using OSI Models

As a theoretical model, the OSI model defines the protocols, hardware, and other specifications that operate at the seven layers.

The OSI model also provides a systematic basis for troubleshooting a network. In any troubleshooting scenario, the basic problem-solving procedure includes the following:

1. Define the problem

2. Isolate the cause of the problem

3. Solve the problem

Identify and prioritize alternative solutions

Select one alternative as the solution

Implement the solution

Evaluate the solution

If an identified solution does not fix the problem, undo any changes and proceed to the next possible solution. Loop through the steps until a solution works.

In addition to the basic problem solving procedures, the OSI model can be used as a guideline for troubleshooting. In any troubleshooting situation, it is always best to start with the easy things. Using the OSI model as a guide, the help desk technician can query the customer to help define the problem and isolate the cause.

The help desk technician usually has a standard checklist or script to follow when troubleshooting a problem. One troubleshooting method is the bottom-up approach, which starts at the lowest layer.

Layer 1 Troubleshooting

The technician should start with Layer 1 issues first. Remember, Layer 1 deals with the physical connectivity of the network devices. Layer 1 problems often involve cabling and electricity, and are the causes of many help desk calls. Some of the more common Layer 1 problems include the following:

Device power off

Device power unplugged

Loose network cable connection

Incorrect cable type

Faulty network cable

To troubleshoot at Layer 1, check that all devices have the proper electrical supply, and that the devices are turned on. This seems to be an obvious situation, but many times a device within the network path from source to destination may be overlooked by the person reporting the problem. If there are any LEDs that display the status of the connectivity, verify with the customer that they are indicating correctly. If the technician is on-site at the customer location, the next step is to visually inspect the network cabling and reconnect cables to ensure a proper connection. When remotely troubleshooting a problem, advise the caller through each step and what to look for, and what to do if an error is found. If it is determined that all Layer 1 issues have been addressed, it is time to travel up the OSI model to Layer 2.

Layer 2 Troubleshooting

Network switches and host NICs perform Layer 2 functions. Layer 2 problems can be caused by faulty equipment, incorrect device drivers, or an improperly configured switch. When remotely troubleshooting a problem, it may be difficult to isolate a Layer 2 problem.

An on-site technician can check whether the NIC is installed and working properly. Reseating the NIC, or replacing a suspected faulty NIC with a known good NIC, helps to isolate the problem. The same process can be done with any network switch.

Layer 3 Troubleshooting

At Layer 3, the technician needs to investigate the logical addressing used in the network, such as the IP address scheme. If the network is using IP addressing, the technician verifies that the device has the proper settings, such as:

IP address within the assigned network

Correct subnet mask

Correct default gateway

Other settings as required, such as DHCP or DNS

At Layer 3, several utilities can assist with the troubleshooting process. Three of the most common command line tools are:

ipconfig – Shows IP settings on the computer

ping – Tests basic network connectivity

traceroute – Determines if the routing path between the source and destination is available

Most network problems can usually be resolved using these Layer 1, 2, and 3 troubleshooting techniques.

Layer 4 Troubleshooting

If Layers 1 through 3 all appear to be operating normally and the technician can successfully ping the IP address of the remote server, it is time to check the higher layers. For example, if a network firewall is used along the path, it is important to check that the application TCP or UDP port is opened and no filter lists are blocking traffic to that port.

Layer 5 through 7 Troubleshooting

The technician should also check the application configuration. For example, if troubleshooting an email issue, ensure that the application is configured with correct sending and receiving email server information. It is also necessary to ensure that domain name resolution is occurring as expected.

For remote technicians, higher layer issues can be checked by using other network utility tools, such as a packet sniffer, to view traffic as it crosses the network. A network application, such as Telnet, can also be used to view configurations.

While the bottom-up approach works for many situations, a top-down approach can also be used. A top-down approach simply reverses the order in which things are checked, starting with the application layer.

A divide-and-conquer approach can also be used. This technique is one in which the technician may choose to start the troubleshooting process at a middle layer, such as the network layer. The technician then works up or down the OSI model, depending on troubleshooting results from that layer.

Helpdesk Troubleshooting Scenarios

The number and types of calls received by the help desk can vary extensively. Some of the most common calls include email and connectivity issues.

Email Issues

Can receive but not send

Can send but not receive

Cannot send or receive

Nobody can reply to messages

A very common cause of many email problems is using the wrong POP, IMAP or SMTP server names. It is best to check with the email administrator to confirm the proper name of the email server and SMTP sever. In some cases, the same server name for both POP/IMAP and SMTP are used. Also, confirm that the username and password are correct.

When troubleshooting these issues over the phone, it is important to step the customer through the configuration parameters carefully. Many customers are unfamiliar with both the terminology and the values of the various configuration parameters. If possible, connecting to the customer device via remote management software is preferred.

Another problem that can affect the function of applications is a failure of DNS to correctly resolve server names. This can be checked with the command line ping or nslookup. A simple web browser check for DNS operation can prevent needless troubleshooting steps.

Customer Connectivity Issues

Connectivity problems are more common with new customers trying to connect for the first time; however, sometimes existing customers encounter connectivity issues. First-time customers usually have a problem with the hardware as well as software settings. Existing customers notice connectivity problems when they cannot open a web page or connect to instant messaging or email.

There can be many reasons why a customer has no connectivity including the following:

Billing account issues

Hardware failure

Physical layer failure

Application settings

Application plug-in missing

Missing applications

In many cases, the problem is a faulty cable, or even a cable plugged into an incorrect port. Other problems may require researching similar issues on FAQs or a knowledge base.

Creating And Using Helpdesk Records

When a Level 1 help desk technician receives a call, there is a certain process followed in gathering information, as well as a system to store and retrieve relevant information. This is extremely important in case a call has to be escalated to Layer 2, or even need an on-site visit.

The information gathering and recording process starts as soon as the technician answers the phone. When the customer identifies who they are, the technician accesses the relevant customer information. Typically, a database application is used to manage the customer information.

The information is transferred to a trouble ticket, or incident report. This document can be a piece of paper in a paper filing system or an electronic tracking system designed to follow the troubleshooting process from beginning to end. Each person who works on the customer’s problem is expected to record what was done in the trouble ticket. When an on-site call is required, the trouble ticket information can be converted to a work order that the on-site technician can take to the customer site.

When a problem is resolved, the solution is documented in the customer work order or trouble ticket, and in a knowledge-base document for future reference.

Occasionally, the help desk technician may receive a call that cannot be resolved quickly. In this case, the technician is responsible for passing the call to someone who is more qualified to resolve the issue. This is the process of call escalation in which the call is passed to a Level 2 technician.

Level 1 and Level 2 help desk technicians attempt to solve customer problems using the telephone, web tools, and possibly even remote desktop sharing applications.

If the help desk technicians are not able to remotely fix the problem, it is often necessary to dispatch a mobile on-site technician to the customer premise location. It is the job of the on-site technician to visit the customer premise to physically work on the problem equipment. The help desk technician can make an appointment with the customer for the on-site technician to perform the repairs, or it may be the responsibility of the on-site technician to arrange the appointment.

To properly troubleshoot the problem, the on-site technician reviews the trouble ticket to see what was previously done. This review gives the technician some background information, as well as a logical starting point. It also helps the technician decide which tools and supplies to bring, rather than having to leave the customer site to obtain supplies.

On-site technicians typically work on the network at the customer location, although there are instances where the technician is unable to make the needed repairs and must bring the damaged equipment back to the ISP site for repair.

Customer Site Procedure

There are four steps an on-site technician should perform before beginning any troubleshooting or repair at the customer site:

1. Provide proper identification to the customer.

2. Review the trouble ticket or work order with the customer to verify that the information is correct.

3. Communicate the current status of any identified problems or issues, as well as the actions the technician expects to take at the customer site that day.

4. Obtain permission from the customer to begin the work.

The technician must verify all items on the trouble ticket. Once the technician is familiar with all issues, the work can begin. The technician checks all device and network settings, and runs any necessary utilities. When necessary, the technician may have to swap out suspected faulty hardware with known good hardware to determine if a hardware problem exists. Once the technician determines the cause of the problem, he or she can attempt the repair and observe the results.

When finished, the technician communicates the nature of the identified problem to the customer, what solution was applied, and any follow-up procedures. Before the problem can be considered fully resolved, the technician must obtain the customer’s acceptance. The technician can then close the trouble ticket and document the solution.

A copy of the documentation is left with the customer. The document includes the original help desk call problem and the actions taken to solve the problem. The technician records the final solution and the customer acceptance is indicated on the trouble ticket. For future reference, the technician should also record the problem and the solution in the help desk documentation and FAQs.

In some cases, an on-site technician can uncover network problems that require upgrades or reconfiguration of the network devices. When this occurs, it may be outside of the scope of the original trouble ticket. These issues are usually communicated to both the customer and the ISP network personnel for further action.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter Three (smt2)

September 15, 2008

Site Survey

When a small company grows rapidly, the original network that supports the company often cannot keep pace with the expansion. Employees at the company may not realize how important it is to plan for network upgrades. The business may just add various network hardware devices, of varying quality, from different manufacturers, and different network connection technologies, in order to connect new users. The quality of the current network may become degraded as each new user is added, until it can no longer support the level of network traffic that the users generate.

It is at the point when the network starts to fail that most small businesses look for help to redesign the network to meet the new demands. An ISP or managed service provider may be called in to provide advice, and to install and maintain the network upgrade.

Before a network upgrade can be properly designed, an on-site technician is dispatched to perform a site survey to document the existing network structure. It is also necessary to investigate and document the physical layout of the premises to determine where new equipment can be installed.

A site survey provides much information to the network designer and creates a proper starting point for the project. It shows what is already on site, and gives a good indication as to what is needed. A sales representative may accompany the technician to the site to interview the customer as well.

Some of the more important pieces of information that can be gathered during a site survey include:

Number of users and types of equipment

Projected growth

Current Internet connectivity

Application requirements

Existing network infrastructure and physical layout

New services required

Security and privacy considerations

Reliability and Uptime expectations

Budget constraints

It is a good idea to obtain a floor plan, if possible. If a floor plan is not available, the technician can draw a diagram indicating the size and locations of all rooms. An inventory of existing network hardware and software is also useful to provide a baseline of requirements.

The technician should be prepared for anything when doing the site survey. Networks do not always meet local codes of practice in terms of electrical, building or safety regulations, nor adhere to any standards.

Sometimes networks grow haphazardly over time and end up being a mixture of technologies and protocols. The technician should be careful not to offend the customer by expressing an opinion about the quality of the existing installed network.

When the technician visits the customer premises, he or she should do a thorough overview of the network and computer setup up. There may be some obvious issues such as unlabeled cables, poor physical security for network devices, lack of emergency power, or lack of a UPS for critical devices. These conditions should be noted on the technician’s report, as well as the other requirements gathered from the survey and the customer interview.

When the site survey is completed, it is important that the technician review the results with the customer, to ensure that nothing is missed and that there are no errors in the report. If everything is accurate, the report provides an excellent basis for the new network design.

Physical And Logical Topologies

Both the physical and logical topologies of the existing network need to be documented. A technician gathers the information during the site survey to create both a physical and logical topology map of the network. A physical topology is the actual physical location of cables, computers, and other peripherals. A logical topology documents the path that data takes through a network and the location where network functions, like routing, occur.

In a wired network, the physical topology map consists of the wiring closet, as well as the wiring to the individual end user stations. In a wireless network, the physical topology consists of the wiring closet and an access point. Since there are no wires, the physical topology contains the wireless signal coverage area.

The logical topology is generally the same for both a wired and wireless network. It includes the naming and Layer 3 addressing of end stations, router gateways, and other network devices, regardless of the physical location. It indicates the location of routing, network address translation, and firewall filtering.

Network Requirements Documentation

Along with creating the topology maps for the existing network, it is necessary to obtain additional information about the hosts and networking devices that are currently installed in the network. This information should be recorded on a brief inventory sheet. In addition to currently installed equipment, document any planned growth that the company anticipates in the near future.

This information helps the network designer determine what new equipment is required, and the best way to structure the network to support the anticipated growth.

The inventory sheet of all the network installed devices includes:

Device name

Location

Brand and model

Operating system

Logical addressing information

Method of connectivity

Security information

Network Upgrades

Extensive planning should go into a network upgrade. Just like any project, a need is identified and then a plan outlines the process from beginning to end. A good project plan will help identify any strengths, weaknesses, opportunities, or threats (SWOT). The plan should clearly define the tasks, and the order in which tasks are completed.

Examples of good planning:

Sports teams follow game plans

Builders follow blueprints

Ceremonies or meetings follow agendas

A network that is a patchwork of devices strung together, using a mixture of technologies and protocols, is usually an indicator of poor initial planning. These types of networks are susceptible to downtime, and are difficult to maintain and troubleshoot.

The planning of a network upgrade begins after the site survey and report are completed. There are five distinct phases:

Phase 1: Requirements Gathering

After all information has been gathered from the customer and the site visit, it is analyzed to determine network requirements. This analysis is done by the design team at the ISP, which creates an Analysis Report.

Phase 2: Selection and Design

Select devices and cabling based on the requirements outlined in the Analysis Report. Create multiple designs and regularly share them with other members on the project. This allows team members to view the LAN from a documentation perspective and evaluate trade-offs in performance and cost. It is during this step that any weaknesses of the design can be identified and addressed.

Also during this phase, prototypes are created and tested. A successful prototype is a good indicator of how the new network will operate.

When the design is approved by the customer, implementation of the new network can begin.

Phase 3: Implementation

If the first two steps are done correctly, the implementation phase may be performed without incident. If there are tasks that have been overlooked in the earlier phases, they must be corrected during implementation. Creation of a good implementation schedule and allowing for some additional time for unexpected events, keeps disruption of the customer’s business to a minimum. Staying in constant communication with the customer during the installation is critical to the success of the project.

Phase 4: Operation

The network is brought into service in what is termed a production environment. Prior to this step, the network is considered to be in a testing or implementation phase.

Phase 5: Review and Evaluation

After the network is operational, the design and implementation must be reviewed and evaluated. For this process, the following steps are recommended:

Compare the user experience with the goals in the documentation and evaluate if the design is right for the job.

Compare the projected designs and costs with the actual deployment. This ensures that future projects will benefit from the lessons learned on this project.

Monitor the operation and record changes. This ensures that the system is always fully documented and accountable.

It is important that, at each phase, there is careful planning to ensure the project goes smoothly and the installation is successful. Onsite technicians are often included in the planning, because they participate in all phases of the upgrade.

Physical Environment

One of the first things that the network designer does to select the equipment and design of the new network is to examine existing network facilities and cabling. The facilities include the physical environment, the telecommunication room, as well as existing network wiring. A telecommunications room or wiring closet, in a small, single-floor network is usually referred to as the Main Distribution Facility (MDF).

The MDF typically contains many of the network devices such as switches or hubs, routers, access points, and so on. It is where all of the network cable concentrates to a single point. Many times, the MDF also contains the Point of Presence (POP) of the ISP, where the network makes the connection to the Internet through a telecommunications service provider.

If additional wiring closets are required, these are referred to as Intermediate Distribution Facilities (IDFs). IDFs are typically smaller than the MDF and will connect to the MDF.

In many small businesses, no telecommunications room or closet exists. Network equipment may be located on a desk or other furniture, and wires could be just lying on the floor. Network equipment must always be secure. As a network grows, it is important to consider the telecommunications room as critical to the security and reliability of the network.

Cabling Consideration

When the existing cabling is not up to specification for the new equipment, new cable must be planned for and installed. The condition of the existing cabling can quickly be determined by the physical inspection of the network during the site visit. When planning the installation of network cabling, there are four physical areas to consider:

User work areas

Telecommunications room

Backbone area

Distribution area

There are many different types of network cable to choose from, and some are more common than others.

Shielded Twisted Pair (STP): Usually Category 5, 5e, or 6 cable that has a foil shielding to protect from outside electromagnetic interference (EMI). Distance limitation is approximately 328 feet (100 meters).

Unshielded Twisted Pair (UTP): Usually Category 5, 5e, or 6 cable does not provide extra shielding from EMI, but it is inexpensive. Cable runs should avoid electrically noisy areas. Distance limitation is approximately 328 feet (100 meters).

Coaxial: Has a solid copper core with several protective layers including polyvinyl chloride (PVC), braided wire shielding, and a plastic covering. Distance several miles (kilometers) limitations depend on the purpose of the connection.

Fiber Optic cable: A medium that is not susceptible to EMI, and can transmit data faster and farther than copper. Depending on the type of fiber optics, distance limitations can be several miles (kilometers).

There are also several organizations in the world that provide LAN cabling specifications.

The Telecommunications Industry Association (TIA) and the Electronic Industries Alliance (EIA) worked together to provide the TIA/EIA cable specifications for LANs. Two of the most common TIA/EIA cable specifications include the 568-A and 568-B standards. Both of these standards typically use the same Cat 5 or Cat 6 cable, but with a different termination color code.

There are three different types of twisted pair cables that are used in networks:

Straight-through: Used between dissimilar devices, such as a switch and a computer or a switch and a router

Crossover: Used between similar devices, such as two switches or two computers

Console (or Rollover): Used to connect a computer to the console port of a router or switch to do initial configuration

Another cable type that is common in networks is a serial cable. A serial cable is typically used to connect the router to an Internet connection. This Internet connection may be to the phone company, the cable company, or a private ISP.

Structured Cable

When designing a structured cable project, the first step is to obtain an accurate floor plan. The floor plan will allow the technician to identify possible wiring closet locations, identify cable runs, as well as which electrical areas to avoid.

Once the technician has identified and confirmed the locations of network devices, it is time to draw the network on the floor plan. Some of the more important items to document include the following:

Patch cables: Short cable from the computer to the wall plate in the user work area

Horizontal cable: Cable from the wall plate to the IDF in the distribution area

Vertical cable: Cable from the IDF to the MDF in the organization’s backbone area

Backbone cable: The part of a network that handles the major traffic

Location of wiring closet: Area to concentrate end user cable to hub or switch

Cable management system: Series of trays and straps used to guide and protect cable runs

Cable labeling system: Proper labeling system or scheme to identify cables

Electrical considerations: Premises should have adequate outlets to support electrical requirements of network equipment

Purchasing Environments

As the ISP team plans the network upgrade, there are issues related to purchasing new equipment, as well as maintenance of new and existing equipment that must be addressed. There are generally two options for the new equipment as follows:

Managed Service: In this scenario, the equipment would be obtained from the ISP through a lease or some other agreement, and the ISP would be responsible for updates and maintenance of the equipment

In-house: In this scenario, the equipment would be purchased completely by the customer, and the customer would be responsible for updates, warranties, and maintenance of the equipment

When purchasing equipment, cost is always a major factor. A good cost analysis of the purchase options will provide a sound basis for the final purchase decision.

If the managed service is chosen, there will be lease costs, as well as other service costs as outlined in the Service Level Agreement (SLA).

If the equipment is purchased outright, the customer should be aware of cost, warranty coverage, compatibility with existing equipment, as well as update and maintenance issues. All of these have a cost, and should be analyzed to determine cost-effectiveness.

Selecting network Device

After analyzing requirements, the design staff recommends the appropriate network devices to connect and support the new network functionality.

Modern networks use a variety of devices for connectivity. Each device has certain capabilities to control the flow of data across a network. A general rule is that the higher the device is in the OSI model, the more intelligent it is. What this means is that a higher-level device can better analyze the data traffic and forward it based on information not available at lower layers. As an example, a Layer 1 hub can only forward data out all ports, while a Layer 2 switch can filter the data and only send it out the port connected to the destination based on MAC address.

As switches and routers evolve, the distinction between them may seem blurred. One simple distinction remains: LAN switches provide connectivity within organizations’ local area networks, while routers are needed to interconnect local networks and in a wide-area network environment.

In addition to switches and routers, there are other connectivity options available for LANs. Wireless access points allow computers and other devices, such as handheld Internet Protocol (IP) phones, to wirelessly connect to the network or share broadband connectivity.

Firewalls guard against network threats and provide application security, network control and containment, and secure connectivity technologies. ISRs combine the functionality of switches, routers, access points and firewalls into the same networking device.

Selecting LAN Device

Although both a hub and a switch can provide connectivity at the access layer of a network, switches should be chosen for connecting devices to a LAN. Switches are more expensive than hubs, but the enhanced performance makes it cost effective. A hub is generally only chosen as a networking device within a very small LAN, a LAN that requires little throughput requirements, or when finances are limited.

When selecting the switch for a particular LAN, there are a number of factors that need to be considered. These factors include, but are not limited to:

Speed and types of ports/interfaces

Expandability

Manageability

Cost

Speed and Types of Ports/Interfaces

Choosing Layer 2 devices that can accommodate increased speeds allows the network to evolve without replacing the central devices.

When selecting a switch, choosing the number and type of ports is a critical decision.

Network designers should consider carefully how many UTP and/or fiber ports are needed. It is also important to estimate how many more ports will be required to support network expansion.

Expandability

Networking devices come in both fixed and modular physical configurations. Fixed configurations have a specific number and type of ports or interfaces. Modular devices have expansion slots that provide the flexibility to add new modules as requirements evolve. Most modular devices come with a basic number of fixed ports as well as expansion slots.

A typical use of an expansion slot would be to add fiber-optic modules to a device that was originally configured with a number of fixed UDP ports. Modular switches can be a cost-effective approach to scaling LANs.

Manageability

A managed switch provides control over individual ports or over the switch as a whole. Typical controls include the ability to monitor operation and change the settings for a device. A managed device can be monitored for performance and security, and typically provides enhancements to the monitoring and security features.

For example, with a managed switch, ports can be turned on or off. In addition, administrators can control which computers or devices are allowed to connect to a port.

Cost

The cost of a switch is determined by its capacity and features. The switch capacity includes the number and types of ports available and the overall throughput. Other factors that impact the cost are its network management capabilities, embedded security technologies, and optional advanced switching technologies.

Using a simple cost per port calculation, it may appear initially that the best option is to deploy one large switch at a central location. However, this apparent cost savings may be offset by the expense from the longer cable lengths required to connect every device on the LAN to one switch. This option should be compared with the cost of deploying a number of smaller switches connected by a few long cables to a central switch.

Deploying a number of smaller devices, instead of a single large device, also has the benefit of reducing the size of the failure domain. A failure domain is the area of the network affected when a piece of networking equipment malfunctions or fails.

Once the LAN switches are selected, determine which router is appropriate for the customer.

Selecting Internetworking Device

A router is a Layer 3 device. It performs all tasks of devices in lower layers and selects the best route to the destination based on Layer 3 information. Routers are the primary devices used to interconnect networks. Each port on a router connects to a different network and routes packets between the networks. Routers have the ability to break up broadcast domains and collision domains.

When selecting a router, it is necessary to match the characteristics of the router to the requirements of the network. Factors for choosing a router include:

Type of connectivity required

Features available

Cost

Connectivity

Routers are used to interconnect networks that use different technologies. They can have both LAN and WAN interfaces.

The router’s LAN interfaces connect to the LAN media. The media is typically UTP cabling, but modules can be added for using fiber-optics as well. Depending on the series or model of router, there can be multiple interface types for connection of LAN and WAN cabling.

Features

It is necessary to match the characteristics of the router to the requirements of the network. After analysis, the business may need a router with specific features. In addition to basic routing, features include:

Security

Quality of Service (QoS)

Voice over IP (VoIP)

Network Address Translation (NAT)

Dynamic Host Configuration Protocol (DHCP)

Cost

When selecting internetwork devices, budget is an important consideration. Routers can be expensive. Additional modules, such as fiber-optics, can increase the costs. The media used to connect to the router should be supported without the purchase of additional modules. This keeps costs to a minimum.

An Integrated Service Router (ISR) is a relatively new technology that combines multiple services into one device. Before the ISR, multiple devices were required to meet the needs of data, wired and wireless, voice and video, firewall, and VPN technologies. The ISR was designed with multiple services to accommodate the demands of small to medium size businesses and branch offices of large organizations. An ISR is designed for ease of use. It can quickly and easily enable end-to-end protection for users, applications, network endpoints, and wireless LANs. The cost of an ISR can be less than if the individual devices were purchased separately.

Network Equipments Upgrade

Many small networks were initially built using a low-end integrated router to connect the wireless and wired users. This device is designed to support small networks, usually consisting of a few wired hosts and possibly four or five wireless devices. When a small business outgrows capabilities of their existing network devices, it is necessary to upgrade to more capable devices. Examples that are used within this course include:

Cisco 1841 ISR

Cisco 2960 Switch

The Cisco 1841 is designed to be a branch office or medium-sized business router. As an entry-level multi-service router, it offers a number of different connectivity options. It is modular in design and can deliver multiple security services.

The Cisco Catalyst 2960 Series Intelligent Ethernet Switches are a family of fixed-configuration, stand-alone devices that provide Fast Ethernet and Gigabit Ethernet connectivity to the desktop. Some of the features of the Catalyst 2960 series of switches are:

Offers entry-level, enterprise-class, fixed-configuration switching optimized for access layer deployments

Fast Ethernet and Gigabit Ethernet to the desktop configurations

Ideal for entry-level enterprise, mid-market, and branch-office environments

Compact switches for deployments outside the wiring closet

These switches can provide the high speeds and high density switching capabilities that the smaller ISRs with integrated switching cannot. They are therefore a good option when upgrading networks built with either hubs or small ISR devices.

Reliability And Avaibility

Purchasing network devices and installation of cabling for a network upgrade is only the beginning. Networks must also be reliable and available. Reliability is usually achieved by adding redundant components to the network, such as two routers instead of one. In this case, alternate data paths are created, so if one router is experiencing problems, the data can take an alternate route to arrive at the destination.

An increase in reliability improves availability. As an example, telephone systems require five-9s of availability. This means that the telephone system must be available 99.999% of the time. Telephone systems cannot be down, or unavailable, for more than .001% of the time.

Fault tolerance systems are typically used to improve network reliability. Fault tolerance systems include devices such as uninterruptible power supplies (UPS), multiple AC power supplies, hot-swappable devices, and multiple interface cards. When one device fails, the redundant or backup system will take over to ensure minimal loss of reliability.

IP Addressing Plan

Planning for the network installation must include planning the logical addressing. Changing the Layer 3 IP addressing is a major issue when upgrading a network. If the structure of the network is going to be changed in the upgrade, the IP address scheme and network information may need to be altered.

Consideration must be given to every device that requires an IP address, now and in the future. The hosts and network devices that require an IP address include:

User computers

Administrator computers

Servers

Other end devices such as printers, IP phones, and IP cameras

Router LAN interfaces

Router WAN (serial) interfaces

There are also devices that might need an IP address in order to access and manage them. These include:

Stand-alone switches

Wireless Access Points

For example, if a new router is introduced to the network, new local networks, or subnets, will be created. These new subnets will need to have the proper IP address and subnet mask calculated. Sometimes, this means having to assign a totally new addressing scheme on the network.

Once all of the planning and design phases are complete, the upgrade proceeds to the implementation phase, in which the actual network installation begins.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter Four (smt2)

September 15, 2008

Review Of IP Address

One of the most important aspects of communications on an Internetwork is the logical addressing scheme.

IP addressing is the method used to identify hosts and network devices. The number of hosts connected to the Internet continues to grow, and the IP addressing scheme has had to be adapted to cope with this growth.

In order to send and receive messages on an IP network, every network host must be assigned a unique 32 bit IP address. Because large binary numbers are difficult for humans to read and understand, IP addresses are usually displayed in dotted-decimal notation. In dotted-decimal notation, each of the four octets is converted to a decimal number separated by a decimal point. For example, the IP address:

11000000.10101000.00000001.01101010 is represented as 192.168.1.106 in dotted decimal notation.

IP addresses are hierarchical. A hierarchy is like a family tree with parents at the top and children connected to them below. For a network, this means that part of the 32-bit number identifies the network (parent) while the rest of the bits identify the host (child). In the early days of the Internet, there were so few organizations needing to connect to it, that networks were assigned by only the first 8 bits (first octet) of the IP address. This left the remaining 24 bits to be used for local host addresses.

The 8-bit network designation made sense at first, because originally people thought that the Internet would be made up of a few very large universities, governments, and military organizations. Using only 8 bits for the network number enabled the creation of 256 separate networks, each containing over 16 million hosts. It soon became apparent that more organizations, and eventually individuals, would be connecting to the Internet to do research and to communicate with others. More networks were required, and a way to assign more network numbers had to be created.

In order to cope with the demand, more unique network numbers were required. To create more possible network designations, the 32-bit address space was organized into five classes. Three of these classes, A, B, and C, provide addresses that can be assigned to individual hosts or networks. The other two classes, D and E, are reserved for multicast and experimental use. Dividing the original eight-bit networks into smaller classes increased the number of available network designations from 256 to over two million.

Until this change, routers examined only the first 8-bits of an IP address for the network ID. Now how would routers know to look beyond the first 8-bits to identify Class B or C networks?

It was decided to divide the networks in a manner that would make it easy for routers to determine the correct number of network ID bits. The class of a network is indicated by the values of the first few bits of the IP addresses, called the high order bits. If the first bit is 0, the network is a Class A and the first octet represents the network ID. When the first bit is 1, the router examines the second bit. If that bit is 0, the network is a Class B, and the router uses the first 16 bits for the network ID. If the first 3 bits are 110, it indicates a Class C address. Class C addresses use the first 24 bits, or three octets, to designate the network.

Networks grew throughout the 1980s and into the 1990s, with many organizations adding hundreds, even thousands, of hosts.

An organization with thousands of hosts should have been well served by a Class B network. Unfortunately there were some problems.

Organizations with thousands of hosts rarely had them all in one place. Some organizations wanted to separate individual departments from each other for security purposes.

To solve these problems, the organizations leading the development of the Internet chose to partition their networks into mini-networks, or subnets, using a process called subnetting.

How does a single class B network get split into multiple networks, in a way that each subnet is treated as a separate network?

RFC 917, Internet Subnets, defines the subnet mask as the method routers use to isolate a subnet from an IP address. When a router receives a packet it uses the destination IP address in the packet and the subnet masks associated with the routes in its routing table to determine the appropriate path on which to forward the packet.

The router reads the subnet mask from left to right, bit for bit. If a bit in the subnet mask is set to 1, it indicates that the value in that position is part of the network ID. A 0 in the subnet mask indicates that the value in that position is part of the host ID.

The two-level hierarchy of classed addressing included a network ID and a host ID. In classful subnetting, the network ID is left alone, and the host ID is divided into a subnet ID and a new host ID. For example, a Class B network has a 16-bit default subnet mask of 11111111 11111111 00000000 00000000, or 255.255.0.0. That leaves 16-bits for the host ID.

One way to divide a class B into multiple networks is to use four of the host bits as a subnet ID. There is now a 20-bit subnet mask of 255.255.240.0, and only 12-bits remain for the host ID.

Partitioning the host ID this way always results in a fixed number of subnets and a fixed number of hosts per subnet.

In a situation where an organization has a Class B network with four subnets, thousands of IP addresses can be wasted if some of the subnets have only a few hosts in them. To use IP addresses more efficiently, Classless Inter-Domain Routing (CIDR) was created.

With CIDR, there are no more network classes. CIDR uses variable length subnet masks (VLSM) for subnetting. The network ID no longer has to be on an octet boundary. In a classed addressed system, the network represented by the IP address 192.168.5.0 is a class C network address. The minimum number of bits that can make up the network ID is 24 and the maximum number of hosts is 254. Using CIDR addressing, sometimes referred to as classless addressing, the number of bits that can make up the network ID is not restricted by class. Networks can be created that use the 192.168.0.0 address space with fewer than 24 bits indicating the network number. For example the address 192.168.82.174 is part of a network in which the first 18 bits make up the network ID. The network that this host is in would be specified as 192.168.64.0/18, where the /18 indicates an 18-bit subnet mask (255.255.192.0).

Subnetting A Network

The customer network using the single ISR is badly overloaded. The proposed solution is to add a second networking device, a larger ISR, and to divide the single network into two separate networks.

For security purposes, the wireless and wired users need to be on separate local networks. The original wireless integrated router can provide the wireless users with connectivity and security. The hubs connecting the wired users can connect directly to the new ISR switch ports.

Some ISRs do not have integrated switch ports, so it is necessary to add a separate switch to support the wired users.

During the 1990s, many networks had no connection either to other networks or to public Internet. In order to reduce the number of unique registered IP addresses that were assigned to organizations, the Internet Engineering Task Force (IETF) decided to reserve some of the Internet address space for use by these private networks.

These blocks of addresses did not need to be able to be routed over the public Internet. This meant that all private networks could make use of the same addresses, and so long as they did not connect to each other, communication could occur normally.

A single Class A address, 10.0.0.0 was reserved for private use. Some Class B and Class C address space was also set aside for private networks.

Most networks today use a private address structure. Only the devices that connect directly to the Internet are assigned registered Internet routable addresses. By default, most consumer networking devices give out private addresses through DHCP.

Classfull Subnetting

A classed IP address hierarchy has two levels: a network and a host. In classful routing, the first three leading bit values determine whether an IP address is either class A, B, or C. After an address is identified by class, the number of bits that make up the network ID and the number of bits that make up the host ID are known. Default subnet masks are used to tell the network and host bits apart.

Subdividing a network adds a level to the network hierarchy. Now there are three levels: a network, a subnetwork, and a host. How are these three levels identified?

In classful addressing, the number of network bits is fixed. There are 8 bits that designate a Class A network, 16 bits for a Class B, and 24 for a Class C. That leaves the host bits as the only part of the IP address with any flexibility to modify. The available host bits can be divided into a subnet identifier ID and a host ID.

The decision about how many host bits to use for the subnet ID is a big planning decision. There are two considerations when planning subnets: the number of hosts on each network, and the number of individual local networks needed. The table for the subnet possibilities for the 192.168.1.0 network shows how the selection of a number of bits for the subnet ID affects both the number of possible subnets and the number of hosts that can be in each subnet.

Custom Subnetmask

Routers distinguish between networks by using the subnet mask to determine which bits make up the network ID and which bits make up the host portion of the address. When a network is partitioned, the router needs a modified or custom subnet mask to distinguish the subnets from each other. A default subnet mask and a custom subnet mask differ from each other as follows: Default subnet masks only change on octet boundaries. For instance, the default subnet mask for a Class A network is 255.0.0.0. Custom subnet masks take bits from the host ID portion of the IP address and add them to the default subnet mask.

To create a custom subnet mask, the first question to answer is how many bits to take from the host ID to add to the subnet mask.

The number of bits for a subnet ID that will be added to the subnet mask depends on several factors.

In this example, those factors have been limited for the sake of simplicity. Not all situations will be so simple. For instance, in an organization assigned a Class C address, what if there are multiple networks, one network with 7 hosts, another with 60 hosts, and a third with 34 hosts?

In classed subnetting, all subnets must be the same size, which means that the minimum number of hosts that each subnet must support is 60. To support a minimum number of 60 hosts, at least 6 bits are required in the host ID, which leaves 2 bits for the subnet identifier. Under these conditions, four subnets can be created, each with 64 hosts.

Devices on the network are informed of the subdivision by the use of the subnet mask. Now, it is possible to tell what subnet an IP address is in and to design simple classful subnetted IP address schemes.

In a base Class C network, there are 24 bits in the network portion of the address and 8 bits in the host portion of the address. Each bit in a binary IP address has only one of two possible values, a 0 or a 1. The number of host addresses is calculated by using the power of 2. Therefore, the number of host addresses available using an 8-bit address is 2^8, or 2×2x2×2x2×2x2×2. With an 8-bit host ID, there is one network with 254 possible host addresses.

If a Class C network is subnetted and 3 bits are taken from the host ID to use for the subnet ID, there are 5 bits left for host addresses. Five host bits mean that there can be 30 hosts per subnet, or 2^5 – 2. Remember that the all-zeros and all-ones host addresses are reserved for the network designation and the broadcast address.

The number of subnets is calculated in a similar manner. If 3 bits are used for the subnet address, the number of subnets is 2×2x2, or 2^3. By subnetting in this manner, there are 8 subnets with 30 hosts each.

When determining how many hosts are needed in each subnet, it is necessary to include the router interface as well as the individual host devices. Each router interface must have an IP address in the same subnet as the host network attached to it.

Communication Betwen Subnet

Think of a subnet as a small network. When a network is split into two subnets, there are actually two separate networks. Remember that routers connect networks. In order for a device in one subnet to communicate with a device in the other, a router is required. In this particular network, there are two routers: the wireless ISR and the 1841 ISR.

The configuration must ensure that interfaces on routers that connect to each other are assigned IP addresses in the same network or subnet, and that clients are assigned default gateways that they can reach.

The interface that connects the wireless ISR to the 1841 ISR must be on a common network. Here the common link shows the two routers connected on the 192.168.1.16/29 subnet with IP addresses 192.168.1.17/29 and 192.168.1.18/29.

IPv6

CIDR and private IP addressing were developed to provide a temporary solution to the problem of IP address depletion. These methods, though useful, did not create more IP addresses. IPv6 does that.

IPv6 was first proposed in 1998 with RFC 2460.

Although its primary purpose was to solve IPv4 IP address depletion, there were other good reasons for its development. Since IPv4 was first standardized, the Internet has grown significantly. This growth has uncovered advantages and disadvantages of IPv4, and the possibiliy for upgrades to include new capabilites.

A general list of improvements that IPv6 proposes are:

More address space

Better address space management

Easier TCP/IP administration

Modernized routing capabilities

Improved support for multicasting, security, and mobility

The development of IPv6 intends to address as many of these requests and problems as possible.

With IPv6, IP addresses are 128-bits in size with a potential address space of 2^128. In decimal notation, that is approximately a 3 followed by 38 zeroes. If IPv4 address space was represented by the volume of a teaspoon, IPv6 address space would be represented by a volume almost equivalent to the planet Saturn.

Working with 128-bit numbers is difficult, so the IPv6 address notation represents the 128 bits as 32 hexadecimal digits, which are further subdivided into eight groups of four hexadecimal digits, using colons as delimiters. The IPv6 address has a three-part hierarchy. The global prefix is the first three blocks of the address and is assigned to an organization by an Internet names registry. The subnet and the Interface Identifier (ID) are controlled by the network administrator.

Network administrators will have some time to adjust to this new IPv6 structure. Before the widespread adoption of IPv6 occurs, network administrators still need a way to more efficiently use private address spaces.

Basic Network Address Translation (NAT)

Network Address Translation (NAT) allows a large group of private users to access the Internet by sharing a small pool of public IP addresses. Address translation is similar to how a telephone system works in a company. As a company adds employees, at some point, they no longer run a public phone line directly to each employee’s desk. Instead, they use a system that allows the company to assign each employee an extension number. The company can do this because not all employees use the phone at the same time. Using private extension numbers enables the company to purchase a smaller number of external phone lines from the phone company.

NAT works similarly to a company phone system. Saving registered IP addresses is one of the main reasons that NAT was developed. NAT can also provide security to PCs, servers, and networking devices by withholding their actual IP host addresses from direct Internet access.

The main advantage of NAT is IP address reuse, and the sharing of globally unique IP addresses between many hosts from a single LAN. NAT also serves users transparently. In other words, they do not need to know about NAT to get on the Internet from a private network. Finally, NAT helps shield users of a private network against access from the outside.

NAT does have some disadvantages, including:

The impact of NAT on certain applications that have IP addresses in their message payload. These IP addresses must be translated as well, which increases load on the router CPU. This extra workload on routers hinders network performance.

NAT hides private IP addresses from public networks. It performs like access control which can be desirable, but can also be bad if legitimate remote access from the Internet to a device on the private network is desired.

IP NAT Term

When configuring NAT on a router, the following terms help understand how the router accomplishes NAT.

The inside local network refers to any network connected to a router interface that is part of the privately addressed LAN. Hosts on inside networks have their IP addresses translated before they are transmitted to outside destinations.

The outside global network is any network attached to the router that is external to the LAN and that does not recognize the private addresses assigned to hosts on the LAN.

An inside local address is the private IP address configured on a host on an inside network. It is an address that must be translated before it can travel outside the local network addressing structure.

An inside global address is the IP address of an inside host as it appears to the outside network. This is the translated IP address.

The outside local address is the destination address of the packet while it is on the local network. Usually this address is the same as the outside global address.

An outside global address is the actual public IP address of an external host. The address is allocated from a globally routable address or network space.

Static And Dinamic NAT

One of the advantages of using NAT is that individual hosts are not directly accessible from the public Internet. But what if one or more of the hosts within a network are running services that need to be accessed from Internet connected devices, as well as devices on the local private LAN?

One way to provide access to a local host from the Internet is to assign that device a static address translation. Static translations ensure that an individual host private IP address is always translated to the same registered global IP address. It also ensures that no other local host will be translated to the same registered address.

Dynamic NAT occurs when a router is configured to assign an IP address from an available pool of outside global addresses to an inside private network device. As long as the session is open, the router watches for that inside global address and sends acknowledgments to the initiating inside device. When the session ends, the router simply returns the inside global address to the pool.

Dynamic NAT allows hosts assigned with private IP addresses on a network, or intranet, to access a public network, such as the Internet. Static NAT allows hosts on the public network to access selected hosts on a private network. This means that when configuring NAT for user access to the outside, configure dynamic NAT. If a device on the inside network needs to be accessible from the outside, use static NAT.

Both NAT methods can be installed at the same time if it is required.

Port-Bassed Network Address translation (PAT)

When an organization has a very small registered IP address pool, or perhaps even just a single IP address, it can still enable multiple users to simultaneously access the public network with a mechanism called NAT overload, or port address translation (PAT).

PAT translates multiple local addresses to a single global IP address. When a source host sends a message to a destination host, it uses an IP address and port number combination to keep track of each individual conversation with the destination host. In PAT, the gateway translates the local source address and port combination in the packet to a single global IP address and a unique port number above 1024. Although each host is translated into the same global IP address, the port number associated with the conversation is unique.

Responding traffic is addressed to the translated IP address and port number used by the host. A table in the router contains a list of the internal IP address and port number combinations that are translated to the external address. Responding traffic is directed to the appropriate internal address and port number. Because there are over 64,000 ports available, a router is unlikely to run out of addresses, which could happen with dynamic NAT.

Since the translation is specific to the local address and local port, each connection, which generates a new source port, requires a separate translation. For example, 10.1.1.1:1025 requires a separate translation from 10.1.1.1:1026.

The translation is only in place for the duration of the connection, so a given user does not keep the same global IP address and port number combination after the conversation ends.

Users on the outside network cannot reliably initiate a connection to a host on a network that uses PAT. Not only is it impossible to predict the local or global port number of the host, but a gateway does not even create a translation unless a host on the inside network initiates the communication.

IP NAT Issues

Most of the time, NAT operates invisibly. People access the Internet from private networks without ever realizing the work that the router is doing to make that happen. The big issue with NAT is the additional work load necessary to support IP address and port translations.

Some applications increase the work load of the router because they embed an IP address as part of the encapsulated data. The router must replace the source IP addresses and port combinations that are contained within the data, as well as the source addresses in the IP header.

With all this activity taking place in a router because of NAT, its implementation in a network requires good network design, careful selection of equipment, accurate configuration and regularly scheduled maintenance.

As a protocol that supports IPv4, NAT has helped to delay the complete depletion of the IPv4 address space. It has become so commonplace in integrated networking devices, used in homes and small businesses, that for some people, configuring it is a matter of selecting a check box. As business grow and they require more sophisticated gateway and routing solutions, device configurations for NAT and other features and functions, become more complex.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter Five (smt2)

September 15, 2008

ISR

Integrated Services Routers

The Cisco Integrated Services Router (ISR) is one of the most popular series of networking devices designed to support growing business needs.

The ISR combines features such as routing and switching functions, security, voice, LAN and WAN connectivity into a single device. This makes the ISR ideal for small to medium-sized businesses and for ISP managed customers.

Cisco IOS Software

The Cisco Internetwork Operating System (IOS) software provides features that enable a Cisco device to send and receive network traffic using a wired or wireless network. IOS software is offered to customers in modules called images. These images support various features for businesses of every size.

The entry-level Cisco IOS software image is called the IP Base image. The Cisco IOS IP Base software supports small to medium-sized businesses and supports routing between networks.

Other Cisco IOS software images add services to the IP Base image. For example, to use advanced security features, install the Advanced Security image. This gives the added functionality necessary to configure advanced security capabilities, private networking and firewalls.

There are many different IOS images available, as well as different versions of each image. These images are designed to operate on specific models of routers, switches and ISRs.

It is important to know what image and version is loaded on a device before beginning the configuration process.

Physical Setup Of The ISR

Each device is shipped with the cables and documentation needed to power on the device and begin the installation. When a new device is received, it is necessary to unpack the device and verify that the all necessary hardware and equipment is included.

Items shipped with a new Cisco 1841 ISR include:

A RJ45-to-DB9 console cable

A DB-9-to-DB-25 modem adapter

A power cord

Product registration card, called the Cisco.com card

Regulatory Compliance and Safety Information for Cisco 1841 Routers

Router and Security Device Manager (SDM) Quick Start Guide

Cisco 1800 Series Integrated Services Routers (Modular) Quick Start Guide

To install a new Cisco 1841 ISR requires special tools and equipment, which most ISPs and technician labs usually have available. Additional specific equipment required depends on the model of the device and any optional equipment ordered.

Typically, the tools required to install a new device include:

PC with a terminal emulation program, such as HyperTerminal

Cable ties and a No. 2 Phillips screwdriver

Cables for WAN interfaces, LAN interfaces, and USB interfaces

It is also necessary to have equipment and devices required for connection to WAN and broadband communication services, such as hubs or modems.

Before beginning any equipment installation, be sure to read the Quick Start guide and other documentation that is included with the device. The documentation contains important safety and procedural information to prevent accidental damage to the equipment during installation.

Follow these steps to perform a power up procedure on an 1841 ISR:

1. Securely mount and ground the device chassis, or case.

2. Seat the external compact flash card.

3. Connect the power cable.

4. Configure terminal emulating software on the PC and connect the PC to the console port.

5. Turn on the router.

6. Observe the start-up messages on the PC to check for any errors.

At this point, the device is now ready to be configured to participate in the network.

In-Band And Out-Of-Band Router Configuration

There are two possible methods to connect a PC to a network device for configuration and monitoring tasks: in-band and out-of-band management.

Out-of-band Management

Out-of-band management requires a computer to be directly connected to the console port or auxiliary port (AUX) of the network device being configured. This type of connection does not require the local network connections on the device to be active. Technicians use out-of-band management to initially configure a network device, because until properly configured, the device cannot participate in the network. Out-of-band management is also useful when the network connectivity is not functioning correctly and the device cannot be reached over the network. Performing out-of-band management tasks requires a terminal emulation client installed on the PC.

In-band Management

Use in-band management to monitor and make configuration changes to a network device over a network connection. In order for a computer to connect to the device and perform in-band management tasks, at least one network interface on the device must be connected to the network and operational. Two TCP/IP protocols can be used to access a Cisco device for in-band management: Telnet and HTTP. A web browser or a Telnet client program can be used to monitor the network device or make configuration changes.

Cisco IOS Program

The Cisco IOS command line interface (CLI) is a text-based program that enables the entering and executing of Cisco IOS commands to configure, monitor, and maintain Cisco devices.

Use CLI commands to alter the configuration of the device and to display the current status of processes on the router. For experienced users, using the CLI offers many time-saving features for creating both simple and complex configurations. Almost all Cisco networking devices use a similar CLI. When the router has completed the power on sequence, and the Router> command appears, the CLI can be used to enter Cisco IOS commands.

Technicians familiar with the commands and operation of the CLI find it is easy to monitor and configure a variety of different networking devices. The Cisco CLI can be used with either in-band or out-of-band management tasks.

The CLI has an extensive help system that assists in setting up and monitoring devices.

In addition to the Cisco IOS CLI, other tools are available to assist in configuring a Cisco router or ISR. Cisco Router and Security Device Manager (SDM) is a graphical user interface (GUI) device management tool. Unlike CLI, SDM can be used only for in-band management tasks.

SDM Express simplifies initial router configuration. It uses a step-by-step approach to create a basic router configuration quickly and easily.

Use the full SDM package to perform more advance configurations such as:

Configure additional LAN and WAN connections

Create firewalls

Configure VPN connections

Perform security tasks

SDM supports a wide range of Cisco IOS software releases and is available free of charge on many Cisco routers. SDM is pre-installed on the flash memory of the Cisco 1800 Series ISR. If the router comes with the SDM installed, Cisco recommends that SDM is used to perform the initial router configuration. This is done by contacting the router via a preset network port on the router.

Not all Cisco devices support SDM. Furthermore, SDM does not support all of the commands that are available through the CLI. Consequently, it is sometimes necessary to use CLI to complete a device configuration that is started using SDM. Familiarity with both methods is critical to successful support of Cisco devices.

Device Configuration Files

Running Configuration File

The term running configuration refers to the current configuration running on the device. It contains the commands used to determine how the device operates on the network. The running configuration is stored within the device working memory. The device working memory is a type of random access memory (RAM) that does not keep information when the power is turned off. The running configuration is lost each time the device is shut down unless the running configuration is saved to the startup configuration file.

Startup Configuration File

The startup configuration file is the saved configuration file that sets the configuration properties of the device each time the device is powered on. This file is stored in nonvolatile random access memory (NVRAM). NVRAM is used to store files that will be saved, even if power to the device is turned off.

When a Cisco router is first powered on, it loads the IOS to working memory. Next, the startup configuration file is copied from NVRAM to RAM. This becomes the initial running configuration. Changes to the running configuration are not automatically saved to the startup configuration file. It is necessary to manually copy the running configuration to the startup configuration file if changes are to be saved when the device is powered off.

Cisco CLI uses the command copy running-config startup-config to save the router’s running configuration to the startup configuration. The Cisco SDM has an option that can be set to save the router running configuration to the startup configuration each time a command is completed.

Document Your Router Configuration

In a business, there can be hundreds of employees using software programs that rely on constant network connectivity. Planning the router installation and upgrade is a critical step in minimizing interruptions to employees. Planning enables exploration of options on paper, when it is easy and inexpensive to correct errors.

Technical staff from an ISP usually meet with business customers to plan how to upgrade the routers. Depending on the size of the project, there might be many planning sessions. During those planning sessions, the technician determines:

The configuration of the router to meet customer needs

Software programs that rely on the network that may be affected by the upgrade

The technician works with the client’s IT personnel to decide which router configuration to use and to develop the procedure that verifies the router configuration. From this information, a written specification is created. The technician uses this specification to create the configuration checklist.

A configuration checklist is a useful tool for ensuring that everything is configured correctly on new router installations. Technicians also use the checklist when troubleshooting previously configured routers. The configuration checklist provides a list of the most commonly configured components. It typically includes an explanation of each component and its configuration settings.

There are many different formats for configuration checklists, including some that are quite complex. ISPs should ensure that support technicians have, and know how to use, router configuration checklists.

Configuring ISR With An SDM

Cisco SDM Express

Cisco SDM Express is a tool bundled within the Cisco Router and Security Device Manager that makes it easy to create a basic router configuration. To start using SDM Express, connect a PC Network Interface Card to an Ethernet port on the router or ISR being configured.

SDM Express uses eight configuration steps to assist in creating a basic router configuration:

Overview

Basic Configuration

LAN IP Address

DHCP

Internet (WAN)

Firewall

Security Settings

Summary

The SDM Express windows provide step-by-step guidance to create the initial configuration of the router. After the initial configuration is completed the router is available on the LAN. The router can also have a WAN connection, a firewall and up to 30 security enhancements configured.

When adding a new device to a network, it is critical to ensure that the device functions correctly. The addition of one poorly configured device can cause an entire network to fail.

Configuring a networking device, such as a router, can be a complex task, no matter which tool is used to enter the configuration. Therefore, always follow best practices for installing a new device to ensure that all device settings are properly configured and documented.

SDM Express

Basic Configuration

The Basic Configuration screen is used to:

Name the router that is being configured

Enter the domain name for the organization

Control access to SDM Express, Cisco Router and Security Device Manager, and the command-line interface (CLI)

The following information is necessary to enter when using the Basic Configuration Wizard:

Host Name

The name of the router

Domain Name

The domain name for the organization. (An example of a domain name is cisco.com, but domain names can end with a different suffix, such as .org or .net.)

SDM Username and Password

The username and password used to access SDM Express to configure and monitor the router (password must be at least 6 characters long)

Enable Secret Password

The password that controls user access to the router, which affects the ability to make configuration changes using CLI using Telnet or the console ports (password must be at least 6 characters long)

To configure the router interface to participate on the connected local network, enter the LAN configuration settings.

IP Address Field

The IP address for the LAN interface in dotted-decimal format

Address can be a private IP address if the device is installed in a network that uses Network Address Translation (NAT) or Port Address Translation (PAT)

Note: Write down this address. When the router is restarted, this address is the one used to run SDM Express, not the address that was provided in the Quick Start Guide.

Subnet Mask Field

The subnet mask for the network

Identifies the network portion of the IP

Subnet Bits Field

Number of bits used to define the network portion of the IP

Can be used instead of the subnet mask

Wireless Parameters Fields

Use to specify the SSID of the wireless network

Appear if the router has a wireless interface and Yes was clicked in the Wireless Interface Configuration window

DHCP

The Dynamic Host Configuration Protocol (DHCP) is a simple way to assign IP addresses to host devices. DHCP dynamically allocates an IP address to a network host when the host is powered on, and reclaims the address when the host is powered off. In this way, addresses can be reused when hosts no longer need them. Using SDM Express, a router can be configured as a DHCP server to assign addresses to devices, such as PCs, on the internal local network.

To configure a device for DHCP, enter the following information:

Enable DHCP server on the LAN interface Checkbox

When checked, it enables the router to assign private IP addresses to devices on the LAN.

IP addresses are leased to hosts for a period of one day.

Starting IP Address Field

The lowest address in the IP address range, based by default, on the IP address and subnet mask entered for the LAN interface

Can be changed to a different starting IP address, if necessary, but should be the same network or subnet as a configured LAN interface

Ending IP Address Field

The highest valid address in the IP address range, based by default, on the IP address and subnet mask assigned to the LAN interface

Can be changed to decrease the pool size

Must be in the same network as the IP address in the starting IP address field

Next, configure additional DHCP parameters.

Domain Name Field

The domain name for the organization.

This name is given to the hosts as part of the DHCP configuration.

Primary Domain Name Server Field

The IP address of the primary DNS server

Used to resolve URLs and names on the network

Secondary Domain Name Server Field

The IP address of a secondary DNS, if available

Used if the primary DNS server does not respond

Use these DNS values for DHCP clients checkbox

If checked, enables the DHCP server to assign DHCP clients with the configured DNS settings

Available if a DHCP server has been enabled on the LAN interface

Configuring A Serial WAN Connection

Configuring an Internet (WAN) Connection

Routers can also be connected via a serial connection, which connect networks that are separated by large geographic distances. These WAN network interconnections require that the serial connection be made through a telecommunications service provider, or TSP.

Serial connections are usually lower-speed links, compared to Ethernet links and require additional configuration. Be sure to determine the type of connection and protocol encapsulation required prior to setting up the connection.

Serial Encapsulation

The protocol encapsulation must be the same at both ends of a serial connection. Some encapsulation types require authentication parameters, like username and password, to be configured. Encapsulation types include:

High-Level Data Link Control (HDLC)

Frame Relay

Point-to-Point Protocol (PPP)

Address Type List

Depending on the type of encapsulation selected, different methods are available to obtain an IP address for the serial interface.

Static IP Address

Available with Frame Relay, PPP, and HDLC encapsulation types.

Enter the IP address and subnet mask to configure a static IP address.

IP Unnumbered

Available with Frame Relay, PPP, and HDLC encapsulation types.

Sets the serial interface address to match the IP address one of the router’s other functional interfaces.

IP Negotiated

The router obtains an IP address automatically through PPP

Select Easy IP (IP Negotiated).

The router will obtain an IP address automatically through PPP

Cisco SDM and SDM Express

Use either Cisco SDM Express and Cisco SDM to configure a router.

SDM supports many of the same features that SDM Express supports; however, SDM has a more advanced GUI interface, with more configuration options available. For this reason, once a basic configuration of the router is configured using SDM Express, many users switch to using SDM.

Configuring Dynamic NAT Using Cisco SDM

Use the Cisco SDM Basic NAT Wizard to configure NAT on a router. The type of NAT that is configured by default is dynamic NAT.

Dynamic NAT enables the hosts on the internal local network to share the registered IP address assigned to the WAN interface. In this manner, hosts with internal private addresses can have access to the Internet.

Only the hosts with the internal address ranges specified in the SDM configuration are translated. It is important to verify that all address ranges that need access to the Internet are included.

Steps for configuring NAT include:

1. Enable NAT Configuration Using SDM

2. Navigate Through the NAT Wizard

3. Select the Interface and Set IP Ranges

4. Review Configuration

Command Line Interface And Mode

Using the Cisco IOS CLI to configure and monitor a device is very different than using the SDM. The CLI does not provide step-by-step configuration assistance; therefore, it requires more planning and expertise to complete.

CLI Command Modes

The Cisco IOS supports two levels of access to the command-line interface: user EXEC access and privileged EXEC access.

When a router or other IOS device is powered on, the access level defaults to user access. This is referred to as the device being in user EXEC mode. User mode is indicated by a command-line prompt: Router>

Commands that can be executed in user EXEC mode are limited to obtaining information about how the device is operating and troubleshooting using ping or traceroute.

To enter commands that can alter the operation of the device requires privileged level access. Enable the privileged EXEC mode by entering enable at the command prompt and pressing Enter. The command line prompt changes to reflect the mode change. The prompt for the privileged mode is Router#. To disable the privileged mode and return the device to user mode, enter disable or exit at the command prompt.

Both the user EXEC mode and the privileged EXEC mode can be protected with a password, or a username and password combination.

Configuring a Cisco IOS device begins with entering the privileged EXEC mode. The privileged mode grants access to the various configuration modes used to set up the device.

To obtain access to the configuration commands, first enter the mode that allows access to these commands. In most cases, commands will be configured to the running configuration file from the terminal. To access these commands, the user must enter global configuration mode. To enter global configuration, type the command: configure terminal or config t.

Global configuration mode is indicated by the command line prompt Router(config)#. Remember that any commands entered in this mode will take effect immediately and can alter the operation of the device.

Using The Cisco IOS CLI

The Cisco IOS CLI is full of features that help in recalling commands needed to configure a device. These features are one reason why network technicians prefer to use the Cisco IOS CLI to configure routers.

The context-sensitive help feature is especially useful when configuring a device. Entering help or the ? at the command prompt displays a brief description of the help system:

Router# help

Context-sensitive help can provide suggestions for completing a command. If the first few characters of a command are known, but the exact command is not, enter as much of the command as possible, followed by a ?. Note that there is no space between the command characters and the ?.

Additionally, request help at any point to determine additional parameters that complete a command. Do this by entering part of the command, followed by a space, and then the ?. For example, entering the command configure at the command prompt followed by a space and a question mark produces a list of possible variations of the configure command. Choose one of these variations to complete the command string.

The appearance of <cr> indicates that the command is now complete. Press the enter key to enter the command. If a ? is entered and nothing matches, the help list will be empty. This indicates that the command string is not a supported command.

Users will sometimes make a mistake when typing a command. CLI provides output indicating an unrecognized or incomplete command. The % symbol indicates error marker messages. For example, if the command interface is entered with no other parameters, the output shows that it is an incomplete command (% Incomplete command.). Use the ? to see additional parameters.

If an incorrect command is entered, the error message would read: %Invalid input detected.

It is sometimes hard to see the mistake within an incorrectly entered command. Fortunately, the CLI provides error isolation in the form of an error indicator, a caret symbol (^). The ^ symbol appears at the point in the command string where there is an incorrect or unrecognized character. This enables the user to return to the point where the error was made and use the help function to determine the correct command to use.

Another feature of the Cisco IOS CLI is the ability to recall previously typed commands. This feature is particularly useful for recalling long or complex commands or entries.

The command history is enabled by default and the system records ten command lines in the history buffer. To change the number of command lines the system records during a terminal session, use the terminal history size or the history size command. The maximum number of commands is 256.

To recall the most recent command in the history buffer, press Ctrl-P or the Up Arrow key. Repeat this process to recall successively older commands. To return to a more recent command in the history buffer, press Ctrl-N or the Down Arrow key. Repeat this process to recall successively more recent commands.

Command Shortcuts

CLI recognizes partially-typed commands based on their first unique character. For example, type int instead of interface. Press the Tab key, and CLI will automatically complete the command entry. The Tab key simply acknowledges visually that the router has understood the specific command that was intended.

On most computers, additional select and copy functions are available. A previous command string may be copied and then pasted or inserted as the current command entry.

Using Show Command

The Cisco IOS CLI enables a user to display relevant information about the configuration and operation of the device. To obtain this information, show commands are used.

The Cisco IOS CLI show commands are used extensively by network technicians These commands are used to view configuration files, the status of the device interfaces and processes and to verify the device operational status. Show commands are available whether the device is configured using the CLI or the SDM configuration tool.

The status of nearly every process or function of the router can be displayed using a show command. Some of the more popular show commands are:

show running-config

show interfaces

show arp

show ip route

show users

show version

Basic Configuration

The startup configuration file is stored on the device in NVRAM. This file is loaded into working memory and begins operation when the device is powered on. To view the contents of the startup configuration file, use the command:

Router#show startup-config

The running configuration is the set of commands that is currently active in the device RAM. When the device is powered on, the running configuration is identical to the stored startup configuration. To view the current running configuration use the command:

Router#show running-config

Remember, if the CLI is used to alter the running configuration, it must be copied to the startup configuration file, or the changes will be lost when the device is powered off. To copy the changes made to the running configuration back to the stored startup configuration file, use the command:

Router#copy run start

The initial configuration of an IOS device involves configuring a device name and then the passwords that are used to control access to the various functions of the device.

A device should be given a unique name as one of the first configuration tasks. This task is accomplished in global configuration mode with the following command:

Router(config)#hostname [name]

When the Enter key is pressed, the prompt will change from the default host name, which is Router, to the newly configured host name.

Once a hostname is configured on a device, the next configuration step should be configuring passwords to prevent access to the device by unauthorized individuals.

The enable password and enable secret commands are used to restrict access to the privileged EXEC mode, preventing unauthorized users from making configuration changes to the router. The following commands are used to set the passwords:

Router(config)#enable password [password ]

Router(config)#enable secret [password ]

The difference between the enable password and the enable secret is that the enable password command is not encrypted by default. If the enable password is set, followed by the enable secret, the enable secret will override the enable password.

There are multiple ways to access a device to perform configuration tasks. One of these ways is to use a PC attached to the console port on the device. This type of connection is frequently used for initial device configuration.

To set the password for console connection access, first enter the global configuration mode. Once there, use the following command:

Router(config)#line console 0

Router(config-line)#password [password]

Router(config-line)#login

This will prevent unauthorized users from accessing user mode from the console port.

Once the device is connected to the network, it can be accessed over the network connection. When the device is accessed through the network, it is considered a virtual terminal connection. The password must be configured on the virtual port.

Router(config)#line vty 0 4

Router(config-line)#password [password]

Router(config-line)#login

To verify that the passwords are set correctly, use the show running-config command. These passwords are stored in the running-configuration in clear text. It is possible to set encryption on all passwords stored within the router, so that they are not easily seen by unauthorized individuals. The command service password encryption will ensure that passwords are encrypted.

Configuring An Interface

In order for a router to direct traffic from one network to another, the interfaces on the router are configured to participate in each of the networks. A router interface connects to a network and has an IP address and subnet mask assigned to it that is appropriate for that network.

There are many different types of interfaces available. Serial and Ethernet interfaces are the most common. Local network connections use Ethernet interfaces.

WAN connections require the use of a serial connection through a TSP. Unlike Ethernet interfaces, serial interfaces require a clock signal to control the timing of the communications, this is known as a clock rate.

In most environments, Data Communications Equipment (DCE) devices such as a modem, or CSU/DSU, provides the clock rate. By default, Cisco routers are DTE devices, or Data Terminal equipment. This means that they accept the clock rate from the DCE device.

Router can be configured as DCE devices, if necessary. If the router is connected as the DCE device, a clock rate must be set on the router interface to control the timing of the DCE/DTE connection.

To configure any interface on the router, it is necessary to be in the global configuration mode. Configuring an Ethernet interface is very similar to configuring a serial interface. One of the main differences is that a serial interface must have a clock rate set if it is acting as a DCE device.

The steps to configure an interface include:

1. Specify the type of interface and the interface port number

2. Specify a description of the interface

3. Configure the interface IP address and subnet mask

4. Set the clock rate, if configuring a serial interface as a DCE

5. Enable the interface

Once an interface is enabled, it may be necessary to turn off an interface for maintenance or troubleshooting. In this case, use the shutdown command.

Configure A Default Router

A router will forward packets from one network to another based on the destination IP address specified in the packet. It examines the route table to determine where to forward the packet to reach the destination network. If the router does not have a route to a specific network in its routing table, a default route can be configured to tell the router how to forward the packet. The default route is used by the router only if the router does not know where to send a packet.

Usually the default route points to the next hop router on the path to the Internet. The information needed to configure the default route is the IP address of the next hop router, or the interface that the router uses to forward traffic with an unknown destination network.

To configure the default route on a Cisco ISR you must be in Global configuration mode:

Router(config)#ip route 0.0.0.0 0.0.0.0 <Next Hop IP Address>

Router(config)#ip route 0.0.0.0 0.0.0.0 <interface> <port number>

Configure DHCP Service

Configure a DHCP Server

It is possible to configure a router with Cisco IOS CLI to function as a DHCP server.

Using a router configured with DHCP simplifies the management of IP addresses on a network; the administrator only needs to update a single, central router when IP configuration parameters change. Configuring DHCP on a router using CLI is a little more complex than configuring it using SDM, because Global Configuration mode must first be activated.

There are eight basic steps to configuring DHCP via CLI

1. Create DHCP Address Pool

2. Specify the Subnet

3. Exclude IP Addresses

4. Specify the Domain Name

5. DNS Server IP Address

6. Set the Default Router

7. Set the Lease Duration

8. Verify the Configuration

Configuring Static NAT Using Cisco IOS CLI

NAT is used on a network to enable hosts with internal private addresses to communicate on the Internet. When configuring NAT, at least one interface must be configured as the inside interface, meaning that it is connected to the internal, private network. Another interface, usually the external interface used to access the Internet, must be configured as the outside interface. When devices on the internal network communicate out through the external interface, the addresses can be translated to one or more registered IP addresses.

There are occasions when a server located on an internal network must be accessible from the Internet. This requires that the server has a specific registered address that external users can specify. One way to provide an Internet accessible address to an internal server is to provide a static NAT translation.

Static NAT ensures that addresses assigned to hosts on the internal network are always translated to the same registered IP address.

Configuring NAT and static NAT using the Cisco IOS CLI requires a number of steps.

Backing Up A Cisco Router Configuration To A TFTP Server

Once a router is configured, the running configuration should be saved to the startup configuration file. It is also a good idea to save the configuration file in another location, such as a network server. If the NVRAM fails or becomes corrupt and the router cannot load the startup configuration file, another copy is available.

Configuration files can be saved to a network server using the TFTP protocol. The TFTP enabled server must be accessible to the router via a network connection. Once the running configuration is saved to the startup configuration file, save the startup configuration to the TFTP server.

1. Enter the copy startup-config tftp command.

2. Enter the IP address of the host where the configuration file will be stored.

3. Enter the name to assign to the configuration file or accept the default.

4. Answer yes to confirm each choice.

A current copy of the running configuration can also be stored on a TFTP server using the copy running-config tftp command.

Restore

To restore the backup configuration file, be sure the router has at least one interface configured and can access the TFTP server over the network.

1. Enter the copy tftp running-config command

2. Enter the IP address of the remote host where the TFTP server is located.

3. Enter the name of the configuration file or accept the default name.

4. Confirm the configuration filename and the tftp server address

Standalone Switches

As customer networks grow, it is often necessary to add larger, more capable switches to support additional users.

A switch is a device that is able to direct a stream of messages coming in one port, out of another port based on the destination MAC address within the frame. A switch cannot route traffic between two different local networks. In the context of the OSI model, a switch performs the Layer 2, known as the data-link layer function.

There are several models of Ethernet switches available depending on user requirements. The Cisco Catalyst 2960 Series Ethernet switch is designed for medium-sized, and branch office networks.

This type of switch is a fixed-configuration, standalone device, and does not use modules or flash card slots. The physical configuration can not change. For this reason, the switch must be purchased with the physical configuration in mind. They are designed to provide 10/100 Fast Ethernet and 10/100/1000 Gigabit Ethernet connectivity to desktop computers. The 2960 series Ethernet switches use Cisco IOS software and can be configured using the GUI-based Cisco Network Assistant or through the CLI.

Each switch port can operate in either half-duplex or full-duplex mode. When a port is in half-duplex mode, at any given time, it can either send or receive data but not both. When a port is in full-duplex mode, it can simultaneously send and receive data, doubling the throughput.

Both the port and the connected device must be set to the same duplex mode. If they are not the same, this creates a duplex mismatch and can lead to excessive collisions and degrade communication.

Switch ports can have the speed and duplex set manually or can use auto negotiation. Autonegotiation occurs when the port can auto-detect the speed and duplex of the device that is connected to the port. Autonegotiation is enabled by default on many Cisco switches. For autonegotiation to be successful, both connected devices must support it.

If the switch is in autonegotiation mode and the connected device does not support it, the switch will:

Use the speed of the other device (10, 100, 1000)

Default to half-duplex mode

This can create issues if the non-autonegotiating device is set to full duplex mode, because the switch defaults to half-duplex.

If the connected device does not autonegotiate, manually configure the duplex settings on the switch to match the duplex settings on the connected device. The speed parameter can adjust itself even if the connected port does not autonegotiate.

The Cisco Catalyst 2960 switch is supported by Cisco IOS switch software.

The Cisco Catalyst 2960 switch IOS image choices are similar to software images available on the Cisco 1841 ISR router.

The IP-base software image is supplied with the Cisco Catalyst 2960 switch. The IP-base software image provides the switch with basic switching capabilities. Other Cisco IOS software images supply additional services to the IP Base image.

Power Up The Cisco 2960 Switch

Powering up a Cisco 2960 switch is similar to powering up a Cisco 1841 ISR.

Perform this procedure to power up a Cisco 2960 switch.

The three basic steps for powering up a switch include:

1. Check the Components

2. Connect the Cables to the Switch

3. Power on the Switch

Once the switch is on, the power-on self-test (POST) begins. During POST, the LEDs blink while a series of tests determine that the switch is functioning properly.

POST has completed when the SYST LED rapidly blinks green. If the switch fails POST, the SYST LED turns amber. When a switch fails the POST test, it is necessary to return the switch for repairs.

Once all startup procedures are finished, the Cisco 2960 switch is ready to configure.

Initial Switch Configuration

There are multiple options available to configure and manage a Cisco LAN switch. These options include:

Cisco IOS Command Line Interface (CLI)

Cisco Network Assistant

Cisco Device Manager

CiscoView Management Software

SNMP Network Management Products

Some of these options use IP connectivity or a web-browser to connect to the switch, this requires the use of an IP address. Unlike router interfaces, switch ports are not assigned IP addresses. In order to use an IP-based management product or Telnet session to manage a Cisco switch, it is necessary to configure a management IP address on the switch.

Once the management IP address is assigned, these tools can use that IP address to access the switch. Until this address is assigned, it is necessary to connect directly to the console port and use a terminal emulation program to perform configuration tasks.

The Cisco Catalyst 2960 switch comes preconfigured and only needs to be assigned basic security information before being connected to the network.

The commands to configure hostname and passwords on the switch are the same commands used to configure the ISR.

In order to use an IP-based management product or Telnet with a Cisco switch, configure a management IP address.

There is one virtual local network, VLAN 1, preconfigured in the switch to provide access to management functions. To configure the IP address assigned to the management interface on VLAN 1, enter global configuration mode.

Switch>enable

Switch#configure terminal

Next, enter the interface configuration mode for VLAN 1.

Switch(config)#interface vlan 1

Set the IP address, subnet mask and default gateway for the management interface. The IP address must be valid for the local network where the switch is installed.

Switch(config-if)#ip address 192.168.1.2 255.255.255.0

Switch(config-if)#exit

Switch(config)#ip default-gateway 192.168.1.1

Switch(config)#end

Save the configuration by using the copy running-configuration startup-configuration command.

Connecting The LAN Switch To The Router

Connect the Switch to the Network

To connect the switch to a router, use a straight-through cables. LED lights on the switch and router indicate that the connection is successful.

Once the switch and router are connected, determine if the two devices are able to exchange messages.

1. Check the IP address configuration

Use the show running-configuration command to verify that the IP address of the management interface on the switch VLAN 1, and the IP address of the directly connected router interface are on the same local network.

2. Use the ping command to test the connection.

From the command line interface on the switch, ping the IP address of the directly-connected router interface. Repeat the process from the command line interface on the router by pinging the management interface IP address assigned to the switch VLAN 1.

If the ping is not successful, verify the connections and configurations again. Check to ensure that all cables are correct and that connections are seated.

After the switch and router are successfully communicating, connect the individual PCs to the switch using straight-through cables.

Access layer switch ports are accessible through the structured cabling at wall outlets. This is a potential entry point to the network by unauthorized users. Switches provide a feature called port security. It is possible to limit the number of addresses that can be learned on an interface. If the number of MAC addresses per port is limited to 1, the first address dynamically learned by the switch becomes the secure address.

CDP

Cisco Discovery Protocol (CDP) is an information-gathering tool used on a switch, ISR or router to share information with other directly connected Cisco devices. By default, CDP begins running when the device boots up. It then sends periodic messages, known as CDP advertisements, onto its directly connected networks.

CDP operates at Layer 2 only and can be used on many different types of local networks, including Ethernet and serial networks. Because it is a Layer 2 protocol, it can be used to determine the status of a directly connected link when no IP address has been configured, or if the IP address is incorrect.

Two Cisco devices that are directly connected on the same local network are referred to as being neighbors. The concept of neighbor devices is important to understand when interpreting the output of CDP commands.

Information gathered by CDP includes:

Device identifiers – configured host name

Address list – Layer 3 address, if configured

Port identifier – directly connected port, for example: serial 0/0/0

Capabilities list – function or functions provided by the device

Platform – hardware platform of the device, for example Cisco 1841

The outputs from the show cdp neighbors and show cdp neighbors detail commands display the information that a Cisco device collects from its directly connected neighbors.

Viewing CDP information does not require the user to log into the remote devices. Because CDP collects and displays a lot of information about directly connected neighbors, without requiring a login to those neighbors, it is usually disabled in production networks.

Installing The CPE

One of the main responsibilities of an on-site network technician is to install and upgrade equipment located at the customer’s home or business. Network devices installed at the customer location are called customer premise equipment (CPE).

Before any equipment is installed at the customer site, the devices are configured and tested at the ISP site. Anything that is not functioning as expected can be replaced or fixed immediately. The network technician makes sure the router is fully configured and that the router configuration is verified. The router is then repackaged for shipment or delivery to the customer.

Once the router is known to be configured correctly, all network cables, power cables, management cables, manufacturer documentation, manufacturer software, configuration documentation and the special tools needed for router installation are assembled.

An inventory checklist is used to verify that all necessary equipment needed to install the router is present. Usually the network technician signs the checklist, indicating that everything has been verified. The signed and dated inventory checklist is included with the router when it is packaged for shipping to the customer premise.

The installation of a new router can be disruptive for a business. Many businesses rely on the Internet for their business correspondence and often have e-commerce services that must be accessed during the day.

It may be impossible to install or upgrade network equipment during normal business hours. If the installation of the new equipment will cause the network to be down, the network technician, the ISP sales person and a representative of the company prepare a router installation plan. This plan ensures that the customer will experience a minimum of disruption in service while the new equipment is installed.

The on-site network technician installs the router at the customer premise, following a router installation plan. This often means the router must be installed after normal working hours or on the weekend. The router installation plan identifies who the customer contact is and what the arrangements are for after-hours access.

When installing customer equipment, it is important to complete the job in a professional manner. This means that all network cables are labeled and fastened together or run through proper cable management equipment. Excess lengths of cable should be coiled and secured out of the way.

Update the documentation to include the current configuration for the router, and update the network diagrams to show the location of the equipment and cables that are installed.

After the router is successfully installed and tested, the network technician completes the installation checklist. The completed checklist is verified by the customer representative. The verification of the router installation often involves demonstrating that the router is correctly configured and that services that depend on the router also work.

When the customer representative is satisfied that the router has been correctly installed and is operational, they sign and date the checklist. Sometimes there is a formal acceptance document that is in addition to the checklist. This procedure is often called the sign-off phase. It is critical that the customer representative signs off on the job because then the ISP can bill the customer for the work.

Installation Documentation

When customer equipment is configured and installed on the customer premise, it is important to document the entire process. Documentation includes all aspects of how the equipment is configured, diagrams of how the equipment is installed, and checklists to validate the correct installation. If a new configuration is needed, compare the documentation with the previous router configuration to determine if and how the new configuration has changed.

Start documenting the work during the installation of the router. All cables and equipment should be correctly labeled and indicated on a diagram to simplify future identification.

Follow an installation and verification checklist when installing a router. This checklist will list the tasks needed to be completed at the customer’s premises. An installation and verification checklist helps a network technician avoid errors and ensures that the installation is done efficiently and correctly.

Leave a copy of the final documentation with the customer.

Professional Image

Many IT jobs require site visits to customer premises on a regular basis to install and troubleshoot equipment. In the eyes of the customer the network technician is a professional who has the responsibility to support their network.

A professional knows how to make the customer feel at ease and confident in the technician’s skills. There are things network technicians can do to ensure that they represent their organization in the most professional manner possible.

Dress for Success

On the first visit to a customer location, it is important for the technician to make a good first impression. The way the technicians are dressed and their personal grooming is the first thing the customer notices. If the technician makes a bad first impression, it may be difficult to change that impression and gain the customer’s confidence. Many employers provide a uniform or have a dress code for their on-site technicians.

Language and Attitude

Remember that the network technician is at the customer location to provide a service. The language and attitude of the technician reflect on the organization that the technician represents. A customer may be anxious or concerned about how the new equipment will operate. When speaking with a customer, be polite and respectful, and answer all customer questions. If additional information is required, be sure to write down the customer inquiry and follow up on it as soon as possible.

Workplace Safety

It is important to minimize the risk of injury when installing network equipment by following good safety practices. Many employers offer safety training as part of their employee services.

Ladders

Use ladders to reach high locations for installation of networking cable or to install wireless access points in places that are difficult to reach. To reduce the risk of falling off the ladder or dropping equipment while climbing on the ladder, work with a partner whenever possible.

High or Dangerous Locations

Sometimes network equipment and cables must be installed in high and dangerous places, such as on the side of a building, on roof tops, or in an internal structure that is not accessible by a ladder. These sorts of installations must be done very carefully. Using a safety harness reduces the risk of falling.

Electrical Equipment

If there is a risk of damaging or coming in contact with any electrical lines when mounting hardware, contact the customer’s electrician to ensure the risk of electrical shock is reduced. Coming in contact with electrical equipment during the installation may result in serious personal injury.

Awkward Spaces

Network equipment is often installed in narrow and awkward spaces. Ensure that the work area is properly lighted. Determine the best way to lift and install equipment to minimize the risks.

Heavy Equipment

Networking devices can be large and heavy. Plan to have the correct equipment and trained personnel when heavy equipment needs to be installed at a customer’s site.

Customer Connection Over WAN

New equipment at the customer site must be connected back to the ISP to provide Internet services. When customer equipment is upgraded, it sometimes necessary to also upgrade the type of connectivity provided by the ISP.

Wide Area Networks

When a company or organization has locations that are separated by large geographical distances, it may be necessary to use the telecommunications service provider (TSP) to interconnect the LANs at the different locations.

Telecommunications service providers operate large regional networks that can span long distances. Traditionally, TSPs transported voice and data communications on separate networks. Increasingly, these providers are offering converged information network services to their subscribers.

Individual organizations usually lease connections through the telecommunications service provider network. These networks that connect LANs in geographically separated locations are referred to as Wide Area Networks (WANs). Although the organization maintains all of the policies and administration of the LANs at both ends of the connection, the policies within the communications service provider network are controlled by the ISP.

WAN connections come in a variety of different types. WAN connections vary in the type of connector used, in bandwidth and in cost. As small businesses grow they will begin to require the increased bandwidth offered by some of the more expensive WAN connections. An ISP sells these various types of WAN connections to their clients. One of the jobs at an ISP or medium-sized business will be to assess the needs for a WAN connection.

There are three types of serial WAN connections.

Point-to-Point

A point-to-point WAN connection is a predefined communications path from the customer premises through a telecommunications service provider (TSP) network. Point-to-point lines are usually leased from a TSP. These lines are often called leased lines. Point-to-point connections are typically the most expensive of the WAN connection types and are priced based on bandwidth required and distance between the two connected points.

Circuit Switched

A circuit switched connection functions similarly to the way a phone call is made over a telephone network. When making a phone call to a friend, the caller picks up the phone, opens the circuit, and dials the number. The caller hangs up the phone when finished and the closes the circuit. An example of a circuit switched WAN connection is an ISDN or dial-up connection.

Packet Switched

In a packet switched WAN connection, networks have connections into the TSP switched network. Many customers share this TSP network. Instead of the circuit being physically reserved from source to destination, as in a circuit switched network. Each customer has their own virtual circuit. A virtual circuit is a logical path between the sender and receiver, not a physical path. An example of a packet switched network is Frame Relay.

Choosing A WAN Connection

There are a lot of choices when choosing a WAN for a business. The choice made is largely dependent on the bandwidth and cost of the WAN connection. Smaller businesses are not able to afford some of the more expensive WAN connection options, such as SONET or ATM WAN connections. They usually install the less expensive DSL, cable, and T1 connections. Availability for the higher bandwidth WAN connections can be limited in geographically isolated locations. If the offices supported are close to an urban center, then there are more WAN choices.

Another factor that affects the decision on which WAN to choose is the nature of how the business plans to use the new WAN connection. If the business provides services over the Internet, it may require higher upstream bandwidth than a business that uses services hosted by ISPs on the Internet. For example, if a business hosts a Web servers for an e-commerce business, the business needs enough upstream bandwidth to accommodate the number of external customers that visit their site. On the other hand, if the business has their e-commerce site managed by an ISP, then they do not require as much upstream bandwidth.

For some businesses, the ability to get a service level agreement (SLA) attached to their WAN connection will also affect their decision. Less expensive WAN connections like dialup, DSL, and cable connections typically do not come with a SLA, whereas more expensive connections do.

There are many things to consider when planning a WAN upgrade. The ISP initiates the process by analyzing the customer needs and reviewing the available options. A proposal is then generated for the customer.

Existing Infrastructure

Included in the proposal is an explanation of existing infrastructure. This explanation is necessary because it helps the customer understand how the existing WAN connection provides services to their home or business.

Customer Requirements

This section of the proposal describes why a WAN upgrade is necessary for the business. It outlines where the current WAN connection does not meet the customer needs. It also includes a list of requirements that the new WAN connection must meet to satisfy the current and future customer requirements.

WAN Options

A list of all of the available WAN choices with the corresponding bandwidth, cost, and other features that are applicable for the business is included in the proposal. The recommended choice is indicated, including possible other options.

Present the Plan

When the WAN upgrade proposal is completed, expect to present it to the business decision makers. They review the document and consider the options. Once they have made their decision, work with them to develop a schedule and coordinate the WAN upgrade process.

Configuring A Router Cisco Using SSH

Connecting to a Device at the Customer Site

After a new network device is installed at the customer premise, it must be monitored from the remote ISP location. There are also times that minor configuration changes need to be made without a technician physically being at the customer site.

A Telnet client can be used over an IP network connection to connect to a device in-band for the purpose of monitoring and administering it. Telnet is not a secure protocol, however. Telnet sends all the information between the PC and the device in a clear text format. This means that the username and password used to authenticate the device can easily be discovered. To protect the device being administering over the network, a different and more secure terminal emulation protocol should be used.

Secure Shell (SSH) is a protocol that functions similarly to Telnet. SSH protects all authentication and transmitted data using encryption. SSH allows safe access a remote device over an insecure network, such as the Internet. There are two versions of the SSH service, which one is supported is dependent on the IOS image loaded on the device.

There are many different SSH client software packages for PCs to choose from. When choosing an SSH client, make sure it supports the SSH version configured on the device.

Configuring WAN Connection

When a WAN connection is configured, the configuration approach depends on what type of WAN connection required. Some WAN connections support Ethernet interfaces. Other WAN connections support serial interfaces.

Leased line WAN connections typically use a serial connection and require a Channel Service Unit/Data Service Unit (CSU/DSU) to attach to the ISP’s network. The ISP equipment needs to be configured so it can communicate through the CSU/DSU to the customer’s premises.

For a serial connection it is important to have a preconfigured clock rate that is the same on both ends of the connection. The clock rate is set by the DCE device, which is typically the CSU/DSU. The Data Terminal Equipment (DTE) device, typically the router, accepts the clock rate set by the DCE.

Cisco’s default serial encapsulation is HDLC. It can be changed to PPP, which provides a more flexible encapsulation and supports authentication by the remote device.

Leave a Comment » | CNAP~sMt~2 | Permalink
Posted by maoels

Chapter One (smt1)

September 15, 2008

How And Where Computer Are Used?

Computers play an increasingly important and nearly indispensable role in everyday life.

Computers are used all over the world and in all types of environments. They are used in businesses, manufacturing environments, homes, government offices and non-profit organizations. Schools use computers for instruction and for maintaining student records. Hospitals use computers to maintain patient records and to provide medical care.

In addition to these types of computers, there are also many customized computers designed for specific purposes. These computers can be integrated into devices such as televisions, cash registers, sound systems, and other electronic devices. They can even be found embedded in appliances such as stoves and refrigerators and used in automobiles, and aircraft.

Where are computers found within your environment?

Computers are used for many reasons and in many different places. They may be of different sizes and processing power, but all computers have some features in common. In order for most computers to perform useful functions, there are three things that have to work together:

1. Hardware – the physical components, both internal and external, that make up a computer.

2. Operating System – a set of computer programs that manages the hardware of a computer. An operating system controls the resources on a computer, including memory and disk storage. An example of an operating system is Windows XP.

3. Application Software – programs loaded on the computer to perform a specific function using the capabilities of the computer. An example of application software is a word processor or a computer game.

Local And Network Aplication

The computer is only as useful as the program or application on it. Applications can be divided into two general categories:

Business/Industry Software – Software designed for use by a specific industry or market. Examples include: medical practice management tools, educational tools and legal software.

General Use Software – Software used by a wide range of organizations and home users for various purposes. These applications can be used by any business or individual.

General use software includes integrated applications packages known as Office Suites. They usually include applications such as word processing, spreadsheet, database, presentation and contacts/schedule management.

Other popular applications include graphics editing software and multimedia authoring applications. These tools allow users to manipulate photos as well as create rich media presentations that use voice, video and graphics.

In addition to Business/Industry and General Use software, an application can be classified as local or networked.

Local application – A local application is a program, such as a word processor, that is stored on the hard disk of the computer. The application runs only on that computer.

Network application – A network application is one that is designed to run over a network, such as the Internet. A network application has two components, one that runs on the local computer and one that runs on a remote computer. Email is an example of a network application.

Most computers have a combination of local and network applications installed.

Clases Of Computer

There are many different types of computers available including:

Mainframes

Servers

Desktops

Workstations

Laptops

Hand-held portable devices

Each type of computer has been designed with a particular purpose in mind, such as portable access to information, processing of detailed graphics, and so on.

The most common types of computers used in homes and businesses are servers, workstations, desktops, laptops and other portable devices. Mainframes, on the other hand, are large centralized computers found in sizeable enterprises and purchased through specialized resellers.

Server, desktop, And Workstation

#Servers

Servers are high performance computers used in businesses and other organizations. Servers provide services to many end users or clients.

Server hardware is optimized for quick response time to multiple network requests. Servers have multiple Central Processing Units (CPUs), large amounts of Random Access Memory (RAM) and multiple high capacity disk drives that provide very fast information retrieval.

The services provided by a server are often important and may need to be available to users at all times. Servers, therefore, often contain duplicate, or redundant, parts to prevent them from failing. Automatic and manual backups of data are also usually done on a regular basis. Servers are usually kept in secure areas where access is controlled.

Their design may be one of several types: they can be a standalone tower design, be rack mounted, or have a blade design. Since a server is typically used as a storage point and not a day-to-day end-user device, it may not have a monitor or keyboard, or may share a monitor and keyboard with other devices.

Common services found on a server include file storage, email storage, web pages, print sharing and others.

#Desktops

Desktops support many options and capabilities. A wide variety of cases, power supplies, hard drives, video cards, monitors and other components are available. Desktops can have many different connection types, video options, and a wide array of supported peripherals.

Desktops are commonly used to run applications such as word processing, spreadsheets and networked applications such as email and web browsing.

There is another type of computer that may look similar to a desktop, but is much more powerful: the workstation.

#Workstation

Workstations are high-powered business computers. They are designed for specialized, high-end applications like engineering programs such as CAD (Computer Aided Design). Workstations are used in 3-D graphics design, video animation and virtual reality simulation. They may also be used as management stations for telecommunications or medical equipment. As with servers, workstations typically have multiple CPUs, large amounts of RAM and multiple, high-capacity disk drives that are very fast. Workstations usually have very powerful graphics capabilities and a large monitor or multiple monitors.

Servers, desktops and workstations are all designed as stationary devices. They are not portable, like laptops.

Portable Device

In addition to various types of stationary computers, there are many portable electronic devices available.

These portable devices vary in size, power and graphic capability and include:

Laptop or notebook PC

Tablet PC

Pocket PC

Personal Digital Assistant (PDA)

Gaming device

Cell phones

Laptops, also called notebooks, are comparable to desktops in usage and processing capability. However, they are portable devices built to be lightweight and use less power, with a built-in mouse, monitor and keyboard. Laptops can also be plugged into a docking station which allows the user to utilize a larger monitor, mouse, full-sized keyboard and have more connection options.

Despite this, laptops have a limited number of configurations available, such as video options and connection types. They are also not as easily upgradeable as the desktop.

Other portable devices, such as PDAs or pocket PCs, have less powerful CPUs and less RAM. They have small screens with limited display capabilities and may have a small input keyboard.

The key advantage of portable computers is that information and services are available immediately, almost anywhere. For example, mobile phones have built-in address books for contact names and telephone numbers. PDAs are available with built-in telephone, web browser, email, and other software.

The functions of these individual devices can be combined into one multifunction device. The multifunction device can combine a PDA, cell phone, digital camera, and music player. It can provide Internet access and wireless networking capability, but has limited processing power similar to the PDA.

Representing Information Digital

Within a computer, information is represented and stored in a digital binary format. The term bit is an abbreviation of binary digit and represents the smallest piece of data. Humans interpret words and pictures; computers interpret only patterns of bits.

A bit can have only two possible values, a one digit (1) or a zero digit (0). A bit can be used to represent the state of something that has two states. For example, a light switch can be either On or Off; in binary representation, these states would correspond to 1 and 0 respectively.

Computers use binary codes to represent and interpret letters, numbers and special characters with bits. A commonly used code is the American Standard Code for Information Interchange (ASCII). With ASCII, each character is represented by a string of bits. For example:

Capital letter: A = 01000001

Number: 9 = 00111001

Special character: # = 00100011

Each group of eight bits, such as the representations of letters and numbers, is known as a byte.

Codes can be used to represent almost any type of information digitally: computer data, graphics, photos, voice, video and music.

Measuring Data Storage Capacity

While a bit is the smallest representation of data, the most basic unit of digital storage is the byte. A byte is 8 bits and is the smallest unit of measure (UOM) used to represent data storage capacity.

When referring to storage space, we use the terms bytes (B), kilobytes (KB), megabytes (MB), gigabytes (GB), and terabytes (TB).

One kilobyte is a little more than one thousand bytes, specifically 1,024. A megabyte represents more than a million bytes or 1,048,576. A gigabyte is 1,073,741,824 bytes and so on. The exact number is gained by taking 2^n power. Example: KB = 2^10; MB = 2^20; GB = 2^30.

In general, when something is represented digitally, the greater the detail, the greater the number of bits needed to represent it. A low-resolution picture from a digital camera will use around 360KB, and a high-resolution picture could use 2 MB or more.

Kilobytes, megabytes, gigabytes, and terabytes are typically used to measure the size or storage capacity of a device. Examples of components and devices that use byte storage include: random access memory (RAM), hard disk drive space, CDs, DVDs, and MP3 players.

Measuring Speed, resolution, And Frequency

One of the advantages of digital information is that it can be transmitted over long distances without the quality becoming degraded. A modem is used to convert the binary information into a form suitable for transmitting through the medium.

Commonly used media are:

Cables, which use pulses of electricity through copper wires

Fiber optics, which use pulses of light over fibers made from glass or plastic

Wireless, which uses pulses of low-power radio waves.

There are two measures for the size of a file: bits (b) and bytes (B). Communication engineers think in terms of transferring bits, whereas computer users think in terms of file sizes, which are usually measured in Bytes (such as kilobytes, megabytes, etc). There are eight bits to one byte.

The data rate determines how long it will take to transfer a file. The larger the file, the longer it takes, because there is more information to transfer. Data transfer rates are measured in thousands of bits per second (kbps) or millions of bits per second (Mbps). Notice, that in the kbps acronym, a lower case k is used instead of the upper case K. This is because when talking about the transfer of data, most engineers round the number down. So a kbps actually refers to the transfer of 1000 bits of information in one second, whereas a Kbps would refer to the transfer of 1024 bits of information in one second. A DSL or a cable modem can operate in ranges of 512 kbps, 2 Mbps or higher depending on the technology being used.

#Download time

Calculated download times are theoretical and depend on cable connection, computer processor speed and other overheads. To get an estimate of the length of time it takes to download a file, divide the file size by the data rate. For example, how long will it take to transfer a low resolution digital photo of 256KB via a 512kbps cable connection? First step, convert the file size into bits: 8 x 256 x 1024 = 2097152 bits. 256KB corresponds to 2097 kb. Notice that the 2097152 is rounded to the nearest 1000, so lower case k is used. The download time is then 2097 kb divided by 512 kbps, which equates to approximately 4 seconds.

In addition to storage capacity and data transfer speed, there are other units of measure when working with computers.

Computer Screen Resolution

Graphics resolution is measured in pixels. A pixel is a distinct point of light displayed on a monitor. The quality of a computer screen is defined by the number of horizontal and vertical pixels that can be displayed. For example a widescreen monitor may be able to display 1280 x 1024 pixels with millions of colors. As for image resolution in digital cameras, it is measured by the number of mega pixels that can captured in a photograph.

Analog Frequencies

Hertz is a measurement of how fast something cycles or refreshes. One hertz represents one cycle per second. In computers, the speed of the computer processor is measured by how fast it can cycle in order to execute instructions, measured in hertz. For example, a processor that runs at 300 MHz (megahertz) executes 300 million cycles per second. Wireless transmissions and radio frequencies are also measured in hertz.

Computer System

There are many types of computers. What makes one computer better suited to play a new game or play a new audio file over another? The answer is the components and peripherals that make up the computer system.

The requirements for a machine dedicated mainly to word processing are very different than one designed for graphics applications or gaming. It is important to determine the intended uses for a computer before deciding on the type of computer and components to purchase.

Many manufacturers mass produce computer systems and sell them either through direct marketing or retail chains. These computer systems are designed to function well for a variety of tasks. There are also a number of vendors that can custom assemble computer systems to the end-user’s specifications. There are advantages and disadvantages for both.

Preassembled Computer

Advantages:

Lower cost

Adequate to perform most applications

No waiting period for assembly

Typically used by less knowledgeable consumers who do not require special needs

Disadvantages:

Often lack the performance level that can be obtained from custom built computers

Custom Built Computer

Advantages:

The end-user can specify exact components that meet user needs

Generally support higher performance applications such as graphics, gaming, and server applications

Disadvantages:

Generally more costly than a preassembled device

Longer waiting periods for assembly

It is also possible to purchase the individual parts and component of a computer and build it. Regardless of the decision to buy a preassembled or custom built system or build it, the final product must match the requirements of the end user. Some of the items to consider when purchasing a computer include: the motherboard, processor, RAM, storage, adapter cards, as well as the case and power options.

MotherBoard, CPU, And RAM

A motherboard is a large circuit board used to connect the electronics and circuitry required which comprise the computer system. Motherboards contain connectors which allow major system components such as the CPU and RAM to attach to the board. The motherboard moves data between the various connections and system components.

A motherboard can also contain connector slots for network, video and sound cards. However, many motherboards now come equipped with these features as integrated components. The difference between the two is how they are upgraded. When using connectors on the motherboard, system components are easily unplugged and changed or upgraded as technology advances.

When upgrading or replacing an on-board feature, it cannot be removed from the motherboard. Therefore, it is often necessary to disable the on-board functionality and add an additional dedicated card using a connector.

When selecting a motherboard it must:

Support the selected CPU type and speed

Support the amount and type of system RAM required by the applications

Have sufficient slots of the correct type to accept all required interface cards

Have sufficient interfaces of the correct type

Central Processing Unit (CPU)

The CPU, or processor, is the nerve center of the computer system. It is the component that processes all of the data within the machine. The type of CPU should be the first decision made when building or updating a computer system. Important factors when selecting a CPU are the processor speed and bus speed.

Processor Speed

Processor speed measures how fast a CPU cycles information. It is generally measured in MHz or GHz. The higher the speed the faster the performance. Faster processors consume more power and create more heat than their slower counterparts. For this reason, mobile devices, such as laptop computers, typically use processors that are slower and consume less power in order to extend the time they can operate using batteries.

Bus Speed

CPUs transfer data between various types of memory on the system board during its operation. The pathway for this movement of data is called the bus. In general, the faster the bus, the faster the computer will be.

When selecting a CPU, keep in mind that applications continue to evolve. Purchasing a CPU of moderate speed may satisfy current requirements. Future applications, however, may be more complicated and require, for example, fast high resolution graphics; if the CPU is not sufficiently fast, the overall performance, measured in terms of response time, will be slower.

The CPU is mounted through a socket on the motherboard and is normally the largest component on the board. The motherboard must be equipped with a compatible socket to accept the selected CPU.

RAM is a type of data storage used in computers. It is used to store programs and data while being processed by the CPU. Stored data is accessed in any order, or at random, as needed. All computer programs run from RAM. Besides the CPU, the amount of RAM is the most important factor in computer performance.

Every operating system requires a minimal amount of RAM in order for the OS to function. Most computers are capable of running multiple applications simultaneously, or multi-tasking. For example, many users run email programs, Instant Messenger clients, as well as anti-virus tools or firewall software. All of these applications require memory. The more applications that need to run simultaneously, the more RAM required.

More RAM is also recommended for computer systems with multiple processors. Additionally, as the speed of the CPU and the bus increase, so must the speed of the memory it accesses. The amount and type of RAM that can be installed on a system is dictated by the motherboard.

Adapter Card

Adapter cards add functionality to a computer system. They are designed to be plugged into a connector or slot on the motherboard and become part of the system. Many motherboards are designed to incorporate the functionality of these adapter cards on the motherboard itself thus removing the necessity to purchase and install separate cards. While this does provide basic functionality, the addition of dedicated adapter cards can often provide an enhanced level of performance.

Some of the more common adapter cards include:

Video cards

Sound cards

Network interface cards

Modems

Interface cards

Controller cards

Storage Device

When power is removed from the computer, any data stored in RAM is lost. Programs and user data must be stored in a form that will not disappear when the power is removed. This is known as non-volatile storage. Many types of non-volatile storage are available for computer systems including:

Magnetic storage devices

Optical storage devices

Static memory (flash) drives

Magnetic Storage

Magnetic storage devices are the most common form found in computers. These devices store information in the form of magnetic fields. They include:

Hard disk drives

Floppy drives

Tape drives

Optical Drives

Optical storage devices use laser beams to record information by creating differences in optical density. These devices include CDs and DVDs and come in three different formats:

Read only: CD, DVD

Write once: CD-R, DVD-R

Write many: CD-RW, DVD-RW

The prices of these devices continue to fall and most computers now incorporate DVD-RW drives that can store approximately 4.7 GB of data on a single disc.

Another form of DVD drive, called Blu-ray is also available. It uses a different type of laser to read and write data. The color of the laser used to store this information is blue-violet. For this reason, disks are called Blu-ray, to distinguish them from conventional DVDs which use a red laser. Blu-ray disks have storage capacities of 25 GB and more.

Static Memory and Memory Sticks

Static memory devices use memory chips to store information. This information is retained even after power is turned off. They connect to a USB port on the computer and offer capacities of 128 MB or more. Due to their size and shape, these devices are known as USB memory keys or flash drives and have widely replaced floppy disks for transportation of files between systems. Many portable and hand-held devices rely entirely on static memory for storage.

When purchasing storage for a computer system, it is generally good practice to have a mix of magnetic storage, optical drives as well as static memory available. When determining storage requirements, be sure to allow for growth by adding an additional 20% of storage above estimated needs.

Peripheral Device

A peripheral is a device that is added to the computer to expand its capabilities. These devices are optional in nature and are not required for the basic functioning of the computer. Instead they are used to increase the usefulness of the machine. Peripheral devices are connected externally to the computer using a specialized cable or wireless connection.

Peripheral devices can fit into one of four categories: input, output, storage or networking devices. Examples of some common peripherals include:

Input devices – trackball, joystick, scanner, digital camera, digitizer, barcode reader, microphone

Output devices – printer, plotter, speakers, headphones

Storage devices – secondary hard drive, external CD/DVD devices, flash drives

Networking – external modems, external NIC

Case And Power Supply

Once all internal components and connections are determined, the case is the next consideration. Some cases are designed to sit on top of the user’s desk while others sit below the desk. Computers designed to sit on the desk provide easy access to interfaces and drives but occupy valuable desk space. A tower or mini-tower can either be used on the desk or sit beneath the table. Whatever the case style, select one that has enough space for all components.

The case and power supply are usually sold together as a unit. The power supply must be sufficient to power the system and any devices that are added to it in the future.

Computer systems require a steady supply of continuous power. The power from many electricity supply companies is subject to voltage reductions and cuts. A poor supply can affect the performance of computer hardware and possibly damage it. These power issues can also corrupt software and data.

In order to help protect the computer system from these power problems, devices such as surge suppressors and uninterruptible power supplies (UPS) have been developed.

Surge Suppressor

A surge suppressor is designed to remove voltage spikes and surges from the power line and prevent them from damaging a computer system. They are relatively inexpensive and easy to install.

Generally the surge suppressor is plugged into the power outlet and the computer system is plugged into the surge suppressor. Many surge suppressors also have connectors for phone lines to protect modems from damage due to voltage surges that may be carried through the telephone lines.

Uninterruptible Power Supplies

A UPS is a device that continually monitors the power to a computer system and maintains the charge on an internal battery. If the power is interrupted, the UPS provides backup power to the system without interruption. The backup power comes from a battery inside the UPS and can only power the computer system for a short period of time. UPSs are designed to provide the end-user with sufficient time to properly shut down a computer system should the main power fail. A UPS can also provide an even flow of power to the computer and prevent damage caused by voltage surges.

UPSs suitable for home and small business use are relatively inexpensive and often incorporate surge suppressors and other functionality to stabilize the power supplied by the utilities company. It is highly recommended that all computers be protected by a UPS regardless of their functionality or location.

Safety And Best Practise

Computers are a collection of very complex components and peripherals, all working together to accomplish a task. Occasionally one of these components fails, or needs to be upgraded to improve the functionality of the system. This may require opening the computer and working inside the case.

When working inside a computer case, it is important to keep precautions in mind to prevent damage to the system components as well as harm to the technician. Before the computer case is opened, make sure the computer is switched off and the power cable is unplugged.

Computer systems and monitors can be very heavy and should be lifted with caution. Before opening a computer system be sure to have a proper work area. The work area should be a clean flat surface, strong enough to support the weight of heavy equipment. It should be well organized, free from clutter and distractions, and adequately lit to prevent eye stain.

Wear proper eye protection to prevent accumulated dust, small screws, and components from causing damage to the eyes. Additionally, when opening a computer case, be aware there are sharp edges that should be avoided.

Power supplies and monitors operate at dangerously high voltages and should only be opened by individuals with special training.

Some computer systems are specially designed to enable components to be hot-swapped, meaning that it is not necessary to turn off the computer before adding or removing components. This feature allows the system to remain operational during repairs or upgrades and is usually found in high performance servers.

Unless you are sure that the system is hot-swappable, turn it off before opening the case or removing components. Inserting or removing components with the power on, in a system that is not hot-swappable, can cause permanent and serious damage to the system and technician.

Internal system components are especially sensitive to static electricity. ESD (Electrostatic Discharge) is static electricity that can be transferred from your body to electronic components in the computer. The static electricity doesn’t have to be felt by you in order to occur.

ESD can cause catastrophic failures in components, making them non-functional. ESD can also cause intermittent faults which are very difficult to isolate. For this reason, proper grounding is essential. A special wrist grounding strap is used to connect the technician to the computer case. Grounding ensures that they both reach the same voltage potential and ESD is prevented.

Excess force should never be used when installing components. Excessive force can damage both the motherboard and the component being installed, and can prevent the system from functioning properly. Damage is not always visible. Force can also damage connectors which, in turn, can damage new system components.

In order to make certain that all safety precautions are followed it is a good idea to create a safety checklist which can be followed.

Instaling Component And Perifiying Operation

The following procedures apply to most system components.

1. Determine if the computer component is hot-swappable. If not, or if in doubt, unplug the system unit before opening the case.

2. Attach a grounding strap from your body to the system framework, or chassis, to prevent any damage which may be caused by ESD.

3. If replacing a component, remove the old component. Components are often held into the system with small screws or clips. When removing screws do not to let them drop on the system motherboard. Also, be careful not to break any plastic clips.

4. Check the connection type on the new component. Each card is designed to work only with a certain type of connector and should not be forced when inserting or removing the card.

5. Place the new component in the correct connection slot, with the correct orientation, carefully following all installation instructions that may have accompanied the component.

Follow safety precautions throughout the process.

Once the component has been added or upgraded, close the case and reconnect the power and other cables. Switch on the system and watch for any messages that may appear on the screen. If the system fails to start, disconnect all cables and verify that the component was properly installed. If the system still will not start with the new component installed, remove it and try to start the system. If the system starts without the new component, the component may not be compatible with the current hardware and software and additional research into the problem is required.

Certain components require the addition of a specialized piece of software, or driver, to function. For commonly encountered components the drivers are usually contained in the operating system itself but for more specialized components the driver must be added separately. Newer operating systems will usually prompt for the addition of any required drivers.

Drivers are continually updated to improve efficiency and functionality. The most current driver can be obtained from the manufacturer’s web site and should normally be used. Always read any documentation that accompanies the driver software for potential problems and the proper installation procedure.

Once installed, the component should be tested for complete functionality.

Components are designed to make use of specific sets of system resources. If two components try to use the same resources one, or both, will fail. The solution is to change the resources used by one of the devices. Newer components and operating systems are able to dynamically assign system resources.

If the device fails to function properly, verify that the correct and most recent driver is installed. Also check that the operating system has correctly detected and identified the device. If this fails to correct the problem, power down the system, carefully reseat the component, and verify that all connections are correct. Check the component documentation for the correct settings. If the device continues to be non-functional, it is possible that the component is defective and it should be returned to the vendor.

Peripheral devices, unlike internal components, do not require the computer case to be opened for installation. Peripherals connect to an interface on the outside of the case with a wired or wireless link. Historically peripherals were designed to function when connected to a specific type of port. For example, Personal Computer printers were designed to connect to a parallel port which transferred data from the computer to the printer in a specific format.

More recently the development of the Universal Serial Bus (USB) interface has greatly simplified the connection of peripheral devices that use wires. USB devices require no complex configurations and can merely be plugged into an appropriate interface assuming the proper driver has been installed. There have also been an increasing number of peripheral devices which connect to the host computer through wireless technology.

The installation of a peripheral device requires several steps. The order and detail of these steps varies depending on the type of physical connection and whether or not the peripheral is a Plug-and-Play (PnP) device. The steps include:

Connect the peripheral to the host using the appropriate cable or wireless connection

Connect the peripheral to a power source

Install the appropriate driver

Some old peripheral devices, so-called legacy devices, are not PnP enabled. For these, driver installation occurs after the device has been connected to the printer and powered up.

For PnP enabled USB devices, the driver is preinstalled on the system. In this case, when the PnP device is connected and powered on, the operating system recognizes the device and installs the appropriate driver.

Installation of outdated or wrong drivers can cause a peripheral device to behave unpredictably. For this reason, it is necessary to install the most current drivers available.

If the peripheral device does not function once connected and installed, verify that all cables have been properly connected and that the device is powered up.

Many devices, such as printers, offer a testing functionality on the device directly, and not through the computer. Use this feature to verify that the device itself is functioning properly. If the device is operational, but not connecting to the computer system, the problem could be with the cable connection.

Swap the suspect cable with a known good one. If this fails to solve the problem the next step is to verify that the connection port the peripheral device is connected to is recognized by the operating system.

If everything appears to be functioning properly the device may not be compatible with the current hardware or operating system and requires more research to solve the problem.

Once installed, the full functionality of the peripheral device must be tested. If only partial functionality is available the most likely cause is an outdated driver. This is easily remedied by downloading and installing the most current driver from the manufacturer’s web site.

Leave a Comment » | CNAP~sMt~1 | Permalink
Posted by maoels

	maoels on Sejarah Doraemon
	liew267 on Sejarah Doraemon
	maoels on Sejarah Doraemon
	maoels on Sejarah Doraemon
	maoels on Membuat Portable Software
	maoels on Topologi Jaringan
	maoels on Topologi Jaringan
	maoels on Live Is Gambling
	CuTe AssyIIkk on Topologi Jaringan
	jonni on Membuat Portable Software

Maoels VIP blog

Kunjungi juga

Chapter Eight (smt2)

Chapter Seven (smt2)

Chapter Six (smt2)

Chapter One (smt2)

Chapter Two (smt2)

Chapter Three (smt2)

Chapter Four (smt2)

Chapter Five (smt2)

Chapter One (smt1)

License Agreement

Link's~ku

mY FrIenDs

Categories

Inget Janji Loe!

Jumlah Orang Nyasar

Yang lagi baca

Pemberi Komentar

Asli Indonesia

My Community

Meta

Spam Blocked

December 2009
M	T	W	T	F	S	S
« Oct
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31

License Agreement

Link's~ku

mY FrIenDs

Categories

Inget Janji Loe!

Jumlah Orang Nyasar

Yang lagi baca

Pemberi Komentar

Asli Indonesia

My Community

Meta

Category Cloud

Spam Blocked