Network Intrusion Detection

Download as odt, pdf, or txt
Download as odt, pdf, or txt
You are on page 1of 16
At a glance
Powered by AI
The key takeaways are that a LAN connects computers within a limited area like a building, uses technologies like Ethernet and Wi-Fi, and cabling can include twisted pair, coaxial or fiber.

The main components of a LAN are network workstations, servers, switches, routers and other networking hardware as well as networking software.

Congestion control in Frame Relay networks aims to control network congestion. Its elements are admission control, committed information rate (CIR), committed burst size (BC) and excess burst size (BE).

Unit 4

LAN:
A local area network (LAN) is a computer network that interconnects computers within a limited
area such as a residence, school, laboratory, university campus or office building. By contrast,
a wide area network (WAN) not only covers a larger geographic distance, but also generally
involves leased telecommunication circuits.
Ethernet and Wi-Fi are the two most common technologies in use for local area networks. Historical
technologies include ARCNET, Token ring, and AppleTalk.

Cabling
Early Ethernet (10BASE-5 and 10BASE-2) used coaxial cable. Shielded twisted pair was used in
IBM's Token Ring LAN implementation. In 1984, StarLAN showed the potential of
simple unshielded twisted pair by using Cat3 cable—the same cable used for telephone systems.
This led to the development of 10BASE-T (and its successors) and structured cabling which is still
the basis of most commercial LANs today.
While optical fiber cable is common for links between network switches, use of fiber to the
desktop is rare.

Wireless media
In a wireless LAN, users have unrestricted movement within the coverage area. Wireless networks
have become popular in residences and small businesses, because of their ease of installation. Most
wireless LANs use Wi-Fi as it is built into smartphones, tablet computers and laptops. Guests are
often offered Internet access via a hotspot service.

Technical aspects
Network topology describes the layout of interconnections between devices and network segments.
At the data link layer and physical layer, a wide variety of LAN topologies have been used,
including ring, bus, mesh and star.
Simple LANs generally consist of cabling and one or more switches. A switch can be connected to
a router, cable modem, or ADSL modem for Internet access. A LAN can include a wide variety of
other network devices such as firewalls, load balancers, and network intrusion detection. Advanced
LANs are characterized by their use of redundant links with switches using the spanning tree
protocol to prevent loops, their ability to manage differing traffic types via quality of service (QoS),
and their ability to segregate traffic with VLANs.
At the higher network layers, protocols such as NetBEUI, IPX/SPX, AppleTalk and others were
once common, but the Internet Protocol Suite (TCP/IP) has prevailed as a standard of choice.
LANs can maintain connections with other LANs via leased lines, leased services, or across
the Internet using virtual private network technologies. Depending on how the connections are
established and secured, and the distance involved, such linked LANs may also be classified as
a metropolitan area network (MAN) or a wide area network (WAN).
Features:
•Every computer has the potential to communicate with any other computers of the network.
•High degree of interconnection between computers.
•Easy physical connection of computers in a network.
•Inexpensive medium of data transmission.
•High qdata transmission rate.
Components of a LAN

For users, a network is all about the software they actually deal with, whether it's a word processor,
accounting software or some kind of high-end custom program. Underneath that, making it work,
you'll find a network-aware operating system, the drivers that help your computers talk to the
networking hardware, and all the specialized code that handles communications between devices.
Those are the software components of the network.

Network Workstations: The whole point of a LAN is to have users working together collaboratively,
or at least sharing the network's resources, so all of those users need to have a way to access the
network. That's done through the individual computers, or workstations, that are connected together
to make up the LAN. Those computers can be pretty much anything. A given office might contain
everything from low-end laptops or Chromebooks to high-powered engineering workstations, with
plenty of standard-issue machines in between to handle the routine duties of accounting, word
processing, point-of-sale and so on. In a wireless network, even a tablet or a cell phone can be
treated as a workstation.
Network Interface Cards and Drivers
Your individual workstations won't be part of the network unless they have some way of
communicating with everything else that's on the LAN. That requires something called a Network
Interface Card, usually shorted to NIC. This provides a way for your computer to connect to the
LAN and exchange information with it. Most computers are built with two kinds of NIC already on
board, one that uses Wi-Fi and one that uses an Ethernet connection. You can use the built-in NIC to
connect with, or you can install a separate specialized card to meet your company's individual
needs.
Shared Hardware Resources
Most of your users probably need the ability to print, but only a few of them will print high volume
on a regular basis. Rather than parking a printer on every desk, where most of them will gather dust,
you can have everyone else share a small number of networked printers. There will always be some
situations where you'll need to allocate or "dedicate" a resource to one specific user, or one specific
group of users, but that's fine. If you only have one person doing large-scale artwork, or creating
oversized drawings and blueprints, there's no need for everyone else to have access to their printer
or plotter.
Networking Operating System (OS)
One of the most crucial pieces of a LAN is the software that juggles all of your network's resources
and users so that everybody has what they need. It keeps track of what devices are on the LAN,
what programs are running, what information is being circulated around the network and which of
the network's resources are needed to make it all work. In the early days of networking, from the
1980s to the beginning of this century, you needed a separate program like Novell's Netware or
Banyan's Vines to do that. y.
Network-Aware Programs
The most visible part of the network, for users, is their actual working software. In the early days,
for example, a network was the only convenient way multiple users could collaborate on a single
Word document or an Excel spreadsheet. That can be done in the cloud now, but other collaborative
tools like Slack and Evernote make it easier for all of your people to work together.
A Communications Medium
You can have everything you need for a LAN in your offices, all freshly installed and gleaming, but
they're so many separate lumps of hardware until you actually give them a way to communicate.
LAN Usuage:

A local-area network connects the computer hardware in a localized area such as an office or home.
LANs use wired connections to link the computers to each other and to a variety of peripheral
devices such as printers. Devices connected to a LAN are able to access data from any machine
that's connected to the network. LAN users can communicate with each other by chat or email .

LAN standards: Local Area Network (LAN) is a data communication network connecting various
terminals or computers within a building or limited geographical area. The connection among the
devices could be wired or wireless. Ethernet, Token Ring and Wireless LAN using IEEE 802.11 are
examples of standard LAN technologies.

Ethernet :-
Ethernet is most widely used LAN Technology, which is defined under IEEE standards 802.3. The
reason behind its wide usability is Ethernet is easy to understand, implement, maintain and allows
low-cost network implementation. Also, Ethernet offers flexibility in terms of topologies which are
allowed. Ethernet operates in two layers of the OSI model, Physical Layer, and Data Link Layer.
For Ethernet, the protocol data unit is Frame since we mainly deal with DLL .

Data Terminal Equipment (DTE):- Generally, DTEs are the end devices that convert the user
information into signals or reconvert the received signals. DTEs devices are: personal computers,
workstations, file servers or print servers also referred to as end stations. These devices are either
the source or the destination of data frames. The data terminal equipment may be a single piece of
equipment or multiple pieces of equipment that are interconnected and perform all the required
functions to allow the user to communicate. A user can interact to DTE or DTE may be a user.

Data Communication Equipment (DCE):- DCEs are the intermediate network devices that receive
and forward frames across the network. They may be either standalone devices such as repeaters,
network switches, routers or maybe communications interface units such as interface cards and
modems. The DCE performs functions such as signal conversion, coding and may be a part of the
DTE or intermediate equipment.
Currently, these data rates are defined for operation over optical fibers and twisted-pair cables:
i) Fast Ethernet
Fast Ethernet refers to an Ethernet network that can transfer data at a rate of 100 Mbit/s.
ii) Gigabit Ethernet
Gigabit Ethernet delivers a data rate of 1,000 Mbit/s (1 Gbit/s).
iii) 10 Gigabit Ethernet
10 Gigabit Ethernet is the recent generation and delivers a data rate of 10 Gbit/s (10,000 Mbit/s). It
is generally used for backbones in high-end applications requiring high data rates.

Token ring:Token Ring local area network (LAN) technology is a communications


protocol for local area networks. It uses a special three-byte frame called a "token" that travels
around a logical "ring" of workstations or servers. This token passing is a channel access
method providing fair access for all stations, and eliminating the collisions of contention-based
access methods.
A token ring network is a local area network (LAN) in which all computers are connected in
a ring or star topology and pass one or more logical tokens from host to host. Only a host that holds
a token can send data, and tokens are released when receipt of the data is confirmed. Token ring
networks prevent data packets from colliding on a network segment because data can only be sent
by a token holder and the number of tokens available is controlled.

Very briefly, here is how token ring works:


1. Systems in the LAN are arranged in a logical ring; each system receives data frames from its
logical predecessor on the ring and sends them to its logical successor. The network may be an
actual ring, with cabling connecting each node directly to its neighbors, but more often is a star,
with the ring existing only logically in the wiring closet within the "multiaccess unit" to which all
the hosts connect.
2. Empty information frames are continuously circulated on the ring, along with frames containing
actual data; any node receiving an empty frame and having nothing to send simply forwards the
empty frame.
3. When a computer has a message to send, it waits for an empty frame. When it has one, it does the
following:
a) Inserts a token indicating that it is sending data in the frame -- this may be as simple as
changing a zero to a one in the token section of the frame, although other schemes are possible,
and is said to "hold the token" for that frame.
b) Inserts the data it wants to transmit into the payload section of the frame.
c) Sets a destination identifier on the frame.
4. When a computer receives a frame containing data (indicated by the token) it knows it cannot
transmit data of its own and so it does the following:
a) If it is not the sender or the destination, it simply retransmits the frame, sending it to the next
host in the ring.
b) If it is the destination for the message, it copies the message from the frame and clears the
token to indicate receipt.
c) If it is the sender (and assuming the destination node has indicated receipt of the frame by
clearing the token) it sees that the message has been received, removes the message payload
from the frame (restoring it to "empty" status) and sends the empty frame around the ring.

Wireless LAN:A wireless LAN (WLAN) is a wireless computer network that links two or more
devices using wireless communication to form a local area network (LAN) within a limited area
such as a home, school, computer laboratory, campus, office building etc. This gives users the
ability to move around within the area and yet still be connected to the network. Through
a gateway, a WLAN can also provide a connection to the wider Internet.Most modern WLANs are
based on IEEE 802.11 standards and are marketed under the Wi-Fi brand name. Wireless LANs
have become popular for use in the home, due to their ease of installation and use. They are also
popular in commercial properties that offer wireless access to their employees and customers.

Architecture
Stations
All components that can connect into a wireless medium in a network are referred to as stations
(STA). All stations are equipped with wireless network interface controllers (WNICs). Wireless
stations fall into two categories: wireless access points, and clients. Access points (APs),
normally wireless routers, are base stations for the wireless network. They transmit and receive
radio frequencies for wireless enabled devices to communicate with. Wireless clients can be mobile
devices such as laptops, personal digital assistants, IP phones and other smartphones, or non-
portable devices such as desktop computers, printers, and workstations that are equipped with a
wireless network interface.
Basic service set
The basic service set (BSS) is a set of all stations that can communicate with each other at PHY
layer. Every BSS has an identification (ID) called the BSSID, which is the MAC address of the
access point servicing the BSS.
There are two types of BSS: Independent BSS (also referred to as IBSS), and infrastructure BSS.
An independent BSS (IBSS) is an ad hoc network that contains no access points, which means they
cannot connect to any other basic service set.
Independent basic service set
An IBSS is a set of STAs configured in ad hoc (peer-to-peer)mode.
Extended service set
An extended service set (ESS) is a set of connected BSSs. Access points in an ESS are connected by
a distribution system. Each ESS has an ID called the SSID which is a 32-byte character string.
Distribution system
A distribution system (DS) connects access points in an extended service set. The concept of a DS
can be used to increase network coverage through roaming between cells. DS can be wired or
wireless. Current wireless distribution systems are mostly based on WDS or MESH protocols,
though other systems are in use.

IEEE 802 Standards:IEEE 802 is a family of IEEE standards dealing with local area
networks and metropolitan area networks.
The IEEE 802 standards are restricted to networks carrying variable-size packets, unlike cell
relay networks, for example, where data is transmitted in short, uniformly sized units called
cells. Isochronous networks, where data is transmitted as a steady stream of octets, or groups of
octets, at regular time intervals, are also beyond the scope of the IEEE 802 standards.
The number “802” has no particular significance: it was simply the next available number IEEE
could assign to the standards project, although "802" is sometimes associated with February 1980,
the date of the first meeting.
The services and protocols specified in IEEE 802 map to the lower two layers (Data Link and
Physical) of the seven-layer OSI networking reference model. In fact, IEEE 802 splits the OSI Data
Link Layer into two sub-layers named logical link control (LLC) and media access control (MAC),
so the layers can be listed like this:
•Data link layer
•LLC sublayer
•MAC sublayer
•Physical layer
The IEEE 802 family of standards is maintained by the IEEE 802 LAN/MAN Standards Committee
(LMSC). The most widely used standards are for the Ethernet family, Token Ring, Wireless LAN
(Wi-Fi), Bridging and Virtual Bridged LANs. An individual working group provides the focus for
each area. The groups are numbered from 802.1 to 802.12.
Token Passing:
On a local area network, token passing is a channel access method where a signal called a token is
passed between nodes to authorize that node to communicate. In contrast to polling access
methods, there is no pre-defined "master" node. The most well-known examples are token
ring and ARCNET, but there were a range of others, including FDDI (Fiber Distributed Data
Interface), which was popular in the early to mid 1990s.
Token passing schemes degrade deterministically under load, which is a key reason why they were
popular for industrial control LANs such as MAP, (Manufacturing Automation Protocol).[5] The
advantage over contention based channel access (such as the CSMA/CD of early Ethernet), is that
collisions are eliminated, and that the channel bandwidth can be fully utilized without idle time
when demand is heavy. The disadvantage is that even when demand is light, a station wishing to
transmit must wait for the token, increasing latency.
Some types of token passing schemes do not need to explicitly send a token between systems
because the process of "passing the token" is implicit. An example is the channel access method
used during "Contention Free Time Slots" in the ITU-T G.hn standard for high-speed local area
networking using existing home wires (power lines, phone lines and coaxial cable).
Ethernet:
Ethernet is a family of computer networking technologies commonly used in local area
networks (LAN), metropolitan area networks (MAN) and wide area networks (WAN).[1] It was
commercially introduced in 1980 and first standardized in 1983 as IEEE 802.3, and has since
retained a good deal of backward compatibility and been refined to support higher bit rates and
longer link distances. Over time, Ethernet has largely replaced competing wired LAN technologies
such as Token Ring, FDDI and ARCNET.
The original 10BASE5 Ethernet uses coaxial cable as a shared medium, while the newer Ethernet
variants use twisted pair and fiber optic links in conjunction with switches. Over the course of its
history, Ethernet data transfer rates have been increased from the original 2.94 megabits per
second (Mbit/s)[2] to the latest 400 gigabits per second (Gbit/s). The Ethernet standards comprise
several wiring and signaling variants of the OSI physical layer in use with Ethernet.
Systems communicating over Ethernet divide a stream of data into shorter pieces called frames.
Each frame contains source and destination addresses, and error-checking data so that damaged
frames can be detected and discarded; most often, higher-layer protocols trigger retransmission of
lost frames. As per the OSI model, Ethernet provides services up to and including the data link
layer.[3] The 48-bit MAC address was adopted by other IEEE 802 networking standards,
including IEEE 802.11 Wi-Fi, as well as by FDDI, and EtherType values are also used
in Subnetwork Access Protocol (SNAP) headers.
Ethernet is widely used in homes and industry. The Internet Protocol is commonly carried over
Ethernet and so it is considered one of the key technologies that make up the Internet.
Fast Ethernet uses the same frame formats and CSMA/CD technology as normal 10Mbps Ethernet.
The difference is that the maximum delay for the signal across the segment is now 5.12
microseconds instead of 51.2 microseconds. This comes from the fact that the bit time (time to
transmit one bit) is 0.01 microseconds and that the slot time for a frame is 512 bit times. The Inter-
Packet Gap (IPG) for 802.3u is 0.96 microseconds as opposed to 9.6 microseconds for 10Mbps
Ethernet.

Fast Ethernet is the most popular of the newer standards and is an extension to 10BaseT, using
CSMA/CD. The '100' denotes 100Mbps data speed and it uses the same two pairs as 10BaseT (1
and 2 for transmit, 3 and 6 for receive) and must only be used on Category 5 UTP cable installations
with provision for it to be used on Type 1 STP. The Copper physical layer being based on
the Twisted Pair-Physical Medium Dependent (TP-PMD) developed by ANSI X3T9.5 committee.
The actual data throughput increases by between 3 to 4 times that of 10BaseT.
The functional principles of Gigabit Ethernet are the same as Ethernet and Fast Ethernet i.e.
CSMA/CD and the Framing format, the physical outworking is very different. One difference is the
slot time. The standard Ethernet slot time required in CSMA/CD half-duplex mode is not long
enough for running over 100m of copper, so Carrier Extension is used to guarantee a 512-bit slot
time.

BASIS FOR COMPARISON FAST ETHERNET GIGABIT ETHERNET


Basic Offers 100 Mbps speed. Provide 1 Gbps speed.
Delay Generate more delay. Less comparatively.
Complicated and create more
Configuration Simple
errors.
Coverage Can cover distance up to 10 km. Has the limit of 70 km.
Successor of 10-Base-T
Relation A successor of fast Ethernet.
Ethernet.
Round trip delay 100-500 bit times 4000 bit times

Lan Interconnecting devices


Repeater – A repeater operates at the physical layer. Its job is to regenerate the signal over the same
network before the signal becomes too weak or corrupted so as to extend the length to which the
signal can be transmitted over the same network. An important point to be noted about repeaters is
that they do not amplify the signal. When the signal becomes weak, they copy the signal bit by bit
and regenerate it at the original strength. It is a 2 port device.
Hub – A hub is basically a multiport repeater. A hub connects multiple wires coming from different
branches, for example, the connector in star topology which connects different stations. Hubs
cannot filter data, so data packets are sent to all connected devices. In other words, collision
domain of all hosts connected through Hub remains one. Also, they do not have intelligence to find
out best path for data packets which leads to inefficiencies and wastage.
Types of Hub
•Active Hub:- These are the hubs which have their own power supply and can clean, boost
and relay the signal along with the network. It serves both as a repeater as well as wiring
centre. These are used to extend the maximum distance between nodes.
•Passive Hub :- These are the hubs which collect wiring from nodes and power supply from
active hub. These hubs relay signals onto the network without cleaning and boosting them and
can’t be used to extend the distance between nodes.
Switch – A switch is a multiport bridge with a buffer and a design that can boost its efficiency(a
large number of ports imply less traffic) and performance. A switch is a data link layer device. The
switch can perform error checking before forwarding data, that makes it very efficient as it does not
forward packets that have errors and forward good packets selectively to correct port only. In other
words, switch divides collision domain of hosts, but broadcast domain remains same.
Bridge – A bridge operates at data link layer. A bridge is a repeater, with add on the functionality of
filtering content by reading the MAC addresses of source and destination. It is also used for
interconnecting two LANs working on the same protocol. It has a single input and single output
port, thus making it a 2 port device.
Types of Bridges
•Transparent Bridges:- These are the bridge in which the stations are completely unaware of
the
bridge’s existence i.e. whether or not a bridge is added or deleted from the network,
reconfiguration of
the stations is unnecessary. These bridges make use of two processes i.e. bridge forwarding
and bridge learning.
•Source Routing Bridges:- In these bridges, routing operation is performed by source station
and the frame specifies which route to follow. The hot can discover frame by sending a special
frame called discovery frame, which spreads through the entire network using all possible
paths to destination.
Routers – A router is a device like a switch that routes data packets based on their IP addresses.
Router is mainly a Network Layer device. Routers normally connect LANs and WANs together and
have a dynamically updating routing table based on which they make decisions on routing the data
packets. Router divide broadcast domains of hosts connected through it.
Gateway – A gateway, as the name suggests, is a passage to connect two networks together that may
work upon different networking models. They basically work as the messenger agents that take data
from one system, interpret it, and transfer it to another system. Gateways are also called protocol
converters and can operate at any network layer. Gateways are generally more complex than switch
or router.

Brouter – It is also known as bridging router is a device which combines features of both bridge and
router. It can work either at data link layer or at network layer. Working as router, it is capable of
routing packets across networks and working as bridge, it is capable of filtering local area network
traffic.

Unit 4 WAN

When we need access to other remote networks, connect two LANs together or give others access
to our LAN, we need a WAN (Wide Area Network). As the name implies, WANs cover large
geographical areas. This could be a network between two cities or as large as the Internet.
WANs are operated by companies like phone/cable companies, service providers, or satellite
companies. They build large networks that span entire cities or regions and lease the right to use
their networks to their customers. A WAN connection should truly only occur in large
environments. WAN connections are available from house to house, city to city, and country to
country. Due to it's typically massive size, WAN's are almost always slower then a LAN. The
further the distance, the slower the network.
One of the big disadvantages to having a WAN is the cost it can incur. Having a private WAN can
be expensive. The reason that WANs cost a lot tends to be because of the technology required to
connect two remote places, which brings me to the explanation of the technology behind a WAN.

A WAN connection is generally harder to set up, and there are many creative ways to do so. One
very common way is renting a line from an internet service provider and using their network (that’s
already connecting the nation and the world) and connecting your point A and B. Another way to do
a WAN is connecting the devices with various wireless technologies, like cellphone towers or
satellites. As you can imagine, all these are much harder to create than setting up a LAN and almost
always demand high level professional setup and maintenance.
Advantages of a wide area network (WAN)
Covers large geographical area:
Wan covers a large geographical area of 1000 km or more If your office is in different cities or
countries then you can connect your office branches through wan. ISP (Internet service provider)
can give you leased lines by which you can connect different branch offices together.
Centralized data:
Your company doesn’t need to buy email, files, and backup servers, they can all reside on head
office. All office branches can share the data through the head office server. You can get back up,
support, and other useful data from the head office and all data are synchronized with all other
office branches.
Get updated files and data:
Software companies work over the live server to exchange updated files. So all the coders and
office staff get updated version of files within seconds.
A lot of application to exchange messages:
With IOT (Internet of things) and new LAN technologies, messages are being transmitted fast. A lot
of web applications are available like Facebook messenger, WhatsApp, Skype by which you can
communicate with friends via text, voice and video chat.
Sharing of software and resources:
Like LAN we can share software applications and other resources like a hard drive, RAM with
other users on the internet. In web hosting, we share computer resources among many websites.
Global business:
Now everyone with computer skills can do business on the internet and expand his business
globally. There are many types of business like a shopping cart, sale, and purchase of stocks etc.
High bandwidth:
If you get leased lines for your company then it gives high bandwidth than normal broadband
connection. You can get a high data transfer rate that can increase your company productivity.
Distribute workload and decrease travel charges:
Another benefit of wide area network is that you can distribute your work to other locations. For
example, you have an office in the U.S then you can hire people from any other country and
communicate with them easily over WAN. It also reduces your travel charges as you can monitor
the activities of your team online.
Disadvantages of a wide area network (WAN)
Security problems:
WAN has more security problem as compare to MAN and LAN. WAN has many technologies
combined with each other which can create a security gap.
Needs firewall and antivirus software:
As data transferred on the internet can be accessed and changed by hackers so firewall needs to be
enabled in the computer. Some people can also inject a virus into the computer so antivirus software
needs to be installed. Other security software also needs to be installed on different points in WAN.
The setup cost is high:
Setting up WAN for the first time in office costs higher money. It may involve purchasing routers,
switches, and extra security software.
Troubleshooting problems:
As WAN covers a lot of areas so fixing the problem in it is difficult. Most of WAN wires go into the
sea and wires get broken sometimes. It involves a lot of resources to fix lines under the sea. In ISP
(Internet service provider) head office many of internet lines, routers are mixed up in rooms and
fixing issues on the internet requires a full-time staff.
Server down and disconnection issue:
In some areas, ISP faces problems due to electricity supply or bad lines structure. Customers often
face connectivity issues or slow Internet speed issues. The solution to this is to purchase a dedicated
line from ISP.
Examples of wide area network (WAN)
Some examples of WAN are below:
• Internet
• U.S defense department
• Most big banks
• Airline companies
• Stock brokerages
• Railway reservations counter
• Large telecommunications companies like Airtel store IT department
• Satellite systems
• Cable companies
• Network providers

WAN Technologies(https://networklessons.com/cisco/ccna-routing-
switching-icnd1-100-105/introduction-to-wans-wide-area-
network ) Refer Google link complete topic
Routing: Routing is the process of selecting a path for traffic in a network or between or across
multiple networks. Broadly, routing is performed in many types of networks, including circuit-
switched networks, such as the public switched telephone network (PSTN), and computer networks,
such as the Internet.

In packet switching networks, routing is the higher-level decision making that directs network
packets from their source toward their destination through intermediate network nodes by specific
packet forwarding mechanisms. Packet forwarding is the transit of network packets from
one network interface to another. Intermediate nodes are typically network hardware devices such
as routers, gateways, firewalls, or switches. General-purpose computers also forward packets and
perform routing, although they have no specially optimized hardware for the task.

The routing process usually directs forwarding on the basis of routing tables, which maintain a
record of the routes to various network destinations. Routing tables may be specified by an
administrator, learned by observing network traffic or built with the assistance of routing protocols.
Routing, in a narrower sense of the term, often refers to IP routing and is contrasted with bridging.
IP routing assumes that network addresses are structured and that similar addresses imply proximity
within the network. Structured addresses allow a single routing table entry to represent the route to
a group of devices. In large networks, structured addressing (routing, in the narrow sense)
outperforms unstructured addressing (bridging). Routing has become the dominant form of
addressing on the Internet. Bridging is still widely used within local area networks.
Routing schemes differ in how they deliver messages:

unicast delivers a message to a single specific node

•broadcast delivers a message to all nodes in the network


•multicast delivers a message to a group of nodes that have expressed interest in receiving the
message
•anycast delivers a message to any one out of a group of nodes, typically the one nearest to the
source
•geocast delivers a message to a group of nodes based on geographic location
Congestion Control:

Congestion control refers to the techniques used to control or prevent congestion. Congestion
control techniques can be broadly classified into two categories:

Policies adopted by open loop congestion control –

1. Retransmission Policy :
It is the policy in which retransmission of the packets are taken care. If the sender feels that
a sent packet is lost or corrupted, the packet needs to be retransmitted. This transmission
may increase the congestion in the network. To prevent congestion, retransmission timers
must be designed to prevent congestion and also able to optimize efficiency.

2. Window Policy :
The type of window at the sender side may also affect the congestion. Several packets in the
Go-back-n window are resent, although some packets may be received successfully at the
receiver side. This duplication may increase the congestion in the network and making it
worse. Therefore, Selective repeat window should be adopted as it sends the specific packet
that may have been lost.

3. Discarding Policy :
A good discarding policy adopted by the routers is that the routers may prevent congestion and
at the same time partially discards the corrupted or less sensitive package and also able to
maintain the quality of a message.
In case of audio file transmission, routers can discard less sensitive packets to
4. Acknowledgment Policy :
Since acknowledgement are also the part of the load in network, the acknowledgment policy
imposed by the receiver may also affect congestion. Several approaches can be used to prevent
congestion related to acknowledgment. The receiver should send acknowledgement for N packets
rather than sending acknowledgement for a single packet. The receiver should send a
acknowledgment only if it has to sent a packet or a timer expires.

6. Admission Policy :
In admission policy a mechanism should be used to prevent congestion. Switches in a flow should
first check the resource requirement of a network flow before transmitting it further. If there is a
chance of a congestion or there is a congestion in the network, router should deny establishing a
virtual network connection to prevent further congestion.
Closed loop congestion control technique is used to treat or alleviate congestion after it happens.
Several techniques are used by different protocols; some of them are:

1.Backpressure :
Backpressure is a technique in which a congested node stop receiving packet from upstream
node. This may cause the upstream node or nodes to become congested and rejects receiving
data from above nodes. Backpressure is a node-to-node congestion control technique that
propagate in the opposite direction of data flow. The backpressure technique can be applied
only to virtual circuit where each node has information of its above upstream node.
In above diagram the 3rd node is congested and stops receiving packets as a result 2nd node may be
get congested due to slowing down of the output data flow. Similarly 1st node may get congested
and informs the source to slow down.

2. Choke Packet Technique :


Choke packet technique is applicable to both virtual networks as well as datagram subnets. A choke
packet is a packet sent by a node to the source to inform it of congestion. Each router monitor its
resources and the utilization at each of its output lines. whenever the resource utilization exceeds
the threshold value which is set by the administrator, the router directly sends a choke packet to the
source giving it a feedback to reduce the traffic. The intermediate nodes through which the packets
has traveled are not warned about congestion.

3. Implicit Signaling :
In implicit signaling, there is no communication between the congested nodes and the source. The
source guesses that there is congestion in a network. For example when sender sends several
packets and there is no acknowledgment for a while, one assumption is that there is a congestion.

4. Explicit Signaling :
In explicit signaling, if a node experiences congestion it can explicitly sends a packet to the source
or destination to inform about congestion. The difference between choke packet and explicit
signaling is that the signal is included in the packets that carry data rather than creating different
packet as in case of choke packet technique.
Explicit signaling can occur in either forward or backward direction.
•Forward Signaling : In forward signaling signal is sent in the direction of the
congestion. The destination is warned about congestion. The reciever in this
case adopt policies to prevent further congestion.

•Backward Signaling : In backward signaling signal is sent in the opposite direction of the
congestion. The source is warned about congestion and it needs to slow down.
SDH (Synchronous Digital Hierarchy) is a standard technology for synchronous data transmission
on optical media. It is the international equivalent of Synchronous Optical Network. Both
technologies provide faster and less expensive network interconnection than traditional PDH
(Plesiochronous Digital Hierarchy) equipment. In digital telephone transmission, "synchronous"
means the bits from one call are carried within one transmission frame. "Plesiochronous" means
"almost (but not) synchronous," or a call that must be extracted from more than one transmission
frame.

In digital telephone transmission, "synchronous" means the bits from one call are carried within one
transmission frame.

Synchronous digital hierarchy (SDH) is an international technology standard that utilizes light-
emitting diodes (LED) or lasers for synchronous optical fiber communication.

SDH was developed to eliminate synchronization issues and replace the plesiochronous digital
hierarchy (PDH) system for bulk telephone and data exchange.
SDH/SONET specifications are described in Telcordia Technologies Generic Requirements GR-
253-CORE, which is respected by many global standards organizations.

he benefits of SDH are:

•Different interfaces or different bandwidths can connect (G708, G781).


•Network topologies are more flexible.
•There is flexibility for growth.
•The optical interface is standard (G957).
•Network Management is easier to perform (G774 and G784).
Quality of Service:: Quality of service (QoS) is the description or measurement of the overall
performance of a service, such as a telephony or computer network or a cloud computing service,
particularly the performance seen by the users of the network. To quantitatively measure quality of
service, several related aspects of the network service are often considered, such as packet loss, bit
rate, throughput, transmission delay, availability, jitter, etc.

In the field of computer networking and other packet-switched telecommunication networks, quality
of service refers to traffic prioritization and resource reservation control mechanisms rather than the
achieved service quality. Quality of service is the ability to provide different priority to different
applications, users, or data flows, or to guarantee a certain level of performance to a data flow.
Quality of service is particularly important for the transport of traffic with special requirements. In
particular, developers have introduced Voice over IP technology to allow computer networks to
become as useful as telephone networks for audio conversations, as well as supporting new
applications with even stricter network performance requirements.
A defined quality of service may be desired or required for certain types of network traffic, for
example:

•Streaming media specifically


•Internet protocol television (IPTV)
•Audio over Ethernet
•Audio over IP
•Voice over IP (VoIP)
•Videotelephony
•Telepresence
•Storage applications such as iSCSI and Fibre Channel over Ethernet
•Circuit emulation service
•Safety-critical applications such as remote surgery where availability issues can be hazardous
•Network operations support systems either for the network itself, or for customers' business critical
needs
•Online games where real-time lag can be a factor
•Industrial control systems protocols such as EtherNet/IP which are used for real-time control of
machinery
Qualities of traffic:: In packet-switched networks, quality of service is affected by various factors,
which can be divided into human and technical factors. Human factors include: stability of service
quality, availability of service, waiting times and user information. Technical factors include:
reliability, scalability, effectiveness, maintainability and network congestion. Many things can
happen to packets as they travel from origin to destination, resulting in the following problems as
seen from the point of view of the sender and receiver:Goodput:Due to varying load from
disparate users sharing the same network resources, the maximum throughput that can be provided
to a certain data stream may be too low for real-time multimedia services.

Packet loss
The network may fail to deliver (drop) some packets due to network congestion. The receiving
application may ask for this information to be retransmitted, possibly resulting in congestive
collapse or unacceptable delays in the overall transmission.
Errors
Sometimes packets are corrupted due to bit errors caused by noise and interference, especially in
wireless communications and long copper wires. The receiver has to detect this and, just as if the
packet was dropped, may ask for this information to be retransmitted.
Latency
It might take a long time for each packet to reach its destination because it gets held up in long
queues, or it takes a less direct route to avoid congestion. In some cases, excessive latency can
render an application such as VoIP or online gaming unusable.
Packet delay variation
Packets from the source will reach the destination with different delays. A packet's delay varies with
its position in the queues of the routers along the path between source and destination and this
position can vary unpredictably. Delay variation can be absorbed at the receiver but in so doing
increases the overall latency for the stream.
Out-of-order delivery
When a collection of related packets is routed through a network, different packets may take
different routes, each resulting in a different delay. The result is that the packets arrive in a different
order than they were sent. This problem requires special additional protocols for rearranging out-of-
order packets. The reordering process requires additional buffering ant the receiver and as with
packet delay variation increases the overall latency for the stream.

Asynchronous Transfer Mode (ATM) : Read Definition, Structure, Types of virtual circuits n
paths, n applications of ATM.

(https://en.wikipedia.org/wiki/Asynchronous_transfer_mode )

Frame Relay:: Frame Relay is a standardized wide area network technology that specifies
the physical and data link layers of digital telecommunications channels using a packet
switching methodology. Originally designed for transport across Integrated Services Digital
Network (ISDN) infrastructure, it may be used today in the context of many other network
interfaces.

Network providers commonly implement Frame Relay for voice (VoFR) and data as
an encapsulation technique used between local area networks (LANs) over a wide area
network (WAN). Each end-user gets a private line (or leased line) to a Frame Relay node. The
Frame Relay network handles the transmission over a frequently changing path transparent to all
end-user extensively used WAN protocols. It is less expensive than leased lines and that is one
reason for its popularity. The extreme simplicity of configuring user equipment in a Frame Relay
network offers another reason for Frame Relay's popularity.
Protocol data unit::Each Frame Relay protocol data unit (PDU) consists of the following fields:

1.Flag Field. The flag is used to perform high-level data link synchronization which indicates the
beginning and end of the frame with the unique pattern 01111110. To ensure that the 01111110
pattern does not appear somewhere inside the frame, bit stuffing and destuffing procedures are used.
2.Address Field. Each address field may occupy either octet 2 to 3, octet 2 to 4, or octet 2 to 5,
depending on the range of the address in use. A two-octet address field comprises the
EA=ADDRESS FIELD EXTENSION BITS and the C/R=COMMAND/RESPONSE BIT.
1.DLCI-Data Link Connection Identifier Bits. The DLCI serves to identify the virtual connection
so that the receiving end knows which information connection a frame belongs to. Note that this
DLCI has only local significance. A single physical channel can multiplex several different virtual
connections.
2.FECN, BECN, DE bits. These bits report congestion:
•FECN=Forward Explicit Congestion Notification bit
•BECN=Backward Explicit Congestion Notification bit
•DE=Discard Eligibility bit
3.Information Field. A system parameter defines the maximum number of data bytes that a host
can pack into a frame. Hosts may negotiate the actual maximum frame length at call set-up time.
The standard specifies the maximum information field size (supportable by any network) as at least
262 octets. Since end-to-end protocols typically operate on the basis of larger information units,
Frame Relay recommends that the network support the maximum value of at least 1600 octets in
order to avoid the need for segmentation and reassembling by end-users.
4.Frame Check Sequence (FCS) Field. Since one cannot completely ignore the bit error-rate of
the medium, each switching node needs to implement error detection to avoid wasting bandwidth
due to the transmission of erred frames. The error detection mechanism used in Frame Relay uses
the cyclic redundancy check (CRC) as its basis.
Congestion control:: The Frame Relay network uses a simplified protocol at each switching node.
It achieves simplicity by omitting link-by-link flow-control. As a result, the offered load has largely
determined the performance of Frame Relay networks. When offered load is high, due to the bursts
in some services, temporary overload at some Frame Relay nodes causes a collapse in network
throughput. Therefore, Frame Relay networks require some effective mechanisms to control the
congestion.

Congestion control in Frame Relay networks includes the following elements:


1.Admission Control. This provides the principal mechanism used in Frame Relay to ensure the
guarantee of resource requirement once accepted. It also serves generally to achieve high network
performance. The network decides whether to accept a new connection request, based on the
relation of the requested traffic descriptor and the network's residual capacity. The traffic descriptor
consists of a set of parameters communicated to the switching nodes at call set-up time or at
service-subscription time, and which characterizes the connection's statistical properties. The traffic
descriptor consists of three elements:
2.Committed Information Rate (CIR). The average rate (in bit/s) at which the network guarantees to
transfer information units over a measurement interval T. This T interval is defined as: T = Bc/CIR.
3.Committed Burst Size (BC). The maximum number of information units transmittable during the
interval T.
4.Excess Burst Size (BE). The maximum number of uncommitted information units (in bits) that the
network will attempt to carry during the interval.
Once the network has established a connection, the edge node of the Frame Relay network must
monitor the connection's traffic flow to ensure that the actual usage of network resources does not
exceed this specification. Frame Relay defines some restrictions on the user's information rate. It
allows the network to enforce the end user's information rate and discard information when the
subscribed access rate is exceeded.
Explicit congestion notification is proposed as the congestion avoidance policy. It tries to keep the
network operating at its desired equilibrium point so that a certain quality of service (QoS) for the
network can be met. To do so, special congestion control bits have been incorporated into the
address field of the Frame Relay: FECN and BECN. The basic idea is to avoid data accumulation
inside the network.
FECN means forward explicit congestion notification. The FECN bit can be set to 1 to indicate that
congestion was experienced in the direction of the frame transmission, so it informs
the destination that congestion has occurred. BECN means backwards explicit congestion
notification. The BECN bit can be set to 1 to indicate that congestion was experienced in the
network in the direction opposite of the frame transmission, so it informs the sender that congestion
has occurred.

You might also like