M09 Backbone Networks

avatar
Created by
Fernando Villareal

Cards (24)

  • Backbone Architecture Layers
    Network designers often think about 3 technology layers when they design BNs
    1. Access layer (LANs) closest to the users
    •Not actually part of the BN (though VLANs blur the lines)•LAN technologies can have major impacts on BN design
    2. Distribution layer BNs connect access LANs
    3. Core layer BNs connect different buildings
    •You may read a short description of backbones before continuing: 
    What Internet and Network Backbones Do (Mitchell, Lifewire, 2017)
  • Backbone Network Components
    1.Network cables (often fiber for higher data rates)2. Switches •Layer-2 switches don’t change message; transparent devices• Forward packets using MAC addresses (data link layer)•Physical ports (16-24); paired ports managed as separate point-to-point circuits• Learn addresses, build forwarding tables• VLAN switches (or layer-3 switches) - combine features of Layer-2 switches and routers. Used to organize virtual LANs (vice physically co-located)
  • Backbone Network Components
    
3. Routers• Network layer devices that connect different subnets• TCP/IP gateways• NOT transparent devices• Messages passed up to network layer (IP addresses); data link layer frames stripped off• Respond to ARP (and other messages)• Routing requires more processing than switching, therefore operates more slowly
  • Backbone Network Architectures
    •Three major types of BNs, based on the devices used◦ Switched backbones◦ Routed backbones◦ Virtual LANs •In practice, most common to use a  combination of these architectures
  • Switched Backbone Networks
    •Most common type of BN used in distribution layer• Uses layer-2 switches• Switches come in different form factors• Desktop / Rack-mounted / Chassis• Advantages• Star topology (each connection is point-to-point) Simultaneous access among different LANs
  • switched Backbone Networks
    Active topology of switched network restricted to Spanning Tree. •Active loops lead to Broadcast Storms. •Switched paths must be reduced to a spanning tree. •May be accomplished in s/w (managed switch). Switched networks also susceptible to sniffing via Switch Poisoning (overload with bogus source MAC addresses to fill forwarding table)
  • Rack-Mounted Switched Backbone Architecture 
    Logical BN Design
  • switched Backbone Networks
    Physical BN Design in Main Distribution Facility (MDF)
  • Main Distribution Facility (MDF) Network Diagram
  • Sample Switched Backbone Network
  • Routed Backbones
    •Sometimes called subnetted backbones or hierarchical backbones• Typically used at core layer, but sometimes at distribution layer• Advantages◦ LAN segmentation• Disadvantages◦ Tend to be slower (more processing of packets)◦ More expensive◦ Harder to manage
  • Routed Backbone Architecture
  • Virtual LANs (VLANs)
    •Routers segment networks based on physical location (i.e., the cables connected to it)• Devices in different physical locations may need to access to the same LAN resources• VLANs perform flexible LAN segmentation so that it can based on logical instead of physical design• VLANs are enabled by high-speed layer-3 switches• VLANS are much more complex to manage than traditional switched/routed BNs and typically only used in large networks
  • VLAN-Based Backbone Network Architecture
    Single Switch VLAN
  • VLAN Operations (Single Switch)
    •Each device assigned into a VLAN based on the physical port•Each VLAN identified by VLAN ID which is mapped to traditional IP subnet. VLANs are transparent devices. How might this affect broadcast traffic? Sent only to ports with same VLAN ID as source port.
  • VLAN Operations (Multiple Switches)
  • VLAN Operations (Multiswitch)
    •Multiswitch VLANs• L3-switches communicate using inter-switch protocols that support VLANs• VLAN trunks: circuits connecting 2 VLAN switches• VLAN tag inserted into Ethernet frame (802.1Q). Frame changed within switch, but still transparent 
  • VLAN Operations (Multiswitch)

    Same subnet, same switch.
  • VLAN Operations (Multiswitch)
  • Pros and Cons of VLANs
    •Advantages◦ Computers can be in different geographic locations in the same subnet.◦ Enable subnets based on who you are, rather than on where you are◦ More flexible subnetting◦ Better managed and more precise traffic flow may lead to faster performance◦ Traffic prioritization possible with quality of service (QoS) info in VLAN tag• Disadvantages◦ Complex◦May increase management when VLAN memberships change◦ Layer 3 switches are more costly than Layer 2◦ Switches only recently standardized
  • The Best Practice Backbone Design
    •Architecture◦ Switched provides the best cost to performance ratio at the distribution layer.◦ Most organizations use routed at the core layer.◦ VLANs are becoming more widely used, especially for organizations needing the flexibility.• Technologies◦Gigabit Ethernet for distribution layer◦ Gigabit Ethernet or faster for core layer◦ Redundant devices and connections
  • The Best Practice Backbone Design
  • Improving Backbone Performance
  • Implications for Cyber Security
    •Most routers have software that enables network manager to create an access control list (ACL) that specifies what traffic router should allow through and what traffic the router should block. •Many routers have more sophisticated ACL software that enables the ACL to have different rules for different interfaces, and specific rules for the application layer packet type.• VLANs are the most secure type of backbone because they enable ACL and other security measures to be applied at the switch level. ◦Every packet from every device is subjected to security.