TCP vs. UDP By Erik Rodriguez
This article describes how TCP and UDP work, the difference between the two, and why you would choose one over the other. Overview TCP (Transmission Control Protocol) is the most commonly used protocol on the Internet. The reason for this is because TCP offers error correction. When the TCP protocol is used there is a "guaranteed delivery." This is due largely in part to a method called "flow control." Flow control determines when data needs to be re-sent, and stops the flow of data until previous packets are successfully transferred. This works because if a packet of data is sent, a collision may occur. When this happens, the client re-requests the packet from the server until the whole packet is complete and is identical to its original. UDP (User Datagram Protocol) is anther commonly used protocol on the Internet. However, UDP is never used to send important data such as webpages, database information, etc; UDP is commonly used for streaming audio and video. Streaming media such as Windows Media audio files (.WMA) , Real Player (.RM), and others use UDP because it offers speed! The reason UDP is faster than TCP is because there is no form of flow control or error correction. The data sent over the Internet is affected by collisions, and errors will be present. Remember that UDP is only concerned with speed. This is the main reason why streaming media is not high quality.
On the contrary, UDP has been implemented among some trojan horse viruses. Hackers develop scripts and trojans to run over UDP in order to mask their activities. UDP packets are also used in DoS (Denial of Service) attacks. It is important to know the difference between TCP port 80 and UDP port 80. If you don't know what ports are go here.
Frame Structure As data moves along a network, various attributes are added to the file to create a frame. This process is called encapsulation. There are different methods of encapsulation depending on which protocol and topology are being used. As a result, the frame structure of these packets differ as well. The images below show both the TCP and UDP frame structures.
TCP FRAME STRUCTURE
UDP FRAME STRUCTURE
The payload field contains the actually data. Notice that TCP has a more complex frame structure. This is largely due to the fact the TCP is a connection-oriented protocol. The extra fields are need to ensure the "guaranteed delivery" offered by TCP.
IP Ports By Erik Rodriguez
This article describes ports, how they are used, and how they work. Ports were developed so that computers could accept data from multiple sources over the same IP address. Think if it like this; Your TV service is the Internet, and the ports are you channels. You have many forms of entertainment, news, and information available through many different channels. Think about this, lets say that MTV is channel 35 on your TV. The same is true for web servers that run on port 80. Every port has a special purpose just as each channel serves a different television program. While you only have 1 cable TV subscription, you can still receive multiple channels. Two main types of ports: TCP and UDP. TCP stands for Transmission Control Protocol. UDP stands for User Data Protocol. Some programs on your computer will use TCP ports to communication and other may use UDP. It is important to know the difference between how the two operation. See TCP vs. UDP for an explanation with pictures! There are 65,535 TCP and UDP ports available to transmit data with. Ports 0-1023 are reserved for common use. These ports are assigned by the IANA (Internet Assigned Numbering Authority). This means, that every port from 0-1023 will be the same on every system. For example, let's say a server in New York is using port 80, and so is a server Texas. Because port 80 falls in the range of reserved ports, we know both servers are using port 80 for HTTP connections. Viewing a list of known ports can help you determine which type of connections are present on your machine. To see a list of commonly used port numbers and descriptions click here. For more information see the netstat article. You can view the RFC on ports (RFC 1700) here. Servers, or any machine for that matter "listen" on certain ports. For example, a server running web, FTP, and Telnet services will listen on a port for each. The act of listening simply means the machine is waiting for another device to connect to it. See the illustration below:
You can see how the server is listening for 3 ports over a single IP address (192.168.0.15). You should also know that it is possible for multiple devices to connect to a single port. Meaning, a telnet server may accept over 100 simultaneous connections to port 23.
Basic Networking Topology By Erik Rodriguez This article describes common topologies used for networking. These are a very basic examples, and large networks often use a combination of two or more topologies.
Introduction The term "topology" is used to describe the infrastructure of a network. It is a basic map or scheme of how the network is constructed. Viewing the topology of a network is a lot like looking at the map of city. You can see the central points or landmarks. Popular points of the cities are usually surrounded by a dense population of residents. The same is true for computer networks. The popular points (usually servers) are surrounded by residents (client machines) that connect to the server. If you read a networking book about topology, they will probably cover the physical types of topologies like star, ring, bus, and mesh. While these were all commonly used topologies at one point in time, star is the primary topology used today. The others may be used in special circumstances or to connect a large group of routers. For example, the Internet backbones use a combination of ring and mesh topologies for a self-healing and reliable network. Within a LAN, there are two main types of structures used within topologies. Server-based networks are the most common among businesses and large organizations. Peer-to-Peer (p2p) are popular among Internet networks and file sharing services. The tables below outline the pro's and con's of each.
Server-Based Networks Pro's
Con's
Easily managed security policy
Files are not accessible if the server goes down
Files are centrally located
Hackers target the server as a central point to gain full access of a network
Files are easy to backup
Network servers can be expensive
The idea of this is to store files on a server. All other machines (clients) on a network access files from the server. Using a server-based network is also used because it is an efficient way to offer other services to clients such as firewall protection, DHCP, etc. For more information on servers see network and Internet servers.
Peer-to-Peer Networks Pro's No server needed, equipment is cheap
Con's Security Policy can be hard to control
Network traffic is distributed among clients Backup is challenging Files are scattered across different machines
Topology Structures The diagrams below show star, ring, and mesh topologies. I will not cover bus topology because it is VERY rarely used. Remember that large networks often use a combination of these topologies depending on certain needs or projects. Peer-to-Peer has become popular among file sharing networks like Edonkey and WinMX. It is also used with BitTorrent.
The server-based network using a star topology is the most common. As you can see, the server has a high speed connection to a switch that feeds the client machines. Servers are designed to accommodate high traffic loads from clients. Although it is not shown in the diagram, servers are always protected using a firewall.
In a peer-to-peer (p2p) network, all files are shared among existing machine. There is no server, so all machines must sustain traffic loads from other clients. Bottle necking and network saturation are common problems among p2p networks. This is often helped with the use of software that offers bandwidth throttling to control the amount of bandwidth in and out of each machine.
As you can see in the mesh network, each machine has multiple connections with other machines. This is commonly used in large networks connect routers using the BGP protocol. Using a mesh topology increases the uptime of the network because every machine has another path for data if one or even two links goes down. This type of network is expensive and certain devices are not capable of this type of topology.
The ring topology is also commonly used to connect routers. Unlike the star, mesh, or p2p networks data is sent around the ring in a "round-robin" fashion. Rings can be configured in several different modes. While some rings only provide 1 physical wire connecting all machines, other rings can be configured with multiple wires to provide alternate paths in the event one wire goes down. This is called "self-healing" and is used in SONET networks.
Firewalls By Erik Rodriguez
This article describes two different types of firewalls. Configuration and implementation are also discussed.
What is a Firewall? A firewall is a system designed to prevent unauthorized access to or from a private network. Firewalls are now widely used because of the vast amount of broadband connections present. They provide a first line of defense for your computer or network. If it succeeds in keeping the bad guys out, while still letting you happily use your network, it's a good firewall¹. Every corporate network has at least one firewall in use. Firewalls come in all shapes and sizes. Most computers are shipped from the factory with some type of firewall software or may use the default firewall built into XP.
Types of Firewalls There are two main types of firewalls: hardware and software. High Level Hardware firewalls are very expensive and are not practical for the home user. However, low-end routers that perform NAT act as a hardware firewall. Cheaper broadband routers such as Linksys, Belkin, D-Link, etc provide this functionality. In a corporate environment, very expensive devices such as the Cisco PIX, Symantec firewall, and Sonicwall are commonly used hardware solutions. Hardware firewalls are better solutions for networks with a large amount of clients. Software firewalls are practical for home users because they are nothing more than a program that runs with your operating system. These programs are usually inexpensive, free, or come built into the operating system. They are many different types of firewalls available with many different options.
Hardware vs. Software Generally speaking, hardware firewalls perform better than software firewalls for several reasons. First, a hardware firewall is "dedicated" to inspecting traffic. Unlike a software firewall, it does not compete for CPU time or RAM. The main downside to a hardware solution is cost and configuration. High-end devices like Cisco's PIX firewall can be tricky to configure. Software firewalls are easy to install and generally easy to configure. If you are on a network with other clients that you do not know, such as a dorm or apartment with shared Internet access, a software firewall is a must! Remember that if your router performs NAT, it only protects you from Internet traffic. You are still vulnerable to attacks from within your LAN. Hackers often target routers to gain access to other devices or machines on a network.
Examples Let us say Susan has a DSL connection at home. From there she does her banking, stock trading, and other private communication. A firewall is important because it would block connection attempts by a hacker. If a hacker has Susan's IP address, he can establish a remote connection. If a successful connection is made, it is possible for that hacker to intercept passwords or other data
that endangers Susan's online identity. Are you wondering if a firewall is for you? I'd say "Better Safe Than Sorry." You wouldn't want to own a store in a dangerous neighborhood without a burglar alarm. Below are diagrams of how a firewalls can be deployed in a network:
Simple NAT Firewall
Legend
The diagram above illustrates the firewall protection provided by NAT. While 3 machines are attached to the router, the Internet/WAN link thinks only 1 device is present. This protects all 3 machines by limiting access to IP addresses and ports from the Internet/WAN connection. For more details on this see the article on NAT.
Dedicated Firewall Device
The diagram above illustrates how a dedicated firewall device is used. Notice that the firewall protects the router, servers, and network users. This is a common approach used when are large number of users need to access the Internet. NAT is not meant for large networks. Using a dedicated firewall device in a high-traffic environment does not negatively impact network performance like a software firewall or low-end NAT device.
Telnet By Erik Rodriguez This article describes what telnet is and what it is used for. The telnet service gives users the ability to access a host and perform tasks as if they were working locally. Users can access a host anywhere in the world using a telnet client. All windows operating systems have a built-in client. You can access telnet by typing "telnet" in the run box.
Telnet connects to a host using port 23. It is also used by hackers to gain access to routers, servers, and other network devices. Telnet isn't used as often on servers now because the communcation between the host and client is not secure. Most network devices still use telnet (routers, switches, and hubs) but most servers are now using SSH. Telnet can be used to "hop" through multiple devices. See Telnet Hacking.
Routers, Switches, and Hubs By Erik Rodriguez
This article is all about routers, switches, and hubs. It explains what they do, how they different from each other, and why you would use one over the other.
Introduction Before the year 2000, the majority of the public had no idea what any of these devices were. Since the introduction of broadband Internet connections, these devices have gained popularity. While they all perform different tasks, each device plays an important role in networking. In the duration of this article, I will discuss each device individually. Then, I will discuss any similarities and differences between each device.
Hubs The network hub has been around for ages. These devices are sometimes referred to as repeaters. A hub sees information in the form of bits. Using a hub is now the cheapest way to connect devices. Hubs work by broadcasting network traffic across all ports. For example, an 8 port hub will broadcast data across all 8 ports even though the data is meant to travel between two devices. For this reason, hubs incur an increased amount of collisions. A collision is simply the results of two devices (computers) trying to broadcast simultaneously. Collisions are a normal part of network traffic. Ethernet itself is a collision based technology. The image below shows a simple network hub.
Switches Switches have become more complex with increased popularity of high-speed networks. They can range in price for around $30 to well in the $1000s. However, in recent years the prices of switches has dramatically decreased. Switches perform the same functionality of hubs, except they only send data to intended ports. Unlike a hub, a switch will not broadcast data across the entire switch. As a result, switches will not suffer from a high rate of collisions. High-end switches offer advanced functionality such as VLAN management. Complex networks will use several layers of switches of pass along large amounts of network traffic. The image below shows a simple network switch. Notice that it is similar in appearance to the hub above. Physically, the switch is a little taller and deeper. These switches usually contain 1 or more cooling fans and can be quite loud.
Routers Routers are the smartest of the 3 devices. They make intelligent decisions on how to route traffic. Routing protocols are composed of different algorithms that direct the way routers move traffic. These devices can range from around $30 to well in the $1,000,000s. The Internet itself uses complex routers fed by fiber optics to connect cities and countries together. Routers play the most important role in operating a network. They are the most dynamic of all 3 devices mentioned in this article. They can work with or act as firewalls. The image below shows a low-end Cisco router:
Switch vs. Hub Think of it like this, a hub is like getting spam. You have an address, but the spammers don't know you personally, they just know you exist and send you mail regardless. On the other hand, legit mail is sent by someone that intends to send you an important piece of information. Think of the post office as a switch. All the mail is sent through them. They sort it based on name and address, then it's delivered. Make Sense?
DSL Connections - Digital Subscriber Line This article describes types, uses, and configurations of DSL connections. DSL stands for Digital Subscriber Line. There are several different types of DSL, and they may not be available in all areas. Basically, your phone company determines what types are available.
History of DSL The history of DSL is rather interesting. Initially, DSL was developed in the early 1990's by U.S. Incumbent Local Exchange Carriers. The original purpose for DSL was to deliver video over existing copper lines. NOTE: The copper lines that run from the phone company to residential or commercial areas are sometimes called the "local loops." In the early years of DSL, the economic benefit was not present. However, two key events raised the bar and, in turn, created a viable market for DSL. The first incident was the "dot com" boom of the mid 1990's. The second event was the enactment of the Telecommunications Act of 1996. The main step for the construction and infrastructure to support DSL technology was support by competitive local exchange carriers (CLECs). The competitive market of broadband was expanding and cable companies were gathering a large share of the market. Cable has always had a larger market share and is not losing ground to DSL because of the increasing number of cellular telephones. Consumers are canceling their land lines and using cell phones for long distance.
Future of DSL By 2005, Yankee Group predicts that DSL will have 10.5 million U.S. subscribers. While cable will have15.7 million U.S. subscribers. However, statistics provided by DSL Forum state that by 2005, there will be approximately 55 million DSL subscribers worldwide. On a more personal note, I spoke with a Telco engineer who had 33 years of experience in the telecommunications field. He claimed that with the innovation of wireless networks, DSL will be an obsolete technology in the years to come. From my experience, cable connections seem to be more consistent than DSL connections. The physical infrastructure of DSL has more factors to affect its speed and overall QoS (Quality of Service). Shown below is a table of various "flavors" of DSL. Remember that these figures are VERY rough estimates of real-time performance.
DSL Type ADSL (Asymmetric) G.lite HDSL (High Bit-Rate) SDSL (Single Line) VDSL (Very High Bit-Rate)
Speed 64 Kbps-1.54 Kbps Upload 256 Kbps-9 Mbps Download 512 Kbps Upload 1.5 Mbps Download 1.544 Mbps or 2.048 Mbps (Upload and Download) 1.5 Mbps (Upload and Download) 13-52 Mbps Download 2.3 Mbps Upload
DSL Infrastructure These figures indicate maximum speeds. In most cases, unless you are neighbors with the phone company, you won't get anything close to these speeds. ADSL is the most common among home users today. The other types are geared towards businesses or other large campuses. HDSL is most like a T1 line. It can be integrated with phone systems and offers a higher level of bandwidth. SDSL is aimed at users that need symmetric transmissions such as video conferencing. VDSL can be very expensive. Also, as I mentioned above, the physical infrastructure of DSL uses existing copper wire or "local loop." Often, the limitations of DSL for your area depend on how far away you are from a DSLAM. DSL range cannot be extended using repeaters like T1 lines or packet-based networks because even though DSL travels over the same physical wire as regular telephone conversations, data is sent over ultra-high frequencies that span above the audible spectrum of a human ear. It would be very expensive to design a repeater that would boost only those frequencies (not to mention that each ISP may be using a different range of frequencies).
Running a Server Running a server over DSL can go either way. If your DSL connection is static, it makes your life a whole lot easier. Bandwidth may vary, but I have known of people having good results with their web/FTP servers. If your provider uses PPPoE, setting up out-bound services can be difficult. It most cases, your ISP will take certain measures to stop people from running servers. These measures can include port filtering (blocking out-bound port 80 to prevent web servers), stateful packet inspection, or bandwidth monitoring. Every ISP has a monthly bandwidth quota, and most of them also invoke a daily quota. Stateful packet inspection is used so that a port is not completely closed. Traffic is "inspected" coming in and out of your connection to determine if it is communicating with a server.
DSL vs. Cable From my experience, I would choose cable. Although DSL providers claim you get a "dedicated" bandwidth, I have seen better speeds from cable. Business class DSL performs significantly better than standard ADSL. NOTE: The telephone company will try to BS you and claim that business class DSL requires them to install special equipment. That is a lie; the only difference between standard and business service is a setting in the computer at the central office. I guess that is how they justify charging almost double the price. The main advantage of cable is coverage. Nearly everyone can get cable unless you are in a very remote or rural area. In such a case, DSL would also be unavailable, and you would be stuck using satellite. I place an emphasis on the word "stuck."
Intranets This article describes how intranets work and their common uses. Intranets are widely used across the world as means of sharing information among employees in businesses and/or development teams. Basically, an Intranet is a website running inside a company's LAN or WAN. They can be setup many different ways according to individual needs and budgets. The image below shows a diagram of a simple Intranet.
As you can see the entire LAN is behind a firewall. A dedicated server is provided to run the Intranet. You might wonder why there is a mainframe server in the diagram? More technical organizations may integrate the Intranet with data from a mainframe server. While the two machines are not directly associated with each other, authenticated users may poses the ability to search a mainframe server using the company Intranet. These diagrams use industry standard schematic symbols.
Extending an Intranet If a company wants to connect to a partnering company's intranet, it is called an extranet. In order to connect two or more networks a VPN must be used to provide proper security. The diagram below shows the basic structure of an extranet.
Although both LANs are connected to each other using an ordinary Internet connection, the Intranet is not visible to other Internet users. These LANs are using a VPN connection to communication together such as PPTP. These is much cheaper than leasing a dedicated line from the phone company or other service provider.
RFC - Request for Comments This article describes what an RFC is, how they work, and why they are used. RFC stands for Request For Comments. The main purpose of the RFC is to propose new Internet standards. These standards are tested specifications that are used by the Internet. So-called "Internet Authorities" decide when a draft is ready to become a published RFC. See the diagram below:
This diagram represents the levels of progression as an RFC becomes a standard. Starting from an
Internet Draft, which is a preliminary idea, the concept is researched and tested. The first phase, a Proposed Standard, is reached when the concept is deemed an interest to the Internet community. Next, if the concept passes enough testing, it is promoted to a Draft Standard. Upon further testing, the Draft Standard can become an Internet Standard. If at any point in the progression a concept fails, it is classified as Historic. Historic drafts are kept for future reference and documentation. There are cases where RFCs can be classified as experimental or informational. You can search a database of all RFCs here. However, there are cases in which certain things will never become actual Internet Standards, but will be still widely accepted and used by the Internet community.
A Look at Common Routing Protocols By Erik Rodriguez
This article describes the common interior protocols used by routers. This includes low and high-end routers. For information on the hardware based portion of routers click here. The interior protocols are used more commonly than the exteriors. Exterior protocols are used mostly by an ISP for backbone connectivity and MAN (metropolitan area network) connections. Do not confuse the two terms "routing protocol" and "routed protocol." They are two different concepts. The list below shows 3 classes of routing protocols:
Interior Protocols Classes Distance Vector Link State Hybrid
Distance Vector The distance vector class of routing determines the direction (vector) and distance used to send data over a network. These types of protocols share routing tables with neighboring routers to reflect the topology and status of the network. This method saves system resources on the router because it only broadcasts a portion of the routing table. This is done using complicated algorithms. Distance vector algorithms are also known as the Bellman-Ford algorithms. Distance Vector Protocols include IGRP and RIP. The way I explain distance vector routing is using a highway intersection. Signs point toward a destination and show the distance to the destination. As you driver further, another sign shows the destination, but now the distance to the destination is shorter. If the distance continues to get shorter, you know you're taking the right "route" or path to the destination.
o
IGRP (Interior Gateway Routing Protocol)
Developed by Cisco, IGRP uses several methods to determine the correct route for traffic. These methods are combined to create something called a "metric." Metrics are sets of numbers based on network delay, bandwidth, reliability, and load. It is not uncommon for a router to hold several metrics. The router can determine which metric to use based on the traffic it needs to route. IGRP is commonly used in medium sized networks.
o
RIP (Routing Information Protocol)
RIP is similar to IGRP in some ways. It is supported by low-end routers (linksys, D-link, belkin, etc.) commonly used for broadband connections. RIP uses the same method as IGRP, meaning it sends
broadcasts of its routing table to neighboring devices. This is done quite often (the default is every 30 seconds). This protocol also uses metrics. However, its metric values are calculated using only the "hop count." RIP will route data based upon the lowest hop count regardless of bandwidth limitations. If a hop count is greater than 15, the data is discarded. This becomes inefficient in large networks that use multiple routers. RIP is a good protocol for small networks. RIP comes in version 1 and version 2. Version 2 is completely backward-compatible with version 1. There are numerous improvements in version 2 including added security, larger packet capability, optional multi-casting, and most importantly support for VLSM. RIP version 2 is now considered the standard and is currently used more than RIP version 1.
Link State The link-state approach, also known as the Dijkstras algorithm or as "shortest path first" (SPF) are better for large networks. They are "smarter" than distance vector protocols because they maintain a complex database of the network topology and status. This is accomplished using "link state advertisements" (LSA). LSAs are used to "map" out the network. The router uses this map to determine the shortest path for data destinations. The problem with this is that every time a configuration in the network changes, LSAs are broadcasted to and from all routers on the network. This causes a spike in router CPU usage, memory, and network bandwidth.
o
OSPF (Open Shortest Path First)
Standard protocol supported by high-end routers, OSPF is mostly used in large networks. It is commonly known as the "standard link state protocol." The main problem arises from LSA broadcasts that "flood" the network. Advanced DoS attacks can target internal routers using the OSPF protocol to constantly send requests to routers forcing them to consume large amounts of network bandwidth.
Hybrid Also called "balanced hybrids," these protocols use a combination of distance vector and link state properties to function. The idea of developing this type of protocol was to solve to solve the problems encountered with the other two protocols.
o
EIGRP (Enhanced Interior Gateway Protocol)
Developed by Cisco, EIGRP uses distance vector and link state methods to determine the best path for routing data. It calculates the SPF, uses load balancing, and uses an altered form of LSA broadcasts. Broadcasts are conducted every 90 seconds or whenever the network topology changes. The SPF is calculated using the Diffused Update Algorithm (DUAL).
Network Backups By Erik Rodriguez
This article describes the reasoning and methods used for network backups.
What are Backups? Backups are like insurance; you pay for it even though you hope to never need it.¹ Performing backups on a network can be costly. The ability to backup and restore data can save an organization an enormous amount of time and money. Choosing a good backup and restore solution is just as important as choosing the right equipment for your network. If your backup and restore solution isn't going to work with your current equipment, why waste the money? For purposes of this article, it is assumed you are saving critical data to 1 or more servers.
Types of Backups There are two main types of backups: complete and incremental. Each type takes a certain level of planning to run effectively. The next two sections will explain the methods and equipment needed for each type of backup and restore solution. Remember that in a corporate environment, you should have both types of backup plans present. Using only a complete backup or only an incremental backup is asking for trouble.
Complete Backup and Restore A complete backup and restore solution is needed for the following reasons:
• • •
Hardware Failure - Server or hard drive ceases to function. System Migration - Switching server platforms permanent or temporarily. Archive - Data needs to archived for historical or legal purposes.
There are several problems associated with complete backups:
• • •
Expensive Hardware - The extra server or backup hardware (NAS or SAN) is expensive. Excessive Load on Servers - While a complete backup is running, servers may become slow or even un-responsive. Complicated Restore Plan - Executing a complete restore may require a complex reconfiguration of a server or network devices.
Choosing complete backup hardware can be challenging. This will depend on the requirements of each organization. Things to consider when purchasing backup hardware are:
• • •
Amount of Data - How much data do you need to backup? For example, 30 GB or 3 TB? Schedule of Backups - How often do you run complete backups? For example, every 2 weeks or every 2 months? Accessibility - Do you need the backups readily available? For example, running on a ghost server or compressed tape backups?
•
Off-site Backup - Do you need to store your data at an off-site location? For example, remote FTP server or safety deposit box?
Incremental Backup and Restore An Incremental backup and restore solution is needed for the following reasons:
• •
Accidental File Deletion - It will happen, end users will accidentally or intentionally delete files. System Migration - Switching server platforms permanently or temporarily.
There are several problems associated with incremental backups:
• •
Network Status - Incremental backups stored on a network are dependent on the network's status for restore capability. Schedule Planning - Scheduling these types of backups is tricky.
Choosing backup hardware can be challenging. This will depend on the requirements of each organization. Things to consider when purchasing backup hardware are:
• •
Growing Data - Incremental backups grow. Choose backup media accordingly. Off-site Backup - This may or may not be an option depending on bandwidth limitations and the amount of data that needs to be backed up.
Available Hardware Solutions There are numerous types of hardware associated with backups. Backups can be performed with the following types of equipment:
• • • • • •
Extra Servers - Dedicated backup servers can be used for complete or incremental backups. SAN or NAS - Storage area networks or network attached storage offer speed and convenience for complete or incremental backups. Tape Drives - High capacity tapes are available, but are slow and generally only used for complete backups. DVD/CD - DVD/CD solutions are cheap and easy ways to create both complete or incremental backups. Off-site - Colocated servers can be used to backup data to a remote machine. This is generally an expensive solution. Zip Disk - Zip disks are durable and reliable. They work well for small backups, complete or incremental.
Scheduling Backups Scheduling backups is important. While the scheduling is usually dependent on the type of organization, complete backups should be done during "non-peak" hours. Automating complete backups every Monday night is a good way to backup your data while not placing extra load on an active server. It also reduces the chance of a user changing a file before or after the backup is complete. System administrators should check with managers and users to evaluate the scheduling. With everyone's input, an optimal time can be arranged for routine backups.
Restoring Backups
Always test your restore system! This should be done initially and also routinely. There is nothing worse than executing a restore and realizing something went wrong and the data cannot be recovered. Restores should also be automated to reduce the chance of humor error.¹ Remember that nobody wants to resort to backups, but in the event data is lost, be sure that a restore can be done quickly and effectively.
Backup Storage Physical storage is often something that gets overlooked. Why spend all the money on complex hardware and software if it is not protected from fire or theft? Complete backups should be stored off-site. Storing backup media in a remote office or safty deposit box is best. At least, make sure they are protected in a fire-proof box or safe. This is where colocated off-site solutions really shine. If your organization has a server colocated in a data center, it is most-likely protected by a complex fire suppression system.
Conclusion Organizations should create a backup policy if they do not already have one. Spend the proper amount of time planning for backups. Remember, you're always better safe, than sorry! Statistics show, only 7% of companies with serious data loss are in business after 5 years.²
SONET Networks By Erik Rodriguez
This article describes the operation and configuration of SONET networks. It also describes where they are used, how they are implemented, and what purpose they serve.
What is SONET? SONET (Synchronous Optical Network) is a standard for multiplexing data. It is used primary for backbones composed of fiber optics. SONET performs a complicated timing and multiplexing scheme. It uses certain signaling levels called "Synchronous Transport Signals" or STS. Each STS level corresponds to a specification of "Optical Carriers." Due to it's complexity, the equipment needed to operate a SONET networks is extremely expensive. SONET networks powers some of the worlds most important networks (telephone and Internet). For that reason, SONET is designed to run at 99.999% uptime. This is also known as "the 5 nines" of availability.
Optical Carriers Optical Carriers are only used in very large networks such as Internet Backbones, Metropolitan Area Networks (MANs) ,and large Universities. As I mentioned above, the OC specification is determined by the STS level. The STS level is the rate at which SONET can multiplex multiple sources of data to a single fiber optic line. OC specifications are measured in multiples of 3, with a base of 1. See the table below:
STS Level OC Specification Data Rate (Mbps)
1
OC-1
51.84
3
OC-3
155.52
9
OC-9
466.56
12
OC-12
622.08
18
OC-18
933.12
24
OC-24
1244.16
36
OC-36
1866.23
48
OC-48
2488.32
96
OC-96
4976.64
192
OC-192
9953.28
Bandwidth Breakdown To understand how the speed (in Mbps) is accomplished, you must understand the frame structure of SONET. Each frame contains a number of control bits plus the payload. For example, STS-1 supports 8000 frames per second. Each frame is broken into 6480 bits (810 bytes). See the image below:
8000 frames/sec
* 6480 bits/frame = 51,840,00 bits per second = 51.84 Mbps.
OC Usage As I mentioned before, optical carriers are only used for extremely high speed applications. Telco companies use SONET for telephone networks and their own rings. The University of Florida is connected by multiple OC-3 links at the standard STS-3 signal yielding 155.52 Mbps. Most large universities are connected with high speed OC links because of the on-going Internet 2 project. Local telephone companies may have central offices connected with links that range from OC-3 to
OC-48. While OC-48 is extremely robust connection, telco companies are using these links for a combination of voice and data. These high speed OC links help carry long-distance telephone calls and relay other high speed data connections such as DS-3 lines. Until recently, OC-192 was just a concept and was not actually used. With support from carrier-grade producers such as Cisco, Nortel, and Juniper, we are now starting to see active OC-192 links. However, they are only deployed within networks and are not actively connecting different providers.
SONET Topology SONET uses a variation of the ring and mesh topology. This is done because it is the most efficient way to inter-connect all the major nodes in a backbone. However, these topologies are used dynamically depending on the traffic of certain nodes. For example, The mid-west states have a somewhat simple setup with few major nodes and cross links. However, The MAEE (Metropolitan Area Exchange East) in Washington, D.C. would have a very complicated setup because of the enormous amount of traffic. Rings are used provide speed and redundancy. SONET uses the external protocol known as Border Gateway Protocol (BGP). Depending on the situation, multiple versions can be used (BGP4, EBGP, etc). Remember that BGP is only used to for WANs and is not used to route a LAN. The image below shows the basic composition of a SONET ring.
Notice the points of presence (PoP) arranged in a ring configuration. The red and green arrows represent 2 separate fiber optic paths. Two cable paths are used to provide a backup in the event that one becomes unavailable. This method is called Automatic Protection Switching (APS). It is part of the reason for the excellent uptime provided by SONET rings. This is also referred to as "selfhealing." The fiber optic cables used are very thick with a protective covering called "armor" to prevent accidental cable breaks and even from rodents chewing on it. However, in the event of an accident or natural disaster (usually an earthquake), the second cable path will automatically accept the load from the crippled line. The primary line (drawn in green) always flows in a clockwise direction. The secondary line (drawn in red) flows counter-clockwise. There are many different types of ring configurations. Others configurations can use two fiber lines simultaneously for load balancing, one line to send and the other line to receive, etc. High traffic rings may even use dozens of lines to provide a combination of the above configurations.
Redundancy
It does happen. A portion of the fiber paths in a ring become un-responsive. What happens then? This is when the ring configuration shows its valuable. The equipment used within a SONET network is designed to create a loop to automatically repair itself. See the diagram below:
Notice the cable break in the upper left portion of the ring, the routers, and green arrows showing the path of data. The first and last router attached to the broken cable create a loop that allows data to continue along the ring. The large green arrows show the original path traveled along the ring. The smaller green arrows show the modified path as a result of the cable break.
The Big Picture How do all these networks connect? This depends on location, size, and usage. Some SONET networks connect regional or national ISPs. Different ring configurations and speeds are designed by network engineers and city planners. The digram below is an example of a large metropolitan area network connecting to a major backbone provider.