+1(978)310-4246 credencewriters@gmail.com
  

Learning Objectives
• Explain how VLANs enable BN design based on logical instead
of physical design
â—¦ Identify the roles of a VLAN IDs, VLAN tag fields and VLAN trunks
â—¦ Describe the operation of a multiswitch VLAN
• Outline best practice recommendations for backbone design
• Discuss ways to improve backbone network performance
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
1
Virtual LANs (VLANs)
• Routers segment networks based on physical location (i.e., the
cables connected to it)
• Devices in different physical locations may need to access to
the same LAN resources
• VLANs perform flexible LAN segmentation so that it can based
on logical instead of physical design
• VLANs are enabled by high-speed layer-3 switches
• VLANS are much more complex to manage than traditional
switched/routed BNs and typically only used in large networks
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
2
VLAN-Based Backbone Network Architecture
Single Switch VLAN
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
3
VLAN Operations (Single Switch)
• Each device assigned into a VLAN based on the physical port
• Each VLAN identified by VLAN ID which is mapped to
traditional IP subnet
VLANs are transparent devices
Q: How might this affect broadcast traffic?
A: Sent only to ports with same VLAN ID as source port
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
VLAN Operations (Single Switch)
• Simple single-switch example
VLAN 10
VLAN 20
1
2
3
4
5
6
7
Different IP
subnet
assignments
8
Layer-3 Switch Ports
5
VLAN Operations (Multiswitch)
• Multiswitch VLANs
• L3-switches communicate using inter-switch protocols that support VLANs
• VLAN trunks: circuits connecting 2 VLAN switches
• VLAN tag inserted into Ethernet frame (802.1Q)
VLAN ID, Priority
Frame changed within switch, but still transparent
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
6
VLAN Operations (Multiswitch)
VLAN ID: 20
VLAN ID: 30
Same subnet, same switch
Note typos in text diagram (figure 8-7)
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
7
VLAN Operations (Multiswitch)
VLAN ID: 20
VLAN Trunk
VLAN ID: 30
Same subnet, different switch
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
8
VLAN Operations (Multiswitch)
VLAN ID: 20
VLAN ID: 30
Different subnet, different switch (same VLAN)
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
9
Pros and Cons of VLANs
• Advantages
â—¦ Computers can be in different geographic locations in the same subnet.
â—¦ Enable subnets based on who you are, rather than on where you are
â—¦ More flexible subnetting
â—¦ Better managed and more precise traffic flow may lead to faster
performance
â—¦ Traffic prioritization possible with quality of service (QoS) info in VLAN tag
• Disadvantages
â—¦ Complex
â—¦ May increase management when VLAN memberships change
â—¦ Layer 3 switches are more costly than Layer 2
â—¦ Switches only recently standardized
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
10
VLANS – Summary
• Watch this video for a summary of VLAN concepts (CBT Nuggets, 2012).
11
The Best Practice Backbone Design
• Architecture
â—¦ Switched provides the best cost to performance ratio at the distribution layer.
â—¦ Most organizations use routed at the core layer.
â—¦ VLANs are becoming more widely used, especially for organizations needing
the flexibility.
• Technologies
â—¦ Gigabit Ethernet for distribution layer
â—¦ Gigabit Ethernet or faster for core layer
â—¦ Redundant devices and connections
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
12
The Best Practice Backbone Design
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
13
Improving Backbone Performance
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
14
Implications for Cyber Security
• Most routers now have software that enables the network manager to
create an access control list (ACL) that specifies what traffic the router
should allow through and what traffic the router should block.
• Many routers have more sophisticated ACL software that enables the
ACL to have different rules for different interfaces, and specific rules for
the application layer packet type.
• VLANs are the most secure type of backbone because they enable ACL
and other security measures to be applied at the switch level.
â—¦ Every packet from every device is subjected to security, not just those that
pass through a routed backbone.
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
15
What next?
• Read Chapter 8, sections 8.4 – 8.7 in the course text
• Take the M08 Quiz
• Complete and submit the M08 Managing a VLAN lab
16
Learning Objectives
• Describe a backbone network and its relationship to connected networks
• Examine the design of a backbone network
• Compare and contrast switched and routed backbone architectures
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
1
Backbone Architecture Layers
Network designers often think about 3 technology layers when they design BNs
1. Access layer (LANs) closest to the users
• Not actually part of the BN (though VLANs blur the lines)
• LAN technologies can have major impacts on BN design
2. Distribution layer BNs connect access LANs
3. Core layer BNs connect different buildings
• You may read a short description of
backbones before continuing:
What Internet and Network Backbones Do
(Mitchell, Lifewire, 2017)
2
Backbone Network Components
1. Network cables (often fiber for higher data rates)
2. Switches
• Layer-2 switches don’t change message; transparent devices
• Forward packets using MAC addresses (data link layer)
• Physical ports (16-24); paired ports managed as separate
point-to-point circuits
• Learn addresses, build forwarding tables
• VLAN switches (or layer-3 switches) – combine features of
Layer-2 switches and routers
• Used to organize virtual LANs (vice physically co-located)
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
3
Backbone Network Components
3. Routers
• Network layer devices that connect different subnets
• TCP/IP gateways
• NOT transparent devices
• Messages passed up to network layer (IP addresses);
data link layer frames stripped off
• Respond to ARP (and other messages)
• Routing requires more processing than switching,
therefore operates more slowly
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
4
Backbone Network Architectures
• Three major types of BNs, based on the devices used
â—¦ Switched backbones
â—¦ Routed backbones
â—¦ Virtual LANs
• In practice, most common to use a combination of these
architectures
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
5
Switched Backbone Networks
• Most common type of BN used in distribution layer
• Uses layer-2 switches
• Switches come in different form factors
• Desktop / Rack-mounted / Chassis
• Advantages
• Star topology (each connection is point-to-point)
• Simultaneous access among different LANs
• Disadvantages
• More broadcast traffic flows through network
• Architecture must either avoid loops or manage
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
6
SWITCHED BACKBONE NETWORKS
Active topology of switched network restricted to Spanning Tree
• Active loops lead to
Broadcast Storms
• Switched paths must
be reduced to a
spanning tree
• May be accomplished
in s/w (managed
switch)
Switched networks also susceptible to sniffing via Switch Poisoning
(overload with bogus source MAC addresses to fill forwarding table)
Rack-Mounted Switched Backbone Architecture
Logical BN Design
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
8
SWITCHED BACKBONE NETWORKS
Patch Panels
Patch Cables
Chassis Switch
(4 – 100Base-T ports)
Switches
(24 port, 100Base-T)
Backbone
Connection
(1000 Base-F)
Physical BN Design in Main Distribution Facility (MDF)
Main Distribution Facility (MDF) Network Diagram
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
10
Sample Switched Backbone Network
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
11
Routed Backbones
• Sometimes called subnetted backbones or hierarchical backbones
• Typically used at core layer, but sometimes at distribution layer
• Advantages
â—¦ LAN segmentation
• Disadvantages
â—¦ Tend to be slower (more processing of packets)
â—¦ More expensive
â—¦ Harder to manage
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
12
Routed Backbone Architecture
Slide derived from: Business Data Communications & Networking 13e, Fitzgerald, Dennis, and Durcilova
13
What next?
•
•
•
•
•
Read Chapter 8, sections 8.1 – 8.3 in the course text
Review the VLANS and Improving BN Performance presentation
Read Chapter 8, sections 8.4 – 8.7 in the course text
Take the M08 Quiz
Complete and submit the M08 Managing a VLAN lab
14
IS 3413 M09 Lab: Managing a VLAN
In this lab, we investigate the management of a notional (and very simplified) VLAN-based distribution layer
backbone network. The startup software development firm you work for occupies three floors of an office
building. The firm is structured as a matrixed organization, with development teams composed of a software
engineer (SE), a tester/quality assurance engineer (QA), and a marketing/sales/business development
representative (MSB). These teams sit together in bullpen areas, with 2 teams on each floor. This integrated
product team approach works well in many ways, but presents a challenge for network administration. While
traditional networks are often segmented according to physical location, this network needs to be segmented
according to function, with the SE, QA and MSB members being connected to their own function-oriented
subnets. Fortunately, the building has already been equipped with a VLAN-capable switch on each floor, with
VLAN Switch 1 including a connection to a traditional router, as pictured in the figure. The router includes NAT
capability, assigning private IP addresses within the building network in the 192.168.x.x range.
Your job is to assign VLAN IDs and IP addresses consistent with a network segmentation scheme such that
each SE member belongs to a subnet which includes all other SE members, each QA member belongs to a
subnet which includes all other QA members, and each MSB member belongs to a subnet which includes all
other MSB members. There are many possible correct schemes, but the solution set is limited by the IP
addressing range, subnetting rules and VLAN address space. Also note that the logical network topology for
this scenario is identical to that of figure 8-7 in the text, but the unmodified addressing scheme identified
there is not a proper solution for this lab. To complete the assignment, upload a Word (.docx) or Adobe (.pdf)
file with a table or clearly readable list identifying the VLAN ID and IP address for each employee as
identified in the figure.
Sample Assignment Solution Response Format:
Alex (SE)
VLAN ID: ___ IP: 192.168.___.___
Beth (QA)
VLAN ID: ___ IP: 192.168.___.___
.
.
.
.
.
.
.
.
.
Rita (MSB)
VLAN ID: ___ IP: 192.168.___.___

Purchase answer to see full
attachment

  
error: Content is protected !!