Network Pruning Techniques

1. VTP Pruning

VTP (VLAN Trunking Protocol) pruning is used in Cisco networks to reduce unnecessary VLAN traffic over trunk links. It ensures that only the necessary VLAN information is propagated across the network.

How it works?

When VTP pruning is enabled, a switch prevents the broadcast, multicast, and unknown unicast traffic of VLANs from traversing trunk links if the downstream switches do not have any ports assigned to those VLANs.

Benefits:

Reduces unnecessary traffic and increases the available bandwidth on trunk links.

2. Route Summarization

Also known as route aggregation, this technique involves combining multiple IP routes into a single summary route to reduce the size of routing tables.

How it works?

Instead of advertising multiple specific routes, routers advertise a summarized route that represents multiple subnets. This reduces the complexity of routing tables and cuts down on routing updates.

Benefits:

Simplifies routing tables, reduces CPU load on routers, and optimizes memory usage.

3. Spanning Tree Protocol (STP) Pruning

STP pruning helps reduce the number of active links in a network while maintaining redundancy.

How it works?

STP identifies redundant links in a Layer 2 topology and puts certain ports into a blocking state to prevent loops. The active forwarding paths are pruned to create a loop-free network.

Benefits:

Reduces the chances of broadcast storms and optimizes the network topology.

4. Multicast Pruning

This involves limiting the distribution of multicast traffic to only those devices that are interested in receiving the traffic.

How it works?

Protocols like IGMP (Internet Group Management Protocol) and PIM (Protocol Independent Multicast) prune multicast traffic, ensuring it is only forwarded to the segments of the network where receivers are present.

Benefits:

Conserves bandwidth by limiting multicast traffic to relevant parts of the network.

5. Firewalls and ACL Pruning

Firewalls and Access Control Lists (ACLs) can be used to prune unnecessary traffic by blocking or restricting specific types of data.

How it works?

By applying strict firewall rules or ACLs, administrators can limit certain traffic (e.g., ICMP requests, unused protocols) from traversing the network, reducing load and security risks.

Benefits:

Enhances security, reduces unnecessary traffic, and lowers network congestion.

6. Link Aggregation Control Protocol (LACP) Pruning

LACP is used to bundle multiple physical links between switches into a single logical link to increase bandwidth and provide redundancy.

How it works?

By removing unnecessary or underused links in a bundle, LACP can optimize the network by pruning inactive links and maintaining only active ones.

Benefits:

Reduces the overhead of managing multiple individual links and ensures efficient use of available bandwidth.

7. Wireless Network Pruning

This involves removing underutilized or obsolete access points (APs) in a wireless network to optimize coverage and reduce interference.

How it works?

By conducting site surveys and monitoring network usage, administrators can remove or disable APs that contribute little to overall coverage or performance.

Benefits:

Reduces network interference, optimizes performance, and simplifies network management.

These network pruning techniques help optimize the efficiency of a network by eliminating redundant or unnecessary elements, leading to better performance and more streamlined management.

Related FAQs

Q.1 What is network pruning in VLANs, and why is it important?

Network pruning, particularly VLAN Trunking Protocol (VTP) pruning, is a method to prevent unnecessary broadcast, multicast, and unknown unicast traffic on trunk links for VLANs that are not actively used on those links. It optimizes bandwidth utilization, improves network performance, and reduces CPU load on devices.

Q.2 How does VTP pruning work in a network?

VTP pruning dynamically removes VLANs that do not have active hosts on downstream switches from the trunk ports. The pruning process uses VTP advertisements to identify the VLANs that are active on each switch. If a VLAN does not have an active member on a trunk, it is pruned, stopping the traffic for that VLAN from traversing the trunk.

Q.3 What are the limitations of VTP pruning?

• Only VLANs 2-1001 are affected: VTP pruning does not prune traffic for VLAN 1 or extended VLANs (1006-4094).
• Manual Configuration Required: VTP pruning must be explicitly enabled and does not work in VTP transparent mode.
• Limited to Cisco Devices: VTP pruning is a Cisco-specific feature and does not apply to devices from other vendors.
• Inter-VLAN Traffic: It does not affect inter-VLAN routing traffic, which still traverses routed links.

Q.4 How is VTP pruning enabled on a switch?

To enable VTP pruning:

1. Ensure the switch is in VTP server or VTP client mode (not transparent).
2. Use the command: Switch(config)# vtp pruning
3. Verify pruning status with: Switch# show vtp status

Look for the “VTP pruning” field to confirm it is enabled.

Q.5 What are best practices for using VTP pruning?

• Enable only when necessary: Use VTP pruning in large networks with many VLANs and trunk links to avoid unnecessary traffic.
• Backup Configuration: Before enabling pruning, ensure that the VLAN database and switch configurations are backed up.
• Use Consistent VTP Versions: Ensure all participating switches use the same VTP version to avoid compatibility issues.
• Monitor Traffic: Use monitoring tools to confirm the impact of pruning and verify that legitimate traffic is not inadvertently pruned.

Types of Attacks on Routers

Following are common router attacks:

• Denial of Service (DOS)
• Packet Mistreating Attacks (PMA)
• Routing Table Poisoning (RTP)
• Hit and Run (HAR)
• Persistent Attacks (PA)

Denial of Service attacks (DOS):

This type is most frequently used attack technique. Hackers use this technique for the purpose of disrupting a complete router and network. Series of requests is used by the attackers so that the routers networks are simply flooded with the requests of messages. Requests are send with the use of ICMP (Internet Control Message Protocol) packets. Over a short time span, multiple locations are used for sending these packets. A network might need to suffer from serious consequences due to DOS attack and the complete organization might need to suffer from standstill.

The business could be protected from DOS attack using the best method of correctly configuring the encryptions and firewall. A networking engineer services could also be used as an alternative for this purpose.

Packet mistreating attacks – Aimed at injecting the malicious code:

This router attack is the second most common one and is known as packet mistreating. This attack has similarity with DOS attacks since it also injects malicious code containing packets that are designed with the intention of confuse and disrupt the network and router.

The router is mistreated by data packets that results in mistreatment of harmful packages by the router within system. A method known as routing process is there in every router. When the harmful packages are introduced in routing process, the currently loaded packets on routing table could no longer be handled by router.

The vulnerability of router is exposed when it gets more confused since circulation of malicious data begins round the networking and it forms a loop. It further leads to major network congestion and any team of networking finds it very difficult to debug.

Related – Bridge vs Router

Routing table manipulation – Due to routing table poisoning:

Routing table performs the function of receiving or transferring information in every router. However, it is extremely vulnerable if proper encryption and protection is not there. When the routine of routing table changes drastically, it is because of routing table poisoning. For such aggressive attacks, the information packets are edited that rotate through routing table. Servers and networks need to suffer from highly harmful damage due to routing poisoning since the routing table is added with wrong data.

Hit and run attacks:

This attack is another most common form of routers attack and is generally referred as test attacks as well. It takes place when code is used for injecting the router with malicious data. In general, first attempt of the attacker goes in vain and therefore the system is attacked further. It is simple to spot the hit and run attacks since unusual activities are displayed by router on which attack is done and these activities are not the part of its usual routine. The systems could therefore secured by network professionals by acting on hack. But if left unnoticed, the hit and run attack might lead to serious results.

Persistent attacks on routers:

These attacks have much similarity with hit and run since packages of harmful data are injected by both of them in network and route that gives control to the hackers. However, unlike the hit and run attacks, the persistent attacks occur continuously till the goal is achieved by the attacker. The routing table is injected on continuous basis with harmful packets by attackers. This is the reason why persistent attack is also sometimes confused with routing table poisoning. Persistent attack on router has its overall aim to attack vulnerabilities of the networks and ultimately expose them such that the weaknesses are highlighted.

In this article, we will learn about the virtual Router, its key features, use cases, and the future of this virtual routing solution in modern networks.

Introduction to Virtual Router

A vRouter, also known as a virtual router, is a software-based router that runs on a virtual machine (VM). It performs the same functions as a physical router i.e.

• routing traffic between networks, 
• forwarding packets, and 
• implementing networking protocols such as TCP/IP, OSPF, and BGP. 

A vRouter can run on any hypervisor, including VMware, KVM, and Hyper-V. It can be deployed in a variety of environments, such as public and private clouds, data centers, and branch offices. A vRouter can also be used in conjunction with physical routers to create a hybrid network topology, allowing for seamless integration between virtual and physical environments.

Features of vRouter

Flexibility & scalability

A vRouter has the flexibility to be deployed in a variety of environments, from public cloud to data center to branch office. It can also be scaled horizontally to handle increasing amounts of traffic..

Cost-effectiveness

By eliminating the need for dedicated hardware, a vRouter can significantly reduce the cost of networking infrastructure. This is especially true in virtualized environments, where the cost of physical hardware can quickly add up.

Integration with virtualization platforms

A vRouter can be seamlessly integrated with virtualization platforms such as VMware and KVM, allowing for easy deployment and management.

Security

A vRouter can be configured with advanced security features such as firewalling, VPN, and intrusion prevention, providing a secure environment for network traffic.

Virtual Router vs Physical Router

While a vRouter and a physical router perform the same functions, there are some key differences between the two:

Hardware requirements

A physical router requires dedicated hardware, such as a router chassis and network interface cards (NICs), while a vRouter can run on any hypervisor without the need for specialized hardware.

Scalability

A physical router has limited scalability, as it is constrained by the number of NICs and processing power available. A vRouter, on the other hand, can be scaled horizontally to handle increasing amounts of traffic.

Cost

A physical router can be expensive, especially in high-performance environments where multiple routers are needed. A vRouter is typically more cost-effective, as it can be deployed on commodity hardware and does not require specialized components.

Use cases for vRouters

There are several use cases for vRouters:

Public & Private Cloud Environments

In public and private cloud environments, a vRouter can be used to route traffic between VMs and the outside world. It can also be used to create virtual networks within the cloud environment, providing a secure and isolated environment for applications and services.

Data center environments

vRouter can be used to route traffic between servers and storage devices, as well as between different data center locations allowing for easy segmentation and management of network traffic.

Branch office environments

vRouter can also be used to connect remote offices to the corporate network, providing secure and efficient communication between geographically dispersed locations.

vRouter: Installation & Configuration

Choose a hypervisor and download the vRouter software. 

The vRouter can then be deployed as a virtual machine on the hypervisor.

Once the vRouter is deployed configure it  with network addresses, routing tables, and other networking parameters using the vRouter’s web-based management interface/CLI.

vRouter: Common Troubleshooting Issues

Connectivity issues

It may be due to misconfigured network settings or a problem with the physical network adapter. Check vRouter’s network settings & verify connectivity to the physical network.

Performance issues

It may be due to insufficient resources or misconfigured networking parameters. Check vRouter’s resource utilization and review its configuration settings.

Security issues

It may be due to misconfigured firewall rules/outdated security software. Review  vRouter’s security configuration and update its security software as needed.

Continue Reading:

Difference between Network Bridge and Router

Common Types of Attacks on Routers

• Routing in Fortinet FortiGate
• Configuration Steps of Static Routing
• Configuration Steps of Dynamic Routing (BGP)
• Policy Base Routing
• Routing Monitor GUI
• Troubleshooting Commands for Routing in FortiGate

Routing in Fortinet FortiGate Firewall

Routing means how a packet can be sent from a source to destination in a Network.

To perform routing every firewall has a routing table. A routing table contains series of rules which specify the next-hop and active routing sessions. Each routing hop in routing path requires a routing table lookup to pass the packet along as it reaches the destination.

Firewall first find the routing rule in routing table that matches based on the destination address in packet, when performing this match FortiGate evaluate the entire routing table and select most specific route before forwarding the packet to next hop.

What is route lookup?

When a packet arrives on a Firewall interface, Firewall inspects the IPv4 header, detects the destination IPv4 address, and proceeds through the route lookup process.

For each session FortiGate performs route lookup twice.

First lookup performs for the first packet sent by initiator and then for the first reply packet coming from responder. After completing these two lookups firewall updates routing information in session table.

Sequence of packets are routed according to the session table. After a routing table change, route information is flushed from the sessions and must be re-learned.

Static Route

Static Route: Manually configured route, when you are configuring static route, you are telling Firewall to see the packet for specific destination range and specific interface. Example shown in this slide is default static route which means all subnet (0.0.0.0/0) traffic will go via port 1 by using gateway 10.0.3.1 if no matches found in the routing table.

Static Route Configuration in FortiGate:

• GUI-> Network-> Static Routes
• Add New Static Route
• Destination->0.0.0/0
• Gateway-> Firewall Gateway (10.0.3.1)
• AD-> 10(value for static route)

Dynamic Route

For large Network manually configuring routes may not be a practical. Therefore, dynamic routing has been introduced in firewall to learn the route automatically.

Dynamic Routing Protocols supports by FortiGate Firewall

• RIP
• OSPF
• BGP
• IS-IS

In dynamic routing, FortiGate communicates with nearby routers to discover their paths and to advertise its zones to directly connected subnets. Discovered paths are automatically added to the routing table, so verify that neighbour routers are trusted and secure.

Refer below images to configure BGP in FortiGate Firewall.

You can verify the routes in Routing Monitor

Policy Based Routing

Policy based routes can match more than only destination IP address. For example if you have 2 ISP links 10 Gpbs and 5 Gbps , one is for higher management for fast internet access and another one for users for average internet reachability.

Policy Based routing has feature to forward traffic on the basis of policy criteria defined in the firewall. If packet matched the policy, firewall bypasses the any routing table. Policy Based route has maintained separate routing table apart for normal firewall routing table.

Moreover, in Policy Based routing Firewall performs

• Traffic is being forwarded by using specified egress interface to the specified gateways
• Uses the routing table instead and Stops policy routing

Routing Table Monitor

Routing Table Monitor: In the FortiGate Firewall, GUI shows the active routes. Routing Monitor captures static routes data, directly connected subnets assigned to FortiGate interfaces, connected routes.

If the link is not established or down, route will not be captured by the monitor tab

Steps to check Route Lookup in Routing Monitor

Select Route Lookup-> Add search Criteria -> Check Logs

Each of the route listed in routing table includes several attributes with associated values

Network Column: list the destination IP address and subnet mask which matched the routing table.

Interface Column: list the interface that will be used to deliver the packet

Distance Column: or administrative distance is used to rank routes from most preferred to least preferred. If multiple routes to the same destination, then smaller distance will be considered for packet transfer.

Routing Troubleshoot

CLI Command to check active Routes in FortiGate Firewall:

Active, Standby and Inactive Routes

Standby Route

Common Troubleshooting Commands for FortiGate Routing

Some of the commonly used FortiGate CLI commands are:

Continue Reading:

Types of Firewall: Network Security

Palo Alto Firewall Architecture

Are you preparing for your next interview?

If you want to learn more about Fortigate, then check our e-book on Fortigate Interview Questions and Answers in easy to understand PDF Format explained with relevant Diagrams (where required) for better ease of understanding.

Gaia functions as a cohesive security Operating System, merging Check Point’s original operating systems with IPSO, the operating system utilized in appliance security products. It’s accessible for all Check Point Security Appliances and Open Servers.

The Gaia Portal is an advanced interface that is accessible through the web for configuring the Gaia platform. This interface allows you to accomplish nearly all system configuration tasks. Let’s understand and configure Check Point routing using Gaia Portal.

Check Point Routing Types

Check Point offers two types of routing:

1. 1. Static Routing
   2. Dynamic Routing- which includes BGP, OSPF, RIP. Here we will discuss BGP and OSPF routing. 

Check Point Static Routing R80.10 Firewall

We configure a static route to apply a single destination with one or more paths to reach the destination.

CLI Command to configure the static route in Checkpoint firewall is “set static-route”.

• Static routes is used to add paths for specific destination

• We can add multiple static routes for different destinations by using priorities.

Let’s configure Static route in Checkpoint Firewall

1.Login into Web GUI of the Checkpoint Firewall 

2.Select IPV4 Static Routes

3.Go to Add Multiple Static Routes

4.Add routes with the IP address of the next hop.

5.Default 192.168.2.132

In a similar way if you want to add single static route in the firewall 

1.Login into Web GUI of the Checkpoint Firewall 

2.Select IPv4 Static Routes

3.Go to Add Static Routes 

4.Add destination Route 172.16.24.0 subnet mask 255.255.0.0 

5.Add Gateway eth0 (associated interface)

Checkpoint Dynamic Routing /Advanced Routing: BGP Protocol

Checkpoint Dynamic Routing is also known as Advanced Routing.

Let’s configure BGP in Checkpoint Web GUI

1.Go to Advanced Routing 🡪 BGP.

2.Add Router ID which is the ID of autonomous System (AS)🡪 Closest ID

3.Select Local Autonomous System Number: 5

4.Next Move to Miscellaneous Setting in which add Default Route IP address.

5.Default Gateway is a default route which is generated when BGP pairs are UP.

6.Default route has a higher rank than the default static route.

7.Next is enabling the Peer Group Configuration in BGP

CLI Commands to:

Configure BGP

set bgp external remote-as as_number

{on | off}

aspath-prepend-count <1-25 | default>

description “text”

local-address ip_address {on | off}

outdelay <0-65535>

outdelay off

Configure BGP Peers

set bgp external remote-as <as_number> peer

<ip_address> {on | off}

accept-med {on | off}

accept-routes {all | none}

allowas-in-count {0-10 | default}

as-override {on | off}

authtype {none | md5 secret <secret>}

capability {default | ipv4-unicast | ipv6-unicast}

graceful-restart-helper {on | off}

graceful-restart-helper-stalepath-time <seconds>

holdtime {<6-65535> | default}

ignore-first-ashop {on | off}

ip-reachability-detection

check-control-plane-failure

multihop

off

on

keepalive {<2-21845> | default}

log-state-transitions {on | off}

log-warnings {on | off}

med-out {<0-4294967294> | default}

multihop {on | off}

no-aggregator-id {on | off}

outgoing-interface <finterface> {on | off}

passive-tcp {on | off}

peer-local-as

dual peering {on | off}

inbound-peer-local {on | off}

outbound-local {on | off}

peer-local-as as {{<1-4294967295> | <0.1-65535.65535>} on | off}

removeprivateas {on | off}

route-refresh {on | off}

send-keepalives {on | off}

send-route-refresh {request | route-update} {ipv4 | ipv6 | all} [unicast]

suppress-default-originate {on | off}

throttle-count {<0-65535> | off}

trace bgp_traceoption {on | off}

ttl {1-255 | default}

Configure BGP Reflection

set bgp

internal peer <ip_address> peer-type

none

no-client-reflector

reflector-client

cluster-id {<ip_address> | off}

default-med {<0-65535> | off}

default-route-gateway {<ip_address> | off}

Monitor BGP

>show bgp

Checkpoint Dynamic Routing: OSPF Protocol

OSPF protocol confirms that associated interfaces are functional, OSPF first initiated Hello packets by using the Hello protocol over their OSPF interfaces, to discover neighbours. Neighbours are routers/another device which shares a common area network with firewall interface.

After that, neighbouring routers or devices establish adjacencies and exchange their link-state databases.

Topology Details

1.Loopback IP 🡪 30.30.30.0/24

2.Firewall Internal IP Subnet 🡪 10.10.10.1/24

3.Now go to Advanced Routing 🡪 OSPF🡪 Router ID 🡪 10.10.10.1 (Routes will be learnt by this IP address)

4.Add Interface in the configuration which learns routes and publishes OSPF routes.

5.We have added eth1 where 10.10.10.1 subnet is defined.

6.Here the interface configuration for OSPF.

Now OSPF is configured in the firewall.

CLI Commands to:

Configure OSPF in Checkpoint Firewall

set ospf [instance <1-65535>]

default-ase-cost <cost>

default-ase-type {1 | 2}

force-hellos {on | off | timer {default | <2-10>}}

graceful-restart-helper {on | off}

graceful-restart {on | off | grace-period <seconds>}

rfc1583-compatibility {on | off}

spf-delay {default | <delay>}

spf-holdtime {default | <holdtime>}

Configure OSPF Areas

set ospf

[instance <1-65535>]

area {backbone | <ospf_area_name>} {on | off}

range <ip_range>

off

on

restrict

stub

default-cost <1-677215>

off

on

summary

stub-network <ip_range>

off

on

stub-network-cost

nssa {on | off}

default-cost <1-677215>

default-metric-type <1-2>

import-summary-routes {on | off}

range <ip_range> {on | off | restrict}

redistribution {on | off}

translator-role {always | candidate}

translator-stability-interval <1-65535>

Monitor OSPF

show ospf instance <OSPF_instance_number> neighbors [detailed]

Continue Reading:

Checkpoint NAT Policy: Types & Configuration

How to Configure Checkpoint Firewall? Step-by-Step Guide

Network address translation (NAT) is the process of translation of one or more local IP addresses translated into global IP addresses or vice versa in order to provide Internet access to local users. Now being familiar with Network address translation (NAT) we will look more into detail of IP NAT inside source and IP NAT outside source in this article. 

Today we look more in detail about two ways of configuring Network Address Translation (NAT) which is IP NAT inside source and IP NAT outside source. 

IP NAT inside source & IP NAT outside source

While configuring to use NAT in your network we need to define NAT inside and NAT outside interfaces. Before we deep dive into both terminologies and their configuration we need to understand more about a few terms. 

• Inside local IP is how inside local IP address is seen by inside hosts, which is actual IP of our system
• Inside global IP is how inside address is seen globally by outside hosts, from outside hosts in Internet it is translated (NATed) IP address of our system
• Outside local address is how outside address is seen locally by inside hosts, it is translated (NATed) IP of host which resides out of network and used as destination IP address by hosts in LAN
• Outside global IP is how outside address is seen globally by outside hosts, it is real IP address of host which resides in network

IP NAT Inside

IP NAT inside is frequently used by today’s networks. With a large number of hosts in LAN and letting them connect to the Internet means external IP addresses to be provided for each internal host. Such a big range of public IP addresses could be expensive and might not be also available with service providers. 

In that case NAT inside comes handy by simply translating all inside IP addresses to one public IP address using Port Address translation (PAT) which is a NAT feature. 

• PAT translates the IP addresses to one outside IP in addition it will translate the layer 4 source ports. 
• Router will rewrite the TCP or UDP source port by changing just one source IP address and will intimate a session with another host having the same layer 4 source then router will take up the free port. 
• With this mechanism the router will be able to create 64511 sessions for one public IP address. 
• Inside NAT will hide the server’s real IP address and put it under public IP in the Internet as service for public use. This will hide the internal network infrastructure and save public IP range as all our public services can be hosted under one IP. 

IP NAT Outside

The outside NAT translation changes destination address which is useful when an organization has business connection to a 3rd party or external business entity and they are using the same IP address which is getting used somewhere in our internal network. 

Let’s look at one sample example to configure NAT inside and NAT outside as per the above diagram. Here we have used Static NAT.

• IP NAT inside source translates source IP address packets which travel from inside to outside and translates destination IP address of packets which travel from outside to inside. 
• IP NAT outside source on the other hand, translates the source IP address of packets which travel from outside to inside and translates the destination IP address of packets which travel from inside to outside. 

NAT inside source IP (LAN perspective)

All traffic from the system with 10.0.10.1 will be NATed to 122.0.1.100 . Now let’s define the server IP address (190.168.1.2) which will be used by the system as destination IP address.

Now both inside and outside interfaces are defined

Two static one to one translation will be added to the NAT table. So, it is possible to initiate connection from inside or from outside. 

Continue Reading:

What is NAT Traversal?

NAT Type 1 vs 2 vs 3 : Detailed Comparison

In this article we will learn more about Low power wide area network standard, its features, advantages, and limitations.

Low Power Wide Area Network (LPWAN)

Low-power wide-area network (LPWAN) are specifically created for M2M and IoT devices – it enables low power usage, long range wireless connectivity. It is emerged in 2013 and it is a generic term which refers a class network technologies which are designed to communicate without wires over relatively long distances using less power than any other conventional networks such as Wi-FI, satellite etc. Energy efficient and wider coverage is the two main characteristics of LPWAN. In IoT devices growth and increasing penetration which is expected to grow to 22 million in 2025, LPWANs will be key drivers in this growth.

Types of LPWAN technologies

Non-Cellular LPWA Networks –

Network based LPWA solutions such as Sigfox or LoRa use the existing cellular technologies to provide the services, such as LTE-M and NB-IoT.  French start up created LoRaWAN which specialize in transmission of data packets between 0.3 and 50 Kbits per second (Kbps) and was acquired by Semtech, founder of the LoRa Alliance. It is an open source network that can be developed or operated by any company with only limitation of purchasing LoRa chips.

It ensures transferability between operators and benefit from roaming agreements between alliance members. Sigfox is LoRaWAN competitor, created in 2009 as a French initiative in the field of IoT technologies. Low speed networks require the use of Sigfox – certified transmitters and receivers and guarantees compatibility and facilities interpretability between all countries. (Covered).

Standardized Cellular LPWA Networks –

The 3GPP organization proposed two standards for IoT based one existing cellular network. LTE-M and NB-IoT to alleviate the issues of compatibility of M2M applications and reduction in production costs of communication modules. LTE-M technology offers more stable speed, reduced latency and better roaming capabilities as compared to its non-cellular rivals. LTE-M offers higher speeds of up to 1 Mb/s.

NB-Iot is a standard choice for telecommunication giants it uses 200 KHz frequency band and ideal for applications such as telemetry and large number of fixed assets in the field which require reduced data volumes where speed of transmission is not of primary importance.

Applications of Low Power Wide Area Network (LPWAN)

LPWAN networks offer multiple possibilities and can be used in diverse areas. We will look at some use cases which are already defined and already being tested and implemented in real life scenarios lets look at them.

Parking management –

LPWAN offers flexible solution to address parking management in city areas, IoT sensor identifies whether parking space is vacant or occupied and this information is used as an input for applications such as signs indicating how much parking space is vacant or available, where sites are located and any vehicle parked for too long. Use of low power LPWA is an ideal solution as its low power feature will save costs of changing all batteries of hundreds of parking space monitors.

Public and lighting infrastructure –

Multiple light bulbs installed on roads, sidewalks, crowded places, or lonely highway stretches and tracking which bulb went off and informing the authorities, LPWA could alert command center if light bulb is working or off.

Water and Pipe meters –

A pressure gauge communicating data readings to help to identify a leakage as pipelines run miles and ability to communicate over long distances where no network exists LPWA can be used in such underground penetration allowing monitoring of pipelines.

Small pallets –

While tracking shipments load is scanned and LPWA makes it possible to implement smart pallets to track movement of cargo and track if it is opened, dropped, or mishandled.

Pros and Cons of Low Power Wide Area Network (LPWAN)

PROS

• Low power consumption which enables devices to last up to 10 years on a single charge
• Optimized data transfer which supports small , intermittent blocks of data
• Low device unit cost
• Less number of base stations to provide coverage
• Easy network installation
• Dedicated network authentication
• Optimized for low throughout long or short distanced
• Enough indoor penetration and coverage
• Enhance security when LPWAN deployed in licensed spectrum
• Offers longer ranges from 5 KM to 30 KM
• High amount of penetration through walls and building basements
• Secured communication between nodes and gateways with encryption algorithms

CONS

• Supports low data rate hence not suitable for high data rate applications
• Offers high latency between end to end nodes so not ideal for low latency applications

Continue Reading:

What is WAN? Detailed Explanation

M2M vs IOT

Today we look more in detail about two most popular and widely used reference models – OSI and TCP/IP, their features, functions and use cases.

About TCP/IP model

TCP stands for Transmission Control Program and IP stands for Internet protocol. TCP/IP model has a layered architecture and has four layers. The TCP/IP model is protocol-oriented standard. This model was developed by the Department of Defence (DOD) project agency. Internet protocols are a set of rules defined for communication over the network. TCP/IP is considered the standard model for networking and handles data transmission and IP handles addresses. The TCP/IP suite includes protocols such as TCP, UDP, ARP, DNS, HTTP, ICMP etc.

TCP/IP Model Features

• Multi-vendor support is available
• Used for around 35 years and most widely used protocol
• It supports interoperability
• It supports logical addressing
• It has routability feature
• It has name resolution feature
• Error control and flow control are supported features

About OSI Model

The OSI stands for Open System Interconnection, developed in the 1980s by the International standard organization.  It is a conceptual model used in network communication. The OSI model consists of seven layers and each layer is connected to each other. The data moves through the OSI model from its start till end (Last layer of OSI model).

OSI Model Features 

• Model to demonstrate how hardware and software work together
• Ease of troubleshooting (Each layer detects and handles error) 
• Reduction in complexity
• Standardization of interfaces
• Facilitates modular engineering
• Provides interoperability between vendors 

The application layer of the TCP/IP model maps to the first three layers i.e., Application, Presentation & Session Layer of the OSI model. The transport layer maps directly to the transport layer of the OSI model. The Internet layer maps to the Network layer of the OSI model. The last two layers of the OSI model map to the Data link layer and physical layer of OSI model. TCP/IP model is more widely used as compared to OSI model. 

Similarities between TCP/IP and OSI Model

Common Architecture – both models are logical and have similar architecture based on layered approach.

Defined Standards – both models define the standard and framework for implementing the standards and devices. 

Troubleshooting is simplified – by breaking complex functions at each layer into simple components.

Pre-defined standard – the protocols and standards are already pre-defined; and models do not redefine them, it just references it or uses it. Like Ethernet standards were already defined by IEEE before the origin of this model and it uses this in its reference at Physical layer or Network access layer.

Similar functionality at transport and network layer – function performed between presentation and network layer is similar to the function performed at transport layer.

Comparison Table: TCP/IP MODEL vs OSI MODEL

Below table summarizes the differences between the two:

FUNCTION	TCP/IP MODEL	OSI MODEL
Definition	TCP/IP stands for Transmission control protocol/ Internet protocol	OSI stands for Open systems Interconnection
Developed by	It is developed by DOD (Department of Defence) project agency.	OSI model is developed by ISO (International standard organization).
Technology/ Platform	It comprises of a set of standard protocols which lead to development of the Internet. It is a communication medium which provides connection between hosts.	It is an independent standard and generic protocol used as a communication gateway between network and end user.
Delivery of Packets	No guaranteed delivery of packets at transport layer.	Transport layer provides guaranteed delivery of packets.
Approach	Based on horizontal approach.	Based on vertical approach.
Application Layer	Session and presentation layers are not separate, both are included in application layer.	Session and presentation layers are separate
Type of  Model	Implemented model of OSI model.	It is a reference model on which various networks are built.
Network layer	Network layer provides only connectionless service.	Network layer provides connection oriented and connection less services (Both)
Replaceable/ Non-replaceable Protocols	Protocols can’t be easily replaceable	In OSI model protocols are hidden and can be easily replaceable when technology changes occur
Number of Layers	Comprises of four layers	It comprises of seven layers
Protocol Dependent/Independent	Services, protocols, and interfaces are not properly segregated but are protocol dependent	Services, protocols and interfaces are defined and it is protocol independent
Usage	Widely used model	Limited usage of the model
Standardization of devices	Do not provide standardization of devices	Standardization of devices like router, switches, load balancers and other hardware devices

Download the Comparison Table: TCP/IP MODEL vs OSI MODEL

Continue Reading:

OSI Model – The 7 Layers

Introduction to TCP/IP

The Transmission Control Protocol/Internet Protocol (TCP/IP) is a network communication protocol that interconnects the network devices into the internet. It provides a communication between the source and the destination. It specifies how data packets should be broken, addressed, routed, transmitted, and the status to be received at the destination. TCP deals with the delivery of data and how the data packets applications can create their route across the network. It also manages the message into smaller packets before transmission. The IP section deals with obtaining the address of the data and the path a package will use.

The layers of TCP/IP

How TCP/IP works

It uses the client-server communication model. A client provides the service by a central server. The suite protocol is stateless, thus enabling them to free up the network paths to be used continuously. This model of communication is divided into four main layers. Each layer has a set of functions and protocol used for communication.

Protocol in the TCP/IP

Layers of TCP/IP model

The layers of TCP/IP model are explained below:

The application layer

It’s the topmost layer at the TCP/IP model. It defies the internet services standard and network applications to be used by the user. It states the application protocol and how the host application and programs interface with the transport layer in the network. It provides a channel for standardization of data exchange. Its contracts include:

1. Domain Name Server: it works by resolving the IP address into a textual format for the hosts.
2. File transfer protocol: Allows the transfer of files amongst the user in a network
3. Telnet: Manages the connection of remote machine and runs applications
4. Simple Mail Transport Protocol: It transport electronic mail between the sources and destination through a route.

Transport layer

Its main goal is to maintain an end to end communication between the source and destination across the network. It manages the interaction between the sources and provides multiplexing, flow control and reliability of data. The transport protocols include

1. Transmission Control Protocol: It’s a connection-oriented protocol that communication in bytes foam from the source to destination without the flow control and error messaging.
2. User Datagram Protocol: It’s a connection-less protocol that is unreliable. It does not verify the connection between the source and the destination. It doesn’t establish and check the links.

Network layer

It works by controlling movement of data packets across the network. It accepts and delivers the packets across the web. It deals with providing the packets. Routing and congestion avoidance. It packages the data into IP datagrams which contain the address of the source and destination. It allows the host to insert the packets into any network and deliver them independently. The main protocols here include

1. IP protocol: It deals with IP addressing, packet formatting, fragmentation and host to host communication.
2. ARP Protocol: The address Resolution Protocol assists the IP in directing the datagrams to the correct hist. It maps the Ethernet address.
3. ICMP Protocol: The internet control message Protocol helps to detect and control the network errors. It works by either redirection, dropping the packet or connectivity failure.

Datalink layer

This layered work by identification of the network protocol type to use for the packet. It also provides error control and packet framing. It handles the physical section of sending and receiving data over the Ethernet cable, wireless or the network interface card. Some of the protocol used include Ethernet, Token Ring and Point to Point Protocol framing (PPP).

TCP/IP is nonproprietary and compatible with all operating systems. It’s highly scalable and the mostly used over the internet.

Continue Reading:

UDP Header

When does DNS use TCP or UDP?

MPLS i.e. Multi Protocol Label Switching (MPLS). It is a technique that is used for the routing of network packets. It is called a  Multiprotocol as it supports multiple protocols like Internet Protocol (IP), Asynchronous Transport Mode (ATM) and Frame Relay protocols. Moreover, in MPLS technique the network packet forwarding is done based on the label present on the packet, that’s why it is called Label Switching.

MPLS : The “Shim” Protocol

As we know that there are 5 layers of TCP/IP Model. The MPLS layer lies between the layer 2 i.e. the Ethernet layer and the layer 3 i.e. Network layer of the TCP/IP model. So, in other words, it shims(fill up the space) between two layers and hence also known as the “shim” protocol.

MPLS Header

The MPLS Header consists of 32 bits. It consists of –

1. Label: It consists of 20 bits, so the label can take values from 0 to 2^20–1, or 1,048,575. But the first 16 label values(0 to 15) are exempted from normal use as they have a special meaning.
2. Experimental(Exp): It consists of 3 bits. These are used for Quality of Service.
3. Bottom of Stack(BoS):  There can be more than one MPLS labels for a network packet. These labels are stacked one over another. Bottom of Stack field is of 1 bit and it ensures which MPLS label is at the bottom of stack. The bit value is 1 or high only when that particular label is at the bottom of the stack otherwise its value remains 0.
4. Time to Live(TTL): It consists of last 8 bits. Its function is similar to the TTL present in the IP header. Its value decreases by 1 at each hop. So the TTL  ensures that the packet does not stuck in the network by discarding the packet once its value becomes zero.

MPLS NETWORK – Label Switched Path (LSP)

The MPLS Network consists of LSR i.e. Label Switch Routers. These are named so as they are capable of understanding the MPLS labels. There are 3 types of LSR –

• Ingress LSR: The Ingress LSR receive unlabeled IP packet and PUSH the label on it. Ingress LSR are present at the beginning of the network.
• Egress LSR:  Egress LSR POP the label from the incoming packet and forward it as an IP packet. Egress LSR are present at the end of the network.
• Intermediate LSR: Intermediate LSR are present in between Ingress and Egress routers, that is why they are called intermediate routers. These routers receive the labeled packet, SWAP the label of the packet and forward it to the next hop. Thus carrying out MPLS forwarding of the packet.

This type of path is also known as PUSH – SWAP- POP Label Switched Path. Thus a network packet follows a fixed path known as the Label Switched Path or LSP in MPLS forwarding

MPLS Forwarding & how is it different from IP Routing

So after understanding the basics of MPLS Network, we can sum up the process of MPLS forwarding easily.

In MPLS forwarding, the Ingress router present at the beginning of the MPLS network pushes a label on the incoming network packet. This label specifies a particular path that the network packet has to follow i.e the Label Switched Path. Each LSR contains Label Forwarding Information Base(LFIB)which base guides the LSR to swap the label with its corresponding outgoing label. This allows the packet to transmit through the network. The Egress router present at the end of the LSP, pops the label of the packet and it is then moved forward as normal IP packet.

In contrast to MPLS forwarding, in IP routing each network packet contains a source IP address and a destination IP address and is passed through several routers in between through hop-by-hop mechanism. Each router contains the routing table that provides information to the next hop till it finally reaches the destination.

So, MPLS forwarding is done on the basis of labels given to the packets while in IP forwarding it is done on the basis of the IP address.

The detailed comparison between the two can be studied through the below given comparison table. (Credit:ipwithease.com)

Comparison Table : MPLS vs IP Routing

If you want to learn more about MPLS, then check our e-book on MPLS Interview Questions and Answers in easy to understand PDF Format explained with relevant Diagrams (where required) for better ease of understanding.

Every network is a collection of nodes and links for their interconnection. The arrangement of these nodes and links in a specific manner is known as topology. It would define how devices within will connect and how data moves from one node to another node. It can also be simply referred to as a schematic description of arrangement of network elements. There are different types of network topologies but the selection would depend on a number of factors such as performance, throughput, fault tolerance, costs etc. Network topology is defined both at physical and logical level. Logical topology defines how data will flow between network devices whereas physical topology will define physical connections within the network. 

Today we look more in detail about Tree network topology, its advantages and disadvantages and use cases etc.  

What is a Tree Network Topology?

Choice of topology for your network is crucial as it affects its function and performance . So, choosing the right topology for your organization is quite an important decision. By choosing the right topology for your organization, you can reduce operational costs, improve performance and achieve resource allocation optimization. 

Tree network topology is a combination of the bus and the Star network. More than one-star networks can be connected together using a bus network. Different branches, that is the star network looks in tree topology which are connected on a bus at different points at a particular distance and the bus network looks like a root of a tree. 

The central ‘root’ node is connected to one or more other nodes which are one level lower in the branching with a point-to-point link between each second level node and the top level ‘root’ node. Each of the second level nodes is connected to the ‘root ‘ node but also has one or more nodes connected to one level below again (third level). The ‘root’ node is top most in the hierarchy and there is no node above it, all other nodes are descendants of the ‘root’ node. There is only one path between two nodes for transmission of data. Thus, it is a parent-child hierarchy.

The central hub contains a repeater, which looks at incoming bits and regenerates them as the full blow signal for 0 or 1 as required. This allows digital signals to travel long distances. The central hub is also known as an active hub. The tree topology may have many secondary hubs, which may be active or passive in nature.

Advantages of Tree Network Topology 

• For networks where neither star nor bus topology can be implemented tree topology is best alternative. 
• Support for broadband transmissions – It is mainly used to provide broadband transmission as signals can be sent to long distances without being weakened.
• Ease of expansion – new devices can be added to the existing network without much hassles. Whole readymade branches can be attached to the main cable channel which is bus network which is especially designed for expansion of network 
• Not just physical appearance but logically also branches of the tree network are divided functionally and each segment of branches can be managed separately. 
• Ease of management – the whole network is divided into segments known as Star networks which are easy to manage and maintain
• Error detection – error detection is quick and error correction is also easy as roles are divided, responsibilities and functions are segregated 
• Limited failures – the breakdown of one station in the hierarchy don’t impact availability of the entire network. Each of the branches are connected with base cable channel with a separate point to point wiring so damage to one branch will not affect function of another branch
• Point to point wiring – Individual segments are point to point connected 

Disadvantages of Tree Network Topology

• Difficult to identify fault and troubleshoot – Its fault occurs in the node; it becomes tough to troubleshoot the issue as defective node detection is tedious task
• Higher costs – devices required for deployment of broadband transmission are expensive
• Failures – even though one branch cannot cause impact to other , but its main dependency is on the bus cable and failure in main bus cable could lead to downfall of entire network
• Complexity in reconfiguration – addition of new device requires expertise in configuration 
• Maintenance costs are more with number of nodes or branches and wiring extensions

Continue Reading:

Hybrid Network Topology

Bus Network Topology

Today we look more in detail about extended Star network topology , its need, advantages and disadvantages and use cases etc.  

About Extended Star Network Topology

An extended star network topology includes an additional networking device that is directly connected to the central networking device. It seems like a mesh of switches which are interconnected to the network and once central networking device which controls the network. Star topology is the most widely used network topology at homes and offices.

It has different nodes that are known as hosts and the central node of communication called a hub or the server. The central hub is also called peripheral host and nodes are called leaves of the peripheral host. The central hub is the central point of communication and if any node needs to transfer a message to another node the first step is to send a message to the central hub and then the central hub will transfer the message to the recipient node. 

This sort of network setup is known as star topology or extended star topology and it is good for short distance communication which can be used in offices, homes, computer labs, and small buildings where the LAN is established. All the nodes can be managed from a one-point central hub. The central hub has content addressable memory (cam) table which is used to store the address of all nodes so that all information of connect nodes can be managed by the central hub in the proper manner. 

In extended star topology instead of connecting all devices to the central unit, we have sub central devices added to allow more functionality for organization and subnetting.

Advantages of Extended Star Topology

• The performance is better in extended star topology compared to bus topology. As there is no unnecessary transmission of messages in the network. The message is transferred only between source node , a central hub and destination node 
• Ease of adding devices as network expansion happens
• One node failure do not bring down entire network
• The new equipment can be added to the network and connected to the central hub. The nodes can be easily removed from the network 
• It is easy to find device and cable issues
• It can be upgraded to faster speed
• This topology helps to control multiple nodes at the same time 
• The data transmission can be done across the network and there is very less chance of network failure as compared to its counterparts like bus topology 
• Mostly widely used so support is easily available

Disadvantages of Extended Star Topology

• As all nodes are connected to central hub it requires more wire at each node to connect to central hub which increases its setup cost hence it requires more cable than a bus or ring network
• As all nodes are connected to the central hub and if central hub goes down it will lead to whole network failure and bring down entire network 
• Increase in number of connected nodes will decrease the performance of central hub or switch and will cause network congestion 
• Comparatively higher costs than bus networks (Installation and equipment)

Uses of Extended Star Topology

• The extended star topology is majorly used where we need to connect multiple nodes to one central node and control of all nodes is from the central node.  
• It can be used to establish the LAN (Local Area network) connection. The LAN connection helps to connect systems to one central point. The LAN connections are meant for shorted distances
• It helps to transmit the data and information to any other node on the network. One node can send message to any other node provided all nodes are connected to central hub or switch
• It is used in homes and offices. The failure probability of the network can be reduced using extended star topology. As the nodes connected to one central hub there is a little chance that network will fail as the nodes are independent of each other and connected to central hub or switch

Continue Reading:

Hub and Spoke/Star Network Topology

What is LAN? Detailed explanation

Today we look more in detail about Hybrid network topologies, its types , pros and cons and use cases etc.  

Hybrid Network Topology

Different applications use hybrid network topology as it is more efficient compared to fundamental mechanisms. It can be deployed in different environments. It provides users the benefit to create, run and manage applications. There are various sectors in which hybrid topology is widely used such as educational institutions, banking sector, automated industries, financial sector, research organizations and multinational companies. The hybrid topology is created by mixing two topologies such as full mesh topology, extended star, partial star, point to point network and so on. It is good for use on multi-floor buildings and departments in offices and also at homes. 

Types of Hybrid Network Topologies

There are several types of hybrid network topologies which integrate many basic topologies to create a new form of topology as per the requirements. These topologies are hieratical in nature and constitution. Hybrid topology has the capability to integrate both physical and logical topologies. We will learn more in detail about these topologies in this section.

Star-Ring Hybrid topology 

The Star and Ring topology is used to create this topology. Using ring topology, two or more-star topologies are linked with the help of a physical (wire) connection. The data flows in both ways unidirectional or bidirectional. Whereas in original ring topology the bidirectional method of data flow provides the functionality that there is no impact on whole network data flow when one node of the original ring topology fails and data reaches a connecting node in this type of star topology. 

Star-Bus Hybrid topology 

This is achieved by combination of bus and star topology. The bus topology allows two or more-star topologies to be linked via a wire connection. The original bus topology interrelates the distinct star topologies and provides a backbone structure.

Hierarchical Hybrid Network topology 

This topology is also called network tree topology. It is a minimum level like two to a maximum level, and maximum is known as root or parent node. The next level in hieratical structure includes a child node which is level three. Except the top-level nodes each node provides a maximum parent node and the nodes at minimum level, peripheral nodes function like parent nodes and referred as leaf nodes. 

Pros and Cons of Hybrid topology

PROS

• Reliability is higher in hybrid topology due to better fault tolerance. If a node gets damaged between network, it is possible to single out the damaged node from rest of the network without impacting the processing of network
• Effective as mixing of two topologies brings benefits of both such as high tolerance is provided by star topology and good data reliability is provided by ring topology
• Scalability is another benefit of hybrid topologies. As it involves easy integration of additional concentration points or new hardware components. Without disturbing the existing architecture, it is easy to extend network size.
• Flexibility is great virtue of this topology as it can be implemented for different network environments 
• They offers benefits like data communication, signal strength, throughput and high-end equipment integration 
• It has ability to transfer data easily between different types of networks

CONS

• Complexity is one of the drawbacks of this topology. It is challenging as different topologies are linked in hybrid structure. It is tough for designers to create such structure and requires efficient installation and configuration process 
• Purchase and management of hybrid topology is comparatively expensive then basic topologies. The hubs are also required in this technology to connect two different networks which are quite expensive. The hybrid topology may require advanced network devices , loads of cables and much more as architecture is usually quite larger in scale. 
• For quick fault identification it requires a multi-access unit to bypass faulty devices so that there is no or limited impact on network availability. 

Continue Reading:

Ring Network Topology

Hub and Spoke/Star Network Topology

RIB (or routing table) and CEF (Cisco Express Forwarding) are two different tables which are used in routing across IP networking platform. Both have common information but perform two distinctly different purposes. CEF technology is new in the networking domain when compared to Routing table. Also, CEF has garnered a lot of appreciation for its ability to reduce the overhead and delays introduced by other techniques of routing.

In this article we will learn about CEF and Routing table.

Sub-Topics to be covered:

1. Detail discussion on CEF
2. Detail discussion on Routing table
3. Comparison of CEF and routing table
4. Difference table between CEF vs Routing table
5. Conclusion

Cisco Express Forwarding (CEF)

Cisco Express Forwarding (CEF) is a packet switching technique that is the default for most of Cisco platforms. CEF provides the ability to switch packets through advanced Layer 3 IP switching technology via a layer 3 device in a way that minimises the load on router’s processor. This way the routing process can be offloaded to deal with other responsibilities that require larger amounts of processor resources and time like QOS, Encryption etc. CEF is a Cisco proprietary protocol, however other OEM and vendors of Routing and Switching platforms also offer CEF comparable features which are performed in hardware based ASIC.

Related – Central CEF vs Distributed CEF

 Routing table

The Routing Information Base is where all IP Routing information is stored. It is not specific to any routing protocol, rather all the routing protocols place all of their routes. Routes are inserted into the routing table whenever a routing protocol running on the router learns a new route. When a destination becomes unreachable the route is first marked unusable and later removed from the routing table from where the route were learned like dynamic routing protocols, directly attached networks and static routes.

Comparison : CEF vs Routing table

• CEF moves packets between interfaces whereas IP routing finds the way toward destination in routing table.
• CEF works at data plane or forwarding plane and IP routing table works at control plane.
• IP route table is stored in RAM and CEF is stored in TCAM.
• IP routing verification is performed by “show IP route” command and CEF can be verified by command “show IP CEF”.
• IP routing protocols are Static, Dynamic and EGP whereas CEF uses TCAM for next hop lookup.
• CEF is layer 2 whereas IP routing is layer 3.
• CEF looks up FIB and makes forwarding decision whereas IP routing looks at routing table to make decision.
• CEF can be enabled by “IP CEF” command while IP routing can be enabled by route protocol name.
• CEF works by creating two tables i.e. Adjacency table and FIB. On the other hand, IP routing table contains next hop exit information, AD, Metric and best route toward destination.

Difference table : CEF vs Routing table

CEF	ROUTING TABLE
CEF moves packets between interfaces	IP routing finds the way towards destination in routing table
CEF works at data plane or forwarding plane	IP routing table works at control plane
CEF is stored in TCAM	IP route table is stored in RAM
CEF can be verified with “show IP CEF”	IP routing table verification done with “show IP route” command
CEF uses TCAM for next hop lookup	IP routing protocols are Static, Dynamic and EGP
CEF is layer 2	IP routing table is layer 3.
CEF looks up FIB and makes forwarding decision	IP routing looks at routing table to make decision
CEF can be enabled by “IP CEF” command	IP routing can be enabled by “IP route” globally
CEF works by creating two tables ·Adjacency table ·FIB	IP routing table contains next hop exit information, AD, Metric and best route toward destination

Conclusion

CEF is a packet switching technique, whereas IP routing is a technique of forwarding packet along the best path toward destination. CEF contains two bodies i.e. adjacency table which is layer 2 and FIB which is layer 3. On contrary, IP routing table is layer 3.

Download the difference table here.

Virtualization in IT systems has helped Network estate immensely. 2 technologies which have helped networking across various segments are VLAN and VDC. While VLAN is short for Virtual Local Area Network, VDC means Virtual device contexts. VLAN divides the network into separate logical areas at the Layer 2 level and each VLAN is considered an individual broadcast domain. VDCs allows the switches to virtualize physical chassis.

In VLAN, unicast, broadcast and multicast packets are forwarded and flooded only to end stations in that VLAN. VLAN is considered a logical network and packets destined for stations that do not belong to the same VLAN (different subnet) must be forwarded through a router or Layer 3 device or entity.

VDC, presents itself as a unique device to connected users within the framework of that physical switch. VDC behaves as a separate logical entity within the switch, maintaining its own unique set of running software processes/configuration.

Virtual Device Contexts (VDCs)

The NX-OS supports Virtual Device Contexts (VDCs) feature, allowing the partitioning of a single physical Nexus 7000/7700 device into multiple logical devices i.e. Separate Management plane, Data plane and Control plane. This logical separation provides the following benefits:

• Administrative and management separation.
• Failure domain isolation from other VDCs.
• Address, VLAN, VRF, and VPC isolation.

Resource that can be shared in VDC –

• Single instance of the kernel which supports all of the processes and VDC.
• Hardware which can be shared i.e. Supervisor modules, Fabric modules, Power supplies, Fan trays, CMP, CoPP and hardware SPAN resources.

Resource that cannot be shared in VDC –

• CPU, Memory, TCAM Resources such as the FIB, QoS, and Security ACL.
• L2 Protocol i.e. VLAN, STP, LACP, UDLD and others.
• L3 Protocol i.e. Routing, VRF, PIM, SNMP and others.

VDC License requirement

To Create VDC, an advance license is required on Nexus switch. License is associated with serial number of chassis. Cisco provide 120 days grace period for trial.

Number of VDCs supported –

Number of VDC support depends on supervisor engine in Nexus chassis.

• Nexus 7000 Supervisor 1 supports 4 VDCs.

• Nexus 7000 Supervisor 2 supports 4+1 admin VDCs.
• Nexus 7000 Supervisor 2E supports 8+1 admin VDCs.
• Nexus 7700 Supervisor 2E supports 8+1 admin VDCs.
• Nexus 7700 Supervisor 3E supports 8+1 admin VDCs.

Types of VDC

Default VDC – VDC1 is said to be default. It is used for management of all VDC in Nexus. At first login in nexus switch user will be in default VDC. Default VDC is created by NX-OS boot up. In Default VDC, we can create/update/delete other non-default VDCs and allocate resources such as interface, memory to non-default VDC.

Admin VDC – It is created from initial configuration wizard. No resources is allocated to Admin VDC since it is not made to handle user data traffic. It is used for managing other VDCs and nexus chassis.  Default VDC has been replaced with Admin VDC in SUP2/SUP2E with NX-OS 6.1. Default and Admin VDC cannot exist at the same time. VDC 1 can be either configured as default or Admin. We can convert to admin VDC by using this command #System admin VDC.

Non-Default VDC – It can be created from Admin or Default VDC. Changes made on non-default VDC does not affect other VDCs. Each VDC have its own configuration file. Non-default VDC is used to handle user data traffic as interfaces can be allocated to it.

Storage VDC, It is used when SAN function is implemented in Nexus. Two different types of interfaces are assigned ie FCOE and shared interface.

Creating VDC

Hostname#conf t

Hostname(config)#vdc  (name) > Creates a VDC and enters the VDC configuration mode.

Hostname(config-vdc)#allocate interface ethernet slot/port > Allocates one interface to the VDC.

Initializing VDC

Hostname#switchto vdc vdc-name  > Switches to the VDC.

Hostname-NewVDC#show vdc current-vdc > Displays the current VDC number.

Verifying VDC

Hostname#show running-config {vdc | vdc-all} > Displays the VDC information in the running configuration.

Hostname#show vdc [vdc-name] > Displays the VDC configuration information.

Hostname#show vdc detail > Displays the detailed information about many VDC parameters.

Hostname#show vdc current-vdc > Displays the current VDC number.

Hostname#show vdc membership [status] > Displays the VDC interface membership information.

Hostname#show resource > Displays the VDC resource configuration for the current VDC.

Related – VDC vs VRF

Virtual Local Area Network (VLAN)

Virtual LAN (VLAN), divides the network logically on layer 2 (data link layer). VLANs also divide broadcast domain. It allows hosts to be grouped in a same broadcast domain even if they are not connected to the same switch. Two types of VLAN membership methods are Static and Dynamic.

In a Static VLAN, VLAN is manually created and then VLAN is assigned to respective switch ports. It is also called port-based VLAN. The port association with the VLAN does not change until the administrator changes the port assignment. End user device becomes the member of VLAN based on the physical switch port to which they are connected.

In a Dynamic VLAN, when a port is configured as dynamic, it receives VLAN information from VMPS server based on the MAC address. It reduces overhead of network administrator. When a workstation is connected to a switch port the switch queries a database to establish VLAN membership. VLAN database of a VLAN Membership Policy Server (VMPS) server is updated by administrator.

VLAN ranges

• VLAN 0, 4095: Reserved range.
• VLAN 1: Default or native VLAN of switches. By default, all switch ports are assigned in VLAN 1. This VLAN cannot be deleted/modified.
• VLAN 2 – 1001: Normal VLAN range. We can create/modify/delete these VLANs.
• VLAN 1002 – 1005: Reserved for FDDI and token rings. These VLAN can’t be deleted.
• VLAN 1006 – 4094: Extended range of VLAN.

Functions of VLAN

1. VLANs increases the number of broadcast domains possible in a LAN by grouping various hosts with similar functions.
2. Virtual LANs provide mechanism for making logical groups of end devices, though they are on different networks.
3. Implementing VLANs reduces the security risks significantly, as the number of hosts connected on a broadcast domain decreases. This is done by configuring a separate VLAN for only the hosts with the sensitive information.
4. VLAN offers flexible networking models which group different users based on their departments (job/function), rather than just physical locations of that network.
5. Changing users/hosts on a VLAN is easy. All it needs is a new port level configuration. If a user wants to move from one VLAN to another, a new port needs to be configured on the desired VLAN.

Related – VLAN Interview Questions

Comparison

1. A VDC virtualizes the device itself by segregating a single physical device into multiple logical devices. In case of VLAN, network is divided in a network switch on Layer 2 network.
2. VDCs have Separate Administrative and management domains. In VLAN, we have separate broadcast domains.
3. VDC feature is available on Nexus 7K only. In case of VLAN, this feature is available on every switch.
4. Advance Services License is required to enable VDC feature set. VLAN doesn’t require any License to be enabled.
5. An external connection needs to be made between ports of VDC to perform internal VDC (VDC to VDC) communication. In VLAN, SVI needs to be created to communicate between different network subnet.

VDC vs VLAN: Comparison Table

S.no.	VDC	VLAN
1	A VDC virtualizes the device by segregating a single physical device as multiple logical devices.	A VLAN divides network in a network switch.
2	Separate Administrative and management domains for each VDC.	VLANs have separate broadcast domain.
3	Feature available on Nexus 7K only.	VLAN feature is available on every switch.
4	Advance Services License required to enable VDC.	VLAN doesn’t require any License to be enabled
5	An external connection needs to be made between ports of VDC to perform internal VDC (VDC to VDC) communication.	VLAN SVI needs to be created to communicate between different network subnet.
6	Used in case of multi-tenant environment or when separate security Zone are required	Used to limit broadcasts and when multiple department or groups with separate security control
7	Scope limited to Data Center environment	Scope is very wide and VLANs can be seen in Data Centers, small to large offices and even Service provider networks.

Conclusion

Both VDCs and VLANs are an integral part of a LAN network, and IT solutions would be incomplete without using atleast one of them. Virtualization is used by both discussed concepts where VDC came to fore pretty recently, VLAN has been there for quite long. VDC divides the physical chassis into multiple logical chassis, whereas VLAN divides physical switch network into logical parts.

Download the difference table here.

All devices part of a network can connect and communicate with each other. However, when we try to put logic around the communication between these devices, the key query that always arises in our mind that how one device will uniquely identify and send data to the other device in the network. This can be possible only with the help of the MAC and IP addresses. MAC address is assigned to the NIC card by the manufacturer. IP address is a number assigned to the workstation’s NIC in a network.

We will follow below key sections during the course of this post to illustrate on MAC address and IP Address –

1. Definition
2. Key Differences
3. Comparison Chart
4. Conclusion

Definition

What is MAC Address?

MAC (Media Access Control) address uniquely defines a hardware interface called MAC Address. MAC address is unique and assigned by the manufacturer and is programmed in the ROM of network interface card (NIC). MAC address is a 48-bit hexadecimal address. The format of a MAC address is xx:xx:xx:yy:yy:yy, where xx:xx:xx is a 3-byte address of the manufacturer. On the other hand, yy:yy:yy is a serial number of NIC card. Notable is that MAC address will change if NIC is replaced. MAC address works at the data link layer of OSI model. ARP (Address Resolution Protocol) is a protocol which does IP to MAC address mapping and henceforth is used to get MAC address of a device.

What is IP Address?

Internet Protocol (IP) address is an address which is allocated to every single computer. It is an address that is used to classify every node in the network. IP address provides the network node a location, so that it can connect with other nodes or networks. IP address is 32 bit, Version four of IP protocol. A newer version is IPv6 and it is 128 bit. IP address can be statically and dynamically assigned to a device.

• Static IP address – This will never change, and can be considered a perpetual internet address.
• Dynamic IP address – This is a provisional address that is allocated each time a computer or device connects to the network.

IPv4(Internet Protocol Version 4): IPv4 is a 32-bits address. This address is available in decimal form along with dots (.) in between. For Example – 192.168.1.1. The header field of the IPv4 is 20 bytes, and the checksum bits are present in the header for error control. The IPsec support (for security feature) is optional in IPv4. It supports a datagram up to size 576 bytes. The IPv4 addressing can be used for Multicasting and Broadcasting the data packets.

IPv6(Internet Protocol Version 6): IPv6 is a 128-bits address. This address is available in hexadecimal form along with semi-colons(:) in between. For Example: 2FFE:F300:0213:AB01:0132:7289:2134:ABDC. The header field of the IPv6 is 40 bytes, but the checksum bits are not present in the header file. The IPsec support (for security feature) is mandatory in IPv6. It supports a packet size of up to 1280 bytes. The IPv6 addressing can not be used for broadcasting.

Related – IPv4 vs IPv6

IP address classes

• Class A 0.0.1 to 126.255.255.254
• Class B 1.0.1 to 191.255.255.254
• Class C 0.1.1 to 223.255.254.254
• Class D 0.0.0 to 239.255.255.255. It is reserved for multicast groups.
• Class E 240.0.0.0 to 254.255.255.254. It is reserved for future use, or research and development purposes.

Key Differences

• MAC address uniquely identifies a device, whereas an IP address uniquely defines a device connection to a network.
• MAC address is 48 bit long hexadecimal whereas IP address has two versions, IPv4 a 32-bit address and IPv6 a 128-bit address.
• MAC address is assigned by the manufacturer. On the other hand, IP address is assigned by the network administrator.
• ARP obtains MAC address whereas RARP obtains IP address.
• MAC Address operates in the data link layer whereas IP Address operates in the network layer.
• MAC Address of computer cannot be changed with time and environment whereas IIP Address modifies with the time and environment.
• MAC Address can’t be found easily by third party whereas IP Address can be found by third party.

Comparison Table : MAC Address vs IP Address

S.No.	MAC ADDRESS	IP ADDRESS
1	MAC Address is a 6 byte hexadecimal address.	IP Address is either 4 byte (IPv4) or 6 byte (IPv6) address.
2	ARP is used to get MAC address of device.	RARP used to get IP of device.
3	NIC Card’s Manufacturer provides the MAC Address.	Network administrator or Internet Service Provider (ISP) provides IP address.
4	MAC Address is the physical address of computer.	IP Address is the logical address of the computer.
5	MAC Address operates in the data link layer of OSI model.	IP Address operates in the network layer of OSI model.
6	MAC Address helps in simply identifying the device.	IP Address identifies the connection of the device on the network.
7	MAC Address of computer cannot be changed with time and environment to it is fixed.	IP Address modifies with the time and environment and it is not fixed.
8	MAC Address can’t be found by third party.	IP Address can be found by third party.

Conclusion

MAC and IP address both are equally required when a device communicate with another device in a network.

Download the difference table here.

Continue Reading:

Ways to find MAC Address of Remote Computers

For a better understanding of IP Address, please watch our related video:

Introduction

Ad-hoc network is a collection of mobile nodes forming an instant network without a fixed topology. In such a network each node acts as both router and host simultaneously and can join or move out in the network freely. In Ad-hoc routing protocol, nodes take decision of routing among all nodes connected in a mobile ad-hoc network.

There are two variations of mobile network:

1. Infra-structured network
2. Ad-hoc network.

Infra-structured network are connections with fixed and wired gateways. Infrastructure mode wireless networking bridges wireless network to wired Ethernet network. Infrastructure mode wireless also supports central connection points for WLAN clients.

An ad hoc network typically refers to any set of networks where all devices have equal status on a network and networks are liberal to associate with any other ad hoc network devices in link range. Wireless ad-hoc networks can be further classified by their application, as follows:

1. Mobile ad hoc networks (MANET)
2. Wireless mesh networks (WMN)
3. Wireless sensor networks (WSN)

Proactive Routing Protocol

In this type of routing protocol, each node in a network maintains one or more routing tables that are updated regularly. Each node sends a broadcast message to the entire network if there is any change in the network topology. However, it incurs additional overhead cost which arises since it maintains up-to-date information. As a result, throughput of network may be affected, but it provides the actual information to availability of the network. Below is the list of Proactive Protocols –

• Destination Sequenced Distance Vector (DSDV) protocol
• Wireless Routing protocol (WRP)
• Hierarchical State Routing (HSR) protocol
• Source Tree Adaptive Routing Protocol (STAR)
• Optimized Link State Routing (OLSR)
• Global state routing protocol (GSR) are the examples of Proactive protocol.

Each node maintains up-to-date routing information to all the nodes in the network whereas in case of on-demand routing protocol, a node finds the route to a destination when it desires to send packets to the destination. GSR is a protocol that uses destination sequence number to keep routes loop-free and up-to-date.

HSR are hierarchical routing protocol. WRP is a distance vector routing protocol. Each node in OLSR discovers and maintains topology information of network. It builds shortest path tree to achieve preferred paths to destinations. DSDV updates its Routing table by time to time transmitted throughout the network in order to maintain table consistency. Routers in STAR communicate to its neighbours their source routing trees either incrementally or in atomic updates. Source routing trees are specified by affirming the link parameters of each link which belonging to the paths used to reach every destination.

Related – Proactive vs Reactive Routing Protocols

Key points of Proactive Routing Protocol

• Low delay route setup process- all routes are immediately available.
• High bandwidth requirement- updates due to link loss leads to high control overheads.
• Low scalability- control overhead is proportional to the number of nodes.
• Slow reaction on restructuring and failures.
• High storage requirements- whole table must be in a memory.
• Respective amount of data for maintenance.

Applications of Wireless Ad Hoc Networks

1. Tactical Networks – Military operations.
2. Emergency Services – Disaster recovery, Patient records retrieval.
3. Sensor Networks – Weather forecast and monitoring, Earth movement capturing, Ocean engineering, Collection of real time data.
4. Cellular Networks and Bluetooth.
5. Educational applications – Video conferencing, Virtual classrooms.
6. Entertainment – Video and music on demand.

A Network Bridge is a networking device principally operating at the data link layer (Layer 2) of the OSI model with filtering/forwarding/segmentation capabilities to work in a collision domain and a broadcast domain. On the other hand, Router is an internetworking device operating at the network layer (Layer 3) of the OSI model. A router is attached to two or more networks and forwards packets from one network to another and works in many broadcast domains. Let’s discus on features, highlights and comparison of both devices.

1. Features of Bridge and Router
2. Key highlights Bridge vs Router
3. Comparison Chart
4. Conclusion

Features of a Network Bridge

A bridge is a networking device for connecting two segments of a network and transmitting data between them. Bridge operate in both the physical and the data link layers of OSI model. There is a compulsion of using identical protocols for the segments to communicate. The primary use of a bridge is to send, filter, or flood any arriving frame which is depending on the MAC address of that specific frame.

Bridges forward Packets using the software. Thus bridges are software-based. Bridged network fragments collision domains, but do not fragment broadcast domains, instead forward all broadcasts.

Types of  Network bridges

• Simple Bridge- A simple bridge connects two segments and contains a table that limits the addresses of all the stations included in each of them.
• Multiport Bridge is employed when we want to link more than two LANs, and each table is containing the physical addresses of stations approachable through the particular port.
• Transparent Bridge performs its bridging functions and it’s also creates own table of station addresses.

Related – Network Bridge vs Repeater

Features of Router

 Unlike a bridge, if a router receives a packet that is not destined for a connected client, it will forward that packet onward. Routers depend on a routing table in order to know the next destination if it is outside the pool of addresses that the router is maintaining.

A router will have a WAN interface along with a LAN interface. The WAN connection is for all traffic outside of the router’s pool, and the LAN connection is for local clients. A router is located at any gateway — where one network meets another — including each point of presence on the internet

Key highlights of difference between Network Bridge and Router

• Routers are not transparent to the end stations. In contrast, Bridges are transparent to the end stations and does not rely on the protocol.
• In a bridge, frames are forwarded on the basis of the MAC address of the frame. As against, Router checks logical address (i.e., IP address) of the packets.
• The router can work on more than broadcast domain while Bridge can work on a single broadcast domain.
• Bridge functions at Data link layer while router operates at the Network layer of the OSI model.
• The bridge can relay frame from one segment to another whereas Router store and forward packets.

Comparison Chart 

Below table illustrates difference between Router and Bridge –

KEY TERMS	ROUTER	BRIDGE
Objectives	Router main objective is to connect various networks.	Bridge main objective is to connect various LANs.
Layer	Router works in Network Layer.	Bridge works in Data Link Layer.
Address	Router scans device’s IP Address.	Bridge scan device’s MAC Address.
Routing Table	Router uses routing table.	Bridge do not use routing table
Domain	Router works on more than single broadcast domains.	Bridge works on a single broadcast domain.
Ports	Router has more than two ports . Router devices are used to connect the LAN and WAN links.	Bridge has only two ports.
Transparency	Routers do not provide station transparency.	Bridges are protocol independent and transparent to the end stations.
Data Format	Router sends data in form of packets.	Bridge also sends data in form of packets.

Download the difference table here.

Today we look more in detail about Partial mesh network topology , its need, advantages and disadvantages and use cases etc.  

About Partial Mesh Network Topology

Partial mesh is a structure to map routers in such a way that they are coupled tightly among themselves but still not fully interconnected. Partial mesh is a subset of full mesh and links are arranged in a strategic manner based on frequent operating paths or signals to facilitate usage. Users of partial mesh enjoy better usability and time management but there are definitely some additional benefits using partial mesh in your organization. Only a few nodes, not all are attached with other nodes.  

There is no centralized regulation in partial mesh, for any number of connections in the network no admin or controller exists. They are applicable to Wireless area networks as they are meant to cover large geographical areas. WANs as we are aware are suitable to handle large crowds and numerous devices or remote areas. It is not simply more redundant than Hub and spoke WAN topology but it lies somewhere between Mesh and Spoke in terms of costs and it is comparatively less expensive than full mesh but costlier than spoke.

Partial mesh networks are highly robust and if a user loses connection still data will not be lost as data is not hosted centrally in one location. Partial mesh topology creates datasets with better management capabilities and integrity. There is validation and tracking for any misconduct that occurs.

Principles of Mesh Network Topology

Mesh topology works on two principles as under.

• Routing – in routing mode data is communicated in a pre-arranged path containing many hopping across nodes. All intermediary nodes require to be active and connected then only data will be transmitted over the network
• Flooding – the data is transmitted to every active node. The node looks at address data and passes it to next active node if data is not supposed to be addressed

Protocols used in Partial Mesh Topology

Protocols fit in layer 3 of the OSI model and define standards for data communication between two nodes. The three kinds of protocols: Proactive, Hybrid and Reactive are used in this topology. Each protocol plays a vital role in management of the networking and impacts performance and scalability. 

1. Proactive protocol – provides constant self-monitoring of nodes with the help of feedback mechanisms from nodes. If any node fails, it reroutes the network path. Maximum up time is ensured and quick recovery from failure with robust performance. In a dynamic environment chances of collision are increased but in a static environment it is ideal where network paths don’t change very often. 
2. Hybrid protocol – offers the best combination as per environment and communication requirements and uses reactive methods and characteristics of proactive protocol . network cost optimization can be achieved using this
3. Reactive protocol – is used to determine the network path at the time of request for transmission of data. It defines the optimal path and scans the entire network and best fit for a dynamic environment. 

Advantages of Partial Mesh Topology 

• High volume of data transmission can be handled at a very fast rate to any number of devices. Data transmission is possible from different devices simultaneously 
• No effect of failure even if one hub or end of the terminal is deactivated. Things are arranged in such a manner that best optimal path is automatically directed without overloading the process
• The expansion and modification is possible in every sense and without impacting existing nodes or terminals. As each node acts like a router. There are no exclusive routers. 
• It is an optimal solution for best user experience with minimum charges 
• It is a very robust structure ; a connection only communicate with others only if they are allowed to do so and this eliminate chances of misconduct
• It is very easy to diagnose and identify fault 
• Customization could offer better security and privacy to users as desired
• As failures do not disrupt processes , data transmission has consistency 

Disadvantages of Partial Mesh Topology 

• Since each node acts as router the complexity is increased
• Overall cost of this network is too high as compared to other topology options
• Setup and maintenance is tough and even administration
• All the time in this topology each node will have to remain active which led to high power consumption and load increase

Continue Reading:

Hybrid Network Topology

Hub and Spoke/Star Network Topology

Routing protocols are the routes that help to learn dynamic routes. These protocols are organized on routers in regards with exchanging the information related with routing. Using the routing protocols in your network has many benefits like router has the ability to advertise the failing of router. Also you did not need to configure manually every route in each router in the network.

Further these routing protocols can be categorized in six various forms but we are going to talk about only two of them – reactive and proactive protocols. These both protocols are utilized in mobile Ad hoc networks for sending data to the destination from the host. This information is sent through multiple ways from source to destination that are mobile and can be located on car, bus, ship or aeroplane.

Generally, this type of network is utilized in a military field, a disaster hit area or on in area where infrastructure is demolished or does not exist. The network’s node work as the routers and transmit data from one node to another until it reaches the destination. As the data has to covered the various nodes so the routing protocol in important to deliver the data at correct location.

Comparison: Proactive vs Reactive Routing Protocols

Reactive Protocols

Reactive protocol is divides in two types – Ad hoc On-Demand Distance Vector (AODV) and Temporary Ordering Routing Algorithms (TORA). In AODV routing protocol, the work of node is independent and does not carry the information of other nodes or adjacent node in the network. The process only when the data is transferred to them to maintain the route with the destination. These nodes comprise of the information of the route from which the data has to be transferred so the passing of information packet is followed by predetermined route. TORA is a very adaptive and efficient process as it works with all the shortest possible routes from source to destination. In this type of protocol, each and every node carries the information of its neighbouring nodes. It also has the ability to ensure the journey of the data, creation of route and erase the route if there is any partition within the network.

Related – AODV Routing Protocol

Proactive Protocols

Destination Sequence Vector or DSDV router is utilized in this type of protocol that was designed with the algorithm of Bellmann-Ford. All the information regarding with next node is maintained in this protocol. All the nodes that are mobile have to relay its entries with the adjacent nodes. The nodes that lies in the route deliver the data packet from one node to another after the mutual agreement. So, for this purpose all the nodes have to constantly update their position in DSDV protocol to avoid the interruption in the route.

Conclusion

• Reactive protocol is a on demand process that means determine routes whenever needed while the proactive protocols traditional process but provides the shortest path.
• The packet data is delivered in more efficiently in the reactive protocol than in proactive protocol.
• Proactive protocols are much slower than the reactive protocols in terms of performance.
• For the different topographies, reactive protocol is more efficient and adaptive than the proactive protocols.
• For the reactive protocol, the time taken or average end to end delay by the data to reach the destination from the source is quite variable while in proactive it is constant for the a given Ad hoc network.

Ring topology is a type of network topology in which each network device is connected to two other devices, forward and backward forming a single continuous path for signal transmission. It forms a ring, as each network device is connected to the other with the last one connected to the first forming a ring network. In a ring network, data travels from one device to the next in the form of packets.  Each device in a ring topology has a repeater, if the received data is intended for other device then repeater forwards this data until the intended device receives it.

Types of Ring Topology:

On the Basis of the data flow, ring topology can be of two types-

1. Unidirectional Ring Topology
2. Bidirectional Ring Topology

• Unidirectional Ring Topology : It involves data traffic in one direction, either clockwise or anticlockwise. This data network is also called a half-duplex network. E.g.- SONET network, SDH network etc.
• Bidirectional Ring Topology : It involves data traffic in both the directions and is thus called a full-duplex network. Bidirectional data transmission is possible by having two connections between each network node, thus making two ring networks with data flow in opposite direction to each other. This type of topology with two rings is sometimes also referred to as the Dual Network Topology.

Advantages of Ring Network Topology:

• Easy to install.
• As the data flows in one direction, it reduces the chance of packet collisions.
• Performs better than bus topology under heavy traffic.
• No need of network server to control network connectivity between workstations.
• Additional devices can be added without impacting the performance.

Disadvantages of Ring Network Topology:

• The network requires to be shut down for addition or removal of nodes .
• A data packet must pass through all the nodes in unidirectional flow.
• Failure of one device disrupts the entire network.

Related – Star Network Topology

BUS Network Topology

Bus topology is a type of  network topology where each node is connected to a single cable known as the backbone. Though there is no limit to the number of nodes that can be attached, but the number of connected nodes affects the performance of the network. In bus topology, the data is transmitted from one node to another through the backbone, in the form of a packet. The data packet contains the address of the destination machine. At each node of transmission the destination address (MAC/IP address) is screened to see if it matches their address. If the address doesn’t match, nothing more is done by the node and if the node addresses match to the address contained in the data then they process on the information.

Depending on the type of computer network card, a coaxial cable or an RJ-45  network cable is used to connect them together.

Advantages of Bus Topology:

• Installation is easy.
• In case of failure of any device, there will be no effect on other devices or network.
• It is economical as compared to other network topology i.e. mesh and star, as the cabling cost is less.
• It is easy to understand topology.
• Easily expandable by joining two cables together.
• It is good for small network setups.

Disadvantages of Bus Topology:

• It is difficult to find faults in the network in case of any device failure.
• The use of terminators is a must to prevent bouncing of signals.
• It is slower because one computer transmits at a time.
• Bus topology is not great for large networks.
• Additional devices slow down the network.
• If a main cable is damaged, the entire system/network will fail.

Related – Mesh Network Topology

Network Topology refers to the physical or logical layout of a network. Mesh network topology is a type of site-to-site WAN topology in which each network device  is connected to every other device  through a dedicated link (that carries data for the two connected devices only ). There is no concept of a central hub or computer which acts as a central point of communication.

So, if we have n devices in the network then each device must be connected with (n-1) devices.Further, the number of links in a mesh topology of n devices can be calculated by a simple formula i.e. n(n-1)/2.

Mesh topology is commonly used for wireless networks.

ADVANTAGES

• Mesh topology is reliable as failure of one device does not affect the communication between other devices in the network.
• It can manage high amounts of traffic as there are dedicated point-to-point links for each computer.
• It provides high privacy and security as point-to-point link assures against any unauthorized access.
• The point-to-point connection makes fault detection simpler and less cumbersome.
• It is highly redundant and the time lag is less when comparing with other topologies( like hub and spoke, partial mesh).

DISADVANTAGES

• The cost of implementation is high.
• Building and installation is tedious and time consuming as each device needs to be connected with other devices.
• Sometimes there are scalability issues as a device cannot be connected with large number of other devices with a dedicated point-to-point link.

Watch this video for better understanding of Topologies:

Network Topology refers to the physical or logical layout of a network. Hub and spoke or star topology is a site-to-site  Wide Area Network (WAN) topology. In this type of topology, we have a central device, called the hub, that is connected to multiple other devices named as the spokes.

Large enterprises have multiple business offices at different geographical locations globally. So, in that case we can use Hub and spoke topology, where business office (i.e. main office) act as a hub while other offices(branches) act as spokes. All the spoke sites are connected to each other via hub site. So, basically the network communication between any two spoke sites travel through the hub inevitably.

USES

• Hub and spoke topology can be used in a frame-relay network.
• It is also used with other protocols e.g DMVPN.

ADVANTAGE

• The main advantage of hub and spoke technology is that it is cost effective.
•  It is relatively easy to set up and maintain.

DISADVANTAGES

• WAN network topology may cause communication time lags.
• WAN network topology also has redundancy issues.
• Hub is a single point of failure, if the main office network fails, entire enterprise network communication may fail.

Watch this video for better understanding of Topologies:

In any IT setup, Network Engineer is the key and fundamental resource responsible for setup of network infrastructure on which all the services like Security, voice, wireless, messaging and Internet are made accessible. A network engineer is a technology expert who is highly skilled and trained in maintaining the connectivity of. Network engineering includes being responsible for formulating, implementing and executing all the computer networks within an organization.

Additionally, a network engineer plays crucial role in ensuring all the systems are functioning properly as instructed. The fundamental goal of a network engineer is to provide the maximum network to the organization with the security. Sometimes, organizations have to hire global network engineers across the countries depending on network complexity and an administration’s requirement. Their responsibility is to take care of technological advancements throughout the firm. This international network of engineers proves cost-effective for the organization.

Related – Why Cisco certification is important?

Key responsibilities of a network engineer include: 

• Router and Switch configuration
• Auditing in IP addresses.
• Arranging scheduled upgrades.
• Investigating faults in the network.
• Improving the efficiency of current networks
• Upgrading network equipment and data servers.
• Designing and implementing new network solutions.
• Linking with service desk engineers and project managers.
• Maintaining IT security systems and administering firewalls.
• Solving network problems and maximize network performance.

Skills required for network engineer:

Network Engineer job description should include the following skills and qualities:

Technical skills

A network engineer needs to:

• Understand the technical demands of their employer’s business
• Detailed knowledge of network protocols and services such as TCP/IP, DNS, proxy and DHCP.
• Well-known networking knowledge of protocols, devices, commands, topologies, techniques and best practices.
• Ability of handling network vulnerabilities.

Soft Skills

In addition to the technical knowledge and skills required of a network engineer, there are few of soft skills that will help in this career. These include

• Problem-solving and being a team player.
• Excellent communication skills are required as they have to communicate with the relevant parties – network engineers often report to business leaders, so the ability to communicate information confidently, clearly, and professionally is essential for them.
• Candidate must have multi-tasking skills and the ability to do various jobs at one time.
• Each and every organization gives more importance to time management, the candidate must adhere to the policies of the organization and the candidate should be able to complete the tasks on time.
• Excellent troubleshooting skills needed because troubleshooting requires experience and patience. The candidate must possess both to become a Network design engineer (Expert level).
• Network engineers are flexible enough as they often work on schedule time so as not to interrupt the work schedule of employees who need to be online at regular hours.

How to gain the essential network engineering skills?

Network engineering is an exciting, challenging field. But you can’t get there on your own. You require proper degree programme and you may specialize even further in the course of your networking career.

IT certifications and training courses are a great way to supplement on-the-job training.

Related – New Cisco Certifications in 2020

With networking training courses, you will learn about information security, operating systems, network administration and programming essentials. Depending on the organization, they may also require specific certifications or training courses.

An industry known certification is CCNA Routing &Switching. This certification also equips a professional network engineer with the knowledge and abilities required to work on Cisco products or any other networking vendor device. Another well know networking certification is Comptia A+ and network+.

Application availability, continuity of service, greater performance of the application – These are the things we would always require from a platform owner while designing the network and answer to this in AWS is called ELB (Elastic load balancing). This feature is similar to what we know as Load balancing. Let’s have a closer look on ELB:-

“A load balancer distributes incoming application traffic across multiple EC2 instances in multiple Availability zones. This increases the fault tolerance of your applications. Elastic load balancer detects unhealthy instances (servers those are running low memory, having high CPU, any hardware fault) and routes traffic only to healthy instances”.

Here is another example to elucidate the concept: 

You have a website which is running on one instance (t2 micro or Nano). One a very fine day, hundreds and thousands of requests start hitting the web server running on single t-2 micro, and your website is likely to crash or respond slow very. In this situation, you are left with 2 options –

Option 1 – Upgrade your instance to maybe M5-large

Option 2 – Use multiple t2-micro instances and distribute the website traffic between them.

Option 2 is more rational solution which can be accomplished by Elastic Load Balancer, since upgrading instance to more resourceful instance may cost you much more and will still remain single point of failure.

Notable is that ELB uses health checks to detect which instances are healthy and directs traffic only across those instances.

Types of Elastic Load balancers: 

• Application Load Balancer
• Network Load balancer
• Classic Load balancer

Comparison Table:

APPLICATION LOAD BALANCER	NETWORK LOAD BALANCER	CLASSIC LOAD BALANCER
It operates on Layer 7	It operates on Layer 4	It operates on Layer 7 and Layer 4
Its supports HTTP/ HTTPS (Internet)	Its supports TCP/UDP/TLS	It supports on HTTP/ HTTPS/ TCP/ TLS
Supports path-based routing, host-based routing, query string parameters-based routing and source IP-address based routing.	It offers ultra-high performance, Low latency a TSL offloading at scale.	Old generations not recommended for new applications.
Operates on request level.	Operates on the connection level.	It operates on both the request level and the connection level.
Supports IP addresses, Lambda Functions and containers as targets.	Supports UDP and static IP addresses as targets.	Use for existing applications running on EC2-Classic.
Provide load balancing to multiple ports on an instance	Provide load balancing to multiple ports on an instance	NA

Download the difference table here.

Let’s understand all the three load balancers by an example: 

Application Load balancer:

As it works on the Application layer, this type of Load balancing is provisioned only when we have a HTTP/ HTTPS traffic to address. It also provides advanced routing features such as host-based and path-based routing and works with containers and microservices

Suppose you have two entities under website IPWITHEASE.COM – 1^st is api.ipwithease.com and 2^nd is mobile.ipwithease.com. You can route incoming traffic based on the domain name specified in the “Host”. Hence Application based LB can easily distribute the incoming web traffic on both the entities due to its Host-based routing feature.

Suppose the website of your company is ipwithease.com and the company’s blog is hosted on ipwithease.com/blog. The operations team has decided to host the main website and the blog on different instances. Using ALB you can route traffic based on the path of the requested URL due to its path-based routing feature.

Network Load balancer:

In this case LB manages the connections based on TCP/ UDP request. Suppose your company’s website is running on four m4-xlarge instances and you are using an ALB to distribute the traffic among them. Your company launched a new product recently which got viral and your website starts getting millions of requests per second. In this case, the ALB may not be able to handle the sudden spike in traffic. This is where the NLB really shines. It has the capability to handle a sudden spike in traffic since it works at the connection level. It also provides support for static IPs.

Classic Load balancer:

This is the previous generation load balancer that was used for EC2-classic instances. It operates on both the request level and the connection level. But it doesn’t support features like host-based routing or path-based routing. Once configured, it distributes the load across all the registered instances regardless of what is present on the servers. Hence, it can only be used to distribute traffic to a single URL.

It refers to a logical and conceptual network model that defines the network communication protocol that is used by open systems to communicates and connect with other network systems. This network model has seven subcomponents. Each network layer has conceptual services and functions it does. This network model defines the transfers of packets and logical networks by using the layers protocols.

The OSI model is categorized into two central portions. The hot part consists of the application, presentation, session, and transport layers. The media portion consists of network, data link, and physical layers. This model work by assigning functions and task to the layers in a hierarchical manner. Each layer has a given job and transferring a given task to the next layer inline. This paper provides a comprehension of the seven layers, their functions, and the relationship with other layers.

The 7 Layers of OSI Model

Physical layer

This layer consists of network equipment i.e., cables, switches, routers, fibers, etc. It deals with the transformation of digital data content into signals that can be transmitted down into the wire. The signals are in the form of electricity in the case of fiber optics and non-electrical. The physical layer provides an architecture for the data to be received and sent. This layer majorly consists of the hardware infrastructure of the network.

Datalink layer

This layer converts the information in data packets and frames. It unpacks the data from the physical layer and then translates the information to the upper layers where data is to be sent. Deals with error detection and catching.

Network layer

It set the incoming and destination address of the data. It deals with addressing of the data to be sent to the other layers. It helps to determine the best and quickest route for the data to use. By adding an address header, it’s able to track the data as it passes through the various layers. This layer deals with packet switching and managing the network congestion of the routers. Examples of protocols used here are ICMP, IP, ARP, and DHCP

Transport layer

This deals with the streaming of data across the network. It works by checking the transmissions of packets from source to destination address. It also corrects the errors and retransmission of packets that have errors. It works in conjunction with the network layer. The transport layer sorts and groups the data packets that have a similar address. Examples of protocols used here are TCP and UDP and TCP.

Session layer

It deals with connections of data and packets. It deals with establishing, managing, and controlling of the session between the hosts. It sends information about the programs and applications to other layers. It synchronizes the data for secure transmission and connection. Examples of protocols used here are PPTP.

Presentation layer

It deals with the formatting and structuring of data that is to be set to the network. It allows an application to read and understand the message. This layer deals with encryption and decryption of message, formatting and translation and compression of the message for smooth transmission. Examples of protocols used here are SSL and TLS.

 Application layer

It provides an interface for the user. It works by coordinating the network access of the device. The protocols in this layer work by handling the requests from various software applications. It deals with file transfers, electronic mail, and browsing.

Conclusion

This network model provides a conceptual network of tasks handled by each layer. It visualizes the network interactions by managing the existing networks and designing better network systems frameworks for the future.

TYPES OF TRANSMISSION MODES

The different types of transmission mode are:

Simplex, Half duplex and Full duplex

• Simplex : As the name signifies, it is the most simple mode of transmission. It only sends information/data in one direction i.e. from the sender to the receiver. The receiver cannot reply to the sender. For example, a radio broadcast is a simplex channel. As it sends signals to the audience but never receives signals back from them.

• Half duplex : In a Half Duplex Mode, the data/information can be sent in both the directions, but one at a time and not simultaneously. For example, a walkie-talkie is a device that can be used to send message in both  the directions, but both the persons can not exchange the message simultaneously. One can only speak and the other can only listen.

• Full Duplex : In a Full Duplex Mode, the transmission of the information between the sender and the receiver can occur simultaneously. It is used when communication in both direction is required all the time. For example, a telephone is a two way communication in which both the persons can talk and listen to each other at the same time.

COMPARISON OF TRANSMISSION MODES

The differences between the three modes of transmission can be summarized as below:

One great advantage of GRE is that it allows routing of IP packets between private IPv4 networks which are separated over public IPv4 internet. GRE also supports encapsulating IPv4 broadcast and multicast traffic. GRE tunnels are not secure because Generic routing encapsulation does not encrypt its Data payload. In mealtime, GRE used together with other secure tunneling protocols like IPsec provides network security.

Following are key fields of the GRE Header.

Flag C (Checksum Present): Used to indicate that the Checksum field is present and contains valid information, when set to 1.

Flag R (Routing Present): Used to indicate that the Routing fields are present and contain valid information, when set to 1.

Flag K (Key Present): Used to indicate that the Key field is present in the GRE header, when set to 1.

Flag S (Sequence Number Present): Used to indicate that the Sequence Number field is present, when set to 1.

Flag s (Strict Source Route): Set to 1 the routing information consists of Strict Source Routes.

Recursion Control and Version Number are normally set to 0

Protocol Type: Protocol Type field is used to mention the protocol payload of the GRE packet. For IP, this field is set to 0x800

Checksum: Checksum field value is used to check the integrity of the GRE header and the payload.

Key: Key field value is used to authenticate the GRE packets encapsulate.

Sequence Number: Sequence Number filed value is used to track the sequence of GRE packets.

Below is a diagram shows Wireshark capture image of a GRE Encapsulation and GRE Header fields.

Generic routing encapsulation provides a private, secure path for transporting packets through an otherwise public network by encapsulating or tunneling the packets. GRE encapsulates data packets and redirects them to a device that de-encapsulates them and routes them to their final destination. It allows source and destination switches to operate as if they have a virtual point-to-point connection with each other because the outer header applied by GRE is transparent to the encapsulated payload packet.

The subnet mask or the address mask separate network address with the host address in the IP.

<Network><Host>

Furthermore, if there is an additional subnet needed, it is done using the subnet calculation and we can retrieve subnet information directly from the IP address.

IP address

IP stands for Internet Protocol Address. It is a unique address given to each and every device which uses the internet. There are 2 main functions over – Host and the Network. IP Address has many utilities like we can get the location of the device using the IP address.

There are different versions of the IP address –

• The older one that was used is IPV4. IPV4 is an address with 32bit number.
• The new version that was developed later on was called IPV6 and it consists of 128 bits.

The name – Subnet Mask

If you are wondering how the name came into the existence and why it is called subnet mask – It is because the IP address’s network address is identified using this. Here, the bitwise AND operation is carried out directly on the netmask and using this the IP is obtained. Therefore, it is called the subnet mask and some people also call it by the name address mask.

More about Subnet

A subnet mask is typically 32 bit. It masks IP addresses and also divides the IP addresses into the host address and the network address. In other words, the network address is separated with the help of Subnet mask. It is done by setting all the networks bit to the new state. Then the networks bits are reset to 1 and the host bits are set to the 0.

The host addresses are reserved here and it can’t be given to any of the hosts. The two address that is already reserved for special purposes are the 0 address that is assisted for the network address and the other one is the 255 that is assigned to the broadcast address.

As this both of the host address is already assigned for the special purpose, one can’t assign them to end hosts.

IP , Subnet and IANA –

IP address is displayed in the human-readable form. Anyone can know the IP and even remember it. However, the IP address can be static or it can be dynamic. Therefore, it is not the same all the time.Coming to the examples of the IP address, in IPV4, the IP address is written as 172.16.254.1 whereas, in the IPV6, the address is written as 2001:db8:0:1234:0:567:8:1. IP address along with Subnet mask can be depicted in following format – 192.168.1.15/24 . This can be equivalent to the subnet mask used, that is 255.2555.255.0.

If you are looking to go more deeply into the IP address and who assigns the IP address then it is an IANA and 5 RIRs who manages the IP addresses throughout the globe and not only for any particular country.

IANA stands for the Intenet Assigned Numbers Authority whereas RIRs stands for Regional Internet Registries. The RIR is only responsively to manage the numbers in their area and not for the whole globe. However, the 5 different RIRs are surely covering the entire globe along with the IANA. They provide the IP to the end users as well as the ISPs. The IP address we get is given by the ISP that is the Internet Service Provider.