Our approach in this thesis is that, we have designed and built a National Carrier based core and edge network to simulate a real live scenario that spans the kingdom of Saudi Arabia. Some of the results in the thesis are presented against simulation time and some against network load.how to implement mpls on network
MPLS VPN is a family of methods for using multiprotocol label switching (MPLS) to create virtual private networks (VPNs). MPLS VPN is a flexible method to transport and route several types of network traffic using an MPLS backbone.
this slide contains fundamental concept about VPLS protocol, according to the latest version of Cisco books and i taught it at IRAN TIC company.in the next slide, i upload attractive advanced feature about VPLS.
(Some of the pictures in this slide are borrowed from the wonderful site of my good friend Gokhan Kosem)
(www.ipcisco.com)
A presentation given by RAD’s CTO, Dr. Yaakov Stein, at the 2012 MPLS and Ethernet World Congress. The presentation compares the two technologies in ten critical categories and grades them on suitability, coverage and maturity
Our approach in this thesis is that, we have designed and built a National Carrier based core and edge network to simulate a real live scenario that spans the kingdom of Saudi Arabia. Some of the results in the thesis are presented against simulation time and some against network load.how to implement mpls on network
MPLS VPN is a family of methods for using multiprotocol label switching (MPLS) to create virtual private networks (VPNs). MPLS VPN is a flexible method to transport and route several types of network traffic using an MPLS backbone.
this slide contains fundamental concept about VPLS protocol, according to the latest version of Cisco books and i taught it at IRAN TIC company.in the next slide, i upload attractive advanced feature about VPLS.
(Some of the pictures in this slide are borrowed from the wonderful site of my good friend Gokhan Kosem)
(www.ipcisco.com)
A presentation given by RAD’s CTO, Dr. Yaakov Stein, at the 2012 MPLS and Ethernet World Congress. The presentation compares the two technologies in ten critical categories and grades them on suitability, coverage and maturity
Video Conferencing Services & Solutions by Acma Computers Ltd.Acma Computers Ltd
Acma Computers Ltd. provides Video Conferencing Services & Solutions. We provide video conferencing systems in the form of softwarte and equipment. We also provide annual maintenance services ( amc ) and facility management services ( fms ) . We also provide IT support for all types of issues. www.acmacomputers.com
the following presentation discusses one of the most prominently used resource in our every day life...can anyone imagine a world today without internet for a single day ? ....
A communication channel is a particular type of media through which a message is sent and received. In other words, it's the method of communication used.
Chapter 11 Selecting Technologies and Devices for Enterprise Netwo.docxbartholomeocoombs
Chapter 11 Selecting Technologies and Devices for Enterprise Networks This chapter presents technologies for the remote-access and wide-area network (WAN) components of an enterprise network design. The chapter discusses physical and data link layer protocols and enterprise network devices, such as remote-access servers, routers, firewalls, and virtual private network (VPN) concentrators. The chapter begins with a discussion of the following remote-access technologies: Point-to-Point Protocol (PPP) Cable modems Digital subscriber line (DSL) After discussing remote-access technologies, the chapter presents options for selecting WAN and remote-access capacities with the North American Digital Hierarchy, the European E system, or the Synchronous Digital Hierarchy (SDH). The chapter continues with a discussion of the following WAN technologies: Leased lines Synchronous Optical Network (SONET) Frame Relay Asynchronous Transfer Mode (ATM) Metro Ethernet The chapter then covers two topics that will help you complete your WAN design: Selecting routers for an enterprise WAN design Selecting a WAN service provider The chapter concludes with an example of a WAN network design that was developed for a medium-sized company, Klamath Paper Products, Inc. The example indicates what technologies and devices were chosen for this customer based on the customer’s goals. The technologies and devices you select for your particular network design customer will depend on bandwidth and quality of service (QoS) requirements, the network topology, business requirements and constraints, and technical goals (such as scalability, affordability, performance, and availability). An analysis of traffic flow and load, as discussed in Chapter 4, “Characterizing Network Traffic,” can help you accurately select capacities and devices. For some organizations, scalability is a key design goal. The selected WAN solution must have enough headroom for growth. As discussed in this chapter, some WAN technologies are more scalable than others. Another key design goal for many organizations is to minimize the cost of WAN and remote-access circuits. Optimization techniques that reduce costs play an important role in most WAN and remote-access designs. Methods for merging separate voice, video, and data networks into a combined, cost-effective WAN also play an important role. These methods must handle the diverse QoS requirements of different applications. Remote-Access Technologies As organizations have become more mobile and geographically dispersed, remote-access technologies have become an important ingredient of many enterprise network designs. Enterprises use remote-access technologies to provide network access to telecommuters, employees in remote offices, and mobile workers who travel. An analysis of the location of user communities and their applications should form the basis of your remote-access design. It is important to recognize the location and number of full- and part-time t.
With uCPE/SD-WAN taking center stage in enabling software-defined Cloud services to enterprise branch offices globally, this session will provide a uCPE review from a solution, deployment and reference design standpoint.
Speaker: Sab Gosal, Segment Manager
Network Platforms Group (NPG), September 2018
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
The session specifically covers the requirements and approaches for deploying the Underlay, Overlay as well as the inter-Fabric connectivity of Data Center Networks or Fabrics. Within the VXLAN BGP-EVPN based Overlay, we focus on the insights like forwarding and control plane functions which are critical to the simplicity operation of the architecture in achieving scale, small failure domains and consistent configuration. To complete the overlay view on VXLAN BGP-EVPN, we are going to the insides of BGP and its EVPN address-familiy and extend to about how multiple DC Fabric can be interconnected within, either as stretched Fabrics or with true DCI. The session concludes with a brief overview of manageability functions, network orchestration capabilities and multi-tenancy details. This Advanced session is intended for network, design and operation engineers from Enterprises to Service Providers.
What Is Wide Area Network (WAN): Live WAN Network Examples : NotesSubhajit Sahu
Highlighted notes while studying the Course:
Advanced Computer Networks
Article: What Is Wide Area Network (WAN): Live WAN Network Examples
By: SoftwareTestingHelp
About SoftwareTestingHelp
Helping our community since 2006! Most popular portal for Software professionals with 100 million+ visits and 300,000+ followers! You will absolutely love our tutorials on QA Testing, Development, Software Tools and Services Reviews and
more!
A Modem is somewhat a more interesting network device in our daily life. So if you have noticed around, you get an internet connection through a wire (there are different types of wires) to your house. This wire is used to carry our internet data outside to the internet world.
However, our computer generates binary data or digital data in forms of 1s and 0s and on the other hand, a wire carries an analog signal and that’s where a modem comes in.
A modem stands for (Modulator+Demodulator). That means it modulates and demodulates the signal between the digital data of a computer and the analog signal of a telephone line.
CONTACT INFORMATION
Network Data
#3A,3rd floor, Sri Gem plaza,
Sankaranpillai street,
S.R.C college road
Near Chatram Bus Stand,
Trichy -620002
Phone: +91 80721 11436, +91 80567 75503
hkumarasamy@gmail.com
http://www.networkdata.in
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
3. Lessons Summary:
Understanding WAN Technologies
Configuring Serial Encapsulation
Introducing VPN Solutions
Configuring GRE Tunnels
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
4. Understanding WAN Technologies
WAN’s – The need
Sharing of data
Organization to organization
Remote users
Over large distance
LAN – Falls short
Company Growth
Wide-Area Networks
5. WAN functions in terms of the OSI Reference
Model The physical layer (OSI Layer 1) protocols describe
how to provide electrical, mechanical, operational, and
functional connections to the services of a
communications service provider.
The data link layer (OSI Layer 2) protocols define how
data is encapsulated for transmission toward a remote
location and the mechanisms for transferring the
resulting frames. A variety of different technologies are
used, such as Frame Relay and ATM. Some of these
protocols use the same basic framing mechanism,
High-Level Data Link Control (HDLC), an ISO standard,
or one of its subsets or variants.
Wide-Area Networks
6. WAN physical layer concepts for network and
Internet communications
Wide-Area Networks
7. •WAN physical-layer protocols describe how to provide electrical, mechanical,
operational, and functional connections for WAN services.
• The WAN physical layer also describes the interface between the DTE and the DCE.
Wide-Area Networks
8. WAN data link layer protocols used in today’s
Enterprise WAN networks
Data link layer protocols define
how data is encapsulated for
transmission to remote sites
and the mechanisms for
transferring the resulting
frames.
ATM uses small
fixed-size cells
of 53 bytes (48
bytes for data),
Wide-Area Networks
9. Switching technologies used for WANs in an
Enterprise setting
A circuit-switched network is one that
establishes a dedicated circuit (or channel)
between nodes and terminals before the users
may communicate.
PSTN and ISDN are two types of circuit-
switching technology that may be used to
implement a WAN in an enterprise setting.
Packet switching splits traffic data into packets that
are routed over a shared network. Packet-
switching networks do not require a circuit to be
established, and they allow many pairs of nodes to
communicate over the same channel. Packets are
divided and sent through available connections.
There are two approaches to this link
determination, connectionless or connection-
oriented.
Wide-Area Networks
10. List the various options for connecting subscribers to
the WAN
Wide-Area Networks
11. Enterprises use leased line services to provide a
WAN connection
Point-to-point lines are usually leased from a
carrier and are called leased lines.
Wide-Area Networks
20. HDLC and Cisco HDLC
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
21. Configuring HDLC Encapsulation
RouterX(config-if)# encapsulation hdlc
Enables Cisco HDLC encapsulation
Uses the default encapsulation on synchronous serial
interfaces .
Enable PPP Encapsulation and Configuring Authentication
RouterX(config-if)# encapsulation ppp
Enables PPP encapsulation
RouterX(config)# hostname name
Assigns a hostname to your router
RouterX(config)# username name password password
Identifies the username and password of remote router
RouterX(config-if)# ppp authentication {chap | chap pap | pap chap | pap}
Enables PAP or CHAP authentication
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
22. PPP and CHAP Configuration Example
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
23. Verifying a Serial Interface Configuration
RouterX# show interface s0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is HD64570
Internet address is 10.140.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:05, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
38021 packets input, 5656110 bytes, 0 no buffer
Received 23488 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38097 packets output, 2135697 bytes, 0 underruns
0 output errors, 0 collisions, 6045 interface resets
0 output buffer failures, 0 output buffers swapped out
482 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up rial Interface Configuration
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
24. Verifying the HDLC and PPP Encapsulation Configuration
RouterX# show interface s0/0/0
Serial0/0/0 is up, line protocol is up
Hardware is HD64570
Internet address is 10.140.1.2/24
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255
Encapsulation PPP, loopback not set, keepalive set (10 sec)
LCP Open
Open: IPCP, CDPCP
Last input 00:00:05, output 00:00:05, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
38021 packets input, 5656110 bytes, 0 no buffer
Received 23488 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
38097 packets output, 2135697 bytes, 0 underruns
0 output errors, 0 collisions, 6045 interface resets
0 output buffer failures, 0 output buffers swapped out
482 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
26. Introducing VPN Solutions
An academic definition of a VPN is “connectivity deployed on a shared
infrastructure with the same policies and performance as a private network, with
lower total cost of ownership.”
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
28. VPNs offer flexiblity as site-to-site and remote-access connections can be set up quickly and
over existing infrastructure. A variety of security policies can be provisioned in a VPN,
enabling flexible interconnection of different security domains.
VPNs also offer scalability over large areas, as IP transport is universally available. This in
turn reduces the number of physical connections and simplifies the underlying structure
of a customer WAN.
Lower cost is one of the main reasons for migrating from traditional connectivity options to
a VPN connection, as customers may reuse existing links and take advantage of
statistical packet multiplexing features of IP networks, used as a VPN transport.
The Cisco hardware and Cisco IOS software provide a full set of VPN tools, not only for just
VPNs but for security, management, and all related needs.
The Cisco remote access line of routers is compatible with the Cisco Secure VPN Client PC
client software. The slide lists some of the IPSec capabilities one would expect (and find)
in such a client. Some of these will be covered in more detail in the next module on
IPSec-based VPNs.
With client IPSec encryption, a public Internet connection can be used as part of a virtual
private dial-up network (VPDN) solution.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
29. VPNs come in a number of flavors.
VPNs are designed based on one of two architectural options—client-initiated or network
access server (NAS)-initiated VPNs.
Client-initiated VPNs—Users establish a tunnel across the Internet service provider (ISP)
shared network to the customer network. The customer manages the client software
that initiates the tunnel. The main advantage of client-initiated VPNs is that they secure
the connection between the client and ISP. However, client-initiated VPNs are not as
scalable and are more complex than NAS-initiated VPNs.
NAS-initiated VPNs—Users dial in to the ISP NAS, which establishes a tunnel to the private
network. Network access server (NAS)-initiated VPNs are more robust than client-
initiated VPNs and do not require the client to maintain the tunnel-creating software.
NAS-initiated VPNs do not encrypt the connection between the client and the ISP, but
this is not a concern for most customers because the Public Switched Telephone
Network (PSTN) is much more secure than the Internet.
VPNs can also run from a remote client PC or remote office router across the Internet or an
IP service provider network to one or more corporate gateway routers. VPNs between a
company’s offices are a company intranet. VPNs to external business partners are
extranets.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
30. Voluntary tunnels are those initiated by the client PC. Voluntary tunnels are where the
client voluntarily starts up the tunnel. Compulsory tunnels take service provider
participation and awareness. Compulsory tunnels leave the client no choice.
The slide shows some of the features of (remote) access VPNs. They can be used with
whatever access is available, and ubiquity is important. This means they should work
with modem, Integrated Service Digital Network (ISDN), xDSL, or cable. They provide
potential operations and infrastructure cost savings because a company can outsource its
dial plant, getting out of the remote access server business.
It is best if VPDN and access VPN connectivity involves only a single ISP. With more than
one ISP involved, no service level agreements are possible.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
31. An extranet is where you also use the Internet or one or two SPs to connect to business
partners. Security policy becomes very important at this point, because you would hate
for a hacker to spoof an order for 1 million widgets from a business partner.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
32. Intranet VPNs extend the basic remote access VPN to other corporate offices with
connectivity across the Internet or across the SP IP backbone. Service levels are likely to
be maintained and enforced within a single SP. With VPNs across the Internet, there are
no performance guarantees—no one is in charge of the Internet.
The main attractions of intranet VPNs are reduced WAN infrastructure needs,lower
ongoing leased line or Frame Relay charges, and operational savings.
Security on shared media (the Internet or SP backbone) is important too.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
33. Tunneling Types
Most VPNs are really tunnels, whereby Point-to-Point Protocol (PPP) frames or IP packets
are tunneled inside some other protocol.
Microsoft Point-to-Point Tunneling Protocol (PPTP) (see the Layer 2 module) is a Layer 2
technique, where IP is used to encapsulate and transport PPP and IP packets to a
corporate gateway or server.
Cisco Layer 2 Forwarding (L2F) and Layer 2 Tunneling Protocol (L2TP) are also Layer 2
techniques. They simulate PPP connectivity directly from a client PC to a corporate
gateway router or server.
Multiprotocol Label Switching (MPLS) (see the module), generic routing encapsulation
(GRE), and IPSec are, however, Layer 3 tunnels, where Layer 3 information is
transported directly inside another Layer 3 header across the intervening SP network.
The terms Layer 2 and Layer 3 may be imprecise when applied to VPNs. Some people
consider Frame Relay and ATM to be Layer 2 VPNs. Others consider that to be an out-of
date usage of the term “VPN.”
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
34. The protocols used to transport Layer 2 frames and Layer-3 packets are:
L2TP —Layer 2 Tunneling Protocol
GRE – Generic Route Encapsulation
PPTP – Point-to-Point Tunneling Protocol
IPsec – IP security protocols
MPLS – Multi Protocol Label Switching
Configuring GRE Tunnels
The Generic Route Encapsulation (GRE) is a standardized Layer-3 carrier encapsulation,
designed for generic tunneling of protocols. GRE is described in RFC 1701, and RFC 1702
defines how GRE uses IP as the transport protocol (GRE IP).
In Cisco IOS, GRE tunneling is used to tunnel multiple protocols (IPX, DECnet, AppleTalk,
and others) over an IP network. Also, GRE IP can tunnel IP over IP, which is useful when
building small-scale IP VPN network, which do not require substantial security. GRE has
no built-in security mechanisms built, but can be secured by additional mechanisms,
such as IPsec traffic protection, of the Cisco Encryption Technology protection.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
35. The GRE protocol is an IP protocol with the protocol number of 47. The GRE header is of
variable length, and at the minimum defines the passenger protocol carried in a GRE
packet. The header is from 4 to 20 bytes long, depending on the GRE options (such as
optional sequencing) used within each packet.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
36. The benefits of GRE IP tunneling are
GRE enables simple and flexible deployment of basic IP VPNs.
In Cisco IOS, GRE IP can tunnel almost any Layer-3 protocol.
GRE IP tunneling also has some drawbacks
Provisioning of tunnels is not very scalable in a full-mesh network (every pointto-
point association has to be defined separately; the Next-Hop Routing Protocol (NHRP)
can be used to achieve some configuration scalability, and point-to-multipoint tunnels
can be used as a remedy in strictly hub-and-spoke networks).
Packet payload is not protected against snooping and unauthorized changes, and there
is no authentication of sender. IPsec provides all those functions, and can be combined
with GRE IP.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
37. 08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
GRE Configuration Example
Within the tunnel interface, the tunnel source and tunnel destination commands
configure the tunnel endpoints. The tunnel source must be a local routers interface
address, such as, for example, a loopback address. The other peer’s tunnel source and
destination must exactly mirror the local peer’s configuration, that is, the tunnel must
be defined between the same IP addresses in both peers’ configuration. The tunnel
mode gre ip command specifies that GRE should be used as the tunnel carrier
encapsulation
38. Configuring Multiprotocol GRE Example
The figure shows the configurations of two routers configured for GRE tunneling. Note the
symmetric configuration of tunnel source and destination. IP and IPX are enabled over
the tunnel link, and OSPF provides routing over the tunnel, treating it like a point-to-
point link.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
39. GRE Monitoring and Troubleshooting
The show ip interface brief command can be used to quickly determine the status of the
tunnel interface. The show interface command shows the configured tunnel parameters
and the interface traffic statistics.
08/26/13
Instructional Design-Computer Networking -
Bridges Educational Group
Wide-Area Networks
Graphic 1.2.1.1 Only physical & data link is changed ATM – asynchronous transfer mode HDLC – high level data link control – used instead of clock in RT to RT comm before
Graphic 1.2.2.1 If space permits add graphics 1.2.2.2 & 1.2.2.3 (if forced to make a choice between the 2 graphic pick 1.2.2.2) PSTN devices – multiplexer (time division and frequency division multiplexing) used in switches
Graphic 1.2.3.1 Ppp- rt to rt
Graphic 1.2.4.1 Circuit-switching for telephone Packet-switching for computers (SMS and email) We can ’t use packet-switching for telephone calls because it divides packets We can use circuit-switching for transmitting packets Alternative graphic can be found at the following URL (not necessary to use – just a thought): http://www.cisco.com/image/jpg/en/us/guest/products/ps6438/c1244/cdccont_0900aecd802c2010_0900aecd802c2010-08.jpg graphic 1.2.4.2 Delays (latency) and variability of delay (jitter) are greater in packet-switched than in circuit-switched networks. This is because the links are shared, and packets must be entirely received at one switch before moving to the next.
Graphic 1.3.1.1
Graphic 1.3.2.1 Broadband has modulation for transmission to diff. channels Leased line uses dedicated line Telephone lines use analog communication
Graphics 1.3.3.1 & 1.3.3.2
Graphic 1.3.4.1
The objective stated above does not make sense to me. Reword the above objective as follows: List factors to consider when selecting a WAN connection Graphic 1.3.5.4