Network Scenarios

A Gigabit Ethernet ‘backbone’ LAN that might be used in a corporation in a single building with 10 to 20 floors and using either a IEEE 802.11 (select any version) wireless LAN, a Bluetooth wireless LAN, or two 100 Base T Switched Ethernet LANs (per floor)

Executive Summary

This report would be required for a corporation in a single building with 10 to 20 floors and using wireless LAN and 100 Base T Switched Ethernet LANs in each floor. It should been insured this building each Personal Computer and each wireless Access Point can be detected the single such as Laptops, portable machines and mobiles which have the wireless function. It also should be made sure “the real time speed” qualification and used like VOIP and video functions during the high traffic time.

Thus, the network environment of this report has been set as a real corporation environment. It also has been required the limit budget and suitable for the network system. This report will show the suitable network topology, equipments, and system security. To insure the whole network environment have enough abilities to maintain the stable performance of network and to prevent the basic hacker attack. Furthermore, the most important part will be how to prevent the whole corporation’s information access and data disclosure. As our team members regard, this network system should be involved in the servers maintain such as database server, file server and mail server etc. Each department of members should have their own access level and security detective solutions. These issues will be shown on the following contents.

This report will show from rough area such the standard of wireless and Ethernet equipments to the detailed segments and frames of package. The reference and bibliography will be listed at the last.

Table of Contents

1. Introduction…………………………………………………………4

2. Gigabit Ethernet backbone LAN with wireless networking...4

2.1 Suitable Topology……………………………………………4

2.2 Physical Media………………………………………………..6

2.3 Distance Limitations…………………………………………6

3. Monitoring and Modeling Network Traffic……………………..6

3.1 Wireless Network Traffic……………………………………6

3.1.1 Monitoring and Modeling for wireless……………..7

3.2 100 Base T Network Traffic……………………………………………..8

4. Security Issues……………………………………………………..9

4.1 The Process of logging in system………………………11

4.2 Tag format……………………………………………………11

4.3 Basic Beacon (IP Broadcast) …………………………….11

5. Suitability for Real-Time Streaming Applications…..………12

5.1 Real Time Streaming Protocol (RTSP) process...….….12

5.2 Examples: Real Time Streaming Protocol process…..13

6. Conclusion…………………………………………………………13

7. List of References…………………………………………..……14

8. List of Bibliography………………………………………………14

1. Introduction

Since 1997, the standard IEEE 802.11 was founded as the first wireless networking protocol. After that, the 802.11b and 802.11g were widely used over the world for public places and home. Nowadays 802.11n was found. This last protocol can transfer 200Mbps by radio frequency. Which means using the Internet has not to stay the some place because there are not only the utilize line and cable to connect the network. Users can use the wireless network. More than half per cent of population have used the Internet.

2. Gigabit Ethernet backbone LAN with wireless networking

Due to this kind of networking have to coexist two different equipments, wireless Access Point (wireless-AP) and Routers. The Extended-Star topology is adequate to connect and control these equipments because these equipments will set on around 20 floors building and every floor need hub or switch and wireless Access Point (wireless-AP). Every floor around 100 users, as a result this building will have over two thousand users.

On other hand, a building only needs a router to connect to Wide Area Network (WAN). Security is focus on local area network (LAN). The Extended-Star topology can also provide this higher security because local area network (LAN) does not too high security to limit users to access any data and waste cost on this one. However, only one important is careful that the user ranks and not anyone can access secret data.

2.1 Suitable Topology

The Extended-Star topology is suitable topology in 20 floors building because this topology can become more apparent in later chapters when switches and routers are discussed in detail including with wireless Access Point (AP). In the build needs one router to connect the Wide Area Network (WAN) and every floor needs more than one hub and wireless Access Point (AP). This policy will provide around 100 users per floor and a company can save money on equipment. Due to the company does not set up many RJ15 connecters and wireless Access Point (AP) is easy to maintenance (see Figure 2.1, 2.2).

Figure 2.1: Network per Building

Figure 2.2: Network Maps

2.2 Physical Media

In this 20 floors building will needs using either a IEEE 802.11n wireless LAN (see Picture 2.1) and 100 Base TX Switched Ethernet LANs per floor (see Picture 2.1).

Picture 2.1 Picture 2.2

2.3 Distance Limitations

Every floor will have more than one Hub and every room have more than ten RJ45 connecters. The distance limit in areas and wireless Access Point (AP) will set every room per one. The wireless Access Point (AP) can cover 50 meters.

3. Monitoring and Modeling Network Traffic

3.1 Wireless Network Traffic

IEEE 802,11n provides 200Mbps to transfer data. The bandwidth is about 2.4GHZ and the frequency band is scientific and medical (ISM) which is initially reserved internationally for the using RF electromagnetic fields. IEEE 802.11n equipment also is Multiple Input Multiple Output (MIMO) and this traffic distance is 50 meters.

3.1.1 Monitoring and Modeling for wireless:

Host Configuration

n IP assignment (DHCP), Default Gateway

n On-site network access software installation

n Network discovery for enabling/disabling network access protocol

Key Management

n Store/invalidate session keys collected from multiple networks

n Roaming: always bypass authentication process if possible

n Renew keys within a session to enhance security

Mobility One

AP

Authorizer

Verifier

Internet

Client+driver

MS PASSPORT

subnet

beacon

The subnet mask of Beacon is different Verifier IP

Mobility Two

AP

Authorizer

Verifier

Internet

Client+driver

MS PASSPORT

subnet

beacon

Network_id is different authentication

Authorizer

3.2 100 Base T Network Traffic

100 Base TX uses 4B/5B encoded data, which is scrambled and converted to multilevel transmit-three levels. For example, converts each set of 4 bits into a 5 bit pattern, improved error detection and simplified transmitter and receiver design

4. Security Issues

The popular security for wireless networking is Service Set ID (SSID)

Service Set ID (SSID) uses Shared-Key. The model has four.

1. MAC-level Filtering

l No protection against hardware address spoofing; does not scale

2. WEP (Wired Equivalent Privacy) Key Security

l Keys are hard-wired and cannot be changed flexibly

l WEP keys can be broken over time

l OK for small enterprises, but does not scale well

3. IEEE 802.1x port-based access control

l May require changes to existing AP hardware and software

4. WPA2

l Personal protects unauthorized network access by utilizing a set-up password.

l Enterprise verifies network users through a server.

The WPA2 will be safer for wireless networking security (see figure 4.1). However this building has to use two equipments. As a result, a good method for wired networking and wireless networking are into the Internet to be log in system.

3. session key public

4. WLAN SSID

5. Login internet

3. Authority

1. Client Connect

2. Client Authentication

session key protocol

Figure 4.1: SSID Authentication: WPA2 + Radius Server

4.1 The Process of logging in system

Steps:

1. Client through DHCP to get IP Address

2. Client through Authorizer send beacon to get the network parameter

3. Beacon connect to web authentication

4. Authorizer sent session key, token to client and Verifier, than Verifier release IP Filter

5. Client transfer packet and tag

Process to Internet (1/3)

AP

Authorizer

Verifier

Internet

Client+driver

1. Client through DHCP to get IP Address 2. Client through Authorizer send beacon to get the network parameter

beacon

MS PASSPORT

DHCP

Process to Internet (2/3)

AP

Authorizer

Verifier

Internet

Client + driver

3. Beacon connect to web authentication 4. Authorizer sent session key, token to client and Verifier, than Verifier release IP Filter

Beacon Network_id Verifier_IP Authorizer_IP Web url …

Web

MS PASSPORT

Process to Internet (3/3)

AP

Authorizer

Verifier

Internet

Client+driver

MS PASSPORT

packet

tag

packet

5. Client transfer packet and tag

Check and delete tag than sent to Internet

Policy

4.2 Tag format

Using session key to encrypt token, checksum

4.3 Basic Beacon (IP Broadcast)

l Beacon periodically sends

l Have not received beacon

n Client (Mobile node) Leave CHOICE network

n Resume originally setting up, packet does not add tag

5. Suitability for Real-Time Streaming Applications

Real-Time Streaming is protocol and Real-Time Streaming is useful for Video Conference and this protocol tolerates transmission to delay and doesn’t need synchronization on networking. As a result, Wireless networking also suits for Real-Time Streaming Applications.

5.1 Real Time Streaming Protocol (RTSP) process:

Initially, user finds presentation description which one is user want and to click this presentation. RTSP browser will connect the presentation description file than find the address, port, and directory. Than connect to server and open presentation to show to user.

5.2 Examples: Real Time Streaming Protocol process

Data form: http://dslab.ee.ncku.edu.tw/~lily/learning/example1.html

6. Conclusion

802.11n is last protocol for wireless, the equipment also expensive but it can provide huge bandwidth and transmission speed. If uses the Extended-Star topology, the networking will reach maximum efficiency. On the other hand, the Extended-Star topology also suit two different kinds of equipment because every floor only need one switch to connect to router. It will save cost for company. The last point, this networking also suit for Real-Time Streaming Applications but one different point is that Real-Time Streaming Applications will use in LAN, if want to connect WAN, the Extended-Star topology will delay a lot of time.

7. List of References

1. Rich, H (2002), Gigabit Ethernet: Auto-Negotiation Retrieved 28 January 2008 from http://www.dell.com/powersolutions

2. Junyi-L, Laroia-R, Richardson-T(2007) Progressively Broadcasting Information In Beacon Signals

3. National Cheng Kung University (2004) Real Time Streaming Protocol process Retrieved 28 January 2008 from http://dslab.ee.ncku.edu.tw/~lily/learning/example1.html

4. Cisco System, Inc.(2006) Cisco Networking Academy Program CCNA 1 and 2 Companion Guide, third Edition (ISBN 1587131501)

8. List of Bibliography

1. Cisco System, Inc.(2006) Cisco Networking Academy Program CCNA 1 and 2 Companion Guide, third Edition (ISBN 1587131501)

2. Cisco System, Inc. (2003) Cisco Access Routers

3. Ergen, M(2002) IEEE tutorial, University of California Berkeley

4. Intel Corporation(2001) Gigabit Ethernet Technology and Solutions

5. Junyi-L, Laroia-R, Richardson-T(2007) Progressively Broadcasting Information In Beacon Signals

6. Novaes, M(2000) Beacon: A Hierarchical Network Topology Monitoring System Based on IP Multicast

7. Pablo, B(1997) A Technical Tutorial on the IEEE 802.11 Protocol

8. Rich, H (2002), Gigabit Ethernet: Auto-Negotiation Retrieved 28 January 2008 from http://www.dell.com/powersolutions

IPV6

Table of Contents

1. Introduction…………………………………………………………2

2. The Internet…………………………………………………………2

3. The Internet Protocol………………………………………………3

4. IPv4………………………………………………………………….4

5. IPv6………………………………………………………………….5

6. Conclusion……………………………………………………….…7

7. List of References………………………………………...….…....8

8. List of Bibliography………………………………………...………9

Introduction

Since 1964, the network-structure was required from the national defense with American Ministry of National Defense (Advanced Research Projects Agency, ARPA). 1974, Transmission Control Protocol (TCP), Internet Protocol (IP) replaced Network Control Protocol (NCP) gradually. 1983, TCP/IP became the standard communication protocol on Internet.

The current version of IP (known as Version 4 or IPv4) has not been substantially changed since RFC 791 was published in 1981. IPv4 has proven to be strong, stable, easily implemented and interoperable. It has stood the test of scaling an internetwork to a global utility the size of today’s Internet.

According to the estimation by the network expert of Asia Pacific Network Information Centre (APNIC) Geoff Huston, however, IPv4 address will finish allotting in 2010 or 2011, in order to solve the problem that will have no address to use then, the Internet Engineering Task Force (IETF) has developed a suite of protocols and standards known as IP version 6 (IPv6). (APNIC, 2008) This new version, previously called IP-The Next Generation (IPng), incorporates the concepts of many proposed methods for updating the IPv4 protocol. “The design of IPv6 is intentionally targeted for minimal impact on upper and lower layer protocols by avoiding the random addition of new features.” (Microsoft Windows Server 2008 White Paper, 2008)

The Internet

As the original, the network was designed for the national defense and the education using. The functions were focus on the researching and transition of speed. So IPv4 has not considered the security question at the beginning of designing, the materials have not used the safe mechanism to convey in the network, therefore Internet in early days often happens in enterprises or organization networks and is attacked, such online security incidents as the secret data are stolen. The looks was relatively 20 years ago, now's internet network was extremely general, accompanied by the exchange of a large number of bodies of safe demand information at the same time, problem that the technology that security becomes any kind of network must all be faced, though IPv4 can pass the internet online security protocol (IP Security, IPSec) Offer safe protection, but it is all extra burden to erect and managerial, in view of this, have already considered the online security function, the point-to-point safe protection ability of the inlaying type while hoping to offer at the time of IPv6 protocol design, by way of offering a piece of safer materials of internet network in the future to exchange.

Internet Protocol

The Internet Protocol (IP) is the method or protocol by which data is sent from one computer to another on the Internet. Each computer (known as a host) on the Internet has at least one IP address that uniquely identifies it from all other computers on the Internet. Whenever one person send or receive data (for example, an e-mail note or a Web page), the message gets divided into little chunks called packets. Each of these packets contains both the sender's Internet address and the receiver's address. Any packet is sent first to a gateway computer that understands a small part of the Internet. The gateway reads the destination address and forwards the packet to an adjacent gateway that in turn reads the destination address and so forth across the Internet until one gateway recognizes the packet as belonging to a computer within its immediate neighborhood or domain. That gateway then forwards the packet directly to the computer whose address is specified.

Because a message is divided into a number of packets, each packet can, if necessary, be sent by a different route across the Internet. Packets can arrive in a different order than the order they were sent in. The Internet Protocol just delivers them. It's up to another protocol, the Transmission Control Protocol (TCP) to put them back in the right order.

IP is a connectionless protocol, which means that there is no continuing connection between the end points that are communicating. Each packet that travels through the Internet is treated as an independent unit of data without any relation to any other unit of data. (The reason the packets do get put in the right order is because of TCP, the connection-oriented protocol that keeps track of the packet sequence in a message.) In the Open Systems Interconnection (OSI) communication model, IP is in layer 3, the Networking Layer. The most widely used version of IP today is IPv4.

However, IPv6 is also beginning to be supported. IPv6 provides for much longer addresses and therefore for the possibility of many more Internet users. IPv6 includes the capabilities of IPv4 and any server that can support IPv6 packets can also support IPv4 packets.

IPv4

IPv4 is the fourth version of Internet protocol, but the first one to be widely deployed. It uses a 32 bit addressing and allows for 4,294,967,296 unique addresses. IPv4 has four different class types, the class types are A, B, C, and D. An example of IPv4 is 207. 142. 131. 235. The IPv4 uses a subnet mask because of the large numbers of computers used today.

However, the initial design did not anticipate some elements. There are some examples and limitation will be following:

l IPv4 addresses have become relatively scarce, forcing some organizations to use a Network Address Translator (NAT) to map multiple private addresses to a single public IP address.

l IPv4 address prefixes have been and are currently allocated; there are routinely over 85,000 routes in the routing tables of Internet backbone routers. The current IPv4 Internet routing infrastructure is a combination of both flat and hierarchical routing.

l Most current IPv4 implementations must be either manually configured or use a stateful address configuration protocol such as Dynamic Host Configuration Protocol (DHCP). With more computers and devices using IP, there is a need for a simpler and more automatic configuration of addresses and other configuration settings that do not rely on the administration of a DHCP infrastructure.

l While standards for Quality Of Service (QoS) exist for IPv4, real-time traffic support relies on the IPv4 Type of Service (TOS) field and the identification of the payload, typically using a UDP or TCP port. Unfortunately, the IPv4 TOS field has limited functionality and over time there were various local interpretations. In addition, payload identification using a TCP and UDP port is not possible when the IPv4 packet payload is encrypted.

IPv6

IPv6 possesses the following characteristic:

l Space of larger address

IPv6 uses 128 the units to make the location internet network node, it is up to the 128th power of 2 to fix the space of location (32 bits extend into 128 bits).

l Combine the mechanisms of the authentication and security

Authentication Header which IPv6 department utilizes in Next Header and Encrypted Security Payload Header carry on authentication to the materials that are transmitted and encrypt so can be in order to reach the efficiency of the online security through the extra apparatus or software that the user will not need in the future.

l Better route efficiency and optimization

IPv6 uses stratum type way of the space of address to divide into Top Level Aggregator Identifier, Next Level Aggregator Identifier, Site Level Aggregator Identifier three layers, every administration in charge of authorizing IP network section for its lower floor, the management style information can via remit, simplify very much exactly so as to route that exchange. In addition, IPv6 also supports the function of any cast, by selecting one to be best (shortest distance or the minimum speed from the route form of the router) Host computer, thus it shorten complex reaction time and not disperse and save wide flow frequently load.

l Assurance of service quality

In the gauge outfit of IPv6, have kept the field of Flow Label, can be with Multiple Protocol Label Switch (MPLS) Technology cooperate, flow different one the materialness because it is corresponding that different Flow Label will be arrived, can as service basis where quality control. IPv6 also joins two parameters in the header, including Traffic Class and Flow Label flows with the materials will facilitate the design of the quality controlling mechanism of the service.

l Set up Automatically and Motivation function

IPv6 established the mechanism of supporting the motivate IP in the design, supports the internet network of the action in the future with the profit. And support another important characteristic in the action IP mechanism to look for Neighbor Discovery with the neighbor of network promptly with Auto-configuration, the mechanism comes to simplify the user IP address' establishment. The host computer on IPv6 network can obtain IP and does not need through setting up manually automatically. And utilize Destination Header and Routing Header of Extension Header, will make the route mechanism in the action communication optimized, have solved the triangle route question.

l It is more efficient that the package gauge outfit is dealt with:

IPv6 simplifies originally the gauge outfit of IPv4 is designed, though IP address extends four times to become 128 from 32 original, it last twice and lengths fixed, because IPv6 ' expansion some alternative ' but gauge outfit length with ' IP cut ' function delete last shelf head lengths fixed. In addition also delete checking yard (Checksum) at the same time And at byte, fixed length and design aligning let the gauge outfit simplify much more so each field alien as much as possible, there will be a valid rate while dealing with the package gauge outfit even more.

Figure 1 shows the IPv4 Packets details of shaded fields are absent from IPv6

l Expandability

It deletes to be originally IPv4 alternative some expansion, IPv6 design until ' gauge outfit (Next Header) the next ' way about increase gauge outfit expandability. The user can pass ' the next gauge outfit (Next Header) ' way to point out next content of gauge outfit have by network ends favorable or receive there aren't end, it is a implementation example of IPv6 expandability design, such a design lets IPv6 shelf very beginning have higher expansion.

Figure 2 shows the IPv6 Packets details.

Conclusion

Originally to the IPv4 genesises to be extreme point communication ability and two-way communication ability in extreme point internet, communications can last terminal machine of two sets since from communication without lasting computering to pass intermediary, two-way ability means either party of two communicators can all open the line of the communication.

Demand because of two these, can with willful to roam internet in internet early user, but, because of the shortage of IPv4 address at present, so the network address is changed (NAT) Use popularize very much, make too there aren't these two pieces and this.

When the line among the terminal computers needs to pass the computer of the intermediary, this way hinders the service that can work between the terminal computers, the intermediary computer that hinders from must be improved to support the new service.

Because there is not ability of two-way communication, only have one-way ability that communicates left, for example, the user end can deposit and withdraw the end of the server but the end of the server is unable to deposit and withdraw user's end, it will be unable to make any requirements to user's end to represent the end of the server like this.

IPv6 has offered a large number of IPv4 address, enable internet to come back, its original demand, have extreme point communication ability and two-way communication ability in extreme point, make internet development of application program light the new spark. The service that cannot imagine on IP address scarce internet at present will all become possible. IPv6 to increase IP figure of address, prove internet can an example of the change especially not merely.

List of References:

1. APNIC (2008) Transition to IPv6 Retrieved19 January 2009 from http://www.apnic.net/community/research/ipv6/

2. Microsoft Windows Server 2008 White Paper (2008) Introduction to IP Version 6 Retrieved 19 January 2009 from http://technet.microsoft.com/en-us/library/bb726944.aspx

3. Search Unified Communications.com (2008) Internet Protocol Retrieved 19 January 2009 from http://searchunifiedcommunications.techtarget.com/sDefinition/0,,sid186_gci214031,00.html

4. Piers O'Hanlon, University College London (2004) IPv6 and AccessGrid Retrieved 19 January 2009 from http://www-unix.mcs.anl.gov/fl/flevents/ag/agr04/talks/ohanlon-ucl.pdf

List of Bibliography

1. anonymous, (2009) IPv6: IPv6 / IPv4 Comparative Statistics Retrieved 19 January 2009 from http://bgp.potaroo.net/v6/v6rpt.html

2. APNIC (2008) Internet Evolution and IPv6 Retrieved 19 January 2009 from http://www.apnic.net/meetings/20/docs/other/plenary-pres-huston-internet-evolution-ipv6.pdf

3. Cisco Systems Inc, (2008) The Internet Protocol Journal Retrieved 19 January 2009 from http://www.cisco.com/web/about/ac123/ac147/about_cisco_the_internet_protocol_journal.html

4. Cram Session website, (2008) An Introduction to IPV6 Retrieved 19 January 2009 from http://www.cramsession.com/articles/get-article.asp?aid=23

5. Feyrer. H (2001) Introduction to IPv6 Retrieved 19 January 2009 from http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html

6. Professor Don Colton,Brigham Young University Hawaii (2006) IPv4 Classful Addresses Retrieved 19 January 20098 from http://209.85.173.132/search?q=cache:Fv-9hF87Pc4J:quizgen.org/tut/q28.IPv4.Classful.Addressing.p3.pdf+IPv4+class+C&hl=en&ct=clnk&cd=27

7. Sparq Corp, Taiwan (2008) IPv6 Service Retrieved 19 January 2009 from http://www.ipv6.sparqnet.net/

8. TWNIC, (2002) IPv6 Introduction Retrieved 19 January 2009 from http://www.ipv6.org.tw/seminar/IPv6%20Tutorial/IPv6%20Introduction%20(TP).pdf

9. Vest. T , (2005) IP Address Allocation vs. Internet Production I: Understanding the Relationship, and the Differences Retrieved 19 January 2009 from http://www.circleid.com/posts/ip_address_allocation_vs_internet_production_i_understanding_the_relationsh/

10. Xisto Corporation, (2005) Ipv4 Vs. Ipv6 - IPV6 the future. Retrieved 19 January 2009 from http://www.trap17.com/index.php/ipv4-vs-ipv6_t24034.html