Network Architecture Overview

Network Architecture Notes

Physical vs. Logical Networks

  • Physical Network: Consists of physical wires and devices forming the network's infrastructure.
  • Logical Network: Software-based partitions, segments, and connections overlaid on physical networks (e.g., Software Defined Networks).

Changes in Network Design

  • Old Method: Each LAN required a separate physical network (e.g., distinct networks for sales and engineering).
  • New Method: Single physical infrastructure with multiple VLANs (Virtual LANs) to segregate traffic.

Benefits of VLANs

  • Ease of Management: VLAN assignments can change without physical movement of devices.
  • Segmentation: Improves network management by dividing traffic into separate segments.

VLANs vs. Subnets

  • Subnet: Routable network segment (e.g., 192.168.128.0/23); allows direct communication between devices.
  • VLAN: Software construct grouping switch ports into LAN segments; it typically includes one subnet but can theoretically encompass multiple subnets.
  • Broadcast Domains: VLANs define broadcast domains, minimizing traffic overload, while subnets are defined by an IP address range.

OSI Model

LayerNameDescription
1PhysicalPhysical connection between devices (copper, fiber, wireless)
2Data LinkMAC addressing and low-level error handling
3NetworkLogical addressing (e.g., IP) and routing protocols
4TransportEnd-to-end delivery of messages, error checking
5SessionManaging connections and dialogues between systems
6PresentationData formatting and encryption
7ApplicationApplication protocols like SMTP, HTTP, FTP

Network Layer Details

  • Layer 1 - Physical Layer:

    • Responsible for actual data transmission as bits.
    • Functions include bit rate control and defining physical topologies.
    • Modes: Simplex, half-duplex, full-duplex.

  • Layer 2 - Data Link Layer (DLL):

    • Ensures node-to-node message delivery, error-free data transfer.
    • Subdivided into Logical Link Control (LLC) and Media Access Control (MAC).
    • Functions include framing, physical addressing, and flow control.

  • Layer 3 - Network Layer:

    • Facilitates transmission between different networks and packet routing.
    • Key functions: routing and logical addressing.

Infrastructure Considerations

  • Main Distribution Frame (MDF): Central hub connecting IT and telecommunication lines to an internal network.
  • Intermediate Distribution Frames (IDF): Connect various areas or floors of a building to the MDF.

Logical Network Design

  • VLAN Segmentation:
    • Small offices may feature a single large subnet; larger networks require segmentation.
    • Security profile and change control levels dictate partitioning of VLANs.
    • Misconceptions about VLANs: They do not inherently secure connections or increase bandwidth.

Network Access Control

  • NAC Overview: Ensures devices authenticate correctly and are placed in the appropriate VLAN.
  • Methods:
    • MAC-based: Weakest method verifying MAC addresses.
    • Authentication-based: Utilizes credentials or two-factor authentication.
    • Certificate-based: One-time verification with certificates for seamless access.

Emergency Services Location

  • Must enable IP address mapping to physical locations to assist emergency services.
  • Use of VLANs to provide automatic location data based on area.

Wireless Office Networks

  • Transition to WiFi: Wired connections are now supplemented or replaced by wireless.
  • Physical Infrastructure:
    • Requires enterprise-grade equipment for adequate coverage and bandwidth.
  • Network Access Control (NAC): Unified access control measures for consistencies across wired and wireless networks are essential.

Datacenter Network Considerations

  • Differences include higher density and bandwidth needs when compared to standard office LANs.
  • Focus on flexibility and scalability in design, including subnet separation for security.

WAN Strategies

  • WAN connects offices and datacenters and involves topology and technology considerations.
  • Redundancy: Ensure multiple connections to avoid fail points and improve resilience.
  • Topologies: Various topologies such as star and ring connect sites with their respective advantages and disadvantages.

Routing Strategies

  • Static Routing: Simple but non-scalable; manual route configuration.
  • Interior Routing Protocols: Dynamic routing via OSPF and EIGRP.
  • Exterior Gateway Protocols (EGP): Manages routing between different networks, such as EBGP.

Internet Access Approaches

  • Outbound Connectivity:
    • Single connection is easy but has fault risks.
    • Regional or site-by-site connections offer alternatives with respective benefits and complexities.

Corporate Standards

  • Consistent standards aid in scaling and support across components.
  • Logical design outlines user data flow while physical design pertains to actual hardware and topology.

Software Defined Network (SDN)

  • SDN allows programmable routing to optimize traffic based on application needs, contrasting traditional routing that may disrupt overall network traffic.

IPv6 Deployment

  • Need for IPv6: Overcoming IPv4's limitations with extensive address availability and multicast capability.
  • Strategies for Deployment:
    • Begin with internet-facing infrastructures, lesser critical networks, or set up test labs.
    • Gradual rollout across internal networks as preparation for full deployment is needed.