How To Monitor A Network With A Network Probe
|
|
- Gary Anthony
- 3 years ago
- Views:
Transcription
1 Network Monitoring and Analysis Techniques Using Taps and SPAN Switches Networks have evolved into complex structures supporting critical business processes and communications. As this complexity has increased, network monitoring, analysis and troubleshooting solutions have filled the gap required to keep services up and running smoothly. A common way to improve the return and effectiveness of network management solutions is to leverage network taps and switching taps for increased visibility, manageability and flexibility. This white paper reviews common network monitoring strategies and how taps and switching taps work. It will show how these devices can be used to minimize network access contention, and improve the effectiveness of network analysis solutions. Table of contents Abstract The network Security Monitoring the network Hubs SPAN Ports Taps Multi-port in-line taps In-line taps and media considerations... 8 SPAN solutions Summary Glossary
2 Network Monitoring and Analysis Techniques Using Taps and SPAN Switches Abstract Networks have evolved into complex structures supporting critical business processes and communications. As this complexity has increased, network monitoring, analysis and troubleshooting solutions have filled the gap required to keep services up and running smoothly. A common way to improve the return and effectiveness of network management solutions is to leverage network taps and switching taps for increased visibility, manageability and flexibility. This white paper reviews common network monitoring strategies and how taps and switching taps work. It will show how these devices can be used to minimize network access contention, and improve the effectiveness of network analysis solutions. The network Networks have evolved, and so have solutions used to keep them up and running smoothly. Today s IT groups, which previously fought basic connectivity issues, are more concerned with application performance and security. To effectively manage the latest issues, knowledgeable IT departments are leveraging their network management solutions with a broad range of network taps and switches to help identify, troubleshoot and monitor network behavior. Network monitoring, analysis and troubleshooting has progressed since early Ethernet networks provided shared access to all applications and users. Early network designs allowed IT technicians to monitor and access networks by simply plugging in a protocol analyzer to any hub port. A flat network design ensured that network problems could be seen no matter where the analysis port was located. This type of troubleshooting focused on physical and data link layer issues such as error packets, broadcast storms, high utilization, duplicate MAC addresses, etc. In the 1990s, MAC and network layer switches started increasing network complexity by hiding errors that were easily seen in the past. A technician could no longer plug into a hub and see symptoms as they would appear across the whole network. While switched networks were good at isolating network problems, they hid those problems from diagnosis and resolution. In order to improve visibility, many companies adopted a distributed network monitoring and troubleshooting framework. This approach placed remote monitoring devices on strategic parts of the network for increased visibility and troubleshooting capabilities. When distributed monitoring is not available, IT staff members utilize portable analysis devices to plug into hot spots for analysis. The need for greater access to the network has become increasingly important to those responsible for maintaining its performance and uptime. The switching of packets based on network or MAC layer addresses is now the norm and IT departments see further complexity being introduced with the switching of applications and Quality of Service (QoS) based routing. While these technologies offer the ability to control application performance, the trade-off for IT is the uncertainty of application traffic traveling across many routes from server to end user. This creates a greater need for visibility at multiple points where application uncertainty might be introduced on different network segments. Meanwhile, the number of network monitoring and troubleshooting devices available to IT departments continues to grow. With growing complexity in the network and reduced IT staffing, organizations need more effective ways to manage, understand, troubleshoot and even modify the behavior of communications and applications. The following list summarizes general categories of products that are commonly deployed on the network to manage and troubleshoot it. Protocol analyzers the age-old grandfather of almost all network management tools. Protocol analyzers provide a view of the packets, with valuable timing and communications translated from binary to plan text. To a lesser extent, protocol analyzers also provide statistical analysis of the traffic on a 24x7 basis.
3 Network monitoring probe these devices commonly support the RMON and RMON2 standard for statistical analysis of network performance. SNMP support provides the communications necessary to consolidate the information from many probes to a centralized reporting application. Application performance monitoring these devices analyze the performance of applications running on the network. Degradation of application response is detected in real time, allowing IT staff to troubleshoot the problem before end users are substantially impacted. Web content monitoring systems these solutions are a specialized breed of application performance monitoring devices that focus on HTTP traffic. Security The change that occurred to switched network architectures in the 90s was also accompanied by a new area of responsibility in the IT department the security administration. As organizations expanded their networks for business competitiveness, the data grew in value and importance. Customer information, financial data, marketing and voice communications are all now served by the network. High-profile network infiltrations have compounded the need to ensure the network, and the data on it, is secure. Unfortunately, the growth of black-hat hackers and crackers has led to some very costly network compromises requiring security to become a top priority within the IT organization. With this new responsibility came additional needs for access to the data traveling over the network media. The following list summarizes general categories of security products commonly deployed on the network to manage and protect it. Types of network security devices include: Intrusion detection solutions (IDS) use a promiscuous NIC to analyze every packet on the network for specific signatures (string signatures, port signatures, and header condition signatures) and anomalous statistics which could indicate an intrusion condition. Intrusion prevention solutions (IPS) take over after an intrusion has been detected. IPS systems have the ability to shut off or reconfigure devices that are allowing invasive traffic or being attacked. Monitoring the network IT departments have seen an increased need for greater access to the network for monitoring and analysis because: Greater segmentation of the network results in more locations that need to provide access for troubleshooting and monitoring solutions. An increase in the number of monitoring and analysis solutions being deployed on the network. Limited availability and authorization for SPAN ports usage. As discussed previously, the need to access network traffic has grown over the past two decades. Additional pressure is also being placed on organizations to effectively utilize network management equipment across a greater segment of the network. What might not be apparent to IT organizations is the availability of new solutions that can help relieve the pressure placed on network access, and increase return delivered by a network management device. The rest of this paper will discuss how network taps and SPAN switches can be used to effectively manage network uptime and performance. You would think that access for network and security management devices would be straightforward: simply plug in your device to the network and start analyzing using your solution(s) of preference. However, because of network design changes discussed earlier, accessing the data has become more of a challenge. There are three ways analysis devices currently connect to a network in order to monitor traffic: Hubs SPAN or mirror ports In-line taps
4 Hubs Hubs are the most traditional way of gaining shared access to a network. In theory, these inexpensive devices forward everything, good or bad, to all ports on the hub. Unfortunately, most hubs these days are not as open as expected in their forwarding rules. It is common to find devices labeled hubs that act as bridges, switches or even routers. This limits the ability of an analysis device to see problem packets on a segment when the hub is not forwarding them. When using a hub in series between two devices, you must also remember that these devices will force a full duplex link to half duplex. Any performance advantages gained by full duplex would then be lost. Figure 1: A network probe connected between a server and switch via a common hub Pros and cons of hubs to access a network Pros Inexpensive and easily available Cons Must be tested in order to understand forwarding rules being employed Will force full duplex link to half duplex Hubs become an active part of the network, and therefore an additional point of failure SPAN ports When layer 2 network switches were first introduced, manufacturers did not provide a way for network troubleshooting devices to view packets from the backplane or a specific port. In response, SPAN (or mirror ports) allow for the insertion of protocol analyzers and other network monitoring devices onto the switch. The SPAN port is now a common means of accessing network traffic on switched networks. Unfortunately, most switch models only allow for one or two SPANs to be created on a device. This results in a shortage of these strategic listening posts. Plugging, unplugging and reconfiguring SPAN ports is possible, but usually not practical when troubleshooting needs to take place in real-time and engineers to configure SPAN sessions are not always available. For monitoring solutions designed for 24x7 implementation, this scenario is not practical. Figure 2: The increased use of network analysis devices has created contention for SPAN ports.
5 Almost all corporate class layer 2 and 3 switches offer the ability to set up SPAN configurations packet for monitoring and analysis. SPAN configurations allow traffic from one or more switch ports to be copied and forwarded to a single analysis port. Spanning is economical and somewhat easy to use. It provides visibility across the backplane of a switch from all ports, a group of ports, or a specific VLAN being served by the switch. This consolidation of traffic is useful when analysis needs to occur across multiple links or segments. Unfortunately, this ability to replicate traffic in a SPAN session has a few drawbacks. Figure 3: SPAN ports were introduced by switch manufacturers so network monitoring devices could view network data across the backplane of the switch. First, SPAN configurations are not regulated from oversubscription of traffic to the monitor port. This can result in dropped packets and buffer overflows when the SPAN configuration sends more traffic to the monitor port than that port speed can support. In addition, since packets go through a buffer and are retimed, accurate time-sensitive measurements such as jitter, packet gap analysis or latency are difficult to attain. Finally, most mirror ports filter error frames and VLAN tags, making troubleshooting a challenge. This filtering, buffering and forwarding process also puts a load on the switch s CPU/transfer logic, possibly impacting the switch s operational performance. While SPAN configurations are fairly straightforward, they can still cause problems when done incorrectly. A simple mistake in a SPAN configuration has the ability to bring down a whole network or oversubscribe a critical network trunk. While spanning is a valuable solution for many companies, some network policies won t allow it due to the mission-critical nature of their networks. Still, SPAN port availability has led to its widespread adoption by security and network engineering IT groups. This, in turn, has led to contention for access to these windows into the network. Some of the taps mentioned later in this paper will address how to resolve some of the contention issues surrounding SPAN ports. Pros and cons of SPAN access to network Pros Readily available on most switches Zero cost to implement Can be remotely adjusted Can forward full duplex traffic to single interface device Cons SPAN ports block physical layer errors VLAN tags are removed from packets making VLAN analysis more difficult Consumes a port on the switch Some switch manufacturers only provide for one SPAN port configuration SPAN port configuration can be tricky. Incorrect configuration setting can bring down the network SPAN ports can be overcommitted by forwarding too much traffic Excess burden on some switch models can cause their performance to deteriorate
6 Taps Network taps provide network traffic visibility without relying on a SPAN port. Taps connect directly to a network link between two devices, similar to the way a hub is inserted on a network. However, a network tap does not actively participate in network switching, bridging, or routing. As packets pass through a tap, a copy of the signal is forwarded to the monitoring port(s). If an in-line tap s power fails, the network link does not fail and connectivity between devices is maintained. There are two types of in-line taps available on the market. A traditional in-line tap forwards each direction of data on a full duplex link as a unique data flow to the monitor ports on the tap. The monitoring or analysis device recombines the traffic through dual NICs and a common clock for packet timing. The greatest benefit of traditional in-line taps is support for full, line rate data flows and accurate interpacket timing. A limitation of traditional in-line taps is the need for dual NIC devices which can recombine the packets using a common clock. Most often in-line taps will be placed on switch trunks, switch/router trunks, or critical server links. Figure 4: Schematic of a traditional in-line tap as installed on a switch trunk. Aggregating in-line taps simplify the analysis of full duplex data streams for single NIC solutions (typically developed for SPAN use). An aggregation in-line tap combines the data from both Rx/Tx directions and outputs it as a single data stream. Now single port analysis and monitoring devices can tap in-line on a full duplex link and see both directions of traffic while maintaining accurate inter-packet timing. While most Ethernet networks maintain fairly low utilization levels, any aggregation tap on a link that goes above 50% utilization will drop packets since it is not possible to pass high rate full duplex traffic through a single duplex connection. Figure 5: Schematic of an aggregating in-line tap with dual monitor ports. Using the same technology as aggregating in-line taps, a dual link aggregation tap makes it possible to view traffic from two full-duplex links on a single interface monitoring device. For redundant and asymmetric network designs, this solution allows the network engineers to monitor dual links using only one analysis device to see packets no matter which path they travel. However, with the possibility of oversubscribing the monitor port by 4x, it is recommended that a user first understand the traffic levels on the links being tapped.
7 Figure 6: A dual link in-line aggregation tap allows simultaneous packet analysis on either redundant link at the same time. Pros and cons of in-line taps access to network Pros In-line taps can provide visibility to physical layer errors Do not require configuration Full line rate monitoring possible with traditional in-line taps Switch not burdened with SPANing process Simple plug and play access to the network Inter-packet timing is maintained for analysis Cons Links need to be dropped for installation Dual port analysis devices are required for line rate performance Multi-port in-line taps In-line taps are available in more than just a single port configuration. Multi-port in-line taps, which can switch analysis device(s) between ports across a broad network environment, are an ideal solution for broad visibility. These devices incorporate multiple in-line taps and a configurable monitor port(s) to allow switching between any of the tapped links. Most multi-port in-line taps also allow for remote configuration so a network engineer at any location can point their attached analysis device to any of the links in need of Figure 7: In this diagram, a multi-port in-line tap is being used with a protocol analyzer and IDS device to monitor individual server links or the switch trunk. Port configuration is done remotely over the network using software.
8 monitoring. Multi-port in-line taps offer extended visibility for any monitoring or analysis device by providing a single attach point with visibility to multiple locations on the network. Monitoring and analysis across multiple locations on the network is simpler, more cost effective and powerful when cables do not need to be manually connected and disconnected. The most likely deployment locations for a multi-port in-line tap are on switch distribution trunks or server farm links. This allows a technician to analyze discreet network traffic as it behaves on different network segments. In-line taps and media considerations In-line taps support both fiber and copper media types, as well as LAN and WAN topologies. The mechanics of tapping both fiber and copper are slightly different so it is important to have a general understanding of this technology when using these devices. A fiber tap is the simplest form of an in-line tap. Fiber splitters, which are created by wrapping the glass core of two fiber strands around each other, are employed to bleed off a part of the fiber light signal to a monitor port. Depending on the number of times the glass cores are wrapped, different split ratios can be created. A typical fiber split ratio is 50/50, meaning that 50% of the link s optical power is sent to the tap port and the link s optical power is reduced by 50%. Since fiber optic systems must receive a minimum optical power level, it is important to ensure that insertion loss of an in-line tap fits within the available loss budget of the fiber link. This should be done by using an optical power meter and source, testing for total attenuation. If a link s attenuation is already nearly the available loss budget, an in-line tap with a lower split ratio, 60/40, 70/30 or 90/10 should be used. Once a tap or splitter is installed, an optical power meter should be used to ensure that the power level at the receiver is within the appropriate range. Fiber splitters provide a completely passive connection to the network. A passive connection is one which does not require the tap to link with the end point devices. Passive taps send a network signal to the monitor ports with all physical layer information, including malformed frames, errors, tags and trunking headers. Every bit present on the link is forwarded to the monitor ports for evaluation by the analysis device. This is valuable when troubleshooting data link and physical layer errors. Protocol analyzers and RMON monitoring probes that utilize this information benefit from the attributes of passive taps. Figure 8: A schematic of a fiber splitter within a tap. Notice that the connections are directional and the tapping mechanism is completely passive. Copper in-line taps are a bit more complicated than fiber in-line taps due to the different specifications of 10/100 Copper Ethernet and copper Gigabit Ethernet. 10/100 Ethernet utilizes two pairs of a four pair UTP cable, one pair to transmit and one pair to receive data. Meanwhile, copper Gigabit Ethernet transmits simultaneously on all four pairs of a UTP cable. These specification differences make it fairly straightforward to passively tap the signal from each strand of a 10/100BASE-T link. It also allows 10/100 copper Ethernet taps to be completely passive, just like fiber taps.
9 Figure 9: A schematic of an active copper aggregating tap for copper Gigabit Ethernet with the relay failover. While 10/100BASE-T transmits directionally unique traffic on individual pairs of copper, Gigabit Ethernet transmits and receives simultaneously on all copper pairs. This necessitates the use of a copper Gigabit receiver to separate the Tx/Rx signals, eliminate echo and filter crosstalk. The copper Gigabit receivers in a tap negotiate link with each end device and help extend the signal strength of the link. This type of tap is often referred to as an active tap. In order to assure failsafe operation in case power is lost on an active tap, a relay provides immediate bypass of the receivers so the end points can communicate directly through the tap. This failover mechanism in copper Gigabit in-line taps can engage in a matter of milliseconds, and is not even recognized by users in most environments. If the tap is located between switches using spanning tree protocol, an interruption of the link for even milliseconds is enough time to cause a spanning tree to reconfigure. Depending on the size of the network, spanning tree reconfiguration can take several seconds to a minute of time until the network is available again. The likelihood of a Gigabit tap having a relay failover is low due to the use of dual power supplies in most taps, and backup power facilities in most data centers. To greatly decrease the time it takes a spanning tree to reconfigure, users can hard set link port speeds on each side of a Gigabit tap and set spanning tree to fast restart. SPAN solutions In many situations, a SPAN port offers the most flexible way to connect network monitoring and analysis devices to the network. In order to more effectively leverage SPAN technology, a few tap like devices are available. A SPAN switch is very similar to a multi-port in-line tap described above. SPAN switches allow one or more monitoring devices to be permanently connected to different switches serving different locations on the network. However, instead of connecting in-line on the network link, the multi-port SPAN switch connects to numerous SPAN ports. Remote configuration using software allows any network technician to switch between SPAN ports for one or more of the monitoring devices. Data centers that have numerous switches using SPAN will greatly benefit from SPAN switching. Instead of manually connecting monitoring devices to SPAN ports as needed, a SPAN switch allows a single analysis device to be remotely pointed to any SPAN connection as needed. This saves time and money when IT departments develop their network performance analysis plans.
10 Figure 10: SPAN switching allows monitoring device(s) to be leveraged across multiple network locations with a simple click of the mouse. Multiple monitor ports also reduce contention for SPAN port access. Another SPAN solution is the SPAN aggregation tap. These devices combine the data from two or more SPAN connections into a single data stream. SPAN aggregation taps are ideal when used with security devices monitoring for suspicious activity on the network. By combining the data from multiple, low utilization links, a single security monitoring device can alert IT to suspicious activity, without having to deploy a device in each location. SPAN aggregation taps are also ideal for monitoring redundant paths. SPAN ports from redundant switches are combined in the SPAN aggregation tap, giving the monitoring device full visibility of network traffic, no matter which path the traffic takes. Combining traffic from multiple SPAN ports does present the opportunity to oversubscribe the monitor port, but as long as baseline traffic levels are understood, this limitation can be easily managed. Figure 11: A SPAN aggregation tap will combine the traffic from multiple uni-directional data flows. In this case, a single application performance analyzer is able to see traffic from two SPAN connections simultaneously. This ensures that analysis will occur no matter which path the packets traverse. Single port monitoring and analysis devices benefit from the capabilities of SPAN aggregation taps when used in combination with traditional in-line taps. Normally, a traditional in-line tap requires a monitoring device with dual NICs. However, a SPAN aggregation tap will aggregate the two data streams into one for analysis by any single port solution. 10
11 Figure 12: A SPAN aggregation tap can be used in conjunction with a traditional in-line tap to provide in-line visibility for single port analysis devices. Summary Network monitoring and analysis is critical for IT departments who want to ensure that quality services and applications are delivered to end users. As the number of monitoring and analysis solutions have grown, access to the network has become a point of contention. The latest generation of taps and switches can relieve this contention and extend visibility across a greater number of segments using fewer monitoring devices. This benefits IT by decreasing the resources spent on monitoring and analysis solutions and increasing the effectiveness of network analysis. For a personalized assessment of how network taps and switches can help you more effectively manage your network, contact at 11
12 Glossary White Paper Aggregation in-line taps Aggregation in-line taps connect between two network devices and forward all traffic without regard for MAC or network address. Full-duplex connectivity is maintained between the devices and a copy of the traffic is output on a single directional connector. Bridge Network bridges connect network segments and forward everything except MAC layer error packets or packets with MAC addresses known to be on a local network. Broadcast traffic is also forwarded. Dual link in-line aggregation tap Dual link in-line aggregation taps connect on two links between four network devices. Traffic is forwarded between devices without regard for MAC or network address. Full-duplex connectivity is maintained between the devices and the traffic on both links is combined into a single data stream and output on a single directional connector. Hub A hub can also be called a repeater. Multi-port hubs connect network segments and forward everything without any analysis of the signal. Hubs usually operate in half-duplex mode. In-line tap In-line taps connect between two network devices and forward all traffic without regard for MAC or network address. Full-duplex connectivity is maintained between the devices and a copy of the traffic is output on two directional connectors. In-line passive A passive in-line tap does not link with the remote devices on each side. Passive taps reduce the signal strength between devices, but forward all packets and signals as an exact representation of the network being tapped. Insertion loss This is the amount of light energy that is lost on a fiber link when a fiber in-line tap is installed. The insertion loss should not cause the light power to go below the minimum sensitivity of the receivers on the end of the link. If necessary, insertion loss can be managed by using different split ratios on the fiber taps being used. Layer 2 The OSI model of network connectivity is represented by a 7 layer framework. Layer two controls how a computer on the network gains access to the data, permission to transmit it, frame synchronization, flow control and error checking. Layer 3 Layer 3 of the OSI model provides switching and routing technologies, creating logical paths, known as virtual circuits, for transmitting data from node to node. Routing and forwarding are functions of this layer, as well as addressing, internetworking, error handling, congestion control and packet sequencing. Oversubscription This occurs when a switch or tap port receives more data than it can effectively handle based on its configured speed. When a 100BASE-T port tries to forward 120Mb/sec of network traffic it will drop packets until it has only a 100Mb of data to send. NIC Network Interface Card. NICs are common on almost all PCs and laptops today. RMON Remote Monitoring (RMON) is a standard monitoring specification that enables various network monitors and console systems to exchange network-monitoring data. SPAN The Switched Port Analyzer (SPAN), sometimes called port mirroring or port monitoring, is a feature available on almost all enterprise switches. This feature forwards network traffic by port on the switch for analysis by a network analyzer or monitoring device SPAN switch SPAN switches connect to multiple SPAN ports and allow users to remotely direct switch traffic to one or more monitoring and analysis devices. SPAN aggregation tap SPAN aggregation taps connect to multiple SPAN ports and combine the traffic of all into a single data stream for analysis and monitoring devices. Spanning tree Spanning-Tree Protocol (STP) prevents loops from being formed when switches or bridges are interconnected via multiple paths. Spanning-Tree Protocol implements the 802.1D IEEE algorithm by exchanging BPDU messages with other switches to detect loops, and then removes the loop by shutting down selected bridge interfaces. This algorithm guarantees that there is one and only one active path between two network devices. Switch A switch is a form of a bridge. However, its capabilities and forwarding rules can vary widely depending on the manufacturer and model. In simplistic terms, switches create private paths (direct bridged connections) between devices connected to them. Packet forwarding can be done based on the MAC or the Network address. N E T W O R K S U P E R V I S I O N P.O. Box 777, Everett, WA USA operates in more than 50 countries worldwide. To find your local office contact details, go to /contact Fluke Corporation. All rights reserved. Printed in U.S.A. 2/ D-ENG-N Rev A 12
Network Instruments white paper
Network Instruments white paper ANALYZING FULL-DUPLEX NETWORKS There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports),
More informationNet Optics Learning Center Presents The Fundamentals of Passive Monitoring Access
Net Optics Learning Center Presents The Fundamentals of Passive Monitoring Access 1 The Fundamentals of Passiv e Monitoring Access Copy right 2006 Net Optics, Inc. Agenda Goal: Present an overview of Tap
More informationChoosing Tap or SPAN for Data Center Monitoring
Choosing Tap or SPAN for Data Center Monitoring Technical Brief Key Points Taps are passive, silent, and deliver a perfect record of link traffic, but require additional hardware and create a point of
More informationAnalyzing Full-Duplex Networks
Analyzing Full-Duplex Networks There are a number ways to access full-duplex traffic on a network for analysis: SPAN or mirror ports, aggregation TAPs (Test Access Ports), or full-duplex TAPs are the three
More informationHow To Use A Network Instrument Ntap
ntap Product Family Provides monitoring and security devices with complete visibility into full-duplex networks Network Instruments ntaps let you monitor and analyze full-duplex links. ntaps are critical
More informationNetworking and High Availability
TECHNICAL BRIEF Networking and High Availability Deployment Note Imperva appliances support a broad array of deployment options, enabling seamless integration into any data center environment. can be configured
More informationWHITEPAPER. VPLS for Any-to-Any Ethernet Connectivity: When Simplicity & Control Matter
WHITEPAPER VPLS for Any-to-Any Ethernet Connectivity: When Simplicity & Control Matter The Holy Grail: Achieving Simplicity and Control in the IT Infrastructure Today s Information Technology decision-makers
More informationManaging Network Bandwidth to Maximize Performance
Managing Network Bandwidth to Maximize Performance With increasing bandwidth demands, network professionals are constantly looking to optimize network resources, ensure adequate bandwidth, and deliver
More informationSSVP SIP School VoIP Professional Certification
SSVP SIP School VoIP Professional Certification Exam Objectives The SSVP exam is designed to test your skills and knowledge on the basics of Networking and Voice over IP. Everything that you need to cover
More informationDiagnosing the cause of poor application performance
Diagnosing the cause of poor application performance When it comes to troubleshooting application performance issues, there are two steps you can take to make diagnosis easier, faster and more accurate.
More informationComputer Networks. Definition of LAN. Connection of Network. Key Points of LAN. Lecture 06 Connecting Networks
Computer Networks Lecture 06 Connecting Networks Kuang-hua Chen Department of Library and Information Science National Taiwan University Local Area Networks (LAN) 5 kilometer IEEE 802.3 Ethernet IEEE 802.4
More informationChapter 3. Enterprise Campus Network Design
Chapter 3 Enterprise Campus Network Design 1 Overview The network foundation hosting these technologies for an emerging enterprise should be efficient, highly available, scalable, and manageable. This
More informationRegion 10 Videoconference Network (R10VN)
Region 10 Videoconference Network (R10VN) Network Considerations & Guidelines 1 What Causes A Poor Video Call? There are several factors that can affect a videoconference call. The two biggest culprits
More informationApplication Note Gigabit Ethernet Port Modes
Application Note Gigabit Ethernet Port Modes Application Note Gigabit Ethernet Port Modes Table of Contents Description... 3 Benefits... 4 Theory of Operation... 4 Interaction with Other Features... 7
More informationTable of Contents. Network Critical NA LLC Tel: 716-558-7280 37 Franklin Street, Suite 100 Email: sales-us@networkcritical.com
Product Catalog Table of Contents Breakout TAPs...1-3 Fixed Aggregating Portable TAP...4-5 V-Line TM (Bypass) Portable TAPS...6 Breakout Portable TAP...7 V-Line (Bypass) TAPs...8-9 Smart Network Access
More informationNetworking and High Availability
yeah SecureSphere Deployment Note Networking and High Availability Imperva SecureSphere appliances support a broad array of deployment options, enabling seamless integration into any data center environment.
More informationDiagnosing the cause of poor application performance
Diagnosing the cause of poor application performance When it comes to troubleshooting application performance issues, there are two steps you can take to make diagnosis easier, faster and more accurate.
More informationObserver Analysis Advantages
In-Depth Analysis for Gigabit and 10 Gb Networks For enterprise management, gigabit and 10 Gb Ethernet networks mean high-speed communication, on-demand systems, and improved business functions. For enterprise
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationCarrier Ethernet: New Game Plan for Media Converters
Introduction IEEE Std. 802.3ah, also referred to as Ethernet in the First Mile (EFM) standard, has a well established name within the industry today. It lays out ground rules for implementing Ethernet
More informationDeploying Probes and Analyzers in an Enterprise Environment
Network Instruments White Paper Deploying Probes and Analyzers in an Enterprise Environment As an IT manager, you need visibility into every corner of the network, from the edge to the core. A distributed
More informationTen top problems network techs encounter
Ten top problems network techs encounter Networks today have evolved quickly to include business critical applications and services, relied on heavily by users in the organization. In this environment,
More informationNetwork Monitoring White Paper
Network ing White Paper ImageStream Internet Solutions, Inc. 7900 East 8th Road Plymouth, Indiana 46563 http://www.imagestream.com info@imagestream.com Phone: 574.935.8484 Sales: 800.813.5123 Fax: 574.935.8488
More informationTaps vs. SPAN The Forest AND the Trees: Full Visibility into Today's Networks
WHITE PAPER Taps vs. SPAN The Forest AND the Trees: Full Visibility into Today's Networks www.ixiacom.com 915-3534-01 Rev. A, September 2015 2 Table of Contents The First Line of Defense: Access... 5 Problem
More informationNetworking Devices. Lesson 6
Networking Devices Lesson 6 Objectives Exam Objective Matrix Technology Skill Covered Exam Objective Exam Objective Number Network Interface Cards Modems Media Converters Repeaters and Hubs Bridges and
More informationCCNA R&S: Introduction to Networks. Chapter 5: Ethernet
CCNA R&S: Introduction to Networks Chapter 5: Ethernet 5.0.1.1 Introduction The OSI physical layer provides the means to transport the bits that make up a data link layer frame across the network media.
More informationWHITE PAPER. Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency
WHITE PAPER Network Traffic Port Aggregation: Improved Visibility, Security, and Efficiency www.ixiacom.com 915-6893-01 Rev. A, July 2014 2 Table of Contents Summary... 4 Introduction... 4 Differing Goals
More informationNetwork Design. Yiannos Mylonas
Network Design Yiannos Mylonas Physical Topologies There are two parts to the topology definition: the physical topology, which is the actual layout of the wire (media), and the logical topology, which
More informationObserver Probe Family
Observer Probe Family Distributed analysis for local and remote networks Monitor and troubleshoot vital network links in real time from any location Network Instruments offers a complete line of software
More informationVoice Over IP. MultiFlow 5048. IP Phone # 3071 Subnet # 10.100.24.0 Subnet Mask 255.255.255.0 IP address 10.100.24.171. Telephone.
Anritsu Network Solutions Voice Over IP Application Note MultiFlow 5048 CALL Manager Serv # 10.100.27 255.255.2 IP address 10.100.27.4 OC-48 Link 255 255 25 IP add Introduction Voice communications over
More informationOptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an
No one knows the value of an Network Analysis Solution Total integration Total control Total Network SuperVision integrated solution better than network engineers and Fluke Networks. Our Network Analysis
More informationESSENTIALS. Understanding Ethernet Switches and Routers. April 2011 VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK
VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK Contemporary Control Systems, Inc. Understanding Ethernet Switches and Routers This extended article was based on a two-part article that was
More informationLayer 3 Network + Dedicated Internet Connectivity
Layer 3 Network + Dedicated Internet Connectivity Client: One of the IT Departments in a Northern State Customer's requirement: The customer wanted to establish CAN connectivity (Campus Area Network) for
More informationObjectives. The Role of Redundancy in a Switched Network. Layer 2 Loops. Broadcast Storms. More problems with Layer 2 loops
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Implement Spanning Tree Protocols LAN Switching and Wireless Chapter 5 Explain the role of redundancy in a converged
More informationOptiView. Total integration Total control Total Network SuperVision. Network Analysis Solution. No one knows the value of an
No one knows the value of an Network Analysis Solution Total integration Total control Total Network SuperVision integrated solution better than network engineers and Fluke Networks. Our Network Analysis
More informationAny-to-any switching with aggregation and filtering reduces monitoring costs
Any-to-any switching with aggregation and filtering reduces monitoring costs Summary Physical Layer Switches can filter and forward packet data to one or many monitoring devices. With intuitive graphical
More informationGigabit Ethernet. Abstract. 1. Introduction. 2. Benefits of Gigabit Ethernet
Table of Contents Abstract... 2 1. Introduction... 2 2. Benefits of Gigabit Ethernet... 2 2.1 Easy Migration to Higher Performance Levels... 3 2.2 Decreased Overall Costs Over Time... 3 2.3 Supports for
More informationHow To Monitor And Test An Ethernet Network On A Computer Or Network Card
3. MONITORING AND TESTING THE ETHERNET NETWORK 3.1 Introduction The following parameters are covered by the Ethernet performance metrics: Latency (delay) the amount of time required for a frame to travel
More informationNetwork Performance Channel
Network Performance Channel Net Optics Products Overview MIHAJLO PRERAD, Network Performance Channel GmbH Who we are Network Performance Channel GmbH Leading global value added distributor specialized
More informationCisco Bandwidth Quality Manager 3.1
Cisco Bandwidth Quality Manager 3.1 Product Overview Providing the required quality of service (QoS) to applications on a wide-area access network consistently and reliably is increasingly becoming a challenge.
More information11/22/2013 1. komwut@siit
11/22/2013 1 Week3-4 Point-to-Point, LAN, WAN Review 11/22/2013 2 What will you learn? Representatives for Point-to-Point Network LAN Wired Ethernet Wireless Ethernet WAN ATM (Asynchronous Transfer Mode)
More informationLAN Switching and VLANs
26 CHAPTER Chapter Goals Understand the relationship of LAN switching to legacy internetworking devices such as bridges and routers. Understand the advantages of VLANs. Know the difference between access
More informationTroubleshooting LANs with Wirespeed Packet Capture and Expert Analysis
Application Note Troubleshooting LANs with Wirespeed Packet Capture and Expert Analysis Introduction This application note is one in a series of local area network (LAN) troubleshooting papers from JDSU
More informationIntroduction. What is a Remote Console? What is the Server Service? A Remote Control Enabled (RCE) Console
Contents Introduction... 3 What is a Remote Console?... 3 What is the Server Service?... 3 A Remote Control Enabled (RCE) Console... 3 Differences Between the Server Service and an RCE Console... 4 Configuring
More informationEnhancing Cisco Networks with Gigamon // White Paper
Across the globe, many companies choose a Cisco switching architecture to service their physical and virtual networks for enterprise and data center operations. When implementing a large-scale Cisco network,
More informationManagement Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version 1.0.0. 613-001339 Rev.
Management Software AT-S106 Web Browser User s Guide For the AT-GS950/48 Gigabit Ethernet Smart Switch Version 1.0.0 613-001339 Rev. A Copyright 2010 Allied Telesis, Inc. All rights reserved. No part of
More informationWeb Traffic Capture. 5401 Butler Street, Suite 200 Pittsburgh, PA 15201 +1 (412) 408 3167 www.metronomelabs.com
Web Traffic Capture Capture your web traffic, filtered and transformed, ready for your applications without web logs or page tags and keep all your data inside your firewall. 5401 Butler Street, Suite
More informationExhibit n.2: The layers of a hierarchical network
3. Advanced Secure Network Design 3.1 Introduction You already know that routers are probably the most critical equipment piece in today s networking. Without routers, internetwork communication would
More informationAT-S60 Version 1.1.4 Management Software for the AT-8400 Series Switch. Software Release Notes
AT-S60 Version 1.1.4 Management Software for the AT-8400 Series Switch Supported Platforms Software Release Notes Please read this document before you begin to use the AT-S60 management software. The AT-S60
More informationSimplify VoIP Network Setup and Troubleshooting with NetTool VoIP
Simplify VoIP Network Setup and Troubleshooting with NetTool VoIP Introduction As businesses search for new ways to cut costs and increase efficiency, they are moving their phone systems to VoIP (voice
More informationEfficient Network Monitoring Access
Abstract Organizations that rely on the reliability, security, and performance of their networks can no longer afford to wait for outages or security breaches to occur before installing test access points.
More information16-PORT POWER OVER ETHERNET WEB SMART SWITCH
16-PORT POWER OVER ETHERNET WEB SMART SWITCH User s Manual (DN-95312) - 0 - Content Web Smart Switch Configure login ---------------------------------- 2 Administrator Authentication Configuration ---------------------------------------------
More informationJuly, 2006. Figure 1. Intuitive, user-friendly web-based (HTML) interface.
Smart Switches The Value-Oriented Alternative for Managed Switching White Paper September, 2005 Abstract This White Paper provides a short introduction to Web Smart switches and their importance in a local
More informationSSVVP SIP School VVoIP Professional Certification
SSVVP SIP School VVoIP Professional Certification Exam Objectives The SSVVP exam is designed to test your skills and knowledge on the basics of Networking, Voice over IP and Video over IP. Everything that
More informationhp ProLiant network adapter teaming
hp networking june 2003 hp ProLiant network adapter teaming technical white paper table of contents introduction 2 executive summary 2 overview of network addressing 2 layer 2 vs. layer 3 addressing 2
More informationInstallation Guide for. 10/100 to Triple-speed Port Aggregator. Model TPA-CU. 800-0045-001 Doc. PUBTPACUU Rev. 1, 12/08. In-Line
Installation Guide for 10/100 to Triple-speed Port Aggregator Model TPA-CU In-Line 800-0045-001 Doc. PUBTPACUU Rev. 1, 12/08 Contents Introduction.....................................................
More informationRFC 2544 Testing of Ethernet Services in Telecom Networks
RFC 2544 Testing of Ethernet Services in Telecom Networks White Paper Nigel Burgess Agilent Technologies Introduction The object of this paper is to discuss the use and testing of Ethernet services in
More informationAbstract. MEP; Reviewed: GAK 10/17/2005. Solution & Interoperability Test Lab Application Notes 2005 Avaya Inc. All Rights Reserved.
Configuring Single Instance Rapid Spanning Tree Protocol (RSTP) between an Avaya C360 Converged Switch and HP ProCurve Networking Switches to support Avaya IP Telephony Issue 1.0 Abstract These Application
More informationEnhanced Visibility, Improved ROI
Abstract Enhanced Visibility, Improved ROI The IT Security/Network Infrastructure Management departments within an organization have access to some of the richest and most useful enterprise data. Because
More informationCommunication Networks. MAP-TELE 2011/12 José Ruela
Communication Networks MAP-TELE 2011/12 José Ruela Network basic mechanisms Introduction to Communications Networks Communications networks Communications networks are used to transport information (data)
More informationdomain is known as the high side, and the less secure domain is the low side. Depending on the application, the
Data diodes refer to unidirectional network links used in some high-security network architectures. This paper explains how data diodes are used to secure information and protect against intrusions; it
More informationLeased Line + Remote Dial-in connectivity
Leased Line + Remote Dial-in connectivity Client: One of the TELCO offices in a Southern state. The customer wanted to establish WAN Connectivity between central location and 10 remote locations. The customer
More informationHARTING Ha-VIS Management Software
HARTING Ha-VIS Management Software People Power Partnership HARTING Management Software Network Management Automation IT - with mcon Switches from HARTING With the Ha-VIS mcon families, HARTING has expanded
More informationImplementation of Virtual Local Area Network using network simulator
1060 Implementation of Virtual Local Area Network using network simulator Sarah Yahia Ali Department of Computer Engineering Techniques, Dijlah University College, Iraq ABSTRACT Large corporate environments,
More informationCCNA 1: Networking Basics. Cisco Networking Academy Program Version 3.0
CCNA 1: Networking Basics Cisco Networking Academy Program Version 3.0 Table of Contents CCNA 1: NETWORKING BASICS...1 TARGET AUDIENCE...3 PREREQUISITES...3 COURSE DESCRIPTION...3 COURSE OBJECTIVES...3
More information2. What is the maximum value of each octet in an IP address? A. 128 B. 255 C. 256 D. None of the above
1. How many bits are in an IP address? A. 16 B. 32 C. 64 2. What is the maximum value of each octet in an IP address? A. 128 B. 255 C. 256 3. The network number plays what part in an IP address? A. It
More informationHow To Configure Voice Vlan On An Ip Phone
1 VLAN (Virtual Local Area Network) is used to logically divide a physical network into several broadcast domains. VLAN membership can be configured through software instead of physically relocating devices
More informationHow To Learn Cisco Cisco Ios And Cisco Vlan
Interconnecting Cisco Networking Devices: Accelerated Course CCNAX v2.0; 5 Days, Instructor-led Course Description Interconnecting Cisco Networking Devices: Accelerated (CCNAX) v2.0 is a 60-hour instructor-led
More informationLANs and VLANs A Simplified Tutorial
Application Note LANs and VLANs A Simplified Tutorial Version 3.0 May 2002 COMPAS ID 90947 Avaya Labs 1 Companion document IP Addressing: A Simplified Tutorial COMPAS ID 92962 2 Introduction As the name
More information- Hubs vs. Switches vs. Routers -
1 Layered Communication - Hubs vs. Switches vs. Routers - Network communication models are generally organized into layers. The OSI model specifically consists of seven layers, with each layer representing
More informationSelecting a Network Recorder for back-in-time analysis to solve intermittent problems and unexpected events
Selecting a Network Recorder for back-in-time analysis to solve intermittent problems and unexpected events Often, the only way to get to the root cause of unwelcome or intermittent events that occur on
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 6 Network Security Objectives List the different types of network security devices and explain how they can be used Define network
More informationChapter 7 Configuring Trunk Groups and Dynamic Link Aggregation
Chapter 7 Configuring Trunk Groups and Dynamic Link Aggregation This chapter describes how to configure trunk groups and 802.3ad link aggregation. Trunk groups are manually-configured aggregate links containing
More informationMonitoring Load Balancing in the 10G Arena: Strategies and Requirements for Solving Performance Challenges
2011 is the year of the 10 Gigabit network rollout. These pipes as well as those of existing Gigabit networks, and even faster 40 and 100 Gbps networks are under growing pressure to carry skyrocketing
More informationA-7: SPAN Out of the Box Wednesday June 16, 2010 1:15 pm 2:45 pm
A-7: SPAN Out of the Box Wednesday June 16, 2010 1:15 pm 2:45 pm John HE, Hardware Engineer Founder Dualcomm Technology, Inc. SHARKFEST 10 Stanford University June 14-17, 2010 Outline This presentation
More informationTroubleshooting LANs with Network Statistics Analysis
Application Note Troubleshooting LANs with Network Statistics Analysis Introduction This application note is one in a series of local area network (LAN) troubleshooting papers from JDSU Communications
More informationCisco EtherSwitch Network Modules
Cisco EtherSwitch Network Modules 16- and 36-Port 10/100 Ethernet Modules for Cisco 2600/2800/3600/3700/3800 Series Routers Figure 1. Cisco 16-Port and 36-Port EtherSwitch Network Modules The Cisco 16-
More informationBlue Coat Systems. PacketShaper Redundant Setup
Blue Coat Systems PacketShaper Redundant Setup Copyright 1999-2013 Blue Coat Systems, Inc. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled,
More informationCentral Office Testing of Network Services
Central Office Testing of Network Services Rev 4 Application Note Ethernet is rapidly becoming the predominant method for deploying new commercial services and for expanding backhaul capacity. Carriers
More informationHow To Switch In Sonicos Enhanced 5.7.7 (Sonicwall) On A 2400Mmi 2400Mm2 (Solarwall Nametra) (Soulwall 2400Mm1) (Network) (
You can read the recommendations in the user, the technical or the installation for SONICWALL SWITCHING NSA 2400MX IN SONICOS ENHANCED 5.7. You'll find the answers to all your questions on the SONICWALL
More informationDeploying Network Taps for improved security
DATACOM SYSTEMS INC Deploying Network Taps for improved security A guide to improving security visibility A DATACOM SYSTEMS WHITE PAPER Improve Visibility A network security detection and prevention scheme
More informationProven techniques and best practices for managing infrastructure changes
Proven techniques and best practices for managing infrastructure changes When a business expands an existing facility, adds a new location, incorporates an influx of new users, or upgrades an existing
More informationIP SAN Best Practices
IP SAN Best Practices A Dell Technical White Paper PowerVault MD3200i Storage Arrays THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES.
More informationWeb Analytics Understand your web visitors without web logs or page tags and keep all your data inside your firewall.
Web Analytics Understand your web visitors without web logs or page tags and keep all your data inside your firewall. 5401 Butler Street, Suite 200 Pittsburgh, PA 15201 +1 (412) 408 3167 www.metronomelabs.com
More informationWhite Paper. Intrusion Detection Deploying the Shomiti Century Tap
White Paper Intrusion Detection Deploying the Shomiti Century Tap . Shomiti Tap Deployment Purpose of this Paper The scalability of Intrusion Detection Systems (IDS) is often an issue when deploying an
More informationNetworking 4 Voice and Video over IP (VVoIP)
Networking 4 Voice and Video over IP (VVoIP) Course Objectives This course will give delegates a good understanding of LANs, WANs and VVoIP (Voice and Video over IP). It is aimed at those who want to move
More informationSummitStack in the Data Center
SummitStack in the Data Center Abstract: This white paper describes the challenges in the virtualized server environment and the solution Extreme Networks offers a highly virtualized, centrally manageable
More information48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W
GEP-5070 Version: 1 48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W The LevelOne GEP-5070 is an intelligent L2 Managed Switch with 48 x 1000Base-T PoE-Plus ports and 2 x 100/1000BASE-X SFP (Small Form
More informationB&B ELECTRONICS WHITE PAPER. Managed Ethernet Switches - Key Features for a Powerful Industrial Network
Determinism is the assurance that control/communication will occur in a set period of time. Ethernet was nondeterministic at first, and not widely used for industrial purposes. Ethernet switches designed
More informationInterconnecting Cisco Networking Devices Part 2
Interconnecting Cisco Networking Devices Part 2 Course Number: ICND2 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exam: 640 816: ICND2 Course Overview This course
More informationContents. Load balancing and high availability
White Paper Load Balancing in GateDefender Performa The information contained in this document represents the current view of Panda Software International, S.L on the issues discussed herein as of the
More informationWhite Paper: Troubleshooting Remote Site Networks Best Practices
White Paper: Troubleshooting Remote Site Networks Best Practices Management and remote site employees expect the same level of network service as the headquarters site. However, when IT staff are faced
More informationEXINDA NETWORKS. Deployment Topologies
EXINDA NETWORKS Deployment Topologies September 2005 :: Award Winning Application Traffic Management Solutions :: :: www.exinda.com :: Exinda Networks :: info@exinda.com :: 2005 Exinda Networks Pty Ltd.
More informationSwitching in an Enterprise Network
Switching in an Enterprise Network Introducing Routing and Switching in the Enterprise Chapter 3 Version 4.0 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Compare the types of
More informationHowstuffworks "How LAN Switches Work" Click here to go back to the normal view!
Page 1 of 17 Search ComputerStuff AutoStuff ElectronicsStuff ScienceStuff HomeStuff EntertainmentStuff MoneyStuff TravelStuff Main > Computer > Hardware Click here to go back to the normal view! How LAN
More informationCHAPTER 10 LAN REDUNDANCY. Scaling Networks
CHAPTER 10 LAN REDUNDANCY Scaling Networks CHAPTER 10 10.0 Introduction 10.1 Spanning Tree Concepts 10.2 Varieties of Spanning Tree Protocols 10.3 Spanning Tree Configuration 10.4 First-Hop Redundancy
More informationVoIP Reliability in Managed Service Deployments
1 VoIP Reliability in Managed Service Deployments Technical White Paper Introduction This White Paper introduces the Aspen 365 family of network appliances and explains how service providers offering a
More informationZarząd (7 osób) F inanse (13 osób) M arketing (7 osób) S przedaż (16 osób) K adry (15 osób)
QUESTION NO: 8 David, your TestKing trainee, asks you about basic characteristics of switches and hubs for network connectivity. What should you tell him? A. Switches take less time to process frames than
More information