Creating a computer network requires a lot of preparation and knowledge of the right components used. One of the first steps in computer networking is identifying what components to use and where to place them. This includes selecting the proper hardware, such as the Layer 3 routers, Layer 2 switches, and Layer 1 hubs if you are on an older network. Along with the right software, such as operating systems, applications, and network services. Or if any advanced computer networking techniques, such as virtualization, are required.
Once the components are identified, it’s time to plan the network’s structure. This involves deciding where each component will be placed and how they will be connected. The majority of networks you will see today will be Ethernet-based. You will need a design process for more extensive networks. Still, for smaller networks, such as your home network, once physically connected, you are ready as all the network services are set up for you on the WAN router by the local service provider.
Additional links to internal content for pre-information:
- Data Center Topologies
- Distributed Firewalls
- Internet of Things Access Technologies
- LISP Protocol and VM Mobility.
- A key point: Back to basics with computer networks.
A network is a collection of interconnected systems that share resources. IoT (Internet of Things) devices, desktop computers, laptops, and mobile phones are all connected by networks. A computer network will consist of standard devices such as APs, switches, and routers, the essential network components.
You can connect your network’s devices to other computer networks and the Internet, a global system of interconnected networks. So when we connect to the Internet, we connect the Local Area Network (LAN) to the Wide Area Network (WAN). As we move between computer networks, we must consider security. You will need a security device between these two segments that provide a stateful inspection firewall. You are probably running IPv4, so that you will need a network service known as Network Address Translation (NAT). IPv6, the latest version of the IP protocol, does not need NAT but may need a translation service with communication with IPv4-only networks.
- Local Area Network
A Local Area Network (LAN) is a computer network that connects computers and other devices in a limited geographical area such as a home, school, office building, or closely positioned group of buildings. Ethernet cables typically connect LANs but may also be connected through wireless connections. LANs are usually used within a single organization or business but may connect multiple locations. The equipment in your LAN is in your control.
- Wide Area Network
Then we have the Wide Area Network (WAN). In contrast to the LAN, a WAN is a computer network covering a wide geographical area, typically connecting multiple locations. Your LAN may only consist of Ethernet and a few network services. However, a WAN may consist of various communications equipment, protocols, and media that provide access to multiple sites and users. WANs usually use private leased lines, such as T-carrier lines, to connect geographically dispersed locations. The equipment in the WAN is out of your control.
Once the components and structure of the network have been determined, the next step is the configuration of computer networking. This involves setting up network parameters, such as IP addresses and subnets, and configuring routing tables. Remember that security is paramount, especially when connecting to the Internet, an untrusted network with a lot of malicious activity. Firewalls help you create boundaries and secure zones for your networks. Different firewall types exist for the different network parts, creating a layered approach to security.
Once the computer networking is completed, the next step is to test the network. This can be done using tools such as network analyzers, which can detect any errors or issues present. You can conduct manual tests using Internet Control Message Protocol (ICMP) protocols, such as ping and traceroute. Testing for performance is only half of the pictures. It’s also imperative to regularly monitor the network for potential security vulnerabilities. So, you must have antivirus software, a computer firewall, and other endpoint security controls.
Finally, it’s critical to keep the network updated. This includes updating the operating system and applications and patching any security vulnerabilities as soon as possible. It’s also crucial to watch for upcoming or emerging technologies that may benefit the network.
Computer Networking & Data Traffic
Computer networking aims to carry data traffic so we can share resources. The first use case of computer networks was to share printers; now, we have a variety of use cases that evolve around data traffic. Data traffic can be generated from online activities such as streaming videos, downloading files, surfing the web, and playing online games. It is also generated from behind-the-scenes activities such as system updates and background and software downloads.
Data traffic is the amount transmitted over a network or the Internet. It is typically measured in bits, bytes, and packets per second. Data traffic can be both inbound and outbound. Inbound traffic is data coming into a network or computer, and outbound traffic is data leaving a network or computer. Inbound data traffic should be inspected by a security device, such as a firewall, which can either be at the network’s perimeter or on your computing device. At the same time, outbound traffic is generally unfiltered.
To keep up with the increasing demand, companies must monitor data traffic to ensure the highest quality of service and prevent network congestion. With the right data traffic monitoring tools and strategies, organizations can improve network performance and ensure their data is secure.
Quality of Service (QoS) is a popular technique used in computer networking. QoS can segment applications so that different types will have different priority levels. For example, Voice traffic is often considered more critical than web surfing traffic. Especially as it is sensitive to packet loss. So when there is congestion on the network, QoS allows administrators to prioritize network traffic so users have the best experience.
- A key point: Knowledge Check. Expedited Forwarding (EF)
Expedited Forwarding (EF) is a model of network traffic management that provides preferential treatment to certain types of traffic. The EF model is a way to prioritize traffic, specifically real-time traffic such as voice, video, and streaming media, over other types of traffic, such as email and web browsing. This allows these real-time applications to function more reliably and efficiently by reducing latency and jitter.
The EF model works by assigning a traffic class to each data packet. Each packet is assigned a class based on the type of data it contains, and the assigned class dictates how the network treats the packet. The EF model has two categories, EF for real-time traffic and Best Effort (BE) for other traffic. EF traffic is given preferential treatment, meaning it is prioritized over BE traffic, resulting in a higher quality of service for the EF traffic.
The EF model is an effective and efficient way to manage computer network traffic. By prioritizing real-time traffic, the EF model allows these applications to function more reliably, with fewer delays and a higher quality of service. Additionally, the EF model is more efficient, reducing the amount of traffic that needs to be managed by the network.
Computer Networking Components – Devices:
Firstly, the devices. Media interconnect devices provide the channel over which the data travels from source to destination. Many devices are virtualized today, meaning they no longer exist as separate hardware units. One physical device can emulate multiple end devices. In addition to having its operating system and required software, an emulated computer system operates as a separate physical unit. Devices can be further divided into endpoints and intermediary devices.
Endpoint is a device part of a computer network, including PCs, laptops, tablets, smartphones, video game consoles, and televisions. Endpoints can physical hardware units, such as file servers, printers, sensors, cameras, manufacturing robots, and smart home components. Nowadays, we have virtualised endpoints.
Computer Networking Components – Intermediate Devices
Layer 2 Switches:
These devices enable multiple endpoints, such as PCs, file servers, printers, sensors, cameras, and manufacturing robots, to connect to the network. Switches allow devices to communicate on the same network. Switches attempt to forward messages from the sender so the destination can only receive them, unlike a hub that floods traffic out of all ports. Switch operates with MAC addresses and works at Layer 2 of the OSI model.
Usually, all the devices that connect to a single switch or a group of interconnected switches belong to a common network. They can therefore exchange information directly with each other. If an end device wants to communicate with a device on a different network, it requires the “services” of a device known as a router, which connects other networks and works higher up in the OSI model at Layer 3. Routers work with the IP protocol.
Routers’ primary function is to route traffic between computer networks. For example, you need a router to connect your office network to the Internet. Routers connect computer networks and intelligently select the best paths between them, and they hold destinations in what is known as a routing table. There are different routing protocols for different-sized networks, and each will have different routing convergence times.
We have recently combined functions for Layer 2 and Layer 3 functionality. So we have a Layer 3 router with a Layer 2 switch module inserted, or we can have what’s known as a multilayer switch that combines the functions of Layer 3 routing and Layer 2 switch functionality on a single device.
Wi-Fi access points:
These devices allow wireless devices to connect. They usually connect to switches but can also be integrated into routers. My WAN router has everything in one box: Wi-Fi, Ethernet LAN, and network services such as NAT and WAN. Wi-Fi access points provide wireless internet access within a specified area. Wi-Fi access points are typically found in coffee shops, restaurants, libraries, and airports in public settings. These access points allow anyone with a Wi-Fi-enabled device to access the Internet without needing additional hardware.
WLAN controllers are devices used to automate the configuration of wireless access points. It provides centralized management of wireless networks and acts as a gateway between wireless and wired networks. Administrators can monitor and manage the entire WLAN, set up security policies, and configure access points through the controller. WLAN controllers also authenticate users, allowing them to access the wireless network.
In addition, the WLAN controller can also detect and protect against malicious activities such as unauthorized access, denial-of-service attacks, and interference from other wireless networks. By using the controller, administrators can also monitor the usage of the wireless network and make sure that the network is secure.
Then we have firewalls that are the cornerstone of security. There will be different firewall types depending on your requirement. Firewalls range from basic packet filterings to advanced next-generation firewalls and come in virtual and physical forms. Generally, a firewall monitors and controls incoming and outgoing traffic according to predefined security rules. The firewall will have a default rule set so that some firewall interfaces are more trusted than others, blankly restricting traffic from outside to inside, but you need to set up a policy for firewalls to work.
A firewall typically establishes a barrier between a trusted, secure internal network and another outside network, such as the Internet, which is assumed not to be secure or trusted. Firewalls are typically deployed in a layered approach, meaning multiple security measures are used to protect the network. Firewalls provide application, protocol, and network layer protection.
- Application layer protection:
The next layer is the application layer, designed to protect the network from malicious applications, such as viruses and malware. The application layer also includes software like firewalls to detect and block malicious traffic.
- Protocol layer protection:
The third layer is the protocol layer. This layer focuses on ensuring that the data traveling over a network is encrypted and that it is not allowed to be modified or corrupted in any way. This layer also includes authentication protocols that prevent unauthorized users from accessing the network.
- Network Layer protection
Finally, the fourth layer is network layer protection. This layer focuses on controlling access to the network and ensuring that users cannot access resources or applications they are not authorized to use.
A network intrusion protection system (IPS):
An IPS or IDS analyzes network traffic to search for signs that a particular behavior is suspicious or malicious. The IPS can take protective action immediately if it detects such behavior. In addition, the IPS and firewall can work together to protect a network. So if an IPS detects suspicious behavior, it can trigger a policy or rule for the firewall to implement.
An intrusion protection system can alert administrators of suspicious activity, such as attempts to gain unauthorized access to confidential files or data. Additionally, it can block malicious activity if necessary; they provide a layer of defense against malicious actors and cyber attacks. Intrusion protection systems are essential to any organization’s security plan.
Computer Networking Components – Media
Next, we have the media. The media connects network devices. Different media have different characteristics, and selecting the most appropriate medium depends on the circumstances, including the environment in which the media is used and the distances that need to be covered. The media will need some connectors. A connector makes it much easier to connect wired media to network devices. A connector is a plug attached to each end of the cable. RJ-45 connector is the most common type of connector on an Ethernet LAN.
Ethernet: Wired LAN technology.
The term Ethernet refers to an entire family of standards. Some standards define how to send data over a particular type of cabling and at a specific speed. Other standards define protocols or rules that the Ethernet nodes must follow to be a part of an Ethernet LAN. All these Ethernet standards come from the IEEE and include 802.3 as the beginning of the standard name.
Introducing Copper and Fiber
Ethernet LANs use cables for the links between nodes on a computer network, and because many types of cables use copper wires, Ethernet LANs are often called wired LANs. Ethernet LANs also use fiber-optic cabling, which includes a fiberglass core that devices use to send data using light.
Materials inside the cable: UTP and Fiber
The most fundamental cabling choice concerns the materials used inside the cable to transmit bits physically: either copper wires or glass fibers.
- Unshielded twisted pair (UTP) cabling devices transmit data over electrical circuits via the copper wires inside the cable.
- Fiber-optic cabling, the more expensive alternative, allows Ethernet nodes to send light over glass fibers in the cable’s center.
Although more expensive, optical cables typically allow longer cabling distances between nodes. So you have UTP cabling in your LAN and Fiber-optic cabling over the WAN.
UTP and Fiber
The most common copper cabling for Ethernet is UTP. Unshielded twisted pair (UTP) is cheaper than the other two and is easier to install and troubleshoot. The capability of many UTP-based Ethernet standards to use a cable length of up to 100 meters means that most Ethernet cabling in an enterprise uses UTP cables. The distance from an Ethernet switch to every endpoint on the floor of a building will likely be less than 100m. In some cases, however, an engineer might prefer first to use fiber cabling for some links in an Ethernet LAN to reach greater distances.
Then we have fiber-optic cabling, a glass core that carries light pulses and is immune to electrical interference. Fiber-optic cabling is typically used as a backbone between buildings. So fiber cables are high-speed transmission mediums. It contains tiny glass or plastic filaments as the medium to which light passes.
Cabling types: Multimode and Single Mode
So there are two main types of fiber optic cables. So we have single-mode fiber ( SMF) and multimode fiber ( MMF). Two implementations of fiber-optic include MMF for shorter distances and SMF for longer distances. Multimode improves the maximum distances over UTP and uses less expensive transmitters than single-mode. Standards vary; for instance, the standards for 10 Gigabit Ethernet over Fiber allow for distances up to 400m, often allowing for connecting devices in different buildings in the same office park.
Network Services and Protocols
So we need to follow these standards and rules of the game. And we also need protocols, so we have the means to communicate. If you use your web browser, you use the HTTP protocol. And if you are sending an email, we are using other protocols such as IMAP and SMTP. So a protocol establishes a set of rules that determine how data is transmitted between different devices in the network. So the two protocols need to talk to each other. Such as HTTP at one end to HTTP at the other end. So consider protocol in the same way as speaking the same language. So we need to speak the same language to communicate. Then we have standards that we need to follow for computer networking, such as the TCP/IP suite.
Types of protocols
So we have different types of protocols. The following are the main types of protocols used in computer networking.
- Communication Protocols
For example, we have routing protocols on our routers that help you forward traffic. This would be an example of a communication protocol that allows different devices to communicate with each other. Another example of a communication protocol would be instant messaging. Instant messaging is instantaneous, text-based communication you probably have used on your smartphone. So here we have several instant messaging network protocols. Short Message Service (SMS): This communications protocol was created to send and receive text messages over cellular networks.
- Network Management
Network management protocols define and describe the various operating procedures of a computer network. These protocols affect various devices on a single network — including computers, routers, and servers — to ensure each one and the network, as a whole, perform optimally.
- Security Protocols
Security protocols, also called cryptographic protocols, ensure that the network and the data sent over it are protected from unauthorized users. Security protocols are implemented on more than just your network security devices. They are implemented everywhere. The standard functions of security network protocols include encryption: Encryption protocols protect data and secure areas by requiring users to input a secret key or password to access that information.
Characteristics of a network
In a carefully designed network, data flows are optimized, and the network performs as intended based on the network topology. Network topology is the arrangement of a computer network’s elements (links, nodes, etc.). It can be used to illustrate a network’s physical and logical layout and how it functions.
Bitrate or Bandwidth:
It is often referred to as bandwidth or speed in device configurations, sometimes considered speed. Bitrate measures the data rate in bits per second (bps) of a given link in the network. The number of bits transmitted in a second is more important than the speed at which one bit is transmitted over the link – which is determined by the physical properties of the medium that propagates the signal. Many link bit rates are commonly encountered today, including 1 and 10 gigabits per second (1 and 10 billion bits per second). Some links can reach 100 and even 400 gigabits per second.
Network availability is determined by several factors, including the type of network being used, the number of users, the complexity of the network, the physical environment, and the availability of network resources. Network availability should also be addressed in terms of redundancy and backup plans. Redundancy helps to ensure that the system is still operational even if one or more system components fail. Backup plans should also be in place in the event of a system failure.
A network’s availability is calculated based on the percentage of time it is accessible and operational. To calculate this percentage, divide the number of minutes the network is available by the total number of minutes it is available for over an agreed period and divide it by 100. In other words, availability is the ratio of uptime and total time, expressed in percentage.
Network High Availability:
High availability is a key component of a successful IT infrastructure. It ensures that systems and services remain available and accessible to users and customers. High availability is achieved by using redundancies, such as multiple servers, systems, and networks, to ensure that if one component fails, a backup component is available. High availability is also achieved through fault tolerance, which involves designing systems that respond to failures without losing data or becoming unavailable. High availability can be achieved through various strategies like clustering, virtualization, and replication.
Network reliability can be achieved by implementing a variety of measures, often through redundancy. Redundancy is a crucial factor in ensuring a reliable network. Redundancy has multiple components to provide a backup in case of failure. Redundancy can include having multiple servers, routers, switches, and other hardware devices. Redundancy can also involve having multiple sources of power, such as multiple power supplies or batteries, and multiple paths for data to travel through the network.
For adequate network reliability, you also need to consider network monitoring. Network monitoring involves using software and hardware tools to monitor the network’s performance continuously. Monitoring can detect and alert administrators of potential performance issues or failures. We have a new term called Observability, which reflects monitoring in today’s environment more accurately.
A network’s scalability indicates how easily it can accommodate more users and data transmission requirements without affecting performance. It can be costly and difficult to meet new needs when the network grows if you design and optimize it only for the current conditions. In terms of network scalability, several factors must be taken into account. First and foremost, the network must be designed with the expectation that the number of devices or users will increase over time. This includes hardware and software components, as the network must support the increased traffic. Additionally, the network must be designed to be flexible so that it can easily accommodate changes in traffic or user count.
Network security is protecting the integrity and accessibility of networks and data. It involves a range of protective measures designed to prevent unauthorized access, misuse, modification, or denial of a computer network and its processing data. These measures include physical security, technical security, and administrative security. A network’s security tells you how well it protects itself against potential threats. The subject of security is essential, and defense techniques and practices are constantly evolving. The network infrastructure and the information transmitted over it should also be protected. Whenever you take actions to affect the network, you should consider security. An excellent way to view network security is to take a zero-trust approach,
Virtualization can be done at the hardware, operating system, and application level. At the hardware level, physical hardware can be divided into multiple virtual machines, each running its operating system and applications. At the operating system level, virtualization can run multiple operating systems on the same physical server, allowing for more efficient use of resources. Multiple applications can run on the same operating system at the application level, allowing for better resource utilization and scalability.
Overall, virtualization can provide several benefits, including improved efficiency, utilization, and flexibility, as well as improved security and scalability. It can consolidate and manage hardware or simplify application movement between different environments. Virtualization can also make it easier to manage different environments and provide better security by isolating different applications.
Computer Networking and Network Topologies
Physical and logical topologies exist in networks. The physical topology describes the physical layout of the devices and cables. A physical topology may be the same in two networks but may differ in distances between nodes, physical connections, transmission rates, or signal types. There are various types of physical topologies you may encounter in wired networks. Identifying the type of cabling used is essential when describing the physical topology. Physical topology can be categorized into the following categories:
- Bus Topology:
In a bus topology, every workstation is connected to a common transmission medium, a single cable called a backbone or bus. In a previous bus topology, computers and other network devices were connected to a central coaxial cable via connectors, resulting in direct connectivity.
- Ring Topology:
In a ring topology, computers and other network devices are cabled in succession, with the last device connected to the first to form a circle or ring. There are two neighbors for every device in the network, and there are no direct connections between them. When one node sends data to another, it passes through each node between them until it reaches its destination.
- Star Topology:
A star topology is the most common physical topology, where network devices are connected to a central device through point-to-point connections. It is also known as the hub and spoke topology. A spoke device does not have a direct physical connection to another. This topology can also be called the extended star topology. A device with its spokes replaces one or more spoke devices in an extended star topology.
- Mesh Topology:
One device can be connected to more than one other in a mesh topology. For one node to reach another, multiple paths are available. Redundant links enhance reliability and self-healing. In a full mesh topology, all nodes are connected. In partial mesh, some nodes do not connect to all other nodes.
Introducing Switching Technologies
All Layer 2 devices connect to switches to communicate with one another. Switches work at layer two of the Open Systems Interconnection (OSI) model, the data link layer. Switches are ready to use right out of the box. In contrast to a router, a switch doesn’t require configuration settings by default. When you unbox the switch, it does not need to be configured to perform its role, which is to provide connectivity for all devices on your network. After putting power on the switch and connecting the systems, the switch will forward traffic to each connected device as needed.
- Switch vs. Hubs
Moreover, you learned that switches had replaced hubs since they provide more advanced capabilities and are better suited to today’s computer networks. Advanced functionality includes filtering traffic by sending data only to the destination port (while a hub always sends data to all ports).
- Full Duplex vs. Half Duplex
With a full duplex, both parties can talk and listen simultaneously, making it more efficient than half-duplex communication, where only one can speak simultaneously. Full duplex communication is also more reliable since it is less likely to experience interference or distortion. Until switches became available, communication devices were only half-duplexed with hubs. A half-duplex device can send and receive simultaneously, but not simultaneously send and receive.
- VLAN: Logical LANs
Virtual Local Area Networks (VLANs) are computer networks that divide a single physical local area network (LAN) into multiple logical networks. This partitioning allows for the segmentation of broadcast traffic, which helps to improve network performance and security.
VLANs enable administrators to set up multiple networks within a single physical LAN without needing separate cables or ports. These benefits businesses need to separate data and applications between multiple teams, departments, or customers. In a VLAN, each segment is identified by a unique identifier or VLAN ID. The VLAN ID is used to associate traffic with a particular VLAN segment. For example, if a user needs to access an application on a different VLAN, the packet must be tagged with the VLAN ID of the destination segment to be routed correctly.
VLANs also provide security benefits. A VLAN can help prevent malicious traffic from entering a segment by segmenting traffic into logical networks. This helps prevent attackers from gaining access to the entire network. Additionally, VLANs can isolate critical or confidential data from other users on the same network. VLANs can be implemented on almost any network, including wired and wireless networks. They can also be combined with other network technologies, such as routing and firewalls, to improve security further.
Overall, VLANs are a powerful tool to help improve performance and security in a local area network. With the right implementation and configuration, businesses can enjoy improved performance and better protection when using VLANs.
IP Routing Process
IP routing works by examining the IP address of each packet and determining where it should be sent. Routers are responsible for this task and use routing protocols such as RIP, OSPF, EIGRP, and BGP to decide the best route for each packet. In addition, each router contains a routing table, which includes information on the best path to a given destination.
When a router receives a packet, it looks up the destination in its routing table. If the destination is known, the router will make a forwarding decision based on the routing protocol. The router will use a default gateway to forward the packet if the destination is unknown. To route packets successfully, routers must be configured appropriately and must be able to communicate with one another. Routers must also be able to detect any changes to the network, such as link failures or changes in network topology.
IP routing is an essential component of any network and ensures that packets are routed as efficiently as possible. Therefore, ensuring routers are properly configured and maintained to route packets successfully is essential.
- Routing Table
A routing table is a data table stored in a router or a networked computer that lists the possible routes a packet of data can take when traversing a network. The routing table contains information about the network’s topology and decides which route a packet should take when leaving the router or computer. Therefore, the routing table must be updated to ensure data packets are routed correctly.
The routing table usually contains entries that specify which interface to use when forwarding a packet. Each entry may contain network destination addresses and the associated metrics, such as the cost or hop count of the route. In addition to the destination address, each entry can include a subnet mask, a gateway address, and a list of interface addresses.
Routers use the routing table to determine which interface to use when forwarding packets. When a router receives a packet, it looks at the packet’s destination address and compares it to the entries in the routing table. Once it finds a match, it forwards the packet to the corresponding interface.
- DMVPN - May 20, 2023
- Computer Networking - April 7, 2023
- eBOOK – SASE Capabilities - April 6, 2023