VLANs
VLANs (Virtual LAN) enable network managers to group users logically (based on functions, project teams or applications) rather than by physical location. Traffic can only be routed between VLANs. VLANs provide the segmentation traditionally provided by physical routers in LAN configuration.VLANs and Inter VLAN Routing
Advantages of Using VLANs
Broadcast Control— Just as switches physically isolate collision domains for attached hosts and only forward traffic out a particular port, VLANs provide logical bridging domains that confine broadcast and multicast traffic to the VLANs. Security— If you do not allow routing in a VLAN, no users outside of that VLAN can communicate with the users in the VLAN and vice versa. This extreme level of security can be highly desirable for certain projects and applications. Performance— You can assign users that require high-performance or isolated networking to separate VLANs. TCP/UDP
Transport Layer Protocol TCP is connection Oriented (uses checksum and acknowledgment) UDP is Connectionless Both use the concept of Connection Port Number (16 Bit Source Port Number and Destination Port Number) Standard Applications have standard Port Numbers (Email 25, Telnet 23, FTP 20 & 21, SSH 22) NATTING
Private vs Public IP Addresses
Whatever connects directly into Internet must have public (globally unique) IP address There is a shortage of public IPv4 address So Private IP addresses can be used within a private network Three address ranges are reserved for private usage 10.0.0.0/8 172.16.0.0/16 to 172.31.0.0/16 192.168.0.0/24 to 192.168.255.0/24 A private IP is mapped to a Public IP, when the machine has to access the InternetNAT
NAT (Network Address Translation) Maps Private IPs to Public IPs It is required because of shortage of IPv4 AddressNAT
Static NAT : Maps unique Private IP to unique Public IP Dynamic NAT : Maps Multiple Private IP to a Pool of Public IPs (Port Address Translation : Maps a Public IP and Port Number to a service in Private IP)VPN
VPN is a private connection between two systems or networks over a shared or public network (typically Internet). VPN technology lets an organization securely extend its network services over the Internet to remote users, branch offices, and partner companies. In other words, VPN turns the Internet into a simulated private WAN. VPN is very appealing since the Internet has a global presence, and its use is now standard practice for most users and organizations.VPN
How VPN Works
To use the Internet as a private Wide Area Network, organizations may have to address two issues : First, networks often communicate using a variety of protocols, such as IPX and NetBEUI, but the Internet can only handle TCP/IP traffic. So VPN may need to provide a way to pass non-TCP/IP protocols from one network to another. Second data packets traveling the Internet are transported in clear text. Therefore, anyone who can see Internet traffic can also read the data contained in the packets. This is a problem if companies want to use the Internet to pass important, confidential business information. VPN overcome these obstacles by using a strategy called Tunneling. Instead of packets crossing the Internet out in the open, data packets are fist encrypted for security, and then encapsulated in an IP packet by the VPN and tunneled through the Internet. The VPN tunnel initiator on the source network communicates with a VPN tunnel terminator on the destination network. The two agree upon an encryption scheme, and the tunnel initiator encrypts the packet for security. Advantages of Using VPN
VPN technology provides many benefits. Perhaps the biggest selling point for VPN is cost savings. One can avoid having to purchase expensive leased lines to branch offices or partner companies. On another cost-related note, you can evade having to invest in additional WAN equipment and instead leverage your existing Internet installation. Another benefit of VPN is that it is an ideal way to handle mobile users. 
No comments:
Post a Comment