search the articles directory
Powered by Google™
old Networks articles
Label Distribution with Label Distribution Protocol - ...l information base (LIB). Each Label Switch Router has only one local binding
per prefix, at least when the label space is per platform. If the l...
Label Switched Path - ... is the ingress Label Switch Router for that Label Switch Routers, whereas
the last Label Switch Router of the Label Switch Routers is the egress...
Label Switch Routers Control Modes - ...dependent Label Switch Routers Control mode. In this control mode, each Label Switch Router creates a local binding for a
particular Forward...
How Multiprotocol Label Switching Works - ...l Distribution Protocol is down is used unless it is the only path. (No other paths have a better
metric.) After the Label Distribution Protocol ...
Multiprotocol Label Switching and Asynchronous Transfer Mode Architecture - ...sfer Mode was predominantly in the WAN network. Many vendors built Asynchronous Transfer Mode switches
that could set up virtual circuits in the ...
Label Advertisement - ...change IP prefixes which are put in the
routing table. After Label Distribution Protocol forms a session across the control VC, it can exchange ...
Cisco Express Forwarding - ...n understand its
role in Multiprotocol Label Switching networks.
Overview of Cisco IOS Switching Methods
The b...
Load Balancing in CEF - ...maximum-path 2 under the
routing protocol Open Shortest Path First (OSPF), only two OSPF paths per prefix are allowed in
the routing...
Multiprotocol Label Switching Virtual Private Network - ... Frame Relay and Asynchronous Transfer Mode services that were popular before it, Multiprotocol Label Switching Virtual Private Network
is now see...
Virtual Private LAN Service - ...dquo; in VPLS. When the customer
with different Ethernet sites connects to an Multiprotocol Label Switching backbone where VPLS is deployed, it a...
Router Alert Option and Router Alert Label - ...her before
forwarding it. What this inspection means is not defined and is up to the software implementation
on the router. The Router Alert ...
FCS Retention and OAM Protocols - ... Label Switch Routers introduce a problem whereby they change the payload of the Multiprotocol Label Switching packet.
This problem can go undet...
Deploying a network security policy - ...number of ways, including (but not
limited to):
- Financial A new network security policy may require you to purch...
Cost of network infrastructure failure - ...ot all data is created equal, and if your company manufactures steel troughs for horse feed, there’s
a good chance your network data is no...
Drafting the Network Security Policy and the firewall - ...o the
organization?
Guidelines In this section, you should detail guidelines for choosing controls
to meet the objectiv...
Defining Different Types of Network Access - ...management station. Otherwise, you will have
to maintain a different policy for different locations. Although for business reasons
this might...
Identify and evaluate the potential risks and threats to your network - ... and likelihood of loss resulting from those risks and threats if they materialize.
You should be looking at and establishing a risk evaluation...
DMZ Security for Data Transmission between Hosts on the Network - ...LAN infrastructure. One of the primary reasons
why the DMZ has come into favor is the realization that a single type of protection
is subject...
latest articles under "Networks"
Navigation: Categories » Computers and technology » Networks
Below is a list of all Networks articles. If you want to find a tutorial by keywords, all you have to do is a quick search in our directory. Just use the search option available at the top-right side of the page. The website search is powered by web-articles. Or, if you want to read specific Networks tutorial, just point to it. The newest articles and tutorials are shown first in the list. To access the last ones, browse the pages 2, 3, 4... at the bottom. Also, you may browse articles alphabetically ordered.
Page# 1 (last added articles shown first)
Enter page# 1 (last added articles shown first)
Below is a list of all Networks articles. If you want to find a tutorial by keywords, all you have to do is a quick search in our directory. Just use the search option available at the top-right side of the page. The website search is powered by web-articles. Or, if you want to read specific Networks tutorial, just point to it. The newest articles and tutorials are shown first in the list. To access the last ones, browse the pages 2, 3, 4... at the bottom. Also, you may browse articles alphabetically ordered.
Page# 1 (last added articles shown first)
Deploying a network security policy (11/20/2007)
(...) - Legal Depending on your country and the activity of your business, you may be required to comply with legislative measures such as HIPPAA or Graham-Leach-Bliley.You need to consider these regulations when designing your network security policy. Before you can begin to implement a new network security policy, you need to perform extensive planning and preparation before writing documents and configuring new hardware or software. (...)
(...) - Legal Depending on your country and the activity of your business, you may be required to comply with legislative measures such as HIPPAA or Graham-Leach-Bliley.You need to consider these regulations when designing your network security policy. Before you can begin to implement a new network security policy, you need to perform extensive planning and preparation before writing documents and configuring new hardware or software. (...)
Cost of network infrastructure failure (11/20/2007)
(...) It’s hard to perform an impact analysis on an infrastructure breach without also seeing how it would affect your wireless network components, your Web site, or your policies and procedures. However, in looking at the impact to your infrastructure, you’ll need to understand how a breach could affect the very foundation of your organization.The impact analysis should include: - Cost of network infrastructure failure (downtime) Server down, database server down, routers down, etc. (...)
(...) It’s hard to perform an impact analysis on an infrastructure breach without also seeing how it would affect your wireless network components, your Web site, or your policies and procedures. However, in looking at the impact to your infrastructure, you’ll need to understand how a breach could affect the very foundation of your organization.The impact analysis should include: - Cost of network infrastructure failure (downtime) Server down, database server down, routers down, etc. (...)
Drafting the Network Security Policy and the firewall (11/20/2007)
(...) This section is written with the words such as, “It is the policy that… .” NOTE Remember that any type of traffic that takes place on your network should be defined somewhere within your network policy. - Procedures In this section, you should detail the procedures for maintaining the security solution, such as how often the logs should be reviewed and who is authorized to make changes. (...)
(...) This section is written with the words such as, “It is the policy that… .” NOTE Remember that any type of traffic that takes place on your network should be defined somewhere within your network policy. - Procedures In this section, you should detail the procedures for maintaining the security solution, such as how often the logs should be reviewed and who is authorized to make changes. (...)
Defining Different Types of Network Access (11/20/2007)
(...) - Small/medium enterprise When networks become larger than the typical SOHO configuration, you’ll begin to see networks that run more infrastructure services in-house, including DHCP, DNS, e-mail, and VPN services. Here you’ll also see the beginnings of access requirements that cross the boundaries of trusted networks, where you may need to configure a trust relationship or a federated access for a B2B arrangement between vendors or suppliers. Small- to medium-sized enterprise networks will typically have one or more dedicated IT staff available of varying skill levels who can implement network security policies and procedures. (...)
(...) - Small/medium enterprise When networks become larger than the typical SOHO configuration, you’ll begin to see networks that run more infrastructure services in-house, including DHCP, DNS, e-mail, and VPN services. Here you’ll also see the beginnings of access requirements that cross the boundaries of trusted networks, where you may need to configure a trust relationship or a federated access for a B2B arrangement between vendors or suppliers. Small- to medium-sized enterprise networks will typically have one or more dedicated IT staff available of varying skill levels who can implement network security policies and procedures. (...)
Identify and evaluate the potential risks and threats to your network (11/20/2007)
(...) If this sounds like a fantasy, you are wrong.These types of guarantees can be made when you use IPSec VPN technologies. When you use an IPSec connection between two networks or a client and a network, you can ensure that no one looked at the data and no one modified it. (...)
(...) If this sounds like a fantasy, you are wrong.These types of guarantees can be made when you use IPSec VPN technologies. When you use an IPSec connection between two networks or a client and a network, you can ensure that no one looked at the data and no one modified it. (...)
DMZ Security for Data Transmission between Hosts on the Network (11/20/2007)
(...) Before doing so, however, let’s make sure we understand the basic configurations that can be used for firewall and DMZ location and how each can be visualized. In the following figures, we’ll see and discuss these configurations. Please note that each of these configurations is useful on internal networks needing protection, and protecting your resources from networks such as the Internet. (...)
(...) Before doing so, however, let’s make sure we understand the basic configurations that can be used for firewall and DMZ location and how each can be visualized. In the following figures, we’ll see and discuss these configurations. Please note that each of these configurations is useful on internal networks needing protection, and protecting your resources from networks such as the Internet. (...)
Label Switched Path (04/08/2007)
(...) This ingress Label Switch Router of the nested Label Switch Routers then pushes a second label onto the packet. The label stack of the packet on the second Label Switch Routers has two labels now. The top label belongs to the nested Label Switch Routers, and the bottom label belongs to the Label Switch Routers that spans the entire Multiprotocol Label Switching network. (...)
(...) This ingress Label Switch Router of the nested Label Switch Routers then pushes a second label onto the packet. The label stack of the packet on the second Label Switch Routers has two labels now. The top label belongs to the nested Label Switch Routers, and the bottom label belongs to the Label Switch Routers that spans the entire Multiprotocol Label Switching network. (...)
Label Switch Routers Control Modes (04/08/2007)
(...) If the Label Switch Router were running in Ordered Label Switch Routers Control mode, this Label Switch Router would only assign a local label binding for the IGP prefixes that are marked as connected in its routing table and also for the IGP prefixes for which it has already received a label binding from the nexthop router (as noted in the routing table). Cisco IOS uses Independent Label Switch Routers Control mode. Asynchronous Transfer Mode switches that are running Cisco IOS use Ordered Label Switch Routers Control mode by default. (...)
(...) If the Label Switch Router were running in Ordered Label Switch Routers Control mode, this Label Switch Router would only assign a local label binding for the IGP prefixes that are marked as connected in its routing table and also for the IGP prefixes for which it has already received a label binding from the nexthop router (as noted in the routing table). Cisco IOS uses Independent Label Switch Routers Control mode. Asynchronous Transfer Mode switches that are running Cisco IOS use Ordered Label Switch Routers Control mode by default. (...)
How Multiprotocol Label Switching Works (04/08/2007)
(...) Synchronized here means that the local label bindings have been sent over the Label Distribution Protocol session to the Label Distribution Protocol peer. However, when the synchronization is turned on at router A and that router has only one link to router B and no other IP connectivity to router B via another path (this means via other routers), the OSPF adjacency never comes up. OSPF waits for the Label Distribution Protocol session to come up, but the Label Distribution Protocol session cannot come up because router A cannot have the route for the Label Distribution Protocol router ID of router B in its routing table. (...)
(...) Synchronized here means that the local label bindings have been sent over the Label Distribution Protocol session to the Label Distribution Protocol peer. However, when the synchronization is turned on at router A and that router has only one link to router B and no other IP connectivity to router B via another path (this means via other routers), the OSPF adjacency never comes up. OSPF waits for the Label Distribution Protocol session to come up, but the Label Distribution Protocol session cannot come up because router A cannot have the route for the Label Distribution Protocol router ID of router B in its routing table. (...)
Multiprotocol Label Switching and Asynchronous Transfer Mode Architecture (04/08/2007)
(...) LANE specified how to carry Ethernet frames across the Asynchronous Transfer Mode cloud. MPOA provided a tight integration of IP over Asynchronous Transfer Mode, but it was a complex solution. None of these solutions was perfect in providing a better fit between IP and Asynchronous Transfer Mode. (...)
(...) LANE specified how to carry Ethernet frames across the Asynchronous Transfer Mode cloud. MPOA provided a tight integration of IP over Asynchronous Transfer Mode, but it was a complex solution. None of these solutions was perfect in providing a better fit between IP and Asynchronous Transfer Mode. (...)
Label Advertisement (04/08/2007)
(...) To create these LVCs, you must configure the Asynchronous Transfer Mode interfaces on the Asynchronous Transfer Mode switches and routers to be Label Switching Controlled-Asynchronous Transfer Mode (LC-Asynchronous Transfer Mode) interfaces. Each such LC-Asynchronous Transfer Mode interface must have the control virtual circuit. On routers and Asynchronous Transfer Mode switches that are running Cisco IOS, this is by default the virtual circuit 0/32. (...)
(...) To create these LVCs, you must configure the Asynchronous Transfer Mode interfaces on the Asynchronous Transfer Mode switches and routers to be Label Switching Controlled-Asynchronous Transfer Mode (LC-Asynchronous Transfer Mode) interfaces. Each such LC-Asynchronous Transfer Mode interface must have the control virtual circuit. On routers and Asynchronous Transfer Mode switches that are running Cisco IOS, this is by default the virtual circuit 0/32. (...)
Cisco Express Forwarding (04/08/2007)
(...) In process switching, a special Cisco IOS process that is scheduled to run when the router receives packets is what performs the switching of packets. A Cisco IOS process does not perform the switching of packets in Interrupt mode. Rather, when packets arrive to the router, the interface processor interrupts the central CPU and asks it to switch the packet according to a route cache or switching table. (...)
(...) In process switching, a special Cisco IOS process that is scheduled to run when the router receives packets is what performs the switching of packets. A Cisco IOS process does not perform the switching of packets in Interrupt mode. Rather, when packets arrive to the router, the interface processor interrupts the central CPU and asks it to switch the packet according to a route cache or switching table. (...)
Load Balancing in CEF (04/08/2007)
(...) The default CEF load balancing scheme is per-destination. This terminology is a bit misleading, though, because the CEF per-destination load balancing is done by hashing the destination and source IP address. In contrast, the per-destination load balancing that fast switching does is strictly by looking at the destination IP address. (...)
(...) The default CEF load balancing scheme is per-destination. This terminology is a bit misleading, though, because the CEF per-destination load balancing is done by hashing the destination and source IP address. In contrast, the per-destination load balancing that fast switching does is strictly by looking at the destination IP address. (...)
Multiprotocol Label Switching Virtual Private Network (04/08/2007)
(...) The Virtual Private Network usually belongs to one company and has several sites interconnected across the common service provider infrastructure. The private network requires that all customer sites are able to interconnect and are completely separate from other Virtual Private Networks. That is the minimum connectivity requirement. (...)
(...) The Virtual Private Network usually belongs to one company and has several sites interconnected across the common service provider infrastructure. The private network requires that all customer sites are able to interconnect and are completely separate from other Virtual Private Networks. That is the minimum connectivity requirement. (...)
Virtual Private LAN Service (04/08/2007)
(...) This is the same as for Ethernet over Multiprotocol Label Switching (EoMultiprotocol Label Switching). However, EoMultiprotocol Label Switching is a service that is point-to-point in nature, whereas VPLS—emulating a LAN—is point-to-multipoint in nature and as such must support replicating broadcast and multicast frames. Finally, VPLS must perform some features that are inherent to an Ethernet switch—such as MAC address learning and aging—if the virtual switch is to be emulated. (...)
(...) This is the same as for Ethernet over Multiprotocol Label Switching (EoMultiprotocol Label Switching). However, EoMultiprotocol Label Switching is a service that is point-to-point in nature, whereas VPLS—emulating a LAN—is point-to-multipoint in nature and as such must support replicating broadcast and multicast frames. Finally, VPLS must perform some features that are inherent to an Ethernet switch—such as MAC address learning and aging—if the virtual switch is to be emulated. (...)
Router Alert Option and Router Alert Label (04/08/2007)
(...) Of course, you could program the Label Switch Router to perform deep packet inspection and always look at the IP header information of labeled packets to determine whether the Router Alert option were present. However, that could lead to a serious forwarding performance impact on the Label Switch Router, so it is not the best solution. It might not even be possible to do this in hardware forwarding engines, or it might be too costly. (...)
(...) Of course, you could program the Label Switch Router to perform deep packet inspection and always look at the IP header information of labeled packets to determine whether the Router Alert option were present. However, that could lead to a serious forwarding performance impact on the Label Switch Router, so it is not the best solution. It might not even be possible to do this in hardware forwarding engines, or it might be too costly. (...)
FCS Retention and OAM Protocols (04/08/2007)
(...) Path MTU Discovery and careful usage of the IP MTU and Multiprotocol Label Switching MTU commands generally get you far. Sometimes fragmentation is unavoidable, as in the case of Path MTU Discovery not working because of firewalls blocking the ICMP messages needed for Path MTU Discovery to work properly. If the payload is IP traffic, the ingress PE router can fragment the IP packet before it enters the pseudowire. (...)
(...) Path MTU Discovery and careful usage of the IP MTU and Multiprotocol Label Switching MTU commands generally get you far. Sometimes fragmentation is unavoidable, as in the case of Path MTU Discovery not working because of firewalls blocking the ICMP messages needed for Path MTU Discovery to work properly. If the payload is IP traffic, the ingress PE router can fragment the IP packet before it enters the pseudowire. (...)
Multiprotocol Label Switching (04/07/2007)
(...) When a router forwards an IP packet, it does not change a value that pertains to the destination of the packet; that is, it does not change the destination IP address of the packet. The fact that the Multiprotocol Label Switching labels are used to forward the packets and no longer the destination IP address have led to the popularity of Multiprotocol Label Switching. These benefits—such as the better integration of IP over Asynchronous Transfer Mode and the popular Multiprotocol Label Switching virtual private network (Virtual Private Network) application. (...)
(...) When a router forwards an IP packet, it does not change a value that pertains to the destination of the packet; that is, it does not change the destination IP address of the packet. The fact that the Multiprotocol Label Switching labels are used to forward the packets and no longer the destination IP address have led to the popularity of Multiprotocol Label Switching. These benefits—such as the better integration of IP over Asynchronous Transfer Mode and the popular Multiprotocol Label Switching virtual private network (Virtual Private Network) application. (...)
Label Distribution with Label Distribution Protocol (04/07/2007)
(...) The Label Switch Router chooses the remote binding received from the downstream Label Switch Router, which is the next hop in the routing table for that prefix. It uses this information to set up its label forwarding information base (LFIB) where the label from the local binding serves as the incoming label and the label from the one remote binding chosen via the routing table serves as the outgoing label. Therefore, when an Label Switch Router receives a labeled packet, it is now capable of swapping the incoming label it assigned, with the outgoing label assigned by the adjacent next-hop Label Switch Router. (...)
(...) The Label Switch Router chooses the remote binding received from the downstream Label Switch Router, which is the next hop in the routing table for that prefix. It uses this information to set up its label forwarding information base (LFIB) where the label from the local binding serves as the incoming label and the label from the one remote binding chosen via the routing table serves as the outgoing label. Therefore, when an Label Switch Router receives a labeled packet, it is now capable of swapping the incoming label it assigned, with the outgoing label assigned by the adjacent next-hop Label Switch Router. (...)
Virtual Private Network Model Versus Overlay Virtual Private Network Model (04/06/2007)
(...) The rerouting of traffic happens in less than 50 ms, which is fast even for standards of today. History of Multiprotocol Label Switching in Cisco IOS This section gives you a brief chronological overview of the Multiprotocol Label Switching implementation in Cisco IOS from its start in 1998. Tag Switching to Multiprotocol Label Switching Cisco Systems started off with putting labels on top of IP packets in what was then called tag switching. (...)
(...) The rerouting of traffic happens in less than 50 ms, which is fast even for standards of today. History of Multiprotocol Label Switching in Cisco IOS This section gives you a brief chronological overview of the Multiprotocol Label Switching implementation in Cisco IOS from its start in 1998. Tag Switching to Multiprotocol Label Switching Cisco Systems started off with putting labels on top of IP packets in what was then called tag switching. (...)
Enter page# 1 (last added articles shown first)