Wide-Area Networks

Introducing Wide-Area
Networks
2006 Cisco Systems, Inc. All rights reserved.
ICND v2.35-1
Outline
Overview
WAN Overview
WAN Connection Types
WAN Components
WAN Cabling
Layer 2 Encapsulation Protocols
Summary
ICND v2.35-2
WAN Overview
WANs connect remote sites.

Connection requirements vary depending on user
requirements, cost, and availability.
ICND v2.35-3
WAN Overview
A WAN is a data communications network that operates
beyond the geographical scope of a LAN.
WANs use facilities provided by a service provider, or carrier,
such as a telephone or cable company. They connect the
locations of an organization to each other, to locations of
other organizations, to external services, and to remote
users. WANs generally carry a variety of traffic types, such as
voice, data, and video.
WAN connections are made up of many types of equipment
and components.
data communications equipment (DCE) terminates a
connection between two sites and provides clocking and
synchronization for that connection; it connects to data
termination equipment (DTE).
A DTE is an end-user device, such as a router or PC, which
connects to the WAN via the DCE.
ICND v2.35-4
WAN Terms
Term
Customer premises
equipment (CPE)
Definition
Your network's equipment, which includes the DCE (modem, NT1,
CSU/ DSU) and your DTE (router, access server)
Demarcation point
Where the responsibility of the carrier is passed on to you; this

could be inside or outside your local facility; note that this is a
logical boundary, not necessarily a physical boundary
Local loop
The connection from the carrier's switching equipment to the

demarcation point
Central office (CO) switch
The carrier's switch within the toll network
Toll network
The carrier's internal infrastructure for transporting your data
ICND v2.35-5
WAN Terms
Customer premises equipment (CPE)
Customer premises equipment (CPE) is equipment that's
owned by the subscriber and located on the subscribers
premises.
Demarcation point
The demarcation point is the precise spot where the service
providers responsibility ends and the CPE begins. Its
generally a device in a telecommunications closet owned and
installed by the telecommunications company (telco). Its
your responsibility to cable (extended demarc) from this box
to the CPE, which is usually a connection to a CSU/DSU or
ISDN interface.
Local loop
The local loop connects the demarc to the closest switching
office, which is called a central office.
ICND v2.35-6
WAN Terms
Central office (CO)
This point connects the customers network to the
providers switching network.
Toll network
The toll network is a trunk line inside a WAN
providers network. This network is a collection of
switches and facilities owned by the ISP. Definitely
familiarize yourself with these terms because theyre
crucial to understanding WAN technologies.
ICND v2.35-7
WAN Terms + Encapsulation method
wide-area networking can be broken into three cate

Leased line
Circuit switched
Packet switched
Encapsulation methods
PPP
HDLC
Frame-relay
ICND v2.35-8
WAN Terms
Leased-Line Connections
In lease line, you get your very own piece of wire from your location
to the service provider's network. This is good because no other
customer can affect your line, as can be the case with other WAN services.
You have a lot of control over this circuit to do things such as
Quality of Service and other traffic management.
The downside is that a leased line is expensive and gets a
lot more expensive if you need to connect offices that are far apart.
These are usually referred to as a point-to-point or dedicated connection.
A leased line is a pre-established WAN communications path that goes
from the CPE through the DCE switch, then over to the CPE of the remote site.
The distance between the two sites is small,
making them cost-effective.
You have a constant amount of
traffic between two sites and need to
guarantee bandwidth for certain applications
ICND v2.35-9
WAN Terms
Circuit-Switched Connections
A circuit-switched WAN uses the phone company as the
service provider, either with analog dial-up or digital ISDN
connections. With circuit-switching, if you need to connect
to the remote LAN, a call is dialed and a circuit is
established; the data is sent across the circuit, and the
circuit is taken down when it is no longer needed. Circuitswitched connections include the following types:
Asynchronous serial connections
These include analog modem dialup connections and the
standard telephone system, which is commonly referred to
as Plain Old Telephone Service (POTS) by the telephone
carriers.
Synchronous serial connections
These include digital ISDN BRI and PRI dialup
connections; they provide guaranteed bandwidth.
ICND v2.35-10
WAN Terms
Packet-Switched Connections
Packet-switched WAN services allow you to connect to the provider's network
in much the same way as a PC connects to a hub: When connected, your traffic
is affected by other customers' and theirs by you. This can be an issue
sometimes,
but it can be managed. The advantage of this shared-bandwidth technology is
that with a single physical connection from your router's serial port, you can
establish virtual connections to many other locations around the world.
Packet-switched connections use logical circuits to make connections between
two sites. These logical circuits are referred to as virtual circuits (VCs).
So if you have a lot of branch offices and they are far away from the head
office, a packet-switched solution is a good idea.
ICND v2.35-11
WAN Terms
X.25
The oldest of these four technologies is X.25, which is an ITU-T standard. X.25
is a network layer protocol that runs across both synchronous and
asynchronous physical circuits, providing a lot of flexibility for your connection
options.
X.25 was actually developed to run across unreliable medium. It provides error
detection and correction, as well as flow control, at both the data link layer (by
LAPB) and the network layer (by X.25). In this sense, it performs a function
similar to what TCP, at the transport layer, provides for IP.
Because of its overhead, X.25 is best delegated to asynchronous, unreliable
connections. If you have a synchronous digital connection, another protocol,
such as Frame Relay or ATM, is much more efficient.
ICND v2.35-12
WAN Terms
Frame Relay
Frame Relay is a digital packet-switched service that can run
only across synchronous digital connections at the data link
layer.
Because it uses digital connections (which have very few
errors), it does not perform any error correction or flow control
as X.25 does.
Frame Relay will, however, detect errors and drops bad
frames. It is up to a higher layer protocol, such as TCP, to
resend the dropped information.
ICND v2.35-13
WAN Connection Types: Layer 1
ICND v2.35-14
Interfacing Between
WAN Service Providers
Provider assigns connection parameters

to subscriber
ICND v2.35-15
Serial Point-to-Point Connections
ICND v2.35-16
Typical WAN Encapsulation Protocols:

Layer 2
ICND v2.35-17
Wireless Data Technologies
ICND v2.35-18
Wireless Data Technologies (Cont.)

WAN
(Wide Area Network)
MAN
(Metropolitan Area Network)
LAN
(Local Area Network)
PAN
(Personal Area
Network)
PAN
LAN
MAN
WAN
Bluetooth
IEEE 802.11a,
802.11b, 802.11g
802.16
MMDS, LMDS
GSM, GPRS,
CDMA, 2.53G
Speed
<1 Mbps
154+ Mbps
22+ Mbps
10384 kbps
Range
Short
Medium
Mediumlong
Long
Peer to peer,
device to device
Enterprise
networks
Fixed, lastmile access
PDAs, mobile
phones, cellular
access
Standards
Applications
ICND v2.35-19
Wireless LAN (WLAN)

A WLAN is a shared
network.
An access point is a
shared device and
functions like a shared
Ethernet hub.
Data is transmitted
over radio waves.
Two-way radio
communications
(half-duplex) are used.
The same radio
frequency is used for
sending and receiving
(transceiver).
ICND v2.35-20
WLAN Evolution
Warehousing
Retail
Health care
Education
Businesses
Home
ICND v2.35-21
Unlicensed Frequency Bands
ISM: Industry, scientific, and

medical frequency band
No exclusive use
No license required
Interference possible
Best effort
ICND v2.35-22
Radio Frequency Transmission

Radio frequencies are radiated into the air via an antenna,
creating radio waves.
Radio waves are absorbed when they are propagated
through objects (e.g., walls).
Radio waves are reflected by objects (e.g., metal surfaces).
This absorption and reflection can cause areas of low signal
strength or low signal quality.
ICND v2.35-23
Radio Frequency Transmission

Higher data rates have a shorter transmission range.
The receiver needs more signal strength and better SNR
to retrieve information.
Higher transmit power results in greater distance.
Higher frequencies allow higher data rates.
Higher frequencies have a shorter transmission range.
ICND v2.35-24
WLAN Regulation and Standardization

Regulatory agencies
FCC (United States)
ETSI (Europe)
Standardization
IEEE 802.11
http://standards.ieee.org/getieee802/
Certfication of equipment
Wi-Fi Alliance certifies
interoperability between products.
Certifications include 802.11a,
802.11b, 802.11g, dual-band
products, and security testing.
Certified products can be found at
http://www.wi-fi.org.
ICND v2.35-25
802.11b
2006 Cisco Systems, Inc. All rightsreserved.

ICND v2.35-26
802.11b Standard
Standard was ratified in September 1999
Operates in the 2.4-GHz band
Specifies direct sequence spread spectrum (DSSS)
Specifies four data rates up to 11 Mbps
1, 2, 5.5, 11 Mbps
Provides specifications for vendor interoperability (over
the air)
Defines basic security, encryption, and authentication for the
wireless link
Is the most commonly deployed WLAN standard
ICND v2.35-27
2.4-GHz Channels
Regulatory Domain
Channel
Identifier
Channel
Center
Frequency
Channel
Frequency Range
[MHz]
Americas
Europe, Middle
East, and Asia
Japan
2412 MHz
2401 2423
2417 MHz
2406 2428
2422 MHz
2411 2433
2427 MHz
2416 2438
2432 MHz
2421 2443
2437 MHz
2426 2448
2442 MHz
2431 2453
2447 MHz
2436 2458
2452 MHz
2441 2463
10
2457 MHz
2446 2468
11
2462 MHz
2451 2473
12
2467 MHz
2466 2478
13
2472 MHz
2471 2483
14
2484 MHz
2473 2495
X
ICND v2.35-28
2.4-GHz Channel Use
Each channel is 22 MHz wide.

North America: 11 channels.
Europe: 13 channels.
There are three nonoverlapping channels: 1, 6, 11.
Using any other channels will cause interference.
Three access points can occupy the same area.
ICND v2.35-29
802.11b Access Point Coverage
ICND v2.35-30
802.11a

ICND v2.35-31
802.11a Standard
Standard was ratified September 1999
Operates in the 5-GHz band
Uses orthogonal frequency-division multiplexing (OFDM)
Uses eight data rates of up to 54 Mbps
6, 9, 12, 18, 24, 36, 48, 54 Mbps
Has from 12 to 23 nonoverlapping channels (FCC)
Has up to 19 nonoverlapping channels (ETSI)
Regulations different across countries
Transmit (Tx) power control and dynamic frequency
selection required (802.11h)
ICND v2.35-32
802.11g

ICND v2.35-33
802.11g Protection Mechanism

Problem: 802.11b stations cannot
decode 802.11g radio signals.
802.11b/g access point communicates
with 802.11b clients with max. 11
Mbps.
802.11b/g access point communicates
with 802.11g clients with max. 54
Mbps.
802.11b/g access point activates
RTS/CTS to avoid collisions when
802.11b clients are present.
802.11b client learns from CTS frame
the duration of the 802.11g
transmission.
Reduced throughput is caused by
additional overhead.
ICND v2.35-34
802.11 Standards
Comparison

ICND v2.35-35
802.11 Standards Comparison

802.11b
802.11g
802.11a
Ratified
1999
2003
1999
Frequency band
2.4 GHz
2.4 GHz
5 GHz
No of channels
Up to 23
Transmission
DSSS
Data rates [Mbps]

Throughput
[Mbps]
DSSS
OFDM
1, 2, 5.5, 11 1, 2, 5.5, 11
Up to 6
OFDM
6, 9, 12, 18, 24, 6, 9, 12, 18, 24,

36, 48, 54
36, 48, 54
Up to 22
Up to 28
ICND v2.35-36
Range Comparisons
ICND v2.35-37
Ratified IEEE 802.11 Standards

802.11: WLAN 1 and 2 Mbps at 2.4 GHz
802.11a: WLAN 54-Mbps at 5 GHz
802.11b: WLAN 11-Mbps at 2.4 GHz
802.11d: Multiple regulatory domains
802.11e: Quality of service
802.11f: Inter-Access Point Protocol (IAPP)
802.11g: WLAN 54-Mbps at 2.4 GHz
802.11h: Dynamic Frequency Selection (DFS)
Transmit Power Control (TPC) at 5 GHz
802.11i: Security
802.11j: 5-GHz channels for Japan
http://standards.ieee.org/getieee802/
ICND v2.35-38
Worldwide Availability
http://www.cisco.com/go/aironet/compliance
ICND v2.35-39
General Office WLAN Design

Eight 802.11g access
points deployed
7 users per access point
with no conference
rooms provides 3.8 Mbps
throughput per user
54 Cubes4 Conference Rooms

Conference
Room
Conference
Room
7 users + 1 conference
room (10 users) = 17 total
users, provides 1.5 Mbps
throughput per user
120
Feet
Conference
Room
Reception
Conference
Room
95 Feet
ICND v2.35-40
WLAN Security

ICND v2.35-41
WLAN Security Threats
ICND v2.35-42
Threats control machanism
Control and Integrity
Privacy and
Confidentiality
Protection and
Availability
Authentication
Encryption
Intrusion Detection
System (IDS)
Ensure that legitimate

clients associate with
trusted access points.
Protect data as it
is transmitted and
received.
Track and mitigate

unauthorized
access and
network attacks.
ICND v2.35-43
Threats control machanism
Control and Integrity
Privacy and
Confidentiality
Protection and
Availability
Authentication
Encryption
Intrusion Detection
System (IDS)
Ensure that legitimate

clients associate with
trusted access points.
Protect data as it
is transmitted and
received.
Track and mitigate

unauthorized
access and
network attacks.
ICND v2.35-44
Evolution of WLAN Security

Initial
(1997)
Interim
(2001)
Interim
(2003)
Encryption
(WEP)
802.1x EAP
Wi-Fi Protected
Access (WPA)
No strong
authentication
Static,
breakable keys
Not scalable
Dynamic keys
Standardized
Improved
encryption
Improved
encryption
User
authentication
Strong, user
authentication
(e.g., LEAP,
PEAP, EAPFAST)
802.1x EAP
(LEAP, PEAP)
RADIUS
Present
Wireless IDS
Identification
and protection
against attacks,
DoS
IEEE 802.11i
WPA2 (2004)
AES strong
encryption
Authentication
Dynamic key
management
ICND v2.35-45
Wireless Client Association

Access points send out beacons
announcing SSID, data rates, and other
information.
Client scans all channels.
Client listens for beacons and responses
from access points.
Client associates to access point with
strongest signal.
Client will repeat scan if signal becomes
low to reassociate to
another access point (roaming).
During association SSID, MAC
address and security settings are
sent from the client to the access point
and checked by the access point.
ICND v2.35-46
WPA and WPA2 Authentication
ICND v2.35-47
WPA and WPA2 Encryption
ICND v2.35-48
WLAN Security Summary
WPA Passphrase
WEP Encryption
802.1x EAP
Mutual Authentication
TKIP Encryption
WPA / WPA2
802.11i Security
ICND v2.35-49
Summary
The 2.4-GHz and 5-GHz frequency bands are used by WLAN
802.11 standards.
The throughput per user depends on the data rate and the
number of users per wireless cell.
802.11b has data rates of up to 11 Mbps at 2.4 GHz.
802.11a has data rates of up to 54 Mbps at 5 GHz.
802.11g has data rates of up to 54 Mbps at 2.4 GHz.
802.11a has a shorter range than 802.11g.
For maximum efficiency, limit the number of users per cell.
Different WLAN security types with authentication and
encryption satisfy the security requirements of enterprise
and home users.
ICND v2.35-50
WLAN Components
Autonomous
Solution
Wireless clients
Lightweight
Solution
Autonomous
access points
Access points
Lightweight
access points
Wireless Domain
Services (WDS)
Control
WLAN controller
WLAN Solution
Engine (WLSE)
WLAN management
Cisco Wireless
Control System
(WCS)
PoE switches,
routers
Network infrastructure
PoE switches,
routers
DHCP, DNS, AAA
Network services
DHCP, DNS, AAA
ICND v2.35-51
Cisco Unified Wireless Network

Unified Advanced Services
Unified cellular and Wi-Fi VoIP. Advanced threat
detection, identity networking, location-based
security, asset tracking, and guest access.
World-Class Network Management

Same level of security, scalability, reliability, ease
of deployment, and management for wireless
LANs as wired LANs.
Network Unification
Integration into all major switching and routing
platforms. Secure, innovative WLAN
controllers.
Mobility Platform
Ubiquitous network access in all environments.
Plug and play.
Client Devices
90% of Wi-Fi silicon is Cisco Compatible
certified. Advance services support.
ICND v2.35-52
Cisco Unified Wireless Network (Cont.)

Cisco
Self-Defending
Network
Unified Advanced Services

Unified, built-in support of leading-edge
applications, not an afterthought. Cisco Wireless
Location Appliance, Cisco WCS, SDN, NAC, Wi-Fi
phones, and RF
firewalls.
World-Class Network Management

World Class NMS that visualizes and helps secure
your air space. Cisco Wireless Control System
(WCS).
Network Unification
Seamless network infrastructure across a range
of platforms. Cisco 4400 and 2000 Wireless LAN
Controllers. Future Cisco Catalyst 6500, Series
WiSM, ISR, and 3750
integration.
Mobility Platform
Access points dynamically configured and
managed through LWAPP. Cisco Aironet Access
Points: 1500, 1300, 1240AG, 1230AG, 1130AG, and
1000. Bridges: 1400
and 1300.
Client Devices
Secure clients that work out of the box. Cisco
Compatible client devices & Cisco Aironet clients.
ICND v2.35-53
Connectorized 5-GHz Antennas
Cisco 5-GHz
Rubber Antenna
(Flat with Blue Dot)
Cisco 2.4-GHz
Rubber Antenna
(Round, No Dot)
5-GHz (802.11a) antennas

have blue ID markers.
Dual-band (2.4-GHz and 5-GHz)
antennas have yellow dots.
ICND v2.35-54
Cisco Access Point/Bridge Antennas

Frequency
Antenna
Horizontal
Beamwidth
Vertical
Beamwidth
2.4 GHz
2.2-dBi dipole
360o
65o
2.4 GHz
5.2-dBi omni
360o
38o
2.4 GHz
6-dBi diversity patch
80o
55o
2.4 GHz
9-dBi patch
60o
60o
2.4 GHz
10-dBi Yagi
47o
55o
2.4 GHz
13.5-dBi Yagi
30o
25o
2.4 GHz
21-dBi dish
12.5o
12.5o
5 GHz
3.5-dBi dipole
360o
40o
5 GHz
6-dBi omni
360o
17o
5 GHz
7-dBi patch
70o
50o
ICND v2.35-55
WAN technologies
ICND v2.35-56
WAN technologies
ICND v2.35-57
WAN technologies
ICND v2.35-58
WAN technologies
ICND v2.35-59
WAN technologies
ICND v2.35-60
WAN technologies
ICND v2.35-61
WAN technologies
ICND v2.35-62
WAN technologies
ICND v2.35-63
WAN technologies
ICND v2.35-64
WAN technologies
ICND v2.35-65
WAN technologies
ATM
ATM is also a packet-switched technology that uses digital circuits. Unlike

Frame Relay and X.25, however, this service uses fixed-length (53 byte)
packets, called cells, to transmit information. Therefore, this service is
commonly called a cell-switched service. It has an advantage over Frame
Relay in that it can provide guaranteed throughput and minimal delay for a
multitude of services, includingvoice, video, and data. However, it does cost
more than Frame Relay services. ATM (sort of an enhanced Frame Relay) can
offer a connection guaranteed bandwidth, limited delay, limited number of
errors, Quality of Service (QoS), and more. Frame Relay can provide some
minimal guarantees to connections, but not to the degree of precision that ATM
can. Whereas Frame Relay is limited to 45 Mbps connections, ATM can scale
to very high speeds: OC-192 (SONET), for instance, affords about 10 Gbps of
bandwidth
ICND v2.35-66
Summary
A WAN makes data connections across a broad geographic
area so that information can be exchanged between distant
sites.
WAN connection types include leased line, circuit-switched,
and packet-switched.
WAN components that the provider assigns to your
organization include CPE, demarcation, local loop, CO
switch, and toll network.
Cisco routers support the EIA/TIA-232, EIA/TIA-449, V.35,
X.21, and EIA/TIA-530 standards for serial connections.
To encapsulate data for crossing a WAN link, a variety of
Layer 2 protocols can be used, including HDLC, PPP, SLIP,
X.25/LAPB, Frame Relay, and ATM.
ICND v2.35-67
ICND v2.35-68

Wide-Area Networks

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Wide-Area Networks

Transféré par

Droits d'auteur :

Formats disponibles

Introducing Wide-Area

2006 Cisco Systems, Inc. All rights reserved.

2006 Cisco Systems, Inc. All rights reserved.

WANs connect remote sites.

2006 Cisco Systems, Inc. All rights reserved.

Where the responsibility of the carrier is passed on to you; this

The connection from the carrier's switching equipment to the

Central office (CO) switch

The carrier's switch within the toll network

The carrier's internal infrastructure for transporting your data

2006 Cisco Systems, Inc. All rights reserved.

WAN Terms + Encapsulation method

wide-area networking can be broken into three cate

2006 Cisco Systems, Inc. All rights reserved.

WAN Connection Types: Layer 1

2006 Cisco Systems, Inc. All rights reserved.

Provider assigns connection parameters

Serial Point-to-Point Connections

2006 Cisco Systems, Inc. All rights reserved.

Typical WAN Encapsulation Protocols:

2006 Cisco Systems, Inc. All rights reserved.

Wireless Data Technologies

2006 Cisco Systems, Inc. All rights reserved.

Wireless Data Technologies (Cont.)