CHAPTER TWO

Introduction to Computer Networks

2.1. Computer network and its application
2.1.1. What is a computer network?
A computer network is a system in which a number of independent computers are linked together to share
resources. Resource may be file, folder, printer, disk drive or just about anything else that exists on a computer.
In the modern world, computer networks have become almost indispensable. All major businesses and
governmental and educational institutions make use of computer networks to such an extent that it is now
difficult to imagine a world without them.
A network is simply a collection of computers or other hardware devices that are connected together, either
physically or logically, using special hardware and software, to allow them to exchange information and
cooperate. Networking is the term that describes the processes involved in designing, implementing, upgrading,
managing and other tasks with networks and network technologies. Usually, the connections between
computers in a network are made using physical wires or cables. However, some connections are wireless,
using radio waves or infrared signals.
2.1.2. Applications & Uses of Networks
In the short time they have been around, data communication networks have become an indispensable part of
business, industry, and entertainment. Some of the network applications in different fields are the following:
 Marketing and sales.
Computer networks are used extensively in both marketing and sales organizations. Marketing professionals use
them to collect, exchange, and analyze data relating to customer needs and product development cycles. Sales
applications include teleshopping, which uses order entry computers or telephones connected to an order-
processing network, and on-line reservation services for hotels, airlines, and so on.
 Financial services
Today's financial services are totally dependent on computer networks. Applications include credit history
searches, foreign exchange and investment services, and electronic funds transfer (EFT), which allows a user, to
transfer money without going into a bank (an automated teller machine is a kind of electronic funds transfer;
automatic paycheck deposit is another).
 Manufacturing
Computer networks are used today in, many aspects of manufacturing, including the manufacturing process
itself. Two applications that use networks to provide essential services are computer-assisted design (CAD) and
computer-assisted manufacturing (CAM), both of which allow multiple users to work on a project
simultaneously.
 Electronic messaging
Probably the most widely used network application is electronic mail (e-mail).
 Directory services
Directory services allow lists of files to be stored in a central location to speed worldwide search operations.
 Information services
Network information services include bulletin boards and data banks. A World Wide Web site offering the
technical specifications for a new product is an information service.
 Electronic data interchange (EDI)
EDI allows business information (including documents such as purchase orders and invoices) to be transferred
without using paper.

1
  Teleconferencing
Teleconferencing allows conferences to occur without the participants being in the same place. Applications
include simple text conferencing (where participants communicate through their keyboards and computer
monitors), voice conferencing (where participants at a number of locations communicate simultaneously over
the phone) and video conferencing (where participants can see as well as talk to one another).
 Cellular telephone
In the past two parties wishing to use the services of the telephone company had to be linked by a fixed physical
connection. Today's cellular networks make it possible to maintain wireless phone connections even while
traveling over large distances.
 Cable television
Future services provided by cable television networks may include video on request, as well as the same
information, financial, and communications services currently provided by the telephone companies and
computer networks.

Disadvantages of computer network

Making important and sensitive information available to every user of the network is not normally desirable.
For example, information about employees’ salaries should not be freely available for anybody to look at. Data
security is therefore an important concern in a networked environment. Secondly, the danger of computer
viruses entering the network is greatly increased. A virus can infect any of the computers on the network, and
can quickly spread throughout the network causing significant damage. Equipment malfunctions and system
failures are also the risks of computer networks.

2.2. Types of networks

Depending on one’s perspective, we can classify networks in different ways.
• Based on network size: LAN, MAN and WAN
• Based on management method: Peer-to-peer and Client/Server
2.2.1. Types of network based on network size (coverage)
i. LANs
Computer networks can be classified into one of two groups, depending on their size and function. A local area
network (LAN) is the basic building block of any computer network. A LAN can range from simple (two
computers connected by a cable) to complex (hundreds of connected computers and peripherals throughout a
major corporation). A local-area network (LAN) can connect many computers in a relatively small geographical
area such as a home, an office, or a campus. The distinguishing feature of a LAN is that it is confined to a
limited geographic area.
In a typical LAN configuration, one computer is designated as the file server. It stores all of the software that
controls the network, as well as the software that can be shared by the computers attached to the network.
Computers connected to the file server are called workstations. The workstations can be less powerful than the
file server, and they may have additional software on their hard drives. On most LANs, cables are used to
connect the network interface cards in each computer. A LAN connects network devices over a relatively short
distance. Occasionally a LAN will span a group of nearby buildings.
In addition to operating in a limited space, LANs are also typically owned, controlled, and managed by a single
person or organization. They also tend to use certain connectivity technologies, primarily Ethernet and Token
Ring.

2
 ii. Metropolitan Area Network (MAN)
It is a network that transmits data and information over city wide distance.
 A Metropolitan Area Network (MAN) is a network that is utilized across multiple buildings.
 Is larger than a LAN, but smaller than a WAN.
 Is also used to mean the interconnection of several LANs by bridging them together. This sort of
network is also referred to as a campus network.
iii.Wide area network (WAN)
A wide area network (WAN), on the other hand, has no geographical limit. It can connect computers and other
devices on opposite sides of the world. A WAN is made up of a number of interconnected LANs. Perhaps the
ultimate WAN is the Internet. LANs typically have much higher transmission rates than WAN. Most LANs are
able to transmit data at around 100Mbps (million bits per second), whereas WANs generally transmit at less
than 10Mbps. Another difference is the error rates in transmission: the likely number of errors in data
transmission is higher for a WAN than for a LAN. WAN is typically slower and less reliable than a LAN.
This distinction between LANs and WANs is made because of the locality principle. The locality principle in
computer networking states that computers are much more likely to want to communicate with other computers
that are geographically close, than with those that are distant. For example, if you want to request a printout
from your PC, it makes much more sense to use the printer in the next room rather than one that is hundreds of
kilometers away. Because of the locality principle network designers tend to use higher performance hardware
within a LAN compared to the connections between different LANs that form a WAN.
2.2.2. Types of networks based on node relationship
Based on the role each node on the network has, networks are divided into two broad categories:
 Peer-to-peer networks
 Server-based networks
i. Peer-to-peer networks
In a peer-to-peer network, there are no dedicated servers, and there is no hierarchy among the computers. All
the computers are equal and therefore are known as peers. Each computer functions as both a client and a
server, and there is no administrator responsible for the entire network. The user at each computer determines
what data on that computer is shared on the network. Peer-to-peer networks are also sometimes called
workgroups.
Peer-to-peer networks are relatively simple. Because each computer functions as a client and a server, there is
no need for a powerful central server or for the other components required for a high-capacity network. Peer-to-
peer networks can be less expensive than server-based networks. Also, the networking software does not require
the same standard of performance and level of security as the networking software designed for dedicated
servers.
In typical networking environments, a peer-to-peer implementation offers the following advantages:
 Computers are located at users' desks
 Users act as their own administrators and plan their own security
 They are cheap and easy to set up and administer for small groups of users
Peer-to-peer networks are good choices for environments where:
 There are 10 users or fewer
 Users share resources, such as printers, but no specialized servers exist
 Security is not an issue
 The organization and the network will experience only limited growth within the foreseeable future
3
Where these factors apply, a peer-to-peer network will probably be a better choice than a server-based network.
ii. Server-based networks
In an environment with more than 10 users, a peer-to-peer network will probably not be adequate. Therefore,
most networks have dedicated servers. A dedicated server is one that functions only as a server and is not used
as a client or workstation. Servers are described as "dedicated" because they are not themselves clients, and
because they are optimized to service requests from network clients quickly and to ensure the security of files
and directories. Server-based networks have become the standard models for networking.
When the networks increase in size (as the number of connected computers and the physical distance and traffic
between them grows), more than one server is usually needed. Spreading the networking tasks among several
servers ensures that each task will be performed as efficiently as possible. Servers must perform varied and
complex tasks. Servers for large networks have become specialized to accommodate the expanding needs of
users. For example, a network may have separate servers for file storage, printing, email and for storing and
running application software.
Although it is more complex to install, configure, and manage, a server-based network has many advantages
over a simple peer-to-peer network.
 Server-based data sharing can be centrally administered and controlled. Because these shared resources
are centrally located, they are easier to find and support than resources on individual computers.
 Security is often the primary reason for choosing a server-based approach to networking. In a server-
based environment, one administrator who sets the policy and applies it to every user on the network can
manage security.
 Backups can be scheduled several times a day or once a week depending on the importance and value of
the data. Server backups can be scheduled to occur automatically, according to a predetermined
schedule, even if the servers are located on different parts of the network.
 A server-based network can support thousands of users. This type of network would be impossible to
manage as a peer-to-peer network.
2.3. Network Topologies
The term topology, or more specifically, network topology, refers to the arrangement or physical layout of
computers, cables, and other components on the network. Topology defines the structure of the network. This
includes the physical topology which is the actual layout of the physical components such as computer, media
etc., and the logical topology which is how the media is accessed by the hosts, how data is transmitted between
nodes or how the network message is travel from one node to another. "Topology" is the standard term that
most network professionals use when they refer to the network's basic design. In addition to the term
"topology," you will find several other terms that are used to define a network's design: Physical layout, Design,
Diagram or Map.
A network's topology affects its capabilities. The choice of one topology over another will have an impact on
the:
 Type of equipment that the network needs
 Capabilities of the network
 Growth of the network
 Way the network is managed
Developing a sense of how to use the different topologies is a key to understanding the capabilities of the
different types of networks.
Before computers can share resources or perform other communication tasks they must be connected. Most
networks use cable to connect one computer to another. However, it is not as simple as just plugging a computer
4
into a cable connecting to other computers. Different types of cable—combined with different network cards,
network operating systems, and other components—require different types of arrangements. To work well, a
network topology takes planning. For example, a particular topology can determine not only the type of cable
used but also how the cabling runs through floors, ceilings, and walls. Topology can also determine how
computers communicate on the network. Different topologies require different communication methods, and
these methods have a great influence on the network.
There are four basic types of computer topology: bus, star, ring and mesh.
i. Bus Topology
The bus topology is often referred to as a "linear bus" because the computers are connected in a straight line.
This is the simplest and most common method of networking computers. The figure below shows a typical bus
topology. It consists of a single cable called a trunk (also called a backbone or segment) that connects all of the
computers in the network in a single line.

Fig 2.1 The bus topology

Computers on a bus topology network communicate by addressing data to a particular computer and sending
out that data on the cable as electronic signals. To understand how computers communicate on a bus, you need
to be familiar with three concepts: Sending the signal, Signal bounce and Terminator.
a. Sending the signal
When sending a signal from one computer on the network to another, network data in the form of electronic
signals is in fact sent to all the computers on the network. However, only the computer whose address matches
the address encoded in the original signal accepts the information. All other computers reject the data. Because
only one computer at a time can send data on a bus network, the number of computers attached to the bus will
affect network performance. The more computers there are on a bus, the more computers will be waiting to put
data on the bus and, consequently, the slower the network will be. Computers on a bus either transmit data to
other computers on the network or listen for data from other computers on the network. They are not
responsible for moving data from one computer to the next. Consequently, if one computer fails, it does not
affect the rest of the network.
b. Signal bounce
Because the data, or electronic signal, is sent to the entire network, it travels from one end of the cable to the
other. If the signal is allowed to continue uninterrupted, it will keep bouncing back and forth along the cable
and prevent other computers from sending signals. Therefore, the signal must be stopped after it has had a
chance to reach the proper destination address.

c. Terminator
To stop the signal from bouncing, a component called a terminator is placed at each end of the cable to absorb
free signals. Absorbing the signal clears the cable so that other computers can send data.
5
In a bus topology, if a break in the cable occurs the two ends of the cable at the break will not have terminators,
so the signal will bounce, and all network activity will stop. This is one of several possible reasons why a
network will go "down." The computers on the network will still be able to function as stand-alone computers;
however, as long as the segment is broken, they will not be able to communicate with each other or otherwise
access shared resources.
ii. Star topology
In the star topology, cable segments from each computer are connected to a centralized component called a hub,
making it very easy to add a new workstation. Figure below shows four computers and a hub connected in a star
topology. Signals are transmitted from the sending computer through the hub to all computers on the network.

Fig 2.2 The star topology

Because each computer is connected to a central point/device, this topology requires a great deal of cable in a
large network installation. Also, if the central point/device fails, the entire network goes down. If one computer
or the cable that connects it to the hub fails on a star network, only the failed computer will not be able to send
or receive network data. The rest of the network continues to function normally.
Star topologies are more expensive to install than bus networks, because there are several more cables that need
to be installed, plus the cost of the hubs that are needed.
iii. Ring topology
The ring topology connects computers on a single circle of cable. Each node is connected to the two nearest
nodes so the entire network forms a circle. Unlike the bus topology, there are no terminated ends. The signals
travel around the loop in one direction and pass through each computer, which can act as a repeater to boost the
signal and send it on to the next computer. The figure below shows a typical ring topology with one server and
four workstations. The failure of one computer can have an impact on the entire network. One method for
passing data on ring networks is token passing.

Fig 2.3 The ring topology

Ring topology is easier to manage; easier to locate a defective node or cable problem. It also well-suited for
transmitting signals over long distances by handling high-volume network traffic on a LAN. In short ring

6
topology enables reliable communication. However, this topology has the following limitations. Expensive,
requires more cable and network equipment at the start, not used as widely as bus topology (i.e. fewer
equipment options and fewer options for expansion to high-speed communication.)
iv.Mesh topology
A mesh topology network offers superior redundancy and reliability. In a mesh topology, each computer is
connected to every other computer by separate cabling. (See the figure below) This configuration provides
redundant paths throughout the network so that if one cable fails, another will take over the traffic. While ease
of troubleshooting and increased reliability are definite benefits, these networks are expensive to install because
they use a lot of cabling. Often, a mesh topology will be used in conjunction with other topologies to form a
hybrid topology.

Fig 2.4 The mesh topology

The mesh topology is the simplest logical topology in terms of data flow, but it is the most complex in terms of
physical design. In this physical topology, each device is connected to every other device. This topology is
rarely found in LANs, mainly because of the complexity of the cabling. If there are x computers, there will be
(x × (x–1)) ÷ 2 cables in the network. For example, if you have five computers in a mesh network, it will use 5
× (5 – 1) ÷ 2, which equals 10 cables. This complexity is compounded when you add another workstation. For
example, your five computers, 10 cable network will jump to 15 cables just by adding one more computer.
v. Hybrid topologies
Many working topologies are hybrid combinations of the bus, star, ring, and mesh topologies. Two of the more
common are described below.
A. Star bus topology
The star bus is a combination of the bus and star topologies. In a star-bus topology, several star topology
networks are linked together with linear bus trunks. The figure below shows a typical star-bus topology.
If one computer goes down, it will not affect the rest of the network. The other computers can continue to
communicate. If a hub goes down, all computers on that hub are unable to communicate. If a hub is linked to
other hubs, those connections will be broken as well.

Fig 2.5 The star bus hybrid topology

7
 B. Star ring topology
The star ring (sometimes called a star-wired ring) appears similar to the star bus. Both the star ring and the star
bus are centered in a hub that contains the actual ring or bus. The figure below shows a star-ring network.
Linear-bus trunks connect the hubs in a star bus, while the hubs in a star ring are connected in a star pattern by
the main hub.

Fig 2.6 The star ring hybrid topology

Until now we have assumed that the word topology is used to refer only to the physical layout of the network.
In fact, we can talk about two kinds of topology: physical and logical. A network's physical topology is the wire
itself. A network's logical topology is the way it carries signals on the wire.
2.4. Computer network components
The components required to operate a network can be divided into two major categories: Hardware and
software.
The hardware components of a network consist of all physical parts that we can see and touch. The following
five items are good examples to be mentioned.
 Server

 Workstation/Client
 Transmission media
 Network Interface Cards (NIC)
 A concentrator/network connectivity devices/internetworking devices, or wiring center
The software necessary to operate a network consists of:
 Network operating system (NOS)
 The operating system of the workstation
 Server software
 Client software
2.4.1. Hardware network components
A. The Server
The server functions as the central repository resources/services the network provides. Usually the server is also
responsible for controlling which users on which computers in the network are granted access to a service.
B. Workstations/Clients
Almost all the user computers connected to a network are called workstations or clients. A typical workstation
is a computer that is configured with a network interface card, networking software, and the appropriate cables.
8
 C. Transmission media
It is either a wired or wireless medium through which information usually moves from one network device to
another. (To be covered in details on the next chapter)
D. Network Interface Card (NIC)
The NIC is located in every workstation on the LAN as well as in the server. It is a board that plugs into one of
the expansion slots on the motherboard of a workstation and the server, thereby providing a connector on the
back to hook to some sort of transmission media (including wireless media). NIC acts as a “transmitter” and
“receiver” – transceiver.
The network interface card (NIC) provides the physical connection between the network and the computer
workstation. Most NICs are internal, with the card fitting into an expansion slot inside the computer. Some
computers use external boxes.
Network interface cards are a major factor in determining the speed and performance of a network. It is a good
idea to use the fastest network card available for the type of workstation you are using.
E. The Concentrator – Network connectivity or Internetworking devices
Every workstation on the LAN must be connected to the server across some sort of transmission media.
However, it is virtually impossible to have every workstation on the LAN actually attached to at the file server,
since the file server usually has only one NIC.
To accommodate multiple workstations, a hub or central data collecting area is often used, although certain
network architectures such as linear bus structures do not use hubs or concentrators. On certain networks, a hub
allows for multiple connections or splitting of the network cable.
i. Hub
A hub acts as the central component in a star topology, and typically contains 4, 8, 16 or even more different
ports for connecting to computers or other hubs. It is similar in operation to a repeater, except that it broadcasts
data received by any of the ports to all other ports on the hub. Hubs can be active, passive or hybrid. Most hubs
are active; that is, they regenerate and retransmit signals in the same way as a repeater does. Because hubs
usually have eight to twelve ports for network computers to connect to, they are sometimes called multiport
repeaters. Active hubs require electrical power to run. Some types of hubs are passive. They act as connection
points and do not amplify or regenerate the signal; the signal passes through the hub. Passive hubs do not
require electrical power to run. Advanced hubs that will accommodate several different types of cables are
called hybrid hubs.
ii. Switch
A concentrator is a device that provides a central connection point for cables from workstations, servers, and
peripherals. In a star topology, twisted-pair wire is run from each workstation to a central switch/hub. Most
switches are active, that is they electrically amplify the signal as it moves from one device to another. Switches
no longer broadcast network packets as hubs did in the past, they memorize addressing of computers and send
the information to the correct location directly. Switches are:
 Usually configured with 8, 12, or 24 RJ-45 ports
 Often used in a star or star-wired ring topology
 Sold with specialized software for port management

iii. Repeaters
Since a signal loses strength as it passes along a cable, it is often necessary to boost the signal with a device
called a repeater. The repeater electrically amplifies the signal it receives and rebroadcasts it. Repeaters can be
9
separate devices or they can be incorporated into a concentrator. They are used when the total length of your
network cable exceeds the standards set for the type of cable being used.
A good example of the use of repeaters would be in a local area network using a star topology with unshielded
twisted-pair cabling. The length limit for unshielded twisted-pair cable is 100 meters. The most common
configuration is for each workstation to be connected by twisted-pair cable to a multi-port active concentrator.
The concentrator amplifies all the signals that pass through it allowing for the total length of cable on the
network to exceed the 100 meter limit.
iv. Bridges
A bridge is a device that allows you to segment a large network into two smaller, more efficient networks. If
you are adding to an older wiring scheme and want the new network to be up-to-date, a bridge can connect the
two.
A bridge monitors the information traffic on both sides of the network so that it can pass packets of information
to the correct location. Most bridges can "listen" to the network and automatically figure out the address of each
computer on both sides of the bridge. The bridge can inspect each message and, if necessary, broadcast it on the
other side of the network.
The bridge manages the traffic to maintain optimum performance on both sides of the network. Bridges can be
used to connect different types of cabling, or physical topologies. They must, however, be used between
networks with the same protocol.
v. Routers
A router translates information from one network to another; it is similar to a super intelligent bridge. Routers
select the best path to route a message, based on the destination IP address. The router can direct traffic to
prevent head-on collisions, and is smart enough to know when to direct traffic along back roads and shortcuts.
While bridges know the addresses of all computers on each side of the network, routers know the addresses of
computers, bridges, and other routers on the network. Routers can even "listen" to the entire network to
determine which sections are busiest -- they can then redirect data around those sections until they clear up.
If you have a school LAN that you want to connect to the Internet, you will need to purchase a router. In this
case, the router serves as the translator between the information on your LAN and the Internet. It also
determines the best route to send the data over the Internet. Routers can:
 Direct signal traffic efficiently
 Route messages between any two protocols
 Route messages between linear bus, star, and star-wired ring topologies
 Route messages across fiber optic, coaxial, and twisted-pair cabling
vi. Gateway
A gateway is a translation tool. It is a server that acts as an intermediary for some other server. Unlike a proxy,
a gateway receives requests as if it were the original server for the requested resource; the requesting client may
not be aware that it is communicating with a gateway. The best way to explain it is with our restaurant
example. Let's say you want to order a hamburger, but they don't understand the word hamburger in Russia. A
gateway would tell the waiter or waitress that you want a piece of cooked ground beef on bread.
In networking, a gateway translates messages between computers using different topologies. In order to
connect your FDDI backbone to your Ethernet network, you must have a gateway installed in order to allow the
two to understand each other.
2.4.2. Software network components
A. The Network Operating System

10
Unlike operating systems, such as DOS and Windows that are designed for single users to control one
computer, network operating systems (NOS) coordinate the activities of multiple computers across a network.
The network operating system acts as a director to keep the network running smoothly. The network operating
system is the software that resides on the server. It controls virtually all the activity on the network. It also
manages access to the resource on the server and handles security of the resource on the server.
Network operating system provides true multi-user capabilities and is probably the most important part of the
network.
The two major types of network operating systems are: Peer-to-Peer and Client/Server.
Peer-to-Peer
Peer-to-peer network operating systems allow users to share resources and files located on their computers and
to access shared resources found on other computers. However, they do not have a file server or a centralized
management source. Windows for Workgroup is an example of programs that can function as peer-to-peer
network operating systems.
Client/Server
Client/server network operating systems allow the network to centralize functions and applications in one or
more dedicated file servers. It provides the mechanism to integrate all the components of the network and allow
multiple users to simultaneously share the same resources irrespective of physical location. Red Hat 7, Fedora,
Windows 2008 and Windows 2012 Server are examples of client/server network operating systems.
B. The server software
Server software usually loaded on the server. They provide an interface through the service is given to clients.
Most popular ones are web server, mail server, print server, file server, database server etc.
C. The client software
They are software’s that used to access the service given by the server software on the server. They are capable
of interfacing with server software. E.g. web browsers, e-mail clients etc.
2.5. Computer network design and management
2.5.1. Network Design
The decision that we make in laying the foundation upon which our network will be built can make our life
easier or come back to haunt us. Whenever we start to design a network for an organization, we should clearly
identify the organizational objective and the goal of the network to be developed. A general network goal that
can work for most organizations can be to install an economical computer network that will bring up-to-date
communication technology and be flexible enough to allow for future expansion.
The most typical technical goals in an enterprise LAN/WAN design include scalability, availability,
performance, and security.
Scalability: Scalability is the ability of a network to continue to function well as it is changed in size or volume
to meet new enterprise traffic or application requirements. Typically, the rescaling is to a larger size or volume.
In today’s dynamic and rapid changing business environment, enterprises are rapidly adding users, various
applications, opening new branch offices, and connecting with external partners to meet new business
challenges. Therefore, scalability is always the biggest concern, and the primary technical goal for an enterprise
network design.
Availability: The second most important technical goal every enterprise network requires is high availability.
This refers to the amount of up time the network is available to end users. It can be expressed as a percent of
uptime per year, month, week, day, or hour, compared to the total time in that period. For example, a network
kept up and running for 165 hours in one week (7 x 24 = 168 hours), means that the availability in that week is
98.21 percent.
11
Performance: Network performance is a very broad and complicated topic. The requirement for it could be a
very vague definition stated by the client. They could say something like, “as long as the users have no
complaints” or it could be a scientific one like, “I want to see a LAN throughput of at least 1000 PPS (packets
per second).” In the former case, you have to work out more specific goals for the client to achieve the
performance they really need. In general, network performance can be specified in very scientific and precise
terms. Parameters such as capacity utilization, throughput, and delay are just some of the terms that indicate the
health of an enterprise network. There are many management tools available to collect and analyze these data.
Security: Among all the technical goals, security is becoming more important as enterprises keep connecting
their private internetworks to the Internet as well as their partners and remote workers. Therefore, security
concerns should be carefully integrated into every step of the network design and planning. The first and most
important step to achieve good security for your client is to come up with a thorough corporate security policy.
You and your client should jointly make these policies. Ask as many questions as possible to understand the
risks associated with not implementing a secure network. Determine how sensitive is the data and where will it
be stored.
The first decision we need to make in designing new network is whether it should be a peer-to-peer or a server-
based network. The factors we need to examine include the:
 Size of the network.
 Level of security.
 Type of business.
 Level of administrative support available.
 Amount of network traffic.
 Needs of the network users.
 Network budget.

Selecting a Logical Network Topology

A topology pictorially describes the configuration or arrangement of a conceptual network, including all the
network nodes and connecting lines. During this phase, identify the network segments and interconnection
points between segments, size and scope of networks, and the types of required internetworking devices; for
example, hub, switch, or router. You do not have to decide which devices just yet. One of the best practices
when designing an enterprise LAN/WAN network is to develop a layered and hierarchical design model, which
is recommended by most network design experts. Compared to other design models — such as flat — the
hierarchical model allows an internetwork to be designed in three discrete layers, each focusing on specific
functions. Modularity in network design allows designers to create elements that can be replicated as the
network grows and changes. As each element changes, the cost and complexity of making the upgrade is
constrained to a small subset of the overall network. Therefore, the hierarchical design model provides us the
best network scalability.
A typical hierarchical network topology includes the following three layers:
 A core layer consisting of high-end routers and switches that are optimized for availability and
performance
 A distribution layer of routers and switches that implement network policies
 An access layer that connects users via hubs, switches, and other interconnection devices

12
 Fig 2.7 Three-Layered Hierarchical Network Design Model.

1) The core layer design. Some refer to the core layer as “the backbone” of the network. This is because it is
always a high-speed switching backbone and should be designed to switch packets as fast as possible. This layer
should not perform any packet manipulation, such as access list filtering that slows down packet switching.
Also, neither servers nor end-user machines should be attached to the core layer. When configuring routers in
this layer, you should maximize the packet switching throughput and optimize the core for low latency and
good manageability.

2) The distribution layer design. This layer is the demarcation point between the access and core layers and
helps define and differentiate the core layer. Its purpose is to provide boundary definition; it's also where packet
manipulation can take place.
When designing an enterprise LAN/WAN network, you can include the following functions into the distribution
layer:
 Address or area aggregation
 Departmental or workgroup access
 Broadcast/multicast domain definition
 VLAN routing
 Any media transitions that need to occur
 Security policies

3) The access layer design. The access layer is the point where local end users are connected directly into the
network. This layer may also use access lists or filters to further optimize the needs of a particular set of users.
In an enterprise campus environment, access layers can be designed to have the following functions:
 Shared bandwidth
 Switched bandwidth
 MAC layer filtering
 Micro segmentation
In the non-campus environment, the access layer can give remote sites access to the corporate network via
wide-area technology, such as frame relay, ISDN, or leased lines.
13
Requirements of the Network
After you have examined the existing facility and equipment, you need to define the requirements of your
network. You'll then match these requirements to the existing hardware, software, and telecommunications
features available and determine what steps need to be taken to develop the network. At a minimum, you should
consider the following:
 The size of the facility (located on a single floor vs. multiple floors)
 The number of users
 Whether the LAN will be extended to several buildings
 The environment (office, manufacturing, out-of-doors)
 The current network media, if any
 The technical competence of users
 The amount of network traffic (initially, and anticipated for the future)
 The level of security
2.5.2. Network Management
Proper network management is a critical component of an efficient network. Network administrators need tools
to monitor the functionality of the network devices, the connections between them, and the services they
provide. Simple network Management Protocol (SNMP) has become the de facto standard for use in network
management solutions and is tightly connected with remote monitoring (RMON) and Management Information
Bases (MIB). Each managed device in the network has several variables that quantify the state of the device.
You can monitor managed devices by reading the values of these variables, and you can control managed
devices by writing values into these variables.
2.5.2.1. Network Management Architecture
The network management architecture consists of the following:
 Network management system (NMS): A system that executes applications that monitor and control
managed devices. NMSs provide the bulk of the processing and memory resources that are required for
network management.
 Network management protocol: A protocol that facilitates the exchange of management information
between the NMS and managed devices, including SNMP, MIB, and RMON.
 Managed devices: A device (such as a router) managed by an NMS.
 Management agents: Software, on managed devices, that collects and stores management information,
including SNMP agents and RMON agents.
 Management information: Data that is of interest to a device’s management, usually stored in MIBs.
A variety of network management applications can be used on a network management system; the choice
depends on the network platform (such as the hardware or operating system). The management information
resides on network devices; management agents that reside on the device collect and store data in a standardized
data definition structure known as the MIB.
The network management application uses SNMP or other network management protocols to retrieve the data
that the management agents collect.

14
 Fig 2.8 Network management protocol
2.5.3. Protocols and Standards
Several protocols are used within the network management architecture. SNMP is the simplest network
management protocol. SNMP version 1 (SNMPv1) was extended to SNMP version 2 (SNMPv2) with its
variants, which were further extended with SNMP version 3 (SNMPv3). RMON is an extension of the MIB.
The MIB typically provides only static information about the managed device; the RMON agent collects
specific groups of statistics for long-term trend analysis.
i. SNMP
SNMP has become the de facto standard for network management. SNMP is a simple solution that requires
little code to implement, which enables vendors to easily build SNMP agents for their products. In addition,
SNMP is often the foundation of the network management architecture. SNMP defines how management
information is exchanged between network management applications and management agents. The terms used
in SNMP are described as follows:
 Manager: The manager, a network management application in an NMS, periodically polls the SNMP
agents that reside on managed devices for the data, thereby enabling information to be displayed using a
GUI on the NMS. A disadvantage of periodic SNMP polling is the possible delay between when an event
occurs and when it is collected by the NMS; there is a trade-off between polling frequency and bandwidth
usage.
 Protocol: SNMP is a protocol for message exchange. It uses the User Datagram Protocol (UDP) transport
mechanism to send and retrieve management information, such as MIB variables.
 Managed device: A device (such as a router) managed by the manager.
 Management agents: SNMP management agents reside on managed devices to collect and store a range of
information about the device and its operation, respond to the manager’s requests, and generate traps to
inform the manager about certain events. SNMP traps are sent by management agents to the NMS when
certain events occur.
 MIB: The management agent collects data and stores it locally in the MIB, a database of objects about the
device. Community strings, which are similar to passwords, control access to the MIB. To access or set MIB
variables, the user must specify the appropriate read or write community string; otherwise, access is denied.

15
 SNMPv1
The initial version of SNMP, SNMPv1 is defined in RFC 1157, Simple Network Management Protocol
(SNMP). The protocol’s simplicity is apparent by the set of operations that are available. SNMP messages is
which the manager uses to transfer data from agents that reside on managed devices. These messages are
described as follows:
 Get Request: Used by the manager to request a specific MIB variable from the agent.
 Get Next Request: Used after the initial get request to retrieve the next object instance from a table or
list.
 Set Request: Used to set a MIB variable on an agent.
 Get Response: Used by an agent to respond to a manager’s Get Request or Get Next Request message.
 Trap: Used by an agent to transmit an unsolicited alarm to the manager. A Trap message is sent when
specific conditions occur, such as a change in the state of a device, a device or component failure, or an
agent initialization or restart.
SNMPv2
SNMPv2 is a revised protocol that includes performance and manager-to-manager communication
improvements to SNMP. SNMPv2 changes include the introduction of the following two new message types:
 GetBulk message type: Used for retrieving large amounts of data, such as tables. This message reduces
repetitive requests and replies, thereby improving performance.
 InformRequest: Used to alert the SNMP manager of a specific condition. Unlike unacknowledged trap
messages, InformRequest messages are acknowledged. A managed device sends an InformRequest to
the NMS; the NMS acknowledges the receipt of the message by sending a Response message back to
the managed device.
Another improvement of SNMPv2 over SNMPv1 is the addition of new data types with 64-bit counters because
32-bit counters were quickly overflowed by fast network interfaces.

16
MIB
A MIB is a collection of managed objects. A MIB stores information, which is collected by the local
management agent, on a managed device for later retrieval by a network management protocol.
Each object in a MIB has a unique identifier that network management applications use to identify and retrieve
the value of the specific object. The MIB has a tree-like structure in which similar objects are grouped under the
same branch of the MIB tree. For example, different interface counters are grouped under the MIB tree’s
interfaces branch.
MIB-II
MIB-II is an extension of the original MIB (which is now called MIB-I) and is defined by RFC 1213. MIB-II
supports a number of new protocols and provides more detailed, structured information. It remains compatible
with the previous version, which is why MIB-II retains the same object identifier as MIB-I (1.3.6.1.2.1).
Although the MIB-II definition is an improvement over MIB-I, the following unresolved issues exist:
 MIB-II is still a device-centric solution, meaning that its focus is on individual devices, not the entire
network or data flows.
 MIB-II is poll-based, meaning that data is stored in managed devices and a management system must
request (poll) it via the management protocol; the data is not sent automatically.

RMON
RMON is a MIB that provides support for proactive management of LAN traffic.
The RMON standard allows packet and traffic patterns on LAN segments to be monitored. RMON tracks the
following items:
 Number of packets
 Packet sizes
 Broadcasts
 Network utilization
 Errors and conditions, such as Ethernet collisions
 Statistics for hosts, including errors generated by hosts, busiest hosts, and which hosts communicate
with each other
Without RMON, a MIB could be used to check the device’s network performance. However, doing so would
lead to a large amount of bandwidth required for management traffic. By using RMON, the managed device
itself (via its RMON agent) collects and stores the data that would otherwise be retrieved from the MIB
frequently.
RMON agents can reside in routers, switches, hubs, servers, hosts, or dedicated RMON probes. Because
RMON can collect a lot of data, dedicated RMON probes are often used on routers and switches instead of
enabling RMON agents on these devices. Performance thresholds can be set and reported on if the threshold is
breached; this helps reduce management traffic. RMON provides effective network fault diagnosis,
performance tuning, and planning for network upgrades.
RMON1
RMON1 works on the data link layer (with MAC addresses) and provides aggregate LAN traffic statistics and
analysis for remote LAN segments. Because RMON agents must look at every frame on the network, they
might cause performance problems on a managed device. The agent’s performance can be classified based on
processing power and memory.

17
RMON1 and RMON2
RMON1 only provides visibility into the data link and the physical layers; potential problems that occur at the
higher layers still require other capture and decode tools. Because of RMON1’s limitations, RMON2 was
developed to extend functionality to upper-layer protocols.
RMON2 is not a replacement for RMON1, but an extension of it. RMON2 extends RMON1 by adding nine more groups
that provide visibility to the upper layers. With visibility into the upper-layer protocols, the network manager can monitor
any upper-layer protocol traffic for any device or subnet in addition to the MAC layer traffic.
RMON2 allows the collection of statistics beyond a specific segment’s MAC layer and provides an end-to-end
view of network conversations per protocol. The network manager can view conversations at the network and
application layers. Therefore, traffic generated by a specific host or even a specific application (for example, a
Telnet client or a web browser) on that host can be observed.
ii. NetFlow
Cisco NetFlow is a measurement technology that measures flows that pass through Cisco devices. NetFlow was
originally implemented only on larger devices; it is now available on other devices, including ISRs.
NetFlow answers the questions of what, when, where, and how traffic is flowing in the network. NetFlow data
can be exported to network management applications to further process the information, providing tables and
graphs for accounting and billing or as an aid for network planning. The key components of NetFlow are the
NetFlow cache or data source that stores IP flow information and the NetFlow export or transport mechanism
that sends NetFlow data to a network management collector, such as the NetFlow Collection Engine.
NetFlow-collected data serves as the basis for a set of applications, including network traffic accounting, usage-
based network billing, network planning, and network monitoring.
iii. CDP
CDP is a Cisco-proprietary protocol that operates between Cisco devices at the data link layer. CDP
information is sent only between directly connected Cisco devices; a Cisco device never forwards a CDP frame.
CDP enables systems that support different network layer protocols to communicate and enables other Cisco
devices on the network to be discovered. CDP provides a summary of directly connected switches, routers, and
other Cisco devices.
CDP is a media- and protocol-independent protocol that is enabled by default on each supported interface of
Cisco devices (such as routers, access servers, and switches).
iv. Syslog
It alerts you when something goes wrong or down in your network. Syslog is an excellent tool for system
monitoring and is almost always included in your distribution.
Level Keyword Description
0 emergencies System is unusable
1 Alerts Immediate action is needed
2 Critical Critical conditions exist
3 Errors Error conditions exist
4 Warnings Warning conditions exist
5 Notification Normal, but significant, conditions exist
6 Informationa Informational messages
l

18
7 Debugging Debugging messages

19