IPNetworkDesignGuide Martin W. Murhammer, Kok-Keong Lee, Payam Motallebi, Paolo Borghi, Karl Wozabal International Technical Support Organization SG24-2580-01 http://www.redbooks.ibm.com International Technical Support Organization SG24-2580-01 IP Network Design Guide June 1999 © Copyright International Business Machines Corporation 1995 1999. All rights reserved. Note to U.S Government Users - Documentation related to restricted rights - Use, duplication or disclosure is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corp. Second Edition (June 1999) This edition applies to Transmission Control Protocol/Internet Protocol (TCP/IP) in general and selected IBM and OEM implementations thereof. Comments may be addressed to: IBM Corporation, International Technical Support Organization Dept. HZ8 Building 678 P.O. Box 12195 Research Triangle Park, NC 27709-2195 When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believes appropriate without incurring any obligation to you. Before using this information and the product it supports, be sure to read the general information in Appendix C, “Special Notices” on page 287. Take Note! © Copyright IBM Corp. 1995 1999 iii Contents Preface ix How This Book Is Organized . ix The Team That Wrote This Redbook . x CommentsWelcome xi Chapter 1. Introduction 1 1.1 The Internet Model . . . 1 1.1.1 A Brief History of the Internet and IP Technologies . . . 1 1.1.2 The Open Systems Interconnection (OSI) Model 2 1.1.3 The TCP/IP Model 4 1.1.4 TheNeedforDesigninIPNetworks 5 1.1.5 DesigninganIPNetwork 6 1.2 ApplicationConsiderations 11 1.2.1 Bandwidth Requirements 11 1.2.2 Performance Requirements 12 1.2.3 Protocols Required 12 1.2.4 QualityofService/TypeofService(QoS/ToS) 12 1.2.5 SensitivitytoPacketLossandDelay 13 1.2.6 Multicast 13 1.2.7 Proxy-Enabled . . 13 1.2.8 Directory Needs . 13 1.2.9 DistributedApplications 14 1.2.10 Scalability 14 1.2.11 Security 14 1.3 PlatformConsiderations 14 1.4 InfrastructureConsiderations 16 1.5 ThePerfectNetwork 17 Chapter 2. The Network Infrastructure 19 2.1 Technology 20 2.1.1 TheBasics 20 2.1.2 LAN Technologies 22 2.1.3 WAN Technologies 31 2.1.4 Asynchronous Transfer Mode (ATM). . . 47 2.1.5 FastInternetAccess 51 2.1.6 WirelessIP 55 2.2 The Connecting Devices 57 2.2.1 Hub 57 2.2.2 Bridge 58 2.2.3 Router 60 2.2.4 Switch 62 2.3 ATM Versus Switched High-Speed LAN 67 2.4 FactorsThatAffectaNetworkDesign 68 2.4.1 SizeMatters 68 2.4.2 Geographies 68 2.4.3 Politics 68 2.4.4 TypesofApplication 68 2.4.5 NeedForFaultTolerance 69 2.4.6 ToSwitchorNottoSwitch 69 2.4.7 Strategy 69 2.4.8 CostConstraints 69 iv IP Network Design Guide 2.4.9 Standards . . . 69 Chapter 3. Address, Name and Network Management 71 3.1 Address Management . . . 71 3.1.1 IPAddressesandAddressClasses 71 3.1.2 SpecialCaseAddresses 73 3.1.3 Subnets 74 3.1.4 IPAddressRegistration 79 3.1.5 IP Address Exhaustion 80 3.1.6 ClasslessInter-DomainRouting(CIDR) 81 3.1.7 The Next Generation of the Internet Address IPv6, IPng . 83 3.1.8 Address Management Design Considerations . . . 83 3.2 AddressAssignment 86 3.2.1 Static 86 3.2.2 ReverseAddressResolutionProtocol(RARP) 86 3.2.3 BootstrapProtocol(BootP) 86 3.2.4 Dynamic Host Configuration Protocol (DHCP) . . . 87 3.3 Name Management 89 3.3.1 StaticFiles 89 3.3.2 TheDomainNameSystem(DNS) 90 3.3.3 Dynamic Domain Name System (DDNS) . . 104 3.3.4 DNSSecurity 104 3.3.5 DoesTheNetworkNeedDNS? 106 3.3.6 DomainAdministration 107 3.3.7 A Few Words on Creating Subdomains . . . 112 3.3.8 ANoteonNamingInfrastructure 113 3.3.9 RegisteringAnOrganization’sDomainName 113 3.3.10 DynamicDNSNames(DDNS) 114 3.3.11 Microsoft Windows Considerations 115 3.3.12 FinalWordOnDNS 118 3.4 Network Management . . . 118 3.4.1 TheVariousDisciplines 119 3.4.2 The Mechanics of Network Management . . 119 3.4.3 The Effects of Network Management on Networks 123 3.4.4 The Management Strategy. . 124 Chapter 4. IP Routing and Design 127 4.1 TheNeedforRouting 127 4.2 TheBasics 128 4.3 TheRoutingProtocols 130 4.3.1 StaticRoutingversusDynamicRouting 131 4.3.2 RoutingInformationProtocol(RIP) 135 4.3.3 RIPVersion2 137 4.3.4 OpenShortestPathFirst(OSPF) 138 4.3.5 BorderGatewayProtocol-4(BGP-4) 141 4.4 Choosing a Routing Protocol 142 4.5 BypassingRouters 144 4.5.1 RouterAccelerator 144 4.5.2 Next Hop Resolution Protocol (NHRP) 145 4.5.3 RouteSwitching 148 4.5.4 MultiprotocoloverATM(MPOA) 149 4.5.5 VLAN IP Cut-Through 150 4.6 Important Notes about IP Design . 151 v 4.6.1 Physical versus Logical Network Design 152 4.6.2 FlatversusHierarchicalDesign 152 4.6.3 CentralizedRoutingversusDistributedRouting 152 4.6.4 Redundancy 153 4.6.5 FrameSize 154 4.6.6 Filtering 155 4.6.7 Multicast Support 155 4.6.8 Policy-BasedRouting 155 4.6.9 Performance 155 Chapter 5. Remote Access 159 5.1 RemoteAccessEnvironments 159 5.1.1 Remote-to-Remote 159 5.1.2 Remote-to-LAN 160 5.1.3 LAN-to-Remote 160 5.1.4 LAN-to-LAN 161 5.2 Remote Access Technologies . 162 5.2.1 RemoteControlApproach 163 5.2.2 RemoteClientApproach 163 5.2.3 RemoteNodeApproach 164 5.2.4 RemoteDialAccess 164 5.2.5 Dial Scenario Design 166 5.2.6 Remote Access Authentication Protocols 168 5.2.7 Point-to-Point Tunneling Protocol (PPTP) 170 5.2.8 Layer2Forwarding(L2F) 171 5.2.9 Layer 2 Tunneling Protocol (L2TP) 172 5.2.10 VPNRemoteUserAccess 180 Chapter 6. IP Security 187 6.1 SecurityIssues 187 6.1.1 CommonAttacks 187 6.1.2 ObservingtheBasics 187 6.2 SolutionstoSecurityIssues 188 6.2.1 Implementations 191 6.3 TheNeedforaSecurityPolicy 192 6.3.1 NetworkSecurityPolicy 193 6.4 IncorporatingSecurityintoYourNetworkDesign 194 6.4.1 Expecting the Worst, Planning for the Worst . . 194 6.4.2 Which Technology To Apply, and Where? 195 6.5 Security Technologies. 197 6.5.1 SecuringtheNetwork 197 6.5.2 SecuringtheTransactions 210 6.5.3 SecuringtheData 215 6.5.4 SecuringtheServers 218 6.5.5 HotTopicsinIPSecurity 218 Chapter 7. Multicasting and Quality of Service 227 7.1 TheRoadtoMulticasting 227 7.1.1 BasicsofMulticasting 229 7.1.2 TypesofMulticastingApplications 229 7.2 Multicasting 229 7.2.1 Multicast Backbone on the Internet (MBONE) . 230 7.2.2 IPMulticastTransport 231 7.2.3 MulticastRouting 234 vi IP Network Design Guide 7.2.4 MulticastAddressResolutionServer(MARS) 238 7.3 DesigningaMulticastingNetwork 239 7.4 QualityofService 241 7.4.1 TransportforNewApplications 241 7.4.2 QualityofServiceforIPNetworks 243 7.4.3 ResourceReservationProtocol(RSVP) 243 7.4.4 Multiprotocol Label Switching (MPLS) 244 7.4.5 DifferentiatedServices 245 7.5 Congestion Control 245 7.5.1 First-In-First-Out(FIFO) 246 7.5.2 Priority Queuing 246 7.5.3 Weighted Fair Queuing (WFQ) 246 7.6 ImplementingQoS 247 Chapter 8. Internetwork Design Study 249 8.1 SmallSizedNetwork(<80Users) 249 8.1.1 Connectivity Design. 250 8.1.2 Logical Network Design 252 8.1.3 Network Management 253 8.1.4 Addressing 254 8.1.5 Naming 255 8.1.6 Connecting the Network to the Internet . . . 255 8.2 MediumSizeNetwork(<500Users) 256 8.2.1 Connectivity Design. 258 8.2.2 Logical Network Design 259 8.2.3 Addressing 261 8.2.4 Naming 262 8.2.5 RemoteAccess 263 8.2.6 Connecting the Network to the Internet . . . 264 8.3 LargeSizeNetwork(>500Users) 265 Appendix A. Voice over IP 271 A.1 The Need for Standardization 271 A.1.1 The H.323 ITU-T Recommendations . . . 271 A.2 TheVoiceoverIPProtocolStack 273 A.3 VoiceTerminologyandParameters 273 A.4 VoiceoverIPDesignandImplementations 275 A.4.1 TheVoiceoverIPDesignApproach 277 Appendix B. IBM TCP/IP Products Functional Overview 279 B.1 SoftwareOperatingSystemImplementations 279 B.2 IBMHardwarePlatformImplementations 284 Appendix C. Special Notices 287 Appendix D. Related Publications 289 D.1 International Technical Support Organization Publications . . . 289 D.2 Redbooks on CD-ROMs . . . 289 D.3 OtherResources 289 How to Get ITSO Redbooks 291 IBM Redbook Order Form 292 vii List of Abbreviations 293 Index 299 ITSO Redbook Evaluation 309 viii IP Network Design Guide [...]... Network Design Implementation and Change A good IP network design also includes detailed documentation of the network for future reference A well designed IP network should be easy to implement, with few surprises It is always good to remember the KISS principle: Keep It Simple, Stupid! 1.1.5.1 The Design Methodology The design methodology recommended for use in the design of an IP network is a top-down design. .. areas of expertise include UNIX, specifically AIX, and TCP /IP services Paolo Borghi is a System Engineer in the IBM Global Services Network Services at IBM Italia S.p.A He has three years of experience in the TCP /IP and Multiprotocol internetworking area in the technical support for Network x IP Network Design Guide Outsourcing and in network design for cross industries solutions He holds a degree in... Ethernet network in a token-ring environment has to be carefully studied The design of the network must take place before any implementation takes place The design of the IP network must also be constantly reviewed as requirements change over time, as illustrated in Figure 3 on page 7 6 IP Network Design Guide Initial D es ign D eploym ent C om m is sio ning D es ign C han ge 2580C \C H 3F21 Figure 3 IP Network. .. redbook identifies some of the basic design aspects of IP networks and explains how to deal with them when implementing new IP networks or redesigning existing IP networks This project focuses on internetwork and transport layer issues such as address and name management, routing, network management, security, load balancing and performance, design impacts of the underlying networking hardware, remote access,... entire network The expendability of a network is improved by implementing a modular design For example, adding a new network segment or a new application to the network will not require re-addressing all the hosts on the network if the network has been implemented in a modular design • Security The security of an organization’s network is an important aspect in a design, especially when the network. .. broadcast networks are Ethernet, token-ring and FDDI, while examples of non-broadcast networks are frame relay and ATM 20 IP Network Design Guide It is important to differentiate the behaviors of both broadcast and non-broadcast networks, so that the usage and limitation can both be taken into consideration in the design of an IP network 2.1.1.2 Address Resolution Protocol (ARP) In a broadcast network, ... you a thorough tune-up on IP multicasting and IP quality of service (QoS), describing the pros and cons and the best design approaches to networks that have to include these features Chapter 8 contains descriptions of sample network designs for small, medium and large companies that implement an IP network in their environment These examples are meant to illustrate a systematic design approach but are... the overall design A good example of this is the modularity and scalability of the overall IP network The following are some basic considerations in designing an IP network 1.1.5.2 Overall Design Considerations Although much could be said about design considerations that is beyond the scope of this book, there are a few major points that you need to know: • Scalability A well designed network should... platform-specific issues Application design aspects, such as e-mail, gateways, Web integration, etc., are discussed briefly where they influence the design of an IP network After a general discussion of the aforementioned design areas, this redbook provides three examples for IP network design, depicting a small, medium and large network You are taken through the steps of the design and the reasoning as to... of a good network design The essence is in the word compromise One may need to trade off some fancy features to meet the cost, while still meeting the basic requirements 1.1.5.3 Network Design Steps Below is a generic rule-of-thumb approach to IP network design It presents a structured approach to analyzing and developing a network design to suit the needs of an organization Introduction 9 Network O . the Internet and IP Technologies . . . 1 1.1.2 The Open Systems Interconnection (OSI) Model 2 1.1.3 The TCP /IP Model 4 1.1.4 TheNeedforDesigninIPNetworks 5 1.1.5 DesigninganIPNetwork 6 1.2 ApplicationConsiderations. the design of an IP network. After a general discussion of the aforementioned design areas, this redbook provides three examples for IP network design, depicting a small, medium and large network. . on the network design. Chapter 4 explains routing, a cornerstone in any IP network design. This chapter closes the gap between the network infrastructure and the logical structure of the IP network