As an employee of ChipSet I have been asked to generate a
report to evaluate the LAN Technologies available to ChipSet. This report will
include detailed explanations one each available technology, details on traffic
management services, an evaluation on security issues as well an evaluation on
reliability and performance issues. To begin with we must understand where the
technologies/standards come from, below is an explanation of the IEEE and the
development of technologies/standards.
IEEE stands for the Institute of Electrical and Electronic
Engineers. The IEEE are responsible for developing standards/technologies for
the computer and electronics industry. The IEEE have stated “The first meeting
of the IEEE `Local Area Network Standards Committee`, Project 802, was held in
February of 1980.” (Overview and Guide to the IEEE 802 LMSC, 2016).
Standards are approved and defined by the IETF (Internet
Engineering Task Force), standards are go through a series of stages, first
starting as a draft and then evolving into an RFC (Request for Comments). If
the IETF approve the RFC it will then become a standard (Techopedia.com, n.d.,
b).Standards are in place so that all machines use the same standards and there
are no two devices that cannot connect together. Standards are also in place to
simplify connection for manufacturers and help increase debug performance. Not
all standards keep up with advancing technology, standard 802.4 has been known
to fail when a new device is added (Revolvy, n.d.), this causes the whole
network to crash and therefore has been classed as not active.
Services and protocols with the 802 map to the lower two
levels of the OSI model. The data link layer is split into two sub layers for
802. These are known as the LLC and the MAC.
LLC stands for the Logical Link Control. This is concerned
with managing the flow control, frame synchronisation and error control.
MAC stands for Media Access Control and these addresses are
a standard designed to identify machines on networks. A MAC address is made up
of 6 byte long binary numbers. The first section of a MAC address is designated
by the Manufacturer and the second section of the MAC address is designated by
the machine. Below is an example of a MAC address.
802 is a collective of standards for networks. There are
many 802 standards ranging from 802.3 which defines the MAC layer for bus
networks to 802.11 which defines the standards for wireless networking. I will
be discussing standard 802.1, 802.1q, 802.2, 802.3, 802.5, 802.11 and 802.15.
This is a standard for passing Extensible Authentication
Protocol (EAP) over a wired network or a wireless network. EAP sits inside the
protocol of something called point-to-point protocol, this protocol is often
used by ISP’s for DSL (Snyder, 2010). This standard packages the EAP into
Ethernet Frames, which are the payloads of an Ethernet packet.
802.1q is reserved for VLAN traffic on an Ethernet. VLAN
standards are distinguished by the insertion of an additional 4 bit tag. These
help switches to distinguish between physical groups and logical groups of LAN
ports (Juniper.net, 2017).
This standard is for the LLC sub layer and can also identify
line protocols and may also assign sequence numbers to frames and track
acknowledgments (SearchNetworking, 2006).
This is the standard specification for ethernet, this is a
method for network communication in LAN’s. This defines the characteristics and
physical media of Ethernet and the original speed supports 10 mbps. Physical
media includes; optical fibre, twisted pair and coaxial cable
802.5 is the standard for the token ring. This was developed
in the 1970’s and connects end devices in a ring, the image below displays
this. This sends tokens from host to host, only a host holding a token can send
data. This prevents packets from colliding. Token ring is unable to function if
one end device goes down (Wells, 2001).
802.11 is the most commonly used standard today. This is
known as the Wi-Fi standard and allows devices to connect to a network and
send/receive data wirelessly. There are many 802.11 standards ranging from
802.11a/b/g/n/ac(Lowe, 2013)”.Each one has its own benefits but as technology
increases the need for quicker and better Wi-Fi also increases. Sending a
packet to all devices on a device is known as broadcasting.
This is a well known standard and is widely used. This is
however more commonly known as Bluetooth. This standard defines parameters for
wireless communications across many devices, ranging from mobile devices to
PC’s (SearchMobileComputing, 2005).
Spanning Tree Protocol (STP)
The image below is an example of a STP network. This is
designed to prevent network loops when there are redundant paths in a network.
Process of election comes into play here and is where a switch becomes the main
point in the network. This allows the switch to choose which ports to forward
and which to block, hence allowing the network to prevent loops (Support et al.,
A VLAN is the process of creating virtual networks through
the ports on a switch. This can mean we can separate a switch’s clients into
three different sub groups for different departments of a business, allowing
them to communicate within the department more efficiently and a lot safer.
Within each VLAN created we can used what is known as trunking to send data
from one switch to another. This is ideal for initial setup as we can send the
information regarding the VLAN’s from one switch to another.
Hot Standby Router Protocol (HSRP)
This is a protocol that provides back-up for a router in the
event of a failure. To utilise this protocol several routers are connected on
the token ring or other topologies. These work together to give the appearance
of a single router, this is completed by the routers having the same IP address
and MAC address. This will help in the event of a router failure as clients on
the network are still forwarding to the same addresses (Webopedia.com, n.d.).
image below is an example of ether channelling, this type of network should
usually have ports blocked by the STP in order to prevent network loops. By
using a channel group command we can bypass this and create a network with
Inter Switch Link (ISL)
IP As expected ISL is the linking of two switches, more
specifically the sending of encapsulated data between switches. This protocol
can support up to 1000 VLANS across switches. The frames being sent from one switch
to another are first encapsulated and then a header is added for when it is received
by another switch over the trunk line. Cisco’s standard for this is known as
802.1q and is capable of supporting up to 4096 VLAN’s (Support et al., 2006).
Internet Protocol (IP)
IP is a unique identifier given to machines on a network.
There are currently two standards for IP address; IPv4 and Ipv6. Ipv4 uses 32
bits in the creation of an IP address and is expressed by four numbers separated
by full stops (Garden and Basics, n.d.). These created addresses can either be
static or dynamic. Static addresses are ones that are manually configured for
the machine. Dynamic addresses utilise the protocol known as DHCP (dynamic host
control protocol), this allows routers or servers to allocate the IP addresses
to all devices on the network. These dynamic addresses can also be set into
pools and this tells the DHCP protocol to what IP address to send each device
depending on the VLAN it is associated with. DHCP uses a lease system for the
IP address and this must either be renewed or a new one leased once the time
has limit has expired.
The OSI (Open Systems Interconnection) is a way in which we
can break down network architecture into seven different layers. The table
below shows what each layer is designated for and the protocols within each
SMTD, POP, HTTP, FTP
Network Layer (Internet)
Data Link Layer
Data Encapsulation & Decapsulation
As the data is passed from one layer of the OSI model to the
next it goes through a process called encapsulation. This allows each layer to
add its own header containing information regarding the next node, protocol
information and the destination address. Completing this process in reverse
order is known as decapsulation.
A switch serves as a controller to enable devices within
networks to communicate with each other effectively and efficiently. Some
switches use different layers of the OSI which can enable network engineers to
complete different tasks and save money on hardware.
Layer 2 Switch
The layer two switch learns mac addresses automatically.
This creates a mac address table and can allow for the network to selectively
forward packets (Stevens and Pro, 2006).
Layer 3 Switch
A layer three switch is different in that it focuses around
IP address rather than mac addresses. This switch acts like a router and
contains the routing information protocol. Due to this the switch can complete
interVLAN routing which can divide the network into multiple broadcast domains
(Stevens and Pro, 2006).
Layer 4 Switch
The layer four switch can control the network traffic and
makes decisions based upon the inspection of each packet. This switch is most
useful in larger networks, for instance, if a server was offline the switch
could redirect the traffic on the network. This switch can also decide whether
to use TCP or UDP when an end device wants to do different things on the
internet (Techopedia.com, n.d., c).
As the internet grows so does the different types of file
sizes and the speed at which we need to access them. As this has developed so
have the standards used to access the internet wirelessly. Below are three
different wireless technologies that are commonly used today.
802.11g offers a wireless speed of up to 54mbps over a short
range. This uses the 2.4ghz frequency. This standard was specifically designed
for cross compatibility. The 802.11n standard was specifically designed for
speed and can use either the 2.4ghz frequency or the 5ghz frequency. This was
capable of speeds of up to 450mbps. The latest 802.11 standard is 802.11ac and
offers theoretical speeds of up to 1gbps but this has yet to be recorded with
the highest recorded speed reaching 800mbps. This primarily uses the 5GHz
There are many client devices available to chipset. These
are printers, computers, laptops and mobile devices. Printers are available to
be used either wirelessly or connected to various computers, these will allow
for reports and other such documents to be printed. Having these wireless means
ChipSet only need one printer for many end-devices. Most available client
devices, for example laptops or mobile devices, will be able to connect to
ChipSet’s network whether it’s wirelessly or through a cable. These allow for
the exchange of emails, the exchange of files and can help with market research
by browsing the internet.
The final client device I would like to discuss is a
computer. This is the most valuable client device that can be used in any
business. This can allow for the creation of documents, the browsing of the
internet, the sending/receiving of emails and can even be used to alter aspects
of the network infrastructure. Due to new management systems being designed
around a business’s niche this client device will ultimately help to improve
the efficiency and profits of ChipSet.
How Data Is Sent
The image above is of a network with two PC’s connected in
different locations. If one PC wants to send data to other it goes through the
layers on the OSI model to get encapsulated and when the other device receives
the packets it will then decapsulate then.
To start with the PC’s NIC converts the data into packets
and then sends it over the ether cable to the switch. The switch receives the
packets and reads the mac-address associated with the transmission, from here
it is sent to the router. The router will then read the mac address and ARP
will then locate the associated IP address. From here it will send it through
the ISP to R2 where the IP address will be read and then converted back into
the mac-address. The receiving switch will then begin decapsulating the packets
for the PC to be able to read it as data.
As ChipSet is looking to use many services that require
traffic to constantly be flowing through the network, such as VOIP and video
conferencing. Below are technologies that can be implemented to guarantee these
services will run efficiently.
Differentiated Services Code Point (DSCP)
Differentiated services code point is a method of
controlling network traffic in way that certain traffic can gain preference
other others. Voice traffic is a perfect example of this, because it requires a
constant flow it is given precedence over others. The differentiated services
allocates the packet with an IP header containing a 6-bit code. These are how
the network can identify the priority level of the packets (WhatIs.com, 2005).
Where DSCP uses 6-bits of a packet, IP Precedence uses
3-bits. These are given priority numbers so the network can understand which
packets take more precedence over others. The table below shows how each 3-bits
are relevant to the different levels of priority.
This is however the old way in which to manage traffic over
a network and DSCP should be go to unless the router is too old to support it
When the precedence of the packets have not been defined the
network is likely to develop queues. A queue is a collection of packets
awaiting transmission across to a networked device. This works similarly to a
standard queue within a supermarket, by issuing the first in first out rule we
can reduce the amount of packets with the queue. Generally the queue is reduced
according to the packets arrival, priority and smallest task (Techopedia.com, n.d.,
This is a method used by a server acting as a firewall. This
is policy based and governs what is and what is not allowed through a network.
This works in one of two ways, either it allows nothing through (unless
specified otherwise) or it allows everything through (unless specified
otherwise). Generally this works on a top down basis, this means the rule
listed first will be acted upon (SearchNetworking, 2007).
This is also known as the 802.1q standard and is used to
tell which VLAN a packet belongs to. These packets are tagged with a 32 bit
header. The image below show the what is included in a packet which has a frame
The first 16 bits are reserved for the Tag Protocol
Identifier (TPID), the next three bits are reserved for the Priority code point
(PCP), the next 1 bit is reserved for the Drop Eligible Indicator (DEI) and the
final 12 bits are reserved for the VLAN Identifier (VID). The second half of
the frame tag is where the Tag Control Information (TCI) is located. The PCP is
used for quality service and the VID is used for the VLAN number (Understanding
the native Vlan and 802 1Q tagged fram, 2014).
For packets to be received by a client on a network there
are two standards that can be used. The first being Transmission Control
Protocol (TCP), this allows for the packets to be sent once the connection has
been established. This standard is commonly used for general transfer as
packets, due to the fact it double checks all packets have been received and
resends the ones that haven’t. This prevents packet loss.
User Datagram Protocol (UDP) is mainly used for video calls
and voice chats over a network. This is different to TCP because there is no
error checking. While this may seem as a disadvantage, it guarantees that a
quicker transmission of the packets. Therefore the constant stream of packets
is better suited to being used with UDP.
There are many methods of securing a network, ChipSet will
need to implement these to make sure the performance and the reliability of
their network is secure and running. Below are technologies that can help
ChipSet to successfully do this.
Every business or organisation has its own policies and
procedures as well legislation that employees must be following. The
legislation is so the company does not come under any scrutiny but the policies
are so that all tasks are completed in a way which is universal and makes the
entire enterprise conglomerate into one effective and efficient company.
The policies will identify what is acceptable to do on a
network or on the internet. For example, ChipSet could use policies specifying
passwords, email filters, wireless communications and many more. If broken
these could cause harm to the network and could ultimately be a violation of an
Policies can also be set from the server. These policies
specify what each machine on the network can access. For example, setting the
games as disabled will mean the workforce will not have the access to the games
and can help to prevent them from getting distracted.
Padlocks and other kind of security locks are used for
everything ranging from bicycles to cash safes. Setting up a network can be
very expensive and must be secure. Using combination locks for the server room
and lock boxes for the switches will help to prevent unnecessary tampering with
the network. Similarly blocking unauthorised programs on the computers can
prevent tampering. A newly integrated safety precaution is being widely used,
this is biometric locks. These utilise the fingerprints and retinas of people
in order for minimal access to restricted areas. These can also be used by
ChipSet to prevent access to areas such as the server room but will be highly
Switch Port Control
Port control on a switch is vital, when linking many
switches together and creating VLAN’s we can use what is known as trunking.
This allows for the specified ports on a switch to forward the configurations
based on VTP domains. We can also create security measures on the switches,
this can be done through mac-addresses and allows us to specify the maximum
amount of devices that can be used on specific ports. We can also create what
is known as sticky. This is a method of allowing a port to allocate a
mac-address once a device has been connected and tells the port to only allow
access to the designated mac-address. This method can be overruled by the
network administrator but keeps ChipSet safe from additional devices being
connected without authorisation.
Access Control Lists
An Access Control Lists is a table that, when created in a
multilayer switch or router, can allow different sections of the network to
communicate or not allow them to communicate. This can also be done based on
VLAN’s through a multilayer switch. Each VLAN must be given an IP address and
from here we are able to define which parts of the network these VLAN’s can
access. For ChipSet this can be a very good technology to implement. By allowing
each VLAN access to only the server’s means that the VLAN’s can only
communicate within themselves and stops any files on the networked machines
being accessed from other departments/VLAN’s.
Mac Address Filtering
This a technology ChipSet can implement to allow only select
devices onto their wireless network. By ascertaining the Mac-address of a
device a list can be created doing just this. This is all good in theory but
can be spoofed relatively easily, meaning that an attempt to gain unauthorised
access to network is possible.
Wireless security is much safer than Mac-address filtering,
ChipSet have the availability of using many methods to encrypt a password on
the wireless router. These are known as WEP, WPA and WPA2. The current standard
is WPA2 and is the safest option to use. Changing the password regularly can
also prevent the network from having a device gain unauthorised access.
As well as encryption methods the wireless technology of
using SSID’s to name the wireless broadcasts can help ChipSet greatly. Having
access points for each office, with different SSID’s, means that only devices
on that VLAN can gain access to the networks wireless.
This is also known as port mirroring. This is the process of
copying and sending packets from one port to another. This is a network
monitoring technique and can allow ChipSet to monitor the activity on its
network for breaches in security or machines accessing unauthorised content on
the internet. The biggest benefit to implementing this is that it is hidden
from the source and other nodes on a network meaning that the implementation
and use of this technique will go undetected (Techopedia.com, n.d., d).
ChipSet will require a reliable network for all of its day to
day activities. Many features can affect a network from being reliable;
latency, device reliability and packet loss are some such issues. Latency is
the delay in which packets are being received by devices, applications such as
voice and video require a constant stream and specifying these applications to
receive packets using UDP can ensure that the stream is constant. Device
reliability is a must, ChipSet can implement HSRP in order to prevent routers
from failing and can also implement STP which will reroute packets if a switch
is offline. Packet loss can be prevented by using TCP as this will double check
all packets have been received successfully and will resend the packets if they
A networks performance can be affected by reliability as
well as the speed of the network. By implementing the methods describe above
ChipSet can guarantee the performance of their network will not drop out
suddenly. The network can also be implemented using etherchannels, this will
drastically increase the speed of the network and allow for more bandwidth. By
etherchannelling from a multilayer switch to a switch for each office ChipSet
can give each room double or even triple the expected bandwidth.