Local Area Networks I by nK824Q


									 HW 7 Solutions (Case solutions are at the bottom of the document)
6.   Distinguish between private line voice networks and private line data networks.
       The main difference between private line voice networks and private line data
       networks is that data networks use routers at each site, whereas voice networks use
       PBXs at each site.

9.   a) Describe the elements of PSDN technology.
       There is a single private line running from each site to a POP at the PSDN cloud.
       The PSDN cloud is run by the Frame Relay carrier.

     b) Do customers need private lines if they use PSDNs?
       Customers only need one private line per site if they use PSDNs.

     c) Compare private line costs for private line networks and PSDNs.
       Private line costs for PSDNs are much lower than costs for private line networks.
       Private line data networks use mesh and hub-and-spoke topologies. Both approaches
       use many private lines, and these private lines must span long distances—all the way
       between sites. This is very expensive.
       In contrast, using a PSDN, the user only needs one private line per site. This private
       line only has to run from the site to the PSDN’s nearest POP. Furthermore, most
       PSDN carriers have many POPs, so that the few private lines that are needed tend to
       span only short distances, further cutting costs.

     d) Why is the PSDN transport core drawn as a cloud?
       The PSDN transport core is drawn as a cloud to reflect the fact that although the
       PSDN has internal switches and trunk lines, the customer does not have to know how
       things work inside the cloud. The PSDN carrier handles almost all of the management
       work that customers have to do when running their own private line networks.
       Customers merely have to send and receive data to the PSDN cloud in the correct

     e) Why do PSDNs tend to cost less than private line networks?
       PSDNs tend to cost less than private line networks because there are strong
       economies of scale in managing very large PSDNs instead of individual corporate
       line networks. There are also very large economies of scale in PSDN technology.
       These economies of scale allow low PSDN prices compared to the costs of running
       private line networks.

     f) What things do SLAs guarantee?
       Service level agreements (SLAs) guarantee throughput, availability, latency, error
       rate, and other matters.
      g) Why would an SLA guarantee maximum latency rather than minimum latency?
        An SLA would guarantee maximum latency rather than minimum latency. The
        guarantee represents not a goal for the ideal situation, so much as the limit to the least
        ideal situation. Setting a maximum latency means that latency is guaranteed to be no
        higher than this value, so the network can plan for such latency accordingly.

12.   a) What is the name of the Frame Relay virtual circuit number, and how long is it
        The Frame Relay virtual circuit number is called the Data Link Control Identifier
        (DLCI). It is 10 bits long.

      b) Distinguish between PVCs and SVCs.
        Permanent Virtual Circuits (PVCs) are virtual circuits set up between corporate
        sites once and kept in place for weeks, months, or years at a time.
        Switched virtual circuits (SVCs) are virtual circuits that are set up just before a
        call and that last only for the duration of the call.

      c) Which is are more expensive?
        SVCs are more expensive.

16.   a) What is a VPN?
        A virtual private network (VPN) is transmission over the Internet with added
        security for data transmission.

      b) Why are VPNs attractive?
        VPNs are attractive because they should offer much lower costs than private line
        networks or PSDNs, while offering adequate security.

      c) Why are managed VPNs attractive?
        Managed VPNs are attractive because carriers install and do active management of
        these VPNs, including VPN equipment at the customer site. Essentially, managed
        VPNs are a way for companies to outsource their VPNs.

      d) What is a remote access VPN?
        A remote access VPN is a VPN used to connect an individual user to a corporate site.

      e) What are site-to-site VPNs?
        Site-to-site VPNs are VPNs that connect LANs at different sites.

      f) Why are site-to-site VPNs likely to become the largest corporate use for VPNs?
        Site-to-site VPNs are likely to become the largest corporate use for VPNs because
        they carry the traffic of many users at each site.
      g) What are host-to-host VPNs?
         Host-to-host VPNs are VPNs that are set up directly between two hosts, allowing two
         employees to communicate securely.

18.   a) Is PPTP for remote access VPNs or site-to-site VPNs?
         The Point-to-Point Tunneling Protocol (PPTP) is for remote access VPNs.

      b) Describe PPTP authentication.
         In PPTP authentication, the remote user connects to a remote access server (RAS),
         which authenticates the user. The remote access server will then typically check with
         an authentication server for authentication information. Typically, this is a RADIUS

      c) Why is PPTP attractive? (Give two reasons.)
         PPTP is attractive because it provides protection transparently to everything at the
         internet and higher layers and because it has been built into Windows clients since
         Windows 98, which means that corporations do not have to install any new software
         on their many clients.

      d) At what layer does it operate?
         PPTP works at the data link layer.

      e) What communications does it protect?
         PPTP protects all communications above the data link layer.

20.   a) Of the three VPN security technologies in this section, which provides transparent
      security to higher layers?
         IPsec and PPTP provide transparent security to higher layers.

      b) Which tends to require the installation of software on many client PCs?
         IPsec tends to require the installation of software on many client PCs if it is used in
         transport mode.

      c) Which has the strongest security authentication?
         IPsec has the strongest authentication.

      d) Which would you use for an intranet that gives employees remote access to a highly
      sensitive Webserver via the Internet? (This is not a trivial question.) Justify your answer.
         SSL/TLS with added password authentication is simplest to implement but does not
         offer very strong security. You could use a digital certificate for the client, but if you
         did that, you might as well go to IPsec, which offers very strong security.
         Very sensitive information deserves the strongest possible security. This is IPsec.
                                                                                 Chapter 4a:

                    Case Study: Rewiring a Building

Due Date: ________________

Last name (family name): ________________

First name (given name): _______________________

Test Your Understanding Questions
1.     Why is the college’s data network not adequate for its needs?
         The college’s data network is not adequate for its needs because it was installed in the
         1980s using Cat3 wiring and 10Base-5 cabling. The network’s performance (shared
         10 Mbps) was adequate when it was constructed in the mid-1980s and for several
         years after that. By the late 1990s, however, the number of computers attached to the
         network had passed 200, and performance slowed to a crawl. LED collision lights on
         the repeaters glowed red all day long, and the network would sometimes freeze up for
         several seconds at a time.

2.      a) What would be the cost of a completely new network with Category 5e UTP and an
optical fiber backbone?
         It would cost $325,000.

       b) What would be the components of that cost?

                             Fiber backbone               $200,000
                                Price per wall jack          $250
                                Number of wall jacks           300
                                Total                      $75,000
                             Switches                      $20,000
                             closets                       $30,000
                             Total                        $325,000
     c) What would be the total cost per wall jack?
        The cost per wall jack would be $1,083.33 ($325,000/300).
        Not $250, which is just for UTP.

     d) In what ways is complete rewiring the best option?
        Complete rewiring is the best option because it would meet all of the CBA’s current
        needs, and it would be sufficient if switches were upgraded later, even to provide
        gigabit speed to each desktop.

3.   a) What would be the cost of using existing data UTP lines?
        The cost of using existing data UTP lines would be $75,000.

     b) What would be the components of that cost?
        The components of that cost would be a switch with many ports, as well as
        considerable rewiring to connect existing UTP wire runs to the switch.

     c) What would be the cost per wall jack?
        The cost per wall jack would be $250 ($75,000/300 wall jacks).

     d) What problems would this option create?
        This option would create several problems. Runs to some office desktops might not
        work because some runs are more than 100 meters and the wiring quality is poor,
        leaving those desktops completely unaided by the improvements to the system.
        [However, at only 10 Mbps, the wiring distance limitation is a bit more forgiving.]
        In addition, this option would only bring 10 Mbps to each desktop.
        Also, using existing data UTP lines would not allow for the system to be upgraded
        easily later if traffic demand grows even more, which is likely.

4.   a) What would be the cost of a resegmentation?
        The cost of resegmentation would be about $30,000.

     b) What would be the cost per wall jack?
        The cost per wall jack would be $100 ($30,000/300 wall jacks).

     c) Would it reduce congestion to an acceptable level?
        Resegmentation would reduce congestion to an acceptable level.
      d) What problems would this option create?
         The main problem that this option creates is that all stations in a segment would share
         10 Mbps, so that the throughput for individual stations would fairly low. Also, like the
         option in Question 3, this option probably would not scale well if the CBA’s network
         grows in the future.
         In addition, the network’s optical fiber runs are in the open, so they are unsightly and
         prone to damage from the elements and from vandalism.

5.      Put on your consultant’s hat. Which option would you recommend and why? You can
also offer another option.
         Any can be defended.
         In practice, the CBA immediately implemented segmentation (the option in
         Question 5), and that immediately reduced congestion to being a nonproblem for most
         Later, it implemented the use of the existing “Cat 3 on a good day” wiring to desktops
         (the option in Question 4). This sped things up a little more, because 10 Mbps was not
             Switches were placed in wiring cabinets—one for each tower. This kept the wire
             runs to the desktop less than 100 meters.
         If the CBA does not get a new building, it will eventually have to upgrade to a state-
         of-the-art facility.

To top