 Offered by Carriers
 X.25
 Old, slow, and not sufficiently cheaper than frame relay
 Frame Relay
 Speeds in main range of user demand
 Attractive prices
 Dominates the market today
 ATM
 High speeds and costs
2

 Oldest packet switched network service (1970s)
 Low speed (maximum around 64 kbps)
 Mature: easy to implement
 Uses PVCs
 Reliable service, so latency in transmission
 Mostly replaced by Frame Relay
3

 Software upgrade to X.25 switches
 Uses PVCs
 Unreliable, so much faster on same switches
 Good speed range: 56 kbps - 40 Mbps: Meets most corporate needs (most under 2 Mbps)
 Priced aggressively to kill leased lines
(succeeding)
 Best-selling packet switched network service
See more here .
4

 Offers very high speeds
 622 Mbps, 2.5 Gbps to 40 Gbps
 Connection-oriented (PVCs), unreliable
 Quality of Service (QOS) guarantees critical traffic
 Minimize latency (delays)
 Inherent reliability (low loss rate)
 Technical details beyond this course
Building more bandwidth than needed
5

 Speeds are beyond most corporate needs today
 High costs
 Seen as the next generation
 But Frame Relay keeps increasing in speed in low
Mbps range where market demand is highest
 Used by providers
 e.g. AT&T, to support both ATM and Frame Relay for customers
See AT&T ATM pricing
6

 Customer Premises Equipment
 Access Line to Point of Presence
 Port Speed
 Per PVC Price
 Distance and Traffic Volume
7

 Access Device
 Has link to internal system (often a LAN)
 Has CSU/DSU to put internal traffic into format for
Frame Relay transmission
 In Frame Relay, called Frame Relay Access Device
(FRADS)
Access Device Access Line to Network
LAN
8

 CSU/DSUs are removable expansion boards
Modular Router
Router Switching Circuitry
Port 1
CSU/DSU
(T1)
Port 2
CSU/DSU
(56 kbps)
Port 3
CSU/DSU
(T3)
Port 4
CSU/DSU
(56 kbps)
T1 Line 56 kbps Line T3 Line 56 kbps Line
9

Customer
Premises
A
Elements of a Packet Switched Network
LEC
Switching
Office
POP at LEC
Office
Leased
Access Line to POP
Leased
Access Line to POP
You need a leased access line to the network’s
POP.
Sometimes the packet switched network vendor pays the cost of the access line for you and bundles it into your service charges.
10

Elements of a Packet Switched Network
Switched
Data
Network
Trunk
Line
Network
Switching
Office
Customer
Premises B
Leased
Access Line
POP
11

 Speed of the Access Line from Site to Network
 Determines maximum transmission rate to the network
 Often called the Port Speed (not in the book)
 Often the most important price determinant
 Must be fast enough for needs
See Frame Relay over DSL -- a price issue
12

 In Some Frame Relay networks, two speeds
 Committed Information Rate (pretty much guaranteed)
 Available Bit Rate (like flying standby) for bursts. Not guaranteed.
 Price depends both on CIR and ABR
 Access line speed must be fast enough for ABR
13

 Additional price per PVC
 Usually small compared to the access line charge
 One access line can multiplex all PVCs to/from site
 PVCs share access line speed
Site
PVC1
PVC2
14

 Situation
 You have four sites
 You want any one to be able to reach any other
 Questions
 How many PVCs do you need?
 How many access lines do you need?
15

 PVCs
 If you have N sites, there are N(N-1)/2 possible connections
 In this case, you would have 4(3)/2 or 6 possible connections
 Some vendors count this as 6 PVCs, others as 12 PVCs
 Access Lines
 You would need four access lines (one for each site)
 Each will multiplex 3 PVCs
 Must be fast enough for the needs of communication with the three other sites
16

 May Depend on Distance
 But often a flat monthly rate throughout the carrier’s service area
 May Depend on Traffic
 But often a flat monthly rate based only on the speed of the access line
17

 Leased Lines
 Point-to-point, inexpensive for thick routes
 Inflexible: must be established ahead of time
 Packet Switched Networks
 Also must be established ahead of time for PVCs
 Competitor for leased line networks
 Priced aggressively
 Carrier does all the management
 Killing the leased line business
18

 Circuit Switched Networks (ISDN, Switched 56)
 Any-to-any connectivity by dialing number
 Highest speed is ISDN: 64 kbps to 128 kbps
 Packet Switched Networks (X.25, Frame Relay, ATM)
 PVCs make them primarily competitors to leased lines
 Megabit to gigabit speeds
 SVCs may provide any-to-any flexibility in the future
 IP services, MPLS , ATM trends
Note : more MPLS details
19

VPN Server
Corporate
Site A
1.
Site-to-Site
Tunnel
Internet
2. Remote
Customer PC
(or site)
Extranet
VPN Server
Corporate
Site B
Remote
Access for
Intranet
3. Remote
Corporate PC
20

 Virtual Private Network (VPN)
 Transmission over the Internet with added security
 Some analysts include transmission over a PSDN with added security
 Why VPNs?
 PSDNs are not interconnected
 Only good for internal corporate communication
 But Internet reaches almost all sites in all firms
 Low transmission cost per bit transmitted
21

 VPN Problems
 Latency and Sound Quality
 Internet can be congested
 Creates latency, reduces sound quality
 Use a single ISP as for VoIP (voice over IP)
 Security
 PPTP for remote access is popular
 IPsec for site-to-site transmission is popular
 New IP services (see MCI offerings)
22

 Remote Access VPNs
 User dials into a remote access server (RAS)
 RAS often checks with RADIUS server for user identification information. Allows or rejects connection
Unsecure TCP
Control Channel
Local
Access
Secure Tunnel
RADIUS
Server
PPTP
RAS
Corporate
Site A
Internet ISP
PPTP
Access
Concentrator
23

 Point-to-Point Tunneling Protocol
 Available in Windows since Windows 95
 No need for added software on clients
 Provided by many ISPs
 PPTP access concentrator at ISP access point
 Some security limitations
 No security between user site and ISP
 No message-by-message authentication of user
 Uses unprotected TCP control channel
24

 IP Security (IPsec)
 Tunnel mode: sets up a secure tunnel between IPsec servers at two sites
 No security within sites
 No need to install IPsec software on stations
 Transfer mode: set up secure connection between two end hosts
 Protected even on internal networks
 Must install IPsec software on stations
25

Local
Network
IPsec
Server
Tunnel
Mode
Secure
Tunnel
IPsec
Server
Local
Network
No Security
In Site Network
Tunnel Only
Between Sites
Hosts Need No
Extra Software
No Security
In Site Network
26

Local
Network
IPsec
Server
Transfer
Mode
IPsec
Server
Local
Network
Secure
Tunnel
Security
In Site Network
End-to-End (Host-to-Host)
Tunnel
Hosts Need IPsec Software
Security
In Site Network
27

 IP Security (IPsec)
 At internet layer, so protects information at higher layers
 Transparent: upper layer processes do not have to be modified
HTTP SMTP FTP SNMP
Protected
TCP UDP
Internet Layer with IPsec Protection
28

 IP Security (IPsec)
 Security associations:
 Governed by corporate policies
Party A
List of
Allowable
Security
Associations
IPsec Policy Server
List of
Allowable
Security
Associations
Party B
29