avaya phoneawaya fone
TRANSCRIPT
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 1/23
Product Details
The S8300 Media Server resides inside a G700, G350 or G250 Media Gateway. It can
be used as a standalone communication system or as a fully surivable remote
gateway. The S8300 can be the primary controller for up to 50 remote G250, G350 and G700 Media
Gateways.
As with the S8400, S8500 and S8700 series Media Servers, the S8300 supports the Linux operating
system and it is powered by Communication Manager. It supports industry standard call control, quality
of service, management functions, and IP, digital, and analog endpoints.
Manufacturing Info
The S8300 Media Server is an Avaya Product manufactured by Celestica in Monterrey, Mexico.
Avaya IP Office
Avaya IP Office is an all-in-one solution specially designed to meet the
communications challenges facing the home office, small office and
medium enterprise with two to 360 extensions.
Built on Avaya`s latest advancements in converged voice and data
technology, you can benefit from many of the advantages sophisticated
communications deliver to your business. Use it as a voice solution,
employing either IP technology, more traditional telephony or a
combination of both and you can benefit from a comprehensive set of
telephony features. Use it as a data solution to deliver both local area and
wide area networking capability. And because it`s an all in one solution you
can use it as a converged solution delivering both your voice and data requirements. Avaya IP Office can
help businesses to improve productivity in the work place. Integrated messaging, voice mail and autoattendant can help your staff to manage calls and messages more efficiently. Support for remote
working is an integral part of the portfolio.
The full Avaya IP Office solution is easily managed through Avaya IP Office Manager, a Microsoft®
Windows®-based PC software application. Every Avaya IP Office platform protects your investments by
supporting common software, telephones, applications and a range of device and user capacity.
Expansion modules help you meet your changing or growing needs while retaining the cost-
effectiveness of your original investment.
Vmware
VMW is a company providing virtualization software founded in 1998 and based in USA. It is majorilyowned by EMC Corporation.VMware's desktop software runs on Microsoft Windows, Linux, and Mac OS
X, while VMware's enterprise software hypervisors for servers, VMware ESX and VMware ESXi, are bare-
metal embedded hypervisors that run directly on server hardware without requiring an additional
underlying operating system.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 2/23
While VMware Infrastructure 3.5 was in development, vSphere was conceived as an enhanced suite of
tools with cloud computing utilizing VMware ESX/ESXi 4.The cloud computing-enabled tool suite was
spun off as VMware Infrastructure 4 (for short, VI 4) parallel to but distinct from VMware Infrastructure
3.5 (VI 3.5) that was then ready for release (March 30, 2009).VMware eventually announced vSphere 4
instead of VI 4 on April 21, 2009 and released it on May 21, 2009.VMware released Update 1 for
vSphere 4 on November 19, 2009 to add support for Windows 7 and Windows Server 2008 R2.
VMware's vSphere 4.1 began shipping in August 2010. This update included an updated vCenter
Configuration Manager as well as vCenter Application Discovery Manager, and the ability of vMotion to
move more than one virtual machine at a time from one server host to another.VMware released
Update 1 for vSphere 4.1 on 10 February, 2011 to add support for RHEL 6, RHEL 5.6, SLES 11 SP1 for
VMware, Ubuntu 10.10, and Solaris 10 Update 9.A secret installation of vSphere was used by a
disgruntled former employee to wipe out a New Jersey based pharmaceutical company's VMware
installation in February of 2011, costing a reported $800,000 loss.
DHCP
The Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol for hosts on
Internet Protocol (IP) networks. Computers that are connected to IP networks must be configured
before they can communicate with other hosts. The most essential information needed is an IP address,
and a default route and routing prefix. DHCP eliminates the manual task by a network administrator. It
also provides a central database of devices that are connected to the network and eliminates duplicate
resource assignments.In addition to IP addresses, DHCP also provides other configuration information,
particularly the IP addresses of local caching DNS resolvers, network boot servers, or other service hosts.
DHCP is used for IPv4 as well as IPv6. While both versions perform much the same purpose, the details
of the protocol for IPv4 and IPv6 are sufficiently different that they may be considered separateprotocols.Hosts that do not use DHCP for address configuration may still use it to obtain other
configuration information. Alternatively, IPv6 hosts may use stateless address autoconfiguration. IPv4
hosts may use link-local addressing to achieve limited local connectivity.
Name server
In computing, a name server (also spelled nameserver) is a program or computer server that
implements a name-service protocol. It maps a human-recognizable identifier to a system-internal,
often numeric, identification or addressing component.The most prominent types of name servers in
operation today are the name servers of the Domain Name System (DNS), one of the two principal name
spaces of the Internet. The most important function of these DNS servers is the translation (resolution)
of humanly memorable domain names and hostnames into the corresponding numeric Internet Protocol
(IP) addresses, the second principal Internet name space which is used to identify and locate computer
systems and resources on the Internet.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 3/23
FTP
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to
another host over a TCP-based network, such as the Internet. FTP is built on a client-server architecture
and utilizes separate control and data connections between the client and server.FTP users may
authenticate themselves using a clear-text sign-in protocol but can connect anonymously if the server isconfigured to allow it.The first FTP client applications were interactive command-line tools,
implementing standard commands and syntax. Graphical user interface clients have since been
developed for many of the popular desktop operating systems in use today.
LAN
A local area network (LAN) is a computer network that interconnects computers in a limited area such as
home, school, computer laboratory or office building.[1] The defining characteristics of LANs, in contrast
to wide area networks (WANs), include their usually higher data-transfer rates, smaller geographic area,
and lack of a need for leased telecommunication lines.ARCNET, Token Ring and other technology
standards have been used in the past, but Ethernet over twisted pair cabling, and Wi-Fi are the two
most common technologies currently used to build LANs.
Standards evolution
The development and proliferation of personal computers using the CP/M operating system in the late
1970s, and later DOS-based systems starting in 1981, meant that many sites grew to dozens or even
hundreds of computers. The initial driving force for networking was generally to share storage and
printers, which were both expensive at the time. There was much enthusiasm for the concept and for
several years, from about 1983 onward, computer industry pundits would regularly declare the coming
year to be “the year of the LAN”.
In practice, the concept was marred by proliferation of incompatible physical layer and network protocol
implementations, and a plethora of methods of sharing resources. Typically, each vendor would have its
own type of network card, cabling, protocol, and network operating system. A solution appeared with
the advent of Novell NetWare which provided even-handed support for dozens of competing card/cable
types, and a much more sophisticated operating system than most of its competitors. Netware
dominated[12] the personal computer LAN business from early after its introduction in 1983 until the
mid 1990s when Microsoft introduced Windows NT Advanced Server and Windows for Workgroups.
Of the competitors to NetWare, only Banyan Vines had comparable technical strengths, but Banyan
never gained a secure base. Microsoft and 3Com worked together to create a simple network operating
system which formed the base of 3Com's 3+Share, Microsoft's LAN Manager and IBM's LAN Server - but
none of these were particularly successful.
During the same period, Unix computer workstations from vendors such as Sun Microsystems, Hewlett-
Packard, Silicon Graphics, Intergraph, NeXT and Apollo were using TCP/IP based networking. Although
this market segment is now much reduced, the technologies developed in this area continue to be
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 4/23
influential on the Internet and in both Linux and Apple Mac OS X networking—and the TCP/IP protocol
has now almost completely replaced IPX, AppleTalk, NBF, and other protocols used by the early PC LANs.
Cabling
Early LAN cabling had always been based on various grades of coaxial cable. However shielded twisted
pair was used in IBM's Token Ring implementation, and in 1984 StarLAN showed the potential of simple
unshielded twisted pair by using Cat3—the same simple cable used for telephone systems. This led to
the development of 10Base-T (and its successors) and structured cabling which is still the basis of most
commercial LANs today. In addition, fiber-optic cabling is increasingly used in commercial applications.
As cabling is not always possible, wireless Wi-Fi is now the most common technology in residential
premises, as the cabling required is minimal and it is well suited to mobile laptops and smartphones.
Technical aspects
Network topology describes the layout pattern of interconnections between devices and networksegments. Switched Ethernet has been for some time the most common Data Link Layer and Physical
Layer implementation for local area networks. At the higher layers, the Internet Protocol (TCP/IP) has
become the standard. Smaller LANs generally consist of one or more switches linked to each other,
often at least one is connected to a router, cable modem, or ADSL modem for Internet access.Larger
LANs are characterized by their use of redundant links with switches using the spanning tree protocol to
prevent loops, their ability to manage differing traffic types via quality of service (QoS), and to segregate
traffic with VLANs. Larger LANs also contain a wide variety of network devices such as switches,
firewalls, routers, load balancers, and sensors.LANs may have connections with other LANs via leased
lines, leased services, or by tunneling across the Internet using virtual private network technologies.
Depending on how the connections are established and secured in a LAN, and the distance involved, aLAN may also be classified as a metropolitan area network (MAN) or a wide area network (WAN)
Design options
WANs are used to connect LANs and other types of networks together, so that users and computers in
one location can communicate with users and computers in other locations. Many WANs are built for
one particular organization and are private. Others, built by Internet service providers, provide
connections from an organization's LAN to the Internet. WANs are often built using leased lines. At each
end of the leased line, a router connects the LAN on one side with a second router within the LAN on the
other. Leased lines can be very expensive. Instead of using leased lines, WANs can also be built using less
costly circuit switching or packet switching methods. Network protocols including TCP/IP deliver
transport and addressing functions. Protocols including Packet over SONET/SDH, MPLS, ATM and Frame
relay are often used by service providers to deliver the links that are used in WANs. X.25 was an
important early WAN protocol, and is often considered to be the "grandfather" of Frame Relay as many
of the underlying protocols and functions of X.25 are still in use today (with upgrades) by Frame Relay.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 5/23
Academic research into wide area networks can be broken down into three areas: mathematical
models, network emulation and network simulation.
Performance improvements are sometimes delivered via wide area file services or WAN optimization.
Connection technology options
Several options are available for WAN connectivity:
Option: Description Advantages Disadvantages Bandwidth protocols
Leased
line
Point-to-Point connection between
two computers or Local Area
Networks (LANs)
Most secure Expensive
PPP,
HDLC,
SDLC,
HNAS
Circuit
switching
A dedicated circuit path is createdbetween end points. Best example
is dialup connections
Less Expensive Call Setup28 - 144
kbit/sPPP, ISDN
Packet
switching
Devices transport packets via a
shared single point-to-point or
point-to-multipoint link across a
carrier internetwork. Variable
length packets are transmitted over
Permanent Virtual Circuits (PVC) or
Switched Virtual Circuits (SVC)
Shared media
across link
X.25
Frame-
Relay
Cell relay
Similar to packet switching, but
uses fixed length cells instead of
variable length packets. Data is
divided into fixed-length cells and
then transported across virtual
circuits
Best for
simultaneous
use of voice and
data
Overhead can be
considerableATM
Transmission rates usually range from 1200 bit/s to 24 Mbit/s, although some connections such as ATM
and Leased lines can reach speeds greater than 156 Mbit/s. Typical communication links used in WANs
are telephone lines, microwave links & satellite channels.Recently with the proliferation of low cost of
Internet connectivity many companies and organizations have turned to VPN to interconnect their
networks, creating a WAN in that way. Companies such as Cisco, New Edge Networks and Check Point
offer solutions to create VPN networks.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 6/23
A virtual private network
(VPN) is a network that uses primarily public telecommunication infrastructure, such as the Internet, to
provide remote offices or traveling users access to a central organizational network.VPNs typically
require remote users of the network to be authenticated, and often secure data with encryption
technologies to prevent disclosure of private information to unauthorized parties.VPNs may serve anynetwork functionality that is found on any network, such as sharing of data and access to network
resources, printers, databases, websites, etc. A VPN user typically experiences the central network in a
manner that is identical to being connected directly to the central network. VPN technology via the
public Internet has replaced the need to requisition and maintain expensive dedicated leased-line
telecommunication circuits once
History
Until the end of the 1990s, networked computers were connected through expensive leased lines
and/or dial-up phone lines.Virtual Private Networks reduce network costs because they avoid a need for
physical leased lines that individually connect remote offices (or remote users) to a private Intranet
(internal network). Users can exchange private data securely, making the expensive leased lines
unnecessary.Different VPN systems can include a lot of variation, such as:
The protocols they use to tunnel the traffic
The tunnel's termination point, i.e., customer edge or network provider edge
Whether they offer site-to-site or remote access connectivity
The levels of security provided
The OSI layer they present to the connecting network, such as Layer 2 circuits or Layer 3 network
connectivity
Some classification schemes are discussed in the following sections. VPN technology used in 1990. VPN
stands for virtual private network. There are two protocols in use in VPN:
Transparent mode
used in remote technology
Tunnel mode
used in local network
Security mechanisms
Secure VPNs use cryptographic tunneling protocols to provide confidentiality by blocking intercepts and
packet sniffing, allowing sender authentication to block identity spoofing, and provide message integrity
by preventing message alteration.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 7/23
Secure VPN protocols include the following:
IPsec (Internet Protocol Security) was developed by the Internet Engineering Task Force (IETF), and was
initially developed for IPv6, which requires it. This standards-based security protocol is also widely used
with IPv4. Layer 2 Tunneling Protocol frequently runs over IPsec. Its design meet the most security goals-
authentication, integrity, and confidentiality. IPsec functions by summarizing an IP packet in conjunctionwith a surrounding packet, and encrypting the outcome.
Transport Layer Security (SSL/TLS) can tunnel an entire network's traffic, as it does in the OpenVPN
project, or secure an individual connection. A number of vendors provide remote access VPN capabilities
through SSL. An SSL VPN can connect from locations where IPsec runs into trouble with Network
Address Translation and firewall rules.
Datagram Transport Layer Security (DTLS), is used in Cisco's next-generation VPN product, Cisco
AnyConnect VPN, to solve the issues SSL/TLS has with tunneling over UDP.
Microsoft Point-to-Point Encryption (MPPE) works with their Point-to-Point Tunneling Protocol and inseveral compatible implementations on other platforms.
Microsoft introduced Secure Socket Tunneling Protocol (SSTP) in Windows Server 2008 and Windows
Vista Service Pack 1. SSTP tunnels Point-to-Point Protocol (PPP) or Layer 2 Tunneling Protocol traffic
through an SSL 3.0 channel.
MPVPN (Multi Path Virtual Private Network). Ragula Systems Development Company owns the
registered trademark "MPVPN".[2]
Secure Shell (SSH) VPN -- OpenSSH offers VPN tunneling to secure remote connections to a network or
inter-network links. This should not be confused with port forwarding. OpenSSH server provides alimited number of concurrent tunnels and the VPN feature itself does not support personal
authentication.[3][4][5]
[edit] Authentication
Tunnel endpoints must authenticate before secure VPN tunnels can be established.
User-created remote access VPNs may use passwords, biometrics, two-factor authentication or other
cryptographic methods.
Network-to-network tunnels often use passwords or digital certificates, as they permanently store thekey to allow the tunnel to establish automatically and without intervention from the user.
[edit] Routing
Tunneling protocols can be used in a point-to-point topology that would theoretically not be considered
a VPN, because a VPN by definition is expected to support arbitrary and changing sets of network nodes.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 8/23
But since most router implementations support a software-defined tunnel interface, customer-
provisioned VPNs often are simply defined tunnels running conventional routing protocols.
[edit] PPVPN Building blocks
Depending on whether the PPVPN runs in layer 2 or layer 3, the building blocks described below may be
L2 only, L3 only, or combine them both. Multiprotocol Label Switching (MPLS) functionality blurs the L2-
L3 identity.
RFC 4026 generalized the following terms to cover L2 and L3 VPNs, but they were introduced in RFC
2547.[6]
Customer edge device. (CE)
A device at the customer premises, that provides access to the PPVPN. Sometimes it's just a
demarcation point between provider and customer responsibility. Other providers allow customers to
configure it.
Provider edge device (PE)
A PE is a device, or set of devices, at the edge of the provider network, that presents the provider's view
of the customer site. PEs are aware of the VPNs that connect through them, and maintain VPN state.
Provider device (P)
A P device operates inside the provider's core network, and does not directly interface to any customer
endpoint. It might, for example, provide routing for many provider-operated tunnels that belong to
different customers' PPVPNs. While the P device is a key part of implementing PPVPNs, it is not itself
VPN-aware and does not maintain VPN state. Its principal role is allowing the service provider to scale its
PPVPN offerings, as, for example, by acting as an aggregation point for multiple PEs. P-to-P connections,
in such a role, often are high-capacity optical links between major locations of provider.
[edit] User-visible PPVPN services
This section deals with the types of VPN considered in the IETF; some historical names were replaced by
these terms.
[edit] OSI Layer 1 services
[edit] Virtual private wire and private line services (VPWS and VPLS)
In both of these services, the service provider does not offer a full routed or bridged network, but
provides components to build customer-administered networks. VPWS are point-to-point while VPLS
can be point-to-multipoint. They can be Layer 1 emulated circuits with no data link structure.
The customer determines the overall customer VPN service, which also can involve routing, bridging, or
host network elements.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 9/23
An unfortunate acronym confusion can occur between Virtual Private Line Service and Virtual Private
LAN Service; the context should make it clear whether "VPLS" means the layer 1 virtual private line or
the layer 2 virtual private LAN.
[edit] OSI Layer 2 services
Virtual LAN
A Layer 2 technique that allows for the coexistence of multiple LAN broadcast domains, interconnected
via trunks using the IEEE 802.1Q trunking protocol. Other trunking protocols have been used but have
become obsolete, including Inter-Switch Link (ISL), IEEE 802.10 (originally a security protocol but a
subset was introduced for trunking), and ATM LAN Emulation (LANE).
Virtual private LAN service (VPLS)
Developed by IEEE, VLANs allow multiple tagged LANs to share common trunking. VLANs frequently
comprise only customer-owned facilities. The former[clarification needed] is a layer 1 technology that
supports emulation of both point-to-point and point-to-multipoint topologies. The method discussed
here extends Layer 2 technologies such as 802.1d and 802.1q LAN trunking to run over transports such
as Metro Ethernet.
As used in this context, a VPLS is a Layer 2 PPVPN, rather than a private line, emulating the full
functionality of a traditional local area network (LAN). From a user standpoint, a VPLS makes it possible
to interconnect several LAN segments over a packet-switched, or optical, provider core; a core
transparent to the user, making the remote LAN segments behave as one single LAN.[7]
In a VPLS, the provider network emulates a learning bridge, which optionally may include VLAN service.
Pseudo wire (PW)
PW is similar to VPWS, but it can provide different L2 protocols at both ends. Typically, its interface is a
WAN protocol such as Asynchronous Transfer Mode or Frame Relay. In contrast, when aiming to provide
the appearance of a LAN contiguous between two or more locations, the Virtual Private LAN service or
IPLS would be appropriate.
IP-only LAN-like service (IPLS)
A subset of VPLS, the CE devices must have L3 capabilities; the IPLS presents packets rather than frames.
It may support IPv4 or IPv6.
[edit] OSI Layer 3 PPVPN architectures
This section discusses the main architectures for PPVPNs, one where the PE disambiguates duplicate
addresses in a single routing instance, and the other, virtual router, in which the PE contains a virtual
router instance per VPN. The former approach, and its variants, have gained the most attention.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 10/23
One of the challenges of PPVPNs involves different customers using the same address space, especially
the IPv4 private address space.[8] The provider must be able to disambiguate overlapping addresses in
the multiple customers' PPVPNs.
BGP/MPLS PPVPN
In the method defined by RFC 2547, BGP extensions advertise routes in the IPv4 VPN address family,
which are of the form of 12-byte strings, beginning with an 8-byte Route Distinguisher (RD) and ending
with a 4-byte IPv4 address. RDs disambiguate otherwise duplicate addresses in the same PE.
PEs understand the topology of each VPN, which are interconnected with MPLS tunnels, either directly
or via P routers. In MPLS terminology, the P routers are Label Switch Routers without awareness of
VPNs.
Virtual router PPVPN
The Virtual Router architecture,[9][10] as opposed to BGP/MPLS techniques, requires no modification to
existing routing protocols such as BGP. By the provisioning of logically independent routing domains, the
customer operating a VPN is completely responsible for the address space. In the various MPLS tunnels,
the different PPVPNs are disambiguated by their label, but do not need routing distinguishers.
Virtual router architectures do not need to disambiguate addresses, because rather than a PE router
having awareness of all the PPVPNs, the PE contains multiple virtual router instances, which belong to
one and only one VPN.
[edit] Plaintext tunnels
Main article: Tunneling protocol
Some virtual networks may not use encryption to protect the data contents. While VPNs often provide
security, an unencrypted overlay network does not neatly fit within the secure or trusted categorization.
For example a tunnel set up between two hosts that used Generic Routing Encapsulation (GRE) would in
fact be a virtual private network, but neither secure nor trusted.
Besides the GRE example above, native plaintext tunneling protocols include Layer 2 Tunneling Protocol
(L2TP) when it is set up without IPsec and Point-to-Point Tunneling Protocol (PPTP) or Microsoft Point-
to-Point Encryption (MPPE).
[edit] Trusted delivery networks
Trusted VPNs do not use cryptographic tunneling, and instead rely on the security of a single provider's
network to protect the traffic.
Multi-Protocol Label Switching (MPLS) is often used to overlay VPNs, often with quality-of-service
control over a trusted delivery network.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 11/23
Layer 2 Tunneling Protocol (L2TP)[11] which is a standards-based replacement, and a compromise taking
the good features from each, for two proprietary VPN protocols: Cisco's Layer 2 Forwarding (L2F)[12]
(obsolete as of 2009[update]) and Microsoft's Point-to-Point Tunneling Protocol (PPTP).[13]
From the security standpoint, VPNs either trust the underlying delivery network, or must enforce
security with mechanisms in the VPN itself. Unless the trusted delivery network runs among physicallysecure sites only, both trusted and secure models need an authentication mechanism for users to gain
access to the VPN.
[edit] VPNs in mobile environments
Main article: Mobile virtual private network
Mobile VPNs are used in a setting where an endpoint of the VPN is not fixed to a single IP address, but
instead roams across various networks such as data networks from cellular carriers or between multiple
Wi-Fi access points.[14] Mobile VPNs have been widely used in public safety, where they give law
enforcement officers access to mission-critical applications, such as computer-assisted dispatch andcriminal databases, while they travel between different subnets of a mobile network.[15] They are also
used in field service management and by healthcare organizations,[16] among other industries.
Increasingly, mobile VPNs are being adopted by mobile professionals and white-collar workers who
need reliable connections.[16] They are used for roaming seamlessly across networks and in and out of
wireless-coverage areas without losing application sessions or dropping the secure VPN session. A
conventional VPN cannot survive such events because the network tunnel is disrupted, causing
applications to disconnect, time out,[14] or fail, or even cause the computing device itself to crash.[16]
Instead of logically tying the endpoint of the network tunnel to the physical IP address, each tunnel is
bound to a permanently associated IP address at the device. The mobile VPN software handles the
necessary network authentication and maintains the network sessions in a manner transparent to the
application and the user.[14] The Host Identity Protocol (HIP), under study by the Internet Engineering
Task Force, is designed to support mobility of hosts by separating the role of IP addresses for host
identification from their locator functionality in an IP network. With HIP a mobile host maintains its
logical connections established via the host identity identifier while associating with different IP
addresses when roaming between access networks.
Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing devices
on IP networks. Devices that typically support SNMP include routers, switches, servers, workstations,
printers, modem racks, and more.”[1] It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of
the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of
standards for network management, including an application layer protocol, a database schema, and a
set of data objects.[2]
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 12/23
SNMP exposes management data in the form of variables on the managed systems, which describe the
system configuration. These variables can then be queried (and sometimes set) by managing
applications.
Protocol details
SNMP operates in the Application Layer of the Internet Protocol Suite (Layer 7 of the OSI model). The
SNMP agent receives requests on UDP port 161. The manager may send requests from any available
source port to port 161 in the agent. The agent response will be sent back to the source port on the
manager. The manager receives notifications (Traps and InformRequests) on port 162. The agent may
generate notifications from any available port.
SNMPv1 specifies five core protocol data units (PDUs). Two other PDUs, GetBulkRequest and
InformRequest were added in SNMPv2 and carried over to SNMPv3.
All SNMP PDUs are constructed as follows:
IP
header
UDP
headerversion community
PDU-
type
request-
id
error-
status
error-
index
variable
bindings
The seven SNMP protocol data units (PDUs) are as follows:
[edit] GetRequest
A manager-to-agent request to retrieve the value of a variable or list of variables. Desired variables are
specified in variable bindings (values are not used). Retrieval of the specified variable values is to be
done as an atomic operation by the agent. A Response with current values is returned.
[edit] SetRequest
A manager-to-agent request to change the value of a variable or list of variables. Variable bindings are
specified in the body of the request. Changes to all specified variables are to be made as an atomic
operation by the agent. A Response with (current) new values for the variables is returned.
[edit] GetNextRequest
A manager-to-agent request to discover available variables and their values. Returns a Response with
variable binding for the lexicographically next variable in the MIB. The entire MIB of an agent can be
walked by iterative application of GetNextRequest starting at OID 0. Rows of a table can be read by
specifying column OIDs in the variable bindings of the request.
[edit] GetBulkRequest
Optimized version of GetNextRequest. A manager-to-agent request for multiple iterations of
GetNextRequest. Returns a Response with multiple variable bindings walked from the variable binding
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 13/23
or bindings in the request. PDU specific non-repeaters and max-repetitions fields are used to control
response behavior. GetBulkRequest was introduced in SNMPv2.
[edit] Response
Returns variable bindings and acknowledgement from agent to manager for GetRequest, SetRequest,
GetNextRequest, GetBulkRequest and InformRequest. Error reporting is provided by error-status and
error-index fields. Although it was used as a response to both gets and sets, this PDU was called
GetResponse in SNMPv1.
[edit] Trap
Asynchronous notification from agent to manager. Includes current sysUpTime value, an OID identifying
the type of trap and optional variable bindings. Destination addressing for traps is determined in an
application-specific manner typically through trap configuration variables in the MIB. The format of the
trap message was changed in SNMPv2 and the PDU was renamed SNMPv2-Trap.
[edit] InformRequest
Acknowledged asynchronous notification from manager to manager. This PDU uses the same format as
the SNMPv2 version of Trap. Manager-to-manager notifications were already possible in SNMPv1 (using
a Trap), but as SNMP commonly runs over UDP where delivery is not assured and dropped packets are
not reported, delivery of a Trap was not guaranteed. InformRequest fixes this by sending back an
acknowledgement on receipt. Receiver replies with Response parroting all information in the
InformRequest. This PDU was introduced in SNMPv2.
A virtual local area network, virtual LAN or VLAN, is a group of hosts with a common set of requirements
that communicate as if they were attached to the same broadcast domain, regardless of their physicallocation. A VLAN has the same attributes as a physical local area network (LAN), but it allows for end
stations to be grouped together even if they are not located on the same network switch. VLAN
membership can be configured through software instead of physically relocating devices or connections.
To physically replicate the functions of a VLAN, it would be necessary to install a separate, parallel
collection of network cables and equipment which are kept separate from the primary network.
However unlike a physically separate network, VLANs must share bandwidth; two separate one-gigabit
VLANs using a single one-gigabit interconnection can suffer both reduced throughput and congestion. It
virtualizes VLAN behaviors (configuring switch ports, tagging frames when entering VLAN, lookup MAC
table to switch/flood frames to trunk links, and untagging when exit from VLAN.)
Cisco VLAN Trunking Protocol (VTP)
Main article: VLAN Trunking Protocol
On Cisco Devices, VTP (VLAN Trunking Protocol) maintains VLAN configuration consistency across the
entire network. VTP uses Layer 2 trunk frames to manage the addition, deletion, and renaming of VLANs
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 14/23
on a network-wide basis from a centralized switch in the VTP server mode. VTP is responsible for
synchronizing VLAN information within a VTP domain and reduces the need to configure the same VLAN
information on each switch.
VTP minimizes the possible configuration inconsistencies that arise when changes are made. These
inconsistencies can result in security violations, because VLANs can cross connect when duplicate namesare used. They also could become internally disconnected when they are mapped from one LAN type to
another, for example, Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping
scheme that enables seamless trunking within a network employing mixed-media technologies.
VTP provides the following benefits:
VLAN configuration consistency across the network
Mapping scheme that allows a VLAN to be trunked over mixed media
Accurate tracking and monitoring of VLANs
Dynamic reporting of added VLANs across the network
Plug-and-play configuration when adding new VLANs
As beneficial as VTP can be, it does have disadvantages that are normally related to the spanning tree
protocol (STP) as a bridging loop propagating throughout the network can occur. Cisco switches run an
instance of STP for each VLAN, and since VTP propagates VLANs across the campus LAN, VTP effectively
creates more opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will be propagated via VTP, a VTP domain must first be set up.
A VTP domain for a network is a set of all contiguously trunked switches with the same VTP domain
name. All switches in the same management domain share their VLAN information with each other, and
a switch can participate in only one VTP management domain. Switches in different domains do not
share VTP information.
Using VTP, each Catalyst Family Switch advertises the following on its trunk ports:
Management domain
Configuration revision number
Known VLANs and their specific parameters
In computer networking, a wireless access point (WAP) is a device that allows wireless devices to
connect to a wired network using Wi-Fi, Bluetooth or related standards. The WAP usually connects to a
router (via a wired network), and can relay data between the wireless devices (such as computers or
printers) and wired devices on the network.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 15/23
Industrial grade WAPs are rugged, with a metal cover and a DIN rail mount. During operations they can
tolerate a wider temperature range, high humidity and exposure to water, dust, and oil. Wireless
security includes: WPA-PSK, WPA2, IEEE 802.1x/RADIUS, WDS, WEP, TKIP, and CCMP (AES) encryption.
Unlike some home consumer models, industrial wireless access points can also act as a bridge, router, or
a client.
Wireless access point vs. ad hoc network
Some people confuse Wireless Access Points with Wireless Ad Hoc networks. An Ad Hoc network uses a
connection between two or more devices without using a wireless access point: the devices
communicate directly when in range. An Ad Hoc network is used in situations such as a quick data
exchange or a multiplayer LAN game because setup is easy and does not require an access point. Due to
its peer-to-peer layout, Ad Hoc connections are similar to Bluetooth ones and are generally not
recommended for a permanent installation.
Internet access via Ad Hoc networks, using features like Windows' Internet Connection Sharing, may
work well with a small number of devices that are close to each other, but Ad Hoc networks don't scale
well. Internet traffic will converge to the nodes with direct internet connection, potentially congesting
these nodes. For internet-enabled nodes, Access Points have a clear advantage, with the possibility of
having multiple access points connected by a wired LAN.
[edit] Limitations
One IEEE 802.11 WAP can typically communicate with 30 client systems located within a radius of
103 m.[citation needed] However, the actual range of communication can vary significantly, depending
on such variables as indoor or outdoor placement, height above ground, nearby obstructions, other
electronic devices that might actively interfere with the signal by broadcasting on the same frequency,type of antenna, the current weather, operating radio frequency, and the power output of devices.
Network designers can extend the range of WAPs through the use of repeaters and reflectors, which can
bounce or amplify radio signals that ordinarily would go un-received. In experimental conditions,
wireless networking has operated over distances of several hundred kilometers.[1]
Most jurisdictions have only a limited number of frequencies legally available for use by wireless
networks. Usually, adjacent WAPs will use different frequencies (Channels) to communicate with their
clients in order to avoid interference between the two nearby systems. Wireless devices can "listen" for
data traffic on other frequencies, and can rapidly switch from one frequency to another to achieve
better reception. However, the limited number of frequencies becomes problematic in crowded
downtown areas with tall buildings using multiple WAPs. In such an environment, signal overlap
becomes an issue causing interference, which results in signal droppage and data errors.
Wireless networking lags behind wired networking in terms of increasing bandwidth and throughput.
While (as of 2010) typical wireless devices for the consumer market can reach speeds of 300 Mbit/s
(megabits per second) (IEEE 802.11n) or 54 Mbit/s (IEEE 802.11g), wired hardware of similar cost
reaches 1000 Mbit/s (Gigabit Ethernet). One impediment to increasing the speed of wireless
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 16/23
communications comes from Wi-Fi's use of a shared communications medium, so a WAP is only able to
use somewhat less than half the actual over-the-air rate for data throughput. Thus a typical 54 MBit/s
wireless connection actually carries TCP/IP data at 20 to 25 Mbit/s. Users of legacy wired networks
expect faster speeds, and people using wireless connections keenly want to see the wireless networks
catch up.
By 2008 draft 802.11n based access points and client devices have already taken a fair share of the
market place but with inherent problems integrating products from different vendors.
[edit] Security
Main article: Wireless LAN Security
Wireless access has special security considerations. Many wired networks base the security on physical
access control, trusting all the users on the local network, but if wireless access points are connected to
the network, anyone on the street or in the neighboring office could connect.
The most common solution is wireless traffic encryption. Modern access points come with built-in
encryption. The first generation encryption scheme WEP proved easy to crack; the second and third
generation schemes, WPA and WPA2, are considered secure if a strong enough password or passphrase
is used.
Some WAPs support hotspot style authentication using RADIUS and other authentication servers.
A wireless repeater is a computer networking device which acts as a repeater between a wireless router
and computers. Typical use of a wireless repeater is to add one when your computer is too far away
from any of the buildings' other wireless access points. If set up properly it will then extend the range of
the local wireless network. The open source firmware DD-WRT enables home network routers tofunction as wireless repeaters. These have also been called wireless expanders, depending on culture
and country.
Gigabit Ethernet (GbE or 1 GigE) is a term describing various technologies for transmitting Ethernet
frames at a rate of a gigabit per second (1,000,000,000 bits per second), as defined by the IEEE 802.3-
2008 standard. It came into use beginning in 1999, gradually supplanting Fast Ethernet in wired local
networks where it performed considerably faster. The cables and equipment are very similar to previous
standards, and as of 2011 are very common and economical.
Half-duplex gigabit links connected through hubs are allowed by the specification but in the marketplace
full-duplex with switches is normal.
A network switch or switching hub is a computer networking device that connects network segments.
The term commonly refers to a multi-port network bridge that processes and routes data at the data
link layer (layer 2) of the OSI model. Switches that additionally process data at the network layer (Layer
3) and above are often referred to as Layer 3 switches or multilayer switches.
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 17/23
Function
The network switch plays an integral part in most modern Ethernet local area networks (LANs). Mid-to-
large sized LANs contain a number of linked managed switches. Small office/home office (SOHO)
applications typically use a single switch, or an all-purpose converged device such as a gateway to access
small office/home broadband services such as DSL or cable internet. In most of these cases, the end-user device contains a router and components that interface to the particular physical broadband
technology. User devices may also include a telephone interface for VoIP.
An Ethernet switch operates at the data link layer of the OSI model to create a separate collision domain
for each switch port. With 4 computers (e.g., A, B, C, and D) on 4 switch ports, A and B can transfer data
back and forth, while C and D also do so simultaneously, and the two conversations will not interfere
with one another. In the case of a hub, they would all share the bandwidth and run in half duplex,
resulting in collisions, which would then necessitate retransmissions. Using a switch is called
microsegmentation. This allows computers to have dedicated bandwidth on a point-to-point
connections to the network and to therefore run in full duplex without collisions.
[edit] Role of switches in networks
Switches may operate at one or more layers of the OSI model, including data link, network, or transport
(i.e., end-to-end). A device that operates simultaneously at more than one of these layers is known as a
multilayer switch.
In switches intended for commercial use, built-in or modular interfaces make it possible to connect
different types of networks, including Ethernet, Fibre Channel, ATM, ITU-T G.hn and 802.11. This
connectivity can be at any of the layers mentioned. While Layer 2 functionality is adequate for
bandwidth-shifting within one technology, interconnecting technologies such as Ethernet and token ring are easier at Layer 3.
Interconnection of different Layer 3 networks is done by routers. If there are any features that
characterize "Layer-3 switches" as opposed to general-purpose routers, it tends to be that they are
optimized, in larger switches, for high-density Ethernet connectivity.
In some service provider and other environments where there is a need for a great deal of analysis of
network performance and security, switches may be connected between WAN routers as places for
analytic modules. Some vendors provide firewall,[2][3] network intrusion detection,[4] and performance
analysis modules that can plug into switch ports. Some of these functions may be on combined
modules.[5]
In other cases, the switch is used to create a mirror image of data that can go to an external device.
Since most switch port mirroring provides only one mirrored stream, network hubs can be useful for
fanning out data to several read-only analyzers, such as intrusion detection systems and packet sniffers.
[edit] Layer-specific functionality
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 18/23
Main article: Multilayer switch
A modular network switch with three network modules (a total of 24 Ethernet and 14 Fast Ethernet
ports) and one power supply.
While switches may learn about topologies at many layers, and forward at one or more layers, they do
tend to have common features. Other than for high-performance applications, modern commercial
switches use primarily Ethernet interfaces, which can have different input and output bandwidths of 10,
100, 1000 or 10,000 megabits per second.
At any layer, a modern switch may implement power over Ethernet (PoE), which avoids the need for
attached devices, such as an VoIP phone or wireless access point, to have a separate power supply.
Since switches can have redundant power circuits connected to uninterruptible power supplies, the
connected device can continue operating even when regular office power fails.
[edit] Layer 1 hubs versus higher-layer switches
A network hub, or repeater, is a simple network device. Hubs do not manage any of the traffic that
comes through them. Any packet entering a port is broadcast out or "repeated" on every other port,
except for the port of entry. Since every packet is repeated on every other port, packet collisions affect
the entire network, limiting its capacity.
There are specialized applications where a hub can be useful, such as copying traffic to multiple network
sensors. High end switches have a feature which does the same thing called port mirroring.
By the early 2000s, there was little price difference between a hub and a low-end switch.[6]
[edit] Layer 2
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 19/23
A network bridge, operating at the data link layer, may interconnect a small number of devices in a
home or the office. This is a trivial case of bridging, in which the bridge learns the MAC address of each
connected device.
Single bridges also can provide extremely high performance in specialized applications such as storage
area networks.
Classic bridges may also interconnect using a spanning tree protocol that disables links so that the
resulting local area network is a tree without loops. In contrast to routers, spanning tree bridges must
have topologies with only one active path between two points. The older IEEE 802.1D spanning tree
protocol could be quite slow, with forwarding stopping for 30 seconds while the spanning tree would
reconverge. A Rapid Spanning Tree Protocol was introduced as IEEE 802.1w, but the newest edition of
IEEE 802.1D adopts the 802.1w extensions as the base standard.
The IETF is specifying the TRILL protocol, which is the application of link-state routing technology to the
layer-2 bridging problem. Devices which implement TRILL, called RBridges, combine the best features of
both routers and bridges.
While "layer 2 switch" remains more of a marketing term than a technical term,[citation needed] the
products that were introduced as "switches" tended to use microsegmentation and Full duplex to
prevent collisions among devices connected to Ethernet. By using an internal forwarding plane much
faster than any interface, they give the impression of simultaneous paths among multiple devices.
Once a bridge learns the topology through a spanning tree protocol, it forwards data link layer frames
using a layer 2 forwarding method. There are four forwarding methods a bridge can use, of which the
second through fourth method were performance-increasing methods when used on "switch" products
with the same input and output port bandwidths:
Store and forward: The switch buffers and verifies each frame before forwarding it.
Cut through: The switch reads only up to the frame's hardware address before starting to forward it.
Cut-through switches have to fall back to store and forward if the outgoing port is busy at the time the
packet arrives. There is no error checking with this method.
Fragment free: A method that attempts to retain the benefits of both store and forward and cut
through. Fragment free checks the first 64 bytes of the frame, where addressing information is stored.
According to Ethernet specifications, collisions should be detected during the first 64 bytes of the frame,
so frames that are in error because of a collision will not be forwarded. This way the frame will alwaysreach its intended destination. Error checking of the actual data in the packet is left for the end device.
Adaptive switching: A method of automatically selecting between the other three modes.
While there are specialized applications, such as storage area networks, where the input and output
interfaces are the same bandwidth, this is rarely the case in general LAN applications. In LANs, a switch
used for end user access typically concentrates lower bandwidth (e.g., 10/100 Mbit/s) into a higher
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 20/23
bandwidth (at least 1 Gbit/s). Alternatively, a switch that provides access to server ports usually
connects to them at a much higher bandwidth than is used by end user devices.
[edit] Layer 3
Within the confines of the Ethernet physical layer, a layer 3 switch can perform some or all of the
functions normally performed by a router. The most common layer-3 capability is awareness of IP
multicast through IGMP snooping. With this awareness, a layer-3 switch can increase efficiency by
delivering the traffic of a multicast group only to ports where the attached device has signaled that it
wants to listen to that group.
[edit] Layer 4
While the exact meaning of the term Layer-4 switch is vendor-dependent, it almost always starts with a
capability for network address translation, but then adds some type of load distribution based on TCP
sessions.[7]
The device may include a stateful firewall, a VPN concentrator, or be an IPSec security gateway.
[edit] Layer 7
Layer 7 switches may distribute loads based on URL or by some installation-specific technique to
recognize application-level transactions. A Layer-7 switch may include a web cache and participate in a
content delivery network.[8]
The Internet Protocol Suite is the set of communications protocols used for the Internet and other
similar networks. It is commonly also known as TCP/IP named from two of the most important protocols
in it: the Transmission Control Protocol (TCP) and the Internet Protocol (IP), which were the first two
networking protocols defined in this standard. Modern IP networking represents a synthesis of several
developments that began to evolve in the 1960s and 1970s, namely the precursors of the Internet and
local area networks, which emerged during the 1980s, together with the advent of the World Wide Web
in the early 1990s.
The Internet Protocol Suite classifies its methods and protocols into four hierarchical abstraction layers.
From the lowest to the highest communication layer, these are the Link Layer, the Internet Layer, the
Transport Layer, and the Application Layer.[1][2] The layers define the operational scope or reach of the
protocols in each layer, reflected loosely in the layer names. Each layer has functionality that solves a set
of problems relevant in its scope.
The Link Layer contains communication technologies for the local network to which the host is
connected directly by hardware components. This is called the link. It provides the basic connectivity
functions interacting with the networking hardware of the computer and the associated management of
interface-to-interface messaging. The Internet Layer provides communication methods between
multiple links of a computer and facilitates the interconnection of networks. As such, this layer
establishes the Internet. It contains primarily the Internet Protocol, which defines the fundamental
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 21/23
addressing namespaces, Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6) used to
identify and locate hosts on the network. Host-to-host communication tasks are handled in the
Transport Layer, which provides a general application-agnostic framework to transmit data between
hosts using protocols like the Transmission Control Protocol and the User Datagram Protocol (UDP).
Finally, the highest-level Application Layer contains all protocols that are defined each specifically for
the functioning of the vast array of data communications services. This layer handles application-based
interaction, with recognition of application-specific data formats, on a process-to-process level between
communicating Internet hosts
Internet Protocol Suite
Application Layer
BGP · DHCP · DNS · FTP · HTTP · IMAP · IRC · LDAP ·
MGCP · NNTP · NTP · POP · RIP · RPC · RTP · SIP ·SMTP · SNMP · SOCKS · SSH · Telnet · TLS/SSL ·
XMPP · (more)
Transport Layer
TCP · UDP · DCCP · SCTP · RSVP · ECN · (more)
Internet Layer
IP (IPv4, IPv6) · ICMP · ICMPv6 · IGMP · IPsec ·
(more)
Link Layer
ARP/InARP · NDP · OSPF · Tunnels (L2TP) · PPP ·
Media Access Control (Ethernet, DSL, ISDN, FDDI)
Border Gateway Protocol
From Wikipedia, the free encyclopedia
(Redirected from BGP)
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 22/23
Jump to: navigation, search
"BGP" redirects here. For the Formula One Team, see Brawn GP.
The Border Gateway Protocol (BGP) is the protocol backing the core routing decisions on the Internet. It
maintains a table of IP networks or 'prefixes' which designate network reachability among autonomous
systems (AS). It is described as a path vector protocol. BGP does not use traditional Interior Gateway
Protocol (IGP) metrics, but makes routing decisions based on path, network policies and/or rulesets. For
this reason, it is more appropriately termed a reachability protocol rather than routing protocol.
BGP was created to replace the Exterior Gateway Protocol (EGP) protocol to allow fully decentralized
routing in order to transition from the core ARPAnet model to a decentralized system that included the
NSFNET backbone and its associated regional networks. This allowed the Internet to become a truly
decentralized system. Since 1994, version four of the BGP has been in use on the Internet. All previous
versions are now obsolete. The major enhancement in version 4 was support of Classless Inter-Domain
Routing and use of route aggregation to decrease the size of routing tables. Since January 2006, version
4 is codified in RFC 4271, which went through more than 20 drafts based on the earlier RFC 1771 version
4. RFC 4271 version corrected a number of errors, clarified ambiguities and brought the RFC much closer
to industry practices.
Most Internet service providers must use BGP to establish routing between one another (especially if
they are multihomed). Therefore, even though most Internet users do not use it directly, BGP is one of
the most important protocols of the Internet. Compare this with Signaling System 7 (SS7), which is the
inter-provider core call setup protocol on the PSTN. Very large private IP networks use BGP internally.
An example would be the joining of a number of large OSPF (Open Shortest Path First) networks where
OSPF by itself would not scale to size. Another reason to use BGP is multihoming a network for better
redundancy either to multiple access points of a single ISP (RFC 1998) or to multiple ISPs.
Open Shortest Path First
From Wikipedia, the free encyclopedia
(Redirected from OSPF)
Jump to: navigation, search
Open Shortest Path First (OSPF) is an adaptive routing protocol for Internet Protocol (IP) networks. It
uses a link state routing algorithm and falls into the group of interior routing protocols, operating within
a single autonomous system (AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4.[1] The
updates for IPv6 are specified as OSPF Version 3 in RFC 5340 (2008).[2] Research into the convergence
time of OSPF can be found in Stability Issues in OSPF Routing (2001).[3]
OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large enterprise networks. IS-IS,
another link-state routing protocol, is more common in large service provider networks. The most
7/29/2019 Avaya PhoneAwaya fone
http://slidepdf.com/reader/full/avaya-phoneawaya-fone 23/23
widely-used exterior gateway protocol is the Border Gateway Protocol (BGP), the principal routing
protocol between autonomous systems on the Internet.