wide area networks

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—5-1

Introducing Wide-Area Networks


Outline

• Overview

• WAN Overview

• WAN Connection Types

• WAN Components

• WAN Cabling

• Layer 2 Encapsulation Protocols

• Summary


WAN Overview

• WANs connect remote sites.

• Connection requirements vary depending on user requirements, cost, and availability.


WAN Overview

A WAN is a data communications network that operates beyond the geographical scope of a LAN.WANs use facilities provided by a service provider, or carrier, such as a telephone or cable company. They connect the locations of an organization to each other, to locations of other organizations, to external services, and to remote users. WANs generally carry a variety of traffic types, such as voice, data, and video.WAN connections are made up of many types of equipment and components.data communications equipment (DCE) terminates a connection between two sites and provides clocking and synchronization for that connection; it connects to data termination equipment (DTE). A DTE is an end-user device, such as a router or PC, which connects to the WAN via the DCE.

A WAN is a data communications network that operates beyond the geographical scope of a LAN.WANs use facilities provided by a service provider, or carrier, such as a telephone or cable company. They connect the locations of an organization to each other, to locations of other organizations, to external services, and to remote users. WANs generally carry a variety of traffic types, such as voice, data, and video.WAN connections are made up of many types of equipment and components.data communications equipment (DCE) terminates a connection between two sites and provides clocking and synchronization for that connection; it connects to data termination equipment (DTE). A DTE is an end-user device, such as a router or PC, which connects to the WAN via the DCE.


WAN Terms

Term Definition

Customer premises equipment (CPE)

Your network's equipment, which includes the DCE (modem, NT1, CSU/ DSU) and your DTE (router, access server)

Demarcation point Where the responsibility of the carrier is passed on to you; this could be inside or outside your local facility; note that this is a

logical boundary, not necessarily a physical boundary

Local loop The connection from the carrier's switching equipment to the demarcation point

Central office (CO) switch The carrier's switch within the toll network

Toll network The carrier's internal infrastructure for transporting your data


WAN Terms

Customer premises equipment (CPE)Customer premises equipment (CPE) is equipment that's owned by the subscriber and located on the subscriber’s premises.

Demarcation pointThe demarcation point is the precise spot where the service provider’s responsibility ends and the CPE begins. It’s generally a device in a telecommunications closet owned and installed by the telecommunications company (telco). It’s your responsibility to cable (extended demarc) from this box to the CPE, which is usually a connection to a CSU/DSU or ISDN interface.

Local loopThe local loop connects the demarc to the closest switching office, which is called a central office.

Customer premises equipment (CPE)Customer premises equipment (CPE) is equipment that's owned by the subscriber and located on the subscriber’s premises.

Demarcation pointThe demarcation point is the precise spot where the service provider’s responsibility ends and the CPE begins. It’s generally a device in a telecommunications closet owned and installed by the telecommunications company (telco). It’s your responsibility to cable (extended demarc) from this box to the CPE, which is usually a connection to a CSU/DSU or ISDN interface.

Local loopThe local loop connects the demarc to the closest switching office, which is called a central office.


WAN Terms

Central office (CO)This point connects the customer’s network to the provider’s switching network.

Toll networkThe toll network is a trunk line inside a WAN provider’s network. This network is a collection of switches and facilities owned by the ISP. Definitely familiarize yourself with these terms because they’re crucial to understanding WAN technologies.

Central office (CO)This point connects the customer’s network to the provider’s switching network.

Toll networkThe toll network is a trunk line inside a WAN provider’s network. This network is a collection of switches and facilities owned by the ISP. Definitely familiarize yourself with these terms because they’re crucial to understanding WAN technologies.


WAN Terms + Encapsulation method

wide-area networking can be broken into three categories:•Leased line •Circuit switched •Packet switched

Encapsulation methodsPPPHDLCFrame-relay

wide-area networking can be broken into three categories:•Leased line •Circuit switched •Packet switched

Encapsulation methodsPPPHDLCFrame-relay


WAN Terms

Leased-Line ConnectionsIn lease line, you get your very own piece of wire from your location to the service provider's network. This is good because no other customer can affect your line, as can be the case with other WAN services. You have a lot of control over this circuit to do things such as Quality of Service and other traffic management. The downside is that a leased line is expensive and gets a lot more expensive if you need to connect offices that are far apart.These are usually referred to as a point-to-point or dedicated connection. A leased line is a pre-established WAN communications path that goes from the CPE through the DCE switch, then over to the CPE of the remote site.•The distance between the two sites is small, •making them cost-effective. •You have a constant amount of •traffic between two sites and need to •guarantee bandwidth for certain applications

Leased-Line ConnectionsIn lease line, you get your very own piece of wire from your location to the service provider's network. This is good because no other customer can affect your line, as can be the case with other WAN services. You have a lot of control over this circuit to do things such as Quality of Service and other traffic management. The downside is that a leased line is expensive and gets a lot more expensive if you need to connect offices that are far apart.These are usually referred to as a point-to-point or dedicated connection. A leased line is a pre-established WAN communications path that goes from the CPE through the DCE switch, then over to the CPE of the remote site.•The distance between the two sites is small, •making them cost-effective. •You have a constant amount of •traffic between two sites and need to •guarantee bandwidth for certain applications


WAN Terms

Circuit-Switched ConnectionsA circuit-switched WAN uses the phone company as the service provider, either with analog dial-up or digital ISDN connections. With circuit-switching, if you need to connect to the remote LAN, a call is dialed and a circuit is established; the data is sent across the circuit, and the circuit is taken down when it is no longer needed. Circuit-switched connections include the following types:Asynchronous serial connectionsThese include analog modem dialup connections and the standard telephone system, which is commonly referred to as Plain Old Telephone Service (POTS) by the telephone carriers.Synchronous serial connectionsThese include digital ISDN BRI and PRI dialup connections; they provide guaranteed bandwidth.

Circuit-Switched ConnectionsA circuit-switched WAN uses the phone company as the service provider, either with analog dial-up or digital ISDN connections. With circuit-switching, if you need to connect to the remote LAN, a call is dialed and a circuit is established; the data is sent across the circuit, and the circuit is taken down when it is no longer needed. Circuit-switched connections include the following types:Asynchronous serial connectionsThese include analog modem dialup connections and the standard telephone system, which is commonly referred to as Plain Old Telephone Service (POTS) by the telephone carriers.Synchronous serial connectionsThese include digital ISDN BRI and PRI dialup connections; they provide guaranteed bandwidth.


WAN Terms

Packet-Switched Connections

Packet-switched WAN services allow you to connect to the provider's network in much the same way as a PC connects to a hub: When connected, your traffic is affected by other customers' and theirs by you. This can be an issue sometimes,

but it can be managed. The advantage of this shared-bandwidth technology is that with a single physical connection from your router's serial port, you can establish virtual connections to many other locations around the world.

Packet-switched connections use logical circuits to make connections between two sites. These logical circuits are referred to as virtual circuits (VCs).

So if you have a lot of branch offices and they are far away from the head office, a packet-switched solution is a good idea.

Packet-Switched Connections

Packet-switched WAN services allow you to connect to the provider's network in much the same way as a PC connects to a hub: When connected, your traffic is affected by other customers' and theirs by you. This can be an issue sometimes,

but it can be managed. The advantage of this shared-bandwidth technology is that with a single physical connection from your router's serial port, you can establish virtual connections to many other locations around the world.

Packet-switched connections use logical circuits to make connections between two sites. These logical circuits are referred to as virtual circuits (VCs).

So if you have a lot of branch offices and they are far away from the head office, a packet-switched solution is a good idea.


WAN Terms

X.25

The oldest of these four technologies is X.25, which is an ITU-T standard. X.25 is a network layer protocol that runs across both synchronous and asynchronous physical circuits, providing a lot of flexibility for your connection options.

X.25 was actually developed to run across unreliable medium. It provides error detection and correction, as well as flow control, at both the data link layer (by LAPB) and the network layer (by X.25). In this sense, it performs a function similar to what TCP, at the transport layer, provides for IP.

Because of its overhead, X.25 is best delegated to asynchronous, unreliable connections. If you have a synchronous digital connection, another protocol, such as Frame Relay or ATM, is much more efficient.

X.25

The oldest of these four technologies is X.25, which is an ITU-T standard. X.25 is a network layer protocol that runs across both synchronous and asynchronous physical circuits, providing a lot of flexibility for your connection options.

X.25 was actually developed to run across unreliable medium. It provides error detection and correction, as well as flow control, at both the data link layer (by LAPB) and the network layer (by X.25). In this sense, it performs a function similar to what TCP, at the transport layer, provides for IP.

Because of its overhead, X.25 is best delegated to asynchronous, unreliable connections. If you have a synchronous digital connection, another protocol, such as Frame Relay or ATM, is much more efficient.


WAN Terms

Frame Relay

Frame Relay is a digital packet-switched service that can run only across synchronous digital connections at the data link layer.

Because it uses digital connections (which have very few errors), it does not perform any error correction or flow control as X.25 does.

Frame Relay will, however, detect errors and drops bad frames. It is up to a higher layer protocol, such as TCP, to resend the dropped information.

Frame Relay

Frame Relay is a digital packet-switched service that can run only across synchronous digital connections at the data link layer.

Because it uses digital connections (which have very few errors), it does not perform any error correction or flow control as X.25 does.

Frame Relay will, however, detect errors and drops bad frames. It is up to a higher layer protocol, such as TCP, to resend the dropped information.


WAN Connection Types: Layer 1


• Provider assigns connection parameters to subscriber

Interfacing BetweenWAN Service Providers


Serial Point-to-Point Connections


Typical WAN Encapsulation Protocols: Layer 2


Wireless Data Technologies


Wireless Data Technologies (Cont.)

PAN(Personal Area

Network)

LAN(Local Area Network)

WAN(Wide Area Network)

MAN(Metropolitan Area Network)

PAN LAN MAN WAN

Standards Bluetooth IEEE 802.11a, 802.11b, 802.11g

802.16MMDS, LMDS

GSM, GPRS,CDMA, 2.5–3G

Speed <1 Mbps 1–54+ Mbps 22+ Mbps 10–384 kbps

Range Short Medium Medium–long Long

Applications Peer to peer,device to device

Enterprise networks

Fixed, last-mile access

PDAs, mobilephones, cellular

access


Wireless LAN (WLAN)

• A WLAN is a shared network.

• An access point is a shared device and functions like a shared Ethernet hub.

• Data is transmitted over radio waves.

• Two-way radio communications (half-duplex) are used.

• The same radio frequency is used for sending and receiving (transceiver).


WLAN Evolution

• Warehousing

• Retail

• Health care

• Education

• Businesses

• Home


Unlicensed Frequency Bands

• ISM: Industry, scientific, and medical frequency band

• No license required

• No exclusive use

• Best effort

• Interference possible


Radio Frequency Transmission

• Radio frequencies are radiated into the air via an antenna, creating radio waves.

• Radio waves are absorbed when they are propagated through objects (e.g., walls).

• Radio waves are reflected by objects (e.g., metal surfaces).

• This absorption and reflection can cause areas of low signal strength or low signal quality.


Radio Frequency Transmission

• Higher data rates have a shorter transmission range.

– The receiver needs more signal strength and better SNR to retrieve information.

• Higher transmit power results in greater distance.

• Higher frequencies allow higher data rates.

• Higher frequencies have a shorter transmission range.


WLAN Regulation and Standardization

Regulatory agencies• FCC (United States)

• ETSI (Europe)

Standardization• IEEE 802.11

• http://standards.ieee.org/getieee802/

Certfication of equipment• Wi-Fi Alliance certifies

interoperability between products.

• Certifications include 802.11a, 802.11b, 802.11g, dual-band products, and security testing.

• Certified products can be found at http://www.wi-fi.org.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—5-26© 2005 Cisco Systems, Inc. All rights reserved.

802.11b


802.11b Standard

• Standard was ratified in September 1999

• Operates in the 2.4-GHz band

• Specifies direct sequence spread spectrum (DSSS)

• Specifies four data rates up to 11 Mbps

– 1, 2, 5.5, 11 Mbps

• Provides specifications for vendor interoperability (over the air)

• Defines basic security, encryption, and authentication for the wireless link

• Is the most commonly deployed WLAN standard


Channel Identifier

Channel Center

Frequency

Channel Frequency Range

[MHz]

Regulatory Domain

AmericasEurope, Middle East, and Asia

Japan

1 2412 MHz 2401 – 2423 X X X

2 2417 MHz 2406 – 2428 X X X

3 2422 MHz 2411 – 2433 X X X

4 2427 MHz 2416 – 2438 X X X

5 2432 MHz 2421 – 2443 X X X

6 2437 MHz 2426 – 2448 X X X

7 2442 MHz 2431 – 2453 X X X

8 2447 MHz 2436 – 2458 X X X

9 2452 MHz 2441 – 2463 X X X

10 2457 MHz 2446 – 2468 X X X

11 2462 MHz 2451 – 2473 X X X

12 2467 MHz 2466 – 2478 X X

13 2472 MHz 2471 – 2483 X X

14 2484 MHz 2473 – 2495 X

2.4-GHz Channels


2.4-GHz Channel Use

• Each channel is 22 MHz wide.• North America: 11 channels.• Europe: 13 channels.• There are three nonoverlapping channels: 1, 6, 11.• Using any other channels will cause interference.• Three access points can occupy the same area.


802.11b Access Point Coverage


802.11a


802.11a Standard

• Standard was ratified September 1999

• Operates in the 5-GHz band

• Uses orthogonal frequency-division multiplexing (OFDM)

• Uses eight data rates of up to 54 Mbps

– 6, 9, 12, 18, 24, 36, 48, 54 Mbps

• Has from 12 to 23 nonoverlapping channels (FCC)

• Has up to 19 nonoverlapping channels (ETSI)

• Regulations different across countries

– Transmit (Tx) power control and dynamic frequency selection required (802.11h)


802.11g


802.11g Protection Mechanism

• Problem: 802.11b stations cannot decode 802.11g radio signals.

• 802.11b/g access point communicates with 802.11b clients with max. 11 Mbps.

• 802.11b/g access point communicates with 802.11g clients with max. 54 Mbps.

• 802.11b/g access point activates RTS/CTS to avoid collisions when 802.11b clients are present.

• 802.11b client learns from CTS frame the duration of the 802.11g transmission.

• Reduced throughput is caused by additional overhead.


802.11 Standards Comparison


802.11 Standards Comparison

802.11b 802.11g 802.11a

Ratified 1999 2003 1999

Frequency band 2.4 GHz 2.4 GHz 5 GHz

No of channels 3 3 Up to 23

Transmission DSSS DSSS OFDM OFDM

Data rates [Mbps]1, 2, 5.5,

111, 2, 5.5,

116, 9, 12, 18, 24,

36, 48, 546, 9, 12, 18, 24,

36, 48, 54

Throughput

[Mbps]Up to 6 Up to 22 Up to 28


Range Comparisons


Ratified IEEE 802.11 Standards

802.11: WLAN 1 and 2 Mbps at 2.4 GHz

802.11a: WLAN 54-Mbps at 5 GHz

802.11b: WLAN 11-Mbps at 2.4 GHz

802.11d: Multiple regulatory domains

802.11e: Quality of service

802.11f: Inter-Access Point Protocol (IAPP)

802.11g: WLAN 54-Mbps at 2.4 GHz

802.11h: Dynamic Frequency Selection (DFS) Transmit Power Control (TPC) at 5 GHz

802.11i: Security

802.11j: 5-GHz channels for Japan

http://standards.ieee.org/getieee802/


http://www.cisco.com/go/aironet/compliance

Worldwide Availability


General Office WLAN Design

• Eight 802.11g access points deployed

• 7 users per access point with no conference rooms provides 3.8 Mbps throughput per user

• 7 users + 1 conference room (10 users) = 17 total users, provides 1.5 Mbps throughput per user

54 Cubes—4 Conference Rooms

95 Feet

Conference Room

120 Feet

Reception

Conference Room

Conference Room

Conference Room


WLAN Security


WLAN Security Threats


Threats control machanism

Control and IntegrityPrivacy and

ConfidentialityProtection and

Availability

Authentication EncryptionIntrusion Detection

System (IDS)

Ensure that legitimate clients associate with trusted access points.

Protect data as it is transmitted and

received.

Track and mitigate unauthorized access and

network attacks.


Evolution of WLAN Security

• No strong authentication

• Static, breakable keys

• Not scalable

Initial (1997)

Encryption (WEP)

Interim (2001)

802.1x EAP

• Dynamic keys

• Improved encryption

• User authentication

• 802.1x EAP (LEAP, PEAP)

• RADIUS

Interim (2003)

Wi-Fi Protected Access (WPA)

• Standardized

• Improved encryption

• Strong, user authentication (e.g., LEAP, PEAP, EAP-FAST)

Present

Wireless IDS

IEEE 802.11i

WPA2 (2004)

• Identification and protection against attacks, DoS

• AES strong encryption

• Authentication

• Dynamic key management


Wireless Client Association

• Access points send out beacons announcing SSID, data rates, and other information.

• Client scans all channels.

• Client listens for beacons and responses from access points.

• Client associates to access point with strongest signal.

• Client will repeat scan if signal becomes low to reassociate to another access point (roaming).

• During association SSID, MAC address and security settings are sent from the client to the access point and checked by the access point.


WPA and WPA2 Authentication


WPA and WPA2 Encryption


WLAN Security Summary

WPA PassphraseWEP Encryption

802.1x EAPMutual Authentication

TKIP EncryptionWPA / WPA2

802.11i Security


Summary

• The 2.4-GHz and 5-GHz frequency bands are used by WLAN 802.11 standards.

• The throughput per user depends on the data rate and the number of users per wireless cell.

• 802.11b has data rates of up to 11 Mbps at 2.4 GHz.

• 802.11a has data rates of up to 54 Mbps at 5 GHz.

• 802.11g has data rates of up to 54 Mbps at 2.4 GHz.

• 802.11a has a shorter range than 802.11g.

• For maximum efficiency, limit the number of users per cell.

• Different WLAN security types with authentication and encryption satisfy the security requirements of enterprise and home users.


WLAN Components

Autonomous Solution

Wireless clientsLightweight

Solution

Autonomous access points

Access pointsLightweight

access points

Wireless Domain Services (WDS)

Control WLAN controller

WLAN Solution Engine (WLSE)

WLAN managementCisco Wireless Control System

(WCS)

PoE switches, routers

Network infrastructurePoE switches,

routers

DHCP, DNS, AAA Network services DHCP, DNS, AAA


Cisco Unified Wireless Network

Unified cellular and Wi-Fi VoIP. Advanced threat detection, identity networking, location-based security, asset tracking, and guest access.

Unified Advanced Services

Same level of security, scalability, reliability, ease of deployment, and management for wireless LANs as wired LANs.

World-Class Network Management

Integration into all major switching and routing platforms. Secure, innovative WLAN controllers.

Network Unification

Mobility Platform Ubiquitous network access in all environments. Plug and play.

90% of Wi-Fi silicon is Cisco Compatible certified. Advance services support.

Client Devices


Cisco Unified Wireless Network (Cont.)

Unified, built-in support of leading-edge applications, not an afterthought. Cisco Wireless Location Appliance, Cisco WCS, SDN, NAC, Wi-Fi phones, and RF firewalls.

Unified Advanced Services

World Class NMS that visualizes and helps secure your air space. Cisco Wireless Control System (WCS).

World-Class Network Management

Cisco Self-Defending Network

Seamless network infrastructure across a range of platforms. Cisco 4400 and 2000 Wireless LAN Controllers. Future Cisco Catalyst 6500, Series WiSM, ISR, and 3750 integration.

Network Unification

Mobility Platform Access points dynamically configured and managed through LWAPP. Cisco Aironet Access Points: 1500, 1300, 1240AG, 1230AG, 1130AG, and 1000. Bridges: 1400 and 1300.

Secure clients that work out of the box. Cisco Compatible client devices & Cisco Aironet clients.

Client Devices


Connectorized 5-GHz Antennas

Cisco 5-GHzRubber Antenna

(Flat with Blue Dot)

Cisco 2.4-GHzRubber Antenna(Round, No Dot)

5-GHz (802.11a) antennas have blue ID markers.

Dual-band (2.4-GHz and 5-GHz) antennas have yellow dots.


Cisco Access Point/Bridge Antennas

Frequency AntennaHorizontal Beamwidth

Vertical Beamwidth

2.4 GHz 2.2-dBi dipole 360o 65o

2.4 GHz 5.2-dBi omni 360o 38o

2.4 GHz 6-dBi diversity patch 80o 55o

2.4 GHz 9-dBi patch 60o 60o

2.4 GHz 10-dBi Yagi 47o 55o

2.4 GHz 13.5-dBi Yagi 30o 25o

2.4 GHz 21-dBi dish 12.5o 12.5o

5 GHz 3.5-dBi dipole 360o 40o

5 GHz 6-dBi omni 360o 17o

5 GHz 7-dBi patch 70o 50o


WAN technologies


WAN technologies

ATMATM is also a packet-switched technology that uses digital circuits. Unlike Frame Relay and X.25, however, this service uses fixed-length (53 byte) packets, called cells, to transmit information. Therefore, this service is commonly called a cell-switched service. It has an advantage over Frame Relay in that it can provide guaranteed throughput and minimal delay for a multitude of services, includingvoice, video, and data. However, it does cost more than Frame Relay services. ATM (sort of an enhanced Frame Relay) can offer a connection guaranteed bandwidth, limited delay, limited number of errors, Quality of Service (QoS), and more. Frame Relay can provide some minimal guarantees to connections, but not to the degree of precision that ATM can. Whereas Frame Relay is limited to 45 Mbps connections, ATM can scale to very high speeds: OC-192 (SONET), for instance, affords about 10 Gbps of bandwidth


Summary

• A WAN makes data connections across a broad geographic area so that information can be exchanged between distant sites.

• WAN connection types include leased line, circuit-switched, and packet-switched.

• WAN components that the provider assigns to your organization include CPE, demarcation, local loop, CO switch, and toll network.

• Cisco routers support the EIA/TIA-232, EIA/TIA-449, V.35, X.21, and EIA/TIA-530 standards for serial connections.

• To encapsulate data for crossing a WAN link, a variety of Layer 2 protocols can be used, including HDLC, PPP, SLIP, X.25/LAPB, Frame Relay, and ATM.

wide area networks

Education

types of equipment

wan connections

wan overview wans

networks equipment

data termination equipment

equipment thats

icnd v2

cisco systems