Today's network administrators must manage complex wide-area networks (WANs) in order to support the growing number of software applications that are built around Internet Protocol (IP) and the Web. These WANs place a great demand on network resources, and require high-performance networking technologies. WANs are complex environments that incorporate multiple media, multiple protocols, and inter-connection to other networks, such as the Internet. Growth and manageability of these network environments are achieved by the often complex interaction of protocols and features.
Despite improvements in equipment performance and media capabilities, WAN design is becoming more difficult. Carefully designing WANs can reduce problems associated with a growing networking environment. To design reliable, scalable WANs, network designers must keep in mind that each WAN has specific design requirements.
WAN Design Requirements
WAN communication occurs between geographically separated areas. When a local end station wants to communicate with a remote end station (that is, an end station located at a different site), information must be sent over one or more WAN links. Routers within WANs are connection points of a network. These routers determine the most appropriate path through the network for the required data streams.
WAN communication is often called a service because the network provider normally charges users for the WAN services it provides. Circuit-switching and packet-switching technologies are two types of WAN services, each of which has advantages and disadvantages. For example, circuit-switched networks offer users dedicated bandwidth that cannot be infringed upon by other users. In contrast, packet switching is a method in which network devices share a single point-to-point link to transport packets from a source to a destination across a carrier network. Packet-switched networks have traditionally offered more flexibility and used network bandwidth more efficiently than circuit-switched networks.
Traditionally, relatively low throughput, high delay, and high error rates have characterized WAN communication. WAN connections are also characterized by the cost of renting media (wire) from a service provider to connect two or more campuses together. Because the WAN infrastructure is often rented from a service provider, WAN network designs must optimize the cost of bandwidth and bandwidth efficiency. For example, all technologies and features used in WANs are developed to meet the following design requirements:
• Optimize WAN bandwidth
• Minimize cost • Maximize the effective service to the end users
Recently, traditional shared-media networks are being overtaxed because of the following new network requirements: • Network usage has increased as enterprises utilize client/server, multimedia, and other applications to enhance productivity. • The rate of change in application requirements has accelerated and will continue to do so (for example, Internet "push" technologies). • Applications increasingly require distinct network qualities of service due to services they provide end users. • An unprecedented number of connections are being established among offices of all sizes, remote users, mobile users, international sites, customers/suppliers, and the Internet. • The explosive growth of corporate intranets and extranets has created a greater demand for bandwidth. • The increased use of enterprise servers continues to grow to serve the business needs of organizations.
Compared to current WANs, the new WAN infrastructures must be more complex, based on new technologies, and able to handle an ever-increasing (and rapidly changing) application mix with required and guaranteed service levels. In addition, with a 300% traffic increase expected in the next five years, enterprises will feel even greater pressure to contain WAN costs.
Network designers are using WAN technologies to support these new requirements. WAN connections generally handle important information and are optimized for price and performance bandwidth. The routers connecting the campuses, for example, generally apply traffic optimization, multiple paths for redundancy, dial backup for disaster recovery, and quality of service (QoS) for critical applications. The table on the previous page summarizes the various WAN technologies that support such WAN requirements.
LAN/WAN Integration Issues
Distributed applications need increasingly more bandwidth, and the explosion of Internet use is driving many LAN architectures to the limit. Voice communications have increased significantly, with more reliance being placed on centralized voice mail systems for verbal communications. The network is the critical tool for information flow. Networks are being required to cost less, yet support the emerging applications and larger number of users with increased performance. Until now, local- and wide-area communications have remained logically separate. In the LAN, bandwidth is free and connectivity is limited only by hardware and implementation costs. In the WAN, bandwidth is the overriding cost, and delay-sensitive traffic such as voice has remained separate from data.
Internet applications such as voice and real-time video require better, more predictable LAN and WAN performance. These multimedia applications are quickly becoming an essential part of the business productivity toolkit. As companies begin to consider implementing new intranet-based, bandwidth-intensive multimedia applications-such as video training, videoconferencing, and voice over IP, the impact of these applications on the existing networking infrastructure will become a serious concern.
For example, if a company has relied on its corporate network for business-traffic and wants to integrate an video-training application, the network must be able to provide guaranteed QoS (quality of service). This QoS must deliver the multimedia traffic, but does not allow it to interfere with the business-critical traffic. Consequently, network designers need greater flexibility in solving multiple internetworking problems without creating multiple networks or writing off existing data communication investments.
The First Steps in WAN Design
WAN Design Goals
Designing a WAN can be a challenging task. The discussions that follow outline several areas that you should carefully consider when planning a WAN implementation. The steps described here can lead to improved WAN cost and performance. Businesses can continually improve their WANs by incorporating these steps into the planning process.
Two primary goals drive WAN design and implementation: • Application availability - Networks carry application information between computers. If the applications are not available to network users, the network is not doing its job. • Total cost of ownership - Information Systems (IS) department budgets often run in the millions of dollars. As large businesses increasingly rely on electronic data for managing business activities, the associated costs of computing resources will continue to rise. A well-designed WAN can help to balance these objectives. When properly implemented, the WAN infrastructure can optimize application availability and allow the cost-effective use of existing network resources.
In general, WAN design needs to take into account three general factors: • Environmental variables - Environmental variables include the location of hosts, servers, terminals, and other end nodes; the projected traffic for the environment; and the projected costs for delivering different service levels. • Performance constraints - Performance constraints consist of network reliability, traffic throughput, and host/client computer speeds (for example, network interface cards and hard drive access speeds). • Networking variables - Networking variables include the network topology line capacities, and packet traffic. Characterizing network traffic is critical to successful WAN planning, but few planners perform this key step well, if at all.
The overall goal of WAN design is to minimize cost based on these elements while delivering service that does not compromise established availability requirements. You face two primary concerns: availability and cost. These issues are essentially at odds. Any increase in availability must generally be reflected as an increase in cost. Therefore, you must carefully weigh the relative importance of resource availability and overall cost.
The first step in the design process is to understand the business requirements, which is covered in the following sections. WAN requirements must reflect the goals, characteristics, business processes, and policies of the business in which they operate.
The gathering requirements phase of WAN design
When designing a WAN, you need to start by gathering data about the business structure and processes. Next, you need to determine who the most important people will be in helping you design the network. You need to speak to major users and find out their geographic location, their current applications, and their projected needs. The final network design should reflect the user requirements. In general, users primarily want application availability in their networks. The chief components of application availability are response time, throughput, and reliability: • Response time is the time between entry of a command or keystroke and the host system's execution of the command or delivery of a response. Applications in which fast response time is considered critical include interactive online services, such as automated tellers and point-of-sale machines.
• Throughput-intensive applications generally involve file-transfer activities. However, throughput-intensive applications also usually have low response-time requirements. Indeed, they can often be scheduled at times when response-time-sensitive traffic is low (for example, after normal work hours). • Although reliability is always important, some applications have genuine requirements that exceed typical needs. Organizations that conduct all business activities online or over the telephone require nearly 100% uptime. Financial services, securities exchanges, and emergency, police, and military operations are a few examples. These situations require a high level of hardware and redundancy. Determining the cost of downtime is essential in determining the importance of reliability to your network.
You can assess user requirements in a number of ways. The more involved your users are in the process, the more likely your evaluation will be accurate. In general, you can use the following methods to obtain this information: • User community profiles-Outline what different user groups require. This is the first step in determining network requirements. Although most general users have the same requirements of e-mail, they may also have different needs such as sharing local print servers in their area. • Interviews, focus groups, and surveys build a baseline for implementing a network. • Understand that some groups might require access to common servers. Others might want to allow external access to specific internal computing resources. Certain organizations might require IS support systems to be managed in a particular way, according to some external standard.
• The least formal method of obtaining information is to conduct interviews with key user groups. Focus groups can also be used to gather information and generate discussion among different organizations with similar (or dissimilar) interests. Finally, formal surveys can be used to get a statistically valid reading of user sentiment regarding a particular service level. • Human factors tests-The most expensive, time-consuming, and possibly revealing method of assessing user requirements is to conduct a test involving representative users in a lab environment. This is most applicable when you're evaluating response time requirements. For example, you might set up working systems and have users perform normal remote host activities from the lab network. By evaluating user reactions to variations in host responsiveness, you can create benchmark thresholds for acceptable performance.
After gathering data about the corporate structure, you need to determine where information flows in the company. Find out where shared data resides and who uses it. Determine whether data outside the company is accessed.
Make sure you understand the performance issues of any existing network. If time permits, analyze the performance of the existing network.
You need to analyze network requirements, including the customer's business and technical goals. What new applications will be implemented? Are any applications Internet based? What new networks will be accessed? What are the success criteria? (How will you know if the new design is successful?) Availability measures the usefulness of the network. Many things affect availability, including throughput, response time, and access to resources. Every customer has a different definition of availability. You can increase availability by adding more resources. Resources drive up cost. Network design seeks to provide the greatest availability for the least cost.
The objective of analyzing requirements is to determine, the average and peak data rates for each source over time. Try to characterize activity throughout a normal work day in terms of the type of traffic passed, level of traffic, response time of hosts, and the time to execute file transfers. You can also observe utilization on existing network equipment over the test period.
If the tested network's characteristics are close to those of the new network, you can estimate the new network's requirements based on the projected number of users, applications, and topology. This is a best-guess approach to traffic estimation given the lack of tools to measure detailed traffic behavior.
In addition to passively monitoring an existing network, you can measure activity and traffic generated by a known number of users attached to a representative test network and then calculate findings to your anticipated population.
One problem with defining workloads on networks is that it is difficult to accurately pinpoint traffic load and network device performance as functions of the number of users, type of application, and geographic location. This is especially true without a real network in place.
Consider the following factors that influence the dynamics of the network: • The time-dependent nature of network access - Peak periods can vary; measurements must reflect a range of observations that includes peak demand. • Differences associated with the type of traffic - Routed and bridged traffic place different demands on network devices and protocols; some protocols are sensitive to dropped packets; some application types require more bandwidth. • The random nature of network traffic - Exact arrival time and specific effects of traffic are unpredictable.
Each traffic source has its own metric, and each must be converted to bits per second. You should standardize traffic volumes to obtain per-user volumes. Finally, you should apply a factor to account for protocol overhead, packet fragmentation, traffic growth, and safety margin. By varying this factor, you can conduct what-if analyses. For example, you could run Microsoft Office from a server, and then analyze the traffic volume generated from users sharing the application on the network. This volume will help you determine the bandwidth and server requirements to install Microsoft Office on the network.
WAN Sensitivity Testing
From a practical point of view, sensitivity testing involves breaking stable links and observing what happens. When working with a test network, this is relatively easy. You can disturb the network by removing an active interface, and monitor how the change is handled by the network: how traffic is rerouted, the speed of convergence, whether any connectivity is lost, and whether problems arise in handling specific types of traffic. You can also change the level of traffic on a network to determine the effects on the network when traffic levels approach media saturation.
How to Identify and Select Networking Capabilities
The use of the OSI model in WAN design
After you understand your networking requirements, you must identify and then design the computing environment to meet these requirements. The following sections will help you with these tasks. Hierarchical models for network design allow you to design networks in layers. To understand the importance of layering, consider the OSI model, a layered model for understanding computer communications. By using layers, the OSI reference model simplifies the tasks required for two computers to communicate. Hierarchical models for network design also use layers to simplify the tasks required for internetworking. Each layer can be focused on specific functions, thereby allowing the networking designer to choose the right systems and features for the layer.
Using a hierarchical design can facilitate changes. Modularity in network design allows you to create design elements that can be replicated as the network grows. Also, because networks will require upgrades, the cost and complexity of making the upgrade are constrained to a small subset of the overall network. In large flat or meshed network architectures, changes tend to affect a large number of systems. You can also facilitate the identification of failure-points in a network by structuring the network into small, easy-to-understand elements. Network managers can easily understand the transition points in the network, which helps identify failure points.
A hierarchical WAN design model
Network designs tend to follow one of two general design strategies: mesh or hierarchical. In a mesh structure, the network topology is flat; all routers perform essentially the same functions, and there is usually no clear definition of where specific functions are performed. Expansion of the network tends to proceed in a haphazard, arbitrary manner. In a hierarchical structure the network is organized in layers, each of which has one or more specific functions.
Benefits to using a hierarchical model include the following: • Scalability -- Networks that follow the hierarchical model can grow much larger without sacrificing control or manageability because functionality is localized and potential problems can be recognized more easily. An example of a very large-scale hierarchical network design is the Public Switched Telephone Network. • Ease of implementation -- A hierarchical design assigns clear functionality to each layer, thereby making network implementation easier. • Ease of troubleshooting -- Because the functions of the individual layers are well defined, the isolation of problems in the network is less complicated.
Temporarily segmenting the network to reduce the scope of a problem also is easier. • Predictability -- The behavior of a network using functional layers is fairly predictable, which makes capacity planning for growth considerably easier; this design approach also facilitates modeling of network performance for analytical purposes. • Protocol support -- The mixing of current and future applications and protocols is much easier on networks that follow the principles of hierarchical design because the underlying infrastructure is already logically organized. • Manageability -- All the benefits listed here contribute to greater manageability of the network.
Three hierarchical WAN design layers
A hierarchical network design includes the following three layers: • The core layer provides optimal transport between sites • The distribution layer, which provides policy-based connectivity • The access layer, which provides workgroup and user access to the network
The figure shows a high-level view of the various aspects of a hierarchical network design.
Describe the three-layer design model components
A layer is identified as a point in the network where an OSI reference model Layer 3 (network layer) boundary occurs: The three layers are bound by Layer 3 devices or other devices that separate the network into broadcast domains. As shown in the figure above, the three-layer model consists of core, distribution, and access layers, each of which has specific functions:
• Core layer -- The core layer provides fast wide-area connections between geographically remote sites, tying a number of campus networks together in a corporate or enterprise WAN. Core links are usually point-to-point, and there are rarely any hosts in the core layer. Core services (for example, T1/T3, Frame Relay, SMDS) typically are leased from a telecom service provider. • Distribution layer -- The distribution layer gives network services to multiple LANs within a WAN environment. This layer is where the WAN backbone network is found, and it is typically based on Fast Ethernet. This layer is implemented on large sites and is used to interconnect buildings. • Access layer -- The access layer is usually a LAN or a group of LANs, typically Ethernet or Token Ring, that provide users with frontline access to network services. The access layer is where almost all hosts are attached to the network, including servers of all kinds and user workstations.
A three-layer model can meet the needs of most enterprise networks. However, not all environments require a full three-layer hierarchy. In some cases, a two-layer design may be adequate or even a single layer flat network. Even in these cases, however, a hierarchical structure should be planned or maintained to allow these network designs to expand to three layers as the need arises. The following sections discuss in more detail the functions of the three layers. Then, we'll move on to discuss one- and two-layer hierarchies.
The core layer's function is to provide a fast path between remote sites, as shown in the figure. This layer of the network should not perform any packet manipulation, such as using access control lists and performing filtering, that would slow down the switching of packets. The core layer is usually implemented as a WAN. The WAN needs redundant paths so that the network can withstand individual circuit outages and continue to function. Load sharing and rapid convergence of routing protocols are also important design features. Efficient use of bandwidth in the core is always a concern.
The distribution layer of the network is the demarcation point between the access and core layers and helps to define and differentiate the core. The purpose of this layer is to provide boundary definition, and it is the layer at which packet manipulation occurs. In the WAN environment, the distribution layer can include several functions, such as the following: • Address or area aggregation • Departmental or workgroup access to the core layer • Broadcast/multicast domain definition • Virtual LAN (VLAN) routing • Any media transitions that need to occur • Security
The distribution layer would include the campus backbone with all its connecting routers, as shown in the figure. Because policy is typically implemented at this level, we can say that the distribution layer provides policy-based connectivity. Policy-based connectivity means that the routers are programmed to allow only acceptable traffic on the campus backbone. Note that good network design practice would not put end stations (such as servers) on the backbone. Not putting end stations on the backbone frees up the backbone to act strictly as a transit path for traffic between workgroups or campus-wide servers.
In non-campus environments, the distribution layer can be the point at which remote sites access the corporate network. The distribution layer can be summarized as the layer that provides policy-based connectivity.
The access layer is the point at which local end users are allowed into the network, as shown in the figure. This layer can also use access control lists or filters to further optimize the needs of a particular set of users. In the campus environment, access-layer functions can include the following: • Shared bandwidth • Switched bandwidth • MAC-layer filtering • Microsegmentation
The access layer connects users into LANs, and LANs into WAN backbones or WAN links. This approach enables designers to distribute services of devices operating at this layer. The access layer allows logical segmentation of the network and grouping of users based on their function. Traditionally, this segmentation is based on organizational boundaries (such as Marketing, Administration, or Engineering). However, from a network management and control perspective, the main function of the access layer is to isolate broadcast traffic to the individual workgroup or LAN. In non-campus environments, the access layer can give remote sites access to the corporate network via some wide-area technology, such as Frame Relay, ISDN, or leased lines.
One-layer network designs
Not all networks require a three-layer hierarchy. A key design decision becomes the placement of servers: They can be distributed across multiple LANs or concentrated in a central server farm location. The figure shows a distributed server design. A one-layer design is typically implemented if there are only a few remote locations in the company, and access to applications is mainly done via the local LAN to the site file server. Each site is its own broadcast domain.
Two-layer network designs
In a two-layer design, a WAN link is used to interconnect separate sites, as shown in the figure. Inside the site, multiple LANs may be implemented, with each LAN segment being its own broadcast domain. The router at Site F becomes a concentration point from WAN links.
The benefits of hierarchical WAN designs
One of the advantages of a hierarchical WAN design is that it provides a method for controlling data traffic patterns by putting Layer 3 routing points throughout the network. Because routers have the ability to determine paths from the source host to destination hosts based on Layer 3 addressing, data traffic flows up the hierarchy only as far as it needs to find the destination host, as shown in the figure.
If Host A were to establish a connection to Host B, the traffic from this connection would travel to Router 1 and be forwarded back down to Host B. Notice in the figure to the right that this connection does not require that any traffic be placed on the link between Router 1 and Router 2, thus conserving the bandwidth on that link.
In a two-layer WAN hierarchy, shown in the figure to the left, the traffic only travels up the hierarchy as far as needed to get to the destination, thus conserving bandwidth on other WAN links.
Server placement in WANs
The placement of servers as it relates to who will be accessing them affects traffic patterns in the WAN. If you place an enterprise server in the access layer of Site 1, as shown in the figure all traffic destined for that is forced to go across links between Routers 1 and 2.
This consumes major quantities of bandwidth from Site 1. If you place the enterprise server at a higher layer in the hierarchy, as shown in the figure to the right, the traffic on the link between Routers 1 and 2 is reduced and is available for users at Site 1 to access other services. In the figure below, a workgroup server is placed at the access layer of the site where the largest concentration of users is located, and traffic crossing the WAN link to access this server is limited. Thus, more bandwidth is available to access resources outside the site.
Alternatives to dedicated WAN links
It is not uncommon for remote sites to access the WAN core layer by using WAN technologies other than dedicated links. As shown the figure, Frame Relay and ISDN are two such alternatives. If a remote site is small and has low demand for access to services in the corporate network, ISDN would be a logical choice for this implementation. Perhaps another remote site cannot get access to dedicated WAN links from its service provider, but has access to Frame Relay.