Cisco overhauls Ethernet edge routers

Cisco ASR 9000 designed for 6.4Tbps, video and mobile backhaul

By Jim Duffy , Network World , 11/11/2008

Cisco as expected this week ushered in the new era of its Carrier Ethernet routers with an edge system designed to scale to 6.4Tbps.

The ASR 9000 builds on the ASR series and QuantumFlow processor announced earlier this year. It cost $200 million and was in development for more than four years. The box runs Cisco's IOS-XR operating system with edge-specific enhancements, and is expected to succeed the company's eight-year-old and widely installed 7600 series systems.

Read the latest WhitePaper - The Promise and Pitfalls of 802.11n

ASR 9000 is designed for a subscriber and enterprise world of increasing video and mobile service use. According to Cisco, IP traffic over wireline and mobile networks will nearly double every two years until 2012, reaching 522 exabytes -- an exabyte is a billion gigabytes – or the equivalent of downloading 125 billion DVD movies per month.

Video will prompt consumer IP traffic to quadruple in that time, while mobile data will grow at a compounded annual rate of 125%, Cisco says. The scale of videro growth mandates 100+Gbps of bandwidth and video intelligence, the company says.

The ASR 9000 comes in six- and 10-slot configurations and Cisco says they support 400Gbps per slot. The 7600 is aimed squarely at Carrier Ethernet aggregation and mobile backhaul applications requiring up to 80Gbps per slot. (Compare access router products.)

Cisco did not discuss interface modules for the ASR 9000 chassis, and would not comment when asked if it would ship prestandard 40/100Gbps Ethernet line cards for them; but the routers will support integrated optical transponders, or Cisco's IP-over-dense-wavelength-division-multiplexing technology for increasing fiber capacity.

They will also support seamless mobile handoff capabilities with 3G/4G cell site routers, Cisco says.

At 6.4Tbps, Cisco says the ASR 9000 provide six times the capacity of competitive edge routers, which include Juniper's MX960, Alcatel-Lucent's 7750 and Ericsson's Redback SmartEdge. The routers also incorporates an Advanced Video Services Module (AVSM) designed to provide terabytes of streaming capacity while simultaneously offering content caching, ad insertion, fast channel change and error correction.

AVSM eliminates the need for standalone content delivery network elements, Cisco says. Errors can be retransmitted in milliseconds to a Cisco set-top box to maintain a transparent visual experience with no TV screen "freeze," the company says.

IT admin used inside knowledge to hack and steal

According to the Santa Clara District Attorney's office, Andrew Madrid, 34, used his IT experience to pull off a variety of crimes between September 2006 and March 2008.

"This was one of the most sophisticated computer crimes our office has prosecuted," said Ben Field, Santa Clara's deputy district attorney. "There's computer intrusion in the first place, there's the introduction of spyware, there's the theft of proprietary data from a computer network, and sometimes the destruction of proprietary data from a computer network."

One of Madrid's victims was his former employer, a Sunnyvale, Calif., high-technology company. According to Field, Madrid destroyed data on the company's servers in the hope that "they would ask him to come back and fix the very problem that he created."

The Santa Clara District Attorney's office declined to name any of the victims of Madrid's crimes.

To make his hacking harder to trace, Madrid would often use his neighbor's open wireless networks, Field said.

Posing as a security guard or an IT person, he also breezed through Bay Area companies late at night looking for laptops and other computer equipment to steal, Field said. "He had a good eye for what was valuable," he said.

He sometimes gained access to different parts of the building by picking up security badges he found lying in unoccupied cubes, Field said.

If stopped by company employees, "he would talk to them as if he was completely justified in being there," Field said. "Like he was an IT person doing some work or a security guard making sure the place was secure."

"Being a former network administrator, he could talk the talk as an IT guy," he added.

Madrid even wore clothes that resembled a security guard's uniform, Field said.

In another scheme, Madrid would change bar-code tags on computer equipment in stores in order to pay retailers less than the value of their merchandise. He sometimes manufactured his own price tags, Field said, and a mobile bar-code printer was found in his car. Sometimes the scam was as simple as taking the bar code off a cheap eMachine and putting it on a more expensive Hewlett-Packard computer, Field said.

Madrid pleaded guilty on Friday in Santa Clara superior court. He faces six to 12 years in prison on the various charges. Sentencing is set for Jan. 22.

Network

Campus Area Network (CAN)

This is a network that connects two or more LANs but that is limited to a specific and contiguous geographical area such as a college campus, industrial complex, office building, or a military base. A CAN may be considered a type of MAN (metropolitan area network), but is generally limited to a smaller area than a typical MAN. This term is most often used to discuss the implementation of networks for a contiguous area. This should not be confused with a Controller Area Network. A LAN connects network devices over a relatively short distance. A networked office building, school, or home usually contains a single LAN, though sometimes one building will contain a few small LANs (perhaps one per room), and occasionally a LAN will span a group of nearby buildings. In TCP/IP networking, a LAN is often but not always implemented as a single IP subnet.

Metropolitan Area Network (MAN)

A Metropolitan Area Network is a network that connects two or more Local Area Networks or Campus Area Networks together but does not extend beyond the boundaries of the immediate town/city. Routers, switches and hubs are connected to create a Metropolitan Area Network.

Wide Area Network (WAN)

A WAN is a data communications network that covers a relatively broad geographic area (i.e. one city to another and one country to another country) and that often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer.

Global Area Network (GAN)

Global Area networks (GAN) specifications are in development by several groups, and there is no common definition. In general, however, a GAN is a model for supporting mobile communications across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile communications is "handing off" the user communications from one local coverage area to the next. In IEEE Project 802, this involves a succession of terrestrial Wireless local area networks (WLAN).^[2]

Internetwork

Two or more networks or network segments connected using devices that operate at layer 3 (the 'network' layer) of the OSI Basic Reference Model, such as a router. Any interconnection among or between public, private, commercial, industrial, or governmental networks may also be defined as an internetwork.

In modern practice, the interconnected networks use the Internet Protocol. There are at least three variants of internetwork, depending on who administers and who participates in them:

• Intranet
• Extranet
• Internet

Intranets and extranets may or may not have connections to the Internet. If connected to the Internet, the intranet or extranet is normally protected from being accessed from the Internet without proper authorization. The Internet is not considered to be a part of the intranet or extranet, although it may serve as a portal for access to portions of an extranet.

Intranet

An intranet is a set of networks, using the Internet Protocol and IP-based tools such as web browsers and file transfer applications, that is under the control of a single administrative entity. That administrative entity closes the intranet to all but specific, authorized users. Most commonly, an intranet is the internal network of an organization. A large intranet will typically have at least one web server to provide users with organizational information.

Extranet

An extranet is a network or internetwork that is limited in scope to a single organization or entity but which also has limited connections to the networks of one or more other usually, but not necessarily, trusted organizations or entities (e.g. a company's customers may be given access to some part of its intranet creating in this way an extranet, while at the same time the customers may not be considered 'trusted' from a security standpoint). Technically, an extranet may also be categorized as a CAN, MAN, WAN, or other type of network, although, by definition, an extranet cannot consist of a single LAN; it must have at least one connection with an external network.

Internet

The Internet is a specific internetwork. It consists of a worldwide interconnection of governmental, academic, public, and private networks based upon the networking technologies of the Internet Protocol Suite. It is the successor of the Advanced Research Projects Agency Network (ARPANET) developed by DARPA of the U.S. Department of Defense. The Internet is also the communications backbone underlying the World Wide Web (WWW). The 'Internet' is most commonly spelled with a capital 'I' as a proper noun, for historical reasons and to distinguish it from other generic internetworks.

Participants in the Internet use a diverse array of methods of several hundred documented, and often standardized, protocols compatible with the Internet Protocol Suite and an addressing system (IP Addresses) administered by the Internet Assigned Numbers Authority and address registries. Service providers and large enterprises exchange information about the reachability of their address spaces through the Border Gateway Protocol (BGP), forming a redundant worldwide mesh of transmission paths.

Basic Hardware Components

All networks are made up of basic hardware building blocks to interconnect network nodes, such as Network Interface Cards (NICs), Bridges, Hubs, Switches, and Routers. In addition, some method of connecting these building blocks is required, usually in the form of galvanic cable (most commonly Category 5 cable). Less common are microwave links (as in IEEE 802.11) or optical cable ("optical fiber").

Network Interface Cards

A network card, network adapter or NIC (network interface card) is a piece of computer hardware designed to allow computers to communicate over a computer network. It provides physical access to a networking medium and often provides a low-level addressing system through the use of MAC addresses. It allows users to connect to each other either by using cables or wirelessly.

Repeaters

A repeater is an electronic device that receives a signal and retransmits it at a higher power level, or to the other side of an obstruction, so that the signal can cover longer distances without degradation. In most twisted pair ethernet configurations, repeaters are required for cable runs longer than 100 meters away from the computer.

HUB

A hub contains multiple ports. When a packet arrives at one port, it is copied to all the ports of the hub for transmission. When the packets are copied, the destination address in the frame does not change to a broadcast address. It does this in a rudimentary way: It simply copies the data to all of the Nodes connected to the hub.^[3]

Bridges

A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI model. Bridges do not promiscuously copy traffic to all ports, as hubs do, but learn which MAC addresses are reachable through specific ports. Once the bridge associates a port and an address, it will send traffic for that address only to that port. Bridges do send broadcasts to all ports except the one on which the broadcast was received.

Bridges learn the association of ports and addresses by examining the source address of frames that it sees on various ports. Once a frame arrives through a port, its source address is stored and the bridge assumes that MAC address is associated with that port. The first time that a previously unknown destination address is seen, the bridge will forward the frame to all ports other than the one on which the frame arrived.

Bridges come in three basic types:

1. Local bridges: Directly connect local area networks (LANs)
2. Remote bridges: Can be used to create a wide area network (WAN) link between LANs. Remote bridges, where the connecting link is slower than the end networks, largely have been replaced by routers.
3. Wireless bridges: Can be used to join LANs or connect remote stations to LANs.

Switches

A switch is a device that performs switching. Specifically, it forwards and filters OSI layer 2 datagrams (chunk of data communication) between ports (connected cables) based on the MAC addresses in the packets.^[4] This is distinct from a hub in that it only forwards the datagrams to the ports involved in the communications rather than all ports connected. Strictly speaking, a switch is not capable of routing traffic based on IP address (layer 3) which is necessary for communicating between network segments or within a large or complex LAN. Some switches are capable of routing based on IP addresses but are still called switches as a marketing term. A switch normally has numerous ports, with the intention being that most or all of the network is connected directly to the switch, or another switch that is in turn connected to a switch.^[5]

Switch is a marketing term that encompasses routers and bridges, as well as devices that may distribute traffic on load or by application content (e.g., a Web URL identifier). Switches may operate at one or more OSI model layers, including physical, data link, network, or transport (i.e., end-to-end). A device that operates simultaneously at more than one of these layers is called a multilayer switch.

Overemphasizing the ill-defined term "switch" often leads to confusion when first trying to understand networking. Many experienced network designers and operators recommend starting with the logic of devices dealing with only one protocol level, not all of which are covered by OSI. Multilayer device selection is an advanced topic that may lead to selecting particular implementations, but multilayer switching is simply not a real-world design concept.

Routers

Routers are networking devices that forward data packets between networks using headers and forwarding tables to determine the best path to forward the packets. Routers work at the network layer of the TCP/IP model or layer 3 of the OSI model. Routers also provide interconnectivity between like and unlike media (RFC 1812). This is accomplished by examining the Header of a data packet, and making a decision on the next hop to which it should be sent (RFC 1812) They use preconfigured static routes, status of their hardware interfaces, and routing protocols to select the best route between any two subnets. A router is connected to at least two networks, commonly two LANs or WANs or a LAN and its ISP's network. Some DSL and cable modems, for home (and even office) use, have been integrated with routers to allow multiple home/office computers to access the Internet through the same connection. Many of these new devices also consist of wireless access points (waps) or wireless routers to allow for IEEE 802.11g/b wireless enabled devices to connect to the network without the need for cabled connections.

http://en.wikipedia.org/wiki/Computer_network#Local_Area_Network_.28LAN.29

Local Area Network (LAN)

Local Area Network (LAN)

Main article: Local Area Network

This is a network covering a small geographic area, like a home, office, or building. Current LANs are most likely to be based on Ethernet technology. For example, a library may have a wired or wireless LAN for users to interconnect local devices (e.g., printers and servers) and to connect to the internet. On a wired LAN, PCs in the library are typically connected by category 5 (Cat5) cable, running the IEEE 802.3 protocol through a system of interconnected devices and eventually connect to the Internet. The cables to the servers are typically on Cat 5e enhanced cable, which will support IEEE 802.3 at 1 Gbit/s. A wireless LAN may exist using a different IEEE protocol, 802.11b, 802.11g or possibly 802.11n. The staff computers (bright green in the figure) can get to the color printer, checkout records, and the academic network and the Internet. All user computers can get to the Internet and the card catalog. Each workgroup can get to its local printer. Note that the printers are not accessible from outside their workgroup.

Typical library network, in a branching tree topology and controlled access to resources

All interconnected devices must understand the network layer (layer 3), because they are handling multiple subnets (the different colors). Those inside the library, which have only 10/100 Mbit/s Ethernet connections to the user device and a Gigabit Ethernet connection to the central router, could be called "layer 3 switches" because they only have Ethernet interfaces and must understand IP. It would be more correct to call them access routers, where the router at the top is a distribution router that connects to the Internet and academic networks' customer access routers.

The defining characteristics of LANs, in contrast to WANs (wide area networks), include their higher data transfer rates, smaller geographic range, and lack of a need for leased telecommunication lines. Current Ethernet or other IEEE 802.3 LAN technologies operate at speeds up to 10 Gbit/s. This is the data transfer rate. IEEE has projects investigating the standardization of 100 Gbit/s, and possibly 40 Gbit/s.

http://en.wikipedia.org/wiki/Computer_network#Local_Area_Network_.28LAN.29