Networking Fundamentals​, Quick Notes – Wide Area Networks Part 1

Wide Area Networks

Establishing connectivity over long distances require specific technical infrastructure.

A. Dial-up Networking, DSL, Cable Internet, Wi-Max are some of the popular choices across home users, small & medium businesses for Internet access.

B. ISDN, Leased Lines are considered for medium to large office networks & service providers.

Wide Area Networks are used for establishing connectivity between LAN(s) across different locations and/or for providing access to the Internet.

Equipment used in WAN vary depending on requirements, costs & feasibility.

Dial-Up Networking

Internet connectivity using a Dial-up modem

  • Users connect to remote networks by dialing a number provided by the office; customers gain access to the Internet by dialing a number provided by the ISP.
  • Typical speeds around 56 Kbps.
  • Either phone or modem can be used at one time, not both at the same time.
  • Popular for Internet Access and remote office network setups till early 2000’s.
  • Infrastructure
    • RAS (Remote Access Servers): Server Software, For accepting incoming connections.
    • DUN (Dial Up Networking): Client Software, for connecting to RAS.
  • Uses PPP (Point-to-Point Protocol) or SLIP (Serial Line Internet Protocol).
  • Internet connectivity is usually shared through 3rdparty software during that time.
  • Mostly replaced by Broadband technologies like DSL, Cable, etc. (in some countries Dial Up technology is still used).

Note: SLIP requires IP before connectivity, unlike PPP. PPP supersedes SLIP and PPP supports use of other protocols such as NETBEUI, IPX/SPX & DHCP environments.

MODEM (Modulator Demodulator)

  • Simple device for connecting to remote networks using telephone networks.
  • Available as Internal modems (for personal computers) & external models
  • Converts Digital-to-Analog & Analog-to-Digital signals.

Internal Dial-Up MODEM

External Dial-Up MODEM

USB Dial-Up MODEM

  • Internal Modems are inserted in PCI / PCIe slots.
  • External Modems are connected through Serial Ports & USB ports.

Note: Do NOT confuse “Dial Up Modems” with DSL/Cable Modems.

ISDN

  • ISDN (Integrated Services Digital Network) set of standards for digital transmission over PSTN.
  • Used by companies for High speed, reliable & stable Internet connectivity.
  • ISDN requires specific hardware which is quite expensive.
  • ISDN is usually offered as:
    • Basic Rate Interface: 2 B Channels (64 Kbps) + 1 D Channel (16 Kbps) =128 Kbps total
    • Primary Rate Interface: 23 B Channels (64 Kbps) + 1 D Channel (64 Kbps) = 1.5 Mbps total

Note: PRI/BRI implementations & plans vary country to country.

Leased Line

  • “Leased Lines” refers to dedicated direct connections between ISP & Consumer, ensuring connectivity all the time.
  • Usually expensive and require special hardware for network connectivity.

Reference(s):

https://en.wikipedia.org/wiki/Integrated_Services_Digital_Network

https://en.wikipedia.org/wiki/Leased_line 

DSL

Internet connectivity using a DSL modem, DSL filter used for separating voice & data

  • Digital Subscriber Line, widely popular forhigh speed Internet Access.
  • Uses different frequencies for data & voice (hence the term “broadband”), allowing telephone & Internet usage at the same time.  
  • DSLAM used at service provider & DSL filter at customer’s premises to split voice and data lines.
  • Uses PPPoE (Point-to-Point Protocol Over Ethernet).  

Note: DSL networks are “always connected”, unlike in Dial-up networks where connectivity is available until user disconnects.  

DSL implementations vary depending on country & provider, through technologies like:

  • ADSL (Asymmetric DSL)
    • Download & Upload speeds are different.
    • Example: 10 Mbps download / 256 Kbps upload.
  • SDSL (Symmetric DSL)
    • Downloads & Uploads are at same speeds.
    • Example: 10 Mbps download / 10 Mbps upload.

DSL MODEM

  • Popular, simple & easy to use device, typically used to share Internet connectivity.
  • DSL modems usually have one RJ-11 (WAN) for connecting to the ISP and, one or more RJ-45 (LAN) ports for LAN connectivity.
  • May have additional features like Wi-Fi, Printer Sharing, USB ports, etc. depending on the model.

DSL MODEM

DSL MODEM, 1 WAN Port / 4 LAN Ports + WI-FI

Reference(s):  

https://en.wikipedia.org/wiki/DSL 

Standards

Technology

Speed

ADSL (G.lite)

1536/512 kbit/s

192/64 kB/s

HDSL ITU G.991.1 a.k.a. DS1

1544 kbit/s

193 kB/s

MSDSL

2000 kbit/s

250 kB/s

SDSL

2320 kbit/s

290 kB/s

SHDSL ITU G.991.2

5690 kbit/s

711 kB/s

ADSL (G.dmt) ITU G.992.1

8192/1024 kbit/s

1024/128 kB/s

ADSL2 ITU G.992.3

12288/1440 kbit/s

1536/180 kB/s

ADSL2+ ITU G.992.5

24576/3584 kbit/s

3072/448 kB/s

VDSL ITU G.993.1

52 Mbit/16Mbit/s

7 MB/s

VDSL2 ITU G.993.2

100 Mbit/s

12.5 MB/s

Uni-DSL

200 Mbit/s

25 MB/s

VDSL2 ITU G.993.2

300 Mbit/s

37.5 MB/s

Cable Internet

Internet connectivity using a Cable modem

  • Uses cable television infrastructure for Internet access (broadband).
  • Usually has one CO-AXIAL connector (WAN) & one RJ-45 (LAN) Port.
  • Co-Axial for connecting to ISP and RJ-45 port for connecting to LAN port (usually a computer).
  • Follows DOCSIS (Data Over Cable Service Interface Specification) standards.

 

Cable MODEM

 

Reference(s):

https://en.wikipedia.org/wiki/Cable_Internet 

Standards

Technology

Speed

DOCSIS 1.0

38/9 Mbit/s

4.75/1.125 MB/s

DOCSIS 2.0

38/27 Mbit/s

4.75/3.375 MB/s

DOCSIS 3.0

1216/216 Mbit/s

152/27 MB/s

DOCSIS 3.1

10/2 Gbit/s

1.25/0.25 GB/s

DOCSIS 3.1 Full Duplex

10/10 Gbit/s

1.25/1.25 GB/s

WiMAX

Internet connectivity using WiMAX setup

  • Worldwide interoperability for Microwave Access.
  • Wireless Internet Access, alternate to DSL or Cable.
  • “Last Mile” solution (where cable network access is NOT possible at all).
  • Follows IEEE 802.16 Standard.
  • Range up to 50 KM.
  • Speed up to 70Mbit/s (depending on implementation & service provider).

 

WiMax Dish Antenna

WiMax Parabollic Antenna

 

Reference(s):

https://en.wikipedia.org/wiki/WiMAX 

NAT (Concept)

  • Network Address Translation (NAT) – Process of remapping IP addresses.
  • Popular example is when an Internet connection is shared (Private to Public & Public to Private IP are remapped in IP address header).
  • Implemented through Software or Hardware.
  • Widely implemented in SOHO Routers, Internet Sharing & Metering Software, etc.

NAT Device has:

  1. WAN Interface:  For connecting to outside world through DSL, Cable, Dial-Up, etc. (Public IP).
  2. LAN Interface: For providing connectivity to devices such as desktops, laptops, etc. (Private IP).

NAT  – A. One Public IP & B. Multiple Private IPs

Typically only one Public IP address is assigned by an ISP for every Internet connection; public IP address provided by the ISP is assigned to the WAN port of a Router. Private IP addresses are assigned by the Router to clients connected to it (through wired or Wi-Fi).

For example:

ISP assigns public IP 202.1.1.5.

Router’s LAN IP is set as 192.168.1.1.

Router’s DHCP range is set as 192.168.1.2 to 192.168.1.254.

Router assigns IP addresses to it’s clients from the DHCP pool.

  1. 168.1.2 sends a request to 2.1.3.4
  2. LAN interface on the Router assigned with IP 192.168.1.1 receives the request
  3. NAT software on the Router replaces 192.168.1.2 with 202.1.1.5 and sends the request to 2.1.3.4
  4. 1.3.4 replies to 202.1.1.5
  5. NAT software replaces 202.2.1.5 with 192.168.1.1 based on its NAT table
  6. Reply sent to 192.168.1.2 from 192.168.1.1

Firewall

Firewall in a router & Software Firewall on computers

  • Protects computers & networks (Network Level).
  • Controls incoming & outgoing network traffic.
  • Works based on predefined rules, analyzes packets and allows/rejects.
  • Essential to keep out unwanted traffic or users outside of a network or computer.
  • Hardware or Software based.
  • Some Operating Systems, Anti-Virus & NAT software include firewall as a feature.
  • Types
    • Personal Firewall
      • Designed for controlling network traffic on a single computer.
      • Personal firewalls are usually configured automatically, require technical expertise for finer control.
    • Enterprise Firewall
      • Designed for controlling traffic across network of computers.
      • Enterprise firewalls require specific technical expertise based on the model.

Note: Firewall is NOT an Anti-Virus Software; Firewall protects only network traffic.

 

Software Firewall

Hardware Firewall

 

Note: It is recommended to keep one personal firewall active, if there are multiple software firewalls installed on a computer to avoid firewall conflicts.

Manage Windows Firewall Settings

Tip: Microsoft Windows applies different firewall policies according to the network type; domain (for domain environments), public (hotspots, restaurants, etc.) & private (office or home network). Users may switch to different profiles as required by just selecting the type of network (in turn appropriate firewall profile is applied); profiles may be modified according to user’s preference, for example allow specific applications only on an office network and block all other applications thereby increasing security measures.

  • View status of current profile:
    • CMD > netsh advfirewall show currentprofile

Output listing currently active profile (based on currently logged on user account)

  • View status of Private Network:
    • CMD > netsh advfirewall show privateprofile

Output listing settings applicable for a private (LAN) network

  • View status of Public Network:
    • CMD > netsh advfirewall show publicprofile

Output listing settings applicable for a public (Internet) network

  • View status of Windows Firewall for all connections
    • CMD > netsh advfirewall show allprofiles state

Output displaying status of Windows Firewall

  • View list of Applications & Services and, their status in Windows Firewall Profiles
    • CMD > netsh advfirewall firewall show rule name=all

Output listing application & service status in Windows Firewall

  • Store all details in a Text file:
    • CMD > netsh advfirewall firewall show rule name=all > C:\Log.txt

Store output in text file

  • View Text File:
    • CMD > notepad C:\LOG.TXT

Open text file using Notepad

  • Enable logging in Windows Firewall for allowed software
  • CMD > netsh advfirewall set currentprofile logging allowedconnections enable

Input to enable logging for allowed connections

  • Open Log File in a text editor to view: C:\Windows\System32\LogFiles\Firewall\pfirewall.log
  • DISABLE logging in Windows Firewall
  • CMD > netsh advfirewall set currentprofile logging allowedconnections disable

Input to disable logging for allowed connections, if enabled earlier

  • Add a program to Windows Firewall using Port Number
  • CMD > netsh advfirewall firewall add rule name=”RULENAME” dir=in action=allow protocol=tcp localport=portnumber

C:\netsh advfirewall firewall add rule name=”My web server” dir=in action=allow protocol=tcp localport=8080

Sample input to add an exception using Port number

  • Remove a program from Windows Firewall
  • CMD > netsh advfirewall firewall delete rule name=”RULENAME”

Input for deleting a rule, output with confirmation

  • Add an exception by using an executable
    • CMD > netsh advfirewall firewall add rule name=”RULENAME” dir=in action=allow program=”path\program.exe” enable=yes

Input to add an executable to Windows Firewall

  • Reset Windows Firewall to default settings
    • CMD > netsh advfirewall reset

Input to reset Windows Firewall

  • View complete details:
    • CMD > netsh advfirewall show allprofiles

Firewall status for all connections

  • Turn Off Firewall for Private Network:
    • CMD > netsh advfirewall set privateprofile state off

Input to disable firewall for private profile

  • Turn Off Firewall for Public Network:
    • CMD >netsh advfirewall set publicprofile state off

Input to disable firewall for public profile

  • Turn Off Firewall Both Networks:
    • CMD > netsh advfirewall set allprofiles state off

Input to disable firewall for both private & public profiles

  • Turn On Firewall for Private Network:
    • CMD > netsh advfirewall set privateprofile state on

Input to enable firewall for private profile

  • Turn On Firewall for Public Network:
    • CMD >netsh advfirewall set publicprofile state on

Input to enable firewall for public profile

  • Turn On Firewall for Both Networks:
    • CMD > netsh advfirewall set allprofiles state on

Input to enable firewall for both private & public profiles

  • View Firewall Settings (GUI)
    • START > RUN > FIREWALL.CPL

Windows Firewall

  • Add/remove programs or services to Windows Firewall
    • Select “Allow an app or feature through Windows Firewall” from left menu

Application & Service List in Windows Firewall

  • To add an application, Select “Change settings”
    • If the application / service is already in this list, then check under “Private”, “Public” or Both (depending on requirements)
    • If the application / service is NOT listed, then select “Allow Another app…”

Add a program to exception list in Windows Firewall

  • Select “Network types…”, check “Private”, “Public” or both as required

  • Select “Browse…”, select the program
  • Select “Add“& Select “OK“
  • To change firewall settings
    • To Disable Firewall, Select “Turn Windows Firewall on or off”

  • Disable Firewall for Private Networks
    • Select “Turn Off Windows Firewall (not recommended)”
  • Disable Firewall for Public Networks
    • Select “Turn Off Windows Firewall (not recommended)”
  • Enable Firewall, Select “Turn on Windows Firewall” under respective networks
  • For finer control (requires technical expertise), select “Advanced Settings” from Windows Firewall

Note: Since this topic is advanced, this is not covered further.

Leave a Comment

Shopping Cart