When working with networks you will frequently hear the terms Local
Area Network (LAN) and Wide Area Network (WAN). Textbooks and
certification exams focus on the advantages and disadvantages of LANs
and WANs as if you need to choose between the two when designing a
network. This can be confusing to someone who is not technically savvy
and is trying to make an executive decision. It’s no easier for the
network manager who has to explain that you can’t string an Ethernet
cable from one side of the city to the other.
The difference between a LAN and a WAN is not a matter of choice. You
do not weigh the advantages and disadvantages of LANs and WANs and
choose the best technology for your situation. If your network is a
group of computers that are close together you will string Ethernet
cables between them and you will have a Local Area Network. If you have
two or more computers that are too far apart to string your own cables
you will use the telephone system to connect your computers. This is a
Wide Area Network.
From these definitions you can see that a Wide Area Network can be a
network that spans across the street or a network that spans around the
world. Attempts have been made to define networks that are beyond the
scope of a LAN but have a limited geographic scope. For example, in the
late 1980s technology was developed that was suitable for networks that
spanned an area the size of a city. Such a network was defined as a
Metropolitan Area Network (MAN). This definition is still used
occasionally, but the technology failed in the marketplace. It was too
expensive to implement and telephone companies already had suitable
infrastructure in place that could be leased at an affordable price.
The end result is that a "MAN" now uses the same technology as a WAN so
there is no difference from a network administrator's point of view.
There have been other attempts to define networks based on their
geographic scope. One of these definitions is the Campus Area Network
(CAN) for a installation such as a university campus, military base or
business complex. Recently the term Personal Area Network (PAN) has
appeared for such networks as Bluetooth and wireless USB. In reality,
these networks are all Local Area Networks. Use of the terms CAN and
PAN may be useful in defining the geographic scope of a network but are
not useful for defining the technology the network administrator will
use.
In this book LAN and WAN are not used to describe the geographic scope
of a network but to describe the different technologies used to
implement the types of networks.
Local Area Network (LAN)
A Local Area Network is frequently defined as a network that covers a
small area, such as an office, an office suite, one floor of a building
or a single building. Sometimes this definition may be extended to
cover a small group of buildings but that may be called a Campus Area
Network (CAN).
From a network administrator's point of view, the network media (the
wiring) makes a LAN different from other types of networks. In the case
of a Local Area Network, the owner of the network owns the media. The
computers are close enough together that the network owner can install
wiring or wireless access points without relying on a third party to
provide connection services.
Examples of LANs are home networks, small business networks and segments of corporate networks.
LAN Technologies
There have been several technologies developed over the years to
implement local area networks. Some of theses technologies are listed
below. Technical details will be discussed later.
Current technologies used for LANs are:
Ethernet
This was the first practical LAN
technology. It was developed by Xerox in the mid 1970s and released
commercially in the 1980s. The speed and ease of implementation has
improved over the years and Ethernet is now used on virtually all local
area networks.
Arcnet
The first network technology to gain
wide use. At the time of its release it was easier to implement than
Ethernet. It is still has a niche for embedded systems and robotics.
You will not find Arcnet in an office installation.
Legacy technologies once used for LANs are:
Token Ring
Developed in the 1980s by IBM. Its
speed and ease of implementation did not keep up with Ethernet and It
fell out of favor in the 1990s.
FDDI
A fiber optic network developed in the
1980s for local area networks and metropolitan area networks. It was
initially faster than Ethernet but never exceeded 100 Mbps. For
metropolitan area networks It proved too expensive to implement. For
LANs, Fast Ethernet, which was less expensive and more manageable, soon
equaled FDDI in performance. Now FDDI is far outperformed by Gigabit
Ethernet. It fell out of favor in the 1990s.
100VG-AnyLAN
This was a scheme proposed in the mid
1990s to implement a 100 Mbps network over voice grade cables. It was
also designed to connect to and pass traffic between both Ethernet and
Token Ring networks (hence "AnyLAN"). It never gained a significant
market share.
You may still find some of the legacy technologies in place but it is
very unlikely that you will find them in new installations.
Data rates
Modern LANs can convey data at speeds from 10 Mbps to 40 Gbps. This was
originally done over copper wires where speeds improved over the years.
Now LANs use fiber optic cable and wireless systems in addition to
copper wires.
Copper
Copper refers to any type of electrical cable used to carry network
signals, usually made of copper wiring. Copper wiring may consist of
coaxial cable or twisted pair cable.
There are many factors that limit the data rate and the distance that a
usable signal can travel over copper cable. Typically, modern
copper-based Ethernet has a specified maximum cable length of 100
meters. Here are the most common Ethernet specifications:
Ethernet
Ethernet operates at 10 Mbps over coaxial cable or Category 3 twisted pair cable (also known as Cat 3 or voice grade cable).
Fast Ethernet
Fast Ethernet achieves 100 Mbps over
Cat 5 or better cable. A scheme to achieve 100 Mbps over Cat 3 cable
did not gain wide acceptance.
Gigabit Ethernet
Gigabit Ethernet can achieve 1 Gbps over Cat 5e or better cable.
2.5 and 5-Gigabit Ethernet
An emerging standard that can be implemented on Cat 5e cable.
10-Gigabit Ethernet
10-Gigabit Ethernet can achieve speeds of 10 Gbps over Cat 6a cable. Over Cat 5e cable the distance is specified at 55 meters.
40 and 100-Gigabit Ethernet
40 and 100-Gigabit Ethernet is currently (2015) in development.
Keep in mind that these specifications are typical and not absolute.
For example, 10-Gigabit Ethernet has ranges specified from 1 meter to
80 kilometers depending on the system and cable used.
Fiber Optic
Fiber optic cables carry signals via pulses of light. Modern fiber
optic cable can carry signals considerably further than copper wires.
For example, Ethernet has a specified maximum cable length of 100
meters using twisted pair cable. The specified maximum length of a
fiber optic Ethernet is up to 80 km (10GBASE-ZR). Ethernet, Fast
Ethernet, Gigabit Ethernet and 10-Gigabit Ethernet have all been
implemented over fiber optics. 40 and 100-Gigabit Ethernet are planned
to be implemented on fiber optics.
Wireless
Wireless Ethernet, also known as 802.11 or WiFi, is a popular
alternative to wired networking. Wireless Ethernet is usually known by
its 802.11 designation.
802.11a
802.11a operates at 54 Mbps on a 5 GHz frequency band.
802.11b
802.11b operates at 11 Mbps on a 2.4
GHz band. This band is susceptible to interference from cordless
telephones, baby monitors, etd.
802.11g
802.11g operates at 54 Mbps on the same band as 802.11b and can communicate with 802.11b equipment.
802.11n
802.11n typically operates at 150 Mbps
(single channel) to 600 Mbps (quad channel). 802.11n can communicate
with 802.11g and 802.11b equipment.
802.11ac
802.11ac was released as a standard in
January 2014, although it was already in use by that time. It
provides data rates from 433 Mbps (single channel) to 6.77 Gbps (eight
channels).
802.11ad
802.11ad is a standard originally
promoted as a high speed wireless networking technology that supports
data rates up to 7 Gbps. It remains to be seen if this will be widely
adopted. Current plans are to use 802.11ad for wirless USB.
Myth:
LANs are fast compared to WANs because they are small and have fewer nodes.
LANs are faster than WANs (see below)
because they don't rely on telephone networks for connectivity. High
speed connectivity rivaling LANs over telephone systems would be
cost-prohibitive. Just 1.5 Mbps costs hundreds of dollars per month.
You can get 50 Mbps Internet plans for around $100 per month, but when
used as the basis of a WAN they are actually limited to about 5 to 10
Mbps because of the slow upload speed. On the other hand, 1 Gbps LANs
are becoming ubiquitous at a low cost.
Wide Area Network (WAN)
A Wide Area Network is frequently defined as a network that covers a
large geographical area, such as between cities, across a country or
across the world. From a network administrator's point of view, what
actually makes a WAN different from other networks is that the network
owner leases connection services from a third party.
Typically, a WAN is two or more LANs connected using a leased
connection from a telephone company. Another situation that may be
called a WAN is when some users connect to a LAN over the telephone
system or the Internet. When individual users connect to a LAN over the
Internet it is called a Virtual Private Network (VPN).
Examples of WANs are corporate networks where a company may have
several offices in different cities, each with their own LAN. When
these LANs are linked it creates a WAN. A company may have a central
computer or LAN where offices in different cities connect for database
access, etc. Government networks are similar to corporate networks. The
Internet is the most famous of WANs.
Data rates
Local Area Networks are achieving speeds in the 40-Gbps range. However,
the connections available through telephone companies for Wide Area
Networks have maximum speeds approaching 150 Mbps, and this is at a
very high cost.
Typical speeds of WAN connections are 1.544 Mbps for T1 connections and
2 Mbps for DSL and cable television connections. Keep in mind that the
overall speed of a WAN connection is limited by the upstream speed of
the connection, which is usually ½ to ⅕ of the advertised downstream[1]
speed. Therefore, a 10 Mbps cable connections has about a 2 Mbps
upstream speed. It doesn’t matter if you can download at 10 Mbps if the
system you are downloading from can only upload at 2 Mbps.
Technologies
Wide area networks are connected via leased connections owned by
telephone companies. Certification exams focus on these technologies as
if they are something the average network administrator may buy and
use. However, these are technologies used by telephone companies. Your
responsibility as a network administrator ends where your network plugs
into the telephone company's router. The following are names and brief
descriptions of some of these technologies.
X.25
X.25 sends digital data over voice circuits.
Frame Relay
This is a high speed version of X.25 without error checking. Frame Relay uses dedicated low-error-rate phone lines.
ATM - SONET
Asynchronous Transfer Mode (ATM) and Synchronous Optical Network
(SONET) are technologies that work together to provide very high speeds
for data transmission. SONET can reach speeds of 10 Gbps. However, the
end user will see only a fraction of this speed since it is being
shared by many customers. Specific Data Rates Digital Service ("T" lines) Telephone companies have high speed data data connections that they can
parcel-out to customers. For example, a telephone company may have a
system that operates at 1 Gbps. This system could theoretically service
1,000 customers where each customer has 1 Mbps. This is called “leasing
bandwidth”. The actual numbers are different but this example gives the
basic idea.
Telephone companies lease their bandwidth under the designation of
Digital Service lines. These are are dedicated leased lines known as
“T” lines to the customer. These lines are expensive but have no
latency (no lag between transmitting and receiving)2 and symmetrical
bandwidth (the speed is the same in both directions, upstream and
downstream). These lines are billed to the customer in two parts. The
first charge is for the “loop”, which is the physical connection to the
telephone system. The second charge is for any extra service provided
(such as Internet access).
Do not confuse Digital Service lines with ISDN (Integrated Service
Digital Network, see Appendix 2). The designations are similar but ISDN
lines are optimized for voice services. Data services are often
delivered over ISDN but Digital Service and ISDN are not the same.
DS0
DS0 has the speed equivalent to one voice circuit, which is 64 kbps.
DS1
DS1 is known to consumers as T1. It operates at 1.544 Mbps and is
symmetrical, meaning that it operates at 1.544 Mbps both downstream and
upstream. DS1 can be divided into 24 DS0 channels. When divided, 23
channels are used for customer data and one used for control signals.
Do not confuse T1 with Primary Rate Interface (PRI) ISDN service. PRI
is a 1.544 Mbps line that is optimized for voice services. It is not
the same as a T1 line. You can get voice service on T1 and you can get
data service on PRI, but they are not the same.
As of 2015, a T1 connection costs between $250 and $1,000 per month.
DS3
DS3 is known to consumers as T3. It operates at 44.736 Mbps and is
symmetrical. DS3 can be divided into 28 DS1 channels or 672 DS0
channels plus extra channels for control signals
As of 2015, a T3 connection costs between $3,000 ant $12,000 per month.
DSL
DSL (Digital Subscriber Line) sends data over voice lines along with
analog voice signals. It is very sensitive to distance. The farther you
are from the telephone switch the lower the speed. The digital signals
use audio frequencies above 5 khz. These frequencies are filtered from
the telephones that share the line (only frequencies as high as 4 khz
are needed for voice). Telephone companies once ran advertisements
claiming that DSL didn't suffer from network congestion like cable TV
connections. Since this is patently false they no-longer run such ads.
ADSL
Asymmetrical DSL (ADSL) is the most common type of DSL service. It is
typically used by non-commercial (home) users. It has data rates of 512
kbps to 1.5 Mbps, non-symmetrical (upstream speed is typically ½ to ¼
the speed of the downstream speed). Speed can vary for many reasons,
such as network congestion.
SDSL
Symmetrical DSL (SDSL) has the same data rate both downstream and
upstream. It is typically used by commercial users. Data rates are up
to 1.5 Mbps.
IDSL
This is a data service using ISDN (Integrated Service Digital Network).
It is used where ADSL and SDSL cannot be used due to the distance
between the customer and the telephone switch. The data rate is about
150 kbps.
VDSL/VHDSL (Very-high-bit-rate DSL)
This is a high speed DSL service is commonly used for Fiber to the Curb
(FTTC) installations. VDSL has data rates up to 52 Mbps downstream and
16 Mbps upstream. VDSL2 has data rates up to 100 Mbps symmetrical at
distances up to 300 meters..
ADSL2+
This is also known as G.992.5. It is an emerging technology with data
rates up to 24 Mbps. It is only available in limited areas. Cable Television Cable television companies provide Internet connectivity with
downstream data rates of 20 Mbps or more. It is used by both commercial
and non-commercial users. Cable Internet access is typically
non-symmetrical with the upstream speed around ½ to ⅕ of the downstream
speed or less. Like DSL it can suffer from network congestion. DOCSIS
3.1 modems are planned to support 10 Gbps downstream and 1 Gbps
upstream.. As of 2011, the fastest cable Internet access offered in the
U.S. Is 100 Mbps. Virtual Private Networks A Virtual Private Network (VPN) is a way of creating a WAN using the
Internet as a pathway. This can be used to connect remote workstations
to LANs or to connect separate LANs together. A VPN creates what is
called a private tunnel through the Internet. This means that data is
sent over the Internet in such a way that it looks like a virtual
Ethernet cable to the computers or routers at the ends of the
connection (a very slow Ethernet connection). The data is encrypted to
keep it private in case it is intercepted.
Windows Server has a VPN service available. Other programs are
available for Unix. Many broadband routers are VPN-capable and can
connect two LANs over the Internet to form a WAN. Other geographic models The following network types are really types of LANs or WANs based on
the technology used. However, when networks are classified by size
rather than technology, these names are often used
CAN
Campus Area Network
University campus, military base or commercial complex
Typically uses LAN technologies
May use WAN technologies on large installations (e.g. military bases) Controller Area Network Embedded systems such as automobiles
Also used for robotic networks
MAN
Metropolitan Area Network
Within a single city
Typically uses WAN technologies
Attempts were made to develop technologies that specialized in
city-wide networks. One was FDDI (Fiber Distributed Data Interface) and
another was DQDB (Distributed Queue Dual Bus). Both schemes failed due
to the cost of implementation. Now, city-wide networks typically use
the same technologies as world-wide networks, i.e. a "MAN" will use
leased bandwidth supplied by a telephone company just as a WAN does.
Therefore, the Metropolitan Area Network is no-longer a viable term to
describe a unique type of network technology. IEEE MAN committee
disbanded around the year 2000. Special case Microwave and laser
Microwave and laser links are line-of-sight connections that can be
used if there is a “straight shot” between installations. Since
microwave and laser systems would be owned by the network owner, it is
arguable that these technologies are LAN technologies.
PAN
Personal Area Network
Peripherals close to the computer
Bluetooth
IrDA
Infrared signals used by some hand-held devices. Mostly obsolete.
Wireless USB
SAN
Storage Area Network
A typical SAN consists of an array of hard disks aggregated to appear
as a single hard drive. Computers usually access this SAN array over a
fiber optic network called Fiber Channel. Portions of the SAN array can
be assigned to individual computers. Those computers see their portions
of the array as if they were regular hard disk drives attached directly
to the motherboard. Think of a SAN as a big hard disk drive with an
extra long cable that can be accessed by more than one computer. This
centrally located hard disk drive offers much more flexibility in a
large data center than smaller drives in individual computer cases.
It is possible to install a SAN as a service over a regular Ethernet
LAN, but this would not be done in a major data center. A SAN is
usually a completely separate network from the regular LAN and
computers are connected to both networks.
Do not confuse SAN with NAS (Network Attached Storage). A NAS device is
essentially just another computer on the network configured to share
files. Relationship models Literature on networking usually divides network into to relationship models, peer-to-peer and client/server. Peer-to-peer Do not confuse peer-to-peer networks with peer-to-peer file sharing
programs. Programs that share files with other users on the Internet
are often called peer-to-peer networks. However, these programs do not
allow direct sharing over a LAN.
On a peer-to-peer network computers are equal. No single computer
controls access to the network. A peer-to-peer network is only suitable
where security is not an issue; where all users are highly trustworthy.
The operating systems on the computers are usually the same. There is
no special server version of the operating system on a peer-to-peer
network.
Myths:
1. Peer-to-peer networks are only suitable for networks with 10 to 15 computers.
This is an contrived limitation. There are no technical limitations on
the number of computers on a peer-to-peer network. Windows XP will only
allow eight external connections at a time on a Peer-to-Peer network
(e.g. Windows XP acting as a file server). Later versions will allow up
to 20 connections. Linux has no such restriction.
2. Peer-to-peer networks are difficult to use and manage because resources are distributed over the computers on the network.
The myth is that chaos ensues on a peer-to-peer network because the
file you need could be on any of many computers. In the real world you
don’t find this; it just doesn’t work. Typically, unless the network
consists of only two or three computers, peer-to-peer networks are
organized into dedicated workstations, file servers and print servers,
much as client/server networks are.
3. Each user acts as his or her own administrator
In reality, one user who is more computer-savvy than the others will typically act as a network-wide administrator.
Client/Server
A client/server network is based on the client/server model used for
computer programs. In the client/server relationship a server program
waits for a client program to contact it and make a request for
service. The server then fulfills that request. A common example
of the client server model is when you visit a web page. Your web
browser (the client) contacts the web server and request a web page.
The web server fulfills that request by sending a page back to the
client. Operating systems consist of many server programs that fulfill
requests from client programs.
What actually distinguishes a client/server network from a peer-to-peer
network is that users must have an account on a server before they can
access resources on it. Client/server networks based on Windows Server
usually work on the domain model. In this model there is a logon server
called a domain controller. The domain controller not only controls
user access to itself but other servers can authenticate users through
the domain controller. For example, if a user tries to access files on
a file server, that file server will check with the domain controller
to see if the user has an account before allowing the user to have
access to its files.
Servers do not use special hardware. Although you probably want a high
performance computer to act as a server, the only real difference
between a client computer and a server computer is the software running
on the machines.
Myth:
Client/server networks have specialized computers that act as file servers, print servers, etc.
This is true, except it’s often true for peer-to-peer networks too. It
is not at all uncommon to find a peer-to-peer network with computers
acting as dedicated file servers and print servers. It is also common
to find small client/server networks where the logon server is an all
in one logon server, file server, mail server print server, etc.
Host/Terminal
It is arguable that a host/terminal network is not really a network. As
mentioned above, the first “networks” were based on this model. Here a
single central computer does all work. Workstations are called dumb
terminals because they are little more than paperless teleprinters.
The Host/Terminal model is essentially obsolete. However, there is an
emerging technology called virtual desktop. A virtual desktop
environment uses one or more powerful central computers that can
emulate several real computers in software. The computer on a user’s
desk will be a low-power machine called a thin client. The thin client
will have remote desktop software that allows the user to see and
control a remote virtual computer.
Security models
Share level security
Share level security is used for Peer-to-Peer networks. In this case
each computer handles its own security. Furthermore, each shared
resource (a share) has its own password. For example, if a computer has
two shared folders, the user/administrator will have to set a password
for each folder. In fact, the administrator may have to set two
passwords for each folder, one for full access and another for
read-only access. Even if the passwords for each folder are the same,
they have to be manually set for each folder.
Share level security was the security model used by Windows 3.x,
Windows 9x, Novell Netware Lite and a few others. Windows NT (which
includes all modern versions of Windows) allows peer-to-peer sharing
but doesn’t support password-protecting those shares. Share level
security is is virtually unheard of today.
User level security
The security model used for client/server networks is user level
security. With user level security each user must have an account on
the server in question. That user’s access to the network is tied to
his or her logon account. The network administrator can group users and
shared resources in such a way that central control of access to
resources is simplified. For example, a user may be put in the
administrator’s group and thus have the same access rights and anyone
else in that group, which is full administrator access.
Single sign-on
One problem, even with client/server networks, is that users may have
to logon to more than one server to have full access to the network.
Single sign-on (logging in once and having access to every resource on
the network) is a "holy grail" in networking. Microsoft's Active
Directory (discussed below) is an attempt at implementing single
sign-on. However, servers other than the domain controller must be able
to query the domain controller in order to know how to grant access.
Many non-Microsoft products cannot do this. Unix-like systems can
interact with Active Directory through Winbind and Likewise-Open.
Samba, a program that integrates Unix-like systems into Windows
networks, can now act as an Active Directory domain controller.
Novell uses a system called Novell Directory Service (NDS) to attempt to implement single sign-on.