The purpose of this paper is to explain the network design of the Callingyou Inc new office, providing the reader with the accurate understanding of technical concepts. The envisaged use of certain network technologies and tools is substantiated by the company’s business needs. Thus, the network topology and data/voice switching/routing mechanisms are explained with regard to the effective and secure access from within and outside the corporate network. The design description is followed by the brief overview of networking protocols used in the scenario.
Callingyou Inc Network Design
As shown on the Diagram 1, the Callingyou Inc offices are located in two geographically separated buildings. Each office comprises sixty employee workstations with internet access, central server access, and VoIP (Voice over IP). Multiple users will share these workstations as the company operation is based on shifts aiming to provide 24-7 support. Each office is independently connected to the Internet, and there is a dedicated T1 line between the offices.
Each office contains a LAN, or Local Area Network. The LAN will have a switched topology, which means that each pair of workstations or each server-workstation pair can communicate simultaneously. Switched network environment is far more beneficial than using hubs (or network concentrators) – an obsolete solution offering only one communication at a time. Moreover, as the VoIP is to be serviced as well, using switches is essential in the architecture. While some other companies may benefit from the wireless data transfer in their offices, it is not the case with Callingyou Inc. The operators are not likely to travel around in the office with laptops, so the hardwired technology is chosen.
As Callingyou Inc is a growing company, it is wise to leave some extra switching ports for the perspective. The suggestion is to install two 48-port switches in each office, which will not only allow for the future growth but also will provide the reasonable level of the office operability if one switch fails.
In order to provide users with VoIP, switches must have the VLAN (Virtual LAN) and QoS (Quality of Service) capabilities, as the voice traffic needs to be separated from the data. The QoS mechanism awards the voice traffic with the highest priority so that it can be processed smoothly and immediately. Each workstation is connected to the main switch through the VoIP phone, which in turn has a small switch inside it. The data traffic is processed inside switched, and VoIP phones based on VLAN markers (so called IEEE 802.1q tags) and then forwarded to workstations.
Each office will have eight management offices that are likely to run somewhat different and more bandwidth-consuming applications (i.e., retrieving phone records, operating the billing system etc.). However, it is not necessary to dedicate some certain network resources to those offices as architecture provides the significant bandwidth reserve.
In order for multiple users to share the same workstations working in shifts, the server must run the authentication system. It may be any LDAP-based (Lightweight Directory Access Protocol) solution supported, for instance, by the RADIUS encryption service run on the same server. This solution will provide access from outside using the VPN technology (Virtual Private Network) as well as from within the corporate network. The VPN mechanism will allow access for employees working from home. It means that the secure connection is established between user’s home PC and the server via Internet. The firewall, positioned in between the corporate network and Internet is configured to allow only certain inbound connections, such as the VPN and mail traffic.
Two offices are interconnected by the T1 link with a full-duplex speed of 1.544 Mbit/s. Such a bandwidth is sufficient for the traffic such as authentication, DNS and DHCP requests, background backups. In case the T1 link fails, there will be still a connection over the Internet. Routers constantly monitor the connections’ availability and adjust the routing information should any connection fail.
As there will be customers visiting the office, Callingyou Inc will provide them with the secure internet access. Wireless technology will be used as most convenient for laptops. The usual authentication in the corporate directory will be bypassed; visitor will have the Internet access only without any possibility to connect to corporate resources. The layer 3 switching on the switch port connected to the wireless hotspot can achieve it.
Network Protocols Description
There are seven networking layers as defined in the so-called OSI model, which stands for the Open Systems Interconnection. For the purposes of the network design in question, three of those layers are of a significant importance, represented here by the set of protocols specific for each layer.
Network Layer Protocols
The Internet Protocol (IP) is the fundamental one. It provides information about how and where data should be delivered based upon the source and destination addresses. IP is the protocol that enables data packets to traverse more than one LAN segment and more than one network through a router. The original version of IP has been used for 25 years and remains the main one for many networks today (Dean, 2010).
The ARP, or Address Resolution Protocol, is designed to determine the physical (layer 2) address of the network node based on its IP address. As each device connected to the network has its own unique MAC (Media Access Control) address, ARP gives a mechanism to match IP and MAC addresses for all nodes in any LAN segment. The ARP is a broadcast protocol, which means that the address resolution request is sent to all nodes in a segment. The node, which has an IP address matching the one in ARP request, responds with its own MAC address. Upon receiving it, the network node that initiated the exchange puts this MAC address into its ARP table, so it corresponds to the IP address of that neighbor node. ARP requests are used only if the addressee’s MAC is missing from the host’s ARP table (RFC 826, 1982).
The term RARP stands for the Reverse Address Resolution Protocol. It is an opposite of the ARP and only used when the host wants to determine the IP address based upon its MAC address. The RARP is an obsolete protocol rarely used in present-time networking (Dean, 2010).
The Internet Control Message Protocol (ICMP) is one of the main protocols in the IP stack. All kinds of service messages, e.g. error or diagnostic messages are transmitted through the network by means of ICMP. The good example of ICMP is a ping command, particularly often used in network troubleshooting, which is usually answered by the ICMP echo reply (RFC 792, 1981).
Transport Layer Protocols
The Transport Control Protocol (TCP) is the main data-transmitting tool that enables the accurate processing of all network information without any data losses. In the other words, it is a guaranteed delivery protocol. One of the mechanisms that ensure the full and accurate data transmission is the TCP Sliding Window, which determines the volume of IP packet. If there are some data losses or distortions along the route, the sliding window shrinks so that the delivery confirmations are required for the little amount of data. Consequently, less re-transmitting is necessary. When the line’s quality improves, the error-free threshold is reached again, and the sliding window gradually widens. In order to identify a separate application or service, the so-called TCP Port is used. Any network host can have numerous TCP sessions with different TCP port numbers, servicing multiple purposes (RFC 793, 1981).
The UDP stands for the User Datagram Protocol and is a non-guaranteed delivery protocol. It is faster by far than the TCP due to the absence of the control mechanism and often used for the data transmitting in the reliable network infrastructures (i.e. NFS (Network File System) in Fast Ethernet LANs etc.). In addition, UDP is widely utilized by service applications that do not require guaranteed data delivery, such as NTP (Network Time Protocol), RIP (Routing information Protocol) etc. Similar to TCP, there are UDP port numbers corresponding to different services that utilize the protocol.
Application Layer Protocols
The SMTP stands for the Simple Mail Transfer Protocol and is used by numerous e-mail applications such as MS Exchange, Sendmail, TheBAT, PostFix, and others. Usually, SMTP utilizes the TCP port #25.
The Hypertext Transfer Protocol, or HTTP, is the main driver for all Internet browsing applications. Primarily, the TCP port #80 is used.
The DNS or Domain Name Service is a service protocol designed to determine the node’s IP address based on the human-friendly Internet name. For instance, when the browser is told to open a Google webpage, the host computer sends a DNS request using the UDP port #53 to the DNS server, which returns the set of IP addresses to be used by the browser (RFC 882, 1983).
The DHCP stands for the Dynamic Host Configuration Protocol. Hosts send the UDP broadcast requests when they are just connected to the network and do not have any IP addresses assigned. The specially designated DHCP server responds with the IP address assignment and, optionally, some other information. It is worth noting that the DHCP is the only routable broadcast protocol. As it is impractical to have a DHCP server on every LAN segment, DHCP requests can be forwarded among them by means of the so-called DHCP Helper mechanism.
The network design explained in this paper satisfies all Callingyou Inc. needs for the reliable and secure data communications. It provides the robustness necessary for the 24/7 operating schedule, the bottleneck-free transport infrastructure for the voice/data traffic and the flexibility allowing for the company growth. With a proper choice of network equipment and good configuring, there are no doubts in the proposed scenarios’ success.