StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Administrative Issues in Multihoming - Assignment Example

Cite this document
Summary
The object of analysis for the purpose of this paper "Administrative Issues in Multihoming" is multihoming is a configuration technique that provides a number of network-based interfaces or Internet protocol addresses on a particular computer…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.4% of users find it useful

Extract of sample "Administrative Issues in Multihoming"

Table of Contents Task 1 2 Multihoming 2 Administrative Issues in Multihoming 4 Prefix Ownership 5 Loop Prevention in Nested Mobile Networks 6 Multiple Bindings/Registrations 6 HA Synchronization 7 Ingress Filtering 7 Technical design and configuration 8 Figure2: Load Sharing When Multihomed to Two ISPs Through a Single Local Router 11 Spanning Tree Protocol (STP) 13 Security Issues 16 Recommendations 17 Works Cited 19 Task 1 Multihoming Multihoming is a configuration technique that provides a number of network based interfaces or Internet protocol addresses on a particular computer. Multihoming is aimed at improving the consistency of network systems, however, it does not essentially enhance their capability. Additionally, in customary multihoming technology, we install a 2nd hardware network adapter on a system that possesses only one. Then, we configure both system’s adapters to make use of the single local IP address. This arrangement permits a system to carry on making use of the network even if one of the other network based adapters fails to continue working. In addition, in many situations, we are able to link these adapters to diverse Internet/network access points as well as augment the overall bandwidth accessible to utilize across numerous systems. A different arrangement of multihoming does not necessitate a 2nd network adapter; in its place, we assign numerous IP addresses to the similar adapter on a particular computer. For instance, Microsoft Windows XP and other OSs facilitate this configuration as a sophisticated IP addressing preference. This technique offers us more elasticity to control incoming network links from other systems (Mitchell; Tyson; Microsoft; Rouse). One of the major benefits of multihoming is that the system host is somewhat secured from the occurrence of a network failure or stoppage. In this scenario, with a system that makes use of a single connection with a single IP address, the stoppage of the associated network demonstrates that the link shuts down, which can compromise the working of end computer. With multihoming, the malfunction of a single network simply closes a particular open door. However, other remaining doors or IP network based addresses linked with the other communication networks remain working and operational (Tatum). Generally, multihoming is especially useful for three components of efficient web management. First, multi-homing is able to facilitate in dividing the load balance of network data broadcasting received and sent through the computer host. Next, the idleness that is inherent to multi-homing ways lessens the occurrence of downtime because of network stoppage. Last, multi-homing offers an extra tool to keep network linking active and well in the case of natural disasters or other occasions that would usually render a host out of action for a comprehensive period of time (Tatum). Multi-homing is frequently engaged in conditions where access to the web is important to the process of a company associated effort. For instance, multihoming will be incorporated as a fraction of the disaster recovery plans that a large number of companies have established. In this scenario, by developing network redundancy, it is achievable for brokers, banks and business investment companies to remain available to clients even when several kinds of surprising events have crippled the main network communication interface (Mitchell; Rouse; Tatum). In addition, multihomed networks are frequently linked to a number of diverse Internet Service Providers (ISPs). In this scenario, every ISP allocates an internet protocol address to the specific firm. Routers make use of External Border Gateway Protocol (EBGP), a component of the TCP/IP protocol arrangement, and Border Gateway Protocol (BGP) to route among networks with diverse protocols. In a multihomed network, the router makes use of Internal Border Gateway Protocol (IBGP) on the stub domain side and to communicate with other routers. Multihoming actually formulates a distinction if one of the links to an ISP fails. At the moment, the router allocates to connect to that ISP decides that the link is down, it will reroute the entire data throughout one of the other routers (Tyson). Figure 1 IP addressing in small multi-homed site: Image Source: http://stack.nil.com/ipcorner/SmallSiteMultiHoming/ Administrative Issues in Multihoming Multihoming is able to offer a wide variety of facilities and services. In case of a system based on Multihoming, we are able to have a redundancy/fault-tolerance. When a network address is not accessible any longer or when a link or router stops working, the availably of the Internet can be ensured through other network addresses, connections or routers. The stability of the link should be apparent for the network application layer. In addition, load sharing is a multihomed host/site that offers support based on the distributed upstream as well as downstream network traffic among interfaces/border network routers. The traffic policy is also a major factor in the multihomed host/site that should be capable of describing a number of strategies to handle network traffic in support of reasons of traffic necessities, costs, client’s inclinations and social policy, etc. (Charbon). Moreover, the management of a network routing table at the home agent as well as at the mobile router with the bi-directional tunnel, and through all the routing protocols that are executed inside have a number of administrative security issues and inefficient management of linked mobile networks (for example a mobile network within another mobile network). It is significant for the future deployment of the mobile communication network. Certainly in several situations, mobile communication networks will be multihomed with a number of interfaces that present diverse connection types, like 802.11, intended for bandwidth; UMTS is for a bigger cover, and lastly GSM or can be a satellite link intended for keeping connectivity when away from a HotSpot (Charbon). Prefix Ownership When a (n,*,1) network divides (for example, two MRs divide themselves up), MRs on separate links can attempt to register the simply obtainable MNP. Though, this is hard to establish for the reason that the HA has no way to identify with which node an address configured from that MNP is connected to that MR. However, in order to deal with this situation, a number of methods have been developed that make it compulsory for MNP to be removed from one (or all) MRs, or do not allow the implementers to divided a (n,*,1) network. This issue is specific to NEMO Basic facility. Though, it is uncertain whether there are enough deployment situations for this issue to occur. It is suggested that the NEMO WG either regulates a way out to resolve this issue if there is enough vendor/operator attention, or states that the split of a (n,*,1) network is not permissible without a router renumbering. Loop Prevention in Nested Mobile Networks When a multihomed mobile communication network is linked inside another mobile network in the form of a nested network, it can result in an extremely complex network based topology. For example, a nested mobile network can be linked to two diverse root-MRs; therefore, the collective network no longer appearance as an easy tree arrangement. In similar circumstances, an infinite loop inside the mobile network can happen. This issue is related to NEMO Basic Support. Though, at the time of this writing, extra research is suggested to find the likelihood of loops happening in a multihomed mobile based communication network (NEMO Working Group; Mohacsi; Vyncke and Hogg; Hogg). Multiple Bindings/Registrations When a MR is configured with numerous Care-of Addresses, it is essential to frequently bind these Care-of Addresses to the similar MNP. This is a general mobility problem, as Mobile IPv6 nodes face related issues. It is enough to note that solutions for network security management are able to resolve this issue for both Mobile IPv6 as well as NEMO Basic Support. This problem is being tackled within the Monami6 WG (NEMO Working Group; Mohacsi; Vyncke and Hogg; Hogg). HA Synchronization This can present an issue in the routing arrangement if HAs are positioned in diverse administrative areas. The inferences of this feature require additional exploration. Hence, certain stages of HA co-ordination can be necessary. A probable technique is to take a HA synchronization method. Similarly, synchronization might as well be essential in a (*,n,*) configuration, when a MR sends binding update messages to only one HA (instead of all HAs). In similar situations, the binding update information might have to be coordinated among HAs. The style of synchronization can be either peer-to-peer, primary or secondary. As well, when a MNP is assigned to the MR, it requires a great deal of co-ordination and communication between the HAs. This issue is a wide-ranging mobility problem that will as well have to be tackled through by Mobile IPv6 and NEMO Basic Support (NEMO Working Group; Mohacsi; Vyncke and Hogg; Hogg). Ingress Filtering Ingress filtering methods can drop the leaving packets when numerous bi-directional tunnels end up at diverse HAs. This could mainly happen if diverse MNPs are tackled through unusual HAs. If a network data packet with a source address configured from a particular MNP is tunneled to a resident agent that does not tackle that particular MNP, the packet can be discarded either through the home agent or through a border router in the home communication network. The entrance filtering compatibility problem is greatly reliant on the specific NEMO multihoming configuration (NEMO Working Group; Mohacsi; Vyncke and Hogg; Hogg). Technical design and configuration Every configuration group in the multi-homing technology based architecture is foundational on a single configuration technology based group design that is constructed for scalability, optimizing performance, workload division, as well as redundancy. Though, when we design configuration groups for multi-homing, the strategy listed below is suggested: In addition, we make use of multi-homing structure simply when we need to allocate and monitor tasks across groups inside our IT department. We also allocate exclusive names to every configuration group. In big corporate environments, we make use of different configuration groups intended for monitoring Microsoft Exchange 2000 and Active Directory. In companies that perform security audits and those that have more than 250 agents, we make use of a different configuration group intended for gating security based log data. Load Sharing by means of the Loopback Address like a BGP Neighbor: This situation demonstrates how to attain load sharing when there are numerous (up to a maximum of six), equal-cost connections. The connections are finished in one router at a local AS or autonomous system as well as in one more router at a remote autonomous system in particular homed BGP surroundings. The Network Diagram serves as an instance. Network Diagram This section uses this network setup: Figure 2 Network Diagram Source:http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#routerA_1 RouterA interface loopback 0 ip address 1.1.1.1 255.255.255.0 interface serial 0 ip address 160.20.20.1 255.255.255.0 no ip route-cache interface serial 1 ip address 150.10.10.1 255.255.255.0 no ip route-cache router bgp 11 neighbor 2.2.2.2 remote-as 10 neighbor 2.2.2.2 update-source loopback 0 !--- Use the IP address of the loopback interface for TCP connections. neighbor 2.2.2.2 ebgp-multihop !--- You must configure ebgp-multihop whenever the external BGP (eBGP) !--- connections are not on the same network address. router eigrp 12 network 1.0.0.0 network 150.10.0.0 network 160.20.0.0 no auto-summary RouterB interface loopback 0 ip address 2.2.2.2 255.255.255.0 interface serial 0 ip address 160.20.20.2 255.255.255.0 no ip route-cache interface serial 1 ip address 150.10.10.2 255.255.255.0 no ip route-cache router bgp 10 neighbor 1.1.1.1 remote-as 11 neighbor 1.1.1.1 update-source loopback 0 !--- Use the IP address of the loopback interface for TCP connections. neighbor 1.1.1.1 ebgp-multihop !--- You must configure ebgp-multihop whenever the eBGP connections !--- are not on the same network address. router eigrp 12 network 2.0.0.0 network 150.10.0.0 network 160.20.0.0 no auto-summary In the figure 1, router A makes use of the above given code to establish a peer connection with BGP speakers in other self-directed systems. When looking at the fact that this configuration is established on a local route-map, we see it can support locally established paths to be presented to all kinds of service providers. In this scenario, this configuration is used to clean the Internet paths of one service provider while passing them back to the other service provider. In addition, this configuration can be used to deal with the risk of a self-directed system turning out to be a transport AS for Internet traffic. Figure2: Load Sharing When Multihomed to Two ISPs Through a Single Local Router http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#routerA_1 RouterA interface Serial 0 ip address 160.20.20.1 255.255.255.0 no ip route-cache interface Serial 1 ip address 150.10.10.1 255.255.255.0 no ip route-cache router bgp 11 neighbor 160.20.20.2 remote-as 10 neighbor 160.20.20.2 route-map UPDATES-1 in !--- This allows only the networks up to 128.0.0.0. neighbor 150.10.10.2 remote-as 12 neighbor 150.10.10.2 route-map UPDATES-2 in !--- This allows anything above the 128.0.0.0 network. auto-summary route-map UPDATES-1 permit 10 match ip address 1 set weight 100 route-map UPDATES-1 permit 20 match ip address 2 route-map UPDATES-2 permit 10 match ip address 1 route-map UPDATES-2 permit 20 match ip address 2 set weight 100 access-list 1 permit 0.0.0.0 127.255.255.255 access-list 2 deny 0.0.0.0 127.255.255.255 access-list 2 permit any RouterB interface Loopback0 ip address 2.2.2.2 255.255.255.0 int loopback 1 ip address 170.16.6.5 255.255.255.0 interface Serial 0 ip address 160.20.20.2 255.255.255.0 no ip route-cache router bgp 10 neighbor 160.20.20.1 remote-as 11 network 2.0.0.0 network 170.16.0.0 auto-summary RouterC interface Loopback0 ip address 170.16.6.6 255.255.255.0 interface Loopback1 ip address 2.2.2.1 255.255.255.0 interface Serial 1 ip address 150.10.10.2 255.255.255.0 no ip route-cache router bgp 12 neighbor 150.10.10.1 remote-as 11 network 2.0.0.0 network 170.16.0.0 auto-summary Above mentioned the configuring of the multi-homing technology based architecture on a single configuration technology based group design. This confutation is based on configuring three routers and communication among them. Spanning Tree Protocol (STP) Spanning Tree Protocol, more simply known as STP, is a Layer 2 communication protocol that executes on switches and bridges. The requirement for Spanning Tree Protocol is IEEE 802.1D. The major idea of STP is to make sure that we do not produce loops when we have unnecessary paths in our communication network. The basic reason for removing loops is because loops are deadly to a network. STP protocol executes on switches and bridges that are 802.1D compliant. There are diverse types of STP, however, 802.1D is the most commonly accepted and extensively implemented. We can apply STP on bridges and switches with the purpose of stopping loops in the communication network. Additionally, we implement STP in situations where we need to maintain redundant communication links, instead of loops for the reason that redundant communication links are as significant as backups in case of a failover in an overall network. Below given diagram demonstrates a breakdown of main tasks in the backup links in which clients can manage to utilize the network Figure 3 Spanning Tree Protocol (STP) and PortFast http://www.dummies.com/how-to/content/spanning-tree-protocol-stp-and-portfast.html With no STP on the network switches and bridges, similarly a failure is able to come out of a loop. If 2 linked switches execute diverse flavors of STP, they necessitate diverse timings to converge. When diverse flavors are employed in the network switches, it produces timing problems among Forwarding and blocking states. Consequently, it is suggested to make use of the similar flavors of STP (ADTRAN, Inc.; CISCO). Figure 4 STP http://www.dummies.com/how-to/content/spanning-tree-protocol-stp-introduction.html Security Issues The major recognized STP security based issues and threats that an outsider network intruder can take benefit of are: Producing persistent TCN or Topology Change Notification messages Becoming root Changing the STP active topology Altering STP timers In addition, some of the major and significant threats that can be exploited by network intruders are composed of the recurrent triggering of the dynamic topology re-configuration, port listening, port learning, forcing a number of ports to set-off as blocking and forwarding network states. Given that in network ports different from forwarding state that don’t forward client data frames; a degradation of the network operational service turns out to be apparent. STP employs no verification to defend against spoofing; consequently, we are able to begin to communicate through "STP facilitated switches.” Because of this major network security weakness, it is probable that STP can carry-on as a man-in-the-middle among two network switches (it necessitates two edges and must be plugged into two network switches other than it is as well probable to support a DoS (denial of service) by producing election waves depending on manufacturer (Pearsoncmg; SecuriTeam). If a network attacker successfully gets contact to network communication switch ports that can turn out to be trunk ports, they are also able to initiate a scoundrel switch based attack into the network. Major aspects that Cisco configuring based network switches have that are present in all ports are present in dynamic enviable mode through default. It demonstrates that if the network communication ports are still in that form, the attacker is able to connect a hard switch in his cubicle network wall jack as well as the network switch that will shape a trunk link by means of a switch in the business. In that instant, if he changes one more link to a 2nd switch as of that business, he is capable of controlling rouge switch precedence consequently that is less than some other switches in the business. Rogue switches by means of for example priority 0 proclaim its “greater BPDUs,” as well as the STP topology reconverts. His rouge switch will turn out to be a network Root Bridge and all the traffic will pass this network switch. This offers him the opportunity to sniff the entire network and data traffic flow of the business. However, it will also forward traffic from high bandwidth connections among actual switches to a 100 Mbps communication link on the network rouge switch. This will considerably minimize the communication speed of the network (How does the internet work; Cisco2). Recommendations Above, I have presented some of the major areas and aspects regarding security concerns of STP protocol. Now I will present some recommendations regarding how we can manage such systems through enhanced methods and approaches. It is assessed that, without permanent monitoring of the network, a network burglar is able to simply carry the communication network down through having benefit of openly recognized STP issues as well as mishandling of Ethernet PAUSE network data and network frames. Here I have presented some of the important recommendations for enhanced network management and handling: First of all, develop a network structure baseline comprised of STP values, for example, a Network Root Identifier, timers plus a data threshold intended to topology transformation data frequency. Here, we also need to recognize the threshold intended for Ethernet PAUSE network frames frequency. For better security management, there is a great deal of need to check switch data communication ports where network data flow control is operational. In this case, we need to open a network security based alarm that the amount of PAUSE based data frames examine when arriving at a data and network threshold. The network attacker could diminish break time limitation as well as augment the occurrence of network data PAUSE frames; consequently, the security based alarm system shall be configured for that reason. There is a need to organize the STP network root switch through given precedence 1 as well as network backup-root-switch by means of highest network data priority of 2, instead of setting overall network evade values (in a number of systems, they are placed to 0x40-00 and 0x20-00, in that order) (Trejo, Monroy and Monsalvo; Alliedtelesis). In addition, recognizing a steady STP switched network is important. A Spanning Tree Protocol switched network is recognized as steady when network Configuration-BPDU-Messages approached as of the root are the simply BPDU based network messages perceived in the communication network. As well, the BPDU-communication-messages are observed at a network frequency of every receiving Hello-Time seconds. The networks Root Identifier as well as frequency of network data values have to equivalent the limit traced in the communication network stricture basic arrangement. Genuine Ethernet PAUSE network data transferring frames will not influence these basic network data values (Trejo, Monroy and Monsalvo; Alliedtelesis). A STP switched network is recognized as unbalanced whenever a number of reconfigurations of the dynamic topology happen. This is interpreted into BPDUs with a Root Identifier, other than that before recorded. As well, TC BPDUs and TCN are observed in communication network arrangement by means of a frequency over the data transfer threshold stated in the communication network based parameter basic arraignment. Malicious-Ethernet PAUSE network data and information based frames will tempt volatility. For better security management, we need to arrange the network port speedy characteristic (if supported through NOS) on data and network ports by means of linked end user stations. We also need to turn-off data flow control of network in switch ports where it’s not required. Better security also demands disabling the modification detection restriction (if facilitated through NOS) that is in ports where it is recognized a particular client end platform is linked, consequently reducing needless topology transformation notification measures (Trejo, Monroy and Monsalvo; Alliedtelesis). Works Cited ADTRAN, Inc. Spanning Tree Protocol. 2004. 03 September 2013 . Alliedtelesis. Spanning Tree and Rapid Spanning Tree Protocol. 2013. 08 September 2013 . Charbon, Julien. Multihoming in IPv6 Mobile Networks. 2003. 30 August 2013 . CISCO. Understanding and Configuring Spanning Tree Protocol (STP) on Catalyst Switches. 2013. 02 September 2013 . Cisco2. Spanning Tree Protocol Problems and Related Design Considerations. 2013. 05 September 2013 . Hogg, Scott R. Single and Multi-Homed Hosts. 2013. 08 September 2013 . How does the internet work. STP Layer 2 attack – Manipulating Spanning Tree Protocol settings. 2013. 07 September 2013 . Microsoft. Default Gateway Configuration for Multihomed Computers. 2013. 10 September 2013 . Mitchell, Bradley. Multihoming. 2013. 05 September 2013 . Mohacsi, Janos. Multihoming. 2013. 10 September 2013 . NEMO Working Group. Analysis of Multihoming in Network Mobility Support. 2007. 09 September 2013 . Pearsoncmg. Attacking the Spanning Tree Protocol. 2013. 04 September 2013 . Rouse, Margaret. multihomed. 2005. 30 August 2013 . SecuriTeam. Stp-Packet - Testing the Security of Spanning Tree Protocol. 2013. 10 September 2013 . Tatum, Malcolm. What is Multi-Homing? 2013. 10 September 2013 . Trejo, Luis A., Ra´ul Monroy and and Rafael L´opez Monsalvo. Spanning Tree Protocol and Ethernet PAUSE Frames DDoS Attacks: Their Efficient Mitigation. 2006. 06 September 2013 . Tyson, Jeff. How Network Address Translation Works. 2013. 07 September 2013 . Vyncke, Eric and Scott Hogg. IPv6 Internet Security for Your Network. 2009. 09 September 2013 . Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Analysis of Multihoming Assignment Example | Topics and Well Written Essays - 3250 words, n.d.)
Analysis of Multihoming Assignment Example | Topics and Well Written Essays - 3250 words. https://studentshare.org/logic-programming/2050731-network-management
(Analysis of Multihoming Assignment Example | Topics and Well Written Essays - 3250 Words)
Analysis of Multihoming Assignment Example | Topics and Well Written Essays - 3250 Words. https://studentshare.org/logic-programming/2050731-network-management.
“Analysis of Multihoming Assignment Example | Topics and Well Written Essays - 3250 Words”. https://studentshare.org/logic-programming/2050731-network-management.
  • Cited: 0 times

CHECK THESE SAMPLES OF Administrative Issues in Multihoming

Issues and Dilemmas of Contemporary Public Administration

issues and Dilemmas of Public Administration issues and Dilemmas of Public Administration Public interest can be defined as the general wellbeing of the public.... These issues create a very bad image for the people that surround them, especially their family.... The problem with puppets on strings is that they cannot fully have power over the issues they implement.... administrative responsibility comes from the fact that those in charge of the welfare of individuals in society are supposed to ensure that the public gets their fundamental rights....
2 Pages (500 words) Essay

Total Quality Management in Hospital Pharmacy

Hospital pharmacies in the present day context face various issues including cost containment, productivity and leadership, patient safety, medical-legal and ethical considerations, human resource management and application of new technological developments in the functioning of the pharmacies....
20 Pages (5000 words) Term Paper

Administration Issues

This paper examines the administrative issues in the supply chain of HG Ceramics Company.... The paper "Administration issues" examines the administrative problems in the supply chain of HG Ceramics Company.... HG Ceramics Company had issues regarding administration in its supply chain.... Reprinted 1992, in Logistics: The Strategic issues, ed.... hellip; With the new product concept the company realized success but administrative problems were still there....
2 Pages (500 words) Essay

The issues of politics and administration

The issues they, the public administrators, often faced were mainly interference from elected officials and party… What Wilson was trying to imply was that the daily running of the administration could separate itself from the day-to-day involvement of politics.... Others say that it is not possible while others think it is The issues of Politics and Administration The issues of Politics and Administration The issues about politics and administration were first relayed by Wilson Woodrow....
2 Pages (500 words) Essay

MANA - Operations/Quality Mgmt

It is a 27 years old non-profit organization working with the sole objective of serving the community.... They have an expertise in the field of missionary.... It started its operations in 1986 under the expert… The founders of the organization firmly believes that it is the effect of their endless prayers that they could come up with such a great idea of establishing a missionary and Tillie also had a home church with the name of First Baptist Arlington....
4 Pages (1000 words) Essay

Legal Issues in the Criminal Justice Administration

There are many problems in the department but the Chief/Sheriff wanted to resolve these problems amicably and without litigation since the Department's General Counsel is engaged already… The Chief/Sheriff wanted the case resolved an internal issue based on the fact of this case: ... ... fficer Rowdy is a 36 year old, Jewish, divorced mother of two who became a police officer....
7 Pages (1750 words) Research Paper

Healthcare Administration Issues

The determination to Health Care Administration issues: Shortage of Nurses Health Care Administration issues: Shortage of Nurses There is a situation in many nursing facilities where the demand for nurses is higher than the supply, which is noted in developed and developing nations across the globe.... These are issues that will have a direct impact on the nursing profession, which could create a shortage....
2 Pages (500 words) Research Paper

Issues Of The American Government Administrative Roles

The paper "issues Of The American Government Administrative Roles" discusses the relationship and evolution of the powers separation theory.... With the tension between the health ofthe nation, freedom of business, and the power of corruption creating such great changes in the direction of the government, the institution of the administrative state policies have created a government that is vastly different than originally intended by the framers of the Constitution....
8 Pages (2000 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us