Four basic characteristics of network architectures
by JOHN MCNAIR on SUNDAY 6TH FEBRUARY 2011 ·
Architecture in the context of networking relates to the technologies involved and also the underlying protocols and programmed services. Four basic characteristics of network architecture have been identified, and considerations about these characteristics have to be taken into account. This article summarizes those characteristics and provides some examples of how they have been implemented.
As I expand my knowledge, I hope to expand upon these characteristics by linking to more technical posts.
Fault Tolerance
Communication technologies form part of our daily lives and often we don’t realize how much we rely on it. It is an assumption when we carry our bank cards around with us that when we arrive at the checkout we will be able to pay for our goods. The Internet is probably the most obvious example. The name Internet comes from the words interconnected and networks, so you shouldn’t be surprised when I say there is more than one possible route your request for google.com will take between your computer and the server that delivers your page. This fault tolerance has been built into the Internet and provides a means for traffic to take alternate routes if a particular service or connection is unavailable at the time of the request. It is achieved by means of multiple connections between devices, and if one connection were to fail the other would still be available.
Perhaps a more fitting (and technical) example would be the comparison of circuit- and packet-switched networks.
A circuit-switched network creates a fixed path (or “circuit”) between the message source and destination. Communication continues even if there is nothing being communicated. If any part of the circuit is broken or becomes unavailable the process has to start again from the beginning, and the path needs to be re-established. Circuit-switched networks prioritize existing connections, so once the optimum number of connections is reached, all other connections will be denied.
A packet-switched, connectionless network breaks the message into small pieces and encapsulates it into a “packet” with information regarding it’s source, destination and order. The packets are all individually routed across the network and at each routing device the packet reaches, it is sent closer to it’s destination. If a packet doesn’t reach it’s destination in one piece, it is re-transmitted via a different route. It is for these reasons that packet-switched networks promote fault-tolerance and scalability.
Scalability
If would be frustrating and costly if you had to rebuild sections of or indeed an entire network just because you need to add some devices. A scalable network is designed using a layered, hierarchical model that mean adding additional nodes and groups of nodes doesn’t affect the existing network.
The internet has been designed to be scalable, achieved through a tiered and hierarchical architecture. There are three tiers of internet service provider (ISP): International and national ISPs are in the first tier and form the “backbone” of the internet. The second tier comprises regional ISPs that buy their services from tier 1 ISPs. Lastly, there are tier 3 ISPs that provide internet directly to the end-user and who buy their services from tier 2 ISPs. Each ISP has a DNS server that holds addressing details of its directly connected member networks and any requests to networks not in its address list get passed up to the next tier. This prevents the address lists from getting to large and prevents localized traffic from being transmitted to places it needn’t go. If a DNS servers is down, another is contacted.
As well as the link to the parent tier an ISP will also have links to same level ISPs to avoid congestion at the higher levels and create shorter routes.
Quality of Service (and Convergent Networks)
To explain quality of service, it is work first defining the meaning of a converged network. To converge means “to be adjacent, or to come together” and in the context of networking it really means multiple forms of communication existing on the same network. In the early days of the Internet and before only basic forms of media were transmitted across a network, mostly text and the odd picture. Nowadays, we have streaming media such as video and music, and telephony in the form of VoIP (Voice over IP). With these converged forms of communication it has become necessary to establish a priority of importance. For example, data transmitting a request for a page over the internet is not as important, say, as the data delivering the Horizon episode I’m watching on BBC iPlayer.
In some cases the prioritization of network traffic will be critical to an organization’s operation (for example, the phone system of an emergency service). Quality of service can be implemented in two stages. First the types of communication that are to occur on the network are classified into groups according to the type of communication or relative importance, and then each group of communication is assigned a priority.
Security
Without networks, data security would really just be a matter of securing the storage medium data is stored on in a physical location, in other words you secure access to the hardware. With networks, the transfer of data from point A to point B can also be of concern to an organization. Security is not inherent in computer networks as there are many points where the transfer of data can be monitored or intercepted, and the kind of data we transfer can be extremely sensitive (personal information, bank details, trade secrets, etc.) security has become an essential part of computer networking.
Network security can be broken down into two parts: network infrastructure security which relates to controlling physical and management access to the network hardware; and content security, which is the control of content stored on the network attached devices. From the perspective of a system user, there are three things that it is hoped network security will provide; ensured confidentiality, maintenance of integrity and ensured availability. These can be achieved in the following ways:
Confidentiality can be ensured by preventing unauthorized access to or theft of content using authentication systems that require strong passwords, and by encrypting content where appropriate.
Integrity can be maintained by stopping the data from being modified or corrupted before it reaches it destination, and by ensuring the content is coming from a trusted source. Such tools as digital signatures and checksums are useful tools for this.
Availability can be assured by preventing Denial of Service attacks on the network. Denial of Service often occurs because of a computer virus, which can be prevented by using firewalls and anti-virus software and building redundancy into the network can reduce the impact of such an attack.