VLAN .. Complete Introduction ...

What are VLANs?

VLAN which stands for Virtual LAN is defined in the IEEE802.1q standard. It is a technology allowing a company or an individual to extend their LAN over the WAN interface, breaching the physical limitations of regular LANs.
VLAN technology also allows having several VLANs over a single switch in such a manner that all the LANs will operate in parallel and may not be even aware of each other.
VLAN as can be inferred from the name allows you to create a virtual LAN as which as far as the users are concerned behaves the same way as a regular LAN does. For instance someone in New York could access a printer located in Tel-Aviv using a LAN IP address - as if the printer were just in the next room!
To understand VLANs, it is first necessary to have an understanding of LANs. A Local Area Network (LAN) can generally be defined as a broadcast domain. Hubs, bridges or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router. Communications with devices on other LAN segments requires the use of a router.
TYPES
There are several types of VLANs that are defined:

1.Port Based VLANs (Layer 1) -
all the traffic which arrives at a given port of a switch is associated with some VLAN. In such a manner you could connect several VLANs to a single switch and have them operate concurrently - this is very convenient in a static environment where the members of the different VLANs stay the same ones over large amounts of time and change very infrequently. When you use port based VLANs the data frame received on a given port is not altered but is simply forwarded to the correct output port as configured in the switch.

2.MAC Based VLANs (Layer 2) -
all the traffic received is inspected for the source and destination MAC addresses and the appropriate VLANs are determined by them. This type of VLAN allows to connect all the computers to all the ports of a switch and the switch will associate each one to the appropriate VLAN as it is defined. This type of VLANs is much easier to manage as it removes the physical requirement of connecting a specific device to a specific port. However, the management overhead is much greater in this type of VLANs as each computer needs to be manually associated to some VLAN in the first place. The frames in this type of a VLAN may be edited to accommodate the VLAN they belong to, this is achieved by using VLAN tags - more on that later.

3.Protocol Based VLANs (Layer 2)
- this type of VLANs is based on the protocol transmitted, each protocol can be assigned a different port for example IP traffic will go through port 1 and all other traffic through a different port. This kind of flexibility allows for logical segmentation of the network based on the type of traffic used in each network part.
4.IP Subnet Based VLANs (Layer 3) -
all the traffic in this type of VLAN is split according to the IP subnet of each source/destination, although this involves access to layer 3 data which could be considered as routing data this is not the case as the IP subnet is used to merely map the exit port of each VLAN based on the subnet. This allows great network flexibility as users are able to move computers from different locations and retain the same VLAN membership at zero effort. The drawback of this VLAN segmentation is that it requires additional processing for the layer 3 header and thus adds more latency than the other VLAN segmentation methods.

VLAN Tags:
The VLAN tag is a 2 byte tag used to identify the VLAN to which and from which the frame is transmitted, in case of a VLAN aware computer. The first 3 bits of the VLAN tag indicate the priority of the traffic which is included in the packet to allow for some basic QOS to ensure that critical data can pass through the network quickly with as little delays as possible. The value of this field can be generated at the end station and updated on every switch (VLAN aware) on the way as well. More on the usage of these 3 bits can be found in IEEE 802.1p standard.
The 4th bit is CFI - Canonical Format Indicator which is used mainly for 802.3 source routing information.The last 12 bits are the VLAN Identifier - VID, these enable the creation of 4094 VLANs

VLAN Protocols:

1.GVRP - GARP VLAN registration protocol

For understanding GVRP, it is necessary to understand GARP. What GVRP enables us is that VLAN Bridges will dynamically be able to learn their VLAN membership.
Therefore, minimum VLAN configuration at a bridge is sufficient; when a switch receives a GVRP message, if GVRP is enabled and dynamic VLAN registration is enabled, than the ports will be added as either tagged or untagged VLAN members according to the VLAN aware or unaware devices attached to it.
The second application that uses the GARP is the Multicast group information exchanges protocol with the help of GARP multicast registration protocol (GMRP).

2.GARP - generic attribute registration protocol

The IEEE 802.1D MAC bridges defined GARP as the solution for manually configuring all of the devices and application. GARP enables configuring few devices and applications while the rest of them learn the required information dynamically.
GARP define that any group of applications that share a common attribute can declare and register their state information related to the attribute. A GARP applicant can choose whether to participate in declaring and registering the attribute value.
When an applicant declares an attribute with a GARP message, the other applicants that receive the message know that the sender is either associated to that attribute, or that the sender wants to know about other applicants associated with that attribute.

3.VTP - VLAN Trunking Protocol

With VLANs, the network is segmented into smaller collision domains. But when working in a large environment where there are many switches involved, it becomes difficult to maintain VLANs across the LAN. In this environment, the VTP protocol makes administration of VLANs easier.
Interconnected switches are configured to belong to the same VTP domain, which is a logical group of switches that shares VLAN information. Every switch can belong to only one VTP domain, and the links connecting the switches must be configured for trunk mode.
There are three setting modes for connecting a switch to a VTP domain:
1. VTP Server: maintains the VLAN database - VLANs can be created, deleted and edited on the server.
2. VTP Client: only Maintains the database - VLANs cannot be created, deleted and edited on clients.
3. Transparent: does not participate in the VTP domain. VTP advertisements are forwarded.

VLAN Benefits
As we have seen, there are several benefits to using VLANs. To summarize, VLAN architecture benefits include:
* Increased performance
* Improved manageability
* Network tuning and simplification of software configurations
* Physical topology independence
* Increased security options

VLAN Limitations
There are a few limitations to using VLANs, some of the more notable being:

* Broadcast limitations
* Device limitations
* Port constraints

Broadcast limitations

In order to handle broadcast traffic in an ATM VLAN environment it is necessary to have a special server that is an integrated part of the ATM infrastructure. This server has limitations in the number of broadcasts that may be forwarded. Some network protocols that will be running within individual VLANs, such as IPX and AppleTalk, make extensive use of broadcast traffic. This has the potential of impacting thresholds on the switches or broadcast servers and may require special consideration when determining VLAN size and configuration.

Device limitations

The number of Ethernet addresses than can be supported by each edge device is 500. This represents a distribution of about 20 devices per Network 21 port. These numbers are actual technical limitations that could be further reduced due to performance requirements of attached devices.
These limitations are above the recommended levels for high performance networking. From a pure performance standpoint, the ideal end-user device to Network 21 port ratio would be one device per port. From a practical point of view, a single Network 21 port could be shared by a number of devices that do not require a great deal of bandwidth and belong to the same VLAN. An example of this would be a desktop computer, printer, and laptop computer for an individual user.

Port Constraints
If a departmental hub or switch is connected to a Network 21 port, every port on that hub must belong to the same VLAN. Hubs do not have the capability to provide VLANs to individual ports, and VLANs can not be extended beyond the edge device ports even if a switch capable of supporting VLANs is attached.

How to Creating a Account in Client Server

nYou can click

Start à Administrative Toolsà Active Directory Users And Computers.

nIn the Active Directory Users And Computers,

you can expand the name of the domain,

right-click the Computers node à New à Computer.

n

Then click Next,

Next,

and Finish.

Joining a Domain:

n

• To join a domain using Microsoft Windows XP Professional.
• Follow these steps:
• You can right-click My Computer and click Properties.
• In the System Properties, click Computer Name.
• Click Change.
• In the Computer Name text box, enter the desired name of the computer.
• In the Member Of section, click the Domain radio button
• Click the Domain text box and enter the name of the domain

nAfter specifying the name of the computer and the domain to join,

click OK.

nYou would then be asked to asked to provide a user name and a password for a user

who has the permissions to join let a computer join a domain

nAfter entering a user and a password,

click OK.

If you have the right to add computers to the domain

,

you would receive a Welcome message

and click OK .

nOnce you click OK,

you will be asked to restart the computer, which you should do.

Therefore, in the System Properties dialog box,

click OK

nAfter the computer has restarted,

when it displays the Log On To Windows dialog box,

click the arrow of the Log On To combo box

and select the name of the domain.

Thanks.

.

How to Set Client Server Network (Step by Step)

Definition:

nClient/server describes the relationship between two computer programs in which one program, the client, makes a service request from another program, the server, which fulfills the request.

nServers are powerful computers or processes dedicated to managing disk drives (file servers), printers (print servers), or network traffic (network Servers ). Clients are PCs or workstations on which users run applications.

nClient-server architectures are sometimes called two-tier architectures.

Benefits:

nCentralized - Resources and data security are controlled through the server.

nScalability - Any or all elements can be replaced individually as needs increase.

nFlexibility - New technology can be easily integrated into system.

nAccessibility - Server can be accessed remotely and across multiple platforms.

nBackup - as all data is stored centrally it is easy to backup.

Configuring Active Directory :

nThere are steps of installing active directory in Server.

nThe first page of the wizard presents a summary of the actions you

must have taken before continuing.

Read it and click Next .

nA dialog box will display briefly and then display a list of the

roles you can assign to the server.

In the list, click Domain Controller (Active Directory).

n

Click Next.

nClick Next to Run The Active Directory Installation Wizard.

nAnother wizard, titled Active Directory Installation Wizard, comes up. Read its text and click Next

nIn the third page of the wizard, you must specify whether this is the first or an additional domain controller.

As this is the first,

accept the first radio button

and click Next...

nIn the fourth page of the wizard, accept the first radio button and click Next.

nyou must enter the name of the domain.

The name should be followed by an Internet domain name

(.com, .net, .org, .us, etc)

a suggested NetBIOS name displays, intended for earlier versions of Windows.

nThe next page allows you to specify where the Active Directory information would be stored.

The next page specifies where the domain's public files would be stored.

nAfter a few seconds, the next page allows you to install DNS.

The next page allows you to set the default permissions.

nThe next page prompts you to create a password used to

start the server in "Restore Mode".

Enter a password in both text boxes.

nThe next page displays a summary of your selections.

nThe wizard will start creating and configuring Active Directory.

After a few seconds, the last page of the wizard will display.

Read its summary and click Finish.

n

nYou will be asked to restart the computer.

q

Google Announces Chrome Operating System

Google on Wednesday announced an OS of its own, Google Chrome OS, which will run on both x86 and ARM systems.

The emphasis of the OS is the same as what netbooks were originally designed for: light, Web-based computing. Obviously, Windows XP wasn't designed for such a scenario, but its relative light weight, low cost, and familiarity have made it a big hit with netbook buyers.

Google's new open-source OS will almost certainly beat XP and Windows 7 on cost, and will be lighter weight, but there's no telling how it will be to actually use. The relative dearth of Linux on netbooks also shows that people tend to prefer a more Windows-like environment. Google's blog entry about the OS says:

"The user interface is minimal to stay out of your way, and most of the user experience takes place on the Web. And as we did for the Google Chrome browser, we are going back to the basics and completely redesigning the underlying security architecture of the OS so that users don't have to deal with viruses, malware and security updates. It should just work."

According to Google, the Chrome OS runs "within a new windowing system on top of a Linux kernel," and will eventually run on everything from netbooks to full desktop PCs. That's the key differentiator between the full-blown Chrome OS and Google's Android, which will start appearing in netbooks in the next few months (Google says there will be areas of overlap for the two operating systems, netbooks being the main one).

From a developer standpoint, the Chrome OS is good news, because there's basically no new platform to write for—any browser-based app will work with Chrome, just as it will in any browser on any OS.

It remains to be seen how the Chrome OS will affect companies like DeviceVM, which provides a quick-boot Linux-based environment that can be quickly loaded before Windows. DeviceVM, and rival Phoenix Technologies, provide access to the Web and multiple apps in seconds, far less time than Windows needs to load.

Wi-Fi.... Complete Interoduction...

What is WiFi?

Wi-Fi allows you to use your computer or other device to connect to the internet from anywhere there is a Wi-Fi access point (often known as a hot Spot)

Short for "wireless fidelity", Wi-Fi is one of the most popular wireless communications standards on the market.

Wireless Standards

The official name for the specification is IEEE 802.11, and it is comprised of more than 20 different standards, each of which is denoted by a letter appended to the end of the name. The most familiar standards are 802.11b and 802.11g (Wireless B and G) which are used in the majority of commercial Wi-Fi devices. Both of these standards operate in the 2.4 GHz band, and the only major difference between the two is the transfer rate.
Some consumer electronics, however, use a different standard—Wireless A. These devices operate within the 5 GHz range and have transfer rates equivalent to 802.11g. However, since they operate on different frequencies, devices using the 802.11a standard cannot communicate with B and G-enabled devices. For this reason, it is important to check the compatibility of components with your wireless network prior to purchasing them.
The 802.11 standard reserves the low levels of the OSI model for a wireless connection that uses electromagnetic waves, i.e.:
* The physical layer (sometimes shortened to the "PHY" layer), which offers three types of information encoding.
* The data link layer, comprised of two sub-layers: Logical Link Control (or LLC) and Media Access Control (or MAC).
The physical layer defines the radio wave modulation and signalling characteristics for data transmission, while the data link layer defines the interface between the machine's bus and the physical layer, in particular an access method close to the one used in the Ethernet standard and rules for communication between the stations of the network. The 802.11 standard actually has three physical layers, which define alternative modes of transmission:
Wireless Networking, WiFi, is not a new technology, but it is only recently that it has become mainstream. What are the benefits of wireless networks and should you be considering using it?

Benefits:

The advent of portable computing devices is one of the main drivers for the adoption of wireless networking. Today, around 50% of new laptops come wireless enabled out of the box. All of Apple’s latest line of laptops come with both wireless & bluetooth built in. Many Microsoft Windows laptops are similarly wireless enabled.

A powerful alliance of vendors joined together in 1999 to form the WiFi Alliance. You can be assured that any device approved by the WiFi Alliance will interoperate happily with any other approved device. The term WiFi has become corrupted in common usage to mean wireless networks in general, not just devices approved by the WiFi alliance.

Why adopt WiFi?

Today’s workforce, equipped with PDAs, laptops and other mobile devices, demand access to your network from wherever they are, without the hassle of a fixed network. WiFi allows your business to deploy a network more quickly, at lower cost, and with greater flexibility than a wired system.
Productivity increases too, since workers can stay connected longer, and are able to collaborate with their co-workers as and where needed.
WiFi networks are more fluid than wired networks. A network is no longer a fixed thing, networks can be created and ripped down in an afternoon instead of the days or weeks required to create a structured cable network.

Architecture:

Wireless cards can operate in two modes, Infrastructure and Ad-hoc.
Most business systems use wireless in Infrastructure mode. This means that devices communicate with an access point. Typically the access point also has a connection to the company wired network, allowing users access to servers and files as if they were physically attached to the LAN.
Ad-hoc connections are direct connections between wireless cards. This type of connection is more common amongst home users, but if used by business users could have serious management and security implications.
Management
You can easily connect to a WiFi network anywhere within range of an access point. This is a boon for your workers, but unfortunately, it also brings with it a few headaches for the IT department.

Security:

Security is the bane of everybody who puts together a wireless network. access points, using factory default settings, are not secure at all.
So, if security is such a concern does that mean I shouldn’t deploy WiFi? No, it doesn’t. But it is something that you should bear in mind when in the planning stage.
When talking about security there is no such thing as having a completely secure system. Everything is insecure to some degree or other. The degree of security you require is dictated by the sensitivity of the information you possess.
If you require very high levels of security then you cannot rely on the built in security measures of a WiFi network alone.
On the other hand, most small to medium sized companies do not require very high levels of security. In which case you may use the standard WiFi security measures.
If you already have a wireless network you may be concerned about whether it is secure. There are four things you can do to ensure that you are secure.
1. Make sure that your access point(s) are not broadcasting the SSID (basically an identifier for your network)
2. Make sure that your access point(s) are encrypting the wireless traffic using Wireless Equivalent Privacy (WEP)
3. Buy a wireless intrusion detection system. A number of products are available designed to help you monitor the security of your WiFi network as well as who is using it.
4. If you have a high security requirement, then you should either ensure your network people are appropriately trained or hire a wireless consultant. You may also need to buy proprietary, non-standard access points from the likes of Cisco (although even some proprietary standards from the likes of Cisco have their problems). Unfortunately, this will substantially increase the cost of your wireless network.

Peer-to-Peer Networks

nA peer to peer (or P2P) computer network uses diverse connectivity between participants in a network and the cumulative bandwidth of network.

OR

nPeer to peer is an approach to computer networking where all computers share equivalent responsibility for processing data.

nYou can configure computers in peer to peer workgroups to allow sharing of files, printers and other resources across all of the devices.

nPeer networks allow data to be shared easily in both directions, whether for downloads to your computer or uploads from your computer.

nOn internet, peer to peer networks handle a very high volume of file sharing traffic by distributing the load across many computers.

nP2P networks both scale better and are more resilient (Recover quickly) than client-server networks in case of failures.

Configuration of P2P

nStartà Control panel à Network Connection à left side in small window, click the option to Set up a home or small office network. The wizard window will appear.

nWelcome to the Network Setup Wizard window will appear, click Next.

nA simple checklist window appears. Before you continue, make sure ICS host computer is on and connecting to Internet. Click Next.

Here you need to select a connection method. Select This computer connects to the Internet through a residential gateway or through another computer on my network option. Click Next.

nGive this computer a description and name window appears. The computer name must be unique in your network and click Next.

nWhen File and printer sharing window appear, click turn on/turn off file and printer sharing as according to your needs. Click Next.All the selected settings would be displayed in this window, check all settings and feel free to click Back to modify the settings again.

nIf found no problem, click Next to apply the settings. It will take some time to finish installation.

nClick finish to quit the wizard at last. You have finished setting up the client computer.

nNow, open your network connection window, right click Internet Connection new icon and click Status, you would be able to monitor the connection status and enable/disable shared Internet connection.

Ethernet Basics..

TCP/IP (Transmission Control Protocol/Internet Protocol) is a set of protocols independent of the physical medium used to transmit data, but most data transmission for Internet communication begins and ends with Ethernet frames.
The Ethernet can use either a bus or star topology. A bus topology attaches all devices in sequence on a single cable. In a star topology all devices are wired directly to a central hub. 10Base-T uses a combination called a star-shaped bus topology because while the attached devices can share all data coming in on the cable, the actual wiring is in a star shape.
The access method used by the Ethernet is called Carrier Sense Multiple Access with Collision Detect (CSMA/CD). This is a contention protocol, meaning it is a set of rules to follow when there is competition for shared resources.

Ethernet Address

All Ethernet interfaces have a unique 48-bit address that is supplied by the manufacturer. It is called the Ethernet address (also known as the MAC address, for Media Access Control). Ethernet-enabled Rabbit boards store this value in Flash Memory (EEPROM) that is programmed at the factory. If you need unique Ethernet addresses for some product you are making, you can obtain them from the IEEE Registration Authority. Run the utility program Samples/tcpip/display_MAC.c to read the MAC address of a Rabbitbased board.

Physical Connections

A Realtek RTL8019 10Base-T interface chip provides a 10 Mbps Ethernet connection. This chip is used on many Ethernet-enabled Rabbit boards. The corresponding port can be connected directly to an Ethernet network. By using hubs and routers, a network can include a large number of computers. A network might include all the computers in a particular building. A local network can be connected to the Internet by means of a gateway. The gateway is a computer that is connected both to the local network and to the Internet. Data that must be sent out over the Internet are sent to the local network interface of the gateway, and then the
gateway sends them on to the Internet for routing to some other computer in the world. Data coming in from the Internet are directed to the gateway, which then sends them to the correct recipient on the local network.

Cables

Ethernet cables are similar to U.S. telephone plug cables, except they have eight connectors. For our purposes, there are two types of cables—crossover and straight-through. In most instances, the straightthrough cables are used. It is necessary to use a crossover cable when two computers are connected directly without a hub (for example, if you want to connect your PC’s Ethernet directly to the Rabbit Semiconductor TCP/IP Development Board.) Some hubs have one input that can accept either a straightthrough or crossover cable depending on the position of a switch. In this case make sure that the switch position and cable type agree.

Frames

Bits flowing across the Ethernet are grouped into structures called frames. A frame must be between 46 and 1500 bytes in size. An Ethernet frame has four parts:
1. A Preamble of 8 bytes that helps synchronize the circuitry, thus allowing small bit rate differences between sender and receiver.
2. A Header of 14 bytes that contains a 6 byte destination address, 6 byte source address and a 2 byte type field.
3. A Data area of variable length that, along with the header, is passed to the IP layer (aka. the Network layer).
4. A Trailer of 4 bytes that contains a CRC to guard against corrupted frames. If the destination address is all 1 bits, it defines a broadcast frame and all systems on the local network process the frame. There are also multicast frames. A subset of systems can form a “multicast” group that
has an address that does not match any other system on the network. All systems in a particular subset process a packet with a destination address that matches their subset. A system can belong to any number of subsets.
A system may put its interface(s) into promiscuous mode and process all frames sent across its Ethernet. This is known as "sniffing the ether." It is used for network debugging and spying.

Collisions

In a star-shaped bus topology, all systems have access to the network at any time. Before sending data, a system must determine if the network is free or if it is already sending a frame. If a frame is already being sent, a system will wait. Two systems can “listen” on the network and “hear” silence and then proceed to send data at the same time. This is called a collision. Ethernet hardware has collision detection sensors to take care of this problem. This is the Collision Detect (CD) part of CSMA/CD. The colliding data is ignored, and the systems involved will wait a random amount of time before resending their data.