Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Interface<br />
Customer’s Application Layer<br />
Customer’s Transport Layer<br />
Customer’s IP Layer<br />
Service Provider IP Layer<br />
Data L<strong>in</strong>k Layer<br />
Orig<strong>in</strong>al<br />
Private<br />
Customer<br />
Network<br />
Packet<br />
Encapsulated<br />
Packet<br />
Header<br />
from<br />
Service<br />
Provider<br />
Figure 22. Customer’s L3VPN Protocol Stack Shown With<strong>in</strong> the Network Service<br />
Provider’s Network<br />
Specifically, the service provider provides an <strong>in</strong>terface above its own IP layer for the customer to<br />
use to access the service provider’s network. Figure 22 shows a common L3VPN protocol stack<br />
example where two IP layer protocols exist: one for the virtual network (i.e., the underly<strong>in</strong>g<br />
service provider network) and one for the customer’s own IP. Because the service provider’s IP<br />
layer is an encapsulat<strong>in</strong>g redundant IP <strong>in</strong>stance, it ensures that end-systems with<strong>in</strong> the two<br />
network systems cannot communicate or be aware of each other (i.e., end-systems have only one<br />
IP layer protocol, not two). In this manner, the customer uses the service provider’s network<br />
without be<strong>in</strong>g aware of other traffic us<strong>in</strong>g that same network, because the network traffic with<strong>in</strong><br />
the service provider’s network occurs at the encapsulat<strong>in</strong>g IP layer, which the customer cannot<br />
see. It is similarly unable to access any devices directly attached to that network, nor can those<br />
devices access the customer’s network because they only support a s<strong>in</strong>gle IP layer and cannot<br />
see an (encapsulated) two IP layer protocol stack. It should be explicitly noted that the virtual<br />
part of the VPN occurs because of the abstraction that the service provider’s network is solely<br />
support<strong>in</strong>g the customer: The other customers us<strong>in</strong>g that network <strong>in</strong>frastructure are not aware of<br />
each other’s existence. L3VPNs are, therefore, an <strong>in</strong>stance of multilevel network systems (see<br />
section 5.4.3).<br />
RFC 4110, RFC 4111, and RFC 4176 provide architectural guidance for the creation of L3VPN<br />
network deployments. L3VPNs are an <strong>in</strong>stance of multilevel network systems (see section<br />
5.4.3).<br />
5.7 SECURITY ZONES AND POLICY-BASED NETWORKING.<br />
Policy-based network<strong>in</strong>g (PBN) is a mechanism to create adaptive network<strong>in</strong>g systems that<br />
cont<strong>in</strong>uously tune the network to achieve goals established by the network adm<strong>in</strong>istrator. For<br />
example, it promises enterprises the ability to def<strong>in</strong>e bus<strong>in</strong>ess rules that can be translated <strong>in</strong>to<br />
security or QoS policies that configure and control the network and its services as they evolve<br />
over time. While the approach sounds directly relevant to the topic of this study, this section<br />
expla<strong>in</strong>s why that is not the case. The f<strong>in</strong>al conclusion is that all open PBN alternatives have<br />
69