R&M Data Center Handbook
R&M Data Center Handbook
R&M Data Center Handbook
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
www.datacenter.rdm.com<br />
Router<br />
A router connects a number of network segments, which may operate with different transmission protocols<br />
(LAN/WAN). It operates on Layer 3, the Network Layer of the OSI reference model (see section 3.8.1).<br />
As network nodes between two or more different networks or<br />
subnets, a router has an interface as well as an IP address in<br />
each network. It can therefore communicate within each of<br />
these networks. When a data packet reaches the router, the<br />
router reads its destination (destination IP address) to determine<br />
the appropriate interface and shortest path over which<br />
the packet will reach the destination network.<br />
In the private sector, one is acquainted with DSL routers or<br />
WLAN routers (wireless LAN). Many routers include an<br />
integrated firewall which protects the network from unauthorized<br />
accesses. This is one step to increasing security<br />
in networks.<br />
The Cisco Nexus 7000 series is a modular, data<br />
center class switching system.<br />
Many manufacturers do not put high-speed routers (carrierclass<br />
routers, backbone routers or hardware routers) under a<br />
separate heading. They market routers together with highend<br />
switches (Layer 3 and higher, Enterprise Class). This<br />
makes sense, as today’s switches in the high-end range<br />
often possess routing functionality as well.<br />
Compared to switches, routers ensure better isolation of data traffic, since, for example, they do not forward<br />
broadcasts by default. However, routers generally slow down the data transfer process. Nevertheless, in branched<br />
networks, especially in WANs, they route data to the destination more effectively. On the other hand, routers<br />
are generally more expensive than switches. Therefore, when considering a purchase, an analysis must be made<br />
of what requirements must be satisfied.<br />
Load Balancing<br />
Load balancing is a common data center application which can be implemented in large switching-routing engines.<br />
One generally uses the term to mean server load balancing (SLB), a method used in network technology to<br />
distribute loads to multiple, separate hosts in the network. The load balancer serves different layers in the OSI<br />
model.<br />
Server load balancing comes into use anywhere a great number of clients create a high density of requests and<br />
thus overload a single server. Typical criteria for determining a need for SLB include data rate, the number of<br />
clients and request rate.<br />
Firewall<br />
A firewall is a software component that is used to restrict access to the network on the basis of the address of the<br />
sender or destination and services used, up to OSI layer 7. The firewall monitors the data running through it and<br />
uses established rules to decide whether or not to let specific network packets through. In this way, the firewall<br />
attempts to stop illegal accesses to the network. A security vulnerability in the network can therefore be the basis<br />
for unauthorized actions to be performed on a host.<br />
A distinction is made, on the basis of where the firewall<br />
software is installed, between a personal firewall (also<br />
known as desktop firewall) and an external firewall (also<br />
known as network or hardware firewall). In contrast to a<br />
personal firewall, the software for an external firewall does<br />
not operate on the system to be protected, but runs on a<br />
separate device (appliance) which connects the networks or<br />
network segments to one another and also restricts access<br />
between the networks, by means of the firewall software.<br />
Other firewall functions include intrusion detection and<br />
prevention (IDP), which checks the data transfer for abnormalities,<br />
as well as content/URL filtering, virus checking<br />
and spam filtering. High-end devices use these functions to<br />
check data transfers up to 30 Gbit/s.<br />
With the introduction of its SuperMassive E10000,<br />
Sonicwall has announced a high-end firewall series.<br />
This allows companies to protect entire data centers<br />
from intruders.<br />
Page 86 of 156 © 08/2011 Reichle & De-Massari AG R&M <strong>Data</strong> <strong>Center</strong> <strong>Handbook</strong> V2.0