R&M Data Center Handbook

www.datacenter.rdm.com
Router
A router connects a number of network segments, which may operate with different transmission protocols
(LAN/WAN). It operates on Layer 3, the Network Layer of the OSI reference model (see section 3.8.1).
As network nodes between two or more different networks or
subnets, a router has an interface as well as an IP address in
each network. It can therefore communicate within each of
these networks. When a data packet reaches the router, the
router reads its destination (destination IP address) to determine
the appropriate interface and shortest path over which
the packet will reach the destination network.
In the private sector, one is acquainted with DSL routers or
WLAN routers (wireless LAN). Many routers include an
integrated firewall which protects the network from unauthorized
accesses. This is one step to increasing security
in networks.
The Cisco Nexus 7000 series is a modular, data
center class switching system.
Many manufacturers do not put high-speed routers (carrierclass
routers, backbone routers or hardware routers) under a
separate heading. They market routers together with highend
switches (Layer 3 and higher, Enterprise Class). This
makes sense, as today’s switches in the high-end range
often possess routing functionality as well.
Compared to switches, routers ensure better isolation of data traffic, since, for example, they do not forward
broadcasts by default. However, routers generally slow down the data transfer process. Nevertheless, in branched
networks, especially in WANs, they route data to the destination more effectively. On the other hand, routers
are generally more expensive than switches. Therefore, when considering a purchase, an analysis must be made
of what requirements must be satisfied.
Load Balancing
Load balancing is a common data center application which can be implemented in large switching-routing engines.
One generally uses the term to mean server load balancing (SLB), a method used in network technology to
distribute loads to multiple, separate hosts in the network. The load balancer serves different layers in the OSI
model.
Server load balancing comes into use anywhere a great number of clients create a high density of requests and
thus overload a single server. Typical criteria for determining a need for SLB include data rate, the number of
clients and request rate.
Firewall
A firewall is a software component that is used to restrict access to the network on the basis of the address of the
sender or destination and services used, up to OSI layer 7. The firewall monitors the data running through it and
uses established rules to decide whether or not to let specific network packets through. In this way, the firewall
attempts to stop illegal accesses to the network. A security vulnerability in the network can therefore be the basis
for unauthorized actions to be performed on a host.
A distinction is made, on the basis of where the firewall
software is installed, between a personal firewall (also
known as desktop firewall) and an external firewall (also
known as network or hardware firewall). In contrast to a
personal firewall, the software for an external firewall does
not operate on the system to be protected, but runs on a
separate device (appliance) which connects the networks or
network segments to one another and also restricts access
between the networks, by means of the firewall software.
Other firewall functions include intrusion detection and
prevention (IDP), which checks the data transfer for abnormalities,
as well as content/URL filtering, virus checking
and spam filtering. High-end devices use these functions to
check data transfers up to 30 Gbit/s.
With the introduction of its SuperMassive E10000,
Sonicwall has announced a high-end firewall series.
This allows companies to protect entire data centers
from intruders.
Page 86 of 156 © 08/2011 Reichle & De-Massari AG R&M Data Center Handbook V2.0