For each VLAN to configure a DHCP server is the easiest way, but after this operation efficiency will be low, so we do not adopt this approach. In fact, we can use the three switches in the relay agent function to implement this method, the VLAN is usually divided into three operations on the switch, and the general three-layer switches have DHCP relay agent function, so that the switch can be Each VLAN interfaces on the DHCP relay function is enabled, so that when the client VLAN issued in connection with the DHCP server’s request, in the current VLAN can not be found, they will submit this information to the Interface, and then sent by the DHCP server interface, sub. By using this method, you can let the client communicate with each other with the DHCP server as the client and the DHCP servers set up by a floating bridge to send messages between the two back to normal. Please join the following essays look at the operation were how to achieve. Read the rest of this entry »
Although a firewall to prevent network intrusion has a high efficiency, and has become to the Security Web site and services are key factors, but all these security are achieved at high cost. In short, the firewall will limit the performance and scalability. Since the firewall will create a single point of failure of the line equipment, so it will reduce the availability of the network. Firewall technology and emerging Web switching technology allows the combination of firewall performance, availability and scalability are greatly improved.
The most commonly used by the installed firewall software on a server form. This server has two network cards installed, and was inserted into the data path. A network card which connects to the network’s public side, the public Internet terminal is usually connected with the router (the so-called firewall “dirty” side). Another piece of card attached with the need to protect the resources (the so-called firewall “clean” side). Read the rest of this entry »
Abstract At present the next-generation softswitch core network (NGN) for their small investment, quick, flexible configuration being carriers and product providers of all ages. The use of IP softswitch technology and the establishment of the internet network, based on its own security to the system must establish a comprehensive security mechanism. In this paper, the definition of telecommunications needs of network information security, citing the safety of the popular attacks on the basis of that system should provide security services, and focuses on the establishment of security mechanisms involved and related technologies.
I. Introduction:
The next-generation softswitch core network (NGN) operators the advantages of making investments and accelerate the reduction on the network construction progress at the same time, enabling service providers and users benefit. However, the present, although many manufacturers launched the softswitch solution, operators are also actively carry out the construction, but because of the technology and applications will make things last ten years, in perfect agreement, the business still need to be carried out long time to carry out, especially the NGN bearer network to IP network as a voice network, how to solve the existing network security systems can become safe, stable operation of the key. Read the rest of this entry »
For businesses that pocket tight, the use of asymmetric switches to improve network performance is a good choice. Such as the asymmetric switch can be used in server and client connections. Such as web Xia ago in a small business when the network administrator’s time, when the switch is a relatively expensive equipment. Enterprises have a file server, file server in order to improve the working efficiency, but, also because of funding constraints, the net asymmetry of Man is a good use of the switch, use it to improve file server access efficiency. The high speed port on the file server and the low-speed port on the client. Because when there are multiple employees simultaneous access to when the file server, requiring more bandwidth allocated to the server connected to the switch port, the port that appears to prevent traffic bottlenecks. If this is so, the connection port on the file server, there is enough bandwidth to accommodate the user’s access request, thereby improving the efficiency of employees to access the file server. Read the rest of this entry »
In the product, it will switch the second tier and third tier a combination of both routers into a switch market, the third layer switching equipment gradually become a mainstream flexible solution that provides wire-speed performance at all levels. This integrated structure also introduced a strategic management property, which not only make the second layer and third layer to associate with each other, but also provides traffic priority processing, security, and a variety of other flexible features such as link aggregation, VLAN and Intranet dynamic deployment. Meanwhile, the market for switches and higher safety performance requirements, due to network security performance requirements continue to increase, VPN technology and secure authentication technology Widely used.
Three-layer OSI model of switching equipment operating in the third layer, all the features of a traditional switch. Subject to the third layer switch, the switch of the specific technology, including: Read the rest of this entry »
FCoE Cisco introduced a new product is equipped with a server to the storage array from end to end functionality, and as with previous products and MDS9500 Nexus has also been supported by the gateway.
FCoE, including through the Ethernet link to transmit information about the Fibre Channel protocol. Because Fibre Channel relies on the network without losing the decisive frame, so need to use the new Ethernet Converged Enhanced Ethernet. This is a lossless Ethernet, and functions, to ensure rapid FCoE packets sent through the link.
FCoE with the some, like the purpose has been limited to single-point gateway jump links, do not support the FCoE switch to transmit information. Cisco’s competitors have announced the end Brocade FCoE products. Read the rest of this entry »
With the increasing development of the telecommunications market and to the next generation network (NGN) the gradual evolution of soft-switching technology is playing a key role, is increasingly becoming the circuit switching and packet switching network integration technology ties. Therefore, softswitching technology in telecommunication networks in the telecom sector more and more aroused great attention. International Softswitch Association (ISC) to the soft switch is defined as “softswitch is to provide call control functions of the software entities.” Ministry of Information Industry of China Institute of Telecommunications Transmission Softswitching is defined as “soft switch is the next generation network evolution, and one packet core network equipment, it is independent of transmission networks, primarily for call control, resource allocation, protocol processing, routing, authentication, billing, and other major functions, At the same time can provide users with an existing circuit switches can provide all services to third-party programmability. “softswitch has ten functions: Read the rest of this entry »
In the LAN to attack the virus killing it? To explain in detail the following two categories:
ARP attack to find the process address:
1, if the client PC can not communicate with the gateway, the first in the client ping the gateway address, and then in the dos window under the implementation of arp-a view of the mac address of the gateway, the gateway MAC address of record. Find the switch to the switch MAC address (for example, VLAN1 interface)
Executive show int vlan 1 VLAN1 interface to view the output information in the MAC, while the implementation of show standby vlan 1 View HSRP gateway MAC address. If the client shows the MAC (assumed to be 00-0d-0a-ac-bc-78) address and gateway address are different, the MAC may have been the gateway ARP virus attacks. To the implementation of the switch show MAC-address | in 000d.0aac.bc78 look at the input port associated with that MAC address, if the port is directly connected PC or SERVER ports, then the port that the client may be infected with ARP class virus. If the port is another switch, then switch on the implementation of land to that show MAC-address | in 000d.0aac.bc78 until the associated port is directly connected PC port location. Read the rest of this entry »
Now the difference between routers and switches are becoming increasingly blurred, multi-layer routers and switches can realize the function of switching and routing between them there are different? What are their characteristics? How best to choose according to application requirements?
First, the traditional switches and routers:
Ordinary switches work in the Open Systems Interconnection (OSI) seven layer model of the second layer, data link layer Exchange for media access control (MAC) address based on the data stream to identify each packet’s source MAC address of a destination site, providing cheap, high-bandwidth network connections, but the ability to control packets are restrictions in the broadcasting area; routers work in the OSI seven layer model of the third layer, network layer, the data stream to identify the source and destination network address, control, limited the ability of the packet destination address the source of a pair, built-in routing protocols, while with large-capacity cache capacity, usually by routing software interconnection.
Ordinary switches and routers have some of their own deficiencies. If routers need to have very strong processor, its enormous routing table delays in the network, causing slow forward, and expensive, often become a bottleneck restricting high-speed transmission network; in common Layer 2 switch because only One purpose of reading the source MAC address, did not get a higher level packet information, which limited the exchange function, the main data stream does not have the necessary control. Read the rest of this entry »
Circle of ideas to determine the network:
Now that the new buy back almost all of the switches support port loopback detection, clever use of this feature, we can let the switch automatically determine whether the occurrence of the specified communication port of the network loop phenomenon. Once we specify the communications port on the Ethernet loopback detection is enabled, the switch will be able to automatic timing device for monitoring of all communications ports to scan in order to determine whether there is network communication port loop phenomenon. If the monitoring network to a switch port is loopback, the port will automatically switch back to monitoring the state in the loop, switch port parameters according to the different types of settings and the port, the switch will automatically shut off the specified switch port or automatically reported to the corresponding port of the log information in the future as long as we view the log information, or based on port enabled, you can quickly determine whether there is a local area network loop phenomenon. Now, this paper models the H3C S3050 switch blueprint for the operation to you in detail about the use monitoring function to determine the network loopback loops the phenomenon of specific configuration steps. Read the rest of this entry »