Vro basic protocols and technologies

VPN

VPNVirtual Private Network-Virtual Private Network) solution is an important feature of a router. The solution is roughly as follows:

1. Access Control

It is generally divided into PAP Password Authentication Protocol) and CHAP advanced Password Authentication Protocol. PAP requires the hacker to provide the user name and password to the target router, which is consistent with the information in the Access List) to allow the hacker to log on. Although it provides a certain degree of security, user login information is not encrypted and easily stolen. CHAP came into being. It translates a random initial value with the username and password of the user's original logon information. In this way, the user login information transmitted on the Internet is not transparent to hackers. Because the random initial values are different each time, the user's final login information will also be different, even if a user's login information is stolen, hackers cannot reuse the information. Note that due to the different Hash algorithms adopted by each vendor, CHAP is non-interoperable. To create a VPN, You need to place the same brand of routers on both sides of the VPN.

2. Data Encryption

In the encryption process, the number of encrypted bits is a very important parameter, which is directly related to the difficulty of decryption. Among them, Intel 9000 Series routers have the most outstanding performance, and are more than one hundred bits encrypted.

3. NATNetwork Address Translation-network Address Translation protocol)

Like user login information, it is not safe to transmit IP addresses and MAC addresses without encryption on the Internet. NAT can translate valid IP addresses and MAC addresses into illegal IP addresses and MAC addresses for online transmission. After arriving at the target vro, it is translated into valid IP addresses and MAC addresses. This process is like CHAP, translation Algorithm vendors have different standards and cannot implement interoperability.

QoS

QoSQuality of Service-Quality of Service) is a special term in ATMAsynchronous Transmit Mode. QoS is not mentioned in the IP address, but more and more applications are using IP to Transmit VOD and other multimedia information, as a package protocol, IP addresses seem a little inadequate: Long latency and not a fixed value. packet loss leads to discontinuous signals and high distortion. To solve these problems, the vendor provides several solutions: the first solution is based on the priority of different objects, and some devices are mostly multimedia applications.) data packets can be uploaded first. The second scheme is based on the protocol priority. You can define which Protocol has a higher priority. The protocol can be uploaded first. Both Intel and Cisco support this scheme. The third solution is to integrate the MLPPPMulti Link Point to Point Protocol). Cisco supports bandwidth aggregation by connecting multiple lines connected to two points to increase the bandwidth. The fourth scheme is to reserve resources for RSVPResource Reservation Protocol), which distributes some bandwidth to multimedia signals. Other protocols are not allowed to occupy the bandwidth regardless of the congestion. These solutions can effectively improve the transmission quality.

RIP, OSPF, and BGP protocols

A large number of routing protocols running on the Internet are RIPRouting Information Protocol-Routing Information Protocol), OSPFOpen Shortest Path First-Open Shortest Path First), and BGPBorder Gateway Protocol-Border Gateway Protocol ). RIP and OSPF are internal gateway protocols and are applicable to the operation of unified routing protocols of a single ISP. A network operated by an ISP is called an autonomous system. BGP is a routing protocol between autonomous systems and an external gateway protocol.

RIP is the longest route protocol and the simplest route protocol. It mainly transmits route information route tables) to broadcast routes. Route tables are broadcast once every 30 seconds to maintain the relationship between neighboring routers, and their route tables are calculated based on the received route table. RIP is easy to run and applies to small networks. RIP is still used on the Internet.

OSPF protocol is short for "Open Shortest Path First. "Open" is for some manufacturers of "private" routing protocols at that time, and it is precisely because of the openness of the Protocol that makes OSPF powerful vitality and a wide range of uses. It obtains network information by transmitting link state connection information, maintains a directed network topology, and uses the Minimum Spanning Tree Algorithm to obtain the route table. OSPF is a relatively complex routing protocol.

In general, OSPF and RIP are the internal routing protocols of autonomous systems and are suitable for a single ISP autonomous system. Generally, the entire Internet is not suitable for running a single routing protocol, because each ISP has its own interests and is unwilling to provide detailed routing information of its own network. To ensure the interests of various ISPs, the Standardization Organization has developed the BGP protocol between ISPs.

BGP processes route transmission between ISPs. It is characterized by a variety of routing policies, which cannot be achieved by RIP, OSPF, and other protocols, because they require global information to calculate the route table. BGP adds a certain policy to the router at the ISP border, selects a filter route, and sends routes such as RIP, OSPF, and BGP to the peer. The global and extensive Internet is an instance where BGP processes routes between multiple ISPs. The emergence of BGP has led to a major revolution in the Internet. It connects multiple ISPs and truly becomes a global network. The side effect is the Internet route explosion. Currently, there are about 60000 routes on the Internet, which is still the number after "aggregation. Configuring BGP requires a good understanding of user requirements, network conditions, and BGP protocols. You also need to be very careful. BGP runs at a core position. Once an error occurs, the loss may be very high!

IPv6 technology

In the rapid development, the Internet will no longer just connect to computer networks, and it will develop into an information communication infrastructure similar to that of telephone networks and cable television networks. As a result, the IP Internet protocol being used is far from competent, and people are eager to see the emergence of the next generation of IP, namely IPv6.

IPv6 is a version of IP. In the Internet communication protocol TCP/IP, It is the transport protocol of the OSI model layer 3rd (Network Layer. Compared with the widely used IPv4 address proposed in 1974, the address is expanded from 32-bit to 128-bit. Theoretically, the number of addresses has increased from 4.3X109 to 4.3X1038. There are two main reasons why IPv6 must be switched from the current IPv4 address.

1. Due to the rapid development of the Internet, the number of addresses is insufficient, which makes the energy and cost of Network Management unbearable. Address depletion is the primary reason for the transition to a space with 128-bit addresses.

2. As the number of hosts increases, the route table for data transmission routes is constantly increasing. The processing performance of the router cannot keep up with this rapid growth. In the long run, it is difficult for Internet connections to provide stable services. Through IPv6, the number of routes can be reduced by an order of magnitude.

IPv6 is required to simplify Internet connection and make it easy to use. IPv6 can achieve this because it uses four technologies: address space expansion, address construction that can reduce the number of Route tables, automatic address setting, and improved security and confidentiality.

IPv6 inherits the advantages of IPv4 in routing technology and represents the future direction of routing technology. Many router manufacturers have invested a lot in the production of IPv6. Of course, IPv6 is also worth noting and inefficient. IPv4/NAT and IPv6 will coexist for a long time.