3 long-distance dial-up connection 4 Figure 7-9 A WAN using frame relay.

Presentasi berjudul: "3 long-distance dial-up connection 4 Figure 7-9 A WAN using frame relay."— Transcript presentasi:

1

2

3 3 long-distance dial-up connection

4 4 Figure 7-9 A WAN using frame relay

5 5 A BRI link A PRI link

6 6 T-carrier connecting to a LAN through a router point-to-point T-carrier connection CSU/DSU

7 7 DSL connection

8 8 SONET ring

9  Virtual Private Network is a type of private network that uses public telecommunication, such as the Internet, instead of leased lines to communicate.  Became popular as more employees worked in remote locations.

10 (From Gartner Consulting)

11  Secure VPNs use cryptographic tunneling protocols. ◦ IPsec, SSL/TLS, OpenVPN, PPTP, L2TP, L2TPv3, VPN- Q and MPVPN  Trusted VPNs rely on the security of a single provider’s network to protect the traffic. ◦ MPLS and L2F

12 A virtual point-to-point connection made through a public network. It transports encapsulated datagrams. Encrypted Inner Datagram Datagram Header Outer Datagram Data Area Original Datagram Data Encapsulation [From Comer] Two types of end points:  Remote Access  Site-to-Site

13

14 Figure 1

15

16

17  Authentication – validates that the data was sent from the sender.  Access control – limiting unauthorized users from accessing the network.  Confidentiality – preventing the data to be read or copied as the data is being transported.  Data Integrity – ensuring that the data has not been altered  Cryptography Technic  Encryption -- is a method of “scrambling” data before transmitting it onto the Internet.  Public Key Encryption Technique  Digital signature – for authentication

18  VPN can be deployed in three ways :  Host to host  Site-to-Site  Host-to-Site

19

20  Remote access VPN  Intranet VPN  Extranet VPN

21

22

23

24

25

26

27

28

29  MPLS = Multi Protocol Label Switching  Suatu metode forwarding (meneruskan data/paket melalui suatu jaringan dengan menggunakan informasi label yang dilekatkan pada I  Memungkinkan router meneruskan paket dengan hanya melihat label yang melekat pada paket tersebut, sehinggap tidak perlu lagi melihat alamat IP tujuan)

30 Back

31  Perpaduan mekanisme Label Swapping (Layer 2) dan Routing (Layer 3)  Terdiri atas LSR yang saling terhubung, membentuk suatu LSP Terdiri atas LSR yang saling terhubung, membentuk suatu LSP  LSR pertama disebut ingress LSR  LSR terakhir disebut egress  Bagian tepi dari jaringan LSR disebut LER Back

32  LSR = Label Switched Router  LSP = Label Switched Path  LER = Label Edge Router  TTL = Time to Live Back

33  Pembuatan label dan distribusi  Pembuatan label dalam tiap router  Pembuatan jalur label yang terhubung  Pemasukan label  Forwarding paket Back