Information Security Breaches

Security-related mechanisms and process are aspects of a network which are continually under threat. The attacker's goal is generally to breach network information security in such a way as to provide an opportunity that the attacker can exploit to their financial benefit.

Identity theft and leakage of personally identifiable information being very notorious and since they are deemed to be “news-worthy” by the media we tend to hear a lot about them but in reality they literally constitute only the tip of the iceberg. The media always seem to project the image that the general public really couldn't care less; that is until the malicious activity actually impacts each and every one of them personally which probably explains the noteworthiness of breaches of personally identifiable information security as it is our personal details that are placed in jeopardy.

Financial attacks against electronic payment mechanisms such as those represented by the payment card industry are prime targets. Nobody is happy when presented with the bill for goods and services that they did not purchase, consume or otherwise authorize. So the individual will complain loud and clear for as long as it takes to rectify the situation even for what are truly trivial amounts of money. It's the principle that matters.

As per usual the villains are able to take advantage of this state of affairs by obtaining your payment card information and using it to make transactions in foreign countries. You can prove to the bank that you were not in said country at the time the transactions took place and so the bank reimburses you. The villains get what they want, you get your money back and the bank wears it or so you think. Wrong; you still pay by way of higher interest rates.

Basic Denial of Service Attacks (DoS) Techniques

A Denial of Service attack is a prime example of an attacker's ultimate malicious intent in their desire to bring normal network functioning and network resources access requests to a grinding halt. Some of the techniques used in implementing a DoS attack often involve mechanisms designed to overwhelm the target's resources such as:

Storage Consumption - Consuming all available local storage space on the target machine will cause the target computer (usually a server) to slowly grind to a halt. Tactics employed in this form of DoS attack can be as simple as sending huge email attachments or other large file transfers. Multiple large DVD VOB files and uncompressed JPEG or BMP (bitmap) images of insanely high resolution are common file types used to accomplish this.

Subnet Mask Corruption - The attacker may send a message which causes the target machine to reset its subnet mask and so disrupt the target's subnet routing

Connection Resources Consumption - By sending very large numbers of requests for services of a server an attacker can consume all of the target's available connection resources thereby resulting in any new authentic or otherwise connections to be denied.

Specific Denial of Service (DoS) Attacks

Buffer Overflow Attack - In essence a buffer overflow attack occurs when a process receives much more data than expected and if it has no programmed routine to deal with this excessive amount of data, it may act in unexpected ways that an attacker can exploit. There are numerous variations and forms of buffer overflow attack that have been perpetrated over the years, with the most common of all undoubtedly being the “Ping of Death”.

Ping of Death - The Ping of Death attack is also referred to as the “Large Packet Ping Attack” and is simple to instigate. All an attacker needs to do to initiate a “ping of death” attack is to use the ubiquitous network utility PING (Internet Control Message Protocol (ICMP) Packet Internet Groper) to “ping” the target with an illegally modified (in a protocol sense and not the common law sense) and very large IP datagram. This will result in overfilling of the target system's buffers causing the target to reboot or hang.

PING can be configured to send these “illegal” IP datagram packets in bursts or as a continual stream. In the case of a continual stream the target will be immediately under attack once it reboots and will thus hang or reboot continually until something is done to stop it receiving the attacker's packets.

Changing its LAN IP address will do the trick but may cause unforeseen disruptions in other network services such as web pages that are no longer located at the old address. Using a filtering device; such as a router or dedicated firewall, to drop all incoming Internet Control Message Protocol (ICMP) packets and thus blocking Ping requests works better and with less overall network disruption. This does however; make remote network administration a little more difficult but not impossible.

Long File or User Names - Another basic buffer overflow attack that can be perpetrated very simply is for the attacker to send; the intended target, packets (usually standard ping packets) with user or file names larger than 256-characters long. Email delivery processes are also a popularly exploited mechanism for deploying this type of excessively long file or user name attack.

SYN Attack - A SYN attack occurs when an attacker exploits the use of the buffer space during the Transmission Control Protocol (TCP) session initialization three-way handshake.

Traditionally the receiving end of a conversation has only required a small “in-process” buffer to satisfy correct functioning of the TCP session initialization. Once the connection has been successfully established the small amount of buffer used by each TCP connection establishment request is returned to the “in-processing” buffer pool ready for reuse by the next conversation TCP establishment request.

Note that the receiving machine can maintain multiple concurrent conversations all established using the same small “in-process” buffer pool. To instigate a Denial of Service (DoS) attack that exploits this behavior an attacker simply floods the target system's small “in-process” queue with connection requests, but does not send an Acknowledgement respond when a target system replies to those requests. This causes the target system to “time out” while waiting for the proper response.

With enough “in limbo” “in-process” requests the target system will become unstable, hang, crash or become unusable. This means the target system will need to be rebooted. Once rebooted; the attack will continue anew for as long as the attacker desires or until the network administrator becomes aware that they are under this type of attack and takes appropriate measures to counteract it.

Identifying the source IP Addresses of the attack packets and then using a firewall or router to block all traffic from this source is usually the first port of call but does have its drawbacks. The Distributed Denial of Service (DDoS) attack for example is far more difficult to counter this way as is the Distributed Reflected Denial of Service (DRDoS) attack.

Teardrop Attack - In a Teardrop attack the attacker will modify the length and fragmentation offset fields in sequential Internet Protocol (IP) packets. Upon reception of these modified packets a target system will become confused and crash since it is receiving contradictory instructions on how the fragments are offset on these packets.

Countering this type of attack will involve careful analysis of captured packets to determine that the offset fields have been deliberately modified to cause the systems under attack to crash.

Smurf Attacks - Here a combination of IP Address Spoofing and ICMP flooding are used to saturate a target network with traffic to such an extent that all normal traffic is effectively “drowned out” thereby causing a Denial of Service (DoS) attack. Smurf attacks consist of three separate elements; the source site, the bounce site and the target site.

• First of all an attacker will select a bounce site. This is usually a very large network.
• The attacker then modifies a PING packet to contain the address of the target site as the PING packet's source address
• Next the attacker sends the spoofed PING packet to the broadcast address of the target site
• This will result in the bounce site broadcasting the spoofed packet to all devices configured to receive messages from that broadcast address, which by default will be all devices on that Local Area Network (LAN) or subnet segment if the network has been configured into a number of smaller subnets for administrative purposes
• All devices on the bounce site network receiving this misinformation will not know that it is misinformation and so they will automatically respond to the request with a reply to the site which is the intended target of the smurf attack
• This results in the target site being overwhelmed by a huge number of erroneous replies that it knows nothing about
• The outcome of the oversaturation is that the target is unable to process the requests often due to a buffer overflow and hence it will hang or reboot

In many cases such is the overwhelming effect of this type of attack that it will cause the target to appear to simply grind to a halt in attempting to process the flood of incoming reply PINGs from the bounce site.

Another consequence can be that the target machine's CPU processing queue, internal counters, out of sequence processing units and cache simply cannot cope with the flood and the CPU will register processing queue errors which can cause the CPU to continually flush its processing pipeline and buffers continuously with the result that the CPU will suddenly appear to be running at 100% up until such time as it overheats and becomes an unusable blob of silicone.

Fortunately; modern CPUs have thermal regulatory mechanisms that usually prevent total obliteration of the CPU due to this type of processing strain and loop running but many older systems and those with thermal throttling turned off will often die.

Countering a smurf attack is not as hard as one might expect. A correctly configured “stateful” firewall device will know that the massive influx of ICMP Ping replies was never requested never requested by any devices internal to it and so it will drop these packets.

Also configuring your firewall to deny external ICMP traffic access to your internal network will work just as effectively. Once again this may make remote administration and connectivity testing a little more difficult than would otherwise be the case but this is a small price to pay for a respectable degree of immunity to this type of attack.

Other Protocol Based Attacks

There are a number of other commonly instigated attacks that exploit other protocols and areas whereby the packets produced by the TCP/IP protocol processing stack can be exploited, duped or interfered with for an attacker to achieve their malicious goals.

The important point here is that the actual manner in which an attack is implemented is largely dependent upon the attacker's ultimate goal. Attacks perpetrated to cause a Denial of Service (DoS) attack are implemented using the same mechanisms as those in which an attacker might use to surreptitiously gain unauthorized access to a network and its resources for the purpose of stealing information. They ways they go about it are wherein the differences lie.

Session hijacking and fragmentation attacks are classic examples that I will now briefly describe in order to highlight why it is important to understand the attackers motivations and their goals as this is the only way that one can be truly prepared to proactively deal with these potential onslaughts.

IP Spoofing Attacks - IP spoofing involves an alteration of a packet at the TCP level, which is used to attack Internet-connected systems that provide various TCP/IP services. The attacker sends a packet with an IP source address of a known, trusted host. This target host may accept the packet and act upon it.

Unlike a Smurf attack; where spoofing is used to create a DoS attack, IP spoofing is used to convince a system that it is communicating with a known authenticated entity thereby allowing an intruder to gain access to the network and its resources.

In order for the attacker to gain the necessary pre-requisite knowledge relating to network resources, their allocations and the network or LAN's internal IP addressing structure and thence to identify the IP address of a device suitable for spoofing the attacker will usually conduct a packet capture session where they capture all packets passed across the network.

After capturing enough packets they will then use various tools to analyze the captured packets. From this they may learn the host names, IP addresses and MAC Addresses of network devices. If your network does not encrypt all traffic by default you are easy game for this type of attacker.

Using strong encryption for all traffic placed onto transmission media regardless of the type of media and its location is the best way to counteract this type of attack. Faced with a whole bunch of encrypted packets most attackers will simply move on to easier targets and there are millions of them.

However: if the motivation for the attack is vengeance for some perceived wrong or simply industrial espionage then the attacker is most likely prepared to spend considerable time and resources in their efforts. Your job just got a whole lot harder.

TCP Sequence Number Attacks - TCP sequence number attacks exploit the communications session, which was established between the target and the trusted host that initiated the session. The intruder tricks the target into believing it is connected to a trusted host and then hijacks the session by predicting the target's choice of an initial TCP sequence number. This session is then often used to launch various attacks on other hosts.

IP Fragmentation Attacks - IP fragmentation attacks use varied IP datagram fragmentation to disguise its TCP packets from a target's IP filtering devices.

Tiny Fragmentation Attack - In a tiny fragment attack a would-be intruder deliberately sends the first part of their conversation as a very small undersized fragment. The result is that this forces some of the TCP header field into a second fragment. In this way the attacker might be able to by-pass a target network's defenses and thus get their illegal packet fragments onto the target network.

The best countermeasure is to strictly enforce minimum fragment size requirements. With this done any under sized packets will be automatically dropped preventing them from ever getting onto your network.

Overlapping Fragmentation Attack - In many ways similar to a teardrop attack an overlapping fragment attack is yet another variation on a datagram's zero-offset modification. Subsequent packets overwrite the initial packet's destination address information and then the second packet is passed onto the target network.

Simply enforcing a minimum fragment offset for fragments with non-zero offsets is the easiest way to counter this type of attack.

Well that's all for now. Next time I will deal with some more sophisticated and potentially massive protocol based attacks including Distributed Denial of Service and Distributed Reflected Denial of Service attacks using botnets and the like.

Open source software is coming more and more popular. People do not need to pay for software licenses because they can find free alternatives to use. Because the source is open for everyone, software keeps developing and noone can sell their own fixes because every piece of code should be available for everyone.

A big problem is distributing the software. Normally, software will be developed and code will be transferred between users and SVN server, that stores the newest version of code. When a software release will be released, software will be archieved and compiled in several different formats, same with the documentation. When many releases will be released, the amount of data keeps growing. If data was shared through p2p network, users would be the storage. Every user, that downloads a release, will upload it to others and others will get the same release.

This protocol have few cons. If user downloads a release, p2p client should be open and keep sharing the data. If user does not keep the client opened, no data will be shared. When releases are getting older, they will disappear, because noone shares those releases, because releases are old and many people formats their hard disk and reinstall their operating system. SVN server can not be replaced this way, so we still have a server with a big traffic.

Traditionally ATM has a long and distinguished service record for voice communications. It is also ideally suited to multiplexing environments and can be readily configured to carry VoIP traffic streams.

In fact today we find that most consumer ADSL2+ implementations do offer a choice of PPPoE or PPPoA as their transport protocols (at least here in Perth). PPPoA stands for Point-to-Point Protocol over Asynchronous Transfer Mode.

The importance of this cannot be overlooked as it means that ATM in some form or other will be with us for some time into the future. In fact the Japanese have just recently deployed a communications satellite with an onboard ATM switch. They obviously think there is life in ATM yet.

Introducing Asynchronous Transfer Mode (ATM)

Originally intended to be a unified networking strategy Asynchronous Transfer Mode (ATM) is a connection-oriented, circuit-switched, cell relay “Jack-of-all-trades” transport protocol that uses small uniform fixed-sized cells to redress Quality of Service (QoS) issues so important to voice/video communications and the multitude of streaming applications upon which we are all so dependant.

ATM Origins and Development

During development of the standards for the Asynchronous Transfer Mode (ATM), in the mid 1980s, the goals were to create a unified networking strategy that could act as an all-round transport system for real-time video and audio as well as for image, text and email. ATM is pretty much a “Jack-of-all-trades” transport system. The two groups primarily responsible for the development of the ATM standards were the International Telecommunications Union [ITU 2004] and the ATM Forum [ATM 2004].

Over time we have seen that the majority of implementations and uses that ATM has fulfilled have been primary concerned with telephony and IP networks. Ethernet and the Internet Protocol (IP) are packet-switched network technologies that use packets of variable size referred to as frames.

ATM Protocol Basics

In marked contrast to packet-switched networking technologies; ATM is a connection-oriented, Data Link Layer (OSI Reference Model Layer 2), circuit-switched, cell relay protocol that runs over Synchronous Optical Network (SONET) Physical Layer links (OSI Reference Model Layer 1) using cells of identical and never varying size. Consistent predictability is the underlying ethos here.

Being a connection-oriented channel-based technology means that ATM must always establish a “logical” connection between the two endpoints prior to commencement of data exchange. Significantly, ATM encodes data traffic into small uniform fixed-sized cells. ATM cells are always 53 bytes in size and are comprised of 48 bytes of data and 5 bytes of header information.

ATM Cell Structure

Regardless of the original size of the packets to be transmitted ATM breaks all packets, data, and voice streams into 48-byte chunks and then adds a 5-byte routing header to each one thereby making a total of 53-bytes for each and every cell. The 5-byte header is essential for later reassembly. During development of ATM it was considered that 10% (5 bytes) of each cell (payload) being dedicated to the header for routing information was more than sufficient.

ATM multiplexes these 53-byte cells instead of the larger packets and in so doing reduces the worst-case queuing jitter by a factor of almost 30, thereby removing the need for echo cancellers. I will discuss queuing jitter along with other types of jitter shortly.

ATM Cell Formats

ATM defines two different cell formats the Network-Network Interface (NNI) and the User-Network Interface (UNI). Most ATM links use the UNI cell format.

ATM Adaption Layers (AAL)

ATM Adaptation Layers (AAL) are the rules for segmenting and reassembling packets and streams into cells. It is the AALs that provide the support for the various services delivered by ATM.

Currently, there are five different AALs and the information concerning which one is being used for each cell on a cell-by-cell basis is not contained within the cell or in the cell header. Rather, this information is negotiated by or configured at the endpoints on a per-virtual-connection basis. Here are the five different AALs and their main uses:

1. AAL1

   Constant Bit Rate (CBR) Services, Circuit Emulation

2. AAL2

   Variable Bit Rate (VBR) Services

3. AAL3

   Variable Bit Rate (VBR) Services

4. AAL4

   Variable Bit Rate (VBR) Services

5. AAL5

   Data Transport

ATM Connectivity

Because ATM is a connection-oriented channel-based technology it must establish a “logical” connection between the two endpoints prior to commencement of data exchange. ATM does this by implementing Virtual Circuits, Channels, Paths and Identifiers as follows:

• Virtual Circuits (VC)

  Virtual Circuits (VC) are admirably suited to multiplexing scenarios. Simply by including an 8-bit or 12-bit Virtual Path Identifier (VPI) and a 16-bit Virtual Channel Identifier (VCI) pair in every ATM frame's header each Virtual Circuit (VC) is uniquely identifiable.

• Virtual Channel

  An ATM Virtual Channel represents the basic means of communication between two end-points. Cells are given a unique identifier called the Virtual Channel Identifier (VCI) which is placed into the ATM cells' header. All ATM cells containing identical VCIs are transported in the same Virtual Channel.

• Virtual Path (VP)

  A Virtual Path (VP) denotes the transport of ATM cells belonging to virtual channels which share a common identifier called a Virtual Path Identifier (VPI). The VPI is included in the header of every ATM frame. In other words a Virtual Path (VP) is a bunch of Virtual Channels (VC) connecting the same end-points. These will also have a common traffic allocation.

• Virtual Path Identifier (VPI)

  The Virtual Path Identifier's (VPI) length varies depending on the interface it is sent on (inside the network or on the edge of the network.

ATM Traffic Contracts

When an ATM circuit is set up each ATM switch is informed of the traffic class of the connection. These ATM contracts constitute part of ATM's Quality of Service (QoS) mechanisms. There are four basic types of contracts:

1. Constant Bit Rate (CBR)

   A constant specified Peak Cell Rate (PCR) is set

2. Variable Bit Rate (VBR)

   An average cell rate is specified. This may peak at a certain predefined maximum level for a certain length of time before becoming problematic

3. Available Bit Rate (ABR)

   A minimum guaranteed rate is specified

4. Unspecified Bit Rate (UBR)

   Traffic is allocated all remaining transmission capacity

ATM Traffic Contract Delivery and Monitoring

Traffic Shaping

The intended objective of traffic shaping is to ensure that cell flow will meet its traffic contract and is usually done at the entry point to an ATM network.

Traffic Policing

To maintain network performance it is possible to “police” virtual circuits against their traffic contracts. Basic policing works on a cell by cell basis, but this is sub-optimal for encapsulated packet traffic. If a circuit is exceeding its traffic contract, the network can either drop the cells or mark the Cell Loss Priority (CLP) bit (to identify a cell as being discardable farther down the line).

Benefits of Using Small Fixed Size Cells

The major benefits derived from using small data cells are a reduction in queue delay and jitter; particularly in multiplexing data streams. By using small, fixed-sized cells ATM is able to transport large data files all the while maintaining minimal queuing delays. Minimal queuing delays are essential to the delivery of both voice/video communications.

Queue Delay

Queue delay related issues include problems associated with end-to-end-round-trip delays and delay variance particularly when carrying voice traffic. High traffic volumes and/or congested networks along with the arrival variance associated with variable route routing are among the main causes of queue delay issues.

Jitter

Although jitter results from queuing delay issues deviations or displacement of various aspects of high frequency pulses such as amplitude, phase timing and signal pulse width as a direct result of electromagnetic interference (EMI) and crosstalk (noise) also cause jitter. Think of jitter as being the production of “jerky” results or in video applications flicker. By using small fixed-size cells ATM is able to overcome the effects of queue delay as well as other types/sources of jitter.

Multi Purpose Transport Protocol

Asynchronous Transfer Mode (ATM) carries many different data types and formats (text, audio, video, graphics, photos etc.) from a multitude of sources and of variable sizes. When combined with standard queuing strategies, maximum queuing delays were common. This is totally unacceptable where voice and real-time video traffic is concerned.

Compression/Decompression Algorithms (Codec)

Because of the way in which many Compression/Decompression Algorithmswork special considerations need to be implemented in order to ensure they work properly as intended including:

Time

The nature of time as we humans perceive it is an analogue continuum (that is to say time is a linear progression). Once past, there is no way as yet to recover the loss.

Jitter and Queue Delay

Jitter and queue delay are of great importance because of the nature and manner of operation of the compression/decompression (codec) algorithms used in the conversion of a digitalized data stream back into an analogue audio signal. This conversion process (digital-to-analogue) is very much a “real-time, on-the-fly” process and is more attuned to” just-in-time” transport protocols.

Real-Time Streaming

In order to produce reliable, consistently “acceptable” output the codec needs the data items (the digitized voice data) to be presented to it in a predictable, regulated and evenly spaced in time data stream, hence the term “real-time streaming”.

Late Arrivals

If the data arrives after its allotted position/reception window in the time sequence (relating to that part of the data-stream) the codec will simply drop it. Not surprisingly this is unacceptable for IP telephony. Remember to keep in mind that time is analogue in nature and once a “time window” elapses, the “lost” time becomes unrecoverable.

Codec Packet Handling Options

If the transport protocol is unable to present the data as and when the codec expects it, the codec, has no choice but to assume either silence, make a “best guess” or simply drop the packet. Any way is unacceptable where voice is concerned as the conversation rapidly becomes untenable and the message does not get through.

ATM Deployment Indicators and Scenarios

ATM WAN Core Implementation

ATM production environment implementations have over time proved to be very successful in the Wide Area Network (WAN) scenarios. Numerous telecommunication providers and Internet Service Providers (ISPs) have implemented ATM in their Wide Area Network (WAN) cores.

Slow Links

For slow links less than 2M-bit/s, ATM still makes sense, which is why many ADSL systems use ATM as an intermediate layer between the physical link layer and a Layer 2 protocol like PPP or Ethernet.

Linear Audio and Video Streams

Interest in using native ATM for carrying live video and audio has increased recently. It is in these environments, where ATM can deliver the low latency and very high Quality of Service (QoS) required for handling linear audio and video streams.

Gigabit Ethernet

Today we are finding that for both new WAN implementations and for existing WAN implementation upgrades, high speed, high performance Ethernet (Gigabit Ethernet, 10Gbit Ethernet, and Metro Ethernet etc.) are rapidly replacing ATM as the technology of choice.

Relative Performance

At the time ATM was designed, 155Mbit/s (135Mbit/s payload) over fiber-optic cable was very fast in comparison to the other carrier/transport technologies available at the time. Since then however; these other technologies have evolved and are now considerably faster than they once were.

Jitter

Today; a 1,500 byte (12,000 bit) full-size Ethernet packet takes only 1.2 µs to transmit across a 10Gbit/s optical network. With this sort of speed, jitter is no longer the issue it once was. By overcoming the potential adverse effects of jitter through this ramping up of network transfer speeds we have at the same time removed the need for using small uniform cells to overcome jitter.

Complexity

Unfortunately, due to ATM's complexity it proved to be unsuitable for deployment in many of the scenarios that its creators had originally intended.

Converged Networks

The speed and traffic shaping requirements of many converged networks are also proving to be very challenging for ATM.

Three components are required to transfer files using FTP protocol. First is an FTP server. Then an FTP client and third, FTP connectivity. The FTP server or FTP site is a computer with large storage capacity. It is dedicated to receiving requests to upload files and respond accordingly. Files are stored in this FTP server in a well organized manner so that they can be easily retrieved on request. The FTP server can provide security to the files by utilizing user names and passwords. Files without security are categorized as public and accessible to everyone. Most of the web sites from which you can download files are examples of FTP servers. The server computer from which a file is to be downloaded is identified by its URL. An FTP address has the same form as a normal web site address. For example ftp://ftp..server name. An FTP client is required to access or download files from FTP servers.

 An FTP client is a software used to exchange files between two computers. The web browsers like Mozilla Firefox, Internet Explorer and NetScape are examples of FTP clients. FTP connectivity is the medium used for transfer of data between server and client. Internet is the medium used for FTP connection. The main objective of FTP is to transfer all types of files over the internet. If an interrupt occurs in the middle of a download process, FTP is capable of resuming the download from the point of interruption. Resuming an upload process is supported by the protocol but it is not implemented in the commonly used web browsers. FTP protocol can be used to implement remote sharing computers; the power of another computer can be utilized over the Internet.

One reason for the universal acceptance of FTP is, it is independent of the operating system used or the way in which a file is stored in a computer. FTP is the ideal protocol for file transfer owing to its reliability and efficiency in data transfer.

Introducing Wide Area Networks (WANs)

A Wide Area Network (WAN) is generally considered to be a type of computer network that covers a broad area where communications links cross regional, metropolitan or national boundaries. Today, it is probably better to think of a WAN as a network that uses routers and publicly accessible communications links. Without doubt the largest and most well-known WAN is the Internet.

Wide Area Networks (WANs) are used to connect Local Area Networks (LANs) and other types of networks, including Metropolitan Area Networks (MANs), Local Area Networks (LANs), wireless and private networks. The purpose of a WAN is to enable users and computers in one location to communicate with users and computers in other, often very geographically dispersed and separated locations.

Typically a WAN will consist of a number of interconnected switching nodes that allows transmissions from any one device to be routed through these interconnected nodes to the specified destination device(s). These nodes are not concerned with the contents of data rather their interest is focused on the provision of a switching facility to move the data from node-to-node until they arrive at their intended destination.

Wide Area Network (WAN) Models

In essence there are two basic design models upon which all WAN connectivity structures and organization are based. They are:

The Centralized WAN Model - Consists of a server or group of servers in a central location and client computers or dumb terminals that connect to the server(s) which provide the bulk of the network's functionality. Figure 1 above is a logical construct of a typical centralized WAN. Note that all points lead to the centrally located servers.

Today's typical physical Point of Sale (POS) functionality such as that implemented by chain organizations such as banks and supermarkets etc is a classic example of a centralized WAN. Software-as-a-Service (SaaS) and web based applications are other examples of a centralized WAN computing model.

The Distributed WAN Model - Consists of client and server computers distributed throughout the network (see Fig.2 below). The Internet is a distributed WAN.

The three tiered network design hierarchy consisting of a core layer, a distribution layer and an access layer is implemented on top of which ever WAN connectivity and organizational structures are chosen. For more about the three tiered network design hierarchy check this article out Network Design: Hierarchies.

Building Wide Area Networks (WANs)

In order to facilitate the efficient and effective transfer of information between a WAN's end systems a number of protocols (rules that govern the transmission and reception of information between computers and network end-points) needed to be developed and implemented.

Generically speaking; a networking protocol is the formal description of a set of rules that describe, enable, govern and regulate the various characteristics, aspects, attributes and properties of an internetwork. One of the more important early WAN protocols was X.25. Although it is not used today, many of X.25's underlying protocols and functions (with modifications and improvements) are still in use by current iterations of Frame Relay.

Initially, most WANs were built using expensive leased lines. The most common production implementations of leased line based WANs involved the use of a router at each end of the leased line to connect to the LAN on one side to a hub within the WAN on the other.

Wide Area Networks (WANs) Reducing Implementation Costs

If ever the use of Wide Area Networks (WANs), including the Internet was to become widespread and accessible to the bulk of humanity (be it as individuals or collectives) something needed to be done to reduce the startup and running costs of planning, implementing and maintaining WANs. Fortunately solutions did exist.

Less costly alternatives to using expensive leased lines when building a WAN include the use of circuit switching or packet switching technologies. Here, network protocols including TCP/IP serve to deliver transport and addressing functions. While protocols such as Packet over SONET/SDH, Multiprotocol Layer Switching (MPLS), Asynchronous Transfer Mode (ATM) and Frame Relay are commonly used by Internet Service Providers (ISPs) to deliver the links that are used in WANs.

Wide Area Network (WAN) Connectivity Options

Leased Line - Provide secure but comparatively expensive Point-to-Point connectivity between two computers or Local Area Networks (LANs) using protocols such as Point-to-Point Protocol (PPP), High-Level Data Link Control (HDLC) and Synchronous Data Link Control (SDLC).

Circuit Switching - A less expensive dedicated circuit path offering bandwidth data transfer rates ranging from 28K-bit/sec to 144K-bit/sec is created between end points. On the downside call setup and connection establishment needs to be renegotiated every time access is desired because the link is not necessarily permanent. The most well known example of circuit switching WAN connectivity is dial-up connections. Point-to-Point Protocol (PPP) and Integrated Service Digital Network (ISDN) are two of the most widely used protocols for circuit switching WAN connectivity.

Packet Switching - Variable length packets are transported over a shared single point-to-point or point-to-multipoint link across a carrier internetwork using Permanent Virtual Circuits (PVC) or Switched Virtual Circuits (SVC). X.25 and Frame Relayare two examples of packet switching protocols used for WAN connectivity.

Cell Relay - Cell Relay is very similar to packet switching, but uses fixed length cells instead of variable length packets. Data is divided into fixed-length cells and then transported across virtual circuits. Unfortunately the overhead can constitute a significant proportion of the total bandwidth. Cell relay protocols such as Asynchronous Transfer Mode (ATM) (up to 155M-bit/sec) are best for simultaneous use of Voice and data.

Virtual Private Network (VPN) - With the recent reductions in Internet connectivity and concurrent increases in bandwidth and transmission rates now offered by ISPs many organizations have opted to use VPN technologies such as those on offer from the likes of Cisco Systems, New Edge Networks, Juniper, Check Point and Vyatta to interconnect their networks. One of VPN's strong points is encryption and considering the prevalence of cyber-crime today it is no surprise to find that this form of WAN is currently very popular.

Wide Area Network (WAN) Transmission Media and Links

Any given WAN may use one, more or even all of the following technologies for the transmission and transport of information:

Copper-Based Media - Telephone lines, coaxial cable, CAT cable etc

Fiber Optic-Based Cables - Single-Mode and Multi-Mode (see Fiber Optic Cableand Optical Networkingfor more).

Wireless - Radio frequency channels, microwave links, satellite channels and publically accessible wireless “hot spots”

Wide Area Network (WAN) Transmission Rates

Typically, WAN transmission rates usually have ranged from 1.2K-bits/sec to 6 M-bit/sec, although some connections such as ATM and Leased lines can reach speeds greater than 156 M-bit/sec. The advent of ADSL 2+ has upped the ante even further.

Now with transmission rates up to 30 Mbps, DSL and cable modem are two high data-transmission rate consumer Internet connections that transmit considerably faster than a dial-up modem (56 kbps). Add to this the fact that they are also generally cheaper than both ISDN and dial-up and you get a very cost-effective solution.

Wide Area Network (WAN) Access

Wide Area Networks (WANs) may be public (usually built by Internet Service Providers (ISPs) to provide Internet connectivity) while others are private (built for a specific organization). That is to say that public access to an organization's “private” network component is regulated by that organization. In contrast, access to public networks and user privileges remains largely unregulated beyond the criteria as defined by the agreement between the consumer and your Internet Service Provider (ISP).

Hence, the general public, anonymous and guest visitors, colleagues, business partners, and associates etcetera may be permitted limited privilege access to various sectors of an organization's private network but not to all of it. Functionalities, services, assets and user capabilities will vary greatly on a case-by-case network-by-network basis.

Demilitarized Zones (DMZs)

A classic example of this regulated limited access is commonly implemented in the form of Demilitarized Zones (DMZs) that allow public access to a very restricted and confined portion of an organization's private network. Here they may be able to access a web server for e-commerce, technical support or even just for casual browsing. You cannot make a sale if you cannot communicate with your customers. Even auto responders and automated shopping carts require some degree of two-way participation from both the customer and your software.

Metropolitan Area Network (MAN)

Another increasingly more common type of WAN is the Metropolitan Area Network (MAN) which is basically the same as a WAN except that its boundaries are contained within a single metropolitan area (city).

In Australia, a MAN can be viewed as a network for which standard landline telephone communications are charged at the local call rate (not STD) as all endpoints have the same area code. With broadband configured as a permanently connected service the customer only pays the local call fee for the initial setup connection or reconnection if the service is interrupted for any reason.

Examples of private Metropolitan Area Networks (MANs) would be the corporate links between various branches of the same organization (chain stores, banks) in the Perth metropolitan area. The key here is that regardless of the protocols or other technologies being used, part of the transit will be via publically accessible networks such as the Internet. The remainder will of course be contained within the boundaries of their “private LAN”.

WANs, MANs and Interoperability

Internetworking and interoperability are key factors critical to the realization of effective and readily available e-commerce portals as well as other external network resources and services. Regulatory and other compliance issues also need to be taken into consideration.

The seamless, secure interoperability of multiple systems and networks is essential in order for the general public to have free and ready access to those components of the enterprise LAN/MAN/WAN deemed desirable by that organization/enterprise.

For example; it is usually deemed to be highly desirable that the general public have rapid seamless access and interactivity with an organization's e-commerce facilities such as the shopping cart, support services if appropriate and resources such as online documentation.

The expansion of Web 2.0 functionality and the upsurge of social networking applications all rely heavily on the effective and efficient seamless integration of internetworking and interoperability technologies at all levels.

Asynchronous Transfer Mode (ATM) is a connection-oriented Data Link Layer (OSI Reference Model Layer 2), circuit-switched, cell relay protocol that runs over Synchronous Optical Network (SONET) Physical Layer (OSI Reference Model Layer 1) links. ATM encodes data traffic into small uniform (53 bytes; 48 bytes of data and 5 bytes of header information) fixed-sized cells.

Origins of Asynchronous Transfer Mode (ATM)

During development of the standards for the Asynchronous Transfer Mode (ATM), in the mid 1980s, the goals were to create a unified networking strategy that could act as an all-round transport system for real-time video and audio as well as image, text and email. A “Jack-of-all-trades” transport system if you will.

The two groups primarily responsible for the development of the ATM standards were the International Telecommunications Union [ITU 2004] and the ATM Forum [ATM 2004].

Main Implementations of ATM

The majority of implementations and uses that ATM has fulfilled have been primary concerned with telephony and IP networks.

Unlike Ethernet and the Internet Protocol (IP) which are packet-switched based network technologies, that use packets of variable size referred to as frames, ATM is a circuit-switched cell relay protocol that uses cells of identical and never varying size. Consistent predictability is the underlying ethos here.

Benefits of Using Small Fixed Size Cells

The major benefits of using small data cells were to reduce jitter in multiplexing data streams as well as overcoming problems associated with end-to-end-round-trip delays and delay variance particularly when carrying voice traffic.

The reason this is important is inherently due to the nature of operation of the compression/decompression (codec) algorithms used in the conversion of a digitalized data stream back into an analogue audio signal, which is very much a “real-time” process.

To be able to do an “acceptable” job the codec needs the data items (the digitized voice data) presented to it in an evenly spaced (in time) stream hence the term “real-time streaming”. The nature of time as we humans perceive it is an analogue continuum (that is to say time is a linear progression).

If the transport protocol is unable to present the data as and when the codec expects it, the codec, has no choice but to assume silence or make a “best guess”. Either way is unacceptable where voice is concerned as the conversation rapidly becomes untenable and the message does not get through.

If the data arrives late then the time sequence relating to that part of the data-stream will have passed and the codec will simply drop it. Once again, this is unacceptable for IP telephony. Remember that time is analogue by nature and once a “time window” elapses, the “lost” time becomes unrecoverable.

Queue Delay and Jitter

Asynchronous Transfer Mode (ATM) carries data from a multitude of sources and variable sizes including voice, audio and many other variable sized files. When combined with standard queuing strategies, maximum queuing delays were common.

Because ATM was designed to implement a low-jitter network interface this situation is intolerable whenever voice and video communications are to take place. The answer was to use small-fixed size cells (packet) to overcome the effects of queue delay.

With small fixed-sized cells, ATM is able to transport both large datagrams while still maintaining short/minimal queuing delays.

Asynchronous Transfer Mode (ATM) Cell Structure

ATM breaks all packets, data, and voice streams into 48-byte chunks, adding a 5-byte routing header to each one. The 5-byte header is essential for later reassembly.

The reason for the header being 5-bytes in length is that 10% of the payload of every cell is considered to be more than enough to dedicate to routing information.

ATM multiplexed these 53-byte cells instead of packets and in so doing reduced the worst-case queuing jitter by a factor of almost 30, removing the need for echo cancellers.

ATM defines two different cell formats the Network-Network Interface (NNI) and the User-Network Interface (UNI). Most ATM links use the UNI cell format.

Asynchronous Transfer Mode (ATM) Adaption Layers (AAL)

ATM Adaptation Layers (AAL) are the rules for segmenting and reassembling packets and streams into cells. It is the AALs that provide the support for the various services delivered by ATM.

Currently there are five different AALs and which one is in use for each cell is not included in the cell. Instead, it is negotiated by or configured at the endpoints on a per-virtual-connection basis.

• AAL1 - Constant Bit Rate (CBR) Services, Circuit Emulation
• AAL2 - Variable Bit Rate (VBR) Services
• AAL3 - Variable Bit Rate (VBR) Services
• AAL4 - Variable Bit Rate (VBR) Services
• AAL5 - Data Transport

Asynchronous Transfer Mode (ATM) Connectivity

Being a connection-oriented channel-based technology means that ATM needs to establish a “logical” connection between the two endpoints prior to commencement of data exchange.

Virtual Circuits (VC)

By including an 8-bit or 12-bit Virtual Path Identifier (VPI) and a 16-bit Virtual Channel Identifier (VCI) pair in the ATM frame's header each Virtual Circuit (VC) is uniquely identifiable. Virtual Circuits (VC) are admirably suited to multiplexing scenarios.

Virtual Channel

An ATM Virtual Channel represents the basic means of communication between two end-points. Cells are given a unique identifier called the Virtual Channel Identifier (VCI) which is placed into the ATM cells' header. All ATM cells containing identical VCIs are transported in the same Virtual Channel.

Virtual Path (VP)

A Virtual Path (VP) denotes the transport of ATM cells belonging to virtual channels which share a common identifier called a Virtual Path Identifier (VPI) which is included in the header of every ATM frame. In other words a Virtual Path (VP) is a bunch of Virtual Channels (VC) connecting the same end-points, and have a common traffic allocation.

Virtual Path Idetifier (VPI)

The Virtual Path Idetifier's (VPI) length varies depending on the interface it is sent on (inside the nework or on the edge of the network.

Asynchronous Transfer Mode (ATM) Traffic Contracts

When an ATM circuit is set up each switch is informed of the traffic class of the connection. These ATM contracts constitute part of ATM's Quality of Service (QoS) mechanisms. There are four basic types of contracts:

1. Constant Bit Rate (CBR) - A constant specified Peak Cell Rate (PCR) is set
2. Variable Bit Rate (VBR) - An average cell rate is specified. This may peak at a certain predefined maximum level for a certain length of time before becoming problematic
3. Available Bit Rate (ABR) - A minimum guaranteed rate is specified
4. Unspecified Bit Rate (UBR) - Traffic is allocated all remaining transmission capacity

Traffic Shaping

The objective of traffic shaping is to ensure that cell flow will meet its traffic contract and is usually done at the entry point to an ATM network.

Traffic Policing

To maintain network performance it is possible to police virtual circuits against their traffic contracts. If a circuit is exceeding its traffic contract, the network can either drop the cells or mark the Cell Loss Priority (CLP) bit (to identify a cell as discardable farther down the line).

Basic policing works on a cell by cell basis, but this is sub-optimal for encapsulated packet traffic (as discarding a single cell will invalidate the whole packet).

Asynchronous Transfer Mode (ATM) Deployment Scenarios

ATM has proved very successful in the Wide Area Network (WAN) scenario and numerous telecommunication providers have implemented ATM in their Wide Area Network (WAN) cores.

For slow links less than 2Mb/s, ATM still makes sense, which is why many ADSL systems use ATM as an intermediate layer between the physical link layer and a Layer 2 protocol like PPP or Ethernet.

Interest in using native ATM for carrying live video and audio has increased recently. In these environments, low latency and very high quality of service are required to handle linear audio and video streams.

Asynchronous Transfer Mode (ATM) the Future

Currently the future for ATM does not look very bright as it seems that in all likelihood gigabit Ethernet implementations (10Gbit-Ethernet, Metro Ethernet) will replace ATM as a technology of choice in new WAN implementions.

At the time ATM was designed, 155 Mbit/s (135 Mbit/s payload) over fiber-optic cable was fast in comparison to other technologies but since then networks have become much faster. A 1500 byte (12000-bit) full-size Ethernet packet takes only 1.2 µs to transmit on a 10 Gbit/s optical network, removing the need for small cells to reduce jitter.

The complexity of ATM is another factor that makes deployment of ATM unsuitable in many of the scenarios that its creators had originally intended.

The speed and traffic shaping requirements of converged networks also challenges ATM.

“Best-Effort” Protocol

Frame Relay is a “best-effort” protocol. Whenever the frame relay protocol detects an error, it simply drops the frame, end of story. Yes, there are many situations where this is just unacceptable. However for such applications as streaming videoconferencing and Internet AVIs a few frames being dropped every now and then doesn't really matter all that much.

Two Types of Frame Relays

Frame Relay uses Virtual Circuits (VC) something, which it has in common with Asynchronous Transfer Mode (ATM), which is a cell relay, circuit-switching OSI Reference Model Data Link Layer (2) Protocol.

I have already discussed ATM in an article entitled “About Asynchronous Transfer Mode (ATM)” which can also be found in the Communications and Networking section of this site (computersight.com) so I will not recover old ground here.

There are two types of Frame Relays:

1. Permanent Virtual Circuits (PVC) - It is in the formation of logical end-to-end links mapped over a physical network that PVCs are used.
2. Switched Virtual Circuits (SVC) - SVCs are much harder to implement and maintain. Not surprisingly, they are not very common.

Frame Relay as a Wide Area Network (WAN) Protocol

When using Frame Relay as a Wide Area Network (WAN) protocol the most common scenario is to implement Frame Relay at the Data Link Layer (2) of the OSI Reference Model.

For example, an Internet Service Provider (ISP) would commonly implement Frame Relay as an encapsulation technique for inter-LAN communications over a WAN. This includes both voice and data traffic alike.

Frame Relay Implementation Scenarios

The most common scenario for Frame Relay implementation involves the end-user leasing a private line to a frame-relay node from a major carrier (such as Telstra, here in Australia). The Telco's frame-relay network then handles the transmission over a frequently changing path that is all but transparent to all end-users.

Many of the larger companies with multiple branches that have implemented corporate WAN technologies make use of Frame Relay for the connection of rural branches into their corporate WAN.

In many rural areas that lack DSL and cable modem services the least expensive type of "always-on" connection remains the 128-kilobit frame-relay line.

Frame Relay Future Implementations

The biggest factor that is influencing the “useful” life expectancy of Frame Relay as a “live” production environment implemented protocol is the massive increases in data transmission speeds that we are currently seeing in native IP-based networking.

Much of these performance gains are directly attributable to the improvements in transmission technologies such as fiber-optic cable and high-speed Ethernet over copper wire over longer distances.

With increased deployment of Ethernet over longer distances now using fiber-optic cable we are also seeing a marked decrease in the cost of the large fiber-optic bundle cables that the large Telecommunications companies are currently deploying, particularly as “trunk” lines. It comes as no surprise that we are seeing Frame Relay replaced in many of what were once its strongholds by IP-based technologies.

When all of this is coupled with the escalation in the profusion of MPLS, VPN and dedicated broadband services such as cable modem, DSL, ADSL, ADSL2+ and major ISPs implementing DSLAM solutions I think that it will not be all that long before Frame Relay begins to be phased out altogether.

On the other, hand the vast majority of all other devices including routers and PCs use layer three logical addresses (such as IP Addresses) to perform their brand of magic. Because of this, the need to be able to map IP addresses (logical) to MAC addresses becomes imperative.

The Network Layer (Layer three of the OSI Reference Model) identifies the destination node's logical network address (IP address) but must use MAC Addresses (OSI Layer two the Data Link Layer) to move the data over the network.

The solution to overcoming this paradox was to develop special protocols that have the ability to map the logical IP Addresses to the appropriate correct physical MAC Address of the intended destination node. In fulfilling this need, each protocol suite has its own special methods (usually different) and “helper” protocols. Here are a few of them:

Address Resolution Protocol (ARP)

ARP is the most commonly used protocol for mapping IP Addresses to MAC Address. This means that we know the IP Address but the MAC Address is unknown. Thus, we need to discover (learn) the MAC Address somehow. This is the method used by TCP/IP.

Hello Protocol 

Enables network devices to learn the MAC Addresses of other network devices by broadcasting a hello message at boot time. Examination of the Hello protocol packets enables devices to learn what other devices are on the network, as well as what their MAC Addresses are.

Embedded MAC Addresses 

Embedding MAC Addresses into the network layer address means that by using special algorithms and protocols that apply specific rules that all parties/entities to the forthcoming communication/conversation need to agree upon in advance prior to commencement of the communication/conversation.

Algorithmic Derivation 

MAC Addresses can also be derived using specific algorithms.

The following systems use both embedded MAC Addresses and algorithmic derivation to discover unknown MAC Addresses and map them to the known IP Address:

• XNS - Xerox Network Systems
• IPX - Novell Internetwork Packet Exchange
• DECnet Phase IV

Reverse Address Resolution Protocol (RARP) 

Performs the reverse procedure of that performed by ARP. It takes a known MAC Address and maps it to an unknown IP Address.

Remember that Network/IP Addresses are OSI Layer 3 (Network) functionality, which means that they are Virtual/Logical Addresses. The relationship between a network address and any specific device is logical and not fixed.

Network/Logical Addresses Derivation Based On:

• Physical Network Characteristics - such as the particular network segment location on which the device is located.
• No Physical Basis - Groupings that have no physical basis include devices belonging to a part of an AppleTalk zone.

End Systems

Assuming that they only have one physical network connection end systems require one Network Layer Address (OSI Layer 3) for each network layer protocol supported.

Routers and other internetworking devices require one network layer address per physical network connection for each network layer protocol supported.

For Example: If a router has three interfaces each of which is running AppleTalk, TCP/IP, and OSI then it must have three network layer addresses for each interface. In this case, the router will have nine network layer addresses.

Origins and Evolution

Steve Crocker created the RFC documentation format back in 1969. His objective in doing so was to create a formal documentation process and procedures to assist with the recording, management, and administration of unofficial notes pertaining to the development of the ARPANET. They have since evolved into the official record for Internet specifications, protocols, procedures, and events.

Request for Comment Document (RFC) Creation Process

Submission

The Internet Engineering Task Force (IETF) is the governing non-profit organisation charged by the Internet Society (ISOC) to oversee all things Internet related from the technical perspective. RFC 3935 documents the IETF's Mission Statement.

When it comes to Internet architectural matters the Internet Architecture Board (IAB) oversees the various working groups that the IETF has established. The IETF can be located here.

Submission of documents to the IETF and subsequent application to have them reviewed with an eye to attaining RFC publication status is open to anybody and everybody. This is most important since the Internet is an “open” set of standards and must remain accessible to everyone if it is to evolve further.

Aspects such as protocol functionality and protocol development need regulation in order for consensus, compatibility and open standardisation to be practicably realistic.

The requirements of the regulation and compliance elements associated with the Internet and consequently with the IAB and the IETF are in marked contrast to those regulated by government.

Part of the reason for this lies with the IAB and IETF not possessing local authority status. Rather they are international organisations that do not hold local jurisdiction and therefore cannot prosecute of or by them selves.

Internet Engineering Task Force (IETF)

The Internet Engineering Task Force (IEFT) is the main decision making player in regards to the reviewing, nomination, production and publication of Request for Comment (RFC) documents is concerned.

Document Review

Once officially submitted, the document moves to the next phase. It is now that various IEFT groups, topic specific experts, and the RFC Editor review the submitted document. If all are completely satisfied, the document moves on to the next stage.

Publication

Immediately the above steps have concluded satisfactorily the document is ready for publication. This is an important stage in the life of Internet and networking protocols. After publication, the document is now a RFC document, which means that it is the accepted standard and no further modification or change can occur.

RFC documents are final. The IETF will not permit any modifications or updating to a published RFC.

Revision

If need be an RFC can be superseded by later revisions. This means that the original RFC will remain intact. It will always retain its reference number.

The new RFC gets a new reference number.

RFC-Editor Website

The official RFC-Editor website maintains links to both the older and the newer RFC in search engine listings.

Internet Standards Development Process

RFC 2026 entitled “The Internet Standards Process - Revision 3” provides a good description of the Internet standards development process. The subsequent updated standard is RFC 3932, which is entitled “The IESG and RFC Editor Documents: Procedures”.

Unification

When a new RFC replaces more than one predecessor, it has unified the documentation on that topic

Specialisation

Sometimes a protocol will break into a number of related technologies during its development and evolution. In this case, a number of RFC documents (successors) replace it.

Authoritative RFC Website

The authoritative RFC website's URL is http://www.rfc-editor.org/

Internet Protocol (IP) Standards

RFC 3300 documents and lists the complete range of official Internet protocol standards. A fully updated list is available at http://www.rfc-editor.org/

Official Standards Declaration

RFC 733 Internet was the first RFC explicitly declared as an official standard

Protocol Standardisation Process

The various IETF workgroups perform most of the work on standardizing Internet protocols. Here is the process that they have chosen to adopt to conduct and publish their work:

1. Proposed Standard
   • Usually intended to become actual standards
     • Not promoted to draft standard status for six months in order for the Internet community to have ample time for review and comment
   1. Draft Standard
      • Not to be promoted to a full standard for at least four months, after operational experience has been obtained
      • Interoperability between two or more independent implementations must be demonstrated
   2. Actual Standard
      • All full standards must be instantiated by at least two independent, fully functional implementations of the defined protocol
      • Once a protocol becomes a full standard it is given an STD number as described in RFC 1311

I do hope this clears up the issue of what is an RFC.

Let us have a quick look at some other essential information about protocols and the standards organizations that ratify them.

Protocol Converter

A protocol converter is a device/program which translates between different protocols which serve similar functions (e.g., TCP and TP4). [Source: RFC1392]

Protocol Data Unit (PDU)

Protocol Data Unit (PDU) is the name that the International Standards Committee uses for packet. [Source: RFC1392]

Protocol Standards Organisations

Here is a brief summary of the various bodies that produce and ratify the various communications and networking standards that we have been discussing. If you want to learn more about them just go to their websites and encyclopedic volumes of information will be at your disposal. I have included the links (URL) for each of these standards organisations below.

Internet Engineering Task Force (IETF) - The IETF is an international community of network designers, operators, vendors, and researchers working together to better facilitate the smooth operation of the Internet while advancing the evolution of its architecture.

Nearly all recent protocols for Internet communications have been assigned by the IETF with the IEEE and ISO handling the others.

IETF Mission Statement - The IETF Mission Statement is documented in RFC 3935

IETF Workgroups - Much of the work done by the IETF is carried out by different workgroups; with each focusing on their particular specialty. These workgroups are organised by topic (routing, transport, security etc.).

Communications - Mailing lists are used extensively by the IETF and its various sub-groups and committees.

Internet Architecture Board (IAB) - The purpose of the IAB is to oversee the architectural work of the various IETF working groups

URL: Ietf

Institute of Electrical and Electronics Engineers (IEEE) - Responsible for many other protocols including some Internet protocols. Their primary focus is on communications protocols from a networking perspective. This includes internetworking; meaning from one network to another. Hence the Internet gets in on the act.

The most widely know series of protocol standards that the IEEE has produced are the 802 DOTS (802.xx specifications). For example the 802.3 standard is all about Ethernet while the 802.11 specifications are standards concerning wireless networks.

URL Ieee

International Organisation for Standardisation (ISO)- The world's largest developer and publisher of International Standards. ISO is a non-governmental organisation comprised of a network of the national standards institutes of 157 countries. There is only one member per country and a Central Secretariat in Geneva, Switzerland coordinates the system.

URL: Iso

World Wide Web Consortium (W3C) - W3C is an international consortium where member organizations, a full-time staff, and the public work together to develop interoperable technologies such as: specifications, guidelines, software, tools and web standards.

Mission - The W3C have stated their mission to be: “To lead the World Wide Web to its full potential by developing protocols and guidelines to ensure long-term growth for the Web.”

In order to achieve their goal of one Web, specifications for the Web's formats and protocols must be compatible with one another and allow (any) hardware and software used to access the Web to work together.

W3C designs and promotes interoperable open (non-proprietary) formats and protocols to avoid the market fragmentation of the past.

URL: w3c

Internet Assigned Numbers Authority (IANA) - IANA is the central coordinator for the assignment of unique parameter values for Internet protocols.

IANA is operated by the Internet Corporation for Assigned Names and Numbers (ICANN) and is responsible for the global coordination of the DNS Root, IP addressing, and other Internet Protocol resources.

IANA is chartered by the Internet Society (ISOC) to act as the clearinghouse to assign and coordinate the use of numerous Internet protocol parameters.

URL: iana

Internet Corporation for Assigned Names and Numbers (ICANN) - ICANN was formed in 1998. It is a not-for-profit partnership of people from all over the world dedicated to keeping the Internet secure, stable and interoperable. It promotes competition and develops policy on the Internet's unique identifiers.

To reach another person on the Internet you have to type an address into your computer - a name or a number. That address has to be unique so computers know where to find each other. ICANN coordinates these unique identifiers across the world. Without that coordination we wouldn't have one global Internet.

URL: icann

International Telecommunications Union (ITU) - ITUis the leading United Nations agency for information and communication technologies. As the global focal point for governments and the private sector, ITU's role in helping the world communicate spans 3 core sectors

ITU-R - Managing the international radio-frequency spectrum and satellite orbit resources protocols and formats for is at the heart of the work of the ITU Radio Communications Sector (ITU-R).

ITU-T - The ITU-T handles telecommunications protocols and formats for the public switched telephone network (PSTN).

ITU TELECOM - ITU TELECOM brings together the top names from across the ICT industry as well as ministers and regulators and many more for a major exhibition, a high-level forum and a host of other opportunities

ITU-D - Established to help spread equitable, sustainable and affordable access to information and communication technologies (ICT).

URL: itu

The Internet Society (ISOC) - ISOC is a nonprofit organisation founded in 1992. The Internet Architecture Board (IAB), Internet Engineering Task Force (IETF) and the Internet Engineering Steering Group (IESG) are all chartered by the Internet Society (ISOC)

URL: isoc

Request for Comment (RFC)

These are the documents in which the IETF formally documents in detail the various protocols, standards and specifications for Internet communications technologies and protocols.

No Rewrites or Modifications

Once an RFC that formerly details and documents any protocol or part thereof has been published there will be no further alterations, amendments or any other changes made to that document; period!

New RFC Documents

If the situation eventuates that for whatever reason a protocol needs to be changed, amended, enhanced, extended, etc. then a new document that formally recognizes this will be prepared and once ratified it will be published.

Acknowledgements

Documents that formally specify the standards for any given protocol will acknowledge any other protocols referencing the appropriate RFC documents and state that these protocols and specifications have now been superseded by this new protocol and standard.

Converging Standards

As the Public Switched Telephone Network (PSTN), radio systems, and Internet converge, the different sets of standards are also being driven towards technological convergence. Unified communications is here to stay. So we might as well get used to the fact and make it work to our advantage.

Effective Communications

In order for effective communications to occur we all need to agree upon the protocols that we will use. We also need to be in agreement concerning how these protocols will be designed, built/structured and implemented.

It was for these reasons that a consensus needed to be reached before we could have a true global communications system such as the Internet as we know it today. Out of this need a number of different and for once not opposing protocol standardisation organisations were born.

These organisations quickly came to the realization that above all else the first and most pressing requirement was for some method or system that removed individual protocol peculiarity from impacting the performance of itself or any other protocol. What was needed was some form of reference model.

Their next big moment of enlightenment came when they realised that it was all too much for just one individual or individual organisation to handle. In fact it was all too much for one protocol to handle and so the idea of a processing stack (suite of protocols) was born.

This alone was a big step forward but what good is a processing stack model if nobody knows who it works or how to use it? The solution was simple. Make sure everybody could access whatever they wanted. The result of this momentous inspiration was the creation of an OPEN standard for protocol design, architecture and implementation called the Open Systems Interconnect Reference Model (OSI model).

In this series we have had a look at most of the underlying background processes and process formation methodologies. We have also inspected protocol design and implementation, regulation, standards; both open and proprietary, standardisation, standardisation organisations, standardisation process and procedures, communications and networking protocols and introduced the OSI Reference Model.

All of these will be discussed in greater detail in the future but for now this will suffice. The next dozen or so articles; in the “About Protocols” series, will take look at individual communications and networking protocols on a one-by-one basis. I have decided to base the order in which I tackle this topic is by starting with the most commonly implemented protocols.

In order to make them easy to access and reference I will be calling them “About XXXXX” rather than giving each a sequential reference number. For instance an article about the Asynchronous Transfer Mode (ATM) protocol will be called “About Asynchronous Transfer Mode (ATM)” or “About ATM”.

I will also be compiling an index of the protocols covered which will also include the acronyms; if any, of the protocols that we discuss. I have decided to structure this index on an alphabetical ordering system where numbers; progressing from low to high as the list evolves, will come first. Then we will have the letters arranged in increasing alphabetical order.

Anyway this index will be named “About Protocols Index” for obvious reasons. I will also compiling a basic glossary that covers everything that we have or will be talking about. Guess what? I have decided to name this glossary the “About Protocols Glossary” also for obvious reasons.

Both the index and glossaries will be built on an “as-you-go” basis meaning that they will be regularly updated. I will also include a “what's new” section for your greater convenience.

So until we meet again enjoy.