Page #36 (U)

Notes

Although the V.35 standard was replaced by the V.10 and V.11 standards in 1988, it remains one of the more popular DTE/DCE interfaces for local area network/wide area network (LAN/WAN) connectivity.

Notes

Although the V.35 specification tops out at speeds of 1.544 Mbps, routers from most vendors support higher speeds in their implementation of the V.35 interface, with some as high as 10 Mbps. Nevertheless, if you need WAN links faster than T1 speeds, you will probably need to use a router with a high-speed serial interface (HSSI) port instead of V.35.

See Also Channel Service Unit/Data Service Unit (CSU/DSU) , data communications equipment (DCE) ,data terminal equipment (DTE) ,High-Speed Serial Interface (HSSI) ,International Telecommunication Union (ITU) ,router ,serial transmission ,T1 , wide area network (WAN)

V.90

A popular high-speed modem standard.

Overview

V.90 is part of the V-series standards developed by the International Telecommunication Union (ITU). V.90 evolved from two earlier modem standards: the x2 modem technology developed by U.S. Robotics (later bought by 3Com Corporation) and the K56flex modem technology developed by Rockwell. V.90 modems theoretically support downstream communication at 56 kilobits per second (Kbps) and upstream at 33.6 Kbps (upstream transmission is implemented using the same method as the older 33.6 Kbps V.34bis modem standard). V.90 downstream transmission is limited by several factors:

V.90. Comparison between V.90 and earlier modem standards.

• The downstream speed of 56 Kbps is achievable only when there is a digital phone line on one end of the connection, typically on the side of the telco or Internet service provider (ISP). In other words, V.90 is possible only on telephone networks that have only one analog segment in the communication path (the local loop at the subscriber end) instead of two analog segments (at both the subscriber and ISP/central office [CO] ends). The benefit of this scenario is that using a digital phone line on one end of the connection eliminates the quantization error that occurs during analog-to-digital conversion (ADC) that normally takes place with a modem. The digital connection at the telco is actually 64 Kbps, but due to digital-to-analog conversion (DAC) that takes place at the telco CO when the digital connection is switched to the analog local loop, some information loss results that reduces the possible downstream speed to 56 Kbps.

• Despite the fact that V.90 can support 56 Kbps downloads, the actual top downstream speed is only 53 Kbps. This is because Federal Communications Commission (FCC) regulations governing signaling over telephone lines restricts the maximum signal power that can be transmitted over the Public Switched Telephone Network (PSTN) to levels that prevent crosstalk from degrading signal quality. The result of these regulations reduces the possible downstream speed of V.90 from 56 Kbps to 53 Kbps.

• Furthermore, in real life the achievable downstream speed is less than 53 Kbps if line distances between the customer premises and the telco CO exceed 3.5 miles (5.5 kilometers) or if line conditions are poor. In practice, typical downstream speeds for V.90 are usually between 40 to 50 Kbps and the speed is negotiated during call setup. The way this happens is that V.90 employs mechanisms whereby the client modem issues a request for a test tone during negotiation, which is then used to gauge the line quality to determine the optimal downstream transmission speed.

V.90 modems have proved enormously popular for dial-up Internet access. Some industry analysts estimate that there are almost 100 million V.90 modems in use around the world. Although use of broadband Internet using Digital Subscriber Line (DSL) and cable modems is increasing, analysts estimate that V.90 modems will continue to remain the dominant solution until around 2004.

See Also cable modem , crosstalk ,Digital Subscriber Line (DSL) ,Internet access ,modem ,Public Switched Telephone Network (PSTN) ,serial transmission ,

V.92

The latest high-speed modem standard from the International Telecommunication Union (ITU).

Overview

V.92 is an emerging standard that provides the same 56 kilobits per second (Kbps) theoretical downstream speeds as the earlier V.90 modem standard. V.92, however, offers some significant enhancements over V.90 modem technology, specifically:

• Upstream speed of 48 Kbps compared to only 33.6 Kbps for V.90 modems. This is accomplished by using the same transmission algorithm for upstream that is used for V.90 downstream communication-in contrast to V.90, which uses the older V.34bis standard for upstream communication.

• Faster call setup and handshaking, typically only 10 seconds compared to 30 seconds for V.90 modems.

• Support for call waiting, so that a user can interrupt a modem session to take a telephone call and then resume the modem session. This means that home users will need only one telephone line instead of two when they use V.92 modems for Internet access.

Marketplace

V.92 modems are being developed by a number of modem manufacturers, including U.S. Robotics, Lucent Technologies, Motorola, PCTEL, and several others.

Issues

Because of these features, V.92 appeals to enterprises using modem pools for remote access to corporate networks. Faster call setup and faster upstream speeds mean shorter remote access sessions and hence lower costs. This can be particularly significant when remote access is performed over long-distance telephone lines.

On the other hand, some Internet service providers (ISPs) may be reluctant to implement V.92, because users may leave their modems connected to the Internet all the time. This may mean greater costs for ISPs, who may have to add additional modem pools to handle the longer connection times (the average dial-up Internet access session is estimated by some analysts at 30 minutes).

See Also International Telecommunication Union (ITU) , modem ,remote access ,

value entry

A data entry in the Microsoft Windows registry.

Overview

Value entries are contained in keys and are analogous to variables. They consist of three parts:

• Name: The name of the value entry (for example, MaintainServerList)

• Data type: The type of data stored in the value entry (for example, REG_SZ represents human-readable text)

• Value: The actual data contained in the value entry (for example, the string "Auto")

Some of the various data types supported by Windows 2000,Windows XP, and Windows .NET Server are shown in the table. Applications can also define other data types when required.

See Also key (registry) ,registry

variable-length subnet mask (VLSM)

A technique for conserving Internet Protocol (IP) addresses.

Overview

Variable-length subnet mask (VLSM) was developed in response to shortages in the available pool of IP addresses. Large IP internetworks consisting of multiple subnets typically use assigned IP address blocks inefficiently. This is because although different subnets often have different numbers of hosts, network architects usually design IP internetworks using a single "one size fits all" subnet mask.

For example, consider an enterprise assigned the class B network ID 181.63.0.0 that has hosts among four networks. The number of nodes on each network is 600 on network A, 400 on network B, 200 on network C, and 2 for network D (network D is a dedicated leased line, and because this is a form of point-to-point connection, only two nodes are on the network). The simplest scheme for subnetting the network into four parts would be to use the same subnet mask for each network, namely 255.255.252.0, which can support 1022 hosts per subnet. Because there are four subnets, this subnet mask means we are using 4088 IP addresses from the available pool of 65,534 associated with the class B address. But in fact we are only using 600+400+200+2=1202 of these 4088 addresses, and so 2886 addresses are essentially wasted.

VLSM reduces the amount of wasted addresses by selecting a subnet mask closest to the needs of each network. In the above scenario, this means:

• Network A will use subnet mask 255.255.252.0, which provides 1022 possible addresses of which only 600 are being used (therefore 422 are being wasted).

• Network B will use subnet mask 255.255.254.0, which provides 510 possible addresses of which only 400 are being used (therefore 110 are being wasted).

• Network C will use subnet mask 255.255.255.0, which provides 254 possible addresses of which only 200 are being used (therefore 54 are being wasted).

• Network D will use subnet mask 255.255.255.252, which provides two possible addresses of which both are being used and none are being wasted.

Using VLSM, we have reduced the number of wasted addresses from 2886 (when using a fixed subnet mask scheme) to only 522+110+54=686 addresses, a savings of 2200 addresses.

To use VLSM in the enterprise, a routing protocol supporting VLSM must be employed for communication between routers. Although some routing protocols exchange only network addresses with each other, routing protocols supporting VLSM also exchange subnet masks together with these network addresses. The routing protocols that support VLSM are:

• Enhanced Interior Gateway Routing Protocol (EIGRP)

• Open Shortest Path First (OSPF)

• Routing Information Protocol version 2 (RIPv2)

Issues

VSLM is most often used when OSPF is used to join pre-existing routing domains that use RIP within their domain boundaries. OSPF thus provides the backbone routing service to connect these "RIP islands," and each RIP island is defined as an OSPF area. The main problem with using VLSM, however, is that it requires careful planning to implement properly-you need to know all your subnets and the maximum possible hosts on each subnet before you start the process of subnetting your network using VLSM. For older networks, implementing VLSM basically means renumbering the network from the ground up, a time-consuming process.

A better alternative to resubnetting your internetwork using VLSM is simply resubnetting it using the private class A network ID 10.0.0.0 and a fixed subnet mask that provides enough addresses for your largest network. In this approach, you simply do not worry about wasting IP addresses because you have 16,777,214 to work with using this network ID. Of course, you can only use this approach if your IP internetwork is connected to the Internet using network address translation (NAT), but this is the standard approach anyway.

See Also Class A ,Class B ,Enhanced Interior Gateway Routing Protocol (EIGRP) ,IP address ,Open Shortest Path First (OSPF) ,Routing Information Protocol (RIP) ,subnet mask ,subnetting

VBScript

Stands for Visual Basic Scripting Edition, a scripting language developed by Microsoft Corporation.

Overview

VBScript was designed primarily for use in Web applications running on the Internet Information Services (IIS) and Internet Explorer platforms. VBScript is a lightweight subset of the more powerful Visual Basic for Applications (VBA) programming language used in Microsoft Office and other Microsoft development platforms. VBScript omits features such as file input/output (I/O) and direct access to the operating system to provide a secure scripting platform for developing Web-based applications using server-side scripting technologies such as Active Server Pages (ASP). Internet Explorer includes a scripting engine for interpreting and running client-side scripts written in VBScript. VBScript can run on all versions of Microsoft Windows as well as on certain UNIX platforms.

Note that you cannot use VBScript to write stand-alone programs. Instead, you must embed script into standard Hypertext Markup Language (HTML) files. The script is executed when a Web browser opens the HTML file. Alternatively, ASP can use VBScript to generate HTML on the fly.

Examples

Script within an HTML page is enclosed within <SCRIPT> ... </SCRIPT> tags. For example, the following HTML segment displays a button that, when pressed, displays a message box that reads "Hello World!":

<INPUT TYPE=BUTTON VALUE="Click me" NAME="BtnHello"> <SCRIPT LANGUAGE="VBScript">    Sub BtnHello_OnClick         MsgBox "Hello World!", 0, "An active         document"    End Sub </SCRIPT>

In this code, the <INPUT> tag creates the command button and the <SCRIPT> tag contains the script for the event handler that handles the button click.

For More Information

Visit the Microsoft Windows Script Technologies site at msdn.microsoft.com/scripting.

See Also Active Server Pages (ASP) ,Hypertext Markup Language (HTML) ,Internet Information Services (IIS) ,JavaScript ,JScript ,scripting

vCalendar

An Internet protocol for interoperability between scheduling programs running on different platforms.

Overview

vCalendar allows Personal Data Interchange (PDI) programs to exchange scheduling information over the Internet to book meetings, schedule events, and plan other activities. The vCalendar standards define the for mat by which scheduling information can be exchanged over the Internet. The basic units of scheduling information are the event, which consists of a scheduled activity and its time, date, and duration, and the to-do, a work item or assignment that is delegated to an individual.

vCalendar is defined in RFCs 2445 to 2447 and is broadly supported in the e-mail and groupware industry. The current version is vCalendar 1. Microsoft Outlook 98 and later can import and export information in vCalendar format.

For More Information

Visit the Internet Mail Consortium's PDI page at www.imc.org/pdi.

See Also vCard

vCard

An Internet protocol for exchanging business information.

Overview

vCard enables users to exchange the kind of information found on business cards by using standard Internet applications such as e-mail clients and Web browsers. It can also be integrated into fax, cellular phone, pager, smart card, and other communication technologies. You can use vCard to electronically communicate information such as a user's name, title, business, address, telephone numbers, e-mail addresses, URLs (Uniform Resource Locators), company logo, photographic likeness, audio clip, and just about anything else. vCard specifies the format for encoding information for transmission over the Internet.

vCard is defined in RFCs 2425 and 2426. The current version is vCard 3. Microsoft Outlook 98 and later and Microsoft Outlook Express 5 support the vCard protocol.

See Also vCalendar

VDSL

Stands for Very-high-rate Digital Subscriber Line, a high-speed flavor of Digital Subscriber Line (DSL).

See Also Very-high-rate Digital Subscriber Line (VDSL)

Very-high-rate Digital Subscriber Line (VDSL)

A high-speed flavor of Digital Subscriber Line (DSL).

Overview

Very-high-rate Digital Subscriber Line (VDSL) was developed in the early 1990s as a high-speed version of Asymmetric Digital Subscriber Line (ADSL). Most existing VDSL implementations support speeds to 52 megabits per second (Mbps) in the upstream direction and 2.3 Mbps downstream over existing local loop copper wiring. A limiting factor is that VDSL operates over very short distances, typically only 1000 feet (300 meters) from the telco central office (CO). At longer distances, VDLS speeds drop sharply, and the service is difficult to provision beyond about 4500 feet (1400 meters).

VDSL is undergoing standardization by the International Telecommunication Union (ITU), so current VDSL services are vendor-specific. The plan is to standardize two different versions of VDSL:

• Asymmetric: This will support 52 Mbps upstream and 6.4 Mbps downstream.

• Symmetric: This will support 26 Mbps in both directions.

Marketplace

The VDSL marketplace is still growing, and not many carriers offer the technology to customers. VDSL Systems provides 16-port and 32-port VDSL multiplexers for the carrier market that can handle 26 Mbps traffic at distances up to 5000 feet (1500 meters). The company also provides VDSL customer premises equipment (CPE) in various form factors including access routers, PCI cards, and set-top boxes for the hotel industry.

Telco Systems has an innovative switching called CopperMax, which allows companies to use VDSL to link buildings together using existing telephone lines, provided they are less than 0.75 miles (0.5 kilometers) apart.

See Also Asymmetric Digital Subscriber Line (ADSL) ,Digital Subscriber Line (DSL) ,International Telecommunication Union (ITU) ,local loop

virtual circuit

A logical path or connection between nodes in a network.

Overview

The path of a virtual circuit is composed of discrete segments of the network that are interconnected using switches. Before a transmission can be sent over the circuit, both end stations must agree on the path and its signaling characteristics, a process called establishing the circuit. Once the circuit has been established, the end stations communicate as if they were directly connected using physical wires, but it is the switches that actually establish the communication path throughout the network. To change the logical path the virtual circuit takes across the network, you simply reconfigure the switches-you do not need to reconnect any wires. This is called a virtual circuit because, like a real (physical) circuit, it connects two points for transmission purposes, but instead of being hard-wired it is configurable and therefore "virtual" in nature.

Virtual circuits are generally used in packet-switching networks such as Asynchronous Transfer Mode (ATM), frame relay, and X.25 networks. Virtual circuits are used in wide area networks (WANs) to increase efficiency by forwarding packets using circuit identifiers rather than routing packets using physical or logical addresses. The basic procedure is that once a circuit has been established between two stations, the circuit is assigned a circuit identifier (a number) that is then included in the header of every packet sent by the stations. All packets having this identifier are automatically forwarded by switches over the predefined circuit path without the need to add source or destination addresses to the packets (virtual circuits are point-to-point links and as a result do not need addressing). Using small circuit identifiers means less protocol overhead in packet headers and faster forwarding of packets.

Types

There are two basic types of virtual circuits:

• Permanent virtual circuit (PVC): Here the communication management station (the telco's central office) sets up the switches manually ahead of time and the circuit is always on. This type of virtual circuit provides performance comparable to dedicated (leased) telco lines, but it is generally a costly solution for building WANs because PVCs require carrier resources (switches) to be dedicated to a circuit, whether or not that particular circuit is being used.

• Switched virtual circuit (SVC): Here the switches are set up automatically when either end station attempts to establish a communication with the other. Once the session is finished, the circuit is torn down and the carrier switches are freed for other uses. Ordinary telephone communication on the circuit- switching Public Switched Telephone Network (PSTN) essentially functions in this fashion.

ATM networks can be implemented using either permanent or switched virtual circuits, as can older X.25 packet-switching networks. Frame relay generally supports only PVCs, although a few providers have begun to offer SVCs. Because an SVC does not require dedicated carrier resources, they can be billed according to usage, which can save companies money.

See Also Asynchronous Transfer Mode (ATM) ,circuit-switched services ,frame relay ,packet switching ,Public Switched Telephone Network (PSTN) ,wide area network (WAN) ,X.25

virtual directory

A directory that appears to Web browser users to be a subdirectory of a Web site's home directory.

Overview

Although a virtual directory behaves as if it were a subdirectory of the home directory, in fact it might be located in a different folder, drive, or server. The advantage of using virtual directories is that content does not need to be stored only on the Web server-it can be distributed on other servers throughout the Web provider's network. These servers can be located at secure, strategic locations for easy access by Web content developers. The disadvantage is a slight degradation in performance due to data being transmitted over the network.

Virtual directories are supported by Internet Information Services (IIS) on Microsoft Windows 2000, Windows XP, and Windows .NET Server.

Examples

For example, consider a user accessing a Web site by using the following Uniform Resource Locator (URL): www.microsoft.com/otherstuff/file.htm.

The directory otherstuff appears to the user to be a real subdirectory of the home directory www.microsoft.com, while in fact it could be a virtual directory that is mapped to a share on a different server on the Web provider's network.

See Also Internet Information Services (IIS) ,Web server

virtual hosting

Also called reverse hosting, an extension to reverse proxying that is supported by Microsoft Internet and Acceleration (ISA) Server.

See Also reverse hosting

virtual LAN (VLAN)

A group of ports on an Ethernet switch that behaves like a separate network segment.

Overview

The simplest form of a large Ethernet network is one built using only hubs arranged in a cascaded star topology. For example, in a building there might be one workgroup hub for each work area connected to a root hub in the wiring closet. Such a network has two drawbacks:

• The entire network is one collision domain, which causes the network to scale poorly as the number of hosts increases. Once a certain number of hosts are present on the network, collisions start to occur frequently and network bandwidth is wasted.

• The entire network is also one broadcast domain, which increases the probability of broadcast storms occurring and bringing down the network.

The first problem, that of collisions, is usually dealt with by replacing the main or root hub with an Ethernet switch, specifically a Layer 2 switch. This has the effect of partitioning the network into multiple smaller collision domains, which in this example means that each work area will be a separate collision domain. This reduces the overall effect of collisions on the network and isolates problems arising from too many collisions occurring in one area from other parts of the network.

Unfortunately, this simple solution does not solve the second problem, that of broadcasts. In a cascaded star topology where workgroup hubs are connected to a Layer 2 switch, the entire network is still one large broadcast domain, which increases the risk of broadcast storms. Furthermore, if network services are running that advertise themselves using broadcasts, then a significant amount of overall bandwidth might be consumed by these broadcasts, reducing the amount of available bandwidth for other forms of network communications.

The traditional solution to this problem has been to use routers to partition the network into multiple smaller broadcast domains, insofar as routers generally do not forward broadcasts between their interfaces. This works well, but as the network increases in size, the number of network devices (hubs, routers, and switches) increases also, which leads to greater infrastructure costs. Another problem with this traditional style of network is that when a user moves to a different work area and takes his or her computer along to the new area, then some recabling is usually necessary. For example, when the user connects the computer to the local area network (LAN) drop in the new work area, the administrator usually has to go to the wiring room and switch the ends of the old and new LAN drop plugs to make sure the user is connected to the right hub or switch. Because cabling is typically somewhat disorganized in wiring rooms, this task can be a nightmare and is prone to error.

Virtual LAN (VLAN) technologies were developed to solve all these problems. VLANs allow networks to be segmented logically without having to be physically rewired. Instead of having all ports on a switch be equal and belong to the same network, ports can be segregated into groups, each belonging to a separate logical network. For example, on a 3-port switch you could configure ports 1 and 2 as belonging to network 10 and port 3 as belonging to network 20 (see the illustration on the following page). Physically, all three ports seem to be on the same network, but in reality they are not-broadcasts sent to port 1 can only reach port 2 and not port 3. Administrators can easily make these port assignments indicating which VLANs are mapped to which ports by accessing the software for the switch. Note that VLAN ports do not have to be contiguous-for example, ports 1 and 3 could be on the same VLAN and port 2 on a different VLAN.

The benefits of using VLAN-enabled switches include

• The ability to segment networks into multiple smaller broadcast domains without needing additional network devices such as routers to do this. VLANs make switched Ethernet networks more bandwidth-efficient through this segmentation of broadcast domains.

• The ability to reconfigure ports logically without needing to unplug wires and move them around. If a user takes his or her computer to a new work area, no cables need to be swapped on the switch-just access the switch software and issue commands to change the VLAN assignments for the old and new ports. VLANs thus simplify the process of adding, moving, and deleting users on the network. They also improve network security by avoiding cabling mishaps that can arise when users are moved in traditional Ethernet networks.

• The ability to group users together according to function rather than physical location. In a traditional Ethernet network, all users in a given work area are on the same network segment regardless of their job description or department. Using VLANs, however, you could have one salesperson in each work area of the building sitting next to engineers in their work area, yet on a separate logical network segment.

Implementation

VLANs have the following characteristics:

• One switch may have several VLANs defined on it. A VLAN is identified using a special identification number called a VLAN ID. Stations attached to switch ports having the same VLAN ID act and function as though they are all on the same physical network segment. In other words, broadcasts sent by one host are received only by hosts connected to ports having the same VLAN ID as the sending host. Administrators typically assign VLAN IDs manually at the port level, although port assignments can also be managed dynamically for some switches (the switch does this by maintaining an internal table mapping the media access control [MAC] addresses of connected stations to their VLAN ID). When a host is moved to another department, the only change needed is the assignment of a different VLAN ID to the port to which the host is connected-no switching of patch cables is required.

  

  Virtual LAN (VLAN). A simple example of a network designed using VLAN-enabled switches.

• A single VLAN can span multiple switches connected together. By using a method called trunking, VLAN-enabled switches can be connected to form large VLANs spanning switches right across the enterprise. To do this, a port on the switch must be designated a trunk port, and trunk ports on different switches are connected using trunk lines. For example, when Fast Ethernet ports are used as trunk ports, trunking can be accomplished by connecting such ports on different switches using enhanced Category 5 (Cat5e) crossover cables.

Switch vendors have traditionally developed their own proprietary VLAN technologies, so implementing a VLAN typically means buying all your switching gear from a single vendor. Cisco Systems is the market leader in VLAN-enabled switches, and many of their Catalyst line of switches support VLANs. Cisco Catalyst switches employ several types of technologies in order to implement enterprise VLANs, namely:

• Frame tagging: When an Ethernet frame enters a port on a VLAN-enabled switch, the switch encapsulates the frame by adding a special header or tag that contains the VLAN ID of the port at which the frame arrived. The switch uses the frame tag to determine which ports it can be forwarded to (ports having the same VLAN ID). The tag is then stripped off at the destination ports on the switch, or in the case of traffic moving across multiple switches using trunked connections, it is stripped off when it reaches the destination ports on other connected switches.

• Inter-switch link (ISL): This is a proprietary Cisco technology that enables a single port to belong to multiple VLANs-that is, to have multiple VLAN IDs assigned to it. ISL is used for trunking and is also available on special network interface cards (NICs) for servers. When a server has an ISL- supporting NIC installed, it behaves as if it had multiple physical NICs, one for each VLAN. This enables workstations on different VLANs to access the same server, eliminating the need to have separate servers for each VLAN.

• VLAN Trunking Protocol (VTP): This is a proprietary Cisco technology that simplifies the task of configuring VLANs across a network. By making any necessary configuration changes to settings on a VTP server, these changes are then propagated across the network to all VLAN-enabled switches that are defined as belonging to the same VTP management domain.

Issues

Three main issues have slowed the acceptance of VLANs in the enterprise: standards, Dynamic Host Configuration Protocol (DHCP), and Layer 3 switches. The problem of standards arises from the proprietary nature of VLAN implementations from different switch vendors. This has resulted in interoperability issues where equipment from one vendor fails to work with that from another vendor. There has been some progress toward standardizing VLAN technologies, however. One important step was the development of the 802.1Q standard from the Institute of Electrical and Electronics Engineers (IEEE), which replaces Cisco's proprietary ISL technology with a standards-based solution. Another development has been the adoption of RFC 2878 by the Internet Engineering Task Force (IETF), which standardizes VLAN frame tagging using the new VLAN Tagged Frame format. RFC 2878 also provides guidelines for switch vendors to improve interoperability with regard to signaling, link aggregation, and Layer 2 traffic prioritization.

The second issue is that of address management of stations on the network. VLANs were originally designed to simplify the management of hosts on the network by using their Layer 2 MAC addresses to identify them to switches. When a computer is unplugged from a LAN drop and moved to a different physical location and plugged in to a different drop, VLAN switches can automatically detect the computer's new location by its MAC address and reconfigure themselves dynamically. The problem is that DHCP was designed for the very same job of dynamic address management but uses Layer 3 (IP) addresses instead. Being a much simpler system, most network managers have chosen DHCP instead of VLANs to ensure that computers can be physically moved around the network if needed. As a result, most VLAN administration is performed manually by assigning VLAN IDs to ports using a command- line interface, a difficult chore in a large enterprise.

The third issue that has slowed the adoption of VLANs has been the emergence of Layer 3 switches, which can perform both bridging (Layer 2) and routing (Layer 3) functions in one box. Layer 3 switches have almost eliminated the need for VLANs in most enterprises. Instead of creating multiple VLANs to segment the network into smaller broadcast domains, the same thing can be accomplished by replacing the root Layer 2 switch with a Layer 3 switch. Each port on the Layer 3 switch represents a separate routed subnet, and the network is thus automatically partitioned into separate broadcast domains.

Prospects

Because of the above issues, the future of VLANs is cloudy. Most enterprise network architects see little point in deploying VLANs when Layer 3 switches can accomplish the same result with less effort. And DHCP manages addresses at Layer 3 more easily than VLANs do it at Layer 2, making it simple to move users around the network. Nevertheless, there has been something of a resurgence of interest in VLANs recently, mainly in the service provider market where companies such as Yipes Communications that offer metropolitan Ethernet use VLAN-enabled switches from Extreme Networks to provision metropolitan area VLANs for their customers. Another growing use of VLANs is in the Web hosting arena, where these companies are using VLANs to help isolate traffic between different subscribers.

See Also 802.1Q ,broadcast domain ,collision domain ,Dynamic Host Configuration Protocol (DHCP) ,Ethernet switch ,hub ,Institute of Electrical and Electronics Engineers (IEEE) ,Internet Engineering Task Force (IETF) ,IP address ,Layer 2 switch ,Layer 3 switch ,MAC address ,router

virtual memory

A mechanism by which applications function as though the system has more random access memory (RAM) than it actually does.

Overview

Virtual memory is designed to improve the performance of applications by providing them with greater effective memory than physical RAM provides. Virtual memory works by paging unneeded code from running applications to a file on the hard drive called the page file. In Microsoft Windows 2000, Windows XP, and Windows .NET Server, the Virtual Memory Manager maps the virtual addresses belonging to the address space of a running process to physical pages of memory in the computer. This ensures that each process has sufficient virtual memory to run efficiently and does not trespass on the memory of other processes. The Virtual Memory Manager handles paging between RAM and the page file, swapping pages by using a process called demand paging. The result is that each application has access to up to 4 gigabytes (GB) of memory. A similar process in Windows 98 and Windows Millennium Edition (Me) uses a comparable structure called the swap file.

Virtual memory is also supported by UNIX platforms and the Mac OS X platform.

virtual private network (VPN)

A technology for securely connecting a computer or network to a remote network over an intermediate network such as the Internet.

Overview

The term virtual private network (VPN) is used in various senses in the industry to describe a variety of technologies, but in essence it can have one of two meanings:

• Using an insecure public network such as the Internet to connect two networks (or to connect a network and a remote computer)

• Making this connection secure by employing technologies such as tunneling, authentication, and encryption

The two main types of VPNs are

• Network-network: A branch office network of an enterprise is connected by a VPN to corporate headquarters. Network-network VPNs offer a low-cost alternative to deploying expensive dedicated leased lines such as T1 lines at all branch offices (corporate headquarters still requires a leased line for its VPN gateway, however, to provide enough bandwidth for its branch office VPN connections). In spite of the cost advantage, however, network- network VPNs have been slow to gain a foothold in the enterprise due to the proven reliability of leased lines and the relative unreliability of the Internet in comparison.

• Host-network: A mobile knowledge worker uses his or her laptop or Personal Digital Assistant (PDA) and modem to dial in to a local Internet service provider (ISP) to connect securely to a company intranet or portal using an encrypted VPN connection. Using VPNs this way has proliferated in the enterprise as it is more cost-effective than traditional remote access solutions involving modem pools, dedicated phone lines, and toll-free numbers.

Architecture

VPNs are based on a client/server architecture:

• VPN client: This system initiates the VPN connection with the VPN server. For a typical host-network VPN scenario, the remote user first establishes a dial-up connection with a local ISP to connect to the Internet, and then once online, the client contacts the VPN server to connect to the corporate intranet.

• VPN server: This system authenticates the VPN client, negotiates which tunneling and encryption protocols to use, and establishes the secure VPN connection. The result is the formation of a secure encrypted tunnel that connects the VPN client to the VPN server. The effect is transparent-that is, as if both client and server were on the same local area network (LAN). For the connection to work, however, the VPN client must be assigned an Internet Protocol (IP) address that makes it appear to the VPN server as if it is on the same LAN as the server. VPN clients thus generally have two IP addresses, one for the VPN connection and one for the intermediate or transit network (the Internet).

Two VPN tunneling protocols are in use today: Microsoft Corporation's Point-to-Point Tunneling Protocol (PPTP) and Cisco Systems' Layer 2 Tunneling Protocol (L2TP). Both protocols are essentially extensions of the industry standard Point-to-Point Protocol (PPP) and are used to encapsulate PPP frames within IP datagrams for transmission over the Internet. In other words, VPNs employ two layers of encapsulation:

• First the IP datagrams from the client and server are encapsulated with PPP headers to form PPP frames for transmission through the serial interface to the modem or leased line.

• Then the PPP frames are encapsulated again with IP headers (and PPTP or L2TP headers) to form IP packets for routing over the Internet.

The result of using PPTP or L2TP is to create a virtual PPP connection between the VPN client and server. In short, the VPN connection behaves as if it were a dedicated point-to-point serial link but packets are actually routed across the Internet.

Virtual Private Network (VPN). How a VPN connection works between a network and a remote host.

Note that L2TP does not include a mechanism for encrypting VPN communications, so it must be combined with Internet Protocol Security (IPsec) when used to create a VPN connection.

Implementation

VPNs are typically implemented in one of two ways:

• Customer premises equipment (CPE): Here the VPN server is owned and operated by the private company and is located at the periphery of their corporate LAN. Such VPN servers may be routers, access servers, firewall appliances, or standard PC servers running VPN-enabled software such as Microsoft Windows 2000 Server.

• Service provider: Corporate VPN needs can also be outsourced to VPN service providers, typically telcos, ISPs, or application service providers (ASPs). The service provider maintains the VPN server at the edge of its own network and parcels out VPN services to companies on a monthly leased basis. In this scenario the customer only requires a standard "dumb" router for Internet access at its end, not a VPN-enabled router.

A third kind of VPN implementation involves using permanent virtual circuits (PVCs) carrying IP over public frame relay networks. This method is employed mainly for enterprise network-network VPNs.

Marketplace

A popular Linux-based VPN/firewall appliance is VelociRaptor from Cobalt Networks, which employs Cobalt's hardware and Raptor's firewall software to provide a secure VPN solution for the small business and remote office markets. Another popular VPN appliance is the Alcatel 7137 Secure VPN Gateway, originally developed by TimeStep (now part of Alcatel). Cisco Systems offers many different VPN-enabled routers and access servers, including the Cisco VPN 3005 Concentrator, which supports up to 100 concurrent users. For the Small Office/Home Office (SOHO) business environment, the Cisco PIX Firewall 506 is a small unit the size of a pocketbook that can support 10 simultaneous VPN connections. Another market contender is the VPN-1 Appliance from Check Point Software Technologies, which includes their widely used Firewall-1 product bundled in a Nokia appliance. Check Point also offers a VPN-1 Gateway for high-end corporate VPN connectivity. 3Com Corporation, Avaya, CoSine Communications, Data Fellows Corporation, Indus River Networks, Intel Corporation, Lucent Technologies, RadGuard, RedCreek Communications, and many other companies offer VPN solutions ranging from VPN gateways and appliances to software products.

Examples of service providers offering standard IP VPN services include Aventail Corporation, Genuity, UUNET, Qwest Communications International, and others. Providers of frame relay-based VPN services include AT&T, Equant, Infonet, MCI/Worldcom, Sprint Corporation, and others. Telera offers a nationwide Voice over IP (VOIP)-enabled managed VPN that employs VPN gateways stationed at colocation centers around the United States.

Prospects

The future of network-network VPNs and corporate host-network VPN gateways may be Digital Subscriber Line (DSL), a technology that provides high-speed Internet access at costs vastly lower than leased lines such as T1 lines. The main issue with most enterprises is that DSL has yet to prove itself as reliable a technology as the more costly leased lines, which are a mature technology that has been around for many years. Nevertheless, the combination of a DSL connection with VPN software to provide security is a tantalizing one for IT departments in times of shrinking budgets.

Notes

Although VPNs typically use the Internet as their transit network, it is also possible to run a VPN over a corporate IP LAN to create a "LAN within a LAN" for secure communications across the network.

For More Information

Visit the VPN Consortium at www.vpnc.org

See Also application service provider (ASP) ,Digital Subscriber Line (DSL) ,firewall ,frame relay ,Internet ,Internet Protocol Security (IPsec) ,Internet service provider (ISP) ,Layer 2 Tunneling Protocol (L2TP) ,permanent virtual circuit (PVC) ,Point-to-Point Protocol (PPP) ,Point-to-Point Tunneling Protocol (PPTP) ,T1 ,wide area network (WAN)

virtual server

A technology that allows multiple independent Web sites to be hosted on a single Web server.

Overview

The term virtual server is another name for Web site. Internet Information Services (IIS) on Microsoft Windows 2000 and Windows .NET Server supports virtual servers to enable a single machine to host multiple Web sites. Virtual servers can be implemented three different ways in Windows 2000:

• By binding Internet Protocol (IP) addresses to the server's network interface card (NIC). Each virtual server can be assigned its own unique IP address. DNS servers can then resolve domain names into their respective IP addresses, allowing multiple companies to host their Web sites on a single IIS server. This is the preferred method if a large pool of available IP addresses exists for the server.

• By using a single IP address but assigning a unique port number to each virtual server. Clients must know the exact port number to connect to the server instead of using the default Hypertext Transfer Protocol (HTTP) port number 80.

• By enabling host headers on the IIS server. The server has only one IP address and uses the default HTTP port number 80. The client Web browser attempting to access a Web site on the IIS server must be HTTP 1.1-compliant to seamlessly access the site.

Notes

The term virtual server is also used in the Windows Clustering component of Microsoft Windows 2000 Server. In this context a virtual server is usually a resource group that contains all the resources necessary for running an application, including the network name and IP address resources.

See Also bindings , Hypertext Transfer Protocol (HTTP) ,Internet Information Services (IIS) ,IP address , Web server

virus

A program designed to infect computer systems.

Overview

Viruses are generally malicious programs created to cause damage or annoyance to computer users. The effects of viruses range from harmless but annoying messages announcing the presence of an "infection" to malicious corruption or deletion of crucial operating system and data files.

Although the term virus is generally used to refer to any form of malicious code, technically viruses that infect computer systems do so by attaching themselves to executable files, and when these files are executed the virus spreads to other files or causes various forms of damage such as lost or corrupted data. Some other related forms of "malware" (malicious software) include

• Worm: Code that infects a machine and then spreads itself to other machines on the network. Worms do not need a host application to attach themselves to as viruses do. Some worms also multiply on host machines and cause various forms of damage to operating system or user files similar to that which viruses cause.

• Logic bomb: Code that executes when certain conditions occur-for example, on a specific date of the month or year. Logic bombs are really a form of virus or worm, depending on what actions they perform when the trigger.

• Trojan: Code that masquerades as a legitimate application, usually to trick users into divulging their credentials or other sensitive information.

• Hoaxes: These are not viruses at all but simply threats of viruses. This might seem innocuous, but many industry analysts say that enterprise administrators often spend more time dealing with these hoaxes than in eradicating actual viruses, and in a business environment any time wasted is money wasted.

Viruses have many entry points in today's enterprise networks, including Internet connections, remote access connections, electronic mail, and users downloading and saving software from the Internet onto floppy disks and taking these disks to work to install the software on their office machines.

History

The first recorded PC virus was the Pakistani Brain virus detected in 1987. Since then tens of thousands of different "strains" of viruses have been detected over the years, and the rate at which new viruses are appearing is accelerating, mainly as a result of the widespread availability over the Internet of scripts that can be easily assembled to form new types of viruses. Some of the better-known viruses in the history of malware include

• Jerusalem virus: This virus, which appeared in 1990, was an .exe file that trashed the boot sector of machines it infected. It was widespread for almost five years before being eradicated and is estimated to have caused more than $50 million in damage during its lifetime.

• Concept virus: This macro virus for Microsoft Word caused about $50 million in damage before it was eradicated about four months after its appearance in 1995.

• Melissa virus: This Word macro virus appeared in 1999, was spread by e-mail, and caused an estimated $300 million in damage worldwide.

• "I Love You" virus: This VBScript virus appeared in 2000 and was also propagated by e-mail and caused an estimated $700 million in damage in less than a week.

Types

Common categories of viruses include the following:

• File virus: These are standard viruses that reproduce by attaching themselves to executable files such as .exe, .cmd, and .bat files. When the executable file is run, the virus code is executed, causing the virus to reproduce itself and inflict whatever form of damage the virus developer intends.

• Boot-sector virus: These are viruses that infect the boot sector of a floppy or hard disk and execute when the operating system is booted. They can cause various types of damage, including the total disabling of computer systems. Notorious boot viruses have included the Michelangelo virus and the Stoned virus. A related type of virus is the Master Boot Record (MBR) virus, which infects the system's MBR.

• Polymorphic virus: This type of virus modifies itself as it reproduces, causing its signature to change and making it difficult to detect by standard virus protection software unless the specific evolution algorithm is known.

• Macro virus: This is an increasingly popular form of virus consisting of a macro writing in Visual Basic for Applications (VBA) or some other scripting language and designed to execute within a word processing or spreadsheet applications such as those included in Microsoft Office. The malicious macro is inserted into a harmless document, the document is sent as an e-mail attachment to a user, and when the user opens the document the macro is executed and the virus infects the system, typically with the result that data is lost or corrupted.

Implementation

Viruses generally consist of two components:

• Propagation mechanism: This is code that, when executed, causes the virus to copy itself to other files on the system.

• Payload: This code generates the virus's effect, which may range from harmless messages appearing on the system to the entire operating system being wiped out.

Virus protection software guards enterprise computer systems from the danger of viruses by scanning potential virus-bearing files and prompting the deletion of these files. Virus protection software consists of two components:

• Virus signature: This is a file containing small portions of every known virus, and is used as a template for comparison with files for detection of virus infection. Virus signature files for virus protection software must be updated frequently, otherwise new types of viruses will not be detected and will cause damage to the system.

• Search engine: This software compares the signature file with other files on the computer to determine which files might be infected with a virus.

Marketplace

The market leaders in virus protection software include Computer Associates, McAfee, Sophos, Symantec Corporation, and Trend Micro. Popular products include Norton AntiVirus from Symantec and VirusScan from McAfee.

Prospects

Viruses seem to be an inevitable fact of life for computer users, and protecting against them is essential for any enterprise connected to the Internet. The earliest viruses were spread from user to user by swapping floppy disks. In the mid-1990s, Word and Microsoft Excel macro viruses became the bane of the office productivity worker, and many enterprises disable macros for these applications to prevent users who open e-mail attachments containing macro viruses from infecting the network. The trend at the beginning of the new millennium seems to be that e-mail viruses are the ones to fear most-many companies have had their messaging systems brought to their knees for days as a results of infections by the Melissa and I Love You viruses, and some have even shut down their in-house mail systems and begun outsourcing their messaging needs from application service providers (ASPs) or Internet service providers (ISPs) who have dedicated resources for combating such viruses when they appear. Some of the more popular ASPs offering virus-protected messaging services include Critical Path and MessageClick.

Some of the newer developments in the virus realm include

• Viruses spread by nonstandard means, such as through multimedia files. By simply visiting a Web site that automatically starts a media player application to play the file, it is possible to infect your machine with a virus. Be sure to download the latest patches from your media application vendor to reduce the chance of infection through this method.

• Viruses that target wireless devices such as cell phones and wireless Personal Digital Assistants (PDAs). The first known example was a Trojan called Liberty Crack, which infected wireless Palm Pilot systems, causing applications to be deleted on the systems. A number of vendors are working to address this critical area, including F-Secure, Finjan Software, McAfee, Symantec, and Trend Micro.

Notes

To keep viruses from proliferating on your network, you can take the following measures:

• Install virus protection software on each computer in your network and keep their virus signature files up to date at all times. This applies especially to desktop computers, file servers, and mail servers, as these types of machines are the most vulnerable. Enterprise virus protection software usually includes mechanisms for automatically updating signature files on machines across a network.

• If you have Internet connectivity, be sure that your virus protection software scans for viruses in Web content downloaded from the Internet and in attachments to Simple Mail Transfer Protocol (SMTP) e-mail messages. Many newer viruses can be downloaded from Web sites or received as attachments to e-mail messages. When the attachments are opened, the machine is infected and the virus begins to spread.

• Regularly perform backups of all-important servers and include periodic archives in your backup schedule, because many viruses do not activate for weeks or months after infection.

• Scan new computers for infection before bringing them onto the network.

• Issue a company policy prohibiting users from installing any personal programs on their desktop computers. You might even disable their floppy drives, because infection by means of a floppy is a common route to virus infection. Some companies go so far as to prevent or prohibit users from sending or receiving attachments to their e-mail, a draconian but effective measure in curbing the spread of viruses.

For More Information

You can visit the McAfee Virus Information Center at www.mcafee.com/centers/anti-virus.

See Also application service provider (ASP) ,e-mail ,hacking ,Internet service provider (ISP) ,network security ,Personal Digital Assistant (PDA) ,security ,Simple Mail Transfer Protocol (SMTP)

VLAN

Stands for virtual LAN, a group of ports on an Ethernet switch that behaves like a separate network segment.

See Also virtual LAN (VLAN)

VLSM

Stands for variable-length subnet mask, a technique for conserving Internet Protocol (IP) addresses.

See Also variable-length subnet mask (VLSM)

Voice over IP (VoIP)

An umbrella term for a set of technologies that allow voice traffic to be carried over Internet Protocol (IP) networks such as the Internet.

Overview

Voice over IP (VoIP) is one of the driving forces behind convergence in the networking and telecommunications industry. The term convergence refers to the goal of combining all forms of enterprise communications (voice telephony, fax, and data) into a single IP data stream and managing this through a single integrated system. The goal of convergence is twofold:

• To reduce costs by eliminating redundant infrastructures. For example, the typical corporate office building has two separate wiring infrastructures: voice telephony wiring and Category 5 (Cat5) or enhanced Category 5 (Cat5e) twisted-pair network wiring. Similarly, large enterprises spanning several geographical locations often have two communication infrastructures as well: Private Branch Exchanges (PBXs) linked by dedicated tie lines and leased lines for wide area networking (WAN). VoIP enables an enterprise to consolidate these two systems into a single communications infrastructure running on an IP data network, with resultant cost savings.

• To simplify management of all forms of business communication (such as e-mail, voice mail, and faxes) by consolidating all messages into a single user interface, typically in the user's e-mail Inbox.

To achieve these two goals of convergence, VoIP addresses the first issue and unified messaging (UM) addresses the second. These systems may be deployed separately or together in the enterprise, depending on business needs and goals.

Advantages and Disadvantages

Although VoIP promises to save enterprises money by avoiding costly long-distance toll charges, the expertise needed to implement VoIP and the cost of new equipment is often seen as a barrier to embracing this new technology. Other concerns often voiced by network managers include

• Latency: Because of the best effort nature of IP communications, voice communications sometimes sound garbled and contain undesirable pauses due to high jitter and latency. This is probably the number one issue that companies consider when choosing a VoIP solution. The problem is especially bad when IP traffic is routed over the public Internet, where VoIP conversations can sound like old CB radio sessions in quality. Improvements in IP quality of service (QoS) discussed below are reducing the importance of this issue, but these IP QoS solutions are complex and difficult to implement.

• Interoperability: Because there are competing VoIP standards and vendors have developed their own proprietary solutions, when a company adopts a VoIP plan it must essentially use equipment from only one vendor. Even simple IP phones with RJ-45 Ethernet jacks from one vendor usually do not work with VoIP systems from another vendor. In contrast, traditional PBXs and digital telephones from different vendors interoperate seamlessly. If a dominant VoIP standard emerges over the next few years, however, this interoperability problem might finally be resolved.

• Cost: Companies that have already invested heavily in legacy PBXs, digital phone systems, and "dumb" routers might be reluctant to abandon them to deploy all-new VoIP switching, routing, telephones, and call control equipment. The cost of the expertise needed to implement and maintain VoIP solutions must also be considered.

Despite these concerns, VoIP is encroaching steadily into large companies and will probably overtake the legacy PBX market in the next five years if trends continue.

Architecture

Most VoIP solutions developed by different vendors are still proprietary solutions that require all customer premises equipment (CPE) to be purchased or leased from a single vendor, but recently there have been moves toward standards-based VoIP solutions that should eventually allow equipment from different vendors to interoperate in a plug and play (PnP) fashion.

The main problem at this point is that competing standards have evolved in the VoIP arena, and it is still unclear which standards will dominate in the emerging VoIP industry. The main standards and protocols of relevance to VoIP are:

• H.323: The earliest VoIP systems were based on the H.323 and T.120 of protocols developed by the International Telecommunication Union (ITU) for audio, video, and data communication and conferencing over IP networks. H.323 works well but is complex to implement-a typical H.323 VoIP system includes end-user stations known as VoIP terminals, gateways for translating between IP networks and telephony networks, gatekeepers for handling calling functions, and multipoint control units (MCUs) for handling multipoint conferencing. In addition to its complexity, H.323 also suffers from considerable protocol overhead because it was originally designed to support video communications. Nevertheless, most VoIP vendors have built their systems around H.323, and it is still considered the primary standard for interoperability between different VoIP systems.

• Session Initiation Protocol (SIP): This is an application-layer control protocol defined in RFC 2543 that is designed to allow different telephony, data networking, and VoIP equipment to communicate with one another. SIP is a lightweight protocol with much less overhead than H.323 and is seen by some industry analysts as the logical successor to H.323.

• Media Gateway Control Protocol (MGCP): This protocol is defined in RFC 2705 and is designed to translate between the voice traffic carried on the Public Switched Telephone Network (PSTN) and IP traffic carried on the Internet. MGCP is a master/slave protocol that enables media gateway controllers and media gateways to communicate with each other and to control IP telephony terminal equipment. MGCP has been implemented in some VoIP systems but is being phased out in favor of the newer Megaco/H.248 standard.

• Megaco/H.248: This protocol is a joint effort of the Megaco working group of the Internet Engineering Task Force (IETF) and the ITU-T Study Group 16. Megaco/H.248 is the successor to MGCP and includes additional features that support peer-to- peer communication and simplified implementation of media gateways and controllers.

For more information on the different VoIP protocols, see the individual entries about them elsewhere in this book.

Implementation

VoIP is all about saving cost for companies, and there are a variety of ways in which it can be implemented using the various architectures outlined previously. One important scenario is for linking offices to eliminate long-distance calling costs. The traditional way for companies to do this has been to connect the PBXs in two offices using tie lines. A tie line is a dedicated connection used for both signaling and call transfer between PBXs. This approach is called a "toll bypass" solution because it bypasses the tolls levied for traditional long-distance traffic, in effect emulating a "toll- free" solution.

Tie lines are usually implemented over T1 lines. For offices relatively near each other, the monthly cost of leasing T1 lines for this purpose can be less than the accumulated cost of a month's long-distance calls between the offices, but when the distance between offices is great, the T1 line costs become excessive as they are billed by the mile for most U.S. telcos. Another problem is that a separate tie line must be deployed between each pair of offices-calls cannot be routed across multiple call lines.

Voice over IP (VoIP). Two common types of VoIP solutions.

VoIP can save costs in this situation by routing voice traffic over existing data lines between offices, also typically T1 lines for large companies. This means instead of needing two T1 lines between offices (one for data and one for tying PBXs together) companies need only one line (voice and data combined). In addition, companies do not need T1 lines between every pair of offices (full mesh topology), as IP packets can be routed across the enterprise provided there is at least one path between each pair of offices (partial mesh).

A more general VoIP solution is to replace existing PBXs with VoIP-enabled routers that perform gateway and gatekeeper functions to handle call setup and routing. One hidden cost in this "all-IP" approach is that traditional digital phones costing about $50 must be replaced by special IP phones often costing hundreds of dollars. This approach to VoIP, championed by Cisco Systems, is sometimes referred to as an IP PBX approach since it completely replaces existing legacy PBX systems. Companies that have invested heavily in legacy PBX equipment may be reluctant to follow this route also and may instead prefer to use VoIP for replacing PBX tie lines to continue leveraging their investment in legacy equipment. Alternatively, some VoIP vendors such as Nortel Networks offer a VoIP gateway approach that let the legacy PBXs continue to handle call processing while line-provisioning is performed by specialized VoIP routers and servers.

Marketplace

Cisco has been the dominant player in the high-end enterprise VoIP market for some time. In fact, Cisco itself uses VoIP across its company, and with more than 10,000 IP phones deployed around the organization, this is still probably one of the largest and most successful VoIP implementations around. Cisco has developed a special architecture for VoIP solutions called Architecture for Voice, Video, and Integrated Data (AVVID) that consisting of three layers: switching and routing infrastructure for routing IP traffic, applications such as Cisco Call Manager running Microsoft Windows 2000 servers for implementing call control, and wired or wireless IP telephones. In the infrastructure area, for example, Cisco 2600, 3600, and AS5300 routers and Cisco Catalyst 6009 switches all support the H.323 standards and can function as H.323 gateways and gatekeepers for building highly scalable VoIP solutions. Cisco's AVVID architecture is straightforward in concept and can effectively scale to more than 100,000 users to meet the needs of the largest enterprise.

The approach taken by Avaya, which, together with Nortel, represents the two dominant players in the legacy PBX market in the United States, is adapted specifically to its own proprietary line of PBX equipment, and scales to 10,000 users for large VoIP deployments. The advantage here is that Avaya offers a clear upgrade path from using its legacy PBXs to move to an all-IP telephony solution. Nortel's Call Pilot solution also supports up to 10,000 users and is popular in Europe but just emerging in the U.S. market. Another large player is Alcatel, whose VoIP solution supports legacy PBX connections and whose call control applications run on UNIX platforms. Alcatel even offers an IP Telephony Starter Kit to enable small companies to quickly and painlessly roll out a VoIP solution. This kit includes an Alcatel OmniStack 6024 Ethernet switch, an OmniPXC 4400 IP PBX, and 10 IP Reflex telephones.

Some larger telecommunication carriers such as AT&T and WorldCom are now offering their own VoIP solutions using Cisco 2600 and 3600 routers deployed at the customer premises in a VoIP gateway approach. AT&T integrates its VoIP solution with Internet access and virtual private network (VPN) support to provide an all- in-one communications infrastructure solution for its customers.

Notes

Despite the great attention garnered by VoIP in the press, other technologies also can serve well for various needs in the enterprise, namely:

• Voice over frame relay (VoFR): Standards for this technology are more mature than for VoIP, and VoFR is a good option to consider for replacing tie lines between PBXs in branch offices. Instead of connecting branch offices in pairs using dedicated point-to-point T1 lines, frame relay assembler/disassemblers (FRADs) are used to connect all the offices using the carrier's frame relay cloud. VoFR then multiplexes voice traffic and compresses them into packets and routes them between each pair of offices using permanent virtual circuits (PVCs) preconfigured by the carrier to simulate point-to-point links.

• Voice over High-level Data Link Control (VoHDLC): This is another good solution for point-to-point connections, and, like VoFR, it supports multiplexing and compression of voice traffic. The downside here is that HDLC is a Cisco proprietary Layer 2 protocol, so implementing it means you have to go with only one vendor.

The main advantage VoIP has over both of these alternative technologies is scalability-both VoFR and VoHDLC require that voice traffic be encoded and decoded multiple times in transit, and this adds overhead that limits the scalability of these technologies. In contrast, VoIP can be used on IP networks of any size, including the largest of networks, the Internet. The downside of VoIP, of course, is that IP is a best effort packet delivery service with no intrinsic quality of service (QoS). As a result, the quality of voice communications can be poor when using VoIP, especially over a large network such as the Internet, and can result in unacceptable levels of latency, jitter, and dropouts. However, by employing special standards and protocols such as 802.1p, 802.1Q, Resource Reservation Protocol (RSVP), and Multiprotocol Label Switching (MPLS), QoS can be added to IP to the point where voice quality approaches that offered by VoFR, VoHDSL, or even the PSTN.

Another alternative that is used by only a few large companies is Voice over Asynchronous Transfer Mode (VoATM), which provides excellent voice quality since ATM technology has built-in support for QoS. The problem is that to implement VoATM you already need an underlying ATM network connecting branch offices, and only a limited number of large enterprises have implemented ATM across the WAN due to the high cost and complexity of this solution.

An emerging technology gaining a lot of attention is Voice over Digital Subscriber Line (VoDSL), which enables carriers to provision multichannel voice and data communications over Symmetric Digital Subscriber Line (SDSL). Since SDSL is relatively cheap compared to T1 lines, this is an attractive option for certain IP telephony solutions. A typical VoDSL solution involves placing an integrated access device (IAD) at the customer premises, which is connected to both telephone equipment and the computer network. Most VoDSL IADs currently support only 16 voice channels, so this solution is currently marketed mainly toward small and mid-sized businesses. One difficulty is that VoDSL works only with SDSL and does not support the more commonly available Asymmetric Digital Subscriber Line (ADSL) technology. This limits its availability in some areas, but this will still be a technology to watch in the next few years. Vendors of first- generation VoDSL equipment include Copper Mountain Networks, Jetstream Communications, and Tollbridge Technologies.

See Also 802.1p ,802.1Q ,Asynchronous Transfer Mode (ATM) ,Digital Subscriber Line (DSL) ,frame relay ,Frame Relay Access Device (FRAD) ,H.323 ,High-level Data Link Control (HDLC) ,Internet Protocol (IP) ,IP PBX ,IP telephony ,jitter ,latency ,Megaco ,Multiprotocol Label Switching (MPLS) ,permanent virtual circuit (PVC) ,Private Branch Exchange (PBX) ,Public Switched Telephone Network (PSTN) ,Resource Reservation Protocol (RSVP) ,session initiation protocol (SIP) ,Unified Messaging (UM)

voice profile for Internet mail (VPIM)

An Internet Engineering Task Force (IETF) specification that defines a unified way of transmitting voice mail and fax messages over the Internet.

Overview

Voice profile for Internet mail (VPIM) uses e-mail systems that support Multipurpose Internet Mail Extensions (MIME) and Simple Mail Transfer Protocol Service Extensions (ESMTP) standards for Internet messaging. VPIM can also be deployed over corporate intranets for integrated business messaging solutions. VPIM includes a proposed directory service that enables lookup of routable addresses and includes a mapping specification to support interoperability with other voice messaging systems.

VPIM defines the mechanisms by which voice mail and fax messages can be exchanged between Simple Mail Transfer Protocol (SMTP) mail servers on a Transmission Control Protocol/Internet Protocol (TCP/IP) internetwork. However, VPIM leaves open the way in which specific mail clients interface with these SMTP servers to send and receive voice and fax messages, which will initially be accomplished by implementing VPIM helper applications. VPIM is implemented as a MIME profile, which allows voice and fax information to be encoded using any SMTP mail server that supports MIME. You can implement VPIM by running additional VPIM software on existing SMTP mail servers or by installing VPIM-SMTP gateways on the TCP/IP internetwork. VPIM gateways support messaging between telephones, cell phones, fax machines, pagers, and computers. VPIM will be able to use Lightweight Directory Access Protocol (LDAP) or X.500-based directories for white pages lookup to address messages to users.

Notes

VPIM is supported by the popular UNIX mail forwarder software called Sendmail; other vendors are also implementing VPIM. The current standard, VPIM v2, can be found in RFC 2421, and VPIM v3 is under development.

For More information

Find our more about VPIM at www.ema.org/vpimdir.

See Also ESMTP ,Internet Engineering Task Force (IETF) ,Lightweight Directory Access Protocol (LDAP) ,Multipurpose Internet Mail Extensions (MIME) ,Simple Mail Transfer Protocol (SMTP) ,X.500

VoIP

Stands for Voice over IP, an umbrella term for a set of technologies that allow voice traffic to be carried over Internet Protocol (IP) networks such as the Internet.

See Also Voice over IP (VoIP)

VoIP gateway

A device used in Voice over IP (VoIP) systems.

Overview

A VoIP gateway is a device that allows telephone calls to be transmitted over Internet Protocol (IP) backbone networks by converting voice signals into IP packets and transmitting them over the network. The reverse process then takes place at the other end of the call.

Most VoIP gateways are chassis-based units that have either digital or analog built-in Private Branch Exchange (PBX) interfaces. A device called a gatekeeper keeps track of IP address to phone number mappings for routing calls between different gateways. Built-in local area network (LAN) or wide area network (WAN) interfaces, or both, are included for connecting the gateway to the IP backbone. Some gateways also have built-in routing capabilities. The LAN interface is usually Ethernet, but some gateways support Token Ring. The WAN interface is typically T1 or E1, but smaller gateways designed for Small Office/Home Office (SOHO) environments support Integrated Services Digital Network (ISDN) interfaces. The number of voice interfaces per chassis typically ranges from 72 to 960, depending on the vendor. Voice interfaces are typically the digital signal cross-connect level (DSX-1) type, but some gateways also support the foreign exchange station (FXS) type interfaces for direct attachment of analog telephones.

Notes

When shopping for a VoIP gateway, consider the following:

• Audio quality should be your primary consideration. The audio quality with low traffic congestion should be close to that of a digital PBX. With heavy traffic congestion, latency and jitter should remain low enough that voice quality is acceptable to average users. A packet loss of 15 percent or more results in transmission with borderline intelligibility; delays of over 700 milliseconds are unacceptable to most users.

  

  VoIP gateway. Using a VoIP gateway to implement Voice over IP.

• Find out what extra features are supported by the gateway, such as dialed number identification service (DNIS) for call routing, automatic number identification (ANI) and caller ID for identifying the incoming caller, and interactive voice response (IVR) for creating telephone menus.

• VoIP gateway technologies are still evolving, so equipment from different vendors might not interoperate, even if the vendors claim to support the H.323 standards of the International Telecommunication Union (ITU). You should therefore buy VoIP from a single vendor, especially if you have an enterprise implementation with many gateways.

• If you are concerned about eavesdropping on voice conversations on IP networks such as the Internet, be sure that your gateways support the H.245 encryption standard. The alternative practice of using a virtual private network (VPN) gateway to encrypt VoIP traffic usually results in additional incompatibility problems. Also be aware that it is difficult to configure a VoIP gateway to operate across a firewall that hides network IP addresses using network address translation (NAT), especially if the traffic is encrypted.

See Also Integrated Services Digital Network (ISDN) , Internet Protocol (IP) ,Private Branch Exchange (PBX) ,

volume

A bounded amount of disk storage.

Overview

In MS-DOS and early Microsoft Windows platforms, a volume is a portion of a hard disk that can be formatted with a file system and can have a unique drive letter assigned to it. In Windows 2000, Windows XP, and Windows .NET Server, a volume is a logical storage entity composed of portions of one or more physical disks. Volumes can be formatted using the NTFS file system (NTFS) or file allocation table (FAT) and can be assigned a drive letter.

Windows 2000, Windows XP, and Windows .NET Server support two different types of disk storage:

• Basic storage: Supported for backwards compatibility with Windows NT version 4 or earlier and can include primary partitions, extended partitions, logical drives, volume sets, mirror sets, stripe sets, or stripe sets with parity

• Dynamic storage: Volumes created using the Computer Management snap-in for the Microsoft Management Console (MMC) that can include simple volumes, spanned volumes, striped volumes, mirrored volumes, or RAID 5 volumes

See Also basic volume ,dynamic volume ,storage

volume set

A single volume created using discontiguous free areas on hard disks.

Overview

Volume sets can be created in Microsoft Windows NT by combining between 2 and 32 free areas on your disk drives. You can extend a volume set formatted with the NTFS file system (NTFS) without having to reformat the entire volume. In Windows 2000, Windows XP, and Windows .NET Server, volume sets are instead called spanned volumes and are created using the Computer Management snap-in for the Microsoft Management Console (MMC).

Notes

Note that in Windows NT the system and boot partitions cannot be on volume sets.

See Also stripe set ,

VPIM

Stands for voice profile for Internet mail, an Internet Engineering Task Force (IETF) specification that defines a unified way of transmitting voice mail and fax messages over the Internet.

See Also voice profile for Internet mail (VPIM)

VPN

Stands for virtual private network, a technology for securely connecting a computer or network to a remote network over an intermediate network such as the Internet.

See Also virtual private network (VPN)

V-series

A series of communication standards developed by the International Telecommunication Union (ITU).

Overview

V-series protocols define methodologies for exchanging data over digital telephone networks. Standards below V.100 define:

• Signaling methods used by serial communication interfaces used in telephony.

• Techniques such as flow control and error control used in communication between data terminal equipment (DTE) such as computers and data communications equipment (DCE) such as modems and multiplexers.

Standards V.100 and higher deal with issues relating to internetworking the telephone system with other types of networks such as packet-switching networks such as X.25.

The following table describes some of the more popular V-series standards relating to modems and other serial interface standards.

See Also Channel Service Unit/Data Service Unit (CSU/DSU) , International Telecommunication Union (ITU) ,modem ,RS-232 ,serial transmission ,

Microsoft Encyclopedia of Networking

ISBN: 0735613788
EAN: 2147483647

Year: 2002
Pages: 36

Authors: Mitch Tulloch, Ingrid Tulloch

BUY ON AMAZON