Stands for registration authority, a company or organization that is responsible for receiving and validating requests for digital certificates and public/private key pairs.
See Also registration authority (RA)
Also called an equipment rack, a metal frame for holding and organizing networking devices.
Overview
Racks offer a way to organize equipment in a wiring closet. Racks can be either wall-mounted or freestanding and come in various heights and standard widths, with 19 inches being by far the most common width. This width is measured between the mounting holes on the rack where equipment is mounted-the actual width of the rack itself is usually several inches wider. The two most common heights for racks are 48 and 83 inches. On industry-standard racks, the holes on the frame are spaced 1.75 inches apart vertically, a distance symbolized as a "U" or "unit" of rack space. If a piece of networking equipment is described as 3U, it therefore occupies 3 x 1.75 = 5.25 inches of vertical space once it is mounted in the rack. A 48-inch rack is 21U in height, meaning it can hold a total of 21 1U devices (or some other combination of devices). An 83-inch rack is 42U in height.
Racks usually come with a variety of accessories. Cable organizers, for example, allow you to run bundled cabling down the side or back of the rack to avoid "spaghetti." You can use sliding shelves or drawers to incorporate odd-sized equipment in racks for easy access for configuration and wiring. Vented sides and fan trays help circulate air to keep equipment from overheating. By attaching a locking plastic or glass door, you can convert some racks into cabinets for more secure storage.
Wall-mounted racks allow you to organize equipment in areas with limited floor space. If your area is prone to earthquakes, it is a good idea to bolt the base of the rack to the floor to protect your equipment.
Rack. Example of a typical equipment rack.
Uses
A rack-mountable unit is a device designed to be mounted in a rack. Such rack-mountable devices include servers, hubs, routers, Ethernet switches, patch panels, uninterruptible power supply (UPS) devices, and so on. Rack-mountable servers deserve special attention, as use of these devices in enterprise environments and Internet data centers has grown exponentially in recent years. Numerous manufacturers produce a variety of 1U and 2U rack-mount servers, including Compaq Computer Corporation, Dell Computer Corporation, Hewlett-Packard, and IBM. These servers often support hot-pluggable drives, dual 10/100 or 100/1000 network interface cards (NICs) with automatic failover, embedded hardware redundant array of independent disks (RAID), and other advanced features designed to enhance their reliability and ease of use. Storage appliances from many vendors also come in rack-mount format for easy interfacing with rack-mount servers. Another popular approach is to provide a complete Web server in a 1U appliance format, something widely used by Web hosting companies.
A novel approach is ClearCube Technology's C3 architecture, which provides a rack-mountable chassis into which up to eight fully functional CPU (central processing unit) blades (fully functional PCs in the form of a blade) can be inserted. C3 is essentially a desktop management solution where desktop PCs are replaced by C3 cage units that are centrally located in a server room or wiring closet. Instead of PCs residing on users' desks, they have a mouse, keyboard, monitor, and a small C/Port box that is connected to the cage using Category 5 (Cat5) network cabling. The C3 architecture allows these C/Port boxes to be located up to 600 feet (183 meters) from the cage. The advantage is that when a problem occurs with a user's computer, you can repair it in the server room instead of walking over to the user's work area. The C3 architecture also simplifies the process of operating system and application installations and upgrades, and it minimizes the potential of users damaging their workstations.
Notes
A ladder rack is a modular rack system for supporting cable runs in walls, false floors, and false ceilings, not a rack for mounting servers and other networking devices.
See Also cabinet ,cabling
Stands for Remote Authentication Dial-In User Service, an industry-standard security protocol for dial-up data networking services.
See Also Remote Authentication Dial-In User Service (RADIUS)
Stands for Rate-Adjusted Digital Subscriber Line, a Digital Subscriber Line (DSL) technology.
See Also Rate-Adjusted Digital Subscriber Line (RADSL)
Stands for redundant array of independent disks, a group of technologies that enhance the performance and/or fault tolerance of disk storage systems.
See Also redundant array of independent disks (RAID)
Stands for redundant array of independent tapes, a technology that enhances the fault tolerance of tape backup systems.
See Also redundant array of independent tapes (RAIT)
A Digital Subscriber Line (DSL) technology.
Overview
Rate-Adjusted Digital Subscriber Line (RADSL) is similar to Asymmetric Digital Subscriber Line (ADSL) but includes support for real-time allocation of bandwidth based on line quality. This makes RADSL more flexible and reliable than traditional ADSL, as it can accommodate changing line conditions to ensure that traffic is efficiently transported. Like ADSL, RADSL is an asymmetric technology that typically supports speeds up to 7 megabits per second (Mbps) in the downstream direction and up to 1.5 Mbps upstream.
See Also Asymmetric Digital Subscriber Line (ADSL) ,Digital Subscriber Line (DSL)
Stands for Regional Bell Operating Company, a large incumbent telco.
See Also Regional Bell Operating Company (RBOC)
A UNIX command for copying files to or from remote hosts.
Overview
Rcp is one of the popular r-commands available on all UNIX platforms. Rcp uses Transmission Control Protocol (TCP) to ensure reliable delivery of data between the client and the host. Rcp can be scripted in a batch file and does not require a password. The remote host must be running the rshd service, and the user's username must be configured in the remote host's .rhosts file.
Rcp is implemented on the Microsoft Windows 2000, Windows XP, and Windows .NET Server platforms, but this version includes only rcp client software and not rshd services.
See Also Transmission Control Protocol (TCP) ,UNIX
Stands for Remote Desktop Protocol, a protocol for terminal-based computing.
See Also Remote Desktop Protocol (RDP)
A nonprofit organization with a content advisory system for Web sites on the Internet.
Overview
The system, known as RSACi (Recreational Software Advisory Council on the Internet), allows Web site administrators to rate their sites according to degrees of potentially objectionable content. There are four basic types of content, each with five levels, rated from 0 to 4. The content areas are Sex, Nudity, Violence, and Offensive Language.
By rating their Web sites according to the RSACi system, Web site administrators can help adults protect children from content that might be objectionable. Microsoft Internet Explorer has built-in client support for the RSACi system, which is administered using a password-protection scheme. Popular Internet portals such as America Online (AOL), Microsoft Network (MSN), and Yahoo! employ the RSACi system.
For More Information
Visit RSAC at www.rsac.org
A type of Domain Name System (DNS) query.
Overview
In a recursive query, the resolver contacts a name server to perform a name lookup, and the name server either returns a result or an error. The name server cannot refer the client to a different name server, but it can forward the query directly to another name server if it has a forwarder configured.
When a name lookup is performed on a name server, the resolver sends a recursive query to a nearby name server. If the name is outside the name server's zone of authority, the name server cannot resolve the name and returns an error unless it is also configured as a forwarder. If this is the case, the nearby name server performs an iterative query on a root name server, which then responds with the Internet Protocol (IP) address of a name server whose zone of authority includes the desired top-level domain. Further iterative queries are performed until the name is resolved into its IP address or an error is produced.
See Also inverse query ,iterative query
A process whereby a Web server forwards a request for a file to a different directory, Web site, or application.
Overview
Redirection enables client requests to always be fulfilled, even when content in a site is being updated or if the name of a virtual directory has been changed. For example, if you want to replace an old version of a page named old.htm with a newer version named new.htm, but you do not want to alter the navigational structure of your site or bother users with a notice of the change, you can enter a <META> tag in the <HEAD> section of the old.htm file to redirect browsers to the new page.
Examples
For example, the following tag in the <HEAD> section of the old page causes a browser accessing that page to be redirected to the new page after viewing the old page for 3 seconds:
<META HTTP-EQUIV="REFRESH" CONTENT="3;URL=NEW.HTM">
You can place a notice on the old page such as, "This page will be redirected to its newer version in 3 seconds."
Notes
The term redirection is also used in printing. For example, if you are trying to print some documents but a print device has failed, Microsoft Windows 2000, Windows XP, and Windows .NET Server let you redirect all outstanding jobs for the print device to another print device that uses the same printer driver as the failed device. To redirect your pending documents, follow these steps:
Open the property sheet for the failed print device and select the Ports tab.
Click the Add Port button, select Local Port, select New Port, and enter the Universal Naming Convention (UNC) path for the second print device.
Click OK, and then click Apply.
See Also Web server
A networking component on a client machine enabling the client to access shared network resources.
Overview
The function of a redirector is to make it appear to the client that shared network resources are located on the local machine instead of elsewhere on the network. On a machine running Microsoft Windows 2000, the Workstation service is the default redirector. However, you can install multiple redirectors in Windows 2000 if you need to provide users with connectivity to different file systems.
The Windows 2000 redirector is implemented in the form of a file system driver. When a client program requests a network resource, the request is handed to the I/O Manager, which calls the redirector. The redirector translates the request into Server Message Block (SMB) requests for transmission over the network to the Server service on the remote computer.
See Also Server Message Block (SMB)
A group of technologies that enhance the performance or fault tolerance, or both, of disk storage systems.
Overview
Redundant array of independent disks (RAID) technologies were conceived in the late 1980s as a way of preventing input/output (I/O) and disk storage from becoming the bottleneck in the emerging PC architecture. This was because at the time, processor and memory technologies were growing exponentially while capabilities and costs of disk storage were changing only incrementally. The original meaning of RAID was "redundant array of inexpensive disks," which highlighted the original purpose of RAID technologies as a means of utilizing the relatively low cost of commodity PC disk drives to provide storage solutions comparable to much more expensive mainframe disk storage platforms. By utilizing such technologies as mirroring, striping, and parity, RAID solutions soon emerged as the storage platform of choice for the PC server platform, a place which it still holds today, since RAID technologies have become integrated into network attached storage (NAS) and storage area network (SAN) technologies as well.
Types
The various levels of RAID that are currently defined include the following:
RAID 0: Also called disk striping, this approach sees data written across the group of drives in stripes. Such "stripe sets" do not support any fault tolerance, but they do provide fast read/write performance. RAID 0 is most frequently employed in an environment where very large files (such as video or medical imaging files) need to be saved and read.
RAID 1: Also called disk mirroring, this method has data written simultaneously to two (or more) disks, making one disk drive a mirror image of the other. Using mirror sets improves read performance slightly but has no effect on a single disk system for write performance. RAID 1 is frequently used for mission-critical servers such as authentication servers, e-commerce servers, and so on.
RAID 2: Sometimes referred to as disk striping with error checking and correcting (ECC) or Hamming Code ECC, in this method information is striped (written across) bitwise across several disks and error checking information is calculated and written to a specially designated disk. RAID 2 has slow I/O and is rarely used.
RAID 3: Sometimes known as disk striping with parity or parallel transfer with parity, in this approach data is striped to a disk set and parity information is written to a single disk for error recovery. I/O performance is not good and this method is rarely used nowadays.
RAID 4: Sometimes referred to as disk striping with large stripes, here entire records are written to single drives, and parity information is stored on a single disk for error recovery. Write contention makes this method undesirable in most situations, and it is rarely used.
RAID 5: Also known as disk striping with parity, here both the data and parity information are striped across all disks in stripes to provide full data recoverability in case any single drive fails. Disk striping with parity is an excellent way to protect data from the downtime caused by disk failures and is widely used in enterprises of all sizes. RAID 5 requires a minimum of three disks in order to work.
RAID 6: Sometimes called disk striping with two parity schemes, this is an extension of RAID 5 that has additional fault tolerance built in and is designed to protect data against multiple simultaneous failed disk drives. Interest in this technology is growing in the enterprise networking arena, especially for high-availability e-commerce sites.
RAID 10: Sometimes known as disk striping with disk mirroring, this is an expensive solution that has the same level of fault tolerance as RAID 1 together with the rapid I/O support of RAID 0. It is not commonly used due to the high cost of implementing it (every disk in the stripe set must be mirrored with a second disk). The "10" in RAID 10 is really 1+0 and the technology is sometimes called RAID 1+0 or RAID 0+1 to indicate more clearly what it is about.
RAID 53: Sometimes called disk striping of stripe sets, this approach uses a stripe set (RAID 0) of individual RAID 3 disk arrays. RAID 53 has the same level of fault tolerance as RAID 3 and is very expensive and therefore not commonly used. The name RAID 53 is something of a misnomer, since one might more likely guess the designation to be RAID 30 = RAID 3+0.
Implementation
The two basic approaches to implementing RAID are
Software RAID: This involves adding multiple Small Computer System Interface (SCSI) drives to the motherboard of a PC server and managing these drives as a RAID system using specialized software such as the built-in RAID support of Disk Management in Microsoft Windows 2000 Server, Windows XP, and Windows .NET Server.
Hardware RAID: This utilizes separate storage units with dedicated I/O and integrated processing to provide better performance than software RAID but at a higher price. Popular hardware RAID-5 units often have hot-rebuild, hot-swap, and hot- spare capabilities to protect business-critical data and ensure high availability.
RAID. The three common RAID technologies.
Prospects
Different vendors have proposed a number of other RAID levels, including RAID 6, which employs high- speed caching and a real-time embedded operating system to support asynchronous transfers, and RAID 1+5, which combines the features of both mirroring and striping with parity. Land-5's RAIDn technology is one example of RAID 1+5, and this technology is expected to make inroads in the enterprise over the next few years. The most popular RAID levels, however, are still RAID 0, 1, and 5, and Windows 2000 Server supports all three of these storage technologies.
Another emerging approach is to integrate hardware RAID directly onto the motherboards of servers. This approach is expected to yield commodity PC servers costing less than $1,000 with built-in hardware RAID levels 0, 1, and 5 support.
For More Information
Visit the RAID Advisory Board at www.raid-advisory.com
See Also fault tolerance ,storage
A technology that enhances the fault tolerance of tape backup systems.
Overview
What redundant array of independent disks (RAID) is for disk storage technology, redundant array of independent tapes (RAIT) is for tape drives. RAIT employs multiple tape drives working together in synchronization to stripe incoming data across multiple backup tapes simultaneously. This provides a speed advantage for writing data to tape but poses some issues in the area of reading or modifying information stored on tapes. For example, the archived data is not accessible unless all of the tapes are available to be read. Furthermore, if even one byte of a large archived file needed to be modified, the entire file would need to be rewritten. However, data archived to tape rarely needs to be modified, but rather read for restore purposes.
To overcome this reading limitation, RAIT 5 was developed, the counterpart of RAID 5 stripe set with parity disk storage technology. RAIT 5 distributes parity information across multiple tapes in a RAIT system. Then, when data needs to be restored from tape, this can be done even if one tape is corrupt or missing. The restore process will be slow, but the fault-tolerant aspect of RAIT 5 is appealing to large enterprises that need to archive large amounts of data to tape.
See Also backup , tape drive
A large incumbent telco.
Overview
Regional Bell Operating Companies (RBOCs) are regional telcos that were created as a result of the 1983 divestiture of the American Telephone and Telegraph (AT&T) telephone system, also known at the time as the "Bell System" or "Ma Bell." The divestiture divided the telephone company landscape into two parts:
Incumbent Local Exchange Carriers (ILECs): These carriers owned the local loop in their particular coverage areas and provided local telephone services to their subscribers. The divestiture was done to end AT&T's monopoly over the U.S. telephone system. The company was broken up into several dozen smaller Bell Operating Companies (BOCs), each of which was to supply telephone services to local loop subscribers in a given geographical area. Seven larger Regional Bell Operating Companies (RBOCs) were also created, each consisting of two or more BOCs. In addition to the BOCs and RBOCs, dozens of small independent LECs also serviced different areas of the country. The seven original RBOCs were Ameritech, Bell Atlantic, BellSouth Corporation, Nynex, Pacific Bell Telephone Company (PacBell), Southwestern Bell Telephone Company, and US West.
Inter-exchange carriers (IXCs): These companies provided long-distance services for subscribers through the ILECs' local loop. AT&T was left to function as the first IXC, and is joined today by Sprint Corporation and Worldcom to form the "big three" long-distance carriers.
The telephone systems landscape began to change with the passage of the Telecommunications Act of 1996. The act allowed RBOCs and independent LECs to compete with existing IXCs for long-distance carrier business, allowed mergers between telephone companies depending on FCC approval, and essentially opened up the telecommunications market to all kinds of companies, including cable television companies.
Of the seven original RBOCs, only four remain today:
SBC Communications: This company merged with Ameritech and PacBell and is the largest RBOC.
Verizon Communications: Formerly called Bell Atlantic, this company merged with Nynex and GTE and then renamed itself Verizon, and is the second largest RBOC.
Qwest Communications: This company bought US West.
BellSouth: This is the only remaining original RBOC.
Prospects
Some RBOCs-Verizon and SBC, in particular-are beginning to compete in the long-distance market long controlled by the IXCs, at least in their home states. Alignments between RBOCs are also occurring, such as the Cingular venture between BellSouth and SBC, which created the second largest wireless network in the United States. (Verizon, which bought Vodafone, has the largest such network, and AT&T is in third place).
Some industry analysts see the consolidation in the RBOC market as an indication of the failure of the Telecommunications Act of 1996, since the legislation was intended to foster competition and diversify the telecom landscape rather than lead to greater consolidation and fewer choices for consumers. However, the "Big Four" RBOCs are now large enough to be in a position to compete with the "Big Three" IXCs, and the eventual result will hopefully be a wider variety of services and lower prices for business and residential consumers.
The Competitive Local Exchange Carrier (CLEC) "bubble" of the late 1990s has largely burst, and many CLECs have been acquired by RBOCs, IXCs, or other communication companies. CLECs, which were mostly startups reselling Digital Subscriber Line (DSL) services obtained from RBOCs, depended upon the good will of RBOCs for obtaining access to telco central offices (COs) to colocate their switching equipment, and some RBOCs frequently dragged their feet in this regard, putting many CLECs in an untenable business position. The result is that the DSL market is now dominated by the RBOCs, with SBC, Verizon, and Qwest being the top three in this market. SBC partnered with CLEC Covad Communications to gain top position in the DSL market, and Verizon acquired NorthPoint Communications for similar purposes. Qwest (through US West) and SBC are also extending DSL services beyond their own home regions.
From an enterprise networking perspective, most large businesses have a kind of love-hate relationship with their RBOC. They love the reliability of RBOC telecommunication services that have matured over many years but hate the high prices and being locked into a single vendor. RBOCs are often slow to provision new high-speed data services, and offer services such as T1 (1.5 megabits per second [Mbps]) and T3 (45 Mbps) but provide few intermediate options between these services. Although the RBOCs will undoubtedly reign supreme in the residential consumer market for years to come, they face stiff competition to their control of the local loop from the new metropolitan Ethernet providers such as Yipes Communications, which has rolled out fiber-based Gigabit Ethernet (GbE) metropolitan area networks (MANs) in large urban areas around the United States.
See Also central office (CO) ,Competitive Local Exchange Carrier (CLEC) ,Incumbent Local Exchange Carrier (ILEC) ,inter-exchange carrier (IXC) ,metropolitan Ethernet ,T-carrier ,telco
A company or organization that is responsible for receiving and validating requests for digital certificates and public/private key pairs.
Overview
A registration authority is part of a public key infrastructure (PKI) for implementing public key cryptography. The RA receives a certificate request and verifies the identity of the requestor using acceptable forms of identification, which can be communicated face to face, over the telephone, by mail or courier, or in another secure fashion that is acceptable to the RA. Identification can include a driver's license, Social Security number, or another unique identifier for the requestor. If the RA approves the request, it contacts the certificate authority (CA) in the PKI and asks it to issue the requestor the desired digital certificate and key pair. The RA and CA are often different entities within the same company or organization.
See Also public key cryptography ,public key infrastructure (PKI)
The database containing configuration information on Microsoft Windows platforms.
Overview
The registry is a hierarchical database in which Windows stores information such as configuration information for installed hardware and software, registered document types, user profiles, property settings for icons, ports being used, and so on. The registry in 32-bit versions of Windows replaces the INI files, such as Win.ini and System.ini, that were used in the 16-bit versions Windows 3.1 and Windows for Workgroups 3.11.
Implementation
The registry in Windows 2000, Windows XP, and Windows .NET Server is logically divided into five subtrees, each containing a hierarchical collection of keys and subkeys (analogous to folders and subfolders in a file system) that themselves contain values (analogous to files). Physically, the registry consists of a series of hives and their associated transaction files located in %SystemRoot%\system32\config.
In Windows 98 and Windows Millennium Edition (Me), the logical structure is similar to that of Windows 2000, Windows XP, and Windows .NET Server, but the physical format is incompatible. A sixth subtree called HKEY_DYN_DATA is created dynamically and is used for performance measuring and Plug and Play configuration. The registry consists of dynamic information stored in RAM (random access memory) and two files in the %Win_Root% directory: system.dat, which stores computer-specific information, and user.dat, which stores user-specific information.
Notes
The main tool you should use to modify the registry is Control Panel, which provides a number of utilities for safely configuring different aspects of the system's hardware and installed software. If you want (or need) to dig deeper into the registry, use the registry editor. You can use the regedit or regedt32 tools instead, but do so carefully-a single wrong value can render your operating system unbootable!
The hierarchical path that locates a file or folder on a file system starting from the current directory.
Overview
The relative path is different from the absolute path, which locates the file or folder starting from the root of the file system. For example, if the current directory is C:\Windows, the relative path to the executable for the game of Solitaire, which is located in the current directory, is simply the name of the executable-sol.exe. If the current directory is C:\Windows\System, the relative path to Solitaire is ..\sol.exe.
In a UNIX file system, the syntax for relative paths is similar, except that it uses forward slashes instead of backslashes to separate levels in the file system hierarchy.
Notes
The idea of a relative path is also used in other naming contexts. For example, in Active Directory directory service of Microsoft Windows 2000 and Windows .NET Server, you can uniquely and globally specify directory objects using the object's distinguished name, which provides a kind of absolute path within the directory starting at the root and terminating at the desired object. For example, the object representing the user Mitch Tulloch in the domain northwind.expedia.com has this distinguished name:
DC=com,DC=expedia,DC=northwind, OU=Users,CN=Mitch Tulloch
If a search context is established as the Users container within the northwind.expedia.com domain, the relative distinguished name of the Mitch Tulloch object is simply
CN=Mitch Tulloch
This relative distinguished name uniquely identifies the desired object within the Users container in Active Directory.
See Also absolute path
A Web site that lets you forward e-mail messages anonymously.
Overview
Remailers can be used to ensure the privacy of your e-mail address when you send someone e-mail. This is because when a remailer is used to forward a message, all the original message header information is stripped away. The result is that the recipient has no way of determining who originally sent the message. You could use a remailer, for example, to keep recipients from adding your address to a mailing list. You can also use remailers to prevent yourself from being spammed when you voice an unpopular opinion on a mailing list or some other forum.
Another name for this kind of site is anonymous remailer. Yahoo! has a list of Web-based anonymous remailers.
See Also e-mail
Technology that enables access to network resources from remote locations.
Remote access. The two kinds of remote access.
Overview
Remote access is an umbrella term for a group of technologies that enables
administrators to manage servers, routers, and resources on a network from a remote location
off-site and mobile users to securely access resources on their corporate networks
Types
There are two basic approaches to remote access:
Remote control: Allows administrators to take control of remote computers and enter keystrokes, issue mouse clicks, and view display output as if they were sitting at the computer's local console. A popular software platform from Symantec Corporation called pcAnywhere is the leader in this category of the enterprise market; it enables administrators to remotely troubleshoot server problems, make configuration changes, and even demonstrate procedures to remote users-in other words, to perform all aspects of remote administration. Provided there is enough bandwidth in the connection, remote control technology usually works well, but when bandwidth is scarce, access to the remote console may be slow and jerky. Remote control access has high security, saves on hardware and licensing costs, and is relatively easy to implement on a network. Microsoft Windows 2000 Server, Windows XP, and Windows .NET Server have their own built-in remote control technology called Terminal Services (TS), which allows up to two concurrent connections for remote control.
Remote node: This is the classic form of remote access and is usually simply referred to as "remote access." In this scenario a remote access device such as a router or remote access server (RAS) is used to provide a gateway for remote users to access file, print, and other services on a corporate network-for example, using a laptop and modem. Another remote node scenario is the situation in which a remote branch office accesses resources at company headquarters using a RAS over a leased line or dial-up Integrated Services Digital Line (ISDN) connection. Remote node devices are often computers running specialized remote access software such as the Routing and Remote Access Service (RRAS) component of Microsoft Windows 2000 and Windows .NET Server. For supporting multiple remote dial-up users, servers can be fitted with a multiport serial board with 4, 8, 12, or more asynchronous communication ports that are connected to an analog modem bank or an ISDN terminal adapter. These machines are sometimes called RAS routers because they have at least one local area network (LAN) and one wide area network (WAN) interface and therefore function essentially as a router. Traditional software routers and LAN switches with ISDN or T1 capability are also widely used as remote access devices, and these are also sometimes known as access servers. For additional security and ease of use, remote node devices can also include features such as network address translation (NAT), Dynamic Host Configuration Protocol (DHCP) server functionality, password- based authentication, callback, and basic firewall functionality.
Notes
A relatively new solution to the issue of remote access to corporate networks is the concept of the virtual private network (VPN). A VPN is generally a dial-up connection that is tunneled over the Internet to allow remote users to access resources on the corporate network or to allow administrators to remotely administer servers, routers, and other devices. The VPN solution has largely displaced traditional remote node services for mobile users because it allows users to dial in to a local Internet service provider (ISP) and save the long- distance costs associated with dialing in directly to a modem bank connected to a corporate RAS server from a remote location.
See Also Integrated Services Digital Network (ISDN) , leased line ,modem , virtual private network (VPN)
Administering servers, routers, and other network resources from a remote location.
Overview
Remote administration technologies are widely used in today's 24x7 enterprise networks. The capability for administrators to connect to and remotely administer servers while off site when problems arise is essential. Also important is being able to step in and assist remote branch offices in administering their resources over wide area network (WAN) connections.
Types
There are two main approaches to remotely administering enterprise servers: software-based and hardware- based remote administration.
The software-based approach can employ a variety of tools and technologies that enable administrators to do everything from managing permissions on shared folders to actually taking control of a remote machine to configure applications or perform a reboot. Some of the popular platforms and products in this area include
Remote node software: This software provides remote access capability to allow administrators to access shared resources on the remote network. An example here is the Routing and Remote Access Service (RRAS) component of Microsoft Windows 2000 or Windows .NET Server.
Remote control software: This software allows users to actually take control of a remote machine and issue keystrokes or utilize the mouse pointer to do anything a user could do using the machine's local console. The most popular example in this category is Symantec Corporation's pcAnywhere platform, which is widely used in the enterprise for remote control and file transfer. Other popular choices include the Terminal Service (TS) component of Windows 2000 Server, Windows XP, Windows .NET Server, and Citrix Systems' MetaFrame platform. Even some platforms that were originally developed for hacking purposes, such as Back Orifice from Cult of the Dead Cow, have come to be considered legitimate and powerful tools for remote control and administration of servers.
Built-in tools: Widely available tools such as Telnet and Secure Shell (SSH) enable administrators to log in and remotely configure servers, routers, and local area network (LAN) switches from a command prompt window. Routers and switches, in particular, frequently support another form of remote administration called out-of-band management (OBM), which allows administrators to dial into these devices using a modem connected to an RS-232 serial port on the device and then configure the device using a terminal program such as Microsoft HyperTerminal.
Web-based administration: Some software platforms include support for secure remote administration over the Internet using a standard Web browser. For example, Internet Information Services on Windows 2000 includes an Active Server Pages (ASP) application that allows administrators to remotely configure Internet Information Server (IIS) Web servers using a Web browser such as Microsoft Internet Explorer.
The other variety of remote administration technologies includes various hardware-based solutions such as
Access servers: These are generally routers that provide remote access functionality to allow administrators to access resources on a remote network and manage them.
Vendor cards: These are vendor-specific Peripheral Component Interconnect (PCI) cards that can be installed in the vendor's servers to provide remote control management capability. These cards are proprietary for the platform they are designed for and can be accessed even when the server is down or its operating system crashes. Such cards typically include keyboard and mouse ports that can be connected to the server's keyboard and mouse ports and an Ethernet port for connecting to the network. Examples include Hewlett-Packard's TopTools card and Compaq Computer Corporation's Remote Insight, Lights-Out Edition.
External keyboard video mouse (KVM) devices: These range from stand-alone KVM switches to KVM cards that can be inserted into a separate server. This approach has the advantage over vendor cards in that a single KVM device can be used to control multiple servers.
Code-operated matrix switches: These are useful if remote servers simply need to be rebooted. A switch is connected to a device's power supply and can be controlled from a remote location by means of a computer and a modem.
See Also Keyboard Video Mouse (KVM) switch , out-of-band management (OBM) ,
An industry-standard security protocol for dial-up data networking services.
Overview
The Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol used to securely authenticate dial-up users. RADIUS supports authentication, authorization, and accounting (AAA), a security infrastructure supported by Cisco Systems' Internetwork Operating System (IOS) and by other platforms, including Microsoft Windows 2000 and Windows .NET Server. RADIUS is defined in RFCs 2138 and 2139.
Uses
Internet service providers (ISPs) commonly use RADIUS to provide business customers with secure dial-up connections. RADIUS can also be used to enhance security for virtual private networking (VPN), typically using Point-to-Point Tunneling Protocol (PPTP).
Implementation
RADIUS is a client/server protocol that involves three components:
RADIUS client: Software installed on the network access server (NAS) that allows the client to make a dial-up connection to the remote network.
RADIUS server: Software installed on a separate server that is used to store the profile information of dial-up users in a central database.
Dial-up client: Software used by remote users to dial in and be authenticated by a RADIUS-enabled network.
Remote Authentication Dial-In User Service (RADIUS). A typical implementation of RADIUS for an ISP.
In a typical scenario, a user dials in to a NAS at an Internet service provider (ISP). The NAS server is the RADIUS client, and it takes the user's credentials and reformats them as RADIUS packets, which it then forwards to the RADIUS server, also located at the ISP. The RADIUS server can then either authenticate the user directly from its user profile database or act as a proxy client to forward the authentication request to some other type of service or security device.
Once the RADIUS server has authenticated the client, it sends a RADIUS Access-Accept message to the NAS to inform it that the user connection attempt should be allowed. RADIUS messages are sent as user datagram protocol (UDP) packets using port 1812 for authentication and 1813 for accounting messages. All messages sent between the RADIUS client and the RADIUS server are unencrypted, except for user passwords, which are encrypted. Note that from the dial-up user's perspective, the RADIUS client is the user's dial-in server.
An RFC-compliant RADIUS server stores all user profile information in a flat-file ASCII database that is accessible to any NAS that needs it to authenticate users. Some RADIUS servers can also employ UNIX password files, Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), third-party security systems, or Network Information Services (NIS) for authenticating users. RADIUS servers are often used as well to provide connection statistics for billing purposes.
Marketplace
RADIUS is supported by access servers from Cisco and other router vendors. RADIUS is also supported by Windows 2000 and Windows .NET Server, where the Internet Authentication Service (IAS) supports RADIUS server functionality and the Routing and Remote Access Service (RRAS) operates as the RADIUS client.
Note that RADIUS implementations from different vendors are often incompatible. Despite the fact that RADIUS is an industry-standard security protocol, many vendors have added features to their implementation that are non-RFC compliant. As a result, when implementing RADIUS in your enterprise it is usually best to stick with solutions from a single vendor.
Notes
Cisco has a proprietary protocol called Terminal Access Controller Access Control System (TACACS) that is similar to RADIUS in operation but includes additional security features. Besides RADIUS and TACACS, the third commonly used security protocol on Cisco access servers is Kerberos.
See Also AAA ,Challenge Handshake Authentication Protocol (CHAP) ,Internet service provider (ISP) ,Internetwork Operating System (IOS) ,Kerberos ,Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) ,network access server (NAS) ,Password Authentication Protocol (PAP) ,Point-to-Point Tunneling Protocol (PPTP) ,Terminal Access Controller Access Control System (TACACS) ,security protocols ,User Datagram Protocol (UDP) ,virtual private network (VPN)
A bridge that connects two geographically separated networks.
Overview
Remote bridges can be used to connect networks using a variety of means, including telephone lines, leased lines, or a circuit-switched service such as X.25. A remote bridge generally has at least one
Local area network (LAN) port, typically an RJ-45 jack to support an unshielded twisted-pair (UTP) connection to an Ethernet switch or a hub.
Serial port, such as an RS-232 port or V.35 interface, for connection to the telco service used to link the networks.
A synchronous serial port is employed for connections to digital leased lines, and an asynchronous serial port is used for modems. Some remote bridges even have both synchronous and asynchronous serial ports. Remote bridges also commonly support Simple Network Management Protocol (SNMP) and have various other diagnostic and support features, including out- of-band management (OBM).
Remote bridge. Using remote bridges to connect two distant LANs together.
To use remote bridges to connect remote LANs, connect a bridge to the main hub or switch in each LAN, and then connect the serial port on each bridge to the modem, Integrated Services Digital Network (ISDN) terminal adapter, or Channel Service Unit/Data Service Unit (CSU/DSU), depending on the type of wide area network (WAN) link used.
See Also asynchronous transmission , bridge ,leased line , serial transmission, synchronous transmission, V.35
A technique for attacking or gaining improper access to a network.
Overview
Remote client impersonation takes place when a third party monitors traffic on a network by using a packet sniffer, captures network traffic during the user authentication process, extracts the authentication parameters (such as username, password, and domain) from the captured frames, and then takes control of the authenticated connection. Authentication schemes in which the user's password is transmitted in clear text, such as the Password Authentication Protocol (PAP) supported by Point-to-Point Protocol (PPP), are most susceptible to remote client impersonation and replay attacks. More secure PPP authentication schemes, such as the Challenge Handshake Authentication Protocol (CHAP) or the Microsoft version of that protocol (MS-CHAP), are preferable. CHAP guards against remote client impersonation by using the user's password to create an encrypted hash of a challenge string instead of passing the actual password during the authentication process. It protects against replay attacks by using a different, arbitrarily selected challenge string for each authentication attempt.
Notes
A similar hacking technique called a replay attack takes place when a third party monitors traffic on a network, captures a connection during the authentication process, and then plays back the client's captured response to obtain a new authenticated connection.
See Also Challenge Handshake Authentication Protocol (CHAP) ,hacking ,Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) ,network security ,network troubleshooting ,Password Authentication Protocol (PAP) ,Point-to-Point Protocol (PPP)
Controlling a remote server as if from a local console.
Overview
Remote control platforms allow you to control computers as if you were actually sitting at the local console and typing in keystrokes or clicking the mouse. Such platforms are widely used in the enterprise to
Enable help desk personnel to step in and take control of a user's machine to fix a problem or demonstrate a procedure
Allow training personnel to walk students through a procedure without having to sit beside the student
Enable administrators who are offsite to respond to emergencies by configuring or troubleshooting servers using their laptop or even a Personal Digital Assistant (PDA)
Implementation
The most popular forms of remote control technology are software platforms such as pcAnywhere from Symantec Corporation or ReachOut from Previo Software. To utilize such platforms, a small-footprint remote control client must first be installed on the server that is to be controlled. Other software in this category include the Terminal Services (TS) component of Microsoft Windows 2000 Server, Windows XP, or Windows .NET Server, the Citrix Metaframe platform from Citrix Systems, and the open source Virtual Network Computing (VNC) platform from AT&T Laboratories Cambridge.
There are also a number of hardware-based remote control platforms, including proprietary Peripheral Component Interconnect (PCI) cards such as TopTools from Hewlett-Packard and keyboard video mouse (KVM) solutions such as Key-View from Cybex Computer Products Corporation. These solutions are generally more expensive than software-based tools, but they provide better performance and can also reboot servers when they crash.
See Also remote access ,remote administration
A protocol for terminal-based computing.
Overview
Remote Desktop Protocol (RDP) is a terminal communications protocol based on the industry-standard T.120 multichannel conferencing protocol from the International Telecommunication Union (ITU). RDP is a proprietary protocol developed by Microsoft Corporation and is sometimes referred to as the Remote Display Protocol. It was formerly known as the T.SHARE protocol.
RDP forms the basis of Terminal Services (TS), a component of Microsoft Windows 2000 Server that supports terminal-based computing. RDP controls the transmission of keystrokes, mouse actions, and display information between Windows 2000 terminal clients and terminal servers. The version of RDP used in Windows 2000 and Windows XP is RDP 5.
Implementation
RDP is a multichannel-capable protocol that supports up to 64,000 separate channels. RDP supports multipoint transmission and employs separate virtual channels for transporting different information over serial transmission links, specifically:
Mouse and keyboard signals sent from client to server
Presentation data sent from server to client
RDP supports encryption of data using the RC4 encryption algorithm, and can use 40-bit, 56-bit, and 128-bit key sizes for varying degrees of security. Higher key sizes provide greater security but require greater processing overhead.
See Also remote control ,T.120 ,terminal server
An extension to Simple Network Management Protocol (SNMP).
Overview
Remote Network Monitoring (RMON) lets you monitor network traffic on a remote Ethernet segment from a central location on the network to detect problem conditions such as traffic congestion, dropped packets, and excessive collisions. You can also use RMON to set network traffic thresholds that trigger alarms so that you can correct network problems before they happen. Embedded RMON in Ethernet switches lets network administrators monitor switched Ethernet networks that cannot easily be monitored using traditional packet- sniffing network analyzers.
RMON was developed in 1992 and defined in RFC 1271. This was later superseded by RFC 1513 for Token Ring networks and RFC 1757 for Ethernet networks. The RMON Management Information Base (MIB) defined in RFC 1757 specifies nine groups of manageable objects (RMON monitoring elements) for various aspects of network traffic monitoring, totaling 204 objects and 2 events. These groups of objects, usually referred to as the RMON 1 groups, are as follows:
Statistics (1): Records statistics for Ethernet network interfaces (ports), including packets sent and received, bytes sent and received, the number of each type of packet, packets dropped, errors, and collisions
History (2): Specifies the types of data being sampled and the frequency at which data is sampled and records the sampled data for later analysis
Alarm (3): Lets you set thresholds and sampling periods to trigger alarms when specified network conditions arise
Host (4): Records MAC addresses; the number of packets sent and received for broadcast, unicast, and multicast packets; the number of bytes sent and received; and the number of error packets for all hosts on the subnet
HostTopN (5): Lets you list hosts according to ranking parameters, such as amount of traffic generated or number of errors generated
Matrix (6): Records statistics for communication between pairs of hosts, such as their source and destination addresses and the number of bytes and packets sent and received
Filter (7): Controls which kinds of packets the agent should capture, such as all packets larger than a certain size, all packets that match a specific bit mask, or logical combinations of individual expressions
Capture (8): Lets you capture packets for collecting network statistics and configure capture buffer sizes
Events (9): Lets you generate SNMP traps and log entries
It is a good idea to ensure that your RMON-enabled device or probe supports at least groups 1, 2, 3, and 9 from the previous list. Probes that support only these four groups are said to support mini-RMON. Many network hardware vendors provide RMON-enabled devices that support only mini-RMON because these are generally considered the most useful RMON groups.
The original RMON specification (now called RMON 1) collected data only from the physical (Layer 1) and data-link (Layer 2) layers of the Open Systems Interconnection (OSI) reference model. To overcome this limitation, which hinders RMON from being useful in switched networks (the original RMON was designed for shared media networks), a newer version called RMON 2 was developed in 1997 and defined in RFC 2021. RMON 2 extends the original RMON specification with nine more Management Information Base (MIB) groups that specify the collection of statistics from the network layer (Layer 3) through the application layer (Layer 7). Using RMON 2, network administrators can remotely collect information about the flow of data in a switched enterprise networking environment. For example, using RMON 2-enabled routers or switches, you could determine which workstations were accessing a specific client/server application on a specific server. RMON 2 is a superset of the original RMON MIB groups and extends them with an additional 268 manageable objects.
Comparison
RMON is similar in many ways to SNMP, for example:
It employs the MIB format.
It collects and reports network conditions to a network management station.
RMON differs from SNMP, however, in several significant ways, specifically:
It supports caching of information gathered from supporting network devices.
It provides much greater detail about the operation of network devices and the flow of traffic in and out of the device.
It is more responsive to events occurring on the network. This is because RMON proactively sends the data it has collected instead of waiting to be polled by the network management station as SNMP generally does.
It is an instrument-based network management protocol that utilizes specialized hardware, which can either be built into network devices or in stand- alone form as RMON probes.
Implementation
Like SNMP, RMON is implemented using a MIB on RMON-enabled devices. These RMON-enabled devices may include
Stand-alone devices called RMON probes that can be temporarily or permanently installed where desired on the network to study the flow of traffic on a local area network (LAN) segment. Such probes act much like traditional network protocol analyzers, except that they send the information they collect to a central location for analysis and display.
Existing network devices such as repeaters, bridges, hubs, routers, or Ethernet switches that have RMON functionality embedded into their port circuitry in the form of RMON agent software.
A stand-alone computer operating as an RMON probe.
An RMON probe consists of an SNMP agent for collecting information and communicating it to an SNMP management application, and one or more RMON MIBs defining the network objects to be managed. Typically, an SNMP-manageable device such as a hub or router only needs additional software installed on it to enable it to support RMON and turn it into a probe. Other devices called hosted probes are implemented as add-on hardware modules with built-in processing power and memory.
RMON is usually implemented on only one device or interface per network segment. For example, in a switched Ethernet environment, RMON agent software runs on each switch port to monitor and collect Ethernet network statistics for the attached segment. For RMON 1 these statistics relate only to the physical layer (Layer 1) and the data-link layer (Layer 2), but for RMON 2 they cover all layers of the OSI model.
When an SNMP management station wants to collect statistics to analyze and present them, the station contacts the RMON agents on the network. Alternatively (and more commonly), RMON agents are configured to send this information automatically when network traffic conditions on the device trigger the agent using SNMP traps.
Marketplace
The leading vendors of RMON probes and software include 3Com Corporation, Agilent Technologies, NetScout Systems, and Nortel Networks. Most vendors of Ethernet switch equipment also add RMON agent capability to the ports of their switches.
See Also Ethernet switch ,Management Information Base (MIB) ,network management ,Open Systems Interconnection (OSI) reference model ,Simple Network Management Protocol (SNMP)
A protocol that enables one computer to make a function call to another computer on the network.
Overview
Remote procedure call (RPC) is a message-passing programming technology developed by Sun Microsystems and later extended by the Open Software Foundation (OSF). RPC allows an application on one computer to execute procedures and interact with services on a remote computer over a network. RPCs are a common method of enabling client/server processing on the Microsoft Windows and on IBM AIX, HP-UX, Sun Solaris, and other UNIX platforms.
Although local procedure calls (LPCs) provide a mechanism for enabling the different components of an application located on a single computer to communicate with each other, RPCs enable message passing between the components of a distributed application that are located on different computers throughout a network. RPCs use a variety of other interprocess communication (IPC) mechanisms such as named pipes, mailslots, Windows Sockets, and NetBIOS to establish connections between the RPC client and RPC server components on different machines.
Notes
The remote procedure call service (RPC service), a component of the Windows 2000, Windows XP, and Windows .NET Server executive running in kernel mode, is responsible for message-passing between the client and server components of a distributed application-for example, between a client/server application such as Microsoft Outlook (client part) with Microsoft Exchange Server (server part). On a Windows 2000-based network, the server part of a distributed application first registers itself with the RPC Locator service. The client part of the application, which is on the local computer, can then query the RPC Locator service to determine the location of the required server part. A process called the remote procedure stub then packages the client's function call into a suitable RPC message and sends it to the remote computer using the RPC Run Time process. At the remote machine, a process called the application stub receives the RPC message, unpackages it into a function call, and executes it, returning any resulting values to the client part in a similar fashion. From the viewpoint of the client portion of the application, the server portion appears to be on the same computer.
A device that extends a network by boosting a signal so it can travel farther.
Overview
Digital signals traveling on cables weaken with distance-a phenomenon known as attenuation. A repeater is a kind of digital amplifier that works at the physical layer (Layer 1) of the Open Systems Interconnection (OSI) reference model to regenerate (amplify) a signal so that it can travel farther. Repeaters come in various types for different network architectures and data communication technologies. Repeaters can also perform other functions, such as filtering out noise caused by electromagnetic interference (EMI), reshaping the signal, and correcting timing to remove jitter so that the signal can travel farther.
Uses
Repeaters are used in Ethernet and Token Ring networking to extend signal transmission over long runs of fiber-optic cabling in order to connect remote local area networks (LANs). Repeaters are also be used in mainframe environments to boost signals for serial transmission to remote terminals. Repeaters can also be used to join dissimilar media such as unshielded twisted-pair (UTP) cabling and thinnet, but they cannot be used to join dissimilar network architectures such as Ethernet and Token Ring.
Repeaters are an inexpensive way to extend a network. Some specific examples of how repeaters could be used include
Joining two 16-megabits per second (Mbps) Token Ring networks in different buildings over distances up to 1.85 miles (3 kilometers) over multimode fiber-optic cabling or up to 12.5 miles (20 kilometers) over single-mode fiber
Increasing the lobe length between a Token Ring main ring and a remote node
Joining dissimilar 10Base2 and 10Base5 segments to form a single Ethernet LAN
Boosting signals from mainframe controllers to 3270 terminals over coaxial or UTP cabling to support distances up to 1.55 miles (2.5 kilometers)
Extending the operating distance of T1 lines by placing G.703 repeaters at 1.35-mile (2.2- kilometer) intervals
Extending backbone fiber-optic cable runs in campus-wide LANs or metropolitan area networks (MANs)
Repeaters are also used in fiber-optic networks to amplify and regenerate light signals for long-distance cable runs. Repeaters do not block broadcasts, so if you connect two Ethernet segments using a repeater, you increase the size of the collision domain, which degrades overall network performance. For this reason, bridges and routers are often preferable to repeaters.
Notes
Up to two Class II Ethernet repeaters can be cascaded together to connect remote nodes that are up to 670 feet (205 meters) apart.
See Also electromagnetic interference (EMI) ,hub ,jitter ,Open Systems Interconnection (OSI) reference model ,physical layer ,signal
Also known as remote client impersonation, a hacking technique for attacking or gaining improper access to a network.
See Also remote client impersonation
A document that describes Internet standards, protocols, and technologies developed by the Internet Engineering Task Force (IETF).
Overview
Any interested party can submit an RFC to the IETF for consideration as an Internet standard. The process for ratifying such proposals as standards is based on consensus rather than by committee. Once proposed, an RFC is reviewed by various technical groups and given one of five classifications:
Required
Recommended
Elective
Limited Use
Not Recommended
Once an RFC is classified, it is discussed and tested by research and technical groups and individuals. To become an accepted standard it must pass through three stages:
Proposed standard: Stable, well understood, and generally considered useful
Draft standard: Stable enough to develop implementations of the standard in applications and networking technology
Internet standard: Technically mature, widely implemented, and significantly beneficial to the Internet community
RFCs are sequentially numbered and published by the RFC Editor at the Information Sciences Institute at the University of Southern California. Since 1969, over 3000 RFCs have been proposed and published on various networking protocols, procedures, applications, and concepts.
Note that old RFCs are not updated, so several RFCs might relate to the same Internet protocol or technology, and some of them might be obsolete. To find the current RFC for a protocol or technology, see the Internet Architecture Board (IAB) Official Protocol Standard published quarterly by the IAB.
Examples
The table shows some of the more important RFCs for commonly used Internet protocols.
Protocol | RFC(s) |
ARP | 826 |
DHCP | 2131, 2132 |
DNS | 1034, 1035 |
FTP | 959 |
HTTP-1.1 | 2068 |
ICMP | 792 |
IGMP | 1112 |
IMAP4 | 2060 |
IP | 791, 919, 922, 950 |
IPv6 | 1883 |
Kerberos | 1510 |
LDAPv3 | 2251 |
MIME | 2045, 2046, 2047, 2049 |
NetBIOS | 1001, 1002 |
NNTP | 977 |
OSPFv2 | 2328 |
POP3 | 1939 |
PPP | 1661, 1662 |
PPP-CHAP | 1994 |
PPP-MP | 1990 |
RADIUS | 2138 |
RMON | 1757 |
RSVP | 2205 |
SMTP | 821, 822, 974, 1869, 1870 |
SNMP | 1157 |
SNMPv2 | 1441 |
TCP | 793 |
Telnet | 854, 855 |
UDP | 768 |
For More Information
Visit the RFC Editor at www.rfc-editor.org
See Also Internet ,Internet Engineering Task Force (IETF)
An Internet Protocol (IP) address that is reserved for a specific computer by a Dynamic Host Configuration Protocol (DHCP) server.
Overview
A DHCP reservation contains the IP address to be leased and the MAC address of the computer it will be leased to. Reservations are often used for servers on a network, which normally should all have the same IP address. An alternative procedure is to manually assign these servers a static IP address. The advantage of using a reservation is that the IP address of the server is centrally managed in the database of the DHCP server, which means there is less chance of an address conflict.
On Microsoft Windows networks, reservations (or static IP addresses) are always recommended for
Domain controllers
Domain Name System (DNS) and Windows Internet Name Service (WINS) servers
Non-DHCP clients
Router interfaces
Notes
To create a reservation for a computer, you must know the MAC address of its interface. On computers running Windows NT, Windows 2000, Windows XP, or Windows .NET Server, you can enter ipconfig at the command prompt to determine this value; on computers running Windows 95 or Windows 98, you can enter winipcfg in the Run dialog box (which you access from the Start menu).
See Also Dynamic Host Configuration Protocol (DHCP) ,IP address ,MAC address
A broadband device that acts as a front end for a home network.
Overview
The rapid growth of the broadband Internet market, together with the increase of teleworking, has provided a fertile market for the emergence of a new breed of broadband access device: the residential gateway. This device either connects to or replaces your Digital Subscriber Line (DSL) modem and enables you to network together PCs and peripherals (sometimes even telephones and fax machines) using a variety of technologies including Ethernet, home phone line networking, or 802.11b wireless networking. Connectivity to the network varies with the type of architecture used and may be standard RJ-45 jacks, universal serial bus (USB) connections, PC adapter cards, or Personal Computer Memory Card International Association (PCMCIA) cards. Features of residential gateways include ease of use, integrated firewall, and virtual private network (VPN) pass-through to support secure teleworking.
Marketplace
Emerging players in the residential gateway market include 2Wire, Cayman Systems, 3Com Corporation, and even the consumer electronics company Panasonic. Some analysts expect the residential gateway market to exceed $5 billion by 2005.
See Also Digital Subscriber Line (DSL) , universal serial bus (USB), virtual private network (VPN)
An emerging technology for Synchronous Optical Networking (SONET).
Overview
Resilient packet ring (RPR) is a new SONET technology designed for implementation by metropolitan Ethernet service providers. It is designed to make more efficient use of the underlying ring-based fiber-optic cabling infrastructure of existing SONET networks used by carriers.
RPR is based on earlier proprietary technologies developed by Cisco Systems, Nortel Networks, and other high-end infrastructure vendors. The Institute of Electrical and Electronics Engineers (IEEE) is working with the new Resilient Packet Ring Alliance to standardize this new technology and ensure interoperability between equipment from different vendors.
Implementation
Traditional SONET in the metropolitan marketplace employs a dual-ring architecture. One ring is active and carries traffic in one direction only, while the other ring is inactive and is used for redundancy purposes. Should the first ring fail, traffic is routed almost instantaneously to the second ring and then travels in the opposite direction to the first ring. This rapid failover makes SONET an ideal technology for delay-sensitive traffic such as voice and video, but it is not especially critical in transport of data, which is rapidly approaching becoming the dominant form of traffic carried by SONET networks.
RPR employs both rings of the SONET infrastructure to carry traffic simultaneously. Should one ring fail, its portion of traffic is automatically switched to the second ring. Since this switchover could result in sudden congestion of traffic, RPR employs quality of service (QoS) in order to differentiate between voice traffic, which needs high priority due to its sensitivity to delay, and Internet Protocol (IP) packet traffic, which can be assigned low priority since it is less sensitive to delay.
Marketplace
RPR technologies have been around for several years but have been based on proprietary implementations by SONET equipment vendors. The efforts of the Resilient Packet Ring Alliance, however, are guiding these vendors toward developing interoperable standards. Some of the significant vendors involved in producing RPR equipment include Cisco Systems, Dynarc, Lantern Communications, and Nortel Networks.
See Also Institute of Electrical and Electronics Engineers (IEEE) ,metropolitan Ethernet ,quality of service (QoS) ,Synchronous Optical Network (SONET)
A Domain Name System (DNS) client.
Overview
A resolver is software running on an Internet Protocol (IP) host that enables the host to query a DNS name server in order to resolve a host name into its associated IP address. The resolver software enables the host to formulate and send a query to the name server, interpret the response from the name server, and pass this information to the application on the client that initially called the resolver software (for example, a Web browser).
On UNIX platforms using Berkeley Internet Name Domain (BIND), a resolver is a set of library routines that are linked to the client programs that need to use them. On Microsoft Windows platforms the resolver is a component of Transmission Control Protocol/Internet Protocol (TCP/IP) software installed on the machine.
See Also Berkeley Internet Name Domain (BIND) ,Domain Name System (DNS) ,host name resolution ,name server
Also called network resource, any volumes, folders, applications, or devices that users need access to.
Overview
Examples of network resources include the following:
Shared folders and volumes: Contain files that users need to access. Users can be granted different levels of permissions on these shares. For example, users might be given read-only permission for shares that contain administrative documents, modify permission for shares that contain workgroup documents, and full control permission for their own personal shared folders.
Shared printers: Allow many users to print to a single print device. You can control access to the printer by using print permissions and by setting priorities and times for accessing printers.
Applications: Allow users to access back-end applications (such as databases) using front-end clients. These applications can be standard .exe executables or scripted Web server applications such as those developed using Microsoft Active Server Pages (ASP) technology.
Web servers: Allow Hypertext Markup Language (HTML)-based documents and applications to be shared and accessed from any platform by using a standard Web browser such as Microsoft Internet Explorer.
File Transfer Protocol (FTP) servers: Allow files to be shared between different operating system platforms such as UNIX and Microsoft Windows.
See Also shared folder
In Microsoft Windows NT, a domain containing network resources.
Overview
Resource domains are part of a master domain model or multiple master domain model enterprise-level implementation of Windows NT. Resource domains simplify resource administration by separating the administration of resources from the administration of user accounts.
In a master domain model implementation of Windows NT, an account domain-or master domain-contains user accounts for every user in the enterprise and is usually located at corporate headquarters. Servers and workstations at branch offices belong to other domains called resource domains. A trust relationship is established so that each resource domain in the enterprise trusts the account domain. Users at branch offices who want to log on to the network simply log on to the account domain even though their workstations are located within resource domains. Administrators at branch offices are responsible for managing only the resources (file and print shares, Web servers, database servers, and so forth) for their own domain and are usually not involved in centralized account management from a domain perspective.
See Also account domain ,master domain ,trust
An entry in a Domain Name System (DNS) zone file.
Overview
Resource records (RRs) are individual records (lines) in a DNS database or zone file on a DNS name server. RRs provide information about hosts on a Transmission Control Protocol/Internet Protocol (TCP/IP) network-for example, the DNS domain name, IP address, and particular function of the host. Depending on the platform used, you may be able to edit the zone file using a simple text editor or a graphical user interface (GUI)- based name server administration tool.
A typical RR consists of a series of fields separated by spaces. The most common type of RR is the address record, or A record, which maps the IP address of an IP host to its domain name. Other common types of RRs include CNAME, NS, PTR, SOA, and SRV records. The following table describes some important types of RRs.
Record Type | Description |
A (address) | Maps the IP address to the host name |
CNAME (canonical name) | Creates an alias for a host name |
HINFO (host information) | Specifies information about the host, such as operating system and central processing unit (CPU) type |
MX (mail exchanger) | Indicates a Simple Mail Transfer Protocol (SMTP) host (mail forwarder) |
NS (name server) | Indicates a DNS name server that is authoritative for the domain |
PTR (pointer) | Points to another location in the DNS namespace |
SOA (start of authority) | Indicates the name server that is authoritative for the domain |
SRV (server) | Locates a host that can provide a specific network service |
See Also Domain Name System (DNS) ,IP address ,name server ,Transmission Control Protocol/Internet Protocol (TCP/IP)
A signaling protocol used for conveying quality of service (QoS) requests.
Overview
Resource Reservation Protocol (RSVP) is part of the IntServ architecture developed by the Internet Engineering Task Force (IETF) to enable QoS on best-effort networks such as Internet Protocol (IP) networks. RSVP allows hosts to reserve bandwidth between two endpoints along a routed network. RSVP does this by sending special messages to RSVP-enabled routers along the path, which then give traffic sent between these endpoints the requested priority to ensure performance and reduce delay. Note that all routers on a network must be RSVP-enabled in order for the protocol to achieve its goals.
RSVP operates at Layer 3 (network layer) of the Open Systems Interconnection (OSI) reference model and is therefore independent of the type of networking media and network protocols used. RSVP is designed to operate in large heterogeneous routed internetworks such as the Internet to provide QoS for high-priority traffic.
RSVP supports both multicast and unicast transmissions and is a soft-state protocol that requires periodic refreshing to maintain its configured service levels. RSVP is defined in RFC 2205.
See Also bandwidth , heterogeneous network ,Internet Engineering Task Force (IETF) ,network layer ,Open Systems Interconnection (OSI) reference model ,quality of service (QoS) ,
An extension to reverse proxying that is supported by Microsoft Internet and Acceleration (ISA) Server.
Overview
Using reverse hosting, a proxy server can simulate the virtual roots on a number of Web servers and redirect requests for a particular domain and root combination to a single Web server. This approach means that only a single hole needs to be opened through the proxy server to allow Hypertext Transfer Protocol (HTTP) requests to enter. Reverse proxying works as an application layer proxy service and supports HTTP only.
See Also Hypertext Transfer Protocol (HTTP) , Internet Security and Acceleration Server (ISA Server) ,proxy server ,
The process of using a host's Internet Protocol (IP) address to look up its Domain Name System (DNS) name.
Overview
Reverse lookup occurs when a resolver queries a name server to resolve another host's IP address into its associated fully qualified domain name (FQDN). This is the reverse of the usual host name resolution process, in which a resolver queries a name server to resolve a host name into its associated IP address. Reverse name lookups use a special domain called in-addr.arpa.
Uses
Reverse name lookups are used in a variety of circumstances. For example, when a Web browser contacts a Web server, the Web server obtains the IP address of the computer the browser is running on. The Web server software often uses a reverse lookup to try to resolve the client's IP address into its associated FQDN, usually for purposes of logging the Hypertext Transfer Protocol (HTTP) session.
See Also Domain Name System (DNS) ,fully qualified domain name (FQDN) ,host name resolution ,Hypertext Transfer Protocol (HTTP) ,in-addr.arpa ,IP address ,name lookup ,name server
A form of proxying where the proxy server impersonates the Web server.
Overview
In reverse proxying, a proxy server is used to impersonate a Web server to the outside world. The proxy server receives client requests for Web content and fulfills these requests from its cache. It forwards Hypertext Transfer Protocol (HTTP) requests from clients to the actual Web server only if it cannot serve the requests from its own cache.
Reverse proxying offloads Web publishing responsibilities from Web servers and allows you to securely connect a company's internal Web servers to the Internet or to the rest of the company intranet. Microsoft Internet and Acceleration (ISA) Server supports reverse proxying so that you can publish to the Internet without compromising your internal network's security. ISA Server uses reverse proxying to send client requests downstream to a Web server or group of Web servers that are located behind the proxy server. This configuration results in improved Web server capacity planning, protects the security of data while allowing access to the Internet, and allows Web servers to access other servers on the internal network for publishing purposes.
See Also Hypertext Transfer Protocol (HTTP) ,Internet Security and Acceleration Server (ISA Server) ,proxy server ,Web server
A UNIX command for running commands on remote hosts.
Overview
Rexec is one of the r-commands available on all UNIX systems. In order for the remote execution of the command to work, the remote host must be running the Rexec daemon (service). Rexec authenticates the username on the remote host before executing the command and prompts the client to enter a password.
Microsoft Windows 2000, Windows XP, and Windows .NET Server include a Rexec client but no Rexec service. Rexec provides functionality similar to that of Rsh, except Rexec uses clear-text password authentication.
Notes
You cannot use Rexec to run interactive commands such as Vi or Emacs. Instead, use Telnet or Secure Shell to run interactive commands on a remote host. Note also that Rexec forwards the user's password as clear text, which can pose a security risk in some environments.
See Also daemon , Telnet, UNIX
Stands for Request for Comments, a document that describes Internet standards, protocols, and technologies developed by the Internet Engineering Task Force (IETF).
See Also Request for Comments (RFC)
Stands for Radio Guide, a U.S. Army specification for grades of transmission lines.
Overview
The RG specifications refer to forms of coaxial cable used, many of which were popular in computer networking in the 1970s and 1980s. Examples of RG specifications for coax include
RG-8: Also known as N series cable, which is a coaxial cable with an impedance of 50 ohms. RG-8 looks like thicknet Ethernet cabling but is actually a lower grade and does not perform as well. True thicknet cabling is labeled as IEEE 802.3 cabling, has a diameter of 3/8 inches, and is yellow or orange.
RG-58: Often called thinnet, which is a form of coaxial cabling with an impedance of 50 ohms and a diameter of 3/16 inches used in 10Base2 Ethernet networking. Subdesignations of this standard include RG-58 /U, which has a solid copper core, and RG-58 A/U, which has a stranded copper core.
RG-59: Another name for CATV or cable television cabling, which is a form of coaxial cabling with an impedance of 75 ohms.
RG-62: A form of coaxial cabling with an impedance of 93 ohms that is used in Attached Resource Computer Network (ARCNET) networks.
See Also coaxial cabling
The underlying cryptographic algorithm used in the Advanced Encryption Standard (AES).
Overview
The National Institute of Standards and Technology (NIST) selected Rijndael as the encryption algorithm to be used for the U.S. government encryption standard called AES, which replaces the earlier Data Encryption Standard (DES). Rijndael was developed by Belgian computer scientists Vincent Rijmen and Joan Daemen, and it can employ 128-bit, 192-bit, or 256-bit key lengths, making it considerably stronger and more secure than the 56-bit DES. Rijndael also has a very small footprint (52 bytes), making it portable for cell phones, Personal Digital Assistants (PDAs), and other small devices.
Rijndael will likely take several years to completely displace DES in government use. Triple DES, a much stronger variant of DES, is likely to coexist alongside Rijndael for an even longer period of time where it has been deployed.
See Also Advanced Encryption Standard (AES) ,Data Encryption Standard (DES) ,encryption
A networking topology in which network stations are connected along a single path whose ends are joined to form a circle.
Overview
Ring topology is employed only in specialized networking technologies, as opposed to the star topology employed in basic structured wiring systems of enterprise Ethernet networks. Common examples of where ring topology is used include
Token Ring networks: The ring of a Token Ring network is concentrated inside a device called a Multistation Access Unit (MAU).
Fiber Distributed Data Interface (FDDI) networks: The ring in this case is both a physical and logical ring and usually runs around a campus or collection of buildings to form a high-speed backbone network. Usually a dual-ring approach is used to provide redundancy.
Synchronous Optical Network (SONET): Used primarily by telcos for metropolitan area network (MAN) trunk rings, this technology also typically employs a dual-ring structure for redundancy.
In some ring topology networks such as Token Ring networks the circle is sometimes only logical-the actual physical arrangement of the cabling might be starlike, with a hub or concentrator at the center. A network based on ring topology is sometimes called a ring network.
Ring topology. Simple example of a ring network.
See Also bus topology ,mesh topology ,star bus topology ,star topology
Stands for Routing Information Protocol, a popular distance vector routing protocol.
See Also Routing Information Protocol (RIP)
Stands for R seaux IP Europ ens NCC, a nonprofit organization that administers the registration and allocation of numbers relating to the operation of the Internet in Europe, the Middle East, and parts of Africa.
See Also American Registry for Internet Numbers (ARIN)
A popular algorithm for public key cryptography.
Overview
Rivest-Shamir-Adelman (RSA) is one of the most popular cryptographic algorithms in use today. Ron Rivest, Adi Shamir, and Leonard Adelman developed RSA in 1977 and RSA Security patented it in 1983. RSA is employed in many popular encryption technologies, such as Pretty Good Privacy (PGP), Transport Layer Security (TLS), Internet Protocol Security (IPsec), and for Microsoft's Encrypting File System (EFS) in Microsoft Windows 2000, Windows XP, and Windows .NET Server.
Implementation
RSA employs a variable-length key, with typical key size being 512 bits. A longer key can be used to enhance security, or a shorter one can be used to increase the efficiency of the encryption process. RSA also employs a variable-length block size. Block size represents the chunk of plaintext that is encrypted in one application of the algorithm, and this block size must be smaller than the key's bit length. Encryption of a block of plaintext results in a corresponding block of ciphertext whose length is equal to the size of the key.
Marketplace
Until recently, RSA has been a patented technology owned by RSA Security. As of January 2000, however, RSA is now in the public domain. Some analysts suggest that the general growth and acceptance of public key infrastructure (PKI) systems has been hindered by the need for companies to license RSA technologies from RSA Security-if so, this obstacle has now been removed.
Issues
RSA is a relatively slow algorithm compared to other popular encryption algorithms such as the Data Encryption Standard (DES) used by the U.S. government (now replaced by Advanced Encryption Standard, or AES). As a result, RSA is usually not used for encrypting messages. Instead, it is typically used to encrypt a secret key, and the secret key is then used to encrypt the message.
Another issue is that while 512-bit keys are commonly used in e-commerce sites employing RSA encryption, in late 2000 a Swedish team of computer scientists cracked 512-bit RSA encryption using only a single workstation running a number field sieve algorithm. As a result, RSA with 512-bit encryption is no longer considered secure; however, 1024-bit length keys are probably secure for the foreseeable future.
See Also Advanced Encryption Standard (AES) ,Data Encryption Standard (DES) ,Encrypting File System (EFS) ,Internet Protocol Security (IPsec) ,Pretty Good Privacy (PGP) ,public key cryptography ,public key infrastructure (PKI) ,Transport Layer Security (TLS)
A family of push-and-click connectors for twisted- pair wiring in telephone and computer network environments.
Overview
RJ stands for Registered Jack, and the RJ standards define both jacks or receptacles (female) and plugs (male) connectors for different purposes. Some common types of RJ connectors include
RJ-11: A 4-wire or 6-wire telephone-type connector that connects telephones to wall plates. RJ-11 supports up to six wires, but usually only four are used with the two-pair twisted-pair cabling commonly found in telephone cabling.
RJ-45: An 8-wire telephone-type connector used with twisted-pair cabling for connecting computers, wall plates, patch panels, and other networking components. RJ-45 is the standard type of connector for both unshielded twisted-pair (UTP) and shielded twisted-pair (STP) cabling in star- topology Ethernet networks such as 10BaseT and 100BaseT4. RJ-45 is defined in International Organization for Standardization (ISO) standard 8877.
RJ-48: An 8-wire telephone-type connector used with twisted-pair cabling for connecting T1 and 56-kilobyte (KB) digital data service (DDS) lines. RJ-48 uses the same jack as RJ-45 but uses a different pinning, with one pair of wires to transmit signals, one pair to receive signals, one pair for drain, and one unused pair (reserved for future use). RJ-48 connectors come in three varieties: RJ-48C and RJ-48X for connecting T1 lines and RJ-48S for connecting 56-KB DDS lines.
Implementation
The diagram shows RJ-11 and RJ-45/48 connectors, which are used to terminate both ends of UTP cabling. Pins are labeled 1 through 4 or 1 through 6 for 4-wire and 6-wire RJ-11, and 1 through 8 for 8-wire (four-pair) RJ-45/48. Cables can be straight-pinned or cross- pinned, depending on their use. For example, a straight- pinned RJ-45-terminated UTP cable is used to connect a computer to a 10BaseT hub, while a cross-pinned cable or crossover cable is used to connect two computers directly or to connect two hubs.
RJ connectors. Two common types of RJ connectors.
The following table shows the pinning for these various cables, with the colored wires coded as follows:
Y = yellow OR = orange
G = green BL = blue
R = red BK = black
W = white BN = brown
S = silver
If these colors are combined in striped cables, the coloring is coded OR/W for orange/white or orange with white striping, and so on. RJ-11 and RJ-45 cables generally use solid-color wires, and RJ-48 cables are usually striped. Note that RJ-45 has two types of cross-pinning: 568A/B and Universal Service Order Code (USOC). If the pinning of a wire is listed as Y (1-4), it means that the yellow wire is connected to pin 1 at one end and to pin 4 at the other.
Connector/Cable | Pinning |
RJ-11 straight (4-wire) | Y (1-1), G (2-2), R (3-3), BL (4-4) |
RJ-11 crossed (4-wire) | Y (1-4), G (2-3), R (3-2), BL (4-1) |
RJ-11 straight (6-wire) | BL (1-1), Y (2-2), G (3-3), R (4-4), BK (5-5), W (6-6) |
RJ-11 crossed (6-wire) | BL (1-6), Y (2-5), G (3-4), R (4-3), BK (5-2), W (6-1) |
RJ-45 straight (8-wire) | BL (1-1), OR (2-2), BK (3-3), R (4-4), G (5-5), Y (6-6), BN (7-7), S (8-8) |
RJ-45 USOC crossed (8-wire) | BL (1-8), OR (2-7), BK (3-6), R (4-5), G (5-4), Y (6-3), BN (7-2), S (8-1) |
RJ-45 568A/B crossed (8-wire) | BL (1-3), OR (2-6), BK (3-1), R (4-5), G (5-4), Y (6-2), BN (7-8), S (8-7) |
RJ-48C straight (8-wire) | OR/W (1-1), W/OR (2-2), (3-3) unused, BL/W (4-4), W/BL (5-5), (6-6) unused, BL drain (7-7), OR drain (8-8) |
RJ-48C crossed (8-wire) | OR/W (1-4), W/OR (2-5), (3-3) unused, BL/W (4-1), W/BL (5-2), (6-6) unused, BL drain (7-7), OR drain (8-8) |
See Also connector (device) ,International Organization for Standardization (ISO) ,shielded twisted-pair (STP) cabling ,unshielded twisted-pair (UTP) cabling
Stands for Remote Network Monitoring, an extension to Simple Network Management Protocol (SNMP).
See Also Remote Network Monitoring (RMON)
A user profile stored on a network server so the user can access her desktop from any computer on the network.
Overview
Roaming user profiles are a feature of Microsoft Windows NT, Windows 2000, Windows XP, and Windows .NET Server that allow users to roam about the network and access their desktop settings and folders from any machine. This is done by storing such roaming profiles in a centralized location on the network, such as a file server or domain controller. If the server on which the profile is stored is unavailable when the user logs on to the network, the locally cached copy of the profile stored on his or her workstation will be used instead.
The system administrator enables roaming profiles for users. A roaming profile that cannot be modified by the user is known as a mandatory user profile. Windows 98 and Windows Millennium Edition (Me) also support roaming profiles, but these are not compatible with Windows 2000, Windows XP, and Windows .NET Server profiles.
See Also local user profile ,mandatory user profile ,user profile
The base of a hierarchical file system.
Overview
The root is the first element in the absolute path of a file or directory on the file system. In other words, the root directory of a file system is the starting point for the tree of directories and files that comprise the file system. The symbol used to represent this directory depends on whether the file system is on a Microsoft Windows or UNIX platform: Windows designates the root directory with a backslash (\), but UNIX employs a forward slash (/).
The term root is also used to refer to the highest-level entity in a directory. For example, the root of Active Directory directory service in Windows 2000 is the RootDSE object.
Notes
The term root can also refer to the user with the highest level of administrative rights, particularly on UNIX platforms. Other names for this user are SuperUser (also UNIX platforms), Supervisor (NetWare platforms), and Administrator (Windows platforms).
See Also Active Directory ,file system
A digital certificate that attests to the identity of a certificate authority (CA).
Overview
Every CA requires a root certificate so that it can be "trusted" by entities that request digital certificates from it. If a client trusts the root certificate of a CA, it automatically trusts any other certificates that are issued by that CA. Root certificates thus form one of the foundations of public key cryptography. The root certificate is either signed by the CA itself (self-signed) or by a higher authority in a hierarchy of CAs in a public key infrastructure (PKI).
See Also certificate authority (CA) ,public key infrastructure (PKI)
The highest-level parent domain in a domain tree.
Overview
Root domains form the basis of domain trees in an Active Directory directory service implementation of Microsoft Windows 2000 and Windows .NET Server. All other domains in the tree derive their Domain Name System (DNS) name from the root domain and form a contiguous namespace with the root domain. An example of a root domain name for a company called Adventure Works might be adventure-works.com. The root domain is the first domain you create when you implement Active Directory in an enterprise. All other domains you create derive their DNS name from the root domain.
Notes
If you plan to connect your network directly to the Internet, you should register your root domain name with a domain name registration authority. You can use separate external and internal root domain names in your enterprise network if you want to separate network resources that will be accessible to outside users on the Internet from network resources intended for internal company use only. You should register both the internal and external root domain names to prevent future naming conflicts. You should also use a firewall to protect the private domain from the Internet.
Root domain. The root domain of a domain tree.
You should select a root domain name before you implement Active Directory on your Windows 2000- or Windows .NET Server-based network. The name should be easily recognized by users in the outside world, and you should make sure that it is legally acceptable and does not violate existing trademarks or duplicate registered company names. Root domain names should be static and not subject to change.
See Also Active Directory ,Domain Name System (DNS) ,domain tree
A name server at the top of the Domain Name System (DNS).
Overview
Root name servers are those that can locate name servers that are authoritative for top-level domains such as .com, .org, .net., and so on. Root name servers are the backbone of the DNS naming system and act as an ultimate authority when a local name server cannot resolve a name query. In fact, if all 13 root name servers on the Internet simultaneously failed, users would only be able to reach Web sites registered with local name servers. In other words, the Internet would no longer work and would essentially operate as thousands of small isolated islands. As a result, root name servers are spread out across the Internet for greater protection and are zealously guarded. Examples of root name servers include two belonging to the Military Network (MILNET), one to the National Aeronautics and Space Administration (NASA), several in Europe, one in Japan, and the remainder in the United States. More are likely to be deployed as the Internet grows in size and international reach.
See Also Domain Name System (DNS) ,name server
A network protocol that can be routed.
Overview
Routable protocols are network protocols that use Layer 3 (network layer) addresses for forwarding packets to their destination. The most commonly used routable protocol today is the Transmission Control Protocol/Internet Protocol (TCP/IP), which is the protocol used on the Internet and in most enterprise networking environments.
Other routable protocols, now considered legacy protocols, include
Internetwork Packet Exchange/Sequential Packet Exchange (IPX/SPX)
Xerox Network Systems (XNS)
DECnet
AppleTalk
Banyan VINES
Seldom-used network protocols that are not routable include
NetBEUI
Data Link Control (DLC)
Notes
A routable protocol is a network layer protocol that can be routed. A routing protocol, however, is something different: a protocol by which routers can communicate routing table information with one another. Do not get them confused!
See Also AppleTalk ,Banyan VINES ,Data Link Control (DLC) ,DECnet ,NetBEUI ,Transmission Control Protocol/Internet Protocol (TCP/IP) ,Xerox Network Systems (XNS)
A path a packet travels across an internetwork and a command for displaying and configuring routing tables on routers.
Overview
The route a packet takes as it crosses an internetwork is the path, starting from the sending host to a neighboring router and then hopping from router to router until the packet reaches its destination host on some remote network. The process by which the best route to forward a packet is identified is known as routing.
Route is also a command that allows viewing and modification of entries in the internal routing table on an Internet Protocol (IP) host such as a Microsoft Windows 2000, Windows XP, or Windows .NET Server computer. This internal routing table contains routing information that determines how the computer delivers packets to local and remote hosts on the network.
Examples
Typing route print at the Windows command prompt displays the routing table of the local computer.
Typing route add 172.16.25.0 mask 255.255.255.0 172.16.10.1 metric 2 adds a new route to the routing table, specifies that any packets destined for the network with network ID 172.16.25.0 should be forwarded to the router interface 172.16.10.1 in the local network, and specifies that packets sent along this route will traverse two hops on the network.
See Also hop count ,
A device used to connect or segment networks.
Overview
Routers are most often used in Transmission Control Protocol/Internet Protocol (TCP/IP) networks, the Internet being the prime example of a large routed network. Routers can be used either to connect many smaller networks into a larger network called an internetwork or to segment a large network into smaller subnetworks in order to improve performance or manageability. Routers are also sometimes used to join dissimilar media, such as unshielded twisted-pair (UTP) cabling and fiber-optic cabling, and different network architectures, such as Token Ring and Ethernet.
Routers can also be used to connect local area networks (LANs) to telecommunication services such as leased lines or Digital Subscriber Line (DSL). A router used to connect a LAN to a leased line such as a T1 line is often called an access server, and a router used to access DSL servers is known as a DSL router. These routers often support basic firewall functionality to filter out packets based on their source or destination network address. Such a device is sometimes called a packet-filtering router.
Routers generally block broadcast traffic and can thus prevent broadcast storms from slowing down the flow of traffic in a network. Routers are so complex that Cisco Systems, the major vendor of enterprise-level routers, has developed an operating system called Internetwork Operating System (IOS) that is devoted solely to managing routers.
Types
Routers can be either
Static routers: These must have their routing tables configured manually with all network addresses and paths within the internetwork.
or
Dynamic routers: These automatically create their routing tables by listening to network traffic and communicating with other routers.
Comparison
Routers are similar to bridges in that they both forward packets and can be used to either segment or join networks. However, routers use Layer 3 (network layer) addresses such as IP addresses to forward packets, but bridges employ Layer 2 addresses (MAC addresses) for this purpose. When should you use a bridge and when should you use a router? Use bridges to connect network segments that run the same network protocol- for example, to connect an IP segment to an IP segment. Also use bridges when you run legacy nonroutable network protocols such as NetBEUI on your network. On the other hand, use routers to connect network segments that run different network protocols-for example, to connect an IP segment to an Internetwork Packet Exchange (IPX) segment. Generally speaking, routers are more intelligent than bridges and improve network bandwidth by not forwarding broadcast packets to other networks. Finally, use routers when you want to connect your network to the Internet.
Router. Some examples of typical uses for routers.
Implementation
Routers work at the network layer (Layer 3) of the Open Systems Interconnection (OSI) reference model. They forward packets between networks on the basis of their destination logical addresses (IP addresses in the case of TCP/IP). Routers also route packets based on the available paths and their costs, thus taking advantage of redundant paths that can exist in a mesh topology network. To do this, routers contain internal tables called routing tables that keep track of the paths that packets can take as they move across the internetwork, along with the cost of reaching each remote network.
Because routers operate at a higher OSI level than bridges do, they have more powerful switching and filtering capabilities. They also generally require greater processing power, which results in routers usually costing more than bridges. Also, because routers use network addresses for routing packets, they can only work if the network protocol is a "routable protocol" such as TCP/IP or Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX). This is different from bridges, which are basically protocol-independent Layer 2 devices.
Marketplace
Cisco holds the dominant place in the high-end router marketplace, with over 88 percent of the market share. Cisco produces a wide variety of routers with varying capabilities for small, medium, and large enterprises. They also produce routers that are used to form the backbone of the Internet. Some common models of Cisco routers include
1600 and 1700 Series: These are used primarily for small businesses to provide wide area network (WAN) access.
2600 Series: These are standard routers for branch office access to corporate headquarters over WAN links.
3600 Series: These are multifunction routers that can be used in branch/enterprise environments and are more powerful and flexible than the 2600 series.
7200 and 7500 Series: These are high-end multiprotocol routers that support a wide variety of media and are used to build both collapsed backbones and WANs.
12000 Series: These are heavy-duty router/switch combinations used in collapsed backbones and carrier networks.
Other popular router manufacturers include Nortel Networks, Juniper Networks, Ericsson, and 3Com Corporation.
Prospects
A few years ago it was thought that Layer 3 Ethernet switches (also simply called Layer 3 switches) would drive the router market out of existence. This has not entirely happened, despite the fact that such switches, being hardware-based, perform much better than traditional software routers. In the enterprise LAN arena, Layer 3 switches do indeed dominate now in collapsed backbones where routers once ruled in distributed backbones. But in the WAN access arena, routers are still going strong and it looks like they will be around for a long time, driven mainly by Internet service providers needing more routers to handle increased traffic.
Appearing on the horizon are terabit routers capable of forwarding 1012 bits per second (bps). These routers are intended mainly for use by telecommunications carriers in their backbone networks, and leading vendors include Cisco, Lucent Technologies, and Avici Systems. A startup called Hyperchip is even developing a petabit router capable of switching packets at 1015 bits per second, a speed equivalent to a million Gigabit Ethernet (GbE) ports! Such high-end routers are intended for the next generation of all-optical networks that are expected to emerge around 2005.
See Also dynamic routing , Ethernet switch ,Internetwork Operating System (IOS) ,Layer 3 switch ,Open Systems Interconnection (OSI) reference model , static routing
Routing that occurs at the routers.
Overview
Routers are generally used to connect different networks together. Router routing is the process by which a router examines an incoming packet and determines which interface on the router to forward the packet to. This is different from host routing, which is routing that occurs at the host itself.
Usually the term router routing is simply abbreviated as routing . Whether this actually refers to host routing or router routing can usually be determined from the context of the discussion.
See Also host routing ,
Forwarding packets from one network to another across an internetwork.
Overview
Routing is a method of joining multiple networks together in a way that allows packets to travel from one network to the next. To do this, devices called routers are used to connect different networks. These routers accept packets destined to remote networks and forward them to the next step along the way.
Routing is only possible with network protocols that are "routable." Examples of routable protocols include
Transmission Control Protocol/Internet Protocol (TCP/IP): The standard network protocol used on the Internet and in most enterprise networking environments today.
Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX): A legacy protocol used in Novell Netware 2.x and 3.x platforms.
The rest of this article focuses on TCP/IP routing, which is the most common type.
Types
Routing can be classified in different ways depending on what is under consideration. For example, there is
Host routing: This is routing that occurs at the host itself. Each host on an IP network normally maintains its own internal routing table. This table is used to determine whether to send a packet to the local network, to a specific router interface, or to the default gateway address.
Router routing: This is routing that occurs at the routers that connect the various networks. Networks connected by routers are generally called subnets, although this term has a more precise meaning in the context of IP addressing. Most of the discussion below focuses on router routing, which is usually simply called routing.
Routing can also be classified according to how routers are configured to forward packets, specifically:
Static routing: Administrators manually enter entries in router tables.
Dynamic routing: Routing tables can be updated automatically when different routers communicate with one another using routing protocols.
Implementation
Routing takes place at the network layer (Layer 3) of the Open Systems Interconnection (OSI) reference model. In TCP/IP networking, this means that routing of packets is based on their destination IP addresses.
Routing takes place on a packet-by-packet basis and involves two steps:
Determining the best route (path) over which the packet should travel to reach its destination host.
Forwarding the packet to the appropriate remote network according to its destination IP address.
Forwarding of packets is handled independently by each router along the path the packet has to travel. In other words, the packet is forwarded across each successive "hop" until it arrives at its destination. Routers perform this forwarding using internal tables called routing tables, which contain information describing the potential paths that data can take to travel to remote networks. Between any two subnets on an internetwork there may be more than one route by which the packet can reach its destination. The information in the routing table, therefore, includes the metric (cost value) for each possible route to the destination, and the packet is usually sent along the path with the lowest cost. If two paths to the same destination have the same cost, the stream of packets can be load-balanced between the two routes. Each network traversed on a routed internetwork is called a subnet.
The value of the metric for a specific path depends on several factors. For example, the metric might be proportional to the number of routers that the packet stream must be switched through (the number of hops traversed), the delay or latency of packets when they are processed by each router, the amount of traffic congestion (load) at the router, the available bandwidth along a route, and even the relative reliability of the routers. For static routers, network administrators manually specify metrics for each path and enter them into routing tables, but for dynamic routers routing algorithms are used to automatically calculate metrics for each possible path. Dynamic routers do this by communicating with each other using special protocols called routing protocols. Examples of common routing protocols include the Routing Information Protocol (RIP) and the Open Shortest Path First (OSPF) protocol. Once the routing table for a static router has been properly configured (or once the tables of all dynamic routers have "converged" and stabilized), the router carries out its packet-forwarding function. The entire routing process works like this: if a local host wants to send a packet to a host on a remote network, the local host first checks its own internal routing table (host routing) to determine which nearby router to forward the packet to. The host then uses Address Resolution Protocol (ARP) to obtain the MAC address of the near-side interface of this router and sends the packet directly to this interface. This packet's header contains the destination host's logical network layer address (IP address). When the router receives the packet, it inspects this destination address and compares it to the information stored in its internal routing table to determine what to do with the packet. If the router cannot determine what to do with the packet, it simply drops the packet. Otherwise, it forwards the packet (router routing) to the destination host (if it is on a network connected to the router) or to a more distant router, which forwards the packet again until finally the packet reaches the network where its destination host resides. As the packet is forwarded from router to router across the internetwork, its network layer destination address remains the same, but its MAC address keeps changing to that of the next router interface along the path.
Issues
Routing in a network can suffer from a number of problems. One problem is the existence of routing loops, which occur when a packet passes through the same router more than once on a given trip. The result is that the packet loops until its lifetime decreases to zero and a router discards it. The originating host usually never knows that the packet was dropped and did not reach its destination. Routing loops occur most often in networks that use incorrectly configured static routers. Routing algorithms for dynamic routers can usually detect loops and reconfigure routing tables to eliminate them. Another problem is convergence. In a large internetwork using dynamic routers, it might take some time for a change in one router's tables to propagate to all other routers in the internetwork. In the meantime, temporary routing loops can occur and less efficient network paths might be chosen, resulting in more traffic congestion. Properly designed routing protocols and routers help avoid such issues and make routing a reliable process for building large internetworks from smaller networks.
See Also black hole , bridge ,convergence ,default gateway ,dynamic routing ,flooding ,hop count ,host routing ,internetwork ,Open Systems Interconnection (OSI) reference model , static routing, subnet
A mathematical procedure that a dynamic router uses to calculate entries for its routing table.
Overview
Routing algorithms underlie the routing protocols that enable dynamic routers to exchange information with one another in order to calculate the metrics of various paths or routes throughout an internetwork. These algorithms generally operate using a combination of variables obtained either by inspecting header information in packets received by the router or manually specified by administrators. The routing algorithm processes the values of these variables to generate the internal routing table for the router. These variables are generally known as routing metrics and can include the following:
Hops: The number of intermediate routers between a given network and the local router
Latency: The time delay in processing a packet through the router or over a given route
Congestion: The length of the packet queue at the incoming port of the router
Load: The processor use at the router or the number of packets per second that it is currently processing
Bandwidth: The available capacity of a route to support network traffic; decreases as network traffic increases
Reliability: The relative amount of downtime that a particular router might experience because of malfunctions
Maximum Transmission Unit (MTU): The largest packet size that the router can forward without needing to fragment the packet
Routing algorithms are usually implemented as a combination of dynamic (real-time calculated) and static (specified by the network administrator) factors, usually in a distributed fashion where each router independently calculates its own routing tables. In the case of dynamic routers, the exchange of routing information between routers is also part of this process. This provides a degree of fault tolerance for the routing network, for if one router goes down, the remaining routers can recalculate their routing tables to ensure they are able to route traffic around the failed router. Then, when the failed router is restored, the routing tables are recalculated again. Some routing algorithms support forwarding packets over several paths to a given destination (when such multiple paths exist) and thus better manage network traffic by load balancing packets accordingly.
Types
A major distinction between routing algorithms involves the space within which they operate. In a flat routing space, all routers are peers, but in a hierarchical routing space, different routing domains, areas, or autonomous systems are connected using a backbone routing network. The advantage of a hierarchical routing space is that it reduces the amount of intercommunication traffic that must take place between routers in order for them to calculate their routing tables. For example, routers that forward traffic only within their own routing table do not need to exchange routing information with routers in other domains. The downside, of course, is that a hierarchical system is much more difficult to implement and maintain than a flat routing space.
Based on this distinction, routing algorithms come in two basic types:
Distance vector routing algorithms: These use a flat routing space, and an example of a routing protocol of this type is the Routing Information Protocol (RIP). Distance-vector routing is sometimes called Bellman-Ford routing or even "old ARPANET routing" by those who are familiar with this algorithm's origins.
Link state routing algorithms: These employ a hierarchical routing space, and an example of a routing protocol of this type is the Open Shortest Path First (OSPF) protocol. Link state algorithms were developed later than distance-vector ones and have largely displaced them in enterprise networking.
From a network administrator's perspective, the differences between these algorithms are as follows:
A routing protocol based on the distance vector routing algorithm is simpler to implement than one based on the link state routing algorithm. Routing loops are less likely to occur when the link state algorithm is used, but link state algorithms require more processing power and routers that implement it are generally more costly. The two algorithms offer a trade-off with respect to network traffic between routers. Specifically, routers using the distance vector algorithm periodically send their entire routing table to other routers, but only to routers one hop away, while the link state algorithm floods the entire internetwork with information from each router, but only updated information is sent when needed.
See Also distance vector routing algorithm , dynamic routing ,link state routing algorithm ,Open Shortest Path First (OSPF) , static routing
A popular distance vector routing protocol.
Overview
Routing Information Protocol (RIP) is a dynamic routing protocol that is used to exchange routing table information between routers. Depending on the underlying network protocol being supported, this might be
RIP for IP: Used on Internet Protocol (IP) networks
RIP for IPX: Used on Internetwork Packet Exchange (IPX) networks
Both of these routing protocols are generally referred to simply as RIP. RIP was also adapted for the AppleTalk networking system to form the basis of the Routing Table Maintenance Protocol (RTMP).
History
RIP evolved from the Xerox Network Systems (XNS) protocol suite developed in the late 1970s and was designed in1980 as the first interior routing protocol, a protocol used to allow routers to communicate within an internetwork under a single administrative authority. RIP is implemented as a flat intradomain routing protocol, that is, an interior routing protocol with a flat routing space or routing domain.
RIP first became popular as a result of its inclusion in release 4.2 of the Berkeley Software Distribution UNIX (BSD UNIX) platform. RIP was commonly used throughout the enterprise in the 1980s, but it was supplanted in the 1990s in large enterprises by Open Shortest Path First (OSPF), a link-state interior routing protocol. Today RIP is viewed as a legacy protocol suitable mainly for small internetworks of fewer than 50 routers or so.
Types
There are two versions of RIP:
RIPv1: This is the original version of RIP that was defined in RFC 1058.
RIPv2: This is a newer version of RIP defined in RFC 1723. RIPv2 is fully backward compatible with the earlier RIPv1 but is enhanced to support optional multicasting of routing table information to the multicast address of 224.0.0.9, the inclusion of subnet mask values in RIP announcements, and simple password protection to prevent rogue RIP routers from hijacking network traffic.
Implementation
The metric used by RIP-enabled routers for calculated routing table entries is based on the number of hops it takes for packets to reach their destination networks. RIP routers do not employ other routing metrics used in link state routing protocols such as load, bandwidth, latency, or Maximum Transmission Unit (MTU) in calculating these routing costs. The routing table of a RIP router contains the cost in hops of every path to every destination network in the internetwork.
When a RIP router is first turned on, it broadcasts its presence using a General RIP Request message. This is done so that neighboring RIP routers can be alerted to send the original router advertisements of their routing tables. These RIP advertisements from neighboring RIP routers allow the original router to dynamically build its own routing tables. In addition, the original RIP router broadcasts to its neighbors all network IDs of locally attached networks so that they can update their own routing tables with this information.
RIP-enabled routers broadcast their complete routing tables every 30 seconds over User Datagram Protocol (UDP) port 520. This adds some overhead to network traffic, but this information is information is propagated only throughout the local subnet and thus received only by routers that have a routing interface adjacent to this subnet. RIP does not support multipath routing. If a routing table has multiple routes for a single network ID, RIP stores the route with the lowest metric (number of hops to destination).
RIP supports a maximum metric of 15, in other words, networks that are more than 15 hops away from the local network are unreachable when using RIP. The RIP metric is also independent of the packet's Time to Live (TTL) value, so if two networks are separated by more than 15 routers, the packet is dropped even if the TTL value has not decremented to zero. When you try to send a packet to a network more than 15 hops away, a RIP router returns an Internet Control Message Protocol (ICMP) Destination Unreachable message.
Advantages and Disadvantages
RIP is a well-supported industry standard routing protocol, but its maximum of 15 hops, together with the use of broadcast announcements, limits the use of RIP to small internetworks. Another disadvantage is that the routing table of a RIP-enabled router can become quite large since it must contain information about all possible routes to all possible subnets on the internetwork.
Another weakness of RIP is that the routing table announcements are not synchronized over the internetwork and are sent without expectation of acknowledgments. In addition, routing entries in a RIP routing table time out 3 minutes after the last RIP announcement is received, so if a RIP router goes down, it takes time for this information to propagate throughout the internetwork, a problem known as slow convergence. This 3-minute timeout value exists so that information about routers that unexpectedly fail or go down can be propagated throughout the internetwork. If neighboring routers do not hear from a RIP router within 3 minutes, networks that are locally attached to the missing router are assigned a hop count of 16, making them unreachable. These factors can result in convergence problems and routing loops on large RIP-enabled internetworks.
Another factor is that RIP advertisement packets are only 512 bytes in length and can contain a maximum of 25 different routing table entries, so a large routing table with hundreds of entries means that dozens of RIP packets are broadcast every 30 seconds. This can result in a lot of extra broadcast traffic on the local subnet, making RIP unsuitable for large internetworks or for networks having slow wide area network (WAN) links.
Finally, RIP cannot take into account real-time network parameters such as congestion, latency, or router load when the RIP router determines whether to forward a packet along a specific route. An alternative to RIP is to use the Open Shortest Path First (OSPF) protocol, which can dynamically take into account such real-time network parameters, but implementing OSPF is fairly complex and may require you to upgrade existing routers.
Notes
RIP routers should be turned off properly so that they can advertise the fact that they are being turned off to their neighboring routers. This notification, called a triggered update, declares all locally attached networks to the router as having a hop count of 16, making them unreachable. These triggered changes then propagate throughout the internetwork.
If your RIP-enabled internetwork includes slower WAN links as well as fast local area network (LAN) links between networks, you can assign the WAN links hop values that are greater than 1 to compensate for their slower speed. For example, you can assign a T1 link between two networks a hop count of 3 or 4. However, the total hop count between any two networks must still be less than or equal to 15, and such a configuration makes sense only if the topology of the network is a complex mesh involving both fast LAN and slow WAN links.
A RIP-enabled router that can receive RIP broadcasts but cannot send them is called a "silent RIP router."
See Also AppleTalk , broadcasting ,convergence ,dynamic routing ,interior gateway protocol (IGP) ,Internet Control Message Protocol (ICMP) ,Internet Protocol (IP) ,internetwork ,Internetwork Packet Exchange (IPX) ,Open Shortest Path First (OSPF) , subnet, User Datagram Protocol (UDP), Xerox Network Systems (XNS)
A port where a router connects to a network.
Overview
For any particular network, the port on the router that is directly connected to the local network is called the local interface, and any port on the router that is connected to a different network is called a remote interface. Each router interface has a unique MAC address burned into it, just like a network interface card (NIC) in a computer.
If only one router is connected to the local network, the local interface is the default gateway for all hosts on that network.
See Also default gateway , MAC address ,
A variable used by a dynamic router to calculate its routing table entries.
Overview
Dynamic routers employ metrics to determine which routing interface the router should forward a packet to in order to route it to its destination. Routing metrics enable routers to make intelligent decisions about how to forward packets to ensure that
Packets are delivered efficiently and quickly
Congestion does not occur over links between networks
Packets are not lost by being dropped by overloaded or dead routers
Implementation
The simplest metric used by routers to calculate routing table entries is the number of hops to a given destination network. This kind of metric is used by the Routing Information Protocol (RIP), an older routing protocol that enables dynamic routers to communicate with each other to share their routing information and synchronize the entries of their routing tables. On the other hand, if you need a more complicated metric that provides you with more control over the various paths that packets take across your network, you can use a routing protocol like Open Shortest Path First (OSPF) instead. This protocol employs several variables in calculating its metric, including
Load: Generally, the number of packets being processed per second by the router or its central processing unit (CPU) utilization. If the load on a router becomes high, the router can advise other routers to recalculate routing tables in order to divert traffic around it.
Latency: The time interval needed to route a packet through the router or over a specific path through the internetwork. Latency can be increased by delays due to such factors as port congestion on the router, heavy router load, bandwidth utilization of links between networks, and physical distance between networks.
Some routing metrics are manually entered into a router's configuration by administrators who have a knowledge of the network's physical layout and performance. Such metrics can include
Bandwidth: The total capacity of each network link to carry traffic between different networks in the internetwork.
Reliability: The relative amount of anticipated downtime for a given link between two networks.
Cost: A parameter roughly proportional to the actual cost in dollars of using each network link. Some wide area network (WAN) links might have more latency but cost much less.
Maximum Transmission Unit (MTU): The largest size of packet that the router can forward without segmenting the packet into subpackets. Segmentation of network traffic by routers adds additional latency to network communication.
See Also dynamic routing , Open Shortest Path First (OSPF) , static routing
A protocol that enables routers to communicate with each other.
Overview
Routing protocols are the software implementation of routing algorithms, mathematical procedures for determining the cost of various paths or routes through an internetwork so that traffic can be efficiently routed. Routing algorithms are used by dynamic routers, which exchange information with each other that enables them to build routing tables that accurately represent the possible paths on which packets may be routed through the network.
A good routing protocol should have the following characteristics:
It should allow rapid convergence (recalculation) of routing table information when the network changes-for example, when a router goes down.
It should prevent routing loops from occurring.
It should select the optimal route for packets to be forwarded to reach their destination, based on routing metric information.
Types
Routing protocols can be classified in different ways. For example, you can classify them according to how they are affected by administrative boundaries in networks, which results in the following:
Interior Gateway Protocols (IGPs): These routing protocols are used to exchange information between routers within a given administrative area or autonomous system (AS). Other names for this kind of routing protocol are interior routing protocol or intradomain routing protocol.
Exterior Gateway Protocols (EGPs): These protocols are used to exchange information between routers in different administrative areas or autonomous systems (ASs). Other names for this kind of routing protocol are exterior routing protocol and interdomain routing protocol.
Routing protocols can also be classified according to the type of routing algorithm they use, specifically:
Distance-vector routing protocols: These protocols employ the distance-vector routing algorithm to calculate their routing tables and send their entire routing table (or most of it) to other routers when updates are required. Because of their high overhead in communications, distance-vector routing protocols are useful only on relatively small networks with few routers.
Link-state routing protocols: These protocols use the link-state routing algorithm for routing table calculation and send only the state of their own interfaces to other routers, minimizing communications overhead and making these protocols suitable for large networks with many routers.
Finally, routing protocols can be classified as either
Classful routing protocols: These use Internet Protocol (IP) address class distinctions to derive subnet masks. They are essentially simple protocols that are limited in their scalability to large networks.
or
Classless routing protocols: These protocols propagate subnet masks and do not consider IP address classes when routing packets. In other words, they employ classless interdomain routing (CIDR) in their operation.
Examples
Common examples of routing protocols include
Routing Information Protocol (RIP): Based on the distance vector routing algorithm and used in small to medium-sized internetworks, RIP is an intradomain routing protocol that can function only within a given routing domain. Microsoft Windows NT Server, Windows 2000 Server, and Windows .NET Server support RIP; a multihomed machine running Windows NT, Windows 2000, or Windows .NET Server can be used as a RIP router.
Interior Gateway Routing Protocol (IGRP): Based on the distance vector routing algorithm and used in medium-sized to large-sized internetworks, IGRP is an intradomain routing protocol that can function only within a given routing domain. IGRP uses a number of metrics to determine routing cost, including load, bandwidth, latency, reliability, and Maximum Transmission Unit (MTU). The router determines some of these factors dynamically as it inspects incoming traffic, but others are specified by the network administrator. IGRP supports multipath routing for load balancing and fault tolerance.
Open Shortest Path First (OSPF): Based on the link state routing algorithm and used in medium- sized to large-sized internetworks, OSPF is a hierarchical, intradomain routing protocol that is used within an autonomous system (AS). OSPF evolved from an earlier Open Systems Interconnection (OSI) routing protocol called intermediate-system- to-intermediate-system (IS-IS). OSPF supports multipath routing and uses one or more routing metrics, including bandwidth, reliability, load, latency, and MTU. If OSPF is configured to use more than one metric, it can also support type-of- service (TOS) requests for differentiating traffic.
Exterior Gateway Protocol (EGP): An interdomain routing protocol for routing between different routing domains that are connected by a routing backbone such as the Internet. EGP was the first interdomain routing protocol and was designed in 1984 to enable communication between the core routers of the Internet. EGP does not use routing metrics-it simply keeps track of which networks are currently reachable through a given router.
Border Gateway Protocol (BGP): Another interdomain routing protocol created specifically to enable the core or backbone routers of the Internet to communicate with each other. BGP is superior to EGP because it can detect routing loops and use routing metrics, and it has displaced EGP as the interdomain protocol of choice for the Internet.
Some less commonly used routing protocols include
NetWare Link Services Protocol (NLSP): Used in Novell NetWare 4.x as part of its Multi-Protocol Router (MPR). NLSP is based on a combination of OSPF routing and Novell's Service Advertising Protocol (SAP) functions and is also based on the link state routing algorithm.
Routing Table Maintenance Protocol (RTMP): Used in AppleTalk networks and based on the distance vector routing algorithm. RTMP is derived from RIP.
Notes
Remember that a routing protocol is different from a routable protocol. A routing protocol is used by routers to communicate with each other. A routable protocol, on the other hand, is a network protocol, such as Transmission Control Protocol/Internet Protocol (TCP/IP) or Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX), that allows packets to be routed across an internetwork.
See Also autonomous system (AS) , Border Gateway Protocol (BGP) ,classful routing protocol ,classless interdomain routing (CIDR) ,classless routing protocol ,convergence ,distance vector routing protocol ,dynamic routing ,Exterior Gateway Protocol (EGP) ,interior gateway protocol (IGP) ,Interior Gateway Routing Protocol (IGRP) ,link state routing algorithm ,Open Shortest Path First (OSPF) ,Open Systems Interconnection (OSI) reference model , static routing
An internal table that determines which interface to send a packet to, based on its destination network addresses.
Overview
Routing tables enable both computers and routers to forward packets to their destinations. On Microsoft Windows platforms these routing tables are built automatically and are used to determine whether to forward specific packets to
The local network for destination hosts on the local network segment
A near-side router interface for destination hosts on a specific remote network segment
The default gateway for hosts in unknown locations
Examples
To view the internal Transmission Control Protocol/Internet Protocol (TCP/IP) routing table on a computer running Windows, type route print at the command prompt. The result is a typical routing table that looks something like the following:
Active Routes: Gateway Network Address Netmask Address Interface Metric 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 172.16.8.0 255.255.255.0 172.16.8.50 172.16.8.50 1 172.16.8.50 255.255.255.255 127.0.0.1 127.0.0.1 1 172.16.255.255 255.255.255.255 172.16.8.50 172.16.8.50 1 224.0.0.0 224.0.0.0 172.16.8.50 172.16.8.50 1 255.255.255.255 255.255.255.255 172.16.8.50 172.16.8.50 1
This particular computer has a single network interface card (NIC) with the address 172.16.8.50. The columns of this table are interpreted as follows:
Network Address: A destination network address on the network
Netmask: The portion of the network address that must match in order for that route to be used
Gateway Address: Where the packet needs to be forwarded (a local NIC or a local router interface)
Interface: The address of the NIC through which the packet should be sent
Metric: The number of hops to the destination network
See Also default gateway ,
Stands for remote procedure call, a protocol that enables one computer to make a function call to another computer on the network.
See Also remote procedure call (RPC)
A utility for testing for remote procedure call (RPC) connectivity over a network.
Overview
RPC Ping is included with Microsoft Exchange Server for testing RPC connectivity essential for the operation of an Exchange/Outlook messaging system. The server portion of RPC Ping runs on an Exchange server and responds to requests from the RPC Ping client on another station.
If an RPC-based mail client such as Microsoft Outlook cannot connect to an Exchange server in its site, perform the following tests:
Check network connectivity between the client and the server to try to map a network drive to a shared folder on the server by typing the Net Use command at the command prompt on the client. If this fails, you might have a hardware failure such as a failed network interface card (NIC), a loose cable, or a configuration problem with your networking protocol (such as an erroneous Internet Protocol [IP] address).
If network connectivity is successful, you might have a problem with the RPC binding order on the client. Try modifying this binding order in the registry.
If the client still cannot connect to the server, run the server-side component of RPC Ping on the server to test which protocols RPC can bind with and which protocols can be accepted by the client. This server-side component of RPC Ping is called Rpings. Run the client-side component of RPC Ping called Rpingc32 to test RPC connectivity with the Exchange server. If Rpingc32 works for a specific protocol, rearrange the RPC binding order on the client so that this protocol is first.
See Also Exchange Server
Stands for resilient packet ring, an emerging technology for Synchronous Optical Networking (SONET).
See Also resilient packet ring (RPR)
Stands for Rivest-Shamir-Adelman, a popular algorithm for public key cryptography.
See Also Rivest-Shamir-Adelman (RSA) algorithm
A popular serial interface.
Overview
More properly known as RS-232C, RS-232 is a widely implemented serial transmission interface developed by the Electronic Industries Alliance (EIA) that is used for connecting data terminal equipment (DTE) such as computers or terminals to data communications equipment (DCE) such as modems, packet assembler/disassemblers (PADs), or serial printers.
RS-232 specifies the types of wires and connectors, the pinning of the connectors and the function of each wire, the voltage levels and their meanings, and control procedures such as handshaking. RS-232 is compatible with the V.24 and V.28 standards from the International Telecommunication Union (ITU).
Uses
On a PC, RS-232 is typically implemented in a universal asynchronous receiver-transmitter (UART) chip, which converts the internal parallel bus signal to a serial bit stream and vice versa, enabling communication between your system bus and serial devices. Although the maximum speed of RS-232 is 115.2 kilobits per second (Kbps), older PCs support rates of up to only 56 or 64 Kbps. Newer PCs have a 16550 UART chip that supports serial throughput rates of up to 460.8 Kbps.
You can also use RS-232 with a null modem cable to connect two pieces of DTE (for example, to transfer files). If you are having trouble with an RS-232 connection, be sure that you are using a regular cable for DTE-DCE communication or a null modem cable for DTE-DTE communication-they look the same, but they are incompatible.
Architecture
The RS-232 specification uses unbalanced lines to provide full-duplex serial communication using baseband transmission. RS-232 provides a typical data rate of 19.2 Kbps over a maximum distance of 15 meters (49 feet), but the maximum data transfer rate is 115.2 Kbps. Up to two devices can be connected using RS-232. Devices cannot be daisy-chained together using RS-232. (Use RS-422/423 instead.)
RS-232 cables (cables designed to use the RS-232 serial interface specification) are typically 25-wire unshielded twisted-pair (UTP) cables with DB25 type connectors or 9-wire cables with DB9 connectors. The pin assignments are shown in the following table. Note that only pins 1 through 8 and pin 20 are required for most basic RS-232 functions, which means that 9-pin DB9 connectors can be used on RS-232 serial cables for most applications.
Pin Number | Function |
1 | Equipment ground (for protection) |
2 | DTE transmit data |
3 | DTE receive data |
4 | Request-to-send (RTS), controlled by the DTE |
5 | Clear-to-send (CTS), controlled by the DCE |
6 | Data-set-ready (DSR), controlled by the DTE |
7 | Signal ground (common return path) |
8 | Carrier-detect (CD) |
9 | + Voltage |
10 | - Voltage |
11 | Not used |
12 | Secondary received line signal indicator |
13 | Secondary CTS |
14 | Secondary DTE transmit data |
15 | DCE transmitter signal timing |
16 | Secondary DTE receive data |
17 | Receiver signal timing |
18 | Local loopback |
19 | Secondary RTS |
20 | Data-terminal-ready (DTR), controlled by the DTE |
21 | Signal quality detector |
22 | Ring indicator |
23 | Data signal rate selector |
24 | DTE transmitter signal timing |
25 | Test mode |
See Also connector (device) , data communications equipment (DCE) ,data terminal equipment (DTE) ,full-duplex , serial transmission, unbalanced line
A high-speed serial interface.
Overview
RS-422 is a full-duplex serial interface that uses balanced lines and has more immunity from noise than the RS-232 interface. RS-422 was originally designed to supersede the earlier RS-232 standard, but they now coexist in networking environments. RS-422 transmits data at rates between 230 kilobits per second (Kbps) and 1 megabit per second (Mbps). RS-422 cables typically have 25 wires and use DB37 or DB9 connectors, and the maximum distance for an RS-422 link is typically 300 meters (985 feet).
An unbalanced version of RS-422 called RS-423 is defined but is less frequently implemented. RS-422 and RS-423 are compatible with the International Telecommunication Union (ITU) standards V.11 and V.10, respectively.
Uses
RS-422 is used in industrial environments with a lot of electromagnetic interference (EMI) or where more than two serial devices need to be chained together. It is typically used for high-speed synchronous communication between data terminal equipment (DTE) and multiple daisy-chained data communications equipment (DCE).
Notes
Some other related Electronic Industries Alliance (EIA) standards for serial transmission include
RS-449: Specifies the pinning for RS-422 when DB37 connectors are used.
RS-485: Expands RS-422 to include balanced multipoint serial communication using tristate drivers.
RS-530: Specifies the pinning for RS-422 when DB25 connectors are used. Note that RS-530 cables look like RS-232 cables but are not compatible with them.
See Also connector (device) , data communications equipment (DCE) ,data terminal equipment (DTE) ,full-duplex , serial transmission, unbalanced line
Stands for Recreational Software Advisory Council, a nonprofit organization with a content advisory system for Web sites on the Internet.
See Also Recreational Software Advisory Council (RSAC)
A UNIX command that enables clients to run commands directly on remote hosts without having to log on to the remote host.
Overview
Rsh is one of the UNIX r-commands that are available on all UNIX systems. In order to use Rsh on a client machine,
The remote host must be running the Rsh service or daemon.
The Rsh user and client must have their computer name and username configured in the remote host's .rhosts file.
Rsh provides functionality similar to that of Rexec, another UNIX command that enables clients to run commands directly on remote hosts. The difference is that Rexec uses clear-text password authentication and does not prompt the client to enter a password upon connecting.
Notes
Microsoft Corporation's implementation of Rsh is client software only. If a user on a computer running Microsoft Windows 2000, Windows XP, or Windows .NET Server is logged on to a domain and tries to use Rsh to run a command on a remote UNIX server that is running the Rsh daemon, the domain controller must be available in order to authenticate the user, which is required by the Rsh client.
See Also Rexec
Stands for Resource Reservation Protocol, a signaling protocol used for conveying quality of service (QoS) requests.
See Also Resource Reservation Protocol (RSVP)
An undersized Ethernet frame.
Overview
A runt is an Ethernet frame that is smaller than the minimum 64-byte size. Runts are generally caused by malfunctioning interfaces on routers or malfunctioning network interface cards (NICs) in computers. Runts utilize network bandwidth in a hidden fashion when they are present and are therefore undesirable, but they are a less serious condition than jabbering, which occurs when an interface starts broadcasting frames without ceasing. Runts can slow down a network, but a jabbering card can bring everything to a standstill. To eliminate runts, identify the malfunctioning card or interface and replace it.
See Also Ethernet , jabber ,network interface card (NIC) ,