So to really understand how to build networks, it helps to understand the different types of devices or the different types of functions that we can put in networks. So to really to understand this, I'm going to talk about some of the most commonly used device types so you know what they are and you know what they do. So first, I'm going to talk about a category of device types, which are called forwarding devices. These are devices that take in packets and all they do is figure out where to send them. So we talked about routers, which do this at layer three. There's switches, which do this at layer two. What routers and switches do is they take in packets and they inspect different headers. They could use this at different layers. There's layer four switches, which they could- TCP segment, look at the port, things like that and forward based on that, and so on. So there's routers and switches which do that. There's also things called load balancers. So what a load balancer is, it's a device that takes in connections or packets and distributes those connections or packets across a bunch of outgoing ports or a bunch of outgoing servers. So you might use something like this if you have a network and you have a source point, a destination point, and then you have a bunch of redundant links. Maybe it's too expensive to buy a really high bandwidth link, really high bandwidth interfaces. You have a bunch of lower bandwidth interfaces and you want to disseminate your data across all those links. So for that, you'll do a load balancer. You might have a layer three load balancer which will take all your IP packets and spray them across those links. So that way, you can even out your load over those links. Another situation where you might use a load balancer is if you have a bunch of servers, and you want your data to go across those servers, like maybe you're Amazon and you have a bunch of servers which can handle shopping. So you don't want all your connections to go to one server. You want those going to be distributed across servers. So for that, you might use a layer four load balancer. Because one challenge there is the user has a shopping cart and they have their stuff in there. So you want to store that data on a server, what's in their shopping cart. If there next packet goes to another server, that other server is not going to know what's in their shopping cart. So what you want to do is you want to do layer four load balancing where every packet, for a connection, goes to one server, but you balance your connections across servers. So these are examples where you'd use load balancers. There's also different types of devices like voice switches and softswitches. These are switches which can operate a different layers of the stack. A voice switch can take voice calls in and brought them to a particular phone number or destination. Softswitches are application layer switches, so you can take all your YouTube data for your network and brought them on one direction or things like that. But with wavelength routers, what we can do is we can route based on colors. So we have the ability to create wire networks where we don't use physical wires that are made out of metal, but we can actually send beams of light through them. There's a bunch of advantages to this, which we'll talk about later in the course. So you take your optical cable and have a red light flashing into it, which is a new data for one connection. A green light also flashing in there. They're not going to interfere because they're different colors. What wavelength routers can do is they can actually route based on colors. So they'll forward your red traffic this way and green traffic this way. There's all sorts of cool things they can do with crystals. They can make special crystals which separate out your light using a prism. The voltage going through that crystal bend the light in different directions. You can actually route based on color with these. So these are a bunch of example of forwarding devices. But in general, they all work like this. They can decide the next hop based on the header, or the traffic contents, or the structure of the communication. They may construct forwarding tables in advance to speedup lookups. They're not going to run Dijkstra's every single packet, that's not very scalable. So the run-time operation of these devices is, first, they're going to take the data in and they're going to determine if they themselves are responsible for the next hop. Then, they're going to lookup and determine the next hop, using the headers. Then, they're going to forward the data out the appropriate outbound interface. So they're just going to send the loop and take in packets and send outbound interface. So those are forwarding devices. Another category of devices are processing devices. So these are devices where you take in packets and you do something with them. There's a bunch of examples of why you'd want to do this. So one example of this are application proxies. In application proxy is a device which sits in your network and does something with your data. So for example, one thing Netflix has been doing is they have this problem where they have a bunch of servers, they have these huge data centers where they're disseminating out movies, and so many people are watching movies at the same time. They have to be a lot of money for bandwidth to send out those movies. One thing they could do is they can figure out where users are and they can take a box or a server with their movies and put it in a network close to users. What these boxes are called, they're called proxies. These are devices where they can sit it in a network and the user, instead of contacting Netflix central, it'll contact the proxy to download the movie. It sits in the middle, so it's a proxy. There's a bunch of application proxies like this. These are devices that sit in the middle of a connection and intercept them and do some intermediate processing of the data. Another example of proxies are reverse proxies. So a reverse proxy is the opposite of that. Reverse proxy is you have a network, maybe it's an enterprise network or data center and you're sending out data a lot. You got a server infrastructure behind it doing database lookups, doing a lot of processing. Then you notice, most of your users are hitting on just one file. Every time they access this file, you have to do a database lookup in a big back end thing. Wouldn't it be great if you can cache that file somewhere? You could do that with a reverse proxy. A reverse proxy is something that sits on the border of your network, and then incoming requests hit on the proxy and just go back out. They don't have to go into your internal infrastructure. So that's another example. There's also things like signaling controllers. So a lot of times in network protocols, you're going to have to do some signaling like with voice over IP. If you want to make a phone call, you're going to have to send a ringtone, you're going to send caller ID information, tell him who's calling, and things like that. So there's back and forth control protocol which is taking place instead of just sending data. Signaling controllers are application layer controllers that intercept control information. There's also location appliances. So for example, with 911. If you ever make a 911 call from your cell phone, wouldn't it be great if the police knew where you were? Because otherwise, you don't know where you are and you need to make a call like that. So with E911, there's these additions to 911 which can send your location back to the police, and that's being done with location appliances. So these are appliances that can help keep track a user location into useful for things like emergency services and they're also useful for advertisements, because you have users walking around, being asked to figure out where they are. When they get close to a shop and you want them to go into the shop, you can display certain advertisements there. Another example are transcoders. So transcoders are devices that take in packets and then convert them to some other format. This is done a lot with streaming media. Cellphone companies do this sometimes. So if you have your phone, it's an older phone maybe, and you're watching some 4K high-definition video stream on your little phone, the phone company knows you don't need that high definition stream. What they're going to do is they're going to route your data through a transcoder and they're going to downsample it. They're going to take your high-definition stream and downsample it to 360p or something like that to go into your phone, and you probably won't notice that much. But it's going to save the phone company a lot of data. So transcoding is taking a data stream and doing some processing on it. So there's a bunch of devices like this and they all work in the same way. They all manipulate the content and the flow or intercept it in some way. They might change the data, downsample, upsample, interpolate, encrypt, or cache. They often require application layer knowledge to do this, because they're operating on application layer information. At run-time, they receive traffic and then they perform some operations on it before they send it out. These operations might be things like intercepting the data, caching, marking it, manipulating the contents of headers or data packets and so on. That's processing. Another set of device types are more associated with translating. So dealing with different formats, or different header formats or data formats. So I'm going to go through some examples of that as well. So one common translator is known as a Network Address Translation device. So the place where you'd use one of these is if you haven't network and you couldn't get enough IP addresses. Because we're running out of IPv4 addresses, and it's very common to have a big network and you can't get enough IP addresses for all your hosts. So what you'll do is you'll take your network and kind of make up some IP addresses. You will use a private part of the IP address space and number all your host from that. Then you have one of these NAT boxes sitting at your perimeter, and that NAT box will translate between your private addresses in a smaller pool of public addresses. So your large number of internal host can share that smaller set of external addresses. That's called Network Address Translation. Another example is a PBX switch. So if you've ever dialed into hospital or credit card company and you have to push numbers to get routed to the right place or say tech support or something like that. You're talking to one of these devices which is sitting there and taking in your voice which is routed over IP and then it takes and it figures out how to route it through a voice network. There's also things like wireless bridges where we can translate wired signals into wireless signals. There's also devices that are used for different kinds of layer to networks. So if you're at home and you're using internet at home, you might be using AT&T or some company that routes your data over a DSL network. So you might use a digital subscriber line access multiplexer which is a device which takes your data and then sends it over layer two to your home. So DSL is a protocol that's used between the home and the central office to route data packets. There's also things like optical transport which does translation between different kinds of optical signals. So all these devices do translation They take in headers in data and they convert them in different formats and they made me teen tables to help them do translation. So NAT does this for example and asked remember okay. Translated this internal address to this external address. So when data comes back after do the reverse translation. So that can be helpful to do. At run-time what they do is they taken packets and they determine if themselves is the responsible for the next-hop. Then it'll determine how to translate the data. It may do lookups to do that and then it will modify the packets do the translation. So that's translation. Another set of device types is associated with isolation of data. So this is a really critical function these days because we read in the news all the time about cyberattacks and infiltrations. We want to keep the bad guys out of our networks and there's a lot of device functions which can help us do that. For example, there's firewalls. Firewalls are devices where you can put rules into them or policies. Where you can tell them precisely what kinds of packets you want to allow into your network. You can do this in different layers. You could have layer three rules and you could say I don't want any packets coming from that IP address and you can have layer seven rules. You can say, "okay YouTube data can come in, but I just want the comments. I want my users to be able to see the comments. I don't want any actual video traffic to come in". So you can do firewall in different layers. To do firewall, you insert access controls into these devices. So access controls are realizations of the policies that you want to enforce. The rules that are contingent on the contents of the data and then they tell the firewall what to do. Whether to drop the data or blockade or quarantine it and so on. So those are firewalls. There's also access control services. So these are services which are higher layer and they can be used to configure sets of firewalls. So if you have a certain policy that you want to instill across a set of firewalls, you could do that at an Access Control Service and it'll go out and push that data to firewalls. There is also Intrusion Detection Systems. So these are like firewalls that they sit there and they help protect your network. But they're much more focused on finding weird stuff. So if you have a user and every day they go to a small set of web pages. These go that small set of web pages everyday and that's all they do and then one day, oh boy they access this other server. That's your credit card server. That looks suspicious.. Intrusion detection systems are focused on building profiles of user activity and external sources of packets and looking for anomalies. Things that don't seem normal. Then it'll report them. Intrusion detection systems are focused on detection. There's also intrusion prevention systems which will detect, if something looks suspicious enough, it'll go out it'll block the problem. There's also denial-of-service mitigation technologies. So a denial-of-service attack is an attack where somebody is trying to deny service to a certain resource. Like maybe I'm a network and I have an upstream matter to get to the internet and then somebody doesn't like me or they want to blackmail me or whatever, and so what they're going to do is they're going to, get a whole bunch of Bots and they're going to start sending traffic to that input port on my router and they're going to overload it and then I can't send data out. So what DDoS mitigation is, is it's a technology that allows you to block denial-of-service attacks and it contains tricks like, there's a bunch of traffic coming from an address. It'll let you insert a rule that just blocks traffic from that address. These services can be distributed because you might not be able to do anything to block traffic on your input port to your network. But your provider can because they can block it at a large number of ports entering their network. There's also technologies like network admission controllers and these are more proactive. What these do are checks to see if whether you're evil to access the network or not. Whether you're authorize. These can be connected together with Windows Active Directory and services like that. So users can actually log in to see if you are able to access the network or not. So what these devices do is they focus on segmentation. They're focused on preventing information or data or packets from going to certain locations that they're not supposed to go to. The way you deal with them is you configure policies in them. You set up access control and prioritization policies in advance and then you put them in these devices and these devices enforce them. In at run-time, the way they work is they take in the data and they look at the appropriate header fields or content and the flow and then they go through their policy lists and they figure out which rules should match on these packets in a process matching rules. A common approach is to process the first matching rule because you might have a lot of rules that match the packet and there might be ambiguity about which one applies. Common process is to have them ordered and you choose the one that matches first to apply. Then what they do is they forward the traffic appropriately. Okay. So here what I've done is I've given you an overview of some very commonly used device types and networks. So what you can do is you can start thinking about how you design your own networks. If you wanted to sit down and build a network, how would you take these devices and plug them together. So you can think about that and we'll actually go through some examples a little bit later in the course of how to do that.
