Question 1 )
Cloud services and virtualization rely on networking infrastructure for operation and functionality. Generally when we speak of networks, we are referring to the physical infrastructure consisting of components such as the wiring, switches, routers, ports, firewalls, etc.
A wireless ad hoc network (WANET) or MANET is a decentralized type of wireless network. The network is ad hoc because it does not rely on a pre-existing infrastructure, such as routers in wired networks or access points in managed (infrastructure) wireless networks. Although this is not a networking class, there are a number of components that need to be understood in order to work with cloud and virtualized systems. The following information is drawn from chapter 4 of the CompTIA Cloud+ Study Guide (Montgomery, 2016).
Implementing Appropriate Network Configurations
Networking is a whole study area in itself, and so we’ll cover the topic broadly enough to give cloud engineers a fundamental background to understand many of the concepts of networking. We’ll look at network addressing, network types, how applications are identified, and how to use network protocols to send information between the cloud and the customers it serves.
NAT
Network Address Translation (NAT) is very common in networks. The TCP/IP protocol is the predominant networking protocol and is the only protocol routed over the Internet. TCP/IP has a numbering scheme that allows for a unique identification of each endpoint in a network. When you’re routing over the Internet or outside of your own company or cloud, you must acquire and use a publicly assigned group of addresses. This allows for every company, individual, or organization to have a unique address, much like we all have a unique phone number.
When the TCP/IP protocol was developed back in the 1970s and as the Internet was being developed, the developers had no idea it would ever become so popular. With the Internet boom of the 1990s and beyond, it became clear that the IP addressing allocations would not be large enough to handle the growth. Several measures have been taken to slow the rate of address depletion, including setting aside blocks of addresses for private use that anyone can implement but that are not allowed over the Internet. These are the common addresses often seen beginning with 10.0.0.0, 172.16-31.0.0, or 192.168.0.0, defined in RFC1918.
Setting aside these address blocks has been very successful in slowing address depletion on the public Internet. But it has also meant that if you have a private address that is blocked, you can’t connect to the Internet. The Internet engineers set about resolving this issue by coming up with an address translation arrangement where the private number is swapped with one that is public before sending the packet out over the Internet. When the packet returns, the public IP address is removed, and the original private IP address is put back in the packet and sent internally to the computer requesting the data. The sending computer with the private address has no idea at all that its IP address was swapped out for most of the journey over the Internet. Also, the receiving computer out on the Internet only sees the publicly assigned IP address and not the original private address. This process is called NAT. Although several different types of NAT exist, we’ll focus on the standard type most commonly found in networks connecting to the Internet.
PAT
Port address translation (PAT) is a variation of NAT that drastically reduces the number of public-reachable IP addresses an organization or cloud provider must own. The idea behind PAT is that there can be tens, hundreds, or even thousands of hosts in a private network, with private addresses assigned to them in the 10.0.0.0, 172.16.0.0, or 192.168.0.0 address space, and they all can use a single public IP address to access the Internet. This scenario is very common and has been instrumental in reducing the depletion of public IP address blocks. PAT, often referred to as NAT overload, utilizes the IP port numbers area inside the IP header to pull this off.
Subnetting/Supernetting
IP addresses are seen as a dotted decimal presentation of four blocks of 8 bits each from 0.0.0.0 to 255.255.255. What is lurking behind the scenes is something called a subnet mask, or mask for short. The function of the subnet mask is to draw a line in the IP address that tells us what the network portion is. Once we know that, we can determine what the host or computer number is for each of the computers, servers, or devices on that network. This process, called subnetting, follows a very standardized structure.
Some common masks are standardized for each block of addresses with, for example, a Class A block of 10.0.0.0 using a standard mask of 255.0.0.0, which allows for a small number of networks of 8 bits, or 255 networks. However, there can be 16.777.216 host computers. Since this is not very realistic, we can divide the 10.0.0.0 networks into many more networks with fewer hosts in each network. For example, we can use the 10.0.0.0 network and add a subnet mask of 255.255.255.0 to allow for 65,536 networks, each with 253 hosts.
Supernetting uses the same concept but in reverse. A smaller network such as 192.168.1.0 can be combined with other networks in the 192.168.0.0 range to make one larger network out of several smaller ones. Supernetting is used when you need a large block of addresses for a server farm, for example. If several smaller blocks consisting of 254 addresses are available and consecutive, the subnet mask can be modified to combine them into one larger block. For example, a 255.255.254.0 subnet will support 510 hosts instead of 254 hosts.
VLAN and VLAN Tagging
Either we have our IP blocks that have been assigned for use as public ranges or we are using the private space as we discussed earlier. These blocks of IP addresses define our logical addressing. Now we need to configure our network switches’ physical ports that have servers and other devices locally connected to be members of the IP subnet they are configured to be in by implementing VLANs.
Inside the cloud datacenter, a method was needed to segment these networks not only at the logical or IP addressing level but also at the physical port level. The Ethernet switches installed in the datacenter can have their ports logically divided into groups that connect servers and devices into the same Layer 2 domain. One way to accomplish this goal was to segment all the devices in the same subnet using the same physical LAN and use a separate Ethernet switch for each subnet. This arrangement was deemed impractical and was never used; the sheer number of switches that would have to be installed and managed would have been too much for any modern cloud datacenter. So, something had to be developed that would allow for Ethernet switching systems to handle many LANs in one unified system. The solution was, of course, to virtualize! In this case, we take an Ethernet switch and logically cut it up into many smaller switches, each supporting an IP subnet.
References
Montgomery, T. (2016). CompTIA cloud study guide: Exam CV0-001. Indianapolis, IN: John Wiley & Sons. ISBN 978-1119243229
Prompt
The number of connected devices, especially wireless devices like cell phones, tablets, and laptops, continues to rapidly increase and networks must be adapted to meet the growing connectivity needs. For this discussion, research how companies are adapting their networks to support mobile connectivity needs. How are VLANs being configured? How are wireless access points being strategically deployed and configured?
Question 2
Part 3 of your project paper will build on your work from the first two parts from weeks 1 and 3. For this assignment, write a 3 page APA formatted paper addressing and focusing on the migration project design, the timeline for migration, individuals (positions) involved, technical requirements, etc. For example, if you are recommending a migration for cloud data storage, this paper may address the issues of moving the data to the cloud service, creating the user Access Control List (ACL), system requirements such as computer platform or local PC software needs, etc. Summarize your paper with your final recommendation for the cloud service migration.
For week 1 and week 3 I have documents you can refer it to write the paper for question 2 .
0 comments