Designing Internet Systems and Servers

 

Server Concepts: WEB, Proxy, RADIUS, MAIL

Proxy Server

- Proxy server is the server that acts as a intermediate between requests from clients seeking resources from other servers.
- A client connects to the proxy server to request for a service.
- The proxy server evaluates the request and simplify its complexity.
- An open proxy server is the one that is accessible by any Internet users. It is generally used for anonymity of the user.
- An reverse proxy server is the one that is installed near the web servers that appears to the client to be an ordinary server. It is used for providing encryption, load balancing, compression and security.

---

RADIUS

- RADIUS stands for Remote Authentication Dial-In User Service.
- It is a networking protocol providing the centralization of Authentication, Authorization and Accounting for remote access.
- It is a client-server protocol that works in application layer of OSI reference model.

1. Authentication and Authorization
- The user sends the Network Access Server to access a particular resource using its identification.
- The NAS forwards the identification credentials to the RADIUS server in the form of Radius Access Request message. This request consists of credential information along with the user information such as network address, account status and so on.
- The server then verifies whether the credentials are true or not using authentication schemes.
- The server then returns one of the following responses to NAS:
a) Access Reject (Indicates that the user is denied for resource access)
b) Access Challenge (Requests for additional information from the users such as second password, tokens, and so on.)
c) Access Accept (Grants access to the user)

2. Accounting
- After the user gets access for the resource from NAS, the NAS sends the RADIUS server Accounting Start that indicates the user has started to use the resource.
- It generally contains user identification, network address, and session identifier.
- The Interim Update Record can be sent by the NAS to RADIUS to update the status of an active session.
- When the user closes the network access, NAS sends RADIUS Accounting Stop Record.

---

DHCP Server

- DHCP stands for Dynamic Host Configuration Protocol.
- It is a network protocol that enables the server to automatically assigns an IP address to a host from a defined range configured for a network.

Working of DHCP

1. A user starts a computer with DHCP client.
2. The client sends broadcast request looking for a DHCP server to answer.
3. The router directs the broadcast request packet to the correct DHCP server.
4. The server determines appropriate IP address based on availability and set policy on receiving the request packet.
5. The determined address is reserved for the client temporarily and sends the client an OFFER packet.
6. The client sends a DHCPREQUEST packet to the server for using that address.
7. The server sends DHCPACK packet confirming the lease of that address by the client for server-specified period of time.

 

---

Load Balancing: Proxy Arrays

- Load balancing is the process of distributing the incoming traffic across a server pool in an efficient manner.
- It helps in routing the client requests across all the servers that are capable of fulfilling those requests.

---

Benefits of Load Balancing:

1. High traffic websites should be able to serve huge amount of requests concurrently and return the correct information on time. So, a load balancer routes these requests to all the capable servers that maximize speed and capacity utilization.

2. Load balancing helps to improve the performance of the web sites by ensuring no any server is over loaded while other servers are idle. It makes utilization of all the available servers to distribute the work load equally.

3. It is capable of sending requests to only the active servers, thus ensuring high availability and reliability.

4. It provides flexibility to add or remove servers as per the necessity. On adding a new server, it automatically starts to send requests to that server too.

---

Non Redundant Proxy Load Balancing

The techniques used can be discussed by the given steps:
1. The proxy selection is based on the hash function.
2. The hash value is calculated from the URL of the request.
3. The resulting hash value is used to choose the proxy.
4. The host name is also used in hash function to ensure requests routed to the same proxy server.

---

Cache Array Routing Protocol (CARP)

- CARP is a hash-based proxy selection mechanism.
- It uses hashing to select the server. So, there is no necessity of queries.
- It automatically adjusts for the addition or deletion of the server.
- it eliminates the cache redundancy.

Working of CARP

1. Assume an array of Proxy servers and array membership is tracked using membership list.
2. A hash value Hs is computed for the name of each proxy server in the list.
3. A hash value Hu is computed for the name of each requested URL.
4. For each request, a combined hash value Hc = F(Hs , Hu) is computed for all the servers.
5. The server with highest value of Hc for a requested URL is selected.

 

Types of CARP Routing
1. Hierarchical Routing
2. Distributed Routing

---

Server Setup and Configuration Guidelines

Factors to be considered for proper network design

1. Connectivity and Security
2. Redundancy
3. Standardization
4. Disaster Recovery
5. Growth Management

---

Guidelines to design proper network design

 

1. Determine the exact goal of network to be designed.
2. Estimate required devices and their specifications.
3. Estimate cost for the network design.
4. Create a network topology.
5. Determine number and type of devices to be connected to the network.
6. Secure the designed network using various security measures.
7. Backup and Redundancy to improve system reliability and availability.
8. Regular testing and maintenance of the system.

 

---

Example 1:

NITC building had 4 research labs each having 24 computers. All the labs are located at the first floor. Each computer is to be connected in the network from NCR located at 2nd floor. Prepare a bill of quality (BoQ) with the necessary network resources required for complete networking.

 

Additional Assumptions 
1. A NCR room located at second floor consists of 3 servers (DHCP server, FTP server and Mail server). It also have 1 printer and 1 IP Phone.
2. Each research lab located at first floor consists of 1 printer.

 

Resources Required
1. Router
2. Switch
3. PC
4. Server
5. Printer
6. IP Phone
7. Cat 6 cable
8. RS 232 cable

Specification Sheet

S.N Item Description Quantity Unit Summary Specification
-----------------------------------------------------------------------------------
1 Router 1 pcs Cisco 2901
2 Switch 5 pcs Cisco 2950-24
3 Server 3 pcs Varying Specification
4 PCs/Laptop 96 pcs Varying Specification
5 Printer 5 pcs Varying Specification
6 IP Phone 1 pcs
7 CAT 6 UTP Cable 100 pcs
8 RS 232 cable 1 pcs

IP Subnetting (Logical Design)
Consider we are given the IP address 202.10.5.0/24 (Class C network)
The corresponding subnet mask is 255.255.255.0

We require 5 subnets ( 4 subnets for 4 research labs each with 25 IP addresses and 1 subnet for NCR with 5 IP addresses.)

Initially IP address is divided into 2 parts for 2 floor.
Assume IP address for first floor is 202.10.5.0/25 and for second floor is 202.10.5.128/25.

Applying VLSM for first floor research labs:
---------------------------------------------
2 ^ x >= 25
So, x = 5
Subnet mask = 255.255.255.224

no of network bits = 8 - 5 = 3

The subnet in first floor becomes:
Lab 1 = 202.10.5.0/27 - 30 hosts
Lab 2 = 202.10.5.32/27 - 30 hosts
Lab 3 = 202.10.5.64/27 - 30 hosts
Lab 4 = 202.10.5.96/27 - 30 hosts

Applying VLSM for second floor:
----------------------------------
2 ^ x >= 5
So, x = 3
Subnet mask = 255.255.255.248

no of network bits = 8 - 3 = 5

The subnet in first floor becomes:
NCR = 202.10.5.128/29 - 6 hosts