IndependentVisitors
UV(IndependentVisitor):namelyUniqueVisitor,acomputerclientthatvisitsthewebsiteisavisitor.Thesameclientwithin00:00-24:00isonlycountedonce.Justlikedesigningthewidthandconnectionofroadsaccordingtothenumberanddirectionoftraffic,itisverynecessarytodesignacampusnetworkaccordingtonetworktraffic.
The"80/20"rule
Intraditionalnetworks,userswhousethesameapplicationaregenerallyplacedinthesameworkgroup,andtheserverstheyfrequentlyusearealsoplacedtogether.TheworkinggroupislocatedinthesamephysicalnetworksegmentorVLAN(virtuallocalareanetwork).Thepurposeofthisistolimitthedatatrafficgeneratedbetweentheclientandtheserveronthenetworkwithinthesamenetworksegment.Inthesamenetworksegment,youcanusearelativelyhigh-bandwidthswitchtoconnecttheclientandserver,insteadofusingarelativelylow-bandwidthrouter.Thisnetworkdesignmodethatcontrolsmostofthenetworktrafficlocallyiscalledthe"80/20rule",thatis,80%ofthenetworktrafficislocaltraffic(usingswitchestoexchangedata)andistransmittedinthesamenetworksegment;only20%Ofthenetworktrafficneedstopassthroughthenetworkbackbone(routerorLayer3switch).
The"80"and"20"inthe"80/20"rulecannotbesimplyunderstoodasnumbers,butshouldbeunderstoodasthewaynetworktrafficisdistributed,thatis,mostnetworktrafficisconfinedtothelocalworkinggroup.Partofthetrafficpassesthroughthenetworkbackbone.Therefore,inactualnetworkdesign,aslongasmostofthenetworktrafficislocalandasmallpartofthenetworktrafficpassesthroughthebackbone,itisconsideredtocomplywiththe"80/20"rule,regardlessoftheactualnumberratio.
Application
Inthecampusnetwork,thesoftware-onlymultimediaelectronicclassroomisasmallnetworkthatconformstothe"80/20"rule.Multimedianetworkclassroomsaremainlyusedinthesameclassroomorteachingbuilding.Multicastandbroadcastmethodsareoftenusedtosendmultimediadatafromtheteachercomputertothestudentcomputer,soalotofdatastreamsaregenerated.Ifnotprocessed,thedatastreamwillforma"broadcaststorm"andspreadtootherpartsofthenetwork.Therefore,thenetworksegmentwherethemultimedianetworkclassroomislocatedneedstobedividedintoanindependentsubnettosuppressthebroadcaststorm.
The"20/80"rule
Withthegradualenrichmentofnetworkapplications,the"80/20"rulecannolongerfullymeettheneedsofnetworkdesign.Andamodelcalled"centralizedstorage,distributedcomputing"isgraduallybeingpromoted.Centralizedstoragemeansthatdataisstoredinanetworkcenter,suchascommonlyusedWebservices,e-mailsystems,andtheincreasinglypopularVOD(videoondemand),multimediaresourcelibrary,educationaldatacenter(EDC),digitallibrary,etc.;distributionCalculationmeansthatthedataisdownloadedtoeachworkstationforprocessing,suchasusingthemultimediaresourcelibraryonthenetworktomakemultimediacourseware,browsethedigitallibrary,etc.Underthenetworkapplicationmodeof"centralizedstorageanddistributedcomputing",therequirementsfornetworktraffichavegreatlydeviatedfromthe"80/20"rule,andanewrulehasemerged,whichisthe"20/80"rule.
Inanetworkthatcomplieswiththe"20/80"rule,onlyabout20%ofthenetworktrafficisconfinedtothelocalworkinggroup,andabout80%ofthenetworktrafficistransmittedthroughthenetworkbackbone.Thischangeofnetworktrafficmodehasbroughtagreatloadtothebackboneswitchofthecampusnetwork.Therefore,inanidealstate,thebackboneswitchshouldbeabletoprovideperformancethatmatchesthatofthebackboneswitchesconnectedbelow,thatis,providewire-speedthree-layerswitching,thatistosay,howfastthebackboneswitchbelowcanrun,thebackboneswitchaboveshouldalsobeabletoHowfasttorun.Similarly,iftherearemanyVLANsdividedbyfunction(suchasteaching,scientificresearch,andadministrativemanagement)inthenetwork,theseVLANsarealsodifficulttomanage.Intheprevious"80/20"rule,serverswereoftendistributedinVLANs,soaccesswasfasterforeachworkgroup.However,inthe"20/80"rule,serversareoftenconcentratedinthecenterofthenetwork,soforeachworkinggroup,cross-VLANaccessmustbeimplemented.
Classificationconcept
Manynetworkapplicationshavetheirowncharacteristicsandhavedifferentrequirementsforthenetworkenvironment.Therefore,onlytimelyandaccurateidentificationandclassificationofnetworktrafficcanbeaccuratelyProvideasuitablenetworkenvironmentfordifferentapplications,effectivelyusenetworkresources,andprovideuserswithbetterservicequality.Theresearchonnetworktrafficclassificationisveryextensive,andtherearemanymethodsused,buttheyaremainlybasedonthefollowingthreelevels:(1)Packet-leveltrafficclassification:mainlyfocusesonthecharacteristicsofpacketsAnditsarrivalprocess,suchasthedistributionofdatapacketsize,thedistributionofdatapacketarrivaltimeinterval,etc.;
(2)Flow-levelflowclassification:Mainlyfocusonthecharacteristicsofflowanditsarrivalprocess,ItcanbeaTCPconnectionoraUDPstream.Amongthem,flowusuallyreferstoafive-tuplecomposedofsourceIPaddress,sourceport,destinationIPaddress,destinationport,andapplicationprotocol;
(3)Stream-leveltrafficclassification:mainlyfocusesonhostpairsAndtheapplicationtrafficbetweenthem,usuallyreferstoatripletcomposedofsourceIPaddress,destinationIPaddress,andapplicationprotocol,whichissuitableforstudyingthelong-termtrafficstatisticscharacteristicsofthebackbonenetworkonamorecoarse-grainedbasis.
Intheabovethreelevelsoftrafficclassification,themostwidelyusedisFlow-leveltrafficclassification.Thismethodofanalyzingdatatransmittedinthenetworkbystreamisaninevitablerequirementforthedevelopmentofpacketswitchingnetworks.
EvaluationIndex
Akeymetricfortrafficclassificationistheaccuracyofacertainclassificationtechnologyorclassificationmodeltoclassifyunknowndataobjects.Theevaluationcriteriausuallyusedtomeasuretheaccuracyofclassificationmainlyincludethefollowingfouraspects:
True(truepositive,TP):indicatesthenumberofpositivesamplescorrectlypredictedbytheclassificationmodel,thatis,theybelongtocategoryAandareThenumberofsamplespredictedtobecategoryA.
Falsenegative(FN):indicatesthenumberofpositivesamplesthatareincorrectlypredictedbytheclassificationmodelasnegative,thatis,thenumberofsamplesthatbelongtocategoryAbutarepredictedtonotbelongtocategoryA.
Falsepositive(FP):indicatesthenumberofnegativesamplesthatareincorrectlypredictedbytheclassificationmodelaspositive,thatis,thenumberofsamplesthatdonotbelongtocategoryAbutarepredictedtobelongtocategoryA.
Truenegative(TN):indicatesthenumberofnegativesamplescorrectlypredictedbytheclassificationmodel,thatis,thenumberofsamplesthatdonotbelongtocategoryAandarepredictedtonotbelongtocategoryA.
Inaddition,classificationmethodsbasedonmachinelearningusuallyusetwoothermetricstoevaluatetheirclassificationresults,whicharedefinedasfollows:recall:recall=TP/(TP+FN),whichmeansTheproportionofsamplesincategoryAthatarecorrectlypredicted.
Precision(precision):precision=TP/(TP+FP),whichmeansthatamongallthesamplespredictedtobeclassA,theproportionofsamplesthatreallybelongtoclassA.Manytrafficclassificationstudiesuseflowaccuracyorbyteaccuracyasametricfortheirexperimentalresults.Flowaccuracyrepresentstheproportionofcorrectlyclassifiedflows,whilebyteaccuracypaysmoreattentiontothecorrectclassificationofflows.Thenumberofbytescarried.Amongthem,thedefinitionofaccuracyisasfollows:
Accuracy:accuracy=(TP+TN)/(TP+TN+FP+FN),whichmeansthatthenumberofsamplescorrectlypredictedbytheclassificationmodelisinthetotalPercentageinthesample.
Switch
Withoutathree-layerswitch,VLANscannotcommunicate.VLANsaresimilartothelogicalpartitionsofharddisksandcanbesimplyunderstoodasdividingthesameharddiskintodifferentharddiskdriveletters.Butunlikelogicaldisks,communicationbetweenVLANsisnotassimpleascopyingfilesfromonelogicaldisktoanotherlogicaldisk.Instead,routersmustrelyonthemtocommunicatebetweenVLANs.
Function
1.Thebackboneofthenetworkisindispensableforthethree-layerswitch
Tosaythattheroleofthethree-layerswitchinmanynetworkequipment,itisnotdescribedas"mainstay".Fortoomuch.Inthecampusnetworkandmetropolitanareaeducationnetwork,thebackbonenetwork,metropolitanareanetworkbackbone,andconvergencelayerallhavethree-layerswitches.Especiallythecorebackbonenetworkmustusethree-layerswitches,otherwisetheentirenetworkhasthousandsofunits.Allofthecomputersareinthesamesubnet.Notonlyaretherenosecurityatall,butalsothebroadcaststormcannotbeisolatedbecausethebroadcastdomaincannotbedivided.Ifatraditionalrouterisused,althoughthebroadcastcanbeisolated,theperformancecannotbeguaranteed.Theperformanceofthethree-layerswitchisveryhigh,withboththefunctionofthethree-layerroutingandthenetworkspeedofthetwo-layerswitching.Layer2switchingisbasedonMACaddressing,andLayer3switchingistoforwardserviceflowsbasedonLayer3addresses;inadditiontothenecessaryroutingdecisionprocess,mostofthedataforwardingprocessishandledbyLayer2switching,whichimprovestheefficiencyofpacketforwarding..Thethree-layerswitchrealizestheroutingfunctionofIPthroughtheuseofahardwareswitchingmechanism,anditsoptimizedroutingsoftwareimprovestheefficiencyoftheroutingprocessandsolvesthespeedproblemoftraditionalroutersoftwarerouting.Therefore,itcanbesaidthatthethree-layerswitchhas"thefunctionofarouterandtheperformanceofaswitch."
2.Layer3switchingisindispensableforconnectingsubnets.
Iftherearemorethanacertainnumberofcomputersonthesamenetwork(usuallyaround200,dependingonthecommunicationprotocol),itislikelytobeBecauseofthelargenumberofbroadcastsonthenetwork,thenetworktransmissionefficiencyislow.Inordertoavoidbroadcastingstormscausedbybroadcastingonlargeswitches,itcanbefurtherdividedintomultiplevirtualnetworks(VLANs).Butdoingsowillcauseaproblem:thecommunicationbetweenVLANsmustbeimplementedthroughrouters.However,traditionalroutersarealsodifficulttohandlethecommunicationtasksbetweenVLANs,becausetheroutingcapabilitiesoftraditionalordinaryroutersaretooweakcomparedtothenetworktrafficofthelocalareanetwork.Andthepriceofgigabitroutersisalsoveryunacceptable.IfyouuseGigabitportsor100MportsonaLayer3switchtoconnecttodifferentsubnetsorVLANs,youcaneconomicallysolvetheproblemofrelyingonroutersforcommunicationbetweensubnetsaftersubnettingwhilemaintainingperformance.Therefore,thethree-layerswitchisanidealdeviceforconnectingsubnets.
Advantages
Inadditiontoexcellentperformance,thethree-layerswitchalsohassomefeaturesthatthetraditionaltwo-layerswitchdoesnothave.Thesefeaturescanbeusedfortheconstructionofcampusnetworksandmetropolitaneducationnetworks.Itbringsmanybenefits,listedasfollows:
1,highscalability
Whenthethree-layerswitchisconnectedtomultiplesubnets,thesubnetonlyestablishesalogicalconnectionwiththethird-layerswitchmodule,Unliketraditionalexternalroutersthatneedtoincreaseports,therebyprotectingusers'investmentincampusnetworksandmetropolitaneducationnetworks.Andtomeettheneedsoftheschool'srapidgrowthinnetworkapplicationsin3to5years.
2.Highcostperformance
Thethree-layerswitchhastheabilitytoconnecttolarge-scalenetworks,andthefunctioncanbasicallyreplacesometraditionalrouters,butthepriceisclosetothetwo-layerswitch.Thepriceofa100MLayer3switchisonlytensofthousands,whichissimilartothepriceofahigh-endLayer2switch.
3.Built-insecuritymechanism
Thethree-layerswitchcanbethesameasanordinaryrouter,withthefunctionofaccesslist,whichcanrealizeone-wayortwo-waycommunicationbetweendifferentVLANs.Ifyousetitintheaccesslist,youcanrestrictusersfromaccessingspecificIPaddresses,sothattheschoolcanprohibitstudentsfromaccessingunhealthysites.Theaccesslistcanbeusednotonlytoprohibitinternalusersfromaccessingcertainsites,butalsotopreventillegalusersoutsidethecampusnetworkandmetropolitanareaeducationnetworkfromaccessingtheinternalnetworkresourcesofthecampusnetworkandmetropolitanareaeducationnetwork,therebyimprovingnetworksecurity.
4.Suitableformultimediatransmission
Educationnetworkoftenneedstotransmitmultimediainformation,whichisafeatureofeducationnetwork.Thethree-layerswitchhasaQoS(QualityofService)controlfunction,whichcanallocatedifferentbandwidthstodifferentapplications.Forexample,whentransmittingvideostreamsoncampusnetworksandmetropolitaneducationnetworks,acertainamountofdedicatedbandwidthcanbereservedforvideotransmission,whichisequivalenttoopeningupdedicatedchannelsinthenetwork,andotherapplicationscannotoccupythesereservedbandwidths.Bandwidth,soitcanensurethestabilityofvideostreaming.TheordinaryLayer2switchdoesnothavethisfeature,sowhenthevideodataistransmitted,thevideojitterphenomenonwilloccursuddenlyandslowly.
Inaddition,video-on-demand(VOD)isalsoafrequentlyusedserviceineducationnetworks.However,becausesomeVODsystemsusebroadcasttotransmit,andbroadcastpacketscannotbeimplementedacrossnetworksegments,VODcannotbeimplementedacrossnetworksegments;ifVODisimplementedinunicastform,althoughitcanbeimplementedacrossnetworksegments,itsupportsAtthesametime,thenumberofconnectionsisverysmall,generallydozensofconnectionsoccupyallbandwidth.Thethree-layerswitchhasamulticastfunction,andVODdatapacketsaresenttoeachsubnetintheformofmulticast,whichnotonlyrealizescross-networksegmenttransmission,butalsoensurestheperformanceofVOD.5.BillingfunctionIncollegecampusnetworksandmetropolitaneducationnetworksinsomeareas,thereislikelytobebillingrequirements,becausethethree-layerswitchcanidentifytheIPaddressinformationinthedatapacket,soitcancountthedatatrafficofthecomputerinthenetwork,Youcanchargeaccordingtotheflow,youcanalsocountthetimethecomputerisconnectedtothenetwork,andchargeaccordingtothetime.ItisdifficultforordinaryLayer2switchestodobothatthesametime.
Whentheupsurgeofbuildingcampusnetworksandmetropolitanareaeducationnetworksissetoffacrossthecountry,Ibelievethatthethree-layerswitchwithitsexcellentperformanceandmoderatepricewillsurelymakeabigdifferenceinthisupsurge.
Controller
Reasons
NetworktrafficcontrollerbitSaver(alsoknownasapplicationtrafficmanager,bandwidthmanagerorQoSdevice)asearlyas2000Ithasappeared,andwasfirstdevelopedbyPackteerintheUnitedStates.However,sincetheproblemofnetworkbandwidthhasnotyetbeensignificant,enterpriseITdepartmentsarenotpayingenoughattentiontobandwidth.Withtheapplicationofvariousnewnetworktechnologiesandthedevelopmentofnetworkmultimediatechnology,theproblemofnetworkbandwidthshortageisbecomingmoreandmoreobvious.Especiallysince2005,P2Papplicationshavebroughtaseriousthreattobandwidthmanagement,sothebandwidthmanagermarkethasbeengreatlydeveloped.Accordingtoincompletestatistics,thismarkethasexceedednearly2.5billionUSdollars.China'sbandwidthmanagementmarkethasonlygraduallyreceivedattentionsince2004.In2007,China'sbandwidthmanagementmarketsharewasalso200millionyuan.ItisexpectedthatChina'sbandwidthmanagementmarketwillgrowatarateofmorethan20%.InadditiontoforeignPackteerandAllotcompanieswithbandwidthmanagementequipmentproviders,domesticmanufacturerssuchasBeijingYingzhixingda,ChanxunTechnology,etc.,bandwidthmanagementequipmentofforeignmanufacturershavenotyetrealizedthelocalizationoftheinterface,andtheyareallenteredintheformofauthorizedagents.China:Domesticmanufacturershavegonethroughthreetofouryearsofproductresearchanddevelopment,andtheirproductshavebecomeincreasinglystable.Themarket,technology,andproductcompetitionwillbeginin2008.
Basicfunctions
Thebasicfunctionofthebandwidthmanagerisverysimple,whichistoallocateandmonitorbandwidthaccordingtoapplicationsandusers.Becauseitisaseven-layernetworkmanagementdevice,networkmanagerscandirectlyallocatebandwidthtoapplicationsanduserswithouthavinghighnetworkknowledge,whichreducestheinvestmentofnetworkmanagerstoacertainextent.Althoughthefunctionisverysimple,therearemanyapplicationsthatcanbeimplemented,butmostusersdonothaveagoodunderstandingofbandwidthmanagementapplications.ForeignbandwidthmanagementequipmentisexpensiveanddoesnotsupportChinesedisplay.Therefore,theapplicationsofPackteerandAllotaremainlyconcentratedintelecommunicationsandfinance.AlthoughdomesticmanufacturerssuchasBeijingYingzhixingdahavemadegainsineducation,government,energyandmedicalindustries,theirproductseriesIthasonlybeenformedforoneyear,sovendorsdidnotinvesttoomuchinthepromotionofmarketapplications,resultinginusers'applicationofbandwidthmanagementinitsinfancy.
ApplicationScope
BandwidthapplicationsinthetelecommunicationsandfinancialfieldsaremainlymanifestedinSLA(ServiceLevelAgreement),throughbandwidthmanagementequipmenttoprovidedifferentlevelsofbandwidthservicestousersofdifferentlevels,Soastoguaranteethereturnoninvestmentofcorecustomers.
Ineducation,governmentandotherapplications,thebandwidthmanagermainlyfocusesonthemanagementofP2P,especiallythemanagementofBT.Atthesametime,bandwidthmanagementequipmenthasalsobeguntoappearasaQoSguaranteeequipmentforvideoconferencing.AstheclientsofP2Pandotherapplicationsarecontinuouslyupgraded,onlydomesticproductswithindependentresearchanddevelopmentcanrealizetherapidlaunchofmanagementstrategiesaccordingtothenewversion.Inthisapplication,internationalmanufacturershavenoadvantage.
Ofcourse,asabandwidthmanager,italsohasmoreapplications.Suchasthefollowingapplications:
First,thetransparencyofnetworkapplications,throughthebandwidthmanager,thestatusofpreviouslyunknownnetworkapplicationscanbeviewedindetail.
Second,preventsuddensurgeintrafficandattacksfromunknownapplications,suchasDoSattacks,toensurenetworksecurity.
3.Evaluatethevalueofcoreapplications,andunderstandtheutilizationandefficiencyofcoreapplicationsthroughmonitoringofcoreapplicationtraffic.
Four.Ensurethebandwidthrequiredbykeyapplications(suchasCRM,VPN,wirelessnetwork,videoconferencing,VoIP,etc.)toensurethatkeyapplicationsarenotblockedatanytime
5.Accuratelyevaluatetheloadcapacityofthenetworkandtheimpactofnewapplicationsontheoverallnetworkapplicationstoensuretherationalityofthecustomer'sITinvestment.
Six.Realizetheprovisionofdifferentnetworkresourceallocationsaccordingtotheuser'sleveltoensurethenetworkvalueofthecoreusersofthecustomer.
Seven.Reducetherepetitiveoperationsofnetworkmanagersandprovidequantitativedataforapplications,sothatthemanagementcanmakedecisionsbasedontheapplicationstatus.
Theseapplicationsonlyappearinsomespecificcases,andmostusershavenoteffectivelyintegratedbandwidthmanagementwiththeirownnetworkmanagement.Theapplicationprospectsaregreat.
Flowcontrolinthenetwork
Methodstoincreasetheuser'savailableresources:choosethepathreasonably,makethepathlessoptimalwhentheloadislight,andmorediversionwhentheloadisheavy;Increasethenumberofhierarchicalconnectionsandshuntconnectionsunderheavyload;increasechannelloans;increaseinformationrate;appropriatelyincreasebuffers,etc.Waystoreduceusers'demandforresources:rejectcertainservicerequests;requireuserstoreducetheload;reasonablyallocateusers'useofresources,suchasusingreservations,polling,andpriority.Theessenceofreducingtheuser'sdemandforresourcesistoreducetheservicelevelandquality,ortoprovideservicesinareasonablemanner.
Inmanycomputernetworks,thewidelyusedflowcontrolmethodisbasedonreducinguserdemand.Thefollowingisacentralizedflowcontrolmethod:
1.Waitingfortransmissionmethod.Itisalsocalledsuppressedsendingmode.Whenthebufferofthereceivingnodehasbeenoccupiedalotandthenodeentersthedangerousstageofdeadlock,thesendingnodewillsendamessagetosuspendsending,andwhenthedangerousstageislifted,thesendingwillbenotifiedtosuspendsending.Thenode,resumedatatransmission.
2.Reservebuffermode.Beforestartingdatatransmission,thesourcehostmustfirstunderstandtheavailablebuffersofthedestinationhost,reservethebuffer,andthencontrolitsowndatatransmissionaccordingtothebufferallocatedbythedestinationhost.Whenthebufferisusedup,waitfortheotherpartytoallocatethebufferagainbeforecontinuingtosend.
3.Licensemethod.
4.Dataunitdiscardingmethod.