Network Architecture

 

Networks are composed of two elements, nodes and links.  Nodes are the machines (or combinations of machines and the software running on them) that the network includes and links are the communication connections between them.  Some of the nodes are servers, specialized computers that provide services that support the operations of the network.

 

The components of a network can be connected in different arrangements.  These arrangements are called architectures or topologies.  Each architecture has advantages and disadvantages when compared to the others.  Here are some of the most common network architectures.

 

Bus

 

In this type of network, all the nodes are attached to one common connection, which is called the bus.  Bus networks are very popular, since it’s easy and cheap to wire a building by running a single bus through all the rooms, perhaps above the ceiling.  Whenever a new node is to be added to the network, it can be connected to this single cable.

 

 

Ring

 

Each node in a ring is connected directly to exactly two other nodes, one to its left and one to its right.  All the connections together form a ring.

 

 

 

Star

 

A star network has one central node through which all communications pass.  Every other node has connections directly to the central node.

If a network is to have the highest security protections, a star network is often used.  Since there is a central point through which all communications flow, every communication can be scrutinized, verified, and copied, if necessary.  It is very difficult to hide from the central node, and fraud, embezzlement, and other ethical lapses can be traced by performing an audit on the duplicate files contained in the central node.

 

However, any centralized system suffers from the same weakness, single-point vulnerability.  If the central node in a star goes down, all communications are interrupted. If there is one individual in charge of the central node and if that individual is corrupt, the network’s security has no defense against whatever that person wants to do.

 

Hierarchy

 

A hierarchical network is divided into levels.  Each node (except one) has a single connection to a node in the level above it.  The node that has no nodes above it is called the root.  Each node also has 0 or more connections to nodes in a level below it and no connections to other nodes in its own level.  Computer specialists will recognize this as the (informal) definition of a tree.

 

Hierarchical networks are convenient ways to structure networks composed of several different kinds of computers, with the largest computers near the root and the smallest computers in the lower levels.  That’s not a necessary characteristic of all hierarchical networks, but it is a common one.

 

 

Network

 

Confusingly, the term network also applies to a particular network architecture. In a network network (ick!), each node is connected directly to one or more other nodes.  In a fully-distributed network architecture, each node would have a direct connection to every other node in the network.  That can involve a lot of connections.  The architecture of the Internet is a network, but it is not fully-distributed.  Networks which are not fully-distributed are also called irregular networks.

Rings and buses have only one communications channel between the parts of the network.  If that link is broken, at least some communications become impossible.  Fully-distributed networks have multiple pathways for communications, and thus they are quite robust.  It takes a lot to cut off part of such a network.  Each broken link may slow things down as more of the communications are rerouted through the remaining links, but messages will still get to their destinations.

 

Hybird networks

 

In fact, real networks are often hybrids of two or more of these architectures.  A bank may use a bus for the business offices to make it easy to add and move nodes as employees move around, but use a star network for the Electronic Funds Transfer operations for security reasons.  These subnetworks are connected to each other by computers that are part of both of the smaller networks.  These machines and/or the programs that run them are called routers if they connect networks with different architectures and bridges if they connect two similar networks into one larger one.[1]  Any network of networks is called an internet.  The Internet is an internet.

 

Some networks are completely owned by one entity; a person, organization, or company.  These are called closed networks.  Open networks are not owned by a single entity.  The Internet is an open network.  The router that connects a closed network to an open one (especially to the Internet) is called a gateway.  The term gateway is also used more generally for a machine or program that connects two networks with different protocols.  There will be more on protocols later, but for now think of a protocol as the set of rules by which a network operates.  If two networks are connected to each other but have different methods of working, there will have to be a translator mediating their conflicts.  That’s a gateway.

 

Remember that the routers, bridges, and gateways in a complex system are part of both the networks they connect.  This makes them prime candidates for attack by hackers.  After all, if the hackers are on one of the networks they will have some rights to the router, since it is a part of that network.  They will also have some knowledge of how the routers work, since the routers must match the procedures for that network.  If the router can be compromised, it can give unintended rights to the system that does not include the hackers.  Routers are thus also a major focus of the professionals who provide security for networks.

 

The Internet – a topological overview

 

The Internet is an internet (duh!), a network composed of networks.  The most important subgroup of the Internet is the domain, each of which is a relatively small closed network or internet owned by one organization or individual.  Each domain has a unique name which must be registered with the Internet Corporation for Assigned Names and Numbers (ICANN.)  Each domain has a gateway to the rest of the Internet.  These gateways may connect directly to the Internet or they may connect to a larger regional network Universities often enter into consortia that maintain a large regional network with its own gateway to the Internet.

 

Within a domain, each machine has a unique address called an Internet Protocol (IP) address.  It’s a 32-bit number in which the first 24 bits identifies the domain to which the machine belongs and the rest is the machine’s own identifier, called the host address.  By tradition, the 32 bits of an IP address are practically never written out in binary.  That would be really ugly.  For example, B-W’s 24-bit domain address is 110000001001001101110010.  That would usually be rendered by dividing it into 3 8-bit chunks and converting each chunk to a decimal number.  The numbers are then written down separated by periods.  In our case, that would be 192.150.155 .Thus one machine in our system might have the IP address 192.150.155.24 .  That string of numbers is still not a lot of fun for people, so each domain is also assigned a unique mnemonic address.  Ours is bw.edu.  The last part of that name (edu) is a classification of the kind of domain that we are, an institution of higher education, in our case.  This classification code is know as the Top Level Domain (TLD) name.  Others are com (commercial), org (organization), gov (US government), and so on.  Outside of the US, countries have their own two-digit TLD names.  Canada’s, for example, is ca.

 

The owner of a domain may divide the domain into subdomains.  Our own domain is divided into such subdomains as www.bw.edu for our homepage we intend the rest of the world to see and homepages.bw.edu for student, faculty, and staff Web pages.  This division of our domain is entirely up to the manager of our network.  They could have several subdomains on the same physical machineor they could have several machine cooperating to constitute one subdomain.  Furthermore, the internal structure of a domain is really nobody else’s business.  Even if an outside user were to ask the network for the physical name (the 32-bit IP address) of a machine that corresponds to a subdomain, the network is allowed to report a generic (or even false) address.  There is a machine within each domain that is responsible for maintaining a table of the numeric and mnemonic names of all the machines in the domain.  This server is called the name server.

 

All the name servers of all the domains on a network (and specifically on the Internet) work together to provide a directory system that can be used to convert mnemonic IP addresses to the equivalent numeric form.  The network software then uses that numeric address to service requests for network files (like Web pages.)

 

Besides the name server, there are other servers in most domains that provide specific services.  One very common one is a program that supports email, called (surprise!!) the mail server.  This server’s name may appear as a subdomain (mailroom.bw.edu.)  In this case, a person’s email address would be composed of their own email symbolic identifier, the ‘@’ symbol, and the mail server’s subdomain name, like rmolmen@mailroom.bw.edu .  For convenience, the domain may be configured in such a way that the name of the mail server is hidden.  In this case, the email address will appear as if the mail server was the entire domain name, like rmolmen@bw.edu .

 

Most domains also support Web pages produced by their owners.  In this case, there will be a subdomain identifying a Web (or hypertext) server.  The usual name for a Web server is www, so the subdomain name will look something like www.bw.edu.  Again, this may be hidden so the Web server’s symbolic address is, in effect, the domain name.

 

The hypertext servers on a network form one half of a relationship that engenders webs, interconnected collections of hypertext documents.  The largest example of a web is the World-Wide Web.  The other half of the relationship consists of one or more programs called browsers running on computers in the network.  Each browser is a client of the servers, and the relationship is called a client-server relationship.  We will see other examples of such systems; they’re quite common.

 

In order to access the documents that make up the World-Wide Web, each document has a unique address called a Uniform Resource Locator (URL).  This consists of the protocol required to access the document (http, ftp, or the like), the (sub)domain name of the host holding the document, the path to the directory in which the document resides, and the document’s file name.  In the following example, the protocol is in red, the subdomain in blue, the path in green, and the file name is in brown.

 

http://homepages.bw.edu/~rmolmen/220dir/netterms.html

 

The only part of this mnemonic address that can be unambiguously related to the numeric IP address of a particular machine is the domain name, in this case bw.edu.  That is related to the first 24 bits of an IP address.  Figuring out exactly which machine hold this file is the (private) business of the routers managing the domain, and is not necessarily accessible to anyone from outside the domain.

 

 


[1] If we’re going to be really technical about it, we should probably refer only the programs as routers, bridges, or gateways.  The machines that they are running on are just computers pretty much like any other computers.  However, referring to the machines themselves as routers, etc. is so common that we’re more likely to run into that usage than the technically correct one.  Life is like that.