This blog post will go over some basics of networking terminology. To learn more, please visit the references listed at the end of this post or give us a call here at OCENS.
Network Designations – the following designations presented here explain networks in context with the Sidekick appliances, though these designations are used throughout Network Engineering.
LAN – stands for Local Area Network. This is the network of device(s) relying on the Sidekick network management appliance for connection, both to each other as well as access to your satellite service. A LAN can be as small as a single computer, or as vast as an entire building and accounts for all the computers, networking equipment, servers, printers, Internet phones, smartphones, tablets, PDAs and more.
WAN –Stands for Wide Area Network. This is the network the Sidekick uses to provide service to the Internet for its LAN. WANs typically refer to the Internet Service Provider’s (ISP) network.
Some other network designations to note:
GAN – Stands for Global Area Network. In short, this is the Internet.
BGAN – Stands for Broadband Global Area Network. Inmarsat primarily uses this designation to refer to their broadband satellite service (FleetBroadband and BGAN terminals)
IP Address – Stands for Internet Protocol Address. Every device, when connected to a network, is assigned an IP Address. This allows your device to communicate with other devices and available network resources. Think of this as your cell’s phone number, allowing you to receive and make calls, send text messages, and access other services.
DNS – Stands for Domain Name Service. DNS provides a means to attach a name to an IP Address making it easier for us to request resources. An example of DNS being used is when we try to access the Internet: Without DNS, to get to www.google.com we would have to remember the website’s IP Address (22.214.171.124 is google.com). The concept of DNS is similar to that of your Contacts List on your cellphone; it’s MUCH easier to remember your contact’s name then it is to remember their phone number. DNS functions in a similar way, storing network address information associated with the network’s name.
Server – a computer or application that is hosting a service. A Mail Server, for example, is generally a computer that is hosting, or providing, email services. If you use OCENS.Mail, the application you install to use our service (called the OCENS.Mail Gateway) is in fact a server application.
Client – Usually refers to the recipient, be it computer or application, of a server’s hosted service. For example, a mail client is a software application receiving its mail service from a mail server. iScribe, the mail client we provide for use with the OCENS.Mail Gateway, is a client of the OCENS.Mail Gateway server.
Firewall – a specialized type of server. ALL data transmitted over a network is assigned a specific port number, based on the type of data it is. For example, standard website traffic (http) is usually assigned port 80. Secure website traffic, like when you login to your bank account, is usually assigned port 443.
A Firewall controls what ports are open or closed for inbound and outbound traffic flowing through it. Some firewalls are also capable of routing specific ports to specific outbound or inbound IP Addresses. This is called Port Forwarding for inbound traffic, and Port Triggering for outbound. Say you wanted to host your own website from a computer at home. That website would reside with a server application (called a webserver). In order for people to be able to see the website, you would need to set your firewall to forward all inbound web traffic (port 80 typically) to that webserver’s IP Address.
Typically data types flow on their universally assigned port numbers, but it is possible to change those port number assignments, either locally on a specific computer or as a whole on a network, by use of the next term:
Proxy – another specialized type of server. Whereas a firewall controls the opening/closing of ports and where specific ports are routed; a proxy controls how data is used within those ports and can assign (and keeps track of) port assignment changes.
Proxy servers stand as an intermediary between their clients, and the resources they are requesting. As such, they are capable of controlling when, how, and if those resources can be accessed. For example: say you want to control what kinds of websites you want available to specific individuals, like children. You would employ a proxy server (called a web proxy) to control who, when, how, and if specific sites can be accessed by specific clients. Typically, when this is done, the web proxy changes the specific port used for outbound web traffic, and the firewall then closes port 80 for outbound traffic, thus disabling someone from trying to get around the proxy.
Proxy servers and their configurations are very complex, and it would be hard for me to explain EVERYTHING they can do in this post, but I will touch on some of the basics as they are used with the Sidekick appliances:
Compression – Compression is a function by which the data is squeezed, or compressed, as small as possible before being sent. This is done to help reduce transmission size and duration.
Captive Portal – Captive portal is a means by which you can control who has access to specific services. For example, if you wanted to control who can access the Internet, you would enable captive portal on a web proxy that would require a login before the Internet can be accessed. Ever been to a Starbucks and used their free Internet service? If so, do you recall their initial page requiring you to agree to their service terms? That is a function of captive portal on a web proxy.
Traffic Shaping – Traffic Shaping, or Quality of Service (QoS for short), is a means of prioritizing specific types of traffic over other types of traffic. For example, suppose you have Internet Phone services on your network. Because of how Internet Phone services function, it’s extremely important that their data reaches its destination as quickly as possible. Utilizing QoS functions in a proxy, you are capable of making sure any Internet Phone traffic is handled and routed the moment it comes in, regardless of whatever else is happening on the network.
Caching – Caching stores commonly used resources at the proxy server for faster access. For example, how often do you access www.google.com? With caching enabled on a proxy, instead of your request to www.google.com going to the internet and waiting for the reply back, the proxy will store the www.google.com page and present it to you when requested. Over a satellite system this also means a cost savings since the proxy, which is local to your network, is providing the requested site instead of your satellite Internet connection.
Whitelists/Blacklists – White/black lists are a means of controlling what kinds of services individuals can access. For example, say you’re a Packer’s football fan and you despise the Vikings. You could set your proxy to allow the Packer’s website through, but block requests to the Vikings site or even re-route requests for the Vikings website to the Packer’s utilizing the functions of whitelists and blacklists. Because of the complexity and the vast amount of sites out there, generating your own blacklist can take quite a long time. Because of this, there are services available that provide a pre-configured blacklist for you. Some are free while others require a usage fee based on what proxy server software they support and the complexity of the list.
Usage Reporting – All proxy servers provide reporting of who did what and when. These reports are useful when evaluating what your satellite airtime is being spent on as well as troubleshooting connection issues when they arise.
Least Cost Routing/Failover/Load Balancing
I’m group these topics together because they function similarly and are related; they all are a means of managing and optimizing multiple WAN connections. Some functions can be utilized at the same time, while others are an either/or setup.
Least Cost Routing (LCR) – This is a means of utilizing the most cost affective WAN connection available at the time. For example, say you have a FleetBroadband terminal and Cell Data receiver. Because Internet service is less expensive over the Cell Data receiver you want to route all your Internet traffic over it when the service is available, and switch to the FleetBroadband when it isn’t. This is called Least Cost Routing.
Failover – Failover is VERY similar to least cost routing. Basically, it means that if connection A isn’t available, switch to connection B. Since Least Cost Routing and Failover are pretty much the same function, most setups that utilize one will utilize both at the same time.
Load Balancing – While load balancing is similar to failover and LCR in that it utilizes multiple WANs, how it uses those connections is different. With Load Balancing, the Sidekick takes the inbound/outbound data traffic and spreads the load among the different WAN connections, thus effectively improving service. Load Balancing can function along with Failover since it would switch to the available WAN if another goes down.
VPN – Stands for Virtual Private Network. It’s a means of joining two networks together, when they aren’t physically together. For example, say you want to have access to your work network (giving you access to it’s supplied resources like printers, servers, ect) from your boat? You would need to setup a “VPN Tunnel” linking the two networks together to act as one. An individual can link to the VPN, or a LAN management appliance (like the Sidekick) can link the entire LAN.
VoIP – Stands for Voice over Internet Protocol (IP) this is an emerging service that has been growing and developing quite a bit as of late. The old traditional telephone systems haven’t changed in many many years; but with the increasing demand for additional features like video calls, teleconferences, multimedia presentations and more they just are not capable of keeping up with the newer demands. VoIP however, uses an Internet connection to supply those services and more. Some examples of VoIP technology are Skype, Google Voice, and Vonage. Also, most cellular smartphones provide the ability to utilize VoIP services.
If you would like further information regarding the topics in this post these resources can explain more:
Internet Assigned Numbers Authority (IANA) – http://www.iana.org
The IANA is the governing authority for maintaining official assignments of port numbers and their uses. They are also the governing authority managing the IP Addressing assignments that make up the Internet. If you are ever interested in how the Internet as a whole functions, IANA and their documentation is a great place to start.
PF Sense – http://doc.pfsense.org/index.php/Main_Page
This is an Open-Source Firewall and Router suite, and their wiki has a lot of useful information regarding their functions.
Squid Proxy – http://www.squid-cache.org/
This is an Open-Source Web Proxy Server, with great documentation and support.
Wikipedia.org – www.wikipedia.org
Wikipedia it is a great resource for learning and provides useful information and resources. RFC documentation regarding different topics from network designations, TCP/IP functions, DNS and more can be found here. RFC (Request for Comments) documents are the governing documentation for Computer Network Engineering and their underlining technologies.
HowStuffWorks – www.howstuffworks.com
This site is owned by the Discovery channel, and is a great learning resource for explaining how specific things work.