LIC network architecture

Primary tabs

introduction

The network architecture describes the wet string and baked bean tins that connect the Internet on one side to the enterprise network on the other. The application architecture uses the network architecture to provide Internet services.

The LIC contains several star network topologies. According to the OSI (Open Systems Interconnection) 7 layer model the LIC network uses ethernet in the lower layers and TCP/IP in the upper layers.

what it is

The structure of the LIC is built using network computers, application computers and other odds and ends such as cables and equipment racks. Network computers are made by telecom equipment vendors. These vendors are huge companies such as Huawei Technologies Co. Ltd. and ZTE Corp. in China, Siemens AG and Ericsson AB in Europe and Cisco Systems and Juniper Networks in America. Network computers from any of these companies can be used to build the LIC network architecture: they are similar in the same way that cars from different manufacturers are similar.

The structure of the network is built from two general classes of thing: the network container and the application container. The network container is the core of the network. Everything communicates using the network container. The network container does not usually change no matter how busy the LIC is. The application container includes everything that Internet services need to run. It does not include the Internet services themselves. The application container can get bigger if more computer horsepower is needed for applications. Using the office block analogy, the network container is the building and the application container is the furniture and venetian blinds. Think of an application computer as an office desk and you are halfway there. Honest. Trust me.

One of the design principles of the LIC is using a succession of security barriers to protect the enterprise network from the Internet and the LIC from the other two networks. Each barrier limits access to the security zone beyond it, called a DMZ (DeMilitarized Zone). The LIC is split into three DMZs, shown in the LIC DMZ diagram. Each DMZ contains a few LANs. In the LIC LAN diagram there is one horizontal line connecting the Internet and the enterprise network. Thre three ovals on this line represent firewalls. All the ovals connected by lines to each firewall are LANs in a DMZ.

Another design principle of the LIC is to use one thing for one purrpose. One computer forms one host and one host supports one primary service. A company that buys one huge expensive computer may run lots of virtual hosts on it. A programmer may use a development host that runs several services such as database server, web server and LDAP server but an LIC host does not. Hosts in the LIC are grouped together according to the function they provide. Each group forms a LAN (Local Area Network). A LAN is a group of computers that share network traffic.

what it isn't

Application architecture. This is an Internet Data Center so the applications are slanted towards running Internet services. The network is configured so these services can be installed and run, but that is only an assumption. The network architecture does not describe where the Internet service applications are or what they do. This network architecture stays the same whether the Internet services exist or not.

where it is

The network architecture covers all of the LIC as shown in the diagram above.