Network Architecture

What is Network Architecture?[1]

Network Architecture is the complete framework of an organization's computer network. The diagram of the network architecture provides a full picture of the established network with a detailed view of all the resources accessible. It includes hardware components used for communication, cabling and device types, network layout and topologies, physical and wireless connections, implemented areas, and future plans. In addition, the software rules and protocols also constitute the network architecture. This architecture is always designed by a network manager/administrator with the coordination of network engineers and other design engineers.

Network Architecture
source: Shadi Aljawarneh

Evolving Network Architecture[2]

Network architecture matters not just for internal operations but also for consumer interaction with companies. Consumerization and increased use of technology have made it crucial that companies provide platforms that are user-friendly and, for the most part, glitch-free. Consumers do not want slow and cumbersome shopping experiences or processes that require many steps. For example, many companies now offer auto fill-in capabilities so repeat customers have less hassle when checking out. Cloud architecture enables better market agility through traffic partitioning.

Cloud Architecture

When constructing a network, ORACLE recommends studying the different traffic patterns over the network. Cloud computing offers many benefits, but if constructed poorly, a cloud infrastructure can be inefficient. For example, a single network interface used with a multi-node configuration will not be able to accommodate high cloud network traffic. Utilizing different networks/subnetworks to isolate traffic maximizes efficiency and improves functionality. Types of traffic may include guests, storage, or management.

Components of Modern Network Architectures[3]

The industry is now using architectures that ease the burden of building and maintaining computer networks for the digital age.

  • Intent-based networking (IBN): An intent-based network takes an organization's desired outcomes at a high level as input and sets up the network to achieve these objectives. It does so by automating operations extensively, analyzing network performance, pinpointing problematic areas, providing all-around security, and integrating with business processes.
  • Controller-led: Network controllers are foundational to intent-based networking and are essential to scaling and securing networks in the digital era. Controllers dramatically simplify operations and help organizations respond rapidly to changing business requirements. They automate networking functions by translating business intent into device configurations, and they monitor the network devices continuously to help ensure performance and security.
  • Multidomain: Multiple networks in an enterprise communicate with one another through their controllers. Such cross-network or multidomain, integrations generally involve exchanging relevant operating parameters to help ensure that desired business outcomes that span networking domains are achieved.

Network Architecture and OSI Model[4]

The Open Systems Interconnection model (OSI model) defines and codifies the concept of layered network architecture. Abstraction layers are used to subdivide a communications system further into smaller manageable parts. A layer is a collection of similar functions that provide services to the layer above it and receives services from the layer below it. On each layer, an instance provides services to the instances at the layer above and requests service from the layer below.

Network Architecture Distributed Computing[5]

In distinct usage in distributed computing, the network architecture often describes the structure and classification of a distributed application architecture, as the participating nodes in a distributed application are often referred to as a network. For example, the applications architecture of the public switched telephone network (PSTN) has been termed the Intelligent Network. There are a number of specific classifications but all lie on a continuum between the dumb network (e.g. the Internet) and the intelligent network (e.g. the PSTN).

A popular example of such usage of the term in distributed applications, as well as permanent virtual circuits, is the organization of nodes in peer-to-peer (P2P) services and networks. P2P networks usually implement overlay networks running over an underlying physical or logical network. These overlay networks may implement certain organizational structures of the nodes according to several distinct models, the network architecture of the system.

Characteristics of Network Architectures[6]

Architecture in the context of networking relates to the technologies involved and also the underlying protocols and programmed services. Four basic characteristics of network architecture have been identified, and considerations about these characteristics have to be taken into account. This article summarizes those characteristics and provides some examples of how they have been implemented. As I expand my knowledge, I hope to expand upon these characteristics by linking to more technical posts.

  • Fault Tolerance: Communication technologies form part of our daily lives and often we don’t realize how much we rely on them. It is an assumption when we carry our bank cards around with us that when we arrive at the checkout we will be able to pay for our goods. The Internet is probably the most obvious example. The name Internet comes from the words interconnected and networks, so you shouldn’t be surprised when I say there is more than one possible route your request for will take between your computer and the server that delivers your page. This fault tolerance has been built into the Internet and provides a means for traffic to take alternate routes if a particular service or connection is unavailable at the time of the request. It is achieved by means of multiple connections between devices, and if one connection were to fail the other would still be available. Perhaps a more fitting (and technical) example would be the comparison of the circuit- and packet-switched networks. A circuit-switched network creates a fixed path (or “circuit”) between the message source and destination. Communication continues even if there is nothing being communicated. If any part of the circuit is broken or becomes unavailable the process has to start again from the beginning, and the path needs to be re-established. Circuit-switched networks prioritize existing connections, so once the optimum number of connections is reached, all other connections will be denied. A packet-switched, connectionless network breaks the message into small pieces and encapsulates it into a “packet” with information regarding its source, destination, and order. The packets are all individually routed across the network and at each routing device the packet reaches, it is sent closer to its destination. If a packet doesn’t reach its destination in one piece, it is re-transmitted via a different route. It is for these reasons that packet-switched networks promote fault tolerance and scalability.
  • Scalability: It would be frustrating and costly if you had to rebuild sections of or indeed an entire network just because you need to add some devices. A scalable network is designed using a layered, hierarchical model which means adding additional nodes and groups of nodes doesn’t affect the existing network. The internet has been designed to be scalable, achieved through a tiered and hierarchical architecture. There are three tiers of an internet service provider (ISP): International and national ISPs are in the first tier and form the “backbone” of the internet. The second tier comprises regional ISPs that buy their services from tier 1 ISPs. Lastly, there are tier 3 ISPs that provide internet directly to the end-user and who buy their services from tier 2 ISPs. Each ISP has a DNS server that holds addressing details of its directly connected member networks and any requests to networks not in its address list get passed up to the next tier. This prevents the address lists from getting too large and prevents localized traffic from being transmitted to places it needn’t go. If a DNS server is down, another is contacted. As well as the link to the parent tier an ISP will also have links to same-level ISPs to avoid congestion at the higher levels and create shorter routes.
  • Quality of Service (and Convergent Networks): To explain the quality of service, it works first defining the meaning of a converged network. To converge means “to be adjacent, or to come together” and in the context of networking it really means multiple forms of communication existing on the same network. In the early days of the Internet and before only basic forms of media were transmitted across a network, mostly text, and the odd picture. Nowadays, we have streaming media such as video and music, and telephony in the form of VoIP (Voice over IP). With these converged forms of communication, it has become necessary to establish a priority of importance. For example, data transmitting a request for a page over the internet is not as important, say, as the data delivering the Horizon episode I’m watching on BBC iPlayer. In some cases, the prioritization of network traffic will be critical to an organization’s operation (for example, the phone system of an emergency service). Quality of service can be implemented in two stages. First, the types of communication that are to occur on the network are classified into groups according to the type of communication or relative importance, and then each group of communication is assigned a priority.
  • Security: Without networks, data security would really just be a matter of securing the storage medium data is stored on in a physical location, in other words, you secure access to the hardware. With networks, the transfer of data from point A to point B can also be of concern to an organization. Security is not inherent in computer networks as there are many points where the transfer of data can be monitored or intercepted, and the kind of data we transfer can be extremely sensitive (personal information, bank details, trade secrets, etc.) security has become an essential part of computer networking. Network security can be broken down into two parts: network infrastructure security which relates to controlling physical and management access to the network hardware; and content security, which is the control of content stored on the network-attached devices. From the perspective of a system user, there are three things that it is hoped network security will provide; ensured confidentiality, maintenance of integrity, and ensured availability. These can be achieved in the following ways: Confidentiality can be ensured by preventing unauthorized access to or theft of content using authentication systems that require strong passwords, and by encrypting content where appropriate. Integrity can be maintained by stopping the data from being modified or corrupted before it reaches its destination, and by ensuring the content is coming from a trusted source. Such tools as digital signatures and checksums are useful tools for this. Availability can be assured by preventing Denial of Service attacks on the network. Denial of Service often occurs because of a computer virus, which can be prevented by using firewalls and anti-virus software, and building redundancy into the network can reduce the impact of such an attack.

Types of Network Architecture[7]

The two types of widely used network architectures are peer-to-peer aka P2P and client/server aka tiered.

Peer-to-Peer Architecture

In a peer-to-peer network, tasks are allocated to every device on the network. Furthermore, there is no real hierarchy in this network, all computers are considered equal and all have the same abilities to use the resources available on this network. Instead of having a central server that would act as the shared drive, each computer that's connected to this network would act as the server for the files stored on it.

Peer-to-Peer Model
source: Binayak Adhikari

Advantages of a peer-to-peer network

  • Does not require a dedicated server which means it's less costly.
  • If one computer stops working, the other computers connected to the network will continue working.
  • Installation and setup are quite painless because of the built-in support in modern operating systems.

Disadvantages of a peer-to-peer network

  • Security and data backups are to be done to each individual computer.
  • As the number of computers increases on a P2P network… performance, security, and access become a major headache.

Client/Server Architecture

Client Server Architecture, the architecture of a computer network in which many clients (remote processors) request and receive service from a centralized server (host computer). In a client/server network, a centralized, really powerful computer(server) acts as a hub in which other computers or workstations(clients) can connect to. This server is the heart of the system, which manages and provides resources to any client that requests them.

Client/Server Model.png
source: Binayak Adhikari

Advantages of a client/server network

  • Resources and data security are controlled through the server.
  • Not restricted to a small number of computers.
  • Server can be accessed anywhere and across multiple platforms.

Disadvantages of a client/server network

  • Can become very costly due to the need for a server as well as networking devices such as hubs, routers, and switches.
  • If and when the server goes down, the entire network will be affected.
  • Technical staff needed to maintain and ensure network functions efficiently.

Network Architecture Challenges[8]

A significant challenge for cloud network architects is navigating the move to cloud computing. The rise of the cloud is forcing network architects to change network architecture to deliver greater cost-efficiency while delivering better cloud computing applications and service performance to internal and external clients. Challenges this specifically brings to the domain of network architects include:

  • Legacy network architectures rely on carrier-based WAN services and assume that Internet access is sporadic, light, and non-critical. This means that Internet traffic is typically backhauled from distributed locations to one or more centralized points where Internet-routed peerings are implemented. As cloud and SaaS adoption grows, this model is challenged to deliver
  • The way that application products are being developed is becoming less monolithic and more service-oriented. This means that cloud network design must accommodate distributed infrastructure such as hybrid clouds, heavy reliance on Internet connectivity for inter-service communications, and the rapid instantiation, movement, and tear-down of containerized services via orchestration.
  • A heavy legacy of hardware appliance-based network functions prevents cloud network designs from being agile to accommodate changing requirements.
  • SaaS adoption requires higher Internet bandwidth to end-users, while SaaS providers utilize a variety of Internet-based service delivery architectures.
  • The move to hybrid and software-defined WANs (SD-WANs), plus direct Internet access (DIA) changes long-standing WAN performance assumptions since the Internet is a highly unpredictable cloud network environment when compared to carrier-based MPLS services.

See Also