现在的一切都是为将来的梦想编织翅膀,让梦想在现实中展翅高飞。
Now everything is for the future of dream weaving wings, let the dream fly in reality.
Click to enter the series of articles directory
Advanced skills in system architecture design · Communication system architecture design theory and practice
Communication system architecture is the infrastructure and system environment of software architecture. In architectural practice, the performance, availability, reliability and other quality attributes of software are largely affected by the infrastructure and environment. Good infrastructure can effectively help Improve the performance and availability of system architecture and enhance reliability.
1. Communication system network architecture
The main forms of communication networks: local area network, wide area network, and mobile communication network.
1.1 LAN network architecture
A local area network is a network of computers dedicated to a single organization. It usually consists of a computer supporting a variety of transmission interfaces and other equipment.
Features : It has small geographical coverage, high data transmission rate, low bit error rate, high reliability, supports multiple transmission media, and supports real-time applications.
Local areas are classified according to network topology : bus type, ring type, star type, tree type, hierarchical type and other types.
Classified by transmission medium : wired LAN and wireless LAN.
There are 4 types of LAN network architecture :
-
(1) Single-core architecture . Use a single core layer 2 or layer 3 switching device as the network core.
Advantages : simple structure, economical equipment investment, and convenient access.
Disadvantages : limited geographical range, core single point of failure, limited expansion capabilities, and high core port density requirements when there are many access devices. -
(2) Dual-core architecture . Use two core three-layer and above switches as the core of the network.
Advantages : The network topology has high reliability and easy access.
Disadvantages : The investment is higher than that of a single core, and the core port density requirements are higher. -
(3) Ring architecture . Multiple core layer 3 and above switches are used to form a dual dynamic resilient packet ring (RPR) as the core of the network. Advantages
: RPR has self-healing protection, saves optical fiber resources, provides multi-level, reliable QoS services, and effectively utilizes bandwidth. Resources.
Disadvantages : The investment is high, routing redundancy design is difficult to implement and loops are easy to form, and multi-ring intelligence cannot communicate directly through business interfaces. -
(4) Hierarchical architecture . The hierarchical model consists of three layers of switching equipment and user equipment: core layer, aggregation layer, and access layer.
Core layer : Responsible for high-speed data forwarding.
Access layer : User equipment access.
Aggregation layer : Provides sufficient interfaces to implement mutual access control with the access layer.
The advantages of the hierarchical architecture : easy expansion, hierarchical troubleshooting of network faults and easy maintenance.
1.2 WAN network architecture
WAN uses public packet switching network, wireless packet switching network, and satellite communication network to build a local area network where communication subnets are connected and distributed to realize the sharing of resource subnets. The wide area network consists of a backbone network, a distribution network, and an access network .
WAN network architecture can be divided into:
-
(1) Single-core architecture . A single core layer 3 switching device is used as the core of the network.
Advantages : simple structure, economical equipment investment, high efficiency of LAN mutual access, and convenient access to new LANs.
Disadvantages : core single point of failure, poor scalability, and high port density requirements for core equipment. -
(2) Dual-core architecture . Two core layer 3 or above switches serve as the core of the network.
Advantages : The network topology is reliable, routes can be hot-switched, high reliability, and LAN access is more convenient.
Disadvantages : The investment is higher than that of a single core, routing redundancy design is more difficult to implement, and core port density requirements are higher. -
(3__ )Ring architecture__ . Multiple core layer 3 and above switches form a routing loop as the core of the network.
Advantages : Easy access.
Disadvantages : high investment, routing redundancy design is difficult to implement and prone to loops, and core port density requirements are high. -
(4) Semi/full redundant architecture . The network core is composed of multiple core routing devices interconnected. If any core has more than two links to other cores, it is a semi-redundant architecture. If there are links between any two cores, it is a fully redundant architecture.
Advantages : flexible structure, flexible routing, easy expansion, and high reliability.
Disadvantages : The structure is fragmented, inconvenient to manage and troubleshoot. -
(5) Peer-to-peer subdomain architecture . The semi-redundant core is divided into two independent sub-domains, and the sub-domains are interconnected through one or more links.
Advantages : Flexible routing control.
Disadvantages : It is difficult to implement redundant design between subdomains, it is easy to form loops or there is the risk of illegal routing, and the performance requirements of subdomain interconnection equipment are high. -
(6) Hierarchical subdomain architecture . The semi-redundant core is divided into multiple independent subdomains, and there is a hierarchical relationship between subdomains. High-level subdomains connect multiple low-level subdomains.
Advantages : good scalability and flexible routing control.
Disadvantages : It is difficult to implement subdomain route redundancy design, it is easy to form loops or there is the risk of illegal routing, and the performance requirements of subdomain interconnection equipment are high.
1.3 Mobile communication network network architecture
The 5G system provides data network interconnection for mobile terminal users. The data network can be the Internet, IP media subsystem, or private network. There are transparent mode and non-transparent mode for user equipment to access the data network through the 5G system. In transparent mode, the 5G system accesses the operator's network through the user plane functional interface, and then connects to the Internet through a firewall or proxy. In non-transparent mode, the 5G system can connect to the operator network or the Internet directly or through other networks.
1.4 5G network edge computing
5G network edge computing can provide vertical industries with nearby business offloading services characterized by time-sensitive and high bandwidth. Firstly, it provides users with an excellent service experience, and secondly, it reduces the pressure on mobile network back-end processing.
1.5 Software-defined networking
SDN is a new innovative network architecture. The core idea is to centralize the control logic of switching devices in the network onto a computing device through the separation of control and forwarding. The control plane can be centrally managed and controlled to improve network management and configuration capabilities.
1.6 Storage network architecture
Storage network design disk storage access methods: direct-attached storage, network-attached storage, storage area network.
- (1) Direct Attached Storage (DAS) : The storage device is directly connected to a single computer through the IDE/AT A/SCSI interface or fiber channel. The computer accesses the storage device through I/O. The storage device can be a hard drive. , RAID arrays, CDs, DVDs, tape drives.
- (2) Network Attached Storage (NAS) : The storage device is connected to the computer group through a standard network topology. The computer accesses the NAS storage device through the RPC interface through the IP LAN or WAN TPC or UDP protocol.
- (3) Storage Area Network (SAN) : A dedicated network established specifically for storage using mesh channel technology that is independent of the TCP/IP network and connects storage arrays and servers through mesh channel switches.
A comparison of the three storage network architectures is shown in the table:
| Comparative item | THE | NAS | SAN |
|---|---|---|---|
| Architecture category | Stand-alone storage architecture | Network storage architecture | Network storage architecture |
| interview method | I/O bus | network | network |
| resource utilization | Stand-alone storage | shared storage | shared storage |
| access medium | bus | Ethernet | Ethernet/Fibre Channel |
| Advantages and features | Easy to use and manage/low equipment cost | Easy to use and manage/high scalability/low equipment cost | High performance/low latency/high flexibility |
2. Key technologies for network construction
2.1 IPv4 and IPv6 converged networking technology
IPv4 and IPv6 integrated networking technology . At present, network evolution still has a long transition period from IPv4 to IPv6 or a coexistence period between IPv4 and IPv6 networks. At this stage, there are mainly three transition technologies: dual protocol stack, tunnel technology, and network address translation technology.
- (1) Dual protocol stack : Two protocols coexist with dual stacks on the same platform and run at the same time.
- (2) Tunnel technology : including ISATAP tunnel, 6to4 tunnel, over6 tunnel, and 6over4 tunnel.
- (3) Network Address Translator (NAT) technology : Treat IPv4 addresses and IPv6 addresses as internal addresses and external addresses respectively, or vice versa, to achieve address translation.
3. Network construction
3.1 Network requirements analysis
Network demand analysis mainly analyzes business needs, user needs, application needs, computer platform needs and network needs.
3.2 Network technology selection and design
Network technology selection and design can use spanning tree protocol, virtual LAN (VLAN), wireless LAN (WLAN), line redundancy design, server redundancy design, etc.
3.3 WAN technology selection
To avoid WAN technology selection, you can use cloud access technology and city-wide network interconnection technology, such as Digital Data Network (DDN), Synchronous Word Hierarchy (SDH), Multi-Service Transport Platform (MSTP), Virtual Private Network (VPN), etc. WAN performance optimization strategies include: WAN performance optimization yellow reserved bandwidth, utilization of dial-up lines, transmission data compression, link aggregation, data priority-based sorting, protocol-based bandwidth reservation, etc.
3.4 Hierarchical network model design
The advantages of hierarchical design are that it can reduce costs, make full use of modular equipment/components, and make network changes or evolutions easy. Hierarchical network design generally adopts a three-layer model design idea: access layer, aggregation layer, and core layer. Reference →Click Network Planning and Design
Principles of hierarchical design:
- (1) Control the network level.
- (2) Start from the access layer and analyze the planning upward.
- (3) Use modular design as much as possible.
- (4) Strictly control the network structure.
- (5) Strictly control the hierarchical structure.
3.5 Network security control technology
Relevant technologies for implementing network security control mainly include:
- (1) Firewall . The protection wall is a security barrier between networks and can protect local network resources. Firewalls can allow denying/redirecting traffic as well as auditing access or services to and from the network. Firewall systems include: hardware firewall, software firewall, and embedded firewall. Types of firewalls include packet filtering, application layer gateways, proxy services, etc.
- (2) Virtual private network technology . This technology uses public networks to establish private private networks, which has the advantages of low cost, convenient access, strong scalability, and convenient management and control.
- (3) Access control technology . Access control technologies mainly include: discretionary access control (DAC), mandatory access control (MAC), role-based access control (RBAC), task-based access control (TBAC) and object-based access control (OBAC).
- (4) Network security isolation . Isolate attacks outside the network to ensure that information within the network is not leaked. The forms include: subnet isolation, physical isolation, VLAN isolation, and logical isolation.
- (5) Network security protocols . Reference →Click Network Planning and Design
3.6 Network security audit
Network security audit is used to test, evaluate and analyze network vulnerabilities, and can realize automatic response, data generation, analysis, browsing, event storage, event selection and other functions.
3.7 Green network design methods
Green network design adopts the ideas of streamlined design, reused design, and recycled design. The design principles are:
- (1) Standardization : Reduce conversion equipment and be compatible with heterogeneous solutions.
- (2) Integration : Reduce the total amount of equipment and reduce resource requirements.
- (3) Virtualization : Flexible deployment and use on demand.
- (4) Intelligence : Reduce labor costs and reduce resource occupation.