Case Study of COMSATS Internet Service Providers

By:

Muhammad Osama Raza

Rii-12-1354

Rizwan Arif
Rii-13-1375

Zohaib Mukhtar
Rii-12-1345

Submitted To:
Sir Khurram Javed

Faculty of Computing
Riphah International University, Islamabad
Spring 2010

Page 1 of 62
 Dedication

We dedicate our project our Parents whose

support are always there in our life. And to all the
teachers who ever taught us, due to their hard
work we are able to do that.

Page 2 of 62
 Acknowledgement

First of all we are thankful to Allah Almighty the Merciful, the Beneficent and the source
of all Knowledge, for granting us the courage and knowledge to complete this Project.

Here I take the opportunity to acknowledge the cooperation of our teachers who guide
us through the completion of that project.

We are especially thankful to Mr.Shaukat Hussain (Sr.Corporate Sale’s Executive) and

Mr.Umar Ali (Dept. Director Communications) of COMSATS Internet Service Providers
Islamabad, without their kind cooperation we would not be able to complete that
project.

_______________

Muhammad Osama Raza

Rii-12-1354

______________

Rizwan Arif

Rii-13-1375

______________

Zohaib Mukhtar

Rii-12-1345

Page 3 of 62
 Table of Contents

Introduction………………………………………………………………………………….5
1. Front End……………………………………………………………………………………………………………….6
1.1 Services provided by our ISP……………………………………………………………………………6
1.2 Technologies offered by the ISP………………………………………………………………………6
1.3 Comparative rates…………………………………………………………………………………………..9
1.4 User Equipment………………………………………………………………………………………………14
1.5 Technical overview………………………………………………………………………………………….14
1.6 Data rates , Pros & cons…………………………………………………………………………………..18
1.7 Promotions & Packages……………………………………………………………………………………19

2. Local LAN………………………………………………………………………………………………………………24
2.1 Infrastructure MAP………………………………………………………………………………………….24
2.2 Description ………………………………………………………………………………………………………25
2.3 Local switch………………………………………………………………………………………………………28
2.4 Local Infrastructure…………………………………………………………………………………………..29
2.5 Servers Functionalities & statics………………………………………………………………………32
2.6 Other Servers……………………………………………………………………………………………………36

3. Back Bone…………………………………………………………………………………37
3.1 LAN ISP…………………………………………………………………………37
3.1.1. Firewall………………………………………………………………37
3.1.2. Features………………………………………………………….......37
3.2 Router Gateway…………………………………………………………………39
3.3 Backbone…………………………………………………………………..........41

4. Other Information………………………………………………………………………….42

4.1 Switches used by ISP…………………………………………………………………….42

4.2 Router used by ISP ………………………………………………………………………44

5. Appendix A……………………………………………………………………………......47

6. Appendix B………………………………………………………………………………..48

7. Appendix C………………………………………………………………………………..49

8. Appendix D………………………………………………………………………………..50

9- Appendix E………………………………………………………………………………..58

Page 4 of 62
 Introduction of ISP

COMSATS is an International, Inter-Governmental Organization, aiming at

socio-economic uplift of the third world through useful applications of science
and technology. COMSATS has number of technical and scientific projects
including COMSATS Internet Services (CIS) for providing Internet services
and COMSATS Institute of Information Technology (CIIT) a degree awarding
university having campuses at Islamabad, Lahore, Wah and Abbotabad.

COMSATS Internet Services (CIS) is one of the leading Internet Service

providers in Pakistan. CIS provides variety of Internet access services
ranging from dial up, leased lines and Broadband connectivity through DSL
and Radio-Links to value added services to corporate and residential users.

CIS started its operation in 1996 and is pioneer in launching Internet

Backbone on multi-city basis in the country and is now successfully operating
in 12 major cities of Pakistan and providing Internet products and services to
the people of Pakistan. CIS employs 200 people in its countryside network
including trained and qualified system administrators, Networking and
Communication engineers, Software designers and engineers, Web
developers, marketing, sales and customer support executives.

There specialty in LAN & WAN connectivity gives them an edge over our
competitors. The Sun, Microsoft, Intel, Compaq and Cisco Systems certified
engineers are constantly engaged in enhancing our network capabilities. The
international connectivity to US multiple Tier-1 IP backbones by submarine
cable makes CIS the largest Internet Service Provider of Pakistan.
Furthermore, CIS network operations centers are equipped with the Systems
and machines from World class vendors like SUN, CISCO Systems and
Compaq. CIS has the fiber backbone terminated at NOC Islamabad.

CIS clients include reputed national and international organizations and

companies; technology and business companies, foreign missions,
consulates and embassies, NGOs, social development and research

Page 5 of 62
 organizations coupled with good percentage of residential users. Till date CIS
has in its list 65,000 customers.
1-Front End

1.1 Services Provided by our ISP

 Dial up
 ISDN
 DSL
 Wireless
 Domain & Hosting
 Video conferencing

1.2 Technologies offered by the ISP

 Dial-up
 ISDN
 DSL
 Wireless
 Video Conferencing

Explanation

 Dial-up

Dial-up access is a form of Internet access through which the client uses a
modem connected to a computer and a telephone line to dial into an Internet
Service Provider's (ISP) node to establish a modem to modem link, which is
then routed to the Internet.
Dial-up requires time to establish a telephone connection and perform
handshaking before data transfers can take place, potentially a source of
frustration. In locales with telephone connection charges, each connection
incurs an incremental cost. If calls are time-charged, the duration of the
connection incurs costs.
Dial-up access is just like a phone connection, except that the parties at the
two ends are computer devices rather than people. Because dial-up access
uses normal telephone lines, the quality of the connection is not always good
and data rates are limited. The maximum data rate with dial-up access was
56 Kbps (56,000 bits per second).

Page 6 of 62
  ISDN
Integrated Services Digital Network

It is fully communication technology. It uses standard phone line(a copper

wire pair) in a home or office and converts it from a single circuit into high
speed digital circuits capable of transmitting audio, still images, motion
videos, and text data simultaneously. ISDN service makes possible video
conferencing and other real time data intensive application on ordinary
telephone line. The key feature of ISDN is that it integrates speech and data
on the same lines, adding features that were not available in the classic
telephone system. ISDN typically provides a maximum of 128 kbit/s in both
upstream and downstream directions.

 DSL
Digital Subscriber Line

(DSL) is a family of technologies that provides digital data

transmission over the wires of a local telephone network It is a modern
technology that uses existing twisted pair telephone line to transport high
bandwidth data such as web pages,
e-mail, attachments, music files, software, online videos and other large files.
DSL is available in a spectrum of speeds. Some are best for home, while
others are designed to accommodate rigorous business demands. DSL offers
unsurpassed value compared to other online access options. ADSL uses two
pieces of equipment one at user end called DSL CPE(customer premises
equipment) or DSL router and other at telephone exchange end called
DSLAM(DSL access multiplexer).DSLAM is costly equipment installed by the
internet service provider.
The data throughput of consumer DSL services typically ranges from 384
KB/s to 20 MB/s in the direction to the customer, depending on DSL
technology, line conditions, and service-level implementation.

 Wireless:

Wireless communication is the transfer of information over a distance without

the use of enhanced electrical conductors or "wires". The distances involved
may be short or long.

Page 7 of 62
 Fixed wireless is an ideal technology for providing high speed internet
services to medium & large sized business subscribers within a specific
geographic area from 5 KM to 30 KM. It is a suitable technology where ISDN
or DSL is not available. This technology transmits & receives data
symmetrically at licensed or unlicensed bands of frequencies. The most
commonly used unlicensed frequency bands are 2.4 GHZ & 5.8 GHZ.
Two typical configurations are used to delay broadband fixed wireless
system.

oPoint to Point Radio link

In this configuration, a radio/antenna combination at one end communication

with another radio/antenna combination. For point-to-point radio links,
directional antennas are used to focus the transmitted energy in he direction
of receiver and to focus antenna in the direction of transmit antenna.
COMSATS is already running up successfully several radio links in Islamabad
& other cities of Pakistan.

o Point to Multipoint Radio link

In this configuration, radio antenna combination at a hub communicates

simultaneously with any other radio/antenna combination. The antenna at the
hub location of a point to multipoint system normally vary broad coverage,
where as the antenna at subscriber\'s location may be directional. It is
possible to use more than one antenna at a hub site, both for point to
multipoint coverage to serve many subscribes & for point to Multipoint links to
connect distant subscribers.

 Video Conferencing:

Video conferencing is a communications technology that integrates video and voice

to connect remote users with each other as if they were in the same room. Each user
needs a computer, webcam, microphone, and broadband internet connection for
participation in video conferencing. Users see and hear each other in real-time,
allowing natural conversations not possible with voice-only communications
technology.

The core technology used in a videoconference (VC) system is digital

compression of audio and video streams in real time. The hardware or

Page 8 of 62
 software that performs compression is called a codec (coder/decoder).
Compression rates of up to 1:500 can be achieved. The resulting digital
stream of 1s and 0s is subdivided into labeled packets, which are then
transmitted through a digital network of some kind (usually ISDN or IP). The
use of audio modems in the transmission line allow for the use of POTS, or
the Plain Old Telephone System, in some low-speed applications, such as
video telephony, because they convert the digital pulses to/from analog
waves in the audio spectrum range.

The other components required for a video conferencing system include:

 Video input: video camera or web cam

 Video output: computer monitor , television or projector
 Audio input: microphones, CD/DVD player, cassette player, or any other
source of PreAmp audio outlet
 Audio output: usually loudspeakers associated with the display device or
telephone
 Data transfer: analog or digital telephone network, LAN or Internet.

1.3 Comparative rates

Dial up rates:

Dial up Basic:
o No e-mail account.
o No static IP.
o No COMSATS billing.

Dial up Standard:

o Flat rate package Rs 100 per month.

o Registered user name / password.
o E-mail account with 25MB quota.
o Zero COMSATS billing.

Dial up PREMIUM:

o Flat rate package with Rs 500 per month.

o E-mail account with 100MB quota.
o One static IP address.
o Free e-mail forwarding facility.

Page 9 of 62
 o Free e-mail alias (one)
o ZERO COMSATS billing.

 Mail box quota.

Mail quota Price per Month. (Rs) Price per year. (Rs)
25 MB 100 1000
50 MB 150 1500
100 MB 200 2100
200 MB 250 2800
500 MB 375 4000
1 GB 500 5500
2 GB 700 7500

 Assigned static IP address Rs 500 per month.

 E-mail forwarding Rs 200 per month per address.
 E-mail Alias Rs. 50 (one time).

 Scratch Cards Tariff

o Rs. 10 2 hrs Night Free (2 Days Expiry)

o Rs. 50 Rs.10/- hrs Night Free 12 to 7 am (10 Days Expiry)
o Rs. 100 Rs.10/- hrs Night Free 12 to 9 am(20 Days Expiry)
o Rs. 250 Rs.10/-hrs Night Free 12 to 9 am(25 Days Expiry)
o Rs. 500 Rs.10/-hrs Night Free 12 to 9 am(30 Days Expiry)

 DSL

Home user

Packages Connectivity Charges per Additional

month 100MB (Rs)
(Rs)
Unlimited 1 Mbps 1200 --
Download shared.

Page 10 of 62
 Unlimited 2 Mbps shared 2400 --
Download
6 GB 512K (CIR) 1200 35

Corporate user

Packages Connectivity Charges per Additional

month 100MB
(Rs) (Rs)
8 GB 512 K 1600 35
10 GB 512 K 2400 35
15 GB 512 K 3600 35
25 GB 512 K 5600 30
35 GB 768 K 7700 30
50 GB 768 K 11000 30
75 GB 768 K 16500 25
100 GB 1024 K 22000 25

Unlimited Data Transfer

S# Description Charges per month

CIR (Rs)
1 Internet charges for 4000
128 Kbps
2 Internet charges for 7500
256 Kbps
3 Internet charges for 11000
384 Kbps
4 Internet charges for 14500
512 Kbps
5 Internet charges for 21000
768 Kbps
6 Internet charges for 28500
1024 Kbps
7 Internet charges for 55000
2048 Kbps

Page 11 of 62
 o ADSL CPE charges: Rs. 3500
o RDSL CPE charges: Rs. 5500

 ISDN:

ISDN 64K and 128K

Sr. Total
Package Minimum Hrs. Rate Per Hr.
No Amount
1 ISDN 64K 10 25/- 250/-
3 ISDN 128K 10 50/- 500/-

Volume Based High Speed ISDN Connectivity

Sr.
Package (No Time Limit) Total Amount
No
1 1 GB 1500/-
2 2 GB 2800/-
3 3 GB 3500/-

 Domain registration and web hosting

o Bali Package

1 free domain name .com , .net , .org only

  50 MB Disk Spae + FTP
10 POP3 E-Mail Accounts
3 GB Data Transfer
  Website Stats
  Mysql
Rs. 1950 / annum.

Page 12 of 62
 o Fiji Package

1 free domain name .com , .net , .org only

  100 MB Disk Spae + FTP
  15 POP3 E-Mail Accounts
  6 GB Data Transfer
  Website Stats
  Mysql
  1 Sub Domain
Rs 3300 / annum.

o Carrebean Package:

1 free domain name .com , .net , .org only

  200 MB Disk Spae + FTP
  25 POP3 E-Mail Accounts
  12 GB Data Transfer
  5 MB MS SQL
  Website Stats
  Mysql
  2 Sub Domain
Rs 5950 / annum.

o Cancun Package:

1 free domain name .com , .net , .org only

  500 MB Disk Spae + FTP
  50 POP3 E-Mail Accounts
  20 GB Data Transfer
  15 MB MS SQL
  Website Stats
  Mysql
  5 Sub Domain
Rs 12600 / annum.

o Bermuda Package:

1 free domain name .com , .net , .org only

1024 MB Disk Spae + FTP

Page 13 of 62
   100 POP3 E-Mail Accounts
  30 GB Data Transfer
  20 MB MS SQL
  Website Stats
  Mysql
  10 Sub Domain
Rs 24700 / annum.

1.4 User Equipment

For dial-up
Modem

 DSL

Thomson Speed Touch 536 v6

Aztech DSL605E

 Wireless

Zhone 6218-I2-304

Aztech DSL605EW

1.5 Technical Overview

 Modem

A modem (modulator-demodulator) is a device that modulates an analog

carrier signal to encode digital information, and also demodulates such a
carrier signal to decode the transmitted information. The goal is to produce a
signal that can be transmitted easily and decoded to reproduce the original
digital data. Modems can be used over any means of transmitting analog
signals, from driven diodes to radio.
Modems are generally classified by the amount of data they can send in a
given time, normally measured in bits per second (bit/s, or bps).

 ISDN Installation Procedure

Page 14 of 62
 Customer can get new ISDN line from Telephone Company(PTCL) or convert
the existing analogue line into ISDN.Telephone company(PTCL) terminates
the ISDN line at your office or home and provide NT-1 equipment which
serves as interface between Telephone Company and home/office ISDN
equipment.
After the ISDN line Installed, COMSATS internet Services configures ISDN
connection at your PC within two hours.And then you enjoy a truly digital
connection.
For LAN, you need to purchase a sepearte ISDN router enabling multiple
computers at LAN to communicate with internet backbone.

 DSL
Thomson Speed Touch 536 v6

Interfaces:
- LAN:
• 10/100Base-T (RJ45)
• 1 Ethernet port and 1 USB port

- WAN:
• ADSL line (RJ11)
• Dimensions: 30 X 147 X 114mm (1.18 x 5.78 x 4.48 in.)
• AC voltage: 100 to 120, 220 to 240 V
• Frequency: 50/60 Hz

Page 15 of 62
  Aztech DSL605E

o Static IP support
o Dynamic RIP routing
o Network Address Translation (NAT)
o DHCP Server/Relay/client
o DNS Relay Agent P
o PPP Always on with configurable timeout
o PPP Dial on Demand
o NAT for basic Firewall support
o Platform: For Ethernet OS Independent

 Wireless

Zhone 6218-I2-304

Page 16 of 62
 o Interface
DSL Line: RJ11
Ethernet: 4 Port 10/100BaseT
Wireless: 802.11b/g

o ATM Support
o Routing/Bridge Support
o DHCP Server/Relay/Client
o Static Routing
o PPP Support: PPPoA, PPPoE, PAP/CHAP authentication
o NAT for Basic Firewall support
o MAC Filtering

 Aztech DSL605EW

o Static IP, Dynamic RIP routing support

o IP/TCP/UDP/ICMP/ARP/RARP Application Support
o Network Address Translation (NAT)
o DHCP Server/Relay/client
o DNS Relay Agent
o PPP Dial on Demand
o Universal Plug and Play Support

Page 17 of 62
 o IEEE 802.11, 802.11b and 802.11g compliant support
o Packet Filtering Firewall Support
o Password Authentication to Modem
o Platform support: For Ethernet and Wireless LAN
OS Independent

1.6 Data Rates, pro & cons:

Data Rate: 56 kbps

Pros.

It is not costly.
Good for limited use.
Affordable.

Cons.

Low speed.
Video chat is not possible.
Phone line remains busy while internet is on.

 DSL

o 512 k
o 765 k
o 1Mb
o 2Mb

Pros:
Always on, 24 hours.
No busy signal and no idle time or dropped connection.
50 times faster than dial up connections.
High speed internet access over existing telephone line.
No separate bill for voice communication.
You can set up VPN (Virtual Private Network) A secure
encrypted connection between a user’s distributed offices over a
public network.
Video conference is available.
Affordable.
Page 18 of 62
 Cons:
DSL is distance sensitive.
As distance from the exchange increases, signal quality and
connection speed decreases. ADSL service has maximum of
18000 ft between ADSL modem and the DSLAM.

1.7 Promotions and packages

Dial up:

Here are some dial up packages given below.

 Dial Up Basic
 Dial UP Standard
 DIAL UP Premium

Dial up Packages:

Dial up Basic:

 No e-mail account.
 No static IP.
 No COMSATS billing.

Dial up Standard:

 Flate rate package Rs 100 per month.

 Registered user name / password.
 E-mail account with 25MB quota.
 Zero COMSATS billing.

Dial up PREMIUM:

 Flate rate package with Rs 500 per month.

 E-mail account with 100MB quota.
 One static IP address.
 Free e-mail forwarding facility.
 Free e-mail alias (one)
 ZERO COMSATS billing.

Page 19 of 62
 Additional Mail box quota.

Mail quota Price per Month. (Rs) Price per year. (Rs)
25 MB 100 1000
50 MB 150 1500
100 MB 200 2100
200 MB 250 2800
500 MB 375 4000
1 GB 500 5500
2 GB 700 7500

Value added services:

 Assigned static IP address Rs 500 per month. (Not for Dialup basic).
 E-mail forwarding Rs 200 per month per address.
 E-mail Alias Rs. 50 (one time).

 DSL

DSL Tariff.

Home user

Packages Connectivity Charges per Additional

month 100MB (Rs)
(Rs)
Unlimited 1 Mbps 1200 --
Download shared.
Unlimited 2 Mbps shared 2400 --
Download
6 GB 512K (CIR) 1200 35

Corporate user

Packages Connectivity Charges per Additional

month 100MB

Page 20 of 62
 (Rs) (Rs)
8 GB 512 K 1600 35
10 GB 512 K 2400 35
15 GB 512 K 3600 35
25 GB 512 K 5600 30
35 GB 768 K 7700 30
50 GB 768 K 11000 30
75 GB 768 K 16500 25
100 GB 1024 K 22000 25

Unlimited Data Transfer.

S# Description Charges per month

CIR (Rs)
1 Internet charges for 4000
128 Kbps
2 Internet charges for 7500
256 Kbps
3 Internet charges for 11000
384 Kbps
4 Internet charges for 14500
512 Kbps
5 Internet charges for 21000
768 Kbps
6 Internet charges for 28500
1024 Kbps
7 Internet charges for 55000
2048 Kbps

o ADSL CPE charges: Rs. 3500

o RDSL CPE charges: Rs. 5500

Some other features:

 Free 25 MB mail quota.

 24X7 technical supports.
 Value added services are available for all DSL users on discount
rates
 Network Consultancy.

Page 21 of 62
  LAN WAN setup.
 Bandwidth is according to package chosen with static IP.

Domain Registration and Web Hosting

Packages:
There are different packages for the web hosting offered by
COMSATS. Which are given below.

 Bali
 Fiji
 Carrebean
 Cancun
 Bermuda

Bali Package

1 free domain name .com , .net , .org only

  50 MB Disk Spae + FTP
10 POP3 E-Mail Accounts
3 GB Data Transfer
  Website Stats
  Mysql
Rs. 1950 / annum.

Fiji Package:

1 free domain name .com , .net , .org only

  100 MB Disk Spae + FTP
  15 POP3 E-Mail Accounts
  6 GB Data Transfer
  Website Stats
  Mysql
  1 Sub Domain
Rs 3300 / annum.

Carrebean Package:

1 free domain name .com , .net , .org only

  200 MB Disk Spae + FTP
  25 POP3 E-Mail Accounts
  12 GB Data Transfer
Page 22 of 62
   5 MB MS SQL
  Website Stats
  Mysql
  2 Sub Domain
Rs 5950 / annum.

Cancun Package:

1 free domain name .com , .net , .org only

  500 MB Disk Spae + FTP
  50 POP3 E-Mail Accounts
  20 GB Data Transfer
  15 MB MS SQL
  Website Stats
  Mysql
  5 Sub Domain
Rs 12600 / annum.

Bermuda Package:

1 free domain name .com , .net , .org only

1024 MB Disk Spae + FTP
  100 POP3 E-Mail Accounts
  30 GB Data Transfer
  20 MB MS SQL
  Website Stats
  Mysql
  10 Sub Domain
Rs 24700 / annum.

Page 23 of 62
 2- Local LAN

2.1 Infrastructure map:

Page 24 of 62
 Internet
AAA
Server
Router

Switch

DSLAM ATM switch

Subscribers
Line

Router

RADIUS

Subscribers
Line

DSLAM Switch

RAS
User

2.2 Description:

 DSLAM

A DSLAM (Digital Subscriber Line Access Multiplexer) is a network device,

usually at a telephone company central office, that receives signals from
multiple customer Digital Subscriber Line (DSL) connections and puts the
signals on a high-speed backbone line using multiplexing techniques.

Page 25 of 62
 Depending on the product, DSLAM multiplexers connect DSL lines with some
combination of asynchronous transfer mode (ATM), frame relay, or Internet
Protocol networks. DSLAM enables a phone company to offer business or
homes users the fastest phone line technology (DSL) with the fastest
backbone network technology (ATM).

A DSLAM combines a group of subscribers' connections into one aggregate

Internet connection.

 ATM

Asynchronous Transfer Mode (ATM) is standard for connection oriented

networks which use cell relay communication, meaning that information for
multiple service types, such as voice, video, or data, is packed and
transmitted in small, fixed-size cells.

It is a dedicated switching technology that transmits small packets of data

using digital switch technology. It is implemented with hardware so it can be
done faster than other methods of data transmission.

ATM is a technology of cell-switching and multiplexing that has both benefits

of circuit switching and packet switching. It also provides range of bandwidth
from a few megabits per second (Mbps) to many gigabits per second (Gbps).

ATM uses a connection-oriented model and establishes a virtual circuit

between two endpoints before the actual data exchange begins.

ATM Cell Basic Format

The information that transfers through ATM is packed in fixed-size units called
cells. Each cell contains 53 bytes. The first 5 bytes contain cell-header
information, and the remaining 48 contain the user information.

Voice and video types of traffic can’t stand transmission delays; therefore
ATM’s small and fixed-length cells serve well such type of traffic.

 Operation of an ATM Switch

An ATM switch has the following job:

1. Determine whether an incoming cell is eligible to be admitted to the switch

Page 26 of 62
 2. Possibly perform a replication step for point-to-multipoint connections.

3. Schedule the cell for transmission on a destination interface. By the time it

is transmitted, a number of modifications might be made to the cell, including
the following:

 VPI and VCI

A Virtual Circuit Identifier (VCI) is a unique identifier which indicates a

particular virtual circuit on a network. It is a 16-bit field in the header of an
ATM cell. The VCI, together with the Virtual Path Identifier (VPI) is used to
identify the next destination of a cell as it passes through a series of ATM
switches on its way to its destination.

 UNI and NNI

The UNI specification defines communications between ATM end systems

such as workstations and routers and ATM switches in private ATM networks

The Network-Network Interface (NNI) specification defines communications

between two ATM switches in a private ATM network.

A private UNI connects an ATM endpoint and private ATM switch.

A public UNI connects an ATM endpoint or private switch to a public switch.

A private NNI connects two ATM switches within the same private network.

A public NNI connects two ATM switches within the same public network.

 RADIUS

Remote Authentication Dial In User Service (RADIUS) is a networking

protocol that provides centralized Authentication, Authorization, and
Accounting (AAA) management for computers to connect and use a network
service. RADIUS is a client/server protocol that runs in the application layer,
using UDP as transport. The Remote Access Server, the Virtual Private
Network server, the Network switch with port-based authentication, and the
Network Access Server, are all gateways that control access to the network,
and all have a RADIUS client component that communicates with the

Page 27 of 62
 RADIUS server. The RADIUS server is usually a background process running
on a UNIX or Windows NT machine.

RADIUS serves three functions:

1. To authenticate users or devices before granting them access to a

network,
2. To authorize those users or devices for certain network services and
3. To account for usage of those services.

 RAS

Remote access is the ability to get access to a computer or a network from a

remote distance. Remote access is also possible using a dedicated line
between a computer or a remote local area network and the central or main
corporate local area network remote access server is the computer and
associated software that is set up to handle users seeking access to network
remotely. A remote access server usually includes or is associated with a
firewall server to ensure security and a router that can forward the remote
access request to another part of the corporate network. A server that is
dedicated to handling users those are not on a LAN but need remote access
to it.

2.3 Local Switch

Zyxel-4124

Manufacturer Zyxel
Model ES-4124
Type Layer 3 switch
Layer 3

Page 28 of 62
  Features:

Number of Ports: 24

Connectivity Media: Twisted Pair 10/100/1000Base-T

Data Transfer Rate: 10Mbps Ethernet

Performance: 12.8Gbps

Layer Support: 2 Switching

IEEE 8021.p QoS

IEEE 8021.Q VLAN

Memory: 32MB

Input Voltage: 12 V DC

Dimensions: 1.75" Height x 17.24" Width x 10.63" Depth

Weight: 8.82 lb

Backup Power System

Up to 24 switches managed by single IP address

2.4 Local Infrastructure:

LAN standard: 802.3

Fast Ethernet
Gigabit Ethernet
10 gig

Cables: CAT-5 and CAT-6

Page 29 of 62
 Description:

PIX (Private Internet Exchange)

Manufacturer: CISCO

Model:

Page 30 of 62
 515 & 525

Cisco PIX (Private Internet exchange) is a popular IP firewall and network

address translation (NAT) appliance. It sits in between two networks and acts
like a gateway to either of the networks.
The PIX runs a custom-written proprietary operating system originally called
Finesse (Fast Internet Server Executive), but now the software is known
simply as PIX OS. Technically the PIX would be called a Layer 4, or
Transport Layer Firewall, as its access is not restricted to Network Layer
routing, but socket based connections. By default it allows internal
connections out (outbound traffic), and only allows inbound traffic that is a
response to a valid request or is allowed by an Access Control List (ACL).
The PIX can be configured to perform many functions including network
address translation (NAT) and port address translation (PAT), as well as
being a virtual private network (VPN) endpoint appliance.

 AAA server

An AAA server is a server program that handles user requests for access to
computer resources and, for an enterprise, provides authentication,
authorization, and accounting (AAA) services. The AAA server typically
interacts with network access and gateway servers and with databases and
directories containing user information.

Manufacturer HP
Model ML-150
Processor Dual Core
Operating System LINUX
RAM 2 GB
Hard disk 80 GB- RAID 3

 DHCP server

Dynamic Host Configuration Protocol (DHCP) is a network protocol that

enables a server to automatically assign an IP address to a computer from a
defined range of numbers.
DHCP operations fall into four basic phases: IP discovery, IP lease offer, IP
request, and IP lease acknowledgement.

Page 31 of 62
 DHCP uses client-server architecture. The client sends a broadcast request
for configuration information. The DHCP server receives the request and
responds with configuration information from its configuration database.

The DHCP server may have three methods of allocating IP-addresses:

Dynamic allocation: A network administrator assigns a range of IP

addresses to DHCP, and each client computer on the LAN has its IP software
configured to request an IP address from the DHCP server during network
initialization.

Automatic allocation: The DHCP server permanently assigns a free IP

address to a requesting client from the range defined by the administrator.
This is like dynamic allocation, but the DHCP server keeps a table of past IP
address assignments, so that it can preferentially assign to a client the same
IP address that the client previously had.

Static allocation: The DHCP server allocates an IP address based on a table

with MAC address/IP address pairs, which are manually filled in. Only
requesting clients with a MAC address listed in this table will be allocated an
IP address.

2.5 Servers Functionalities and Statistics

 File server

A file server is a computer responsible for the central storage and

management of data files so that other computers on the same network can
access the files. A file server allows users to share information over a network
Page 32 of 62
 without having to physically transfer files by external storage device. Any
computer can be configured to be a host and act as a file server.

Manufacturer DELL
Model Power Edge-2900
Operating System LINUX
RAM 4 GB
Hard disk 80 GB RAID-3

 Cache server

A cache server is a dedicated network server or service acting as a server

that saves Web pages or other Internet content locally. By placing previously
requested information in temporary storage, or cache, a cache server both
speeds up access to data and reduces demand on an enterprise's bandwidth.

 A forward cache sits close to users and accelerates their requests to

Internet.

 A reverse cache sits in front of one or more Web servers and web
applications, accelerating requests from the Internet.

Manufacturer DELL
Model Power Edge 2900
Operating System Windows server 2003
RAM 4 GB
Hard disk 80 GB - RAID 3
Forward mode YES
Reverse Mode NO
They are using cache servers with 2 DNS having forward and reverse look up
zone.

 DNS

The Domain Name System (DNS) is a hierarchical naming system for

computers, services, or any resource connected to the Internet or a private
network. It associates various information with domain names assigned to
each of the participants. It translates domain names meaningful to humans

Page 33 of 62
 into the numerical (binary) identifiers associated with networking equipment
for the purpose of locating and addressing these devices worldwide.
The Domain Name System makes it possible to assign domain names to
groups of Internet users in a meaningful way, independent of each user's
physical location

 Forward DNS lookup and reverse lookup

Forward DNS lookup is using an Internet domain name to find an IP

address. Forward DNS lookup is the more common lookup

Reverse DNS lookup is using an Internet IP address to find a domain

name.

 Proxy server

A proxy server is a server that acts as an intermediary between a workstation

user and the Internet so that the enterprise can ensure security,
administrative control, and caching service. A proxy server is associated with
gateway server that separates the enterprise network from the outside
network
A proxy server receives a request for an Internet service (such as a Web
page request) from a user. If it passes filtering requirements, the proxy server,
assuming it is also a cache server, looks in its local cache of previously
downloaded Web pages. If it finds the page, it returns it to the user without
needing to forward the request to the Internet. If the page is not in the cache,
the proxy server, acting as a client on behalf of the user, uses one of its own
IP addresses to request the page from the server out on the Internet. When
the page is returned, the proxy server relates it to the original request and
forwards it on to the user.

An advantage of a proxy server is that its cache can serve all users.

Manufacturer DELL
Model Power Edge 2900
Operating System LINUX
RAM 2 GB

Page 34 of 62
 Hard disk 80 GB – RAID 3

 Web server
A web server is computers program that delivers content such as web pages,
using the Hypertext Transfer Protocol (HTTP), over the World Wide Web.

The primary function of a web server is to deliver web pages to clients. This
means delivery of HTML documents and any additional content that may be
included by a document, such as images, style sheets and JavaScripts.

A client, commonly a web browser or web crawler, initiates communication by

making a request for a specific resource using HTTP and the server responds
with the content of that resource, or an error message if unable to do so. The
resource is typically a real file on the server's secondary memory

Web servers are not always used for serving the world wide web, but they
can also be found embedded in devices such as printers, routers, webcams
and serving only a local network. The web server may then be used as a part
of a system for monitoring and/or administrating the device in question. This
usually means that no additional software has to be installed on the client
computer, since a only a web browser is required

Load Limits
A Web server (program) has defined load limits, because it can handle only a
limited number of concurrent client connections usually between 2 and
80,000, by default between 500 and 1,000 per IP address.

Manufacturer HP
Model ML-150
Operating System LINUX
RAM 2 GB
Hard disk 80 GB- RAID-3

 FTP

An FTP server is a software application running the File Transfer Protocol

(FTP). File Transfer Protocol (FTP) is a standard network protocol used to
copy a file from one host to another network, such as the Internet. FTP is built
on client-server architecture and utilizes separate control and data
connections between the client and server applications. FTP is used with
user-based password authentication or with anonymous user access.

Page 35 of 62
 A client makes a connection to the server on TCP port 21. This connection,
called the control connection, remains open for the duration of the session,
with a second connection, called the data connection, on port 20 opened as
required to transfer file data. The control connection is used to send
administrative data.

Manufacturer DELL
Model Power Edge 2900
Operating System LINUX
RAM 4 GB
Hard disk 80 GB - RAID-3
Allocated size 1 GB, 2GB

It is used for the backup the user’s account, contains the user’s data which
can be in the form of files.

 Mail server

A mail server is an application that receives incoming e-mail from local users
and remote senders and forwards outgoing e-mail for delivery. A computer
dedicated to running such applications is called a mail server. Mail exchanged
across networks is passed between mail servers that run specially designed software

Manufacturer HP
Model ML 150
Operating System LINUX
RAM 2 GB
Hard disk 80GB – RAID-3

2.6 Other servers:

 Database server

A computer in a network that is dedicated to database storage and retrieval.

It holds the database management system and the databases. Upon

Page 36 of 62
 requests from the client machines, it searches the database for selected
records and passes back the results.
Such a server is accessed either through a "front end" running on the user’s
computer which displays requested data or the back end which runs on the
server and handles tasks such as data analysis and storage.

Manufacturer DELL
Model Power Edge 2900
Operating System Sun Solaris
RAM 4 GB
Hard disk 80 GB – RAID-3

 Hosting server

Manufacturer DELL
Model Power Edge 2900
Operating System Windows server 2003
RAM 4 GB
Hard disk 80 GB – RAID-3

3-Backbone

3.1 LAN ISP

Page 37 of 62
 3.1.1 Firewall:

Name ISA server

Soft / Hard Soft
Manufacturer Microsoft
Version 2004
Inbound/Outbound Both
Outside access denied,
Policies authentication, internet session
maintained
Hardware DELL- Power Edge 2900
Operating system Microsoft Server 2003
RAM 2GB

Description:

Microsoft's ISA Server stands for Internet Security and Acceleration Server.
ISA Server provides the two basic services of an enterprise firewall and a
Web proxy/cache server. ISA Server's firewall screens all packet-level, circuit-
level, and application-level traffic.

Inbound access control allows you to configure what traffic should be

allowed from an external network into an internal network.

Outbound access controls allow you to configure what traffic can leave the
internal network and what services can be requests by internal network
clients.

3.1.2 Features:

 Centralized logging and reporting

Logs and reports traffic moving through all members of an enterprise

array.
Eliminates need to collect log file information from each firewall and
organize it to create unified report information.

 Enterprise policy

Set security policies at enterprise levels for consistent control over

security standards throughout your geographically diverse

Page 38 of 62
 organization, with application of array-level policy and local policy, as
appropriate.

 Multi-layer firewall

Provides three types of firewall functionality: packet filtering , stateful

filtering, and application layer filtering.

 Block access to all executable content

HTTP policy enables you to block all connection attempts to the

Microsoft Windows operating system executable content, regardless
of the file extension used on the resource.

 FTP policy

The ISA Server 2006 FTP policy can be configured to let users
upload and download through FTP, or you can limit user FTP access
to download only.

 Authentication

Authenticate users with built-in Windows, LDAP, RADIUS, or RSA

SecurID authentication.

Separate front-end and back-end configuration provides for more

flexibility and granularity.

Supports single sign-on for authentication to Web sites.

Apply rules to users or user groups in any namespace.

 RADIUS support

3.2 Router Gateway

Manufacturer: CISCO

Model: 7507

Features:

Page 39 of 62
 Connectivity Technology: Wired

Data Link Protocol: ATM, FDDI, ISDN, Serial, Ethernet, 

Token Ring, Fast Ethernet

OS Required: Cisco IOS

RAM: 32 MB installed / 128 MB max

Bandwidth: 1 Gbps

Cisco 7507 (Front View)

Page 40 of 62
 Cisco 7507 (Rear View)

3.3 Backbone:

 Bandwidth used fro backbone connectivity

Page 41 of 62
 100 Mbps

 Number of lines to connect to backbone

2
Automatic shifting
Gigabit converter

 Method of transfer
Fiber DWDM

 DWDM
Dense Wavelength Division Multiplexing

An optical technology used to increase bandwidth over existing fiber optic

backbones.
It is a technology which multiplexes multiple optical carrier signals on a
single optical fiber by using different wavelengths of laser light to carry
different signals. This allows for a multiplication in capacity, in addition to
enabling bidirectional communications over one strand of fiber.
An advantage to DWDM is that it's protocol- and bit-rate-independent.
DWDM-based networks can transmit data in IP, ATM, SONET /SDH, and
Ethernet, and handle bit rates between 100 Mb/s and 2.5 GB/s. Therefore,
DWDM-based networks can carry different types of traffic at different
speeds over an optical channel.

4 Other Information

4.1 Switches which are using by our ISP

Page 42 of 62
  CISCO 3560

The Cisco 3560 is a line of fixed-configuration, enterprise-class switches that

include IEEE 802.3 and Cisco prestandard Power over Ethernet (PoE)
functionality in Fast Ethernet and Gigabit Ethernet configurations. The Cisco
3560 is an access layer switch for small enterprise LAN access or branch-
office environments, combining both 10/100/1000 and PoE configurations for
maximum productivity and investment protection while enabling the
deployment of new applications such as IP telephony, wireless access, video
surveillance, building management systems, and remote video kiosks.
Customers can deploy network wide intelligent services-such as advanced
quality of service (QoS), rate limiting, access control lists (ACLs), multicast
management, and high-performance IP routing-while maintaining the
simplicity of traditional LAN switching.

Features

 Number of ports 24
 Superior Redundancy for Fault Backup
 High-Performance IP Routing
 Integrated Cisco IOS Software
 Features for Bandwidth Optimization
 Configurable up to 12,000 MAC addresses
 Configurable up to 11,000 unicast routes

 CISCO 3550

The Cisco 3550 Series Intelligent Ethernet Switches is a line of enterprise-

class, stackable, multilayer switches that provide high availability, security
and quality of service to enhance the operation of the network. With a range
of Fast Ethernet and Gigabit Ethernet configurations, the 3550 series can
serve as both a powerful access layer switch for medium enterprise wiring
closets and as a backbone switch for small networks.

Features:

 Number of ports 24
 Superior Redundancy for Fault Backup
 High-Performance IP Routing
 User and Device Authentication
 Configurable up to 12,000 MAC addresses
 Configurable up to 24,000 unicast routes

Page 43 of 62
  Configurable up to 8,000 multicast router

 CISCO 2960

Cisco 2960 is a form of fixed-configuration standalone devices that provide

desktop Fast Ethernet and Gigabit Ethernet connectivity, enabling enhanced
LAN services for entry-level enterprise, mid-market, and branch office
networks.
The 2960 offers integrated security, including network admission control
(NAC), advanced quality of service (QoS), and resiliency to deliver intelligent
services for the network edge.

Features

 Dual-purpose uplinks for Gigabit Ethernet uplink flexibility, allowing use

of either a copper or a fiber uplink.
 Network control and bandwidth optimization.
 Network security through a wide range of authentication methods, data
encryption technologies, and network admission control based on
users ports, and MAC addresses.
 Configurable up to 8000 MAC addresses.
 Configurable maximum transmission unit (MTU) of up to 9000 bytes,
with a maximum Ethernet frame size of 9018 bytes.

 CISCO 2950

The Cisco 2950 is a member of the Cisco Catalyst 2950 Series switches, and
is a standalone, fixed-configuration, managed 10/100 switch providing user
connectivity for small to mid-sized networks.
Cisco 2950 switch offers enhanced data security through a wide range of
security features. These features allow customers to provide network security
based on users or MAC addresses.

Features

 Layer 2
 Configurable up to 8000 MAC addresses
 Standard Image (SI) software installed.

 Foundry Fastiron 4802

Page 44 of 62
  FastIron 4802 delivers the highest available switching
performance in the industry’s smallest 48-port 10/100 footprint,
providing the richest feature set available in a fixed configuration
switch product.
 Layer 2 and Layer 3 Switching Features
 Network Monitoring, Accounting, and Billing
o Port-based byte accounting
o MAC-based accounting and traffic matrix based on MAC
addresses
o Inter-VLAN accounting
o IP subnets, IP addresses, and IP traffic matrix

 Performance:
o Up to 10,100,000 packets per second
o Switching Capacity:
o Up to 34 Gbps

4.2 Routers which are using by our ISP:

 CISCO 7206

Interfaces

o Ethernet 10BASE-T and 10BASE-FL

o Fast Ethernet 100BASE-T
o Gigabit Ethernet
o Token Ring (half and full duplex)

Deployment
o WAN edge
o Broadband aggregation
o Voice/video/data integration
o IP Security virtual private networking

Processor Memory: 128 MB (default)

Layer 2 and Layer 3 protocols

 CISCO 3640

Page 45 of 62
 The Cisco 3600 series is a multifunction platform that combines dial access,
routing, and LAN-to-LAN services and multi-service integration of voice, video
and data in the same device. It is fully supported by Cisco IOS software,
which includes analog and digital voice capability. The Cisco 3640 has four
network module slots.

Features

o Analog and digital voice services

o ATM networking services
o Dial-up services
o LAN-to-LAN services
o Network module slots 4
o Supported network interfaces

 Ethernet

 Fast Ethernet

 Token Ring

 Asynchronous

 Synchronous serial

 Digital Modems

 Analog Modems

 Voice

Page 46 of 62
 Cisco 3640 Router Rear View
 CISCO 3745

Features:

o Interfaces
 LAN
 WAN
 Serial
 ISDN/Channel
 Voice
 ATM
 Modem

o Default memory of 32MB

o Support for Optional Redundant Power

Page 47 of 62
 CISCO 3745 with interfaces

Appendix A

Broachers , leaflets

Page 48 of 62
 Appendix B

 Logs

Activity Milestone achieved Time taken

Visit the outlet Broachers,
advertisements,
information about
equipments
Visit to ISP Working study, next
appointments
Documentation started Front end completed
Literature study Concepts about
equipments
Local infrastructure
Visit No. 2 study, statistical
information
Documentation --------------
Visit No-3 Core study
Search about equipments Material for
documentation
Visit No-4 Resolve confusions
Documentation Report
Checking of document Final document

Page 49 of 62
 Appendix C

 Questionnaire

How the user terminates at your end? What are the ways?
How the user’s request is forward through different hardware?
Is this infrastructure is different according to your offering technologies or not?
What are the technologies available for that hardware?
What switches you are using? Level and manufacturer?
What routers you are using?
Which one is gateway router?
What is the role of local switch and its specification?
How your local users are access the internet?
Which LAN standard you are using?
What kind of server you are using? And their specifications?
How these servers are different with each other?
What are security measures?
How many firewalls you are using? They are hard of soft?
What are the implemented policies for firewall?
How they are deployed and how they provide security?
What kind of cables are using for local infrastructure?
How much bandwidth for backbone? And how many lines are connected?
How this transfer takes place? Method and its detail?
How many addresses you are using? Specify the classes?

Page 50 of 62
 Appendix D

 Pictures and diagrams

ISP Headquarter

A DSLAM

Page 51 of 62
 An ATM switch

Page 52 of 62
 A PIX

RAS

Page 53 of 62
 CISCO 7505 Router

CISCO 7602 Router

Page 54 of 62
 Routers

CISCO 3640 Router

CISCO 3740 Router

CISCO 2800 Router

Page 55 of 62
 Switches

CISCO 3560 Switch

CISCO 3550 Switch

CISCO 2960 Switch

CISCO 2950 Switch

Page 56 of 62
 Foundar 4802 Switch

Zyxel 4124 Switch

Page 57 of 62
 Servers

DELL-PowerEdge 2900

HP ML-150

Page 58 of 62
 Cables

CAT-5

Page 59 of 62
 CAT-6

Appendix E

References

1-http://www.webopedia.com/TERM/D/dial_up_access.html

2-http://en.wikipedia.org/wiki/Integrated_Services_Digital_Network

3-http://www.wisegeek.com/what-is-video-conferencing.htm

4-http://en.wikipedia.org/wiki/Computer_modem

5-http://www.spectra.com/pdfs/cisco7500.pdfhttp://searchcio-
midmarket.techtarget.com/sDefinition/0,,sid183_gci213968,00.html

6-http://en.wikipedia.org/wiki/Domain_Name_System

7-http://www.webopedia.com/TERM/W/Web_server.html

8-http://en.wikipedia.org/wiki/Web_server

9-http://www.webopedia.com/TERM/F/FTP_Server.html

10-http://en.wikipedia.org/wiki/FTP_server

11 http://searchsoa.techtarget.com/sDefinition/0,,sid26_gci876011,00.html

12-http://www.wisegeek.com/what-is-a-mail-server.htm

Page 60 of 62
 13-http://www.answers.com/topic/database-server

14-
http://searchtelecom.techtarget.com/sDefinition/0,,sid103_gci213916,00.html

15-http://www.techterms.com/definition/dslam

16-http://www.cramsession.com/articles/get-article.asp?aid=304

17-
http://searchenterprisedesktop.techtarget.com/sDefinition/0,,sid192_gci86422
0,00.html

18-
http://www.microsoft.com/forefront/edgesecurity/isaserver/en/us/features.aspx

19-http://www.spectra.com/pdfs/cisco7500.pdf

20-http://reviews.cnet.com/routers/cisco-7507-router/4507-3319_7-
227150.html?tag=mncol;rnav

21-
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps5528/product_
data_sheet09186a00801f3d7d.html

22-
http://www1.cisco.com/en/US/products/hw/routers/ps359/products_installation
_and_configuration_guide_chapter09186a00801c63a5.html#wp1038366

23-
http://www.vantage.com/pdfs/communications/cisco_catalyst_3560_switch.pd
f

24-
http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps646/product_d
ata_sheet09186a00800913d7.html

25-
http://newsroom.cisco.com/dlls/2005/eKits/cisco_catalyst_2960_series_switch
es.pdf

26-
http://www.cisco.com/en/US/products/hw/switches/ps628/products_data_she
et09186a00801cfb71.html

Page 61 of 62
 27-
http://www.mtmnet.com/PDF_FILES/fi4802.pdf

28-
http://www.icann.org/en/tlds/org/applications/dotorgfoundation/Tech_Attachm
ents/Hardware/Network/Color-Cisco_7200.pdf

29-http://www.arcelect.com/cisco_3600_router.htm

30-http://en.wikipedia.org/wiki/DWDM#Dense_WDM

31-http://onlinestore.wacomps.com/index.php?
route=product/product&product_id=51

32-http://www.aztech.com/prod_adsl_dsl605e.htm

Page 62 of 62