Top-Down Network Design, 3rd ed, includes review questions

Top-Down Network Design, 3rd edition, is shipping! In many ways, updating a book is harder than writing it, so I'm very grateful for the help of the professionals at Pearson Education (Cisco Press) and my technical editors, Keith Nabozny and Joe Wilson.

One goal for writing a 3rd edition was to make the book a good textbook. It started life as a popular book for professionals but took on a life of its own in academia. I've heard from professors all over the world who use it in CS or engineering classes. It's a good fit for a career-oriented college that has a couple of basic networking classes that can serve as pre-reqs.

The most fun thing about writing this edition was adding review questions and design scenarios at the end of every chapter for readers to practice their network design skills. I hope students, professors, and professional network engineers find these additions helpful.

Petroleum Engineers Should Learn from Network Engineers

I'm going to go out on a limb and say that an Internet disaster of the same magnitude as the BP oil spill is unlikely. To hedge my bet, I'm also going to say that if it does happen, the Internet will recover quickly, within hours or even minutes. The disaster won't linger for months like it appears posed to do on the Gulf Coast of the U.S.

I'll add one more caveat. The BP disaster is regional, mostly just affecting the Gulf Coast states. The Internet is global. I think a global Internet outage that lasts more than a few hours is unlikely. A regional outage is more likely, but if it happens, it won't affect the entire Southeast U.S., and recovery will be quick, within hours, especially in metropolitan areas.

What do network engineers do differently than petroleum engineers?

• Provide extensive redundancy, with parallel links between all major components (see the network design from Cisco in the picture as an example)
• Aim for 99.999% uptime (that's only five minutes of downtime per year)
• Assume there will be hardware and software failures, and design for sub-second failover to a redundant path when a failure occurs
• Assume there will be incessant security attacks from malware, viruses, Trojan horses, port scans, etc., and build systems to protect the network from these attacks
• Build diversity into the system so that a software bug or virus breakout is contained to one vendor's equipment and doesn't affect the entire system
• Build heterogeneity into the system so that the Internet is not owned or managed by a single company
• When low cost is more important than redundancy, which is true for some situations, avoid using the network for applications that can fail in such a way that people, birds, and turtles die horrible deaths, and hundreds of workers lose their jobs
• Design and build disaster recovery systems, and practice using them
• Continually research better ways to design and build networks for high availability, security, scalability, performance, efficiency, and accuracy, using a top-down approach that puts users before technology
• Move around bits and packets, not huge volumes of oil under tremendous pressure :-)

I said that an Internet disaster of the same magnitude as the BP oil spill is unlikely, but I also said I was going out on a limb saying this. Am I too optimistic? Do we really have enough redundancy and fail safes? Do we have enough diversity? Do we too often cut corners to save money, as it seems that BP did? If a major Internet outage occurs, will it be caused by a software bug, a hardware failure, or a security breach, and what steps will we take to recover quickly?

What do you think? Please comment. Thank you.

Using the USB Console Port on Cisco Switches and Routers

Many newer Cisco switches and routers support a USB console port in addition to the old-fashioned RJ-45 serial console port. For example, the Catalyst 2960-S switch has a mini type-B USB console port on its front plate as can be seen in the picture.

Any USB cable that has a standard type-A USB connector on one end and a mini type-B connector on the other end should work. If you wish to purchase a Cisco cable, the part number is CAB-CONSOLE-USB.

Steps for Using the USB Console Port

To use the USB console port from a Windows computer, you need to download and install a driver. Follow these instructions to do so:

1. Go to the Download Software page for branch routers here: http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=282770989.
2. CCO login is required. After logging in, you will be redirected to the Download Software page.
3. From the Download Software page, go to Cisco 3900 Series Integrated Services Routers.
4. From there go to Cisco 3945 Integrated Services Router.
5. Then go to USB Console Software.
6. Download the zipped file and unzip it.
7. The zipped file includes a README.pdf file. Follow the instructions in the README to install the driver. For Windows XP use the Windows_32 instructions.
8. Connect your USB cable from a USB port on your PC to the USB port on your router or switch. Windows automatically looks up the right driver to use.
9. Launch Putty or HyperTerminal and select the right COM port for the USB port you are using. For example, on some laptops the USB port closest to the front is COM5.
10. Use 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control (the usual settings for Cisco devices). NOTE: Some new switches and routers are shipping with 115200 as the default baud rate. If 9600 doesn't work, try 115200.

To use the USB console port from Mac OS X:

1. Install ZTerm from here http://homepage.mac.com/dalverson/zterm/.
2. Connect your USB cable from a USB port on your Mac to the USB port on your router or switch.
3. Launch ZTerm. ZTerm automatically recognizes that it should use the usbmodem1 port.
4. Use 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control (the usual settings for Cisco devices). NOTE: Some new switches and routers are shipping with 115200 as the default baud rate. If 9600 doesn't work, try 115200.

Console Input and Output and the Inactivity Timer

Console output appears on devices connected to both the RJ-45 and the USB ports. This can come in handy when two engineers wish to work on a problem together. For example, one engineer can be local with a laptop connected to USB and one engineer can be remote with a laptop coming in via Reverse Telnet through a terminal server to the RJ-45 console port. Only one engineer can input commands, however, the engineer connected via USB.

Console input is active on only one port at a time. If the USB port is in use, it takes input. A problem can occur if a user leaves a computer connected via USB. Input via RJ-45 is disabled in this case. It’s a good idea to configure a USB inactivity timeout to avoid this problem. The timeout causes USB input to be disabled if there’s no activity detected after a configurable timer. When the timer expires, the RJ-45 console becomes active.

To set the USB inactivity timeout to 30 minutes, in configuration mode, type these commands.

line console 0
usb-inactivity-timeout 30

If you need to reactivate USB input after the RJ-45 port takes over, simply disconnect and reconnect the USB cable.

On Engineers, Tight Coupling, and Time

Today is our wedding anniversary. Last year I wrote about meeting my engineer hubby. This year, I'd like to say a few words about being married to an engineer. I highly recommend it! There are many advantages:

• Your anniversary present might be a strange electronic device, such as the Time Machine shown in the picture above. This creation of my husband's even sort of worked! Well at least it flashed the light bulbs.
  
• The engineer's motto is, "If it ain't broke, don't fix it." Your engineer spouse will stick around if the marriage is working.
  
• The marriage works as long as you let your spouse spend hours tinkering with gadgets and you initiate the occasional physical-layer test to see if all components are still functional.
  
• When you're married to an engineer, new toys arrive frequently, including iBooks, iPods, iPhones, iPads, and other iFads.
  
• You will have a cool home-entertainment system.
  
• Said cool home-entertainment system will even work some of the time and you will get much entertainment from comparing its design to a Rube Goldberg sculpture.
  
• Engineers can cook! My husband is a gourmet cook.
  
• Dinner is always on time. (Don't expect to get away with saying you are too busy playing with a new iPad to come to dinner.)
  
• Dinner-table talk can range from IPv6 to the odds of there being extraterrestrial civilizations to how DNA transcription works.
  
• Engineers make lots of money and invest it well, despite many expenditures for gadgets and fixes for the Rube-Goldberg-like home-entertainment system.
  
• An engineer will figure out how your body works and enjoy its many features.
  
• If you marry an engineer, he or she may really get a time machine working at some point. This is a good thing because you will want to spend lots of time with your engineer spouse.
  
• Given time, you will realize you wouldn't wear the jewelry that a non-engineer would give as an anniversary present anyway. It gets in the way of typing on your computer keyboard. :-)
  

Alan and Priscilla Oppenheimer Foundation sponsors first-ever Genomes, Environments, Traits (GET) Conference

ASHLAND, OR. -- April 22, 2010 -- The Alan and Priscilla Oppenheimer Foundation announced today that it will cosponsor the first-ever Genomes, Environments, Traits (GET) Conference at the Microsoft New England Research and Development Center in Cambridge, MA, on April 27th, 2010. The conference highlights the groundbreaking Personal Genome Project (PGP) which seeks to provide 100,000 participants with details of their own genome. Other conference sponsors include Microsoft, Procter & Gamble, Roche, Life Technologies Corporation, and Knome, a pioneer in the personal genomics field.

The GET Conference will provide a setting for leaders from diverse industries to share insights and experiences about personal genomics. Personal genomics is a branch of biology where an individual's genome is genotyped and analyzed using bioinformatics tools. It builds upon the work of the U.S. government's Human Genome Project, which decoded a generic human's DNA, by making it personal. Personal genomics promises to revolutionize how healthcare is delivered, enabling medical treatments and drugs to be personalized, based on an individual's unique DNA. It will also change forever how people learn about health risks, ancestry, paternity, and what makes them who they are.

Very few people have their own personal genome sequence, but with technology advancing and costs dropping quickly, that won't be true for long. According to the GET Conference webpage, the conference marks the last chance in history to collect everyone with a personal genome sequence on the same stage.

GET Conference 2010 speakers include:

James Watson, 1962 Nobel Prize winner for the discovery of the structure of DNA.

Henry Louis Gates, Jr., Director of the W. E. B. Du Bois Institute for African and African American Research at Harvard University.

Esther Dyson, technology journalist and entrepreneur, chair of EDventure Holdings, and board member of 23andMe and PersonalGenomes.org.

George Church, Professor of Genetics, Harvard Medical School, founder of the PGP, and chairman of PersonalGenomes.org, a 501(c)(3) charitable organization that supports the PGP. Proceeds from the GET Conference 2010 will support PersonalGenomes.org.

"We are thrilled to be cosponsoring the GET Conference along with much bigger organizations such as Roche and Proctor & Gamble," said Priscilla Oppenheimer, secretary/treasurer of the Alan and Priscilla Oppenheimer Foundation. "We've been a supporter of the PGP since our founding in 2007."

In 2008, the Alan and Priscilla Oppenheimer Foundation developed an online study guide to help people participate in the PGP. Those who wish to enroll must pass an entrance exam that tests genetics literacy, informed consent expertise, and knowledge about the rights and responsibilities of human research subjects. The passing score is 100%. The PGP Study Guide helps potential enrollees pass the exam. It is available at PGPstudy.org.

Information about the GET Conference can be found at www.getconference.org. Information about the Alan and Priscilla Oppenheimer Foundation can be found at www.oppenheimerfoundation.org.


The Alan and Priscilla Oppenheimer Foundation is a 501(c)(3) private operating foundation based in Ashland, Oregon that seeks to advance humanity through scientific research and education. The foundation can be reached at info@oppenheimerfoundation.org.

iPad vs. Kindle: Both Winners!

People keep asking me if I will give up my Kindle now that I have an iPad. Well, actually I don't have an iPad yet. My husband bought one, but I have been able to tear it out of his hands some. In fact I'm typing this blog post on it. (The keyboard is not easy to use, by the way. Don't plan on giving up your Mac.) Back to the Kindle, I don't plan on giving it up either, and the main reason is that it is quite a bit smaller and lighter than the iPad. (I have the small Kindle.) It's just right for "sleep reading." I'm an avid reader, but I admit to often dozing after an hour or so of reading, with the Kindle on my lap or next to me in bed. Also the Kindle screen is easier on the eyes. My eyes dry out after using the iPad for a while.

Despite all this, I love the iPad. Web sites are gorgeous on it. My favorite app is Art Authority. Art looks fantastic on it, especially modern art. I get into an almost meditative state and experience a peaceful joy, lasting hours, when I use Art Authority. Full disclosure: my husband and his colleagues developed Art Authority. I think it was a plot to get the wife to be quiet and happy. :-)

The Spanning Tree Algorithm for Beginners

A spanning tree is a subset of a network that reaches all nodes in the network and has no loops. The "nodes" are the red circles in the picture to the left. The spanning tree is the blue path through the network. Note that the path spans (reaches) all the nodes, but there's only one path to each node from any other node. There are no loops. It's a tree. Granted, this example makes it look like kind of a funny tree, but use your imagination.

The spanning tree algorithm converts a mesh network into a tree-shaped network. To understand a mesh network, think of the Los Angeles freeway system, with its numerous interconnected roads. To understand a tree, think of a real tree with a root and branches, but no interconnected, looped branches. Or think of an org chart (an upside down tree) or a file system on your computer that has directories, subdirectories, and files. Going back to the Los Angeles freeway system, to understand the spanning tree algorithm, think of yourself sitting at home in, let’s say Redondo Beach, trying to get to San Bernardino.

In the computer field, a mesh network has the advantages of backup links and multiple paths, in case a path goes down or gets as crowded as the 101 freeway during rush hour. But a mesh also has the disadvantage that data could reach the recipient more than once, which would be bad. So we need an algorithm that lets us build networks with redundancy but ensures that data travels a single path to arrive just once at the recipient. Some spanning tree algorithms also ensure that the data takes the shortest path, though that’s a particular type of spanning tree algorithm, a so-called minimum spanning tree algorithm.

It’s not accurate to say that Radia Perlman’s spanning tree algorithm is used on the Internet, which is a misconception that I see so often that it inspired me to write this blog post. The first few words of this beautifully-written blog, for example, are misleading. Dr. Perlman’s algorithm isn’t used to get data to Google, YouTube, etc., (well, unless you count once the data gets into Google or YouTube’s internal network.) Her algorithm is used inside enterprise networks to build a path to a recipient across a mesh network of interconnected Ethernet switches. Enterprise networks include the internal networks at corporations, universities, government agencies, ISPs, etc. (Note, that it’s used inside ISPs, not ISP-to-ISP, though).

Spanning tree algorithms are used in many aspects of computer science and were not invented by Radia Perlman. The first algorithm for finding a minimum spanning tree was developed by Czech scientist Otakar Borůvka in 1926 (see Borůvka's algorithm). Its purpose was an efficient electrical coverage of Moravia, a region in Central Europe. Spanning tree algorithms are used by routers too, not just switches, but not on the routers that connect the Internet (which run Border Gateway Protocol, which uses a distance-vector algorithm, not link-state and spanning tree). Oh dear, now I’m getting into jargon.

Here are some good resources regarding the spanning tree algorithm:

• Wikipedia’s article on minimum spanning trees is good.
  
• Wikipedia’s article on the particular spanning tree protocol that Radia Perlman invented for use on internal switched (bridged) networks is good too.
  
• Cisco's article on the rapid spanning tree protocol used by switches is a must-read for those of us in the networking field.
  
• I wrote about Radia Perlman last year for Ada Lovelace Day.
  
• Finally, be sure to read Dr. Perlman’s famous poem about spanning trees at the bottom of this terrific interview with her.
  

Ada Lovelace Day Hangover

I feel wiped out today. I only had one tiny glass of wine with my women friends, but I drank abundantly from the fountain of inspiration that was Ada Lovelace Day. I spent many hours reading hundreds of posts about terrific women in science and technology. Today I'm trying to make sense of it all. Here are a few insights I came up with:

• The shorter blogs were the best. Mine was too long. :-)
• Bullets are good.
• Attention spans are even shorter than they were last year when we celebrated Ada Lovelace Day. Are they going to keep getting shorter? What has Twitter done to us?
• Blogs that taught me something held my interest.
• The best blogs included pictures, videos, and personal stories.
• The most moving blogs were about multiple women and communities of women.
• Good writing matters. The blogs that I read from beginning to end were written by professional writers or people who blog frequently.

I made a list of my favorite blogs here:

• My favorite blog was an appeal to women from a male manager looking for programmers. He's an experienced writer and the writing in this post really moved me: http://www.jgc.org/blog/2010/03/appeal-to-unremarkable-women.html
  


• I like this next one because of its great use of graphics and portraits: http://www.spellboundblog.com/2010/03/24/ada-lovelace-day-portraits-of-women-in-technology/


• This is a nice wacky one about a German mathematician, Emily Noether, who lived near where I lived when I spent my junior year abroad in Germany at the University of Erlangen: http://thonyc.wordpress.com/2010/03/24/emmy-and-the-habilitation/


• I liked learning about Hypatia. I'd never heard of her: http://utterlyelastic.wordpress.com/2010/03/24/hypatia/


• Ada Fruit blogged about a woman once per hour! Ada Fruit is an interesting company that builds and sells DIY open source electronics equipment: http://www.adafruit.com/blog/


• This one is interesting because it's about a community of women in systems and because it comes from Turkey (most blogs were from Europe and the US): http://www.cmpe.boun.edu.tr/%7Ebayhan/AdaLovelaceDay2010.html

• Anita Borg's compendium here has a list of some really good blogs, including mine: http://anitaborg.org/news/archive/anita-borg-institute-and-friends-celebrate-ada-lovelace-day/


• This isn't really a blog, but Victoria Law's historiography is a terrific way to learn about Ada Lovelace: http://hubpages.com/hub/Historiography-of-Ada-Augusta-Lovelace


• This isn't a blog either, but it shows a video from a potluck un-conference hosted by Ada Lovelace Day founder and organizer, Suw Charman-Anderson. Thank you, Suw, for all your hard work making such a successful day! http://blog.findingada.com/blog/2010/03/25/video-ald10-potluck-unconference/

Melissa Hathaway: Internet Security Advocate

In honor of Ada Lovelace Day, today I am writing about a woman in technology. In particular, my topic for today is Melissa Hathaway, an Internet security expert. Melissa Hathaway serves as Senior Security Advisor for Cisco Systems and as Senior Advisor for the Belfer Center for Science and International Affairs at Harvard's John F. Kennedy School of Government. Ms. Hathaway has a B.A. degree from the American University in Washington, DC, and graduated from the U.S. Armed Forces Staff College with a special certificate in Information Operations.

In 2009, Ms. Hathaway worked in President Obama's administration as Acting Senior Director for Cyberspace for the National Security Council and the Homeland Security Council. In this role, she carried out an interagency review of cyber security plans, programs, and activities, providing an important link between the Bush and Obama administrations. During Bush's administration, Ms. Hathaway served as Senior Advisor to the Director of National Intelligence and as Cyber Coordination Executive. In August, 2009, Ms. Hathaway returned to the private sector where she is President of Hathaway Global Strategies, LLC.

If you made it through all those impressive titles and are still with me, I'd like to explain why I admire Ms. Hathaway. I admire her because, like our hero, Ada Lovelace, she's a good communicator and team player. To understand the importance of this, you need to understand the network security field.

OK, I'm not being politically correct here, but let's just come right out and say it: the network security field has generally been male-dominated with a pervasive attitude of cowboy one-up-manship. Many old-timers learned security on their own, spending countless Mountain Dew-powered hours working alone in a lab, tinkering with hardware firewalls, and penetration-testing corporate networks. You just need to read that phrase, penetration testing, to know that this was a male-dominated field.

Ms. Hathaway represents an evolution in the security field to a bigger focus on communications and collaboration. Her work to bridge the Bush and Obama administrations' security programs demonstrates that, as does her work during the Bush administration on the Comprehensive National Cybersecurity Initiative (CNCI), where she built consensus among nearly two dozen diverse organizations. You can read more about her work in that area in this IEEE interview.

To protect networks from attackers, security professionals need to collaborate with other stakeholders, which can include co-workers, business managers, other companies, and governments. They should share information about problems and solutions, think in terms of systems and policies, and understand users, not just hardware. Soft skills, often more associated with the Yin world of business than the Yang world of network security, are just as important as engineering skills.

An important area for collaboration (that is especially suited to Ms. Hathaway's background) is in the private/public interface. Despite all the talk about Cyber Czars and Internet security laws, most of the Internet is privately owned. Governments need to collaborate with businesses. Governments also need to work with other governments in an international push to avoid a cyber meltdown.

As an engineering instructor, I'm especially pleased when I hear Ms. Hathaway comment on the need for practical training for security professionals. Using terminology from government hiring practices (which hopefully will become more popular in industry as well), she talks about the need to understand the knowledge, skills, and abilities (KSAs) required of security practitioners, engineers, CIOs, and CSIOs.

In this video from Cisco, about 29 minutes in, I found myself cheering as she discussed the importance of on-the-job training that provides real-life practical exercises. She mentions, for example, lab exercises that might let learners deal with the Conficker worm in a simulated lab, or analyze an infected thumb drive, or configure protections from a distributed denial of service. She suggests that the exercises should also help students learn soft skills where they can practice responding to a security breach and communicating the problem to executives. In turn, executives should practice communicating about the problem to employees, customers, and governments.

Ms. Hathaway also talks about the importance of telling stories, certainly a tried-and-true method of education. She suggests explaining cyber security in simple terms, helping people understand that online shopping could be affected by an attack, for example. Ms. Hathaway is skilled at helping the layperson understand security risks, as can be seen in this paper she wrote about the five myths of cyber security.

In summary, I feel privileged to have this opportunity to blog about a modern technical woman, a person who demonstrates some of the same skills that Ada Lovelace had, and who continues to persevere in a male-dominated field (though that is changing!) in her essential role as an Internet security advocate.

Computer Engineer Barbie!

Hooray for Mattel. They unveiled a new Barbie who is a computer engineer! They held a contest for people to vote on a new career for Barbie. Alas, girls voted for news anchor. Luckily, many women (and men) in tech fields put out a call to vote for computer engineer. We flooded the election and won the popular vote! So Mattel is going to make both.

They seem to have gotten it right. Her t-shirt has binary code on it and something else that's hard to see. Let's hope it's a network topology drawing. She also has a bluetooth headset and smart phone. The pink laptop is cute. Let's hope it's a Mac!

Amazon Kindle Works for Me

Look what Santa brought me! I'm very pleased with my new Kindle. I got the 6 inch one, which feels just right. It's 10.2 ounces but feels even lighter. The screen is easy to see. I've used the dictionary and search features and found them helpful. I like the "screen saver": a photo of a different author displays each time you turn off the Kindle. I can store 1500 books and use the Kindle for up to a week on a single charge. The 3G Wireless is fast, letting me download books in seconds. I can also put books (and PDFs) onto it via USB.

The only negatives for me are that the Next Page button is a little hard to push (it's a physical button that needs a considerable push from my wimpy thumb) and the flash that occurs when you go to the next page is annoying. The built-in Kindle User's Guide says the flash is part of the electronic ink replacement process. OK, but I still think it's (if not a bug) at least the opposite of a feature. The Text-to-Speech sounds artificial, no surprise there, and mangles foreign words. But that's OK. I want to read, not listen.

The first book I got, Midnight in Madrid, was free! I like the book. I don't typically read crime novels, but this one is engaging with a cool female protagonist who could be me if I kept my forensics career going and could still wear a red bikini.

In general, the Kindle works for me. It will keep me from buying more bookcases, which will make Santa (my husband) happy. It will let me engage in my favorite hobby (reading) without killing more trees. And of most importance, it passes the "Sunday afternoon test," whereby I doze on the couch while "reading" when Santa is busy watching football.