The Pros and Cons of Tower, Rack, and Blade Servers

The Pros and Cons of Tower, Rack, and Blade Servers

There are three main choices when it comes to buying a new server: tower, rack, or blade. Here are some of the pros and cons about each kind of server.

Tower servers :-

Tower Server

Tower servers seem dated and look more like desktops than servers, but these servers can pack a punch. In general, if you have a lot of servers, you’re probably not using a bunch of tower servers, because they can take up a lot of space and are tough to physically manage since you can’t easily stack them on one another. In some cases as organizations grow and move to rack servers, conversion kits can be purchased to turn a tower server into a rack-mount server.

As implied, tower servers are probably found more often in smaller environments than anywhere else, although you might find them in point solutions in larger places.

Tower servers are generally on the lower end price-wise, although they can expand pretty decently and become really expensive.Tower servers take up a lot of space and require individual monitors, keyboards, and mice or a keyboard, video, mouse (KVM) switch that allows them to be managed with a single set of equipment. In addition, cabling can be no fun, especially if you have a lot of network adapters and other I/O needs. You’ll have cables everywhere.


Rack servers :-

Rack Server

If you run a data center of any reasonable size, you’ve probably used a lot of industry standard 19″ wide rack servers. Sized in Us (which is a single 1.75″ rack unit), rack servers can range from 1U “pizza boxes” to 5U, 8U, and more. In general, the bigger the server, the more expansion opportunities are available.

Rack servers are extremely common and make their home inside these racks along with other critical data center equipment such as backup batteries, switches, and storage arrays. Rack servers make it easy to keep things neat and orderly since most racks include cable management of some kind. However, rack servers don’t really simplify the cabling morass since you still need a lot of cabling to make everything work — it’s just neater. I once worked in a data center in which I had to deploy 42 2U Dell servers into three racks. Each server had to have dual power cables, keyboard, video, and mouse cables and six (yes, six) network cables (six colors with each color denoting a specific network). It was a tough task to keep the cabling under control, to put it mildly. Because everything was racked, there was built-in cable management that made this easier.

Like tower servers, rack servers often need KVM capability in order to be managed, although some organizations simply push a monitor cart around and connect to video and USB ports on the front of the server so that they don’t need to worry about KVM.Rack servers are very expandable; some include 12 or more disks right in the chassis and support for four or more processors, each with multiple cores. In addition, many rack servers support large amounts of RAM, so these devices can be computing powerhouses.


Blade servers :-

Blade Server

There was a day when buying individual blade servers meant trading expansion possibilities for compactness. Although this is still true to some extent, today’s blade servers pack quite a wallop. I recently purchased a half-height Dell M610 blade server with 96 GB of RAM and two six-core processors.

There is still some truth to the fact that blade servers have expansion challenges when compared to the tower and rack-based options. For example, most tower servers have pretty significant expansion options when it comes to PCI/PCI Express slots and more disk drives. Many blade servers are limited to two to four internal hard drives, although organizations that use blade servers are likely to have shared storage of some kind backing the blade system.

Further, when it comes to I/O expansion options, blade servers are a bit limited by their lack of expansion slots. Some blade servers boast PCI or PCI Express expansion slots, but for most blade servers, expansion is achieved through the use of specially designed expansion cards. In my case, the Dell M600 and M610 blades have three mezzanines. The first mezzanine consists of dual Gigabit Ethernet adapters. The remaining mezzanines are populated based on organizational need. The blade server doesn’t have quite the I/O selection of other server form factors, it’s no slouch, either.

When raw computing power and server density is the key drive, blade servers meet the need. For example, I have a 10U Dell M1000e blade chassis that can support up to 16 servers. So, each server uses the equivalent of 0.625U of rack space. On top of that, the blade chassis holds four gigabit Ethernet switches and two Fibre Channel switches, so there is additional rack space savings since I don’t need to rack mount these devices to support different connectivity options. In addition, the blade chassis has a built-in KVM switch so I don’t need to buy a third party and cable it up.

Speaking of cabling, a blade environment generally has much less of it than tower or rack environments since a lot of the connectivity is handled internally. You’ll end up with a neater server room as a result.

Another point is adding a new server consists of simply sliding it into an available slot in the chassis. There is no need to rack a new server and deal with a bunch of new cabling. This small size makes heat dissipation a challenge. Blade chassis can put out a lot of heat.

From a cost perspective, blade servers require some initial infrastructure, such as the chassis, so the upfront cost is often higher than for servers of other types.


Bottom line :-

If you need one or two servers, a tower solution probably makes sense. If you need three to 24 servers or massive scalability, then rack servers are for you. When you go need more than 24 servers, I advise you to consider a blade solution to meet your data center needs.

*******************************

OSI Model (Open System Interconnection Model) Concepts...

The OSI (Open System Interconnection) model was developed by the International Organization for Standardization (ISO) as a guideline for developing standards to enable the interconnection of dissimilar computing devices. It is important to understand that the OSI model is not itself a communication standard. In other words, it is not an agreed-on method that governs how data is sent and received; it is only a guideline for developing such standards.

The OSI, or Open System Interconnection, model defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.

Seven Layers/Standards of the OSI Model :-

Seven Layers of the OSI Model

Layer 1 - Physical Layer :-
Physical layer defines the cable or physical medium itself, e.g., thinnet, thicknet, unshielded twisted pairs (UTP). All media are functionally equivalent. The main difference is in convenience and cost of installation and maintenance. Converters from one media to another operate at this level.

Functions :-

• Transmits raw bit stream over physical cable.
• Defines cables, cards, and physical aspects.
• Defines NIC attachments to hardware, how cable is attached to NIC.
• Defines techniques to transfer bit stream to cable.

Protocols :-
IEEE 802
IEEE 802.2
ISO 2110
ISDN


Layer 2 - Data Link Layer (LLC and MAC) :-
Data Link layer defines the format of data on the network. A network data frame, aka packet, includes checksum, source and destination address, and data. The largest packet that can be sent through a data link layer defines the Maximum Transmission Unit (MTU). The data link layer handles the physical and logical connections to the packet's destination, using a network interface. A host connected to an Ethernet would have an Ethernet interface to handle connections to the outside world, and a loopback interface to send packets to itself.

Ethernet addresses a host using a unique, 48-bit address called its Ethernet address or Media Access Control (MAC) address. MAC addresses are usually represented as six colon-separated pairs of hex digits, e.g., 8:0:20:11:ac:85. This number is unique and is associated with a particular Ethernet device. Hosts with multiple network interfaces should use the same MAC address on each. The data link layer's protocol-specific header specifies the MAC address of the packet's source and destination. When a packet is sent to all hosts (broadcast), a special MAC address (ff:ff:ff:ff:ff:ff) is used.

Functions :-

• Turns packets into raw bits 100101 and at the receiving end turns bits into packets.
• Handles data frames between the Network and Physical layers.
• The receiving end packages raw data from the Physical layer into data frames for delivery to the Network layer.
• Responsible for error-free transfer of frames to other computer via the Physical Layer.
• This layer defines the methods used to transmit and receive data on the network. It consists of the wiring, the devices use to connect the NIC to the wiring, the signaling involved to transmit / receive data and the ability to detect signaling errors on the network media.

Protocols :-
a) Logical Link Control (LLC)
i. Error correction and flow control
ii. Manages link control and defines SAPs
802.1 OSI Model
802.2 Logical Link Control

b) Media Access Control (MAC)
i. Communicates with the adapter card.
ii. Controls the type of media being used.
802.3 CSMA/CD (Ethernet)
802.4 Token Bus (ARCnet)
802.5 Token Ring
802.12 Demand Priority


Layer 3 - Network Layer :-
NFS uses Internetwork Protocol (IP) as its network layer interface. IP is responsible for routing, directing datagrams from one network to another. The network layer may have to break large datagrams, larger than MTU, into smaller packets and host receiving the packet will have to reassemble the fragmented datagram. The Internetwork Protocol identifies each host with a 32-bit IP address. IP addresses are written as four dot-separated decimal numbers between 0 and 255, e.g., 129.79.16.40. The leading 1-3 bytes of the IP identify the network and the remaining bytes identifies the host on that network. The network portion of the IP is assigned by InterNIC Registration Services, under the contract to the National Science Foundation, and the host portion of the IP is assigned by the local network administrators. For large sites, the first two bytes represents the network portion of the IP, and the third and fourth bytes identify the subnet and host respectively. Even though IP packets are addressed using IP addresses, hardware addresses must be used to actually transport data from one host to another. The Address Resolution Protocol (ARP) is used to map the IP address to it hardware address.

Functions :-

• Translates logical network address and names to their physical address (e.g. computername ==> MAC address).
• Responsible for addressing, determining routes for sending and managing network problems such as packet switching, data congestion and routing.
• If router can’t send data frame as large as the source computer sends, the network layer compensates by breaking the data into smaller units. At the receiving end, the network layer reassembles the data.

Protocols :-
IP
ARP
RARP
ICMP
RIP
OSFP
IGMP
IPX
NWLink
NetBEUI
OSI
DDP
DECnet


Layer 4 - Transport Layer :-
Transport layer subdivides user-buffer into network-buffer sized datagrams and enforces desired transmission control. Two transport protocols, Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), sits at the transport layer. Reliability and speed are the primary difference between these two protocols. TCP establishes connections between two hosts on the network through 'sockets' which are determined by the IP address and port number. TCP keeps track of the packet delivery order and the packets that must be resent. Maintaining this information for each connection makes TCP a stateful protocol. UDP on the other hand provides a low overhead transmission service, but with less error checking. NFS is built on top of UDP because of its speed and statelessness. Statelessness simplifies the crash recovery.

Functions :-

• Additional connection below the session layer.
• Manages the flow control of data between parties across the network.
• Divides streams of data into chunks or packets; the transport layer of the receiving computer reassembles the message from packets.
• A train is a good analogy => the data is divided into identical units.
• Provides error-checking to guarantee error-free data delivery, with on losses or duplications
• Provides acknowledgment of successful transmissions; requests retransmission if some packets don’t arrive error-free.
• Provides flow control and error-handling.

Protocols :-
TCP
ARP
RARP
SPX
NWLink
NetBIOS / NetBEUI
ATP
UDP
DCCP


Layer 5 - Session Layer :-
The session protocol defines the format of the data sent over the connections. The NFS uses the Remote Procedure Call (RPC) for its session protocol. RPC may be built on either TCP or UDP. Login sessions uses TCP whereas NFS and broadcast use UDP.

Functions :-

• Establishes, maintains and ends sessions across the network.
• Responsible for name recognition (identification) so only the designated parties can participate in the session.
• Provides synchronization services by planning check points in the data stream => if session fails, only data after the most recent checkpoint need be transmitted.
• Manages who can transmit data at a certain time and for how long.
• Examples are interactive login and file transfer connections, the session would connect and re-connect if there was an interruption; recognize names in sessions and register names in history.

Protocols :-
NetBIOS
Names Pipes
Mail Slots
RPC
SAP
L2TP
PPTP
SPDY

Layer 6 - Presentation Layer :-
External Data Representation (XDR) sits at the presentation level. It converts local representation of data to its canonical form and vice versa. The canonical uses a standard byte ordering and structure packing convention, independent of the host.

Functions :-

• Translates from application to network format and vice-versa.
• All different formats from all sources are made into a common uniform format that the rest of the OSI model can understand.
• Responsible for protocol conversion, character conversion,data encryption / decryption, expanding graphics commands, data compression.
• Sets standards for different systems to provide seamless communication from multiple protocol stacks.
• Not always implemented in a network protocol.

Protocols :-
MIME
XDR
TLS
SSL

Layer 7 - Application Layer :-
Provides network services to the end-users. Mail, ftp, telnet, DNS, NIS, NFS are examples of network applications.

Functions :-

• Used for applications specifically written to run over the network.
• Allows access to network services that support applications.
• Directly represents the services that directly support user applications.
• Handles network access, flow control and error recovery.
• Example apps are file transfer,e-mail, NetBIOS-based  applications.

Protocols :-
FTAM
DNS
FTP
TFTP
BOOTP
SNMP
RLOGIN
SMTP
MIME
NFS
FINGER
TELNET
NCP
APPC
AFP
SMB

Quick View at the Functions of the layers 

Network Communications through the OSI Model :-

Network Communications through the OSI Model. Some info. is added at every layer into the data known as "HEADERS"

The figure represents two networked computers. They are running identical operating systems and applications and are using identical protocols (or rules) at all OSI layers. Working in conjunction, the applications, the OS, and the hardware implement the seven functions described in the OSI model.

Each computer is also running an e-mail program that is independent of the OSI layers. The e-mail program enables the users of the two computers to exchange messages. Our figure represents the transmission of one brief message from Sam to Charlie.

The transmission starts when Sam types in a message to Charlie and presses the "send" key. Sam's operating system appends to the message (or "encapsulates") a set of application-layer instructions (OSI Layer 7) that will be read and executed by the application layer on Charlie's computer. The message with its Layer 7 header is then transferred to the part of the operating system that deals with presentation issues (OSI Layer 6) where a Layer 6 header is appended to the message. The process repeats through all the layers until each layer has appended a header. The headers function as an escort for the message so that it can successfully negotiate the software and hardware in the network and arrive intact at its destination.

When the data-link-layer header is added at Layer 2, the data unit is known as a "frame." The final header, the physical-layer header (OSI Layer 1) tells the hardware in Sam's computer the electrical specifics of how the message will be sent (which medium, at which voltage, at which speed, etc.). Although it is the final header to be added, the Layer 1 header is the first in line when the message travels through the medium to the receiving computer.

When the message with its seven headers arrives at Charlie's computer, the hardware in his computer is the first to handle the message. It reads the instructions in the Layer 1 header, executes them, and strips off the header before passing the message to the Layer 2 components. These Layer 2 components execute those instructions, strip off the header, and pass the message to Layer 3, and so on. Each layer's header is successively stripped off after its instructions have been read so that by the time the message arrives at Charlie's e-mail application, the message has been properly received, authenticated, decoded, and presented.

***************************

Five tips for faster remote network troubleshooting

Five tips for faster remote network troubleshooting

Network Troubleshooting :P

Network troubleshooting can be a nightmare, since so many things can go wrong. Do you start at the client end or the server end? Is the problem a cable, connection, switch, router, or bad password? The possibilities seem limitless. Every network administrator knows a few tricks, but having a short list of tips to start from can make the tasks of network troubleshooting far easier.

Here are some ways network troubleshooting can be made faster and more standardized. I’ll focus on smaller clients, which make up the bulk of support customers. Since every network is different, not every trick will work every time. But taking a systematic approach should help you zero in on the problem.


1) Start with the client machine :-

When someone reports a network issue, the logical place to start is with his or her machine. I know this sounds like common sense, but I’m always surprised at how many administrators I know who immediately jump to the server when a problem is reported. The process can be made much easier if the first point of contact is the client machine. The first thing I always ask clients is whether they can access the outside world and/or the internal network. If they are unsure what I mean, I tell them to open up a Web browser and try to view Google.com. If they can see that, I ask them if the mapped drives they have on their machine can be accessed. The answers to these questions tell me exactly where I need to go first.


2) Narrow down the client problem :-

If the client’s machine can’t see the network, I try another client machine. If that second client machine can see the network, the problem is the first client machine. The next step is to make sure that machine is physically plugged into the network. If it is, I will try the wireless network (to rule out hardware issues) and/or reboot into Safe Mode (With Networking) to rule out infection. If nothing seems to be amiss on the client machine, I will bring in a laptop and plug it into their network drop to make sure it isn’t a jack or cabling issue. If the problem is isolated to a single client, and the problem is wireless, I’ll make sure the client’s machine has wireless turned on. Most laptops can turn off wireless to conserve battery power. I can’t tell you how many times this alone has been the issue.


3) Reboot switches and modems :-

The next step in chasing down the issue — while still avoiding the server — is to assume the problem could be a switch. If the client machine is in working condition, and a new machine can’t access the network from the client’s network drop, the issue is somewhere beyond the jack. So I check the switches, routers, and modems. This tends to work well for smaller clients on cable or DSL. This step is also handy when troubleshooting network issues over the phone. Instruct your client to reboot (or power cycle) the modem, router, and switch. Then, check connectivity again. If it still doesn’t work, have the client do it again but include a reboot of the computer (in case the issue is with DHCP). If that doesn’t work (after all else has failed), the problem is most likely with their provider. Either call the provider yourself or have the client call. If the provider reports all is fine, it’s time to dig a bit deeper.


4) Turn to the server :-

If no one in the company can access the LAN (as well as the WAN), the server will have to take focus. This is especially true if the server handles DHCP and/or DNS. Now the big issue is that you’re not on site, and your clients most likely don’t know their way around a server - so your task (as insurmountable as it might seem) is to have them be your eyes and fingers. First, have them log into the server, open up a browser, and try to hit Google.com. If they can’t, it’s time to dig into the server. If your clients are adept enough at following instructions, you can walk them through disabling and enabling a network interface (which will probably have to be done twice — once for the internal and once for the external network interfaces). After the network interfaces have been re-enabled, have them try to see the network from a desktop machine. If that doesn’t work, it’s time to get serious.


5) Reboot the server :-

This is the last ditch effort to get the network up and running before you have to arrange to be on site. Start by asking the client to make sure nobody is connected to the server. I would even go so far as to have all clients shut down their machines (if the company is small). Once you are sure everything is okay, remind the client the server will take anywhere from 15 to 30 minutes to reboot (unless the server is an Apple or Linux server). After the server has finally rebooted, have the client restart a single desktop machine and try again. At this point, if the client still can’t see the network, it’s time for you to fuel up the car and head over there.

**********************

Brief explanation about IPv6 and Comparison IPv4 vs. IPv6

Internet Protocol Version 6 (IPv6) or IP next generation (IPng)

IPv6 or IPng

IPv6 stands for Internet Protocol version 6 also known as IPng (IP next generation) is the second version of the Internet Protocol to be used generally across the virtual world. The first version was IPv4. IPv6 was designed to take an evolutionary step from IPv4. It was not a design goal to take a radical step away from IPv4. Functions which work in IPv4 were kept in IPv6. Functions which didn’t work were removed. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated IPv4 address exhaustion, and is described in Internet standard document RFC 2460, published in December 1998. Like IPv4, IPv6 is an Internet Layer protocol for packet-switched internetworking and provides end-to-end datagram transmission across multiple IP networks. While IPv4 allows 32 bits for an Internet Protocol address, and can therefore support 2^32 (4,294,967,296) addresses, IPv6 uses 128-bit addresses, so the new address space supports 2^128 (approximately 340 undecillion or 3.4×1038) addresses. This expansion allows for many more devices and users on the internet as well as extra flexibility in allocating addresses and efficiency for routing traffic. It also eliminates the primary need for network address translation (NAT), which gained widespread deployment as an effort to alleviate IPv4 address exhaustion.

The changes from IPv4 to IPv6 fall primarily into the following categories :-

1) Expanded Routing and Addressing Capabilities

2) IPv6 increases the IP address size from 32 bits to 128 bits, to support more levels of addressing hierarchy and a much greater number of addressable nodes, and simpler auto-configuration of addresses.

3) The scalability of multicast routing is improved by adding a “scope” field to multicast addresses.

4) A new type of address called a “anycast address” is defined, to identify sets of nodes where a packet sent to an anycast address is delivered to one of the nodes. The use of anycast addresses in the IPv6 source route allows nodes to control the path which their traffic flows.

5) Header Format Simplification

6) Some IPv4 header fields have been dropped or made optional, to reduce the common-case processing cost of packet handling and to keep the bandwidth cost of the IPv6 header as low as possible despite the increased size of the addresses. Even though the IPv6 addresses are four time longer than the IPv4 addresses, the IPv6 header is only twice the size of the IPv4 header.

7) Improved Support for Options

8) Changes in the way IP header options are encoded allows for more efficient forwarding, less stringent limits on the length of options, and greater flexibility for introducing new options in the future.

9) Quality-of-Service Capabilities

10) A new capability is added to enable the labeling of packets belonging to particular traffic “flows” for which the sender requests special handling, such as non-default quality of service or “real- time” service.

11) Authentication and Privacy Capabilities

12) IPv6 includes the definition of extensions which provide support for authentication, data integrity, and confidentiality. This is included as a basic element of IPv6 and will be included in all implementations.

13) The IPv6 protocol consists of two parts, the basic IPv6 header and IPv6 extension headers.


-------------------------------------------------
IPv6 Header (IPv6 Packet Format) :-
-------------------------------------------------

IPv6 Header (IPv6 Packet Fromat)

IPv6 header contains the following things :-

1) Version - This field contains the version of the IP used in the packet. It is of 4-bit in IP version 6.

2) Traffic class - This is an 8-bits field determining the packet priority. Priority values subdivide into ranges: traffic where the source provides congestion control and non-congestion control traffic.

3) Flow label - This 20 bits specifies the QoS management. Originally created for giving real-time applications special service, but currently unused.

4) Payload length - This 16 bits determines the payload length in bytes. When cleared to zero, the option is a "Jumbo payload" (hop-by-hop).The payload can have a size of up to 64KB in standard mode, or larger with a "jumbo payload" option.

5) Next header - This 8-bits field specifies the next encapsulated protocol. The values are compatible with those specified for the IPv4 protocol field.

6) Hop limit - This is an 8-bits field newly introduced in IPv6. It replaces the time to live field of IPv4.

7) Source Address - This 128 bits field determines the logical address of the host that is sending the packet.

8) Destination Address - This 128 bits field determines the logical address of the host that is receiving the packet.


---------------------------
Addressing in IPv6 :-
---------------------------

The most important feature of IPv6 is a much larger address space than in IPv4. IPv6 addresses are 128 bits long, compared to only 32 bits previously. While the IPv4 address space contains only about 4.3×10^9 (4.3 billion) addresses, IPv6 supports approximately 3.4×10^38 (340 undecillion) unique addresses, deemed enough for the foreseeable future.

IPv6 addresses are written in eight groups of four hexadecimal digits separated by colons, for example, 2001:0db8:85a3:0000:0000:8a2e:0370:7334. IPv6 addresses are logically divided into two parts: a 64-bit (sub-)network prefix, and a 64-bit interface identifier.

IPv6 addresses are classified by three types of networking methodologies:
Unicast address : It identify each network interface
Anycast addresses : It identify a group of interfaces, usually at different locations of which the nearest one is automatically selected
Multicast addresses : They are used to deliver one packet to many interfaces.

IPv6 in the Domain Name System:
In the Domain Name System, hostnames are mapped to IPv6 addresses by AAAA resource records, so-called quad-A records. For reverse resolution, the IETF reserved the domain ip6.arpa, where the name space is hierarchically divided by the 1-digit hexadecimal representation of nibble units (4 bits) of the IPv6 address. This scheme is defined in RFC 3596.

Address Format:
IPv6 addresses have two logical parts: a 64-bit network prefix, and a 64-bit host address part. (The host address is often automatically generated from the interface MAC address.) An IPv6 address is represented by 8 groups of 16-bit hexadecimal values separated by colons (:) shown as follows:

A typical example of an IPv6 address is
2001:0db8:85a3:0000:0000:8a2e:0370:7334

The hexadecimal digits are case-insensitive.

The 128-bit IPv6 address can be abbreviated with the following rules:
* Rule one: Leading zeroes within a 16-bit value may be omitted. For example, the address fe80:0000:0000:0000:0202:b3ff:fe1e:8329 may be written as fe80:0:0:0:202:b3ff:fe1e:8329
* Rule two: A single occurrence of consecutive groups of zeroes within an address may be replaced by a double colon. For example, fe80:0:0:0:202:b3ff:fe1e:8329 becomes fe80::202:b3ff:fe1e:8329

Special Addressing in IPv6:
* ::/96 :- The zero prefix denotes addresses that are compatible with the previously used IPv4 protocol.

* ::/128 :- An IPv6 address with all zeroes in it is referred to as an unspecified address and is used for addressing purposes within a software.

* ff00::/8 :- This prefix is offered by IPv6 to denote the multicast addresses. Any address carrying this prefix is automatically understood to be a multicast address.

* fe80::/10 :- This is a link-local prefix offered by IPv6. This address prefix signifies that the address is valid only in the local physical link.


-------------------------------
IPv6 Security (IPSec) :-
-------------------------------

IPSec, is a framework of open standards (from IETF) that define policies for secure communication in a network.

Some security services offered by IPSec are:
* access control,
* connectionless integrity,
* data origin authentication,
* protection against replays (a form of partial sequence integrity),
* confidentiality (encryption),
* limited traffic flow confidentiality.

IPSec supports:
* Data Encryption Standard (DES) 56-bit and Triple DES (3DES) 168-bit symmetric key encryption algorithms in IPSec client software.
* Certificate authorities and Internet Key Exchange (IKE) negotiation. IKE is defined in RFC 2409.
* Encryption that can be deployed in standalone environments between clients, routers, and firewalls.


------------------------------------------
Advantages of IPv6 over IPv4 :-
------------------------------------------

1) Adress Space :
* IPv4 : 2^32 Addresses.
* IPv6 : 2^128 Addresses.
* Advantage of IPv6 : 79 Octillion times the IPv4 address space.

2) Configuration :
* IPv4 : Manual or use DHCP.
* IPv6 : Universal Plug and Play (UPnP) with or without DHCP.
* Advantage of IPv6 : Lower Operation Expenses and reduce error.

3) Broadcast/Multicast :
* IPv4 : Uses both.
* IPv6 : No broadcast and has different forms of multicast.
* Advantage of IPv6 : Better bandwidth efficiency.

4) Anycast Support :
* IPv4 : Not part of the original protocol.
* IPv6 : Explicit support of anycast.
* Advantage of IPv6 : Allows new applications in mobility and data center.

5) Network Configuration :
* IPv4 : Mostly manual and labor intensive.
* IPv6 : Facilitate the re-numbering of hosts and routers.
* Advantage of IPv6 : Lower operation expenses and facilitate migration.

6) QoS Support :
* IPv4 : ToS using DIFFServ.
* IPv6 : Flow classes and flow labels.
* Advantage of IPv6 : More Granular control of QoS.

7) Security :
* IPv4 : Uses IPsec for Data packet protection.
* IPv6 : IPsec becomes the key technology to protect data and control packets.
* Advantage of IPv6 : Unified framework for security and more secure computing environment.

8) Mobilty :
* IPv4 : Uses Mobile IPv4.
* IPv6 : Mobile IPv6 provides fast handover, better router optimization and hierarchical mobility.
* Advantage of IPv6 : Better efficiency and scalability; Work with latest 3G mobile technologies and beyond.


-----------------------------------------------------------------------------------------
Comparison IPv4 vs. IPv6 / Difference Between IPv4 and IPv6 :-
-----------------------------------------------------------------------------------------

IPv4 :-
* Source and destination addresses are 32 bits (4 bytes) in length.
* IPSec support is optional.
* IPv4 header does not identify packet flow for QoS handling by routers.
* Both routers and the sending host fragment packets.
* Header includes a checksum.
* Header includes options.
* Address Resolution Protocol (ARP) uses broadcast ARP Request frames to resolve an IP address to a link-layer address.
* Internet Group Management Protocol (IGMP) manages membership in local subnet groups.
* ICMP Router Discovery is used to determine the IPv4 address of the best default gateway, and it is optional.
* Broadcast addresses are used to send traffic to all nodes on a subnet.
* Must be configured either manually or through DHCP.
* Uses host address (A) resource records in Domain Name System (DNS) to map host names to IPv4 addresses.
* Uses pointer (PTR) resource records in the IN-ADDR.ARPA DNS domain to map IPv4 addresses to host names.
* Must support a 576-byte packet size (possibly fragmented).


IPv6 :-
* Source and destination addresses are 128 bits (16 bytes) in length.
* IPSec support is required.
* IPv6 header contains Flow Label field, which identifies packet flow for QoS handling by router.
* Only the sending host fragments packets; routers do not.
* Header does not include a checksum.
* All optional data is moved to IPv6 extension headers.
* Multicast Neighbor Solicitation messages resolve IP addresses to link-layer addresses.
* Multicast Listener Discovery (MLD) messages manage membership in local subnet groups.
* ICMPv6 Router Solicitation and Router Advertisement messages are used to determine the IP address of the best default gateway, and they are required.
* IPv6 uses a link-local scope all-nodes multicast address.
* Does not require manual configuration or DHCP.
* Uses host address (AAAA) resource records in DNS to map host names to IPv6 addresses.
* Uses pointer (PTR) resource records in the IP6.ARPA DNS domain to map IPv6 addresses to host names.
* Must support a 1280-byte packet size (without fragmentation).

Linux / Unix Command: xhost (Little Networking on Linux)

Linux / Unix Command: xhost (Little Networking on Linux)

In contrast to the typical use of traditional "personal" computers, in Linux/Unix environments, working "on the network" has always been the norm, which explains the powerful networking features of Unix and Linux operating systems. You can easily connect to other computers and run graphical user interfaces over the network.

The key command is: xhost - the server access control program for X. The xhost program is used to add and delete host (computer) names or user names to the list of machines and users that are allowed to make connections to the X server. This provides a rudimentary form of privacy control and security.

Overview: Let's call the computer you are sitting at the "local host" and the computer you want to connect to the "remote host". You first use xhost to specify which computer(s) you want to give permission to connect to (the X-server of) the local host. Then you connect to the remote host using telnet. Next you set the DISPLAY variable on the remote host. You want to set this DISPLAY variable to the local host. Now when you start up a program on the remote host, its GUI will show up on the local host (not on the remote host).

Example of a Typical Use:-
Assume the IP address of the local host is 128.100.2.16 and the IP address of the remote host is 17.200.10.5. Depending on the network you are on, you may also be able to use the computer names (domain names) instead of the IP addresses.

Step 1. On the local host


Type the following at the command line:


% xhost + 17.200.10.5
< press return >


Step 2. Log on to the remote host


% telnet 17.200.10.5


Step 3. On the remote host (through the telnet connection)


Instruct the remote host to display windows on the local host by typing:


% setenv DISPLAY 128.100.2.16:0.0


at the command line. (Instead of setenv you may have to use export on certain shells.)


< press return >


Step 4. Now you can run software from the remote host.


E.g.: when you type % xterm on the remote host, you should see an xterm window on the local host.


Step 5. After You Finish


You should remove the remote host from your access control list as follows. On the local host type:


% xhost - 17.200.10.5 
< press return >

--------------------------------------------------------------------------------------------

Quick Reference - xhost
xhost + hostname: Adds hostname to X server access control list.
xhost - hostname: Removes hostname from X server access control list.
xhost + : Turns off acccess control (all remote hosts will have access to X server)
xhost - : Turns access control back on.


Important: Use the man command (% man) to see how a command is used on your particular computer.

How does the Facebook works ?? (Technologies and Tools FB using)

This article briefly explains about some of the tools and technologies FACEBOOK using today to make it more secure, fast, dynamic, reliable and efficient.......

Facebook Logo

So, How does the Facebook works or what technologies and tools it is using????

-->>For Front-End:-

Facebook uses a variety of services, tools, and programming languages to make up its core infrastructure. At the front end, their servers run a LAMP (Linux, Apache, MySQL, and PHP) stack with Memcache. Not a computer science expert? Let’s take a look at exactly what that means.

1) Linux and Apache(OS & Server):-

Linux & Apache

This part is pretty self-explanatory. Linux is a Unix-like computer operating system kernel. It’s open source, very customizable, and good for security. Facebook runs the Linux operating system on Apache HTTP Servers. Apache is also free and is the most popular open source web server in use.

2) PHP(Coding Language):-

PHP

Facebook uses PHP because it is a good web programming language with extensive support and an active developer community and it is good for rapid iteration. PHP is a dynamically 

typed/interpreted scripting language.

3) MySql(DBMS):-

MySql

For the database, Facebook utilizes MySQL because of its speed and reliability. MySQL is used primarily as a key-value store as data is randomly distributed amongst a large set of logical instances. These logical instances are spread out across physical nodes and load balancing is done at the physical node level.As far as customizations are concerned, Facebook has developed a custom partitioning scheme in which a global ID is assigned to all data. They also have a custom archiving scheme that is based on how frequent and recent data is on a per-user basis. Most data is distributed randomly.

4) Memcached(Caching):-

Memcached Logo

Memcached is a memory caching system that is used to speed up dynamic database-driven websites (like Facebook) by caching data and objects in RAM to reduce reading time. Memcache is 

Facebook’s primary form of caching and helps alleviate the database load.Having a caching system allows Facebook to be as fast as it is at recalling your data. If it doesn’t have to go to the database it will just fetch your data from the cache based on your user ID.

-->>Limitations/Downsides of using LAMP:-

LAMP

Facebook has realized that there are downsides to using the LAMP stack. Notably, PHP is not necessarily optimized for large websites and therefore hard to scale. Also, it is not the fastest executing language and the extension framework is difficult to use.Mike Schroepfer, Facebook’s Vice President of Engineering, recently did an interview at EmTech@MIT concerning this. “Scaling any website is a challenge,” Schroepfer said, “but scaling a social network has unique challenges." He went on to say that unlike other websites, you can’t just add more servers to solve the problem because of Facebook’s “huge interconnected dataset.” New connections are created all the time due to user activity. Facebook has grown so quickly that they are often faced with issues regarding database queries, caching, and storage of data. Their database is huge and largely complex. To account for this, Facebook has started a lot of open source projects and backend services.

-->>For Back-End:-

Facebook’s backend services are written in a variety of different programming languages including C++, Java, Python, and Erlang. Their philosophy for the creation of services is as follows:

1. Create a service if needed

2. Create a framework/toolset for easier creation of services

3. Use the right programming language for the task

Some of the Programmes/Softwares that Facebook using at back-end to make it more efficient,reliable,fast and secure are:-

1) Thrift(Protocol):-

Thrift Logo

Thrift is a lightweight remote procedure call framework for scalable cross-language services development. Thrift supports C++, PHP, Python, Perl, Java, Ruby, Erlang, and others. It’s quick, saves 

development time, and provides a division of labor of work on high-performance servers and applications.

2) Cassandra(Database):-

Cassandra Logo

Cassandra is a database management system designed to handle large amounts of data spread out across many servers. It powers Facebook’s Inbox Search feature and provides a structured 

key-value store with eventual consistency.

3) Scribe(Log Server):-

Scribe Logo

Scribe is a server for aggregating log data streamed in real-time from many other servers. It is a scalable framework useful for logging a wide array of data. It is built on top of Thrift.

4) Hip-Hop for PHP:-

Hip-Hop for PHP

HipHop for PHP is a source code transformer for PHP script code and was created to save server resources. HipHop transforms PHP source code into optimized C++. After doing this, it uses g++ to compile it to machine code.

Tranformation process for PHP to C++ using 'Hip-Hop for PHP'

Conclusion:-

In a nutshell, that’s Facebook. This article could easily be 37 pages longer if I were to go into more detail, but to answer the question “How does Facebook work?” I think this will suffice. If you look past all of the features and innovations the main idea behind Facebook is really very basic””keeping people connected. Facebook realizes the power of social networking and is constantly innovating to keep their service the best in the business.

ENJOY.......^_^