networking with remote clients and servers
TRANSCRIPT
Chapter 7
Networking with Remote Clients and Servers
Remote Node
Today remote nodes connect via ISDN, DSL, cable modem, and Virtual Private Networking (VPN) across the Internet, in addition to dialing up using the plain old telephone system (POTS).
When connecting via remote node, a computer makes a connection through a public network to a remote access server (RAS).
Remote Node
The remote access server then acts as a router, exchanging traffic between the remote computer and the network.
This enables the remote computer to act as though it is a network node, able to transfer files, access database information and applications, and print to network printers.
Remote Node
Remote Node
Remote computing is typically slow! When the remote node accesses applications
from a network location, the application must first download to the remote node before it is processed.
Updates made to data must be uploaded across that slow link as well.
A server handles requests the same way regardless of whether the node is local or remote.
Remote Node
Remote node computing is simply a point-to-point link. The remote node connects directly to a remote access server via an intervening network.
Remote Node
Remote Node
Remote nodes differ from local nodes in only one way: Data travels through a modem to access the network in a remote node when it uses a dialup connection.
Data travels through a network interface card (NIC) to access the network in a local node. Therefore, a remote node simply treats its modem as though it were a NIC.
Point-to-Point Connections with PPP When you create a dialup connection to RAS,
you must use a protocol to communicate. The protocol most often used to create the
point-to-point connection across the telephone network is the aptly named Point-to-Point Protocol (PPP).
It is based on an older protocol know as the Serial Line Internet Protocol (SLIP).
Point-to-Point Connections with PPP PPP offers several advanced capabilities. When it is used to connect with a remote
network, it encapsulates the upper-layer protocols. This process enables a remote node to appear to
be connected locally. PPP’s link-control ability indicates when a
connection is poor, providing for automatic termination and redialing.
Point-to-Point Connections with PPP PPP supports both Password Authentication
Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP), which both prompt users to log on to establish a connection using encryption or clear text passwords.
Point-to-Point Connections with PPP
Using DSL for Remote Node
ADSL G.Lite (DSL lite)HDSL VDSL
Remote Access Service (RAS)
When you dial into a network as a remote node, you log into a remote access server.
This is often the same server that provides remote node services across the Internet, via tunneling protocols.
A variety of remote access servers is available.
Remote Access Service (RAS)
Tunneling to a Virtual Private Network (VPN)
VPN describes remote nodes that access a network via the Internet in a secure fashion.
That security is provided by tunneling protocols, along with encryption.
Many encryption schemes can encode data with strengths up to 128 bits, an encryption strength that virtually prevents decryption altogether.
Tunneling to a Virtual Private Network (VPN) VPN is available to clients who connect to the
Internet through nearly any type of link. Whether the client connects via ISDN, DSL, cable
modem, or dialup line, a VPN session can usually be created.
VPN creates a virtual point-to-point connection to the RAS.
Tunneling is driven by the need to protect that virtual point-to-point link from being interrupted or eavesdropped upon.
Tunneling works by encapsulating data within IP packets in an encrypted format.
Tunneling to a Virtual Private Network (VPN)
Point-to-Point Tunneling Protocol (PPTP)
Point-to-Point Tunneling Protocol (PPTP) takes its name from PPP because it uses PPP frames in its tunneling process.
PPTP encapsulates PPP frames within IP datagrams, which are then transmitted across the Internet.
Layer 2 Tunneling Protocol
The Layer 2 Tunneling Protocol (L2TP) was developed to establish a viable alternative to PPTP as a standard.
Like PPTP, L2TP is an extension of PPP that supports multiple protocols.
Two servers provide an L2TP tunnel: the first is an L2TP access concentrator (LAC), which is simply a RAS. The second is an L2TP network server (LNS), which provides the L2TP service.
Remote Control Remote control was an early remote networking
technology that enabled users to run applications on the network with fair performance.
The user would create a remote control session with a computer that was connected directly to the LAN.
On the remote computer, a window would appear with the remote computer’s desktop within it.
All application processing and data remained on the LAN; the only data that traveled to the LAN from the remote computer were keyboard and mouse clicks.
The graphical user interface contained the data traveling back to the remote computer.
Remote Control
Remote control computing overcame some of the issues with remote node computing.
Because the application ran only on the LAN-connected computer, the remote computer didn’t need to be compatible with the network applications, nor did it require any additional hardware.
Remote Control
Independent Computing Architecture from Citrix
Citrix developed its ICA protocol to facilitate remote control sessions.
The protocol runs within the upper layers of the OSI reference model, including the application, presentation, and session layers.
It establishes the session, maintains it, and terminates it.
Independent Computing Architecture from Citrix
During the session, ICA carries keystrokes, mouse clicks, and graphical data in the form of compressed draw commands.
ICA is highly optimized in that it will update only the graphical data that has changed on the screen.
The protocol also allows file transfers between the local and remote computers.
Independent Computing Architecture from Citrix
ICA requires very little bandwidth and can provide solid performance over a 20-Kbps connection.
This means that the average computer using a 56-Kbps modem connection will experience exceptional performance with an ICA session.
Microsoft Remote Desktop Protocol (RDP)
Remote Desktop Protocol (RDP) offers much the same type of service as ICA.
It supplies the transport for keystrokes, mouse clicks, and display data for a server providing sessions to a thin client application.
Microsoft Remote Desktop Protocol (RDP)
RDP is limited in the protocols it will run across; there’s no direct dial method.
RDP clients will operate only across a TCP/IP network.
If you need to run remote sessions across a network that is solely IPX/SPX or NetBEUI, you would be required to use Citrix MetaFrame.