eCommerce
Search our
entire site
Enter your search
terms below, or visit
our search
page
Search
case
studies only
Enter your search
terms below:
For
the table
of contents and
hyperlinks to
general topics
proceed to toc
Maximizing
IP Addresses Across a LAN
PACESETTERTM IPShareTM: Cost-effective
Internet Access
Introduction - Putting the Internet to Work
For many people the Internet is a collection of Web sites that advertise consumer goods, display stock prices, or help the kids with their homework. But technology that is already available makes the Internet a true, heterogeneous WAN, capable of fulfilling the promise of open systems. As such, it is a full-fledged business tool, a complementary extension of existing enterprise networks.
In addition to supporting the largest enterprises, the Internet supports smaller companies and virtual companies made up of informal networks of independent contractors and others. These users need to be on the leading edge of solutions that make the most of modest bandwidth. Larger companies have the same concerns about maximizing bandwidth use, especially when extending their intranets to cover remote branch offices, home offices or mobile users.
Meeting the Challenge with the PACESETTER Access Router
If a remote site is limited to a single user and a single PC, then a simple analog modem may be sufficient. But once the company adds multiple users, multiple PCs, and multiple destinations and higher bandwidth needs, it needs a router. For a router that meets simple needs today and scales effortlessly to support continual growth, many corporate users are turning to the ADC Kentrox PACESETTER Pro Access Router. It supports dial-up access and is flexible enough to support higher-bandwidth Frame Relay or leased lines later.
The PACESETTER includes two 64k B channels so users can send both data and digitized voice or fax traffic simultaneously over a single line operating over ISDN. The cost savings can be tremendous. The PACESETTER SOHO can also save significant costs, with its integrated four-port 10Base-T hub.This LAN hub provides small and home offices with the ability to network up to four workstations without the added expense and space of an external concentrator.
Maximizing IP Addresses with PACESETTER's IPshare. The PACESETTER IPshare feature is a great way to wring the most productivity from a limited pool of IP (Internet Protocol) addresses, by sharing IP addresses across a full LAN. IPshare lets users share the IP addresses assigned by the Internet Service Provider (ISP) among any number of LAN workstations. This lowers the cost to the owner of a small office business, increases flexibility when dealing with ISPs and minimizes network maintenance tasks. For small offices, IPshare can dynamically reconfigure addresses, allowing a single address to serve multiple users on a LAN.
When you subscribe to an Internet account, you typically tell the ISP how many workstations you want to simultaneously access the Internet. The ISP then allocates that number of IP addresses for your use, giving you a fixed block of IP addresses. You then assign these IP addresses to your routers, LAN workstations, and other LAN devices. The allocated block of IP addresses may be as small as one IP address when a single workstation connects to the ISP, as in a home-based business. In this traditional networking system, each machine uses its assigned IP address when calling the ISP. And, on the other side of the connection, the ISP is configured with the block of IP addresses assigned to you. Whenever a single workstation connects to the ISP, the ISP assigns the IP address to the workstation because the workstation usually has not been configured for a specific IP address.
Typical Uses of ISP Accounts and How IPshare Reduces Costs
Here are some examples of how businesses use ISP accounts today. Typical limitations are described for each option.
Corporate Site with Branch Offices. In this example, a corporate site supports many branch offices. Because of the high-level of traffic requiring access to the Internet, the corporate site uses a full-time Internet connection. Additionally, the corporate headquarters is the home for the Web server and e-mail server. These two servers are used not only by those at the corporate site, but also by those at the branch offices. The branch offices consist of many small, LAN-based offices scattered throughout the United States. Therefore, they need to access the Web and e-mail servers at the headquarters via the Internet.
| The corporate headquarters provides the full-time Internet connection, with the branch offices using IPshare for Internet access. |
 |
The options for the branch offices to connect to the Internet are:
 |
Full-time ISDN connection ($175 to $395 per month) |
|
Dial-in connection (using a modem or an ISDN terminal adapter) for each workstation in the branch office ($40 per month per workstation) |
The first option is too expensive for every branch office, while the second option has a cost that grows linearly with the number of workstations.
A cost-effective solution for this application is to have each branch office use IPshare over a dial-in connection across an ISDN line. The fees for this solution include $175 to $395 per month for the full-time connection between the corporate facility and the Internet and, for each branch office, $30 per month for the ISP account plus $25 per month for the ISDN connection to the Internet. As more workstations are added to each branch office, you can upgrade the ISP account to include more simultaneous users.
Home-Based Telecommuter. A home-based telecommuter connects to his company's remote enterprise LAN via ISDN. As part of the corporate LAN, the telecommuter uses the same IP addressing scheme as the headquarters site, using a routing protocol for the remote IP subnet. The telecommuter is LAN-based and uses ISDN for increased bandwidth. In off-hours, however, the home-based telecommuter wants to access the Internet for personal use. His ISP account is probably a single-user account ($15 per month), where the ISP assigns the IP address to the user. In this case, the primary obstacle is the expected IP address. The corporate LAN wants the telecommuters workstation to be part of the corporate IP network. The ISP wants the same workstation to be part of its IP network.
| The corporate LAN connects telecommuters via ISDN, using the same IP addressing scheme. |
 |
A cost-effective solution for this application is to have the telecommuter use IPshare over a dial-in connection across an ISDN line. The fees for this solution include $15 per month for the personal single-user account to the Internet, plus $25 per month for the ISDN connection to the Internet. The connection to the corporate LAN and the corporate IP numbering scheme still uses a traditional routing protocol (such as RIP, RIP II, or a static route), while the connection to the Internet uses the IPshare translation technology.
IPshare has been designed to operate with the new multi-user and full LAN accounts provided by today's ISPs. Regardless of the type of ISP account, you have the ability for all LAN workstations to share the ISP account. With IPshare, any workstation on the LAN can initiate a call to the Internet through the supporting PACESETTER router.
Using IPshare to Call the Internet. When a workstation on your LAN initiates a call to the Internet, the ISP dynamically assigns an IP address (from a series of addresses maintained by the ISP's server) to the router. The PACESETTER router uses IPshare to dynamically assign the signaled IP address (from the ISP) to the call-originating workstation. As other workstations also originate traffic to the Internet, the PACESETTER router automatically derives the set of IP addresses assigned by the ISP, up to the limit of the account. It assigns these addresses to the other workstations and multiplexes them over the same call to the ISP.
The IP addresses are not fixed to specific workstations and are only used by the workstations for the duration of a call. The PACESETTER router dynamically assigns the addresses to the workstations on a first-come first-serve basis. Currently, the number of simultaneous workstation connections is limited by the number of IP addresses assigned by the ISP. In the next release, multiple workstations can be supported simultaneously, regardless of the number of IP addresses provided by the ISP.
For example, suppose you subscribe to a one-user Internet account. When a workstation calls the Internet, the PACESETTER translates that workstation's address to an IP address signaled by the ISP. When a second workstation sends traffic to the Internet, the PACESETTER uses the same original IP address from the ISP for the second workstation. It does the same for a third workstation.
| The ISP signals the IP address and the PACESETTER access router dynamically assigns it to the calling workstation. |
 |
You select IPshare as the routing protocol in your router's dialing directory on a destination-by-destination basis. The dialing directory is part of an intuitive user interface that allows you to set up all parameters, including the routing protocol, for all outgoing and incoming connections made by the router. For example, in your dialing directory you might establish an entry for your ISP and select the IPshare routing protocol for use with this destination. Then whenever the ISP is called, IPshare is used to accept the dynamically assigned IP address, and uses these IP addresses to facilitate Internet access for LAN workstations.
Using IPshare with Corporate Networks. IPshare is not limited to just calling an ISP account. IPshare can also be used for corporate accounts if the router is capable of signaling IP addresses when the PACESETTER router calls in. In this way, you can use IPshare on any dialed call to a remote router that returns an IP address as part of the process of establishing the connection. Because the PACESETTER lets you select the routing protocol on a destination-by-destination basis, you can easily establish dial-directory entries that use other IP routing protocols, including RIP and RIP II. This gives you great flexibility in setting up your router's dialing directory.
Secondary Benefits of IPshare
Although the primary benefit of IPshare is the money you save in equipment costs and ongoing monthly ISP fees, IPshare offers other benefits.
Workstations Retain Current IP Addresses. When using IPshare, you don't need to reconfigure your workstation IP addresses, because the IP addresses signaled from the ISP are not fixed to the specific individual workstations in your LAN. This lets you maintain your existing LAN addressing scheme for local and enterprise calls.
ISP Flexibility. Because IPshare accepts and translates dynamically assigned IP addresses when the connection to the ISP is actually made, you can easily change ISP accounts or use multiple ISP accounts. Setting up accounts with multiple ISPs ensures your office or business can continue to access the Internet even if one of your ISPs is down. All you have to do to switch from one ISP to another is to add a destination to your dialing directory; you need not change the IP addresses configured for your workstations.
Networking Flexibility. Corporate LAN resources can still be extended to your home-based telecommuters, though not as flexibly as with IPshare. A telecommuting employee calling into the main office uses the corporate IP address assigned to his or her workstation.
With IPshare, the employee can now use the same ISP account used for Internet access whether calling from a home workstation or from a corporate workstation. In either case, the PACESETTER transparently translates the workstation's configured IP address to one expected by the ISP. This example shows the IP addresses used when the employee calls the ISP or enterprise office from the home workstation. Only one of these calls is made at a time from the home workstation.
| The telecommuter uses the same IPshare account from home and corporate workstations. |
 |
Enhanced Security
When using IPshare, only LAN hosts that are actively connected to the Internet are assigned dynamic IP addresses. That way, a server that is only providing local LAN services cannot be accessed from the Internet because its IP address is not known to the ISP. In addition, if the ISP supplies a different IP address for every call, then improperly accessing a local host becomes even more difficult because the IP addresses are not repeatable.
For maximum protection, the PACESETTER routers also let you specify IP filters on the router's physical and logical ports. The filters can block or forward data transmissions at the ports, based on whether or not the transmissions match defined criteria.
The filtering criteria can include a combination of:
|
Source and destination IP addresses |
|
IP traffic types (e.g., TCP, UDP, and ICMP) |
|
Source and destination port values |
You might, for example, set a filter on the LAN that permits only FTP traffic to a certain host, denying FTP access to any other private machine. Or you might set a filter on one of the ISDN B channels, so that only certain LAN workstations can access a certain enterprise server.
History of the Technology
The forerunner of IPshare (called "IP Translate" ) supported dynamic IP address translation for calls made to a single-user ISP account. With this feature, any workstation on a LAN could initiate a call to the Internet through a supporting PACESETTER router. But only one user could have an established call at anyone time. With IP Translate, the router dynamically accepted the IP address that it received from the ISP for temporary use by the calling workstation. The router then translated the IP address of the originating workstation to the address expected by the ISP, using this translated IP address when making the actual call connection.
After nearly two years' experience with IP Translate, ADC Kentrox expanded and enhanced the basic single-user technology to include multiple users on the same call. IPshare now provides IP address sharing to single-user accounts, group accounts, and full LAN accounts. The PACESETTER routers are the first to bring IPshare technology to ISDN routers.
Dwindling Supply of IP Addresses. IP networking, including IP routing protocols and the IP addressing structure, originated on the Internet. It has since been adopted worldwide by public and private local area networks (LANs) and wide area networks (WANs). When imagining the global IP network, think of thousands of individual unique, physical subnets, interconnected by routers, switches and other access equipment. Before IPshare, each IP address identified the location of a specific device on the network. An IP address is a 32-bit binary address, defined as four 8-bit decimal numbers, ranging from 0 to 255, separated by periods. This is commonly referred to as dotted decimal notation. All network IP addresses are assigned by InterNIC.
In the near future, the IP addressing method will change to a 128-bit binary address as described in the IP version 6 standard. However, the actual time it will take to deploy this new addressing method is unknown. Until full deployment of the new 128-bit IP address standard occurs, only a finite number of the current 32-bit IP addresses remain available for assignment. IPshare eliminates any difficulty in gaining additional IP addresses for your LAN by letting your workstations share IP addresses when making calls through the PACESETTER routers.
New ISP Account Types and Their Typical Fees. Historically, ISPs charged a set fee based on either single-workstation or full-LAN access your account. Recently however, many ISPs have started to offer additional types of accounts. These new account types are usually based on the number of users or host IP addresses that are assigned to the account. The actual names of any one type of account can vary greatly, depending on the imaginations of those who are marketing the ISP accounts and on exactly what is included in the account. However, we have created some typical descriptions of common accounts for this article.
Single-User (also called Personal or Individual) Account: Basically, this account consists of one IP address. In practice, this account usually provides a set number of hours of access to the Internet for a set monthly fee. Then, for any hours of access you use over the base you are charged additional fees. Typical fees for this account range from a low of $15 to an average of $20 per month.
Group (also called Workgroup) Account: This account provides a small set of IP addresses, usually five or six, for your use. Fees for this account typically range from a low of $75 to $250 per month.
Business Account: This account provides growth for the Group Account user. Before you need a Full-LAN Account, you can get a business account that typically provides a set of about 30 IP address. Fees for this account typically range for $175 to $250 per month.
Enterprise (also called Full-LAN, Dedicated, or Corporate) Account: This account provides up to 256 Full-LAN Class C addresses. Typically, the fees for this account range from $245 to $395 per month.
Rates by type of line access to the ISP: The average and high dial-up pricing rates published in the Summer 1996 Internet Service Providers Directory were:
| Description of Service | Average Dial-Up Rate | High Dial-Up Rate | ||
|
||||
| 28.8 kbps dial-up connection | $19.95 per month* | $300 per month* | ||
|
||||
| 64 kbps ISDN dial-up connection | $50 per month* | $1,000 per month* | ||
|
||||
| 128 kbps ISDN dial-up connection | $100 per month* | $1,200 per month* | ||
|
||||
| *Average dial-up prices from 2266 ISPs | ||||
PACESETTER Private Accounts. You can set up IPshare dial directory entries that are restricted to a particular workstation or user. This means that only the workstation with that IP address can originate a call to that destination. This feature is ideal for professional offices (e.g. real-estate, insurance agents, stock brokers, lawyers) where independent agents share networking resources, but require private dialing statistics for billing purposes or client protection.
Internet
Home
IPShare
xDSL
|
