Speed runner - Wan links with ISDN routers

Want your wan to run faster? Then harness the speed of ISDN

Today, wide area networking encompasses the interlinking of distributed corporate sites, attaching small branch offices to the corporate headquarters and connecting field or home workers to a corporate Lan.

Wans no longer need to rely on leased lines for connectivity, because ISDN has made dialup networking a more cost-effective alternative in environments in those cases where traffic levels do not justify the high installation and rental costs of leased lines.

It has always been possible to set up dialup Wans using modems, but the delays in modem negotiation protocols have made the plain old telephone system (POTS) unattractive for such purposes. Following dial up, modems take between 15 and 30 seconds to train up on each other before data can flow.

The integrated services digital network (ISDN) is available in most countries to offer a digital end-to-end dialup link between sites almost worldwide.

Technologies to set up a Wan

The real advantage of ISDN is its speed in setting up connections. It takes less than one second from giving the dialling command for data to travel. Knowing a link can be set up in sub-second times means administrators are willing to drop the line if data is not flowing. Most ISDN routers support time-out settings to use the service cost-effectively.

ISDN provides bandwidth in B-channels, each carrying 64Kbps, which can be aggregated to provide increased bandwidth in a modular way. This leads to the additional concept of bandwidth on demand, which means that B-channels can be added or removed from the link to follow the demands of the network routing.

There are a number of communications media that can be used to set up a Wan: leased lines, ISDN, ATM, Frame Relay, satellite, cellular, wireless (both radio and optical), and SDMS. Which technology you choose will depend on usage, cost, availability, and the type of traffic. A common rule of thumb is that, if an ISDN link is likely to be connected for more than three hours every day, it would be cheaper to install a leased line. Wan-planning software, such as Grid Technologies' LinkWare, is invaluable for making a cost comparison against traffic profiles. To aid management of existing networks and future planning, sniffers can capture existing traffic profiles.

If you have time-critical data, such as videoconferencing and video feeds, ATM is the only way to deliver it effectively across a Lan. The latency in other Lan technologies, such as Ethernet and Token Ring, can cause interruptions in the flow of video data.

It is possible, though, to use ISDN to make Wan links by using an ATM/ISDN gateway. We know of only one such gateway product, which is from First Virtual. "The First Virtual V-Gate is an ATM-ISDN gateway that connects both room-system and desktop videoconferencing equipment connected in an ATM network, to the world of ISDN. Through V-Gate, we enable users to enjoy the benfits of ISDN without the heavy costs of pulling ISDN to the desktop," says Ralph Ungermann, founder and CEO of First Virtual.

The highest quality, which is generally used for videoconferencing, requires 384Kbps bandwidth, which can be easily met by aggregating six ISDN B-channels. In a large organisation, this approach is cheaper than delivering ISDN to every desktop that requires video feeds or videoconferencing facilities.

It is also the only way of doing it across several countries: as yet, there is no global ATM network but ISDN is available globally. It is true that not every country has an ISDN network, but only the Third World, the CIS and remote areas lack a telecommunications infrastructure capable of supporting ISDN. In such areas satellite links are probably the only reliable solution.

The global availability of ISDN makes it ideal for setting up Wan links to sites almost anywhere in the world. It must be remembered that the usage costs of ISDN can be very high where data traffic is such that the Wan links are connected for large proportions of the day. This means that it is best suited to connecting small branch offices or remote home-workers to a corporate Lan. Even in these applications, a close watch needs to be kept on usage profiles to ensure that ISDN links are dropped when no traffic is flowing. In a Novell IPX/SPX environment this is called spoofing, but similar principles can be applied to TCP/IP networks.

Most ISDN routers allow time-outs to be set up so that connections are dropped during periods of inactivity. It is important to choose time-out periods carefully, as there is no point in setting a time-out period so low that calls are initiated very frequently. This is because there is generally a minimum charge per call (4.2 pence with BT at the time of writing) despite per-second billing.

More sophisticated routers allow traffic watermarks to be set up, so that extra ISDN B-channels are aggregated to meet additional demands and are then dropped back to fewer channels when traffic diminishes.

The best routers allow usage limits to be set on a daily basis to control costs. You can usually select the type of action to be taken when usage exceeds a prescribed figure: either further traffic is denied access or an SNMP trap may be used to alert the system manager.

Achieving the most cost-efficient use of ISDN dialup time may involve a close examination of all aspects of your IT operation, and possibly affect working practices. In a NetWare environment, for example, those Windows workstations frequently used to open local documents or spreadsheets will also set up an ISDN call whenever the File Open dialog box is opened.

This is because they automatically set up links to every remote drive to which you have access permission, in case you wish to browse the files stored on it.

There are ways around this problem, but only a few approaches to routing can spoof the Windows code (NCP17) for File Open across a NetWare network, by setting up a link only when the user attempts to browse a remote drive.

One such approach, from AVM, involves using Novell's multiprotocol router (MPR) at the central site and an internal ISDN card inside a teleworker's PC.

Spoofing is also needed for NetWare Directory Services (NDS) under NetWare 4.x. NDS can generate a lot of network traffic which could wait until a dialup is initiated for another reason. Again, AVM has a solution for spoofing NDS. Microsoft has not yet provided any satisfactory way to spoof native Windows NT (NetBEUI) networks, so the only practical way to route such networks is to restrict them to using IP.

Even for an individual home-worker with a single PC, a personal ISDN router is an affordable option. You simply install a cheap network interface card, and connect it to the router using a 10BaseT UTP crossover cable - there is no need for a hub. Incidentally, this solves the common problem of the PC's serial port not being fast enough to drive an external ISDN terminal adaptor. A personal router can provide direct Internet access, as well as links to a corporate Lan at the same time.

Advanced Computer Communications (ACC) One IP technology is incorporated into its Congo Personal router and economises on IP addresses. This is useful for all TCP/IP networks, and can save money when used for Internet access, as most Internet service providers (ISPs) charge for extra static IP addresses.

One IP uses a temporary IP address as a global address for the entire remote Lan, while assigning "private" IP addresses to all devices on the Lan. This eliminates the burden of configuring each device on the Lan with a unique IP address. One IP's global addressing scheme also provides network security by serving as a firewall to prevent outside access to the Lan.

Employing a combination of the network address translation (NAT) protocol, IP control protocol (IPCP), and dynamic host configuration protocol (DHCP), one IP allows corporates to save as much as 70 per cent on monthly Internet access fees, because it drastically reduces the number of IP addresses rented from ISPs.

ISDN is quite difficult to manage in all but the simplest of applications.

With leased lines, you don't need to consider usage profiles until bandwidth bottlenecks become apparent. Some usage profiles would keep an ISDN line open continuously. With BT only billing quarterly, it can be quite a long time before you find out about any expensive configuration mistakes.

Obviously, you need to ensure that routing tables are correctly set up, and that time-outs are carefully chosen. Ensure that unnecessary traffic is not routed, by using packet filtering which many routers provide.

You should look at your networks to see if there are any spurious packets by using an analysis tool or a hardware sniffer. This may bring to light a device which is faulty or has not been correctly configured, and which is happily broadcasting unnecessary packets continually to announce its presence on the network.

If you include Internet access in your Wan strategy you need to think about firewalls and possible abuse of the facility by employees. Several products allow network managers to control exactly which members of staff are using the Internet, at what time of day, and to which sites they have access.

The issues are not just about the cost of ISDN calls that might be initiated to access the Internet, for example by a homeworker, but also about employees wasting time surfing. On the whole, the Internet is beneficial so, unless employees are responsible and hardworking, you may want to limit surfing to the lunch-hour or after work.

Choosing the correct router

Finally, put controls in place to ensure that you know about any abnormal change in usage patterns, before you get a big bill from BT. This can involve setting usage watermarks above which access is denied or alarms triggered. If there is an increase in use, and it isn't because of a fault, you still need the management information to decide when it would be appropriate to replace ISDN with leased lines.

Routing products fall into several categories. Hardware routers simply plug into the Lan cabling and the ISDN. They can be managed and configured using a dumb terminal connected to a serial interface, or over the network using Telnet or SNMP.

A subset of hardware routers, personal routers, offer connectivity for a single user or a small number of users. Personal routers have a couple of analog ports, to which standard telephones and fax machines can be attached to make the most of the ISDN line.

Software routers run on an existing PC which may be a file server or a dedicated communications server. Of course, software routers still require some hardware to interface to the ISDN, but this is usually an internal card.

In Novell environments, NetWare Connect and multiprotocol router (MPR) are popular software choices. These run on either existing or dedicated NetWare servers, using standard commercial ISDN terminal adaptors and internal ISDN cards.

MPR requires internal ISDN cards, but Connect can use either. One NetWare server running MPR can support up to four Basic Rate ISDN cards (8 channels) or up to four Primary Rate T1 cards (120 channels). MPR can route the most common network protocols, including AppleTalk, IP and IPX and bridge all others. NetWare Connect is not a router, it is the central site software to support individual dialup remote users.

For Windows NT environments, Eicon Technology offers an internal ISDN card which is supported by Windows NT routing software. Since there is no satisfactory way to spoof native Windows NT (NetBEUI) networks, the only practical way to route such networks is to restrict them to using IP, when a standalone hardware router is probably the best option.

An internal ISDN interface card is cheaper than a personal router, but rarely includes analog ports. Some cards, though, such as AVM and ITK, can fulfil part of the role of analog ports, by acting directly as fax modems and PC-based telephone answering machines.

HOW TO SAVE #5,000 A YEAR

Software tools, such as LinkWare, can be used to unravel complex tariff structures and arrive at a least-cost scenario.

The cost of a Wan usually consists of two elements: the installation or connection costs, plus the annual rental and usage charges. The request was to determine the lowest-cost method of adding three remote offices and several remote access or home-based users.

The client is UK-based and has an existing Frame Relay network with Mercury Communications. Initially, the client planned to use British Telecom's (BT) ISDN to connect the three remote sites and to provide modem access for mobile users.

LinkWare evaluated a number of scenarios, and results of the study indicate that over #5,000 in annual recurring costs can be saved by using a combination of BT and Mercury for the ISDN, and by using a Mercury leased line instead of ISDN for one of the busier sites. The design for SoHo users indicated that ISDN could be used at a lower cost than analog systems, but with additional hardware costs.

The customer has an existing backbone network connecting the sites: Newbury, Birmingham, Leicester, London, Nottingham, Sheffield and Bristol. These sites are connected by a Mercury Frame Relay network, with the main site at Newbury. All backbone nodes have PVCs to Newbury. Also, Leicester and Birmingham have a direct PVC between them to allow intersite traffic, without having to traverse and therefore load the Newbury node. Three regional office locations need to be added: Cheltenham, Barnstaple and Hemel Hempstead. Twenty remote workers need modems or ISDN adaptors.

LinkWare automatically applies any ISDN usage credits appropriate to the selected BT scheme. A two-year contract from BT qualifies for the low #199 installation fee. The low connection cost may distort the actual cost over an extended time period. If the service will be required for a longer term it is always advisable to reduce recurring costs.

As a two-year commitment is required for BT's Start-up ISDN service, the model was run again to produce costs for a two-year contract. This time, LinkWare selected a Mercury 64K leased line instead of the BT line.

Although Mercury's connection costs are higher than BT's one-year contract, a two-year contract with Mercury benefits from Mercury's lower rental charges, and therefore lower annual recurring costs.

A two-year contract period with a combination of leased line and ISDN is the cheapest by a small margin. In subsequent years this solution will be the most economical, as usage and rental are the lowest. The best solution would be to use a single ISDN Primary Rate interface at Newbury, which could support both the remote office and the SoHo users. This would allow SoHo users to be equipped with PPP-capable devices, enabling them to communicate with the router at Newbury.

CONTACTS

- ACC (01932) 821133

- AVM (SAS Distribution) (01293) 852800

- Bay Networks (01628) 774400

- Chevin Software (01943) 465378

- Cisco (0181) 818 1400

- Eicon Technology (0181) 967 8000

- First Virtual Corporation (0171) 972 0018

- Gandalf (01344) 860272

- Grid Technologies (01923) 285285

- ITK (0117) 956 1212

- Network General (01753) 863400

- Jaguar (01727) 898000

- Star Internet (01285) 647000