10Base-T -- An IEEE standard (802.3) for operating 10 Mbps Ethernet networks with twisted-pair cabling and a wiring hub, referred to as a 10Base-T hub.
3.1 Khz audio bearer service -- A bearer service provided by some telephone companies that sends data calls over voice trunks. The switches should turn off echo cancellators on the trunks handling this type of call. Echo cancellation corrupts data transmitted on voice trunks. 3.1 Khz audio bearer service is sometimes referred to as data-over-voice. Note: Currently, parameter settings for "digital/data" in Ascend units does not differentiate between data bearer and 3.1 Khz audio bearer services. The "voice" setting means only true voice service and does not include 3.1 Khz audio bearer service.
3PC -- Third Party Connect Protocol
A1S -- All Ones
ACR -- Abandon Call and Retry
AIM -- Ascend Inverse Multiplexing. An in-band protocol used to manage the interconnection of two remotely located inverse multiplexers. AIM is a feature-rich, widely used inverse multiplexing protocol developed and supported by Ascend Communications.
ALU -- Average Line Utilization
analog data -- Data that can have any value in a range and that can change continuously; the time of day represented by clock hands, or the temperature represented by a liquid thermometer are examples of analog data.
analog signal -- A type of signal that encodes data transmitted over wire or through the air, and is commonly represented as an oscillating wave. An analog signal can take any value in a range, and changes smoothly between values.
An analog signal can transmit analog or digital data. For example, a radio station sends analog music data using analog signals, while a modem transmits digital data using analog signals.
ANI (Automatic Number Identification) -- Automatic Number Identification is also known as CLID. ANI is a mechanism that informs the called party of the phone number identification of the calling party. Though ANI is thought of as an ISDN feature, it is actually distinct from ISDN, and is a part of Signaling System 7.
APP -- Ascend Password Protocol
APP server -- The APP Server utility lets users respond to token password challenges received from a remote network access server (NAS). Network access servers offer a complex security algorithm that forces a user to have possession of a security card that can generate a password. When a user on the LAN starts an application that requires a connection to a host on a secure network, the Pipeline initiates the call, and after the initial session negotiation, the remote NAS returns a password challenge. The user has 60 seconds to obtain and enter the current dynamic password from the security card.
Appletalk call filter -- An Appletalk call filter can instruct the Pipeline to place a call and reset the Idle Timer based on Appletalk activity on the LAN, and can prevent inbound packets or Appletalk Echo (AEP) packets from resetting the idle timer or initiating a call.
ARP (Address Resolution Protocol) -- Address Resolution Protocol. This portion of the TCP/IP protocol maps an IP address to the physical address (Ethernet Address) of the PC that it is on, helping to identify PCs on an Ethernet LAN. See also Ethernet, TCP/IP, and proxy ARP.
ASN.1 -- Abstract Syntax Notation One
asynchronous PPP -- One of the modes in which the point-to-point protocol is utilized. Asynchronous means that the characters which form data packets are sent at irregular intervals. There is no clocking signal to time transmission. Asynchronous PPP is commonly used in lower-speed transmission and less-expensive transmission systems.
asynchronous transmission -- A mode in which the sending and receiving serial hosts know where a character begins and ends because each byte is framed with additional bits, called a start bit and a stop bit. A start bit indicates the beginning of a new character; it is always 0 (zero). A stop bit marks the end of the character. It appears after the parity bit, if one is in use.
AT&T -- American Telephone and Telegraph
ATM -- Asynchronous Transfer Mode
ATMP -- Ascend Tunnel Management Protocol. A virtual private networking protocol. Virtual private networks provide low-cost remote access to private LANs via the Internet. The tunnel to the private corporate network may be from an ISP, enabling mobile nodes to dial-in to a corporate network, or between two corporate networks that use a low-cost Internet connection to access each other.
An ATMP session occurs between two MAX units, or a MAX and Pipeline 50 or 130 (which can act as a home agent, described below) via UDP/IP. All packets passing through the tunnel are encapsulated in standard GRE (Generic Routing Encapsulation) as described in RFC 1701. ATMP creates and tears down a cross-Internet tunnel between the two MAX units. In effect, the tunnel collapses the Internet cloud and provides what looks like direct access to a home network. Bridging is not supported through the tunnels. All packets must be routed using IP or IPX.
One ATMP units acts as a foreign agent (typically a local ISP) and one as a home agent (which can access the home network). A mobile node dials into the foreign agent, which establishes a cross-Internet IP connection to the home agent. The foreign agent then requests an ATMP tunnel on top of the IP connection. The foreign agent must use RADIUS to authenticate mobile nodes dial-ins.
The home agent is the terminating part of the tunnel, where most of the ATMP intelligence takes place. It must be able to communicate with the home network (the destination network for mobile nodes) through a direct connection, another router, or across a nailed connection.
AUI (Autonomous Unit Interface or Auxiliary Unit Interface) -- This refers to the 15-pin D connector and cables that connect single and multiple channel equipment in an Ethernet transceiver.
authentication -- Authentication is a procedure that establishes the legitimacy of users and defines the parameters of the sessions they establish. As such, authentication can be thought of as a security measure that controls and defines network access. It is always the first part of a session; the range of authentication parameters that can be set depend upon the specific authentication system employed.
auto-reconnect -- An automatic reconnection of a link that has been lost. The software used to manage the connection notes the lost connection and re-establishes it.
B channel -- A B channel is a 56-kbps or 64-kbps channel that carries user data on a line using ISDN D-channel signaling. For information on ISDN D-channel signaling, see the entry for ISDN D-channel signaling.
backbone -- The part of the communications network intended to and designed to carry the bulk of traffic. Provides connectivity between subnetworks in an enterprise-wide network.
backbone router -- Routers designed to be used to construct backbone networks using leased lines. Typically do not have any built-in digital dial-up WAN interfaces. Typical manufacturers include Cisco, Wellfleet, 3Com, CrossCom, and so on.
bandwidth -- Bandwidth is the data capacity of a service, measured in thousands of bits per second (kbps) or millions of bits per second (Mbps). Bandwidth is not a measure of speed. It is the size of the data payload of the service measured in bits per second. T1 service delivers 1.544 Mbps, whereas ISDN service delivers 128 kbps. The data travels over the line at the same speed, but for T1 lines, the capacity is twelve times that of ISDN. Speed and capacity are two different attributes. For example: if you send yourself two packages via an overnight service--a box with many pages of text, and an envelope with one page of text--the speed at which the packages travel is the same, but the capacity of the box is greater. You may wonder why modem ‘speeds’ are different if data travels across the line at the same rate--all should deliver the same amount of data per second, right? Differences in encoding methods and compression give modems the ability to transmit data in more and more efficient ways. Signal encoding schemes and software built into a modem determines its data rate. Advertised throughput, however, is decreased by latency.
B-Channel bundling -- A B-channel is a 'bearer' channel, one of the fundamental components of the ISDN interface. The B channel is circuit-switched and can carry 64,000 bps of voice or data in either direction. Bundling is based on Digital Speed Interpolation (DSI), a technique used to squeeze more voice conversations onto a single line. Speech is sliced up so that bits are transmitted only when someone is speaking. In T-1 multiplexing, bundles consist of 4 bits, can represent 11 channels of 32 Kbps compressed data, and are treated as an entity with an attached signaling delta channel.
BECN -- Backward Explicit Congestion Notification
BGP -- Border Gateway Protocol version 4
Bit -- Binary digit. The smallest unit of information a computer can process, representing one of two states (usually indicated by "1" and "0").
BONDING (Bandwidth ON Demand Interoperability Group) -- A consortium of over 40 data communications equipment vendors and service providers who joined together to create a standardized inverse multiplexing protocol so that inverse multiplexers from different vendors could interoperate. Also refers to the resultant specification, sometimes known as the "BONDING specification."
bps -- Bits per second. Actually a nested acronym, meaning binary digits per second.
BRI (Basic Rate Interface) -- An ISDN subscriber line, consisting of two 64 kbit/s B channels, or "bearer" channels, and one 16 kbit/s D channel, used for both data and signaling purposes.
bridge -- A device or setup that connects and passes data, voice, or video between two network segments based on the destination field in the packet header. Ascend units are learning bridges, because they pass all packets to the next network segment (the ISDN line) and build a table identifying the destination addresses that are local and remote. After learning the addresses on both sides of a network, the bridge passes only packets for the remote network. (See router.)
bridge table -- A bridging table identifies destination addresses known to exist in a network. It is built dynamically by a learning bridge as it passes data in a network. (See bridge.)
bridging versus routing -- Bridging is the process of passing packets to another network segment without regard to the network operating system. Bridged packets are passed to the data link layer of the OSI model, as opposed to routed packets, which are delivered to the network layer. In an environment where diverse network operating systems exist, such as between Appletalk and NetWare, a bridge can move data between the networks, but cannot deliver packets all the way up through the network; routing can deliver packets to discreet addresses in the network.
The Pipeline can perform both bridging and routing functions. If the Pipeline is set to route IP, that is, deliver packets to a precise IP address in a network, when bridging is enabled, the Pipeline will bridge everything except IP packets. Similarly, if the Pipeline is set to route IPX packets, when bridging is enabled, then everything except IPX packets are bridged. If bridging is disabled, then only routed packets are passed by the Pipeline.
When routing is enabled, the network protocol must be specified, since routing is network specific. Routing may be turned off and bridging enabled, which causes all packets to be bridged. If you use the Pipeline only as a bridge, both ends of the network need to use the same network protocol.
call -- A single session in which a calling device and an answering device connect over the WAN.
call filters -- Call filters help you manage the cost of having a Pipeline connected to your PC or network. The Pipeline has an Idle Timer option that can be set in the Connection Profile and again in the Answer Profile. Call filters let you define which packets will not restart the Idle Timer, so only valid traffic keeps a connection up. Packets defined in a call filter cannot restart the Idle Timer or initiate a call.
For example, in some networks packets are broadcast every 60 seconds to make sure all routers and bridges know about available services. You can filter these packets out of the stream of traffic to prevent calls from being initiated or to prevent calls from staying connected unnecessarily.
callback security -- Callback security is a mechanism used to verify that the access attempt is made by a recognized, legitimate caller. The caller's number is checked against a database of users.
called number -- The called number is the intended destination of an authorization attempt.
caller ID -- Caller ID describes a service offered by local telephone companies that displays the calling party's number on a special display device.
CCITT -- Consultative Committee on International Telegraphy and Telephony
CD -- Carrier Detect
CDR (Call Detail Reporting) -- Call Detail Reporting is a feature that provides a database of information about each call, including date, time, duration, called number, calling number, call direction, service type, and associated inverse multiplexing session and port. Because the network carrier bills for bandwidth on an as-used basis, and bills each connection in an inverse multiplexed call independently, you can use CDR to understand and manage bandwidth usage and the cost of each inverse multiplexed session.
You can manipulate the information in order to create a wide range of different reports, including reports based on individual call costs, inverse multiplexed WAN session costs, costs on an application-by-application basis, bandwidth usage patterns over specified time periods, and so on. You can use this information to better understand your bandwidth usage patterns and, if necessary, make adjustments to the ratio of switched to dedicated bandwidth between network sites.
channelized T1/E1 -- T1 or E1 service that is divided into individual 64 kbps channels (or channels that are multiples of 64 kbps such as a 256 kbps channel made from four 64 kbps channels), as opposed to unchannelized service, which uses the entire bandwidth of the T1 (1.544 Mbps) or E1 (2.048 Mbps). Channelized T1 or E1 lines can consist of switched lines with inband signaling or leased lines. Additionally, leased lines may be channelized, for example when a leased line runs from the central office to the corporate headquarters as a single T1 or E1 line, but then branches into channels to remote sites from the corporate headquarters.
channels -- A portion of a line's bandwidth. A line contains a fixed number of channels. Each line can contain switched channels only, nailed-up channels only, or a combination of switched and nailed-up channels.
A line can have these types of channels:
* DS0 - a 64-kbps channel on a line using inband signaling. For information on inband signaling, see the entry for Inband signaling.
* B channel - a 56-kbps or 64-kbps channel that carries user data on a line using ISDN D-channel signaling. For information on ISDN D-channel signaling, see the entry for ISDN D-channel signaling.
* D channel - carries WAN synchronization information on a line using ISDN D-channel signaling. For information on ISDN D-channel signaling, see the entry for ISDN D-channel signaling.
CHAP -- Challenge Handshake Authentication Protocol. This security protocol allows access between data communications systems prior to and during data transmission. CHAP uses challenges to verify that a user has access to a system.
circuit -- A connection between endpoints over a physical medium.
circuit-level inverse multiplexing -- A method of inverse multiplexing in which the inverse mux slices the data stream into equal portions, and transmits each portion over an available circuit. The receiving end adjusts for network-induced delay and reassembles the data packets into their proper order. The AIM and BONDING protocols define how circuit-level inverse multiplexing works. Applications that require transparent digital circuits, such as videoconferencing, nailed-up backup and overflow, and bulk file transfer applications, use circuit-level multiplexing.
circuit-switched network -- A dedicated connection between both ends that is ‘busy’ for the duration of the call.
CLID -- Calling Line ID, synonymous with ANI.
CO -- Central Office
codec (COder/DECoder) -- A device that encodes analog data into a digital signal for transmission over a digital medium.
compression -- Compression is a technique that reduces the quantity of bandwidth or bits required to encode a block of information. Compression saves transmission time and capacity, and can free up storage space on in-demand data lines. Compressed data can be compromised in quality, but the advantages of bandwidth savings are frequently worth the trade-off. Compression is not yet standardized. Ascend equipment can perform high compression rates with its own equipment at both ends of a call, using its own brand of compression.
connection profile -- Information about a remote network you are authorized to connect to by dialing out. Connection profiles contain all the information the Pipeline needs to manage authentication and data transfers. Answer profiles contain incoming connection details.
cost management -- See call filters.
CPE (Customer Premises Equipment) -- Terminal equipment located on the customer premises which connects to the telephone network.
CPHB -- Computer Protocol Heart Beat
CPNX -- Computer Protocol Network Executive
CPU -- Central Processing Unit
crossover cable -- A cable with wires that "cross over," so the terminating ends of the cable have opposite wire assignments. (Contrast with straight-through cable).
CSU (Channel Service Unit) -- Channel Service Unit. A device used to connect a digital phone line coming in from the phone company to network access equipment located on the customer premises. A CSU may also be built into the network interface of the network access equipment.
CTS -- Clear To Send
D channel -- A channel that carries WAN synchronization information on a line using ISDN D-channel signaling. For information on ISDN D-channel signaling, see the entry for ISDN D-channel signaling.
data encryption -- Encrypting data is accomplished by applying a special scrambling code that makes the data unreadable to anyone who does not have a decryption key. Authorized personnel with access to this key can unscramble it. Data encryption is a useful tool against network snoopers.
data filters -- A data filter is a filter that applies to the actual data stream. It can be set to drop packets addressed to particular hosts or to prevent packets from going across the WAN.
data link layer protocols -- The second layer of the Open Systems Interconnection (OSI) reference model created by the International Standards Organization (ISO). The data link layer assembles messages and coordinates their flow. The term can also be used to refer to a connection between two computers over a telephone.
data over voice -- Sending digital data over telephone trunks conditioned for voice. Data over voice is sometimes used to mean sending data using voice bearer service or 3.1 Khz audio bearer service.
data service -- A service provided over a WAN line and characterized by the unit measure of its bandwidth. A data service can transmit either data or digitized voice.
DBA -- Dynamic Bandwidth Allocation
DBA (Dynamic Bandwidth Allocation) -- Adding or subtracting bandwidth from a switched connection in real time without terminating the link. MPP and AIM support Dynamic Bandwidth Allocation based upon a set of parameters you specify.
Ascend units use the historical time period specified by the Sec History parameter as the basis for calculating average line usage (ALU). It then compares ALU to the amount specified in the Target Util parameter. When ALU exceeds the threshold defined by Target Util for a period of time greater than the value of the Add Pers parameter, the Ascend unit attempts to add the number of channels specified by the Inc Ch Count parameter. When ALU falls below the threshold defined by Target Util for a period of time greater than the value of the Sub Pers parameter, the Ascend unit attempts to remove the number of channels specified by the Dec Ch Count parameter.
If you use a circuit between two locations to capacity 24 hours per day, using a nailed-up line is more cost effective than using a switched line. However, if you need the circuit only sporadically, or if the circuit is sometimes underutilized, it often makes more sense to lease a smaller amount of nailed-up bandwidth and then supplement it with additional switched bandwidth as traffic requirements dictate.
For example, you might establish some connections only when you need to transfer data, and a single circuit can accommodate low traffic levels. However, if traffic levels grow beyond the capacity of the circuit (such as during a large file transfer), DBA automatically adds additional switched channels. When traffic levels subside, DBA automatically removes the channels from the connection. The bandwidth and connection costs are thereby reduced. You pay only for bandwidth when you need it.
DCE (Data Circuit-Terminating Equipment) -- As defined in the RS-232 specification, equipment to which DTE (Data Terminal Equipment) is connected, often to enable access to network facilities. A DCE converts the format of the data coming from the DTE into a signal suitable to the communications channel. DCE often refers to equipment such as network access equipment, and DTE refers to application equipment, such as a videoconference terminal.
DDP -- Datagram Delivery Protocol
DE -- Discard Eligibility
default gateway -- When setting up the PC to operate with a Pipeline, the gateway setting (in the Network settings) must be set to the IP address of the Pipeline. Using the IP address of the Pipeline as the gateway, lets your computer know that you will use the Pipeline to access remote networks.
DES -- Data Encryption Standard
DGP -- Dissimilar Gateway Protocol
DHCP (Dynamic Host Configuration Protocol) -- DHCP is a standards-based protocol for dynamically allocating and managing IP addresses. DHCP runs between individual computers and a DHCP server to allocate and assign IP addresses to the computers as well as limit the time for which the computer can use the address. When the time expires on the use of the IP address, the computer must contact the DHCP server again to obtain an address.
DHCP spoofing -- There are some cases where the DHCP server is on a remote network, and an IP address is required to access the network, but since the DHCP server supplies the IP address, the requester is at an impasse. To supply access to the network, when the Pipeline receives a DHCP Discover packet (a request for an IP address from a PC on the network), it responds with a DHCP Offer packet containing the configured (spoofed) IP address and a renewal time, which is set to a few seconds. The requester then has access to the DHCP server and gets a real IP address. (Other variations exist in environments where the APP server utility is running.)
dial query -- Dial query is a parameter of a connection profile that tells the Pipeline to initiate the connection when a local NetWare client queries a remote server and the Pipeline routing table is empty. (A routing table is a list of destinations known to the Pipeline.)
digital data -- Data that can have only a limited number of separate values. The time of day represented by a digital clock, or the temperature represented by a digital thermometer are examples of digital data; the digital values do not change continuously, but remain at one discrete value and then change to another, discrete value.
digital modem -- An internal device in the MAX that enables it to communicate over a digital line (such as a T1 PRI line) with a station using a modem connected to an analog line. Incoming modem calls and incoming digital calls come over the same digital line.
The MAX can accept an incoming call from the network either as a pure digital stream, or as a PCM (Pulse Coded Modulation) encoded digital stream. A PCM-encoded digital stream contains a digitized version of the analog wave form sent by a caller attached to a modem. The MAX can also convert outgoing data into analog wave forms, convert these wave forms to a PCM-encoded digital stream, and send them to the network over a digital line. The network presents the data to the receiving modem in analog form over an analog line. The data looks exactly as it would appear if it had been sent by an analog-based modem.
digital signal -- A type of signal that encodes data transmitted over a wire using a limited number of discrete values. The value of the data encoded in a digital signal depends upon the state of the signal during a particular time period. Therefore, the sender and the receiver must synchronize their clocks. Each clock runs at a baud rate, the number of times per second the state of the signal is read or set. Several clocking schemes are available, and digital signals often include clock timing cues.
A digital signal can transmit analog or digital data. For example, a CD encodes music data into digital signals, while the wires between computers transmit digital data in digital signals.
DLCI (Data Link Connection Indicator) -- In a Frame Relay network, DLCIs uniquely identify each virtual circuit. In most circumstances, DLCIs have strictly local significance at each Frame Relay interface.
DLO -- Data Line Occupied
DNS (Domain Name System) -- A TCP/IP service that enables you to specify a symbolic name instead of an IP address. A symbolic name consists of a user name and a domain name in the format user name@domain name. The user name corresponds to the host number in the IP address. The domain name corresponds to the network number in the IP address. A symbolic name might be steve@crocker.com or joanne@cal.edu. The domain identifier is the last part of the domain name, and identifies the type of organization to which the host belongs.
DNS maintains a database of network numbers and corresponding domain names. When you use a symbolic name, DNS translates the domain name into an IP address, and sends it over the network. When the Internet service provider receives the message, it uses its own database to look up the user name corresponding to the host number.
domain identifier -- The portion of a domain name that appears last and specifies the type of organization to which the host belongs. The Internet's Network Information Center (NIC) provides these domain identifiers:
domain name -- The portion of a symbolic name that corresponds to the network number in the IP address. In the symbolic name steve@crocker.com, the domain name is crocker.com.
DOSBS -- Data Over Subscriber Bearer Service. This is the same as 3.1 Khz audio bearer service.
Drop-and-Insert -- A feature that enables a single T1 access line to carry both data and voice traffic.
The MAX uses a pre-allocated portion of the T1 access line to use both nailed-up and switched circuits for LAN internetworking. The remaining portion of the line can go to a PBX with a T1 interface; the PBX can access both nailed-up and switched circuits for voice purposes. You can also use Drop-and-Insert to share access line bandwidth between the MAX and equipment other than a PBX, such as a channel bank or T1 multiplexer.
DS0 -- 1. A DS0 is a 64-kbps channel on a line using inband signaling. For information on inband signaling, see the entry for Inband signaling.
2. A 64 kbit/s unit of transmission bandwidth. A worldwide standard speed for digitizing one voice conversation, and more recently, for data transmission. Twenty-four DS0's (24x64 kbit/s) equal one DS1.
DSR -- Data Set Ready
DSU (Data Service Unit) -- A digital service unit, tasked to convert terminal interfaces such as RS-2323 connections to DSX-1 interfaces. Increasingly, the functions of these DSUs are incorporated into sophisticated remote access devices located at the central site.
DTE (Data Terminal Equipment) -- As defined in the RS-232 specification, equipment to which DCE (Data Communications Equipment) is connected, such as personal computers or data terminals. DTE often refers to application equipment, such as a videoconference terminal or LAN bridge or router, while DCE refers to equipment such as network access equipment.
DTMF -- Dual-Tone Multifrequency
DTR -- Data Transmit Ready
dual-port call -- A call in which the serial host (such as a video codec) performs inverse multiplexing on two channels so that the call can achieve twice the bandwidth of a single channel. The serial host provides two ports, one for each channel. Two serial host ports on the MAX connect a dual-port call to the serial host; these ports are the primary port and the secondary port. Because the MAX places the two calls in tandem and clears the calls in tandem, it considers them a single call.
dynamic bandwidth overflow -- This is the mode enabled to supplement bandwidth during periods of peak demands. Through the mechanism of inverse multiplexing, additional bandwidth is dialed up when traffic reaches a pre-assigned level.
E1 PRI line -- An ISDN line that consists of 32 64 kbps channels. This type of line uses 30 B channels for user data, 1 64 kbps D channel for ISDN D-channel signaling, and one framing channel. The B channels can be all switched, all nailed up, or a combination of switched and nailed up. This type of PRI line is a standard in Europe and Asia called CEPT G.703.
EEPROM -- Electronically Erasable Programmable Read-Only Memory
EGP -- Exterior Gateway Protocol
encapsulation -- Encapsulating data is a technique used by layered protocols in which a low level protocol accepts a message from a higher level protocol, then places it in the data portion of the lower-level frame. The logistics of encapsulation require that packets traveling over physical network contain a sequence of headers. The first header derives from the physical network frame, the second from the IP frame, the third from the physical network frame, and so on. Encapsulation enables the transmission of data over different network portions based on differing protocols.
ENIGMA -- ENIGMA is an important provider of network security applications. SafeWord AStm is a software authentication server that identifies users with dynamic passwords prior to the granting of access. This UNIX-based program identifies users at the point of connection to a TCP/IP network, and utilizes standard network authentication protocols.
ETHERIP -- Ethernet-within-IP Encapsulation
Ethernet -- A local area network that connects devices like computers, printers, and terminals. Ethernet operates over twisted-pair or coaxial cable at speeds at 10 or 100 Mbps.
Ethernet transceiver -- An Ethernet device that connects workstations to standard thick or thin Ethernet-style cable. This device sends and receives information and often offers data packet collision detection.
FDL -- Facilities Data Link
FECN -- Forward Explicit Congestion Notification
filter -- A set of rules that define what packets may pass through a network. Filters can use destinations, sources or protocols to determine what to do with packets. One of the packet's headers must contain information that matches the information in the rules or the packet filter will discard it. See also Firewall, Secure Access Firewall, Secure Access Manager.
filtering -- One type of filtering transmits a selected range of energy to suppress unwanted frequencies or noise. Another type of filtering removes specific characters received in a data communications channel. Filtering in a network is the assignment of parameters to block transmissions from one LAN to another. See Filter.
firewall -- A hardware/software tool that allows a network administrator to determine what type of users can access the resources on the network. The firewall provides a mechanism to monitor and funnel data from authorized users (only) through the firewall to and from the network. A firewall may be a software program that runs on a UNIX or other platforms or it may be a part of a proprietary operating system. A firewall by itself does not perform the routing function. See also Filter, Secure Access Firewall, Secure Access Manager.
FR (Frame Relay) -- A form of packet switching, but using smaller packets and less error checking than traditional forms of packet switching (such as X.25). Now a new international standard for efficiently handling high-speed, bursty data over wide area networks.
fractional T1 line -- A T1 line that contains both switched and nailed-up channels. T1 PRI and ISDN BRI lines can also be fractional T1 lines.
framing -- At the physical and data link layers of the OSI model, bits are fit into units called frames. Frames contain source and destination information, flags to designate the start and end of the frame, plus information about the integrity of the frame. All other information, such as network protocols, and the actual payload of data, is encapsulated in a packet, which is encapsulated in the frame.
FTP -- File Transfer Protocol
gateway -- Gateways are points of entrance to and exit from a communications network. Viewed as a physical entity, a gateway is that node that translates between two otherwise incompatible networks or network segments. Gateways perform code and protocol conversion to facilitate traffic between data highways of differing architecture. In OSI terms, a gateway is a device that provides mapping at all seven layers of the OSI model. A gateway can be thought of as a function within a system that enables communications with the outside world.
generic filters -- When creating filters, you can specify the Type of filter as Generic or IP. Generic filters define bits and bytes within a packet and can apply to any packet type, including TCP or IP. (IP filters relate to the TCP/IP/UDP protocol suite only.)
GGP -- Gateway-to-Gateway Protocol
GloBanD -- A European Switched Nx64 data service consisting of a single circuit whose bandwidth is a multiple of 64 kbps. This circuit consists of one or more B channels. For example, if a caller requests 512 kbps service, the line uses 8 B channels to supply the requested bandwidth. This service is available over T1 PRI lines only, and follows the CCITT Q.931 recommendation. It differs from MultiRate in being an overlay network, rather than an integral part of the worldwide switched digital infrastructure.
GRE -- Generic Routing Encapsulation
H0 channel -- In Switched-384 data service, a circuit consisting of 6 B channels, or 384 kbps.
H11 channel -- In Switched-1536 data service, a circuit consisting of 24 B channels, or 1536 kbps.
HDLC (High-level Data Link Control) -- A synchronous, bit-oriented Link Layer protocol for data transmission. Frame Relay is an example of an HDLC-based packet protocol.
HMP -- Host Monitoring Protocol
host -- A computer on a network.
HSSI -- High-Speed Serial Interface. A serial interface that operates at speeds up to 52 Mbps at distances up to 50 feet. It is similar to, but faster than, RS-232 and V.35 serial interfaces.
hunt group -- A group of channels that share the same phone number is called a hunt group. When a call comes in using the phone number assigned to the hunt group, the switch hunts for an available channel in the group.
hybrid LAN -- A hybrid network is one in which some links are capable of sending and receiving only analog signals while others handle digital signals only. Another definition is the division of a network into public and private sections.
ICMP (Internet Control Message Protocol) -- The Internet Control Message Protocol, ICMP is an error reporting mechanism that is an integral part of the IP suite. Gateways and hosts use ICMP to send reports of datagram problems back to the sender. ICMP also includes an echo request/reply function that tests whether a destination is reachable and responding. See also Ping.
idle disconnects -- A disconnect is defined as the breaking or release of a circuit connecting two telephones or data devices, an idle disconnect is a disconnect that occurs when no data is transmitted on a link in a specified amount of time.
IDPR -- Inter-Domain Policy Routing Protocol
IDRP -- Inter-Domain Routing Protocol
IEEE -- Institute of Electrical and Electronics Engineers. An organization that maintains the standards for 10BaseT and other communications standards.
IGMP -- Internet Group Management Protocol
IGP -- Interior Gateway Protocol
inband signaling -- A type of signaling in which a line uses 8 kbps of each 64 kbps channel for WAN synchronization and signaling. The remaining 56 kbps handle the transmission of user data. Another term for inband signaling is robbed-bit signaling. Robbed-bit refers to the 8 kbps of each channel used for signaling. T1 access lines containing one or more switched channels, and Switched-56 lines use inband signaling.
inverse multiplexer -- Equipment that performs inverse multiplexing at each end of a connection. An inverse multiplexer is also known as an inverse mux.
I-NLSP -- Integrated Net Layer Security Protocol
Internet gateway -- A gateway (see Gateway) for accessing the Internet, which is loosely defined as the complex of wide area networks joining government, university, corporate and private computers (nodes) in a vast web of network interconnection.
interoperability -- Interoperable devices are compatible with the devices and services of multiple vendors, and can be integrated into a generic network containing a wide range of vendor products. Interoperability is a significant factor among expansion considerations, since any device must have the versatility to function in an expanding network structure. The technical elements of interoperability may include a bundle of protocols and a flexible architecture to accommodate upgrades. A remote access server should include capabilities such as translation, encapsulation, filtering, etc., that enable internetworking.
inverse multiplexing -- A multiplexer is an electronic device that enables two or more signals to pass over a single communications circuit, whether analog or digital. An inverse multiplexer allows individually dialed channels across a network to be combined into a single, higher-speed data stream. Each end of the connection uses an inverse multiplexer, or inverse mux.
For example, suppose one site has three ISDN BRI lines connected to an inverse mux and another site has a T1 access line connected to an inverse mux. The user at the first site can place a 336 kbps call to the second site using inverse multiplexing. Because each BRI line has two 64 kbps channels (with 56 kbps reserved for data on each channel), the inverse mux places six individual calls over Switched-56 services to the answering T1-based inverse mux. The two inverse muxes combine the six calls into a single data stream at 336 kbps (6X56 kbps).
There are two types of inverse multiplexing: packet-level inverse multiplexing and circuit-level inverse multiplexing.
In packet-level inverse multiplexing, the inverse mux performs its function at the packet level using the MP or MPP protocol. One data packet goes over the first circuit, the next goes over the second circuit, and so on, until all the data packets are distributed over all the available circuits. The receiving end adjusts for network-induced delay and reassembles the data packets into their proper order. This inverse multiplexing technique is also referred to as load balancing. Telecommuting applications use packet-level inverse multiplexing.
In circuit-level inverse multiplexing, the inverse mux slices the data stream into equal portions, and transmits each portion over an available circuit. The receiving end adjusts for network-induced delay and reassembles the data packets into their proper order. The AIM and BONDING protocols define how circuit-level inverse multiplexing works. Applications that require transparent digital circuits, such as videoconferencing, nailed-up backup and overflow, and bulk file transfer applications, use circuit-level multiplexing.
inverse mux -- An inverse multiplexer.
IP -- Internet Protocol
IP address -- An address that uniquely identifies each host on a network or internet.
An IP address has a length of 32 bits, and is divided into four 8-bit parts, each separated by a period, as in 149.122.3.30. This kind of notation is called dotted decimal notation. Each part can consist of a number between 1 and 255.
An IP address consists of a network number and a host number. IP addresses come in three types: Class A, Class B, and Class C. The class of an IP address determines which portion of the address belongs to the network number and which portion belongs to the host number. The first bits of the IP address identify the class. The Internet's Network Information Center (NIC) determines the type of class assigned a network.
A Class A address starts with 0 as the class identifier, followed by 7 bits for the network number and 24 bits for the host number. Therefore, the first number in dotted decimal form is the network number; the next three numbers make up the host number. For example, in the IP address 127.120.3.8, the network number is 127 and the host number is 120.3.8. This type of address is used by the largest organizations, because this scheme allows for over 16 million different host numbers. However, it also limits network numbers to a total of 128.
A Class B address starts with binary 10 as the class identifier, followed by 14 bits for the network number and 16 bits for the host number. Therefore, the first two dotted decimal numbers comprise the network number, and the second two dotted decimal numbers comprise the host number. For example, in the IP address147.14.86.24, the network number is 147.14 and the host number is 86.24. More network numbers are available, but fewer hosts (approximately 65,000).
A Class C address starts with binary 110 as the class identifier, followed by 21 bits for the network number and 9 bits for the host number. Therefore, the first three dotted decimal numbers comprise the network number, and the last dotted decimal number comprises the host number. For example, in the IP address 225.135.38.42, the network number is 225.135.38 and the host number is 42. Many network numbers are available, but only 254 hosts per network number. The numbers 0 and 255 are reserved.
You can tell the type of class an IP address falls into by looking at the first 8-bit portion of the dotted decimal form of the address. Class A addresses begin with a number between 0 and 127. Class B addresses begin with a number between 128 and 223. Class C addresses begin with a number between 192 and 233.
In addition to an IP address, you can use a symbolic name provided by Domain Name Services (DNS) to designate an Internet address.
IP filters -- When defining filters, you can set the Type of filter to Generic or IP. If you set the type to IP, the filter can examine a TCP/IP/UDP data packets' source addresses, destination addresses, IP protocol type, port, or any combination of these.
IP subnet -- Internet Protocol subnet. An IP subnet or subnet mask is a way to subdivide a network into smaller networks, so you can have a greater number of computers on a network with a single IP address. The IP subnet is a number that you append to the IP address. For example, 195.112.56.75/14, 195.112.56.75/15, and 195.112.56.75/16 are all IP addresses with subnets of 14, 15, and 16.
IP switch -- A high-performance device designed for high-volume, large-scale public and private backbone applications. A switch is a device that can determine the destinations of large volumes of incoming packets and send them to the appropriate output ports at high speeds.
IPCP (Internet Protocol Control Protocol) -- Internet Protocol Control Protocol is responsible for configuring, enabling and disabling the IP protocol modules on both ends of a point-to-point link. The IP Control Protocol is tied to PPP, and is activated only when PPP reaches the network layer protocol phase. If IPCP packets are received prior to this phase, they should be discarded. Elements of IPCP include packet encapsulation, code fields and timeouts.
IPCU -- Internet Packet Core Utility
IPIP -- IP-within-IP Encapsulation Protocol
IPPC -- Internet Pluribus Packet Core
IPX (Internet Packet Exchange) -- Internet Packet eXchange , the NetWare LAN communications protocol used to move data between servers and workstation programs running on various network nodes. IPX packets are encapsulated and carried by Ethernet packet and Token Ring frames as appropriate.
IPX spoofing -- This is a procedure used by hackers and other unauthorized users which enables a user to mimic a legitimate network node, then gain access to data within a private network. Spoofing can lead to severe security breaches and damage to the integrity of a company's operations.
IPXCP -- Fulfills the same function as IPCP, but for IPX routing. See IPCP.
IPXWAN -- The WAN version of NetWare's IPX protocol.
IRTP -- Internet Reliable Transport Protocol
ISDN (Integrated Services Digital Network) -- Integrated Services Digital Network. A system that provides simultaneous voice and high-speed data transmission through a single channel to the user's premises. ISDN is an international standard for end-to-end digital transmission of voice, data, and signaling.
ISDN BRI line -- An ISDN Basic Rate Interface line that uses two B channels for user data, and one 16-kbps D channel for ISDN D-channel signaling. Both B channels can be switched, both channels can be nailed up, or one channel can be switched and the other nailed up. BRI stands for Basic Rate Interface. A line of this type can connect to standard voice service, Switched-56 data service, or Switched-64 data service.
ISDN D-channel signaling -- A type of signaling in which a D channel handles WAN synchronization and signaling, and the B channels carry the user data. Another term for ISDN D-channel signaling is out-of-band signaling. T1 PRI, E1 PRI, and ISDN BRI lines use ISDN D-channel signaling.
ISO 9001 -- ISO is the International Standards Organization, and is devoted to the definition of standards for international and national data communications. (The U.S. representative to the ISO is ANSI.3.) 9001 is the current set of ISO standards. Companies whose products are ISO certified reflect a high quality of consistency and quality.
ISO-IP -- International Standards Organization Internet Protocol
ISO-TP4 -- International Standards Organization Transport Protocol Class 4
ISP (Internet Service Provider) -- An Internet Service Provider is a company that provides access to the Internet. By establishing Points of Presence (POPs) containing remote access servers and additional devices, as well as a suite of user software packages, the Internet Service Provider acts as a commercial Internet on-ramp. Providers typically charge a monthly fee and supply technical support and advice to customers.
IXC -- Interexchange Carrier
Java -- An object-oriented programming language developed by Sun Microsystems, Inc. used to create applets that can be distributed over the World Wide Web. Java programs run inside a Java-enabled Web browser; otherwise they run inside a Java Virtual Machine (JVM).
kbps -- kilobits per second
LAN (Local Area Network) -- A network that interconnects devices over a geographically small area, typically in one building or a part of a building. The most popular LAN type is Ethernet, a 10 Mbps standard that works with 10BaseT, 10Base2, or 10Base5 cables. When you interconnect a single computer to the Pipeline with the crossover cable in your package, you are creating a two-node Ethernet network.
LAN packet display -- This is a display of packet performance over a specified time, whether measured graphically or by counters.
LAN/WAN connectivity -- This is the practical set of tools, from OS layer protocols to support services, that make a remote access device an effective link between LANs and WANs. An effective remote access server must include a host of communications and translation protocols to fulfill this function.
LAP-B -- A protocol called Link Access Procedure for B channels using packet switching mode.
LAP-D -- Link Access Protocol for the D channel. The protocol provides the setup mechanism to combine multiple channels into a single logical link as well as the normal administrative tasks of monitoring and controlling the flow of data over the B channels.
LAP-F -- A protocol called Link Access Procedure for Frame-mode bearer services.
LARP -- Locus Address Resolution Protocol
latency -- The minimum time required to move data from one point to another. Things that contribute to latency are:
1. Physical media, such as the time it takes electricity to go through copper, or light to go through fiber, plus physical interference from noise or other signals.
2. Set-up and tear-down time required regardless of the duration of a connection.
3. Signal interfaces, such as Ethernet, which consumes a minimum of 0.3 milliseconds (ms), or a 28.8 modem, which takes about 300 times longer.
4. Bottlenecks, such as the 50 ms it takes to squeeze data through a serial port.
5. Data conversions, such as digital to analog and analog to digital required by modems.
6. Compression, which may be unnecessary if you are only sending one or two characters, since the algorithm waits for data to yield better compression ratios.
Once latency is present, it cannot be optimized. The cause has to be removed (as in using an internal device rather than an external serial device to remove the latency caused by the serial port). To maximize throughput, use the highest bandwidth available. Assume ‘band speed’ to be constant--that is, all services go as fast as the medium allows.
For example, if the medium is copper, regardless if you are connecting to a T1 line or a single, digital voice line, the speed of the electrical signal through the copper is the same. The reason the T1 line is considered ‘faster’, is because its capacity (bandwidth) is greater (wider).
leased lines -- A circuit rented for exclusive use twenty-four hours a day, seven days a week from a telephone company. The connection exists between two predetermined points and cannot be switched to other locations.
LEC -- Local Exchange Carrier
line -- A physical interface to the WAN.
LLB -- Line Loopback
LLC -- Logical Link Control
loopback -- A test that enables the Ascend unit to place a call to itself over the WAN, and to send a user-specified number of packets over the connection. The loopback tests the Ascend unit's ability to initiate and receive calls, and diagnoses whether the connection over the digital access line and the WAN is sound. A local loopback can test whether the connection to local devices is sound.
LQM (Line Quality Monitoring) -- A feature that enables the Ascend unit to monitor the quality of a link.
LQM counts the number of packets sent across the link and periodically asks the remote end how many packets it has received. Discrepancies are evidence of packet loss and indicate link quality problems. The Ascend unit can tear down and reestablish a call if the problems on the link exceed a specified threshold.
MAC (Media Access Control) -- A system of rules used to move data from one physical medium to another.
MB -- megabytes
MBONE -- Multimedia Backbone
mbps -- megabits per second
MHRP -- Mobile Host Routing Protocol
MIB -- Management Information Base
MICP -- Mobile Internetworking Control Protocol
MIF -- Machine-to-Machine Interface Format
modem (MOdulator/DEModulator) -- A DCE (Data Circuit-Terminating Equipment) installed between a DTE (Data Terminal Equipment) and an analog transmission channel, such as a telephone line. A DTE refers to a device that an operator uses, such as a computer or a terminal. The DCE connects the DTE to a communications channel, such as a telephone line. A modem takes digital data from a DTE, translates (or modulates) the 1s and 0s into analog form, and sends the data over the channel. The receiving modem demodulates the analog signal into digital data and sends it to the DTE to which it is attached.
MP (Multilink PPP) -- A proposed standard for inverse multiplexing, a method of combining individually dialed channels into a single, higher-speed data stream. MP is an extension of PPP that supports the ordering of data packets across multiple channels.
multiplexing -- A method of letting users share one transmission line. In time division multiplexing, temporarily, each user has the full capacity of the line.
MPP (Multichannel Point-to-Point Protocol) -- A protocol that extends the capabilities of MP to support inverse multiplexing, session management, and bandwidth management. MPP allows you to combine up to 30 individual channels into a single high-speed connection.
MPP consists of two components: a low-level channel identification, error monitoring, and error recovery mechanism, and a session management level for supporting bandwidth modifications and diagnostics. MPP enables the Ascend unit to add or remove channels from a connection as bandwidth needs change without disconnecting the link. This capability is called Dynamic Bandwidth Allocation, or DBA.
Both the dialing side and the answering side of the link must support MPP. If only one side supports MPP, the connection uses MP or standard single-channel PPP.
MPP calls cannot combine an ISDN BRI channel with a channel on a T1 access line or a T1 PRI line.
MRRU -- Maximum Reconstructed Receive Unit
MRU -- Maximum Receive Unit
MTP -- Multicast Transport Protocol
MTU -- Maximum Transfer Unit
multicast forwarding -- A multicast forwarding table is built based on IGMP messages. Group memberships are created or refreshed in the multicast forwarding table. When IP multicast packets are received from the MBONE interface, the multicast forwarding table is used to distribute packets to multicast clients according to group membership. To communicate with multicast clients, IGMP queries are broadcast every 60 seconds, and based on responses, the table is updated.
MultiRate -- A data service consisting of a single circuit whose bandwidth is a multiple of 64 kbps. This circuit consists of one or more B channels. For example, a user can dial a first call at 384 kbps (using 6 B channels), and then dial at second call at 512 kbps (using 8 B channels). This service is available over T1 PRI lines only. MultiRate is also known as Switched Nx64 data service.
nailed line -- A permanent connection between endpoints over which two parties exchange data. A nailed line is also known as a private line or a leased line.
NAS -- Network Access Server
NetWare call filter -- A NetWare call filter is used to prevent Service Advertising Protocol (SAP) packets originating on the local IPX network from resetting the idle timer or initiating a call.
NFAS -- Non-Facility Associated Signaling
NFAS (Non-Facility Associated signaling) -- A special case of ISDN signaling in which two or more T1 PRI lines use the same D channel, and you can add a backup D channel. NFAS is required for Switched-1536 data service; because all 24 channels of the T1 PRI line carry user data, the D channel must be on another line.
NFS -- Network File System
NHRP -- Next Hop Resolution Protocol
NIC -- Network Information Center
NIS -- Network Information Service
NSFNET-IGP -- National Science Foundation Network Interior Gateway Protocol
NT1 (Network Terminator Type 1) -- An ISDN BRI line terminating device at the subscriber's location that provides line maintenance access, timing, and echo cancellation. NT1s may be built into other pieces of equipment or stand alone.
NVP-II -- Network Voice Protocol II
NVT ASCII -- Network Virtual Terminal ASCII
Octet -- Eight data bits.
OSI -- Open Systems Interconnection. A reference model used to describe layers of a network and the types of functions expected at each layer. The OSI model is used as a standard, letting developers of networks and communication systems rely on the presence of certain functions at certain places in a standard system.
Top to bottom, the seven layers are:
* application
* presentation
* session
* transport
* network
* data link
* physical
The physical and data link layers have to do with hardware, wires, signals on wires, and basic addressing functions, such as media access control (MAC). In the network layer, information from different networking protocols is distinguished, which is where the internet protocol (IP) functions. In the transport layer, data is packaged for transport in a size and organization appropriate for its intended environment. This is where transport control protocol (TCP) works. The session, presentation, and application layers keep information streaming in and convert it to a usable format.
OSPF -- Open Shortest Path First
packets -- A block of information sometimes called a cell, frame, data unit, service unit, or signaling unit. Although each of these elements do have unique attributes, in essence, all are packets.
packet-level inverse multiplexing -- A method of inverse multiplexing in which the inverse mux performs its function at the packet level using the MP or MPP protocol. One data packet goes over the first circuit, the next goes over the second circuit, and so on, until all the data packets are distributed over all the available circuits. The receiving end adjusts for network-induced delay and reassembles the data packets into their proper order. This inverse multiplexing technique is also referred to as load balancing. Telecommuting applications use packet-level inverse multiplexing.
PAP (Password Authentication Protocol) -- Password Authentication Protocol. A security protocol that uses password protection to allow access to a network or host.
parity -- In 7-bit communication, each device sends only the first 128 characters in the ASCII character set, because each of these characters can be represented by seven bits or fewer. Parity is a way for a device to determine whether it has received data exactly as the sending device transmitted it. Each device must determine whether it will use even parity, odd parity, or no parity.
The sending device adds the 1s in each string it sends and determines whether the sum is even or odd. Then, it adds an extra bit, called a parity bit, to the string. If even parity is in use, the parity bit makes the sum of the bits even; if odd parity is in use, the parity bit makes the sum of the bits odd. For example, if a device sends the binary number 1010101 under even parity, it adds a 0 (zero) to the end of the byte, because the sum of the 1s is already even. However, if it sends the same number under odd parity, it adds a 1 to the end of the byte in order to make the sum of the 1s an odd number.
The receiving device checks whether the sum of 1s in a character is even or odd. If the device is using even parity, the sum of 1s in a character should be even; if the device is using odd parity, the sums of bits in a character should be odd. If the sum of the bits does not equal the parity setting, the receiving device knows that an error has occurred during the transmission of the data.
For special ASCII characters (128-256), eight bits are necessary to represent the data. In 8-bit communication, no parity bit is used.
PBX (Private Branch Exchange) -- An internal telephone network, such as those used in large offices, in which one incoming number directs calls to various extensions and from one office to another.
PCM -- Pulse Coded Modulation
PDU -- Protocol Data Unit
Ping -- This is the command invoked on many systems to send ICMP echo requests. Ping has several versions. The most sophisticated Pings send a series of ICMP echo requests, capture responses, and corollary statistics regarding data packet loss. The user can determine the length of the ICMP request and designate an interval between tries.
PLL -- Permanent Logical Link
PND -- Present Next Digit
Point to Point link -- See Point-to-Point protocol (PPP).
POP (Point of Presence) -- This is a point-of-presence of an Internet service provider, used to facilitate remote users' access to the range of applications and IP addresses in the internetwork.
port -- A TCP/IP interface that defines a logical location in a computer where an application or process is running. By defining such a location, packets can be delivered to an application from a remote system, enabling remote interactivity.
There are certain ‘well-known ports’, such as port 21 used by FTP. Filters and firewalls make use of port addresses to restrict incoming and outgoing data and secure an environment.
The User Datagram Protocol (UDP) was developed to add the port address of an application or process to an IP packet, facilitating communication between applications over a network.
POST (Power-On Self Test) -- A diagnostic test the Ascend unit performs when it first starts up or after a system reset. While the yellow FAULT LED on the front panel remains solidly lit, the Ascend unit checks system memory, configuration, installed modules, and the T1 connections. If the Ascend unit fails any of these tests, the AFAULT (or CON) LED remains lit or blinks.
PPP (Point-to-Point Protocol) -- Provides a standard means of encapsulating data packets sent over a single-channel WAN link. It is the standard WAN encapsulation protocol for the interoperability of bridges and routers. PPP is also supported in workstations, allowing direct dial-up access from a personal computer to a corporate LAN or ISP. Using PPP ensures basic compatibility with non-Ascend devices. Both the dialing side and the answering side of the link must support PPP.
PRI -- Primary Rate Interface
PRM -- Packet Radio Measurement
promiscuous mode -- A Bridging parameter mode that determines that the Ethernet controller in the Ascend unit accepts all packets and passes them up the protocol stack for a higher-level decision on whether to route, bridge, or reject them. This mode is appropriate if you are using the Ascend unit as a bridge.
protocol -- A set of rules governing message exchange over a network or internetwork. Examples of commonly used protocols are TCP/IP (Transmission Control Protocol/Internet Protocol), PPP (Point-to-Point Protocol), and IPX (Internet Packet Exchange).
proxy ARP -- If the Pipeline is the default router on a network, then packets destined for any of the hosts on the network are sent to the Pipeline. If any of these hosts needs to respond to an ARP request (a request to provide its physical address so that a connection can be established), and the host is not on the local network (ARP requests are only broadcast on a local network), the Pipeline can respond on behalf of the remote host to establish the connection. This is possible when the Pipeline is set to function in Proxy Mode.
proxy mode -- A remote host can be assigned an IP address on the local network through its Connection profile on the Pipeline. Local hosts on the network see the remote host as if it were on the local network. When calls are made to the remote host, the Pipeline acts on behalf of the remote host and replies to requests and forwards packets. Proxy mode is enabled on the Pipeline via the Protocols section of the configuration software.
PSDN -- Packet-Switched Data Network. In a packet-switched network, no connection is required end-to-end. It is generally more efficient for data transfers and better for redundancy (where other circuits are automatically available if a line goes down).
PSTN -- Public Switched Telephone Network
PVC -- Permanent Virtual Circuit. A path that is maintained by the stations at each end. The circuit is through the packet-switched mesh, but stays up all the time, regardless of whether or not data is being transmitted. The benefit of a PVC is that there is no circuit set up time, since it is always up.
PVC -- Protocol Version Control
PVP -- Packet Video Protocol
RADIUS (Remote Authentication Dial In User Service) -- A protocol by which users can have access to secure networks through a centrally managed server. RADIUS provides authentication for a variety of services, such as login, dialback, SLIP, and PPP.
In a RADIUS query, the MAX provides a user ID and password to the server. The server sends back a complete profile, which specifies routing, packet filtering, destination-specific static routes, and usage restrictions specific to the user. In addition, the MAX can use the data in the RADIUS database to create and advertise static routes and to place outbound calls.
The communications channel between a RADIUS client and server is provided by UDP/IP, with messages acknowledged. The primary advantage in using RADIUS to authenticate incoming calls is that you can maintain all user information offline on a separate UNIX-based server. You store virtually all Connection Profile information on the RADIUS server in a flat ASCII database. This server can accept authentication requests from many machines, which makes swapping out one dial-in network server for another much easier. (For more information, refer to RFC 2058 and 2059.)
RARP -- Reverse Address Resolution Protocol
RBOC -- Regional Bell Operating Company
RDP -- Reliable Data Protocol
redundancy -- There are no perfect methods of transmitting signals--each one has inherent error rates, and all physical media is subject to damage. To safeguard against line and equipment failure during a transmission, a second, redundant line or unit can be active in the background to take over at any time. Network administrators always have a redundant (backup) module for multiplexers and other critical equipment.
Routers keep routing tables updated so that multiple paths to destinations in the network are always available.
Remote LAN Access -- The process of allowing branch offices, telecommuters, and traveling computer users to access the corporate LAN backbone over dedicated or dialed, digital or analog lines.
remote management -- A management feature that uses bandwidth between sites over the management subchannel established by the AIM (Ascend Inverse Multiplexing) protocol. Any Ascend unit can control, configure, and obtain statistical and diagnostic information about any other Ascend unit; multi-level security assures that unauthorized personnel do not have access to remote management functions.
REN -- Ringer Equivalency Number. The sum total of the ringer equivalency numbers of phone equipment attached to a Pipeline cannot exceed 3. Voltage on board the Pipeline is the current used to make the attached devices ring. If too many devices are daisy chained together, or the sum of the REN of the equipment attached to the Pipeline exceeds 3, the Pipeline won't be able to supply enough voltage to make the units ring. REN value is usually printed on the bottom of a unit, and it is listed in the unit's manual.
RFC (Request For Comments) -- The document series, begun in 1969, which describes the Internet suite of protocols and related experiments. Not all (in fact very few) RFCs describe Internet standards, but all Internet standards are written up as RFCs. The RFC series of documents is unusual in that the proposed protocols are forwarded by the Internet research and development community, acting on their own behalf, as opposed to the formally reviewed and standardized protocols that are promoted by organizations such as CCITT and ANSI. A complete list of RFCs can be found at www.internic.net/rfc/.
RI -- Ring Indicate
RIP (Routing Information Protocol) -- Routing information protocol teaches routers on a wide area network which routers have access to which addresses. This information is kept in a routing table on each router. As routers communicate with each other, they all update their routing tables to include each others' routing table information. In a large network environment, this exchange of information can keep the network connections up unnecessarily, and can result in very large routing tables on each router. You can apply a call filter to ignore RIP updates. You can also control how route information is propagated.
Router -- An interconnection device that can connect individual LANs. Unlike bridges, which logically connect at OSI layer 2, routers provide logical paths at OSI layer 3. Like bridges, remote sites can be connected using routers over dedicated or switched lines to create WANs.
Routing -- A device or setup that finds the best route between any two networks, even if there are several networks to traverse. (Contrast with bridge).
routing table -- A list of destinations known to the router. Routing tables are built and used based on three protocols:
* RIP - which continuously broadcasts routing updates every 30 seconds
* ICMP - which can dynamically redirect packets to a more efficient route
* ARP - which enables the Pipeline to respond to address queries with its own physical address
RPC -- Remote Procedure Call
RPM -- Remote Port Module
RS-# -- Recommended Service #
RS-232 -- A set of EIA standards specifying various electrical and mechanical characteristics for interfaces between DTE and DCE data communications devices. The standard applies to both synchronous and asynchronous binary data transmission at rates below 64 kbit/s.
RSVP -- Reservation Protocol
RTS -- Request To Send
Rubber Bandwidth -- A term used to describe a communications channel whose bandwidth can be increased or decreased without terminating and re-establishing the channel. Typically used with inverse multiplexing.
RVD -- MIT Remote Virtual Disk Protocol
S interface -- See S/T interface.
S/T interface -- n. The electrical interface between a network terminator (NT1) device and one or more ISDN communications devices that do not contain their own NT1s.
S/T-interface -- adj. Specifies an ISDN communications device that connects to an external network terminator (NT1).
SAM (Secure Access Manager) -- Secure Access Manager gives network administrators granular control over the security functions of the entire network directly from the central site. Through this Windows-based application, network administrators can configure the Secure Access Firewall(s) off-line and download the configuration to remote locations. The menu-driven program enables network administrators to easily configure the firewall on the network.
SAP -- Service Access Point
SAP filters -- See NetWare call filters.
SDRP -- Source Demand Routing Protocol
Secure Access Firewalls -- Secure Access Firewall is a software option for Ascend units that offers a fully integrated firewall security for remote networking. It uses state-of-the-art dynamic firewall technology to deliver a comprehensive security solution for the corporate LAN, remote office LAN and telecommuter's LAN that stops intruders from breaking and entering into networks. Securing the perimeter of the local network where it meets the Internet sets the stage for using the Internet for Intranet applications.
Secure ID -- A proprietary brand of security card (about the size of a credit card) that generates a code based on the user's ID, password, and information in the card. When the user attempts to log on to a secure network, a code is requested that must have been generated within the previous 60 seconds. The server interprets the code, and if it is found to be genuine, the user is granted access.
security cards -- See Secure ID.
SEP -- Sequential Exchange Protocol
serial communication -- Communication through the serial port of your computer. For Windows 3.1, the maximum speed of the serial port is 19,200. For Windows 95, the COM port limit on the settings drop-down list is 921,600. These limitations are subject to change as development of a faster serial bus design is implemented.
serial host -- A device, such as a videoconferencing codec, that is connected to a serial host port communicating over a point-to-point link. To a serial host, the MAX appears to be a cable or DCE (Data Communications Equipment).
serial host port -- The V.35, RS-499, or X.21 port on the MAX.
serial host port module -- A module on the MAX that connects to a serial host through its serial host port.
session -- The state a connection reaches when both parties can communicate with each other.
signaling types -- The sending device and the receiving device must send signals in order to synchronize their clocks and determine where one block of data ends and the next begins. Services use signaling types to maintain synchronization and transfer data effectively. Signals are either analog or digital. In-band signaling is used by POTS, where all of the information about the beginning and end of a call is carried on a single line. ISDN BRI uses two B channels to carry data and a D channel to carry signaling data.
SIP -- Simple Internet Protocol
SLIP (Serial Line IP) -- A protocol that enables your computer to send and receive IP packets over a serial link.
SMDS -- Switched Multimegabit Data Service. A packet-based network service allowing the creation of high-speed data networks (up to 45 Mbit/s). Now in the testing and initial implementation phases.
SMTP -- Simple Mail Transfer Protocol
SNAP -- SubNetwork Access Protocol
SNMP (Simple Network Management Protocol) -- A standard way for computers to share networking information. -- In SNMP, two types of communicating devices exist: agents and managers. An agent provides networking information to a manager application running on another computer. The agents and managers share a database of information, called the Management Information Base (MIB). An agent can use a message called a traps-PDU to send unsolicited information to the manager.
The MAX supports SNMP MIB II, T1 MIB, and Ascend Enterprise MIBs. You can therefore manage the MAX from a central SNMP manager, such as SunNet Manager™ or HP Open View™. Because the WAN interface is integrated into the MAX, you can manage it using the SNMP T1 MIB and Ascend Enterprise MIB. Most other kinds of WAN interfaces, such as channel banks, T1 muxes, and CSU/DSUs, cannot be incorporated into SNMP. The MAX can send alarms, call detail reporting, and other management information to an SNMP manager without being polled.
SNMP security is implemented using the community name sent with each request. Ascend supports two community names, one with read-only access, and the other with read/write access, to the MIB.
socket -- A TCP/IP interface that allows for a two-way link between two systems, letting applications run over a connection-less network. A socket is one end of a process that the application is using to communicate, and is defined by two addresses: the IP address of the host computer; and the port address of the application or process running on the host.
software compression -- Software compression removes waste and redundancy in a data file in order to save space and enable faster throughput. The results of compression depend on the content of each file being compressed: some contain a lot of waste, some contain almost none.
SPID (Service Profile Identifier) -- Service Profile Identifier. Your ISDN service provider (telephone company) uses this number at the Central Office switch to identify services on your ISDN line. This number is derived from a telephone number.
Stacks -- A stack is group of MAX units with a single stack name, acting as a single, logical unit. Stacks allow incoming (only) MP or MP+ calls to span multiple MAX units on a single LAN. There is no master unit in a stack. A MAX can become a member of a stack or leave a stack at any time, and there is no requirement to join a stack.
MAX units in a stack find each other using an Ethernet multicast packet. Since multicast packets are unlikely to cross a router, and high traffic demands created by a MP and MP+ calls, all members of a stack must reside on the same physical LAN.
straight-through cable -- A cable with wires that have terminating ends with the same wire assignments.
SWIPE -- IP with Encryption
SVC -- Switched Virtual Circuit. A path over a packet-switched network that appears to be a dedicated circuit, but in fact the connection only stays up as long as needed, and then ends. (Also see PVC.)
Switched-1536 -- A data service consisting of a single 1536 kbps circuit, called an H11 channel. The H11 channel is comprised of all 24 channels on the line. You must use two T1 PRI lines to access Switched-1536. One line carries the user data, and the other line contains the D-channel. NFAS is required for this data service because the D channel must be on a separate line. This service is available over T1 PRI lines only. Switched-1536 is also known as H11 data service.
Switched-384 -- A data service consisting of a single 384 kbps circuit, called an H0 channel. The H0 channel is comprised of 6 B channels. This service is available over T1 PRI lines only. Switched-384 is also known as H0 data service.
Switched-56 -- A data service consisting of a single 56 kbps channel. This service is available over any type of line. It is the only service available to T1 access lines and Switched-56 lines.
Because Switched-56 was the first available data service, both the service itself and the lines that accessed it were called Switched-56. However, any type of line can now access Switched-56 data service, and there are other new services in addition to Switched-56.
Switched-56 line -- A line that provides a single 56 kbps data channel with inband signaling.
Switched-64 -- A data service consisting of a single 64 kbps channel. This service is available over T1 PRI and ISDN BRI lines only.
symbolic name -- A name used in place of an IP address. A symbolic name consists of a user name and a domain name in the format user name@domain name. The user name corresponds to the host number in the IP address. The domain name corresponds to the network number in the IP address. A symbolic name might be steve@crocker.com or joanne@cal.edu.
synchronization -- In serial data transmission, a method of ensuring that the receiving end can recognize characters in the order in which the transmitting end sent them, and can know where one character ends and the next begins. Without synchronization, the receiving end would perceive data simply as a series of binary digits with no relation to one another. Synchronous communication relies on a clocking mechanism to synchronize the signals between the sending and receiving machines.
synchronous transmission -- A transmission mode in which the data moves in large blocks, called messages or frames. Both the sending device and the receiving device must maintain synchronization in order to determine where one block of data ends and the next begins. Synchronization can take one of these forms:
Each side can transmit a separate synchronizing signal, called a clock.
Each frame or message can contain synchronization information.
In the latter method, each block of data starts with one or more control characters, usually eight bytes long, called a SYNC. The receiver interprets the SYNC as a signal that it can start accepting data. Synchronous transmission can be up to 20 percent faster than asynchronous transmission.
T1 access line -- A 1.544 mbps T1 line that provides 24 56 kbps data channels and uses inband signaling. This type of line can contain all switched channels, all nailed-up channels, or a combination of switched and nailed-up channels. You can connect this type of line to standard voice or Switched-56 data services. Using a feature called Drop-and-Insert, the MAX can use a portion of a T1 access line for data purposes and pass the remaining portion of the line's bandwidth to a PBX for voice purposes.
T1 line -- A line that consists of 24 64 kbps channels. Two types of T1 lines are available: T1 access lines and T1 PRI lines.
T1 PRI line -- A T1 line that uses 23 B channels for user data, and one 64 kbps D channel for ISDN D-channel signaling. The B channels can be all switched, all nailed up, or a combination of switched and nailed up. This type of PRI line is a standard in North America, Japan, and Korea. PRI stands for Primary Rate Interface. You can connect this type of line to standard voice, or Switched-56, Switched-64, Switched-384, Switched-1536, and MultiRate data services. Using a feature called PRI-to-TI conversion, the MAX can share the bandwidth of a T1 PRI line with a PBX.
T3 -- A digital transmission link with a capacity of 45 Mbit/s, or 28 T1 lines.
TACACS (Terminal Access Concentrator Access Control Server) -- A very simple query/response protocol that enables the MAX to check a user's password, and enable or prevent access. A TACACS server supports only the basic password exchanges that PAP uses; it does not support CHAP.
Tariff -- Documents filed by a regulated telephone company with a state public utility commission or the Federal Communications Commission. Document details services, equipment, and pricing publicly offered by the telephone company.
terminal adapter -- A device that allows analog voice and data devices to work through an ISDN connection. The terminal adapter is a protocol converter that adapts equipment not designed for ISDN, such as phones, faxes, and modems.
TCP -- Transmission Control Protocol
Transmission Control Protocol/Internet Protocol -- A family of protocols that defines the format of data packets sent across a network, and is the communications standard for data transmission between different platforms. The TCP/IP family consists of the following protocols and services.
* Transport protocols - these protocols control data transmission between computers:
o TCP (Transmission Control Protocol)
o UDP (User Datagram Protocol)
* Routing protocols - these protocols control addressing and packet assembly, and determine the best route for a packet to take to arrive at its destination:
o IP (Internet Protocol)
o ICMP (Internet Control Message Protocol)
o RIP (Routing Information Protocol)
o OSPF (Open Shortest Path First)
* Gateway protocols - these protocols enable networks to share routing and status information:
o EGP (Exterior Gateway Protocol)
o GGP (Gateway-to-Gateway Protocol)
o IGP (Interior Gateway Protocol)
* Network address services and protocols - these services and protocols handle the way that each computer on a network is identified:
o DNS (Domain Name System)
o ARP (Address Resolution Protocol)
o RARP (Reverse Address Resolution Protocol)
* User services - these services provide applications a computer can use:
o BOOTP (Boot Protocol)
o FTP (File Transfer Protocol)
o Telnet
o Miscellaneous services
o NFS (Network File System)
o NIS (Network Information Service)
o RPC (Remote Procedure Call)
o SMTP (Simple Mail Transfer Protocol)
o SNMP (Simple Network Management Protocol)
TDM -- Time Division Multiplexer (or Time Division Multiplexing)
TE -- Terminal Equipment
Telecommuter -- A work-at-home computer user who connects to the corporate LAN backbone using remote access technologies (for example, using a modem over analog lines, ISDN Terminal Adapter (TA) or ISDN router over ISDN lines, or CSU/DSU over Switched 56 lines).
Telnet -- Terminal-to-remote host protocol developed for ARPAnet. It is the TCP/IP protocol governing the exchange of character-oriented terminal data. This protocol is used to link two computers in order to provide a terminal connection to the remote machine.
Instead of dialing into the computer, you connect to it over the Internet using Telnet. When you issue a Telnet session, you connect to the Telnet host and log in. The connection enables you to work with the remote machine as though you were a terminal connected to it.
If your MAX has an Ethernet card installed, you can remotely manage it by establishing a Telnet session to the remote unit from any Telnet workstation on the network and viewing the MAX interface on a Telnet VT-100 window. All Pipeline units except for the Pipeline 25 also support Telnet.
An IP host can use Telnet to emulate a terminal. When you use the MAX to initiate a terminal server session over Telnet or through the local Control/Console port, the session has a subset of the features available to a terminal server session over an asynchronous WAN link.
terminal -- A computer that does not have its own processor and that must connect to a terminal server in asynchronous mode in order to use its CPU. VT100, ANSI, and TTY are all types of terminals.
terminal emulator -- A program that makes your computer look like a terminal so that you can connect to a terminal server. Your computer acts like a terminal during the connection; all processing is taking place remotely. A terminal emulator is also called a terminal emulation program.
terminal server -- A terminal server is a computing device to which a terminal can connect over a LAN or WAN link. A terminal communicates with the terminal server over an asynchronous serial port (typically an RS-232 port) through a modem. A terminal converts the data it receives from the terminal server into a display and does no further processing of the data. A terminal also converts the operator's keystrokes into data for transmission to the terminal server.
terminal server session -- An end-to-end connection between a terminal and a terminal server. Usually, the terminal server session begins when the call goes on line and ends when the call disconnects.
A terminal server session can be either local or remote:
A local terminal server session takes place when a terminal (or a computer emulating a terminal) is connected to the Ascend unit's Control port, or when you open a Telnet connection to the Ascend unit from an IP host.
In either case, you select the TermServ command from the Sys Diag menu and press Enter to begin the terminal server session. A local terminal server session has access to only a subset of the commands available to a remote terminal server session.
A remote terminal server session takes place through a digital modem or through a V.110 or V.120 connection to the MAX.
A digital modem is a device that can communicate over a digital line (such as a T1 PRI line) with a station using a modem connected to an analog line. When you access a terminal server through a digital modem, V.110, or V.120 connection, the remote terminal server session begins immediately; you need not enter the TermServ command.
Using an integrated digital modem, the MAX allows a user to set up a remote terminal server session at raw data rates of up to 28,8 kbps, not including data compression. The MAX supports all the common capabilities of standard terminal servers, including Telnet, Domain Name Services (DNS), login and password control, call detail reporting, and authentication services.
Thick Ethernet -- A term that describes a type of Ethernet cable. Thick Ethernet, or thicknet, is .4" diameter coaxial cable for Ethernet networks.
Thin Ethernet -- A term that describes a type of Ethernet cable. Thin Ethernet, or thinnet, is .2" diameter coaxial cable for Ethernet networks.
U interface -- n. The electrical interface between an ISDN telephone line and a network terminator (NT1) device.
U-interface -- adj. Specifies an ISDN communications device that connects directly to an ISDN telephone line. A U-interface device contains its own network terminator (NT1).
UDP -- User Datagram Protocol
UTP -- Unshielded Twisted Pair
UTP cable -- Unshielded Twisted Pair cable. Two paired wires with wire twisted two or more times per inch to help cancel out noise.
V.120 -- V.120 is a standard for encapsulating asynchronous data communication into ISDN data streams, which are synchronous. Two computers can communicate over an ISDN connection, using their standard, asynchronous-only COM ports and a V.120 adapter, which can be connected externally or internally.
Videoconferencing -- The use of digital video transmission systems to communicate between sites using video and voice. Digital video transmission systems typically consist of camera, codec (coder-decoder), network access equipment, network, and audio system.
VT-100 -- An ASCII character data terminal, consisting of screen and keyboard. Manufactured by Digital Equipment Corporation (DEC), the VT-100 has become an industry standard data terminal. VT-100 emulation software allows a standard PC to act as a VT-100 terminal.
WAN -- Wide Area Network
Watchdog Spoofing -- NetWare servers send 'session keep alive' packets to clients who must return the packet to keep a session active. Ascend units can reply to NetWare Core Protocol (NCP) watchdog packets on behalf of clients on the other side of a bridge, causing the server to sense that the link is still active. Effectively imitating a return 'session keep alive' packet is called watchdog spoofing.
Wide Area Network -- A data network typically extending a LAN outside a building or beyond a campus, over IXC or LEC lines to link to other LANs at remote sites. Typically created by using bridges or routers to connect geographically separated LANs.
WINS (Windows Internet Name Service) -- Windows Internet Name Service (WINS) is a Microsoft product that manages the mapping between resource names (in the form of easy-to-remember nicknames) and IP addresses. The DNS service used on the Internet cannot map between IP addresses and local resource names dynamically. However, through dynamic database updates, WINS lets users access network resources via more user-friendly names instead of IP addresses.
WSN -- Wang Span Network
X.21 -- A set of CCITT specifications for an interface between DTE and DCE for synchronous operation on public data networks. Includes connector, electrical, and dialing specifications.
XNS IDP -- Xerox Networking System Internetwork Datagram Protocol