In today’s world you cannot survive without connectivity, imagine living a day without the internet, you may feel as if someone has imprisoned you, others may feel nausea and some can land in the hospital,;; Joking!, Living without your favorite apps even for a day is quite unimaginable and access to all these applications is only possible because of a Network and to run this network we need Network Devices, in our case the Mobile phone or our PC is acting as a network device but there are other important network devices which actually complete the network connectivity such as a home wifi-router

So whether it is a WAN link connecting DC DR or it’s an internal core network within a datacenter connecting different "applications and servers" or customers accessing your applications via internet all need different breeds of network devices; so lets have a look at these network devices which actually form the base of a Network in any datacenter or an office

Let’s start with the most basic device which is used for connecting 2 or more computers, yes, it’s called a Switch

Switch

Switch is a network device which helps create a LAN (Local Area Network) where you normally connect all your end devices such as Laptops, Desktops, printers, other switches to extend the LAN or routers to connect to a WAN

Switches have a different kind of a role when it comes to the Datacenter internal network, there you may find Huge L3 switches connecting hundreds of devices, switches run on the concept of MAC address which means they maintain a Mac Address table (Each port is mapped to a mac address); based on which they are able to transfer traffic between the different devices

Switches have a unique grouping mechanism called as VLANs (Virtual LANs) by which they can group multiple switch ports in a single group so that the devices connected to ports within that group can talk directly to each other without passing through a router (gateway), this is how basically Zones are created in a datacenter and separated logically, we may understand zones in detail in the later sections

Every single Device or a server in the datacenter is connected to a Switch to communicate on the LAN, I may have shown diagrams in the previous sections without a Switch but that was for only to create the diagrams simple otherwise none of the end devices such as servers may connect directly to a firewall, it always connects via a Switch, you can view the same in the diagram marked with a Red circle

Routers

Have you ever been stranded on a junction of 4 Roads and don’t have a clue as to which way to go and suddenly you find someone who tells you "that’s the road you need to take" and then you reach your destination, in this short story the guy who guided you to the correct path has acted as a router who routed you to the correct path to reach your destination

In computer network when you want to connect from one system which is in Mumbai to a server which is in Bangalore then you may need a lot of routers in between who keep on routing your computers traffic to the correct path so that you can reach your destination

So basically a router is a device which helps in routing the traffic based on the destination IP address, to give you some more clarity whenever your system tries to connect to any system which is far off on a different network then it basically breaks the data into small Network packets and each packet contains a network header which has the source and destination IP addresses and once this packet reaches the router, the router looks up the Destination IP address in its routing table and routes the traffic to the next HOP or device which can again route the packet towards its destination, and once the packet reaches the destination device it checks for the source address and again creates the response packet but in this case the previous source address is in the destination field so that all the routers in the path can check the destination field and route the packets accordingly, this is how communication happens on all kinds of networks

One more way to understand a router is that it always connects two different networks, if you are having a home network and trying to connect over internet then you definitely have a router which is doing the job for you, if you check the Default Gateway IP address in your systems IP settings; then that Default gateway address is the address of the router

The Internet or the WAN networks provided by ISPs are full of routers which are continuously routing traffic from one source to one destination

In the diagram, you can see how all routers are sitting at the edge of the networks and doing the routing

Please remember that every network packet is made up of a

• Source IP address

• Destination IP address

• Port Number

Firewall

Again let me give you an analogy of a human being to understand what a firewall is, imagine you are trying to enter a cinema theater and when you reach the gate you realize that you have lost your tickets; what's going to happen next?? Yup the security guy or the ticket checker is surely not going to allow you to go inside and watch the movie, that security guy is surely a Firewall which does not allow unauthorized people to pass through

A firewall is one of the most important security device in your environment as it protects you from all the bad people "Hackers" out there who want to steal, misuse, or in some way harm the organization

Ideally firewalls are placed on 2 locations; one is in your network and another is locally on your Endpoint (Laptop, Desktop, also a server), here I would only talk about Network firewalls because on Endpoints normally the firewall is disabled in corporate networks depending on your organizations policy

So basically, a network firewall would check the packet for the source and destination addresses and would validate the same against the policies in the firewall and make a decision whether the packet should be allowed further or not

Within a datacenter, you would always find 2 firewalls:

• Perimeter Firewall

• Core Firewall

The Perimeter firewall sits at the Edge of the internet scanning any traffic which is trying to come inside the datacenter from internet, it also hosts a zone called DMZ or perimeter zone where you would normally host your extranet servers, for example the Web servers where you allow the external customers to connect, site examples can be Net-banking or a corporate website, the firewall is hosted in such a way that it would at the most basic level check the source IP, the destination IP and the Port number

The core firewall sits at the core network separating the application and the database zones

Some basics we need to understand that the Web, Application, and database servers are always separated by a firewall for security reasons and only specific traffic is allowed between them

Load Balancers

Let me first clear off the fact that a load balancer is nothing but a network device

"Load Balancer" As the name suggests is something which balances the load for you and at the same time it helps in providing High Availability, lets understand how

The Load balancer always sits on top of not less than 2 devices performing the same activity, what I mean is that in a network imagine that there is a business critical application which has 2 instances (by now you must have figured out that instances means nothing but servers; it can be physical or virtual, don’t worry the details are there in the later sections), so we have 2 instances which would be hosting an application and providing services, now I want that if there are 100 requests coming in for the application then 50 requests should go to Instance 1 and 50 to instance 2, so to achieve that what we do is have all the network traffic first enter the Load Balancer then the load balancer would send the first request to instance 1 and the second request to instance 2 third request to instance 1 and the fourth request to instance 2 and so on, in this way each of the application server may get 50 requests each and the load of 100 requests is balanced between the 2 servers

Now this was the load balancing part but I also mentioned that it provides High availability so how does it do that, the load balancer has a probing mechanism by which It continuously monitors the interfaces of both the application servers if one of the application server goes down and the interface is not available then load balancer senses that instance 1 is down and it would route all traffic to Instance 2, so instance 2 has to take up all the load until the instance 1 comes up or fixed by the IT team, but during the period when instance 1 was down none of the End users or customers experienced any downtime (Non availability of services)

This is the reason why all financial services which we access nowadays are hardly unavailable

Note: Again, for Simplicity I have just shown minimum components in the diagram, for e.g. I am not showing the switches, the LB itself is also in HA which is also not shown in the diagram