.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
.gif){kind=small}
Acronyms, Constants & Phrases in Computing Systems
Copyright ©
2001-2005 K. Ramesh Babu, [email protected]
Updated 1/10/2005
5:41 PM
|
Acronym |
Expansion/Phrase |
Comments |
Reference: |
|
|
Application Protocol Design |
M. Rose. “On the Design of Application Protocols”. November 2001. |
|
|
AH |
Authentication Header |
This is part of the IPSec, an additional header, before the ESP, and after the IP header, to an otherwise normal IP datagram. |
|
|
BGP |
Border Gateway Protocol |
Inter autonomous system routing protocol. BGP is the only protocol that can support a very large number of routes. BGP is also designed to exchange information between routers that are not directly connected. |
|
|
BGP RR |
BGP Route Reflector |
Method of avoiding the need for full mesh of BGP speakers within an autonomous system. |
|
|
CAR |
Committed Access Rate |
See also CDR. |
|
|
CBQ |
Class Based Queuing |
|
Floyd, S., and Jacobson, V., Link-sharing and Resource Management Models for Packet Networks. IEEE/ACM Transactions on Networking, Vol. 3 No. 4, pp. 365-386, August 1995. |
|
CDR |
Committed Delivery Rate |
See also CAR. |
|
|
CIDR |
Classless Inter Domain Routing |
Good explanation of Supernetting as well. |
|
|
CIR |
Committed Information Rate |
See also MIR, PIR. |
|
|
|
Compulsory Tunneling |
“A Framework for IP Based Virtual Private Networks” |
http://www.ietf.org/rfc/rfc2764.txt, Section 6.2. |
|
|
Digital Signatures |
Sender uses private key to encode; receiver uses public key to decode. In practice, a subset of the sender’s document, a cryptographic hash, is what is encoded using the sender’s private key. |
|
|
DDOS |
Distributed Denial of Service |
TCP/IP SYN flooding into a server. |
|
|
|
DNS Round Robin |
A DNS serves different IP addresses for a given domain name, thereby providing a sort of server load balancing. |
|
|
DOCSIS |
Data Over Cable Service Interface Specification |
|
|
|
DOS |
Denial of Service |
TCP/IP SYN flooding into a server. |
|
|
DVB-ASI |
Digital Video Broadcast Asynchronous Serial Interface |
Established by the Digital Video Broadcasting standards group, DVB-ASI is a high-speed (270 Mbps) asynchronous serial interface used for distribution of digital video, audio, and data within cable headends or hubs. |
|
|
ECN |
Explicit Congestion Notification |
“The Addition of ECN to IP”, September 2001. This uses an ECN field in the IP header with two bits, making four ECN code points, ‘00’ to ‘11’. |
|
|
ERO |
Explicit Route Object |
One of the object types used in traffic engineering. |
|
|
ESP |
Encapsulating Security Payload |
This is part of the IPSec, an additional header, after the AH, and after the IP header, to an otherwise normal IP datagram. |
|
|
Firewalls |
|
|
|
|
FQ |
Fair Queuing |
“Per-flow state to achieve general fairness might be maintained by a per-flow scheduling algorithm such as Fair Queueing (FQ) …” |
Demers, A., Keshav, S., and Shenker, S., Analysis and Simulation of a Fair Queueing Algorithm, Internetworking: Research and Experience, Vol. 1, 1990, pp. 3-26. |
|
GBIC |
Gigabit Interface Converter |
A transceiver to convert electrical signals to optical signals and vice-versa. |
|
|
GFP |
Generic Framing Procedure |
ANSI standard Mappings of Ethernet, Fibre Channel, ESCON,
PPP, etc. over SONET/SDH. |
|
|
GFS |
Google File System |
Describes the choices made in designing the meta data server. |
Sanjay Ghemawat, Howard Gobioff, and Shun-Tak Leung. The Google File System. Communications of the ACM, October 2003, pp. 29-43. |
|
GGSN |
Gateway GPRS Support Node |
Cisco has a product offering: |
|
|
GPRS |
General Packet Radio Service |
|
|
|
GRE |
Generic Route Encapsulation |
Generic Routing Encapsulation (GRE) |
|
|
GSM |
Global System for Mobile
Communications |
|
|
|
|
Hardware Load Balancing |
A router/switch intercepts server requests. |
|
|
HSRP |
Hot Standby Routing Protocol |
Both active and the [hot] standby routers use virtual MAC and IP addresses for their interfaces towards the network that needs redundant routing. Cisco-defined. |
|
|
IKE |
Internet Key Exchange |
IETF chose IKE as the standard method of configuring security associations for IPSec. |
|
|
IKMP |
Internet Key Management Protocol |
Protocol used to construct security associations (SA). The IETF chose to break the process into two parts: IPSec provides the packet-level processing (using SA), while the Internet Key Management Protocol (IKMP) negotiates security associations. |
|
|
IPSec |
IPSec |
IPSec is one of the tunneling mechanisms over the Internet; the other is GRE. IPSec ensures confidentiality, integrity, and authenticity of data communications across a public IP network. IPSec allows for two modes of operation: (i) transport and (ii) tunnel. In transport mode, only the IP payload is encrypted, and the original IP headers are left intact. Unfortunately, by passing the IP header in the clear, transport mode allows an attacker to perform some traffic analysis. For example, an attacker could see when Cisco’s CEO sent a lot of packets to another CEO. In tunnel mode, the entire original IP datagram is encrypted, and it becomes the payload in a new IP packet. With tunnel mode, an attacker can only determine the tunnel endpoints and not the true source and destination of the tunneled packets, even if they are the same as the tunnel endpoints. |
|
|
IPSec SA |
IPSec SA |
The security association is unidirectional. (Just like an LSP). The security association is uniquely identified by a randomly chosen unique number called the security parameter index (SPI), and the destination IP address. In summary, the security association is simply a statement of the negotiated security policy between two devices. |
|
|
|
IPSec vs. FR, etc. |
VPN solutions based on either GRE or IPSec inherit all of the problems associated with the overlay model … In the area of QoS, the best that could be accomplished by the GRE or IPSec tunnels is to rely on differentiated services … One of the claimed advantages of using GRE or IPSec tunnels over leased lines, Frame Relay or ATM is the ability to extend the VPN service to any place connected to the Internet, rather than being limited to the scope of an ATM or Frame Relay network. In practice, this advantage is limited by the fact that when a GRE or IPSec tunnel spans multiple providers, the providers at the end of the tunnel have little or no influence on the path taken by the tunnel. |
Bruce Davie and Yakov Rekhter. MPLS: Technology and Applications. Morgan Kaufmann, 2000. p. 217. |
|
IP VPN |
IP-based VPNs |
“A Framework for IP Based Virtual Private Networks” |
http://www.ietf.org/rfc/rfc2764.txt, Section 6.2. |
|
LC-ATM |
Label Switching Controlled ATM Interface |
|
|
|
LMDS |
Local Multipoint Distribution Service |
http://www.lmdswireless.com/. This means that the base station can use a special type of radio that allows it to have a 90-degree field of view as opposed to having a specific radio installed on the base station for each radio installed at the client site. |
|
|
|
LSP Tunnel |
LSP is also generally referred to as LSP Tunnel. |
|
|
MIR |
Minimum Information Rate |
See also CIR, PIR. |
|
|
MMDS |
Multipoint Microwave Distribution System |
Fixed wireless access. MMDS is a line-of-sight service (see Fresnel Zone definition), so it won’t work well around mountains, but it will work in rural areas, where copper lines are not available. |
|
|
MPLS VPN |
|
Uses the peer model.
|
Bruce Davie and Yakov Rekhter. MPLS: Technology and Applications. Morgan Kaufmann, 2000. p. 218. |
|
|
Nested Tunnel |
In PPVPNs, a single nested tunnel is used between PE devices to support communication for VPNs. This results in reduction of tunnels to be maintained between PEs. |
Reference: August 2001 |
|
PHP |
Penultimate Hop Popping |
The egress router in an MPLS network normally has to make two lookups: (i) destination-based forwarding outside of the MPLS network and (ii) label pop. With PHP implemented, the egress router requests the penultimate LSR to do the popping, thereby streamlining the work at the egress router. |
|
|
PIR |
Peak Information Rate |
See also CIR, MIR. |
|
|
|
Public Key Cryptography |
Sender uses public key to encode; receiver uses private key to decode. |
|
|
|
Public Key Infrastructure |
Recommended by Shivaram. |
|
|
PPVPN |
Provider Provisioned VPN |
Discusses 3 types of VPNs: 1. BGP VPNs 2. Virtual routers 3. Port-based VPNs (Layer 2 for access) |
Reference:, August 2001 Reference:, February 2002 |
|
RED |
Random Early Detection |
“Recommendations on Queue Management and Congestion Avoidance in the Internet” |
|
|
RP |
Rendezvous Point |
Root in a shared multicast tree. |
|
|
RPR |
Resilient Packet Ring |
|
|
|
SA |
Security Association |
In IP Sec or IKE. Thus, it is desirable to use IPSec or IKE as adjectives along with SA. |
|
|
SAN |
System Area Network |
Used in defining a robust scalable architecture for N-tier enterprise applications. Intel-defined. Infiniband is the suggested medium for the System Area Network. |
|
|
SHA |
Secure Hash Algorithm |
One of the security algorithms used in IPSec that provides data integrity. The other is MD5. |
|
|
|
Server Load Balancing |
(i) DNS round robin; (ii) Hardware load balancing |
|
|
SOAP |
Simple Object Access Protocol |
SOAP overview at dcb.sun.com is very good introduction: “Where CORBA was a 600-pound semi-caged gorilla, Web services is a gazelle romping freely through the vast Internet preserves.” |
|
|
Soft PVC |
Soft PVC |
Soft PVC is PVC whose path is automatically changed around a failure. Thus, soft PVC is regarded as more robust than PVC. |
|
|
TCP/IP |
|
Easy-to-understand diagrams illustrate TCP/IP. |
|
|
|
Traffic Trunk |
A traffic trunk is an aggregation of traffic flows following the same path through the network and belonging to the same Class of Service (CoS). |
http://www.ietf.org/rfc/rfc2702.txt, Sec 3.0. |
|
|
Transparent VLAN Services over MPLS |
Removes the 4096-VLAN restrictions by???? |
|
|
UDDI |
Universal Description, Discovery, and Integration |
Dcb.sun.com has a very good overview. |
|
|
VC Merge |
Virtual Circuit Merge |
VC merge is a method of conserving label space in IP+MPLS+ATM networks. An implication is that enough buffering needs to be available within ATM switches to capture a complete AAL5 frame (of the IP traffic). |
|
|
VLL |
Virtual Leased Line |
|
ftp://ftp.isi.edu/in-notes/rfc2764.txt, Section 4.1. |
|
VMI |
Virtual Metropolitan Internetwork |
This is considered as a special case of PPVPN in this draft. |
|
|
VOQ |
Virtual Output Queue |
Virtual output queues avoid head-of-the-line blocking by creating separate virtual output queues on a single physical interface. |
|
|
VPDN |
Virtual Private Dial Network |
|
ftp://ftp.isi.edu/in-notes/rfc2764.txt, Section 6.1. |
|
VPLS |
Virtual Private LAN Segment |
|
ftp://ftp.isi.edu/in-notes/rfc2764.txt, Section 7.1. |
|
VPN |
Virtual Private Network |
VN VLAN VPDN VPN Overlay Layer 2 X.25 F/R ATM Layer 3 IPSec GRE Peer-to-Peer Access Lists (Shared router) Split Routing (Dedicated Router) MPLS-based An excellent analysis of security in VPNs is presented by Dr. Bernard Aboba of Microsoft at http://www.drizzle.com/~aboba/IEEE/. |
Ivan Pepelnjak and Jim Guichard. MPLS and VPN Architectures. Cisco Press, 2001, 424 pages. P. 143. |
|
VPN-ID |
Virtual Private Network Identifier |
This is a 7-octet quantity: 3 octets of organizationally unique identifier (OUI) and VPN index within the OUI. |
|
|
VPRN |
Virtual Private Routed Network |
“A Framework for IP Based Virtual Private Networks” |
ftp://ftp.isi.edu/in-notes/rfc2764.txt, Section 5.1. |
|
|
Voluntary Tunneling |
“A Framework for IP Based Virtual Private Networks” |
ftp://ftp.isi.edu/in-notes/rfc2764.txt, Section 6.3. |
|
VRRP |
Virtual Router Redundancy Protocol |
Similar to HSRP, but is a little more general. |
|
|
VRF |
Virtual Routing & Forwarding instance |
|
Ivan Pepelnjak and Jim Guichard. MPLS and VPN Architectures. Cisco Press, 2001, 424 pages. P. 150. |
|
WAFS |
Wide
Area File Services |
A
Core File Engine (Core FE) and a number of Edge File Engines (Edge FE) are
connected by a WAN link that carries a Cisco-proprietary to implement full
range of semantics of NFS (Sun) and CIFS (Microsoft) distributed file
systems. A key advantage is to enable centralization of file servers in the
data center. |
|
|
WSDL |
Web Services Description Language |
Gottshalk et al.: “… this architecture sets forth three roles and three operations. The three roles are the service provider, the service requester, and the service registry. The objects acted upon are the service and the service description, and the operations performed by the actors on these objects are publish, find, and bind.” |