1. Home
  2. Networking
  3. Integrated cisco and unix network architectures

Internet, Intranet, and Extranet Terminology

Intranet and extranet concepts are understood differently by different people?for example, product manager, analysts, sales people, and engineers?in much the same way that VPNs are understood. For purposes of this discussion, however, an intranet is a trusted realm within a corporate organization that also can be geographically disperse and tied in via a VPN architecture.

Hub-and-spoke or partial-mesh physical or virtual topologies (architectures resulting from administrative considerations) are common, with the majority of the computing power and services located at the hub site (corporate headquarters). Any-to-any connectivity is rarely used in context with tunnel-based topologies because of administrative burden, difficulty of policy enforcement, and lack of scalability. MPLS VPNs are a different story because their design is not based on point-to-point tunnel links but a "point-to-cloud" paradigm. With all these choices, network administrators and architects have flexible and scalable measures to realize routing policies within a VPN, including topological measures, default-route injection, or route filters. Withholding routing information constitutes an excellent security mechanism.

An extranet usually refers to a lower trust level commonly separated via security measures such as firewalls, demilitarized network segments, and proxies from the actual intranet (as well as the Internet).

Extranets are deployed to support the requirements for limited and controlled connectivity to commercial partners, organizations, and other third parties.



    		Command Syntax Conventions
    		Chapter 1. Operating System Issues and Features-The Big Picture
    		Chapter 2. User-Space Routing Software
    		Chapter 3. Kernel Requirements for a Full-Featured Lab
    		Chapter 4. Gateway WAN/Metro Interfaces
    		Chapter 5. Ethernet and VLANs
    		Chapter 6. The Analyzer Toolbox, DHCP, and CDP
    		Chapter 7. The UNIX Routing and ARP Tables
    		Chapter 8. Static Routing Concepts
    		Chapter 9. Dynamic Routing Protocols-Interior Gateway Protocols
    		Chapter 10. ISP Connectivity with BGPv4-An Exterior Gateway Path-Vector Routing Protocol for Interdomain Routing
    		Chapter 11. VPN Technologies, Tunnel Interfaces, and Architectures
    		The Rationale for Tunnels in Routing Environments
    		The VPNC Concept of VPNs
    		The OSI Stack Perspective
    		Internet, Intranet, and Extranet Terminology
    		IP-IP Tunnel
    		Generic Router Encapsulation (GRE) Tunnel
    		Special Multicast and IPv6 Tunneling (RFC 2473, RFC 3053)
    		Cisco L2F (Layer 2 Forwarding)
    		PPTP (Point-to-Point Tunnel Protocol)
    		L2TP (Layer 2 Tunnel Protocol)
    		Mobile IP
    		User-Space Tunneling
    		IPSec Foundation
    		General Tunnel and Specific IPSec Caveats
    		Advice About IPSec Lab Scenarios
    		Road-Warrior Scenarios (Road Warrior-to-OpenBSD/FreeBSD Gateway with IKE)
    		Dynamic Routing Protocols over Point-to-Point Tunnels-Transparent Infrastructure VPN
    		Summary
    		Recommended Reading
    		Endnotes
    		Chapter 12. Designing for High Availability
    		Chapter 13. Policy Routing, Bandwidth Management, and QoS
    		Chapter 14. Multicast Architectures
    		Chapter 15. Network Address Translation
    		Appendix A. UNIX Kernel Configuration Files
    		Appendix B. The FreeBSD Netgraph Facility