CCNA HIGH POINTS

The combination of the Transport layer port number and the Network layer IP address assigned to the host uniquely identifies a particular process running on a specific host device. This combination is called a socket.

Dividing application data into pieces both ensures that data is transmitted within the limits of the media and that data from different applications can be multiplexed on to the media.

The key distinction between TCP and UDP is reliability. The reliability of TCP communication is performed using connection-oriented sessions. Before a host using TCP sends data to another host, the Transport layer initiates a process to create a connection with the destination. This connection enables the tracking of a session, or communication stream between the hosts. This process ensures that each host is aware of and prepared for the communication. A complete TCP conversation requires the establishment of a session between the hosts in both directions.

3 WAY HAND SHAKEStep 1

A TCP client begins the three-way handshake by sending a segment with the SYN (Synchronize Sequence Number) control flag set, indicating an initial value in the sequence number field in the header. This initial value for the sequence number, known as the Initial Sequence Number (ISN), is randomly chosen and is used to begin tracking the flow of data from the client to the server for this session. The ISN in the header of each segment is increased by one for each byte of data sent from the client to the server as the data conversation continues.

Step 2

The TCP server needs to acknowledge the receipt of the SYN segment from the client to establish the session from the client to the server. To do so, the server sends a segment back to the client with the ACK flag set indicating that the Acknowledgment number is significant. With this flag set in the segment, the client recognizes this as an acknowledgement that the server received the SYN from the TCP client.The value of the acknowledgment number field is equal to the client initial sequence number plus 1. This establishes a session from the client to the server. The ACK flag will remain set for the balance of the session. Recall that the conversation between the client and the server is actually two one-way sessions: one from the client to the server, and the other from the server to the client. In this second step of the three-way handshake, the server must initiate the response from the server to the client. To start this session, the server uses the SYN flag in the same way that the client did. It sets the SYN control flag in the header to establish a session from the server to the client. The SYN flag indicates that the initial value of the sequence number field is in the header. This value will be used to track the flow of data in this session from the server back to the client.

CCNA HIGH POINTS

Step 3

Finally, the TCP client responds with a segment containing an ACK that is the response to the TCP SYN sent by the server. There is no user data in this segment. The value in the acknowledgment number field contains one more than the initial sequence number received from the server. Once both sessions are established between client and server, all additional segments exchanged in this communication will have the ACK flag set. Security can be added to the data network by:

Denying the establishment of TCP sessions Only allowing sessions to be established for specific services Only allowing traffic as a part of already established sessions

TCP SESSION TERMINATION

To close a connection, the FIN (Finish) control flag in the segment header must be set. To end each one-way TCP session, a two-way handshake is used, consisting of a FIN segment and an ACK segment. Therefore, to terminate a single conversation supported by TCP, four exchanges are needed to end both sessions.

1. When the client has no more data to send in the stream, it sends a segment with the FIN flag set.

2. The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server.

3. The server sends a FIN to the client, to terminate the server to client session.

4. The client responds with an ACK to acknowledge the FIN from the server.

TCP ACK AND WINDOWING

TCP uses the acknowledgement number in segments sent back to the source to indicate the next byte in this session that the receiver expects to receive. This is called expectational acknowledgement. For example, starting with a sequence number of 2000, if 10 segments of 1000 bytes each were received, an acknowledgement number of 12001 would be returned to the source. The amount of data that a source can transmit before an acknowledgement must be received is called the window size. Window Size is a field in the TCP header that enables the management of lost data and flow control.

CCNA HIGH POINTS

The retransmission process is not specified by the RFC, but is left up to the particular implementation of TCP

Hosts today may also employ an optional feature called Selective Acknowledgements. If both hosts support Selective Acknowledgements, it is possible for the destination to acknowledge bytes in discontinuous segments and the host would only need to retransmit the missing data.

FLOW CONTROL

TCP also provides mechanisms for flow control. Flow control assists the reliability of TCP transmission by adjusting the effective rate of data flow between the two services in the session. When the source is informed that the specified amount of data in the segments is received, it can continue sending more data for this session.

This Window Size field in the TCP header specifies the amount of data that can be transmitted before an acknowledgement must be received. The initial window size is determined during the session startup via the three-way handshake.

TCP feedback mechanism adjusts the effective rate of data transmission to the maximum flow that the network and destination device can support without loss.

REDUCING WINDOW SIZE

Another way to control the data flow is to use dynamic window sizes. When network resources are constrained, TCP can reduce the window size to require that received segments be acknowledged more frequently. This effectively slows down the rate of transmission because the source waits for data to be acknowledged more frequently.

UDPThe UDP PDU is referred to as a datagram, although the terms segment and datagram are sometimes used interchangeably to describe a Transport layer PDU.

When multiple datagrams are sent to a destination, they may take different paths and arrive in the wrong order. UDP does not keep track of sequence numbers the way TCP does. UDP has no way to reorder the datagrams into their transmission order.

As with TCP, client/server communication is initiated by a client application that is requesting data from a server process. The UDP client process randomly selects a port number from the dynamic range of port numbers and uses this as the source port for the conversation. The destination port will usually be the Well Known or Registered port number assigned to the server process.

IPv4 CHARACTERISTICS

Connectionless

Best Effort(unreliable) and Media Independent.

CCNA HIGH POINTS

MEDIA INDEPENDENT

IPv4 and IPv6 operate independently of the media that carry the data at lower layers of the protocol stack.

It is the responsibility of the OSI Data Link layer to take an IP packet and prepare it for transmission over the communications medium. This means that the transport of IP packets is not limited to any particular medium.

There is, however, one major characteristic of the media that the Network layer considers: the maximum size of PDU that each medium can transport. This characteristic is referred to as the Maximum Transmission Unit (MTU). Part of the control communication between the Data Link layer and the Network layer is the establishment of a maximum size for the packet. The Data Link layer passes the MTU upward to the Network layer. The Network layer then determines how large to create the packets.

In some cases, an intermediary device - usually a router - will need to split up a packet when forwarding it from one media to a media with a smaller MTU. This process is called fragmenting the packet or fragmentation.

DATA LINK LAYER

The technique used for getting the frame on and off media is called the media access control method.

The description of a frame is a key element of each Data Link layer protocol. Data Link layer protocols require control information to enable the protocols to function. Control information may tell:

Which nodes are in communication with each other When communication between individual nodes begins and when it ends Which errors occurred while the nodes communicated Which nodes will communicate next

The Data Link layer prepares a packet for transport across the local media by encapsulating it with a header and a trailer to create a frame.

Unlike the other PDUs that have been discussed in this course, the Data Link layer frame includes:

Data - The packet from the Network layer Header - Contains control information, such as addressing, and is located at the

beginning of the PDU Trailer - Contains control information added to the end of the PDU

Data Link Sublayers

To support a wide variety of network functions, the Data Link layer is often divided into two sublayers: an upper sublayer and an lower sublayer.

CCNA HIGH POINTS

The upper sublayer defines the software processes that provide services to the Network layer protocols.

The lower sublayer defines the media access processes performed by the hardware.

Separating the Data Link layer into sublayers allows for one type of frame defined by the upper layer to access different types of media defined by the lower layer. Such is the case in many LAN technologies, including Ethernet.

The two common LAN sublayers are:

Logical Link Control

Logical Link Control (LLC) places information in the frame that identifies which Network layer protocol is being used for the frame. This information allows multiple Layer 3 protocols, such as IP and IPX, to utilize the same network interface and media.

Media Access Control

Media Access Control (MAC) provides Data Link layer addressing and delimiting of data according to the physical signaling requirements of the medium and the type of Data Link layer protocol in use.

There are two basic media access control methods for shared media:

o Controlled - Each node has its own time to use the medium o Contention-based - All nodes compete for the use of the medium

CCNA HIGH POINTS

Regulating the placement of data frames onto the media is known as media access control. Among the different implementations of the Data Link layer protocols, there are different methods of controlling access to the media. These media access control techniques define if and how the nodes share the media.

The method of media access control used depends on:

Media sharing - If and how the nodes share the media Topology - How the connection between the nodes appears to the Data Link layer

Logical and physical topologies typically used in networks are:

Point-to-Point Multi-Access Ring

Data Link layer protocols add a trailer to the end of each frame. The trailer is used to determine if the frame arrived without error. This process is called error detection.

Frame Check Sequence

The Frame Check Sequence (FCS) field is used to determine if errors occurred in the transmission and reception of the frame. Error detection is added at the Data Link layer because this is where data is transferred across the media.

To ensure that the content of the received frame at the destination matches that of the frame that left the source node, a transmitting node creates a logical summary of the contents of the frame. This is known as the cyclic redundancy check (CRC) value.

This value is placed in the Frame Check Sequence (FCS) field of the frame to represent the contents of the frame.When the frame arrives at the destination node, the receiving node calculates its own logical summary, or CRC, of the frame. The receiving node compares the two CRC values. If the two values are the same, the frame is considered to have arrived as transmitted. If the CRC value in the FCS differs from the CRC calculated at the receiving node, the frame is discarded.

CCNA HIGH POINTS

Interior Gateway Protocols (IGPs) can be classified as two types:

Distance vector routing protocols Link-state routing protocols

Distance Vector Routing Protocol Operation

Distance vector means that routes are advertised as vectors of distance and direction. Distance is defined in terms of a metric such as hop count and direction is simply the next-hop router or exit interface. Distance vector protocols typically use the Bellman-Ford algorithm for the best path route determination.

Some distance vector protocols periodically send complete routing tables to all connected neighbors. In large networks, these routing updates can become enormous, causing significant traffic on the links.

Although the Bellman-Ford algorithm eventually accumulates enough knowledge to maintain a database of reachable networks, the algorithm does not allow a router to know the exact topology of an internetwork. The router only knows the routing information received from its neighbors.

Distance vector protocols use routers as sign posts along the path to the final destination. The only information a router knows about a remote network is the distance or metric to reach that network and which path or interface to use to get there. Distance vector routing protocols do not have an actual map of the network topology.

Link-state Protocol Operation

In contrast to distance vector routing protocol operation, a router configured with a link-state routing protocol can create a "complete view" or topology of the network by gathering information from all of the other routers. To continue our analogy of sign posts, using a link-state routing protocol is like having a complete map of the network topology. The sign posts along the way from source to destination are not necessary, because all link-state routers are using an identical "map" of the network. A link-state router uses the link-state information to create a topology map and to select the best path to all destination networks in the topology.

BOUNDED UPDATES

Updates that are sent only to those routers that need the updated information instead of sending updates to all routers.

TRIGGERED UPDATE

A routing that is triggered by an event in the network.

CCNA HIGH POINTS

RANDOM JITTER

When multiple routers transmit routing updates at the same time on multi-access LAN segments (as shown in the animation), the update packets can collide and cause delays or consume too much bandwidth.

Note: Collisions are only an issue with hubs and not with switches.

The Solution

To prevent the synchronization of updates between routers, the Cisco IOS uses a random variable, called RIP_JITTER, which adds a variable amount of time to the update interval for each router in the network. This random jitter, or variable amount of time, ranges from 0% to 15% of the specified update interval. In this way, the update interval varies randomly in a range from 25 to 30 seconds for the default 30-second interval.

TRANSPORT LAYER

The Transport layer provides for the segmentation of data and the control necessary to reassemble these pieces into the various communication streams. Its primary responsibilities to accomplish this are:

Tracking the individual communication between applications on the source and destination hosts

Segmenting data and managing each piece Reassembling the segments into streams of application data Identifying the different applications