chp 1 N chp 2

download chp 1 N chp 2

of 35

Transcript of chp 1 N chp 2

  • 8/6/2019 chp 1 N chp 2

    1/35

    OSI Reference Model

    Application-File, printing, message, database, and

    application services.

    Presentation-Data encryption / decryption, compression, and

    translating services.

    Session -Dialog control.

    Transport -End to end connection.

    Network -Routing.

    Data Link -Framing.

    Physical -Physical topology.

    Advantages of Using a Layered Model

    1. Allows a layer to be changed without impacting the rest of the model.2. Interoperability between network applications is improved by using a standard interface.3. Design and development efforts can be made in a modular fashion.4. Network operations and troubleshooting can be simplified.

    Five Conversion Steps of Data Encapsulation Data >> Segments >> Packets >> Frames >> Bits

    1. Upper layers convert and format the information into data and send it to the Transport Layer.2. The Transport layer turns the data into segments and adds headers then sends them to the

    Network layer.3. The Network layer receives the segments and converts them into packets and adds headerinformation (logical addressing) and sends them to the Data Link Layer.

    4. The Data Link layer receives the packets and converts them into frames and adds headerinformation (physical source and destination addresses) and sends the frames to the PhysicalLayer.

    5. The Physical layer receives the frames and converts them into bits to be put on the network

    medium.

  • 8/6/2019 chp 1 N chp 2

    2/35

    Application Layer

    The application layer is the OSI layer closest to the end user, which means that both the OSIapplication layer and the user interact directly with the software application. This layer interacts withsoftware applications that implement a communicating component. Such application programs falloutside the scope of the OSI model. Application-layer functions typically include identifying

    communication partners, determining resource availability, and synchronizing communication.

    When identifying communication partners, the application layer determines the identity andavailability of communication partners for an application with data to transmit. When determiningresource availability, the application layer must decide whether sufficient network resources for therequested communication exist. In synchronizing communication, all communication betweenapplications requires cooperation that is managed by the application layer.

    Two key types of application-layer implementations are TCP/IP applications and OSI applications.TCP/IP applications are protocols, such as Telnet, File Transfer Protocol (FTP), and Simple Mail TransferProtocol (SMTP), that exist in the Internet Protocol suite. OSI applications are protocols, such as FileTransfer, Access, and Management (FTAM), Virtual Terminal Protocol (VTP), and Common ManagementInformation Protocol (CMIP), that exist in the OSI suite.

    InternetworkingApplications

    WWW

    -Connects countless servers presenting diverse formats: multimedia, graphics, text, sound, andvideo. Applications such as Netscape Navigator, Internet Explorer, and Mosaic simplify accessing andviewing web sites.

    EMAIL

    -Versatile can use SMTP or X.400 to deliver messages between different email applications.

    Electronic Data Interchange

    -Composite of specialized standards that facilitates the flow of tasks such as accounting, shipping /receiving, and order and inventory tracking between business.

    Bulletin Boards

    -Includes Internet chat rooms, and sharing public domain software.

    Internet Navigation Utilities

    -Includes Gopher, WAIS, and search engines, e.g. Yahoo, Excite, and Alta Vista. Helps users locateresources and information on the Internet.

    Financial Transaction Services

    -They gather and sell information pertaining to investments and credit data to their subscribers.

    Back to Top

  • 8/6/2019 chp 1 N chp 2

    3/35

    Presentation Layer

    The presentation layer provides a variety ofcoding and conversion functions that are applied toapplication layer data. These functions ensure that information sent from the application layer of onesystem will be readable by the application layer of another system. Some examples of presentation-layercoding and conversion schemes include common data representation formats, conversion of character

    representation formats, common data compression schemes, and common data encryption schemes.

    Common data representation formats, or the use of standard image, sound, and video formats,enable the interchange of application data between different types of computer systems. Conversionschemes are used to exchange information with systems by using different text and data representations,such as EBCDIC and ASCII. Standard data compression schemes enable data that is compressed at thesource device to be properly decompressed at the destination. Standard data encryption schemes enabledata encrypted at the source device to be properly deciphered at the destination. Presentation-layerimplementations are not typically associated with a particular protocol stack. The following serve to directgraphic and visual image presentations:

    PICT

    -Picture format used by Mac and PowerPC programs for transferring Quick draw graphics.

    TIFF

    -Tagged Image File Format, a standard graphics format for high-resolution bitmapped images.

    JPEG

    -Joint Photographic Experts Group standards.

    MIDI

    -Musical Instrument Digital Interface, used for digitized music.

    MPEG

    -Moving Picture Experts Group, standard for compression and coding of motion video. Digitalstorage and bit rates up to 1.5 Mbps.

    Quicktime

    -Mac and PowerPC audio and video applications.

    Back to Top

    Session Layer

    The session layerestablishes, manages, and terminates communication sessionsbetweenpresentation layer entities. Communication sessions consist of service requests and service responsesthat occur between applications located in different network devices. These requests and responses arecoordinated by protocols implemented at the session layer. Some examples of session-layerimplementations include Zone Information Protocol (ZIP), the AppleTalk protocol that coordinates the

  • 8/6/2019 chp 1 N chp 2

    4/35

    name binding process; and Session Control Protocol (SCP), the DECnet Phase IV session-layerprotocol. Also provides dialog control between devices or nodes. Coordinates and organizescommunications between system by offering three different modes: simplex, half-duplex, and full-duplex.The layer basically keeps different applications' data separate from other applications' data.

    Session Layer Protocols and Interfaces

    NFS

    -Network File System, developed by Sun Microsystems and used with TCP/IP and Unix workstationsto allow transparent access to remote resources.

    SQL

    -Developed by IBM to provide users with a simpler way to define their information requirements onboth local and remote systems.

    RPC

    -A broad client / server redirection tool used for disparate service environment. Its procedures arecreated on clients and performed on servers.

    X Window

    -Widely used by intelligent terminals for communications with remote Unix computers, allowing themto operate as though they were locally attached monitors.

    AppleTalk Session Protocol

    -A client / server mechanism which establishes and maintains sessions between AppleTalk client andserver machines.

    Digital Network Architecture Session Control Protocol

    -A DECnet session layer protocol.

    Back to Top

    Transport Layer

    The transport layer implements reliable internetwork data transport services that are transparent toupper layers. Transport-layer functions typically include flow control, multiplexing, virtual circuitmanagement, and error checking and recovery. Services located in Transport layer both segment andreassemble data from upper layer applications and unite it onto the same data stream. They provide end-to-end data transport services and can establish a logical connection between the sending host anddestination host on an Internetwork. It also hides details of any network dependent information from thehigher layer by providing transparent data transfer.

    Flow Control

    -Data integrity is ensured by maintaining flow control and allowing users the option to request reliabledata transport between systems. Flow control manages data transmission between devices so that the

  • 8/6/2019 chp 1 N chp 2

    5/35

    transmitting device does not send more data than the receiving device can process. Reliable datatransport employs a connection-oriented communication session between systems. The protocols ensurethat the following are achieved:

    -segments delivered are acknowledged to sender upon delivery.

    -non acknowledged segments are re-sent.

    -segments are put back in sequence upon arrival at their destination.

    -a manageable data flow is maintained to avoid congestion, overloading, and data loss.

    Multiplexing

    The Transport layer is responsible for providing mechanisms for multiplexing upper layerapplications. Multiplexing enables data from several applications to be transmitted onto a single physicallink.

    Virtual Circuits

    Virtual circuits are established, maintained, and terminated by the transport layer.

    Error Checking and Recovery

    Error checking involves creating various mechanisms for detecting transmission errors, while errorrecovery involves taking an action, such as requesting that data be retransmitted, to resolve any errorsthat occur.

    Acknowledgments

    -Positive acknowledgement with retransmission ensures that reliable data delivery by requiring areceiving machine to send an acknowledgment message to the sender when it receives data. Thesending machine documents each segment sent and waits for an acknowledgment before sending thenext segment. Using windowing, the machine will transfer an agreed upon number of segments. If thereceiving machine receives all the segments intact, it will request the next segment of the next window. Ifit misses a segment, it will request the missing segment and will transmit a request for the next segmentof the next window, when the first window's segments are all received.

    -During a transfer, congestion can occur because high speed computers can generate data fasterthat the network can transfer it or because many computers are using the network and sendingdatagrams through a single gateway. When a machine receives a flood of datagrams, it stores them in abuffer. If the buffer fills, all additional datagrams are discarded. Transport can issue a "not ready" signalto stop a device from transmitting additional segments. Once the buffer is emptied, it sends a "ready"transport indicator. When the waiting machine receives this "go" signal, it continues where it left off. Toavoid failures in data transfers, the receiving host acknowledges every segment it receives.

    Connection-Oriented Communications

    -In reliable transport operations

    y One device first establishes a connection oriented session with is peer (Initiation)

  • 8/6/2019 chp 1 N chp 2

    6/35

    y Both host's application programs begin by notifying their individual Operating Systems that aconnection is about to be initiated. (Synchronization)

    y The two Operating Systems communicate by sending messages over the network confirming thatthe transfer is approved and both sides are ready for it to take place. (Negotiating)

    y Once the synchronization is complete, a connection is fully established and data transfer begins.(Established)

    y

    The data transfers. While the information is being transferred between hosts, the two machinesperiodically check in with each other, communicating through their protocol software to ensurethat all is going well and that data is being received properly.

    Windowing

    -A window is the number of segments that can be sent without receiving an acknowledgement.Windowing can increase the throughput for data exchanges by limiting the number of acknowledgmentsneeded for total segments transferred. Example: if the window size is three then an acknowledgment isrequired after the third segment is transferred.

    Back to Top

    Network Layer

    The Network layer provides routing and related functions that enable multiple data links to becombined into an internetwork. This is accomplished by the logical addressing (as opposed to thephysical addressing) of devices. The network layer supports both connection-oriented andconnectionless service from higher-layer protocols. Network-layer protocols typically are routing protocols,but other types of protocols are implemented at the network layer as well. Routers work at this level andprovide the routing services for an internetwork.

    Routing a Packet

    1. The router receives the packet and looks up the destination IP address.

    2. If the packet isn't destined for the router, the router looks for the destination address in the routingtable.

    3. Once the destination interface is found, the packet will be sent to the interface.4. At the destination interface, the packet is framed and sent out on the local network.

    -There are two types of packets at the Network layer.

    Data Packets

    -Used to transport user data through internetwork.

    -Uses routed protocols such as: IP and IPX.

    Router Update Packets

    -Used to update neighbor routers about networks connected to routers on the internetwork.

    -Routing protocols: RIP, EIGRP, OSPF.

    -Builds and maintains routing tables on each router.

  • 8/6/2019 chp 1 N chp 2

    7/35

    Routing Table

    Network Address

    -Protocol specific network addresses. A table is maintained for individual routing protocols sinceeach protocol keeps track of a network with a different addressing scheme.

    Interface

    -The interface the packet is sent out on when destined for a particular network.

    Metric

    -The distance to the remote network.

    -Routers breakup broadcast domains by not forwarding broadcast or multicast packets through arouter. They also breakup collision domains as each interface is a separate network.

    -Routers use logical addresses in a network layer header to determine the next hop router to forwardthe packet to.

    -Routers can use access lists to control security on packets entering or leaving an interface.

    -Routers can provide layer 2 bridging and can simultaneously route through the same interface

    -Routers provide connections between Virtual LANs. (VLANs)

    -Routers can provide Quality of Service for specific types of network traffic.

    Back to Top

    Network vs. Data Link LayerAddresses

    Network layer addressing is referred to as logical addressing, whereas Data Link layer addressinguses physical addresses. The physical address of a device can't be changed without removing orreplacing the hardware (physical address is burned into a NIC's ROM); while a logical address isconfigured in software and can be changed as needed.

    Data Link Layer

    The Data Link layer provides reliable transit of data across a physical network link. Different DataLink layer specifications define different network and protocol characteristics, including physical

    addressing, network topology, error notification, sequencing of frames, and flow control. The DataLink layer translates messages from the Network layer into bits for the Physical layer to transmit. Itformats messages into data frames and adds a customized header containing the source and destinationhardware addresses. Data Link layer is responsible for uniquely identifying each device on a localnetwork.

    y Physical addressing(as opposed to network addressing) defines how devices are addressed atthe data link layer.

  • 8/6/2019 chp 1 N chp 2

    8/35

    y Network topologyconsists of the data link layer specifications that often define how devices areto be physically connected, such as in a bus or a ring topology.

    y Error notification alerts upper-layer protocols that a transmission error has occurred, and thesequencing of data frames reorders frames that are transmitted out of sequence.

    y Flow controlmoderates the transmission of data so that the receiving device is not overwhelmed

    with more traffic than it can handle at one time.

    -When a packet is sent between routers, it is framed with control information at the Data Link layer.The information is removed at the destination router and only the original packet remains. If the packet isto go to another router, the framing process is repeated until it gets to the receiving host. The packet isnever altered, only encapsulated with control information to be passed on to the different media type.

    The IEEE has subdivided the data link layer into two sublayers: Logical Link Control(LLC) and MediaAccess Control(MAC).

    MAC (Media Access Control)

    The Media Access Control (MAC) sublayer of the data link layer manages protocol access to thephysical network medium. The IEEE MAC specification defines MAC addresses, which enable multiple

    devices to uniquely identify one another at the data link layer.

    --The MAC describes how a station schedules, transmits and receives data on a shared mediaenvironment.

    --Ensures reliable transfer of information across the link, synchronizes data transmission, recognizeserrors (doesn't correct them), and controls the flow of data.

    --Defines how packets are placed on the media.

    --Physical addressing is defined here as well as local topologies.

    --MAC example is Ethernet/802.3 and Token Ring/802.5

    --Line discipline, error notification, ordered delivery of frames, and optional flow control can be usedat this layer.

    --In General, MACs are only important in shared medium environments where multiple nodes canconnect to the same transmission medium.

    LLC (Logical Link Control)

    The Logical Link Control (LLC) sublayer of the data l ink layer manages communications betweendevices over a single link of a network. LLC is defined in the IEEE 802.2 specification and supports both

    connectionless and connection-oriented services used by higher-layer protocols. IEEE 802.2 defines anumber of fields in data link layer frames that enable multiple higher-layer protocols to share a singlephysical data link.

    --Responsible for identifying Network layer protocols and encapsulating them.

    --A LLC header tells the Data Link layer what to do with a packet once it is received.

    Switches and Bridges

  • 8/6/2019 chp 1 N chp 2

    9/35

    Work at Data Link layer and filter network using MAC addresses. Layer 2 switching is hardwarebased switching because it uses an ASIC (Application Specific Integrated Circuit).

    Switches and Bridges read each frame as it passes through, it then puts the source address in afilter table and keeps track of which port it was received on. This tells the switch where thatdevice is located.

    After a filter table is built, the device will only forward frames to the segment where the destinationaddress is located. If the destination device is on the same segment as the frame, the layer 2device will block it from being forwarded. If the destination is on another segment, the frame willonly be forwarded to that segment (transparent bridging).

    When a layer 2 device receives a frame and the destination is unknown to the device's filter table,it will forward the frame to all connected segments. If the unknown device replies, the filter tableis updated with that device's location.

    -Layer 2 devices (Switches / Bridges) propagate broadcast storms and the only way to prevent themis with a router.

    -Each port on a switch is in its own collision domain.

    -Switches allow all segments to transmit simultaneously.

    -Switches can't translate different media types.

    Back to Top

    Physical Layer

    The physical layer defines the electrical, mechanical, procedural, and functional specifications foractivating, maintaining, and deactivating the physical link between communicating network systems.Physical layer specifications define characteristics such as voltage levels, t iming of voltage changes,physical data rates, maximum transmission distances, and physical connectors. Physical-layerimplementations can be categorized as either LAN or WAN specifications.

    -The Physical layer has two responsibilities, send and receive bits (bits have a value of 1 or 0).

    -The interface between DCEs and DTEs is defined at the Physical layer.

    -The DCE is on the service provider side.

    -The DTE is the attached device, the services available to a DTE are accessed through a CSU/DSU.

    -HSSI Peer-based communications assumes intelligence in DCE and DTE devices.

    Hubs and Repeaters

    -Hubs are multiple port repeaters. A repeater receives a signal, regenerates the digital signal, andforwards it on all active ports. An active hub does the same thing. All devices plugged into a hub are onthe same collision and the same broadcast domains. Hubs don't look at any traffic that enters, it justforwards all traffic to all ports. Every device connected to the hub must listen if a device transmits.

  • 8/6/2019 chp 1 N chp 2

    10/35

    Understanding Data Encapsulation

    Data Encapsulation

    The sending and receiving of data from a source device to the destination device is possible with the help of networking protocols

    by using data encapsulation. The data is encapsulated with protocol information at each layer of the OSI reference model when a

    host transmits data to another device across a network. Each layer communicates with its neighbour layer on the destination.Each layer uses Protocol Data Units (PDUs) to communicate and exchange information.

    Protocol Data Unit (PDU)

    The Protocol Data Units contain the control information attached to the data at each layer. The information is attached to the

    header of the data field but can also be in end of the data field or trailer. PDUs are encapsulated by attaching them to the data at

    each layer of the OSI reference model. Each Protocol Data Unit has a name depending on the information each header has. This

    PDU information is only read by the neighbour layer on the destination and then is stripped off and the data is handed to the next

    layer.

    OSI Layer Model and PDUs

    The seven layered Open System Interconnection (OSI)layered model is basically defined for reducing the

    complexity of the internetworking. The OSI model is

    then divided into two segments for more ease, Upper

    layers and Data Flow layers. The 7th, 6th and 5th layer

    of the OSI reference model are application layers also

    known as upper layers. The upper layers are directly

    related with user interface while the 4rth, 3rd, 2nd and

    1st layer of the OSI model are also called data flow

    layers because they are related with the flow of the data.

    Each data flow layer has a Protocol Data Unit.

    The Protocol Data Unit of each data flow layers is defined as follows:

    y Transport Layer: Segment is the PDU of the Transport layer.

    y Network Layer: Packet is the PDU of the Transport layer.

    y Data Link Layer: Frame is the PDU of the Transport layer.

    y Physical Layer: Bit is the PDU of the Transport layer.

    Encapsulation and De-Encapsulation Process

    The encapsulation and de-encapsulation of header control information on each layer of the OSI reference model is as follows:

    Encapsulation

    The data encapsulation process is defined as below:

    TCP Header EncapsulationThe application-layers user data is converted for transmission on the network. The data stream is then handed down to the

    Transport layer, which sets up a virtual circuit to the destination. The data stream is then broken up, and a Transport layer header

    is created and called a segment. The header control information is attached to the Transport layer header of the data field. Each

    segment is sequenced so the data stream can be put back together on the destination exactly as transmitted.

    IP Header Encapsulation

  • 8/6/2019 chp 1 N chp 2

    11/35

    Each segment is then handed to the Network layer for logical addressing and routing through a routed protocol, for example IP,

    IPX, Apple Talk and DECNET etc. The Network-layer protocol adds a header to the segment handed down to the Data Link

    layer. Remember that the 3rd and 4rth layers work together to rebuild a data stream on a destination host. However, they have no

    responsibility for placing their Protocol Data Units on a local network segment, which is the only way to get the information to

    host or router.

    MAC Header Encapsulation

    The Data Link layer receives the packets from the Network layer and placing them on the network medium such as cable or

    wireless media. The Data Link layer encapsulates each packet in a frame, and the MAC header carries the source Mac address

    and destination Mac address. If the device is on a different network, then the frame is sent to a router to be routed through an

    internetwork.

    Physical Layer Encapsulation

    Once the frame gets to the destination network, a new frame is used to get the packet to the destination host. To put this frame on

    the network, it must first be put into a digital signal. Since a frame is really a logical group of 1s and 0s, the Physical layer of the

    OSI model is responsible for encapsulating these digits into a digital signal, which is read by devices on the same local network.

    De-Encapsulation

    On destination side, the receiving devices will synchronize on the digital signal and extract the 1s and 0s from the digital signal.

    At this point the devices build the frames, run a Cyclic Redundancy Check(CRC), and then check their output against the output

    in the Frame Check Sequence (FCS) field of the data frame. If the information matches then the packet is pulled from the frame,

    and the frame is discarded. This process is known as de-encapsulation. The packet then transfers to the Network layer, where the

    IP address is checked. If the IP address matches then the segment is pulled from the packet, and the packet is discarded. The data

    is processed at the Transport layer that rebuilds the data stream and acknowledges to the transmitting station that it received each

    piece of segment. It then happily transfers the data stream to the upper layer application.

    At a transmitting device, the data encapsulation method works as follows:

    y User information is converted into data for transmission on the network.

    y Data is converted into segments and a reliable or unreliable connection is set up between the source and destination

    devices using connection oriented and connectionless protocols.

    y Segments are converted into packets using a logical address such as IP datagram using an IP address.

    y Packets are converted into frames for transmission on the local network. Media Access Control (MAC) addresses

    orEthernet addresses are commonly used to uniquely identify hosts on a local network segment.

    y Frames are converted into bytes and bits, and a digital encoding and clocking or signalling method is used.

    Examples of Types of Service and Capabilities[1]

    Service Requirements Service Features

    Discovery and

    Configuration Services802.1AF, CDP, LLDP, LLDP-MED

  • 8/6/2019 chp 1 N chp 2

    12/35

    Security Services IBNS (802.1X), (CISF): port security, DHCP snooping, DAI, IPSG

    Network Identity and

    Access

    802.1X, MAB, Web-Auth

    802.1X, MAB, Web-Auth QoS marking, policing, queuing, deep packet inspection NBAR, etc.

    Intelligent Network

    Control Services

    PVST+, Rapid PVST+, EIGRP, OSPF, DTP, PAgP/LACP, UDLD, FlexLink, Portfast,

    UplinkFast, BackboneFast, LoopGuard, BPDUGuard, Port Security, RootGuard

    Physical Infrastructure

    Services Power over Ethernet

    Cisco Hierarchical Model

    There are three layers to the Cisco hierarchical model

    1. The core (backbone) layer provides optimal transport between sites.2. The distribution layer provides policy-based connectivity.3. The local-access layer provides workgroup/user access to the network.

  • 8/6/2019 chp 1 N chp 2

    13/35

    Core Layer

    y Responsible for transporting large amounts of traffic reliably and quickly.

    y Only purpose is to switch traffic as fast as possible (speed and latency are factors).

    y Failure at the Core layer can affect every user, design for fault tolerance at this level.

    y Design specifications

    Don't Do at this layer

    o Don't use access lists, packet filtering, or VLAN Routing.o Don't support workgroup access here.o Don't expand (i.e. more routers), upgrade devices instead (faster with more capacity).

    Do at this layer

    o Design for high reliability (FDDI, Fast Ethernet with redundant links, or ATM).o Design for speed and low latency.

    o Use routing protocols with low convergence times.

    Distribution Layer

    y Also called workgroup layer, this is the communication point between the access and core layers.

    y Primary functions include routing, filtering, WAN access, and determining how packets canaccess the Core layer if necessary.

    y Determines fastest/best path and sends request to the Core layer. Core layer will then quicklytransport the request to the correct service.

    y Place to implement network policies.Distribution LayerFunctions

    o Access lists, packet filtering, queuing.o Security and network policies such as address translation and firewalling.o Re-distribution between routing protocols including static routing.o Routing between VLANs and other workgroup support functions.o Departmental or workgroup access.o Definition of broadcast and multicast domains.o Any media transitions that need to occur.

    Access Layer

    y Controls local end user access to internetwork resources.

    y Also called desktop layer.

    y

    The resources most users need will be available locally.y Distribution layer handles traffic for remote services.

    y Continued use of access lists and filters.

    y Creation of separate collision domains (segmentation).

    y Workgroup connectivity at Distribution layer.

    y Technologies such as DDR and Ethernet switching are seen in the Access layer.

    y Static routing is here.

  • 8/6/2019 chp 1 N chp 2

    14/35

    Department of Defense Model of TCP/IPThe Department of Defense created TCP/IP to ensure and preserve date integrity. The DoD model is a

    condensed version of the OSI model and only has four layers.

    Corresponding Layers

    DoD Model OSI Model

    ProcessApplication Layer

    Application

    Presentation

    Session

    Host-to-Host Layer Transport

    Internet Layer Network

    Network Access Layer

    Data Link

    Physical

    Process Application Layer

    Defines protocols for node-to-node application communication and also controls user interface specifications.Consists of a set of services that provide ubiquitous access to all types of networks. Applications utilize theservices to communicate with other devices and remote applications

    Protocols and Applications

    Port Protocol Description

    23 Telnet Terminal Emulation (Telephone network)

    21 FTP Allows file transfers between computers (File Transfer Protocol)

  • 8/6/2019 chp 1 N chp 2

    15/35

    69 TFTPHave to know what you want and where it is on the server, no directory browsing, no

    user authentication (Trivial File Transfer Protocol)

    2049 NFS Allows remote file systems to be mounted as local (Network File System)

    25 SMTP Used to send mail between mail servers (Simple Mail Transfer Protocol)

    515 LPD Used for print sharing of network printers with TCP/IP (Line Printer Daemon)

    161 SNMP Collect and manipulates network information (Simple Network Management Protocol)

    53 DNS Resolves FQDN to IP addresses (Domain Name Service)

    67 BootP Used by diskless workstations to receive boot file and other information via TFTP

    DHCP

    Assigns IP addresses to hosts from a pool. Can send IP address, Subnet mask,

    Domain Name, Default Gateway, DNS IP, WINS info. (Dynamic Host Configuration

    Protocol)

    Host-to-Host Layer

    This layer shields the upper layers from the process of sending data. Also provides an end-to-end connectionbetween two devices during communication by performing sequencing, acknowledgments, checksums, and flowcontrol. Applications using services at this layer can use two different protocols: TCP and UDP.

    Protocols at the Host-to-Host Layer are:

    TCP (Transmission Control Protocol)

    TCP provides a connection-oriented, reliable services to the applications that use its services.Main Functions of TCP

    Segments application layer data stream--

    TCP accepts data from applications and segments it into a desirable size for transmission between itself

    and the remote devices. The segment size is determined while TCP is negotiating the connection between

    the two devices. Either device can dictate the segment size.

    Provides acknowledgment times--

    TCP maintains timers to identify when packets have taken too long to get to their destination. When an

  • 8/6/2019 chp 1 N chp 2

    16/35

    acknowledgment is not received for a packet and the timer expires, TCP will resend the packet to the

    destination.

    Enables sequence number checking--

    TCP/IP uses sequence numbers to ensure that all packets sent by an application on one device are read in

    the correct order by an application on another device. The packets might not be received at the transport

    layer in the correct order, but TCP sequences them in their original order before passing them to the

    application layer.

    Provides buffer management--

    Any time two devices are communicating, the possibility exists that one device can send data faster than

    the other can accept it. If this happens, the receiving device puts the extra packets into a buffer to be read

    at the first chance it gets. When this data overflow persists, however, the buffer is eventually filled and

    packets begin to drop. TCP performs some preventive maintenance called flow control to avoid the

    problem.

    Initiates connections with 3-way handshake--

    TCP uses the concept of the three-way handshake to initiate a connection between two devices. A TCP

    connection begins with a device sending a request to synchronize sequence numbers (a SYN packet) and

    initiate a connection. The other device receives the message and responds with a SYN message and the

    sequence number increased by one. The first device responds by sending an acknowledgment message

    (an ACK) to the second device, indicating that the device received the sequence number it expected.

    Performs error and duplication checking--

    TCP uses a checksum to identify packets that have changed during transport. If a device receives a packet

    with a bad checksum, it drops the packet and does not send an acknowledgment for the packet. So the

    sending device will resend the packet. Any time TCP receives a duplicate packet it will drop the duplicate.

    Performs acknowledgment windowing--

    Any time a TCP device sends data to another device, it must wait for the acknowledgment that this data

    was received, To increase the bandwidth utilization, TCP can change the window size. Whatever the

    window size is negotiated to be, acknowledgments will only be sent after that many packets have been

    received at the receiving device. TCP sets the window size dynamically during a connection, allowing

    either device involved in the communication to slow down the sending data rate based on the other devices

    capacity. This process is known as sliding windowbecause of TCP's ability to change the window size

    dynamically.

    TCP Overview

    Before data is sent, the transmitting host contacts the receiving host to set up a connection known as a virtualcircuit. This makes TCP connection-oriented. During the handshake the two hosts agree upon the amount ofinformation to be sent before an acknowledgment is needed (Windowing). TCP takes the large blocks of data fromthe upper layers and breaks them up into segments that it numbers and sequences. TCP will the pass thesegments to the network layer, which will route them through the Internetwork. The receiving TCP can put thesegments back into order. After packets are sent, TCP waits for an acknowledgment from the receiving end of thevirtual circuit. If no acknowledgment is received then the sending host will retransmit the segment.

  • 8/6/2019 chp 1 N chp 2

    17/35

    TCP Header Information

    Source Port Number

    16 bits

    (Number of calling port)

    Destination

    Port

    Number

    16 bits

    (Number

    of called

    port)

    Sequence Number

    32 bits

    (Number to ensure proper sequence of data.)

    Acknowledgment Number

    32-bits

    (Identifies next segment expected)

    Header Length

    4 bits

    (Number of 32

    bit words in

    header)

    Reserved

    6 bits

    (Always 0)

    Code bits

    6 bits

    (Identifies type of segment, setup/termination of

    session)

    Window

    size

    16 bits

    (Number

    of octets

    the device

    is willing

    to accept)

    TCP Checksum

    16 bits

    (Used to ensure data integrity)

    UrgentPointer

    16 bits

    (Indicates

    end of

    urgent

    data)

    Options

    0 or 32 bits

    (Identifies maximum segment size)

    Data

    UDP (UserDatagram Protocol)

    UDP transports information that doesn't require reliable delivery; therefore it can have less overhead than TCP

  • 8/6/2019 chp 1 N chp 2

    18/35

    as no sequencing or acknowledgments are used. NFS and SNMP use UDP for their sessions, the applicationshave their own methods to ensure reliability. UDP receives blocks of information from the upper layers, which itbreaks into segments. It gives each segment a number, sends it, and then forgets about it. No acknowledgments,no virtual circuits, connectionless protocol.

    UDPH

    eaderF

    ormat

    Source Port Number

    16 bits

    (Number of calling port)

    Destination Port Number

    16 bits

    (Number of called port)

    UDP Length

    16 bits

    (Length of UDP in bytes)

    UDP Checksum

    16 bits

    (Used to ensure data integrity)

    Data

    Differences between TCP andUDP

    Differences Between TCP and UDP

    TCP UDP

    Sequenced Unsequenced

    Reliable -sequence numbers,

    acknowledgments, and 3-way

    handshake

    Unreliable -best effort only

    Connection Oriented Connectionless

    Virtual Circuits Low Overhead

    Checksum for Error Checking Checksum for Error Checking

    Uses buffer management to

    avoid overflow, uses sliding

    window to maximize bandwidth

    efficiency

    No flow control

  • 8/6/2019 chp 1 N chp 2

    19/35

    Assigns datagram size

    dynamically for efficiency

    Every datagram segment is the

    same size

    TCP and UDP Port Numbers

    TCP and UDP use port numbers to communicate with the upper layers. Port numbers keep track of differentsessions across the network. The source port will be above 1024 (unprivileged). 1023 and below (privileged) areknown as well known ports and are assigned to common protocols. TCP and upper layer don't use hardware(MAC) and logical (IP) addresses to see the host's address; instead they use port numbers.

    Internet Layer

    The Internet Layer exists for routing and providing a single network interface to the upper layers. IP providesthe single network interface for the upper layers.

    Protocols at the Internet Layer are:

    IP (Internet Protocol)

    The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and somecontrol information that enables packets to be routed. IP has two primary responsibilities: providing

    connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation andreassembly of datagrams to support data links with different maximum-transmission unit (MTU) sizes.

    All machines on a TCP/IP network have a unique logical address, an IP address. The Internet Layer (IP) has acomplete picture of the entire network and is responsible for path determination and packet switching. IP is thetransport for TCP, UDP, and ICMP and provides an unreliable service. It lets the upper layer protocols that use itworry about reliability. IP will perform as a connectionless service because it handles each datagram as anindependent entity. IP performs packet switching and path determination by maintaining tables that indicate whereto send a packet based on its IP address. IP gets the destination address from the packet. IP receives segmentsfrom the Host-to-Host layer and fragments them into packets. IP will then reassemble the packets into segmentson the receiving end to send to the Host-to-Host layer. Each packet has the source and destination IP address.Each router will make path determinations based on the destination IP address.

    ICMP (InternetControlMessage Protocol)

    The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that provides messagepackets to report errors and other information regarding IP packet processing back to the source. ICMP utilizes IPto carry the ICMP data within it through a network.

    ICMP Messages

  • 8/6/2019 chp 1 N chp 2

    20/35

    ICMPs generate several kinds of useful messages, including Destination Unreachable, Echo Request andReply, Redirect, Time Exceeded, and Router Advertisement and Router Solicitation. If an ICMP message cannotbe delivered, no second one is generated. This is to avoid an endless flood of ICMP messages.

    When an ICMP destination-unreachable messageis sent by a router, it means that the router is unable to

    send the package to its final destination. The router then discards the original packet. Destination-unreachablemessages include four basic types: network unreachable, host unreachable, protocol unreachable, and portunreachable.

    y Network-unreachablemessages usually mean that a failure has occurred in the routing or addressing of apacket.

    y Host-unreachablemessages usually indicates delivery failure, such as a wrong subnet mask.

    y Protocol-unreachablemessages generally mean that the destination does not support the upper-layerprotocol specified in the packet.

    y Port-unreachable messages imply that the TCP socket or port is not available.

    An ICMP echo-requestmessage, which is generated by the ping command, is sent by any host to test nodereachability across an internetwork. The ICMP echo-reply message indicates that the node can be successfully

    reached. PING - Packet Internet Gropher, uses echo message to test physical connectivity.

    An ICMP Redirect message is sent by the router to the source host to stimulate more efficient routing. Therouter still forwards the original packet to the destination. ICMP redirects allow host routing tables to remain smallbecause it is necessary to know the address of only one router, even if that router does not provide the best path.Even after receiving an ICMP Redirect message, some devices might continue using the less-efficient route.

    An ICMP Time-exceeded message is sent by the router if an IP packet's Time-to-Live field (expressed in hopsor seconds) reaches zero. The Time-to-Live field prevents packets from continuously circulating the internetwork ifthe internetwork contains a routing loop. Routers discard packets that have reached their maximum hop count andtell the source machine that the packet is expired. Traceroute - uses ICMP timeouts to find the path a packet

    takes through the internetwork.

    ARP (Address Resolution Protocol)

    Used to find the MAC address from the known IP address. ARP sends a broadcast asking for the machine withthe specified IP address to respond with its MAC address. If two devices want to communicate, the first device cansend a broadcast ARP message requesting the physical address for a specified IP address. The receiving deviceresponds with its IP address and the first device maintains the entry in its ARP cache. If a device doesn't exist onthe same subnet, the sending device addresses the the default gateway's physical address and sends the packetto the default gateway.

    RARP Reverse Address Resolution Protocol)

    This protocol is used to find an IP address when the MAC address is known. A machine sends a broadcast

    with its MAC address and requests its IP address. An example of a device that uses RARP is a disklessworkstation. Since it can't store its logical network address, it sends its MAC address to a RARP server to requestsits IP address. A RARP server responds to the RARP request with the device's IP address.

    Network Access Layer

  • 8/6/2019 chp 1 N chp 2

    21/35

    The Network Access Layer monitors the data exchange between the host and the network. Oversees MACaddressing and defines protocols for the physical transmission of data.

    DOD Model and TCP/IP

    Ethernet Networking

    Ethernet is a contention media access method that allows all hosts on a network to share thebandwidth of a link, is specified at the Data Link layer, and uses specific physical layer cabling andsignaling techniques. Ethernet networking uses Carrier Sense Multiple Access with Collision Detection(CSMA/CD) to share the bandwidth without having two devices transmit at the same time on the networkmedium. When a node transmits in a CSMA/CD environment, all the other nodes receive and examinethe packet to see if it is destined for them, bridges and routers prevent the transmission from propagatingthroughout the internetwork.

    CSMA/CD

    1. Carrier Sense a workstation listens to the network to ensure that there aren't any other stationstransmitting when it wants to transmit.

    2. If the network is quiet for a period of time called IFG (InterFrame Gap), the station may transmit.3. The network is continuously monitored if it is determined to be busy. Once the IFG is observed,

    the station may transmit.4. When two or more stations are listening at the same time and determine the network is free and

    then try to transmit at the same time, a collision will occur and destroy both packets. The networkis monitored during transmissions to detect collisions.

    5. Transmission is stopped immediately if the station detects a collision on the network during itstransmission. A signal is sent on the network to indicate that a collision has occurred and informsall stations to disregard all corrupted packets they may have been receiving.

  • 8/6/2019 chp 1 N chp 2

    22/35

    6. A random backoff algorithm is applied to determine how long each station that had a collisionduring its transmission will have to wait to retransmit.

    7. Starts over at step one to repeat the transmitting process.

    Since Ethernet networks are connected with repeaters to extend the network, whenever a collisionoccurs it is repeated on each adjoining segment.H

    ow some LA

    NH

    ardware treats collisions:

    y A repeater receives and immediately retransmits each bit; it doesnt depend on any particularprotocol, it simply duplicates everything, including the collisions.

    y A bridge receives the entire message into memory. If the message was damaged by a collision ornoise, it is discarded. Otherwise, the message is queued up and will be retransmitted ontoanother Ethernet cable. The bridge has no address. Its actions are transparent to the client andserver workstations.

    y A router acts as an agent to receive and forward messages. The router has an address and isknown to the client or server machines. Typically, machines directly send messages to each otherwhen they are on the same cable, and they send the router messages addressed to anotherzone, department, or sub-network.

    IEEE Specifications for Ethernet

    y 802.3 - Ethernet LAN SpecificationsTwo new specifications, both run on twisted pair and fiber optic.

    y 802.3u - Fast Ethernet

    y 802.3z - Gigabit Ethernet

    Ethernet Speeds at Cisco Hierarchical Layers

    y Access - 10Mbps switches for clients, 100Mbps for Servers.y Access to Distribution - use 100Mbps.

    y Distribution to Core - use 100Mbps or 1000Mbps, with redundant links.

    Cable Specifications

    Name Class Length Host per Segment Topology

    10base2 50ohm Coax 185m 30 Phys. + logical Bus

    10base5 50ohm Coax 500m 208 Phys. + logical Bus

    10baseT Cat 3,4,5 UTP 100m 1 Phys.. star + logical bus

    100baseTx Cat 5,6,7 UTP 100m 1 Phys. star + logical bus

    100baseFX Multimode Fiber 400m 1 point to point

  • 8/6/2019 chp 1 N chp 2

    23/35

    1000baseCX STP 25m 1 Point to point

    1000baseT Cat 5 UTP 100m 1 Phys. star + logical bus

    1000baseSX Multimode Fiber 260m

    1000baseLX Singlemode Fiber 3 - 10K

    802.3uFastEthernetFeatures and Benefitsy 100baseT was adopted by IEEE as the 802.3u standard in 1995.

    y 100baseT is ethernet operating at 10 times the speed of regular ethernet.

    y Just like 10baseT, it can be used in a shared or switched environment.

    y Can operate in full-duplex without collisions.

    y Use twisted pair or fiber.

    y The 100BaseT maximum network diameter is 205 meters, which is approximately 10 times lessthan 10-Mbps Ethernet.

    y 100BaseT networks support an optional feature, called autonegotiation, that enables a deviceand a hub to exchange information (using 100BaseT FLPs) about their capabilities, therebycreating an optimal communications environment. Autonegotiaton supports a number ofcapabilities, including speed matching for devices that support both 10-and 100-Mbps operation,full-duplex mode of operation for devices that support such communications, and an automaticsignaling configuration for 100BaseT4 and 100BaseTX stations.

    y The IEEE 802.3u specification for 100BaseTX networks allows a maximum of two repeater (hub)networks and a total network diameter of approximately 200 meters. A link segment, which isdefined as a point-to-point connection between two Medium Independent Interface (MII) devices,can be up to 100 meters.

    100BaseT supports three media types at the OSI physical layer (Layer 1): 100BaseTX, 100BaseFX,and 100BaseT4.

    Characteristics of 100BaseT Media Types

    Characteristics 100BaseTX 100BaseFX 100BaseT4

    Cable Category 5 UTP, or Type

    1 and 2 STP

    62.5/125 micron multi-mode

    fiber

    Category 3, 4, or 5

    UTP

    Number of pairs orstrands

    2 pairs 2 strands 4 pairs

    Connector ISO 8877 (RJ-45)

    connector

    Duplex SCmedia-interface

    connector (MIC) ST

    ISO 8877 (RJ-45)

    connector

    Maximum segment 100 meters 400 meters 100 meters

  • 8/6/2019 chp 1 N chp 2

    24/35

    length

    Maximum network

    diameter

    200 meters 400 meters 200 meters

    Half-DuplexEthernet

    y Defined in 802.3 ethernet, usually runs on 10baseT.

    y Uses only one wire pair with signals running in both directions on the wire, stations either transmitor receive not both.

    y Uses CSMA/CD protocol to detect collisions and retransmit if they occur.

    y If you attach a hub to a switch, the switch must run in half-duplex so the end stations can detectcollisions.

    Full-DuplexEthernet

    Full-duplex provides the means of transmitting and receiving simultaneously on a single wire. Full-duplex is typically used between two endpoints, such as between switches, between switches andservers, between switches and routers, and so on. Full-duplex has allowed bandwidth on Ethernet andFast Ethernet networks to be easily and cost-effectively doubled from 10 Mbps to 20 Mbps and 100 Mbpsto 200 Mbps, respectively.

    y Data can be simultaneously transmitted and received, doubling the nominal throughput.

    y Uses two pairs of wire, one pair sends and the other receives data.

    y Can't run on COAX, must be twisted pair or fiber.

    y Uses a point-to-point connection between transmitting and receiving devices.

    y When powered on, it negotiates with the other end of the link (auto-detect mechanism), it firstchecks for available speed 10 or 100mbps, it then checks to see if it can run in full-duplex. If itcan't, it will run in half-duplex.

    UTP

    y Uses RJ-45 connector with up to four pairs of twisted wire.

    y Twisted wires eliminate crosstalk between the wire and the more twists in the wire the higher thecategory rating and the quality.Straight Wired

    y The wires are in the same order at both ends of the RJ-45s.Used For

    o Router to hub or switch.o Server to hub or switch.o Workstation to hub or switch.

    Crossover

    y Two pairs of the wires are crossed at one end of the cable.

    y Switch the first and third and second and sixth wires on one end.Used For

    o Uplinks between hubs and switches.o Hubs to switches.o Router to router.

  • 8/6/2019 chp 1 N chp 2

    25/35

    o Connecting two PCs without a hub or switch.

    CAT5UTP Wiring Order for Patch andCrossoverCables

    1. To make your own CAT 5 (patch/crossover) cable you will have to first cut the wire to the neededlength and strip about 3/4 of an inch of the outer jacket off both ends.

    2. Next arrange the eight individual wires in the following order:

    Patch Cable Wiring Order [ Left to Right ]

    Wire

    Colororange/white orange green/white blue blue/white green brown/white brown

    Wire

    Number1 2 3 4 5 6 7 8

    3.4. Next, holding the wires together, trim them so the ends are all flush. Wire number1 will stay on

    the left side.5. Next turn an RJ-45 jack upside down {locking tab down} and slide the wires in until they align

    below the brass connectors. Make sure they are still in the same order as above.6. Now, holding the wires firmly in the jack, place the jack in the pair of crimpers and proceed to

    firmly crimp them in place.7. Once done crimping, pull gently on the wires to verify that they were securely crimped; if they

    aren't secure, cut the bad end off and go back to step 1.8. If that side is done, you can now proceed to step 8 to make a crossover cable (the other side is

    done the same except wires 1 and 3 and 2 and 6 are switched) or if you want to make a patchcable (connects PC to hub) follow steps 1 through 6 for both sides of the cable.

    9. Only one end of a crossover cable is switched, and is in the following order:

    Crossover Cable Wiring Order [1 + 3 and 2 + 6 switched from patch cable

    order]

    Wire

    Colorgreen/white green orange/white blue blue/white orange brown/white brown

    Wire

    Number1 2 3 4 5 6 7 8

    10.11. Now follow steps 3 - 6 to create the crossover cable.

    IP Addressing and Subnet Masking

  • 8/6/2019 chp 1 N chp 2

    26/35

    IP addresses are 32 bits long and are represented as a quad octet set. Each octet represents 1 byte(8 bits) and has a range of 0-255 for 256 values ( 2

    8= 256 ). IP networks are divided into classes, with

    each class having a network ID and host range. Each class uses bits from the first octet as part of thenetwork ID and depending on the network class can use up to two other octets for the network ID with theremaining octets reserved for hosts on the network. For example, class A networks use the first octet asthe network range and the other three octets are for hosts on the networks and class C networks use thefirst three octets from the left as the network ID, leaving only one octet available for hosts. The Networkclasses are divided into classes as follows.

    IP Address Classes

    Class

    First Octet's

    Range

    Decimal

    First Octet's

    Binary

    Range

    Network HostDefault Subnet

    Mask

    A 0-12600000000 -

    01111110

    Network.Host.Host.Host

    Example

    10.128.22.100

    255.0.0.0

    B 128-19110000000 -

    10111111

    Network.Network.Host.Host

    Example

    172.12.15.65

    255.255.0.0

    C 192-22311000000 -

    11011111

    Network.Network.Network.Host

    Example

    209.38.1.2

    255.255.255.0

    D

    E

    224-239

    240-255

    11100000 -

    11111111

    D is for multicast

    E is experimental N/A

    Some IP addresses are reserved for special use and are not to be used as networks.

    Reserved IP Addresses

    Address Use

    127.0.0.1 Used for loopback

    0.0.0.0Used as default route on Cisco

    Equipment

    255.255.255.255 Broadcast to all nodes on network

  • 8/6/2019 chp 1 N chp 2

    27/35

    IP Network addressing

    y A network address uniquely identifies each network.

    y Every machine on the network shares the same network portion of it's IP address.

    y The node portion of the IP address uniquely identifies the node on its network, can also be calledhost address.

    Identifying the Parts ofIPNetworkAddresses

    This table has one example with the other fields left blank for your practice.

    Address ClassNetwork

    Portion

    Host

    Portion

    Default

    Subnet

    63.125.22.14 A 63. 125.22.14 255.0.0.0

    199.2.2.10

    189.88.25.1

    16.12.1.84

    145.1.40.2

    221.220.21.20

    Process ForSubnet masking1. How many subnets?

    2(masked bits)

    - 2 = Subnets

    2. How many valid hosts per subnet?2

    (unmasked bits)- 2 = Hosts

    3. What are the valid subnets?256-(subnet base)=Base number

    4. What are the valid hosts in the subnets?All numbers between subnets minus the all 1s (.255) and all 0s (.0) host addresses.

    5. What is broadcast address of the subnet?All the host bits turned on.

  • 8/6/2019 chp 1 N chp 2

    28/35

    Example of subnet masking

    (255.255.255.192) = (11111111.1111111.1111111.11000000)

    1. (22)-2 = 2 Subnets

    2. (26)-2 = 62 Hosts per subnet

    3. 256 - 192 = 64 (.01000000) {For the first subnet}

    4. 65 to 126 (.01000001 to .01111110) Valid hosts in the subnets

    5. 127 (.01111111) Broadcast

    LAN SegmentationThis page will discuss the advantages of LAN segmentation and will describe LAN segmentation

    using bridges, switches, and routers. Also described will be the benefits of using each of these threeinternetworking devices.

    Describe the advantages of LAN segmentation

    When separate networks are needed or if a network has reached its physical limitations,segmentation is used. Segmenting a LAN can extend the network, reduce congestion, isolate networkproblems, and improve security.

    Extending the network -- When the maximum physical limitations of a network has beenreached, routers may be added to create new segments to allow additional hosts onto the LAN.

    Reduce Congestion -- As the number of hosts on a single network increases, the bandwidth

    required also increases. By segmenting the LAN, you can reduce the number of hosts pernetwork. If traffic consists of communications between hosts on the same segment, thenbandwidth usage is substantially reduced.

    Isolate network problems -- By dividing the network into smaller segments, you reduce theoverflow of problems from one segment to the next. Hardware and software failures are some ofthe problems that can be reduced to affect smaller portions of the network.

    Improve Security -- By utilizing segments, a network administrator can ensure that the internalstructure of the network will not be visible from an outside source. Privileged packets will only bebroadcast on the subnet it originated from, not throughout the network.

    Describe LAN segmentation using bridges.

    The term bridging refers to a technology in which a device (known as a bridge) connects two or more

    LAN segments. A bridge transmits datagrams from one segment to their destinations on other segments.

    Bridges are capable of filtering frames based on any Layer 2 fields. A bridge, for example, can beprogrammed to reject (not forward) all frames sourced from a particular network. Because link-layerinformation often includes a reference to an upper-layer protocol, bridges usually can filter on thisparameter. Furthermore, filters can be helpful in dealing with unnecessary broadcast and multicastpackets. Because only a certain percentage of traffic is forwarded, a bridge or switch diminishes thetraffic experienced by devices on all connected segments. The bridge or switch will act as a firewall for

  • 8/6/2019 chp 1 N chp 2

    29/35

    some potentially damaging network errors, and both accommodate communication between a largernumber of devices than would be supported on any single LAN connected to the bridge.

    Describe LAN segmentation using routers.

    Because routers use Layer 3 addresses, which typically have structure, routers can use techniques

    (such as address summarization) to build networks that maintain performance and responsiveness asthey grow in size. Segments are interconnected by routers to enable communication between LANswhile blocking other types of traffic. Routers also allow for the interconnection of disparate LAN and WANtechnologies while also implementing broadcast filters and logical firewalls. In general, if you needadvanced internetworking services, such as broadcast firewalling and communication between dissimilarLANs, routers are necessary.

    Describe LAN segmentation using switches.

    Switches are data link layer devices that, like bridges, enable multiple physical LAN segments to beinterconnected into a single larger network. Similar to bridges, switches forward and flood traffic basedon MAC addresses. Because switching is performed in hardware instead of in software, however, it is

    significantly faster. Switches use either store-and-forward switching or cut-through switching whenforwarding traffic.

    Segmenting shared-media LANs divides the users into two or more separate LAN segments,reducing the number of users contending for bandwidth. LAN switching technology, which builds uponthis trend, employs microsegmentation, which further segments the LAN to fewer users and ultimately toa single user with a dedicated LAN segment. Each switch port provides a dedicated, 10MB Ethernetsegment. Segments are interconnected by internetworking devices that enable communication betweenLANs while blocking other types of traffic. Switches have the intelligence to monitor traffic and compileaddress tables, which then allows them to forward packets directly to specific ports in the LAN. Switchesalso usually provide nonblocking service, which allows multiple conversations (traffic between two ports)to occur simultaneously.

    LAN switches can be used to segment networks into logically defined virtual workgroups (VLANs).This logical segmentation, commonly referred to as VLAN communication, offers a fundamental changein how LANs are designed, administered, and managed. Logical segmentation provides substantialbenefits in LAN administration, security, and management of network broadcast across the enterprise.

    Superior throughput performance, higher port density, lower per-port cost, and greater flexibility havecontributed to the emergence of switches as replacement technology for bridges and as complements torouting technology.

    Describe the benefits of network segmentation with bridges.

    Transparent bridges successfully isolate intrasegment traffic, thereby reducing the traffic seen on

    each individual segment. This usually improves network response times, as seen by the user.

    y Bridges and switches extend the effective length of a LAN, permitting the attachment of distantstations that were not previously permitted.

    y Bridges can connect more than two LANs and use the Spanning Tree Algorithm to eliminateloops while still allowing connectivity and redundancy between them.

    y Bridges can compensate for speed discrepancies of WAN and LAN connections by using itsbuffering capabilities. This is done by storing the incoming data in on-board buffers and sendingit over the serial link at a rate that the serial link can accommodate.

  • 8/6/2019 chp 1 N chp 2

    30/35

    y Some bridges are MAC-layer bridges, which bridge between homogeneous networks (forexample, IEEE 802.3 and IEEE 802.3), while other bridges can translate between different link-layer protocols (for example, IEEE 802.3 and IEEE 802.5).

    Describe the benefits of network segmentation with routers.

    Routers offer the following benefits in LAN segmentation:

    y Media Transition--Routers are used to connect networks of different media types, taking care ofthe Layer 3 address translations and fragmentation requirements.

    y Broadcast control--By default, routers don't pass broadcasts and therefore restrict the broadcastdomain. In addition to preventing broadcasts from radiating throughout the network, routers arealso responsible for generating services to each LAN segment. The following are examples ofservices that the router provides to the network for a variety of protocols:

    o IP---Proxy ARP and Internet Control Message Protocol (ICMP)o IPX---SAP table updateso AppleTalk---ZIP table updateso Network management---SNMP queries

    y Packet Filtering--Routers can filter packets either inbound or outbound between LAN segmentsor LAN and WAN segments.

    y VLAN Communications--Routers remain vital for switched architectures configured as VLANsbecause they provide the communication between VLANs.

    y Large Packets--Routers can handle large packets by fragmenting them into smaller pieces,sending them across the network, and reassembling them whereas bridges discard frames thatare too large.

    Describe the benefits of network segmentation with switches.

    Layer 2 switches offer some or all of the following benefits:

    y Unlike hubs and repeaters, switches allow multiple data streams to pass simultaneously.

    y LAN switches are used to interconnect multiple LAN segments. LAN switching providesdedicated, collision-free communication between network devices, with support for multiplesimultaneous conversations.

    y Collisions--Switches reduce collisions on network segments because they provide dedicatedbandwidth to each network segment and each connected segment is in a separate collisiondomain.

    y Bandwidth---LAN switches provide excellent performance for individual users by allocatingdedicated bandwidth to each switch port (for example, each network segment). This technique isknown as microsegmenting. An Ethernet LAN switch improves bandwidth by separating collisiondomains and selectively forwarding traffic to the appropriate segments.

    y Dedicated Bandwidth---Switches deliver dedicated bandwidth to users through high-densitygroup switched and switched 10BaseT or 100BaseT Ethernet.

    y VLANs---LAN switches can group individual ports into logical switched workgroups called VLANs,thereby restricting the broadcast domain to designated VLAN member ports. VLANs are alsoknown as switched domains and autonomous switching domains. Communication betweenVLANs requires a router.

  • 8/6/2019 chp 1 N chp 2

    31/35

    Ethernet FramesEthernet was developed by the Xerox Corporation's Palo Alto Research Center (PARC) in the

    1970s. Ethernet was the technological basis for the IEEE 802.3 specification, which was initially releasedin 1980. Shortly thereafter, DEC, Intel, and Xerox jointly developed and released and Ethernet

    specification (Version 2.0) that is substantially compatible with IEEE 802.3. Today, the term Ethernet isoften used to refer to all CSMA/CD LANs that generally conform to Ethernet specification, including802.3.

    EthernetFrames

    y Used at the Data Link layer to encapsulate packets handed down from the Network layer fortransmission on a medium.

    y Ethernet_II frames have a type field in their frame.

    y 802.3 frames have a length field in their frame.

    y Data size can be from 46 to 1500 bytes.

    y FCS - Frame Check Sequence - used to store the CRC (Cyclic Redundancy Check) for the

    frame.y 802.3 frame can't contain information about the upper layer protocols (Network Layer), so it is

    combined with the 802.2 (LLC) frame to provide this function.

    The FourTypes ofEthernetFrames:

    Ethernet II IEEE 802.3 IEEE 802.2 SNAP

    Ethernet II

    Ethernet provides services corresponding to Layers 1 and 2 of the OSI model. In Ethernet frames,the 2-byte field following the source address is a type field. This field specifies the upper-layer protocolto receive the data after Ethernet processing is complete. Ethernet is a broadcast LAN that usesCSMA/CD.

    IEEE 802.3

    IEEE 802.3 specifies the Physical layer (Layer 1) and the channel access portion of the Data Linklayer (Layer 2), but doesn't define a logical link control protocol. In IEEE 802.3 frames, the 2-byte fieldfollowing the source address is a length field, which indicates the number of bytes of data that followsthis field and precede the frame check sequence (FCS) field. Following this is the data field, which will

    contain data for the frame. In the case of IEEE 802.3, the upper-layer protocol must be defined within thedata portion of the frame. IEEE 802.3 is also a broadcast LAN that uses CSMA/CD.

    IEEE 802.2

    IEEE 802.2 is often referred to as the Logical Link Control (LLC). It is extremely popular in LANenvironments, where it interoperates with protocols such as IEEE 802.3, IEEE 802.4, and IEEE 802.5.Upper-layer processes use IEEE 802.2 services through service access points (SAPs). The IEEE 802.2

  • 8/6/2019 chp 1 N chp 2

    32/35

    header begins with a destination service access point (DSAP) field, which identifies the receiving upper-layer process. Following the DSAP address is the source service access point (SSAP) address, whichidentifies the sending upper-layer process.

    802.2 SNAP

    The SNAP (Subnetwork Architecture Protocol) frame has its own protocol field to identify the upper-layer protocol. This is a way to allow an Ethernet II frame to be used in an 802.3 frame. SNAP frame'sDSAP and SSAP are always set to AA with the command field set to 3. SNAP was created because notall protocols worked well with the 802.3 frame which has no ether-type field. 802.2 frame is an 802.3frame with the LLC info in the data field of the header (has DSAP and SSAP). To allow the proprietaryprotocols created by application developers to be used in the LLC frame, the IEEE defined the SNAPformat. SNAP is mostly seen with proprietary protocols such as Appletalk and the Cisco CDP.

    MACAddressing

    o 48-bit address.o Manufacturer's identification (OUI- Organizationally Unique Identifier) is the first 24-bits and is

    assigned by the IEEE.o Manufacturer assigns a unique value to the second 24-bit section

    Function of a MAC address

    y The MAC address uniquely identifies the device from any other device in the world.y The MAC address is a 48 bit address represented by 12 hexadecimal digits.

    y The first 6 digits contain the manufacturer's Unique identifier (OUI) and the last 6 digits are theunique serial number assigned by the manufacturer.

    y The MAC Address is usually burned onto a NIC (Network Interface Card) in its ROM (Read OnlyMemory).

    MA

    CA

    ddress Examples

    MAC AddressManufacturer

    Code

    Serial

    Number

    FF34.2344.13FD FF34.23 44.13FD

    44CC.7800.34FF 44CC.78 00.34FF

    00A0.CC60.1388 00A0.CC 60.1388

    3Types ofMedia Access1. Contention (Ethernet)2. Token Passing (Token Ring, FDDI)3. Polling (IBM Mainframes, 100VGAnyLAN)

  • 8/6/2019 chp 1 N chp 2

    33/35

    Ethernet

    y Uses a logical bus topology - signal runs from one end of the segment to the other.

    y Baseband technology - when a station transmits, it uses the entire bandwidth.

    y Uses CSMA/CD.

    y Best effort delivery.

    Each of the 802.3 (Ethernet) standards defines an AUI

    y 10BaseT - uses AUI - 1 bit at a time

    y 100BaseT - uses MII - 4 bits at a time

    y 1000BaseT - uses GMII - 8 bits at a time

    AUI - Attachment Unit Interface

    MII - Media Independent Interface

    GMII - Gigabit Media Independent Interface

    LAN ProtocolsThis page introduces the various media-access methods, transmission methods, topologies, and

    devices used in a local area network (LAN); to include methods and devices used in Ethernet/IEEE 802.3,Token Ring/IEEE 802.5, and Fiber Distributed Data Interface (FDDI).

    A LAN is a high-speed, fault-tolerant data network that covers a relatively small geographic area. Ittypically connects workstations, personal computers, printers, and other devices. LANs offer computer

    users many advantages, including shared access to devices and applications, file exchange betweenconnected users, and communication between users via electronic mail and other applications

    Media-Access Methods

    LAN protocols typically use one of two methods to access the physical network medium: carriersense multiple access collision detect (CSMA/CD) and token passing.

    In the CSMA/CD media-access scheme, network devices contend for use of the physical networkmedium. CSMA/CD is therefore sometimes called contention access. Examples of LANs that use theCSMA/CD media-access scheme are Ethernet/IEEE 802.3 networks, including 100BaseT.

    In the token-passing media-access scheme, network devices access the physical medium based onpossession of a token. Examples of LANs that use the token-passing media-access scheme are TokenRing/IEEE 802.5 and FDDI.

    LAN Transmission Methods

    LAN data transmissions fall into three classifications: unicast, multicast, and broadcast. In each typeof transmission, a single packet is sent to one or more nodes.

  • 8/6/2019 chp 1 N chp 2

    34/35

    1. In a unicast transmission, a single packet is sent from the source to a destination on a network.2. A multicast transmission consists of a single data packet that is copied and sent to a specific

    subset of nodes on the network.3. A broadcast transmission consists of a single data packet that is copied and sent to all nodes on

    the network.

    LAN Topologies

    LAN topologies define the manner in which network devices are organized. Four common LANtopologies exist: bus, ring, star, and tree. These topologies are logical architectures, but the actualdevices need not be physically organized in these configurations. Logical bus and ring topologies, forexample, are commonly organized physically as a star.

    A bus topology is a linear LAN architecture in which transmissions from network stationspropagate the length of the medium and are received by all other stations.

    A ring topology is a LAN architecture that consists of a series of devices connected to oneanother by unidirectional transmission links to form a single closed loop. Both Token Ring/IEEE802.5 and FDDI networks implement a ring topology.

    A tree topology is a LAN architecture that is identical to the bus topology, except that branches

    with multiple nodes are possible in this case. A star topology is a LAN architecture in which the endpoints on a network are connected to a

    common central hub, or switch, by dedicated links. Logical bus and ring topologies are oftenimplemented physically in a star topology.

    LAN Devices

    Devices commonly used in LANs include repeaters, hubs, LAN extenders, bridges, LAN switches,and routers.

    y A repeateris a physical layer device used to interconnect the media segments of an extendednetwork. A repeater essentially enables a series of cable segments to be treated as a single

    cable. Repeaters receive signals from one network segment and amplify, retime, and retransmitthose signals to another network segment. These actions prevent signal deterioration caused bylong cable lengths and large numbers of connected devices. Repeaters are incapable ofperforming complex filtering and other traffic processing. In addition, all electrical signals,including electrical disturbances and other errors, are repeated and amplified. The total number ofrepeaters and network segments that can be connected is limited due to timing and other issues.

    y A hub is a physical-layer device that connects multiple user stations, each via a dedicated cable.Electrical interconnections are established inside the hub. Hubs are used to create a physical starnetwork while maintaining the logical bus or ring configuration of the LAN. In some respects, ahub functions as a multiport repeater.

    y A LAN extenderis a remote-access multilayer switch that connects to a host router. LANextenders forward traffic from all the standard network-layer protocols (such as IP, IPX, and

    AppleTalk), and filter traffic based on the MAC address or network-layer protocol type. LAN

    extenders scale well because the host router filters out unwanted broadcasts and multicasts. LANextenders, however, are not capable of segmenting traffic or creating security firewalls.

    y Bridges analyze incoming frames, make forwarding decisions based on information contained inthe frames, and forward the frames toward the destination. In some cases, such as source-routebridging, the entire path to the destination is contained in each frame. In other cases, such astransparent bridging, frames are forwarded one hop at a time toward the destination.

    y Switches are data link layer devices that, like bridges, enable multiple physical LAN segments tobe interconnected into a single larger network. Similar to bridges, switches forward and floodtraffic based on MAC addresses. Because switching is performed in hardware instead of in

  • 8/6/2019 chp 1 N chp 2

    35/35

    software, however, it is significantly faster. Switches use either store-and-forward switching orcut-through switching when forwarding traffic. Many types of switches exist, including ATMswitches, LAN switches, and various types of WAN switches.

    y Routers perform two basic activities: determining optimal routing paths and transportinginformation groups (typically called packets) through an internetwork. In the context of the routingprocess, the latter of these is referred to as switching. Although switching is relatively

    straightforward, path determination can be very complex.