8/6/2019 chp 1 N chp 2
1/35
OSI Reference Model
Application-File, printing, message, database, and
application services.
Presentation-Data encryption / decryption, compression, and
translating services.
Session -Dialog control.
Transport -End to end connection.
Network -Routing.
Data Link -Framing.
Physical -Physical topology.
Advantages of Using a Layered Model
1. Allows a layer to be changed without impacting the rest of the model.2. Interoperability between network applications is improved by using a standard interface.3. Design and development efforts can be made in a modular fashion.4. Network operations and troubleshooting can be simplified.
Five Conversion Steps of Data Encapsulation Data >> Segments >> Packets >> Frames >> Bits
1. Upper layers convert and format the information into data and send it to the Transport Layer.2. The Transport layer turns the data into segments and adds headers then sends them to the
Network layer.3. The Network layer receives the segments and converts them into packets and adds headerinformation (logical addressing) and sends them to the Data Link Layer.
4. The Data Link layer receives the packets and converts them into frames and adds headerinformation (physical source and destination addresses) and sends the frames to the PhysicalLayer.
5. The Physical layer receives the frames and converts them into bits to be put on the network
medium.
8/6/2019 chp 1 N chp 2
2/35
Application Layer
The application layer is the OSI layer closest to the end user, which means that both the OSIapplication layer and the user interact directly with the software application. This layer interacts withsoftware applications that implement a communicating component. Such application programs falloutside the scope of the OSI model. Application-layer functions typically include identifying
communication partners, determining resource availability, and synchronizing communication.
When identifying communication partners, the application layer determines the identity andavailability of communication partners for an application with data to transmit. When determiningresource availability, the application layer must decide whether sufficient network resources for therequested communication exist. In synchronizing communication, all communication betweenapplications requires cooperation that is managed by the application layer.
Two key types of application-layer implementations are TCP/IP applications and OSI applications.TCP/IP applications are protocols, such as Telnet, File Transfer Protocol (FTP), and Simple Mail TransferProtocol (SMTP), that exist in the Internet Protocol suite. OSI applications are protocols, such as FileTransfer, Access, and Management (FTAM), Virtual Terminal Protocol (VTP), and Common ManagementInformation Protocol (CMIP), that exist in the OSI suite.
InternetworkingApplications
WWW
-Connects countless servers presenting diverse formats: multimedia, graphics, text, sound, andvideo. Applications such as Netscape Navigator, Internet Explorer, and Mosaic simplify accessing andviewing web sites.
-Versatile can use SMTP or X.400 to deliver messages between different email applications.
Electronic Data Interchange
-Composite of specialized standards that facilitates the flow of tasks such as accounting, shipping /receiving, and order and inventory tracking between business.
Bulletin Boards
-Includes Internet chat rooms, and sharing public domain software.
Internet Navigation Utilities
-Includes Gopher, WAIS, and search engines, e.g. Yahoo, Excite, and Alta Vista. Helps users locateresources and information on the Internet.
Financial Transaction Services
-They gather and sell information pertaining to investments and credit data to their subscribers.
Back to Top
8/6/2019 chp 1 N chp 2
3/35
Presentation Layer
The presentation layer provides a variety ofcoding and conversion functions that are applied toapplication layer data. These functions ensure that information sent from the application layer of onesystem will be readable by the application layer of another system. Some examples of presentation-layercoding and conversion schemes include common data representation formats, conversion of character
representation formats, common data compression schemes, and common data encryption schemes.
Common data representation formats, or the use of standard image, sound, and video formats,enable the interchange of application data between different types of computer systems. Conversionschemes are used to exchange information with systems by using different text and data representations,such as EBCDIC and ASCII. Standard data compression schemes enable data that is compressed at thesource device to be properly decompressed at the destination. Standard data encryption schemes enabledata encrypted at the source device to be properly deciphered at the destination. Presentation-layerimplementations are not typically associated with a particular protocol stack. The following serve to directgraphic and visual image presentations:
PICT
-Picture format used by Mac and PowerPC programs for transferring Quick draw graphics.
TIFF
-Tagged Image File Format, a standard graphics format for high-resolution bitmapped images.
JPEG
-Joint Photographic Experts Group standards.
MIDI
-Musical Instrument Digital Interface, used for digitized music.
MPEG
-Moving Picture Experts Group, standard for compression and coding of motion video. Digitalstorage and bit rates up to 1.5 Mbps.
Quicktime
-Mac and PowerPC audio and video applications.
Back to Top
Session Layer
The session layerestablishes, manages, and terminates communication sessionsbetweenpresentation layer entities. Communication sessions consist of service requests and service responsesthat occur between applications located in different network devices. These requests and responses arecoordinated by protocols implemented at the session layer. Some examples of session-layerimplementations include Zone Information Protocol (ZIP), the AppleTalk protocol that coordinates the
8/6/2019 chp 1 N chp 2
4/35
name binding process; and Session Control Protocol (SCP), the DECnet Phase IV session-layerprotocol. Also provides dialog control between devices or nodes. Coordinates and organizescommunications between system by offering three different modes: simplex, half-duplex, and full-duplex.The layer basically keeps different applications' data separate from other applications' data.
Session Layer Protocols and Interfaces
NFS
-Network File System, developed by Sun Microsystems and used with TCP/IP and Unix workstationsto allow transparent access to remote resources.
SQL
-Developed by IBM to provide users with a simpler way to define their information requirements onboth local and remote systems.
RPC
-A broad client / server redirection tool used for disparate service environment. Its procedures arecreated on clients and performed on servers.
X Window
-Widely used by intelligent terminals for communications with remote Unix computers, allowing themto operate as though they were locally attached monitors.
AppleTalk Session Protocol
-A client / server mechanism which establishes and maintains sessions between AppleTalk client andserver machines.
Digital Network Architecture Session Control Protocol
-A DECnet session layer protocol.
Back to Top
Transport Layer
The transport layer implements reliable internetwork data transport services that are transparent toupper layers. Transport-layer functions typically include flow control, multiplexing, virtual circuitmanagement, and error checking and recovery. Services located in Transport layer both segment andreassemble data from upper layer applications and unite it onto the same data stream. They provide end-to-end data transport services and can establish a logical connection between the sending host anddestination host on an Internetwork. It also hides details of any network dependent information from thehigher layer by providing transparent data transfer.
Flow Control
-Data integrity is ensured by maintaining flow control and allowing users the option to request reliabledata transport between systems. Flow control manages data transmission between devices so that the
8/6/2019 chp 1 N chp 2
5/35
transmitting device does not send more data than the receiving device can process. Reliable datatransport employs a connection-oriented communication session between systems. The protocols ensurethat the following are achieved:
-segments delivered are acknowledged to sender upon delivery.
-non acknowledged segments are re-sent.
-segments are put back in sequence upon arrival at their destination.
-a manageable data flow is maintained to avoid congestion, overloading, and data loss.
Multiplexing
The Transport layer is responsible for providing mechanisms for multiplexing upper layerapplications. Multiplexing enables data from several applications to be transmitted onto a single physicallink.
Virtual Circuits
Virtual circuits are established, maintained, and terminated by the transport layer.
Error Checking and Recovery
Error checking involves creating various mechanisms for detecting transmission errors, while errorrecovery involves taking an action, such as requesting that data be retransmitted, to resolve any errorsthat occur.
Acknowledgments
-Positive acknowledgement with retransmission ensures that reliable data delivery by requiring areceiving machine to send an acknowledgment message to the sender when it receives data. Thesending machine documents each segment sent and waits for an acknowledgment before sending thenext segment. Using windowing, the machine will transfer an agreed upon number of segments. If thereceiving machine receives all the segments intact, it will request the next segment of the next window. Ifit misses a segment, it will request the missing segment and will transmit a request for the next segmentof the next window, when the first window's segments are all received.
-During a transfer, congestion can occur because high speed computers can generate data fasterthat the network can transfer it or because many computers are using the network and sendingdatagrams through a single gateway. When a machine receives a flood of datagrams, it stores them in abuffer. If the buffer fills, all additional datagrams are discarded. Transport can issue a "not ready" signalto stop a device from transmitting additional segments. Once the buffer is emptied, it sends a "ready"transport indicator. When the waiting machine receives this "go" signal, it continues where it left off. Toavoid failures in data transfers, the receiving host acknowledges every segment it receives.
Connection-Oriented Communications
-In reliable transport operations
y One device first establishes a connection oriented session with is peer (Initiation)
8/6/2019 chp 1 N chp 2
6/35
y Both host's application programs begin by notifying their individual Operating Systems that aconnection is about to be initiated. (Synchronization)
y The two Operating Systems communicate by sending messages over the network confirming thatthe transfer is approved and both sides are ready for it to take place. (Negotiating)
y Once the synchronization is complete, a connection is fully established and data transfer begins.(Established)
y
The data transfers. While the information is being transferred between hosts, the two machinesperiodically check in with each other, communicating through their protocol software to ensurethat all is going well and that data is being received properly.
Windowing
-A window is the number of segments that can be sent without receiving an acknowledgement.Windowing can increase the throughput for data exchanges by limiting the number of acknowledgmentsneeded for total segments transferred. Example: if the window size is three then an acknowledgment isrequired after the third segment is transferred.
Back to Top
Network Layer
The Network layer provides routing and related functions that enable multiple data links to becombined into an internetwork. This is accomplished by the logical addressing (as opposed to thephysical addressing) of devices. The network layer supports both connection-oriented andconnectionless service from higher-layer protocols. Network-layer protocols typically are routing protocols,but other types of protocols are implemented at the network layer as well. Routers work at this level andprovide the routing services for an internetwork.
Routing a Packet
1. The router receives the packet and looks up the destination IP address.
2. If the packet isn't destined for the router, the router looks for the destination address in the routingtable.
3. Once the destination interface is found, the packet will be sent to the interface.4. At the destination interface, the packet is framed and sent out on the local network.
-There are two types of packets at the Network layer.
Data Packets
-Used to transport user data through internetwork.
-Uses routed protocols such as: IP and IPX.
Router Update Packets
-Used to update neighbor routers about networks connected to routers on the internetwork.
-Routing protocols: RIP, EIGRP, OSPF.
-Builds and maintains routing tables on each router.
8/6/2019 chp 1 N chp 2
7/35
Routing Table
Network Address
-Protocol specific network addresses. A table is maintained for individual routing protocols sinceeach protocol keeps track of a network with a different addressing scheme.
Interface
-The interface the packet is sent out on when destined for a particular network.
Metric
-The distance to the remote network.
-Routers breakup broadcast domains by not forwarding broadcast or multicast packets through arouter. They also breakup collision domains as each interface is a separate network.
-Routers use logical addresses in a network layer header to determine the next hop router to forwardthe packet to.
-Routers can use access lists to control security on packets entering or leaving an interface.
-Routers can provide layer 2 bridging and can simultaneously route through the same interface
-Routers provide connections between Virtual LANs. (VLANs)
-Routers can provide Quality of Service for specific types of network traffic.
Back to Top
Network vs. Data Link LayerAddresses
Network layer addressing is referred to as logical addressing, whereas Data Link layer addressinguses physical addresses. The physical address of a device can't be changed without removing orreplacing the hardware (physical address is burned into a NIC's ROM); while a logical address isconfigured in software and can be changed as needed.
Data Link Layer
The Data Link layer provides reliable transit of data across a physical network link. Different DataLink layer specifications define different network and protocol characteristics, including physical
addressing, network topology, error notification, sequencing of frames, and flow control. The DataLink layer translates messages from the Network layer into bits for the Physical layer to transmit. Itformats messages into data frames and adds a customized header containing the source and destinationhardware addresses. Data Link layer is responsible for uniquely identifying each device on a localnetwork.
y Physical addressing(as opposed to network addressing) defines how devices are addressed atthe data link layer.
8/6/2019 chp 1 N chp 2
8/35
y Network topologyconsists of the data link layer specifications that often define how devices areto be physically connected, such as in a bus or a ring topology.
y Error notification alerts upper-layer protocols that a transmission error has occurred, and thesequencing of data frames reorders frames that are transmitted out of sequence.
y Flow controlmoderates the transmission of data so that the receiving device is not overwhelmed
with more traffic than it can handle at one time.
-When a packet is sent between routers, it is framed with control information at the Data Link layer.The information is removed at the destination router and only the original packet remains. If the packet isto go to another router, the framing process is repeated until it gets to the receiving host. The packet isnever altered, only encapsulated with control information to be passed on to the different media type.
The IEEE has subdivided the data link layer into two sublayers: Logical Link Control(LLC) and MediaAccess Control(MAC).
MAC (Media Access Control)
The Media Access Control (MAC) sublayer of the data link layer manages protocol access to thephysical network medium. The IEEE MAC specification defines MAC addresses, which enable multiple
devices to uniquely identify one another at the data link layer.
--The MAC describes how a station schedules, transmits and receives data on a shared mediaenvironment.
--Ensures reliable transfer of information across the link, synchronizes data transmission, recognizeserrors (doesn't correct them), and controls the flow of data.
--Defines how packets are placed on the media.
--Physical addressing is defined here as well as local topologies.
--MAC example is Ethernet/802.3 and Token Ring/802.5
--Line discipline, error notification, ordered delivery of frames, and optional flow control can be usedat this layer.
--In General, MACs are only important in shared medium environments where multiple nodes canconnect to the same transmission medium.
LLC (Logical Link Control)
The Logical Link Control (LLC) sublayer of the data l ink layer manages communications betweendevices over a single link of a network. LLC is defined in the IEEE 802.2 specification and supports both
connectionless and connection-oriented services used by higher-layer protocols. IEEE 802.2 defines anumber of fields in data link layer frames that enable multiple higher-layer protocols to share a singlephysical data link.
--Responsible for identifying Network layer protocols and encapsulating them.
--A LLC header tells the Data Link layer what to do with a packet once it is received.
Switches and Bridges
8/6/2019 chp 1 N chp 2
9/35
Work at Data Link layer and filter network using MAC addresses. Layer 2 switching is hardwarebased switching because it uses an ASIC (Application Specific Integrated Circuit).
Switches and Bridges read each frame as it passes through, it then puts the source address in afilter table and keeps track of which port it was received on. This tells the switch where thatdevice is located.
After a filter table is built, the device will only forward frames to the segment where the destinationaddress is located. If the destination device is on the same segment as the frame, the layer 2device will block it from being forwarded. If the destination is on another segment, the frame willonly be forwarded to that segment (transparent bridging).
When a layer 2 device receives a frame and the destination is unknown to the device's filter table,it will forward the frame to all connected segments. If the unknown device replies, the filter tableis updated with that device's location.
-Layer 2 devices (Switches / Bridges) propagate broadcast storms and the only way to prevent themis with a router.
-Each port on a switch is in its own collision domain.
-Switches allow all segments to transmit simultaneously.
-Switches can't translate different media types.
Back to Top
Physical Layer
The physical layer defines the electrical, mechanical, procedural, and functional specifications foractivating, maintaining, and deactivating the physical link between communicating network systems.Physical layer specifications define characteristics such as voltage levels, t iming of voltage changes,physical data rates, maximum transmission distances, and physical connectors. Physical-layerimplementations can be categorized as either LAN or WAN specifications.
-The Physical layer has two responsibilities, send and receive bits (bits have a value of 1 or 0).
-The interface between DCEs and DTEs is defined at the Physical layer.
-The DCE is on the service provider side.
-The DTE is the attached device, the services available to a DTE are accessed through a CSU/DSU.
-HSSI Peer-based communications assumes intelligence in DCE and DTE devices.
Hubs and Repeaters
-Hubs are multiple port repeaters. A repeater receives a signal, regenerates the digital signal, andforwards it on all active ports. An active hub does the same thing. All devices plugged into a hub are onthe same collision and the same broadcast domains. Hubs don't look at any traffic that enters, it justforwards all traffic to all ports. Every device connected to the hub must listen if a device transmits.
8/6/2019 chp 1 N chp 2
10/35
Understanding Data Encapsulation
Data Encapsulation
The sending and receiving of data from a source device to the destination device is possible with the help of networking protocols
by using data encapsulation. The data is encapsulated with protocol information at each layer of the OSI reference model when a
host transmits data to another device across a network. Each layer communicates with its neighbour layer on the destination.Each layer uses Protocol Data Units (PDUs) to communicate and exchange information.
Protocol Data Unit (PDU)
The Protocol Data Units contain the control information attached to the data at each layer. The information is attached to the
header of the data field but can also be in end of the data field or trailer. PDUs are encapsulated by attaching them to the data at
each layer of the OSI reference model. Each Protocol Data Unit has a name depending on the information each header has. This
PDU information is only read by the neighbour layer on the destination and then is stripped off and the data is handed to the next
layer.
OSI Layer Model and PDUs
The seven layered Open System Interconnection (OSI)layered model is basically defined for reducing the
complexity of the internetworking. The OSI model is
then divided into two segments for more ease, Upper
layers and Data Flow layers. The 7th, 6th and 5th layer
of the OSI reference model are application layers also
known as upper layers. The upper layers are directly
related with user interface while the 4rth, 3rd, 2nd and
1st layer of the OSI model are also called data flow
layers because they are related with the flow of the data.
Each data flow layer has a Protocol Data Unit.
The Protocol Data Unit of each data flow layers is defined as follows:
y Transport Layer: Segment is the PDU of the Transport layer.
y Network Layer: Packet is the PDU of the Transport layer.
y Data Link Layer: Frame is the PDU of the Transport layer.
y Physical Layer: Bit is the PDU of the Transport layer.
Encapsulation and De-Encapsulation Process
The encapsulation and de-encapsulation of header control information on each layer of the OSI reference model is as follows:
Encapsulation
The data encapsulation process is defined as below:
TCP Header EncapsulationThe application-layers user data is converted for transmission on the network. The data stream is then handed down to the
Transport layer, which sets up a virtual circuit to the destination. The data stream is then broken up, and a Transport layer header
is created and called a segment. The header control information is attached to the Transport layer header of the data field. Each
segment is sequenced so the data stream can be put back together on the destination exactly as transmitted.
IP Header Encapsulation
8/6/2019 chp 1 N chp 2
11/35
Each segment is then handed to the Network layer for logical addressing and routing through a routed protocol, for example IP,
IPX, Apple Talk and DECNET etc. The Network-layer protocol adds a header to the segment handed down to the Data Link
layer. Remember that the 3rd and 4rth layers work together to rebuild a data stream on a destination host. However, they have no
responsibility for placing their Protocol Data Units on a local network segment, which is the only way to get the information to
host or router.
MAC Header Encapsulation
The Data Link layer receives the packets from the Network layer and placing them on the network medium such as cable or
wireless media. The Data Link layer encapsulates each packet in a frame, and the MAC header carries the source Mac address
and destination Mac address. If the device is on a different network, then the frame is sent to a router to be routed through an
internetwork.
Physical Layer Encapsulation
Once the frame gets to the destination network, a new frame is used to get the packet to the destination host. To put this frame on
the network, it must first be put into a digital signal. Since a frame is really a logical group of 1s and 0s, the Physical layer of the
OSI model is responsible for encapsulating these digits into a digital signal, which is read by devices on the same local network.
De-Encapsulation
On destination side, the receiving devices will synchronize on the digital signal and extract the 1s and 0s from the digital signal.
At this point the devices build the frames, run a Cyclic Redundancy Check(CRC), and then check their output against the output
in the Frame Check Sequence (FCS) field of the data frame. If the information matches then the packet is pulled from the frame,
and the frame is discarded. This process is known as de-encapsulation. The packet then transfers to the Network layer, where the
IP address is checked. If the IP address matches then the segment is pulled from the packet, and the packet is discarded. The data
is processed at the Transport layer that rebuilds the data stream and acknowledges to the transmitting station that it received each
piece of segment. It then happily transfers the data stream to the upper layer application.
At a transmitting device, the data encapsulation method works as follows:
y User information is converted into data for transmission on the network.
y Data is converted into segments and a reliable or unreliable connection is set up between the source and destination
devices using connection oriented and connectionless protocols.
y Segments are converted into packets using a logical address such as IP datagram using an IP address.
y Packets are converted into frames for transmission on the local network. Media Access Control (MAC) addresses
orEthernet addresses are commonly used to uniquely identify hosts on a local network segment.
y Frames are converted into bytes and bits, and a digital encoding and clocking or signalling method is used.
Examples of Types of Service and Capabilities[1]
Service Requirements Service Features
Discovery and
Configuration Services802.1AF, CDP, LLDP, LLDP-MED
8/6/2019 chp 1 N chp 2
12/35
Security Services IBNS (802.1X), (CISF): port security, DHCP snooping, DAI, IPSG
Network Identity and
Access
802.1X, MAB, Web-Auth
802.1X, MAB, Web-Auth QoS marking, policing, queuing, deep packet inspection NBAR, etc.
Intelligent Network
Control Services
PVST+, Rapid PVST+, EIGRP, OSPF, DTP, PAgP/LACP, UDLD, FlexLink, Portfast,
UplinkFast, BackboneFast, LoopGuard, BPDUGuard, Port Security, RootGuard
Physical Infrastructure
Services Power over Ethernet
Cisco Hierarchical Model
There are three layers to the Cisco hierarchical model
1. The core (backbone) layer provides optimal transport between sites.2. The distribution layer provides policy-based connectivity.3. The local-access layer provides workgroup/user access to the network.
8/6/2019 chp 1 N chp 2
13/35
Core Layer
y Responsible for transporting large amounts of traffic reliably and quickly.
y Only purpose is to switch traffic as fast as possible (speed and latency are factors).
y Failure at the Core layer can affect every user, design for fault tolerance at this level.
y Design specifications
Don't Do at this layer
o Don't use access lists, packet filtering, or VLAN Routing.o Don't support workgroup access here.o Don't expand (i.e. more routers), upgrade devices instead (faster with more capacity).
Do at this layer
o Design for high reliability (FDDI, Fast Ethernet with redundant links, or ATM).o Design for speed and low latency.
o Use routing protocols with low convergence times.
Distribution Layer
y Also called workgroup layer, this is the communication point between the access and core layers.
y Primary functions include routing, filtering, WAN access, and determining how packets canaccess the Core layer if necessary.
y Determines fastest/best path and sends request to the Core layer. Core layer will then quicklytransport the request to the correct service.
y Place to implement network policies.Distribution LayerFunctions
o Access lists, packet filtering, queuing.o Security and network policies such as address translation and firewalling.o Re-distribution between routing protocols including static routing.o Routing between VLANs and other workgroup support functions.o Departmental or workgroup access.o Definition of broadcast and multicast domains.o Any media transitions that need to occur.
Access Layer
y Controls local end user access to internetwork resources.
y Also called desktop layer.
y
The resources most users need will be available locally.y Distribution layer handles traffic for remote services.
y Continued use of access lists and filters.
y Creation of separate collision domains (segmentation).
y Workgroup connectivity at Distribution layer.
y Technologies such as DDR and Ethernet switching are seen in the Access layer.
y Static routing is here.
8/6/2019 chp 1 N chp 2
14/35
Department of Defense Model of TCP/IPThe Department of Defense created TCP/IP to ensure and preserve date integrity. The DoD model is a
condensed version of the OSI model and only has four layers.
Corresponding Layers
DoD Model OSI Model
ProcessApplication Layer
Application
Presentation
Session
Host-to-Host Layer Transport
Internet Layer Network
Network Access Layer
Data Link
Physical
Process Application Layer
Defines protocols for node-to-node application communication and also controls user interface specifications.Consists of a set of services that provide ubiquitous access to all types of networks. Applications utilize theservices to communicate with other devices and remote applications
Protocols and Applications
Port Protocol Description
23 Telnet Terminal Emulation (Telephone network)
21 FTP Allows file transfers between computers (File Transfer Protocol)
8/6/2019 chp 1 N chp 2
15/35
69 TFTPHave to know what you want and where it is on the server, no directory browsing, no
user authentication (Trivial File Transfer Protocol)
2049 NFS Allows remote file systems to be mounted as local (Network File System)
25 SMTP Used to send mail between mail servers (Simple Mail Transfer Protocol)
515 LPD Used for print sharing of network printers with TCP/IP (Line Printer Daemon)
161 SNMP Collect and manipulates network information (Simple Network Management Protocol)
53 DNS Resolves FQDN to IP addresses (Domain Name Service)
67 BootP Used by diskless workstations to receive boot file and other information via TFTP
DHCP
Assigns IP addresses to hosts from a pool. Can send IP address, Subnet mask,
Domain Name, Default Gateway, DNS IP, WINS info. (Dynamic Host Configuration
Protocol)
Host-to-Host Layer
This layer shields the upper layers from the process of sending data. Also provides an end-to-end connectionbetween two devices during communication by performing sequencing, acknowledgments, checksums, and flowcontrol. Applications using services at this layer can use two different protocols: TCP and UDP.
Protocols at the Host-to-Host Layer are:
TCP (Transmission Control Protocol)
TCP provides a connection-oriented, reliable services to the applications that use its services.Main Functions of TCP
Segments application layer data stream--
TCP accepts data from applications and segments it into a desirable size for transmission between itself
and the remote devices. The segment size is determined while TCP is negotiating the connection between
the two devices. Either device can dictate the segment size.
Provides acknowledgment times--
TCP maintains timers to identify when packets have taken too long to get to their destination. When an
8/6/2019 chp 1 N chp 2
16/35
acknowledgment is not received for a packet and the timer expires, TCP will resend the packet to the
destination.
Enables sequence number checking--
TCP/IP uses sequence numbers to ensure that all packets sent by an application on one device are read in
the correct order by an application on another device. The packets might not be received at the transport
layer in the correct order, but TCP sequences them in their original order before passing them to the
application layer.
Provides buffer management--
Any time two devices are communicating, the possibility exists that one device can send data faster than
the other can accept it. If this happens, the receiving device puts the extra packets into a buffer to be read
at the first chance it gets. When this data overflow persists, however, the buffer is eventually filled and
packets begin to drop. TCP performs some preventive maintenance called flow control to avoid the
problem.
Initiates connections with 3-way handshake--
TCP uses the concept of the three-way handshake to initiate a connection between two devices. A TCP
connection begins with a device sending a request to synchronize sequence numbers (a SYN packet) and
initiate a connection. The other device receives the message and responds with a SYN message and the
sequence number increased by one. The first device responds by sending an acknowledgment message
(an ACK) to the second device, indicating that the device received the sequence number it expected.
Performs error and duplication checking--
TCP uses a checksum to identify packets that have changed during transport. If a device receives a packet
with a bad checksum, it drops the packet and does not send an acknowledgment for the packet. So the
sending device will resend the packet. Any time TCP receives a duplicate packet it will drop the duplicate.
Performs acknowledgment windowing--
Any time a TCP device sends data to another device, it must wait for the acknowledgment that this data
was received, To increase the bandwidth utilization, TCP can change the window size. Whatever the
window size is negotiated to be, acknowledgments will only be sent after that many packets have been
received at the receiving device. TCP sets the window size dynamically during a connection, allowing
either device involved in the communication to slow down the sending data rate based on the other devices
capacity. This process is known as sliding windowbecause of TCP's ability to change the window size
dynamically.
TCP Overview
Before data is sent, the transmitting host contacts the receiving host to set up a connection known as a virtualcircuit. This makes TCP connection-oriented. During the handshake the two hosts agree upon the amount ofinformation to be sent before an acknowledgment is needed (Windowing). TCP takes the large blocks of data fromthe upper layers and breaks them up into segments that it numbers and sequences. TCP will the pass thesegments to the network layer, which will route them through the Internetwork. The receiving TCP can put thesegments back into order. After packets are sent, TCP waits for an acknowledgment from the receiving end of thevirtual circuit. If no acknowledgment is received then the sending host will retransmit the segment.
8/6/2019 chp 1 N chp 2
17/35
TCP Header Information
Source Port Number
16 bits
(Number of calling port)
Destination
Port
Number
16 bits
(Number
of called
port)
Sequence Number
32 bits
(Number to ensure proper sequence of data.)
Acknowledgment Number
32-bits
(Identifies next segment expected)
Header Length
4 bits
(Number of 32
bit words in
header)
Reserved
6 bits
(Always 0)
Code bits
6 bits
(Identifies type of segment, setup/termination of
session)
Window
size
16 bits
(Number
of octets
the device
is willing
to accept)
TCP Checksum
16 bits
(Used to ensure data integrity)
UrgentPointer
16 bits
(Indicates
end of
urgent
data)
Options
0 or 32 bits
(Identifies maximum segment size)
Data
UDP (UserDatagram Protocol)
UDP transports information that doesn't require reliable delivery; therefore it can have less overhead than TCP
8/6/2019 chp 1 N chp 2
18/35
as no sequencing or acknowledgments are used. NFS and SNMP use UDP for their sessions, the applicationshave their own methods to ensure reliability. UDP receives blocks of information from the upper layers, which itbreaks into segments. It gives each segment a number, sends it, and then forgets about it. No acknowledgments,no virtual circuits, connectionless protocol.
UDPH
eaderF
ormat
Source Port Number
16 bits
(Number of calling port)
Destination Port Number
16 bits
(Number of called port)
UDP Length
16 bits
(Length of UDP in bytes)
UDP Checksum
16 bits
(Used to ensure data integrity)
Data
Differences between TCP andUDP
Differences Between TCP and UDP
TCP UDP
Sequenced Unsequenced
Reliable -sequence numbers,
acknowledgments, and 3-way
handshake
Unreliable -best effort only
Connection Oriented Connectionless
Virtual Circuits Low Overhead
Checksum for Error Checking Checksum for Error Checking
Uses buffer management to
avoid overflow, uses sliding
window to maximize bandwidth
efficiency
No flow control
8/6/2019 chp 1 N chp 2
19/35
Assigns datagram size
dynamically for efficiency
Every datagram segment is the
same size
TCP and UDP Port Numbers
TCP and UDP use port numbers to communicate with the upper layers. Port numbers keep track of differentsessions across the network. The source port will be above 1024 (unprivileged). 1023 and below (privileged) areknown as well known ports and are assigned to common protocols. TCP and upper layer don't use hardware(MAC) and logical (IP) addresses to see the host's address; instead they use port numbers.
Internet Layer
The Internet Layer exists for routing and providing a single network interface to the upper layers. IP providesthe single network interface for the upper layers.
Protocols at the Internet Layer are:
IP (Internet Protocol)
The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and somecontrol information that enables packets to be routed. IP has two primary responsibilities: providing
connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation andreassembly of datagrams to support data links with different maximum-transmission unit (MTU) sizes.
All machines on a TCP/IP network have a unique logical address, an IP address. The Internet Layer (IP) has acomplete picture of the entire network and is responsible for path determination and packet switching. IP is thetransport for TCP, UDP, and ICMP and provides an unreliable service. It lets the upper layer protocols that use itworry about reliability. IP will perform as a connectionless service because it handles each datagram as anindependent entity. IP performs packet switching and path determination by maintaining tables that indicate whereto send a packet based on its IP address. IP gets the destination address from the packet. IP receives segmentsfrom the Host-to-Host layer and fragments them into packets. IP will then reassemble the packets into segmentson the receiving end to send to the Host-to-Host layer. Each packet has the source and destination IP address.Each router will make path determinations based on the destination IP address.
ICMP (InternetControlMessage Protocol)
The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that provides messagepackets to report errors and other information regarding IP packet processing back to the source. ICMP utilizes IPto carry the ICMP data within it through a network.
ICMP Messages
8/6/2019 chp 1 N chp 2
20/35
ICMPs generate several kinds of useful messages, including Destination Unreachable, Echo Request andReply, Redirect, Time Exceeded, and Router Advertisement and Router Solicitation. If an ICMP message cannotbe delivered, no second one is generated. This is to avoid an endless flood of ICMP messages.
When an ICMP destination-unreachable messageis sent by a router, it means that the router is unable to
send the package to its final destination. The router then discards the original packet. Destination-unreachablemessages include four basic types: network unreachable, host unreachable, protocol unreachable, and portunreachable.
y Network-unreachablemessages usually mean that a failure has occurred in the routing or addressing of apacket.
y Host-unreachablemessages usually indicates delivery failure, such as a wrong subnet mask.
y Protocol-unreachablemessages generally mean that the destination does not support the upper-layerprotocol specified in the packet.
y Port-unreachable messages imply that the TCP socket or port is not available.
An ICMP echo-requestmessage, which is generated by the ping command, is sent by any host to test nodereachability across an internetwork. The ICMP echo-reply message indicates that the node can be successfully
reached. PING - Packet Internet Gropher, uses echo message to test physical connectivity.
An ICMP Redirect message is sent by the router to the source host to stimulate more efficient routing. Therouter still forwards the original packet to the destination. ICMP redirects allow host routing tables to remain smallbecause it is necessary to know the address of only one router, even if that router does not provide the best path.Even after receiving an ICMP Redirect message, some devices might continue using the less-efficient route.
An ICMP Time-exceeded message is sent by the router if an IP packet's Time-to-Live field (expressed in hopsor seconds) reaches zero. The Time-to-Live field prevents packets from continuously circulating the internetwork ifthe internetwork contains a routing loop. Routers discard packets that have reached their maximum hop count andtell the source machine that the packet is expired. Traceroute - uses ICMP timeouts to find the path a packet
takes through the internetwork.
ARP (Address Resolution Protocol)
Used to find the MAC address from the known IP address. ARP sends a broadcast asking for the machine withthe specified IP address to respond with its MAC address. If two devices want to communicate, the first device cansend a broadcast ARP message requesting the physical address for a specified IP address. The receiving deviceresponds with its IP address and the first device maintains the entry in its ARP cache. If a device doesn't exist onthe same subnet, the sending device addresses the the default gateway's physical address and sends the packetto the default gateway.
RARP Reverse Address Resolution Protocol)
This protocol is used to find an IP address when the MAC address is known. A machine sends a broadcast
with its MAC address and requests its IP address. An example of a device that uses RARP is a disklessworkstation. Since it can't store its logical network address, it sends its MAC address to a RARP server to requestsits IP address. A RARP server responds to the RARP request with the device's IP address.
Network Access Layer
8/6/2019 chp 1 N chp 2
21/35
The Network Access Layer monitors the data exchange between the host and the network. Oversees MACaddressing and defines protocols for the physical transmission of data.
DOD Model and TCP/IP
Ethernet Networking
Ethernet is a contention media access method that allows all hosts on a network to share thebandwidth of a link, is specified at the Data Link layer, and uses specific physical layer cabling andsignaling techniques. Ethernet networking uses Carrier Sense Multiple Access with Collision Detection(CSMA/CD) to share the bandwidth without having two devices transmit at the same time on the networkmedium. When a node transmits in a CSMA/CD environment, all the other nodes receive and examinethe packet to see if it is destined for them, bridges and routers prevent the transmission from propagatingthroughout the internetwork.
CSMA/CD
1. Carrier Sense a workstation listens to the network to ensure that there aren't any other stationstransmitting when it wants to transmit.
2. If the network is quiet for a period of time called IFG (InterFrame Gap), the station may transmit.3. The network is continuously monitored if it is determined to be busy. Once the IFG is observed,
the station may transmit.4. When two or more stations are listening at the same time and determine the network is free and
then try to transmit at the same time, a collision will occur and destroy both packets. The networkis monitored during transmissions to detect collisions.
5. Transmission is stopped immediately if the station detects a collision on the network during itstransmission. A signal is sent on the network to indicate that a collision has occurred and informsall stations to disregard all corrupted packets they may have been receiving.
8/6/2019 chp 1 N chp 2
22/35
6. A random backoff algorithm is applied to determine how long each station that had a collisionduring its transmission will have to wait to retransmit.
7. Starts over at step one to repeat the transmitting process.
Since Ethernet networks are connected with repeaters to extend the network, whenever a collisionoccurs it is repeated on each adjoining segment.H
ow some LA
NH
ardware treats collisions:
y A repeater receives and immediately retransmits each bit; it doesnt depend on any particularprotocol, it simply duplicates everything, including the collisions.
y A bridge receives the entire message into memory. If the message was damaged by a collision ornoise, it is discarded. Otherwise, the message is queued up and will be retransmitted ontoanother Ethernet cable. The bridge has no address. Its actions are transparent to the client andserver workstations.
y A router acts as an agent to receive and forward messages. The router has an address and isknown to the client or server machines. Typically, machines directly send messages to each otherwhen they are on the same cable, and they send the router messages addressed to anotherzone, department, or sub-network.
IEEE Specifications for Ethernet
y 802.3 - Ethernet LAN SpecificationsTwo new specifications, both run on twisted pair and fiber optic.
y 802.3u - Fast Ethernet
y 802.3z - Gigabit Ethernet
Ethernet Speeds at Cisco Hierarchical Layers
y Access - 10Mbps switches for clients, 100Mbps for Servers.y Access to Distribution - use 100Mbps.
y Distribution to Core - use 100Mbps or 1000Mbps, with redundant links.
Cable Specifications
Name Class Length Host per Segment Topology
10base2 50ohm Coax 185m 30 Phys. + logical Bus
10base5 50ohm Coax 500m 208 Phys. + logical Bus
10baseT Cat 3,4,5 UTP 100m 1 Phys.. star + logical bus
100baseTx Cat 5,6,7 UTP 100m 1 Phys. star + logical bus
100baseFX Multimode Fiber 400m 1 point to point
8/6/2019 chp 1 N chp 2
23/35
1000baseCX STP 25m 1 Point to point
1000baseT Cat 5 UTP 100m 1 Phys. star + logical bus
1000baseSX Multimode Fiber 260m
1000baseLX Singlemode Fiber 3 - 10K
802.3uFastEthernetFeatures and Benefitsy 100baseT was adopted by IEEE as the 802.3u standard in 1995.
y 100baseT is ethernet operating at 10 times the speed of regular ethernet.
y Just like 10baseT, it can be used in a shared or switched environment.
y Can operate in full-duplex without collisions.
y Use twisted pair or fiber.
y The 100BaseT maximum network diameter is 205 meters, which is approximately 10 times lessthan 10-Mbps Ethernet.
y 100BaseT networks support an optional feature, called autonegotiation, that enables a deviceand a hub to exchange information (using 100BaseT FLPs) about their capabilities, therebycreating an optimal communications environment. Autonegotiaton supports a number ofcapabilities, including speed matching for devices that support both 10-and 100-Mbps operation,full-duplex mode of operation for devices that support such communications, and an automaticsignaling configuration for 100BaseT4 and 100BaseTX stations.
y The IEEE 802.3u specification for 100BaseTX networks allows a maximum of two repeater (hub)networks and a total network diameter of approximately 200 meters. A link segment, which isdefined as a point-to-point connection between two Medium Independent Interface (MII) devices,can be up to 100 meters.
100BaseT supports three media types at the OSI physical layer (Layer 1): 100BaseTX, 100BaseFX,and 100BaseT4.
Characteristics of 100BaseT Media Types
Characteristics 100BaseTX 100BaseFX 100BaseT4
Cable Category 5 UTP, or Type
1 and 2 STP
62.5/125 micron multi-mode
fiber
Category 3, 4, or 5
UTP
Number of pairs orstrands
2 pairs 2 strands 4 pairs
Connector ISO 8877 (RJ-45)
connector
Duplex SCmedia-interface
connector (MIC) ST
ISO 8877 (RJ-45)
connector
Maximum segment 100 meters 400 meters 100 meters
8/6/2019 chp 1 N chp 2
24/35
length
Maximum network
diameter
200 meters 400 meters 200 meters
Half-DuplexEthernet
y Defined in 802.3 ethernet, usually runs on 10baseT.
y Uses only one wire pair with signals running in both directions on the wire, stations either transmitor receive not both.
y Uses CSMA/CD protocol to detect collisions and retransmit if they occur.
y If you attach a hub to a switch, the switch must run in half-duplex so the end stations can detectcollisions.
Full-DuplexEthernet
Full-duplex provides the means of transmitting and receiving simultaneously on a single wire. Full-duplex is typically used between two endpoints, such as between switches, between switches andservers, between switches and routers, and so on. Full-duplex has allowed bandwidth on Ethernet andFast Ethernet networks to be easily and cost-effectively doubled from 10 Mbps to 20 Mbps and 100 Mbpsto 200 Mbps, respectively.
y Data can be simultaneously transmitted and received, doubling the nominal throughput.
y Uses two pairs of wire, one pair sends and the other receives data.
y Can't run on COAX, must be twisted pair or fiber.
y Uses a point-to-point connection between transmitting and receiving devices.
y When powered on, it negotiates with the other end of the link (auto-detect mechanism), it firstchecks for available speed 10 or 100mbps, it then checks to see if it can run in full-duplex. If itcan't, it will run in half-duplex.
UTP
y Uses RJ-45 connector with up to four pairs of twisted wire.
y Twisted wires eliminate crosstalk between the wire and the more twists in the wire the higher thecategory rating and the quality.Straight Wired
y The wires are in the same order at both ends of the RJ-45s.Used For
o Router to hub or switch.o Server to hub or switch.o Workstation to hub or switch.
Crossover
y Two pairs of the wires are crossed at one end of the cable.
y Switch the first and third and second and sixth wires on one end.Used For
o Uplinks between hubs and switches.o Hubs to switches.o Router to router.
8/6/2019 chp 1 N chp 2
25/35
o Connecting two PCs without a hub or switch.
CAT5UTP Wiring Order for Patch andCrossoverCables
1. To make your own CAT 5 (patch/crossover) cable you will have to first cut the wire to the neededlength and strip about 3/4 of an inch of the outer jacket off both ends.
2. Next arrange the eight individual wires in the following order:
Patch Cable Wiring Order [ Left to Right ]
Wire
Colororange/white orange green/white blue blue/white green brown/white brown
Wire
Number1 2 3 4 5 6 7 8
3.4. Next, holding the wires together, trim them so the ends are all flush. Wire number1 will stay on
the left side.5. Next turn an RJ-45 jack upside down {locking tab down} and slide the wires in until they align
below the brass connectors. Make sure they are still in the same order as above.6. Now, holding the wires firmly in the jack, place the jack in the pair of crimpers and proceed to
firmly crimp them in place.7. Once done crimping, pull gently on the wires to verify that they were securely crimped; if they
aren't secure, cut the bad end off and go back to step 1.8. If that side is done, you can now proceed to step 8 to make a crossover cable (the other side is
done the same except wires 1 and 3 and 2 and 6 are switched) or if you want to make a patchcable (connects PC to hub) follow steps 1 through 6 for both sides of the cable.
9. Only one end of a crossover cable is switched, and is in the following order:
Crossover Cable Wiring Order [1 + 3 and 2 + 6 switched from patch cable
order]
Wire
Colorgreen/white green orange/white blue blue/white orange brown/white brown
Wire
Number1 2 3 4 5 6 7 8
10.11. Now follow steps 3 - 6 to create the crossover cable.
IP Addressing and Subnet Masking
8/6/2019 chp 1 N chp 2
26/35
IP addresses are 32 bits long and are represented as a quad octet set. Each octet represents 1 byte(8 bits) and has a range of 0-255 for 256 values ( 2
8= 256 ). IP networks are divided into classes, with
each class having a network ID and host range. Each class uses bits from the first octet as part of thenetwork ID and depending on the network class can use up to two other octets for the network ID with theremaining octets reserved for hosts on the network. For example, class A networks use the first octet asthe network range and the other three octets are for hosts on the networks and class C networks use thefirst three octets from the left as the network ID, leaving only one octet available for hosts. The Networkclasses are divided into classes as follows.
IP Address Classes
Class
First Octet's
Range
Decimal
First Octet's
Binary
Range
Network HostDefault Subnet
Mask
A 0-12600000000 -
01111110
Network.Host.Host.Host
Example
10.128.22.100
255.0.0.0
B 128-19110000000 -
10111111
Network.Network.Host.Host
Example
172.12.15.65
255.255.0.0
C 192-22311000000 -
11011111
Network.Network.Network.Host
Example
209.38.1.2
255.255.255.0
D
E
224-239
240-255
11100000 -
11111111
D is for multicast
E is experimental N/A
Some IP addresses are reserved for special use and are not to be used as networks.
Reserved IP Addresses
Address Use
127.0.0.1 Used for loopback
0.0.0.0Used as default route on Cisco
Equipment
255.255.255.255 Broadcast to all nodes on network
8/6/2019 chp 1 N chp 2
27/35
IP Network addressing
y A network address uniquely identifies each network.
y Every machine on the network shares the same network portion of it's IP address.
y The node portion of the IP address uniquely identifies the node on its network, can also be calledhost address.
Identifying the Parts ofIPNetworkAddresses
This table has one example with the other fields left blank for your practice.
Address ClassNetwork
Portion
Host
Portion
Default
Subnet
63.125.22.14 A 63. 125.22.14 255.0.0.0
199.2.2.10
189.88.25.1
16.12.1.84
145.1.40.2
221.220.21.20
Process ForSubnet masking1. How many subnets?
2(masked bits)
- 2 = Subnets
2. How many valid hosts per subnet?2
(unmasked bits)- 2 = Hosts
3. What are the valid subnets?256-(subnet base)=Base number
4. What are the valid hosts in the subnets?All numbers between subnets minus the all 1s (.255) and all 0s (.0) host addresses.
5. What is broadcast address of the subnet?All the host bits turned on.
8/6/2019 chp 1 N chp 2
28/35
Example of subnet masking
(255.255.255.192) = (11111111.1111111.1111111.11000000)
1. (22)-2 = 2 Subnets
2. (26)-2 = 62 Hosts per subnet
3. 256 - 192 = 64 (.01000000) {For the first subnet}
4. 65 to 126 (.01000001 to .01111110) Valid hosts in the subnets
5. 127 (.01111111) Broadcast
LAN SegmentationThis page will discuss the advantages of LAN segmentation and will describe LAN segmentation
using bridges, switches, and routers. Also described will be the benefits of using each of these threeinternetworking devices.
Describe the advantages of LAN segmentation
When separate networks are needed or if a network has reached its physical limitations,segmentation is used. Segmenting a LAN can extend the network, reduce congestion, isolate networkproblems, and improve security.
Extending the network -- When the maximum physical limitations of a network has beenreached, routers may be added to create new segments to allow additional hosts onto the LAN.
Reduce Congestion -- As the number of hosts on a single network increases, the bandwidth
required also increases. By segmenting the LAN, you can reduce the number of hosts pernetwork. If traffic consists of communications between hosts on the same segment, thenbandwidth usage is substantially reduced.
Isolate network problems -- By dividing the network into smaller segments, you reduce theoverflow of problems from one segment to the next. Hardware and software failures are some ofthe problems that can be reduced to affect smaller portions of the network.
Improve Security -- By utilizing segments, a network administrator can ensure that the internalstructure of the network will not be visible from an outside source. Privileged packets will only bebroadcast on the subnet it originated from, not throughout the network.
Describe LAN segmentation using bridges.
The term bridging refers to a technology in which a device (known as a bridge) connects two or more
LAN segments. A bridge transmits datagrams from one segment to their destinations on other segments.
Bridges are capable of filtering frames based on any Layer 2 fields. A bridge, for example, can beprogrammed to reject (not forward) all frames sourced from a particular network. Because link-layerinformation often includes a reference to an upper-layer protocol, bridges usually can filter on thisparameter. Furthermore, filters can be helpful in dealing with unnecessary broadcast and multicastpackets. Because only a certain percentage of traffic is forwarded, a bridge or switch diminishes thetraffic experienced by devices on all connected segments. The bridge or switch will act as a firewall for
8/6/2019 chp 1 N chp 2
29/35
some potentially damaging network errors, and both accommodate communication between a largernumber of devices than would be supported on any single LAN connected to the bridge.
Describe LAN segmentation using routers.
Because routers use Layer 3 addresses, which typically have structure, routers can use techniques
(such as address summarization) to build networks that maintain performance and responsiveness asthey grow in size. Segments are interconnected by routers to enable communication between LANswhile blocking other types of traffic. Routers also allow for the interconnection of disparate LAN and WANtechnologies while also implementing broadcast filters and logical firewalls. In general, if you needadvanced internetworking services, such as broadcast firewalling and communication between dissimilarLANs, routers are necessary.
Describe LAN segmentation using switches.
Switches are data link layer devices that, like bridges, enable multiple physical LAN segments to beinterconnected into a single larger network. Similar to bridges, switches forward and flood traffic basedon MAC addresses. Because switching is performed in hardware instead of in software, however, it is
significantly faster. Switches use either store-and-forward switching or cut-through switching whenforwarding traffic.
Segmenting shared-media LANs divides the users into two or more separate LAN segments,reducing the number of users contending for bandwidth. LAN switching technology, which builds uponthis trend, employs microsegmentation, which further segments the LAN to fewer users and ultimately toa single user with a dedicated LAN segment. Each switch port provides a dedicated, 10MB Ethernetsegment. Segments are interconnected by internetworking devices that enable communication betweenLANs while blocking other types of traffic. Switches have the intelligence to monitor traffic and compileaddress tables, which then allows them to forward packets directly to specific ports in the LAN. Switchesalso usually provide nonblocking service, which allows multiple conversations (traffic between two ports)to occur simultaneously.
LAN switches can be used to segment networks into logically defined virtual workgroups (VLANs).This logical segmentation, commonly referred to as VLAN communication, offers a fundamental changein how LANs are designed, administered, and managed. Logical segmentation provides substantialbenefits in LAN administration, security, and management of network broadcast across the enterprise.
Superior throughput performance, higher port density, lower per-port cost, and greater flexibility havecontributed to the emergence of switches as replacement technology for bridges and as complements torouting technology.
Describe the benefits of network segmentation with bridges.
Transparent bridges successfully isolate intrasegment traffic, thereby reducing the traffic seen on
each individual segment. This usually improves network response times, as seen by the user.
y Bridges and switches extend the effective length of a LAN, permitting the attachment of distantstations that were not previously permitted.
y Bridges can connect more than two LANs and use the Spanning Tree Algorithm to eliminateloops while still allowing connectivity and redundancy between them.
y Bridges can compensate for speed discrepancies of WAN and LAN connections by using itsbuffering capabilities. This is done by storing the incoming data in on-board buffers and sendingit over the serial link at a rate that the serial link can accommodate.
8/6/2019 chp 1 N chp 2
30/35
y Some bridges are MAC-layer bridges, which bridge between homogeneous networks (forexample, IEEE 802.3 and IEEE 802.3), while other bridges can translate between different link-layer protocols (for example, IEEE 802.3 and IEEE 802.5).
Describe the benefits of network segmentation with routers.
Routers offer the following benefits in LAN segmentation:
y Media Transition--Routers are used to connect networks of different media types, taking care ofthe Layer 3 address translations and fragmentation requirements.
y Broadcast control--By default, routers don't pass broadcasts and therefore restrict the broadcastdomain. In addition to preventing broadcasts from radiating throughout the network, routers arealso responsible for generating services to each LAN segment. The following are examples ofservices that the router provides to the network for a variety of protocols:
o IP---Proxy ARP and Internet Control Message Protocol (ICMP)o IPX---SAP table updateso AppleTalk---ZIP table updateso Network management---SNMP queries
y Packet Filtering--Routers can filter packets either inbound or outbound between LAN segmentsor LAN and WAN segments.
y VLAN Communications--Routers remain vital for switched architectures configured as VLANsbecause they provide the communication between VLANs.
y Large Packets--Routers can handle large packets by fragmenting them into smaller pieces,sending them across the network, and reassembling them whereas bridges discard frames thatare too large.
Describe the benefits of network segmentation with switches.
Layer 2 switches offer some or all of the following benefits:
y Unlike hubs and repeaters, switches allow multiple data streams to pass simultaneously.
y LAN switches are used to interconnect multiple LAN segments. LAN switching providesdedicated, collision-free communication between network devices, with support for multiplesimultaneous conversations.
y Collisions--Switches reduce collisions on network segments because they provide dedicatedbandwidth to each network segment and each connected segment is in a separate collisiondomain.
y Bandwidth---LAN switches provide excellent performance for individual users by allocatingdedicated bandwidth to each switch port (for example, each network segment). This technique isknown as microsegmenting. An Ethernet LAN switch improves bandwidth by separating collisiondomains and selectively forwarding traffic to the appropriate segments.
y Dedicated Bandwidth---Switches deliver dedicated bandwidth to users through high-densitygroup switched and switched 10BaseT or 100BaseT Ethernet.
y VLANs---LAN switches can group individual ports into logical switched workgroups called VLANs,thereby restricting the broadcast domain to designated VLAN member ports. VLANs are alsoknown as switched domains and autonomous switching domains. Communication betweenVLANs requires a router.
8/6/2019 chp 1 N chp 2
31/35
Ethernet FramesEthernet was developed by the Xerox Corporation's Palo Alto Research Center (PARC) in the
1970s. Ethernet was the technological basis for the IEEE 802.3 specification, which was initially releasedin 1980. Shortly thereafter, DEC, Intel, and Xerox jointly developed and released and Ethernet
specification (Version 2.0) that is substantially compatible with IEEE 802.3. Today, the term Ethernet isoften used to refer to all CSMA/CD LANs that generally conform to Ethernet specification, including802.3.
EthernetFrames
y Used at the Data Link layer to encapsulate packets handed down from the Network layer fortransmission on a medium.
y Ethernet_II frames have a type field in their frame.
y 802.3 frames have a length field in their frame.
y Data size can be from 46 to 1500 bytes.
y FCS - Frame Check Sequence - used to store the CRC (Cyclic Redundancy Check) for the
frame.y 802.3 frame can't contain information about the upper layer protocols (Network Layer), so it is
combined with the 802.2 (LLC) frame to provide this function.
The FourTypes ofEthernetFrames:
Ethernet II IEEE 802.3 IEEE 802.2 SNAP
Ethernet II
Ethernet provides services corresponding to Layers 1 and 2 of the OSI model. In Ethernet frames,the 2-byte field following the source address is a type field. This field specifies the upper-layer protocolto receive the data after Ethernet processing is complete. Ethernet is a broadcast LAN that usesCSMA/CD.
IEEE 802.3
IEEE 802.3 specifies the Physical layer (Layer 1) and the channel access portion of the Data Linklayer (Layer 2), but doesn't define a logical link control protocol. In IEEE 802.3 frames, the 2-byte fieldfollowing the source address is a length field, which indicates the number of bytes of data that followsthis field and precede the frame check sequence (FCS) field. Following this is the data field, which will
contain data for the frame. In the case of IEEE 802.3, the upper-layer protocol must be defined within thedata portion of the frame. IEEE 802.3 is also a broadcast LAN that uses CSMA/CD.
IEEE 802.2
IEEE 802.2 is often referred to as the Logical Link Control (LLC). It is extremely popular in LANenvironments, where it interoperates with protocols such as IEEE 802.3, IEEE 802.4, and IEEE 802.5.Upper-layer processes use IEEE 802.2 services through service access points (SAPs). The IEEE 802.2
8/6/2019 chp 1 N chp 2
32/35
header begins with a destination service access point (DSAP) field, which identifies the receiving upper-layer process. Following the DSAP address is the source service access point (SSAP) address, whichidentifies the sending upper-layer process.
802.2 SNAP
The SNAP (Subnetwork Architecture Protocol) frame has its own protocol field to identify the upper-layer protocol. This is a way to allow an Ethernet II frame to be used in an 802.3 frame. SNAP frame'sDSAP and SSAP are always set to AA with the command field set to 3. SNAP was created because notall protocols worked well with the 802.3 frame which has no ether-type field. 802.2 frame is an 802.3frame with the LLC info in the data field of the header (has DSAP and SSAP). To allow the proprietaryprotocols created by application developers to be used in the LLC frame, the IEEE defined the SNAPformat. SNAP is mostly seen with proprietary protocols such as Appletalk and the Cisco CDP.
MACAddressing
o 48-bit address.o Manufacturer's identification (OUI- Organizationally Unique Identifier) is the first 24-bits and is
assigned by the IEEE.o Manufacturer assigns a unique value to the second 24-bit section
Function of a MAC address
y The MAC address uniquely identifies the device from any other device in the world.y The MAC address is a 48 bit address represented by 12 hexadecimal digits.
y The first 6 digits contain the manufacturer's Unique identifier (OUI) and the last 6 digits are theunique serial number assigned by the manufacturer.
y The MAC Address is usually burned onto a NIC (Network Interface Card) in its ROM (Read OnlyMemory).
MA
CA
ddress Examples
MAC AddressManufacturer
Code
Serial
Number
FF34.2344.13FD FF34.23 44.13FD
44CC.7800.34FF 44CC.78 00.34FF
00A0.CC60.1388 00A0.CC 60.1388
3Types ofMedia Access1. Contention (Ethernet)2. Token Passing (Token Ring, FDDI)3. Polling (IBM Mainframes, 100VGAnyLAN)
8/6/2019 chp 1 N chp 2
33/35
Ethernet
y Uses a logical bus topology - signal runs from one end of the segment to the other.
y Baseband technology - when a station transmits, it uses the entire bandwidth.
y Uses CSMA/CD.
y Best effort delivery.
Each of the 802.3 (Ethernet) standards defines an AUI
y 10BaseT - uses AUI - 1 bit at a time
y 100BaseT - uses MII - 4 bits at a time
y 1000BaseT - uses GMII - 8 bits at a time
AUI - Attachment Unit Interface
MII - Media Independent Interface
GMII - Gigabit Media Independent Interface
LAN ProtocolsThis page introduces the various media-access methods, transmission methods, topologies, and
devices used in a local area network (LAN); to include methods and devices used in Ethernet/IEEE 802.3,Token Ring/IEEE 802.5, and Fiber Distributed Data Interface (FDDI).
A LAN is a high-speed, fault-tolerant data network that covers a relatively small geographic area. Ittypically connects workstations, personal computers, printers, and other devices. LANs offer computer
users many advantages, including shared access to devices and applications, file exchange betweenconnected users, and communication between users via electronic mail and other applications
Media-Access Methods
LAN protocols typically use one of two methods to access the physical network medium: carriersense multiple access collision detect (CSMA/CD) and token passing.
In the CSMA/CD media-access scheme, network devices contend for use of the physical networkmedium. CSMA/CD is therefore sometimes called contention access. Examples of LANs that use theCSMA/CD media-access scheme are Ethernet/IEEE 802.3 networks, including 100BaseT.
In the token-passing media-access scheme, network devices access the physical medium based onpossession of a token. Examples of LANs that use the token-passing media-access scheme are TokenRing/IEEE 802.5 and FDDI.
LAN Transmission Methods
LAN data transmissions fall into three classifications: unicast, multicast, and broadcast. In each typeof transmission, a single packet is sent to one or more nodes.
8/6/2019 chp 1 N chp 2
34/35
1. In a unicast transmission, a single packet is sent from the source to a destination on a network.2. A multicast transmission consists of a single data packet that is copied and sent to a specific
subset of nodes on the network.3. A broadcast transmission consists of a single data packet that is copied and sent to all nodes on
the network.
LAN Topologies
LAN topologies define the manner in which network devices are organized. Four common LANtopologies exist: bus, ring, star, and tree. These topologies are logical architectures, but the actualdevices need not be physically organized in these configurations. Logical bus and ring topologies, forexample, are commonly organized physically as a star.
A bus topology is a linear LAN architecture in which transmissions from network stationspropagate the length of the medium and are received by all other stations.
A ring topology is a LAN architecture that consists of a series of devices connected to oneanother by unidirectional transmission links to form a single closed loop. Both Token Ring/IEEE802.5 and FDDI networks implement a ring topology.
A tree topology is a LAN architecture that is identical to the bus topology, except that branches
with multiple nodes are possible in this case. A star topology is a LAN architecture in which the endpoints on a network are connected to a
common central hub, or switch, by dedicated links. Logical bus and ring topologies are oftenimplemented physically in a star topology.
LAN Devices
Devices commonly used in LANs include repeaters, hubs, LAN extenders, bridges, LAN switches,and routers.
y A repeateris a physical layer device used to interconnect the media segments of an extendednetwork. A repeater essentially enables a series of cable segments to be treated as a single
cable. Repeaters receive signals from one network segment and amplify, retime, and retransmitthose signals to another network segment. These actions prevent signal deterioration caused bylong cable lengths and large numbers of connected devices. Repeaters are incapable ofperforming complex filtering and other traffic processing. In addition, all electrical signals,including electrical disturbances and other errors, are repeated and amplified. The total number ofrepeaters and network segments that can be connected is limited due to timing and other issues.
y A hub is a physical-layer device that connects multiple user stations, each via a dedicated cable.Electrical interconnections are established inside the hub. Hubs are used to create a physical starnetwork while maintaining the logical bus or ring configuration of the LAN. In some respects, ahub functions as a multiport repeater.
y A LAN extenderis a remote-access multilayer switch that connects to a host router. LANextenders forward traffic from all the standard network-layer protocols (such as IP, IPX, and
AppleTalk), and filter traffic based on the MAC address or network-layer protocol type. LAN
extenders scale well because the host router filters out unwanted broadcasts and multicasts. LANextenders, however, are not capable of segmenting traffic or creating security firewalls.
y Bridges analyze incoming frames, make forwarding decisions based on information contained inthe frames, and forward the frames toward the destination. In some cases, such as source-routebridging, the entire path to the destination is contained in each frame. In other cases, such astransparent bridging, frames are forwarded one hop at a time toward the destination.
y Switches are data link layer devices that, like bridges, enable multiple physical LAN segments tobe interconnected into a single larger network. Similar to bridges, switches forward and floodtraffic based on MAC addresses. Because switching is performed in hardware instead of in
8/6/2019 chp 1 N chp 2
35/35
software, however, it is significantly faster. Switches use either store-and-forward switching orcut-through switching when forwarding traffic. Many types of switches exist, including ATMswitches, LAN switches, and various types of WAN switches.
y Routers perform two basic activities: determining optimal routing paths and transportinginformation groups (typically called packets) through an internetwork. In the context of the routingprocess, the latter of these is referred to as switching. Although switching is relatively
straightforward, path determination can be very complex.