Google
 

Wednesday, March 5, 2008

TCP STATE DIGRAM

TCP FORMAT

TCP: The Connection-Oriented Transport Protocol

TCP important features that worth mentioning:

  • Stream-oriented processing— TCP processes data in a stream. In other words, TCP can accept data a byte at a time rather than as a preformatted block. TCP formats the data into variable-length segments, which it will pass to the Internet layer.

  • Resequencing— If data arrives at the destination out of order, the TCP module is capable of resequencing the data to restore the original order.

  • Flow control — TCP's flow control feature ensures that the data transmission won't outrun or overrun the destination machine's capability to receive the data. This is especially critical in a diverse environment in which there may be considerable variation of processor speeds and buffer sizes.

  • Precedence and security— The Department of Defense specifications for TCP call for optional security and priority levels that can be set for TCP connections. Many TCP implementations, however, do not provide these security and priority features.

  • Graceful close— TCP is as careful about closing a connection as it is about opening a connection. The graceful close feature ensures that all segments have been sent and received before a connection is closed.

Well-Known UDP Ports


Service

UDP Port Number

Description

echo

7

Echo

discard

9

Discard or null

systat

11

Users

daytime

13

Daytime

netstat

15

Network status

qotd

17

Quote of the Day

chargen

19

Character generator

time

37

Time server

name

42

Host Name server

domain

53

Domain name server (DNS)

nameserver

53

Domain name server (DNS)

bootps

67

Bootstrap protocol service/DHCP

bootpc

68

Bootstrap protocol client/DHCP

tftp

69

Trivial File Transfer Protocol

portmap

111

sunrpc

111

SUN RPC service

ntp

123

Network Time Protocol

nbname

137

NetBIOS name

nbdatagram

148

NetBIOS datagram

sgmp

153

snmp

161

Simple Network Management Protocol

snmp-trap

162

Simple Network Management Protocol trap

Well-Known TCP Ports


Service

TCP Port Number

Brief Description

tcpmux

1

TCP port service multiplexor

compressnet

2

Management utility

compressnet

3

Compression utility

echo

7

Echo

discard

9

Discard or null

systat

11

Users

daytime

13

Daytime

netstat

15

Network status

qotd

17

Quote of the Day

chargen

19

Character generator

ftp-data

20

File Transfer Protocol data

ftp

21

File Transfer Protocol control

telnet

23

Terminal network connection

smtp

25

Simple Mail Transport Protocol

nsw-fe

27

NSW user system

time

37

Time server

name

42

Host name server

domain

53

Domain name server (DNS)

nameserver

53

Domain name server (DNS)

DHCP

67

Dynamic Host Configuration Protocol

gopher

70

Gopher service

rje

77

Remote job entry

finger

79

Finger

http

80

WWW service

link

87

TTY link

supdup

95

SUPDUP protocol

hostnames

101

sri-nic host name server

iso-tsap

102

ISO-TSAP

x400

103

X.400 mail service

x400-snd

104

X.400 mail send

pop

109

Post Office Protocol

pop2

109

Post Office Protocol 2

pop3

110

Post Office Protocol 3

portmap

111

sunrpc

111

SUN RPC service

auth

113

Authentication service

sftp

115

Secure FTP

path

117

UUCP path service

uucp-path

117

UUCP path service

nntp

119

Usenet Network News Transfer Protocol

nbsession

139

NetBIOS session service

NeWS

144

News

tcprepo

158

TCP repository

Wednesday, February 27, 2008

Transport Layer Concepts

important concepts:

  • Connection-oriented and connectionless protocols

  • Ports and sockets

  • Multiplexing

Connection-Oriented and Connectionless Protocols

  • A connection-oriented protocol establishes and maintains a connection between communicating computers and monitors the state of that connection over the course of the transmission. In other words, each package of data sent across the network receives an acknowledgment, and the sending machine records status information to ensure that each package is received without errors, retransmitting the data if necessary. At the end of the transmission, the sending and receiving computers gracefully close the connection.

  • A connectionless protocol sends a one-way datagram to the destination and doesn't worry about officially notifying the destination machine that data is on the way. The destination machine receives the data and doesn't worry about returning status information to the source computer.

Introducing the Transport Layer

Transport layer protocols to provide the following:

  • An interface for network applications— that is, a way for applications to access the network. The designers wanted to be able to target data not just to a destination computer, but to a particular application running on the destination computer.

  • A mechanism for multiplexing/demultiplexing. Multiplexing, in this case, means accepting data from different applications and computers and directing that data to the intended recipient application on the receiving computer. In other words, the Transport layer must be capable of simultaneously supporting several network applications and managing the flow of data to the Internet layer. On the receiving end, the Transport layer must accept the data from the Internet layer and direct it to multiple applications. This feature, known as demultiplexing, allows one computer to simultaneously support multiple network applications, such as a Web browser, an email client, and a file-sharing application. Another aspect of multiplexing/demultiplexing is that a single application can simultaneously maintain connections with more than one computer.

  • Error checking, flow control, and verification. The protocol system needs an overall scheme that ensures delivery of data between the sending and receiving machines.

Classless Internet Domain Routing


Class A addresses are long gone, and the world is quickly running out of Class B addresses. Many Class C addresses are still available, but the small address space of a Class C network (254 hosts maximum) is a severe limitation in the high-volume game of Internet service providers (ISPs). It is possible to assign a range of Class C networks to a network owner who needs more than 254 addresses. However, treating multiple Class C networks as separate entities when they are all going to the same place only clutters up routing tables unnecessarily.

Classless Internet Domain Routing (CIDR) is a technique that allows a block of network IDs to be treated as a single entity in routing tables. CIDR groups a range of network IDs into a single address entry using what is called a supernet mask. You can think of a supernet mask as something like the opposite of a subnet mask. Instead of designating additional bits for identifying the network, the supernet mask in effect takes bits away from the network ID. The addresses in the range are therefore identified by the network address bits that the networks in the range hold in common. For example, an ISP might be assigned all Class C addresses in the range

204.21.128.0 (11001100000101011000000000000000)

to 204.21.255.255 (11001100000101011111111111111111).

In this case, the network addresses are identical up to the seventeenth bit counting from the left. The supernet mask would therefore be 11111111111111111000000000000000, which is equivalent to the dotted decimal mask 255.255.128.0.

The address block is specified using the lowest address in the range followed by the supernet mask. A common notation for a CIDR address/mask pair is to show the number of mask bits after the address with a slash (/) separator. Hence, the CIDR range in the preceding example would be specified as 204.21.128.0/17.

Subnet Mask Dotted Notation

Description

Dotted Notation

Binary Pattern

Class A

Default Mask

255.0.0.0

11111111 00000000 00000000 00000000

1 subnet bit

255.128.0.0

11111111 10000000 00000000 00000000

2 subnet bits

255.192.0.0

11111111 11000000 00000000 00000000

3 subnet bits

255.224.0.0

11111111 11100000 00000000 00000000

4 subnet bits

255.240.0.0

11111111 11110000 00000000 00000000

5 subnet bits

255.248.0.0

11111111 11111000 00000000 00000000

6 subnet bits

255.252.0.0

11111111 11111100 00000000 00000000

7 subnet bits

255.254.0.0

11111111 11111110 00000000 00000000

8 subnet bits

255.255.0.0

11111111 11111111 00000000 00000000

9 subnet bits

255.255.128.0

11111111 11111111 10000000 00000000

10 subnet bits

255.255.192.0

11111111 11111111 11000000 00000000

11 subnet bits

255.255.224.0

11111111 11111111 11100000 00000000

12 subnet bits

255.255.240.0

11111111 11111111 11110000 00000000

13 subnet bits

255.255.248 0

11111111 11111111 11111000 00000000

14 subnet bits

255.255.252.0

11111111 11111111 11111100 00000000

15 subnet bits

255.255.254.0

11111111 11111111 11111110 00000000

16 subnet bits

255.255.255.0

11111111 11111111 11111111 00000000

17 subnet bits

255.255.255.128

11111111 11111111 11111111 10000000

18 subnet bits

255.255.255.192

11111111 11111111 11111111 11000000

19 subnet bits

255.255.255.224

11111111 11111111 11111111 11100000

20 subnet bits

255.255.255.240

11111111 11111111 11111111 11110000

21 subnet bits

255.255.255.248

11111111 11111111 11111111 11111000

22 subnet bits

255.255.255.252

11111111 11111111 11111111 11111100

Class B

Default Mask

255.255.0.0

11111111 11111111 00000000 00000000

1 subnet bit

255.255.128.0

11111111 11111111 10000000 00000000

2 subnet bits

255.255.192.0

11111111 11111111 11000000 00000000

3 subnet bits

255.255.224.0

11111111 11111111 11100000 00000000

4 subnet bits

255.255.240.0

11111111 11111111 11110000 00000000

5 subnet bits

255.255.248.0

11111111 11111111 11111000 00000000

6 subnet bits

255.255.252.0

11111111 11111111 11111100 00000000

7 subnet bits

255.255.254.0

11111111 11111111 11111110 00000000

8 subnet bits

255.255.255.0

11111111 11111111 11111111 00000000

9 subnet bits

255.255.255.128

11111111 11111111 11111111 10000000

10 subnet bits

255.255.255.192

11111111 11111111 11111111 11000000

11 subnet bits

255.255.255.224

11111111 11111111 11111111 11100000

12 subnet bits

255.255.255.240

11111111 11111111 11111111 11110000

13 subnet bits

255.255.255.248

11111111 11111111 11111111 11111000

14 subnet bits

255.255.255.252

11111111 11111111 11111111 11111100

Class C

Default subnet mask

255.255.255.0

11111111 11111111 11111111 00000000

1 subnet bit

255.255.255.128

11111111 11111111 11111111 10000000

2 subnet bits

255.255.255.192

11111111 11111111 11111111 11000000

3 subnet bits

255.255.255.224

11111111 11111111 11111111 11100000

4 subnet bits

255.255.255.240

11111111 11111111 11111111 11110000

5 subnet bits

255.255.255.248

11111111 11111111 11111111 11111000

6 subnet bits

255.255.255.252

11111111 11111111 11111111 11111100

Wednesday, February 13, 2008

Subnet Mask to Dotted Decimal Notation

To convert a binary subnet mask to dotted decimal notation, follow these steps:

  1. Divide the subnet mask into octets by writing the 32-bit binary subnet mask with periods inserted at the octet boundaries:

    11111111.11111111.11110000.00000000
  2. For every all-ones octet, write down 255. For every all-zeros octet, write down 0.

  3. Convert the mixed octet to decimal using the binary conversion techniques add up the bit position values for all one bits

  4. Write down the final dotted decimal address:

    255.255.240.0

RARP

RARP stands for Reverse ARP. RARP is the opposite of ARP. ARP is used when the IP address is known but the physical address is not known. RARP is used when the physical address is known but the IP address is not known. RARP is often used in conjunction with the BOOTP protocol to boot diskless workstations.


BOOTP (boot PROM)— Many network adapters contain an empty socket for insertion of an integrated circuit known as a boot PROM. The boot PROM firmware starts as soon as the computer is powered on. It loads an operating system into the computer by reading it from a network server instead of a local disk drive. The operating system downloaded to the BOOTP device is pre-configured for a specific IP address






Wednesday, February 6, 2008

Special IP Addresses

A few IP addresses have special meanings and are not assigned to specific hosts. An all-zero host ID refers to the network itself. For instance, the IP address 129.152.0.0 refers to the Class B network with the network ID 129.152.

An all-ones host ID signifies a broadcast. A broadcast is a message sent to all hosts on the network. The IP address 129.152.255.255 is the broadcast address for the Class B network with the network ID 129.152. (Note that the dotted decimal term 255 corresponds to the all-ones binary octet 11111111.)

The address 255.255.255.255 can also be used for broadcast on the network.

Addresses beginning with the term 127 are loopback addresses. A message addressed to a loopback address is sent by the local TCP/IP software to itself. The loopback address is used to verify that the TCP/IP software is functioning.

RFC 1597 also reserves some IP address ranges for private networks. The assumption is that these private address ranges are not connected to the Internet, so the addresses don't have to be unique. In today's world, these private address ranges are often used for the protected network behind network translation devices:

  • 10.0.0.0 to 10.255.255.255

  • 172.16.0.0 to 172.31.255.255

  • 192.168.0.0 to 192.168.255.255

Converting a Decimal Number

Converting a Decimal Number to a Binary Octet

To convert the decimal number 207 to a binary octet, follow these steps:

  1. Compare the decimal number you want to convert (in this case 207) to the number 128. If the decimal number is greater than or equal to 128, subtract 128 and write down a 1. If the decimal number is less than 128, subtract 0 and write down a 0.

    207 > 128

    207 – 128 = 79

    Write down 1 for the 128s place

    Answer so far: 1

  2. Take the result from step 1 (79 in this case) and compare it to the number 64. If the decimal number is greater than or equal to 64, subtract 64 and write down a 1. If the decimal number is less than 64, subtract 0 and write down a 0.

    79 > 64

    79 – 64 = 15

    Write down a 1 for the 64s place

    Answer so far: 11

  3. Take the result from step 2 (15 in this case) and compare it to the number 32. If the decimal number is greater than or equal to 32, subtract 32 and write down a 1. If the decimal number is less than 32, subtract 0 and write down a 0.

    15 <>

    15 – 0 = 15

    Write down a 0 in the 32s place

    Answer so far: 110

  4. Compare the result from step 3 to the number 16. If the number is greater than or equal to 16, subtract 16 and write down a 1. If the number is less than 16, subtract 0 and write down a 0.

    15 <>

    15 – 0 = 15

    Write down a 0 in the 16s place

    Answer so far: 1100

  5. Compare the result of step 4 to the number 8. If the decimal number is greater than or equal to 8, subtract 8 and write down a 1. If the decimal number is less than 8, subtract 0 and write down a 0.

    15 > 8

    15 – 8 = 7

    Write down a 1 in the 8s place

    Answer so far: 11001

  6. Compare the result of step 5 to the number 4. If the decimal number is greater than or equal to 4, subtract 4 and write down a 1. If the decimal number is less than 4, subtract 0 and write down a 0.

    7 > 4

    7 – 4 = 3

    Write down a 1 in the 4s place

    Answer so far: 110011

  7. Compare the result of step 6 to the number 2. If the decimal number is greater than or equal to 2, subtract 2 and write down a 1. If the decimal number is less than 2, subtract 0 and write down a 0.

    3 > 2

    3 – 2 = 1

    Write down a 1 in the 2s place

    Answer so far: 1100111

  8. If the result of step 7 is a 1, write down a 1. If the result of step 7 is a 0, write down a 0.

    1 = 1

    Write down a 1 in the ones place

    Final answer: 11001111

You have now converted the decimal number 207 to its binary equivalent 11001111

Converting a 32-Bit Binary Address

Converting a 32-Bit Binary Address to Dotted Decimal Format

Following is an example showing how to convert a 32-bit binary IP address to dotted decimal format.

Convert the binary address 01011001000111011100110000011000.

  1. First break the address into 8-bit octets:

    Octet 1: 01011001

    Octet 2: 00011101

    Octet 3: 11001100

    Octet 4: 00011000

  2. Convert each octet to a decimal number.

    Table 4.2. Converting a Binary Address to Dotted Decimal Format

    Octet

    Binary Value

    Calculation

    Decimal Value

    1

    01011001

    1+8+16+64

    89

    2

    00011101

    1+4+8+16

    29

    3

    11001100

    4+8+64+128

    204

    4

    00011000

    8+16

    24

  3. Write out the decimal equivalent values in order from left to right. Separate the values with periods:

    The address is: 89.29.204.24

Monday, February 4, 2008

IP Addressing

An IP address is a 32-bit binary address. This 32-bit address is subdivided into four 8-bit segments called octets. Humans do not work well with 32-bit binary addresses or even 8-bit binary octets, so the IP address is almost always expressed in what is called dotted decimal format. In dotted decimal format, each octet is given as an equivalent decimal number. The four decimal values (4 x 8 = 32 bits) are then separated with periods. Eight binary bits can represent any whole number from 0 to 255, so the segments of a dotted decimal address are decimal numbers from 0 to 255. You have probably seen examples of dotted decimal IP addresses on your computer, in this book, or in other TCP/IP documents. A dotted decimal IP address looks like this: 209.121.131.14.

Part of the IP address is used for the network ID, and part of the address is used for the host ID. One complication is that the portion of the address allotted to the network ID varies, depending on the address. Most IP addresses fall into the following address classes:

  • Class A addresses— The first 8 bits of the IP address are used for the network ID. The final 24 bits are used for the host ID.

  • Class B addresses— The first 16 bits of the IP address are used for the network ID. The final 16 bits are used for the host ID.

  • Class C addresses— The first 24 bits of the IP address are used for the network ID. The final 8 bits are used for the host ID.

More bits lead to more bit combinations. As you might guess, the Class A format provides a small number of possible network IDs and a huge number of possible host IDs for each network. A Class A network can support approximately 224, or 16,777,216 hosts. A Class C network, on the other hand, can provide host IDs for only a small number of hosts (approximately 28, or 256), but many more combinations of network IDs are available in the Class C format.

You might be wondering how a computer or router knows whether to interpret an IP address as a Class A, Class B, or Class C address. The designers of TCP/IP wrote the address rules such that the class of an address is obvious from the address itself. The first few bits of the binary address specify whether the address should be interpreted as a Class A, Class B, or Class C address (see Table 4.1). The rules for interpreting addresses are as follows:

  • If the 32-bit binary address starts with a 0 bit, the address is a Class A address.

  • If the 32-bit binary address starts with the bits 10, the address is a Class B address.

  • If the 32-bit binary address starts with the bits 110, the address is a Class C address.

This scheme (thankfully) is easy to convert to dotted decimal notation because these rules have the effect of limiting the range of values for the first term in the dotted decimal address. For instance, because a Class A address must have a 0 bit in the leftmost place of the first octet, the first term in a Class A dotted decimal address cannot be higher than 127. You'll learn more about converting binary numbers to decimal later in this hour. For purposes of this discussion, Table 4.1 shows the address ranges for Class A, B, and C networks. Note that some address ranges are listed as excluded addresses. Certain IP address ranges are not assigned to networks because they are reserved for special uses. You'll learn more about special IP addresses later in this hour.

Table 4.1. Address Ranges for Class A, B, and C Networks

Address Class

Binary Address Must Begin with

First Term of Dotted Decimal Address Must Be

Excluded Addresses

A

0

0 to 127

10.0.0.0 to 10.255.255.255

127.0.0.0 to 127.255.255.255

B

10

128 to 191

172.16.0.0 to 172.31.255.255

C

110

192 to 223

192.168.0.0 to 192.168.255.255

Internet Protocol (IP)


The IP protocol provides a hierarchical, hardware-independent addressing system and offers the services necessary for delivering data on a complex, routed network. Each network adapter on a TCP/IP network has a unique IP address.


IP Header Fields

Every IP datagram begins with an IP header. The TCP/IP software on the source computer constructs the IP header. The TCP/IP software at the destination uses the information enclosed in the IP header to process the datagram. The IP header contains a great deal of information, including the IP addresses of the source and destination computers, the length of the datagram, the IP version number, and special instructions to routers.

  • Version— This 4-bit field indicates which version of IP is being used. The current version of IP is 4. The binary pattern for 4 is 0100.

  • IHL (Internet Header Length)— This 4-bit field gives length of the IP header in 32-bit words. The minimum header length is five 32-bit words. The binary pattern for 5 is 0101.

  • Type of Service— The source IP can designate special routing information. Some routers ignore the Type of Service field, although this field recently has received more attention with the emergence of Quality of Service (QoS) technologies. The primary purpose of this 8-bit field is to provide a means of prioritizing datagrams that are waiting to pass through a router. Most implementations of IP today simply put all zeros in this field.

  • Total Length— This 16-bit field identifies the length, in octets, of the IP datagram. This length includes the IP header and the data payload.

  • Identification— This 16-bit field is an incrementing sequence number assigned to messages sent by the source IP. When a message is sent to the IP layer and it is too large to fit in one datagram, IP fragments the message into multiple datagrams, giving all datagrams the same identification number. This number is used on the receiving end to reassemble the original message.

  • Flags— The Flags field indicates fragmentation possibilities. The first bit is unused and should always have a value of zero. The next bit is called the DF (Don't Fragment) flag. The DF flag signifies whether fragmentation is allowed (value = 0) or not (value = 1), The next bit is the MF (More Fragments) flag, which tells the receiver that more fragments are on the way. When MF is set to 0, no more fragments need to be sent or the datagram never was fragmented.

  • Fragment Offset— This 13-bit field is a numeric value assigned to each successive fragment. IP at the destination uses the fragment offset to reassemble the fragments into the proper order. The offset value found here expresses the offset as a number of 8-byte units.

  • Time to Live— This bit field indicates the amount of time in seconds or router hops that the datagram can survive before being discarded. Every router examines and decrements this field by at least 1, or by the number of seconds the datagram is delayed inside the router. The datagram is discarded when this field reaches zero.

A hop or a router hop correlates to a router that a datagram travels through on its way to its destination. If a datagram passes through five routers before arriving at its destination, the destination is said to be five hops, or five router hops, away.

  • Protocol— The 8-bit Protocol field indicates the protocol that will receive the data payload. A datagram with the protocol identifier 6 (binary 00000110) is passed up the stack to the TCP module, for example. The following are some common protocol values:

    Protocol Name

    Protocol Identifier

    ICMP

    1

    TCP

    6

    UDP

    17

  • Header Checksum— This field holds a 16-bit calculated value to verify the validity of the header only. This field is recomputed in every router as the TTL field decrements.

  • Source IP Address— This 32-bit field holds the address of the source of the datagram.

  • Destination IP Address— This 32-bit field holds the destination address of the datagram and is used by the destination IP to verify correct delivery.

  • IP Options— This field supports a number of optional header settings primarily used for testing, debugging, and security. Options include Strict Source Route (a specific path router path that the datagram should follow), Internet Timestamp (a record of timestamps at each router), and security restrictions.

  • Padding— The IP Options field may vary in length. The Padding field provides additional zero bits so that the total header length is an exact multiple of 32 bits. (The header must end after a 32-bit word because the IHL field measures the header length in 32-bit words.)

  • IP Data Payload— This field typically contains data destined for delivery to TCP or UDP (in the Transport layer), ICMP, or IGMP. The amount of data is variable but could include thousands of bytes.


Friday, January 25, 2008

The Internet Layer

Addressing and Delivering

The Network Access Layer," a computer communicates with the network through a network interface device such as a network adapter card. The network interface device has a unique physical address and is designed to receive data sent to that physical address. This physical address is burned into the card when it is manufactured. A device such as an ethernet card does not know any of the details of the upper protocol layers. It does not know its IP address or whether an incoming frame is being sent to Telnet or FTP. It just listens to incoming frames, waits for a frame addressed to its own physical address, and passes that frame up the stack.

This physical addressing scheme works very well on an individual LAN segment. A network that consists of only a few computers on an uninterrupted medium can function with nothing more than physical addresses. Data can pass directly from network adapter to network adapter using the low-level protocols associated with the Network Access layer. (The non-routable NetBEUI protocol is a holdover from this simpler era in networking.)

Unfortunately, on a routed network, it is not possible to deliver data by physical address. The discovery procedures required for delivering by physical address do not work across a router interface. Even if they did work, delivery by physical address would be cumbersome because the permanent physical address built into a network card does not allow you to impose a logical structure on the address space.

TCP/IP therefore makes the physical address invisible and instead organizes the network around a logical, hierarchical addressing scheme. This logical addressing scheme is maintained by the IP protocol at the Internet layer. The logical address is called the IP address. Another Internet layer protocol called Address Resolution Protocol (ARP) assembles a table that maps IP addresses to physical addresses. This ARP table is the link between the IP address and the physical address burned into the network adapter card.

On a routed network , the TCP/IP software uses the following strategy for sending data on the network:

  1. If the destination address is on the same network segment as the source computer, the source computer sends the packet directly to the destination. The IP address is resolved to a physical address using ARP, and the data is directed to the destination network adapter.

  2. If the destination address is on a different segment from the source computer, the following process begins:

    1. The datagram is directed to a gateway. A gateway is a device on the local network segment that is capable of forwarding a datagram to other network segments. The gateway address is resolved to a physical address using ARP, and the data is sent to the gateway's network adapter.

    2. The datagram is routed through the gateway to a higher-level network segment where the process is repeated. If the destination address is on the new segment, the data is delivered to its destination. If not, the datagram is sent to another gateway.

    3. The datagram passes through the chain of gateways to the destination segment, where the destination IP address is mapped to a physical address using ARP and the data is directed to the destination network adapter.

k uaTo deliver data on a complex routed network, the Internet layer protocols must therefore be able to

  • Identify any computer on the network.

  • Provide a means for determining when a message must be sent through the gateway.

  • Provide a hardware-independent means of identifying the destination network segment so that the datagram will pass efficiently through the routers to the correct segment.

  • Provide a means for converting the logical IP address of the destination computer to a physical address so that the data can be delivered to the network adapter of the destination computer.

In this hour you'll learn about the important IP addressing system, and you'll learn how TCP/IP delivers datagrams on a complex network using the Internet layer's IP and ARP. You'll also learn about the Internet layer's ICMP protocol, which provides error detection and troubleshooting.

Wednesday, January 23, 2008

LAN Technologies

Ethernet

Ethernet and its newer sibling Fast Ethernet are the LAN technologies most commonly used today. Ethernet has become popular because of its modest price; Ethernet cable is inexpensive and easily installed. Ethernet network adapters and Ethernet hardware components are also relatively inexpensive.

On ethernet networks, all computers share a common transmission medium. Ethernet uses an access method called Carrier Sense Multiple Access with Collision Detect (CSMA/CD) for determining when a computer is free to transmit data on to the access medium. Using CSMA/CD, all computers monitor the transmission medium and wait until the line is available before transmitting. If two computers try to transmit at the same time, a collision occurs. The computers then stop, wait for a random time interval, and attempt to transmit again.

CSMA/CD can be compared to the protocol followed by a room full of polite people. Someone who wants to speak first listens to determine whether anybody else is currently speaking (this is the Carrier Sense). If two people start speaking at the same moment, both people will detect the problem, stop speaking, and wait before speaking again (this is Collision Detect).

Traditional ethernet works well under light-to-moderate use but suffers from high collision rates under heavy use. Some of the newer ethernet variants, which might include intelligent hubs or switches, support higher traffic levels. You'll learn more about hubs and switches in Hour 9, "Network Hardware."

Ethernet is capable of using a variety of media. Ethernet networks typically operate at baseband speeds of either 10Mbps or 100Mbps. 1000Mbps (Gigabit) Ethernet systems are now available and might soon be common. Table 3.1 lists terms used to identify cabling media, speeds, and maximum distances. Wireless ethernet is also becoming popular. 10BASE-2 and 10BASE-5 coaxial ethernet networks were once very common. network. Note that the computers are attached to a single cable that acts as the shared transmission medium. In recent years, hub-based ethernet variants such as 10BASE-T (see have become vastly more popular. On a 10BASE-T network, the computers are attached to a central hub. 10BASE-2 and 10BASE-T might appear to be dissimilar, but internally they are both still ethernet.



Table 3.1. Ethernet Media Technology

Technology Name

Media Type

Operating Speed

Maximum Distance

10BASE-2

Thin coax

10 megabits

185 meters

10BASE-5

Thick coax

10 megabits

500 meters

10BASE-T

CAT3 or CAT5 UTP

10 megabits

100 meters

10BASE-F

Fiber optic

10 megabits

2,000 meters

100BASE-TX

CAT 5 UTP or STP

100 megabits

100 meters

100BASE-FX

Fiber optic

100 megabits

2,000 meters

The versatile ethernet architecture even lends itself to wireless networking. Wireless ethernet is becoming increasingly popular, and will become even more popular in the coming years as network hardware evolves to accommodate the wireless revolution. You might wonder how an architecture that is so focused on specifying the type, length, and configuration of its cable could get by with no cable at all. When you think about it, though, the broadcast nature of ethernet communication is quite compatible with the roving, free-flowing wireless paradigm.

Token Ring

Token ring technology uses a completely different concept for allowing network adapters to transmit data on the media. This access method is known as token passing.

Under the token passing access method, the computers on the LAN are connected so that data is passed around the network in a logical ring . The token ring configuration calls for the computers to be wired to a central hub called a MAU or MSAU. , but the MSAU is wired so that the data passes from one computer to the next in a circular motion. The computers pass a packet of data called a token around the network. Only the computer that holds the token can transmit a message on to the ring.


Token ring is technically more sophisticated than ethernet, and it includes a number of built-in diagnosis and correction mechanisms that can help troubleshoot network problems. Also, because data is transmitted in a more orderly fashion, token ring does not suffer as badly under heavy data traffic. Almost everything about token ring is more expensive than ethernet by comparison—the cable, the network adapter cards, and the other components as well.

Token ring typically operates at either 4Mbps or 16Mbps. It is also available at 100Mbps.

Token ring has declined in popularity in recent years, although the ring topology that evolved around Token Ring has found its way into other high-end technologies such as FDDI, which you'll learn about in the next section.

FDDI

Fiber Distributed Data Interface (FDDI) is an expensive LAN technology that employs a pair of fiber-optic rings. One ring is considered primary and the second ring is there to replace the primary ring in the event of a breakdown. FDDI uses a token passing access method similar to token ring.

Like token ring, FDDI also has error-detection and correction capabilities. In a normally operating FDDI ring, the token passes by each machine every so often. If the token is not seen within the maximum amount of time that it takes to circulate the largest ring, it indicates a problem has occurred such as a broken cable.

Fiber-optic cable such as the cable used with FDDI can support very large volumes of data over large distances.

Anatomy of a Frame

The Network Access layer software accepts a datagram from the Internet layer and converts that data to a form that is consistent with the specifications of the physical network Because many forms of physical networks exist, there are many formats for data at the Network Access layer, and it would not be easy or useful to describe all these formats in detail.

As an example of what happens to the data at the Network Access layer, consider the case of ethernet, the most common of the LAN architectures. When the ethernet software receives a datagram from the Internet layer, it performs the following steps:
  1. Breaks IP layer data into smaller chunks, if necessary, which will be sent in the data field of the ethernet frames. The total size of the ethernet frame must be between 64 bytes and 1,518 bytes (not including the preamble).

  2. Packages the chunks of data into frames. Each frame includes data as well as other information that the network adapters on the ethernet need to process the frame. An IEEE 802.3 ethernet frame includes the following:

    Preamble: A sequence of bits used to mark the beginning of the frame (8 bytes, the last of which is the 1-byte Start Frame Delimiter).

    Recipient address: The 6-byte (48-bit) physical address of the network adapter that is to receive the frame.

    Source address: The 6-byte (48-bit) physical address of the network adapter that is sending the frame.

    Length: A 2-byte (16-bit) field indicating the size of the data field.

    Data: The data that is transmitted with the frame.

    Frame Check Sequence (FCS): A 4-byte (32-bit) checksum value for the frame. The FCS is a common means of verifying data transmissions. The sending computer calculates a Cyclical Redundancy Check (CRC) value for the frame and encodes the CRC value in the frame. The receiving computer then recalculates the CRC and checks the FCS field to see whether the values match. If the values don't match, some data was lost or changed during transmission, in which case the frame is retransmitted.

  3. Passes the data frame to lower-level components corresponding to OSI's physical layer, which will convert the frame into a bitstream and send it over the transmission medium.

The other network adapters on the ethernet receive the frame and check the destination address. If the destination address matches the address of the network adapter, the adapter software processes the incoming frame and passes the data to higher layers of the protocol stack.

Network Architecture

In practice, local area networks are not really thought of in terms of protocol layers but by what is called LAN architecture or network architecture. (Sometimes a network architecture is referred to as a LAN type or a LAN topology.) A network architecture, such as ethernet, provides a bundle of specifications governing media access, physical addressing, and the interaction of the computers with the transmission medium. When you decide on a network architecture, you are in effect deciding on a design for the Network Access layer.

A network architecture is a design for the physical network and a collection of specifications defining communications on that physical network. The communication details are dependent on the physical details, so the specifications usually come together as a complete package. These specifications include considerations such as the following:

  • Access method— An access method is a set of rules defining how the computers will share the transmission medium. To avoid data collisions, computers must follow these rules when they transmit data.

  • Data frame format— The IP-level datagram from the Internet layer is encapsulated in a data frame with a predefined format. The data enclosed in the header must supply the information necessary to deliver data on the physical network. You'll learn more about data frames later in this hour.

  • Cabling type— The type of cable used for a network has an effect on certain other design parameters, such as the electrical properties of the bitstream transmitted by the adapter.

  • Cabling rules— The protocols, cable type, and electrical properties of the transmission have an effect on the maximum and minimum lengths for the cable and for the cable connector specifications.

Details such as cable type and connector type are not the direct responsibility of the Network Access layer, but to design the software components of the Network Access layer, developers must assume a specific set of characteristics for the physical network. Thus, the network access software must come with a specific hardware design.