eramlanbasu.files.wordpress.com€¦ · web viewsubmitted by: name: amlan basu. college: itm...
TRANSCRIPT
1
Submitted by:
Name: Amlan Basu
College: ITM University
Branch: Electronics and Communication
NETWORKING
When we connect two or more than two devices (pc) via cable or wifi device for the
pupose of communication and to share files or resources then it is networking.
A network, is a collection of computers and other hardware components interconnected
by communication channels that allow sharing of resources and information. Where at
least one process in one device is able to send/receive data to/from at least one process
residing in a remote device, then the two devices are said to be in a network. Simply,
2
more than one computer interconnected through a communication medium for
information interchange is called a computer network.
Networks may be classified according to a wide variety of characteristics, such as the
medium used to transport the data, communications protocol used, scale, topology, and
organizational scope.
Communications protocols define the rules and data formats for exchanging information
in a computer network, and provide the basis for network programming. Well-known
communications protocols include Ethernet, a hardware and link layer. standard that is
ubiquitous in local area networks, and the Internet protocol suite, which defines a set of
protocols for internetworking, i.e. for data communication between multiple networks, as
well as host-to-host data transfer, and application-specific data transmission formats.
Networking is sometimes considered a sub-discipline of electrical engineering,
telecommunications, computer science, information technology or computer engineering,
since it relies upon the theoretical and practical application of these disciplines.
History of networking:
Before the advent of computer networks that were based upon some type of
telecommunications system, communication between calculation machines and early
computers was performed by human users by carrying instructions between them. Many
of the social behaviors seen in today's Internet were demonstrably present in the 19th
century and arguably in even earlier networks using visual signals.
In September 1940, George Stibitz used a Teletype machine to send instructions for a
problem set from his Model at Dartmouth College to his Complex Number Calculator in
New York and received results back by the same means. Linking output systems like
teletypewriters to computers was an interest at the Advanced Research Projects Agency
(ARPA) when, in 1962, J.C.R. Licklider was hired and developed a working group he
called the "Intergalactic Computer Network", a precursor to the ARPANET.
Early networks of communicating computers included the military radar system ,Semi-
Automatic Ground Environment (SAGE), started in the late 1950s.
3
The commercial airline reservation system semi-automatic business research environment
(SABRE) went online with two connected mainframes in 1960.
In 1964, researchers at Dartmouth developed the Dartmouth Time Sharing System for
distributed users of large computer systems. The same year, at Massachusetts Institute of
Technology, a research group supported by General Electric and Bell Labs used a
computer to route and manage telephone connections.
Throughout the 1960s Leonard Kleinrock, Paul Baran and Donald Davies independently
conceptualized and developed network systems which used packets that could be used in
a network between computer systems.
1965 Thomas Merrill and Lawrence G. Roberts created the first wide area network
(WAN).
The first widely used telephone switch that used true computer control was introduced by
Western Electric in 1965.
In 1969 the University of California at Los Angeles, the Stanford Research Institute,
University of California at Santa Barbara, and the University of Utah were connected as
the beginning of the ARPANET network using 50 kbit/s circuits.
Commercial services using X.25 were deployed in 1972, and later used as an underlying
infrastructure for expanding TCP/IP networks.
Today, computer networks are the core of modern communication. All modern aspects of the
public switched telephone network (PSTN) are computer-controlled, and telephony increasingly
runs over the Internet Protocol, although not necessarily the public Internet. The scope of
communication has increased significantly in the past decade, and this boom in communications
would not have been possible without the progressively advancing computer network. Computer
networks, and the technologies needed to connect and communicate through and between them,
continue to drive computer hardware, software, and peripherals industries. This expansion is
mirrored by growth in the numbers and types of users of networks, from the researcher to the
home user.
Properties of networking:
1. Facilitate communications
Using a network, people can communicate efficiently and easily via email, instant
messaging, chat rooms, telephone, video telephone calls, and video conferencing.
4
2. Permit sharing of files, data, and other types of information
In a network environment, authorized users may access data and information stored on
other computers on the network. The capability of providing access to data and
information on shared storage devices is an important feature of many networks.
3. Share network and computing resources
In a networked environment, each computer on a network may access and use resources
provided by devices on the network, such as printing a document on a shared network
printer. Distributed computing uses computing resources across a network to accomplish
tasks.
4. May be insecure
A computer network may be used by computer hackers to deploy computer viruses or
computer worms on devices connected to the network, or to prevent these devices from
normally accessing the network (denial of service).
5. May interfere with other technologies
Power line communication strongly disturbs certain forms of radio communication, e.g.,
amateur radio. It may also interfere with last mile access technologies such as ADSL and
VDSL.
6. May be difficult to set up
A complex computer network may be difficult to set up. It may also be very costly to set
up an effective computer network in a large organization or company.
Communication media:
Computer networks can be classified according to the hardware and associated software
technology that is used to interconnect the individual devices in the network, such as electrical
cable (HomePNA, power line communication, G.hn), optical fiber, and radio waves (wireless
LAN). In the OSI model, these are located at levels 1 and 2.
A well-known family of communication media is collectively known as Ethernet. It is defined by
IEEE 802 and utilizes various standards and media that enable communication between devices.
5
Wireless LAN technology is designed to connect devices without wiring. These devices use
radio waves or infrared signals as a transmission medium.
Wired technologies
The order of the following wired technologies is, roughly, from slowest to fastest transmission
speed.
1. Twisted pair wire is the most widely used medium for telecommunication. Twisted-pair
cabling consist of copper wires that are twisted into pairs. Ordinary telephone wires
consist of two insulated copper wires twisted into pairs. Computer networking cabling
(wired Ethernet as defined by IEEE 802.3) consists of 4 pairs of copper cabling that can
be utilized for both voice and data transmission. The use of two wires twisted together
helps to reduce crosstalk and electromagnetic induction. The transmission speed ranges
from 2 million bits per second to 10 billion bits per second. Twisted pair cabling comes
in two forms: unshielded twisted pair (UTP) and shielded twisted-pair (STP). Each form
comes in several category ratings, designed for use in various scenarios.
2. Coaxial cable is widely used for cable television systems, office buildings, and other
work-sites for local area networks. The cables consist of copper or aluminum wire
surrounded by an insulating layer (typically a flexible material with a high dielectric
constant), which itself is surrounded by a conductive layer. The insulation helps minimize
interference and distortion. Transmission speed ranges from 200 million bits per second
to more than 500 million bits per second.
3. ITU-T G.hn technology uses existing home wiring (coaxial cable, phone lines and power
lines) to create a high-speed (up to 1 Gigabit/s) local area network.
4. An optical fiber is a glass fiber. It uses pulses of light to transmit data. Some advantages
of optical fibers over metal wires are less transmission loss, immunity from
electromagnetic radiation, and very fast transmission speed, up to trillions of bits per
second. One can use different colors of lights to increase the number of messages being
sent over a fiber optic cable.
Wireless technologies
6
Terrestrial microwave – Terrestrial microwave communication uses Earth-based
transmitters and receivers resembling satellite dishes. Terrestrial microwaves are in the
low-gigahertz range, which limits all communications to line-of-sight. Relay stations are
spaced approximately 48 km (30 mi) apart.
Communications satellites – The satellites communicate via microwave radio waves,
which are not deflected by the Earth's atmosphere. The satellites are stationed in space,
typically in geosynchronous orbit 35,400 km (22,000 mi) above the equator. These Earth-
orbiting systems are capable of receiving and relaying voice, data, and TV signals.
Cellular and PCS systems use several radio communications technologies. The systems
divide the region covered into multiple geographic areas. Each area has a low-power
transmitter or radio relay antenna device to relay calls from one area to the next area.
Radio and spread spectrum technologies – Wireless local area network use a high-
frequency radio technology similar to digital cellular and a low-frequency radio
technology. Wireless LANs use spread spectrum technology to enable communication
between multiple devices in a limited area. IEEE 802.11 defines a common flavor of
open-standards wireless radio-wave technology.
Infrared communication can transmit signals for small distances, typically no more than
10 meters. In most cases, line-of-sight propagation is used, which limits the physical
positioning of communicating devices.
A global area network (GAN) is a network used for supporting mobile across an arbitrary
number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile
communications is handing off user communications from one local coverage area to the
next. In IEEE Project 802, this involves a succession of terrestrial wireless LANs.
Exotic technologies
There have been various attempts at transporting data over more or less exotic media:
IP over Avian Carriers was a humorous April fool's Request for Comments, issued as
RFC 1149. It was implemented in real life in 2001.
7
Extending the Internet to interplanetary dimensions via radio waves.
Both cases have a large round-trip delay time, which prevents useful communication.
Communication protocol and network programming:
A communications protocol is a set of rules for exchanging information over a network. It is
typically a protocol stack (also see the OSI model), which is a "stack" of protocols, in which each
protocol uses the protocol below it. An important example of a protocol stack is HTTP running
over TCP over IP over IEEE 802.11 (TCP and IP are members of the Internet Protocol Suite, and
IEEE 802.11 is a member of the Ethernet protocol suite). This stack is used between the wireless
router and the home user's personal computer when the user is surfing the web.
Communication protocols have various properties, such as whether they are connection-oriented
or connectionless, whether they use circuit mode or packet switching, or whether they use
hierarchical or flat addressing.
There are many communication protocols, a few of which are described below.
Ethernet
Ethernet is a family of connectionless protocols used in LANs, described by a set of standards
together called IEEE 802 published by the Institute of Electrical and Electronics Engineers. It
has a flat addressing scheme and is mostly situated at levels 1 and 2 of the OSI model. For home
users today, the most well-known member of this protocol family is IEEE 802.11, otherwise
known as Wireless LAN (WLAN). However, the complete protocol suite deals with a multitude
of networking aspects not only for home use, but especially when the technology is deployed to
support a diverse range of business needs. MAC bridging (IEEE 802.1D) deals with the routing
of Ethernet packets using a Spanning Tree Protocol, IEEE 802.1Q describes VLANs, and IEEE
802.1X defines a port-based Network Access Control protocol, which forms the basis for the
8
authentication mechanisms used in VLANs, but it is also found in WLANs – it is what the home
user sees when the user has to enter a "wireless access key".
Internet Protocol Suite
The Internet Protocol Suite, often also called TCP/IP, is the foundation of all modern
internetworking. It offers connection-less as well as connection-oriented services over an
inherently unreliable network traversed by datagram transmission at the Internet protocol (IP)
level. At its core, the protocol suite defines the addressing, identification, and routing
specification in form of the traditional Internet Protocol Version 4 (IPv4) and IPv6, the next
generation of the protocol with a much enlarged addressing capability.
SONET/SDH
Synchronous Optical Networking (SONET) and Synchronous Digital Hierarchy (SDH) are
standardized multiplexing protocols that transfer multiple digital bit streams over optical fiber
using lasers. They were originally designed to transport circuit mode communications from a
variety of different sources, primarily to support real-time, uncompressed, circuit-switched voice
encoded in PCM format. However, due to its protocol neutrality and transport-oriented features,
SONET/SDH also was the obvious choice for transporting Asynchronous Transfer Mode (ATM)
frames.
Asynchronous Transfer Mode
Asynchronous Transfer Mode (ATM) is a switching technique for telecommunication networks.
It uses asynchronous time-division multiplexing and encodes data into small, fixed-sized cells.
This differs from other protocols such as the Internet Protocol Suite or Ethernet that use variable
sized packets or frames. ATM has similarity with both circuit and packet switched networking.
This makes it a good choice for a network that must handle both traditional high-throughput data
traffic, and real-time, low-latency content such as voice and video. ATM uses a connection-
oriented model in which a virtual circuit must be established between two endpoints before the
actual data exchange begins.
9
While the role of ATM is diminishing in favor of next-generation networks, it still plays a role in
the last mile, which is the connection between an Internet service provider and the home user.
For an interesting write-up of the technologies involved, including the deep stacking of
communications protocols used, see.
Network programming
Computer network programming involves writing computer programs that communicate with
each other across a computer network. Different programs must be written for the client process,
which initiates the communication, and for the server process, which waits for the
communication to be initiated. Both endpoints of the communication flow are implemented as
network sockets; hence network programming is basically socket programming.
Scale:
Networks are often classified by their physical or organizational extent or their purpose. Usage,
trust level, and access rights differ between these types of networks.
Personal area network
A personal area network (PAN) is a computer network used for communication among computer
and different information technological devices close to one person. Some examples of devices
that are used in a PAN are personal computers, printers, fax machines, telephones, PDAs,
scanners, and even video game consoles. A PAN may include wired and wireless devices. The
reach of a PAN typically extends to 10 meters. A wired PAN is usually constructed with USB
and Firewire connections while technologies such as Bluetooth and infrared communication
typically form a wireless PAN.
Local area network
A local area network (LAN) is a network that connects computers and devices in a limited
geographical area such as home, school, computer laboratory, office building, or closely
positioned group of buildings. Each computer or device on the network is a node. Current wired
LANs are most likely to be based on Ethernet technology, although new standards like ITU-T
10
G.hn also provide a way to create a wired LAN using existing home wires (coaxial cables, phone
lines and power lines).
A sample LAN is depicted in the accompanying diagram. All interconnected devices must
understand the network layer (layer 3), because they are handling multiple subnets (the different
colors). Those inside the library, which have only 10/100 Mbit/s Ethernet connections to the user
device and a Gigabit Ethernet connection to the central router, could be called "layer 3 switches"
because they only have Ethernet interfaces and must understand IP. It would be more correct to
call them access routers, where the router at the top is a distribution router that connects to the
Internet and academic networks' customer access routers.
LAN Protocol:
LLC: In the seven-layer OSI model of computer networking, the logical link control (LLC) data
communication protocol layer is the upper sublayer of the data link layer, which is itself layer 2.
The LLC sub layer provides multiplexing mechanisms that make it possible for several network
protocols (IP, IPX, Decnet and Appletalk) to coexist within a multipoint network and to be
transported over the same network media. It can also provide flow control and automatic repeat
request (ARQ) error management mechanisms.
The LLC sublayer acts as an interface between the media access control (MAC) sub layer and
the network layer.
MAC: In the seven-layer OSI model of computer networking, media access control (MAC) data
communication protocol is a sublayer of the data link layer, which itself is layer 2. The MAC
sublayer provides addressing and channel access control mechanisms that make it possible for
several terminals or network nodes to communicate within a multiple access network that
incorporates a shared medium, e.g. Ethernet. The hardware that implements the MAC is referred
to as a medium access controller.
The MAC sublayer acts as an interface between the logical link control (LLC) sublayer and the
network's physical layer. The MAC layer emulates a full-duplex logical communication channel
in a multi-point network. This channel may provide unicast, multicast or broadcast
communication service.
11
CSMA/CD: The CSMA/CD protocol functions somewhat like a dinner party in a dark room.
Everyone around the table must listen for a period of quiet before speaking (Carrier Sense). Once
a space occurs everyone has an equal chance to say something (Multiple Access). If two people
start talking at the same instant they detect that fact, and quit speaking (Collision Detection.)
To translate this into Ethernet terms, each interface must wait until there is no signal on the
channel, then it can begin transmitting. If some other interface is transmitting there will be a
signal on the channel, which is called carrier. All other interfaces must wait until carrier ceases
before trying to transmit, and this process is called Carrier Sense.
All Ethernet interfaces are equal in their ability to send frames onto the network. No one gets a
higher priority than anyone else, and democracy reigns. This is what is meant by Multiple
Access. Since signals take a finite time to travel from one end of an Ethernet system to the other,
the first bits of a transmitted frame do not reach all parts of the network simultaneously.
Therefore, it's possible for two interfaces to sense that the network is idle and to start
transmitting their frames simultaneously. When this happens, the Ethernet system has a way to
sense the "collision" of signals and to stop the transmission and resend the frames. This is called
Collision Detect.
The CSMA/CD protocol is designed to provide fair access to the shared channel so that all
stations get a chance to use the network. After every packet transmission all stations use the
CSMA/CD protocol to determine which station gets to use the Ethernet channel next.
The defining characteristics of LANs, in contrast to WANs (Wide Area Networks), include their
higher data transfer rates, smaller geographic range, and no need for leased telecommunication
lines. Current Ethernet or other IEEE 802.3 LAN technologies operate at data transfer rates up to
10 Gbit/s. IEEE has projects investigating the standardization of 40 and 100 Gbit/s. LANs can be
connected to Wide area network by using routers.
Home area network
A home area network (HAN) is a residential LAN which is used for communication between
digital devices typically deployed in the home, usually a small number of personal computers
12
and accessories, such as printers and mobile computing devices. An important function is the
sharing of Internet access, often a broadband service through a cable TV or Digital Subscriber
Line (DSL) provider.
Storage area network
A storage area network (SAN) is a dedicated network that provides access to consolidated, block
level data storage. SANs are primarily used to make storage devices, such as disk arrays, tape
libraries, and optical jukeboxes, accessible to servers so that the devices appear like locally
attached devices to the operating system. A SAN typically has its own network of storage
devices that are generally not accessible through the local area network by other devices. The
cost and complexity of SANs dropped in the early 2000s to levels allowing wider adoption
across both enterprise and small to medium sized business environments.
Campus area network
A campus area network (CAN) is a computer network made up of an interconnection of LANs
within a limited geographical area. The networking equipment (switches, routers) and
transmission media (optical fiber, copper plant, Cat5 cabling etc.) are almost entirely owned (by
the campus tenant / owner: an enterprise, university, government etc.).
In the case of a university campus-based campus network, the network is likely to link a variety
of campus buildings including, for example, academic colleges or departments, the university
library, and student residence halls.
Backbone network
A backbone network is part of a computer network infrastructure that interconnects various
pieces of network, providing a path for the exchange of information between different LANs or
subnetworks. A backbone can tie together diverse networks in the same building, in different
buildings in a campus environment, or over wide areas. Normally, the backbone's capacity is
greater than that of the networks connected to it.
A large corporation which has many locations may have a backbone network that ties all of these
locations together, for example, if a server cluster needs to be accessed by different departments
13
of a company which are located at different geographical locations. The equipment which ties
these departments together constitute the network backbone. Network performance management
including network congestion are critical parameters taken into account when designing a
network backbone.
A specific case of a backbone network is the Internet backbone, which is the set of wide-area
network connections and core routers that interconnect all networks connected to the Internet.
Metropolitan area network
A Metropolitan area network (MAN) is a large computer network that usually spans a city or a
large campus.
Wide area network
A wide area network (WAN) is a computer network that covers a large geographic area such as a
city, country, or spans even intercontinental distances, using a communications channel that
combines many types of media such as telephone lines, cables, and air waves. A WAN often
uses transmission facilities provided by common carriers, such as telephone companies. WAN
technologies generally function at the lower three layers of the OSI reference model: the physical
layer, the data link layer, and the network layer.
WAN Protocols:
PPP:In networking, the Point-to-Point Protocol (PPP) is a data link protocol commonly used in
establishing a direct connection between two networking nodes. It can provide connection
authentication, transmission encryption (using ECP, RFC 1968), and compression.
PPP is used over many types of physical networks including serial cable, phone line, trunk line,
cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also used
over Internet access connections (now marketed as "broadband"). Internet service providers
(ISPs) have used PPP for customer dial-up access to the Internet, since IP packets cannot be
14
transmitted over a modem line on their own, without some data link protocol. Two encapsulated
forms of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over
ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish a
Digital Subscriber Line (DSL) Internet service connection with customers.
PPP is commonly used as a data link layer protocol for connection over synchronous and
asynchronous circuits, where it has largely superseded the older Serial Line Internet Protocol
(SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced
(LAPB) in the X.25 protocol suite). PPP was designed to work with numerous network layer
protocols, including Internet Protocol (IP), TRILL, Novell's Internetwork Packet Exchange
(IPX), NBF and AppleTalk.
HDLC: High-Level Data Link Control (HDLC) is a bit-oriented synchronous data link layer
protocol developed by the International Organization for Standardization (ISO). The original ISO
standards for HDLC are:
ISO 3309 — Frame Structure
ISO 4335 — Elements of Procedure
ISO 6159 — Unbalanced Classes of Procedure
ISO 6256 — Balanced Classes of Procedure
The current standard for HDLC is ISO 13239, which replaces all of those standards.
HDLC provides both connection-oriented and connectionless service.
HDLC can be used for point to multipoint connections, but is now used almost exclusively to
connect one device to another, using what is known as Asynchronous Balanced Mode (ABM).
The original master-slave modes Normal Response Mode (NRM) and Asynchronous Response
Mode (ARM) are rarely used.
FRAME-RELAY: Frame Relay is a standardized wide area network technology that specifies the
physical and logical link layers of digital telecommunications channels using a packet switching
methodology. Originally designed for transport across Integrated Services Digital Network
(ISDN) infrastructure, it may be used today in the context of many other network interfaces.
15
Network providers commonly implement Frame Relay for voice (VoFR) and data as an
encapsulation technique, used between local area networks (LANs) over a wide area network
(WAN). Each end-user gets a private line (or leased line) to a Frame Relay node. The Frame
Relay network handles the transmission over a frequently-changing path transparent to all end-
users.
Frame Relay has become one of the most extensively-used WAN protocols. It is less expensive
than leased lines and that is one reason for its popularity. The extreme simplicity of configuring
user equipment in a Frame Relay network offers another reason for Frame Relay's popularity.
With the advent of Ethernet over fiber optics, MPLS, VPN and dedicated broadband services
such as cable modem and DSL, the end may loom for the Frame Relay protocol and
encapsulation. However many rural areas remain lacking DSL and cable modem services. In
such cases the least expensive type of non-dial-up connection remains a 64-kbit/s frame-relay
line. Thus a retail chain, for instance, may use Frame Relay for connecting rural stores into their
corporate WAN.
ISDN: Integrated Services Digital Network (ISDN) is a set of communications standards for
simultaneous digital transmission of voice, video, data, and other network services over the
traditional circuits of the public switched telephone network. It was first defined in 1988 in the
CCITT red book. Prior to ISDN, the telephone system was viewed as a way to transport voice,
with some special services available for data. The key feature of ISDN is that it integrates speech
and data on the same lines, adding features that were not available in the classic telephone
system. There are several kinds of access interfaces to ISDN defined as Basic Rate Interface
(BRI), Primary Rate Interface (PRI) and Broadband ISDN (B-ISDN).
ISDN is a circuit-switched telephone network system, which also provides access to packet
switched networks, designed to allow digital transmission of voice and data over ordinary
telephone copper wires, resulting in potentially better voice quality than an analog phone can
provide. It offers circuit-switched connections (for either voice or data), and packet-switched
connections (for data), in increments of 64 kilobit/s. A major market application for ISDN in
some countries is Internet access, where ISDN typically provides a maximum of 128 kbit/s in
both upstream and downstream directions. Channel bonding can achieve a greater data rate;
typically the ISDN B-channels of 3 or 4 BRIs (6 to 8 64 kbit/s channels) are bonded.
16
ISDN should not be mistaken for its use with a specific protocol, such as Q.931 whereby ISDN
is employed as the network, data-link and physical layers in the context of the OSI model. In a
broad sense ISDN can be considered a suite of digital services existing on layers 1, 2, and 3 of
the OSI model. ISDN is designed to provide access to voice and data services simultaneously.
However, common use reduced ISDN to be limited to Q.931 and related protocols, which are a
set of protocols for establishing and breaking circuit switched connections, and for advanced
calling features for the user. They were introduced in 1986.
In a videoconference, ISDN provides simultaneous voice, video, and text transmission between
individual desktop videoconferencing systems and group (room) videoconferencing systems.
Enterprise private network
An enterprise private network is a network built by an enterprise to interconnect various
company sites, e.g., production sites, head offices, remote offices, shops, in order to share
computer resources.
Virtual private network
A virtual private network (VPN) is a computer network in which some of the links between
nodes are carried by open connections or virtual circuits in some larger network (e.g., the
Internet) instead of by physical wires. The data link layer protocols of the virtual network are
said to be tunneled through the larger network when this is the case. One common application is
secure communications through the public Internet, but a VPN need not have explicit security
features, such as authentication or content encryption. VPNs, for example, can be used to
separate the traffic of different user communities over an underlying network with strong
security features.
VPN may have best-effort performance, or may have a defined service level agreement (SLA)
between the VPN customer and the VPN service provider. Generally, a VPN has a topology
more complex than point-to-point.
Internetwork
17
An internetwork is the connection of multiple computer networks via a common routing
technology using routers. The Internet is an aggregation of many connected internetworks
spanning the Earth
Organizational scope
Networks are typically managed by organizations which own them. According to the owner's
point of view, networks are seen as intranets or extranets. A special case of network is the
Internet, which has no single owner but a distinct status when seen by an organizational entity –
that of permitting virtually unlimited global connectivity for a great multitude of purposes.
Intranets and extranets
Intranets and extranets are parts or extensions of a computer network, usually a LAN.
An intranet is a set of networks, using the Internet Protocol and IP-based tools such as web
browsers and file transfer applications, that is under the control of a single administrative entity.
That administrative entity closes the intranet to all but specific, authorized users. Most
commonly, an intranet is the internal network of an organization. A large intranet will typically
have at least one web server to provide users with organizational information.
An extranet is a network that is limited in scope to a single organization or entity and also has
limited connections to the networks of one or more other usually, but not necessarily, trusted
organizations or entities—a company's customers may be given access to some part of its
intranet—while at the same time the customers may not be considered trusted from a security
standpoint. Technically, an extranet may also be categorized as a CAN, MAN, WAN, or other
type of network, although an extranet cannot consist of a single LAN; it must have at least one
connection with an external network.
Internet
The Internet is a global system of interconnected governmental, academic, corporate, public, and
private computer networks. It is based on the networking technologies of the Internet Protocol
Suite. It is the successor of the Advanced Research Projects Agency Network (ARPANET)
18
developed by DARPA of the United States Department of Defense. The Internet is also the
communications backbone underlying the World Wide Web (WWW).
Participants in the Internet use a diverse array of methods of several hundred documented, and
often standardized, protocols compatible with the Internet Protocol Suite and an addressing
system (IP addresses) administered by the Internet Assigned Numbers Authority and address
registries. Service providers and large enterprises exchange information about the reachability of
their address spaces through the Border Gateway Protocol (BGP), forming a redundant
worldwide mesh of transmission paths.
Network interface card (NIC):
A network interface controller (also known as a network interface card, network adapter, LAN
adapter and by similar terms) is a computer hardware component that connects a computer to a
computer network.
Whereas network interface controllers were commonly implemented on expansion cards that
plug into a computer bus, the low cost and ubiquity of the Ethernet standard means that most
newer computers have a network interface built into the motherboard.
NIC has two addresses; permanent address and local address.
Permanent address is also known as physical address or MAC address and is in the form of hexa
decimal (0A:2B:CA:DA:5A:3A) and cannot be changed.It is of 48 bit and this 48 bit is divided
into 2 equal halfs i.e. 24 bit and 24 bit.The first 24 bit is OUI(organisational unique identifier)
and second 24 bit is serial number of vendor. A Media Access Control address (MAC address) is
a unique identifier assigned to network interfaces for communications on the physical network
segment. MAC addresses are used for numerous network technologies and most IEEE 802
network technologies, including Ethernet. Logically, MAC addresses are used in the Media
Access Control protocol sub-layer of the OSI reference model.
MAC addresses are most often assigned by the manufacturer of a network interface card (NIC)
and are stored in its hardware, the card's read-only memory, or some other firmware mechanism.
If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered
identification number and may be referred to as the burned-in address. It may also be known as
19
an Ethernet hardware address (EHA), hardware address or physical address. A network node
may have multiple NICs and will then have one unique MAC address per NIC.
MAC addresses are formed according to the rules of one of three numbering name spaces
managed by the Institute of Electrical and Electronics Engineers (IEEE): MAC-48, EUI-48, and
EUI-64. The IEEE claims trademarks on the names EUI-48 and EUI-64, in which EUI is an
acronym for Extended Unique Identifier
An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g.,
computer, printer) participating in a computer network that uses the Internet Protocol for
communication. An IP address serves two principal functions: host or network interface
identification and location addressing. Its role has been characterized as follows: "A name
indicates what we seek. An address indicates where it is. A route indicates how to get there."[2]
The designers of the Internet Protocol defined an IP address as a 32-bit number[1] and this
system, known as Internet Protocol Version 4 (IPv4), is still in use today. However, due to the
enormous growth of the Internet and the predicted depletion of available addresses, a new
version of IP (IPv6), using 128 bits for the address, was developed in 1995.[3] IPv6 was
standardized as RFC 2460 in 1998, and its deployment has been ongoing since the mid-2000s.
IP addresses are binary numbers, but they are usually stored in text files and displayed in human-
readable notations, such as 172.16.254.1 (for IPv4), and 2001:db8:0:1234:0:567:8:1 (for IPv6).
The Internet Assigned Numbers Authority (IANA) manages the IP address space allocations
globally and delegates five regional Internet registries (RIRs) to allocate IP address blocks to
local Internet registries (Internet service providers) and other entities.
Local address,also known as logical address or IP address and is in the form of decimal
(192.168.1.5) and can be changed.It is of 32 bit.
The NIC allows computers to communicate over a computer network. It is both an OSI layer 1
(physical layer) and layer 2 (data link layer) device, as it provides physical access to a
networking medium and provides a low-level addressing system through the use of MAC
addresses. It allows users to connect to each other either by using cables or wirelessly.
20
The NIC may use one or more of four techniques to transfer data:
1. Polling is where the CPU examines the status of the peripheral under program control.
2. Programmed I/O is where the microprocessor alerts the designated peripheral by applying
its address to the system's address bus.
3. Interrupt-driven I/O is where the peripheral alerts the microprocessor that it is ready to
transfer data.
4. Direct memory access is where an intelligent peripheral assumes control of the system
bus to access memory directly. This removes load from the CPU but requires a separate
processor on the card.
An Ethernet network controller typically has an 8P8C socket where the network cable is
connected. Older NICs also supplied BNC, or AUI connections. A few LEDs inform the user of
whether the network is active, and whether or not data transmission occurs. Ethernet network
controllers typically support 10 Mbit/s Ethernet, 100 Mbit/s Ethernet, and 1000 Mbit/s Ethernet
varieties. Such controllers are designated 10/100/1000 - this means they can support a notional
maximum transfer rate of 10, 100 or 1000 Megabits per second.
OSI Model:
The Open Systems Interconnection (OSI) model is a product of the Open Systems
Interconnection effort at the International Organization for Standardization. It is a prescription of
characterising and standardising the functions of a communications system in terms of
abstraction layers. Similar communication functions are grouped into logical layers. A layer
serves the layer above it and is served by the layer below it.
For example, a layer that provides error-free communications across a network provides the path
needed by applications above it, while it calls the next lower layer to send and receive packets
that make up the contents of that path. Two instances at one layer are connected by a horizontal
connection on that layer.
According to recommendation X.200, there are seven layers, labeled 1 to 7, with layer 1 at the
bottom. Each layer is generically known as an N layer. An "N+1 entity" (at layer N+1) requests
services from an "N entity" (at layer N).
21
At each level, two entities (N-entity peers) interact by means of the N protocol by transmitting
protocol data units (PDU).
A Service Data Unit (SDU) is a specific unit of data that has been passed down from an OSI
layer to a lower layer, and which the lower layer has not yet encapsulated into a protocol data
unit (PDU). An SDU is a set of data that is sent by a user of the services of a given layer, and is
transmitted semantically unchanged to a peer service user.
The PDU at a layer N is the SDU of layer N-1. In effect the SDU is the 'payload' of a given PDU.
That is, the process of changing an SDU to a PDU, consists of an encapsulation process,
performed by the lower layer. All the data contained in the SDU becomes encapsulated within
the PDU. The layer N-1 adds headers or footers, or both, to the SDU, transforming it into a PDU
of layer N-1. The added headers or footers are part of the process used to make it possible to get
data from a source to a destination.
Some orthogonal aspects, such as management and security, involve every layer.
Security services are not related to a specific layer: they can be related by a number of layers, as
defined by ITU-T X.800 Recommendation.
These services are aimed to improve the CIA triad (confidentiality, integrity, and availability) of
transmitted data. Actually the availability of communication service is determined by network
design and/or network management protocols. Appropriate choices for these are needed to
protect against denial of service.
Layer 1: physical layer
The physical layer defines electrical and physical specifications for devices. In particular, it
defines the relationship between a device and a transmission medium, such as a copper or fiber
optical cable. This includes the layout of pins, voltages, cable specifications, hubs, repeaters,
network adapters, host bus adapters (HBA used in storage area networks) and more.
The major functions and services performed by the physical layer are:
i. Establishment and termination of a connection to a communications medium.
22
ii. Participation in the process whereby the communication resources are effectively shared
among multiple users. For example, contention resolution and flow control.
iii. Modulation, or conversion between the representation of digital data in user equipment
and the corresponding signals transmitted over a communications channel. These are
signals operating over the physical cabling (such as copper and optical fiber) or over a
radio link.
Parallel SCSI buses operate in this layer, although it must be remembered that the logical SCSI
protocol is a transport layer protocol that runs over this bus. Various physical-layer Ethernet
standards are also in this layer; Ethernet incorporates both this layer and the data link layer. The
same applies to other local-area networks, such as token ring, FDDI, ITU-T G.hn and IEEE
802.11, as well as personal area networks such as Bluetooth and IEEE 802.15.4.
Layer 2: data link layer
The data link layer provides the functional and procedural means to transfer data between
network entities and to detect and possibly correct errors that may occur in the physical layer.
Originally, this layer was intended for point-to-point and point-to-multipoint media,
characteristic of wide area media in the telephone system. Local area network architecture,
which included broadcast-capable multiaccess media, was developed independently of the ISO
work in IEEE Project 802. IEEE work assumed sublayering and management functions not
required for WAN use. In modern practice, only error detection, not flow control using sliding
window, is present in data link protocols such as Point-to-Point Protocol (PPP), and, on local
area networks, the IEEE 802.2 LLC layer is not used for most protocols on the Ethernet, and on
other local area networks, its flow control and acknowledgment mechanisms are rarely used.
Sliding window flow control and acknowledgment is used at the transport layer by protocols
such as TCP, but is still used in niches where X.25 offers performance advantages.
The ITU-T G.hn standard, which provides high-speed local area networking over existing wires
(power lines, phone lines and coaxial cables), includes a complete data link layer which provides
both error correction and flow control by means of a selective repeat Sliding Window Protocol.
Both WAN and LAN service arrange bits, from the physical layer, into logical sequences called
frames. Not all physical layer bits necessarily go into frames, as some of these bits are purely
23
intended for physical layer functions. For example, every fifth bit of the FDDI bit stream is not
used by the layer.
WAN protocol architecture
Connection-oriented WAN data link protocols, in addition to framing, detect and may correct
errors. They are also capable of controlling the rate of transmission. A WAN data link layer
might implement a sliding window flow control and acknowledgment mechanism to provide
reliable delivery of frames; that is the case for Synchronous Data Link Control (SDLC) and
HDLC, and derivatives of HDLC such as LAPB and LAPD.
IEEE 802 LAN architecture
Practical, connectionless LANs began with the pre-IEEE Ethernet specification, which is the
ancestor of IEEE 802.3. This layer manages the interaction of devices with a shared medium,
which is the function of a media access control (MAC) sublayer. Above this MAC sublayer is
the media-independent IEEE 802.2 Logical Link Control (LLC) sublayer, which deals with
addressing and multiplexing on multiaccess media.
While IEEE 802.3 is the dominant wired LAN protocol and IEEE 802.11 the wireless LAN
protocol, obsolescent MAC layers include Token Ring and FDDI. The MAC sublayer detects but
does not correct errors.
Layer 3: network layer
The network layer provides the functional and procedural means of transferring variable length
data sequences from a source host on one network to a destination host on a different network (in
contrast to the data link layer which connects hosts within the same network), while maintaining
the quality of service requested by the transport layer. The network layer performs network
routing functions, and might also perform fragmentation and reassembly, and report delivery
errors. Routers operate at this layer, sending data throughout the extended network and making
the Internet possible. This is a logical addressing scheme – values are chosen by the network
engineer. The addressing scheme is not hierarchical.
The network layer may be divided into three sublayers:
24
1. Subnetwork access – that considers protocols that deal with the interface to networks,
such as X.25;
2. Subnetwork-dependent convergence – when it is necessary to bring the level of a transit
network up to the level of networks on either side
3. Subnetwork-independent convergence – handles transfer across multiple networks.
An example of this latter case is CLNP, or IPv6 ISO 8473. It manages the connectionless transfer
of data one hop at a time, from end system to ingress router, router to router, and from egress
router to destination end system. It is not responsible for reliable delivery to a next hop, but only
for the detection of erroneous packets so they may be discarded. In this scheme, IPv4 and IPv6
would have to be classed with X.25 as subnet access protocols because they carry interface
addresses rather than node addresses.
A number of layer-management protocols, a function defined in the Management Annex, ISO
7498/4, belong to the network layer. These include routing protocols, multicast group
management, network-layer information and error, and network-layer address assignment. It is
the function of the payload that makes these belong to the network layer, not the protocol that
carries
Layer 4: transport layer
The transport layer provides transparent transfer of data between end users, providing reliable
data transfer services to the upper layers. The transport layer controls the reliability of a given
link through flow control, segmentation/desegmentation, and error control. Some protocols are
state- and connection-oriented. This means that the transport layer can keep track of the
segments and retransmit those that fail. The transport layer also provides the acknowledgement
of the successful data transmission and sends the next data if no errors occurred.
OSI defines five classes of connection-mode transport protocols ranging from class 0 (which is
also known as TP0 and provides the least features) to class 4 (TP4, designed for less reliable
networks, similar to the Internet). Class 0 contains no error recovery, and was designed for use
on network layers that provide error-free connections. Class 4 is closest to TCP, although TCP
contains functions, such as the graceful close, which OSI assigns to the session layer. Also, all
25
OSI TP connection-mode protocol classes provide expedited data and preservation of record
boundaries. Detailed characteristics of TP0-4 classes are shown in the following table
Perhaps an easy way to visualize the transport layer is to compare it with a Post Office, which
deals with the dispatch and classification of mail and parcels sent. Do remember, however, that a
post office manages the outer envelope of mail. Higher layers may have the equivalent of double
envelopes, such as cryptographic presentation services that can be read by the addressee only.
Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-IP
protocols such as IBM's SNA or Novell's IPX over an IP network, or end-to-end encryption with
IPsec. While Generic Routing Encapsulation (GRE) might seem to be a network-layer protocol,
if the encapsulation of the payload takes place only at endpoint, GRE becomes closer to a
transport protocol that uses IP headers but contains complete frames or packets to deliver to an
endpoint. L2TP carries PPP frames inside transport packet.
Although not developed under the OSI Reference Model and not strictly conforming to the OSI
definition of the transport layer, the Transmission Control Protocol (TCP) and the User
Datagram Protocol (UDP) of the Internet Protocol Suite are commonly categorized as layer-4
protocols within OSI.
Layer 5: session layer
The session layer controls the dialogues (connections) between computers. It establishes,
manages and terminates the connections between the local and remote application. It provides for
full-duplex, half-duplex, or simplex operation, and establishes checkpointing, adjournment,
termination, and restart procedures. The OSI model made this layer responsible for graceful
close of sessions, which is a property of the Transmission Control Protocol, and also for session
checkpointing and recovery, which is not usually used in the Internet Protocol Suite. The session
layer is commonly implemented explicitly in application environments that use remote procedure
calls. On this level, Inter-Process communication happen (SIGHUP, SIGKILL, End Process,
etc.).
Session layer protocols:
NFS: Network File System (NFS) is a distributed file system protocol originally developed by
Sun Microsystems in 1984, allowing a user on a client computer to access files over a network in
26
a manner similar to how local storage is accessed. NFS, like many other protocols, builds on the
Open Network Computing Remote Procedure Call (ONC RPC) system. The Network File
System is an open standard defined in RFCs, allowing anyone to implement the protocol.
SQL: Microsoft SQL (structure query language) Server is a relational database management
system developed by Microsoft. As a database,it is a software product whose primary function is
to store and retrieve data as requested by other software applications, be it those on the same
computer or those running on another computer across a network (including the Internet). There
are at least a dozen different editions of Microsoft SQL Server aimed at different audiences and
for different workloads (ranging from small applications that store and retrieve data on the same
computer, to millions of users and computers that access huge amounts of data from the Internet
at the same time).
True to its name, Microsoft SQL Server's primary query languages are T-SQL and ANSI SQL.
ASP: ASP(apple to x session protocol) is a bare-bones transport-layer protocol which uses IP to
transmit messages to an ASP "port" at the destination host. ASP is somewhat similar to UDP in
the real world. The main purpose of ASP is as a simple example, to demonstrate the
infrastructure which has to be in place to implement even the simplest protocol. As such, it
makes a good template for constructing other protocols. ASP itself is really not that simple, at
least not until you understand the x-kernel.
LPC: The Local Procedure Call (LPC, often also referred to as Lightweight Procedure Call or
Local Inter-Process Communication) is an internal, undocumented inter-process communication
facility provided by the Microsoft Windows NT kernel for lightweight IPC between processes on
the same computer. As of Windows Vista, LPC has been rewritten as Advanced Local Procedure
Call (ALPC) in order to provide a high-speed scalable communication mechanism required to
efficiently implement User-Mode Driver Framework, whose user-mode parts require an efficient
communication channel with UMDF's components in the executive.
The (A)LPC interface is part of Windows NT's undocumented Native API, and as such is not
available to applications for direct use. However, it can be used indirectly in the following
instances:
27
a) when using Remote Procedure Call API to communicate locally, i.e. between the
processes on the same machine
b) by calling Windows API which use (A)LPC (see below)
RPC: In computer science, a remote procedure call (RPC) is an inter-process communication
that allows a computer program to cause a subroutine or procedure to execute in another address
space (commonly on another computer on a shared network) without the programmer explicitly
coding the details for this remote interaction. That is, the programmer writes essentially the same
code whether the subroutine is local to the executing program, or remote. When the software in
question uses object-oriented principles, RPC is called remote invocation or remote method
invocation.
Layer 6: presentation layer
The presentation layer establishes context between application-layer entities, in which the
higher-layer entities may use different syntax and semantics if the presentation service provides a
mapping between them. If a mapping is available, presentation service data units are
encapsulated into session protocol data units, and passed down the stack.
This layer provides independence from data representation (e.g., encryption) by translating
between application and network formats. The presentation layer transforms data into the form
that the application accepts. This layer formats and encrypts data to be sent across a network. It
is sometimes called the syntax layer.
The original presentation structure used the basic encoding rules of Abstract Syntax Notation
One (ASN.1), with capabilities such as converting an EBCDIC-coded text file to an ASCII-
coded file, or serialization of objects and other data structures from and to XML.
Layer 7: application layer
The application layer is the OSI layer closest to the end user, which means that both the OSI
application layer and the user interact directly with the software application. This layer interacts
with software applications that implement a communicating component. Such application
programs fall outside the scope of the OSI model. Application-layer functions typically include
identifying communication partners, determining resource availability, and synchronizing
28
communication. When identifying communication partners, the application layer determines the
identity and availability of communication partners for an application with data to transmit.
When determining resource availability, the application layer must decide whether sufficient
network or the requested communication exist. In synchronizing communication, all
communication between applications requires cooperation that is managed by the application
layer. Some examples of application-layer implementations also include:
1. On OSI stack:
a. FTAM File Transfer and Access Management Protocol
b. X.400 Mail
c. Common Management Information Protocol (CMIP)
2. On TCP/IP stack:
a. Hypertext Transfer Protocol (HTTP),
b. File Transfer Protocol (FTP),
c. Simple Mail Transfer Protocol (SMTP)
d. Simple Network Management Protocol (SNMP).
OSI Model Data unit Layer Function Host
layers Data 7. Application Network process to application 6. Presentation Data representation,
encryption and decryption, convert machine dependent data to machine independent data 5.
Session Interhost communication, managing sessions between applications Segments 4.
Transport End-to-end connections, reliability and flow control Media
layers Packet/Datagram 3. Network Path determination and logical addressing Frame 2. Data
link Physical addressing Bit 1. Physical Media, signal and binary transmission
29
Protocols:
HTTP: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed,
collaborative, hypermedia information systems. HTTP is the foundation of data communication
for the World Wide Web.
Hypertext is a multi-linear set of objects, building a network by using logical links (the so-called
hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol to exchange or transfer
hypertext.
The standards development of HTTP was coordinated by the Internet Engineering Task Force
(IETF) and the World Wide Web Consortium (W3C), culminating in the publication of a series
of Requests for Comments (RFCs), most notably RFC 2616 (June 1999), which defines
HTTP/1.1, the version of HTTP in common use.
30
HTTPS: Hypertext Transfer Protocol Over Secure Socket (HTTPS) is a widely-used
communications protocol for secure communication over a computer network, with especially
wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result
of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus
adding the security capabilities of SSL/TLS to standard HTTP communications.
In its popular deployment on the internet, HTTPS provides authentication of the web site and
associated web server that one is communicating with, which protects against Man-in-the-middle
attacks. Additionally, it provides bidirectional encryption of communications between a client
and server, which protects against eavesdropping and tampering with and/or forging the contents
of the communication. In practice, this provides a reasonable guarantee that one is
communicating with precisely the web site that one intended to communicate with (as opposed to
an impostor), as well as ensuring that the contents of communications between the user and site
cannot be read or forged by any third party.
Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP
protocol is encrypted. This includes the request URL (which particular web page which was
requested), query parameters, headers, and cookies (which often contain identity information
about the user). However, because host addresses and port numbers are necessarily part of the
underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that
eavesdroppers can infer the identity of the server (web site) that one is communicating with as
well as the amount and duration of the communication, though not the content of the
communication.
Historically, HTTPS connections were primarily used for payment transactions on the World
Wide Web, e-mail and for sensitive transactions in corporate information systems. In the late
2000s and early 2010s, HTTPS began to see widespread use for protecting page authenticity on
all types of websites, securing accounts and keeping user communications, identity and web
browsing private.
HTTPS is especially important over unencrypted Wi-fi as it is completely insecure by design and
attacks on unencrypted Wi-fi networks are relatively common. Another example where HTTPS
is important is connections over Tor (anonymity network), as malicious Tor nodes can damage
or alter the contents passing through them in an insecure fashion and inject malware into the
31
connection. This is one reason why EFF and Torproject started the development of HTTPS
Everywhere, which is included in the Tor Browser Bundle.
A site must be completely hosted over HTTPS, without having some of its contents loaded over
HTTP or the user will be vulnerable to some attacks and surveillance. Similarly, cookies on a site
served through HTTPS have to have the secure attribute enabled.
A common misconception is that HTTPS is performance heavy and cannot be deployed on
existing equipment. This isn't true; deploying HTTPS requires no additional equipment or special
hardware. Deploying HTTPS also allows the use of SPDY, which is designed to reduce page
load times and latency.
It is recommended to use HTTP Strict Transport Security with HTTPS to protect users from
man-in-the-middle attacks.
POP: In computing, the Post Office Protocol (POP) is an application-layer Internet standard
protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP
connection. POP and IMAP (Internet Message Access Protocol) are the two most prevalent
Internet standard protocols for e-mail retrieval. Virtually all modern e-mail clients and servers
support both. The POP protocol has been developed through several versions, with version 3
(POP3) being the current standard. Most webmail service providers such as Hotmail, Gmail and
Yahoo! Mail also provide IMAP and POP3 service.
IMAP: Internet message access protocol (IMAP) is one of the two most prevalent Internet
standard protocols for e-mail retrieval, the other being the Post Office Protocol (POP). Virtually
all modern e-mail clients and mail servers support both protocols as a means of transferring e-
mail messages from a server.
FTP: File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one
host to another host over a TCP-based network, such as the Internet. It is often used to upload
web pages and other documents from a private development machine to a public web-hosting
server. FTP is built on a client-server architecture and uses separate control and data connections
between the client and the server. FTP users may authenticate themselves using a clear-text sign-
in protocol, normally in the form of a username and password, but can connect anonymously if
32
the server is configured to allow it. For secure transmission that hides (encrypts) the username
and password, and encrypts the content, SSH File Transfer Protocol may be used.
The first FTP client applications were interactive command-line tools, implementing standard
commands and syntax. Graphical user interfaces have since been developed for many of the
popular desktop operating systems in use today, including general web design programs like
Microsoft Expression Web, and specialist FTP clients such as CuteFTP.
TFTP:Trivial File Transfer Protocol (TFTP) is a file transfer protocol notable for its simplicity.
It is generally used for automated transfer of configuration or boot files between machines in a
local environment. Compared to FTP, TFTP is extremely limited, providing no authentication,
and is rarely used interactively by a user.
Due to its simple design, TFTP could be implemented using a very small amount of memory. It
is therefore useful for booting computers such as routers which may not have any data storage
devices. It is an element of the Preboot Execution Environment (PXE) network boot protocol,
where it is implemented in the firmware ROM / NIJARAM of the host's network card.
It is also used to transfer small amounts of data between hosts on a network, such as IP phone
firmware or operating system images when a remote X Window System terminal or any other
thin client boots from a network host or server. The initial stages of some network based
installation systems (such as Solaris Jumpstart, Red Hat Kickstart, Symantec Ghost and
Windows NT's Remote Installation Services) use TFTP to load a basic kernel that performs the
actual installation.
TFTP was first defined in 1980 by IEN 133. It is currently defined by RFC 1350. There have
been some extensions to the TFTP protocol documented in later RFC's (see the section on
Extensions, below). TFTP is based in part on the earlier protocol EFTP, which was part of the
PUP protocol suite. TFTP support appeared first as part of 4.3 BSD.
Due to the lack of security, it is dangerous to use it over the Internet. Thus, TFTP is generally
only used on private, local networks.
SMTP: Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-
mail) transmission across Internet Protocol (IP) networks. SMTP was first defined by RFC 821
33
(1982, eventually declared STD 10), and last updated by RFC 5321 (2008) which includes the
extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP uses
TCP port 25. The protocol for new submissions (MSA) is effectively the same as SMTP, but it
uses port 587 instead. SMTP connections secured by SSL are known by the shorthand SMTPS,
though SMTPS is not a protocol in its own right.
While electronic mail servers and other mail transfer agents use SMTP to send and receive mail
messages, user-level client mail applications typically only use SMTP for sending messages to a
mail server for relaying. For receiving messages, client applications usually use either the Post
Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system
(such as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a
mail server.
SNMP: Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for
managing devices on IP networks." Devices that typically support SNMP include routers,
switches, servers, workstations, printers, modem racks, and more."It is used mostly in network
management systems to monitor network-attached devices for conditions that warrant
administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the
Internet Engineering Task Force (IETF). It consists of a set of standards for network
management, including an application layer protocol, a database schema, and a set of data
objects.
SNMP exposes management data in the form of variables on the managed systems, which
describe the system configuration. These variables can then be queried (and sometimes set) by
managing applications.
DNS: The Domain Name System (DNS) is a hierarchical distributed naming system for
computers, services, or any resource connected to the Internet or a private network. It associates
various information with domain names assigned to each of the participating entities. A Domain
Name Service resolves queries for these names into IP addresses for the purpose of locating
computer services and devices worldwide. By providing a worldwide, distributed keyword-based
redirection service, the Domain Name System is an essential component of the functionality of
the Internet.
34
An often-used analogy to explain the Domain Name System is that it serves as the phone book
for the Internet by translating human-friendly computer hostnames into IP addresses. For
example, the domain name www.example.com translates to the addresses 192.0.43.10 (IPv4) and
2620:0:2d0:200::10 (IPv6). Unlike a phone book, however, DNS can be quickly updated and
these updates distributed, allowing a service's location on the network to change without
affecting the end users, who continue to use the same hostname. Users take advantage of this
when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without
having to know how the computer actually locates the services.
The Domain Name System distributes the responsibility of assigning domain names and
mapping those names to IP addresses by designating authoritative name servers for each domain.
Authoritative name servers are assigned to be responsible for their particular domains, and in
turn can assign other authoritative name servers for their sub-domains. This mechanism has
made the DNS distributed and fault tolerant and has helped avoid the need for a single central
register to be continually consulted and updated. Additionally, the responsibility for maintaining
and updating the master record for the domains is spread among many domain name registrars,
who compete for the end-user's, domain-owner's, business. Domains can be moved from registrar
to registrar at any time.
The Domain Name System also specifies the technical functionality of this database service. It
defines the DNS protocol, a detailed specification of the data structures and communication
exchanges used in DNS, as part of the Internet Protocol Suite.
Tel net: Telnet is a network protocol used on the Internet or local area networks to provide a
bidirectional interactive text-oriented communications facility using a virtual terminal
connection. User data is interspersed in-band with Telnet control information in an 8-bit byte
oriented data connection over the Transmission Control Protocol (TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized
as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet
standards.
Historically, Telnet provided access to a command-line interface (usually, of an operating
system) on a remote host. Most network equipment and operating systems with a TCP/IP stack
35
support a Telnet service for remote configuration (including systems based on Windows NT).
Because of security issues with Telnet, its use for this purpose has waned in favor of SSH.
The term telnet may also refer to the software that implements the client part of the protocol.
Telnet client applications are available for virtually all computer platforms. Telnet is also used as
a verb. To telnet means to establish a connection with the Telnet protocol, either with command
line client or with a programmatic interface. For example, a common directive might be: "To
change your password, telnet to the server, log in and run the passwd command." Most often, a
user will be telnetting to a Unix-like server system or a network device (such as a router) and
obtain a login prompt to a command line text interface or a character-based full-screen manager.
NTP: Network Time Protocol (NTP) is a networking protocol for synchronizing the clocks of
computer systems over packet-switched, variable-latency data networks.
In operation since before 1985, NTP is one of the oldest Internet protocols in use. NTP was
originally designed by David L. Mills of the University of Delaware, who still develops and
maintains it with a team of volunteers.
NTP uses the User Datagram Protocol (UDP) on port number 123.
NTP is not related to the simpler Daytime Protocol (RFC 867) or the Time Protocol (RFC 868).
DHCP: The Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol
for hosts on Internet Protocol (IP) networks. Computers that are connected to IP networks must
be configured before they can communicate with other hosts. The most essential information
needed is an IP address, and a default route and routing prefix. DHCP eliminates the manual task
by a network administrator. It also provides a central database of devices that are connected to
the network and eliminates duplicate resource assignments.
In addition to IP addresses, DHCP also provides other configuration information, particularly the
IP addresses of local Domain Name Server (DNS), network boot servers, or other service hosts.
DHCP is used for IPv4 as well as IPv6. While both versions serve much the same purpose, the
details of the protocol for IPv4 and IPv6 are sufficiently different that they may be considered
separate protocols.
36
Hosts that do not use DHCP for address configuration may still use it to obtain other
configuration information. Alternatively, IPv6 hosts may use stateless address autoconfiguration.
IPv4 hosts may use link-local addressing to achieve limited local connectivity.
Networking devices:
HUB: An Ethernet hub, active hub, network hub, repeater hub, multiport repeater or hub is a
device for connecting multiple Ethernet devices together and making them act as a single
network segment. It has multiple input/output (I/O) ports, in which a signal introduced at the
input of any port appears at the output of every port except the original incoming. A hub works
at the physical layer (layer 1) of the OSI model. The device is a form of multiport repeater.
Repeater hubs also participate in collision detection, forwarding a jam signal to all ports if it
detects a collision.
Some hubs may also come with a BNC and/or Attachment Unit Interface (AUI) connector to
allow connection to legacy 10BASE2 or 10BASE5 network segments. The availability of low-
priced network switches has largely rendered hubs obsolete but they are still seen in 20th century
installations and more specialized applications.
A network hub is an unsophisticated device in comparison with, for example, a switch. A hub
does not examine or manage any of the traffic that comes through it: any packet entering any
port is rebroadcast on all other ports. Effectively, it is barely aware of frames or packets and
mostly operates on raw bits. Consequently, packet collisions are more frequent in networks
connected using hubs than in networks connected using more sophisticated devices.
100 Mbit/s hubs and repeaters come in two different speed grades: Class I delay the signal for a
maximum of 140 bit times (enabling translation between 100Base-TX, 100Base-FX and
100Base-T4) and Class II hubs delay the signal for a maximum of 92 bit times (enabling
installation of two hubs in a single collision domain).
The need for hosts to be able to detect collisions limits the number of hubs and the total size of a
network built using hubs (a network built using switches does not have these limitations). For
10 Mbit/s networks built using repeater hubs, the 5-4-3 rule must be followed: up to 5 segments
(4 hubs) are allowed between any two end stations. For 10BASE-T networks, up to five
37
segments and four repeaters are allowed between any two hosts. For 100 Mbit/s networks, the
limit is reduced to 3 segments (2 hubs) between any two end stations, and even that is only
allowed if the hubs are of Class II. Some hubs have manufacturer specific stack ports allowing
them to be combined in a way that allows more hubs than simple chaining through Ethernet
cables, but even so, a large fast Ethernet network is likely to require switches to avoid the
chaining limits of hubs.
Most hubs detect typical problems, such as excessive collisions and jabbering on individual
ports, and partition the port, disconnecting it from the shared medium. Thus, hub-based twisted-
pair Ethernet is generally more robust than coaxial cable-based Ethernet (e.g. 10BASE2), where
a misbehaving device can adversely affect the entire collision domain. Even if not partitioned
automatically, a hub simplifies troubleshooting because hubs remove the need to troubleshoot
faults on a long cable with multiple taps; status lights on the hub can indicate the possible
problem source or, as a last resort, devices can be disconnected from a hub one at a time much
more easily than from a coaxial cable.
Hubs are classified as physical layer devices in the OSI model. At the physical layer, hubs
support little in the way of sophisticated networking. Hubs do not read any of the data passing
through them and are not aware of their source or destination addressing. A hub simply receives
incoming Ethernet frames, regenerates the electrical signal on the bit (more precisely the symbol)
level, and broadcasts these symbols out to all other devices on the network.
To pass data through the repeater in a usable fashion from one segment to the next, the framing
and data rate must be the same on each segment. This means that a repeater cannot connect an
802.3 segment (Ethernet) and an 802.5 segment (Token Ring) or a 10 MBit/s segment to
100 MBit/s Ethernet.
SWITCH: A network switch or switching hub is a computer networking device that connects
network segments or network devices. The term commonly refers to a multi-port network bridge
that processes and routes data at the data link layer (layer 2) of the OSI model. Switches that
additionally process data at the network layer (layer 3) and above are often referred to as layer-3
switches or multilayer switches.
The first Ethernet switch was introduced by Kalpana in 1990
38
Layer 1 hubs versus higher-layer switches
A network hub, or repeater, is a simple network device. Hubs do not manage any of the traffic
that comes through them. Any packet entering a port is broadcast out or "repeated" on every
other port, except for the port of entry. Since every packet is repeated on every other port, packet
collisions affect the entire network, limiting its capacity.
There are specialized applications where a hub can be useful, such as copying traffic to multiple
network sensors. High end switches have a feature which does the same thing called port
mirroring.
By the early 2000s, there was little price difference between a hub and a low-end switch.
Layer 2
A network bridge, operating at the data link layer, may interconnect a small number of devices in
a home or the office. This is a trivial case of bridging, in which the bridge learns the MAC
address of each connected device.
Single bridges also can provide extremely high performance in specialized applications such as
storage area networks.
Classic bridges may also interconnect using a spanning tree protocol that disables links so that
the resulting local area network is a tree without loops. In contrast to routers, spanning tree
bridges must have topologies with only one active path between two points. The older IEEE
802.1D spanning tree protocol could be quite slow, with forwarding stopping for 30 seconds
while the spanning tree would reconverge. A Rapid Spanning Tree Protocol was introduced as
IEEE 802.1w, but the newest edition of IEEE 802.1D adopts the 802.1w extensions as the base
standard.
The IETF is specifying the TRILL protocol, which is the application of link-state routing
technology to the layer-2 bridging problem. Devices which implement TRILL, called RBridges,
combine the best features of both routers and bridges.
While layer 2 switch remains more of a marketing term than a technical term,[citation needed] the
products that were introduced as "switches" tended to use microsegmentation and Full duplex to
39
prevent collisions among devices connected to Ethernet. By using an internal forwarding plane
much faster than any interface, they give the impression of simultaneous paths among multiple
devices. 'Non-blocking' devices use a forwarding plane or equivalent method fast enough to
allow full duplex traffic for each port simultaneously.
Once a bridge learns the topology through a spanning tree protocol, it forwards data link layer
frames using a layer 2 forwarding method. There are four forwarding methods a bridge can use,
of which the second through fourth method were performance-increasing methods when used on
"switch" products with the same input and output port bandwidths:
1. Store and forward: The switch buffers and verifies each frame before forwarding it.
2. Cut through: The switch reads only up to the frame's hardware address before starting to
forward it. Cut-through switches have to fall back to store and forward if the outgoing
port is busy at the time the packet arrives. There is no error checking with this method.
3. Fragment free: A method that attempts to retain the benefits of both store and forward
and cut through. Fragment free checks the first 64 bytes of the frame, where addressing
information is stored. According to Ethernet specifications, collisions should be detected
during the first 64 bytes of the frame, so frames that are in error because of a collision
will not be forwarded. This way the frame will always reach its intended destination.
Error checking of the actual data in the packet is left for the end device.
4. Adaptive switching: A method of automatically selecting between the other three modes.
While there are specialized applications, such as storage area networks, where the input and
output interfaces are the same bandwidth, this is not always the case in general LAN
applications. In LANs, a switch used for end user access typically concentrates lower bandwidth
and uplinks into a higher bandwidth.
Layer 3
Within the confines of the Ethernet physical layer, a layer-3 switch can perform some or all of
the functions normally performed by a router. The most common layer-3 capability is awareness
of IP multicast through IGMP snooping. With this awareness, a layer-3 switch can increase
efficiency by delivering the traffic of a multicast group only to ports where the attached device
has signaled that it wants to listen to that group.
40
Layer 4
While the exact meaning of the term layer-4 switch is vendor-dependent, it almost always starts
with a capability for network address translation, but then adds some type of load distribution
based on TCP sessions.
The device may include a stateful firewall, a VPN concentrator, or be an IPSec security gateway.
Layer 7
Layer-7 switches may distribute loads based on Uniform Resource Locator URL or by some
installation-specific technique to recognize application-level transactions. A layer-7 switch may
include a web cache and participate in a content delivery network.
BRIDGE: Bridging is a forwarding technique used in packet-switched computer networks.
Unlike routing, bridging makes no assumptions about where in a network a particular address is
located. Instead, it depends on flooding and examination of source addresses in received packet
headers to locate unknown devices. Once a device has been located, its location is recorded in a
table where the source address is stored so as to avoid the need for further flooding. The utility of
bridging is limited by its dependence on flooding, and is thus only used in local area networks.
A network bridge connects multiple network segments at the data link layer (Layer 2) of the OSI
model. Bridges can limit traffic on each segment, reduce bottlenecks, connect different network
architectures and forward frames between segments. In Ethernet networks, the term bridge
formally means a device that behaves according to the IEEE 802.1D standard. A bridge and a
switch are very much alike; a switch being a bridge with numerous ports. Switch or Layer 2
switch is often used interchangeably with bridge.
Bridging generally refers to transparent bridging or learning bridge operation which
predominates in Ethernet. Another form of bridging, source route bridging, was developed for
token ring networks.
GATEWAY: A network gateway is an internetworking system capable of joining together two
networks that use different base protocols. A network gateway can be implemented completely
41
in software, completely in hardware, or as a combination of both. Depending on the types of
protocols they support, network gateways can operate at any level of the OSI model.
Because a network gateway, by definition, appears at the edge of a network, related capabilities
like firewalls tend to be integrated with it. On home networks, a broadband router typically
serves as the network gateway although ordinary computers can also be configured to perform
equivalent functions.
ROUTER: Routers are physical devices that join multiple wired or wireless networks together.
Technically, a wired or wireless router is a Layer 3 gateway, meaning that the wired/wireless
router connects networks (as gateways do), and that the router operates at the network layer of
the OSI model.
Home networkers often use an Internet Protocol (IP) wired or wireless router, IP being the most
common OSI network layer protocol. An IP router such as a DSL or cable modem broadband
router joins the home's local area network (LAN) to the wide-area network (WAN) of the
Internet.
By maintaining configuration information in a piece of storage called the routing table, wired or
wireless routers also have the ability to filter traffic, either incoming or outgoing, based on the IP
addresses of senders and receivers. Some routers allow the home networker to update the routing
table from a Web browser interface. Broadband routers combine the functions of a router with
those of a network switch and a firewall in a single unit.
Bellman–Ford algorithm
computes single-source shortest paths in a weighted digraph. For graphs with only non-negative
edge weights, the faster Dijkstra's algorithm also solves the problem. Thus, Bellman–Ford is
used primarily for graphs with negative edge weights. The algorithm is named after its
developers, Richard Bellman and Lester Ford, Jr.
If a graph contains a "negative cycle", i.e., a cycle whose edges sum to a negative value, then
walks of arbitrarily low weight can be constructed by repeatedly following the cycle, so there
may not be a shortest path. Bellman-Ford can detect negative cycles and report their existence,
but it cannot produce a correct answer if a negative cycle is reachable from the source.
42
According to Robert Sedgewick, "Negative weights are not merely a mathematical curiosity;
arise in a natural way when we reduce other problems to shortest-paths problems". Let G be a
graph containing a negative cycle. One NP-Complete variant of the shortest-path problem asks
for the shortest path in G (containing a negative cycle) such that no edge is repeated. Sedgewick
gives a reduction from the Hamiltonian path problem to this variant of the problem.
Dijkstra's algorithm,
conceived by Dutch computer scientist Edsger Dijkstra in 1956 and published in 1959, is a
graph search algorithm that solves the single-source shortest path problem for a graph with
nonnegative edge path costs, producing a shortest path tree. This algorithm is often used in
routing and as a subroutine in other graph algorithms.
For a given source vertex (node) in the graph, the algorithm finds the path with lowest cost (i.e.
the shortest path) between that vertex and every other vertex. It can also be used for finding costs
of shortest paths from a single vertex to a single destination vertex by stopping the algorithm
once the shortest path to the destination vertex has been determined. For example, if the vertices
of the graph represent cities and edge path costs represent driving distances between pairs of
cities connected by a direct road, Dijkstra's algorithm can be used to find the shortest route
between one city and all other cities. As a result, the shortest path first is widely used in network
routing protocols, most notably IS-IS and OSPF (Open Shortest Path First).
Dijkstra's original algorithm does not use a min-priority queue and runs in O(|V|2). The idea of
this algorithm is also given in (Leyzorek et al. 1957). The implementation based on a min-
priority queue implemented by a Fibonacci heap and running in O(|E| + |V| log |V|) is due to
(Fredman & Tarjan 1984). This is asymptotically the fastest known single-source shortest-path
algorithm for arbitrary directed graphs with unbounded nonnegative weights. (For an overview
of earlier shortest path algorithms and later improvements and adaptations, see: Single-source
shortest-paths algorithms for directed graphs with nonnegative weights.)
BROUTER: A bridge router or brouter is a network device that works as a bridge and as a
router. The brouter routes packets for known protocols and simply forwards all other packets as a
bridge would.
43
Brouters operate at both the network layer for routable protocols and at the data link layer for
non-routable protocols. As networks continue to become more complex, a mix of routable and
non-routable protocols has led to the need for the combined features of bridges and routers.
Brouters handle both routable and non-routable features by acting as routers for routable
protocols and bridges for non-routable protocols. Bridged protocols might propagate throughout
the network, but techniques such as filtering and learning might be used to reduce potential
congestion. Brouters are used as connecting devices in the networking system, so it acts as a
bridge in a network and as a router in an internetwork.
FIREWALL: A firewall can either be software-based or hardware-based and is used to help
keep a network secure. Its primary objective is to control the incoming and outgoing network
traffic by analyzing the data packets and determining whether it should be allowed through or
not, based on a predetermined rule set. A network's firewall builds a bridge between an internal
network that is assumed to be secure and trusted, and another network, usually an external
(inter)network, such as the Internet, that is not assumed to be secure and trusted.
Many personal computer operating systems include software-based firewalls to protect against
threats from the public Internet. Many routers that pass data between networks contain firewall
components and, conversely, many firewalls can perform basic routing functions.
Some other connecting devices are RJ45, RJ11, RS232, RJ56, V35 and EIA/TIA.
IP addressing:
It is a 32 bit identifier which represents the address or logical address of host in our network. It is
in the form of decimal. It is divided into four parts. Each part is of 8 bit.
Class A : 0 to 127 (0.0.0.0 – 127.255.255.255)
Class B: 128 to 191
127.255.255.255
Loop back
address
44
(128.0.0.0 – 191.255.255.255)
Class C: 192 to 223
(192.0.0.0 – 223.255.255.255)
Class D: 224 – 239
(224.0.0.0 – 239.255.255.255)
Class E: 240 – 255
(240.0.0.0 – 255.255.255.255)
IANA (internet assign number authority)
RIR (regional internet registry)
ISP (internet service provider)
user
IP address
Private IP APIPA Public IP
Used for multicast
And
Research purpose
45
IANA: The Internet Assigned Numbers Authority (IANA) is the entity that oversees global IP
address allocation, autonomous system number allocation, root zone management in the Domain
Name System (DNS), media types, and other Internet Protocol-related symbols and numbers.
IANA is a department operated by the Internet Corporation for Assigned Names and Numbers,
also known as ICANN.
Prior to the establishment of ICANN for this purpose, IANA was administered primarily by Jon
Postel at the Information Sciences Institute (ISI) of the University of Southern California (USC),
under a contract USC/ISI had with the United States Department of Defense, until ICANN was
created to assume the responsibility under a United States Department of Commerce contract.
RIR: A regional Internet registry (RIR) is an organization that manages the allocation and
registration of Internet number resources within a particular region of the world. Internet number
resources include IP addresses and autonomous system (AS) numbers. The Regional Internet
Registry system evolved over time, eventually dividing the world into five RIRs:
African Network Information Centre (AfriNIC) for Africa
American Registry for Internet Numbers (ARIN) for the United States, Canada, several
parts of the Caribbean region, and Antarctica.
Asia-Pacific Network Information Centre (APNIC) for Asia, Australia, New Zealand, and
neighboring countries
Latin America and Caribbean Network Information Centre (LACNIC) for Latin America
and parts of the Caribbean region
Réseaux IP Européens Network Coordination Centre (RIPE NCC) for Europe, Russia, the
Middle East, and Central Asia
ISP: An Internet service provider (ISP) is an organization that provides access to the Internet.
Internet service providers can be either community-owned and non-profit, or privately owned
and for-profit.
Access ISPs directly connect clients to the Internet using copper wires, wireless or fiber-optic
connections. Hosting ISPs lease server space for smaller businesses and other people
(colocation). Transit ISPs provide large amounts of bandwidth for connecting hosting ISPs to
access ISPs.
46
Subnet Mask:
A subnet mask is a bitmask that encodes the prefix length in quad-dotted notation: 32 bits,
starting with a number of 1 bits equal to the prefix length, ending with 0 bits, and encoded in
four-part dotted-decimal format. A subnet mask encodes the same information as a prefix length,
but predates the advent of CIDR. However, in CIDR notation, the prefix bits are always
contiguous, whereas subnet masks may specify non-contiguous bits. However, this has no
practical advantage for increasing efficiency.
A mask used to determine what subnet an IP address belongs to. An IP address has two
components, the network address and the host address. For example, consider the IP address
150.215.017.009. Assuming this is part of a Class B network, the first two numbers (150.215)
represent the Class B network address, and the second two numbers (017.009) identify a
particular host on this network.
Subnetting enables the network administrator to further divide the host part of the address into
two or more subnets. In this case, a part of the host address is reserved to identify the particular
subnet. This is easier to see if we show the IP address in binary format. The full address is:
10010110.11010111.00010001.00001001
The Class B network part is:
10010110.11010111
and the host address is
00010001.00001001
If this network is divided into 14 subnets, however, then the first 4 bits of the host address (0001)
are reserved for identifying the subnet.
The subnet mask is the network address plus the bits reserved for identifying the subnetwork.
(By convention, the bits for the network address are all set to 1, though it would also work if the
bits were set exactly as in the network address.) In this case, therefore, the subnet mask would be
11111111.11111111.11110000.00000000. It's called a mask because it can be used to identify
47
the subnet to which an IP address belongs by performing a bitwise AND operation on the mask
and the IP address. The result is the subnetwork address:
Subnet Mask 255.255.240.000 11111111.11111111.11110000.00000000
IP Address 150.215.017.009 10010110.11010111.00010001.00001001
Subnet Address 150.215.016.000 10010110.11010111.00010000.00000000
The subnet address, therefore, is 150.215.016.000.
Moreover it is a 32 bit identifier that defines network ID and host ID.
N H H H
A : 255 . 0 . 0 . 0
N N H H N- network
B: 255 . 255 . 0 . 0 H- host
N N N H
C: 255 . 255 . 255 . 0
IP: 192.168.5.50
SM: 255.255.255.0
192.168.1.0 NID
192.168.1.1 - - - - - - - - - - - - - - - - - 192.168.1.255 BID
SUBNETTING
CIDR VLSM
CIDR – Classless inter domain routing VLSM – Variable length subnet mask
Classless Inter-Domain Routing ( CIDR )
48
It is a method for allocating IP addresses and routing Internet Protocol packets. The Internet
Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture
of classful network design in the Internet. Their goal was to slow the growth of routing tables on
routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses.
IP addresses are described as consisting of two groups of bits in the address: the more significant
part is the network address, which identifies a whole network or subnet, and the less significant
portion is the host identifier, which specifies a particular interface of a host on that network. This
division is used as the basis of traffic routing between IP networks and for address allocation
policies. Classful network design for IPv4 sized the network address as one or more 8-bit groups,
resulting in the blocks of Class A, B, or C addresses. Classless Inter-Domain Routing allocates
address space to Internet service providers and end users on any address bit boundary, instead of
on 8-bit segments. In IPv6, however, the interface identifier has a fixed size of 64 bits by
convention, and smaller subnets are never allocated to end users.
CIDR notation is a syntax of specifying IP addresses and their associated routing prefix. It
appends to the address a slash character and the decimal number of leading bits of the routing
prefix, e.g., 192.0.2.0/24 for IPv4, and 2001:db8::/32 for IPv6.
Variable Length Subnet Mask (VLSM)
It is a means of allocating IP addressing resources to subnets according to their individual need
rather than some general network-wide rule.Subnet masks are used by hosts to determine
network gateways and broadcast addresses.The Internet's explosive growth eventually required
the more efficient use of the IP address space available. Variable Length Subnet Masking is a
technique used to allow more efficient assignment of IP addresses. Originally Internet addresses
were carved up into small, medium and large size blocks of contiguous addresses based on the
values of the first four bits in the first octet of the IP address. These were often referred to as
classful addresses. By carving classful address blocks into smaller classless blocks, you waste
fewer addresses. The process of carving out smaller blocks from the larger blocks was called
subnetting.
CIDR Table:
49
Subnet Mask CIDR value Total IP's Binary Values
255.255.255.255 /32 1 11111111.11111111.11111111.11111111
255.255.255.254 /31 2 11111111.11111111.11111111.11111110
255.255.255.252 /30 4 11111111.11111111.11111111.11111100
255.255.255.248 /29 8 11111111.11111111.11111111.11111000
255.255.255.240 /28 16 11111111.11111111.11111111.11110000
255.255.255.224 /27 32 11111111.11111111.11111111.11100000
255.255.255.192 /26 64 11111111.11111111.11111111.11000000
255.255.255.128 /25 128 11111111.11111111.11111111.10000000
255.255.255.0 /24 256 11111111.11111111.11111111.00000000
255.255.254.0 /23 512 11111111.11111111.11111110.00000000
255.255.252.0 /22 1024 11111111.11111111.11111100.00000000
255.255.248.0 /21 2048 11111111.11111111.11111000.00000000
255.255.240.0 /20 4096 11111111.11111111.11110000.00000000
255.255.224.0 /19 8192 11111111.11111111.11100000.00000000
255.255.192.0 /18 16,384 11111111.11111111.11000000.00000000
255.255.128.0 /17 32,768 11111111.11111111.10000000.00000000
255.255.0.0 /16 65,536 11111111.11111111.00000000.00000000
255.254.0.0 /15 131,072 11111111.11111110.00000000.00000000
255.252.0.0 /14 262,144 11111111.11111100.00000000.00000000
255.248.0.0 /13 524,288 11111111.11111000.00000000.00000000
255.240.0.0 /12 1,048,576 11111111.11110000.00000000.00000000
255.224.0.0 /11 2,097,152 11111111.11100000.00000000.00000000
255.192.0.0 /10 4,194,304 11111111.11000000.00000000.00000000
255.128.0.0 /9 8,388,608 11111111.10000000.00000000.00000000
255.0.0.0 /8 16,777,216 11111111.00000000.00000000.00000000
254.0.0.0 /7 33,554,432 11111110.00000000.00000000.00000000
252.0.0.0 /6 67,108,864 11111100.00000000.00000000.00000000
50
Subnet Mask CIDR value Total IP's Binary Values
248.0.0.0 /5 134,217,728 11111000.00000000.00000000.00000000
240.0.0.0 /4 268,435,456 11110000.00000000.00000000.00000000
224.0.0.0 /3 536,870,912 11100000.00000000.00000000.00000000
192.0.0.0 /2 1,073,741,824 11000000.00000000.00000000.00000000
128.0.0.0 /1 2,147,483,648 10000000.00000000.00000000.00000000
0.0.0.0 /0 4,294,967,296 00000000.00000000.00000000.00000000
CABLING
COAXIAL TWISTED PAIR FIBRE OPTICS
UTP STP
(unshielded twisted pair) (shielded twisted pair)
STRAIGHT THROUGH CROSS OVER ROLLED OVER OR
CONSOLE
568 A
ETA/TIA
568 B
A cable is most often two or more wires running side by side and bonded, twisted or braided
together to form a single assembly, but can also refer to a heavy strong rope. In mechanics
51
cables, otherwise known as wire ropes, are used for lifting, hauling and towing or conveying
force through tension. In electrical engineering cables are used to carry electric currents. An
optical cable contains one or more optical fibers in a protective jacket that supports the fibers.
Electric cables discussed here are mainly meant for installation in buildings and industrial sites.
For power transmission at distances greater than a few kilometres see high-voltage cable, power
cables and HVDC.
Cable is the medium through which information usually moves from one network device to
another. There are several types of cable which are commonly used with LANs. In some cases, a
network will utilize only one type of cable, other networks will use a variety of cable types. The
type of cable chosen for a network is related to the network's topology, protocol, and size.
Understanding the characteristics of different types of cable and how they relate to other aspects
of a network is necessary for the development of a successful network.
Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair
(UTP) is the most popular and is generally the best option for school networks.
The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The
cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of
twists per inch to help eliminate interference from adjacent pairs and other electrical devices.
The tighter the twisting, the higher the supported transmission rate and the greater the cost per
foot. The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association)
has established standards of UTP and rated six categories of wire (additional categories are
emerging).
Unshielded Twisted Pair Connector:
The standard connector for unshielded twisted pair cabling is an RJ-45 connector. This is a
plastic connector that looks like a large telephone-style connector (See fig. 2). A slot allows the
RJ-45 to be inserted only one way. RJ stands for Registered Jack, implying that the connector
follows a standard borrowed from the telephone industry. This standard designates which wire
goes with each pin inside the connector.
52
Shielded Twisted Pair (STP) Cable :
Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical
frequency interference (it should not be too close to electric motors, fluorescent lights, etc.). If
you must place cable in environments with lots of potential interference, or if you must place
cable in extremely sensitive environments that may be susceptible to the electrical current in the
UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the
maximum distance of the cables.
Shielded twisted pair cable is available in three different configurations:
1. Each pair of wires is individually shielded with foil.
2. There is a foil or braid shield inside the jacket covering all wires (as a group).
3. There is a shield around each individual pair, as well as around the entire group of wires
(referred to as double shield twisted pair).
Coaxial Cable
Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation
between the center conductor and a braided metal shield. The metal shield helps to block any
outside interference from fluorescent lights, motors, and other computers.
Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In
addition, it can support greater cable lengths between network devices than twisted pair cable.
The two types of coaxial cabling are thick coaxial and thin coaxial.
Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin
coaxial cable carrying Ethernet signals. The 2 refers to the approximate maximum segment
length being 200 meters. In actual fact the maximum segment length is 185 meters. Thin coaxial
cable has been popular in school networks, especially linear bus networks.
Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick
coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500
meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away
from the center conductor. This makes thick coaxial a great choice when running longer lengths
53
in a linear bus network. One disadvantage of thick coaxial is that it does not bend easily and is
difficult to install.
Fiber Optic Cable
Fiber optic cabling consists of a center glass core surrounded by several layers of protective
materials. It transmits light rather than electronic signals eliminating the problem of electrical
interference. This makes it ideal for certain environments that contain a large amount of
electrical interference. It has also made it the standard for connecting networks between
buildings, due to its immunity to the effects of moisture and lighting.
Fiber optic cable has the ability to transmit signals over much longer distances than coaxial and
twisted pair. It also has the capability to carry information at vastly greater speeds. This capacity
broadens communication possibilities to include services such as video conferencing and
interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it
is more difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable
carrying Ethernet signals.
The center core of fiber cables is made from glass or plastic fibers. A plastic coating then
cushions the fiber center, and kevlar fibers help to strengthen the cables and prevent breakage.
The outer insulating jacket made of teflon or PVC.
Straight through:
1. .GREEN WHITE .GREEN WHITE
2. GREEN GREEN
3. ORANGE WHITE ORANGE WHITE
4. BLUE BLUE
5. BLUE WHITE BLUE WHITE
6. ORANGE ORANGE
7. BROWN WHITE BROWN WHITE
8. BROWN BROWN
568 A 568 B
Followed during connections of:
54
1
.
HUB SWITCH
2
.
HUB PC
3
.
SWITCH ROUTER
Cross Over: 1 2 - 3 6
1 3
2 6
1. GREEN WHITE ORANGE WHITE
2. GREEN ORANGE
3. ORANGE WHITE GREEN WHITE
4. BLUE BLUE
5. BLUE WHITE BLUE WHITE
6. ORANGE GREEN
7. BROWN WHITE BROWN WHITE
8. BROWN BROWN
568 A 568 B
Followed during the connections of:
1. LAPTOP LAPTOP
2. PC PC
3. HUB HUB
4. SWITCH SWITCH
5. PC ROUTER
Rolled Over:
It is used for interface not for communication.
55
1. GREEN WHITE BROWN
2. GREEN BROWN WHITE
3. ORANGE WHITE ORANGE
4. BLUE BLUE WHITE
5. BLUE WHITE BLUE
6. ORANGE ORANGE WHITE
7. BROWN WHITE GREEN
8. BROWN GEEN WHITE
Used during the connection of:
1. PC ROUTER/SWITCH
Modes of Router:
1.User executive mode
Syntax: Router >
2.Previlage mode
Syntax : Router#
3.Global configuration
Syntax: Router(config)#
4.Interface mode or line console mode
Syntax: Router(config if/line)#
5.Sub interface mode
Syntax: Router(config-subif)# Router > enable
Router#
56
Router#config terminal
Router(config)#
Router(config)#interface fastethernet 0/0 or line console 0
Router(config-if)# or Router(config-line)#
Commands for router:
1.To enable the router:
Router > enable
2.To disable the router:
Router# disable
3.To show physical interface of router:
Router#show ip interface brief
4.To show the command present in RAM of router:
Router#show running-config
5.To show the command present in NVRAM of router:
Router#show startup-config
6.To save command from RAM to NVRAM of the router:
Router#copy running-config startup-config
7.To erase command present in NVRAM of router:
Router#erase startup-config
8.To move on global configuration mode from previlage mode of router:
57
Router#config terminal
Router(config)#
9.To change host name of the router:
Router(config)#hostname hcl
10.To set service password:
Router(config)#enable password hcl
11.To encrypt service password:
Router(config)#service password-encryption
12.To set secret password to router:
Router(config)#enable secret <password>
13.To show time:
Router#show clock
14.To set time in router:
Router#clock set 00:00:00 dd monthname yyyy
15.To set the console password:
Router(config)#line console 0
Router(config-line)#password 123
Router(config-line)#login
16.To set banner to the router:
Router(config)#banner motd*banner title*
58
17.To remove password:
Router(config)#no enable secret password
Router(config)#no enable service password
18.To enable fastethernet of router:
Router(config)#interface fastethernet 0/0
Router(config)#no shutdown
19.To assign ip address to fastethernet:
Router(config)#interface fastethernet 0/0
Router(config)#ip address 192.168.1.1 255.255.255.0
20.To reboot router:
Router#reload
TO JOIN TWO ROUTERS WITH EACH OTHER:
SERIAL DCE
ROUTER A-
Router(config)#interface serial 0/0/0
Router(config)#ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#clock rate 64000
ROUTER A
1841
192.168.1.1
ROUTER B
1841
192.168.1.2
59
ROUTER B-
Router(config)#interface serial 0/0/0
Router(config)#ip address 192.168.1.2 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#clock rate 64000
ROUTER B-
Router(config)#enable password
Router(config)#line vty 0 4
user access verification
Router(config-line)#password telnet password: telnet
Router(config-line)#login Router > enable
Router(config-line)#exit password: hcl
Router A-
Router#telnet 192.168.1.2
ROUTER A- ROTER A
192.168.1.1
S0/0/0
F0/0
10.0.0.1
ROTER A
192.168.1.2
S0/0/0
F0/0
20.0.0.1
Switch 0 Switch 1
60
ROUTER A:
Router(config)#interface fastethernet
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface serial 0/0/0
Router(config-if)ip address 192.168.1.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)clockrate 64000
ROUTER B:
Router(config)#interface fastethernet 0/0
Router(config-if)#ip address 20.0.0.1 255.0.0.0
Router(config-if)#no shutdown
Router(cconfig-if)#exit
Router(config)#interface serial 0/0/0
Router(config-if)#ip address 192.168.1.2 255.255.255.0
PC
20.0.0.5
61
Router(config-if)#no shutdown
ROUTER A:
Router(config)#ip route 10.0.0.1 255.0.0.0 192.168.1.2
ROUTER B:
Router(config)#ip route 20.0.0.1 255.0.0.0 192.168.1.1
ROUTING
STATIC ROUTING DYNAMIC ROUTING DEFAULT ROUTING
IGP EGP
DVRP LSRP HYBRID(DVRP+LSRP)
RIP IGRP OSPF IS-IS EIGRP
RIP V1 RIP V2 RIP NG
62
DVRP – Distance vector routing protocol,follows B-F algorithm and best path.
LSRP – Link state routing protocol,follows dijkstra algorithm and shortest path.
HYBRID(DVRP+LSRP) – follows both best and shortest path and both B-F and dijkstra
algorithm.
RIP – Routing information routing protocol (15 hops)
IGRP – Interior gateway protocol (255 hops)
OSPF – Open shortest path first, classfull + classless (unlimited hops)
IS-IS – intermediate system to intermediate system, classfull + classless (255 hops)
EIGRP – Enhanced interior gateway routing protocol, classfull + classless (255 hops)
RIP V1 - Routing information routing protocol version one, classfull
RIP V2 - Routing information routing protocol version two, classless + classfull
RIP NG - Routing information routing protocol new generation, IPV6
STATIC ROUTING:
# It is the process in which the router are predefined by the network administrator.
# It is secured than dynamic routing.
# It generally increases network administrator overload.
# Static routing used when very few devices to configure (<5) and when we know the router wil
probably never change.
>> [Syntax: Router(config)#ip route destination NID subnet mask next hop]
>> [HOP:In computer networking.a hop represents one portion of the path between source and
destination]
63
DEFAULT ROUTING:
# A default routing also known as the gateway of last resort,is the network routes used by a
router when no other known route exists for a given IP packet’s destination address.
# All the packets for destination not known by the router’s routing table are sent to the default
route.
>> [Syntax:Router(config)#ip route 0.0.0.0 0.0.0.0 next hop]
DYANMIC ROUTING:
# RIP is a distance vector routing protocol, which employs the hop count as a routing metric.
# RIP prevents routing loops by implementing a limit on the number of hops allowed in a path
from the source to a destination.
# The maximum number of hops allowed for RIP is 15.
# The hold down ime is 180 seconds.
# RIP router transmitted full updates every 30 seconds.
# There are 3 versions of the RIP: RIP V1,RIP V2,RIPng.
RIP V1:
# RIP V1 uses classfull routing. It doesnot support classless inter domain routing(CIDR).
>> [Syntax: Router(config)#router rip
Router(config-router)#network source NID]
64
RIP V2:
# RIP V1 supports classless classless inter domain routing(CIDR).
# RIP V1 supports RIP V1 updates authentication.
# RIP V1 encodes the next hop into each entries.
>> [Syntax: Router(config)#router rip
Router(config-router)#version 2
Router(config-router)#network source NID]
RIPng:
# RIPng supports IPV6 networking.
# RIPng doesnot support RIP V1 updates authentication.
# RIPng requires specific encoding of the next loop for a set of route entries.
ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL (EIGRP)
# EIGRP is a CISCO proprietary routing protocol loosely based on their original IGRP.
# EIGRP is the combination of a distance vector and link state routing protocol.
# EIGRP supports maximum hop up to 255.
# EIGRP is enhanced version of IGRP.
# EIGRP supports for IPV4,IPV6,appletalk,IPx.
# EIGRP supports VLSM and CIDR both.
# EIGRP uses autonomous system.
65
# EIGRP uses autonomous system.
# EIGRP has four basic components:
1. Neighbour discovery/recovery: It is the process that routers use to dynamically lear off
the other routers on their directly attached networks.
2. Reliable transport protocol: This protocol is responsible for guaranteed, ordered delivery
of EIGRP packets to all neighbours.
3. DUAL: The DUAL (differing update algorithm) embodies the decision process for all
route competitions (best free route).
4. Protocol dependent modules: These are responsible for network layer , protocol specific
requirements.
>> [Syntax: Router(config)#router eigrp AS no., Router(config-router)#network source NID]
OPEN SHORTEST PATH FIRST (OSPF)
a. It is an interior gateway protocol used to distribute routing information within a single
autonomous system.
b. It is a part of link state routing protocol that work on Dijkstra algorithm.
c. The maximum number of hops allowed for OSPF is unlimited.
d. It supports IPv6 and IPv4 both.
e. It supports both VLSM and CIDR.
f. It selects the best route by finding the lowest cost paths to a destination.
g. It does require the router have a more powerful processor ans more memory than other
routing protocols.
h. It uses areas to organize a network into a hierarchial structure.
>> [Syntax: Router(config)#router ospt AS no.
Router(config-router#network source_NID wild_card_mask area area_number]
VIRTUAL LOCAL AREA NETWORK (VLAN)
66
i. VLAN is a logical grouping of network users and resources connected to
administrativity defined port on a switch.
ii. It helps us to create small broadcast domains.
iii. Host form one VLAN cannot communicate directly with the host on different VLAN.
iv. a router.
v. VLANs help us to enhance the network security.
Types of VLAN links:
a) Access port
b) Tunk port
Access Port:
I. Carries the traffic off and belongs to only one VLAN.
II. Access port is used to connect switch to PC.
>> [Syntax: Switch(config)#interface fastethernet port
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan vlan_no.]
Trunk Port :
Carries the traffic of multiple VLANs.
By default is a number of all VLANs in the VLAN database.
Trunk port is used to connect switch to switch and switch to router.
>> [Syntax: switch(config)#interface fastethernet port
Switch(config-if)#switchport mode trunk]
PC
10.0.0.1
PC
10.0.0.5
67
f 0/1 f 0/5
VLAN 10 sales VLAN 20 marketing
f 0/2 f 0/6
Commnds of switch:
switch#config terminal
switch(config)#vlan 10
switch(config-vlan)#name sales
switch(config-vlan)#exit
switch#show vlan brief
To create VLAN through data base:
switch#vlan database
switch(vlan)#vlan 20 name marketing
switch#show vlan brief
To assign port to dedicated VLAN:
switch(config)#interface f0/1
switch(config-if)#switchport mode access
switch(config-if)#switchport access vlan 10
switch#show vlan brief
PC
10.0.0.1
PC
10.0.0.5
SWITCH A
PC
10.0.0.2
PC
10.0.0.6
68
switch(config)#interface f0/2
switch(config-if)#switchport mode access
switch(config-if)#switchport access vlan 20
switch#show vlan brief
To assign port to dedicated vlan through range:
switch(config)#interface range f0/5-6
switch(config-if-range)#switchport mode access
switch(config-if-range)#switchport access vlan 20
switch#show vlan brief
SWITCH TO SWITCH COMMUNICATION:
Commands:
Switch A:
switch(config)#int f 0/20
switch(config-if)#switchport mode trunk
Switch B:
switch(config)#int f 0/21
switch(config-if)#switchport mode trunk
INTER VLAN ROUTING:
SWITCH A
f 0/20
SWITCH B
f 0/21
PC
192.168.1.5
PC
192.168.2.5
ROUTER
f 0/0
69
Vlan10=192.168.1.1 VLAN20=192.168.2.1
f 0/5 f 0/1 f0/10
VLAN 10 VLAN 20
HCL f 0/6 f 0/11 CDC
SWITCH:
switch#vlan database
switch(vlan)#vlan 10 name HCL
switch(vlan)#vlan 20 name CDC
switch(config)#int range f 0/5-6
switch(config-if-range)#switch port mode access
switch(config-if-range)#switchport access vlan 10
switch(config-if-range)#exit
switch(config)#int range f 0/10-11
switch(config-if-range)#switchport mode access
switch(config-if-range)#switchport access vlan 20
switch(config-if-range)#exit
ROUTER:
router(config)#interface fastethernet 0/0
router(config-if)#no shutdown
SWITCH A
PC
192.168.1.6
PC
192.168.2.6
ISL – INTER SWITCH LINK (Cisco)
dot1q - IEEE
70
router(config-if)#exit
router(config)#interface fastethernet 0/0.1
router(config-subif)#encapsulation dot1q 10
router(config-subif)#ip address 192.168.1.1 255.255.255.0
router(config-subif)#exit
router(config)#interface fastethernet 0/0.2
router(config-subif)#encapsulation dot1q 20
router(config-subif)#ip address 192.168.2.1 255.255.255.0
router(config-subif)#exit
VLAN TRUNKING PROTOCOL (VTP):
1. VLAN trunking protocol is a cisco proprietory layer 2 messaging protocol that manages the addition.deletion and renameing of virtual local area network (VLAN) on a network wide basis.
2. It was designed by cisco with the network engineer and administrator in mind,reducing the administration overhead and the possibility of error as described above in any switched network environment.
3. When a new VLAN is configured the same VLAN everywhere, it carries VLAN information to all the switches in a VTP domain.
MODES OF VTP:
1.VTP server:
a) The default mode for all the switches supporting VTP.b) In VTP mode we can create,remove and modify VLANs.c) VTP servers advertise their VLAN configuration to the other switches in the same VTP
domain and synchronies their VLAN configuration with other switches based on messages received over trunk links.
d) The VLANs information are stored on NVRAM and they are not lost after a reboot.
2.VTP client:
a) They behave in the same way as VTP servers, but we cannot create,change or delete VLANs on the local device.
b) VLAN configuration are saved in NVRAM.
3.VTP transparent:
71
a) This mode is something between a VTP server and a VTP client but doesnot participate in the VTP domain.
b) Transparent VTP switchwill act as a VTP relay (forward all VTP information it receives, out its trunk ports) only when VTP version 2 is used in the network.
c) When we set the VTP mode to transparent then the switches do not participate in VTP.d) VLANs can be created , change or deleted when in transparent mode
.
FRAME RELAY:-
a) It is a standard for packet switching WAN communication over high quality digital lines.b) Frame relay networks can provide data transfer upto 1.54 mbps.c) It can be implemented over a variety of connection lines (56k, T-1, T-2).d) It operates at the physical and data link layers of OSI model.e) When we sign up for frame relay service we are assigned a level of service called a
committed information rate (CIR).>> [NOTE: The CIR is the maximum guaranteed data transmission rate we will receive on frame relay network]
CONCEPTS ABOUT FRAME RELAY METHOD:
1. Routers connect to frame relay switch either directly or through a CSU/DSU.2. Frame relay networks stimulate an ‘always on’ connection with PVCs (permanent
virtual circuits).3. Sending routers send data immediately without establishing a session.4. Frame relay switches perform error checking but not correction.5. Corrupted packets are simply dropped without notification.6. Packets travel through the frame relay cloud without acknowledgements.7. Congestion is the most common cause of packet loss on a frame relay network.8. Frame relay switches send backward explicit congestions notification (BECN)
messages to slow data transfer rate.
FRAME RELAY PROTOCOLS:
i. Data link connection identifiers (DLCIs)ii. Local management interface (LMI)
DLCIs:a) It identifies each virtual circuit.b) It ranges between 16 and 1007.c) The DLCI represents the connection between two frame relay devices.d) The frame relay service provider assigns the DLCI when the virtual circuit is set up.e) Each DLCI is unique for the local network, bu not for the entire WAN.
72
LMI:a) It is a set of management protocol extensions that automates many frame relay
management task.b) It is responsible for managing the connection an d reporting connection status.c) It maintains the link between the router and the switch.d) It gathers status information about other routers and connections on the network.e) Cisco routers support 3 LMI types: Cisco, ANSI and Q933a
FRAME REALY CONNECTIONS AND CIRCUITS:
I. Point-to-point: This link stimulates a direct connection with destination device.II. Multipoint: A multipoint link configures each circuit to communicate with more than one
destination devices.
A CSU/DSU (channel service unit/data service unit) is a digital interface device used to connect a data terminal equipment device or DTE, such as a router, to a digital circuit(eg.a T1 or T3 line).
ACL (ACCESS CONTROL LIST)
a) ACL is a set of rules defined within a list that a router uses to determine whether to accept or deny traffic on an interface.
b) ACL is filtering unwamted packets when implementing security policies.c) It prevents certain traffic entering or exiting from a network, based on criteria we
specified within thw access list so that network security can be achieved.
Types of ACL:
i. Standard ACLii. Extended ACL
iii. Named ACL
Standard ACL:
a. SACLs are cisco IOS based commands used to filter packets on cisco routers based on the source IP address of the packet.
b. The destination of the packet and the ports involved do not matter.c. Its range area is 1-99 or 1300-1999.
>>[Syntax: Router(config)#access-list <ACL no.> <permit/deny> <source IP> <source mask>]
Extended ACL:
a. Extended ACLs have the ability to filter packets based on source and destination IP address.
b. It also allows you to specify different types of traffic such as ICMP,TCP,UDP etc.c. Its area range is 100-199 or 2000-2699.
73
>>[Syntax: Router(config)#access-list <ACL no.> <permit/deny> <protocol> <source IP> <source mask> <operator> <source port> or <destination IP> <destination mask> <operator> <destination port>]
Named ACL:
# Named ACLs are standard or extended ACLs which are given names instead of a ACL number.
>>[Syntax: Router(config)#ip access-list <standard/extended> name
#Inbound ACLs: IOS check the packet before it is sent to the routing table process.
#Outbound ACLs: IOS check the packet after it is sent to the routing table process.
Network Address Translation(NAT)
1. NAT is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network.
2. NAT provides a type of firewall by hiding internal IP addresses.3. NAT can be statically defined or it can be set up to dynamically translate from and to a
pool of IP addresses.4. NAT runs on the device that's connected to the Internet and hides the rest of your
network from the public, thus making your whole network appear as one device to the rest of the world.
Types of NAT:
i. Static NATii. Dynamic NAT
iii. Overloading NAt(PAT)
Static NAT:
a) Static NAT maps an unregistered IP address to a registered IP address on a one-to-one basis.
b) It mapped a private IP address to a public IP address, where the public address is always the same IP address.
>>[syntax: ip nat inside source static private-IP public-IP]
Dynamic NAT:
a) Dynamic NAT maps an unregistered IP address to a registered IP address from a group of registered IP addresses.
74
b) It mapped private IP address to a public IP address drawing from a pool of registered (public) IP addresses.
>>[syntax:router(config)#access list no. permit private-Network-ID wild-card-mask
router(config)#ip nat pool name public-IPaddress-range netmask subnet-mask
router(config)#ip nat inside source list no. pool name]
Overloading NAT(PAT):
a) Overloading NAT is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports.
b) In PAT each computer on LAN is translated to the same IP address, but with a different port number assignment.
>>[syntax:router(config)#access list no. permit private Network-ID wild-card-mask
router(config)#ip nat pool name public-IPaddress public-IPaddress netmask subnet-mask
router(config)#ip nat inside source list no. pool name overload]
IP Networks/addresses map:
Inside Local :—This is the local IP address of a private host on your network (e.g., a workstation's IP address).
Inside Global :—This is the public IP address that the outside network sees as the IP address of your local host.
Outside Local :—This is the local IP address from the private network, which your local host sees as the IP address of the remote host.
Outside Global:—This is the public IP address of the remote host (e.g., the IP address of the remote Web server that a workstation is connecting to).
Hardware Component of Cisco Devices:
ROM:
ROM contains the necessary firmware to boot up your router and typically has the following four components:
a) POST (power-on self-test): Performs tests on the router's hardware components.
75
b) Bootstrap program: Brings the router up and determines how the IOS image and configuration files will be found and loaded.
c) ROM Monitor (ROMMON mode): A mini–operating system that allows to perform low-level testing and troubleshooting, the password recovery procedure.
d) Mini-IOS: A stripped-down version of the IOS that contains only IP code. This should be used in emergency situations where the IOS image in flash can't be found and we want to boot up the router and load in another IOS image. This stripped-down IOS is referred to as RXBOOT mode.
RAM:
a) RAM of router is like the memory in the PC. b) On a router, it (in most cases) contains the running IOS image; the active configuration
file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers.
c) The IOS is responsible for managing memory. When we turn off the router, everything in RAM is erased.
Flash:
a) Flash is a form of nonvolatile memory in that when we turn the router off, the information stored in flash is not lost.
b) Routers store their IOS image in flash, but other information can also be stored here.c) Some lower-end Cisco routers actually run the IOS directly from flash (not RAM). d) Flash is slower than RAM, a fact that can create performance issues.
NVRAM:
a) NVRAM is like flash in that its contents are not erased when you turn off your router. b) It is slightly different, though, in that it uses a battery to maintain the information when
the Cisco device is turned off. c) Routers use NVRAM to store their configuration files. In newer versions of the IOS, we
can store more than one configuration file.
---------------------------------------------------------------------------------------------------------------------