Networks, OSI Model and TCP/IP Topics Computer Networks OSI Model (7-Layers) TCP/IP UDP LAN Standards Standards are required so that different manufacturers can create equipment that will interoperate without special configuration.
Standards groups include: ISO. International Organization for Standardization establishes standards for networking operation.
ANSI. American National Standards Institute is the US representative to ISO.
EIA/TIA. Electronics Industries Alliance/Telecommunications Industry Association is an industry based standards group.
IEEE. Institute of Electrical and Electronics Engineers is an international professional organization that sets communications standards. IEEE Project 802 sets standards for cabling and data transmission on local area networks.
Physical Connectivity Network Interface Card (NIC). Also known as Network Card or Ethernet Adapter. Transmits and receives signals to the LAN. Computers can not communicate on LAN without this device.
Each Network Card has a Media Access Control (MAC) address. This is also known as the physical address or Ethernet address.
MAC address is a unique 12 digit hexadecimal number that is hard coded into each network interface. The first half of a MAC address is the manufacturers ID. The second half a serial number.
-F3-1C-D4 Serial number 00-04-AC Manufacturer ID Cable and Wireless Physical cabling is also known as bounded media.
Transmissions are bound to the physical media. To communicate, hosts must be physically connected to that media.
Physical cabling is usually located in a buildings plenum.
Wireless network is known as unbounded media.
Transmissions are not bound to a physical cable. To communicate, hosts do not need to be physically connected. Coaxial Cable Coaxial cable is often used in older LANs.
Known as RG58, Thinnet, and 10Base2.
Maximum bandwidth of 10 Mbps.
Maximum segment length of 185 meters (605 feet).
Maximum of 30 hosts per segment. Coaxial Cable Hosts on an RG58 network require a network card with an RG58 adapter.
To add the host to the network, the cable section must have an RG58 connector on both ends with a T piece fitted between them.
Both ends of the segment should be terminated using a a piece of equipment known as a terminator.
A terminator stops signals on the network echoing back when they reach the end of the segment. Twisted Pair Cable The most common cabling technology in use today.
Consists of four pairs of copper wires twisted around each other. Twists are used because they reduce interference.
Maximum length: 100 meters (328 feet).
Maximum bandwidth: 1000 Mbps. Twisted Pair Cable Connect to networking devices such as network interface cards and switches using RJ45 connectors.
One end must connect to a host, the other to a networking device such as a switch. You can only connect two computers together if you use a crossover cable, which uses different wiring.
Fiber Optic Cable Fiber optic cable has better data security than twisted pair or RG58. You cant intercept the signals without breaking the cable.
Fiber optic cable is immune to electromagnetic interference, something that can cause problems for twisted pair or RG58.
The disadvantages of fiber optic cable is that it is very expensive and that it is not very flexible. Bend it too far and it will break the core, rendering the cable useless.
Fiber optic cable is mostly use as a backbone to connect LANs together, rather than connecting hosts together on a LAN. Wireless Wireless networks do not require physical infrastructure like cables.
Wireless networks have short range.
Wireless networks have limited bandwidth.
Transmissions can be intercepted easily by a person outside building with a wireless access device. LAN Topologies Physical topology is the actual location and arrangement of physical connections between devices on the network.
Logical topology is the path that a given datagram travels between two devices. Often there is more than one way to get from one host to another. Bus Topology All network devices connected to a common cable in logical linear fashion.
Transmissions are sent along the length of the bus segment.
Adding hosts to the network requires breaking the network.
Failure of one host can cause failure of network.
Star Topology Connection from each device to a central location, usually a switch.
Most commonly used physical topology.
Failure of one cable does not bring down network. Ring Topology Network is connected in an endless loop.
No termination required.
Uncommon topology today, more common in 1980s. CSMA/CD Stands for Carrier Sense Multiple Access with Collision Detection. Each device listens to media for transmissions. When media is clear, initiates transmission and listens for collision. If collision occurs, device waits for random amount of time before attempting transmission again. Commonly used on physical networks. Wait for network silence Wait for network silence 0011010001010001001000111001 0011010001010001001000111001 Begin Transmission Begin Transmission COLLISION! Wait random amount of time Wait random amount of time 0011010001010001001000111001 Begin Transmission CSMA/CA Stands for Carrier Sense Multiple Access with Collision Avoidance.
Each device listens to media for transmissions. When media is clear, device sends an intent to transmit signal. As this signal is small, chances of collision are minimized.
Used often in wireless networking. Wait for network silence Wait for network silence Signal Intent to Transmit 1010111011101110111011101101 ISO OSI networks International Organization for Standardization (ISO)
Open Systems Interconnection (OSI) 1979 - 7 layer reference model defined 1982 ISO begins deliberations on specific protocols for each layer 1990 U.S. mandates all gov. purchased computers must be GOSIP compliant 1995 GOSIP requirement rescinded
7 Layer Reference Model Physical Data Link Network Transport Session Presentation Application L1 L2 L3 L4 L5 L6 L7 Host to Host Communications Physical Data Link Network Transport Session Presentatio n Application Physical Data Link Network Transport Session Presentatio n Application Ethernet WiFi Physical Network Data Link Layer 1 - Physical Defines the physical, electrical/optical specifications for each network device Pin layout Voltages Optical levels Modulation scheme
Examples: Ethernet, SONET, FDDI, IEEE 802.11
Layer 2 Data Link Layer Functions and procedures to transmit/receive bits over the physical media. Media specific addressing Physical media error detection/recovery Bridge, Hub, Switch equipment
Examples: Ethernet CSMA/CD, HDLC, SDLC
Layer 3 Network Layer Functions and procedures needed to transmit data throughout a global network Routing functions Segmentation / reassembly Global addressing
Example: IP addresses
Layer 4 Transport Layer Functions to support the transparent transfer of data between end users Reliability Error detection and recovery Flow control
Examples: TCP, UDP, SCTP
Layer 5 Session Layer Control sessions between computers Establish, maintain, terminate connections Duplex operation (full or half) Checkpointing and restart procedures
Layer 6 Presentation Layer Transforms data to/from a common format Encoding Compression Encryption
Examples: MIME, XML
Layer 7 Application Layer Program used to interact with computer and data Specific application for each task GUI or command line interface
Examples: SSH, SCP, HTTP, email
OSI Quick Summary OSI reference model defines modular stack that allows multi-vendor interoperations.
Input/output details specified
Internal details left up to individual vendors
Usually implemented by a series of function calls
TCP/P Internet Direct descendant of ARPAnet
Provides Global packet switched network services
Standard protocol shipped by most vendors
Still under active development IPv6 TCP modifications
TCP/IP Architecture Copper, Fiber, Radio Ethernet, Sonet, ATM IP TCP, UDP Network Based Applications L1 L2 L3 L4 TCP/IP Architecture Copper, Fiber, Radio Ethernet, Sonet, ATM IP TCP, UDP Network Based Applications L1 L2 L3 L4 TCP/IP Quick Summary Grew out of ARPA funded research program
Free wide spread deployment in BSD 4.2 OS
TCP/IP protocols form the Internet
Architecture Comparison Physical Data Link Network Transport Session Presentation Application L1 L2 L3 L4 L5 L6 L7 Copper, Fiber, Radio Ethernet, Sonet, ATM IP TCP, UDP Network Based Applications IP Protocol IP is a connectionless datagram delivery service Unreliable Delivery No concept of order No concept of loss No concept of late TTL field to Kill Off packets Each packet treated separately Operates over numerous data-link and physical networks
IP Header Field Fixed size header field (20 Bytes), Variable length options
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL | DSCP |ECN| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ IP Address 32 bit unsigned number Network portion used for global routing Host portion used to identify specific host
Usually expressed in dot quad format 192.168.1.1 specifics specific host 192.168.1.0/24 specifies subnet of hosts
What is a Network Address? Convert the following to binary using 8 bit positions:
00000010 00010000 00001111 10000000 11111111 11111110 01100011 00000000 Cannot be done with 8 bits! 2 16 15 128 255 254 99 0 300 What is a Network Address? (cont) Rules for IP addresses: 32 bits 4 sections called octets Dotted decimal format Divided into a network portion and a host portion IP addresses range from 0 to 255 (128+64+32+16+8+4+2+1=255) Network addresses may look like this to us . . . 128.32.15.22 . . . but they look like this to a computer: 10000000.0010000.00001111.00010110
What is a Network Address? (cont)
128 64 32 16 8 4 2 1 I 0 0 0 0 0 0 0 128 64 32 16 8 4 2 1 0 0 0 I 0 I I 0
128 64 32 16 8 4 2 1 0 0 1 0 0 0 0 0 128 64 32 16 8 4 2 1 0 0 0 0 I I I I 128 32 15 22 128 + 0 = 128 32 + 0 = 32 8 + 4 + 2 + 1 = 15 16 + 4 + 2 = 22 Given the address of 128.32.15.22 . . . . . This is why 128.32.15.22 = 10000000.00100000.00001111.00010110 Counting IP addresses 120.19.0.12 130.15.16.17 10.0.0.0 15.255.255.0 11.254.254.255
Note: Binary counting ALWAYS starts with a 0, not a 1. Also, counting like this does NOT apply to subnet masks 120.19.0.13 130.15.16.18 10.0.0.1 15.255.255.1 11.254.255.0 120.19.0.11 130.15.16.16 9.255.255.255 15.255.254.255 11.254.254.254 Network addresses are grouped into classes. Class Network Range Binary Representation Class A 0-127 00000000 - 01111111 Class B 128-191 10000000 - 10111111 Class C 192-224 11000000 - 11011111 1 byte 1 byte 1 byte 1 byte (8 bits) (8 bits) (8 bits) (8 bits) Class A Network Host Host Host Class B Network Network Host Host Class C Network Network Network Host What class of address is 128.32.15.22? What is a Network Address? (cont) What is a Network Address? (cont) Network addresses consist of two parts Network address Host or node address Similar to an address for your home/business
Networks are like this; we have a few big cities with lots of homes and lots of small cities with few homes.
128.32 .15.22 Network Address Host Address 12050 Main Street Anytown, MI 48300 Regional Address Street Address What is a Network Address? (cont) Within each class there are are two ranges of IP address types (RFC 1918) Public range Allowed on the internet addresses must be registered Private range Not allowed on the internet unregistered for private use only
Class Private IP Addresses (RFC 1918) A 10.0.0.0 to 10.255.255.255 B 172.16.0.0 to 172.31.255.255 C 192.168.0.0 to 192.168.255.255 IP Version 4 209.46.18.195 11010001.00101110.00010010.11000011 In common use today on the Internet and LANs. Packet Header varies in size
Uses 32-bit address as shown above in blue or 2^32
When represented in decimal form, an IP address has four numbers, one for each byte. This notation is dotted quad and takes the form shown above in red. The decimal value of each quad is between 0 and 255.
Certain address spaces are reserved for private and multicast networks. These addresses can not be used on the Internet, but can be used on LANs.
Private IP address space is most commonly used on LANs. Private address space includes the following ranges. 10.0.0.0 to 10.255.255.255 Class A 172.16.0.0 to 172.31.255.255 Class B 192.168.0.0 to 192.168.255.255 Class C IPv6 bits 16 16 16 16 16 16 16 16 = 128 IPv6 2001:0db8:85a3:08d3:1319:8a2e:0370:7344 In limited use today, is likely to be in common use by the end of the decade. Being tested on Internet II
Uses a 128-bit address, represented as a 32-digit hexadecimal address. Normally written as eight groups of 4 hex digits as shown above in red.
Will allow every network device in the world to have a unique address.
Supported by modern operating systems.
Different IPv6 forms of expression 1080:0000:0000:0000:0000:7435:192.168.100.1 1080:0:0:0:0:7435:192.168.100.1 1080:0:7435:192.168.100.1 1080::7435:192.168.100.1 IP Version 6 The next generation of the IP protocol is IPv6. 2^128 340 undecillion or 340 trillion, trillion, trillion addresses It uses a fixed packet header size of 40 bytes so that information always appears in the same place. Goals of IPv6
To provide for transition from IPv4 Simplify the header fields of IP Provide for authentication and privacy To expand routing capabilities To expand addressing capabilities To expand quality of service capabilities To improve support for options Subnet Mask 255.255.240.0 11111111.11111111.11110000.00000000 Like an IPv4 address, a 32-bit number.
Used with IPv4 addresses to logically segment networks.
A host uses its IP address and the subnet mask to determine which addresses are on the local network and which are on remote networks.
Traffic destined for hosts on the local network is sent directly to that host.
Traffic destined for remote networks is sent to the router. Network Address Translation Where one public IP address (one that is unique to the Internet) is shared by hosts on the private network.
Hosts on the Internet can not initiate contact with a host on the private network.
Hosts on the private network can initiate contact with hosts on the Internet.
Once contact is established, bi- directional communication is possible. Address Assignment Addresses must be unique to the network.
Two hosts on the Internet cannot have the same IP address.
Two hosts on an organizations private network cannot have the same IP address.
Two hosts on different organizations private networks can have the same IP address.
DHCP Address Assignment Addresses can be assigned manually or dynamically.
DHCP is commonly used to assign TCP/IP addresses automatically. Computer boots up and is assigned TCP/IP configuration via network. Addresses can be assigned on a first come, first serve basis from a pool or reserved on the basis of MAC address. Dynamic Host Configuration Protocol (DHCP) Bootstrap Protocol (BOOTP) DHCP assigns addresses from a poll, then removes it from pool Host sends DHCPDISCOVER message on local IP subnet to find the DHCP server, using IP broadcast address DHCP server response with DHCPOFFER message Host sends DHCPREQUEST message to identify the server to be used Server response with DHCPACK message with the assigned IP for client Host sends on port 67 UDP Server sends on port 68 UDP
Address can be reserved for a specific MAC
DHCP Relay Agents can help cross subnets for server Dynamic Host Configuration Protocol (DHCP) Bootstrap Protocol (BOOTP) Parameters a DHCP can automatically set IP address Subnet mask Gateway (router) address DNS address WINS address Wins client mode
BOOTP diskless operating systems, automatically configure host during bootup on a TCP/IP network DNS (Domain Name System) Used to translate friendly names such as www.emcp.com into IP Addresses such as 209.46.18.195.
DNS is distributed. No single server hosts all DNS records.
Records are segmented into zones. A zone is a common namespace.
DNS servers that host zones near the top of the DNS hierarchy can refer requests to DNS servers that host zone towards the bottom of the DNS hierarchy. DNS Addresses DNS addresses, also known as Fully Qualified Domain Name (FQDN), are a collection of zone information proceeded by a host name.
Each element is separated by a period.
A DNS address is read from back to front or right to left. au, edu, and unimelb are all separate zones, hosted on separate DNS servers. Host name library is part of the unimelb zone. .au Country Code .edu .unimelb library Top level domain Organization domain name Host name Local DNS Servers Almost all LANs have a local DNS server.
Clients on the LAN address all DNS requests to the local DNS server.
The local DNS server either returns the answer to the request from its own database, or it will query other DNS servers to locate the answer.
In the past, DNS information was entered manually by administrators.
Today, many DNS servers can be automatically updated, so that hosts that have different IP addresses can be easily contacted via DNS name. DNS Resolution DNS client host1.emcp.com queries its preferred DNS server. The DNS server in turn queries a series of DNS servers, beginning at the top of the DNS hierarchy until it returns a result from the server that holds the zone that the target host is located in. CIDR Rules IP address is ANDed with bit mask to extract network portion
Classless Inter-domain Routing (CIDR) Specifies length of bit mask
Example 192.168.2.10/23 C0A8020A + FFFFFE00 = C0A80100 Range is 192.168.1.0 192.168.2.255 First and last addresses in subnet are reserved
Network Infrastructure S w i t c h
1
Switch 2 Switch 3 R1 R3 R4 R2 R7 R6 R9 R8 R5 Switch 4 IP Fragmentation Routers may break packets into smaller chunks (fragmentation)
Destination host is responsible for reassembling all fragments into original packet
Performance impact on modern (ASIC based) routers
IP Dont Fragment Flag in header to indicate that packet should be discarded instead of fragmented
Basis for Path MTU Discovery protocol Find the largest packet that can transit the entire end-to-end path Router may return an ICMP error message when it discards the packet PMTU black holes can occur
TCP Protocol TCP provides connection orientated delivery service Reliable Delivery In-order guarantee Loss detection and recovery Flow control Error detection Hides network details from applications
TCP Connection Setup Host in Listen state does passive open Host in Connect state does active open Hosts complete a 3-way handshake to complete open (move to Established state Full Duplex connection established, hosts can transfer data in either direction
TCP Flow Control Original design relied on TCP Window size to control number of packets entering the network
Real world experience showed that network could experience congestion collapse and new mechanisms were needed Slow Start after connection is opened Exponential Growth algorithm Congestion Avoidance once loss is detected Linear Growth algorithm
TCP Reno Most common version of TCP today
Loss based detection to switch from Slow Start to Congestion Avoidance flow control
Transmit and Receive windows to guarantee reliability
TCP modifications Most changes to TCPs Congestion Avoidance growth algorithm Recognized that linear growth is not efficient for Fast Long-Distance Paths
Delay Based Detection Vegas Fast
Loss Based Detection Reno High Speed BIC, Cubic UDP Protocol UDP User Datagram Protocol Application must provide Reliability Flow Control Useful for short messages DNS Real Time audio/video
Real-time Transport Protocol RTP Real-time Transport Protocol Carries data with real-time properties Used for Audio and Video streams Header contains sequence number and timestamp to provide receiver with pkt info
RTCP RTP Control Protocol Carries control information about the stream from receiver back to sender
Multicast packets IP addresses (224.0.0.0 239.255.255.255) Single source, multiple receivers Multiple sources, multiple receivers Routers and Switches must support multicast to prevent unwanted packets from flooding the network
Multiple unicast streams can be used to emulate a multicast session
Multicast Traffic Source starts sending packets using a multicast IP address
Local router/switch uses control messages to advertise traffics availability
Receivers send request-to-join messages
New path from receiver to merge point is created and traffic flow begins