Module 1

Copyright 2013
Cyberoam Technologies Pvt. Ltd.

901, Silicon Tower
Off C.G.Road
Ahmedabad 380 006
India (Cyberoam).
All rights reserved.

No part of this training material may be reproduced in any form by any
means (including but not limited to photocopying or storing it in any
medium by electronic means and whether or not transiently or incidentally to
some other use of this training material) without permission in writing from
Cyberoam. Requests for permission to make copies of any part of this
training material should be mail to:
Cyberoam Technologies Private Limited, 901, Silicon Tower, Off C. G.
Road, Ahmedabad 380 006, India
Warning: The doing of an unauthorized act in relation to a copyright work
may result in both a civil claim for damages and criminal prosecution.
Cyberoam, Cyberoam NetGenie, Cyberoam Central Console are Trademarks
of Cyberoam.
This training material may have referred few trademarks for the purpose of
indentifying certain products and/or services. All those trademarks are
owned by their respective owners.
This training material is designed to provide accurate and authoritative
information in regard to the subject matter.
While Cyberoam has taken all due care and diligence at the time of editing
and publishing training material, Cyberoam does not hold any responsibility
for any mistake that may have inadvertently contained within training
material. Cyberoam shall not be liable for any direct, consequential, or
incidental damages arising out of the use of the training material.

Preface
Greetings from Cyberoam!
Cyberoam Certified Network Security Professional, CCNSP, is designed for IT professionals,
wishing to enhance their careers in Network Security industry with hands-on experience on
Cyberoam products. It is our pleasure to share our global network security experiences of
securing every possible network of small to large organizations.

Today from home to business, from corporation to Government all are becoming network
dependent which gives growth to the network security industry. This requires good number of
certified network and security professionals who will contribute in securing network. The course
is intended to provide in-depth knowledge on network security. Also, the course is intended to
provide functional familiarity with Cyberoam family of appliances.

Cyberoam has customers in 125+ countries provides. This next generation certification course is
researched and produced by our award winning experts who constantly use their industry
experiences in various verticals, business critical state of affairs, and best practices. They have
faced numerous deployment scenarios and challenges and they have produced precise and
endorse the course. The course goes beyond others, because it is authored by the global network
security vendor Cyberoam, who is a leading purveyor in the network security industry.
Additionally, this course contains sessions and instructions, which are designed with current
industry demand and backed up by extensive lab work. This leading edge certification is an
industry benchmark that will help you demonstrate your competency and gain industry
recognition for networking and security skills. After this course, you will be enabled to efficiently
deploy and troubleshoot Cyberoam Layer 8 Firewall while understanding CyberoamOS and
implement concepts such as IPS (Intrusion Prevention System), Network level Anti-Virus/Anti-
Spam and WAF (Web Application Firewall) and also in case of an attack, regenerate attacks
using forensic analysis, and much more.

Cyberoam certification is the unique opportunity and become the best Certified Network Security
Professional.

Wish you success and growth in your careers. God Bless You.

Regards,
Hemal Patel
CEO
Cyberoam Technologies Pvt. Ltd.
Training & Certification Programs

As network security assumes significance for businesses and investment in security infrastructure
grows by the day, the need to validate the knowledge and skills of network security professionals
has also grown proportionately.
Cyberoam Certification Program helps these professionals achieve and demonstrate competency
in addition to gaining industry recognition for skills in identity-based networking and security as
well as in deploying, configuring and managing the Cyberoam CR appliances. With Cyberoam
certification, one becomes an expert not just with the current networking and security knowledge,
but also with the identity-based security technology that takes future trends into account.
The program consists of two certifications - CCNSP and CCNSE - for which instructor-led
training is provided on demand. CCNSP and CCNSE are thoughtfully designed to increase
efficiency in maximizing the benefits of Cyberoam appliances not only for customers and
partners, but also for the certified professionals career.

CCNSP (Cyberoam Certified Network & Security
Professional):

The CCNSP is designed for acquiring expertise necessary for the installation and configuration of all Cyberoam features
and functionality. To attain the CCNSP certification, one needs to clear the exam for accreditation after acquiring expertise
in Firewalls and VPN, IPS, Anti-Virus and Anti-Spam and trouble shooting.
CCNSE (Cyberoam Certified Network & Security Expert):

The CCNSE exam structure consists of one lab and one exam. Accreditation is achieved based on clearing the exams.
The CCNSE professional is certified for product installation, integration, support & management, advanced deployment
and advanced troubleshooting. This also helps in bundling services such as technical support and Customised reports.
To appear in the CCNSE training or certification exam, the individual must have CCNSP certification
Training to Achieve Certification
These courses include hands-on tasks and real-world scenarios to gain valuable practical
experience.
Access to an up-to-date database of answer to your questions is provided.
Instructors traverse the globe to deliver training at various centres.
Instructor led 2-day courses are available with all the hardware necessary for practising.

Please refer Cyberoam Training Portal [http:// training.cyberoam.com] for further information
regarding the certification programmes and trainings.
Benefits of Cyberoam Certification
Advances your career rapidly
Certifies your competence and understanding in handling the CR appliance
Increases your credential in the market as Cyberoam Certified Engineer
Brings recognition from peers and competitors
Increases credibility with customers
Brings a sense of personal accomplishment

How to become CCNSP & CCNSE
For those of you aspiring for the CCNSE certification, you must acquire a prior CCNSP
certification. Though you can undertake the certification exams directly without training to
achieve the CCNSP and CCNSE certifications, Cyberoam recommends successful completion of
the instructor-led training programs for hands-on experience and in-depth understanding of topics
Also, in order to clear the exams for the certifications, you are required to achieve 75% or higher
score in the exams.
Please, visit below URL for more information regarding Cyberoam Training.
http://training.cyberoam.com

Training Contact Details:
USA Toll Free: +1-877-380-8531
India Toll Free: +1-800-301-00013
EMEA / APAC: +91-79-66065777
Email: training@cyberoam.com
http://training.cyberoam.com

Table of Contents
NETWORKING BASICS ........................................................................................................................................ 1
Types of Media ......................................................................................................................................... 1
Guided Media ........................................................................................................................................... 1
Twisted Pair Cable .................................................................................................................................................. 1
UTP Cable ............................................................................................................................................................ 1
Cable Pin outs ..................................................................................................................................................... 2
Co-Axial Cable ........................................................................................................................................................ 4
Fiber Optic Cable .................................................................................................................................................... 4
Unguided Media ....................................................................................................................................... 5
MODES OF TRANSMISSION ................................................................................................................................. 5
HOW SYSTEMS ON DIFFERENT PLATFORMS COMMUNICATE? ..................................................................................... 6
STANDARDIZATION ........................................................................................................................................... 6
STANDARDS ORGANIZATIONS.............................................................................................................................. 6
ISO ............................................................................................................................................................ 7
ITU ............................................................................................................................................................ 7
IEEE ........................................................................................................................................................... 7
IETF ........................................................................................................................................................... 7
OSI REFERENCE MODEL .................................................................................................................................... 7
Application Layer ...................................................................................................................................... 8
Presentation Layer.................................................................................................................................... 8
Session Layer ............................................................................................................................................ 8
Transport Layer ........................................................................................................................................ 8
Network Layer .......................................................................................................................................... 9
Data Link Layer ......................................................................................................................................... 9
Addressing .............................................................................................................................................................. 9
MAC (Link Layer) Addresses ................................................................................................................................ 9
Network Layer Addresses ................................................................................................................................... 9
Physical Layer ......................................................................................................................................... 10
IP PROTOCOL SUITE (TCP/IP MODEL) ............................................................................................................... 10
WHAT IS AN INTERNETWORK? .......................................................................................................................... 10
COMMUNICATION PROTOCOLS ......................................................................................................................... 11
IP ............................................................................................................................................................. 11
ICMP ....................................................................................................................................................... 12
TCP .......................................................................................................................................................... 13
UDP ......................................................................................................................................................... 13
NETWORK TYPES ............................................................................................................................................ 14
LAN ......................................................................................................................................................... 14
Mesh .................................................................................................................................................................... 16
Star ....................................................................................................................................................................... 16
Tree ...................................................................................................................................................................... 17
Bus ........................................................................................................................................................................ 17
Ring ...................................................................................................................................................................... 17
Hybrid topology .................................................................................................................................................... 18
Comparing Topologies .......................................................................................................................................... 18
Interconnecting Devices ....................................................................................................................................... 19
Gateways .......................................................................................................................................................... 19
Routers ............................................................................................................................................................. 19
Bridges .............................................................................................................................................................. 19
Repeaters .......................................................................................................................................................... 19
MAN ....................................................................................................................................................... 20
WAN ....................................................................................................................................................... 20
Point to Point WAN .............................................................................................................................................. 20
Circuit Switching WAN ......................................................................................................................................... 20
Packet Switching .................................................................................................................................................. 21
WAN Interconnecting Devices .............................................................................................................................. 21
WAN Switch .......................................................................................................................................................... 21
Modem ................................................................................................................................................................. 22
IP ADDRESSING .............................................................................................................................................. 22
IPv4 ......................................................................................................................................................... 22
Classes of IP Address ............................................................................................................................................ 22
Class A .................................................................................................................................................................. 23
Class B .................................................................................................................................................................. 23
Class C .................................................................................................................................................................. 23
Class D .................................................................................................................................................................. 23
Class E ................................................................................................................................................................... 23
Understanding the IP Notation .............................................................................................................. 23
Subnetting & Subnet Masks ................................................................................................................... 24
Check Your Progress ............................................................................................................................... 25
IPv6 ......................................................................................................................................................... 26
The need .............................................................................................................................................................. 26
Header .................................................................................................................................................................. 26
Advantage ............................................................................................................................................................ 27
Transition & Working ........................................................................................................................................... 27
Working ................................................................................................................................................................ 27
MULTIPLE PROTOCOLS WITHIN THE SAME PACKET ENVELOPING ............................................................................ 29
APPLICATION PROTOCOLS ................................................................................................................................ 30
HTTP ....................................................................................................................................................... 30
HTTPS ..................................................................................................................................................... 30
SMTP ...................................................................................................................................................... 30
POP/POP3 ............................................................................................................................................... 30
IMAP ....................................................................................................................................................... 30
FTP .......................................................................................................................................................... 31
Telnet ...................................................................................................................................................... 31
INTERCOMMUNICATION ................................................................................................................................... 31
Bridging Internetwork Communication .................................................................................................. 31
Bridging and the OSI Model ................................................................................................................................. 32
Types of Bridges ..................................................................................................................................... 32
Advantages & Disadvantages of Bridging .............................................................................................. 32
Advantages: .......................................................................................................................................................... 32
Disadvantages ...................................................................................................................................................... 33
Switching Internetwork Communication ................................................................................................ 33
LAN Switching ....................................................................................................................................................... 33
VLAN ..................................................................................................................................................................... 33
MPLS..................................................................................................................................................................... 34
Routing Internetwork Communication ................................................................................................... 34
Routing Concepts .................................................................................................................................... 34
Routing Tables ........................................................................................................................................ 35
Routing Metrics ...................................................................................................................................... 35
Path Length .......................................................................................................................................................... 35
Reliability .............................................................................................................................................................. 35
Delay .................................................................................................................................................................... 35
Bandwidth ............................................................................................................................................................ 35
Load ...................................................................................................................................................................... 35
Communication Cost ............................................................................................................................................ 35
Routing Algorithms ................................................................................................................................. 35
Static .................................................................................................................................................................... 35
Dynamic................................................................................................................................................................ 36
Single path And Multipath ................................................................................................................................ 36
Link State and Distance Vector ......................................................................................................................... 37
Protocols used in Routing ....................................................................................................................... 38
RIP ........................................................................................................................................................................ 38
OSPF ..................................................................................................................................................................... 38
BGP ....................................................................................................................................................................... 38
IGRP ...................................................................................................................................................................... 38
Routing and the OSI Model .................................................................................................................... 38
NETWORK MANAGEMENT ................................................................................................................................ 38
1. Performance Management ........................................................................................................................ 39
2. Configuration Management ...................................................................................................................... 39
3. Accounting Management .......................................................................................................................... 39
4. Fault Management .................................................................................................................................... 39
5. Security Management................................................................................................................................ 39
SNMP ...................................................................................................................................................... 40
VPN ......................................................................................................................................................... 40
VPN on L2TP ......................................................................................................................................................... 41
VPN on PPTP ......................................................................................................................................................... 41
IPSec VPN ............................................................................................................................................................. 42
MPLS VPN ............................................................................................................................................................. 42
SSL VPN ................................................................................................................................................................ 42
NETWORKING WITH QUALITY OF SERVICES .......................................................................................................... 42
Overview ................................................................................................................................................. 42
SUMMARY .................................................................................................................................................... 43
CHECK YOUR PROGRESS ....................................................................................... ERROR! BOOKMARK NOT DEFINED.

Internetworking Technologies
Cyberoam Academy
http://academy.cyberoam.com
1
Networking Basics
A network is a data communication system that allows users and devices to communicate with each other. A
network that contains computers as a part of devices is known as a Computer Network. When a message is
sent across from one point to another point, we say that communication has taken place.

A message is a term used for the information and a single unit of communication transmitted over a network. A
message can be anything like an email (Electronic Mail), a file, an image, or any piece of information. A PC or any
other machine which is capable of processing information is known as a network node.

In a communication process minimum 2 PCs or devices are involved. The device which initiates the
communication is known as a sender and the device which receives the message is a receiver. Sender and
Receiver are connected to each other via a medium or media which is generally in the form of wires (nowadays,
wireless).
Types of Media
Signals generated by the sender and receiver during the transmission process require a medium through which
they should travel to their destination. The transmission media is divided into two broad categories.
1. Guided
2. Unguided

The overall categorization of the transmission media is shown by the above figure, however the detail description
of each is given below.
Guided Media
Guided Media are those types of media that provide a conduit from one point to another on the network. These
include the twisted pair cable, Co-axial cable and the Fiber Optic cable.
Twisted Pair Cable
This cable comes in two forms
1. UTP (Unshielded Twisted Pair)
2. STP (Shielded Twisted Pair)
UTP Cable
UTP is the most commonly used cable today. The UTP consists of two cables wound on each other and jacketing
a copper wire, each with its own colored plastic insulation.

Cyberoam Academy
2

There are seven major categories of this type of cable. The category number of the cable tells us how many
numbers of pairs of wires are contained in the cable.
1. Category 1
This type of cable contains a single pair of wires. This is the basic twisted pair cable generally used in telephone
systems. This type of cable cannot be used to carry computer signals and hence are not suitable for computer
computer communication.
2. Category 2
This type of cable contains 2 pairs of wires (total 4 wires). It is suitable for voice and data communication up to 4
Mbps only.
3. Category 3
This type of cable has 3 pairs of wires (total 6 wires). It is suitable for data transmission up to 10 Mbps. It is now a
standard cable for most of the telephone systems.
4. Category 4
This type of cable has 4 pairs of wires (total 8 wires). It is suitable for data transmission up to 16 Mbps and can be
used for low speed computer computer communication as well as voice communication.
5. Category 5
This type of cable is suitable for data transmission up to 100 Mb per second. This cable is mostly used for LANs.
6. Category 5e
This cable is similar to a category 5 cable but can support up to (1024 Mb 1 gigabit per second) transmission
speed.
7. Category 6
This cable is the fastest copper cable. The speed of this cable is 10Gbps and it is said to be made out of the best
copper material.
Cable Pin outs
There are two basic pin outs used in the cabling the Ethernet cables. The cables are connected to the computer
using a RJ45 connector which is a standard defined by the TIA (Telecommunication Industry Association)
1. Straight Cable
2. Cross-Over Cable
In a straight cable, the pins on the sender match the pins on the receiver. For Example, suppose pin no 1 is used
for sending data and pin no 5 is used for receiving, then it is obvious that if communication is taking place from one
computer to another computer without any interconnecting devices, then, the sending pins on the sender side

Cyberoam Academy
3
should be bound to receiving pins on the receiving side, giving rise to a cross over cable. At the initial level, we can
remember that if no switching devices are used, a cross over cable is used for computer to computer
communication (peer to peer) and a straight cable is used for communication between computer and other devices
like switches, hubs, and more.
The Straight and Cross-over terminologies apply to cables Category 5 and 6 cables only. Each cable consists of
four basic colors (Blue, Brown, Orange, and Green) with their corresponding white colored wires known as White-
Blue, White-Brown, White-Orange and White-Green.
The pin numbers on the connector can be understood from the diagram below.
The cabling method according to the TIA standard can be understood from the below tables.
Straight Through cable
RJ45 Pin # (End 1) Wire Color Wire Diagram RJ45 Pin # (End 2) Wire Color Wire Diagram
1 White/Green 1 White/Green

2 Green 2 Green

3 White/Orange 3 White/Orange

4 Blue 4 Blue

5 White/Blue 5 White/Blue

6 Orange 6 Orange

7 White/Brown 7 White/Brown

8 Brown 8 Brown

Cross Over cable Table
RJ45 Pin # (End 1) Wire Color Wire Diagram RJ45 Pin # (End 2) Wire Color Wire Diagram
1 White/Green 1 White/Orange

2 Green 2 Orange

3 White/Orange 3 White/Green

4 Blue 4 Blue

5 White/Blue 5 White/Blue

6 Orange 6 Green

7 White/Brown 7 White/Brown

8 Brown 8 Brown

STP Cable
A shielded twisted pair cable has a protective shield (covering) within which the two ends of the wire run the entire
length. A STP cable can be thought of as a UTP but with a jacketing. A shielded twisted pair has a metal foil or a
braided-mesh covering the insulated wires. The major application of the STP cable is the electric industry. This
cable is mostly used for powering up electrical devices. However, many ISPs also use this type of cable to
terminate the broadband link at customer premises.

Cyberoam Academy
4

Co-Axial Cable
A co-axial cable consists of a center wire which is surrounded by an insulation which in turn is surrounded by a
braided wire and a shield above the braided wire. This type of cable is primarily used for cable television. This
cable can also be used computer networks where high amount of data transfer is required, as this cable has a high
frequency.

Fiber Optic Cable
A fiber optic cable works on the principle of reflection of light. We know that light travels at a very fast speed.
Hence, communication can also be done in the form of light waves using the fiber optic cable. The structure of this
cable includes a sheath of glass covered by an outer glass. The light travels through the core of the wire by
reflecting over the surfaces of the glass and hence reaches the destination. Fiber cables are used in computer
communication. Many other devices like audio players also use the fiber cables known as SPDIF (Sony Philips
Digital Interface).

Cyberoam Academy
5

Unguided Media
The unguided media is usually the wireless medium and it can be in the form of radio waves and micro waves. The
wireless media can broadly be classified into following categories
Wi-Fi
Wi-Fi is a wireless technology which allows user to send and receive data using radio waves. Wi-Fi can also
provide intra-network and the Internet. The products complying to Wi-Fi define Wi-Fi as a Wireless Local Area
Network (WLAN), To check if any device provides a Wi-Fi standard, we can check for the Wi-Fi logo on the device.
Wi-Fi is an abbreviated term actually used for WLAN.

3G
3G or 3
rd
Generation mobile telecommunication is standard for mobile phones and mobile telecommunication
giving services like wireless telephone, mobile internet, and Mobile TV.
4G
4G or 4
th
Generation mobile telecommunication is a successor of the 3G technology. A 4G system provides very
high speed internet access wirelessly.
Wi-max
Wi-Max (World Interoperability for Microwave Access) is a standard in wireless communication which results into
very high speed of data transfer, wirelessly. It is a part of the 4G (4
th
Generation) wireless technology.
Modes of Transmission
There are three types of strategies used for data transmission between two communicating machines
1. Simplex
2. Half Duplex
3. Full Duplex

In simplex type of communication, the data transfer is done in one way only. A data can travel from point A to point
B only but the reverse does not apply true. Example of a simplex type of communication is a door-bell. A door-bell
only informs the housemates that there is someone at the door, however, the housemates cannot inform anything
to the visitor.
In Half Duplex mode, the line between the two points is set up in such a fashion that it allows data to be
transferred in both the directions, but only one at a time. While one node is busy sending the data, the other cannot
send and vice-versa. Example of half-duplex type of communication can be considered as a hanging bridge where
only one person can pass at a time. People can move in both the directions, but at any time, people moving in one

Cyberoam Academy
6
direction are only allowed. Another example can be of a single way road with traffic controllers at each end.
In Full Duplex mode, the line between the nodes is set up to remove the features not provided by the half duplex
mode. In this mode, the communication can happen in either way irrespective whether the receiver is sending or
receiving the data. Example of this type of transmission can be a freeway. On a freeway, the traffic is allowed to
move in both the directions at the same time.

How systems on different platforms communicate?
Before we continue to elaborate more on communication in network, it is important for us to know how systems
using different platforms communication with each other. For example, we can consider a Linux system and a
Windows system. A windows system uses different terminologies than a Linux system, so we can say that there is
no communication possible between these two systems. A similar case can be considered if two systems are
working with different speaking languages. Well, if the above cases were true, there would have been no
communication in the world and it would lead to monopoly in the market. Like, if we bought a Windows product, we
would be forced to use only devices capable with windows and never be able to switch to another Operating
System. Thankfully, this is not a scenario. ARP (Address Resolution Protocol) is used to find out the physical
location of a computer. Each computer on a network has a different address, because each computer cannot have
a unique name. We know that a computer at address 1 is johns computer. It is the work of ARP to convert the
address 1 to johns computer and johns computer to address 1 when the communication is happens in the
network. We shall see more on how the communication is done in detail, in the later parts of this module.
Standardization
Standardization is a set of rules laid down by standards organizations which has to be followed by any vendor
relating a technical standard, specification, a test method, procedure, or definition, etc. So using any system does
not matter, deep down under, the communicating technologies and messages are system independent. There are
several standards organizations already in place which we shall discuss henceforth.
Standards Organizations
Standards are developed by extending co-operations from standards creation committees, vendor committees, and
government regulatory agencies.

Cyberoam Academy
7
ISO
ISO (International Standards Organization) is a multinational body whose creation standards committees are
governed by governments throughout the world. It was founded in 1947 and its headquarters are in Geneva,
Switzerland. ISO's main products are international standards. ISO also publishes technical reports, technical
specifications, publicly available specifications, technical corrigenda, and guides. ISOs most propriety solution to
computer networking is the OSI Reference model which talks about connecting two systems with open interfaces.
We shall be discussing the OSI Reference Model details in the later part of this module.
ITU
ITU (International Telecommunications Union) coordinates the standards for telecommunication. The
standardization work of ITU starts from 1865 with the birth of telegraph machine, however its real existence started
in 1947 when the United Nations recognized it as a specialized agency. Like ISO, ITU also has the committees
which are governed by governments across the globe. The most common standards given by ITU are the coding
of JPEG images. It also has a vital role in complying the OSI Reference Model.
IEEE
IEEE (Institute of Electrical and Electronics Engineers) also pronounced as I-Triple E has its headquarters in New
York City. IEEE is a not-for-profit organization founded in 1963 as a merger or IRE (Institute of Radio Engineers)
and AIEE (American Institute of Electrical Engineers). IEEE's Constitution defines the purposes of the organization
as "scientific and educational, directed towards the advancement of theory and practice of Electrical, Electronics,
Communications and Computer Engineering, as well as Computer Science.
IETF
IETF (Internet Engineering Task Force) develops and promotes internet standards. It generally works by creating
standards that apply to the Internet and improves the usability of the Internet. IETF publishes a memorandum
known as RFC (Request For Comments) which describes the methods, behaviors, research, or innovations that
are applicable to the working of Internet. Each RFC is assigned a unique serial number, once published the RFC is
not modified. If the RFC document requires revisions, the authors publish a revised document. Every standard has
at least one RFC memorandum and we can refer the RFC to know the exact design and working of the process.
For example, the protocol which drives the Internet (IP) is documented under RFC 791, prepared on September
1981.
OSI Reference Model
When the linking of computers started, it was difficult to move information from end points, so in the early 1980s
there was a need to develop a standardized network model which would help vendors to develop interpretable
network devices.
The OSI (Open Systems Interconnection) Reference Model is developed by the ISO (International Standards
Organization). It is a seven layered model showing the interconnection between two systems (Sender & Receiver)
during the communication process. The OSI model describes how the information flows from the application
programs through the network medium to another application program in another computer. The OSI Model has
divided one big problem in seven small problems. The seven layers of the OSI Model are labeled 1 7 and they
are
Layer 1 : Physical Layer
Layer 2 : Data-Link Layer
Layer 3 : Network Layer
Layer 4 : Transport Layer
Layer 5 : Session Layer
Layer 6 : Presentation Layer
Layer 7 : Application Layer

Layer 7 is closest to the user whereas Layer 1 is closest to the Hardware. The OSI Reference Model shows two
open systems and their interconnection which can be seen in the diagram below.

Cyberoam Academy
8

Application Layer
Application Layer (Layer 7), the topmost layer of the OSI reference model, is related to the services that are used
by the user directly such as software for file transfers, database access, and e-mail. In other words, it serves as a
platform through which application processes can access network services. A message to be sent across the
network enters the OSI reference model at this point and exits the OSI reference model's application layer on the
receiving computer. The lower layers support the tasks that are performed at the application layer. These tasks
include general network access, flow control, and error recovery.
Presentation Layer
Presentation Layer (Layer 6), defines the format used to exchange data among networked computers. It can be
thought of as network's translator. When computers from different platformssuch as IBM, Apple, and Sunneed
to communicate, a certain amount of translation must be done. Within the sending computer, the presentation layer
translates data from the format sent down from the application layer into a common intermediary format. At the
receiving computer, this layer translates the intermediary format into a format that can be useful to that computer's
application layer. The presentation layer is responsible for converting protocols, translating data, encrypting data,
and changing or converting the character sets. The presentation layer also manages data compression to reduce
number of bits that need to be transmitted.
Session Layer
Session Layer (Layer 5), opens and closes a connection called session between the communicating computers.
This layer is responsible for name recognition and other functions like security which is needed to transfer the
information from one computer to another. The session layer also synchronizes the user tasks by placing
checkpoints in the stream of data. These checkpoints are then evaluated and broken into smaller groups. If in any
case, the network fails the only data that needs to be transmitted again is the data after the checkpoint.
Transport Layer
Transport Layer (Layer 4), provides additional connection other than provided by session layer which ensures that
the packets delivered are free from any errors, in a sequence without losses or duplication. At the sending end this
layer packages all the messages and divides long messages into smaller packages. At the receiving end this layer
opens the packets, assembles the messages, and sends acknowledgement if required. If a duplicate packet
arrives, this layer will detect and discard it.

Cyberoam Academy
9
Network Layer
Network Layer (Layer 3), is used for converting the logical address of a computer to its physical address. This layer
also determines the path in which the transmitted information will travel on the network. Complex problems like
switching and routing, managing traffic in the network and controlling the congestion of data are done by this layer.
At this level of message communication, we can see the network communication in two categories
1. Connection-oriented
2. Connectionless

Connection-oriented communication is same as telephone communications. With a telephonic call, we pick up
the telephone, dial the number, establish that the person we want to talk to is there, start and carry on our
conversation, say bye, and hang up. For the duration of our conversation, a dedicated connection or a circuit is
established between us and the person we are talking to. No other conversations can take place till our
conversation is complete.
In network terms, we establish a session (a connection with another device on the network). Connection-oriented
communications are said to be reliable. Reliable means the network guarantees that it will deliver our data. It
detects and reports any data that is missing, duplicated, or out of order.

In contrast, connectionless communication is similar compared to mail communications. We compose a letter,
write an address, and put the letter in a mailbox. We do not need to establish that the person we are writing to is
available at the other end. So, the letter might be left at its destination, and the recipient will open, read, and
possibly respond to it. With this type of communication, the order of delivery cannot be predicted.
Connectionless communications are said to be unreliable. Unreliable means that the network does not guarantee
that it will deliver our data. There's no sure way of telling whether a message has been delivered, or whether data
is missing, duplicated, or out of order.
Data Link Layer
Data-Link Layer (Layer 2) sends data frames from the above layer (Network Layer) to the below layer (Physical
Layer). In this layer, the data is in the form of frames. Frames are larger units of data. Frames can also be termed
as collection of bits. At the sending end, this layer converts the frames into bits and passes it on to the Physical
Layer. At the receiving end, this layer converts the bits into frames and passes it on to the Network Layer.
Addressing
Every device on the internet has a unique address. These devices can be a computer, a server, routers, or any
other device which can connect to a network. Addressing is thus a requisite to identify the location of each device
on the network in order to communicate. There are two main categories of address
1. MAC (Link Layer) Address
2. Network Layer Address
MAC (Link Layer) Addresses
These addresses are also known as physical or hardware addresses. The vendors also call this type of addresses
as a MAC (Media Access Control) address. This type of address is always unique and provided along with the NIC
(Network Interface Card) or the networking device. This address is a HEX string of 12 characters with 6 groups,
each containing 2 values. These addresses exist at the data link layer (Layer 2) of the OSI Reference Model. Most
networked devices have only one physical connection and therefore only one link layer address. An example MAC
Address would be 01:23:45:67:89:AB.
Network Layer Addresses
Network layer addresses are virtual or logical addresses. They exist at network layer (Layer 3) of the OSI
Reference Model. Network layer addresses are not necessarily unique; they differ from network to network. Most
commonly used example of network layer addresses is an IP address. These types of addresses are generally in a
hierarchical format which is sorted as the address starts to process. The network layer addresses can be
compared to our home address, when we start reading the address; we can identify the address as we start
reading more. Similarly, the network layer addresses being in a hierarchical form can be sorted because reading
each line narrows the search. The more detailed description of IP addressing is discussed later in this module.

Cyberoam Academy
10
Physical Layer
Physical Layer (Layer 1) transmits and receives raw bits to and from a physical media such as wires. This layer is
completely hardware oriented and maintains the physical link between the communicating computers at all the
times. This layer also defines how the network cables are attached to the NIC (Network Interface Card). For
example, this layer will define how many pins in the network cable will be used and the types of transmission
techniques that will be used.
IP Protocol Suite (TCP/IP Model)
The TCP/IP Model or the IP Protocol Suite was developed prior to the OSI Reference Model, so its structure is not
the same as the OSI Model. There are five layers in the TCP/IP Model.
1. Application
2. Transport
3. Network
4. Data Link
5. Physical

The first four layers of the TCP/IP Model provide physical interface, network interface, internetwork interface and
transport functions which can be related to the first four layers of the OSI Reference Model. The fifth layer
corresponds to the three topmost layers of the OSI Reference Model and is singly known as the Application Layer.

TCP/IP is in a hierarchy made up with interactive modules in which each module provides a special and specific
functionality. It is not necessary that each function is interdependent. The OSI Model in contrast, briefs about what
function is done at each layer. The layers of the TCP/IP model contain independent protocols which can be
bridged when required.
What is an Internetwork?
Internetwork is a term used for networks of networks. Commonly, we can say that an organizations network is its
own private network. On connecting two or more of these networks, it would give rise to an internetwork structure.
The most common example of an internetwork is the Internet. An internetwork in short is also known as an
internet. There is a vast difference between internet and Internet (the one with a capital I). The internet is a
relatively small network made up of several networks, while Internet is a huge network comprising most of the
different types of network in the globe. So, how does this network work? An internet requires a set of rules based
on which a node from one network can communicate with node on another network as shown in the figure below.

Cyberoam Academy
11

The internetwork Communication requires communication rules which are discussed in the topics to follow.
Communication Protocols
Protocols are defined as a set of rules used for communication. They define standardization in the network and
they are language independent. Networking without protocols would lead to monopoly in the market and problem
with communication. To Illustrate, if there were no protocols a person speaking Spanish would not be able to
communicate with a person speaking English, or a person using Windows would never have sent a file to another
one using a Mac or Linux. There are even more instances where the protocols are required, like for example, if we
buy a networking hardware with one vendor, it would not work with network hardware of another vendor.

Protocols can also define the low-level details of machine to machine interface like the order in which bits and
bytes are to be sent across the network and it also defines the high-level exchanges between the programs like the
transfer of a file.

Various protocols are used at different levels of the OSI Reference Model which we can see with the diagram
below. Usually more than one protocols function at the same time to achieve the functionalities of the network.
When more than one protocol is used in the internetworking environment we term it as a protocol stack or protocol
suite.
IP
The IP (Internet Protocol) is a connectionless service to transfer data between the networked devices. Packets are
converted into smaller chunks called datagrams, if the packet size is too large it may be broken down into more
datagrams. A single datagram is sent as an individual entity over the network. Each datagram carries a destination
address and control information. It is routed through the network without establishment of a circuit. A datagram is
divided into a header and a data segment, header segment contains information like the source and destination of
the message and data segment contains the actual data to be transferred. There are two versions of IP (IPv4 &
IPv6) which shall be discussed in this module later on. We can see the IPv4 Packet structure in the diagram below.

Cyberoam Academy
12

IP packets are composed of a header and other fields. The IPv4 packet header consists of:
4 bits for the version either IPv4 or IPv6.
4 bits for Internet Header Length. This field specifies the length of the header, in the multiples of 4 (e.g., 7
means 28 bytes).
8 bits for the Type of Service, also known as Quality of Service (QoS). This describes the priority of the
packet (Low, Medium or High).
16 bits for the total length of the packet (in bytes).
16 bits for an identification tag. This can be used to reconstruct the packet when it is divided into fragments.
3 bits for a flag. This field determines whether the packet can be allowed to be fragmented. (DF: Don't
fragment) the packet will not be allowed to be fragmented, (MF: More Fragments) the packet will be
fragmented into smaller parts.
13 bits for fragment offset. This field identifies the position of fragment. When the IP packet is fragmented
this field can be studied to understand and align the packets in order.
8 bits for Time to live (TTL). This is the number of hops (router, computer or a device in the network) the
packet will pass through before it will die. For example, a packet with a TTL of 8 will be allowed to go through
8 routers to get to its destination before it is discarded. Discarding the Packet is important else there will be
congestion in the network and will lead to deadlocks.
8 bits for the other type protocol associated (TCP, UDP, ICMP, or any other.).
16 bits for the Header Checksum. The checksum is a number used for error detection and rectification.
32 bits for the source IP address,
32 bits for the destination address.
After all the above 160 bits are added to the IP packet, data bits are attached to the header. The data bits
can be of variable length primarily because the data can be more to less.
ICMP
ICMP (Internet Control Message Protocol) is a protocol used mostly by the operating systems of the networked
computers to allow sending of error messages. The error messages can be in the form of service not available,
host cannot be reached, or router cannot be reached and many more. ICMP can also be used to relay messages
on the network when it is combined in the IP packet. The most widely used utility ping is built on the ICMP protocol
rules. Ping sends ICMP request to the target and waits for the ICMP response. During this time, it measures the
time taken to reach the destination
ICMP packet cannot traverse the network as an individual packet, so it requires an IP packet to traverse the
network. The ICMP packet is put in the data header of the IP packet.

Cyberoam Academy
13

TCP
The TCP (Transmission Control Protocol) works with the IP Protocol to provide reliable service. It is the work of the
TCP to rearrange the datagrams which were fragmented into an order. If any datagrams are missing, or they are
out of order, the TCP will ensure that the datagrams are retransmitted. The purpose of the TCP is to check and
avoid the loss, duplication, damage, or delay of packets. When a packet is sent on the IP header alone it is
unreliable, adding TCP to this packet makes it reliable.

UDP
The UDP (User Datagram Protocol) is an alternative to TCP. UDP is available in the TCP/IP Protocol Suite. This
protocol was invented because TCP is more secure and reliable so it is obvious that TCP is more time consuming.
On a network, if less security is desired or security is provided externally and we want that the transfer of
information is fast, the UDP can be achieved to get the required throughput. UDP is a unreliable protocol. Like
ICMP, UDP header is put into the data header of an IP Packet.

Cyberoam Academy
14

Network Types
Based on the geographical expansion, a network can be classified as a LAN (Local Area Network), MAN
(Metropolitan Area Network), or a WAN (Wide Area Network).
LAN
A Local Area Network is a very high speed network that covers a small area like a home, school, computer
laboratory, or an office building. A LAN is used to connect workstations, printers, servers, and other devices. The
basic advantage offered by a LAN is the sharing of resources.
Over the period of time, to access a LAN there are two access methods
1. Ethernet
2. Token Passing
The Ethernet technology uses a CSMA/CD (Carrier Sense Multiple Access with Collision Detection) technique to
transfer data to another node. In CSMA/CD technology, the device which wants to sends the data, senses the
network media to see if any other node is exchanging data, if not, it starts sending the data. After the sending
process is complete, the node then checks if a collision occurred. A collision is said to have occurred when more
than one node tries to transfer data on the network. When a collision occurs, the sender waits for a particular time
and then resends the data. This type of network transmission is limited to a small number of nodes because as the
number of nodes will increase, the collisions will increase. Normally, CSMA/CD networks are half duplex.

In the Token passing technology, the sender passes units, also known as tokens. Tokens are similar to priority
numbers. Each device passes the token before it wants to begin the data transfer. Once the network is free to
transfer the data, the token is then acknowledged, making it a GO signal for the sender to send data. The tokens
are then passed in the network through each device to see if there is no transmission in place.

For the above transmissions to take place, there 3 basic transmission methods used
1. Unicast
2. Multicast
3. Broadcast

In Unicast Transmission, a packet is sent from the source to a single destination. This type of transmission is
generally used when one to one communication is required. The source puts the address of the destination on the
packet, which is then sent to the network and finally reaches the destination. Unicast transmission is generally
used in one to one communication. Example of Unicast is a computer to computer communication or
communication over a mobile phone. In both the cases, there is one sender and one receiver.

Cyberoam Academy
15

In multicast Transmission, a packet is sent from the source to many destinations. This type of transmission is
generally used when one to many communication is required. The source puts the multicast address on the
packet, which is then sent to the network. The network creates the copies of the packets and delivers it to the
destinations. Multicast is done on a selected audience. Mulicast can be reliable or non-reliable type of
communication depending on what the user chooses. Example, a group call over mobile, or sending information to
many (not all) computers on a network.

In Broadcast Transmission, a packet is sent from the source to all destinations. This type of transmission is
generally used when one to many (all) communication is required. The source puts the broadcast address on the
packet, which is then sent to the network. The network creates the copies of the packets and delivers it to all the
destinations. A broadcast is generally intended for all the audience. A broadcast is always a non reliable type of
communication. Example of broadcast is the radio or television channel. A television channel is available to all its
subscribers. However, if the subscriber doesnt receive the signals, the television channel doesnt guarantee the
communication.

Cyberoam Academy
16

There are many different ways of connecting the computers together in a network, which gives rise to a Topology.
Topology defines the way a network is designed physically and logically. When two or more devices are connected
in a network, the links form a topology. The topology is hence a geometric representation of all links in a network
and their relationships with each other. There are five basic topologies possible for linking nodes in a network.
1. Mesh
2. Star
3. Tree
4. Bus
5. Ring
Mesh
In a mesh topology, every device of the network is connected to every other device of the network with a dedicated
link. A fully connected mesh network will have n-1 total links at each node where n is the total number of nodes in
the network. The total number of links in the network can hence be given by the formula below.

Where n is the total number of links in the network

Star
In a star topology, each device has a dedicated link to a central controller, generally known as a hub. Unlike mesh
topology, the devices are not connected to each other directly but with the help of a controller. If any device wants
to communicate, it first sends the data to the controller and the controller than identifies the destination and
transmits the data. The major difference between the mesh and star is the number of links. In a star topology the
number of links needed is exactly n where n is the total number of devices on the network.

Cyberoam Academy
17
Tree
Tree is a variation of the star topology. As in a star, nodes of a tree are linked to central hubs which control the
network traffic. Each device does not plug directly to the central hub, majority of the devices are connected to the
secondary hub which in turn is connected to the primary hub. The central hub is known as an active hub. The
active hub has a repeater in it which regenerates and transmits the received signal. Active hubs are then
connected to the passive hubs which provide simple physical connection between all the devices.

Bus
Bus topology is a multipoint connection topology. In this topology one cable acts as a backbone to link all the
devices in the network. All the nodes on the network are connected to each other by traversing the main cable
(Backbone). A good quality cable with higher bandwidth is used for the backbone while, normal cables are used
for connecting the other nodes.

Ring
In a ring topology each device on the network has a dedicated link with two other devices on either side of it. A
signal passes along the ring in one direction traversing each link as it reaches from the source to the destination. A
ring topology is easy to install and reconfigure.

Cyberoam Academy
18
Hybrid topology
A hybrid topology is a mixture of more than any one topology from the above stated topologies. For example, if we
are connecting many networks, one network might be using a star while another network might want to use a ring.
Hence, the overall network formed by interconnecting these networks will be a hybrid topology.

Comparing Topologies
Below is the chart which states the comparison of all the topologies stated above.
Feature Mesh Star Tree Bus Ring
Cost
Highest Lower
compared to
Mesh
Higher than
star, lower than
mesh
Lower than mesh,
star, and bus
Lowest
Adding a node Very difficult, as
each node has
to be connected
with n-1 links,
and n-1 nodes
have to add one
more link
Easy, only one
link is added to
the hub,
provided the
hub has a
reserved space
to add a link.
Easy, as there
are more hubs
so we can find
an empty space
in any of the
passive hubs
Easy, but if the
threshold is
already reached,
there will be a
need to change
the backbone
cable.
Medium, to add
one node, two
existing nodes
have to be
disconnected and
a link has to be
formed between
the new and the
two existing
nodes.
Removing a node Difficult, as at
each node the
link has to be
removed.
Easy, only one
link has to be
removed.
Easy, only one
link has to be
removed.
Easy, only one
has to be
removed, but it
can lead to
wastage of the
higher bandwidth
backbone.
Medium, as after
removing one
node, a new link
has to
established
between the
existing nodes on
its either side.
Failure of a single
node
Does not affect
the other nodes,
only the node at
which failure has
occurred will be
affected.
Does not affect
the other nodes,
only the node at
which failure
has occurred
will be affected.
Does not affect
the other nodes,
only the node at
which failure
has occurred
will be affected.
Does not affect the
other nodes, only
the node at which
failure has
occurred will be
affected. However,
if the backbone is
affected, all
communication is
affected.
Does not affect
the other nodes,
only the node at
which failure has
occurred will be
affected.
However, the
overall speed of
the network is
affected.

Cyberoam Academy
19
Speed of
communication
High speed as
the nodes are
directly
connected.
High speed but
not higher than
mesh.
High speed but
not higher than
mesh.
High speed at
neighbours but
speed can be
reduced if
communication is
done end to end.
The speed is also
dependent on the
availability of the
backbone.
Slowest as
compared to all
the others as the
devices have to
traverse all the
other devices on
the network.

As seen from the topologies above, we require special devices to connect the nodes of a network, these devices
are known as interconnecting devices. More detailed description about each interconnecting device is given in
the topics to follow.
Interconnecting Devices
In this section we shall see how devices are connected to an internetwork for achieving data transfer. The OSI
Reference Model has provided a representation of how the data moves in the network. It can be taken as a basis
for analyzing the network strategy. The relation of various devices to the OSI Model can be shown by the figure
below.

Gateways
Gateways operate at the Session, Presentation, and Application layers of the OSI Reference Model. The major
task of the gateway is to connect different networking environments. Gateways can be application specific or
network configuration dependent, and they may use a protocol convertor for translating a set of protocols to
another.
Routers
Routers operate at the network layer (Layer 3) of the OSI Reference Model. They connect network to internetworks
which are physically unified. On successful connection, the identity of each network is retained as a separate
networking environment. A routers primary purpose is to find the best path between the internetwork to forward
and store packets.
Bridges
Bridges operate at the data link layer (Layer 2) of the OSI Reference Model. They connect a similar type of network
environment into logical and physical internetworks. Bridges are used to store and forward the frames to the end
points. Bridges also inspect the frames and decide whether to forward or discard.
Repeaters
Repeaters operate at the physical layer (Layer 1) of the OSI Reference Model. Repeaters receive the transmission
in form of raw bits and regenerate them by boosting the level (Amplitude) so as to increase the geographical
coverage of the network because physical signals can only span a limited distance before the quality of service is
affected.

Cyberoam Academy
20

MAN
A MAN (Metropolitan Area Network) has a wider scope than a LAN. A MAN spreads into a wider area than a LAN
and can be used to connect computers within a few kilometers or expanding up to the length of a city. The
topologies, interconnecting devices, and transmission technologies of the MAN remain the same as that of a LAN.
A general comparison between LAN, MAN & WAN can be seen from the figure below.

WAN
WAN (Wide Area Network) is a name given to a network which has a larger range than a LAN & MAN. Businesses
that are spread worldwide have their networks connected via WAN. However, to know the WAN, a very practical
example is that of the Internet. The Internet uses the WAN technology to connect computers all over the globe.
A WAN can have different types of connections based on which the data transfer takes place between the nodes.
Few types of connections used with a WAN are

Point to point
Circuit switching
Packet switching
Point to Point WAN
A point to point WAN link is a single link shared between the end points. Generally this type of link can be seen in
the telephone lines. In telephone line based links, the customer is directly connected to the ISP devices through his
telephone line. These types of lines have to be leased from a carrier and therefore we can also call these types of
lines as leased lines. As we discuss more, we shall come across more types of WAN connections, but it is
important to remember that the Point-to-Point links are more expensive than any other WAN link. From the figure
below we can see the point to point WAN link.
Circuit Switching WAN
In a circuit switching network, a virtual circuit is developed between the communicating hosts for the period of
communication. Circuit switching can be compared directly with the telephone network. In a telephone network,

Cyberoam Academy
21
when a call is made from one telephone to another, the telephone exchange creates a continuous wire circuit
between the two telephones. This circuit remains in place till the call lasts. The circuit switching technique gives
entire bandwidth of the channel till the connection is established. However, the major weak point of this switching
technology is that, if the node has a slow communication rate, or pauses for a while during communication, the
entire bandwidth may be wasted. Also, when two nodes have established a circuit, the other communicating nodes
have to wait until the channel is free for communication.

Packet Switching
In packet switching technique, the data to be transferred is broken down into smaller units known as packets.
Unlike circuit switching technique, packet switching does not establish a dedicated connection between the sender
and the receiver. All packets are of the same data size and hence at the sender end, buffering of data takes place.
When the buffer reaches the size of packet it is then sent across the network. There are two major packet
switching modes which we have already discussed earlier (connection oriented communication mode and
connectionless communication mode).

WAN Interconnecting Devices
A WAN is made up of several communicating LANs. A WAN is therefore made up of several interconnecting
devices. We shall discuss the WAN interconnecting devices in the topics to follow.
WAN Switch
A WAN switch is a device with many ports used to divert network traffic from source to destination. However, it
may be noted that from end to end communication, there can be presence of more than one WAN switch. The
WAN switch operates at the data link layer (Layer 2) of the OSI Reference Model.

Cyberoam Academy
22

Modem
A modem (Modulator Demodulator) converts the digital signals to analog and vice-versa over a telephone line. A
modem hence enables a user to connect through the Internet. A modem connecting though a WAN converts the
analog carrier signals to digital signals which can be interpreted by the computers. Hence, when using modems to
communicate in a network, we require a modem at each end of communication. From the below figure, we can see
the working of the modem.

IP Addressing
Every device on the Internetwork is assigned a unique address. These devices may be personal computers,
communications servers, ports on a communications server, internetwork routers, or network control servers.
Some devices, such as routers, have physical connections to more than one network, and they must normally be
assigned a unique internet address for every network connection. The internet hence behaves like a virtual
network, using the assigned addresses when sending or receiving packets of information. There are two versions
of IP Addresses namely IPv4 and IPv6. In the topics to follow, we shall see how the number of unique IP
Addresses is limited in IPv4 and how we can get over it using IPv6.
IPv4
Each internetworking address has a 32 bit address field which is split into two parts. The first part identifies the
network on which the communicating host is located and the second specifies identifies the communication host
itself. Therefore, the hosts attached to same network share a common prefix which designates their network
number.
Classes of IP Address
There are in all five classes of IP addresses. Each class begins with a unique bit pattern used by the Internet
software on network hosts to identify the class of the address. Once the internet software has identified address
class, it can easily find out which bits represent network number and which bits represent the host portion. Any of
the address classes can be used in a private TCP/IP network, provided that connections outside of that private

Cyberoam Academy
23
network (to other TCP/IP networks) are never going to be needed. If a private IP addressing number scheme is
established within a private corporate network, connections out of that network to external public or other private
TCP/IP networks can be achieved via a computer which has software enabling it to act as an IP gateway. This will,
provide the IP numbering/address translation between the interconnecting networks.
Class A
A Class A address has the order of the highest bit set to zero and it has a 24 bit local host address. So the number
of bits used to identify the network is 7 bits. Class A addressing can specify up to 2
7
(128) networks and a total of
2
24
(16,777,216) devices including hosts per network. In the actual scenario, a network cannot have 0 and 255 as
ending bit address, so the maximum number of specified networks is 126 and the maximum number of devices
including hosts is 16,777,214.
Class B
A Class B address has the order of the highest and the second highest bit set to 1-0, so it has a 16 bit local host
address. The number of bits used to identify the network is 14 bits. Class B addressing can specify up to
2
14
(16,384) networks and a total of 2
16
(65,536) devices including hosts per network. In the actual scenario, a
network cannot have 0 and 255 as ending bit address, so the maximum number of specified networks is 16,382
and the maximum number of devices including hosts is 65,534.
Class C
A Class C address has the order of the highest three bits set to 1-1-0, so it has a 8 bit local host address. The
number of bits used to identify the network is 21 bits. Class C addressing can specify up to 2
21
(2,097,152)
networks and a total of 2
8
(256) devices including hosts per network. In the actual scenario, a network cannot have
0 and 255 as ending bit address, so the maximum number of specified networks is 2,097,152 and the maximum
number of devices including hosts is 254.
Class D
The Class D addresses are reserved as multicast addresses and they are generally used by the hardware devices
on the network. These addresses have the highest four set to 1-1-1-0. They are used to identify a group of
computers/devices in a network which run a common application program or network software.
Class E
The Class E IP address has the highest five bits set to 1-1-1-1-0. It is currently reserved for use in future.
In all the above classes the last set of bits cannot contain 0 and
255 as device address because they are reserved as
broadcasting address.
Understanding the IP Notation
IP Addresses are specified in four sets of decimal numbers separated by a dot. This format is also known as a
dotted decimal notation.

The notation hence divides the 32 bit IP Address into 4 groups of 8 bits also known as octets. The addresses are in
the form of <network><host> when viewed in a binary notation. A mask determines how much part of the address
belongs to the network and how much to the host. A standard Class B addresss mask is 255.255.0.0. The first two
octets are for the network and the last two are for hosts. In binary notation we can view this mask as
11111111.11111111.00000000.00000000
Similarly for a Class C address, the mask is 255.255.255.0 which specifies that only the last octet can be used for
hosts and devices. Therefore it has only 256 addresses that can be used for hosts and devices. In actual scenario,
in the last octet xxx.xxx.xxx.0 and xxx.xxx.xxx.255 are not usable and hence only 254 addresses are finally usable.

Cyberoam Academy
24

Valid network numbers for classes A to D are given below where xxx represents the host portion of the address
which is assigned by the network administrator.
Class A : 001.xxx.xxx.xxx to 126.xxx.xxx.xxx
Class B : 128.001.xxx.xxx to 191.254.xxx.xxx
Class C : 192.000.000.xxx to 223.255.254.xxx
Class D : 224.000.000.000 to 239.255.255.255
Subnetting & Subnet Masks
As we have seen till now, an IP Address is 32 bit and it is divided into two parts: the network identifier and host
identifier. There is a major benefit when the IP Addressing scheme like this is used.
Routing tables need to store only the routes to each network and not the hosts/devices.
Host addresses can be manually assigned by a local administrator instead of a central site.
However, there has been a tremendous growth in the number of devices and networks thus leading to a growth in
the IP addresses. So, instead of the two levels (Network and Host) hierarchy, a three level structure (Network,
Host, and Subnet) was created. The subnet structure of the network is not visible to the outside group of networks
making the subnets as an autonomous system.

A subnet mask allows the host portion of an IP Address to be divided into two parts: Subnet number and the host
number on that subnet. Example of a three level structure of an IP Address can be seen from the figure below.

Cyberoam Academy
25

In the figure above, the subnet mask bits which are set to 0 identify the subnet host number and the subnet mask
bits set to 1 identify the network number and some part of the subnet number.

A worked example
Suppose we have been allocated a Class C IP Address range of 192.1.2.0 and we need to establish two subnets
each of which must support up to 50 hosts.
The workaround is
1. Express the IP Address in binary format
192.1.2.0 = 11000000.00000001.00000010.00000000
2. We need two subnets so choosing the binary combination of 01 and 10 we get
11000000.00000001.00000010.01000000
11000000.00000001.00000010.10000000
3. Define a subnet with all network subnet bits set to 1 and host bits set to 0
Network number: 11000000.00000001.00000010.00000000 = 192.1.2.0
Subnet Mask: 11111111.11111111.11111111.11000000 = 255.255.255.192
4. Assigning the host address
Subnet 1:
192.1.2.64: 11000000.00000001.00000010.01000000
Low Address:
192.1.2.65: 11000000.00000001.00000010.01000001
High Address:
192.1.2.114: 11000000.00000001.00000010.01110010
5. Subnet 2:
192.1.2.116: 11000000.00000001.00000010.01110100
Low Address:
192.1.2.117: 11000000.00000001.00000010.01110101
High Address:
192.1.2.166: 11000000.00000001.00000010.10100110
Till this point we only know that the subnets can be changed in bits in the multiples of 8. That is, for a Class A
address, the default is 255.0.0.0 or 11111111.00000000.00000000.00000000, for a Class B address, the default is
255.255.0.0 or 11111111.11111111.00000000.00000000, and for a Class C address, the default is 255.255.255.0
or 11111111.11111111.11111111.00000000. Using a CIDR (Classless Inter Domain routing) we can write an IP
address with its CIDR notation, instead of writing the subnet. Eg. A 192.168.0.1 IP address with subnet
255.255.255.0 can be written as 192.168.0.1/24, it means that in the subnet, the first 24 bits are set to 1 (as a
network address). In a similar way, we can have variable lengths of bits in a subnet mask too. These are known as
VLSM (Variable Length Subnet Masks). For example, given a network scenario where we want to have 20 hosts
each on 5 different subnets with Class C IP address, we can choose the following exercise.
1. We know its a Class C IP Address so the number of bits to be set to 1 is at least 24
(11111111.11111111.11111111.00000000 or 255.255.255.0). We also know that we need 30
hosts only per network, therefore we can use 5 bits for the host address and 27 bits for network
address, writing in the CIDR we shall use /27 addresses.
We shall be altering the 25
th
, 26
th
, and 27
th
bit to 001, 010, 011, 100, and 101 to get the subnets.
2. This would give rise to 5 different subnets. The five subnets as a result as
11111111.11111111.11111111.00100000 (255.255.255.32)
11111111.11111111.11111111.01000000 (255.255.255.64)
11111111.11111111.11111111.01100000 (255.255.255.96)
11111111.11111111.11111111.10000000 (255.255.255.128)
11111111.11111111.11111111.10100000 (255.255.255.160)
3. In each subnet we can have hosts having Class C IP Address starting from 1 to 31, like for
example 192.168.1.1 192.168.1.31
Check Your Progress
The exercises below will help you to check your progress on sub-netting.
Fill the table below
Prefix Decimal Mask Total Addresses Usable Addresses
/24 255.255.255.0 256
/30 4 2

Cyberoam Academy
26
/22 255.255.252.0
/16
/19 255.255.224.0

IP Address Mask Network IP Address Broadcast IP Address
192.168.1.1 255.255.255.0
192.168.1.1 255.255.0.0
192.168.1.1 /30
10.10.1.1 /24
10.10.1.1 255.255.254.0
10.10.1.1 /26
IPv6
IPv6 is a new version of the IP protocol. In the explanation below we shall see how and why IPv6 evolved.
The need
In the modern era, the Internet is not only limited to computers/laptops, most of us also use Internet on the
cell phones and tablets. Due to this wide spread and easy availability of Internet, there is a need to give each
device a unique IP address.
Considering IPv4 address space which is 32 bits i.e. 00001111000011110000111100001111 the maximum
possible number of addresses that can be assigned uniquely to each device with all permutations and
combinations are 232 which comes to an approximate of 4.3 billion only.
Using this address space and considering the number of devices that use Internet, the 4.3 billion IP
addresses will be used up very soon and there will no unique IP address which can be given to a new
device.
Therefore, there arose a need to define an address space which has more than 4.3 billion addresses.
To overcome this address problem, IPv6 protocol was documented in RFC 1883 in December 1995. 6th
June, 2012 is marked as the world IPv6 launch day when most of ISPs in the world implemented IPv6 in
their networks.
The total number of population using IPv6 as on November 2012 is 1%.
Header
IPv6 by far exceeds it former in many ways and hence is advantageous. IPv6 header is 128 bits and hence has
much more address space than IPv4. Calculating the address space we can now have 2128 (3.4 X e38) unique
addresses for assigning to each and every node connected to the Internet. Modifications are also done in the
structure of IPv6 header so as it make it faster to process. Few fields from the IPv4 have been removed while a
new field is added and a few field places have been changed. Below we see the comparison of IPv4 with IPv6
header.

Cyberoam Academy
27

The traditional IPv4 header fields like Version, source and destination address are still found on the IPv6 header.

The type-of-service, total length, time-to-live and protocol fields have been changed to traffic class, payload length,
next header and hop limit in IPv6. Flow label is a new field in IPv6. IPv6 Header is quite different than the IPv4
header. IPv6 is said to be less memory occupying as it does not have so many fields as the IPv4. This makes the
processing of packet faster and hence the communication also.
Advantage
IPv6 is designed for serverless autoconfiguration, this means IPv6 hosts will configure themselves with unique IPv6
address with Router Advertisements. Often, there will be no need of DHCP, however if a DHCP server exists, an
address from the available pool will be fetched. An IPv6 address is separated by eight groups of quartets
separated by a colon. An example IPv6 address is 0123:4567:89AB:CDEF:0123:4567:89AB:CDEF
Transition & Working
IPv6 as we know will take over its predecessor IPv4, however this cannot happen overnight. Hence, until the IPv6
implementation is not completed, there is a need of a mechanism (technique) which can allow both the IP versions
to co-exist and communicate. The techniques implemented for IPv4 IPv6 transition can be majorly categorized
into

Dual Stack
This technique is used to allow IPv4 and IPv6 co-exist in the same device as well as networks. This implementation
is done at the software level in the operating system and NIC drivers.

Tunneling
Tunneling is the technique used when up-gradation of hosts takes place. Since all the upgrading cannot be done at
the same time, hence tunneling algorithms allow IPv4 networks and hosts to communicate with IPv6 networks and
hosts. A working example of each terminology and technique is shown in the working section below.

Translation
This technique is used for allowing the communication from IPv6-only devices to IPv4-only devices.
Working
IPv6 is described in the RFC document 2460. The size of the packets has also increased in IPv6. A normal IPv4
can carry (216-1) 65535 octets of payload, however with IPv6 it can be as large as (232-1) 4,294,967,295
octets. The IPv6 address is represented in 8 groups of 16 bit values. Each group is represented in 4 hexadecimal
digits and separated by colons.
IPv6 address can be abbreviated by removing the zeroes from the group of hexadecimals and if an entire group is
zero, it can be omitted. If more than one group is zeroes, it can be omitted by putting double semicolons (::).
Example 2012:056F:0000:0000:0000:ef23:0056:5097, can be written as 2012:56F::ef23:56:5097

IPv6 reserved addresses Unspecified address This is an address with all the bits set to 0, i.e.
0000:0000:0000:0000:0000:0000:0000:0000 or ::/128. This type of address is to be used by a software before it

Cyberoam Academy
28
learns the actual IP address of the host. This type of address should never be assigned to an interface. Routers
should not be forwarding these packets.

Link local address or the loopback address, used to identify the host itself (IPv4 127.0.0.1) is given as ::1/128 in
IPv6.

IPv6 communication: Understanding the IPv6 communication is little complex but definitely not hard. Let us take
the following scenarios
Communication from an IPv6 host to an IPv6 host over IPv6 channel (end to end IPv6)
Communication from IPv6 host to IPv6 host over IPv4 channel.
Communication from IPv6 host to IPv4 host

In scenario 1, since the communication is on IPv6 from end to end, there is no involvement of any conversion
mechanism.

In scenario 2, the communication is on IPv6 at the ends however the channel in between is over IPv4, hence, the
router at the sending end will put all the IPv6 frames inside an IPv4 packet. At the receiving end, when the router
forwards the packet to IPv6 host, it will add 2002::IPv4 in hex.. ie. If the address is 192.168.1.1 then the binary is
11000000.10101000.00000001.00000001, the hex of this code is C0A8:0101. The router at receiving end will
forward the traffic to IPv6 host with IPv6 address (2002::C0A8:0101). 2002 address space in IPv6 is reserved for 4
to 6 translation. When the receiver in IPv6 receives a packet whose address is 2002::, it will strip off 2002 to see
the IPv4 address. In this scenario, the IPv6 packet is within the IPv4 packet. Hence, the receiver will notice the
IPv4 packet and read the IPv6 packet within.
The mechanism deployed at the sending end is 6 in 4 (sending IPv6 in IPv4 packet), at the receiving end it is 4 in 6

Cyberoam Academy
29
(sending IPv4 in IPv6 by prefixing 2002::)

In scenario 3, the communication is between IPv6 host and IPv4 host. In this case, the router will send all the
information to IPv4 host by changing to an IPv4. In the reverse direction, the traffic coming from IPv4 to IPv6 will
be designated in IPv6 with first 80 bits set to 0, the 16 bits to FFFF and remaining will be the IPv4 address in Hex.
Eg. If the traffic is sent from 192.168.1.1 then the receiving IPv6 host will see it as
0000:0000:0000:0000:0000:FFFF:C0A8:0101 or ::FFFF:C0A8:0101.

This terminology is known as 6 to 4 at the sending end and 4 to 6 for the receiving end. However, for bidirectional
traffic flow, a dual stack implementation is required. Dual stack implementation has the 6 to 4 conversion on the
host itself.

This can be checked on a windows computer by going to command line and using netsh.

This justifies that dual stack implementation is ON on this host and it can convert 6 to 4. 4 to 6 conversion is to be
done by the router, and a host cannot understand 4 to 6 (because it is implemented on IPv6) it cannot understand
the IPv4 traffic.
Multiple Protocols within the same packet Enveloping
Generally, many protocols work simultaneously to achieve complete network functionalities. When many protocols
work together they are known to be members of a protocol stack or protocol suite. Data to be transported in the
network is split into packets which contain information for checking, addressing, and other purposes. When
multiple protocols are used the control information is appended to the data in a sequential order in which they fall
on the OSI Reference Model (the higher layer protocol first, followed by the lower layer protocols). This process is
called enveloping.

Cyberoam Academy
30

The pattern of enveloping shown above is common in most of the cases but the tasks assigned to each protocol
differs from vendor to vendor.
Application Protocols
Protocols are used in each application like Chat, IM, Browser, and much more. Any application working with the
protocols will use the basic protocols like TCP, UDP or IP and the application protocol is embedded into the data
header of the base protocol. Below we shall see some of the application protocols and their use.
HTTP
HTTP (HyperText Transfer Protocol) is mainly used to transfer data from the WWW (World Wide Web). This
protocol is called HyperText Transfer Protocol because it can rapidly jump from one document to another in a
hypertext environment, like we see in the website pages. This protocol works on TCP because it transfer files from
one location to another. The general working of this protocol is on port number 80, but it can be configured to work
on different ports. The most common version of HTTP protocol used is the HTTP 1.1 which is specified in RFC
2616.
HTTPS
HTTPS (also known as HTTP Secured) is used to transfer files securely. When we talk about security the HTTPS
protocol transfers the files in an encrypted form and decrypts it at the receiving end. This makes the working of
protocol a bit difficult but easy for transferring sensitive information like user passwords, financial details, etc. The
HTTPS uses TCP port number 443 by default, but it can be configured to use different ports if needed. HTTPS
should not be confused with Secured HTTP (S-HTTP), later was not used much and became non-existent. HTTPS
is specified in the RFC 2818 whereas S-HTTP is specified in RFC 2660.

The HTTP and HTTPS are used to browse web sites and generally used in the URL (Uniform Resource Locator).
We can locate any website by its URL (the address that we key into the address bar of the browser). The URL of
HTTP site will always start with an http://websitename.domainname, whereas the URL of an HTTPS site will
start with https://websitename.domainname.

SMTP
SMTP (Simple Mail Transfer Protocol) is an email transmission protocol used across IP networks. SMTP is used in
outgoing mail and it uses TCP port number 25 for all outgoing email communication by default. A secured SMTP is
known as SMTPS and it uses port 587 for all outgoing email communications. The final updated version of SMTP
is documented in RFC 5321.
POP/POP3
POP (Post Office Protocol) is used by email clients to fetch emails from the email server. The POP came into use
for using email clients like Microsoft Outlook, or Mozila Thunderbird. In these applications the user is not required
to log into the web server, whilst once the users credentials are provided into the application, the application itself
will fetch the emails. POP supports simple download and delete type of mechanism, it connects to the web server,
where it has an option to either keep the messages on the server or delete and download them to the users
computer. POP3 is the third version of the POP protocol. POP3 uses TCP port number 110 and is documented in
RFC 1081.
IMAP
IMAP (Internet Message Access Protocol) is an application layer protocol which has the same working as a POP
protocol. The current version of IMAP, IMAP Version 4 Revision 1 is documented in RFC 3501. IMAP works on
port number 143. IMAP supports online as well as offline mode of operation. The major difference between the
POP and IMAP is that, in POP the user stays connected to the mail server only till the downloading of messages is
in progress, while in IMAP, the user is connected to the mail server as long the application interface is open. This

Cyberoam Academy
31
enables IMAP to download messages on demand.

FTP
FTP (File Transfer Protocol) is a standard provided by the TCP/IP for downloading and copying files on the
networked computers because transferring of files in a networked environment is one of the most tedious and
common task. Though transferring of files sounds like a fairly simple and straightforward process, it has many
complications. For example, two computers have their own way to differentiate data and text, or two computers
have different structures of directories, or the file naming conventions on two computers are different.
Telnet
Telnet (TELecommunication NETwork) is a terminal emulation protocol for connecting remote machines. By using
telnet, the user can use the remote machine as a local machine. By default telnet works on port number 23 to
connect the remote machine.
Intercommunication
Till this point we have been talking about a single network and internetworks. We have seen the technologies and
terminologies used for internetworking. From this point onwards, we shall see how communication is done
between the internetworks. Intercommunication is the termed framed for communication between internetworks.
At the roots of communication we know that IP addresses are used to identify each machine on the network
uniquely. However, intercommunication will occur amongst network which may or may not have the same range of
IP Addresses. Secondly, two communicating systems can be on different classes of IP address or different subnet
and hence by the communication principles, we know they will not be able to communicate directly. Therefore, we
need devices that enable the internetwork communication. There are mainly three terminologies that can be used
for internetwork communication (Bridging, Switching, and Routing).

Bridging Internetwork Communication
Bridging is used to extend the area of a network by connecting adjacent LANs. A LAN has its limitation in the form
of maximum number of devices that can be connected and the maximum distance that can be covered by any
LAN. Therefore, to bridge the gap we use a bridge. A bridge is also used to break down a large LAN into smaller
LANs (also known as LAN segments). Creating small segments of a LAN is necessary because in a larger LAN
there will be more traffic and hence the response time is bound to be more. Bridges and routers and the
interconnecting devices used to connect segments of LANs into a large LAN.

Cyberoam Academy
32
Bridging and the OSI Model
Bridging occurs at Layer 2 of the OSI Reference Model (Data Link Layer). A bridge therefore sees the network as a
collection of source and destination addresses. A bridge does not have the knowledge of the paths between the
communicating devices and they have very little communication with the upper layers.
Types of Bridges
Bridges can be categorized by the functions which they provide. A bridge can either be local or remote. Local
bridge is used to provide direct connection between two or more LAN segments within the same area. A remote
bridge can be used to multiple LAN segments in different areas over telecommunication lines, or the Internet. From
the figures below, we will be able to understand the types of bridges clearly. In remote bridging, at least two
bridges will be required to bridge the remote networks, whereas a single bridge can be used in local bridging.

Advantages & Disadvantages of Bridging
Advantages:
More devices can communicate on a bridged network than the number of devices that would be
communicating on a single LAN connected with a bridge.

Cyberoam Academy
33
Bridges extend the geographical length of a LAN hence allowing remote LAN sites to be connected to larger
LANs.
Bridges are simple to install and transparent to users.
Bridges can connect networks over different protocols because they operate below the network layer of the
OSI Reference Model.
Bridges connect LAN segments and so devices can be moved from one segment to another without the
change of an IP Address.
Disadvantages
Bridges cannot understand the redundant network paths and so it means not taking advantage of splitting the
load over network segments.
Bridges can overload the network by increasing the traffic when it receives a frame with unknown address.
Because the bridges do more work than a repeater by processing the MAC addresses, it is slower than a
repeater.
Switching Internetwork Communication
Like bridging, switching also occurs at Layer 2 (Data Link Layer) of the OSI Reference Model. Switches connect
multiple LAN segments and create a single large network. Switches store and forward the frames. There are two
major techniques used by a switch; store and forward, and cut through. When a switch works in store and forward
device, the frames are not sent until an entire frame is received. In cut through type of switching, the switch starts
forwarding a frame when most part of the frame is received. However, it is important to remember that in cut
though type of switching method, the forwarding starts before entire frame is received. There are various types of
switches that we shall see in the topics to follow.
LAN Switching
LAN switching uses the MAC address from the sender to decide where to forward the frames. Layer 2 switching is
a hardware device which means it uses Application Specific Integrated Circuits (ASIC). A LAN Switch maintains
MAC Address tables for maintaining the addresses of senders and destinations. A Layer 2 switch does not change
any information contained in a packet and hence can be used to connect networks with different medias like
Ethernet & Fiber. Similarly switches can also be used to connect networks working at different speeds like 10Mbps
or 1000 Mbps. To see the working of a switch, we can refer the figure given below.

VLAN
VLAN (Virtual LAN) is a group of computers which are logically into the same network as if they were in a LAN but
not physically. The attributes of a VLAN are same as that of a LAN, but it allows end stations to be grouped even if
they are not on the same interconnecting device. A sample VLAN can be seen from the figure below.

Cyberoam Academy
34

MPLS
MPLS (Multi Protocol Label Switching) is introduced as a faster mechanism to transfer data. MPLS works at layer 3
(Network Layer) of the OSI Reference Model. MPLS forwards packets from host to destination. In MPLS the IP
packets are encapsulated with a label, so instead of looking for the tables in the devices, the nodes on the network
are labeled. MPLS works on switching technology and hence the devices that work on MPLS terminology are
known as Label Switched Devices. We shall understand MPLS in more detail in the later part of this module.
Routing Internetwork Communication
Like bridges, routers connect two or more networks to form an internetwork. Routers maintain the logical identity of
each network segment. A router based internetwork will have many logical networks each of which is also
independent. Routers work at the network layer. Routers have a complex working than a bridge; they first analyze
the protocol used to route the packet from one LAN to another. A router which can analyze all the protocols used
at the network layer is known as a multiprotocol router.
Routing Concepts
Routing requires more information than bridging. A router will receive only those packets which are addressed to it.
A router has more decisions to make than a bridge and therefore they need more information than a bridge
contains. The primary information contained in a router is the routing tables which we shall see in the forthcoming
topic. A router is said to have the following basic functions.
It must create and maintain the routing tables.
It must select the next shortest path to the next network or router based on the information contained in the
packet.

Cyberoam Academy
35
Routing Tables
A routing table contains data which contains the routes to any network attached to that router. A router makes and
stores the routing table so that it knows exactly where to deliver the packets when they arrive. A routing table
consists of minimum three fields.
1. Network id (destination network)
2. Cost
3. Next hop (this is the address of the next router on the network)
Routing Metrics
Path Length
Path length is the most common and widely used routing metric. Path length is defined by the length between two
communicating nodes. The length between the communicating nodes is not calculated in meters but in the units of
time. A length between two communicating nodes will be calculated in milliseconds. So, this lets the router choose
the best path. The lower the time required to reach a destination, the nearer is the communicating device.
Reliability
Reliability, in routing context, is the dependability on a link. A router apart from storing the other metrics also stores
the error flow in a link because there can be a case in a network where one of the links is weak and goes down
quite often.
Delay
The delay in routing refers to the length of time required for transferring packet from source to destination in an
internetwork. Delay depends on many factors like bandwidth, traffic in network, and distance to be travelled.
Bandwidth
Bandwidth is the capacity of a link to carry data. Its unit is Bits Per Second.
Load
Load refers to the extent at which a router will be busy. Load can calculated with factors like CPU usage and
packets processed per second.
Communication Cost
Router can connect two networks over remote segments. It is therefore important to see the operating cost of the
router. An organization will certainly not lay down special lines if the communication can be done over a telephone
line.
Routing Algorithms
Static
In static routing, the routes on a network are fixed and the routers do not discover any new route. We can say that
in this type of routing, a system administrator would configure with all the information necessary for the routers to
forward a packet, however, a router will not learn new routes by itself. Static routes once defined to a network are
unchangeable. In other words we can also say that in static routing, all the entries in the routing table are done
manually. Static routing is not suitable for large networks. If a new router is added to the network, an administrator
has to update the route to the new router in each other router. Also, in static routing a problem can arise that the
traffic flows from one link only, instead of other links, because the route is predefined. Like in the below figure, we
can see that if a static route from network 2 to network 4 is not defined, all communication will happen from Router
B-C-D instead of going from Router B to Router D. This will make Router C busier and the link between Router B
and Router D will never be used. To summarize static routing is used when the routes of a network are predefined.

Cyberoam Academy
36

Dynamic
In contrast to static routing, dynamic routing does not require an administrator to update routing tables on the
router. A router will learn by itself and update the routing tables at its predefined time intervals. Dynamic routing is
more suitable for large networks, because if any link is busy, another route can be switched over automatically by
the router. Also, it is very easy to add a new router to the network. The metrics of each router is calculated by the
router itself and hence we can achieve faster communication, even if a link fails. Each router will store the metrics
of routers adjacent to it. From the figure below, we can see that when we add a new router (Router E) to the
network, Router C and Router D will automatically store the metrics of Router E. Now if communication is initiated
from Router A to Router E, a dynamic path will be chosen. This path can either be Router A-C-E or Router A-C-D-
E, depending on the metrics. To summarize, dynamic routing is used in an environment where routes of a network
are not predefined and we know that the networks adaptability will change.

Single path And Multipath
Single path and Multipath Routing algorithms are related to load sharing. There can be a single path or multiple
paths to a destination. In single path algorithm, a protocol will learn a single best route to each destination. In
multipath algorithm, a protocol will not learn any single route, but it will learn all the routes to each destination. The
advantage of learning is that load balancing can be done. When the best route to a destination is flooded with
traffic, another route can be used only if multipath routing is used. From the figure below we can understand that if
a route from A-D has to be selected, it can either be A-G-H-D or A-E-F-D. In case of single path algorithm, it will
select the best route. If the communication line is busy, the single path will still prefer the same route. Multipath
algorithm will choose both available paths and if one of the paths if busy, it will divert the packets through another
path.

Cyberoam Academy
37

Link State and Distance Vector
Link State algorithm calculates the status and connection type of each link to produce a metric. Link state algorithm
knows exactly when a link is working or down, how dependable it is and what is the cost of that link. It is very much
possible that a link state algorithm may choose a path with more hops and a faster medium rather than a path with
less hops and slower medium. Because, a link state protocol is aware about the media types and other factors, link
state algorithm requires more processing than any other algorithm. On the other hand, distance vector algorithm is
fairly simple. Distance is the cost of reaching any destination. Vector is the interface on which the traffic will be sent
to the destination. Distance vector algorithm hence chooses the distance calculation and the network interface to
determine the best path for communication. In link state algorithm, each router has the information of the entire
network, whereas, in distance vector algorithm, each router has the information of its neighbors only. In case of a
link failure, link state will send small updates to each router on the network, whereas, distance vector will send
large updates but only to some routers. From the figure below, we can easily understand the link state and
distance vector algorithms. In the figure scenario A is the distance vector, whereas scenario B is the link state. The
communication is initiated from node A and the destination is Node B. Node A and Node B are connected with a
telephone line, giving maximum speed of 56kbps, whereas all other links (A-C, C-D, and D-B) are 100Mbps. A
distance vector will directly choose the 56kbps link to send the data, whereas the link state will prefer A-C-D-B due
to high speed media.

Cyberoam Academy
38
Protocols used in Routing
RIP
RIP (Routing Information Protocol) is used to route packets in the internetwork. It is a dynamic protocol and used
by IP. The main function of this protocol is to inform the addresses of all routers to other routers. A network
characteristic is important when a router wants to make a routing decision. These network characteristics are
known commonly known as metrics. The RIP uses a metric called hop count, this metric keeps the numbers of
routing nodes falling between two communicating devices. RIP runs on UDP port number 521. RIP is available in
two versions namely, RIPv1 and RIPv2. RIP is documented in RFC 1058.
OSPF
OSPF (Open Shortest Path First) is a link state dynamic routing protocol. It uses link state algorithm and it is
documented in RFC 2328. OSPF is used to route IP packets in a single routing domain. It gathers the link state
and the media information from the available routers and constructs a diagram of the network. The decision of
forwarding the packets is made on the destination IP address. OSPF being a link state protocol can easily detect
the changes in the network, in form of link failure and changes the paths very quickly. Link state information is
maintained in the LSDB (Link State Database) by all the OSPF routers in the network. On change of any link, the
LSDB copies are updated to each router of the network. OSPF does not use a TCP/IP transport protocol (UDP,
TCP), but is encapsulated directly in IP datagram with protocol number 89. OSPF handles its own error detection
and correction functions. OSPF uses multicast addressing for route flooding on a broadcast network link. OSPF
reserves the multicast addresses 224.0.0.5 (all link state routers) and 224.0.0.6 (all Designated Routers), as
specified in RFC 2328 and RFC 5340.
BGP
BGP (Border Gateway Protocol) is the most used protocol for routing decisions on the Internet. BGP is a distance
vector dynamic protocol. BGP does not use the traditional metrics, but routing decisions are made based on path,
network policies, and other rules. BGP is more known as a reach-ability protocol rather than a routing protocol.
OSPF fails in very large networks whereas BGP is designed to work with very large networks. BGP creates
redundancy in large networks giving maximum efficiency. BGP works on TCP port number 179. Each BGP router
sends a message to all other routers periodically to check the availability. The final version of BGP is documented
in RFC 4271 which went through more than 20 revisions starting from RFC 1771.
IGRP
IGRP (Interior Gateway Routing Protocol) is a proprietary (organization owned) protocol. It was created to
overcome the limitations of RIP. IGRP is a distance vector protocol. It is used by routers to exchange routing
information. It overcomes the limitation of RIP which could work only till 15 hops and single routing metric. IGRP
supports multiple metrics like bandwidth, delay, load, and reliability. To compare two routes, all the metrics stated
above are compared and then the best route is selected. To overcome the issues with address space, another
protocol EIGRP was created. EIGRP (Enhanced IGRP) is also a proprietary protocol. IGRP is almost considered
as obsolete now.
Routing and the OSI Model
Routers work at layer 3 (Network Layer) of the OSI Reference Model. The main function of the router is to select
the shortest path to the next network. Routers do not work at the data-link layer, so they cannot connect different
networking environments. Routers are visible to end points and so controlling the traffic from a transmitter to a
receiver is possible. Routers have buffers, so if the sending process is faster than the receiving process it will not
create congestion in the network.
Network Management
Network management is a very broad term and it relates to many people associated with the network in different
ways. However, in general, network management is a service that uses variety of tools including applications and
devices, which can assist a network manager to take decisions based on the network. The ISO has a significant
contribution in network standardization. The network management model given by the ISO can lead to
understanding major functions of network management. The ISO network management model consists of five

Cyberoam Academy
39
major areas. Given below is the ISO network management model.

The five major areas of network management by ISO are
1. Performance Management
Performance Managements goal is to maintain the internetwork and to determine the efficiency of the network.
Performance management is ensures that network performance remains at a good level. It is also concerned with
gathering regular performance data like response times, packet loss rate, and link utilization. This information is
usually gathered through the implementation of an SNMP management system which we shall discuss in the
following topic, either actively monitored, or configured to alert administrators when performance move above or
below predefined thresholds.
2. Configuration Management
The goal of configuration management is to collect, set, and track configuration of devices on the network. It is
concerned with monitoring system configuration and changes taking place in it. This is an important aspect
because most the problems in the network arise due to change in configuration like change in configuration files,
updating the software, or changes in the system hardware. A proper configuration management system strategy
involves tracking and notifying all changes made in the network hardware and software.
3. Accounting Management
The goal of accounting management is to gather statistics for the users in the network. This deals with tracking the
network utilization according the segments created on the network.
4. Fault Management
The goal of fault management is to recognize, correct, and create log of the fault that might have occurred in the
network. A proper fault management technique is to log the information, contact the appropriate person, and fix the
problem.
5. Security Management
The goal of security management is to control the access to vital resources in the network. It does not deal only to
see that the network environment is secured but also that the information related to security is gathered and
analyzed at regular time intervals.

Cyberoam Academy
40
SNMP
SNMP (Simple Network Management Protocol) is a standard protocol for managing devices on internetwork.
Devices that support SNMP are routers, switches, servers, workstations, printers, and many more. It is used to
monitor devices attached to the network for conditions which require network administrators attention. SNMP is
part of the TCP/IP protocol suite and is defined by IETF. The final revised version of SMNP is documented in RFC
2576.
VPN
Normally, when we are connected to any subnet, we can say that we are in a private network. To put in other
words, every subnet is a private network. If we want a remote user who is physically not in the same subnet to be a
part of the same subnet then we are talking about the network terminology called VPN (Virtual Private Network). A
VPN allows a remote user to become a part of the local private network as if the user is working the same local
subnet. This also allows the user to use to the network resources like printers, etc. A VPN is a network that uses a
public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with
secure access to their organizations network. A virtual private network can be contrasted with an expensive
system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the
organization with the same capabilities, but at a much lower cost.

The VPN connections between two sites require that the sites be connected remotely but securely because at one
end there is an organizations private network and at the other end, there is a public network like Internet. If there is
any failure to secure the connection, then it can lead to a vast security breach in the network. A VPN connection
therefore uses tunnels to communicate. Tunnels are pass ways for the traffic to flow. Only the sender and the
receiver can use the tunnel. There are three types of tunnels that can be created depending on the type of
communication required. The three tunnels are shown in the figure below.

As shown in the figure above, a gateway to gateway tunnel will be used in large organizations where a any
branch office computer wants to connect to another branch office computer.

Cyberoam Academy
41

A host to gateway tunnel is used when only one computer from a public network wants to connect to entire
organizations network.

A host to host tunnel is used when a particular computer from the public network wants to connect to one
particular computer from the organization.
VPN on L2TP
The L2TP (Layer 2 Tunneling Protocol) acts like a data link (Layer 2 of the OSI Reference Model) protocol for
tunneling the traffic between two peers in a network. L2TP uses UDP port number 1701. The two end points of the
L2TP tunnel are called LAC (Layer 2 Access Concentrator) and LNS (Layer 2 Network Server). The latest version
of this protocol is documented in the RFC 3931.
VPN on PPTP
The PPTP (Point to Point Protocol) is one of the methods to implement a VPN. The PPTP packet is encapsulated
in the IP packet with protocol number 47. The PPTP was first documented under RFC 2637. A PPTP tunnel
communicates with the peer on TCP port number 1723. The PPTP is also a data link layer (Layer 2 of the OSI
Reference Model) protocol.

Cyberoam Academy
42
IPSec VPN
IPSec (Internet Protocol Security) is a protocol suite for securing IP communications by encrypting and
authenticating each packet in a communication session. IPSec is a framework that is built into various security
products to provide end to end security in wide area networking communications. IPSec is documented in RFC
2401.
MPLS VPN
MPLS VPN is a method to implement the power of MPLS (Multi Protocol Label Switching) to create a virtual private
network. Using MPLS gives the flexibility to the network administrator to route the traffic using the MPLS as
backbone.

SSL VPN
SSL VPN is a method to implement the VPN with the SSL technology. SSL (Secured Sockets Layer) is a
technology which encrypts the data so that no other source can identify the data. The Payment Card Industry
always uses the SSL to transfer card data. Websites generally use SSL at the login page, to encrypt the password
and other user information.
Networking with Quality of Services
Overview
Quality of Service is related to the capability of a network to provide services to filtered network traffic. The filtered
network traffic can be a HTTP, HTTPS, SMTP, POP3, or any other type of traffic. QoS is also useful when we want
to provide a dedicated bandwidth to some resources on the network like for example a managers computer. Qos
can also be used in cases where the bandwidth needs to be managed by filtering users. For example, we want a
user to browse the web sites at a fixed bandwidth because the same has to be allotted to the VOIP network. These
types of goals can be achieved using QoS. To summarize, we can say that QoS enables the network administrator
to provide better services to certain flows. This can be achieved by either giving a priority to the flow, or lessening
the priority of other flows.

Cyberoam Academy
43
Summary
Communication is the base of any organization foundation. With proper communication techniques an organization
can achieve maximum throughput from the communicating devices. Also, it allows providing a quality of service to
the nodes in the network. Interconnecting networks can be easy if the basic setup of network is appropriate.
So far we have learnt
Types of cables used for networking
Reference Models
Devices used in networks
How devices communicate
Flow of communication
How addressing is done?
Routing
Switching
VPN
QoS

Module 1

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Module 1

Hochgeladen von

Copyright:

Verfügbare Formate

Copyright 2013

Cyberoam Technologies Pvt. Ltd.

Das könnte Ihnen auch gefallen