OSI Model & TCP/IP Protocols

Network Reference Model

A computer network connects two or more devices together to share information
and services. Multiple networks connected together form an internetwork.
Internetworking present challenges that interoperating between different types
products from different manufacturers requires consistent standards. Network
reference models were developed to address these challenges. A network
reference model serves as a blueprint, detailing how communication between
network devices should occur.
The two most recognized network reference models are:
The Open Systems Interconnection (OSI) model
The Department of Defense (DoD) model
Without the framework that network models provide, all network hardware and
software would have been proprietary. Organizations would have been locked into a
single vendors equipment, and global networks like the Internet would have been
impractical, if not impossible.
Network models are organized into layers, with each layer representing a specific
networking function. These functions are controlled by protocols, which are
rulesthat govern end-to-end communication between devices.
A network model is not a physical entity there is no OSI device. Manufacturers do
not always strictly adhere to a reference models blueprint, and thus not every
protocol fits perfectly within a single layer. Some protocols can function across
multiple layers.

The OSI Reference Model and Their Function

The Open Systems Interconnection (OSI) modelwas developed by the
International Organization for Standardization (ISO), and formalized in 1984.
It provided the first framework governing how information should be sent across a
network.
The OSI reference model provides a number of benefits in understanding how
networks function, by doing the following:

Reducing complexity:The OSI model breaks network communications

into smaller, simpler parts.

Standardizing

interfaces:The

Facilitating modular engineering:The OSI model allows different types

OSI model standardizes

components to allow multiple-vendor development and support.
of network hardware and software to communicate with one another.

network

Ensuring interoperable technology:The OSI model prevents changes

in one layer from affecting the other layers, allowing for quicker development.
Accelerating evolution:The OSI model provides for effective updates and
improvements to individual components without affecting other components
or having to rewrite the entire protocol.

Simplifying teaching and learning:The OSI model breaks network

communications into smaller components to make learning easier.

The OSI model consists of seven layers, each corresponding to a specific network
function:

Figure: OSI Reference Model

OSI Model - The Upper Layers (Software Layer)

The top three layers of the OSI model are often referred to as the upper layers.
Also called software layers:
Layer-7 - Application layer
Layer-6 - Presentation layer
Layer-5 - Session layer
Protocols that operate at these layers manage application-level functions, and are
generally implemented in software.

The function of the upper layers of the OSI model can be difficult to visualize. Upper
layer protocols do not always fit perfectly within a layer, and often function across
multiple layers.

OSI Model The Core Layers

The layer no fourth (Transport Layer) is often referred to as core layer of OSI
model.

OSI Model - The Lower Layers

The bottom three layers of the OSI model are often referred to as the lower layers.
Also called hardware layer:
Layer-3 Network layer
Layer-2 Data-Link layer
Layer-1 Physical layer
Protocols that operate at these layers control the end-to-end transport of data
between devices, and are implemented in both software and hardware.

TCP/IP Suite
The TCP/IP suitewhose name is actually a combination of just two individual
protocols, Transmission Control Protocol (TCP) and Internet Protocol (IP)is divided
into layers, each of which performs specific functions in the data communication
process. This topic describes how the layers of TCP/IP are organized into a stack.

Figure: TCP/IP suite

The TCP/IP suite was developed at approximately the same time as the OSI model.
Like the OSI model, the TCP/IP suite is a means of organizing components in an
order that reflects their functions in relation to one another. The components, or
layers, of the TCP/IP stack are as follows:

Application layer:The application layer provides applications for file

transfer, network troubleshooting, and Internet activities and supports
network application programming interfaces (APIs) that allow programs that
have been created for a particular operating system to access the network.

Transport layer:The transport layer is the core of the TCP/IP architecture,

providing communication services directly to the application processes
running on network hosts.

Internet layer:This layer provides routing of data from the source to the
destination by defining the packet and the addressing scheme, moving data
between the data link and transport layers, routing packets of data to remote
hosts, and performing fragmentation and reassembly of data packets.

Network access layer: This layer covers the same processes as the two
lower OSI layers:

Physical layer: The physical layer defines the electrical, mechanical,

procedural, and functional specifications for activating, maintaining, and
deactivating the physical link between end systems. Characteristics such
as voltage levels, timing of voltage changes, physical data rates,
maximum transmission distances, physical connectors, and other similar
attributes are defined by physical layer specifications.

Data link layer: The data link layer defines how data is formatted for transmission and how
access to the network is controlled.

TCP/IP Stack vs. the OSI Model

Both the OSI model and the TCP/IP stack were developed, by different organizations,
at approximately the same time as a means to organize and communicate the
components that guide the transmission of data. The layers of the TCP/IP stack
correspond to the layers of the OSI model:

Figure: OSI and TCP/IP Model Comparison

The TCP/IP network access layer roughly corresponds to the OSI physical and
data link layers and is concerned primarily with interfacing with network
hardware and accessing the transmission media.

The TCP/IP Internet layer corresponds closely to the network layer of the OSI
model and deals with the addressing of and routing between network
devices.

The TCP/IP transport layer, like the OSI transport layer, provides the means
for multiple host applications to access the network layer, either in a besteffort mode or through a reliable delivery mode.
The TCP/IP application layer addresses applications that communicate with
the lower layers and corresponds to the separate application, presentation,
and session layers of the OSI model. The additional layers of the OSI model
provide some additional organization of features related to applications.

What is protocol?
A protocol is a formal description of a set of rules and conventions that govern how
devices on a network communicate.

Have you wondered why different devices or application are able to send data to
each other? For example, you can send a message from your phone to your friend
computer. The reason is because there devices or applications are using the same
protocol.

Figure:Devices in Network
Protocols are like the languages in human communication. People who understand
the same languages are able to communicate to each other. So it is the same as the
devices and applications. Devices and application with the same protocol are able to
send data to each other.

Figure: Rules of Human Communication

Layer 7: Application Layer

Applications provide the means for generating and receiving data that can be
transported on the network. Applications can be a client, a server or both a client
and server at the same time. One client application that we normally use is the
internet browser which is used to request and receive webpages from web server.
For web server, it has application that is used to store webpages, and upon request,
its will generate webpage data are sent to the internet browser.

Figure: Application layer of both OSI and TCP/IP Model

The Application layer is the top layer of both the OSI and TCP/IP models. It is the
layer that provides the interface between the applications and networks. Without
the application layer, data are not able to send through networks. For TCP/IP model,
application layers are usually referred to the combination of application,
presentation and session layers of OSI Model.
There are many types of application protocol namely:
1) Hypertext Transfer Protocol (HTTP)
2) Simple Mail Transfer Protocol (SMTP)
3) Post Office Protocol (POP)
4) File Transfer Protocol (FTP)
5) Domain Name System (DNS)
6) Dynamic Host Configuration Protocol (DHCP)
7) Telnet
8) SSH (Secure Shell)
9) SNMP (Simple Network Management Protocols)
10)
Xwindows
11)
RADIUS
12)
BootP

Layer 6: Presentation Layer

The Presentation layer (Layer-6) controls the formatting and syntax of user data for
the application layer. This ensures that data from the sending application can be
understood by the receiving application. Standards have been developed for the
formatting of data types, such as text, images, audio, and video. Examples of
Presentation layer formats include:
Text - RTF, ASCII, EBCDIC
Images - GIF, JPG, TIF
Audio - MIDI, MP3, WAV
Movies - MPEG, AVI, MOV
If two devices do not support the same format or syntax, the Presentation layer can
provide conversion or translation services to facilitate communication.
Additionally, the Presentation layer can perform encoding, decoding, encryption,
decryption, compressionand decompression of data, as required. However,
these functions can also be performed at lower layers as well. For example, the
Network layer can perform encryption, using IPSec.

Layer 5: Session Layer

The Session layer (Layer-5) is responsible for establishing, maintaining, and
ultimately terminating sessions between devices. If a session is broken, this layer
can attempt to recover the session. Sessions communication falls under one of
three categories:
Full-Duplex simultaneous two-way communication
Half-Duplex two-way communication, but not simultaneous
Simplex one-way communication

Figure: Data Transmission method

The session layer carries out the following tasks.

Starts and ends a session across a network (on request)

Allows applications to share information
Ensures that information is flowing to the right place
Talks to the PRESENTATION layer above
Talks to the TRANSPORT layer below

Figure: Session Layer communication

Many modern protocol suites, such as TCP/IP, do not implement Session layer
protocols. Connection management is often controlled by lower layers, such as the
Transport layer. The lack of true Session layer protocols can present challenges for
high availability and failover. Reliance on lower-layer protocols for session
management offers less flexibility than a strict adherence to the OSI model.

Layer 4: Transport Layer

Residing between the application and network layers, the transport layer is
fundamental to the operation of the TCP/IP layered network architecture. This topic
describes the functions of the transport layer.

Figure: OSI Transport Layer

The network layer routes information to its destination, but it cannot guarantee that
the information arrives in correct order, free of errors, or even that it will arrive at
all. The transport layer provides two protocols, UDP and TCP, which provide
communication services directly to the application process on the host. The basic
service provided by the transport layer is session multiplexing, which is performed
by both UDP and TCP. The premium service provided by the transport layer is
ensuring reliable delivery, which is performed only by TCP.
The primary duty of the transport layer is the interconnection of application
sessions to the network layer, which is provided by both UDP and TCP. If TCP is used,
the transport layer has the further responsibilities of establishing end-to-end
operations, segmentation, flow control, and applying reliability mechanisms
The Transport layer (Layer-4) does not actually send data, despite its name.
Instead, this layer is responsible for the reliable transfer of data, by ensuring that
data arrives at its destination error-free and in order.
The major functions of Transport layer are given below:

Identifying Services
Multiplexing
De-Multiplexing
Segmentation
Sequencing
Reassembling
Error Correction
Flow control (or windowing)

 Buffering

Service Identification
TCP and UDP ports identify services that run on a specific logical address.
Otherwise, there would be no way to distinguish data destined for one service or
another on a device. For example, port numbers allow both a web and email server
to operate simultaneously on the same address.

Well-Known Ports

Well-known ports are assigned by the IANA and are numbered 1023 and below.
These numbers are assigned to applications that are fundamental to the Internet.

Registered Ports

Registered ports are listed by IANA and are numbered from 1024 to 49151. These
ports are used for proprietary applications, such as squid proxy (3128).

Dynamically Assigned Ports

Dynamically assigned ports are assigned numbers between 49152 and 65535.
These ports are assigned dynamically for the duration of a specific session.

Commonly Used Port Numbers

Port
Number
20,21
22
23
25
53

Protocol

67
68
69
80
88
110
115
119
123
137
143
161

UDP
TCP
UDP
TCP/UDP
TCP
TCP
TCP
TCP
UDP
UDP
TCP/UDP
UDP

179
389
443

TCP/UDP
TCP

TCP
TCP
TCP
TCP
TCP/UDP

Function
FTP (File Transfer Protocol)
SSH (ssh,scp copy or sftp)
Telnet
SMTP (for sending outgoing emails)
DNS Server (Domain name service for DNS
requests)
BOOTP (Bootstrap Protocol)
DHCP
TFTP
HTTP Port Internet Traffic
Kerberos
POP3 (for receiving email)
(SFTP) Secure File Transfer Protocol
NNTP (Network News Transfer Protocol)
NTP (Network Time Protocol)
NetBIOS Name Service
IMAP4 Protocol (for email service)
SNMP (Simple Network Management
Protocol)
BGP
LDAP (light weight directory access)
Secure HTTP over SSL (https)

465
514
515
520
863
902
990
993
995
1433
1812-13
2049
3128
3306
5050
5432
5060
5900
8080
10000

TCP
UDP
UDP
UDP
TCP/UDP
TCP
TCP
TCP/UDP
TCP
TCP/UDP
Yahoo
Msgr.
TCP
UDP
TCP

Secure SMTP (email) using SSL

Syslog / UDP
LPD/LPR
RIP
MSN
VMware
Secure FTP using SSL
Secure IMAP protocol over SSL (for emails)
POP3s
Microsoft SQL server port
RADIUS Server
NFS
Squid Default Port
MySQL Database Server

PostgreSQL Database Server

SIP
VNC Srver
HTTP port (alternative one for port 80)
Webmin

Socket address
An IP address combined with a TCP or UDP port forms a socket. A socketis written
out as follows:

208.112.208.30:80
Session Multiplexing
Session multiplexing is an activity in which a single computer, with a single IP
address, is able to have multiple sessions occurs simultaneously. A session is
created when a source machine needs to send data to a destination machine. Most
often, this involves a reply, but a reply is not mandatory. The session is created and
controlled within the IP network application, which contains the functionality of OSI
Layers 5 through 7.
A best-effort session is very simple. The session parameters are sent to UDP. A besteffort session sends data to the indicated IP address using the port numbers
provided. Each transmission is a separate event, and no memory or association
between transmissions is retained.
When using the reliable TCP service, a connection must first be established between
the sender and the receiver before any data can be transmitted. TCP opens a
connection and negotiates connection parameters with the destination. During data
flow, TCP maintains reliable delivery of the data and, when complete, closes the
connection.

For example, you enter a URL for Yahoo into the address line in the Internet Explorer
window, and the Yahoo site corresponding to the URL appears. With the Yahoo site
open, you can open the browser again in another window and type in another URL
(for example, Google). You can open another browser window and type the URL for
Cisco.com and it will open. Three sites are open using only one IP connection,
because the session layer is sorting the separate requests based on the port
number.

Segmentation
TCP takes data chunks from the application layers and prepares them for shipment
onto the network. Each chunk is broken up into smaller segments which will fit the
maximum transmission unit (MTU) of the underlying network layers. UDP, being
simpler, does no checking or negotiating and expects the application process to
give it data that will work.

Flow Control
If a sender transmits data faster than the receiver can receive it, the receiver will
drop the data, requiring it to be retransmitted. Retransmission can waste time and
network resources, which are why most flow control methods try to maximize the
transfer rate while minimizing the requirements to retransmit.
In TCP, basic flow control is implemented by acknowledgment by the receiver of the
receipt of data; the sender waits for this acknowledgment before sending the next
part. However, if the round-trip time (RTT) is significant, the overall transmission
rate may slow to an unacceptable level. A mechanism called windowing increases
network efficiency when combined with basic flow control. Windowing allows a
receiving computer to advertise how much data it is able to receive before
transmitting an acknowledgment to the sending computer.

Figure: Flow control in Layer 4

The TCP/IP protocol suite incorporates two Transport layer protocols:

Transmission Control Protocol (TCP) connection-oriented
User Datagram Protocol (UDP) - connectionless

Figure: TCP vs UDP

The Transport layer of the OSI model (or, the Host-to-Host layer of the DoD
model) is concerned with the reliable transfer of data between devices. It ensures
(or in some cases, does not ensure) that a packet arrives at its destination without
corruption or data loss.
However, protocols at the transport layer do not actually send or route packets.
Network layer protocols, such as IP, route packets from onenetwork to another. In
the TCP/IP protocol suite, TCP and UDP aretransport layer protocols.

User Datagram Protocol (UDP)

The User Datagram Protocol (UDP) is defined as an unreliable, connectionless
transport protocol. It is essentially a stripped-down version of TCP, and thus has far
less latency than TCP.
UDP provides no three-way handshake, no flow-control, no sequencing, and no
acknowledgment of data receipt. However, UDP does provide basic error-checking
using a checksum.
UDP Characteristics

Operates at transport layer of OSI and TCP/IP models

Provides applications with access to the network layer
Is a connectionless protocol
Provides limited error checking
Provides best-effort delivery
Has no data-recovery features

UDP header

The UDP header length is always 64 bits. The field definitions in the UDP segment
(see figure)
Include the following:

UDP Datagram Explained

Source Port - An optional 16-bit field that specifies which port the datagram

originated from.
Destination Port - A 16-bit field that specifies which port the datagram

should be directed to on the receiving computer.

Length - A 16-bit field that specifies how long the UDP datagram is. This

includes the UDP header and the data being sent. (The value is always at
least 8, since the UDP header is eight octets.)
Checksum - A 16-bit field that operates much like the TCP counterpart. It is

considered optional, however.

Data - The actual data being sent to the recipient computer.

Protocols that use UDP include TFTP, Simple Network Management Protocol (SNMP),
Dynamic Host configuration Protocol (DHCP), Network File System (NFS), and
Domain Name System (DNS).

Transmission Control Protocol (TCP)

TCP stands for Transmission Control Protocol. It is a connection-oriented protocol
that provides data reliability between hosts. TCP has a number of unique
characteristics related to the way in which it accomplishes this transmission. This
topic describes the major characteristics of TCP.
TCP Characteristics

Transport layer of the TCP/IP stack

Access to the network layer for applications
Connection-oriented protocol
Full-duplex mode operation
Error checking

 Sequencing of data packets

Acknowledgement of receipt
Data-recovery features
TCP Header
The TCP header supplies information that is specific to the TCP protocol. This topic
describes the components of the TCP header.

Figure: TCP Header

TCP segments are sent using IP packets. The TCP header follows the IP header,
supplying information specific to the TCP protocol. This division of the headers
allows host-level protocols other than TCP to exist.

TCP Segments Explained

Source Port - A 16-bit field that specifies which port number the data

segment originated from on the source machine.

Destination Port - A 16-bit field that specifies which port number the data
segment is destined for on the receiving machine.
Sequence Number - A 32-bit field that specifies which sequence number
the particular segment of information is assigned. The sequence number is
used to number packets of information so that they may be counted on the
receiving side- guaranteeing a successful and complete delivery of
information.
Acknowledgment Number - A 32 bit field that specifies whether or not a
segment was received correctly. The acknowledgment number is always one
higher than the sequence number, since the receiving computer is expecting
the next segment.
Data Offset A 4-bit field that tells the receiving computer how long the
header is, and where the data actually begins.

 Reserved - A 6-bit field that is reserved for future use. Currently this field is

represented as all zeroes. In the future, it may be likely that TCP will make
use of this space for some reason or another.
URG - A 1-bit control flag that stands for urgent. If the value is 1, the
information is urgent and should be dealt with accordingly.
ACK - A 1-bit control flag that, if set to 1, indicates that the Acknowledgment
Number field is significant.
PSH - A 1-bit control flag that stands for push. If set to 1, all the information
sent so far is sent to the receiving application.
RST - 1-bit control flag that stands for reset. If set to 1, the connection is
reset.
SYN - A 1-bit control flag that stands for synchronize. If set to 1, then a
sequence of numbers will be used to sort information packets. This also
marks the beginning of a connection.
FIN - A 1-bit control flag that stands for finished. It also closes a connection,
and indicates that there is no more data to be sent.
Window - A 16-bit field that is used for flow control. It indicates that a range
of sequence numbers past the last acknowledged sequence number do not
require further acknowledgment.
Checksum - A 16-bit field that checks segment integrity. A calculation is
done on both the sending and receiving computer. This calculation is based
on the segments information, so we can use it to check and see if the packet
is indeed the same being received as it was sent.
Urgent Pointer - A 16-bit field that indicates the beginning of urgent
information. Specifically, it points to a sequence number.
Options - A field that may be used to set various optional settings.

Padding - A spacer used to offset the Options field. Since every row must

equal 32 bits, the Padding field must add to the Options field to equal 32 bits.
Since the Options field may vary, variable Padding is needed.
Data - The actual data being sent to the recipient computer.

Comparison of TCP versus UDP

TCP

UDP

Transmission Control Protocol

User Datagram Protocol

Connection-oriented

Connection-less oriented

Guaranteed Delivery

No Guaranteed Delivery

Sends Acknowledgments

Does not send Acknowledgments

Reliable, but slower

Unreliable, but faster

Segments and Sequences Data

Does NOT segment/sequence data

Flow Control

No Flow Control

Performs CRC on data

Performs CRC on data

Protocol No is 6

Protocol No is 17

Eg: HTTP, FTP, SMTP

Eg: DNS, DHCP, TFTP

The Network Layer

The Network layer (Layer-3) controls internetwork communication, and has two
key responsibilities:
Logical addressing provides a unique address that identifies both
the host, and the network that host exists on.
Routing determines the best path to a particular destination
network, and then routes data accordingly.
Protocols implemented at the Network/Internet layer include:

Internet Protocol version 4 (IPv4)

Internet Protocol version 6 (IPv6)
Novell Internetwork Packet Exchange (IPX)
AppleTalk
The Internet Protocol (IPv4 and IPv6) is the most commonly used network/internet
protocol.

Layer 2: Data Link Layer

The second-lowest layer (layer 2) in the OSI Reference Model stack is the data link
layer, often abbreviated DLL (though that abbreviation has other meanings as well
in the computer world). The data link layer, also sometimes just called the link
layer, is where many wired and wireless local area networking (LAN) technologies
primarily function. For example, Ethernet, Token Ring, FDDI and 802.11 (wireless
Ethernet or Wi-Fi) are all sometimes called data link layer technologies. The set
of devices connected at the data link layer is what is commonly considered a simple
network, as opposed to an internetwork.
Data Link Layer Sublayers: Logical Link Control (LLC) and Media Access
Control (MAC)
The data link layer is often conceptually divided into two sublayers: logical link
control (LLC) and media access control (MAC). This split is based on the
architecture used in the IEEE 802 Project, which is the IEEE working group
responsible for creating the standards that define many networking technologies
(including all of the ones I mentioned above except FDDI). By separating LLC and
MAC functions, interoperability of different network technologies is made easier, as
explained in our earlier discussion of networking model concepts.

Figure: OSI Data Link Layer

Data Link Layer Functions

The following are the key tasks performed at the data link layer:
o

Logical Link Control (LLC): Logical link control refers to the functions
required for the establishment and control of logical links between local
devices on a network. As mentioned above, this is usually considered a DLL
sublayer; it provides services to the network layer above it and hides the rest
of the details of the data link layer to allow different technologies to work
seamlessly with the higher layers. Most local area networking technologies
use the IEEE 802.2 LLC protocol.

Media Access Control (MAC): This refers to the procedures used by

Data Framing: The data link layer is responsible for the final encapsulation

Addressing: The data link layer is the lowest layer in the OSI model that is

Error Detection and Handling: The data link layer handles errors that

devices to control access to the network medium. Since many networks use a
shared medium (such as a single network cable, or a series of cables that are
electrically connected into a single virtual medium) it is necessary to have
rules for managing the medium to avoid conflicts. For example. Ethernet uses
the CSMA/CD method of media access control, while Token Ring uses token
passing.
of higher-level messages into frames that are sent over the network at the
physical layer.
concerned with addressing: labeling information with a particular destination
location. Each device on a network has a unique number, usually called a
hardware address or MAC address that is used by the data link layer protocol
to ensure that data intended for a specific machine gets to it properly.
occur at the lower levels of the network stack. For example, a cyclic
redundancy check (CRC) field is often employed to allow the station receiving
data to detect if it was received correctly.

The physical layer and the data link layer are very closely related. The requirements
for the physical layer of a network are often part of the data link layer definition of a
particular technology. Certain physical layer hardware and encoding aspects are
specified by the DLL technology being used. The best example of this is the
Ethernet standard, IEEE 802.3, which specifies not just how Ethernet works at the
data link layer, but also its various physical layers.

Since the data link layer and physical layer are so closely related, many types of
hardware are associated with the data link layer. Network interface cards (NICs)
typically implement a specific data link layer technology, so they are often called
Ethernet cards, Token Ring cards, and so on. There are also a number of
network interconnection devices that are said to operate at layer 2, in whole or in
part, because they make decisions about what to do with data they receive by
looking at data link layer frames. These devices include most bridges, switches and
barters, though the latter two also encompass functions performed by layer three.

Some of the most popular technologies and protocols generally associated with
layer 2 are Ethernet, Token Ring, FDDI (plus CDDI), HomePNA, IEEE 802.11, ATM,
and TCP/IP's Serial Link Interface Protocol (SLIP) and Point-To-Point Protocol (PPP).

Layer 1: Physical Layer

The lowest layer of the OSI Reference Model is layer 1, the physical layer; it is
commonly abbreviated PHY. The physical layer is special compared to the other
layers of the model, because it is the only one where data is physically moved
across the network interface. All of the other layers perform useful functions to
create messages to be sent, but they must all be transmitted down the protocol
stack to the physical layer, where they are actually sent out over the network

Figure: OSI Physical Layer

Physical Layer Functions

The following are the main responsibilities of the physical layer in the OSI Reference
Model:
o

Definition of Hardware Specifications: The details of operation of cables,

connectors, wireless radio transceivers, network interface cards and other
hardware devices are generally a function of the physical layer (although also
partially the data link layer; see below).

Encoding and Signaling: The physical layer is responsible for various

encoding and signaling functions that transform the data from bits that reside
within a computer or other device into signals that can be sent over the
network.

Data Transmission and Reception: After encoding the data appropriately,

the physical layer actually transmits the data, and of course, receives it. Note
that this applies equally to wired and wireless networks, even if there is no
tangible cable in a wireless network!
Topology and Physical Network Design: The physical layer is also
considered the domain of many hardware-related network design issues, such
as LAN and WAN topology.

In general, then, physical layer technologies are ones that are at the very lowest
level and deal with the actual ones and zeroes that are sent over the network. For
example, when considering network interconnection devices, the simplest ones
operate at the physical layer: repeaters, conventional hubs and transceivers. These
devices have absolutely no knowledge of the contents of a message. They just take
input bits and send them as output. Devices like switches and routers operate at
higher layers and look at the data they receive as being more than voltage or light
pulses that represent one or zero.

Communication process for OSI & TCP/IP Model

Figure: Communication Process in OSI Model

Figure: Communication Process in TCP/IP Model

Ethernet Technology
Introduction
In today's business world, reliable and efficient access to information has become
an important asset in the quest to achieve a competitive advantage. File cabinets
and mountains of papers have given way to computers that store and manage
information electronically.
Computer networking technologies are the glue that binds these elements together.
Networking allows one computer to send information to and receive information
from another. We can classify network technologies as belonging to one of two basic
groups. Local area network (LAN) technologies connect many devices that are
relatively close to each other, usually in the same building. The library terminals
that display book information would connect over a local area network. Wide area
network (WAN) technologies connect a smaller number of devices that can be many
kilometers apart.
In comparison to WANs, LANs are faster and more reliable, but improvements in
technology continue to blur the line of demarcation. Fiber optic cables have allowed
LAN technologies to connect devices tens of kilometers apart, while at the same
time greatly improving the speed and reliability of WANs.

Token Ring
IEEE 802.5 standards Token Ring is an IBM-created network topology. It arranges
nodes and network cables in order to form a ring or a loop. As opposed to CSMA/CD
where nodes check the network for activity before sending, Token Ring networks use
a token to determine when a node can transmit.
The nodes in a Token Ring network actually dont physically look like a ring. In fact,
central units referred to as MAUs (Multistation Access Units). That means that Token
Ring is logically a Ring but physically a star topology. Because its physically a star,
a single break in the ring doesnt take down the whole network.
The token is passed from node to node around the network in a particular direction.
When a node wished to transmit, it waits for the token to arrive, transmits its data
with the token, and then waits for the token to arrive again to transmit again. This is
called Token Passing.
Token Ring is also a guaranteed delivery networking system. When a node transmits
data with the token, it sends a special message inside the token. When the token
arrives at the destination, it reverses this special message and re-transmits the
token. When the token reaches the original sending computer, it can then tell if the
data was sent properly. If the token does not contain the changed message, the
sending computer knows it must re-send the data.

Figure: Small Token Ring Network

Media

Twistedpair

MAC
Method

Token
passing

Signal
Propagation
Method
Forwarded from
device to device
(or port to port
on a hub) in a
closed loop

Spee
d

Topologie
s

4Mbp
s

Ring

16
Mbps

Star-using
Token Ring
repeater
hubs

Maximum
Connecti
ons
255 nodes
per
segment

FDDI

Fiber Distributed Data Interface (FDDI) is an expensive LAN technology that

employs a pair of fiber-optic rings. One is primary ring and the second ring is used
to replace the primary ring in the case of a network failure. Fiber Distributed Data
Interface (FDDI) uses fiber-optic cable and is wired in a ring topology and Fiber
Distributed Data Interface (FDDI) uses token passing as its media-access method
and can operate at high speeds.

Figure: Fiber Distributed Data Interface (FDDI)

The Fiber Distributed Data Interface (FDDI) provides high-speed network backbones
that can be used to connect and extend LANs.

Like token ring, FDDI also has error-detection and correction capabilities. In a
normally operating Fiber Distributed Data Interface (FDDI) ring, the token passes by
each network device fast. If the token is not seen within the maximum amount of
time that it takes to circulate the largest ring, it indicates a network problem.

Fiber-optic cable such as the cable used with Fiber Distributed Data Interface (FDDI)
can support very large volumes of data over large distances.
Fiber Distributed Data Interface (FDDI) is an expensive technology to set up because
the network devices require a special network card and also fiber-optic cabling is
required, which is expensive than twisted-pair cable. Because most Fiber Distributed
Data Interface (FDDI) installations use a redundant second ring, more cabling is
required.
Fiber Distributed Data Interface is also a Ring topology, but uses two rings rather
than one single ring. It can transmit up to 1Gbps, and can send data up to 2
kilometers.
Media

MAC

Signal

Spe

Topologi

Maximum

Method

Propagation
ed
es
Connectio
Method
ns
Token
Forwarded
from
1
Double
Fiberpassing
device to device (or Gbps ring Star
500 no
optic
port to port on a
hub) in a closed loop
You wont see much information on FDDI on the exam, but you should be aware of
the basics. Expect to see limited information on Fiber optics, FDDI, and token
passing, but study more for the 802.3 standards and how Token Ring networks work.

Ethernet Technology
Ethernet is a family of technologies that provides data-link and physical
specifications for controlling access to a shared network medium. It has emerged as
the dominant technology used in LAN networking.
Ethernet was originally developed by Xerox in the 1970s, and operated at 2.94Mbps.
The technology was standardized as Ethernet Version 1 by a consortium of three
companies - DEC, Intel, and Xerox, collectively referred to as DIX - and further
refined as Ethernet II in 1982.
In the mid 1980s, the Institute of Electrical and Electronic Engineers(IEEE)
published a formal standard for Ethernet, defined as the IEEE 802.3 standards. The
original 802.3 Ethernet operated at 10Mbps, and successfully supplanted competing
LAN technologies, such as Token Ring.
Ethernet has several benefits over other LAN technologies:
Simple to install and manage
Inexpensive
Flexible and scalable
Easy to interoperate between vendors
Up until two years ago, Ethernet networks were the most common networks on the
planet. With the boom of the Internet, other network types have grown rapidly, but
Ethernet still remains the easiest and most cost-effective networking topology.
Ethernet is usually installed as a bus or star architecture. The bus architecture is the
easiest to set up, as the wire runs from computer to computer and is terminated at
each end. The star architecture requires more cable and more work, but is easier to
troubleshoot. If a break occurs in the cable of a bus architecture, the network fails. If
a break occurs in the cable of a star architecture, only the network segment that
contains that break fails.
Ethernet is a passive network. All network traffic is delivered node-to-node. That
means the computers themselves transfer all the data, not hubs or routers. They
are also called CSMA/CD networks, or Carrier Sense Multiple Access with Collision

Detection. That means that two nodes cannot transmit at the same time. If two
nodes transmit data at the same time, the data collides and fails to transfer.
Therefore, Ethernet networks require the node to check for network activity before
sending data.

Figure: Ethernet Technology

IEEE 802 Standards

Standard

Description

802.0

SEC-IEEE Standards for Local and Metropolitan Area

Networks: Overview & Architecture
High Level Interface (HILI) Standard
Logical Link Control (LLC)
CSMA/CD
Token Bus
Token Ring
Metropolitan Area Network (MAN)
Broadband Technical Adv. Group (BBTAG)
Fiber Optic Technical Adv. Group (FOTAG)

802.1
802.2
802.3
802.4
802.5
802.6
802.7
802.8
802.9
802.10
802.11
802.12
802.14
802.15

Integrated Services LAN (ISLAN)

Standard for Interoperable LAN Security (SILS)
Wireless LAN (WLAN)
Demand Priority
Cable TV Based Broadband Communication Network
Wireless Personal Area Network (WPAN)

802.16
802.17

Broadband Wireless Access (BBWA)

RPRSG Resilient Packet Ring Group (RPRSG)

Ethernet LAN Standards

Ethernet LAN standards specify cabling and signaling at both the physical and data link layers of the OSI
model. This topic describes Ethernet LAN standards at the data link layer. The figure shows how
LAN protocols map to the OSI reference model.

Figure: Ethernet in OSI Model

The IEEE divides the OSI data link layer into two separate sub layers:
Logical Link Control (LLC):Transitions up to the network layer
Media Access Control (MAC):Transitions down to the physical layer

LLC Sublayer
The IEEE created the LLC sublayer to allow part of the data link layer to
functionindependently from existing technologies. This layer provides versatility in
services to thenetwork layer protocols that are above it, while communicating
effectively with the variety ofMAC and Layer 1 technologies below it. The LLC, as a
sublayer, participates in theencapsulation process.
An LLC header tells the data link layer what to do with a packet when it receives a
frame. Forexample, a host receives a frame and then looks in the frame header to
understand that thepacket is destined for the IP protocol at the network layer.

MAC Sublayer
The MAC sublayer deals with physical media access. The IEEE 802.3 MAC
specification defines MAC addresses, which uniquely identify multiple devices at the
data link layer. The MAC sublayer maintains a table of MAC addresses (physical
addresses) of devices. To participate on the network, each device must have a
unique MAC address.

The Role of CSMA/CD in Ethernet

Ethernet signals are transmitted to every host connected to the LAN, using a special
set of rules to determine which station can talk at any particular time. This topic
describes that set of rules.

Figure:Carrier Sense Multiple Access Collision Detection (CSMA/CD)

Ethernet LANs manage the signals on a network by Carrier Sense Multiple Access with Collision
Detection (CSMA/CD), which is an important aspect of Ethernet. The figure illustrates the CSMA/CD
process
In an Ethernet LAN, before transmitting, a computer first listens to the network
media. If the media is idle, the computer sends its data. After a transmission has
been sent, the computers on the network compete for the next available idle time
to send another frame. This competition for idle time means that no one station has
an advantage over another on the network.
Stations on a CSMA/CD LAN can access the network at any time. Before sending
data,CSMA/CD stations listen to the network to determine whether it is already in

use. If it is, theCSMA/CD stations wait. If the network is not in use, the stations
transmit. A collision occurswhen two stations listen for network traffic, hear none,
and transmit simultaneously (see thefigure). In this case, both transmissions are
damaged, and the stations must retransmit at somelater time. CSMA/CD stations
must be able to detect collisions to know that they mustretransmit.
When a station transmits, the signal is referred to as a carrier. The NIC senses the
carrier andconsequently refrains from broadcasting a signal. If there is no carrier, a
waiting station knowsthat it is free to transmit. This is the carrier sense part of the
protocol.
The extent of the network segment over which collisions occur is referred to as the
collision domain. The size of the collision domain has an impact on efficiency, and
therefore on data throughput.
In the CSMA/CD process, priorities are not assigned to particular stations, so all
stations on thenetwork have equal access. This is the multiple access part of the
protocol. If two or morestations attempt a transmission simultaneously, a collision
occurs. The stations are alerted ofthe collision, and they execute a backoff algorithm
that randomly schedules retransmission ofthe frame. This scenario prevents the
machines from repeatedly attempting to transmit at thesame time. Collisions are
normally resolved in microseconds. This is the collision detectionpart of the
protocol.
Carrier Sense - When a device connected to an Ethernet network wants to send
data it first checks to make sure it has a carrier on which to send its data (usually a
piece of copper cable connected to a hub or another machine).

Multiple Access - This means that all machines on the network are free to use
the network whenever they like so long as no one else is transmitting.

Collision Detection - A means of ensuring that when two machines start to

transmit data simultaneously, that the resultant corrupted data is discarded, and retransmissions are generated at differing time intervals.

Ethernet Addresses
The address used in an Ethernet LAN, which is associated with the network adapter,
is themeans by which data is directed to the proper receiving location. This topic
describes thespecific characteristics of an Ethernet address.

Figure: MAC Address (Bit Position)

The address that is on the network interface card (NIC) is the MAC addressoften
referred toas the burned-in address (BIA)and some vendors allow the modification
of this address tomeet local needs. There are two components of a 48-bit Ethernet
MAC address, as follows:

24-bit Organizational Unique Identifier (OUI): The OUI identifies

the manufacturer of the NIC card. The IEEE regulates the assignment of OUI
numbers. Within the OUI, there are 2 bits that have meaning only when
used in the destination address, as follows:
Broadcast or multicast bit: This indicates to the receiving interface
that the frame is destined for all or a group of end stations on the LAN
segment.
Locally administered address bit: Normally the combination of OUI
and a 24-bit station address is universally unique; however, if the
address is modified locally, this bit should be set.

24-bit vendor-assigned end station address: This uniquely identifies the

Ethernet

Figure: MAC Address Format

The MAC sublayer of the OSI data link layer handles physical addressing issues, and
the physical address is a number in hexadecimal format that is actually burned into
the NIC. This address is referred to as the MAC address and it is expressed as groups
of hexadecimal digits that are organized in pairs or quads, such as the following:

00:00:0c:43:2e:08 or 0000:0c43:2e08

Each device on a LAN must have a unique MAC address to participate in the
network. The MAC address identifies the location of a specific computer on a LAN.
Unlike other kinds of addresses used in networks, the MAC address should notbe
changed unless there is some specific need.

Transmission Media

STP and UTP: Similarities

Both STP and UTP cables consist of two wires. One wire carries an electrical signal.
The other wire is grounded and helps minimize noise. For both STP and UTP, a group
of more than one pairs is often collected into a single cable. Eight-strand and 25strand cables are common in communications wiring.

Characteristics of UTP
Unshielded twisted pair cable uses an insulator to protect twisted pairs. Although
the protective covering is helpful, it doesn't qualify as a shield against interference
in the same way as the metallic covering found on STP cable. UTP cable is generally
cheaper and its transmission speed is faster than that of STP.

Figure: UTP and STP Cable

Characteristics of STP
Shielded twisted pair cable adds multiple layers of protection from interference. A
metallic shield covers each pair of cables in a given connection. Each pair of cables
is then placed inside another metallic shield. An additional grounded wire is also
often added to improve the effects of shielding. Although these multiple layers of
protection can greatly benefit signal clarity, improper grounding of the shields can

cause the shields to actually pick up unwanted signals and make clarity issues
worse. Installation of STP cables requires greater technical knowledge, and the
technology is more expensive than UTP.
The more common transmission media are twisted pair and fiber optics. Categories
defined under twisted pair support transmission over various distances and data
rates. The most common UTP cable in the enterprise network are Category 5,
Category 5e, Category 6, Category 6a and Category 7, which supports 10 Mbps to
10 Gbps rates.

Figure: Ethernet Cable

Ethernet over Twisted-Pair Cabling

Ethernet technology standards are the responsibility of the IEEE 802.3 working
group. This group is responsible for evaluating and eventually approving Ethernet
specifications as new Ethernet technologies are developed such as Gigabit and
10Gigabit Ethernet. Although this group defines the standards for Ethernet, it looks
to other established standards organizations to define the specifications for physical
cabling and connectors. These organizations include the American National
Standards Institute (ANSI), Engineering Industry Association (EIA), and
Telecommunications Industry Association (TIA). The TIA/EIA published specifications
for twisted-pair cabling are found in the TIA/EIA-568-B specification document.
The more common forms of cabling are unshielded twisted-pair (UTP) and optical
fiber. Twisted pair cable comes in a variety of forms. The most common categories
in today's networks are the following:

Category 1

Category 2

Category 3

Category 5

Category 5e

Category 6

Category 6a

Category 7

Category 1
CAT 1, or Category 1, cable is best suited for telephone communications. It is not
suitable for data transmission or Ethernet data work usage. It is mostly used for onpremises wiring.

Category 2
Category 2, or CAT 2, cables are capable of data transmission of up to 4 Mbps. It is a
Level 2 cable and was used on ARCnet and token ring networks sometime ago. Like
CAT 1, CAT 2 is not suitable for Ethernet data work usage.

Cat 3 Cable
Category 3 Cable, or Cat 3, is an older iteration of Ethernet cables that is limited to
10 Mbps (megabits per second). Cat 3 cables are not widely used outside of VOIP
(Voice-Over Internet Protocol) and other voice solutions. Cat 3 cables have an issue
with cross-talk and interference and were quickly replaced with high quality cables
as a standard. Category 3 was initially designed as voice grade cable and is capable
of handling transmissions using up to 16 MHz

Category 4
Category 4, or CAT 4, is an unshielded, twisted pair that supports transmission up to
20MHz. It is reliable for transporting data over CAT 3 and can transmit data up to a
speed of 16 Mbps. It is mostly used in token ring networks.

Cat 5 Cable

Cat 5 was the widely used successor to Cat 3 cable. Cat 5 allows for 10/100 Mbps.
Ethernet connections. The way the cable was wrapped changed from Cat 3 to Cat 5
to not allow as many twists per foot. This reduced the amount of interference.
Category 5 is capable of handling transmissions up to 100 MHz

Cat 5e Cable
Cat 5e is an enhanced version of Cat 5 cabling. Cat 5e will allow for 10/100/1,000
Mbps. Ethernet connections. Gigabit Ethernet (1,000 Mbps.) is widely used in both
homes and business applications. Due to its lower price point versus higher end
cables, Cat 5e is the most common type of cable sold in stores. Most prebuilt cables
will be of Cat 5e design. Category 5E is an improved version of Category 5; while
still limited to 100 MHz, Category 5E defines performance parameters sufficient to
support 1000BASE-T operation.

Cat 6 Cable
Cat 6 cable is very similar to Cat 5e; however, it is not as popular. Unless the
network is running at close to full speed, a Cat 6 cable will not show much benefit
over a Cat 5e cable. Cat 6 cables have thicker wires than Cat 5e, but are made the
same way. Category 6 provides the best possible performance specification for UTP
cabling. Category 6 specifies much stricter requirements for cabling than Category
5 and 5E. Category 6 is capable of handling transmissions up to 250MHz.

Category 7
Category 7, or CAT 7, is another proposed standard that supports transmission up to
600MHz. CAT 7 is a standard 10G Ethernet copper cable that is over 100 meters. It
is backward compatible with CAT 5 and CAT 6 and has more stringent rules than CAT
6 for system noise and cross talk.

Unshielded Twisted Pair (UTP) Cabling Standards

Category
Name

Usage

Cat 1

POTS telephone communications, ISDN and doorbell wiring

Cat 2

4 Mbit/s token ring networks

Cat 3

Data networks utilizing frequencies up to 16 MHz, popular for 10

Mbit/s Ethernet networks

Cat 4

Provides performance of up to 20 MHz, frequently used on 16

Mbit/s token ring networks

Cat 5

Provides performance of up to 100 MHz, frequently used on 100

Mbit/s Ethernet networks; may be unsuitable for 1000BASE-T
gigabit Ethernet

Cat 5e

Provides performance of up to 100 MHz, frequently used for

both 100 Mbit/s and 1000BASE-T gigabit ethernet networks

Cat 6

Provides performance of up to 250 MHz (more than double the

performance of category 5 and 5e)

Cat 6a

Cat 7

Future specification for 10 Gbit/s applications

Designed for transmission at frequencies up to 600 MHz. Future

specification for 10 Gbit/s applications

Table: Unshielded Twisted Pair (UTP) cables usages

About Ethernet Cables

A standard Ethernet cable contains four pairs of wires, with one pair used for
transmitting, one pair for receiving and two extra pairs. The extra pairs are either
unused, configured to carry telephone signals, or used to supply power to remote
network devices using Power over Ethernet. Different grades are available, such as
"Cat 5" which is used for 10/100Mb Ethernet connections, and "Cat 5e," which can
also handle Gigabit Ethernet speeds. You can find the grade by looking at the
printed markings on the cable, with most cables conforming to the "Cat 5e"
specification.

Straight-thru, Crossover, and Rollover Cables

There are several IEEE 802.3 standards that define Ethernet transfer over Category
5 (or higher) UTP cabling. The most common of these are 802.3 10Base-T, 802.3u
100Base-TX (Fast Ethernet), and 802.3ab 1000Base-T (Gigabit Ethernet). Although
not defined by the IEEE, these standards are accompanied by the EIA/TIA-568-A and
EIA/TIA-568-B specifications to standardize an ordered color code for termination
which is practiced by the majority of the telecommunications industry.

Figure: Using Straight & Cross Cable

Straight through cable

A patch cable (also called a straight through cable) is configured with all 8 wires in
the same order on both ends of the cable. There are two standard wiring
configurations used for patch cables. They are 568A and 568B. Either configuration
can be used, so long as the same configuration is used at both ends of the cable.

Use a straight-through cable when:

1.
2.
3.
4.
5.

Connecting
Connecting
Connecting
Connecting
Connecting

a
a
a
a
a

router to a hub
router to a Switch
computer to a switch
computer to a hub
Switch to hub

With 568A:
Pin 1 White/Orange
Pin 2 Orange White
Pin 3 White/Green
Pin 4 Blue/White
Pin 5 White/Blue
Pin 6 Green/White
Pin 7 White/Brown
Pin 8 Brown/White

With 568B:
Pin 1 White/Green
Pin 2 Green/White
Pin 3 White/Orange
Pin 4 Blue/White
Pin 5 White/Blue
Pin 6 Orange/White
Pin 7 White/Brown

Figure: Straight-Through Cable Color Code

The above example of a straight-thru pinout is using the 568A/568B standards but
we could have just as easily used the 568A/568B standards on both ends. Actually
most of the industry uses 568B although the military uses 568A. It doesnt matter
as long as both ends have the same pinout. You could even make your own color
order if you choose but this is certainly not recommended.

Most networking equipment nowadays support automatic medium-dependent

interface crossover (Auto-MDIX) which is a technology intelligent enough to
determine the cable type used and cross or uncross the signals internally as
needed. A crossover cable is made by terminating one end using the 568A standard
and terminating the other end using the 568B standard as shown below.

Cross over cable

Crossover cables are very similar to straight-through cables, except that they have
pairs of wires that crisscross. This allows for two devices to communicate at the
same time. Unlike straight-through cables, we use crossover cables to connect
likedevices (Same OSI Layer).

Use a crossover cable when:

1.
2.
3.
4.

Connecting
Connecting
Connecting
Connecting

a
a
a
a

computer to a router
computer to a computer
router to a router
switch to a switch

5. Connecting a hub to a hub

A cross over cable is configured with 4 of the wires in the same order on each end.
The other four wires are crossed (hence the name). One end gets wired with the
568A configuration, while the other gets wired with the 568B configuration.

First End:
Second End:
Pin
Pin
Pin
Pin
Pin
Pin
Pin
Pin

1
2
3
4
5
6
7
8

White/Orange
Orange White
White/Green
Blue/White
White/Blue
Green/White
White/Brown
Brown/White

Pin
Pin
Pin
Pin
Pin
Pin

1
2
3
4
5
6

White/Green
Green/White
White/Orange
Blue/White
White/Blue
Orange/White

Figure: Cross Cable Color Code

Figure: Cat5 Cable Termination

Rollover cable
Rollover cables, like other cabling types, got their name from how they are wired.
Rollover cables essentially have one end of the cable wired exactly opposite from
the
other.
This
essentially
rolls
over
the wires- but why would we need to do such a thing? Rollover cables, also called
Yost cables, usually connect a device to a router or switchs console port. This allows
a programmer to make a connection to the router or switch, and program it as
needed.

Figure: Rollover Cable Color Code

Fiber Optic Cabling

Fiber Optics, also called optical fibers, are microscopic strands of very pure glass
with about the same diameter of a human hair. Thousands of these optical fibers are
arranged in bundles in optical cables and are used to transmit light signals over
long distances. The bundles are protected by a jacket, which is the cable's outer
covering.
The single optical fiber consists of the core which is the thin glass center of the fiber
where the light travels, the outer optical material that surrounds the core and
reflects the light back into it is the cladding, and the plastic coating that protects
the fiber from moisture and damage is the buffer coating.
Single-mode and multi-mode are the two types of optical fibers. The single-mode,
used for long distances, has small cores and transmits infrared laser light. The

multi-mode, normally used for short distances, has large cores and transmits
infrared light.

Figure: Optical Fiber Core and Clading

Figure: Single mode vs Multimode Fiber

If the diameter of the core of the fiber is large enough so that there are many
paths that light can take through the fiber, the fiber is called multimode
fiber.
Single-mode fiber has a much smaller core that only allows light rays to travel
along one mode inside the fiber.

Figure: Multimode vs Single Mode Core Diameter

Transmitting/Receiving Devices

Figure: Optical Fiber Transmission system

Figure: Optical Fiber Connector

Power over Ethernet (PoE)

Power over Ethernet (PoE) allows both data and power to be sent across the
same twisted-pair cable, eliminating the need to provide separate power
connections. This is especially useful in areas where installing separate power might
be expensive or difficult.
PoE can be used to power many devices, including:

Voice over IP (VoIP) phones

Security cameras
Wireless access points
Thin clients

PoE was originally formalized as 802.3af, which can provide roughly 13W of power
to a device. 802.3at further enhanced PoE, supporting 25W or more power to a
device.
Ethernet, Fast Ethernet, andGigabit Ethernet all support PoE. Power can be sent
across either the unusedpairs in a cable, or the data transmission pairs, which is

referred to as phantom power. Gigabit Ethernet requires the phantom power

method, as it uses all eight wires in a twisted-pair cable.
The device that providespower is referred to as the Power Source Equipment
(PSE). PoE can be supplied using an external power injector,though each
powered device requires a separate power injector.
More commonly, an 802.3af-compliant network switch is used to providepower
to many devices simultaneously. The power supplies in the switchmust be large
enough to support both the switch itself, and the devices it ispowering.

Figure: Power over Ethernet Example

Ethernet LAN Segments

Segment length is an important consideration when using Ethernet technology in a
LAN. This topic describes segments and their limitations.

Figure: Segment
A segment is a network connection made by a single unbroken network cable.
Ethernet cables and segments can span only a limited physical distance, beyond
which transmissions will become degraded because of line noise, reduced signal
strength, and failure to follow the Carrier Sense Multiple Access with Collision
Detection (CSMA/CD) specifications for collision detection. Cable type, data rate,
and modulation technique affect the maximum segment length.

Any device that operates at Layer 1 of the Open Systems Interconnection (OSI)
model will not terminate the Ethernet segment of the LAN, because Layer 1 devices
only repeat the electrical signals.

Extending a LAN Segment

You can add devices to an Ethernet LAN to extend segments. This topic describes
how adding repeaters or hubs can overcome the distance limitation in an Ethernet
LAN.

Figure: LAN Extended with Hub

A repeater is a physical-layer device that takes a signal from a device on the
network and actsas an amplifier. Adding repeaters to a network extends the
segments of the network so data can be communicated successfully over longer
distances. There are, however, limits on the numberof repeaters that can be added
to a network.
A hub, which also operates at the physical layer, is similar to a repeater. When a
hub receives atransmission signal, it amplifies the signal and retransmits it. Unlike a
repeater, however, a hubcan have multiple ports to connect to a number of network
devices; therefore, a hub retransmitsthe signal to every port to which a workstation
or server is connected. Hubs do not read any of the data passing through them, and
they are not aware of the source or destination of the frame.Essentially, a hub
simply receives incoming bits, amplifies the electrical signal, and transmitsthese
bits through all of its ports to the other devices on the network.
A hub extends, but does not terminate, an Ethernet LAN. The bandwidth limitation
of a shared technology remains. Although each device has its own cable that
connects into the hub, all users of a given Ethernet segment compete for the same
amount of bandwidth.

Collision Domains

Figure: Collision Domain

In expanding an Ethernet LAN to accommodate more users with more bandwidth
requirements, you can create separate physical network segments, called collision
domains, so collisions are limited to a domain rather than the entire network. This
topic describes collision domains.
In traditional Ethernet segments, the network devices compete for the same
bandwidth, withonly one device being able to transmit data at a time. The network
segments that share the samebandwidth are known as collision domains, because
when two or more devices within thatsegment try to communicate at the same
time, collisions may occur.
It is possible, however, to use other network devices operating at Layer 2 and above
of the OSImodel to divide a network into segments and reduce the number of
devices that are competingfor bandwidth. Each new segment, then, results in a new
collision domain. More bandwidth isavailable to the devices on a segment, and
collisions in one collision domain do not interferewith the working of the other
segments.
The broadcast domain is another key concept. The filtering of frames based on their
MediaAccess Control (MAC) addresses done by switches does notextend to filtering
broadcastframes. By their very nature, broadcast frames mustbe forwarded;
therefore, a collection ofinterconnected switches forms a single broadcast domain. It
takes a Layer 3 entity, such as arouter, to terminate a Layer 2 broadcast domain.

IP Addressing and Subnetting

Introduction
There are various aspects to IP addressing, including calculations for constructing
an IP address, classes of IP addresses designated for specific routing purposes, and
public versus private IP addresses. There are also two different types of IP
addresses: IP version 4 (IPv4) and IP version 6 (IPv6). The 32-bit IPv4 address type is

currently the most common, but the 128-bit IPv6 address is also in use, and will
probably become the more common address type over time. This lesson describes
32-bit IPv4 addressing, except where IPv6 is explicitly identified.
An IP address is a numeric identifier assigned to each machine on an IP network. It
designates the specific location of a device on the network.

Terminology

Bit - A bit is one digit, either a 1 or a 0.

Byte - A byte is 8 bits.

Octet - An octet, made up of 8 bits, is just an ordinary 8-bit binary number.

Network address - This is the designation used in routing to send packets

to a remote network - for example, 10.0.0.0, 172.16.0.0, and 192.168.1.0.

Broadcast address - The address used by applications and hosts to send

information to all nodes on a network is called the broadcast address.
Examples include 255.255.255.255, which is all networks, all nodes;
172.16.255.255, which is all subnets and hosts on network 172.16.0.0; and
10.255.255.255, which broadcasts to all subnets and hosts on network
10.0.0.0.

An IP address consists of 32 bits of information. These bits are divided into four
sections, referred to as octets or bytes, each containing 1 byte (8 bits). You can
depict an IP address using one of three methods:

Dotted-decimal, as in 172.20.18.125

Binary, as in 10101100.00010100.00010010.01111101

The 32-bit IP address is a structured or hierarchical address, as opposed to a flat or

nonhierarchical address. Although either type of addressing scheme could have
been used, hierarchical addressing was chosen for a good reason. The advantage of
this scheme is that it can handle a large number of addresses, namely 4.3 billion (a
32-bit address space with two possible values for each position - either 0 or 1 - gives
you 232, or 4,294,967,296).

Logical Addressing
Logical addressing is a function of the network layer of the OSI Model (Layer3).Logical addresses, unlike hardware addresses, provide a hierarchicalstructure to
separate networks. A logical address identifies not only a uniqueHost ID, but also
the network that host belongs to. Additionally, logicaladdresses are rarely hardcoded onto hosts, and can be changed freely.Two common logical addressing
protocols are IPX (Internetwork PacketExchange) and IP (Internet Protocol).

IPX was predominantly used onNovell networks, but is mostly deprecated. IP is the
most widely-usedlogical address today.

Internet Protocol (IP)

IP was developed by the Department of Defense (DoD) during the late1970s. It was
included in a group of protocols that became known as theTCP/IP protocol suite.
IP provides two core functions:
o
o

Logical addressing of hosts

Routing of packets between networks.

IP has undergone several revisions. IP Version 4 (IPv4) is currently in widespread

deployment, but will eventually be replaced with IP Version 6 (IPv6). This guide will
concentrate on IPv4, and IPv6 will be covered extensively in a separate guide.

Figure: IPv4 Header

IP Addressing Rules
It is a 32 bit dotted decimal number with 4 octets, each octet of 8 bits.
It is divided into two portions, Network and host portion
IP addresses must be unique in a network
32 bits divided into 4 octets
Each octet has a decimal value range of 0 to 255.
The network portion cannot be all 0s nor all 1s
The first octet cannot be 127 (network), this is reserved for loopback
The host portion cannot be all 0s this defines the network address
The host portion cannot be all 1s this defines a broadcast in that particular
network
The IP address 255.255.255.255 defines a general broadcast
Although IP addresses are stored as binary numbers, they are usually
displayed in human-readable notations, such as 208.77.188.166 (for IPv4)

 The original designers of TCP/IP defined an IP address as a 32-bit number and

this system, now named Internet Protocol Version 4 (IPv4), is still in use today.

IPv4 Addressing
One of IPs core functions is to provide logical addressing for hosts. An IPaddress
provides a hierarchical structure to separate networks. Consider thefollowing
address as an example:

158.80.164.3

An IP address is separated into four octets:

First Octet

Second Octet Third Octet Fourth Octet

158

.80

.164

3
Each octet is 8 bits long, resulting in a 32-bit IP address. A computerunderstands
an IP address in its binary form; the above address in binarywould look as follows:

First Octet Second Octet

10011110

Third Octet
.01010000

Fourth Octet
.10100100

00000011

IP Address Classes
To accommodate different sizes of networks and aid in classifying them, IP
addresses are divided into categories called classes. This topic describes the IP
address classes and the structure of the IP addresses within them.
Assigning IP addresses to classes is known as classfull addressing. The classes were
determinedduring the early days of the Internet by the Internet Assigned Numbers
Authority (IANA).Each IP address is broken down into a network ID and the host ID.
In addition, a bit or bitsequence at the start of each address determines the class of
the address. The figure shows threeof the five IP address classes, which are used
LAN, MAN and WAN as follows:

Table: IP Address Class

Table: Network Part and Host Part of IPv4

Class A IP addresses
The Class A address uses only the first octet (8 bits) of the 32-bit number to
indicate thenetwork address. The remaining three octets of the 32-bit number are
used for host addresses.The first bit of a Class A address is always 0. Since the
first bit is a 0, the lowest number that can be represented is 00000000 (decimal 0),
and the highest number that can be represented is01111111 (decimal 127).
However, these two network numbers, 0 and 127, are reserved andcannot be used
as network addresses. Any address that starts with a value between 1 and 126
inthe first octet of the 32-bit number is a Class A address.
Example of a Class A address:
Address: 64.32.254.100
Subnet Mask: 255.0.0.0

Class B IP addresses
The Class B address uses two of the four octets (16 bits) to indicate the network
address. Theremaining two octets specify host addresses. The first 2 bits of the first
octet of a Class Baddress are always binary 10. Starting the first octet with binary
10 ensures that the Class Bspace is separated from the upper levels of the Class A
space. The remaining 6 bits in the firstoctet may be populated with either 1s or 0s.
Therefore, the lowest number that can be represented with a Class B address is
10000000 (decimal 128), and the highest number that canbe represented is
10111111 (decimal 191). Any address that starts with a value in the range of128
to 191 in the first octet is a Class B address.
Example of a Class B address:
Address: 152.4.12.195
Subnet Mask: 255.255.0.0

Class C IP addresses
In a Class C address, the first three octets (24 bits) of the IP address identify the
networkportion, with the remaining octet reserved for the host portion. A Class C
address begins withbinary 110. Therefore, the lowest number that can be
represented is 11000000 (decimal 192),and the highest number that can be
represented is 11011111 (decimal 223). If an addresscontains a number in the
range of 192 to 223 in the first octet, it is a Class C address.
Example of a Class C address:
Address: 207.79.233.6

Subnet Mask: 255.255.255.0

Class D IP addresses
Class D IP addresses are known as multicast IP addresses. Multicasting is a
technique developed to send packets from one device to many other devices,
without any unnecessary packet duplication. In multicasting, one packet is sent
from a source and is replicated as needed in the network to reach as many endusers as necessary. You cannot assign these IP addresses to your devices.
Four left most bits of the left most octet of a "Class D" network is reserved as
"1110". The other 28 bits are used to identify the group of computers the multicast
message is intended for.
The minimum possible value for the left most octet in binaries is 11100000
(decimal equivalent is 224) and the maximum possible value for the leftmost octet
is 11101111 (decimal equivalent is 239). Therefore for a "Class D" IP address,
leftmost octet must have a rangebetween 223 to 239.
Example of a Class D Multicast address:
Multicast Address: 224.0.0.9 for RIPv2
Multicast Address: 224.0.0.10 for EIGRP

Class E IP addresses
Class E is used for experimental purposes only and you cannot assign these IP
addresses to your devices.Four left most bits of the left most octet of a "Class E"
network is reserved as "1111".
The minimum possible value for the left most octet in binaries is 11110000
(decimal equivalent is 240) and the maximum possible value for the leftmost octet
is 11111111 (decimal equivalent is 255). Therefore for a "Class E" IP address,
leftmost octet must have a value between 240-255.

Network Address
An IP address that has binary 0s in all host bit positions is reserved for the network
address. Therefore, as a Class A network example, 10.0.0.0 is the IP address of the
network containing the host 10.1.2.3. As a Class B network example, the IP
address 172.16.0.0 is a network address, while 192.16.11.0 would be a Class C
network. A router uses the network IP address when it searches its IP route table for
the destination network location. The decimal numbers that fill the first two octets
in a Class B network address are assigned. The last two octets contain 0s because
those 16 bits are for host numbers and are used for devices that are attached to the
network. In the IP address 172.16.0.0, the first two octets are reserved for the
network address; it is never used as an address for any device that is attached to it.
An example of an IP address for a device on the 172.16.0.0 network would be
172.16.16.1. In this example, 172.16 is the network address portion and 16.1 is
the host address portion.

Private vs Public Addresses

The rapid growth of the Internet resulted in a shortage of IPv4 addresses.

Inresponse, the powers that be designated a specific subset of the IPv4 address
space to be private, to temporarily alleviate this problem.
A public address can be routed on the Internet. Thus, devices that should be
Internet accessible (such as web or email servers) must be configured with public
addresses.A private address is only intended for use within an organization, and
cannever be routed on the internet. Three private addressing ranges were allocated,
one for each IPv4 class:

Class A - 10.0.0.0 10.255.255.255

Class B - 172.16.0.0 172.16.255.255
Class C - 192.168.0.0 192.168.255.255

NAT (Network Address Translation)

NATis used to translate between privateaddresses and public addresses. NAT allows
devices configured with aprivate address to be stampedwith a public address, thus
allowing thosedevices to communicate across the Internet. NAT is covered in-depth
later in this course.

Figure: Simple NAT Topology

Directed Broadcast Address

To send data to all the devices on a network, a broadcast address is used. Broadcast
IPaddresses end with binary 1s in the entire host part of the address (the host
field).For the network in the example (172.16.0.0), in which the last 16 bits make
up the host field (orhost part of the address), the broadcast that would be sent out
to all devices on that networkwould include a destination address of
172.16.255.255.The directed broadcast is capable of being routed. However, for
some versions of the Cisco IOSoperating system, routing directed broadcasts is not
the default behavior.

Limited/Local Broadcast Address

If an IP device wants to communicate with all devices on the local network, it sets
thedestination address to all 1s (255.255.255.255) and transmits the packet. For
example, hoststhat do not know their network number and are asking some server
for it may use this address.The local broadcast is never routed.

Local Loopback Address

A local loopback address is used to let the system send a message to itself for
testing. A typical local loopback IP address is 127.0.0.1.

Auto configuration IP Addresses

When neither a statically nor a dynamically configured IP address is found on
startup, thosehosts supporting IPv4 link-local addresses will generate an address in
the169.254/16 prefix range. This address can be used only for local network
connectivity andoperates with many caveats, one of which is that it will not be
routed. You will mostly see thisaddress as a failure condition when a PC fails to
obtain an address via DHCP.

Network ID
The network portion of an IP address is also referred to as the network ID, which is
importantbecause most hosts on a network can directly communicate only with
devices in the samenetwork. If the hosts need to communicate with devices that
have interfaces assigned to someother network ID, there must be a network device
that can route data between the networks.This is true even when the devices share
the same physical media segment.A network ID enables a router to put a packet
onto the appropriate network segment. The hostID helps the router deliver the
Layer 2 frame encapsulating the packet to a specific host on thenetwork. As a
result, the IP address is mapped to the correct MAC address, which is needed bythe
Layer 2 process on the router to address the frame.

Host ID
Each class of a network allows a fixed number of hosts. In a Class A network, the
first octet isassigned to the network, leaving the last three octets to be assigned to
hosts. The first hostaddress in each network (all 0s) is reserved for the actual
network address, and the final hostaddress in each network (all 1s) is reserved for
broadcasts. The maximum number of hosts in aClass A network is 224 2
(subtracting the network and broadcast reserved addresses), or16,777,214.In a
Class B network, the first two octets are assigned to the network, leaving the final
twooctets to be assigned to hosts. The maximum number of hosts in a Class B
network is 216 2, or65,534.In a Class C network, the first three octets are
assigned to the network. This leaves the finaloctet to be assigned to hosts, so the
maximum number of hosts is 28 2, or 254.

What is Subnet Mask?

An IP address has two components, the network part and the host part. Really, IP
address is a combination of IP address and Subnet mask and the purpose of subnet
mask is to identify which part of an IP address is the network part and which part is
the host part. Subnet mask is also a 32 bit number where all the bits of the network
part are represented as "1" and all the bits of the host part are represented as "0".
If we take an example for a Class C network, 192.168.10.0, the address part and
the subnet mask can be represented as below:
Component

Binary

Decimal

Address Part

11000000.10101000.00001010.
00000000

192.168.10.0

Subnet Mask

11111111.11111111.11111111.
0000000

255.255.255.0

Table: Subnet Mask Example

For a Class C IP address, the first three octets are used to represent the Network
part and the last octet is used to represent the host part. From the above table, we
can see all "1" in the network part and all "0" in the host part. When this subnet
mask is converted to a decimal, it will become 255.2555.255.0.

Understanding Wild Card Masks

A wild card mask matches (wildly with a zero) everything in the network portion of
an ip address. As we dive into how this works it will becomes a bit more clear
exactly how a wild card mask works and how we can use it.

The Rules

So there are two basic rules of a wild card mask.

0-bit = match
1-bit = ignore

The Target

What can wild card masks target?

A single host (or a single IP address)

An entire network (i.e, Class A, B, or C)
An entire subnet
A range of IP addresses

Targeting a Single Host

To target a single host with a wild card means that every bit within the IP address of
the host must match. The bit that means we are matching is a zero (0-bit). So a
wild card mask for a host would be -- 0.0.0.0

Targeting an Entire Network

To target an entire network means that every bit within the NETWORK portion of the
IP address must match. All others we can ignore. So for a Class-C network (i.e.,
192.168.1.0) the wild card mask would be -- 0.0.0.255

Targeting a Subnet

To target a particular subnet (not classfull) we will still need to match on every bit
on the NETWORK portion, however now we need to find the proper bit boundary in
the last octet used by our network. So for example we need to find the wild card
mask for the network 192.168.1.128/25. The easiest way to do this is to simply
subtract
the
subnet
mask
(255.255.255.128)
from
255.255.255.255.
255.255.255.255 minus 255.255.255.128 equals a wild card mask of -- 0.0.0.127

Targeting a range of IP address

To target a range of IP address is where we begin to see how the wild card mask is
different from just a reverse of a subnet mask. The same rules apply 0-match, 1ignore. If we have a range of 192.168.0.0 through 192.168.1.255 we can match at
the 23rd bit. This would allow only the two networks to be targeted. The wild card
mask would be 0.0.1.255
Writing this out in binary helps. We know we want to match on the entire 1st and
2nd octets. That part is easy - both are zero's. Its the third octet that is the trick.
Lets break that third octet out in binary.

192 168.0. Binary --------- 00000000

192.168.1. Binary ---------- 00000001

If you look here the bit we want to match on is the 23rd bit. The subnet mask for a
slash 23 is 255.255.254.0. We then subtract it from 255.255.255.255 to get our
wild card which is 0.0.1.255.

IP Class

Default Subnet Mask

Default wildcard
Mask

Class A

255.0.0.0

0.255.255.255

Class B

255.255.0.0

0.0.255.255

Class C

255.255.255.0

0.0.0.255

Table: DefaultSubnet Mask& Wildcard Mask List

The Boolean AND Operation

George Boole, a mathematician who lived in the 1800s, created a branch of
mathematics that came to be called Boolean math after its creator. Boolean math
has many applications in computing theory. In fact, you can find subnet numbers
given an IP address and subnet mask using a Boolean AND.
A Boolean AND is a math operation performed on a pair of one-digit binary
numbers. The result is another one-digit binary number. The actual math is even
simpler than those first two sentences! The following list shows the four possible
inputs to a Boolean AND, and the result:

0 AND 0 yields a 0

0 AND 1 yields a 0

1 AND 0 yields a 0

1 AND 1 yields a 1

You can perform a Boolean AND on longer binary numbers, but you are really just
performing an AND on each pair of numbers. For instance, if you wanted to AND
together two four-digit numbers, 0110 and 0011, you would perform an AND on the
first digit of each number and write down the answer. Then you would perform an
AND on the second digit of each number, and so on, through the four digits.

(ANDing)

0 0 1 1
----------0 0 1 0

When you Boolean AND together two longer binary numbers, you perform what is
called a bitwise Boolean AND. This term simply means that you do what the
previous example shows: You AND together the first digits from each of the two
original numbers, and then the second digits, and then the third, and so on, until
each pair of single-digit binary numbers has been ANDed.
IP subnetting math frequently uses a Boolean AND between two 32-bit binary
numbers. The actual operation works just like the next example:

What is Default gateway?

Its the Entry and Exit point of the network.
a. Its the LAN/Ethernet IP address of a router.
b. IP address and the default gateway should be in the same network.
c. The default gateway is used only to communicate with other/foreign.

What is CIDR?
Classless Inter-Domain Routing (CIDR) merges or combine network addresses
of sameclass into one single address to reduce the size of the routing table. It is
done on core router to reduce the size of routing table. It is implemented by ISP
(internet service providers).CIDR is simplified method of representing a subnet
mask. CIDR identifies the number of binary bits set to a 1 (or on) in a subnet mask,
preceded by a slash.
Consider the following subnet mask: 255.255.255.240
Looking
at
the
above
subnet
binary:11111111.11111111.11111111.11110000

mask

in

The first 28 bits of the above subnet mask are set to 1. To represent this inCIDR
notation: /28
Consider this next example:
192.168.11.1 255.255.255.0
The above address/subnet
CIDR:192.168.11.1 /24

mask

can

be

represented

as

follows

CIDR values:
CIDR

Subnet Mask

Wildcard
Mask

No of IPs

using

/32

255.255.255.255

0.0.0.0

/31

255.255.255.254

0.0.0.1

/30

255.255.255.252

0.0.0.3

/29

255.255.255.248

0.0.0.7

/28

255.255.255.240

0.0.0.15

16

/27

255.255.255.224

0.0.0.31

32

/26

255.255.255.192

0.0.0.63

64

/27

255.255.255.128

0.0.0.127

128

/24

255.255.255.0

0.0.0.255

256

/23

255.255.254.0

0.0.1.255

512

/22

255.255.252.0

0.0.3.255

1,024

/21

255.255.248.0

0.0.7.255

2,048

/20

255.255.240.0

0.0.15.255

4,096

/19

255.255.224.0

0.0.31.255

8,192

/18

255.255.192.0

0.0.63.255

16,384

/17

255.255.128.0

0.0.127.255

32,768

/16

255.255.0.0

0.0.255.255

65,536

/15

255.254.0.0

0.1.255.255

131,072

/14

255.252.0.0

0.3.255.255

262,144

/13

255.248.0.0

0.7.255.255

524,288

/12

255.240.0.0

0.15.255.255

1,048,576

/11

255.224.0.0

0.31.255.255

2,097,152

/10

255.192.0.0

0.63.255.255

4,194,304

/9

255.128.0.0

0.127.255.255

8,388,608

/8

255.0.0.0

0.255.255.255

16,777,216

/7

255.0.0.0

1.255.255.255

33,554,432

/6

255.0.0.0

3.255.255.255

67,108,864

/5

255.0.0.0

7.255.255.255

134,217,728

/4

255.0.0.0

15.255.255.25
5

268,435,456

/3

255.0.0.0

31.255.255.25
5

536,870,912

/2

255.0.0.0

63.255.255.25
5

1,073,741,824

/1

255.0.0.0

127.255.255.2
55

2,147,483,648

/0

0.0.0.0

255.255.255.2
55

4,294,967,296

Table: IPv4 CIDR Notation Table

The figure shows the usage of CIDR multiple routes to multiple Class C networks
are grouped into a single route, which can reduces the size of ISP 2, ISP 3, and ISP 4
routing tables.

Figure:Classless Inter-Domain Routing (CIDR)

Without using CIDR, all ISPs routing tables would have a separate route to
each of 216 Class C networks that begin with 198. By implementing CIDR, a
single route to 198.0.0.0/8 is sufficient to route all networks whose IP
addresses begin with 198 to ISP 1. CIDR helps Internet routers to reduce the
size of their routing tables by reducing the number of entries in the routing
tables.

CIDR is an extension to VLSM and route summarization. It is also referred to

as prefix routing.

Subnetting

It is the process of breaking down an IP network into smaller sub-networks

called subnets.

It is essentially the modification of a single IP network to create two or more

logically visible sub-networks.

It changes the subnet mask of the local network number to produce an even
number of smaller network numbers, each with a corresponding range of IP
addresses.

Review of IPv4
The table below summarizes the possible network numbers, the total number of
each type, and the number of hosts in each Class A, B, and C network.
Default subnet mask

Range

Class A

255.0.0.0 (/8)

1.0.0.0 126.255.255.255

Class B

255.255.0.0 (/16)

128.0.0.0 191.255.255.255

Class C

255.255.255.0 (/24)

192.0.0.0 223.255.255.255

Table 1 Default subnet mask & range of each class

Class A addresses begin with a 0 bit. Therefore, all addresses from 1.0.0.0 to
126.255.255.255 belong to class A (1=0000 0001; 126 = 0111 1110).
The 0.0.0.0 address is reserved for default routing and the 127.0.0.0 address
is reserved for loopback testing so they dont belong to any class.
Class B addresses begin with a 1 bit and a 0 bit. Therefore, all addresses from
128.0.0.0 to 191.255.255.255 belong to class B (128=1000 0000; 191 =
1011 1111).
Class C addresses begin with two 1 bits and a 0 bit. Class C addresses range
from 192.0.0.0 to 223.255.255.255 (192 = 1100 0000; 223 = 1101 1111).
Class D & E are used for Multicast and Research purposes and we are not
allowed to subnet them so they are not mentioned here.
Note: The number behind the slash notation (/) specifies how many bits are turned
on (bit 1). For example:

/8 equals 1111 1111.0000 0000.0000 0000.0000 0000 -> 8 bits are

turned on (bit 1)

 /12 equals 1111 1111.1111 0000.0000 0000.0000 0000 -> 12 bits are
turned on (bit 1)
/28 equals 1111 1111.1111 1111.1111 1111.1111 0000 -> 28 bits
are turned on (bit 1)
/32 equals 1111 1111.1111 1111.1111 1111.1111 1111 -> 32 bits
are turned on (bit 1) and this is also the maximum value because all bits are
turned on.
The slash notation (following with a number) is equivalent to a subnet mask. If you
know the slash notation you can figure out the subnet mask and vice versa. For
example, /8 is equivalent to 255.0.0.0; /12 is equivalent to 255.240.0.0; /28
is equivalent to 255.255.255.240; /32 is equivalent to 255.255.255.255.

The Network & Host parts of each class by default

From the default subnet mask shown above, we can identify the network and host
part of each class. Notice that in the subnet mask, bit 1 represents for Network part
while bit 0 presents for Host part (255 equals to 1111 1111 and 0 equals to 0000
0000 in binary form).

What is subnetting?
When changing a number in the Network part of an IP address we will be in a
different network from the previous address. For example, the IP address 11.0.0.1
belongs to class A and has a default subnet mask of 255.0.0.0; if we change the
number in the first octet (a block of 8 bits, the first octet is the leftmost 8 bits) we
will create a different network. For example, 12.0.0.1 is in a different network from
11.0.0.1. But if we change a number in the Host part, we are still in the same
Network. For example, 11.1.0.1 is in the same network of 11.0.0.1.
The problem here is if we want to create 300 networks how can we do that? In the
above example, we can only create different networks when changing the first octet
so we can create a maximum of 255 networks because the first octet can only
range from 1 to 255 (in fact it is much smaller because class A only range from 1 to
126). Now we have to use a technique called subnetting to achieve our purpose.

Subnetting means we borrow some bits from the Host part to add to the
Network part. This allows us to have more networks than using the default subnet
mask. For example, we can borrow some bits in the next octet to make the address
11.1.0.1 belong to a different network from 11.0.0.1.

How to subnet?
Do you remember that I said in the subnet mask, bit 1 represents for Network part
while bit 0 presents for Host part? Well, this also means that we can specify how
many bits we want to borrow by changing how many bit 0 to bit 1 in the subnet
mask.
Lets come back to our example with the IP 11.0.0.1, we will write all numbers in
binary form to reveal what a computer really sees in an IP address.

Now you can clearly see that the subnet mask will decide which is the Network part,
which is the Host part. By borrowing 8 bits, our subnet mask will be like this:

After changing the second octet of the subnet mask from all 0 to all 1, the
Network part is now extended. Now we can create new networks by changing
number in the first or second octet. This greatly increases the number of networks
we can create. With this new subnet mask, IP 11.1.0.1 is in different network from IP
11.0.0.1 because 1 in the second octet now belongs to the Network part.
So, in conclusion we subnet by borrowing bit 0 in the Host portion and
converting them to bit 1. The number of borrowed bits is depended on how many
networks we need.

Note: A rule of borrowing bits is we can only borrow bit 0 from the left to the right
without skipping any bit 0. For example, you can borrow like this: 1111 1111. 1100
0000.0000 0000.0000 0000 but not this: 1111 1111. 1010 0000.0000 0000.0000
0000. In general, just make sure all your bit 1s are successive on the left and all
your bit 0s are successive on the right.

Calculate how many networks and hosts-per-subnet

In our example, you may raise a question: when we borrow 8 bits, how many subnetworks and how many hosts per sub-network do it create?
Note: From now, we will call sub-networks subnets. This term is very popular so
you should be familiar with it.

How many new subnets?

Because we can change any bit in the second octet to create a new subnet, each bit
can be 0 or 1 so with this subnet mask (255.255.0.0) we can create 2 8 more
subnets. From here we can deduce the formula to calculate the newly created
subnets. Suppose n is the number of bits we borrow:
The number of newly created subnets = 2n
In our example, we borrow 8 bits so we will have 2 n = 28 = 256 subnets!

How many hosts per subnet?

The number of hosts per subnet is depended on the Host part, which is indicated by
the 0 part of the subnet mask. So suppose k is the number of bits 0 in the
subnet mask. The formula to calculate the number of hosts is 2 k. But notice that
with each subnet, there are two addresses we cant assign for hosts because they
are used for network address & broadcast address. Thus we must subtract the result
to 2. Therefore the formula should be:
The number of hosts per subnet = 2k 2
In our example, the number of bit 0 in the subnet mask 255.255.0.0 (in binary
form) is 16 so we will have 2k 2 = 216 2 = 65534 hosts-per-subnet!

Example
If you still do not remember the weights of all bits, you may consider using this little
aid presented below (pic. 1) while calculating subnets, and converting binary
network masks into decimal values.

Pic. 1- Subnet Calculation Aid.

This tool is useful before you remember all the weights from left to right and right to
left.
Pic. 2 - Example of Subnet Binary-to-Decimal Conversion.

Question 1
Given the prefix 192.168.1.0/24, what should be the length of subnet mask allowing
up to 9 subnets?

Answer 1

The address belongs to the class C and uses its default network mask. That leaves
us with 8 bits to play with (the last byte). Before we change anything, our address
and network mask converted into the binary notation look like shown below (pic. 3).
Pic.3 - 192.168.1.0/24 in Binary.

In order to create 9 subnets we must extend the existing length of the network
mask by 4 bits which allows up to 16 subnets (use calculation aid in pic. 1). If I tried
to extend it by 3 bits only, the maximum subnets allowed would be only 8 subnets
(rule 2 in lesson 29). So, I must use 4 bits and the result is: 192.168.1.0/28
(192.168.1.0 255.255.255.240).

Pic. 4 - The Answer to Question 1

Question 2
Given the host address 192.168.1.177/29, what are the subnet and broadcast
addresses?

Answer 2
In order to determine the subnet and broadcast address of the subnet of this host
address, we must look at the length of the network mask first. It is 29 bits (24+5).
This tells us that the last byte of the address has 5 bits masked (subnet bits) and 3
bits unmasked (host bits). It is a good idea to look at the the last byte of the address

(177) with its network mask using binary notation. Pic. 5 below shows you this
clearly.
Pic.5 - 192.168.1.177/29 in Binary.

Since we must determine the the subnet in which the host resides (177 =
10110001), the host portion of the prefix (host bits reside in the last byte) must all
be set to '0'. The byte value with the host zeroed is the address of the subnet (rule 1
pkt.1 in lesson 29). This is the result:

Pic. 6 - Host Bits Zeroed = Subnet Address.

The second part of the question relates to the broadcast address of the subnet. As
you remember, in order to obtain the broadcast address, you must put '1' on all host
bits of the subnet/network. The subnet has already been determined (pic. 6), so let's
put '1' on all bits of the host portion:
.10110111
.10110000 = 176 <- subnet address
..00000111 = 7 <- host bits set to '1'
In decimal it is: 176 + 7 = 183
The broadcast address is: 183.
The below picture illustrates it using binary numbers.
Pic. 7 - Host Bits Set to '1' = Broadcast Address.

Question 3
Given the prefix 172.16.0.0/17, how many subnets can you create?

Answer3
This is a bit tricky isn't it? In order to answer this question, you don't need any
calculator, paper or pen. You must trust the rule 2 in lesson 29. The address and its
network mask (called prefix) converted into binary look like presented below:
Pic. 8 - The Number of Subnets for 172.16.0.0/17

As you see the number of bits we have extended the class B address is: 1. So, the
number of subnets we can create with it is: 2 subnets, since this subnet bit can be
either 1 or 0.
Pic. 9 - Questions 3 Answer

Question 4
What length of network mask would be the most optimal for router's point-to-point
connection?

Answer 4
The key to this question is to understand that point-to-point connection needs only
2 host addresses (two points that are connected together). Knowing this, the rest is
a piece of cake. We use rule 3 in lesson 29 to determine the length of the network
mask that allows 2 host addresses. Check out the picture 10.
Pic. 10 - Calculating Point-to-Point Connection Host Addresses.

If you count ones above the optimal network mask for point-to-point connection is /
30. The decimal value is: 255.255.255.252.
Question 5 - Variable Length Subnet Masking (VLSM)
It's time for a big one. Given the topology (pic. 11), calculate IP addresses for each
subnet trying to optimize them according the host address requirements. The IP
address you should use to create subnets is: 192.168.1.0/24. The number of host
addresses in the subnets are as follows:
Subnet 1 = 46 host addresses
Subnet 2 = 16 host addresses
Subnet 3 = 10 host addresses
Subnet 4 = 2 host addresses
Subnet 5 = 2 host addresses

Pic. 11 - VLSM Topology.