1

INTERNET
INTRANET &
EXTRANET

INTERNET
The Internet is a global system of interconnected computer networks that use the standard
Internet Protocol Suite (TCP/IP) to serve billions of users worldwide. It is a network of
networks that consists of millions of private, public, academic, business, and government
networks of local to global scope that are linked by a broad array of electronic and optical
networking technologies. The Internet carries a vast array of information resources and
services, most notably the inter-linked hypertext documents of the World Wide Web (WWW)
and the infrastructure to support electronic mail.

Most traditional communications media, such as telephone and television services, are
reshaped or redefined using the technologies of the Internet, giving rise to services such as
Voice over Internet Protocol (VoIP) and IPTV. Newspaper publishing has been reshaped into
Web sites, blogging, and web feeds. The Internet has enabled or accelerated the creation of
new forms of human interactions through instant messaging, Internet forums, and social
networking sites.

The Internet has no centralized governance in either technological implementation or policies

for access and usage; each constituent network sets its own standards. Only the overreaching
definitions of the two principal name spaces in the Internet, the Internet Protocol address
space and the Domain Name System, are directed by a maintainer organization, the Internet
Corporation for Assigned Names and Numbers (ICANN). The technical underpinning and
standardization of the core protocols (IPv4 and IPv6) is an activity of the Internet
Engineering Task Force (IETF), a non-profit organization of loosely affiliated international
participants that anyone may associate with by contributing technical expertise.

The terms Internet and World Wide Web are often used in everyday speech without much
distinction. However, the Internet and the World Wide Web are not one and the same. The
Internet is a global data communications system. It is a hardware and software infrastructure
that provides connectivity between computers. In contrast, the Web is one of the services
communicated via the Internet. It is a collection of interconnected documents and other
resources, linked by hyperlinks and URLs.

The Internet is also often simply referred to as the net. In many technical illustrations when
the precise location or interrelation of Internet resources is not important, the Internet is often
referred as the cloud, and literally depicted as such.
1
  HISTORY
The USSR's launch of Sputnik spurred the United States to create the Advanced Research
Projects Agency (ARPA or DARPA) in February 1958 to regain a technological lead. ARPA
created the Information Processing Technology Office (IPTO) to further the research of the
Semi Automatic Ground Environment (SAGE) program, which had networked country-wide
radar systems together for the first time. The IPTO's purpose was to find ways to address the
US Military's concern about survivability of their communications networks, and as a first
step interconnect their computers at the Pentagon, Cheyenne Mountain, and SAC HQ. J. C.
R. Licklider, a promoter of universal networking, was selected to head the IPTO. Licklider
moved from the Psycho-Acoustic Laboratory at Harvard University to MIT in 1950, after
becoming interested in information technology. At MIT, he served on a committee that
established Lincoln Laboratory and worked on the SAGE project.

At the IPTO, Licklider's successor Ivan Sutherland in 1965 got Lawrence Roberts to start a
project to make a network, and Roberts based the technology on the work of Paul Baran, who
had written an exhaustive study for the United States Air Force that recommended packet
switching to achieve better network robustness and disaster survivability. Roberts had worked
at the MIT Lincoln Laboratory originally established to work on the design of the SAGE
system. UCLA professor Leonard Kleinrock had provided the theoretical foundations for
packet networks in 1962, and later, in the 1970s, for hierarchical routing, concepts which
have been the underpinning of the development towards today's Internet.

Sutherland's successor Robert Taylor convinced Roberts to build on his early packet
switching successes and come and be the IPTO Chief Scientist. Once there, Roberts prepared
a report called Resource Sharing Computer Networks which was approved by Taylor in June
1968 and laid the foundation for the launch of the working ARPANET the following year.

After much work, the first two nodes of what would become the ARPANET were
interconnected between Kleinrock's Network Measurement Center at the UCLA's School of
Engineering and Applied Science and Douglas Engelbart's NLS system at SRI International
(SRI) in Menlo Park, California, on 29 October 1969. The third site on the ARPANET was
the Culler-Fried Interactive Mathematics centre at the University of California at Santa
Barbara, and the fourth was the University of Utah Graphics Department. In an early sign of
future growth, there were already fifteen sites connected to the young ARPANET by the end
of 1971.

The ARPANET was one of the eve networks of today's Internet. In an independent
development, Donald Davies at the UK National Physical Laboratory also discovered the
concept of packet switching in the early 1960s, first giving a talk on the subject in 1965, after
which the teams in the new field from two sides of the Atlantic ocean first became
acquainted. It was actually Davies' coinage of the wording "packet" and "packet switching"
that was adopted as the standard terminology. Davies also built a packet switched network in
the UK called the Mark I in 1970. Bolt Beranek and Newman (BBN), the private contractors
for ARPANET, set out to create a separate commercial version after establishing "value
added carriers" was legalized in the U.S. The network they established was called Telenet
and began operation in 1975, installing free public dial-up access in cities throughout the U.S.
Telenet was the first packet-switching network open to the general public.

2
The early ARPANET ran on the Network Control Program (NCP), implementing the host-to-
host connectivity and switching layers of the protocol stack, designed and first implemented
in December 1970 by a team called the Network Working Group (NWG) led by Steve
Crocker. To respond to the network's rapid growth as more and more locations connected,
Vinton Cerf and Robert Kahn developed the first description of the now widely used TCP
protocols during 1973 and published a paper on the subject in May 1974. Use of the term
"Internet" to describe a single global TCP/IP network originated in December 1974. During
the next nine years, work proceeded to refine the protocols and to implement them on a wide
range of operating systems. The first TCP/IP-based wide-area network was operational by 1
January 1983 when all hosts on the ARPANET were switched over from the older NCP
protocols.

 TYPES OF INTERNET CONNECTIONS

DAIL UP

Dial-up Internet access is a type of Internet connectivity that operates through a standard
telephone line. By running the telephone line to a modem device in the personal computer,
and configuring the computer to dial a specific phone number, the computer is granted
Internet access.

Dial-up Internet access is offered through a number of Internet service providers (ISPs). Most
ISPs lease a set of telephone numbers, sometimes local, sometimes national, that dial into
network pipelines that feed into the Internet. Subscribers to the ISP normally pay a monthly
or yearly fee. For this fee, the subscriber can access the Internet any time of the day or night
to cruise the World Wide Web, send and receive email, participate in IRC chat rooms and
USENET newsgroups.

Before a person can subscribe to a dial-up service, he or she must have a computer and dial-
up modem. A modem is an inexpensive component that fits into a free slot inside the
computer. There are also external modems that sit alongside the computer, connected to the
computer by a serial or alternate type cable. A telephone line feeds into the modem.

The modem is controlled by software in the computer; for example, the Network Connections
utility that comes with Microsoft Windows operating systems. Here you can setup a profile
for the ISP, which will tell the modem what phone number to call and how to communicate
with the dial-up service. The ISP itself provides this information.

Upon joining a dial-up service, the subscriber chooses a username and password. Once the
modem calls the phone number and makes a connection, a "handshake" takes place in which
information is exchanged between the computer modem and the remote server. The username
and password is supplied by the modem. This grants the user access through the dial-up
gateway to the Internet.

Dial-up service is the least expensive but also the slowest type of Internet access. Due to the
limited bandwidth - the ability for the modem to send and receive data - dial-up service can
take up to five minutes to download just one megabyte of data. Caching frequently visited
pages, and other software tricks and tweaks can speed up the experience of dial-up access in

3
some cases. However, if your main purpose online is multimedia-centric, (music, movies, and
graphic-laden websites), dial-up service may be so slow as to be unsatisfactory.

ISDN(Integrated Service Digital Network)

ISDN (Integrated Services Digital Network) is a type of digital phone/data and Internet
service that preceded ADSL (Asynchronous Digital Subscriber Line) and has for the most
part been superseded by it.

Normal telephone lines carry analog signals that must be amplified and converted to digital
signals by the phone company. This process introduces not only a slight lag time, but also
distortion in the signal. Dial-up modems and telephones are examples of equipment that use
analog signals. ISDN makes use of digital signals running along existing copper lines to
increase the data throughput, reduce line noise and enhance signal quality.

was very expensive not widely available. Companies and individuals wanted a faster way to
connect to the Internet, but the technology behind dial-up modems had reached its threshold.
ISDN became a viable alternative to provide speeds of up to 128 kilobits per second (kbps),
versus the standard connection of 30-53 kbps with a dial-up modem.

The most common type of ISDN service for Internet connection is the Basic Rate Interface,
or ISDN BRI. This technology creates two B-channels on the existing copper lines of 64 kbps
each, along with a single 16 kbps D-channel for the phone line. This separates data channels
from the voice channel, allowing telephone or fax use while online.

While ISDN is inexpensive and about twice as fast as dial-up service, it has been largely
replaced by affordable DSL service. An inexpensive ADSL service offers speeds up to 384
kbps, while more expensive versions are improving in speed all the time. As of fall 2005,
standard ADSL speeds range between 1.5 and 3.0 mbps (megabits per second), or 1536-3072
kbps.

Although ISDN may not be the best choice for packet-switching networks like the Internet, it
is still widely used for professional audio and broadcast applications where digital clarity
with integrated telephone services is specifically required. Small businesses that often use
two voice lines, such as phone and fax, and only require limited Internet connectivity of, say,
an hour or less per day, may prefer ISDN. ISDN might also be a better choice for high-speed
connections to intranets for video-conferencing, or to remote networks other than the Internet.

DSL

DSL (Digital Subscriber Line) is a high-speed Internet service that competes with cable
Internet to provide online access to local customers. DSL operates over standard copper
telephone lines like dial-up service, but is many times faster than dial-up. In addition to being
faster than dial-up, DSL does not tie up the phone line. Coexisting with telephone service in
this way allows users to surf the Net and use the phone at the same time.

DSL service requires a DSL modem, which connects to the telephone wall jack and
computer. The device acts as a modulator, translating the computer’s digital signals into
voltage sent across the telephone lines to a central hub known as a Digital Subscriber Line
Access Multiplier (DSLAM, or dee-slam). In lay terms the DSLAM acts as a switchboard for
4
local DSL clients, routing requests and responses between each client’s computer address and
the Internet.

Voice calls and DSL can coexist on copper lines because each service utilizes its own
frequency band. You might think of bands like lanes of a freeway. Voice signals are sent in a
relatively low band, while Internet signals occupy a much higher band. To keep the voice
band clear of bleeding signal noise, a small filter is commonly installed on all telephone lines
in the house, blocking the higher frequencies.

The DSL “service lane” is split for two-way traffic, or downstream and upstream signals.
When you click on a link, you are requesting something from the Internet, initiating upstream
traffic. The returned webpage arrives as downstream traffic. Since requests only require small
bits of data, the upstream lane can be fairly narrow (low bandwidth), but the downstream lane
must be much wider (high bandwidth) to send webpages, multimedia, graphics, files and
programs. Thus, standard DSL is called Asynchronous DSL or ADSL, because the download
speed is much faster than the upload speed.

Businesses, however, might require sending large files, data and programs between non-local
networked offices, in which case a different flavor of DSL might be preferred. Synchronous
DSL or SDSL offers the same high speed for both downloading and uploading. The
drawback is that it is more expensive than standard DSL.

Among the various DSL packages, plans are based on speed, with slower speeds costing less
than plans that offer higher speeds. Bottom-tier DSL might be as little as $12 US Dollars
(USD) per month, and is still many times faster than dial-up. Mid-range plans might run
closer to $20 USD, and $30 USD can typically buy top tier plans. Your distance to the
nearest DSLAM will determine in large part the actual speeds you achieve. The closer to the
DSLAM the better, as signal degrades with distance causing latency issues. If you are at the
outskirts of the service area, you might not see the full speed of your subscribed plan.

• ADSL

ADSL uses standard telephone lines to transmit upstream and downstream data on a digital
frequency, which sets these datastreams apart from the analog signals telephones and fax
machines use. Because the ADSL signal is operating on a different frequency, the telephone
can be used normally, even when surfing the Web with ADSL service. The only requirement
will probably be inexpensive DSL filters on each phone or fax line, to remove any "white
noise" on the line that might be generated from ADSL service.

The "asymmetric" in ADSL refers to the fact that the downstream data rate, or the data
coming to your computer from the Internet, is traveling faster than upstream data, or the data
traveling from your computer to the Internet. Upstream data rates are slower because Web
page requests are fairly miniscule data strings that do not require much bandwidth to handle
efficiently.

• SDSL

SDSL (Symmetric Digital Subscriber Line) is high-speed Internet access service with
matching upstream and downstream data rates. That is, data can be sent to the Internet from
the client machine or received from the Internet with equal bandwidth availability in both
5
directions. Normally, DSL service is asymmetrical (ADSL), with the bulk of the bandwidth
reserved for receiving data, not sending it.

SDSL is normally used by businesses with a Web presence, VPN, extranet or intranet needs.
In these cases the client server may be required to upload large streams of data to the Internet
on a regular basis. ADSL would be slow and inadequate for this purpose, as the bandwidth
available for uploading is normally less than 1 megabit per second (mbps). SDSL bandwidth
can be as high as 7 mbps in both directions.

An Internet service provider offering SDSL may offer different grades for varying prices. The
faster the data rate, the more expensive the service. Usually, long-term contracts are required
for SDSL service regardless of the grade chosen.

SDSL utilizes a digital frequency traveling across existing copper telephones lines to send
and receive data. When using the telephone line for SDSL service, phone and fax services on
that line must be suspended. Therefore a dedicated second, or additional, line is needed for
SDSL service. This differs from ADSL, which "leaves room" for both standard analog
telephone equipment and the digital signal, so that one can talk on the phone or use a fax
machine while online.

CABLE

Cable Internet connections are possible through the Cable TV lines. It shares the coaxial
cables you use to watch TV without affecting your TV's performance. Cable Internets
connection can be as fast as 27 Mbps. Cable is also called a shared medium. This means that
multiple users can connect using the cable, therefore the more people who are using it, the
slower the connection is.

WIRELESS

Wireless Internet access, sometimes referred to as a "hot spot," is a local area network (LAN)
run by radio waves rather than wires. Wireless Internet access is broadcast from a central
hub, which is a hard-wired device that actually brings in the Internet connection. The hub,
located at the main computer system or server, broadcasts Internet connectivity to clients,
which is basically anyone within receiving range who is equipped with a wireless LAN card.

In the home, a desktop system setup for wireless Internet access will broadcast connectivity
throughout the immediate area. Any family member with a laptop or desktop in another room
can connect wirelessly to the Internet to share the main connection. Neighbours may also be
able to access this wireless connection, which is why most wireless LANs are configured
with password security. In this case, any machine that wishes to get wireless Internet access
must first complete a "handshake" with the LAN, in which the password is requested. If the
proper password is not supplied, access is denied. Security protocols for wireless Internet
access have improved with Wi Fi Protected Access (WPA) and Wi Fi Protected Access 2
(WPA2) options.

While wireless Internet access is very convenient in the home, it can be even more so in the
workplace. A wired network can not only be very time consuming to install throughout a
building, it is also very expensive. Ethernet cables used to connect client machines might
need to be routed through walls, ceilings, and floors. In the past, this disadvantage was
6
sometimes overlooked due to the advantages of greater security and faster data transfer
speeds through Ethernet cables.

These advantages have been largely mitigated, however. Wireless LANs can be installed in
virtually minutes by nearly anyone, are extremely inexpensive, and can have data transfer
rates that rival hard-wired Ethernet LANs. Furthermore, WPA2 encrypts all traffic on the
LAN, addressing the problem of eavesdropping. Since wireless LANs use radio waves that
distort over long distances, the radius of the signal is limited. The further from the hub, the
weaker the signal. Therefore cities that provide access will cover a specific area within the
city where people can park to gain access.

INTRANET
Intranet is the generic term for a collection of private computer networks within an
organization. An intranet uses network technologies as a tool to facilitate communication
between people or workgroups to improve the data sharing capability and overall knowledge
base of an organization's employees. An intranet is built from the same concepts and
technologies used for the Internet, such as client–server computing and the Internet Protocol
Suite (TCP/IP). Any of the well, known Internet protocols may be found in an intranet, such
as HTTP (web services), SMTP (e-mail), and FTP (file transfer). Internet technologies are
often deployed to provide modern interfaces to legacy information systems hosting corporate
data.

Intranets may provide a gateway to the Internet by means of a network gateway with a
firewall, shielding the intranet from unauthorized external access. The gateway often also
implements user authentication, encryption of messages, and often virtual private network
(VPN) connectivity for off-site employees to access company information, computing
resources and internal communications. Increasingly, intranets are being used to deliver tools
and applications, e.g., collaboration (to facilitate working in groups and teleconferencing) or
sophisticated corporate directories, sales and customer relationship management tools, project
management etc., to advance productivity. Intranets are also being used as corporate culture-
change platforms. For example, large numbers of employees discussing key issues in an
intranet forum application could lead to new ideas in management, productivity, quality, and
other corporate issues.

In large intranets, website traffic is often similar to public website traffic and can be better
understood by using web metrics software to track overall activity. User surveys also improve
intranet website effectiveness. Larger businesses allow users within their intranet to access
public internet through firewall servers. They have the ability to screen messages coming and
going keeping security intact. When part of an intranet is made accessible to customers and
others outside the business, that part becomes part of an extranet. Businesses can send private
messages through the public network, using special encryption/decryption and other security
safeguards to connect one part of their intranet to another.

ADVANTAGES

7
 • Workforce productivity: Intranets can also help users to locate and view information
faster and use applications relevant to their roles and responsibilities. With the help of
a web browser interface, users can access data held in any database the organization
wants to make available, anytime and - subject to security provisions - from anywhere
within the company workstations, increasing employees' ability to perform their jobs
faster, more accurately, and with confidence that they have the right information. It
also helps to improve the services provided to the users.
• Time: Intranets allow organizations to distribute information to employees on an as-
needed basis; Employees may link to relevant information at their convenience, rather
than being distracted indiscriminately by electronic mail.
• Communication: Intranets can serve as powerful tools for communication within an
organization, vertically and horizontally. From a communications standpoint,
intranets are useful to communicate strategic initiatives that have a global reach
throughout the organization. The type of information that can easily be conveyed is
the purpose of the initiative and what the initiative is aiming to achieve, who is
driving the initiative, results achieved to date, and who to speak to for more
information. By providing this information on the intranet, staff have the opportunity
to keep up-to-date with the strategic focus of the organization. Some examples of
communication would be chat, email, and or blogs.

• Web publishing allows cumbersome corporate knowledge to be maintained and easily

accessed throughout the company using hypermedia and Web technologies. Examples
include: employee manuals, benefits documents, company policies, business
standards, newsfeeds, and even training, can be accessed using common Internet
standards (Acrobat files, Flash files, CGI applications). Because each business unit
can update the online copy of a document, the most recent version is always available
to employees using the intranet.
• Business operations and management: Intranets are also being used as a platform for
developing and deploying applications to support business operations and decisions
across the internetworked enterprise.
• Promote common corporate culture: Every user is viewing the same information
within the Intranet.
• Enhance Collaboration: With information easily accessible by all authorised users,
teamwork is enabled.
• Cross-platform Capability: Standards-compliant web browsers are available for
Windows, Mac, and UNIX.
• Built for One Audience: Many companies dictate computer specifications. Which, in
turn, may allow Intranet developers to write applications that only have to work on
one browser (no cross-browser compatibility issues).
• Knowledge of your Audience: Being able to specifically address your "viewer" is a
great advantange. Since Intranets are user specific (requiring database/network
authentication prior to access), you know exactly who you are interfacing with. So,
you can personalize your Intranet based on role (job title, department) or individual.
• Supports a distributed computing architecture: The intranet can also be linked to a
company’s management information system, for example a time keeping system.

DISADVANTAGES

8
 • Management fears loss of control
• Hidden or unknown complexity and costs
• Potential for chaos
• Unauthorized access
• Abuse of access
• Denial of service
• Packet sniffing
• Overabundance of information
• Information overload lowers productivity
• Users set up own web pages

EXTRANET
An extranet is a private network that uses Internet protocols, network connectivity. An
extranet can be viewed as part of a company's intranet that is extended to users outside the
company, usually via the Internet. It has also been described as a "state of mind" in which the
Internet is perceived as a way to do business with a selected set of other companies (business-
to-business, B2B), in isolation from all other Internet users.

An extranet can be understood as an intranet mapped onto the public Internet or some other
transmission system not accessible to the general public, but managed by more than one
company's administrator(s). For example, military networks of different security levels may
map onto a common military radio transmission system that never connects to the Internet.
Any private network mapped onto a public one is a virtual private network (VPN), often
using special security protocols.

For decades, institutions have been interconnecting to each other to create private networks
for sharing information. One of the differences that characterizes an extranet, however, is that
its interconnections are over a shared network rather than through dedicated physical lines. A
site can be in more than one VPN; e.g., in an intranet and several extranets. We regard both
intranets and extranets as VPNs. In general, when we use the term VPN we will not be
distinguishing between intranets and extranets.

Similarly, for smaller, geographically united organizations, "extranet" is a useful term to

describe selective access to intranet systems granted to suppliers, customers, or other
companies. Such access does not involve tunneling, but rather simply an authentication
mechanism to a web server. In this sense, an "extranet" designates the "private part" of a
website, where "registered users" can navigate, enabled by authentication mechanisms on a
"login page". An extranet requires network security. These can include firewalls, server
management, the issuance and use of digital certificates or similar means of user
authentication, encryption of messages, and the use of virtual private networks (VPNs) that
tunnel through the public network. Many technical specifications describe methods of
implementing extranets, but often never explicitly define an extranet.

ADVANTAGES
 Exchange large volumes of data using Electronic Data Interchange (EDI)
9
  Share product catalogs exclusively with trade partners
 Collaborate with other companies on joint development efforts
 Jointly develop and use training programs with other companies
 Provide or access services provided by one company to a group of other companies,
such as an online banking application managed by one company on behalf of
affiliated banks
 Share news of common interest exclusively

DISADVANTAGES
 Extranets can be expensive to implement and maintain within an organization (e.g.,
hardware, software, employee training costs), if hosted internally rather than by an
application service provider.
 Security of extranets can be a concern when hosting valuable or proprietary
information.

COMPUTER
NETWORK

A computer network, often simply referred to as a network, is a collection of computers and

devices connected by communications channels that facilitates communications among users
and allows users to share resources with other users. Networks may be classified according to
10
a wide variety of characteristics. A computer network allows sharing of resources and
information among devices connected to the network.

Computer networks can be used for several purposes:

• Facilitating communications. Using a network, people can communicate efficiently

and easily via email, instant messaging, chat rooms, telephone, video telephone calls,
and video conferencing.
• Sharing hardware. In a networked environment, each computer on a network may
access and use hardware resources on the network, such as printing a document on a
shared network printer.
• Sharing files, data, and information. In a network environment, authorized user
may access data and information stored on other computers on the network. The
capability of providing access to data and information on shared storage devices is an
important feature of many networks.
• Sharing software. Users connected to a network may run application programs on
remote computers.

 NETWORKS BASED ON PHYSICAL SCOPE

PERSONAL AREA NETWORK

A personal area network (PAN) is a computer network used for communication among
computer and different information technological devices close to one person. Some
examples of devices that are used in a PAN are personal computers, printers, fax machines,
telephones, PDAs, scanners, and even video game consoles. A PAN may include wired and
wireless connections between devices. The reach of a PAN typically extends to 10 meters. A
wired PAN is usually constructed with USB and Firewire connections while technologies
such as Bluetooth and infrared communication typically form a wireless PAN

LOCAL AREA NETWORK

A local area network (LAN) is a network that connects computers and devices in a limited
geographical area such as home, school, computer laboratory, office building, or closely
positioned group of buildings. Each computer or device on the network is a node. Current
wired LANs are most likely to be based on Ethernet technology, although new standards like
ITU-T G.hn also provide a way to create a wired LAN using existing home wires (coaxial
cables, phone lines and power lines).

All interconnected devices must understand the network layer (layer 3), because they are
handling multiple subnets. Those inside the library, which have only 10/100 Mbit/s Ethernet
connections to the user device and a Gigabit Ethernet connection to the central router, could
be called "layer 3 switches" because they only have Ethernet interfaces and must understand
IP. It would be more correct to call them access routers, where the router at the top is a
distribution router that connects to the Internet and academic networks' customer access
routers.

HOME AREA NETWORK

11
A home area network (HAN)is a residential LAN which is used for communication between
digital devices typically deployed in the home, usually a small number of personal computers
and accessories, such as printers and mobile computing devices. An important function is the
sharing of Internet access, often a broadband service through a CATV or Digital Subscriber
Line (DSL) provider. It can also be referred as Office area network(OAN).

CAMPUS NETWORK

A campus network is a computer network made up of an interconnection of local area

networks (LANs) within a limited geographical area. The networking equipments (switches,
routers) and transmission media (optical fiber, copper plant, Cat5 cabling etc.) are almost
entirely owned (by the campus tenant / owner: an enterprise, university, government etc.).In
the case of a university campus-based campus network, the network is likely to link a variety
of campus buildings including; academic departments, the university library and student
residence halls.

WIDE AREA NETWORK

A wide area network (WAN) is a computer network that covers a large geographic area such
as a city, country, or spans even intercontinental distances, using a communications channel
that combines many types of media such as telephone lines, cables, and air waves. A WAN
often uses transmission facilities provided by common carriers, such as telephone companies.
WAN technologies generally function at the lower three layers of the OSI reference model:
the physical layer, the data link layer, and the network layer.

GLOBAL AREA NETWORK

A global area network (GAN) is a network used for supporting mobile communications
across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge
in mobile communications is handing off the user communications from one local coverage
area to the next

VIRTUAL PRIVATE NETWORK

Sample VPN used to interconnect 3 office and Remote users

12
A virtual private network (VPN) is a computer network in which some of the links between
nodes are carried by open connections or virtual circuits in some larger network (e.g., the
Internet) instead of by physical wires. The data link layer protocols of the virtual network are
said to be tunneled through the larger network when this is the case. One common application
is secure communications through the public Internet, but a VPN need not have explicit
security features, such as authentication or content encryption. VPNs, for example, can be
used to separate the traffic of different user communities over an underlying network with
strong security features.

A VPN may have best-effort performance, or may have a defined service level agreement
(SLA) between the VPN customer and the VPN service provider. Generally, a VPN has a
topology more complex than point-to-point.

 NETWORK ARCHITECTURES
Computer networks may be classified according to the functional relationships which exist
among the elements of the network, e.g., active networking, client–server and peer-to-peer
(workgroup) architecture.

ACTIVE NETWORKING

Active networking is a communication pattern that allows packets flowing through a

telecommunications network to dynamically modify the operation of the network. Active
network architecture is composed of execution environments (similar to a Unix shell that can
execute active packets), a node operating system capable of supporting one or more execution
environments. It also consists of active hardware, capable of routing or switching as well as
executing code within active packets. This differs from the traditional network architecture
which seeks robustness and stability by attempting to remove complexity and the ability to
change its fundamental operation from underlying network components. Network processors
are one means of implementing active networking concepts. Active networks have also been
implemented as overlay networks.

Active networking allows the possibility of highly tailored and rapid "real-time" changes to
the underlying network operation. This enables such ideas as sending code along with packets
of information allowing the data to change its form (code) to match the channel
characteristics. The use of real-time genetic algorithms within the network to compose
network services is also enabled by active networking.Active network research addresses the
nature of how best to incorporate extremely dynamic capability within networks. In order to
do this, active network research must address the problem of optimally allocating
computation versus communication within communication networks.

PEER TO PEER(P2P)

In its simplest form, a peer-to-peer (P2P) network is created when two or more PCs are
connected and share resources without going through a separate server computer. A P2P
network can be an ad hoc connection—a couple of computers connected via a Universal
Serial Bus to transfer files. A P2P network also can be a permanent infrastructure that links a
half-dozen computers in a small office over copper wires. Or a P2P network can be a network

13
on a much grander scale in which special protocols and applications set up direct
relationships among users over the Internet.

The initial use of P2P networks in business followed the deployment in the early 1980s of
free-standing PCs. In contrast to the mini mainframes of the day, such as the VS system from
Wang Laboratories Inc., which served up word processing and other applications to dumb
terminals from a central computer and stored files on a central hard drive, the then-new PCs
had self-contained hard drives and built-in CPUs. The smart boxes also had onboard
applications, which meant they could be deployed to desktops and be useful without an
umbilical cord linking them to a mainframe. Many workers felt liberated by having dedicated
PCs on their desktops. But soon they needed a way to share files and printers. The obvious
solution was to save files to a floppy disk and carry the disk to the intended recipient or send
it by interoffice mail.

In general, office and home P2P networks operate over Ethernet (10M bit/sec.) or Fast
Ethernet (100M bit/sec.) and employ a hub-and-spoke topology. Category 5 (twisted-pair)
copper wire runs among the PCs and an Ethernet hub or switch, enabling users of those
networked PCs access to one another's hard drives, printers or perhaps a shared Internet
connection.

SNEAKER NETS

That practice resulted in the term "sneaker net." The most frequent endpoint of a typical
sneaker net was the worker who had a printer connected to his machine. While sneaker nets
seemed an odd mix of the newest technology and the oldest form of transportation, the model
is really the basis for today's small P2P workgroups. Sneaker net is a term used to describe
the transfer of electronic information, especially computer files, by physically couriering
removable media such as magnetic tape, floppy disks, compact discs, USB flash drives, or
external hard drives from one computer to another. This is usually in lieu of transferring the
information over a computer network. Whereas earlier centralized computing models and
today's client/server systems are generally considered controlled environments in which
individuals use their PCs in ways determined by a higher authority, a classic P2P workgroup
network is all about openly sharing files and devices.

CLIENT SERVER MODEL

The client–server model of computing is a distributed application structure that partitions

tasks or workloads between the providers of a resource or service, called servers, and service
requesters, called clients. Often clients and servers communicate over a computer network on
separate hardware, but both client and server may reside in the same system. A server
machine is a host that is running one or more server programs which share their resources
with clients. A client does not share any of its resources, but requests a server's content or
service function. Clients therefore initiate communication sessions with servers which await
(listen for) incoming requests.

DESCRIPTION

The client–server characteristic describes the relationship of cooperating programs in an

application. The server component provides a function or service to one or many clients,

14
which initiate requests for such services. Functions such as email exchange, web access and
database access, are built on the client–server model. For example, a web browser is a client
program running on a user's computer that may access information stored on a web server on
the Internet. Users accessing banking services from their computer use a web browser client
to send a request to a web server at a bank. That program may in turn forward the request to
its own database client program that sends a request to a database server at another bank
computer to retrieve the account information. The balance is returned to the bank database
client, which in turn serves it back to the web browser client displaying the results to the user.
The client–server model has become one of the central ideas of network computing. Many
business applications being written today use the client–server model. So do the Internet's
main application protocols, such as HTTP, SMTP, Telnet, and DNS.

Each instance of the client software can send data requests to one or more connected servers.
In turn, the servers can accept these requests, process them, and return the requested
information to the client. Although this concept can be applied for a variety of reasons to
many different kinds of applications, the architecture remains fundamentally the same.

The most basic type of client–server architecture employs only two types of hosts: clients and
servers. This type of architecture is sometimes referred to as two-tier. It allows devices to
share files and resources. The two tier architecture means that the client acts as one tier and
application in combination with server acts as another tier. The Internet increasingly uses a
three-tier architecture. In this the server side consists of an Application Server (such as Web
Server) and a Database Server (such as a SQL Server). Thus the three tiers become - Client,
Application Server and Database. All three tiers are relatively independent; for example you
can switch to a different Web Server while maintaining the integrity of the model.

Specific types of clients include web browsers, email clients, and online chat clients. Specific
types of servers include web servers, ftp servers, application servers, database servers, name
servers, mail servers, file servers, print servers, and terminal servers. Most web services are
also types of servers.

NETWORKING
MODELS

OSI MODEL
15
OSI is a standard description or "reference model" for how messages should be transmitted
between any two points in a telecommunication network. Its purpose is to guide product
implementers so that their products will consistently work with other products.

The OSI model was created by the IEEE committee so different vendors products would
work with each other. You see the problem was that when HP decided to create a network
product, it would be incompatible with similar products of a different vendor e.g IBM. So
when you bought 40 network cards for your company, you would make sure that the rest of
the equipment would be from the same vendor, to ensure compatibility. As you would
understand things were quite messy, until the OSI model came into the picture.

It is a way of sub-dividing a communications system into smaller parts called layers. A layer
is a collection of conceptually similar functions that provide services to the layer above it and
receives services from the layer below it. On each layer an instance provides services to the
instances at the layer above and requests service from the layer below. For example, a layer
that provides error-free communications, across a network provides the path needed by
applications above it, while it calls the next lower layer to send and receive packets that make
up the contents of the path. Conceptually two instances at one layer are connected by a
horizontal protocol connection on that layer.

OSI model consists of 7 layers. Each layer has been designed to do a specific task. Starting
from the top layer we will see how the data which you type gets converted into segments, the
segments into datagrams and the datagrams into packets, the packets into frames and then the
frames are sent down the wire, usually twisted pair, to the receiving computer.

OSI Model

Data Layer Function

unit

Host Data 7. Application Network process to application

layers
6. Presentation Data representation, encryption and decryption

5. Session Interhost communication

Segments 4. Transport End-to-end connections and reliability, Flow

control

Media Packet 3. Network Path determination and logical addressing

layers
Frame 2. Data Link Physical addressing

Bit 1. Physical Media, signal and binary transmission

 PHYSICAL LAYER
16
The Physical Layer is the first and lowest layer in the seven-layer OSI model of computer
networking. The Physical Layer consists of the basic hardware transmission technologies of a
network. It is a fundamental layer underlying the logical data structures of the higher level
functions in a network.

The Physical Layer defines the means of transmitting raw bits rather than logical data packets
over a physical link connecting network nodes. The bit stream may be grouped into code
words or symbols and converted to a physical signal that is transmitted over a hardware
transmission medium. The Physical Layer provides an electrical, mechanical, and procedural
interface to the transmission medium. The shapes and properties of the electrical connectors,
the frequencies to broadcast on, the modulation scheme to use and similar low-level
parameters, are specified here. The Physical Layer defines the electrical and physical
specifications for devices. In particular, it defines the relationship between a device and a
transmission medium, such as a copper or optical cable. This includes the layout of pins,
voltages, cable specifications, hubs, repeaters, network adapters, host bus adapters (HBAs used in
storage area networks) and more.

SERVICES

The major functions and services performed by the Physical Layer are:

• Bit-by-bit or symbol-by-symbol delivery

• Providing a standardized interface to physical transmission media, including
o Mechanical specification of electrical connectors and cables, for example
maximum cable length
o Electrical specification of transmission line signal level and impedance
o Radio interface, including electromagnetic spectrum frequency allocation and
specification of signal strength, analog bandwidth, etc.
o Specifications for IR over optical fiber or a wireless IR communication link
o Modulation
• Line coding
• Bit synchronization in synchronous serial communication
• Start-stop signalling and flow control in asynchronous serial communication
• Circuit switching
• Multiplexing
o Establishment and termination of circuit switched connections
• Carrier sense and collision detection utilized by some level 2 multiple access
protocols
• Equalization filtering, training sequences, pulse shaping and other signal processing
of physical signals

The Physical Layer is also concerned with

• Bit rate
• Point-to-point, multipoint or point-to-multipoint line configuration
• Physical network topology, for example bus, ring, mesh or star network
• Serial or parallel communication

17
 • Simplex, half duplex or full duplex transmission mode
• Autonegotiation

 DATALINK LAYER
The Data Link Layer is Layer 2 of the seven-layer OSI model of computer networking. It
corresponds to, or is part of the link layer of the TCP/IP reference model.The Data Link
Layer is the protocol layer which transfers data between adjacent network nodes in a wide
area network or between nodes on the same local area network segment. The Data Link Layer
provides the functional and procedural means to transfer data between network entities and
might provide the means to detect and possibly correct errors that may occur in the Physical
Layer.

The Data Link Layer is concerned with local delivery of frames between devices on the same
LAN. Data Link frames, as these protocol data units are called, do not cross the boundaries of
a local network. Inter-network routing and global addressing are higher layer functions,
allowing Data Link protocols to focus on local delivery, addressing, and media arbitration.
When devices attempt to use a medium simultaneously, frame collisions occur. Data Link
protocols specify how devices detect and recover from such collisions, and may provide
mechanisms to reduce or prevent them.

Delivery of frames by layer 2 devices is affected through the use of unambiguous hardware
addresses. A frame's header contains source and destination addresses that indicate which
device originated the frame and which device is expected to receive and process it. Layer 2
addresses are flat, meaning that no part of the address can be used to identify the logical or
physical group to which the address belongs.The data link thus provides data transfer across
the physical link. That transfer can be reliable or unreliable; many data link protocols do not
have acknowledgments of successful frame reception and acceptance, and some data link
protocols might not even have any form of checksum to check for transmission errors. The
two sublayers are:

MAC(MEDIA ACCESS CONTROL)

The Media Access Control (MAC) data communication protocol sub-layer, also known as the
Medium Access Control, is a sublayer of the Data Link Layer.. It provides addressing and
channel access control mechanisms that make it possible for several terminals or network
nodes to communicate within a multi-point network, typically a local area network (LAN) or
metropolitan area network (MAN). The MAC sub-layer acts as an interface between the
Logical Link Control (LLC) sublayer and the network's physical layer.

Addressing mechanism

The MAC layer addressing mechanism is called physical address or MAC address. A MAC
address is a unique serial number. Once a MAC address has been assigned to a
particular piece of network hardware (at time of manufacture), that device should be
uniquely identifiable amongst all other network devices in the world. This guarantees
that each device in a network will have a different MAC address (analogous to a street
address). This makes it possible for data packets to be delivered to a destination within
a subnetwork, i.e. a physical network consisting of several network segments
18
 interconnected by repeaters, hubs, bridges and switches, but not by IP routers. An IP
router may interconnect several subnets.

Channel access control mechanism

The channel access control mechanisms provided by the MAC layer are also known as a
multiple access protocol. This makes it possible for several stations connected to the same
physical medium to share it. Examples of shared physical media are bus networks, ring
networks, hub networks, wireless networks and half-duplex point-to-point links. The multiple
access protocol may detect or avoid data packet collisions if a packet mode contention based
channel access method is used, or reserve resources to establish a logical channel if a circuit
switched or channelization based channel access method is used. The channel access control
mechanism relies on a physical layer multiplex scheme.

The most widespread multiple access protocol is the contention based CSMA/CD protocol
used in Ethernet networks. This mechanism is only utilized within a network collision
domain, for example an Ethernet bus network or a hub network. An Ethernet network may be
divided into several collision domains, interconnected by bridges and switches.

LOGICAL LINK CONTROL (LLC)

This sublayer is responsible for identifying Network layer protocols and then encapsulating
them when they are about to be transmitted onto the network or decapsulate them when it
receives a packet from the network and pass it onto the layer above it, which is the Network
layer. An LLC header tells the Datalink layer what to do with a packet once a frame is
received. For example, a host (computer) will receive a frame and then look in the LLC
header to understand that the packet is destined for the IP protocol at the Network layer. The
LLC can also provide flow control and sequencing of control bits.

SERVICES

• Encapsulation of network layer data packets into frames

• Frame synchronization
• Functions performed by LLC and MAC sublayers.

 NETWORK LAYER
The Network layer is responsible for routing through an internetwork and for networking
addressing. This means that the Network layer is responsible for transporting traffic between
devices that are not locally attached. Routers, or other layer-3 devices, are specified at the
Network layer and provide routing services in an internetwork. In the Open Systems
Interconnection (OSI) communications model, the Network layer knows the address of the
neighboring nodes in the network, packages output with the correct network address
information, selects routes and quality of service and recognizes and forwards to the
Transport layer incoming messages for local host domains.

CONNECTIONLESS COMMMUNICATION
19
For example, IP is connectionless, in that a frame can travel from a sender to a recipient
without the recipient having to send an acknowledgement. Connection-oriented protocols
exist higher at other layers of that model.

HOST ADDRESSING

Every host in the network needs to have a unique address which determines where it is. On
the Internet, addresses are known as Internet Protocol (IP) addresses.

MESSAGE FORWARDING

Since many networks are partitioned into subnetworks and connect to other networks for
wide-area communications, networks use specialized hosts, called gateways or routers to
forward packets between networks. This is also of interest to mobile applications, where a
user may move from one location to another, and it must be arranged that his messages
follow him. Version 4 of the Internet Protocol (IPv4) was not designed with this feature in
mind, although mobility extensions exist. IPv6 has a better designed solution. Within the
service layering semantics of the OSI network architecture the Network Layer responds to
service requests from the Transport Layer and issues service requests to the Data Link Layer.

 TRANSPORT LAYER
In computer networking, the Transport Layer provides end-to-end communication services
for applications within a layered architecture of network components and protocols. The
transport layer provides convenient services such as connection-oriented data stream support,
reliability, flow control, and multiplexing.

The Transport Layer is responsible for delivering data to the appropriate application process
on the host computers. This involves statistical multiplexing of data from different
application processes, i.e. forming data packets, and adding source and destination port
numbers in the header of each Transport Layer data packet. Together with the source and
destination IP address, the port numbers constitutes a network socket, i.e. an identification
address of the process-to-process communication. In the OSI model, this function is
supported by the Session Layer. It also hides details of any network-dependent information
from the higher layers by providing transparent data transfer.

Some Transport Layer protocols, for example TCP, support virtual circuits, i.e. provide
connection oriented communication over an underlying packet oriented datagram network. A
byte-stream is delivered while hiding the packet mode communication for the application
processes. This involves connection establishment, dividing of the data stream into packets
called segments, segment numbering and reordering of out-of order data. The OSI model
defines five classes of connection-mode transport protocols designated class 0 (TP0) to class
4 (TP4). Detailed characteristics of the classes are shown in the following table:

Service TP0 TP TP TP TP
1 2 3 4

20
Connection oriented network Yes Ye Ye Ye Ye
s s s s

Connectionless network No No No No Ye
s

Concatenation and separation No Ye Ye Ye Ye

s s s s

Segmentation and reassembly Yes Ye Ye Ye Ye

s s s s

Error Recovery No Ye No Ye Ye
s s s

Reinitiate connection (if an excessive number of PDUs No Ye No Ye No

are unacknowledged) s s

multiplexing and demultiplexing over a single virtual No No Ye Ye Ye

circuit s s s

Explicit flow control No No Ye Ye Ye

s s s

Retransmission on timeout No No No No Ye
s

Reliable Transport Service No Ye No Ye Ye

s s s

SERVICES

There is a long list of services that can be optionally provided by the Transport Layer. None
of them are compulsory, because not all applications require all available services.

Connection-oriented: Interpreting the connection as a data stream can provide many

benefits. It is normally easier to deal with than the underlying connection-less models, such
as the Internet Protocol model of datagrams. In general, where the Network layer only
provides a connection-less service, often a connection-oriented service is built on top of that
in the Transport Layer.

Same Order Delivery: The Network layer doesn't generally guarantee that packets of data
will arrive in the same order that they were sent, but often this is a desirable feature, so the
Transport Layer provides it. The simplest way of doing this is to give each packet a number,
and allow the receiver to reorder the packets.

Reliability: Packets may be lost in routers, switches, bridges and hosts due to network
congestion, when the packet queues are filled and the network nodes have to delete packets.
Packets may be lost or corrupted in Ethernet due to interference and noise, since Ethernet
does not retransmit corrupted packets. Packets may be delivered in the wrong order by an
underlying network. Some Transport Layer protocols, for example TCP, can fix this. By
21
means of an error detection code, for example a checksum, the transport protocol may check
that the data is not corrupted, and verify that by sending an ACK message to the sender.
Automatic repeat request schemes may be used to retransmit lost or corrupted data. By
introducing segment numbering in the Transport Layer packet headers, the packets can be
sorted in order. Of course, error free is impossible, but it is possible to substantially reduce
the numbers of undetected errors.

Flow control: The amount of memory on a computer is limited, and without flow control a
larger computer might flood a computer with so much information that it can't hold it all
before dealing with it. Nowadays, this is not a big issue, as memory is cheap while bandwidth
is comparatively expensive, but in earlier times it was more important. Flow control allows
the receiver to respond before it is overwhelmed. Sometimes this is already provided by the
network, but where it is not, the Transport Layer may add it on.

Congestion avoidance: Network congestion occurs when a queue buffer of a network node
is full and starts to drop packets. Automatic repeat request may keep the network in a
congested state. This situation can be avoided by adding congestion avoidance to the flow
control, including slow-start. This keeps the bandwidth consumption at a low level in the
beginning of the transmission, or after packet retransmission.

Byte orientation: Rather than dealing with things on a packet-by-packet basis, the Transport
Layer may add the ability to view communication just as a stream of bytes. This is nicer to
deal with than random packet sizes, however, it rarely matches the communication model
which will normally be a sequence of messages of user defined sizes.

Ports: Ports provide multiplexing. For example, the first line of a postal address is a kind of
port, and distinguishes between different occupants of the same house. Computer applications
will each listen for information on their own ports, which is why you can use more than one
network-based application at the same time. It is part of the Transport Layer in the TCP/IP
model, but of the Session Layer in the OSI model.

 SESSION LAYER
The Session Layer provides the mechanism for opening, closing and managing a session
between end-user application processes, i.e. a semi-permanent dialogue. Communication
sessions consist of requests and responses that occur between applications. Session Layer
services are commonly used in application environments that make use of remote procedure
calls (RPCs).

An example of a Session Layer protocol is the OSI protocol suite Session Layer Protocol,
also known as X.225 or ISO 8327. In case of a connection loss this protocol may try to
recover the connection. If a connection is not used for a long period, the Session Layer
Protocol may close it and re-open it. It provides for either full duplex or half-duplex operation
and provides synchronization points in the stream of exchanged messages.

Within the service layering semantics of the OSI network architecture, the Session Layer
responds to service requests from the Presentation Layer and issues service requests to the
Transport Layer.

22
The Session Layer of the OSI model is responsible for session checkpointing and recovery. It
allows information of different streams, perhaps originating from different sources, to be
properly combined or synchronized. It coordinates communication between systems and
serves to organise their communication by offering three different modes: simplex, half-
duplex and full-duplex. The session layer basically keeps one application's data separate from
other application's data. An example application is web conferencing, in which the streams of
audio and video must be synchronous to avoid so-called lip synch problems. Floor control
ensures that the person displayed on screen is the current speaker.Another application is in
live TV programs, where streams of audio and video need to be seamlessly merged and
transitioned from one to the other to avoid silent airtime or excessive overlap.

SERVICES

• Authentication
• Permissions
• Session restoration (check-pointing and recovery)

 PRESENTATION LAYER
The Presentation Layer is responsible for the delivery and formatting of information to the
application layer for further processing or display. It relieves the application layer of concern
regarding syntactical differences in data representation within the end-user systems. Note: An
example of a presentation service would be the conversion of an EBCDIC-coded text file to
an ASCII-coded file.

The Presentation Layer is the lowest layer at which application programmers consider data
structure and presentation, instead of simply sending data in form of datagrams or packets
between hosts. This layer deals with issues of string representation - whether they use the
Pascal method (an integer length field followed by the specified amount of bytes) or the C/C+
+ method (null-terminated strings, i.e. "thisisastring\0"). The idea is that the application layer
should be able to point at the data to be moved, and the Presentation Layer will deal with the
rest. Serialization of complex data structures into flat byte-strings (using mechanisms such as
TLV or XML) can be thought of as the key functionality of the Presentation Layer.

Encryption is typically done at this level too, although it can be done on the Application,
Session, Transport, or Network Layers; each having its own advantages and disadvantages.
Another example is representing structure, which is normally standardized at this level, often
by using XML. As well as simple pieces of data, like strings, more complicated things are
standardized in this layer. Two common examples are 'objects' in object-oriented
programming, and the exact way that streaming video is transmitted. Within the service
layering semantics of the OSI network architecture, the Presentation Layer responds to
service requests from the Application Layer and issues service requests to the Session Layer.
The two sublayers are:

CASE

23
The CASE sublayer provides services for the Application Layer and request services from the
Session Layer. It provides support for common application services, such as:

• ACSE (Association Control Service Element)

• ROSE (Remote Operation Service Element)
• CCR (Commitment Concurrency and Recovery)
• RTSE (Reliable Transfer Service Element)

SASE

The SASE sublayer provides application specific services (protocols), such as

• FTAM (File Transfer, Access and Manager)

• VT (Virtual Terminal)
• MOTIS (Message Oriented Text Interchange Standard)
• CMIP (Common Management Information Protocol)
• MMS (Manufacturing Messaging Service)
• RDA (Remote Database Access)
• DTP (Distributed Transaction Processing)
• Tel Net(a remote terminal access protocol)

SERVICES

• Encryption
• Compression

 APPLICATION LAYER
The Application layer of the OSI model is where users communicate with the computer. The
Application layer is responsible for identifying and establishing the availability of the
intended communication partner and determining if sufficient resources for the intended
communication exist. The user interfaces with the computer at the application layer.

Although computer applications sometimes require only desktop resources, applications may
unite communicating components from more than one network application, for example, file
transfers, e-mail, remote access, network management activities, client/server processes.

There are various protocols which are used at this layer. Definition of a"Protocol" is a set of
rules by which two computers communicate. In plain English, you can say that a protocol is a
language, for example, English. For me to speak to you and make sense, I need to structure
my sentence in a "standard" way which you will understand. Computer communication
works pretty much the same way. This is why we have so many different protocols, each one
for a specific task.

TCP/IP MODEL

24
The TCP/IP model is a description framework for computer network protocols created in the
1970s by DARPA, an agency of the United States Department of Defense. It evolved from
ARPANET, which was the world's first wide area network and a predecessor of the Internet.
The TCP/IP Model is sometimes called the Internet Model or the DoD Model.

The TCP/IP model, or Internet Protocol Suite, describes a set of general design guidelines
and implementations of specific networking protocols to enable computers to communicate
over a network. TCP/IP provides end-to-end connectivity specifying how data should be
formatted, addressed, transmitted, routed and received at the destination. Protocols exist for a
variety of different types of communication services between computers.

TCP/IP, sometimes referred to as the Internet model, has four abstraction layers. This layer
architecture is often compared with the seven-layer OSI Reference Model; using terms such
as Internet reference model, incorrectly, however, because it is descriptive while the OSI
Reference Model was intended to be prescriptive, hence being a reference model.The TCP/IP
model and related protocols are maintained by the Internet Engineering Task Force (IETF).

 LINK LAYER
The Link Layer is the networking scope of the local network connection to which a host is
attached. This regime is called the link in Internet literature. This is the lowest component
layer of the Internet protocols, as TCP/IP is designed to be hardware independent. As a result
TCP/IP has been implemented on top of virtually any hardware networking technology in
existence.

The Link Layer is used to move packets between the Internet Layer interfaces of two
different hosts on the same link. The processes of transmitting and receiving packets on a
given link can be controlled both in the software device driver for the network card, as well
as on firmware or specialized chipsets. These will perform data link functions such as adding
a packet header to prepare it for transmission, then actually transmit the frame over a physical
medium. The TCP/IP model includes specifications of translating the network addressing
methods used in the Internet Protocol to data link addressing, such as Media Access Control
(MAC), however all other aspects below that level are implicitly assumed to exist in the Link
Layer, but are not explicitly defined.

The Link Layer is also the layer where packets may be selected to be sent over a virtual
private network or other networking tunnel. In this scenario, the Link Layer data may be
considered application data which traverses another instantiation of the IP stack for
transmission or reception over another IP connection. Such a connection, or virtual link, may
be established with a transport protocol or even an application scope protocol that serves as a
tunnel in the Link Layer of the protocol stack. Thus, the TCP/IP model does not dictate a
strict hierarchical encapsulation sequence.

 TRANSPORT LAYER
The Transport Layer's responsibilities include end-to-end message transfer capabilities
independent of the underlying network, along with error control, segmentation, flow control,
congestion control, and application addressing (port numbers). End to end message
transmission or connecting applications at the transport layer can be categorized as either
25
connection-oriented, implemented in Transmission Control Protocol (TCP), or
connectionless, implemented in User Datagram Protocol (UDP).

The Transport Layer can be thought of as a transport mechanism, e.g., a vehicle with the
responsibility to make sure that its contents (passengers/goods) reach their destination safely
and soundly, unless another protocol layer is responsible for safe delivery.

The Transport Layer provides this service of connecting applications through the use of
service ports. Since IP provides only a best effort delivery, the Transport Layer is the first
layer of the TCP/IP stack to offer reliability. IP can run over a reliable data link protocol such
as the High-Level Data Link Control (HDLC). Protocols above transport, such as RPC, also
can provide reliability.

For example, the Transmission Control Protocol (TCP) is a connection-oriented protocol that
addresses numerous reliability issues to provide a reliable byte stream:

• data arrives in-order

• data has minimal error (i.e. correctness)
• duplicate data is discarded
• lost/discarded packets are resent
• includes traffic congestion control

The newer Stream Control Transmission Protocol (SCTP) is also a reliable, connection-
oriented transport mechanism. It is Message-stream-oriented — not byte-stream-oriented like
TCP — and provides multiple streams multiplexed over a single connection. It also provides
multi-homing support, in which a connection end can be represented by multiple IP addresses
(representing multiple physical interfaces), such that if one fails, the connection is not
interrupted. It was developed initially for telephony applications (to transport SS7 over IP),
but can also be used for other applications.

User Datagram Protocol is a connectionless datagram protocol. Like IP, it is a best effort,
"unreliable" protocol. Reliability is addressed through error detection using a weak checksum
algorithm. UDP is typically used for applications such as streaming media (audio, video,
Voice over IP etc) where on-time arrival is more important than reliability, or for simple
query/response applications like DNS lookups, where the overhead of setting up a reliable
connection is disproportionately large. Real-time Transport Protocol (RTP) is a datagram
protocol that is designed for real-time data such as streaming audio and video.

TCP and UDP are used to carry an assortment of higher-level applications. The appropriate
transport protocol is chosen based on the higher-layer protocol application. For example, the
File Transfer Protocol expects a reliable connection, but the Network File System (NFS)
assumes that the subordinate Remote Procedure Call protocol, not transport, will guarantee
reliable transfer. Other applications, such as VoIP, can tolerate some loss of packets, but not
the reordering or delay that could be caused by retransmission. The applications at any given
network address are distinguished by their TCP or UDP port. By convention certain well
known ports are associated with specific applications.

 INTERNET LAYER
26
The Internet Layer is a group of internetworking methods in the TCP/IP protocol suite which
is the foundation of the Internet. It is the group of methods, protocols, and specifications
which are used to transport datagrams (packets) from the originating host across network
boundaries, if necessary, to the destination host specified by a network address (IP address)
which is defined for this purpose by the Internet Protocol (IP). The Internet Layer derives its
name from its function of forming an "internet" or facilitating "internetworking", which is the
concept of connecting multiple networks with each other through gateways.

Internet Layer protocols use IP-based packets. The Internet Layer does not include the
protocols that define communication between local ("on-link") network nodes which fulfill
the purpose of maintaining link states between the local nodes, such as the local network
topology, and that usually use protocols that are based on the framing of packets specific to
the link types. Such protocols belong to the Link Layer.A particularly crucial aspect in the
Internet Layer is the Robustness Principle: "Be liberal in what you accept, and conservative
in what you send”, as a misbehaving host can deny Internet service to many other users.

FUNCTIONS

The Internet Layer has three basic functions: For outgoing packets, select the "next hop" host
(gateway) and transmit the packet to this host by passing it to the appropriate Link Layer
implementation; for incoming packets, capture packets and pass the packet payload up to the
appropriate Transport Layer protocol, if appropriate. In addition it provides error detection
and diagnostic capability.

In Version 4 of the Internet Protocol (IPv4), during both transmit and receive operations, IP is
capable of automatic or intentional fragmentation or defragmentation of packets, based, for
example, on the maximum transmission unit (MTU) of link elements. However, this feature
has been dropped in IPv6, as the communications end points, the hosts, now have to perform
path MTU discovery and assure that end-to-end transmissions don't exceed the minimum
discovered.

In its operation, the Internet Layer is not responsible for reliable transmission. It provides
only an unreliable service, and "best effort" delivery. This means that the network makes no
guarantees about packets' proper arrival. This was an important design principle and change
from the previous protocols used on the early ARPANET. Since packet delivery across
diverse networks is inherently an unreliable and failure-prone operation, the burden of
providing reliability was placed with the end points of a communication path, i.e., the hosts,
rather than on the network. This is one of the reasons of the resiliency of the Internet against
individual link failures and its proven scalability.

The function of providing reliability of service is the duty of higher level protocols, such as
the Transmission Control Protocol (TCP) in the Transport Layer. Integrity of packets is
guaranteed only in IPv4 (not in IPv6) through checksums computed for IP packets.

 APPLICATION LAYER
The Application Layer refers to the higher-level protocols used by most applications for
network communication. Examples of application layer protocols include the File Transfer
Protocol (FTP) and the Simple Mail Transfer Protocol (SMTP). Data coded according to
27
application layer protocols are then encapsulated into one or (occasionally) more transport
layer protocols (such as the Transmission Control Protocol (TCP) or User Datagram Protocol
(UDP)), which in turn use lower layer protocols to effect actual data transfer.

Since the IP stack defines no layers between the application and transport layers, the
application layer must include any protocols that act like the OSI's presentation and session
layer protocols. This is usually done through libraries.

Application Layer protocols generally treat the transport layer (and lower) protocols as "black
boxes" which provide a stable network connection across which to communicate, although
the applications are usually aware of key qualities of the transport layer connection such as
the end point IP addresses and port numbers. As noted above, layers are not necessarily
clearly defined in the Internet protocol suite. Application layer protocols are most often
associated with client–server applications, and the commoner servers have specific ports
assigned to them by the IANA (Internet Assigned Numbers Authority): HTTP has port 80;
Telnet has port 23; etc. Clients, on the other hand, tend to use ephemeral ports, i.e. port
numbers assigned at random from a range set aside for the purpose.

Transport and lower level layers are largely unconcerned with the specifics of application
layer protocols. Routers and switches do not typically "look inside" the encapsulated traffic to
see what kind of application protocol it represents, rather they just provide a conduit for it.
However, some firewall and bandwidth throttling applications do try to determine what's
inside, as with the Resource Reservation Protocol (RSVP). It's also sometimes necessary for
Network Address Translation (NAT) facilities to take account of the needs of particular
application layer protocols. (NAT allows hosts on private networks to communicate with the
outside world via a single visible IP address using port forwarding, and is an almost
ubiquitous feature of modern domestic broadband routers).

NETWORKING
TOPOLOGIES

It is defined as the interconnection of the various elements (links, nodes, etc.) of a computer
network. Topology can be considered as a virtual shape or structure of a network. This shape
does not correspond to the actual physical design of the devices on the computer network.
The computers on a home network can be arranged in a circle but it does not necessarily
mean that it represents a ring topology.

Any particular network topology is determined only by the graphical mapping of the
configuration of physical and/or logical connections between nodes. The study of network
topology uses graph theory. Distances between nodes, physical interconnections,

28
transmission rates, and/or signal types may differ in two networks and yet their topologies
may be identical. There are two types of topologies:

PHYSICAL

The physical topology of a network refers to the layout of cables, computers and other
peripherals. Try to imagine yourself in a room with a small network, you can see network
cables coming out of every computer that is part of the network, then those cables plug into a
hub or switch. What you're looking at is the physical topology of that network !

LOGICAL

Logical topology is the method used to pass the information between the computers. In other
words, looking at that same room, if you were to try to see how the network works with all
the computers talking (think of the computers generating traffic and packets of data going
everywhere on the network) you would be looking at the logical part of the network. The way
the computers will be talking to each other and the direction of the traffic is controlled by the
various protocols (like Ethernet) or, if you like, rules.

 BUS TOPOLOGY
Bus topology is fairly old news and you probably won't be seeing much of these around in
any modern office or home. With the Bus topology, all workstations are connect directly to
the main backbone that carries the data. Traffic generated by any computer will travel across
the backbone and be received by all workstations. This works well in a small network of 2-5
computers, but as the number of computers increases so will the network traffic and this can
greatly decrease the performance and available bandwidth of your network.

As you can see in the above example, all computers are attached to a continuous cable which
connects them in a straight line. The arrows clearly indicate that the packet generated by
Node 1 is transmitted to all computers on the network, regardless the destination of this
packet.

Also, because of the way the electrical signals are transmitted over this cable, its ends must
be terminated by special terminators that work as "shock absorbers", absorbing the signal so
it won't reflect back to where it came from. If the bus (the long yellow cable) is damaged
29
anywhere in its path, then it will most certainly cause the network to stop working or, at the
very least, cause big communication problems between the workstations.

Thinnet - 10 Base2, also known as coax cable (Black in colour) and Thicknet - 10 Base 5
(Yellow in colour) is used in these type of topologies.

 STAR TOPOLOGY

The Star or Hub topology is one of the most common network topologies found in most
offices and home networks. It has become very popular in contrast to the bus type (which we
just spoke about), because of the cost and the ease of troubleshooting.

The advantage of the star topology is that if one computer on the star topology fails, then only
the failed computer is unable to send or receive data. The remainder of the network functions
normally. The disadvantage of using this topology is that because each computer is connected
to a central hub or switch, if this device fails, the entire network fails!

A classic example of this type of topology is the UTP (10 base T), which normally has a blue
colour.

 RING TOPOLOGY
In the ring topology, computers are connected on a single circle of cable. Unlike the bus
topology, there are no terminated ends. The signals travel around the loop in one direction
and pass through each computer, which acts as a repeater to boost the signal and send it to the
next computer. On a larger scale, multiple LANs can be connected to each other in a ring
topology by using Thicknet coaxial or fiber-optic cable.

30
The method by which the data is transmitted around the ring is called token passing. A token
is a special series of bits that contains control information. Possession of the token allows a
network device to transmit data to the network. Each network has only one token.

 MESH TOPOLOGY

In a mesh topology, each computer is connected to every other computer by a separate cable.
This configuration provides redundant paths through the new work, so if one computer blows
up, you don't lose the network. On a large scale, you can connect multiple LANs using mesh
topology with leased telephone lines, Thicknet coaxial cable or fiber optic cable.

Again, the big advantage of this topology is its backup capabilities by providing multiple
paths through the network.

 HYBRID TOPOLOGY
With the hybrid topology, two or more topologies are combined to form a complete network.
For example, a hybrid topology could be the combination of a star and bus topology. These
are also the most common in use.

31
STAR BUS

In a star-bus topology, several star topology networks are linked to a bus connection. In this
topology, if a computer fails, it will not affect the rest of the network. However, if the central
component, or hub, that attaches all computers in a star, fails, then you have big problems
since no computer will be able to communicate.

STAR RING

In the Star-Ring topology, the computers are connected to a central component as in a star
network. These components, however, are wired to form a ring network.

Like the star-bus topology, if a single computer fails, it will not affect the rest of the network.
By using token passing, each computer in a star-ring topology has an equal chance of
communicating. This allows for greater network traffic between segments than in a star-bus
topology.

32
  TREE TOPOLOGY

TREE TOPOLOGY

The type of network topology in which a central 'root' node (the top level of the hierarchy) is
connected to one or more other nodes that are one level lower in the hierarchy (i.e., the
second level) with a point-to-point link between each of the second level nodes and the top
level central 'root' node, while each of the second level nodes that are connected to the top
level central 'root' node will also have one or more other nodes that are one level lower in the
hierarchy (i.e., the third level) connected to it, also with a point-to-point link, the top level
central 'root' node being the only node that has no other node above it in the hierarchy (The
hierarchy of the tree is symmetrical. Each node in the network having a specific fixed
number, of nodes connected to it at the next lower level in the hierarchy, the number, being
referred to as the 'branching factor' of the hierarchical tree.

• A network that is based upon the physical hierarchical topology must have at least
three levels in the hierarchy of the tree, since a network with a central 'root' node and
only one hierarchical level below it would exhibit the physical topology of a star.

• A network that is based upon the physical hierarchical topology and with a branching
factor of 1 would be classified as a physical linear topology.

• The branching factor, f, is independent of the total number of nodes in the network
and, therefore, if the nodes in the network require ports for connection to other nodes
the total number of ports per node may be kept low even though the total number of
nodes is large – this makes the effect of the cost of adding ports to each node totally
dependent upon the branching factor and may therefore be kept as low as required
without any effect upon the total number of nodes that are possible.

• The total number of point-to-point links in a network that is based upon the physical
hierarchical topology will be one less than the total number of nodes in the network.

• If the nodes in a network that is based upon the physical hierarchical topology are
required to perform any processing upon the data that is transmitted between nodes in
the network, the nodes that are at higher levels in the hierarchy will be required to
perform more processing operations on behalf of other nodes than the nodes that are
lower in the hierarchy. Such a type of network topology is very useful and highly
recommended.

33
 CONNECTING
DEVICES


 GATEWAY
A Gateway is any device that connects network environments that are not alike. For example,
a gateway is used to connect LAN (local area network) environments to mainframe
environments. Gateways, also called protocol converters, can operate at any layer of the OSI

34
model. The job of a gateway is much more complex than that of a router or switch. Typically,
a gateway must convert one protocol stack into another.

A gateway is a network point that acts as an entrance to another network. On the Internet, a
node or stopping point can be either a gateway node or a host (end-point) node. Both the
computers of Internet users and the computers that serve pages to users are host nodes, while
the nodes that connect the networks in between are gateways. For example, the computers
that control traffic between company networks or the computers used by internet service
providers (ISPs) to connect users to the internet are gateway nodes. In the network for an
enterprise, a computer server acting as a gateway node is often also acting as a proxy server
and a firewall server. A gateway is often associated with both a router, which knows where to
direct a given packet of data that arrives at the gateway, and a switch, which furnishes the
actual path in and out of the gateway for a given packet.

On an IP network, clients should automatically send IP packets with a destination outside a

given subnet mask to a network gateway. A subnet mask defines the IP range of a network.
For example, if a network has a base IP address of 192.168.0.0 and has a subnet mask of
255.255.255.0, then any data going to an IP address outside of 192.168.0.X will be sent to
that network's gateway. While forwarding an IP packet to another network, the gateway
might or might not perform Network Address Translation. A gateway is an essential feature
of most routers, although other devices (such as any PC or server) can function as a gateway.

 ROUTER
A router is a device that interconnects two or more computer networks, and selectively
interchanges packets of data between them. Each data packet contains address information
that a router can use to determine if the source and destination are on the same network, or if
the data packet must be transferred from one network to another. Where multiple routers are
used in a large collection of interconnected networks, the routers exchange information about
target system addresses, so that each router can build up a table showing the preferred paths
between any two systems on the interconnected networks.

A router is a networking device whose software and hardware are customized to the tasks of
routing and forwarding information. A router has two or more network interfaces, which may
be to different physical types of network (such as copper cables, fiber, or wireless) or
different network standards. Each network interface is a specialized device that converts
electric signals from one form to another.

Routers connect two or more logical subnets, which do not share a common network address.
The subnets in the router do not necessarily map one-to-one to the physical interfaces of the
router. Conceptually, a router operates in two operational planes (or sub-systems).

• Control plane: where a router builds a table (called routing table) as how a packet
should be forwarded through which interface, by using either statically configured
statements (called static routes) or by exchanging information with other routers in the
network through a dynamical routing protocol;

35
 • Forwarding plane: where the router actually forwards traffic (called packets in IP)
from incoming interfaces to an outgoing interface that is appropriate for the
destination address that the packet carries with it, by following rules derived from the
routing table that has been built in the control plane.

A demonstration of a router forwarding information to many clients.

Routers intended for ISP and major enterprise connectivity almost invariably exchange
routing information using the Border Gateway Protocol (BGP). Routers are also used for port
forwarding for private servers.

• Edge router (ER): An ER is placed at the edge of an ISP network. The router speaks
external BGP (EBGP) to a BGP speaker in another provider or large enterprise
Autonomous System(AS). This type of router is also called PE (Provider Edge)
routers.
• Subscriber edge router (SER): An SER is located at the edge of the subscriber's
network, it speaks EBGP to its provider's AS(s). It belongs to an end user (enterprise)
organization. This type of router is also called CE (Customer Edge) routers.
• Inter-provider border router: Interconnecting ISPs, this is a BGP-speaking router that
maintains BGP sessions with other BGP speaking routers in other providers' ASes.
• Core router: A core router is one that resides within an AS as back bone to carry
traffic between edge routers.

 ETHERNET HUB

4-port Ethernet hub

36
An Ethernet hub, active hub, network hub, repeater hub, hub or concentrator is a device for
connecting multiple twisted pair or fiber optic Ethernet devices together and making them act
as a single network segment. Hubs work at the physical layer (layer 1) of the OSI model. The
device is a form of multiport repeater. Repeater hubs also participate in collision detection,
forwarding a jam signal to all ports if it detects a collision. Hubs also often come with a BNC
and/or AUI connector to allow connection to legacy 10BASE2 or 10BASE5 network
segments.

A network hub is a fairly unsophisticated broadcast device. Hubs do not manage any of the
traffic that comes through them, and any packet entering any port is broadcast out on all other
ports. Since every packet is being sent out through all other ports, packet collisions result—
which greatly impedes the smooth flow of traffic. The need for hosts to be able to detect
collisions limits the number of hubs and the total size of a network built using hubs. For 10
Mbit/s networks, up to 5 segments (4 hubs) are allowed between any two end stations. For
100 Mbit/s networks, the limit is reduced to 3 segments (2 hubs) between any two end
stations, and even that is only allowed if the hubs are of the low delay variety.

Most hubs detect typical problems, such as excessive collisions and jabbering on individual
ports, and partition the port, disconnecting it from the shared medium. Thus, hub-based
Ethernet is generally more robust than coaxial cable-based Ethernet (e.g. 10BASE2, thinnet),
where a misbehaving device can adversely affect the entire collision domain. Even if not
partitioned automatically, a hub makes troubleshooting easier because status lights can
indicate the possible problem source or, as a last resort, devices can be disconnected from a
hub one at a time much more easily than a coaxial cable. They also remove the need to
troubleshoot faults on a huge cable with multiple taps.

DUAL SPEED HUBS

In the early days of Fast Ethernet, Ethernet switches were relatively expensive devices. Hubs
suffered from the problem that if there were any 10BASE-T devices connected then the
whole network needed to run at 10 Mbit/s. Therefore a compromise between a hub and a
switch was developed, known as a dual-speed hub. These devices consisted of an internal
two-port switch, dividing the 10BASE-T (10 Mbit/s) and 100BASE-T (100 Mbit/s) segments.
The device would typically consist of more than two physical ports. When a network device
becomes active on any of the physical ports, the device attaches it to either the 10BASE-T
segment or the 100BASE-T segment, as appropriate. This prevented the need for an all-or-
nothing migration from 10BASE-T to 100BASE-T networks. These devices are hubs because
the traffic between devices connected at the same speed is not switched.

USES

Historically, the main reason for purchasing hubs rather than switches was their price. This
has largely been eliminated by reductions in the price of switches, but hubs can still be useful
in special circumstances:

• For inserting a protocol analyzer into a network connection, a hub is an alternative to

a network tap or port mirroring.
• Some computer clusters require each member computer to receive all of the traffic
going to the cluster.

37
 • When a switch is accessible for end users to make connections, for example, in a
conference room, an inexperienced or careless user (or saboteur) can bring down the
network by connecting two ports together, causing a loop. This can be prevented by
using a hub, where a loop will break other users on the hub, but not the rest of the
network. (It can also be prevented by buying switches that can detect and deal with
loops, for example by implementing the Spanning Tree Protocol.)
• A hub with a 10BASE2 port can be used to connect devices that only support
10BASE2 to a modern network. The same goes for linking in an old thicknet network
segment using an AUI port on a hub (individual devices that were intended for
thicknet can be linked to modern Ethernet by using an AUI-10BASE-T transceiver).

 SWITCH
A network switch is a small hardware device that joins multiple computers together within
one local area network (LAN). Technically, network switches operate at layer two (Data Link
Layer) of the OSI model.

Network switches appear nearly identical to network hubs, but a switch generally contains
more intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches
are capable of inspecting data packets as they are received, determining the source and
destination device of each packet, and forwarding them appropriately. By delivering
messages only to the connected device intended, a network switch conserves network
bandwidth and offers generally better performance than a hub. Mainstream Ethernet network
switches support either 10/100 Mbps Fast Ethernet or Gigabit Ethernet (10/100/1000)
standards.

Different models of network switches support differing numbers of connected devices. Most
consumer-grade network switches provide either four or eight connections for Ethernet
devices. Switches can be connected to each other, a so-called daisy chaining method to add
progressively larger number of devices to a LAN

SWITCHING TECHNOLOGY

A switch won't simply receive data and transmit it throughout every port, but it will read the
data and find out the packet's destination by checking the MAC address. The destination
MAC address is located always at the beginning of the packet so once the switch reads it, it is
forwarded to the appropriate port so no other node or computer connected to the switch will
see the packet.

Switches use Application Specific Integrated Circuits (ASIC's) to build and maintain filter
tables.
Layer-2 switches are a lot faster than routers cause they don’t look at the Network Layer
Header (information). Instead all they look at is the frame's hardware address (MAC address)
to determine where the frame needs to be forwarded or if it needs to be dropped. If we had to
point a few features of switches we would say:

• They provide hardware based bridging (MAC addresses)

• They work at wire speed, therefor have low latency
• They come in 3 different types: Store & Forward, Cut-Through and Fragment Free
38
Below is a picture of two typical switches. Notice how they looks similar to a hubs, but they
aren't. It's just that the difference is on the inside!

All switches regardless of the brand and various enhancements they carry, have something in
common, it's the three stages (sometimes 2 stages) they go through when powered up and
during operation. These are as follows:

ADDRESS LEARNING

When a switch is powered on, the MAC filtering table is empty. When a device transmits and
an interface receives a frame, the switch places the source address in the MAC filtering table
remembering the interface the device on which it is located. The switch has no choice but to
flood the network with this frame because it has no idea where the destination device is
located.

If a device answers and sends a frame back, then the switch will take the source address from
that frame and place the MAC address in the database, associating this address with the
interface that received the frame.

Since the switch has two MAC addresses in the filtering table, the devices can make a point-
to-point connection and the frames will only be forwarded between the two devices. This
makes layer-2 switches better than hubs. Most desktop switches these days can hold upto
8000 MAC addresses in their table, and once the table is filled, then starting with the very
first MAC entry, the switch will start overwriting the entries.

39
And after the first frame has been successfully received by Node 2, Node 2 sends a reply to
Node 1, check out what happens:

Notice how the frame is not transmitted to every node on the switch. The switch by now has
already learned that Node 1 is on the first port, so it send it straight there without delay. From
now on, any communication between the two will be a point-to-point connection :

FORWARD/FILTER DECISION

When a frame arrives at the switch, the first step is to check the destination hardware address,
which is compaired to the forward/filter MAC database. If the destination hardware address is
known, then it will transmit it out the correct port, but if the destination hardware address is
not known, then it will broadcast the frame out of all ports, except the one which it received it
from. If a device (computer) answers to the broadcast, then the MAC address of that device is
added to the MAC database of the switch.

LOOP AVOIDANCE

40
It's always a good idea to have a redundant link between your switches, in case one decides to
go for a holiday. When you setup redundant switches in your network to stop failures, you
can create problems.

The above picture shows an example of two switches which have been placed in the network
to provide redundancy in case one fails. Both switches have their first port connected to the
upper section of the network, while their port 2 is connected to the lower section of the same
network. This way, if Switch A fails, then Switch B takes over, or vice versa. Things will
work fine until a broadcast come along and causes a lot of trouble. The server is going to
send a broadcast over the network.

The Server for one reason or another decides to do a broadcast. This First Round (check
arrow) broadcast is sent down to the network cable and firstly reaches Port 1 on Switch A. As
a result, since Switch A has Port 2 connected to the other side of the LAN, it sends the
broadcast out to the lower section of the network, this then is sent down the wire and reaches
Port 2 on Switch B which will send it out Port 1 and back onto the upper part of the network.
At this point, as the arrows indicate (orange colour) the Second Round of this broadcast
starts. So again... the broadcast reaches Port 1 of Switch A and goes out Port 2 back down to
the lower section of the network and back up via Port 2 of Switch B. After it comes out of
Port 1 of Switch B, we get the Third Round, and then the Fourth Round, Fifth Round and
keeps on going without stopping.....! This is what we call a Broadcast Storm.

41
A Broadcast Storm will repeat constantly, chewing up the valuable bandwidth on the
network. This is a major problem, so they had to solve it one way or another, and they did...
with the Spanning-Tree Protocol or STP in short. What STP does, is to find the redundant
links, which this case would be Port 2 of Switch B and shut it down, thus eliminating the
possibility of looping to occur.

LAN SWITCHES TYPE

The latency does vary and depends on what type of switching mode the switch is operating
at. The picture below shows how far the different switching modes check the frame:

The fact is that switches can operate in one of the three modes. Some advance switches will
allow you to actually pick the mode you would like it to operate in, while others don't give
you any choice.

STORE AND FORWARD MODE

This is one of the most popular switching methods. In this mode, when the switch receives a
frame from one of it's ports, it will store it in memory, check it for errors and corruption, and
if it passes the test, it will forward the frame out the designated port, otherwise, if it discovers
that the frame has errors or is corrupt, it will discard it. This method is the safest, but also has
the highest latency.

CUT-THROUGH (REAL TIME)

Cut-Through switching is the second most popular method. In this mode,the switch reads the
frame until it learns the destination MAC address of the frame it's receiving. Once it learns it,
it will forward the frame straight out the designated port without delay. This is why we say
it's -Real Time-, there is no delay or error checking done to the frame.

FRAGMENT FREE

The Fragment free switching method is mainly used to check for frames which have been
subject to a collision. The frame's first 64 bytes are only checked before forwarding the frame
42
out the designated port. Reason for this is because almost all collisions will happen within the
first 64 bytes of a frame. If there is a corruption in the first 64 bytes, it's most likely that that
frame was a victim of a collision.

 REAPTER
As signals travel along a network cable (or any other medium of transmission), they degrade
and become distorted in a process that is called attenuation. If a cable is long enough, the
attenuation will finally make a signal unrecognizable by the receiver.

A repeater is an electronic device that receives a signal and retransmits it at a higher level
and/or higher power, or onto the other side of an obstruction, so that the signal can cover
longer distances.

A wireless
repeater.

In telecommunication, the term repeater has the following standardized meanings:

• An analog device that amplifies an input signal regardless of its nature (analog or
digital).
• A digital device that amplifies, reshapes, retimes, or performs a combination of any of
these functions on a digital input signal for retransmission.[1]

Because repeaters work with the actual physical signal, and do not attempt to interpret the
data being transmitted, they operate on the Physical layer, the first layer of the OSI model.
Repeaters are often used in trans-continental and submarine communications cables, because
the attenuation (signal loss) over such distances would be unacceptable without them.
Repeaters are used in both copper-wire cables carrying electrical signals, and in fiber optics
carrying light.

DIGIPEATER

A "digipeater" is a blend meaning "digital repeater", particularly used in amateur radio. Store
and forward digipeaters generally receive a packet radio transmission and then retransmit it
on the same frequency, unlike repeaters that receive on one and transmit on another
frequency.

 BRIDGE
43
Bridging is a forwarding technique used in packet-switched computer networks. Unlike
routing, bridging makes no assumptions about where in a network a particular address is
located. Instead, it depends on flooding and examination of source addresses in received
packet headers to locate unknown devices. Once a device has been located, its location is
recorded in a table where the MAC address is stored so as to preclude the need for further
broadcasting. The utility of bridging is limited by its dependence on flooding, and is thus
only used in local area networks.

A network bridge connects multiple network segments. A bridge and switch are very much
alike; a switch being a bridge with numerous ports. Switch or Layer 2 switch is often used
interchangeably with bridge. Bridges inspect incoming traffic and decide whether to forward
or discard it. An Ethernet bridge, for example, inspects each incoming Ethernet frame -
including the source and destination MAC addresses, and sometimes the frame size - in
making individual forwarding decisions

Bridges are similar to repeaters or network hubs, devices that connect network segments at
the physical layer (Layer 1) of the OSI model; however, with bridging, traffic from one
network is managed rather than simply rebroadcast to adjacent network segments. Bridges
are more complex than hubs or repeaters. Bridges can analyze incoming data packets to
determine if the bridge is able to send the given packet to another segment of the network.
Bridging and routing are both ways of performing data control, but work through different
methods. Bridging takes place at OSI Model Layer 2 (data-link layer) while routing takes
place at the OSI Model Layer 3 (network layer). This difference means that a bridge directs
frames according to hardware assigned MAC addresses while a router makes its decisions
according to arbitrarily assigned IP Addresses. As a result of this, bridges are not concerned
with and are unable to distinguish networks while routers can.

TRANPARENT BRIDGING OPERATION

A bridge uses a forwarding database to send frames across network segments. The
forwarding database is initially empty and entries in the database are built as the bridge
receives frames. If an address entry is not found in the forwarding database, the frame is
flooded to all other ports of the bridge, forwarding the frame to all segments except the
source address. By means of these broadcast frames, the destination network will respond and
forwarding database entry will be created.

As an example, consider three hosts, A, B and C and a bridge. The bridge has three ports. A
is connected to bridge port 1, B is connected bridge port 2, C is connected to bridge port 3. A
sends a frame addressed to B to the bridge. The bridge examines the source address of the
frame and creates an address and port number entry for A in its forwarding table. The bridge
examines the destination address of the frame and does not find it in its forwarding table so it
floods it to all other ports: 2 and 3. The frame is received by hosts B and C. Host C examines
the destination address and ignores the frame. Host B recognizes a destination address match
and generates a response to A. On the return path, the bridge adds an address and port
number entry for B to its forwarding table. The bridge already has A's address in its
forwarding table so it forwards the response only to port 1. Host C or any other hosts on port
3 are not burdened with the response. Two-way communication is now possible between A
and B without any further flooding.
44
Note that both source and destination addresses are used in this algorithm. Source addresses
are recorded in entries in the table, while destination addresses are looked up in the table and
matched to the proper segment to send the frame to.

FILTERING DATABASE

To translate between two segments, a bridge reads a frame's destination MAC address and
decides to either forward or filter. If the bridge determines that the destination node is on
another segment on the network, it forwards it (retransmits) the packet to that segment. If the
destination address belongs to the same segment as the source address, the bridge filters
(discards) the frame. As nodes transmit data through the bridge, the bridge establishes a
filtering database (also known as a forwarding table) of known MAC addresses and their
locations on the network. The bridge uses its filtering database to determine whether a packet
should be forwarded or filtered.

ADVANTAGES

• Self-configuring
• Simple bridges are inexpensive
• Isolate collision domain
• Reduce the size of collision domain by microsegmentation in non-switched networks
• Transparent to protocols above the MAC layer
• Allows the introduction of management/performance information and access control
• LANs interconnected are separate, and physical constraints such as number of
stations, repeaters and segment length don't apply
• Helps minimize bandwidth usage

DISADVANTAGES

• Does not limit the scope of broadcasts [broadcast domain cannot be controlled]
• Does not scale to extremely large networks
• Buffering and processing introduces delays
• Bridges are more expensive than repeaters or hubs
• A complex network topology can pose a problem for transparent bridges. For
example, multiple paths between transparent bridges and LANs can result in bridge
loops. The spanning tree protocol helps to reduce problems with complex topologies.

 MODEM
Modem is an abbreviation for Modulator Demodulator. A modem converts data from digital
computer signals to analog signals that can be sent over a phone line (modulation). The
analog signals are then converted back into digital data by the receiving modem
(demodulation). A modem is given digital information in the form of ones and zeros by the
computer. The modem converts it to analog signals and sends over the phone line. Another
modem then receives these signals, converts them back into digital data and sends the data to
the receiving computer.

45
In a configuration like this, a dumb terminal at an off-site office or store could "dial in" to a
large, central computer. A dumb terminal is simply a keyboard and a screen. When personal
computers started appearing in the late 1970s, bulletin board systems (BBS) became the rage.
A person would set up a computer with a modem or two and some BBS software, and other
people would dial in to connect to the bulletin board. The users would run terminal emulators
on their computers to emulate a dumb terminal.

People got along at 300 bps for quite a while. The reason this speed was tolerable was
because 300 bps represents about 30 characters per second, which is a lot more characters per
second than a person can type or read. Modem speeds went through a series of steps at
approximately two-year intervals:

• 300 bps - 1960s through 1983 or so

• 1200 bps - Gained popularity in 1984 and 1985
• 2400 bps
• 9600 bps - First appeared in late 1990 and early 1991
• 19.2 kilobits per second (Kbps)
• 28.8 Kbps
• 33.6 Kbps
• 56 Kbps - Became the standard in 1998
• ADSL, with theoretical maximum of up to 8 megabits per second (Mbps) - Gained
popularity in 1999

Here we discuss some internal functions of modem that helps in the modulation and
demodulation process.

• DATA COMPRESSION

Computers are capable of transmitting information to modems much faster than the modems
are able to transmit the same information over a phone line. However, in order to transmit
data at a speed greater than 600 bits per second (bps), it is necessary for modems to collect
bits of information together and transmit them via a more complicated sound. This allows the
transmission of many bits of data at the same time. This gives the modem time to group bits
together and apply compression algorithm to them. Modem compresses them and sends over.

• ERROR CORRECTION
46
Error correction is the method by which modems verify if the information sent to them has
been undamaged during the transfer. Error correcting modems break up information into
small packets, called frames and send over after adding a checksum to each of these frames.
The receiving modem checks whether the checksum matches the information sent. If not, the
entire frame is resent. Though error correction data transfer integrity is preserved.

• FLOW CONTROL

If one modem in a dial up connection is capable of sending data much faster than the other
can receive then flow control allows the receiving modem to tell the other to pause while it
catches up. Flow control exists as either software or hardware flow control. With software
flow control, when a modem needs to tell the other to pause, it sends a certain character
signaling pause. When it is ready to resume, it sends a different character.
Since software flow control regulates transmissions by sending certain characters, line noise
could generate the character commanding a pause, thus hanging the transfer until the proper
character is sent. Hardware flow control uses wires in the modem cable. This is faster and
much more reliable than software flow control.

• DATA BUFFERING

Data buffering is done using a UART. A UART (Universal Asynchronous

Receiver/Transmitters) is an integrated circuit that converts parallel input into serial output.
UART is used by computers to send information to a serial device such as a modem. The
computer communicates with the serial device by writing in the UART's registers. UARTs
have buffers through which this communication occurs on First in First out basis. It means
that the first data to enter the buffer is the first to leave. Without the FIFO, information would
be scrambled when sent by a modem. This basically helps the CPU to catch up if it has been
busy dealing with other tasks.

 NETWORK INTERFACE CONTROLLER/CARD

A network interface card (NIC) is a hardware device that handles an interface to a computer
network and allows a network-capable device to access that network. The NIC has a ROM
chip that contains a unique number, the media access control (MAC) Address burned into it.
The MAC address identifies the device uniquely on the LAN. The NIC exists on the 'Data
Link Layer' (Layer 2) of the OSI model.

PURPOSE
A network interface card, network adapter, network interface controller (NIC), or LAN
adapter is a computer hardware component designed to allow computers to communicate
over a computer network. It is both an OSI layer 1 (physical layer) and layer 2 (data link
layer) device, as it provides physical access to a networking medium and provides a low-level
addressing system through the use of MAC addresses. It allows users to connect to each other
either by using cables or wirelessly.

47
Although other network technologies exist (e.g. Token Ring), Ethernet has achieved near-
ubiquity since the mid-1990s. Every Ethernet network card has a unique 48-bit serial number
called a MAC address, which is stored in ROM carried on the card. Every computer on an
Ethernet network must have a card with a unique MAC address. Normally it is safe to assume
that no two network cards will share the same address, because card vendors purchase blocks
of addresses from the Institute of Electrical and Electronics Engineers (IEEE) and assign a
unique address to each card at the time of manufacture.

Ethernet 10Base-5/2 NIC.

Whereas network cards used to be expansion cards that plug into a computer bus, the low
cost and ubiquity of the Ethernet standard means that most newer computers have a network
interface built into the motherboard. These either have Ethernet capabilities integrated into
the motherboard chipset or implemented via a low cost dedicated Ethernet chip, connected
through the PCI (or the newer PCI express) bus. A separate network card is not required
unless multiple interfaces are needed or some other type of network is used. Newer
motherboards may even have dual network (Ethernet) interfaces built-in.

IMPLEMENTATION
The card implements the electronic circuitry required to communicate using a specific
physical layer and data link layer standard such as Ethernet or token ring. This provides a
base for a full network protocol stack, allowing communication among small groups of
computers on the same LAN and large-scale network communications through routable
protocols, such as IP.There are four techniques used to transfer data, the NIC may use one or
more of these techniques.

• Polling is where the microprocessor examines the status of the peripheral under
program control.
• Programmed I/O is where the microprocessor alerts the designated peripheral by
applying its address to the system's address bus.
• Interrupt-driven I/O is where the peripheral alerts the microprocessor that it's ready to
transfer data.
• DMA is where an intelligent peripheral assumes control of the system bus to access
memory directly. This removes load from the CPU but requires a separate processor
on the card.

A network card typically has a RJ45, BNC, or AUI socket where the network cable is
connected, and a few LEDs to inform the user of whether the network is active, and whether
48
or not there is data being transmitted on it. Network cards are typically available in
10/100/1000 Mbit/s varieties. This means they can support a notional maximum transfer rate
of 10, 100 or 1000 Megabits per second.Sometimes the words 'controller' and 'card' are used
interchangeably when talking about networking because the most common NIC is the
network interface card. Although 'card' is more commonly used, it is less encompassing. The
'controller' may take the form of a network card that is installed inside a computer, or it may
refer to an embedded component as part of a computer motherboard, a router, expansion card,
printer interface or a USB device.

49
 NETWORK
CABLES

 UNSHIELDED TWISTED PAIR (UTP) CABLE

Unshielded Twisted Pair cable is most certainly by far the most popular cable around the
world. UTP cable is used not only for networking but also for the traditional telephone (UTP-
Cat 1). There are 6 different types of UTP categories and, depending on what you want to
achieve, you would need the appropriate type of cable. UTP-CAT5 is the most popular UTP
cable, it came to replace the good old coaxial cable which was not able to keep up with the
constant growing need for faster and more reliable networks.

CHRACTERISTICS

The characteristics of UTP are very good and make it easy to work with, install, expand and
troubleshoot. Different wiring schemes available for UTP are shown below:

CAT1 is typically telephone wire. This type of wire is not capable of supporting computer
network traffic and is not twisted. It is also used by phone companies who provide ISDN,
where the wiring between the customer's site and the phone company's network uses CAT 1
cable.

CAT2, CAT3, CAT4, CAT5 and CAT6 are network wire specifications. This type of wire
can support computer network and telephone traffic. CAT2 is used mostly for token ring
networks, supporting speeds up to 4 Mbps. For higher network speeds (100Mbps plus) you
must use CAT5 wire, but for 10Mbps CAT3 will suffice. CAT3, CAT4 and CAT5 cable are
actually 4 pairs of twisted copper wires and CAT5 has more twists per inch than CAT3
50
therefore can run at higher speeds and greater lengths. The "twist" effect of each pair in the
cables will cause any interference presented/picked up on one cable to be cancelled out by the
cable's partner which twists around the initial cable. CAT3 and CAT4 are both used for
Token Ring and have a maximum length of 100 meters.

CAT6 wire was originally designed to support gigabit Ethernet (although there are standards
that will allow gigabit transmission over CAT5 wire, that's CAT 5e). It is similar to CAT5
wire, but contains a physical separator between the 4 pairs to further reduce electromagnetic
interference.

As you can see in the picture , the 4 pairs are labelled, Pairs 2 & 3 are used for normal
10/100Mbit networks, while Pairs 1 & 4 are reserved. In Gigabit Ethernet, all 4 pairs are
used.

Ethernet is generally carried in 8-conductor cables with 8-pin modular plugs and jacks. The
connector standard is called "RJ-45" and is just like a standard RJ-11 modular telephone
connector, except it is a bit wider to carry more pins.

STRAIGHT THROUGH UTP CABLES

The eight-conductor data cable contains 4 pairs of wires. Each pair consists of a solid colored
wire and a white wire with a stripe of the same color. The pairs are twisted together. To
maintain reliability on Ethernet, you should not untwist them any more than necessary (like
about 1 cm). The pairs designated for 10 and 100 Mbit Ethernet are Orange and Green. The
other two pairs, Brown and Blue, can be used for a second Ethernet line or for phone
connections. There are two wiring standards for these cables, called "T568A" (also called
"EIA") and "T568B" (also called "AT&T" and "258A"). They differ only in connection
sequence - that is, which color is on which pin, not in the definition of what electrical signal
is on a particular color.

51
 • T568B

Note that the odd pin numbers are always the white with stripe color (1,3,5,7). The wires
connect to RJ-45 8-pin connectors as shown below:

FOR T568B

Pin color - pair name

1 white/orange (pair 2) TxData +
2 orange (pair 2) ........ TxData -
3 white/green (pair 3) ..RecvData+
4 blue (pair 1)
5 white/blue (pair 1)
6 green (pair 3) ...........RecvData-
7 white/brown (pair 4)
8 brown (pair 4)

The wall jack may be wired in a different sequence because the wires are often crossed inside
the jack. The jack should either come with a wiring diagram or at least designate pin
numbers.

• T568A

The T568A specification reverses the orange and green connections so that pairs 1 and 2 are
on the centre 4 pins, which makes it more compatible with the telco voice connections. (Note
that in the RJ-11 plug at the top, pairs 1 and 2 are on the centre 4 pins.) T568A goes:

52
 FOR T568A

Pin color - pair name

1 white/green (pair 3) ..RecvData+
2 green (pair 3) ..........RecvData-
3 white/orange (pair 2) TxData +
4 blue (pair 1)
5 white/blue (pair 1)
6 orange (pair 2) .........TxData -
7 white/brown (pair 4)
8 brown (pair 4)

The most common application for a straight through cable is a connection between a PC and
a hub/switch. In this case the PC is connected directly to the hub/switch which will
automatically cross over the cable internally, using special circuits. In the case of a CAT1
cable, which is usually found in telephone lines, only 2 wires are used, these do not require
any special cross over since the phones connect directly to the phone socket.

53
The picture above shows us a standard CAT5 straight thru cable, used to connect a PC to a
HUB. You might get a bit confused because you might expect the TX+ of one side to connect
to the TX+ of the other side but this is not the case. When you connect a PC to a HUB, the
HUB it will automatically x-over the cable for you by using its internal circuits, this results
Pin 1 from the PC (which is TX+) to connect to Pin 1 of the HUB (which connects to
RX+).This happens for the rest of the pinouts as well.

If the HUB didn't x-over the pinouts using its internal circuits (this happens when you use the
Uplink port on the hub) then Pin 1 from the PC (which is TX+) would connect to Pin 1 of the
HUB (which would be TX+ in this case). So you notice that no matter what we do with the
HUB port (uplink or normal), the signals assigned to the 8 Pins on the PC side of things, will
always remain the same, the HUB's pinouts though will change depending whether the port is
set to normal or uplink.

CAT5 UTP X-OVER CABLE

The cross-over (x-over) CAT5 UTP cable has to be one of the most used cables after the
classic straight-thru cable. The x-over cable allows us to connect two computers without
needing a hub or switch. We don't have a hub, we need to manually do the x-over.

When sending or receiving data between two devices, e.g computers, one will be sending
while the other receives. All this is done via the network cable and if you look at a network
cable you will notice that it contains multiple cables. Some of these cables are used to send
data, while others are used to receive data and this is exactly what we take into account when
creating an x-over cable. We basically connect the TX (transmit) of one end to the RX
(receive) of the other !

The diagram below shows this in the simplest way possible:

CAT5 X-OVER

There is only one way to make a CAT5 x-over cable and it's pretty simple. As mentioned
previously, an x-over cable is as simple as connecting the TX from one end to the RX of the
other and vice versa.

Let's now have a look at the pinouts of a typical x-over CAT5 cable:

54
As you can see, only 4 pins are needed for a x-over cable. When you buy a x-over cable, you
might find that all 8 pins are used, these cables aren't any different from the above, it's just
that there are cables running to the unused pins. This won't make any difference in
performance, but is just a habit some people follow.

Here are the pinouts for a x-over cable which has all 8 pins connected:

X-OVER USE

X-over cables are not just used to connect computers, but a variety of other devices. Prime
example are switches and hubs. If you have two hubs and you need to connect them, you
would usually use the special uplink port which, when activated through a little switch (in
most cases), makes that particular port not cross the tx and rx, but leave them as if they were
straight through. What happens though if you haven't got any uplink ports or they are already
used ?

The X-over cable will allow you to connect them and solve your problem. The diagram
below shows a few examples to make it simpler:

55
As you can see in the above diagram, thanks to the uplink port, there is no need for a x-over
cable.

Let's now have have look at how to cope when we don't have an uplink to spare, in which
case we must make a x-over cable to connect the two hubs:

 SHIELDED TWISTED PAIR (STP) CABLE

Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical
frequency interference (it should not be too close to electric motors, fluorescent lights, etc.).
If you must place cable in environments with lots of potential interference, or if you must
place cable in extremely sensitive environments that may be susceptible to the electrical
current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to
extend the maximum distance of the cables.

Shielded twisted pair cable is available in three different configurations:

• Each pair of wires is individually shielded with foil.

• There is a foil or braid shield inside the jacket covering all wires (as a group).
• There is a shield around each individual pair, as well as around the entire group of
wires (referred to as double shield twisted pair).

56
 STP Cable

 COXIAL CABLE
Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation
between the center conductor and a braided metal shield. The metal shield helps to block any
outside interference.

Coaxial cable
Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In
addition, it can support greater cable lengths between network devices than twisted pair
cable. Like any electrical power cord, coaxial cable conducts AC electric current between
locations. Like these other cables, it has two conductors, the central wire and the tubular
shield. At any moment the current is traveling outward from the source in one of the
conductors, and returning in the other. However, since it is alternating current, the current
reverses direction many times a second.

Coaxial cable differs from other cable because it is designed to carry radio frequency current.
This has a frequency much higher than the 50 or 60 Hz used in mains (electric power) cables,
reversing direction millions to billions of times per second. Like other types of radio
transmission line, this requires special construction to prevent power losses.

If an ordinary wire is used to carry high frequency currents, the wire acts as an antenna, and
the high frequency currents radiate off the wire as radio waves, causing power losses. To
prevent this, in coaxial cable one of the conductors is formed into a tube and encloses the
other conductor. This confines the radio waves from the central conductor to the space inside
the tube. To prevent the outer conductor, or shield, from radiating, it is connected to electrical
ground keeping it at a constant potential.

Their two types of coaxial cables. Thin coaxial cable is also referred to as thinnet. Thick
coaxial cable is also referred to as thicknet.

CABLE CONNECTORS

The most common type of connector used with coaxial cables is the Bayone-Neill-
Concelman (BNC) connector. Different types of adapters are available for BNC connectors,
57
including a T-connector, barrel connector, and terminator. Connectors on the cable are the
weakest points in any network. To help avoid problems with your network, always use the
BNC connectors that crimp, rather

BNC connector

 OPTICAL FIBER

An optical fiber is made up of the core, (carries the light pulses), the cladding (reflects the
light pulses back into the core) and the buffer coating (protects the core and cladding from
moisture, damage, etc.). Together, all of this creates a fiber optic which can carry up to 10
million messages at any time using light pulses.

ADVANTAGES

Because of the Low loss, high bandwidth properties of fibre cables they can be used over
greater distances than copper cables. In data networks this can be as much as 2km without the
use of repeaters. Their light weight and small size also make them ideal for applications
where running copper cables would be impractical and, by using multiplexors, one fibre
could replace hundreds of copper cables. This is pretty impressive for a tiny glass filament,
but the real benefit in the data industry is its immunity to Electro Magnetic Interference
(EMI), and the fact that glass is not an electrical conductor.

Because fibre is non-conductive it can be used where electrical isolation is needed, for
instance, between buildings where copper cables would require cross bonding to eliminate
differences in earth potentials. Fibres also pose no threat in dangerous environments such as
chemical plants where a spark could trigger an explosion. Last but not least is the security
aspect, it is very, very difficult to tap into a fibre cable to read the data signals.

FIBER CONSTRUCTION

There are many different types of fibre cable, but for the purposes of this explanation we will
deal with one of the most common types, 62.5/125 micron loose tube. The numbers represent
the diameters of the fibre core and cladding, these are measured in microns which are
millionths of a metre.

58
Loose tube fibre cable can be indoor or outdoor, or both, the outdoor cables usually have the
tube filled with gel to act as a moisture barrier to the ingress of water. The number of cores in
one cable can be anywhere from 4 to 144.

LIGHT PROPOGATION

Light travels along a fibre cable by a process called 'Total Internal Reflection' (TIR), this is
made possible by using two types of glass which have different refractive indexes. The inner
core has a high refractive index and the outer cladding has a low index.

In multi-mode fibres, as the name suggests, there are multiple modes of propagation for the
rays of light. These range from low order modes, which take the most direct route straight
down the middle, to high order modes, which take the longest route as they bounce from one
side to the other all the way down the fibre.This has the effect of scattering the signal because
the rays from one pulse of light arrive at the far end at different times; this is known as
Intermodal Dispersion (sometimes referred to as Differential Mode Delay, DMD). To ease
the problem, graded index fibres were developed. Unlike the examples above which have a
definite barrier between core and cladding, these have a high refractive index at the centre
which gradually reduces to a low refractive index at the circumference. This slows down the
lower order modes allowing the rays to arrive at the far end closer together, thereby reducing
intermodal dispersion and improving the shape of the signal.

59
GENERAL EXPLANATIONS
Many times when referring to networking cables we come across terms like:

10Base-T/2/5/F/35 Cable or 100Base-(T) TX/T4/FX Cable

These give us the specifications of the cable, that is, what type of cable is used. The
explanation is given below:

10/100

The number 10/100 represents the frequency in MHz (Mega Hertz) for which this cable is
made. The greater the MHz, the greater speeds the cable can handle. If you try to use this
type of cable for greater frequencies (and, therefore, speeds) then it either will not work or
become extremely unreliable.

Base

The word "Base" refers to Baseband. Baseband is the type of communication used by
Ethernet and it means that when a computer is transmitting, it uses all the available bandwith,
whereas Broadband (cable modems) shares the bandwidth available.

The examples are:

10Base-T

A few years ago, the 10 BaseT cables used CAT3 cables, which are used for speeds up to
10Mbit. Only 2 pairs of the UTP cable are used with the 10Base-T specification and the
maximum length is 100 meters. Minimum length between nodes is 2.5 meters.

10Base-2

This specification uses Coaxial cable which is usually black, sometimes also called "Thinwire
coax", "Thin Ethernet" or "RJ-58" cable. Maximum length is 185 meters while the minimum
length between nodes is 0.5 meters. 10Base-2 uses BNC connectors which, depending on the
configuration, require special terminators.

10Base-5

This specification uses what's called "Thickwire" coaxial cable. The maximum length is 500
meters while the minimum length between nodes is 2.5 meters. Also, special connectors are
used to interface to the network card, these are called AUI (Attachment Unit Interface)
connectors

10Base-F

This specification uses fibre optic cable. Even though the 10Base-F specification is for speeds
up to 10Mbits per second, depending on the type of fibre and equipment you use, you can get
speeds of up to 2Gigabits per second .
60
10Base-35

The 10Base-35 specification uses broadband coaxial cable. It is able to carry multiple
baseband channels for a maximum length of 3,600 meters or 3.6 Kms.

100Base-TX

The TX (sometimes refered as "T" only) means it's a CAT5 UTP straight through cable using
2 of the 4 available pairs and supports speeds up to 100Mbits. Maximum length is 100 meters
and minimum length between nodes is 2.5 meters.

100Base-T4

The T4 means it's a CAT5 UTP straight through cable using all 4 available pairs and supports
speeds up to 100Mbits. Maximum length is 100 meters and minimum length between nodes
is 2.5 meters.

100Base-FX

The FX means it's a 2 strand fiber cable and supports speeds up to 100Mbits. Maximum
length is usually upto 2 kms.

IP ADDRESS &
SUBNETTING

IP ADDRESS

61
An Internet Protocol address (IP address) is a numerical label that is assigned to devices
participating in a computer network that uses the Internet Protocol for communication
between its nodes. An IP address serves two principal functions: host or network interface
identification and location addressing.

The designers of TCP/IP defined an IP address as a 32-bit number and this system, known as
Internet Protocol Version 4 or IPv4, is still in use today. However, due to the enormous
growth of the Internet and the predicted depletion of available addresses, a new addressing
system (IPv6), using 128 bits for the address, was developed in 1995. Although IP addresses
are stored as binary numbers, they are usually displayed in human-readable notations, such as
208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6).

The Internet Protocol is used to route data packets between networks; IP addresses specify
the locations of the source and destination nodes in the topology of the routing system. For
this purpose, some of the bits in an IP address are used to designate a subnetwork. The
number of these bits is indicated in CIDR notation, appended to the IP address; e.g.,
208.77.188.166/24.

The Internet Assigned Numbers Authority (IANA), which manages the IP address space
allocations globally, cooperates with five Regional Internet Registries (RIRs) to allocate IP
address blocks to Local Internet Registries (Internet service providers) and other entities.Two
versions of the Internet Protocol (IP) are in use: IP Version 4 and IP Version 6. Each version
defines an IP address differently.

 IP VERSION 4 (IPv4)

IPv4 uses 32-bit (4-byte) addresses, which limits the address space to 4,294,967,296 (232)
possible unique addresses. IPv4 reserves some addresses for special purposes such as private
networks (~18 million addresses) or multicast addresses (~270 million addresses).

IPv4 addresses are usually represented in dot-decimal notation (four numbers, each ranging
from 0 to 255, separated by dots, e.g. 208.77.188.166). Each part represents 8 bits of the
address, and is therefore called an octet.
62
IPv4 SUBNETTING

In the early stages of development of the Internet Protocol, network administrators

interpreted an IP address in two parts, network number portion and host number portion. The
highest order octet (most significant eight bits) in an address was designated as the network
number and the rest of the bits were called the rest field or host identifier and were used for
host numbering within a network.

The early method soon proved inadequate as additional networks developed that were
independent from the existing networks already designated by a network number. In 1981,
the Internet addressing specification was revised with the introduction of classful network
architecture.

A classful network is a network architecture used in the Internet until around 1993. It divides
the address space for Internet Protocol Version 4 (IPv4) into five address classes. Each class,
coded in the first four bits of the address, defines a different network size (number of hosts),
or a different network type (unicast or multicast).

Today remnants of classful network concepts remain in practice only in a limited scope in the
default configuration parameters of some network software and hardware components (e.g.,
network mask), but the terms are often still heard in general discussions of network structure
among network administrators.

Expansion of the network had to ensure compatibility with the existing address space and the
Internet Protocol (IP) packet structure, and avoid the renumbering of the existing networks.
The solution was to expand the definition of the network number field to include more bits,
allowing more networks to be designated, each potentially having fewer hosts. All existing
network numbers at the time were smaller than 64, they only used the 6 least-significant bits
of the network number field. Thus it was possible to use the most-significant bits of an
address to introduce a set of address classes, while preserving the existing network numbers
in the first of these classes.

This addressing scheme is illustrated in the following table:

Class Leadi Size Size Numbe Addres Start End address

ng of of r ses addres
Bits Netw Rest of per s
ork Bit Netwo Networ
Numb field rks k
er Bit
field

Class A 0 8 24 128 16,77 0.0.0.0 127.255.255.

7
(2 ) 7,216 255
(224)

Class B 10 16 16 16,3 65,53 128.0.0. 191.255.255.

84 (214) 6 (216) 0 255

Class C 110 24 8 2,09 256 192.0.0. 223.255.255.

63
 7,152 (28) 0 255
(221)

Class D 111 not not not not 224.0.0. 239.255.255.

(multic 0 define define defined defined 0 255
ast) d d

Class E 111 not not not not 240.0.0. 255.255.255.

(reserv 1 define define defined defined 0 255
ed) d d

The number of addresses usable for addressing specific hosts in each network is always 2N -
2 (where N is the number of rest field bits, and the subtraction of 2 adjusts for the use of the
all-bits-zero host portion for network address and the all-bits-one host portion as a broadcast
address. Thus, for a Class C address with 8 bits available in the host field, the number of
hosts is 254.

Today, IP addresses are associated with a subnet mask. This was not required in a classful
network because the mask was implicitly derived from the IP address itself. Any network
device would inspect the first few bits of the IP address to determine the class of the address.
Classful addressing is obsolete and has not been used in the Internet since the implementation
of Classless Inter-Domain Routing (CIDR) starting in 1993.

 IP VERSION 6 (IPv6)
Internet Protocol version 6 (IPv6) is a version of the Internet Protocol that is designed to
succeed IPv4, the first publicly used implementation, which is still in dominant use currently.
It is an Internet Layer protocol for packet-switched internetworks. The main driving force for
the redesign of Internet Protocol is the foreseeable IPv4 address exhaustion. IPv6 is specified
by the Internet Engineering Task Force (IETF) .IPv6 has a vastly larger address space than
IPv4. This results from the use of a 128-bit address, whereas IPv4 uses only 32 bits. The new
address space thus supports 2128 (about 3.4×1038) addresses. This expansion provides
flexibility in allocating addresses and routing traffic and eliminates the primary need for
network address translation (NAT), which gained widespread deployment as an effort to
alleviate IPv4 address exhaustion.

IPv6 also implements new features that simplify aspects of address assignment (stateless
address autoconfiguration) and network renumbering (prefix and router announcements)
when changing Internet connectivity providers. The IPv6 subnet size has been standardized
by fixing the size of the host identifier portion of an address to 64 bits to facilitate an
automatic mechanism for forming the host identifier from Link Layer media addressing
information (MAC address).

Network security is integrated into the design of the IPv6 architecture. Internet Protocol
Security (IPsec) was originally developed for IPv6, but found widespread optional
deployment first in IPv4 (into which it was back-engineered). The IPv6 specifications
mandate IPsec implementation as a fundamental interoperability requirement.

IPv6 ADRESS CLASSES

64
IPv6 addresses are classified by the primary addressing and routing methodologies common
in networking: unicast addressing, anycast addressing, and multicast addressing.

• A unicast address identifies a single network interface. The Internet Protocol delivers
packets sent to a unicast address to that specific interface.
• An anycast address is assigned to a group of interfaces, usually belonging to different
nodes. A packet sent to an anycast address is delivered to just one of the member
interfaces, typically the nearest host, according to the routing protocol’s definition of
distance. Anycast addresses cannot be identified easily: they have the structure of
unicast addresses, and differ only by their presence in the network at multiple points.
Almost any unicast address can be employed as an anycast address.
• A multicast address is also assigned to a set of interfaces that typically belong to
different nodes. A packet that is sent to a multicast address is delivered to all
interfaces that have joined the corresponding multicast group. Multicast addresses
begin with an octet of one 1-bits, i.e., they have prefix ff00::/8.

NOTATION

An illustration of an IP address (version 6), in hexadecimal and binary.

An IPv6 address is represented as eight groups of four hexadecimal digits, each group
representing 16 bits (two octets). The groups are separated by a colon (:). A typical example
of an IPv6 address follows:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

The hexadecimal digits are case-insensitive.

65
The full representation may be simplified by several techniques. Each bit field must contain
at least one hexadecimal digit.

LEADING ZEROS

Leading zeroes in a group may be omitted, each group must contain at least one hexadecimal
digit. Thus, the example address may be written as:

2001:db8:85a3:0:0:8a2e:370:7334

GROUPS OF ZEROS

One or any number of consecutive groups of zero value may be replaced with two colons.
This substitution may only be applied once in an address, as multiple occurrences would
create an ambiguous representation. With this rule, the example address may be further
simplified:

2001:db8:85a3::8a2e:370:7334

The localhost (loopback) address, 0:0:0:0:0:0:0:1, and the IPv6 unspecified address,
0:0:0:0:0:0:0:0, are reduced to ::1 and ::, respectively.

DOTTED-QUAD NOTATION

During the transition of the Internet from IPv4 to the IPv6 it is typical to operate in a mixed
addressing environment, and for this purpose a special notation has been introduced to
express IPv4-mapped and IPv4-compatible IPv6 addresses by writing the final 32 bits of an
address in the familiar IPv4 dotted-quad notation. For example, the IPv4-mapped IPv6
address ::ffff:c000:280 is usually written as ::ffff:192.0.2.128, thus expressing clearly the
original IPv4 address that was mapped to IPv6.

SUBNET
A subnetwork, or subnet, is a logically separate, distinctly addressed part of a single Internet
Protocol (IP) network. The process of subnetting is the division of a computer network into
groups of computers that have the identical common component of their IP address
designated as their routing prefix.

Subnetting breaks a network into smaller realms that may use address space more efficiently,
or that may be administratively controlled by different entities in the larger organization.
Physical separation of network traffic may prevent excessive rates of Ethernet packet
collisions in a larger network. The subnets may be arranged logically in a hierarchical
architecture, partitioning the organization's network address space into a tree-like routing
structure. Routers are used to interchange traffic between subnetworks; they constitute logical
or physical borders between the subnets, and manage traffic between subnets based on the
high-order bit sequence (routing prefix) of host addresses.

66
A routing prefix is the sequence of leading (most-significant) bits of an IP address that
precede the portion of the address used as host identifier. Routing prefixes are expressed in
CIDR notation. A routing prefix in CIDR notation is the first address of a network followed
by the bit-length of the prefix, separated by a slash (/) character. For example, 192.168.1.0/24
is the prefix of the IPv4 network starting at the given address, having 24 bits allocated for the
network number, and the rest (8 bits) reserved for host addressing. The IPv6 address
specification 2001:db8::/32 is a large network for 296 hosts, having a 32-bit routing prefix.

In IPv4 networks, the routing prefix is traditionally expressed as a subnet mask, which is the
prefix bit mask expressed in quad-dotted decimal representation. For example, 255.255.255.0
is the subnet mask for the 192.168.1.0/24 prefix.

All hosts within a subnet can be reached in one routing hop, implying that all hosts in a
subnet are connected to the same link.

A typical subnet is a physical network served by one router, for instance an Ethernet network,
possibly consisting of one or several Ethernet segments or local area networks,
interconnected by network switches and network bridges or a Virtual Local Area Network
(VLAN). However, subnetting allows the network to be logically divided regardless of the
physical layout of a network, since it is possible to divide a physical network into several
subnets by configuring different host computers to use different routers.

While improving network performance, subnetting increases routing complexity, since each
locally connected subnet must be represented by a separate entry in the routing tables of each
connected router.

NETWORK ADDRESSING
Computers and devices that are participating in a network such as the Internet each have a
logical address. Usually this address is unique to each device and can either be configured
dynamically from a network server or statically by an administrator. An address fulfills the
functions of identifying the host and locating it on the network. It allows a device to
communicate with other devices connected to the network. The most common network
addressing architecture is Internet Protocol version 4 (IPv4). An IPv4 address consists of 32
bits, for human readability written in a form consisting of four decimal octets separated by
full stops (dots), called dot-decimal notation. An IPv6 address consists of 128 bits written in a
hexadecimal notation and grouping 16 bits separated by colons.

In order to facilitate routing a data packet across multiple networks, the address is divided
into two parts:

• Network prefix: A contiguous group of high-order bits that are common among all
hosts within a network.
• Host identifier: The remaining low-order bits of the address that are not designated in
the network prefix. This part specifies a particular device in the local network.

The network prefix may be written in a form identical to that of the address itself. In IPv4,
this is called the subnet mask of the address. The modern standard form of specification of

67
the routing prefix counts the number of bits in the routing prefix and appends that number to
the address with a slash (/) separator:

• 192.168.0.0, netmask 255.255.0.0

• 192.168.0.0/16

This latter notation is used preferentially in Classless Inter-Domain Routing and is called
CIDR notation. In IPv6 this is the only acceptable form to denote routing prefixes.

SUBNETTING OPERATION
The process of subnetting involves the separation of the network and subnet portion of an
address from the host identifier. This is performed by a bitwise AND operation between the
IP address and the subnet prefix or bit mask. The result yields the network address, and the
remainder is the host identifier.

The following example is based on IPv4 networking. The operation may be visualized in a
table using binary address formats.

Dot-decimal Binary form

notation

IP address 192.168.5.130 11000000.10101000.00000101.10000010

Subnet Mask 255.255.255.0 11111111.11111111.11111111.00000000

Network 192.168.5.0 11000000.10101000.00000101.00000000

Portion

Host Portion 0.0.0.130 00000000.00000000.00000000.10000010

In IPv4, subnet masks consist of 32 bits, usually a sequence of ones (1) followed by a block
of 0s. The last block of zeros (0) designate that part as being the host identifier.

Subnetting is the process of designating bits from the host portion and grouping them with
the network portion. This divides a network into smaller subnets. The following diagram
modifies the example by moving two bits from the host portion to the subnet number to form
a smaller subnet:

Dot-decimal Binary form

notation

IP address 192.168.5.130 11000000.10101000.00000101.10000010

Subnet Mask 255.255.255.192 11111111.11111111.11111111.11000000

Network 192.168.5.128 11000000.10101000.00000101.10000000

Portion

Host Portion 0.0.0.2 00000000.00000000.00000000.00000010

68
SUBNETTING IN IPv4
Internet Protocol version 4 uses specially designated address formats to facilitate recognition
of special address functionality. The first and the last subnets obtained by subnetting have
traditionally had a special designation and, early on, special usage implications. In addition,
IPv4 uses the all ones host address, i.e. the last address within a network, for broadcast
transmission to all hosts on the link.

SUBNET AND HOST COUNTS

The number of subnetworks available, and the number of possible hosts in a network may be
readily calculated. In the example (above) two bits were borrowed to create subnetworks,
thus creating 4 (22) possible subnets.

Network Network (binary) Broadcast

address
192.168.5.0/2 11000000.10101000.00000101.0 192.168.5.63
6 0000000
192.168.5.64/ 11000000.10101000.00000101.0 192.168.5.127
26 1000000
192.168.5.12 11000000.10101000.00000101.1 192.168.5.191
8/26 0000000
192.168.5.19 11000000.10101000.00000101.1 192.168.5.255
2/26 1000000

Specifications reserves the subnet values consisting of all zeros (see above) and all ones
(broadcast), reducing the number of available subnets by two. However, due to the
inefficiencies introduced by this convention it was abandoned for use on the public Internet,
and is only relevant when dealing with legacy equipment that does not implement CIDR. The
only reason not to use the all-zeroes subnet is that it is ambiguous when the prefix length is
not available. All CIDR-compliant routing protocols transmit both length and suffix. RFC
1878 provides a subnetting table with examples.

The remaining bits after the subnet are used for addressing hosts within the subnet. In the
above example the subnet mask consists of 26 bits, leaving 6 bits for the host identifier. This
allows for 64 combinations (26), however the all zeros value and all ones value are reserved
for the network ID and broadcast address respectively, leaving 62 addresses.

In general the number of available hosts on a subnet is 2n−2, where n is the number of bits
used for the host portion of the address.

When dealing with 31-bit subnet masks (i.e. 1-bit host identifiers), in such networks, usually
point-to-point links, only two hosts (the end points) may be connected and a specification of
network and broadcast addresses is not necessary. A /24 network may be divided into the
following subnets by increasing the subnet mask successively by one bit. This affects the
total number of hosts that can be addressed in the /24 network (last column).

69
 CIDR Network Available Available hosts Total usable
notation mask subnets per subnet hosts
/24 255.255.255. 1 254 254
0
/25 255.255.255. 2 126 252
128
/26 255.255.255. 4 62 248
192
/27 255.255.255. 8 30 240
224
/28 255.255.255. 16 14 224
240
/29 255.255.255. 32 6 192
248
/30 255.255.255. 64 2 128
252
*
/31 255.255.255. 128 2 256
254

SUBNETTING IN IPv6
The design of the IPv6 address space differs significantly from IPv4. The primary reason for
subnetting in IPv4 is to improve efficiency in the utilization of the relatively small address
space available, particularly to enterprises. No such limitations exist in IPv6, as the address
space available even to end-users is large.

An IPv6 subnet always has 64 bits in its host portion. It therefore has a /64 routing prefix (the
64 most-significant bits). Although it is technically possible to use smaller subnets, they are
impractical for local area networks because stateless address auto configuration of network
interfaces requires a /64 address. The Internet Engineering Task Force recommends to use /64
subnets even for point-to-point links, which consisting of only the two end hosts.

The recommended allocation for an IPv6 customer site is an address space of 80 address bits
(prefix /48).This provides 65536 subnets for a site. Despite this recommendation, other
common allocations are /56 (72 bits) as well as /64 prefixes for a residential customer
network.

IPv6 does not implement special address formats for broadcast traffic or network numbers,
and thus all addresses in a subnet are valid host addresses.

Subnetting in IPv6 is based on the concepts of variable-length subnet masking (VLSM) and
the Classless Inter-Domain Routing methodology. It is used to route traffic between the
global allocation spaces and within customer network between subnets and the larger
Internet.

70
 PROTOCOLS

Actual communication is defined by various communication protocols. In the context of data

communication, a network protocol is a formal set of rules, conventions and data structure
that governs how computers and other network devices exchange information over a network.
In other words, protocol is a standard procedure and format that two data communication
devices must understand, accept and use to be able to talk to each other

71
In modern protocol design, network protocols are "layered" according to the OSI 7 layer
model or similar layered models. Layering is a design principle which divides the protocol
design into a number of smaller parts, each of accomplishes a particular sub-task, and
interacts with the other parts of the protocol only in a small number of well-defined ways.
Layering allows the parts of a protocol to be designed and tested without a combinatorial
explosion of cases, keeping each design relatively simple. Layering also permits familiar
protocols to be adapted to unusual circumstances.

Understanding how each protocol fits into the OSI Model is essential for any network
engineer. As a general rule, the higher you move up the OSI Model, the more intelligent
protocols become. . The positioning of the layer also reflects how CPU intensive they are,
whereas the lower layers of the OSI Model are quite the opposite, that is, less CPU intensive
and less intelligent.

 TCP(TRANMISSION CONTROL PROTOCOL)

TCP provides a communication service at an intermediate level between an application
program and the Internet Protocol (IP). That is, when an application program desires to send
a large chunk of data across the Internet using IP, instead of breaking the data into IP-sized
pieces and issuing a series of IP requests, the software can issue a single request to TCP and
let TCP handle the IP details.

IP works by exchanging pieces of information called packets. A packet is a sequence of bytes

and consists of a header followed by a body. The header describes the packet's destination
and, optionally, the routers to use for forwarding until it arrives at its final destination. The
body contains the data IP is transmitting.

Due to network congestion, traffic load balancing, or other unpredictable network behaviour,
IP packets can be lost, duplicated, or delivered out of order. TCP detects these problems,
requests retransmission of lost packets, rearranges out-of-order packets, and even helps
minimize network congestion to reduce the occurrence of the other problems. Once the TCP
receiver has finally reassembled a perfect copy of the data originally transmitted, it passes
that datagram to the application program. Thus, TCP abstracts the application's
communication from the underlying networking details.

TCP is used extensively by many of the Internet's most popular applications, including the
World Wide Web (WWW), E-mail, File Transfer Protocol, Secure Shell, peer-to-peer file
sharing, and some streaming media applications.

TCP is a reliable stream delivery service that guarantees delivery of a data stream sent from
one host to another without duplication or losing data. Since packet transfer is not reliable, a
technique known as positive acknowledgment with retransmission is used to guarantee
reliability of packet transfers. This fundamental technique requires the receiver to respond
with an acknowledgment message as it receives the data. The sender keeps a record of each
packet it sends, and waits for acknowledgment before sending the next packet. The sender
also keeps a timer from when the packet was sent, and retransmits a packet if the timer
expires. The timer is needed in case a packet gets lost or corrupted.

72
TCP consists of a set of rules: for the protocol, that are used with the Internet Protocol, and
for the IP, to send data "in a form of message units" between computers over the Internet. At
the same time that IP takes care of handling the actual delivery of the data, TCP takes care of
keeping track of the individual units of data transmission, called segments, that a message is
divided into for efficient routing through the network. For example, when an HTML file is
sent from a Web server, the TCP software layer of that server divides the sequence of bytes
of the file into segments and forwards them individually to the IP software layer (Internet
Layer). The Internet Layer encapsulates each TCP segment into an IP packet by adding a
header that includes (among other data) the destination IP address.

The diagram below is the simplest way to show the concept of a 'transport' protocol:

A TCP segment consists of a segment header and a data section. The TCP header contains 10
mandatory fields, and an optional extension field .

73
• Source port (16 bits) – identifies the sending port
• Destination port (16 bits) – identifies the receiving port
• Sequence number (32 bits) – has a dual role:

1. If the SYN flag is set, then this is the initial sequence number. The sequence
number of the actual first data byte (and the acknowledged number in the
corresponding ACK) are then this sequence number plus 1.
2. If the SYN flag is clear, then this is the accumulated sequence number of the
first data byte of this packet for the current session.

• Acknowledgment number (32 bits) – if the ACK flag is set then the value of this
field is the next sequence number that the receiver is expecting. This
acknowledges receipt of all prior bytes (if any). The first ACK sent by each end
acknowledges the other end's initial sequence number itself, but no data.
• Data offset (4 bits) – specifies the size of the TCP header in 32-bit words. The
minimum size header is 5 words and the maximum is 15 words thus giving the
minimum size of 20 bytes and maximum of 60 bytes, allowing for up to 40 bytes
of options in the header. This field gets its name from the fact that it is also the
offset from the start of the TCP segment to the actual data.
• Reserved (4 bits) – for future use and should be set to zero
74
 • Flags (8 bits) (aka Control bits) – contains 8 1-bit flags

1. CWR (1 bit) – Congestion Window Reduced (CWR) flag is set by the sending
host to indicate that it received a TCP segment with the ECE flag set and had
responded in congestion control mechanism (added to header by RFC 3168).
2. ECE (1 bit) – ECN-Echo indicates
3. If the SYN flag is set, that the TCP peer is ECN capable.
4. If the SYN flag is clear, that a packet with Congestion Experienced flag in IP
header set is received during normal transmission(added to header by RFC
3168).
5. URG (1 bit) – indicates that the Urgent pointer field is significant
6. ACK (1 bit) – indicates that the Acknowledgment field is significant. All
packets after the initial SYN packet sent by the client should have this flag set.
7. PSH (1 bit) – Push function. Asks to push the buffered data to the receiving
application.
8. RST (1 bit) – Reset the connection
9. SYN (1 bit) – Synchronize sequence numbers. Only the first packet sent from
each end should have this flag set. Some other flags change meaning based on
this flag, and some are only valid for when it is set, and others when it is clear.
10. FIN (1 bit) – No more data from sender

• Window (16 bits) – the size of the receive window, which specifies the number of
bytes (beyond the sequence number in the acknowledgment field) that the receiver is
currently willing to receive ( Flow control and Window Scaling).
• Checksum (16 bits) – The 16-bit checksum field is used for error-checking of the
header and data
• Urgent pointer (16 bits) – if the URG flag is set, then this 16-bit field is an offset from
the sequence number indicating the last urgent data byte
• Options (Variable 0-320 bits, divisible by 32) – The length of this field is determined
by the data offset field. Options 0 and 1 are a single byte (8 bits) in length. The
remaining options indicate the total length of the option (expressed in bytes) in the
second byte.

CONNECTION ORIENTED

What this basically means is that a connection is established between the two hosts or rather,
the two computers, before any data is transferred. When the term "connection is established"
is used, this means that both computers know about each other and have agreed on the
exchange of data. This is also where the famous 3-way handshake happens. You will find the
SYN and ACK bits in the Code bits field which are used to perform the 3-way handshake.
Thanks to the 3-way handshake, TCP is connection oriented.

The following diagram explains the procedure of the 3-way handshake:

75
STEP 1: Host A sends the initial packet to Host B. This packet has the "SYN" bit enabled.
Host B receives the packet and sees the "SYN" bit which has a value of "1" (in binary, this
means ON) so it knows that Host A is trying to establish a connection with it.

STEP 2: Assuming Host B has enough resources, it sends a packet back to Host A and with
the "SYN and ACK" bits enabled (1). The SYN that Host B sends, at this step, means 'I want
to synchronise with you' and the ACK means 'I acknowledge your previous SYN request'.

STEP 3: So... after all that, Host A sends another packet to Host B and with the "ACK" bit set
(1), it effectively tells Host B 'Yes, I acknowledge your previous request'.

Once the 3-way handshake is complete, the connection is established (virtual circuit) and the
data transfer begins.

FLOW CONTROL

Flow control is used to control the data flow between the connection. If for any reason one of
the two hosts are unable to keep up with the data transfer, it is able to send special signals to
the other end, asking it to either stop or slow down so it can keep up.

For example, if Host B was a webserver from which people could download games, then
obviously Host A is not going to be the only computer downloading from this webserver, so
Host B must regulate the data flow to every computer downloading from it. This means it
might turn to Host A and tell it to wait for a while until more resources are available because
it has another 20 users trying to download at the same time.

Below is a diagram that illustrates a simple flow control session between two hosts. At this
point, we only need to understand the concept of flow control:

76
Generally speaking, when a machine receives a flood of data too quickly for it to process, it
stores it in a memory section called a buffer. This buffering action solves the problem only if
the data bursts are small and don't last long.

However, if the data burst continues it will eventually exhaust the memory of the receiving
end and that will result in the arriving data being discarded. So in this situation the receiving
end will simply issue a "Not ready" or "Stop" indicator to the sender, or source of the flood.
After the receiver processes the data it has in its memory, it sends out a "Ready" or "Go"
transport indicator and the sending machine receives the "Go" indicator and resumes its
transmission.

WINDOWING

Windowing is the number of data segments the transmitting machine is allowed to send
without receiving an acknowledgment for them.

Windowing controls how much information is transferred from one end to the other. While
some protocols quantify information by observing the number of packets, TCP/IP measures it
by counting the number of bytes.

Host B is sending data to Host A, using a window size equal to one. This means that Host B
is expecting an "ACK" for each data segment it sends to Host A. Once the first data segment
is sent, Host A receives it and sends an "ACK 2" to Host B. The "ACK 2" is translated by
Host B to say: 'I acknowledge (ACK) the packet you just sent me and I am ready to receive
the second (2) segment'. So Host B gets the second data segment ready and sends it off to

77
Host A, expecting an "ACK 3" response from Host A so it can send the third data segment
for which, as the picture shows, it receives the "ACK 3".

However, if it received an "ACK 2" again, this would mean something went wrong with the
previous transmission and Host B will retransmit the lost segment. We will see how this
works in the Acknowledgments section later on. Let's now try a different Window size to get
a better understanding.. let's say 3!

Keep in mind the way the "ACK's" work, otherwise you might find the following example a
bit confusing. If you can't understand it, read the previous example again where the Window
size was equal to one. In the example below, we have a window size equal to 3, which means
that Host B can send 3 data segments to Host A before expecting an "ACK" back.

ACKNOWLEGMENTS

Reliable data delivery ensures the integrity of a stream of data sent from one machine to the
other through a fully functional data link. This guarantees the data won't be duplicated or lost.
The method that achieves this is known as positive acknowledgment with retransmission.
This technique requires a receiving machine to communicate with the transmitting source by
sending an acknowledgment message back to the sender when it receives data. The sender
documents each segment it sends and waits for this acknowledgment before sending the next
segment. When it sends a segment, the transmitting machine starts a timer and retransmits if
it expires before an acknowledgment is returned from the receiving end.

78
Window size of this transfer which is equal to 3. At first, Host B sends 3 data segments to
Host A and they are received in perfect condition so, based on what we learned, Host A sends
an "ACK 4" acknowledging the 3 data segments and requesting the next 3 data segments
which will be 4, 5, 6. As a result, Host B sends data segments 4, 5, 6 but 5 gets lost
somewhere along the way and Host A doesn't receive it so, after a bit of waiting, it realises
that 5 got lost and sends an "ACK 5" to Host B, indicating that it would like data segment 5
retransmitted. Now you see why this method is called "positive acknowledgment with
retransmission". At this point Host B sends data segment 5 and waits for Host A to send an
"ACK" so it can continue sending the rest of the data. Host A receives the 5th data segment
and sends "ACK 7" which means 'I received the previous data segment, now please send me
the next 3'. The next step is not shown on the diagram but it would be Host B sending data
segments 7, 8 and 9.

 UDP(USER DATAGRAM PROTOCOL)

The second protocol used at the Transport layer is UDP. Application developers can use UDP
in place of TCP. UDP is the scaled-down economy model and is considered a thin protocol.
Like a thin person in a car, a thin protocol doesn't take up a lot of room - or in this case, much
bandwidth on a network.

UDP as mentioned does’nt offer all the bells and whistles of TCP, but it does a fabulous job
of transporting information that doesn't require reliable delivery and it does so using far fewer
network resources.

UNRELIABLE TRANPORT

UDP is considered to be an unreliable transport protocol. When UDP sends segments over a
network, it just sends them and forgets about them. It doesn't follow through, check on them,
or even allow for an acknowledgment of safe arrival, in other words , complete abandonment!
This does not mean that UDP is ineffective, only that it doesn't handle issues of reliability.

(A UDP HEADER)

79
CONNECTION-LESS ORIENTED

For those who read about TCP, you would know it is a connection oriented protocol, but
UDP isn't. This is because UDP doesn't create a virtual circuit (establish a connection before
data transfer), nor does it contact the destination before delivering information to it. No 3-
way handshake or anything like that here!Since UDP assumes that the application will use its
own reliability method, it doesn't use any, which obviously makes things transfer faster.

LESS OVERHEAD

The very low overhead, compared to TCP, is a result of the lack of windowing or
acknowledgments. This certainly speeds things up but you get an unreliable (in comparison to
TCP) service.

 FILE TRANFER PROTOCOL (FTP)

File transfer is among the most frequently used TCP/IP applications and it accounts for a lot
of the network traffic on the Internet. Various standard file transfer protocols existed even
before the Internet was available to everyone and it was these early versions of the file
transfer software that helped create today's standard known as the File Transfer Protocol
(FTP).

FTP uses TCP as a transport protocol. This means that FTP inherits TCP's robustness and is
very reliable for transferring files. Chances are if you download files, you've probably used
ftp a few hundred times without realising it ! The picture below shows where FTP stands in
contrast to the OSI model.

Port numbers 21 and 20 are used for FTP. Port 21 is used to establish the connection between
the 2 computers (or hosts) and port 20 to transfer data (via the Data channel).But there are
some instances where port 21 is used for both, establishing a connection and data transfer and

80
I will analyse them shortly.FTP has two separate modes of operation: Active and Passive.
You will use either one depending on whether your PC is behind a firewall.

ACTIVE MODE FTP

Active mode is usually used when there isn't any firewall between you and the FTP server. In
such cases you have a direct connection to the Internet. When you (the client) try to establish
a connection to a FTP server, your workstation includes a second port number (using the
PORT command) that is used when data is to be exchanged, this is known as the Data
Channel.

The FTP server then starts the exchange of data from its own port 20 to whatever port was
designated by your workstation, and because the server initiated the communication, it's not
controlled by the workstation client. This can also potentially allow uninvited data to arrive to
your computer from anywhere posing as a normal FTP transfer. This is one of the reasons
Passive FTP is more secure.

PASSIVE MODE FTP

Using normal or passive FTP, a client begins a session by sending a request to communicate
through TCP port 21, the port that is conventionally assigned for this use at the FTP server.
This communication is known as the Control Channel connection.

At this point, a PASV command is sent instead of a PORT command. Instead of specifying a
port that the server can send to, the PASV command asks the server to specify a port it
wishes to use for the Data Channel connection. The server replies on the Control Channel
with the port number which the client then uses to initiate an exchange on the Data Channel.
The server will thus always be responding to client-initiated requests on the Data Channel
and the firewall can correlate these. So let's have a look at the process of a computer
establishing an FTP connection with a server :

........ ..........

81
The above is assuming a direct connection to the FTP server. Since FTP is using TCP as a
transport, you would expect to see the 3-way handshake. Once that is completed and there is
data connection established, the client will send its login name and then password. After the
authentication sequence is finished and the user is authenticated to the Server, it's allowed
access and is ready to download data.

 INTERNET PROTOCOL(IP)
The Internet Protocol (IP) is a protocol used for communicating data across a packet-
switched internetwork using the Internet Protocol Suite, also referred to as TCP/IP.

IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task
of delivering distinguished protocol datagrams (packets) from the source host to the
destination host solely based on their addresses. For this purpose the Internet Protocol defines
addressing methods and structures for datagram encapsulation.

The Internet Protocol is responsible for addressing hosts and routing datagrams (packets)
from a source host to the destination host across one or more IP networks. For this purpose
the Internet Protocol defines an addressing system that has two functions. Addresses identify
hosts and provide a logical location service. Each packet is tagged with a header that contains
the meta-data for the purpose of delivery. This process of tagging is also called encapsulation.
IP is a connectionless protocol and does not need circuit setup prior to transmission.

RELIABILITY

The design principles of the Internet protocols assume that the network infrastructure is
inherently unreliable at any single network element or transmission medium and that it is
dynamic in terms of availability of links and nodes. No central monitoring or performance
measurement facility exists that tracks or maintains the state of the network. For the benefit
of reducing network complexity, the intelligence in the network is purposely mostly located
in the end nodes of each data transmission. Routers in the transmission path simply forward
packets to the next known local gateway matching the routing prefix for the destination
address.

As a consequence of this design, the Internet Protocol only provides best effort delivery and
its service can also be characterized as unreliable. In network architectural language it is a
connection-less protocol, in contrast to so-called connection-oriented modes of transmission.
The lack of reliability allows any of the following fault events to occur:

• data corruption
• lost data packets
• duplicate arrival
• out-of-order packet delivery; meaning, if packet 'A' is sent before packet 'B', packet
'B' may arrive before packet 'A'. Since routing is dynamic and there is no memory in
the network about the path of prior packets, it is possible that the first packet sent
takes a longer path to its destination.

The only assistance that the Internet Protocol provides in Version 4 (IPv4) is to ensure that
the IP packet header is error-free through computation of a checksum at the routing nodes.
82
This has the side-effect of discarding packets with bad headers on the spot. In this case no
notification is required to be sent to either end node.

IPv6, on the other hand, has abandoned the use of IP header checksums for the benefit of
rapid forwarding through routing elements in the network.The resolution or correction of any
of these reliability issues is the responsibility of an upper layer protocol. For example, to
ensure in-order delivery the upper layer may have to cache data until it can be passed to the
application.

In addition to issues of reliability, this dynamic nature and the diversity of the Internet and its
components provide no guarantee that any particular path is actually capable of, or suitable
for performing the data transmission requested, even if the path is available and reliable, one
of the technical constraints is the size of data packets allowed on a given link. An application
must assure that it uses proper transmission characteristics. Some of this responsibility lies
also in the upper layer protocols between application and IP. The IPv4 internetworking layer
has the capability to automatically fragment the original datagram into smaller units for
transmission.

 HYPERTEXT TRANFER PROTOCOL(HTTP)

HTTP is a networking protocol for distributed, collaborative, hypermedia information
systems. HTTP is the foundation of data communication for the World Wide Web.

HTTP functions as a request-response protocol in the client-server computing model. In

HTTP, a web browser, for example, acts as a client, while an application running on a
computer hosting a web site functions as a server. The client submits an HTTP request
message to the server. The server, which stores content, or provides resources, such as HTML
files and images, or generates such content on the fly, or performs other functions on behalf
of the client, returns a response message to the client. A response contains completion status
information about the request and may contain any content requested by the client in its
message body.

The HTTP protocol is designed to permit intermediate network elements to improve or

enable communications between clients and servers. High traffic website often benefit from
web cache servers that deliver content on behalf of the original, so-called origin server to
improve response time. HTTP proxy servers at network boundaries facilitate communication
when clients without a globally routable address are located in private networks by relaying
the requests and responses between clients and servers.

HTTP is an Application Layer protocol designed within the framework of the Internet
Protocol Suite. The protocol definitions presume a reliable Transport Layer protocol for host-
to-host data transfer. HTTP Resources are identified and located on the network by Uniform
Resource Identifiers (URIs)—or, more specifically, Uniform Resource Locators (URLs)—
using the http or https URI schemes. URIs and the Hypertext Markup Language (HTML),
form a system of inter-linked resources, called hypertext documents, on the Internet.

The standards development of HTTP has been coordinated by the Internet Engineering Task
Force (IETF) and the World Wide Web Consortium.

83
HTTP SESSION

An HTTP session is a sequence of network request-response transactions. An HTTP client

initiates a request. It establishes a Transmission Control Protocol (TCP) connection to a
particular port on a host (typically port 80). An HTTP server listening on that port waits for a
client's request message. Upon receiving the request, the server sends back a status line, such
as "HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested
resource, an error message, or some other information.

REQUEST MESSAGE

The request message consists of the following:

• Request line, such as GET /images/logo.png HTTP/1.1, which requests a resource

called /images/logo.png from server
• Headers, such as Accept-Language: en
• An empty line
• An optional message body

The request line and headers must all end with <CR><LF> (that is, a carriage return followed
by a line feed). The empty line must consist of only <CR><LF> and no other whitespace. A
request line containing only the path name is accepted by servers to maintain compatibility
with HTTP clients.

REQUEST METHODS

HTTP defines nine methods (sometimes referred to as "verbs") indicating the desired action
to be performed on the identified resource.

HEAD: Asks for the response identical to the one that would correspond to a GET request,
but without the response body. This is useful for retrieving meta-information written in
response headers, without having to transport the entire content.

GET: Requests a representation of the specified resource. Note that GET should not be used
for operations that cause side-effects, such as using it for taking actions in web applications.
One reason for this is that GET may be used arbitrarily by robots or crawlers, which should
not need to consider the side effects that a request should cause. See safe methods below.

POST: Submits data to be processed (e.g., from an HTML form) to the identified resource.
The data is included in the body of the request. This may result in the creation of a new
resource or the updates of existing resources or both.

PUT: Uploads a representation of the specified resource.

DELETE: Deletes the specified resource.

TRACE: Echoes back the received request, so that a client can see what (if any) changes or
additions have been made by intermediate servers.

84
OPTIONS: Returns the HTTP methods that the server supports for specified URL. This can
be used to check the functionality of a web server by requesting '*' instead of a specific
resource.

CONNECT: Converts the request connection to a transparent TCP/IP tunnel, usually to

facilitate SSL-encrypted communication (HTTPS) through an unencrypted HTTP proxy.

PATCH: Is used to apply partial modifications to a resource.

SAFE METHODS

Some methods (for example, HEAD, GET, OPTIONS and TRACE) are defined as safe,
which means they are intended only for information retrieval and should not change the state
of the server. In other words, they should not have side effects, beyond relatively harmless
effects such as logging, caching, the serving of banner advertisements or incrementing a web
counter. Making arbitrary GET requests without regard to the context of the application's
state should therefore be considered safe.

By contrast, methods such as POST, PUT and DELETE are intended for actions which may
cause side effects either on the server, or external side effects such as financial transactions or
transmission of email. Such methods are therefore not usually used by conforming web
robots or web crawlers, which tend to make requests without regard to context or
consequences.

IDEMPOTENT METHODS

Methods PUT and DELETE are defined to be idempotent, meaning that multiple identical
requests should have the same effect as a single request. In contrast, the POST method is not
necessarily idempotent, and therefore sending an identical POST request multiple times may
further affect state or cause further side effects (such as financial transactions). In some cases
this may be desirable, but in other cases this could be due to an accident, such as when a user
does not realize that their action will result in sending another request, or they did not receive
adequate feedback that their first request was successful.

STATUS CODES

The first line of the HTTP response is called the status line and includes a numeric status
code (such as "404") and a textual reason phrase (such as "Not Found"). The way the user
agent handles the response primarily depends on the code and secondarily on the response
headers.

Also, the standard reason phrases are only recommendations and can be replaced with "local
equivalents" at the web developer's discretion. If the status code indicated a problem, the user
agent might display the reason phrase to the user to provide further information about the
nature of the problem. The standard also allows the user agent to attempt to interpret the
reason phrase, though this might be unwise since the standard explicitly specifies that status
codes are machine-readable and reason phrases are human-readable.

85
  DOMAIN NAME SYSTEM (DNS)
It is a distributed hierarchical naming system for computers, services, or any resource
connected to the Internet or a private network. It associates various information with domain
names assigned to each of the participants. Most importantly, it translates domain names
meaningful to humans into the numerical (binary) identifiers associated with networking
equipment for the purpose of locating and addressing these devices worldwide. An often-used
analogy to explain the Domain Name System is that it serves as the "phone book" for the
Internet by translating human-friendly computer hostnames into IP addresses.

The Domain Name System makes it possible to assign domain names to groups of Internet
users in a meaningful way, independent of each user's physical location. Because of this,
World Wide Web (WWW) hyperlinks and Internet contact information can remain consistent
and constant even if the current Internet routing arrangements change or the participant uses a
mobile device. Internet domain names are easier to remember than IP addresses such as
208.77.188.166 (IPv4) or 2001:db8:1f70::999:de8:7648:6e8 (IPv6). People take advantage of
this when they recite meaningful URLs and e-mail addresses without having to know how the
machine will actually locate them.

The Domain Name System distributes the responsibility of assigning domain names and
mapping those names to IP addresses by designating authoritative name servers for each
domain. Authoritative name servers are assigned to be responsible for their particular
domains, and in turn can assign other authoritative name servers for their sub-domains. This
mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for
a single central register to be continually consulted and updated. In general, the Domain
Name System also stores other types of information, such as the list of mail servers that
accept email for a given Internet domain.

THE DOMAIN NAME SPACE

The domain name space consists of a tree of domain names. Each node or leaf in the tree has
zero or more resource records, which hold information associated with the domain name. The
tree sub-divides into zones beginning at the root zone. A DNS zone consists of a collection of
connected nodes authoritatively served by an authoritative nameserver. Administrative
responsibility over any zone may be divided, thereby creating additional zones. Authority is
said to be delegated for a portion of the old space, usually in form of sub-domains, to another
nameserver and administrative entity. The old zone ceases to be authoritative for the new
zone.

DOMAIN NAME FORMULATION

A domain name consists of one or more parts, technically called labels, that are
conventionally concatenated, and delimited by dots, such as example.com.

• The right-most label conveys the top-level domain; for example, the domain name
www.example.com belongs to the top-level domain com.
• The hierarchy of domains descends from right to left; each label to the left specifies a
subdivision, or subdomain of the domain to the right. For example: the label example

86
 specifies a subdomain of the com domain, and www is a sub domain of example.com.
This tree of subdivisions may consist of 127 levels.
• Each label may contain up to 63 characters. The full domain name may not exceed a
total length of 253 characters. In practice, some domain registries may have shorter
limits.
• DNS names may technically consist of any character representable in an octet.
However, the allowed formulation of domain names in the DNS root zone, and most
other sub domains, uses a preferred format and character set. The characters allowed
in a label are a subset of the ASCII character set, and includes the characters a
through z, A through Z, digits 0 through 9, and the hyphen. This rule is known as the
LDH rule (letters, digits, hyphen). Domain names are interpreted in case-independent
manner. Labels may not start or end with a hyphen.
• A hostname is a domain name that has at least one IP address associated. For
example, the domain names www.example.com and example.com are also hostnames,
whereas the com domain is not.

 SIMPLE MAIL TRANFER PROTOCOL(SMTP)

SMTP is an Internet standard for electronic mail (e-mail) transmission across Internet
Protocol (IP) networks. SMTP is specified for outgoing mail transport and uses TCP port
25.While electronic mail servers and other mail transfer agents use SMTP to send and receive
mail messages, user-level client mail applications typically only use SMTP for sending
messages to a mail server for relaying.

MAIL PROCESSING MODEL

Blue arrows can be implemented using SMTP variations.

Email is submitted by a mail client (MUA, mail user agent) to a mail server (MSA, mail
submission agent) using SMTP on TCP port 587. Most mailbox providers still allow
submission on traditional port 25. From there, the MSA delivers the mail to its MTA. Often,
these two agents are just different instances of the same software launched with different
options on the same machine. Local processing can be done either on a single machine, or
split among various appliances; in the former case, involved processes can share files; in the
latter case, SMTP is used to transfer the message internally, with each host configured to use
the next appliance as a smart host. Each process is an MTA in its own right; that is, an SMTP
server.

87
The boundary MTA has to locate the target host. It uses the in the Domain name system
(DNS) to look up the the mail exchanger record (MX record) for the recipient's domain. The
returned MX record contains the name of the target host. The MTA next looks up the A
record for that name in order to get the IP address and connect to such host as an SMTP
client.

Once the MX target accepts the incoming message, it hands it to a mail delivery agent
(MDA) for local mail delivery. An MDA is able to save messages in the relevant mailbox
format. Again, mail reception can be done using many computers or just one —the picture
displays two nearby boxes in either case. An MDA may deliver messages directly to storage,
or forward them over a network using SMTP.

Once delivered to the local mail server, the mail is stored for batch retrieval by authenticated
mail clients (MUAs). Mail is retrieved by end-user applications, called email clients, using
Internet Message Access Protocol (IMAP), a protocol that both facilitates access to mail and
manages stored mail, or the Post Office Protocol (POP) which typically uses the traditional
mailbox mail file format or a proprietary system such as Microsoft Outlook. SMTP defines
message transport, not the message content. Thus, it defines the mail envelope and its
parameters, such as the envelope sender, but not the header or the body of the message itself.

FUNCTIONING

SMTP is a text-based protocol, in which a mail sender communicates with a mail receiver by
issuing command strings and supplying necessary data over a reliable ordered data stream
channel, typically a Transmission Control Protocol (TCP) connection. An SMTP session
consists of commands originated by an SMTP client (the initiating agent, sender, or
transmitter) and corresponding responses from the SMTP server (the listening agent, or
receiver) so that the session is opened, and session parameters are exchanged. A session may
include zero or more SMTP transactions. An SMTP transaction consists of three
command/reply sequences. They are:

1. MAIL command, to establish the return address, a.k.a. Return-Path.From, or envelope

sender. This is the address for bounce messages.
2. RCPT command, to establish a recipient of this message. This command can be
issued multiple times, one for each recipient. These addresses are also part of the
envelope.
3. DATA to send the message text. This is the content of the message, as opposed to its
envelope. It consists of a message header and a message body separated by an empty
line. DATA is actually a group of commands, and the server replies twice: once to the
DATA command proper, to acknowledge that it is ready to receive the text, and the
second time after the end-of-data sequence, to either accept or reject the entire
message.

Besides the intermediate reply for DATA, each server's reply can be either positive (2xx
reply codes) or negative. Negative replies can be permanent (5xx codes) or transient (4xx
codes). A reject is a permanent failure by an SMTP server; in this case the SMTP client
should send a bounce message. A drop is a positive response followed by message discard
rather than delivery.

88
The initiating host, the SMTP client, can be either an end-user's email client, functionally
identified as a mail user agent (MUA), or a relay server's mail transfer agent (MTA), that is
an SMTP server acting as an SMTP client, in the relevant session, in order to relay mail.
Fully-capable SMTP servers maintain queues of messages for retrying message transmissions
that resulted in transient failures.

A MUA knows the outgoing mail SMTP server from its configuration. An SMTP server
acting as client, i.e. relaying, typically determines which SMTP server to connect to by
looking up the MX (Mail Exchange) DNS resource record for each recipient's domain name.
An SMTP server acting as client initiates a TCP connection to the server on the "well-known
port" designated for SMTP: port 25. MUAs should use port 587 to connect to an MSA. The
main difference between an MTA and an MSA is that SMTP Authentication is mandatory for
the latter only.

OUTGOING MAIL SMTP SERVER

An e-mail client requires the name or the IP address of an SMTP server as part of its
configuration. The server will deliver messages on behalf of the user. This setting allows for
various policies and network designs. End users connected to the Internet can use the services
of an e-mail provider that is not necessarily the same as their connection provider (ISP).
Modern SMTP servers typically use a client's credentials (authentication) rather than a
client's location (IP address), to determine whether it is eligible to relay e-mail.

Server administrators choose whether clients use TCP port 25 (SMTP) or port 587
(Submission), for relaying outbound mail to a mail server. The specifications and many
servers support both. Some servers are set up to reject all relaying on port 25, but valid users
authenticating on port 587 are allowed to relay mail to any valid address.

Some Internet service providers intercept port 25, so that it is not possible for their users to
send mail via a relaying SMTP server outside the ISP's network using port 25; they are
restricted to using the ISP's SMTP server. Some independent SMTP servers support an
additional port other than 25 to allow users with authenticated access to connect to them even
if port 25 is blocked. The practical purpose of this is that a mobile user connecting to
different ISPs otherwise has to change SMTP server settings on the mail client for each ISP;
using a relaying SMTP server allows the SMTP client settings to be used unchanged
worldwide.

 TELNET
TELNET is a general protocol, meant to support logging in from almost any type of terminal
to almost any type of computer. It terminal emulation program for TCP/IP networks such as
the Internet. The Telnet program runs on your computer and connects your PC to a server on
the network. You can then enter commands through the Telnet program and they will be
executed as if you were entering them directly on the server console. This enables you to
control the server and communicate with other servers on the network. To start a Telnet
session, you must log in to a server by entering a valid username and password. Telnet is a
common way to remotely control Web servers.

89
SECURITY

When Telnet was initially developed in 1969, most users of networked computers were in the
computer departments of academic institutions, or at large private and government research
facilities. In this environment, security was not nearly as much of a concern as it became after
the bandwidth explosion of the 1990s. The rise in the number of people with access to the
Internet, and by extension, the number of people attempting to crack other people's servers
made encrypted alternatives much more of a necessity.

• Telnet, by default, does not encrypt any data sent over the connection (including
passwords), and so it is often practical to eavesdrop on the communications and use
the password later for malicious purposes; anybody who has access to a router,
switch, hub or gateway located on the network between the two hosts where Telnet is
being used can intercept the packets passing by and obtain login and password
information (and whatever else is typed) .
• Most implementations of Telnet have no authentication that would ensure
communication is carried out between the two desired hosts and not intercepted in the
middle.
• Commonly used Telnet daemons have several vulnerabilities discovered over the
years.

These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly,
especially on the public Internet, in favor of the Secure Shell (SSH) protocol, first released in
1995. SSH provides much of the functionality of telnet, with the addition of strong
encryption to prevent sensitive data such as passwords from being intercepted, and public key
authentication, to ensure that the remote computer is actually who it claims to be. The main
advantage of TLS-Telnet would be the ability to use certificate-authority signed server
certificates to authenticate a server host to a client that does not yet have the server key
stored. In SSH, there is a weakness in that the user must trust the first session to a host when
it has not yet acquired the server key.

 DYNAMIC HOST CONFIGURATION

PROTOCOL(DHCP)
The Dynamic Host Configuration Protocol (DHCP) is an autoconfiguration protocol used on
IP networks. Computers that are connected to IP networks must be configured before they
can communicate with other computers on the network. DHCP allows a computer to be
configured automatically, eliminating the need for intervention by a network administrator. It
also provides a central database for keeping track of computers that have been connected to
the network. This prevents two computers from accidentally being configured with the same
IP address.

In addition to IP addresses, DHCP also provides other configuration information, particularly

the IP addresses of local caching DNS resolvers. Hosts that do not use DHCP for address
configuration may still use it to obtain other configuration information. There are two
versions of DHCP, one for IPv4 and one for IPv6.

Even in small networks, DHCP is useful because it makes it easy to add new machines to the
network. When a DHCP-configured client (a computer or any other network-aware device)
90
connects to a network, the DHCP client sends a broadcast query requesting necessary
information from a DHCP server. The DHCP server manages a pool of IP addresses and
information about client configuration parameters such as default gateway, domain name, the
name servers, other servers such as time servers, and so forth. On receiving a valid request,
the server assigns the computer an IP address, a lease (length of time the allocation is valid),
and other IP configuration parameters, such as the subnet mask and the default gateway. The
query is typically initiated immediately after booting, and must complete before the client can
initiate IP-based communication with other hosts.

Depending on implementation, the DHCP server may have three methods of allocating IP-
addresses:

• Dynamic allocation: A network administrator assigns a range of IP addresses to

DHCP, and each client computer on the LAN is configured to request an IP address
from the DHCP server during network initialization. The request-and-grant process
uses a lease concept with a controllable time period, allowing the DHCP server to
reclaim (and then reallocate) IP addresses that are not renewed.
• Automatic allocation: The DHCP server permanently assigns a free IP address to a
requesting client from the range defined by the administrator. This is like dynamic
allocation, but the DHCP server keeps a table of past IP address assignments, so that
it can preferentially assign to a client the same IP address that the client previously
had.
• Static allocation: The DHCP server allocates an IP address based on a table with
MAC address/IP address pairs, which are manually filled in (perhaps by a network
administrator). Only requesting clients with a MAC address listed in this table will be
allocated an IP address. This feature (which is not supported by all DHCP servers) is
variously called Static DHCP Assignment, fixed-address, Address Reservation ,
DHCP reservation or Static DHCP, and IP reservation or MAC/IP binding by various
other router manufacturers.

DHCP operations fall into four basic phases: IP discovery, IP lease offer, IP request, and IP
lease acknowledgement. Where a DHCP client and server are on the same subnet, they will
communicate via UDP broadcasts. When the client and server are on different subnets, IP
discovery and IP request messages are sent via UDP broadcasts, but IP lease offer and IP
lease acknowledgement messages are sent via unicast.

 POST OFFICE PROTOCOL(POP)

If somebody sends you an email it usually cannot be delivered directly to your computer. The
message has to be stored somewhere, though. It has to be stored in a place where you can
pick it up easily. Your ISP (Internet Service Provider) is online 24 hours on 7 days of the
week and will do that job. It receives the message for you and keeps it until you download it.

Let's suppose your email address is look@example.com. As your ISP's mail server receives
email from the internet it will look at each message and if it finds one addressed to
look@example.com that message will be filed to a folder reserved for your mail.

This folder is where the message is kept until either you retrieve it or one of your ISP's
administrators finds your account has been filled with spam and decides to delete all the mail
91
in. Now, POP, the Post Office Protocol is what allows you to retrieve mail from your ISP.
This is also about all the Post Office Protocol is good for.

WHAT POP ALLOWS US TO DO

Like it seems everything on the internet, mail retrieval is a client-server application. The Post
Office Protocol defines how your email client should talk to the POP server. The POP is a
very simple protocol. This makes it easy to implement, has earned the Post Office Protocol
widespread adoption and makes it very robust, but it also means the Post Office Protocol
provides only basic functionality.

Things that can be done via the POP include:

• Retrieve mail from an ISP and delete it on the server.

• Retrieve mail from an ISP but not delete it on the server.
• Ask whether new mail has arrived but not retrieve it.
• Peek at a few lines of a message to see whether it is worth retrieving.

Of these, the second probably sounds the most dangerous. Deleting something is always
frightening. Remember, though, that you retrieve your mail before you delete it and thus have
a copy. If you leave all your mail on the server, it will pile up there and eventually lead to a
full mailbox. When your mailbox is full, nobody will be able to send you any email before
you haven't cleaned up.

 INTERNET CONTROL MESSAGE

PROTOCOL(ICMP)
The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet
Protocol Suite. It is chiefly used by the operating systems of networked computers to send
error messages—indicating, for instance, that a requested service is not available or that a
host or router could not be reached.

ICMP relies on IP to perform its tasks, and it is an integral part of IP. It differs in purpose
from transport protocols such as TCP and UDP in that it is typically not used to send and
receive data between end systems. It is usually not used directly by user network applications,
with some notable exceptions being the ping tool and traceroute. ICMP for Internet Protocol
version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar protocol, ICMPv6.

ICMP messages are typically generated in response to errors in IP datagrams or for diagnostic
or routing purposes. ICMP messages are constructed at the IP layer, usually from a normal IP
datagram that has generated an ICMP response. IP encapsulates the appropriate ICMP
message with a new IP header (to get the ICMP message back to the original sending host)
and transmits the resulting datagram in the usual manner.

For example, every machine (such as an intermediate router) that forwards an IP datagram
has to decrement the time to live (TTL) field of the IP header by one; if the TTL reaches 0, an
ICMP Time to live exceeded in transit message is sent to the source of the datagram.

92
Each ICMP message is encapsulated directly within a single IP datagram, and thus, like UDP,
ICMP is unreliable.

Although ICMP messages are contained within standard IP datagrams, ICMP messages are
usually processed as a special case, distinguished from normal IP processing, rather than
processed as a normal sub-protocol of IP. In many cases, it is necessary to inspect the
contents of the ICMP message and deliver the appropriate error message to the application
that generated the original IP packet, the one that prompted the sending of the ICMP
message.

ICMP HEADER
Bi 0-7 8- 16- 24-
ts 15 23 31

0 Typ Cod Checksum

e e

32 ID Sequence

• Type - ICMP type as specified below.

• Code - further specification of the ICMP type; e.g. : an ICMP Destination
Unreachable might have this field set to 1 through 15 each bearing different meaning.
• Checksum - This field contains error checking data calculated from the ICMP
header+data, with value 0 for this field. The algorithm is the same as the header
checksum for IPv4.
• ID - This field contains an ID value, should be returned in case of ECHO REPLY.
• Sequence - This field contains a sequence value, should be returned in case of ECHO
REPLY.

 INTERNET MESSAGE ACCESS

PROTOCOL(IMAP)
The Internet Message Access Protocol (IMAP) is one of the two most prevalent Internet
standard protocols for e-mail retrieval, the other being the Post Office Protocol (POP). The
Internet Message Access Protocol (commonly known as IMAP, and previously called
Internet Mail Access Protocol, Interactive Mail Access Protocol, and Interim Mail Access
Protocol is an Application Layer Internet protocol that allows an e-mail client to access e-
mail on a remote mail server. Incoming e-mail messages are sent to an e-mail server that
stores messages in the recipient's email box. The user retrieves the messages with an e-mail
client that uses one of a number of e-mail retrieval protocols.

CONNECTED AND DISCONNECTED MODES OF OPERATION

When using POP, clients typically connect to the e-mail server briefly, only as long as it takes
to download new messages. When using IMAP4, clients often stay connected as long as the
user interface is active and download message content on demand. For users with many or
large messages, this IMAP4 usage pattern can result in faster response times.

93
MULTIPLE CLIENTS CONNECTED TO SAME MAILBOX

The POP protocol requires the currently connected client to be the only client connected to
the mailbox. In contrast, the IMAP protocol specifically allows simultaneous access by
multiple clients and provides mechanisms for clients to detect changes made to the mailbox
by other, concurrently connected, clients.

ACCESS TO MIME MESSAGE PARTS

Usually all Internet e-mail is transmitted in MIME format, allowing messages to have a tree
structure where the leaf nodes are any of a variety of single part content types and the non-
leaf nodes are any of a variety of multipart types. The IMAP4 protocol allows clients to
separately retrieve any of the individual MIME parts and also to retrieve portions of either
individual parts or the entire message. These mechanisms allow clients to retrieve the text
portion of a message without retrieving attached files or to stream content as it is being
fetched.

MESSAGE STATE INFORMATION

Through the use of flags defined in the IMAP4 protocol, clients can keep track of message
state; for example, whether or not the message has been read, replied to, or deleted. These
flags are stored on the server, so different clients accessing the same mailbox at different
times can detect state changes made by other clients.

MULTIPLE MAIL BOXES ON SERVER

IMAP4 clients can create, rename, and/or delete mailboxes (usually presented to the user as
folders) on the server, and move messages between mailboxes. Multiple mailbox support also
allows servers to provide access to shared and public folders.

SERVER-SIDE SEARCHES

IMAP4 provides a mechanism for a client to ask the server to search for messages meeting a
variety of criteria. This mechanism avoids requiring clients to download every message in the
mailbox in order to perform these searches.

DISADVANTAGES

While IMAP remedies many of the shortcomings of POP, this inherently introduces
additional complexity. Unless the mail store and searching algorithms on the server are
carefully implemented, a client can potentially consume large amounts of server resources
when searching massive mailboxes.IMAP4 clients need to maintain a TCP/IP connection to
the IMAP server in order to be notified of the arrival of new mail.. Unlike some proprietary
protocols which combine sending and retrieval operations, sending a message and saving a
copy in a server-side folder with a base-level IMAP client requires transmitting the message
content twice, once to SMTP for delivery and a second time to IMAP to store in a sent mail
folder.

94
  POINT TO POINT PROTOCOL (PPP)
In networking, the Point-to-Point Protocol, or PPP, is a data link protocol commonly used to
establish a direct connection between two networking nodes. It can provide connection
authentication, transmission encryption privacy, and compression. PPP is used over many
types of physical networks including serial cable, phone line, trunk line, cellular telephone,
specialized radio links, and fiber optic links such as SONET. Most Internet service providers
(ISPs) use PPP for customer dial-up access to the Internet. The standard that defines PPP
immediately starts describing protocols that comprise it, which is why it is considered a
protocol suite. At the highest level, the functions of PPP can be broken down into several
components. Each of these encompasses a general class of PPP functionality, and is
represented by either one protocol in the suite or a set of protocols.

PPP COMPONENTS

• PPP Encapsulation Method: The primary job of PPP is to take higher-layer

messages such as IP datagrams and encapsulate them for transmission over the
underlying physical layer link. To this end, PPP defines a special frame format for
encapsulating data for transmission, based on the framing used in the HDLC protocol.
The PPP frame has been specially designed to be small in size and contain only
simple fields, to maximize bandwidth efficiency and speed in processing.

Figure 13-1 Six Fields Make Up the PPP Frame

o Flag—A single byte that indicates the beginning or end of a frame. The flag
field consists of the binary sequence 01111110.
o Address—A single byte that contains the binary sequence 11111111, the
standard broadcast address. PPP does not assign individual station addresses.
o Control—A single byte that contains the binary sequence 00000011, which
calls for transmission of user data in an unsequenced frame. A connectionless
link service similar to that of Logical Link Control (LLC) Type 1 is provided.
(For more information about LLC types and frame types, refer to Chapter 16.)
o Protocol—Two bytes that identify the protocol encapsulated in the
information field of the frame. The most up-to-date values of the protocol field
are specified in the most recent Assigned Numbers Request For Comments
(RFC).
o Data—Zero or more bytes that contain the datagram for the protocol specified
in the protocol field. The end of the information field is found by locating the
closing flag sequence and allowing 2 bytes for the FCS field. The default
maximum length of the information field is 1,500 bytes. By prior agreement,
consenting PPP implementations can use other values for the maximum
information field length.

95
 o Frame check sequence (FCS)—Normally 16 bits (2 bytes). By prior
agreement, consenting PPP implementations can use a 32-bit (4-byte) FCS for
improved error detection.

• Link Control Protocol (LCP): The PPP Link Control Protocol (LCP) is responsible
for setting up, maintaining and terminating the link between devices. It is a flexible,
extensible protocol that allows many configuration parameters to be exchanged to
ensure that both devices agree on how the link will be used.
• Network Control Protocols (NCPs): PPP supports the encapsulation of many
different layer three datagram types. Some of these require additional setup before the
link can be activated. After the general link setup is completed with LCP, control is
passed to the PPP Network Control Protocol (NCP) specific to the layer three protocol
being carried on the PPP link. For example, when IP is carried over PPP the NCP
used is the PPP Internet Protocol Control Protocol (IPCP). Other NCPs are defined
for supporting the IPX protocol, the NetBIOS Frames (NBF) protocol, and so forth.

96