Vous êtes sur la page 1sur 50

Introduction Welcome Welcome to the CCNA Exploration Network Fundamentals course.

The goal of this course is to introduce you to fundamental networking concepts and technologies. These online course materials will assist you in developing the skills necessary to plan and implement small networks across a range of applications. The specific skills covered in each chapter are described at the start of each chapter. More than just information This computer-based learning environment is an important part of the overall course experience for students and instructors in the Networking Academy. These online course materials are designed to be used along with several other instructional tools and activities. These include: Class presentation, discussion, and practice with your instructor Hands-on labs that use networking equipment within the Networking Academy classroom Online scored assessments and a matching grade book Packet Tracer simulation tool Additional software for classroom activitiesA global community When you participate in the Networking Academy, you are joining a global community linked by common goals and technologies. Schools, colleges, universities and other entities in over 160 countries participate in the program. A visualization of the global Networking Academy community at http://www.academynetspace.com. The material in this course encompasses a broad range of technologies that facilitate how people work, live, play, and learn by communicating with voice, video, and other data. Networking and the Internet affect people differently in different parts of the world. Although we have worked with instructors from around the world to create these materials, it is important that you work with your instructor and fellow students to make the material in this course applicable to your local situation. Keep in Touch These online instructional materials, as well as the rest of the course tools, are part of the larger Networking Academy. The student, instructor, and administrator portal for the program is located at http://www.cisco.com/web/learning/netacad/index.html. There you will obtain access to the other tools in the program such as the assessment server and student grade book, as well as informational updates and other relevant links.

Mind Wide Open An important goal in education is to enrich you, the student, by expanding what you know and can do. It is important to realize, however, that the instructional materials and the instructor can only facilitate the process. You must make the commitment yourself to learn new skills. Below are a few suggestions to help you learn and grow. 1. Take notes. Professionals in the networking field often keep Engineering Journals in which they write down the things they observe and learn. Taking notes is an important way to help your understanding grow over time. 2. Think about it. The course provides information both to change what you know and what you can do. As you go through the course, ask yourself what makes sense and what doesn't. Stop and ask questions when you are confused. Try to find out more about topics that interest you. If you are not sure why something is being taught, consider asking your instructor or a friend. Think about how the different parts of the course fit together. 3. Practice. Learning new skills requires practice. We believe this is so important to e-learning that we have a special name for it. We call it e-Doing. It is very important that you complete the activities in the online instructional materials and that you also complete the hands-on labs and Packet Tracer activities. 4. Practice again. Have you ever thought that you knew how to do something and then, when it was time to show it on a test or at work, you discovered that you really hadnt mastered it? Just like learning any new skill like a sport, game, or language, learning a professional skill requires patience and repeated practice before you can say you have truly learned it. The online instructional materials in this course provide opportunities for repeated practice for many skills. Take full advantage of them. You can also work with your instructor to extend Packet Tracer, and other tools, for additional practice as needed. 5. Teach it. Teaching a friend or colleague is often a good way to reinforce your own learning. To teach well, you will have to work through details that you may have overlooked on your first reading. Conversations about the course material with fellow students, colleagues, and the instructor can help solidify your understanding of networking concepts. 6. Make changes as you go. The course is designed to provide feedback through interactive activities and quizzes, the online assessment system, and through structured interactions with your instructor. You can use this feedback to better understand where your strengths and weaknesses are. If

there is an area that you are having trouble with, focus on studying or practicing more in that area. Seek additional feedback from your instructor and other students. Explore the world of networking This version of the course includes a special tool called Packet Tracer. Packet Tracer is a networking learning tool that supports a wide range of physical and logical simulations. It also provides visualization tools to help you to understand the internal workings of a network. The pre-made Packet Tracer activities consist of network simulations, games, activities, and challenges that provide a broad range of learning experiences. Create your own worlds You can also use Packet Tracer to create your own experiments and networking scenarios. We hope that, over time, you consider using Packet Tracer - not only for experiencing the pre-built activities, but also to become an author, explorer, and experimenter. The online course materials have embedded Packet Tracer activities that will launch on computers running Windows operating systems, if Packet Tracer is installed. This integration may also work on other operating systems using Windows emulation. Course Overview As the course title states, the focus of this course is on learning the fundamentals of networking. In this course, you will learn both the practical and conceptual skills that build the foundation for understanding basic networking. First, you will examine human versus network communication and see the parallels between them. Next, you will be introduced to the two major models used to plan and implement networks: OSI and TCP/IP. You will gain an understanding of the "layered" approach to networks and examine the OSI and TCP/IP layers in detail to understand their functions and services. You will become familiar with the various network devices, network addressing schemes and, finally, the types of media used to carry data across the network. In this course, you will gain experience using networking utilities and tools, such as Packet Tracer and Wireshark, to explore networking protocols and concepts. These tools will help you to develop an understanding of how data flows in a network. A special "model Internet" is also used to provide a test environment where a range of network services and data can be observed and analyzed.

Chapter 1 - Chapter 1 presents the basics of communication and how networks have changed our lives. You will be introduced to the concepts of networks, data, local area networks (LANs), wide area networks (WANs), quality of service (QoS), security issues, network collaboration services, and Packet Tracer activities. In the labs, you will learn how to set up a wiki and establish an instant messaging session. Chapter 2 - Chapter 2 focuses on how networks are modeled and used. You will be introduced to the OSI and TCP/IP models and to the process of data encapsulation. You will learn about the network tool Wireshark, which is used for analyzing network traffic, and will explore the differences between a real network and a simulated network. In the lab, you will build your first network - a small peer-to-peer network. Chapter 3 - Using a top-down approach to teaching networking, Chapter 3 introduces you to the top network model layer, the Application layer. In this context, you will explore the interaction of protocols, services, and applications, with a focus on HTTP, DNS, DHCP, SMTP/POP, Telnet and FTP. In the labs, you will practice installing a web server/client and use Wireshark to analyze network traffic. The Packet Tracer activities let you explore how protocols operate at the Application layer. Chapter 4 - Chapter 4 introduces the Transport layer and focuses on how the TCP and UDP protocols apply to the common applications. In the labs and activities, you will incorporate the use of Wireshark, the Windows utilities command netstat, and Packet Tracer to investigate these two protocols. Chapter 5 - Chapter 5 introduces the OSI Network layer. You will examine concepts of addressing and routing and learn about path determination, data packets, and the IP protocol. By the end of this chapter, you will configure hosts to access the local network and explore routing tables. Course Overview Continued Chapter 6 - In Chapter 6, you will focus on network addressing in detail and learn how to use the address mask, or prefix length, to determine the number of subnetworks and hosts in a network. You will also be introduced to ICMP (Internet Control Message Protocol) tools, such as ping and trace. Chapter 7 - Chapter 7 discusses the services provided by Data Link layer. An emphasis is placed on the encapsulation processes that occur as data travels across the LAN and the WAN.

Chapter 8 - Chapter 8 introduces the Physical layer. You will discover how data sends signals and is encoded for travel across the network. You'll learn about bandwidth and also about the types of media and their associated connectors. Chapter 9 - In Chapter 9, you will examine the technologies and operation of Ethernet. You will use Wireshark, Packet Tracer activities, and lab exercises to explore Ethernet. Chapter 10 - Chapter 10 focuses on designing and cabling a network. You will apply the knowledge and skills developed in the previous chapters to determine the appropriate cables to use, how to connect devices, and develop an addressing and testing scheme. Chapter 11 - In Chapter 11, you will connect and configure a small network using basic Cisco IOS commands for routers and switches. Upon completion of this final chapter, you will be prepared you to go on to either CCNA Exploration Routing or CCNA Exploration Switching courses. Wireshark, is a registered trademark of Gerald Combs. 1.0.1 Chapter Intoduction We now stand at a critical turning point in the use of technology to extend and empower our human network. The globalization of the Internet has succeeded faster than anyone could have imagined. The manner in which social, commercial, political and personal interactions occur is rapidly changing to keep up with the evolution of this global network. In the next stage of our development, innovators will use the Internet as a starting point for their efforts - creating new products and services specifically designed to take advantage of the network capabilities. As developers push the limits of what is possible, the capabilities of the interconnected networks that form the Internet will play an increasing role in the success of these projects. This chapter introduces the platform of data networks upon which our social and business relationships increasingly depend. The material lays the groundwork for exploring the services, technologies, and issues encountered by network professionals as they design, build, and maintain the modern network. In this chapter, you will learn to: Describe how networks impact our daily lives. Describe the role of data networking in the human network.

Identify the key components of any data network. Identify the opportunities and challenges posed by converged networks. Describe the characteristics of network architectures: fault tolerance, scalability, quality of service and security. Install and use IRC clients and a Wiki server. >network-is a multiple computers connected together using a communications system. The purpose of a network is for computers to communicate and share files. >internet is a publicly accessible network of interconnected computer networks that transmit data by using IP, the internet protocol. >digital networks used to send data between computers. >a computer that provides services to clients. Servers are the central point in clients/server model networks. There exist many services that a server can provide to network clients. For example; DNS, DHCP, File storage, Appplication hosting, website hosting. 1.1.1Network supporting the way we live Among all of the essentials for human existence, the need to interact with others ranks just below our need to sustain life. Communication is almost as important to us as our reliance on air, water, food, and shelter. The methods that we use to share ideas and information are constantly changing and evolving. Whereas the human network was once limited to face-to-face conversations, media breakthroughs continue to extend the reach of our communications. From the printing press to television, each new development has improved and enhanced our communication. As with every advance in communication technology, the creation and interconnection of robust data networks is having a profound effect. Early data networks were limited to exchanging character-based information between connected computer systems. Current networks have evolved to carry voice, video streams, text, and graphics between many different types of devices. Previously separate and distinct communication forms have converged onto a common platform. This platform provides access to a wide range of alternative and new communication methods that enable people to interact directly with each other almost instantaneously. The immediate nature of communications over the Internet encourages the formation of global communities. These communities foster social interaction that is independent of location or time zone. >in the context of this course media is the plural form of medium.

The Global Community Technology is perhaps the most significant change agent in the world today, as it helps to create a world in which national borders, geographic distances, and physical limitations become less relevant, and present ever-diminishing obstacles. The creation of online communities for the exchange of ideas and information has the potential to increase productivity opportunities across the globe. As the Internet connects people and promotes unfettered communication, it presents the platform on which to run businesses, to address emergencies, to inform individuals, and to support education, science, and government. Click PLAY to watch how the Internet, and its underlying technology, brings opportunities to people wherever they live or work. It is incredible how quickly the Internet became an integral part of our daily routines. The complex interconnection of electronic devices and media that comprise the network is transparent to the millions of users who make it a valued and personal part of their lives. Data networks that were once the transport of information from business to business have been repurposed to improve the quality of life for people everywhere. In the course of a day, resources available through the Internet can help you: Decide what to wear using online current weather conditions. Find the least congested route to your destination, displaying weather and traffic video from webcams. Check your bank balance and pay bills electronically. Receive and send e-mail, or make an Internet phone call, at an Internet cafe over lunch. Obtain health information and nutritional advice from experts all over the world, and post to a forum to share related health or treatment information. Download new recipes and cooking techniques to create a spectacular dinner. Post and share your photographs, home videos, and experiences with friends or with the world. Many uses of the Internet would have been hard to imagine just a few years ago. Take for example, one person's experience publishing a home music video: "My goal is to make my own movies. One day, my friend Adi and I made a video as a surprise for her boyfriend's birthday. We recorded ourselves lip-

synching to a song and dancing around. Then we decided, why not post it. Well, the reaction has been huge. It's had over 9 million views so far, and the movie director Kevin Smith even did a short spoof of it. I don't know what draws people to the video. Maybe it's the simplicity of it, or the song. Maybe it's because it's spontaneous and fun, and it makes people feel good. I don't know. But I do know that I can do what I love and share it online with millions of people around the world. All I need is my computer, digital camcorder, and some software. And that's an amazing thing." >electronic mail is a store and forward method of composing, sending, storing, and receiving messages over electronic communication systems. >software-program or codes used by computer to carry out certain functions. Lab Activity Use satellite imagery available through the Internet to explore your world. Click the lab icon for more details. 1.1.2 Example of Today's Popular communication Tools The existence and broad adoption of the Internet has ushered in new forms of communication that empower individuals to create information that can be accessed by a global audience. Instant Messaging Instant messaging (IM) is a form of real-time communication between two or more people based on typed text. The text is conveyed via computers connected over either a private internal network or over a public network, such as the Internet. Developed from earlier Internet Relay Chat (IRC) services, IM also incorporates features such as file transfer, voice, and video communication. Like e-mail, IM sends a written record of the communication. However, whereas transmission of e-mail messages is sometimes delayed, IM messages are received immediately. The form of communication that IM uses is called real-time communication. Weblogs (blogs) Weblogs are web pages that are easy to update and edit. Unlike commercial websites, which are created by professional communications experts, blogs give anyone a means to communicate their thoughts to a global audience without technical knowledge of web design. There are blogs on nearly every topic one can think of, and communities of people often form around popular blog authors.

Wikis Wikis are web pages that groups of people can edit and view together. Whereas a blog is more of an individual, personal journal, a wiki is a group creation. As such, it may be subject to more extensive review and editing. Like blogs, wikis can be created in stages, and by anyone, without the sponsorship of a major commercial enterprise. There is a public wiki, called Wikipedia, that is becoming a comprehensive resource - an online encyclopedia - of publicly-contributed topics. Private organizations and individuals can also build their own wikis to capture collected knowledge on a particular subject. Many businesses use wikis as their internal collaboration tool. With the global Internet, people of all walks of life can participate in wikis and add their own perspectives and knowledge to a shared resource. Podcasting Podcasting is an audio-based medium that originally enabled people to record audio and convert it for use with iPods - a small, portable device for audio playback manufactured by Apple. The ability to record audio and save it to a computer file is not new. However, podcasting allows people to deliver their recordings to a wide audience. The audio file is placed on a website (or blog or wiki) where others can download it and play the recording on their computers, laptops, and iPods. Collaboration Tools Collaboration tools give people the opportunity to work together on shared documents. Without the constraints of location or time zone, individuals connected to a shared system can speak to each other, share text and graphics, and edit documents together. With collaboration tools always available, organizations can move quickly to share information and pursue goals. The broad distribution of data networks means that people in remote locations can contribute on an equal basis with people at the heart of large population centers. >events or signals that show output as fast as possible, or as they happen. >A wiki is a website that lets visitors add, edit and delete content, typically without the need for registration. 1.1.3Networks Supporting the way we learn Communication, collaboration, and engagement are fundamental building blocks of education. Institutions are continually striving to enhance these

processes to maximize the dissemination of knowledge. Robust and reliable networks support and enrich student learning experiences. These networks deliver learning material in a wide range of formats. The learning materials include interactive activities, assessments, and feedback. Courses delivered using network or Internet resources are often called online learning experiences, or e-learning. The availability of e-learning courseware has multiplied the resources available to students many times over. Traditional learning methods provide primarily two sources of expertise from which the student can obtain information: the textbook and the instructor. These two sources are limited, both in the format and the timing of the presentation. In contrast, online courses can contain voice, data, and video, and are available to the students at any time from any place. Students can follow links to different references and to subject experts in order to enhance their learning experience. Online discussion groups and message boards enable a student to collaborate with the instructor, with other students in the class, or even with students across the world. Blended courses can combine instructor-led classes with online courseware to provide the best of both delivery methods. Access to high quality instruction is no longer restricted to students living in proximity to where that instruction is being delivered. Online distance learning has removed geographic barriers and improved student opportunity. The Cisco Networking Academy Program, which offers this course, is an example of a global online learning experience. The instructor provides a syllabus and establishes a preliminary schedule for completing the course content. The Academy program supplements the expertise of the instructor with an interactive curriculum that provides many forms of learning experiences. The program provides text, graphics, animations, and a simulated networking environment tool called Packet Tracer. Packet Tracer provides a way to build virtual representations of networks and emulate many of the functions of networking devices. Students may communicate with the instructor and fellow students using online tools, like e-mail, bulletin/discussion boards, chat rooms, and instant messaging. Links provide access to learning resources outside of the courseware. Blended e-learning provides the benefits of computer-based training while retaining advantages of instructor-led curriculum. Students have the opportunity to work online at their own pace and skill level while still having access to an instructor and other live resources.

messaging, and telephony. In addition to the benefits for the student, networks have improved the management and administration of courses as well. Some of these online functions include enrollment, assessment delivery and grade books. In the business world, the use of networks to provide efficient and costeffective employee training is increasing in acceptance. Online learning opportunities can decrease time-consuming and costly travel yet still ensure that all employees are adequately trained to perform their jobs in a safe and productive manner. Online courseware and delivery offer many benefits to businesses. Among the benefits are: Current and accurate training materials. Collaboration between vendors, equipment manufacturers and training providers ensures that the courseware is up-to-date with the latest processes and procedures. When errors in materials are found and corrected, the new courseware is immediately available to all employees. Availability of training to a wide audience. Online training is not dependent on travel schedules, instructor availability or physical class size. Employees can be given deadlines by which training is to be completed and the employees can access the courseware when it is convenient. Consistent quality of instruction. The quality of the instruction does not vary as it would if different instructors were delivering an in-person course. The online curriculum provides a consistent core of instruction to which instructors can add additional expertise. Cost reduction. In addition to reducing the cost of travel and the lost time associated with travel, there are other cost reducing factors for business related to online training. It is usually less expensive to revise and update online courseware than it is to update paper-based material. Facilities to support in-person training can also be reduced or eliminated. Many businesses also provide customer training online. This courseware enables the customers to use the products and services provided by the business in the best manner, reducing calls to the help lines or customer service centers. 1.1.4 Initially, data networks were used by businesses to internally record and manage financial information, customer information, and employee payroll systems. These business networks evolved to enable the transmission of many different types of information services, including e-mail, video, Intranets, private networks in use by just one company, enable businesses to communicate and perform transactions among global employee and branch locations. Companies develop extranets, or extended internetworks, to provide suppliers, vendors, and customers limited access to corporate data to check order status, inventory, and parts lists. Today, networks provide a greater integration between related functions and organizations than was possible in the past. Consider these business scenarios. A wheat farmer in Australia uses a laptop enabled with a Global Positioning System (GPS) to plant a crop with precision and efficiency. At harvest time, the farmer can co-ordinate harvesting with the availability of grain transporters and storage facilities. Using mobile wireless technology, the grain transporter can monitor the vehicle in-route in order to maintain the best fuel efficiency and safe operation. Changes in status can be relayed to the driver of the vehicle instantly. Remote workers, called teleworkers or telecommuters, use secure remote access services from home or while traveling. The data network enables them to work as if they were on-site, with access to all the network-based tools normally available for their jobs. Virtual meetings and conferences can be convened which include people in remote locations. The network provides audio and video capability so all participants can both see and hear each other. The information from the meetings can be recorded to a wiki or blog. The latest versions of the agenda and minutes can be shared as soon as they are created. There are many success stories illustrating innovative ways networks are being used to make us more successful in the workplace. Some of these scenarios are available through the Cisco web site at http://www.cisco.com 1.1.5 The widespread adoption of the Internet by the entertainment and travel industries enhances the ability to enjoy and share many forms of recreation, regardless of location. It is possible to explore places interactively that previously we could only dream of visiting, as well as preview the actual destinations before making a trip. The details and photographs from these adventures may be posted online for others to view. The Internet is used for traditional forms of entertainment, as well. We listen to recording artists, preview or view motion pictures, read entire books and

download material for future offline access. Live sporting events and concerts can be experienced as they are happening, or recorded and viewed on demand. Networks enable the creation of new forms of entertainment, such as online games. Players participate in any kind of online competition that game designers can imagine. We compete with friends and foes around the world in the same manner if they were in the same room. Even offline activities are enhanced using network collaboration services. Global communities of interest have grown rapidly. We share common experiences and hobbies well beyond our local neighborhood, city, or region. Sports fans share opinions and facts about their favorite teams. Collectors display prized collections and get expert feedback about them. Online markets and auction sites provide the opportunity to buy, sell and trade all types of merchandise. Whatever form of recreation we enjoy in the human network, networks are improving our experience. 1.2.1What is Communication? Communication in our daily lives takes many forms and occurs in many environments. We have different expectations depending on whether we are chatting via the Internet or participating in a job interview. Each situation has its corresponding expected behaviors and styles. Establishing the Rules Before beginning to communicate with each other, we establish rules or agreements to govern the conversation. These rules, or protocols, must be followed in order for the message to be successfully delivered and understood. Among the protocols that govern successful human communication are: An identified sender and receiver Agreed upon method of communicating (face-to-face, telephone, letter, photograph) Common language and grammar Speed and timing of delivery Confirmation or acknowledgement requirements Communication rules may vary according to the context. If a message

conveys an important fact or concept, a confirmation that the message has been received and understood is necessary. Less important messages may not require an acknowledgement from the recipient. The techniques that are used in network communications share these fundamentals with human conversations. Because many of our human communication protocols are implicit or are ingrained in our cultures, some rules can be assumed. In establishing data networks, it is necessary to be much more explicit about how communication takes place and how it is judged successful. 1.2.2Quality of Communication Communication between individuals is determined to be successful when the meaning of the message understood by the recipient matches the meaning intended by the sender. For data networks, we use the same basic criteria to judge success. However, as a message moves through the network, many factors can prevent the message from reaching the recipient or distort its intended meaning. These factors can be either external or internal. External Factors The external factors affecting communication are related to the complexity of the network and the number of devices a message must pass through on its route to its final destination. External factors affecting the success of communication include: The quality of the pathway between the sender and the recipient The number of times the message has to change form The number of times the message has to be redirected or readdressed The number of other messages being transmitted simultaneously on the communication network The amount of time allotted for successful communication Internal Factors Internal factors that interfere with network communication are related to the nature of the message itself. Different types of messages may vary in complexity and importance. Clear and concise messages are usually easier to understand than complex

messages. Important communications require more care to ensure that they are delivered and understood by the recipient. Internal factors affecting the successful communication across the network include: The size of the message The complexity of the message The importance of the message Large messages may be interrupted or delayed at different points within the network. A message with a low importance or priority could be dropped if the network becomes overloaded. Both the internal and external factors that affect the receipt of a message must be anticipated and controlled for network communications to be successful. New innovations in network hardware and software are being implemented to ensure the quality and reliability of network communications. 1.3.1Communicating over Network Being able to reliably communicate to anyone, anywhere, is becoming increasingly important to our personal and business lives. In order to support the immediate delivery of the millions of messages being exchanged between people all over the world, we rely on a web of interconnected networks. These data or information networks vary in size and capabilities, but all networks have four basic elements in common: Rules or agreements to govern how the messages are sent, directed, received and interpreted The messages or units of information that travel from one device to another A means of interconnecting these devices - a medium that can transport the messages from one device to another Devices on the network that exchange messages with each other The standardization of the various elements of the network enables equipment and devices created by different companies to work together. Experts in various technologies can contribute their best ideas on how to develop an efficient network, without regard to the brand or manufacturer of the equipment. 1.3.2The Elements of a Network The diagram shows elements of a typical network, including devices, media,

and services, tied together by rules, that work together to send messages. We use the word messages as a term that encompasses web pages, e-mail, instant messages, telephone calls, and other forms of communication enabled by the Internet. In this course, we will learn about a variety of messages, devices, media, and services that allow the communication of those messages. We will also learn about the rules, or protocols, that tie these network elements together. In this course, many networking devices will be discussed. Networking is a very graphically oriented subject, and icons are commonly used to represent networking devices. On the left side of the diagram are shown some common devices which often originate messages that comprise our communication. These include various types of computers (a PC and laptop icon are shown), servers, and IP phones. On local area networks these devices are typically connected by LAN media (wired or wireless). The right side of the figure shows some of the most common intermediate devices, used to direct and manage messages across the network, as well as other common networking symbols. Generic symbols are shown for: Switch - the most common device for interconnecting local area networks Firewall - provides security to networks Router - helps direct messages as they travel across a network Wireless Router - a specific type of router often found in home networks Cloud - used to summarize a group of networking devices, the details of which may be unimportant to the discussion at hand Serial Link - one form of WAN interconnection, represented by the lightning bolt-shaped line For a network to function, the devices must be interconnected. Network connections can be wired or wireless. In wired connections, the medium is either copper, which carries electrical signals, or optical fiber, which carries light signals. In wireless connections, the medium is the Earth's atmosphere, or space, and the signals are microwaves. Copper medium includes cables, such as twisted pair telephone wire, coaxial cable, or most commonly, what is known as Category 5 Unshielded Twisted Pair (UTP) cable. Optical fibers, thin strands of glass or plastic that carry light signals, are another form of networking media. Wireless media may include the home wireless connection between a wireless router and a computer with a wireless network card, the terrestrial wireless connection between two ground stations, or the communication between devices on earth and satellites. In a typical journey across the Internet, a message may travel across a variety of media. Human beings often seek to send and receive a variety of messages using

computer applications; these applications require services to be provided by the network. Some of these services include the World Wide Web, e-mail, instant messaging, and IP Telephony. Devices interconnected by medium to provide services must be governed by rules, or protocols. In the chart, some common services and a protocol most directly associated with that service are listed. Protocols are the rules that the networked devices use to communicate with each other. The industry standard in networking today is a set of protocols called TCP/IP (Transmission Control Protocol/Internet Protocol). TCP/IP is used in home and business networks, as well as being the primary protocol of the Internet. It is TCP/IP protocols that specify the formatting, addressing and routing mechanisms that ensure our messages are delivered to the correct recipient. We close this section with an example to tie together how the elements of networks - devices, media, and services - are connected by rules to deliver a message. People often only picture networks in the abstract sense. We create and send a text message and it almost immediately shows up on the destination device. Although we know that between our sending device and the receiving device there is a network over which our message travels, we rarely think about all the parts and pieces that make up that infrastructure. The Messages In the first step of its journey from the computer to its destination, our instant message gets converted into a format that can be transmitted on the network. All types of messages must be converted to bits, binary coded digital signals, before being sent to their destinations. This is true no matter what the original message format was: text, video, voice, or computer data. Once our instant message is converted to bits, it is ready to be sent onto the network for delivery. The Devices To begin to understand the robustness and complexity of the interconnected networks that make up the Internet, it is necessary to start with the basics. Take the example of sending the text message using an instant messaging program on a computer. When we think of using network services, we usually think of using a computer to access them. But, a computer is only one type of device that can send and receive messages over a network. Many other types of devices can also be connected to the network to participate in

network services. Among these devices are telephones, cameras, music systems, printers and game consoles. In addition to the computer, there are numerous other components that make it possible for our instant message to be directed across the miles of wires, underground cables, airwaves and satellite stations that might exist between the source and destination devices. One of the critical components in any size network is the router. A router joins two or more networks, like a home network and the Internet, and passes information from one network to another. Routers in a network work to ensure that the message gets to its destination in the most efficient and quickest manner. The Medium To send our instant message to its destination, the computer must be connected to a wired or wireless local network. Local networks can be installed in homes or businesses, where they enable computers and other devices to share information with each other and to use a common connection to the Internet. Wireless networks allow the use of networked devices anywhere in an office or home, even outdoors. Outside the office or home, wireless networking is available in public hotspots, such as coffee shops, businesses, hotel rooms, and airports. Many installed networks use wires to provide connectivity. Ethernet is the most common wired networking technology found today. The wires, called cables, connect the computers and other devices that make up the networks. Wired networks are best for moving large amounts of data at high speeds, such as are required to support professional-quality multimedia. The Services Network services are computer programs that support the human network. Distributed on devices throughout the network, these services facilitate online communication tools such as e-mail, bulletin/discussion boards, chat rooms, and instant messaging. In the case of instant messaging, for example, an instant messaging service, provided by devices in the cloud, must be accessible to both the sender and recipient. The Rules

Important aspects of networks that are neither devices nor media are rules, or protocols. These rules are the standards and protocols that specify how the messages are sent, how they are directed through the network, and how they are interpreted at the destination devices. For example, in the case of Jabber instant messaging, the XMPP, TCP, and IP protocols are all important sets of rules that enable our communication to occur. 1.3.3Converged networks Multiple services-multiple networks Traditional telephone, radio, television, and computer data networks each have their own individual versions of the four basic network elements. In the past, every one of these services required a different technology to carry its particular communication signal. Additionally, each service had its own set of rules and standards to ensure successful communication of its signal across a specific medium. Converged networks Technology advances are enabling us to consolidate these disparate networks onto one platform - a platform defined as a converged network. The flow of voice, video, and data traveling over the same network eliminates the need to create and maintain separate networks. On a converged network there are still many points of contact and many specialized devices - for example, personal computers, phones, TVs, personal assistants, and retail point-of-sale registers - but only one common network infrastructure. Intelligent Information Networks The role of the network is evolving. The intelligent communications platform of tomorrow will offer so much more than basic connectivity and access to applications. The convergence of the different types of communications networks onto one platform represents the first phase in building the intelligent information network. We are currently in this phase of network evolution. The next phase will be to consolidate not only the different types of messages onto a single network, but to also consolidate the applications that generate, transmit, and secure the messages onto integrated network devices. Not only will voice and video be transmitted over the same network, the devices that perform the telephone switching and video broadcasting will be the same devices that route the messages through the network. The resulting communications platform will provide high quality application functionality at a reduced cost. Planning for the Future

The pace at which the development of exciting new converged network applications is occurring can be attributed to the rapid expansion of the Internet. This expansion has created a wider audience and a larger consumer base for whatever message, product or service can be delivered. The underlying mechanics and processes that drive this explosive growth have resulted in a network architecture that is both resilient and scalable. As the supporting technology platform for living, learning, working, and playing in the human network, the network architecture of the Internet must adapt to constantly changing requirements for a high quality of service and security. 1.4.1The network architecture Networks must support a wide range of applications and services, as well as operate over many different types of physical infrastructures. The term network architecture, in this context, refers to both the technologies that support the infrastructure and the programmed services and protocols that move the messages across that infrastructure. As the Internet, and networks in general, evolve, we are discovering that there are four basic characteristics that the underlying architectures need to address in order to meet user expectations: fault tolerance, scalability, quality of service, and security. Fault Tolerance The expectation that the Internet is always available to the millions of users who rely on it requires a network architecture that is designed and built to be fault tolerant. A fault tolerant network is one that limits the impact of a hardware or software failure and can recover quickly when such a failure occurs. These networks depend on redundant links, or paths, between the source and destination of a message. If one link or path fails, processes ensure that messages can be instantly routed over a different link transparent to the users on either end. Both the physical infrastructures and the logical processes that direct the messages through the network are designed to accommodate this redundancy. This is a basic premise of the architecture of current networks. Scalability A scalable network can expand quickly to support new users and applications without impacting the performance of the service being delivered to existing users. Thousands of new users and service providers connect to the Internet each week. The ability of the network to support these new interconnections depends on a hierarchical layered design for the underlying physical infrastructure and logical architecture. The operation at each layer enables

users or service providers to be inserted without causing disruption to the entire network. Technology developments are constantly increasing the message carrying capabilities and performance of the physical infrastructure components at every layer. These developments, along with new methods to identify and locate individual users within an internetwork, are enabling the Internet to keep pace with user demand. Quality of Service (QoS) The Internet is currently providing an acceptable level of fault tolerance and scalability for its users. But new applications available to users over internetworks create higher expectations for the quality of the delivered services. Voice and live video transmissions require a level of consistent quality and uninterrupted delivery that was not necessary for traditional computer applications. Quality of these services is measured against the quality of experiencing the same audio or video presentation in person. Traditional voice and video networks are designed to support a single type of transmission, and are therefore able to produce an acceptable level of quality. New requirements to support this quality of service over a converged network are changing the way network architectures are designed and implemented. Security The Internet has evolved from a tightly controlled internetwork of educational and government organizations to a widely accessible means for transmission of business and personal communications. As a result, the security requirements of the network have changed. The security and privacy expectations that result from the use of internetworks to exchange confidential and business critical information exceed what the current architecture can deliver. Rapid expansion in communication areas that were not served by traditional data networks is increasing the need to embed security into the network architecture. As a result, much effort is being devoted to this area of research and development. In the meantime, many tools and procedures are being implemented to combat inherent security flaws in the network architecture. 1.4.2 A Fault tolerant network architecture The Internet, in its early inception, was the result of research funded by the United States Department of Defense (DoD). Its primary goal was to have a communications medium that could withstand the destruction of numerous sites and transmission facilities without disruption of service. It only follows that fault tolerance was the focus of the effort of the initial internetwork design work. Early network researchers looked at the existing

communication networks, which were primarily for the transmission of voice traffic, to determine what could be done to improve the fault tolerance level. Circuit Switched Connection-oriented Networks To understand the challenge that the DoD researchers were faced with, it is necessary to look at how early telephone systems work. When a person makes a call using a traditional telephone set, the call first goes through a setup process, where all of the telephone switching locations between the person and the phone set that they are calling are identified. A temporary path, or circuit, is created through the various switching locations to use for the duration of the telephone call. If any link or device participating in the circuit fails, the call is dropped. To reconnect, a new call must be made, and a new circuit created between the source telephone set and the destination. This type of connection-oriented network is called a circuit-switched network. Early circuit switched networks did not dynamically recreate dropped circuits. In order to recover from failure, new calls had to be initiated and new circuits built end-to-end. Many circuit switched networks give priority to maintaining existing circuit connections, at the expense of new circuit requests. In this type of connection-oriented network, once a circuit is established, even if no communication is occurring between the persons on either end of the call, the circuit remains connected and resources reserved until one of the parties disconnects the call. Since there is a finite capacity to create new circuits, it is possible to occasionally get a message that all circuits are busy and a call cannot be placed. The cost to create many alternate paths with enough capacity to support a large number of simultaneous circuits, and the technologies necessary to dynamically recreate dropped circuits in the event of a failure, led the DoD to consider other types of networks. Packet Switched Connectionless Networks In the search for a network that could withstand the loss of a significant amount of its transmission and switching facilities, the early Internet designers reevaluated early research regarding packet switched networks. The premise for this type of networks is that a single message can be broken into multiple message blocks. Individual blocks containing addressing information indicate both their origination point and their final destination. Using this embedded information, these message blocks, called packets, can be sent through the network along various paths, and can be reassembled into the original message upon reaching their destination.

Utilizing Packets The devices within the network itself are unaware of the content of the individual packets, only visible is the address of the final destination and the next device in the path to that destination. No reserved circuit is built between sender and receiver. Each packet is sent independently from one switching location to another. At each location, a routing decision is made as to which path to use to forward the packet towards its final destination. If a previously used path is no longer available, the routing function can dynamically choose the next best available path. Because the messages are sent in pieces, rather than as a single complete message, the few packets that may be lost in the advent of a failure can be retransmitted to the destination along a different path. In many cases, the destination device is unaware that any failure or rerouting has occurred. Packet-switched Connectionless Networks The DoD researchers realized that a packet switched connectionless network had the features necessary to support a resilient, fault tolerant network architecture. The need for a single, reserved circuit from end-to-end does not exist in a packet switched network. Any piece of a message can be sent through the network using any available path. Packets containing pieces of messages from different sources can travel the network at the same time. The problem of underutilized or idle circuits is eliminated -- all available resources can be used at any time to deliver packets to their final destination. By providing a method to dynamically use redundant paths, without intervention by the user, the Internet has become a fault tolerant, scalable method of communications. Connection-oriented Networks Although packet-switched connectionless networks met the needs of the DoD, and continue to be the primary infrastructure for today's Internet, there are some benefits to a connection-oriented system like the circuit-switched telephone system. Because resources at the various switching locations are dedicated to providing a finite number of circuits, the quality and consistency of messages transmitted across a connection-oriented network can be guaranteed. Another benefit is that the provider of the service can charge the users of the network for the period of time that the connection is active. The ability to charge users for active connections through the network is a fundamental premise of the telecommunication service industry.

1.4.3 a scalable network architecture The fact that the Internet is able to expand at the rate that it is, without seriously impacting the performance experienced by individual users, is a function of the design of the protocols and underlying technologies on which it is built. The Internet, which is actually a collection of interconnected private and public networks, has a hierarchical layered structure for addressing, for naming and for connectivity services. At each level or layer of the hierarchy, individual network operators maintain peering relationships with other operators at the same level. As a result, network traffic that is destined for local or regional services does not need to traverse to a central point for distribution. Common services can be duplicated in different regions, thereby keeping traffic off the higher level backbone networks. Although there is no single organization that regulates the Internet, the operators of the many individual networks that provide Internet connectivity cooperate to follow accepted standards and protocols. The adherence to standards enables the manufacturers of hardware and software to concentrate on product improvements in the areas of performance and capacity, knowing that the new products can integrate with and enhance the existing infrastructure. The current Internet architecture, while highly scalable, may not always be able to keep up with the pace of user demand. New protocols and addressing structures are under development to meet the increasing rate at which Internet applications and services are being added. 1.4.4providing quality of service Networks must provide secure, predictable, measurable, and, at times, guaranteed services. The packet-switched network architecture does not guarantee that all packets that comprise a particular message will arrive on time, in their correct in order, or even that they will arrive at all. Networks also need mechanisms to manage congested network traffic. Congestion is caused when the demand on the network resources exceeds the available capacity. If all networks had infinite resources, there would not be a need to use QoS mechanisms to ensure quality of service. Unfortunately, that is not the case. There are some constraints on network resources that cannot be avoided. Constraints include technology limitations, costs, and the local availability of

high-bandwidth service. Network bandwidth is the measure of the data carrying capacity of the network. When simultaneous communications are attempted across the network, the demand for network bandwidth can exceed its availability. The obvious fix for this situation is to increase the amount of available bandwidth. But, because of the previously stated constraints, this is not always possible. In most cases, when the volume of packets is greater than what can be transported across the network, devices queue the packets in memory until resources become available to transmit them. Queuing packets causes delay. If the number of packets to be queued continues to increase, the memory queues fill up and packets are dropped.

interruption. Other types of service - e-mail, for example - are not nearly as demanding on the network. In one company, an administrator might decide to allocate the greatest share of the network resources to the movie, believing that this is the priority for his customers. This administrator may decide that the impact will be minimal if e-mail users have to wait a few additional seconds for their e-mail to arrive. In another company, the quality of a video stream is not as important as critical process control information that operates the manufacturing machinery. QoS mechanisms enable the establishment of queue management strategies that enforce priorities for different classifications of application data. Without properly designed and implemented QoS mechanisms, data packets will be dropped without consideration of the application characteristics or priority. Examples of priority decisions for an organization might include: Time-sensitive communication - increase priority for services like telephony or video distribution. Non time-sensitive communication - decrease priority for web page retrieval or e-mail. High importance to organization - increase priority for production control or business transaction data. Undesirable communication - decrease priority or block unwanted activity, like peer-to-peer file sharing or live entertainment. The Quality of Service a network can offer is a vital issue, and in some situations, it is crucial. Imagine the consequences of a dropped distress call to an emergency response center, or of a lost control signal to an automated piece of heavy machinery. A key responsibility for the network managers in an organization is to establish a Quality of Service policy and ensure that the mechanisms are in place to meet that goal. 1.4.5providing network security The network infrastructure, services, and the data contained on network attached computers are crucial personal and business assets. Compromising the integrity of these assets could have serious business and financial repercussions. Consequences of a network security breach could include: Network outage that prevents communications and transactions occurring, with consequent loss of business Misdirection and loss of personal or business funds Company intellectual property (research ideas, patents or designs) that is stolen and used by a competitor

Achieving the required Quality of Service (QoS) by managing the delay and packet loss parameters on a network becomes the secret to a successful endto-end application quality solution. Thus, ensuring QoS requires a set of techniques to manage the utilization of network resources. In order to maintain a high quality of service for applications that require it, it is necessary to prioritize which types of data packets must be delivered at the expense of other types of packets that can be delayed or dropped. Classification Ideally, we would like to assign a precise priority for each type of communication. Currently, this is neither practical nor possible. Therefore, we classify applications in categories based on specific quality of service requirements. To create QoS classifications of data, we use a combination of communication characteristics and the relative importance assigned to the application. We then treat all data within the same classification according to the same rules. For example, communication that is time-sensitive or important would be classified differently from communication that can wait or is of lesser importance. Assigning priorities The characteristics of the information being communicated also affect its management. For example, the delivery of a movie uses a relatively large amount of network resources when it is delivered continuously without

Customer contract details that become known to competitors or made public, resulting in a loss of market confidence in the business A lack of public trust in the business's privacy, confidentiality, and integrity levels may lead to loss of sales and eventual company failure. There are two types of network security concerns that must be addressed to prevent serious consequences: network infrastructure security and content security. Securing a network infrastructure includes the physical securing of devices that provide network connectivity and preventing unauthorized access to the management software that resides on them. Content security refers to protecting the information contained within the packets being transmitted over the network and the information stored on network attached devices. When transmitting information over the Internet or other network, the content of the individual packets is not readily known to the devices and facilities through which the packets travel. Tools to provide security for the content of individual messages must be implemented on top of the underlying protocols which govern how packets are formatted, addressed and delivered. Because the reassembly and interpretation of the content is delegated to programs running on the individual source and destination systems, many of the security tools and protocols must be implemented on those systems as well.

difficult to guess, and requiring users to change them frequently helps restrict access to communications and to data stored on network attached devices. Where appropriate, encrypting content ensures confidentiality and minimizes unauthorized disclosure or theft of information. Maintaining Communication Integrity Data integrity means having the assurance that the information has not been altered in transmission, from origin to destination. Data integrity can be compromised when information has been corrupted - willfully or accidentally - before the intended recipient receives it. Source integrity is the assurance that the identity of the sender has been validated. Source integrity is compromised when a user or device fakes its identity and supplies incorrect information to a recipient. The use of digital signatures, hashing algorithms and checksum mechanisms are ways to provide source and data integrity across a network to prevent unauthorized modification of information. Ensuring Availability Ensuring confidentiality and integrity are irrelevant if network resources become over burdened, or not available at all. Availability means having the assurance of timely and reliable access to data services for authorized users. Resources can be unavailable during a Denial of Service (DoS) attack or due to the spread of a computer virus. Network firewall devices, along with desktop and server anti-virus software can ensure system reliability and the robustness to detect, repel, and cope with such attacks. Building fully redundant network infrastructures, with few single points of failure, can reduce the impact of these threats. The result of the implementation of measures to improve both the quality of service and the security of network communications is an increase in the complexity of the underlying network platform. As the Internet continues to expand to offer more and more new services, its future depends on new, more robust network architectures being developed that include all four characteristics: fault tolerance, scalability, quality of service, and security. Upon completion of this activity, you will be able to: Use the SANS site to quickly identify Internet security threats and explain

Security measures taken in a network should: Prevent unauthorized disclosure or theft of information Prevent unauthorized modification of information Prevent Denial of Service Means to achieve these goals include: Ensuring confidentiality Maintaining communication integrity Ensuring availability Ensuring Confidentiality Data privacy is maintained by allowing only the intended and authorized recipients - individuals, processes, or devices - to read the data. Having a strong system for user authentication, enforcing passwords that are

how threats are organized. Click the lab icon for more details. 1.5.1where is it all going? The convergence of the many different communication media onto a single network platform is fueling exponential growth in network capabilities. There are three major trends that are contributing to the future shape of complex information networks: Increasing number of mobile users Proliferation of network capable devices Expanding range of services Mobile Users With the increase in the numbers of mobile workers and the increased use of hand-held devices, we are necessarily demanding more mobile connectivity to data networks. This demand has created a market for wireless services that have greater flexibility, coverage, and security. New and More Capable Devices The computer is only one of many devices on today's information networks. We have a proliferation of exciting new technologies that can take advantage of available network services. The functions performed by cell phones, Personal Digital Assistants (PDAs), organizers, and pagers are converging into single hand-held devices with continuous connectivity to providers of services and content. These devices, once thought of as "toys" or luxury items, are now an integral part of how people communicate. In addition to mobile devices, we also have Voice over IP (VoIP) devices, gaming systems, and a large assortment of household and business gadgets that can connect and use network services. Increased Availability of Services

depend on the availability and reliability of the underlying network infrastructure. The challenge of keeping pace with an ever expanding network of users and services is the responsibility of trained network and IT professionals. 1.5.2network career opportunities Information Technology and networking careers are growing and evolving as fast as the underlying technologies and services. As networks increase in sophistication, the demand for people with networking skills will continue to grow. Traditional IT positions like programmers, software engineers, data base administrators and network technicians are now joined by new titles, such as network architect, e-Commerce site designer, information security officer, and home integration specialist. Opportunities for forward thinking entrepreneurs are unlimited. Even non-IT jobs, like manufacturing management or medical equipment design, now require a significant amount of knowledge about network operation in order to be successful. Chief Technology Officers in many large organizations list the lack of qualified personnel as the primary factor delaying the implementation of innovative new services. As students of networking technology, we examine the components of data networks and the roles they play in enabling communication. This course, as well as others in the Network Academy series, is designed to empower you with the networking knowledge to build and manage these evolving networks. 1.6.1using collaboration tools-IRC and IM In this lab, you will define Internet Relay Chat (IRC) and Instant Messaging (IM). You will also list several misuses and data security issues involving IM. Click the lab icon for more details.

The widespread acceptance of technology and the fast pace of innovation in network delivered services create a spiraling dependence. To meet user demands, new services are introduced and older services are enhanced. As the users come to trust these expanded services, they want even more capabilities. The network then grows to support the increasing demand. People depend on the services provided over the network, and therefore

1.7.1summary and review This chapter explained the importance of data networks as the platform for supporting business communication and the tasks of everyday life. Data networks play a vital role in facilitating communication within the

global human network. Data networks support the way we live, learn, work, and play. They provide the platform for the services that enable us to connect - both locally and globally - with our families, friends, work, and interests. This platform supports using text, graphics, video, and speech. Data networks and human networks use similar procedures to ensure that their communication gets to the destination accurately and on time. Agreements on language, content, form, and medium that humans often implicitly use are mirrored in the data network. The factors that ensure the delivery of our messages and information across a data network are the networking media that connect the networking devices and the agreements and standards that govern its operation. As the demand grows for more people and devices to communicate in a mobile world, data network technologies will have to adapt and develop. Converged networks, which carry all communications types (data, voice, and video) on one infrastructure, provide an opportunity to reduce costs and offer users feature-rich services and content. However, the design and management of converged networks requires extensive networking knowledge and skills if all services are to be delivered as expected to users. Different types of communications flowing across our data networks need to be prioritized so that the time-sensitive and important data have the first use of limited network resources. Integrating security into data networks is essential if our private, personal, and business communications are not going to be intercepted, stolen, or damaged. Packet Tracer 4.1 ("PT 4.1") is a standalone simulation and visualization program. PT 4.1 activities are integrated throughout this course. While formal activities using Packet Tracer begin in the next chapter, if time allows please launch the program now, and explore the Help resources, which include "My First PT Lab" and a variety of tutorials to teach you various aspects of the software. Also, please ask your instructor how obtain a copy of PT 4.1 for your personal use. Every chapter will have a Packet Tracer Skills Integration Challenge: an activity that allows you to practice most skills learned to that point in the course in a cumulative fashion. PT Skills Integration Challenges will allow you to build your practical skills for such

things as hands-on performance exams and Certification exams. Packet Tracer Skills Integration Instructions (PDF) Click the Packet Tracer icon for more details.

Chapter 2 More and more, it is networks that connect us. People communicate online from everywhere. Efficient, dependable technology enables networks to be available whenever and wherever we need them. As our human network continues to expand, the platform that connects and supports it must also grow. Rather than developing unique and separate systems for the delivery of each new service, the network industry as a whole has developed the means to both analyze the existing platform and enhance it incrementally. This ensures that existing communications are maintained while new services are introduced that are both cost effective and technologically sound. In this course, we focus on these aspects of the information network: Devices that make up the network Media that connect the devices Messages that are carried across the network Rules and processes that govern network communications Tools and commands for constructing and maintaining networks

Central to the study of networks is the use of generally-accepted models that describe network functions. These models provide a framework for understanding current networks and for facilitating the development of new technologies to support future communications needs. Within this course, we use these models, as well as tools designed to analyze and simulate network functionality. Two of the tools that will enable you to build and interact with simulated networks are Packet Tracer 4.1 software and Wireshark network protocol analyzer. This chapter prepares you to: Describe the structure of a network, including the devices and media that are necessary for successful communications. Explain the function of protocols in network communications. Explain the advantages of using a layered model to describe network functionality. Describe the role of each layer in two recognized network models: The TCP/IP model and the OSI model. Describe the importance of addressing and naming schemes in network communications.

2.1.1Elements of communication Communication begins with a message, or information, that must be sent from one individual or device to another. People exchange ideas using many different communication methods. All of these methods have three elements in common. The first of these elements is the message source, or sender. Message sources are people, or electronic devices, that need to send a message to other individuals or devices. The second element of communication is the destination, or receiver, of the message. The destination receives the message and interprets it. A third element, called a channel, consists of the media that provides the pathway over which the message can travel from source to destination. Consider, for example, the desire to communicate using words, pictures, and sounds. Each of these messages can be sent across a data or information network by first converting them into binary digits, or bits. These bits are then encoded into a signal that can be transmitted over the appropriate medium. In computer networks, the media is usually a type of cable, or a wireless transmission. The term network in this course will refer to data or information networks capable of carrying many different types of communications, including

traditional computer data, interactive voice, video, and entertainment products. 2.1.2 communicating the messages In theory, a single communication, such as a music video or an e-mail message, could be sent across a network from a source to a destination as one massive continuous stream of bits. If messages were actually transmitted in this manner, it would mean that no other device would be able to send or receive messages on the same network while this data transfer was in progress. These large streams of data would result in significant delays. Further, if a link in the interconnected network infrastructure failed during the transmission, the complete message would be lost and have to be retransmitted in full. A better approach is to divide the data into smaller, more manageable pieces to send over the network. This division of the data stream into smaller pieces is called segmentation. Segmenting messages has two primary benefits. First, by sending smaller individual pieces from source to destination, many different conversations can be interleaved on the network. The process used to interleave the pieces of separate

conversations together on the network is called multiplexing. Second, segmentation can increase the reliability of network communications. The separate pieces of each message need not travel the same pathway across the network from source to destination. If a particular path becomes congested with data traffic or fails, individual pieces of the message can still be directed to the destination using alternate pathways. If part of the message fails to make it to the destination, only the missing parts need to be retransmitted. The downside to using segmentation and multiplexing to transmit messages across a network is the level of complexity that is added to the process. Imagine if you had to send a 100page letter, but each envelope would only hold one page. The process of addressing, labeling, sending, receiving, and opening the entire hundred envelopes would be time-consuming for both the sender and the recipient. In network communications, each segment of the message must go through a similar process to ensure that it gets to the correct destination and can be reassembled into the content of the original message. Various types of devices throughout the network participate

in ensuring that the pieces of the message arrive reliably at their destination. 2.1.3components of the network The path that a message takes from source to destination can be as simple as a single cable connecting one computer to another or as complex as a network that literally spans the globe. This network infrastructure is the platform that supports our human network. It provides the stable and reliable channel over which our communications can occur. Devices and media are the physical elements or hardware of the network. Hardware is often the visible components of the network platform such as a laptop, a PC, a switch, or the cabling used to connect the devices. Occasionally, some components may not be so visible. In the case of wireless media, messages are transmitted through the air using invisible radio frequency or infrared waves. Services and processes are the communication programs, called software, that run on the networked devices. A network service provides information in response to a request. Services include many of the common network applications people use every day, like e-mail hosting services and web hosting services. Processes provide the

functionality that directs and moves the messages through the network. Processes are less obvious to us but are critical to the operation of networks. 2.1.4end devices and their role on the network The network devices that people are most familiar with are called end devices. These devices form the interface between the human network and the underlying communication network. Some examples of end devices are: Computers (work stations, laptops, file servers, web servers) Network printers VoIP phones Security cameras Mobile handheld devices (such as wireless barcode scanners, PDAs) In the context of a network, end devices are referred to as hosts. A host device is either the source or destination of a message transmitted over the network. In order to distinguish one host from another, each host on a network is identified by an address. When a host initiates communication, it uses the address of the destination host to specify where the message should be sent. In modern networks, a host can act as a client, a server, or both. Software installed on the host determines which role it plays on the network.

Servers are hosts that have software installed that enables them to provide information and services, like e-mail or web pages, to other hosts on the network. Clients are hosts that have software installed that enables them to request and display the information obtained from the server. 2.1.5 intermediary devices and their role on the network In addition to the end devices that people are familiar with, networks rely on intermediary devices to provide connectivity and to work behind the scenes to ensure that data flows across the network. These devices connect the individual hosts to the network and can connect multiple individual networks to form an internetwork. Examples of intermediary network devices are: Network Access Devices (Hubs, switches, and wireless access points) Internetworking Devices (routers) Communication Servers and Modems Security Devices (firewalls) The management of data as it flows through the network is also a role of the intermediary devices. These devices use the destination host address, in conjunction with information about the network interconnections, to determine the path that messages should take through the network. Processes

running on the intermediary network devices perform these functions: Regenerate and retransmit data signals Maintain information about what pathways exist through the network and internetwork Notify other devices of errors and communication failures Direct data along alternate pathways when there is a link failure Classify and direct messages according to QoS priorities Permit or deny the flow of data, based on security settings 2.1.6network media Communication across a network is carried on a medium. The medium provides the channel over which the message travels from source to destination. Modern networks primarily use three types of media to interconnect devices and to provide the pathway over which data can be transmitted. These media are: Metallic wires within cables Glass or plastic fibers (fiber optic cable) Wireless transmission The signal encoding that must occur for the message to be transmitted is different for each media type. On metallic wires, the data is encoded into electrical impulses that match specific

patterns. Fiber optic transmissions rely on pulses of light, within either infrared or visible light ranges. In wireless transmission, patterns of electromagnetic waves depict the various bit values. Different types of network media have different features and benefits. Not all network media has the same characteristics and is appropriate for the same purpose. Criteria for choosing a network media are: The distance the media can successfully carry a signal. The environment in which the media is to be installed. The amount of data and the speed at which it must be transmitted. The cost of the media and installation 2.2.1 local area network Networks infrastructures can vary greatly in terms of: The size of the area covered The number of users connected The number and types of services available An individual network usually spans a single geographical area, providing services and applications to people within a common organizational structure, such as a single business, campus or region. This type of network is called a Local Area Network (LAN). A LAN is usually administered by a single organization. The administrative

control that governs the security and access control policies are enforced on the network level. 2.2.2 wide area networks When a company or organization has locations that are separated by large geographical distances, it may be necessary to use a telecommunications service provider (TSP) to interconnect the LANs at the different locations. Telecommunications service providers operate large regional networks that can span long distances. Traditionally, TSPs transported voice and data communications on separate networks. Increasingly, these providers are offering converged information network services to their subscribers. Individual organizations usually lease connections through a telecommunications service provider network. These networks that connect LANs in geographically separated locations are referred to as Wide Area Networks (WANs). Although the organization maintains all of the policies and administration of the LANs at both ends of the connection, the policies within the communications service provider network are controlled by the TSP. WANs use specifically designed network devices to make the interconnections between LANs. Because of the importance of these devices to the network,

configuring, installing and maintaining these devices are skills that are integral to the function of an organization's network. LANs and WANs are very useful to individual organizations. They connect the users within the organization. They allow many forms of communication including exchange e-mails, corporate training, and other resource sharing. 2.2.3the internet- a network of networks Although there are benefits to using a LAN or WAN, most of us need to communicate with a resource on another network, outside of our local organization. Examples of this type of communication include: Sending an e-mail to a friend in another country Accessing news or products on a website Getting a file from a neighbor's computer Instant messaging with a relative in another city Following a favorite sporting team's performance on a cell phone Internetwork A global mesh of interconnected networks (internetworks) meets these human communication

needs. Some of these interconnected networks are owned by large public and private organizations, such as government agencies or industrial enterprises, and are reserved for their exclusive use. The most wellknown and widely used publiclyaccessible internetwork is the Internet. The Internet is created by the interconnection of networks belonging to Internet Service Providers (ISPs). These ISP networks connect to each other to provide access for millions of users all over the world. Ensuring effective communication across this diverse infrastructure requires the application of consistent and commonly recognized technologies and protocols as well as the cooperation of many network administration agencies. Intranet The term intranet is often used to refer to a private connection of LANs and WANs that belongs to an organization, and is designed to be accessible only by the organization's members, employees, or others with authorization. Note: The following terms may be interchangeable: internetwork, data network, and network. A connection of two or more data networks forms an internetwork -

a network of networks. It is also common to refer to an internetwork as a data network or simply as a network - when considering communications at a high level. The usage of terms depends on the context at the time and terms may often be interchanged. 2.2.4network representations When conveying complex information such as the network connectivity and operation of a large internetwork, it is helpful to use visual representations and graphics. Like any other language, the language of networking uses a common set of symbols to represent the different end devices, network devices and media. The ability to recognize the logical representations of the physical networking components is critical to being able to visualize the organization and operation of a network. Throughout this course and labs, you will learn both how these devices operate and how to perform basic configuration tasks on these devices. In addition to these representations, specialized terminology is used when discussing how each of these devices and media connect to each other. Important terms to remember are: Network Interface Card - A NIC,

or LAN adapter, provides the physical connection to the network at the PC or other host device. The media connecting the PC to the networking device plugs directly into the NIC. Physical Port - A connector or outlet on a networking device where the media is connected to a host or other networking device. Interface - Specialized ports on an internetworking device that connect to individual networks. Because routers are used to interconnect networks, the ports on a router are referred to network interfaces. In this activity, you will gain experience with data network symbols by creating a simple logical topology. Click the Packet Tracer icon for more details. 2.2.5 Activity using NeoTrace to view Internetworks In this activity, you will observe the flow of information across the Internet. This activity should be performed on a computer that has Internet access and access to a command line. You will use the Windows embedded tracert utility and then the more enhanced NeoTrace program. This lab also assumes the installation of NeoTrace. Click the Lab Icon for more

details. 2.3.1 rules that govern communications All communication, whether faceto-face or over a network, is governed by predetermined rules called protocols. These protocols are specific to the characteristics of the conversation. In our day-today personal communication, the rules we use to communicate over one medium, like a telephone call, are not necessarily the same as the protocols for using another medium, such as sending a letter. Think of how many different rules or protocols govern all the different methods of communication that exist in the world today. Successful communication between hosts on a network requires the interaction of many different protocols. A group of inter-related protocols that are necessary to perform a communication function is called a protocol suite. These protocols are implemented in software and hardware that is loaded on each host and network device. One of the best ways to visualize how all of the protocols interact on a particular host is to view it as a stack. A protocol stack shows how the individual protocols within the suite are implemented on the host. The protocols are

viewed as a layered hierarchy, with each higher level service depending on the functionality defined by the protocols shown in the lower levels. The lower layers of the stack are concerned with moving data over the network and providing services to the upper layers, which are focused on the content of the message being sent and the user interface. Using layers to describe face-toface communication For example, consider two people communicating face-to-face. As the figure shows, we can use three layers to describe this activity. At the bottom layer, the Physical layer, we have two people, each with a voice that can utter words aloud. At the second layer, the Rules layer, we have an agreement to speak in a common language. At the top layer, the Content layer, we have the words actually spoken-the content of the communication. Were we to witness this conversation, we would not actually see "layers" floating in space. It is important to understand that the use of layers is a model and, as such, it provides a way to conveniently break a complex task into parts and describe how they work. 2.3.2network protocols At the human level, some

communication rules are formal and others are simply understood, or implicit, based on custom and practice. For devices to successfully communicate, a network protocol suite must describe precise requirements and interactions. Networking protocol suites describe processes such as: The format or structure of the message The method by which networking devices share information about pathways with other networks How and when error and system messages are passed between devices The setup and termination of data transfer sessions Individual protocols in a protocol suite may be vendor-specific and proprietary. Proprietary, in this context, means that one company or vendor controls the definition of the protocol and how it functions. Some proprietary protocols can be used by different organizations with permission from the owner. Others can only be implemented on equipment manufactured by the proprietary vendor. 2.3.3 protocol suites and industry standards Often, many of the protocols that comprise a protocol suite reference other widely utilized protocols or industry standards. A standard is a process or protocol

that has been endorsed by the networking industry and ratified by a standards organization, such as the Institute of Electrical and Electronics Engineers (IEEE) or the Internet Engineering Task Force (IETF). The use of standards in developing and implementing protocols ensures that products from different manufacturers can work together for efficient communications. If a protocol is not rigidly observed by a particular manufacturer, their equipment or software may not be able to successfully communicate with products made by other manufacturers. In data communications, for example, if one end of a conversation is using a protocol to govern one-way communication and the other end is assuming a protocol describing two-way communication, in all probability, no information will be exchanged. 2.3.4 the interaction of protocols An example of the use of a protocol suite in network communications is the interaction between a web server and a web browser. This interaction uses a number of protocols and standards in the process of exchanging information between them. The different protocols work together to ensure that the messages are received and understood by both parties. Examples of these

protocols are: Application Protocol: Hypertext Transfer Protocol (HTTP) is a common protocol that governs the way that a web server and a web client interact. HTTP defines the content and formatting of the requests and responses exchanged between the client and server. Both the client and the web server software implement HTTP as part of the application. The HTTP protocol relies on other protocols to govern how the messages are transported between client and server Transport Protocol: Transmission Control Protocol (TCP) is the transport protocol that manages the individual conversations between web servers and web clients. TCP divides the HTTP messages into smaller pieces, called segments, to be sent to the destination client. It is also responsible for controlling the size and rate at which messages are exchanged between the server and the client. Internetwork Protocol: The most common internetwork protocol is Internet Protocol (IP). IP is responsible for taking the formatted segments from TCP, encapsulating them into packets, assigning the appropriate

addresses, and selecting the best path to the destination host. Network Access Protocols: Network access protocols describe two primary functions, data link management and the physical transmission of data on the media. Data-link management protocols take the packets from IP and format them to be transmitted over the media. The standards and protocols for the physical media govern how the signals are sent over the media and how they are interpreted by the receiving clients. Transceivers on the network interface cards implement the appropriate standards for the media that is being used. 2.3.5 technology independent protocols Networking protocols describe the functions that occur during network communications. In the face-to-face conversation example, a protocol for communicating might state that in order to signal that the conversation is complete, the sender must remain silent for two full seconds. However, this protocol does not specify how the sender is to remain silent for the two seconds. Protocols generally do not describe how to accomplish a particular function. By describing only what functions are required

of a particular communication rule but not how they are to be carried out, the implementation of a particular protocol can be technology-independent. Looking at the web server example, HTTP does not specify what programming language is used to create the browser, which web server software should be used to serve the web pages, what operating system the software runs on, or the hardware requirements necessary to display the browser. It also does not describe how the server should detect errors, although it does describe what the server should do if an error occurs. This means that a computer - and other devices, like mobile phones or PDAs - can access a web page stored on any type of web server that uses any form of operating system from anywhere on the Internet. 2.4.1the benefits of using a layered model To visualize the interaction between various protocols, it is common to use a layered model. A layered model depicts the operation of the protocols occurring within each layer, as well as the interaction with the layers above and below it. There are benefits to using a layered model to describe network

protocols and operations. Using a layered model: Assists in protocol design, because protocols that operate at a specific layer have defined information that they act upon and a defined interface to the layers above and below. Fosters competition because products from different vendors can work together. Prevents technology or capability changes in one layer from affecting other layers above and below. Provides a common language to describe networking functions and capabilities. 2.4.2 Protocols and reference models There are two basic types of networking models: protocol models and reference models. A protocol model provides a model that closely matches the structure of a particular protocol suite. The hierarchical set of related protocols in a suite typically represents all the functionality required to interface the human network with the data network. The TCP/IP model is a protocol model because it describes the functions that occur at each layer of protocols within the TCP/IP suite. A reference model provides a common reference for maintaining consistency within all

types of network protocols and services. A reference model is not intended to be an implementation specification or to provide a sufficient level of detail to define precisely the services of the network architecture. The primary purpose of a reference model is to aid in clearer understanding of the functions and process involved. The Open Systems Interconnection (OSI) model is the most widely known internetwork reference model. It is used for data network design, operation specifications, and troubleshooting. Although the TCP/IP and OSI models are the primary models used when discussing network functionality, designers of network protocols, services, or devices can create their own models to represent their products. Ultimately, designers are required to communicate to the industry by relating their product or service to either the OSI model or the TCP/IP model, or to both. 2.4.3 the TCP/IP model The first layered protocol model for internetwork communications was created in the early 1970s and is referred to as the Internet model. It defines four categories of functions that must occur for communications to be successful. The architecture of the TCP/IP protocol suite follows the structure of this model. Because

of this, the Internet model is commonly referred to as the TCP/IP model. Most protocol models describe a vendor-specific protocol stack. However, since the TCP/IP model is an open standard, one company does not control the definition of the model. The definitions of the standard and the TCP/IP protocols are discussed in a public forum and defined in a publicly-available set of documents. These documents are called Requests for Comments (RFCs). They contain both the formal specification of data communications protocols and resources that describe the use of the protocols. The RFCs also contain technical and organizational documents about the Internet, including the technical specifications and policy documents produced by the Internet Engineering Task Force (IETF). 2.4.4the communication process The TCP/IP model describes the functionality of the protocols that make up the TCP/IP protocol suite. These protocols, which are implemented on both the sending and receiving hosts, interact to provide end-to-end delivery of applications over a network. A complete communication process includes these steps: 1. Creation of data at the

Application layer of the originating source end device 2. Segmentation and encapsulation of data as it passes down the protocol stack in the source end device 3. Generation of the data onto the media at the Network Access layer of the stack 4. Transportation of the data through the internetwork, which consists of media and any intermediary devices 5. Reception of the data at the Network Access layer of the destination end device 6. Decapsulation and reassembly of the data as it passes up the stack in the destination device 7. Passing this data to the destination application at the Application layer of the destination end device 2.4.5protocol data units and encapsulation As application data is passed down the protocol stack on its way to be transmitted across the network media, various protocols add information to it at each level. This is commonly known as the encapsulation process. The form that a piece of data takes at any layer is called a Protocol Data Unit (PDU). During

encapsulation, each succeeding layer encapsulates the PDU that it receives from the layer above in accordance with the protocol being used. At each stage of the process, a PDU has a different name to reflect its new appearance. Although there is no universal naming convention for PDUs, in this course, the PDUs are named according to the protocols of the TCP/IP suite. Data - The general term for the PDU used at the Application layer Segment - Transport Layer PDU Packet - Internetwork Layer PDU Frame - Network Access Layer PDU Bits - A PDU used when physically transmitting data over the medium 2.4.6 the sending and receiving process When sending messages on a network, the protocol stack on a host operates from top to bottom. In the web server example, we can use the TCP/IP model to illustrate the process of sending an HTML web page to a client. The Application layer protocol, HTTP, begins the process by delivering the HTML formatted web page data to the Transport layer. There the application data is broken into TCP segments. Each TCP segment is given a label, called a header, containing information about which process running on the destination computer should receive the

message. It also contains the information to enable the destination process to reassemble the data back to its original format. The Transport layer encapsulates the web page HTML data within the segment and sends it to the Internet layer, where the IP protocol is implemented. Here the entire TCP segment is encapsulated within an IP packet, which adds another label, called the IP header. The IP header contains source and destination host IP addresses, as well as information necessary to deliver the packet to its corresponding destination process. Next, the IP packet is sent to the Network Access layer Ethernet protocol where it is encapsulated within a frame header and trailer. Each frame header contains a source and destination physical address. The physical address uniquely identifies the devices on the local network. The trailer contains error checking information. Finally the bits are encoded onto the Ethernet media by the server NIC. This process is reversed at the receiving host. The data is decapsulated as it moves up the stack toward the end user application. 2.4.7 osi model Initially the OSI model was designed by the International

Organization for Standardization (ISO) to provide a framework on which to build a suite of open systems protocols. The vision was that this set of protocols would be used to develop an international network that would not be dependent on proprietary systems. Unfortunately, the speed at which the TCP/IP based Internet was adopted, and the rate at which it expanded, caused the OSI Protocol Suite development and acceptance to lag behind. Although few of the protocols developed using the OSI specifications are in widespread use today, the seven-layer OSI model has made major contributions to the development of other protocols and products for all types of new networks. As a reference model, the OSI model provides an extensive list of functions and services that can occur at each layer. It also describes the interaction of each layer with the layers directly above and below it. Although the content of this course will be structured around the OSI Model the focus of discussion will be the protocols identified in the TCP/IP protocol stack. Note that whereas the TCP/IP model layers are referred to only by name, the seven OSI model layers are more often referred to by number than by name.

2.4.8 comparing the osi model with the TCP/IP model The protocols that make up the TCP/IP protocol suite can be described in terms of the OSI reference model. In the OSI model, the Network Access layer and the Application layer of the TCP/IP model are further divided to describe discreet functions that need to occur at these layers. At the Network Access Layer, the TCP/IP protocol suite does not specify which protocols to use when transmitting over a physical medium; it only describes the handoff from the Internet Layer to the physical network protocols. The OSI Layers 1 and 2 discuss the necessary procedures to access the media and the physical means to send data over a network. The key parallels between the two network models occur at the OSI model Layers 3 and 4. OSI Model Layer 3, the Network layer, almost universally is used to discuss and document the range of processes that occur in all data networks to address and route messages through an internetwork. The Internet Protocol (IP) is the TCP/IP suite protocol that includes the functionality described at Layer 3. Layer 4, the Transport layer of the OSI model, is often used to describe general services or

functions that manage individual conversations between source and destination hosts. These functions include acknowledgement, error recovery, and sequencing. At this layer, the TCP/IP protocols Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) provide the necessary functionality. The TCP/IP Application layer includes a number of protocols that provide specific functionality to a variety of end user applications. The OSI model Layers 5, 6 and 7 are used as references for application software developers and vendors to produce products that need to access networks for communications. In this activity, you will see how Packet Tracer uses the OSI Model as a reference to display the encapsulation details of a variety of the TCP/IP protocols. Click the Packet Tracer icon for more details. 2.5.1 Addressing in the network The OSI model describes the processes of encoding, formatting, segmenting, and encapsulating data for transmission over the network. A data stream that is sent from a source to a destination can be divided into pieces and interleaved with messages traveling from other hosts to other

destinations. Billions of these pieces of information are traveling over a network at any given time. It is critical for each piece of data to contain enough identifying information to get it to the correct destination. There are various types of addresses that must be included to successfully deliver the data from a source application running on one host to the correct destination application running on another. Using the OSI model as a guide, we can see the different addresses and identifiers that are necessary at each layer. 2.5.2 getting the data to the end device During the process of encapsulation, address identifiers are added to the data as it travels down the protocol stack on the source host. Just as there are multiple layers of protocols that prepare the data for transmission to its destination, there are multiple layers of addressing to ensure its delivery. The first identifier, the host physical address, is contained in the header of the Layer 2 PDU, called a frame. Layer 2 is concerned with the delivery of messages on a single local network. The Layer 2 address is unique on the local network and represents the address of the end device on the physical media. In a LAN using Ethernet, this address

is called the Media Access Control (MAC) address. When two end devices communicate on the local Ethernet network, the frames that are exchanged between them contain the destination and source MAC addresses. Once a frame is successfully received by the destination host, the Layer 2 address information is removed as the data is decapsulated and moved up the protocol stack to Layer 3. 2.5.3 getting the data through the internetwork Layer 3 protocols are primarily designed to move data from one local network to another local network within an internetwork. Whereas Layer 2 addresses are only used to communicate between devices on a single local network, Layer 3 addresses must include identifiers that enable intermediary network devices to locate hosts on different networks. In the TCP/IP protocol suite, every IP host address contains information about the network where the host is located. At the boundary of each local network, an intermediary network device, usually a router, decapsulates the frame to read the destination host address contained in the header of the packet, the Layer 3 PDU. Routers use the network identifier portion of this address to determine which path to use to reach the destination

host. Once the path is determined, the router encapsulates the packet in a new frame and sends it on its way toward the destination end device. When the frame reaches its final destination, the frame and packet headers are removed and the data moved up to Layer 4. 2.5.4 getting the data to the right application At Layer 4, information contained in the PDU header does not identify a destination host or a destination network. What it does identify is the specific process or service running on the destination host device that will act on the data being delivered. Hosts, whether they are clients or servers on the Internet, can run multiple network applications simultaneously. People using PCs often have an e-mail client running at the same time as a web browser, an instant messaging program, some streaming media, and perhaps even a game. All these separately running programs are examples of individual processes. Viewing a web page invokes at least one network process. Clicking a hyperlink causes a web browser to communicate with a web server. At the same time, in the background, an e-mail client may be sending and receiving email, and a colleague or friend may be sending an instant message.

Think about a computer that has only one network interface on it. All the data streams created by the applications that are running on the PC enter and leave through that one interface, yet instant messages do not popup in the middle of word processor document or e-mail showing up in a game. This is because the individual processes running on the source and destination hosts communicate with each other. Each application or service is represented at Layer 4 by a port number. A unique dialogue between devices is identified with a pair of Layer 4 source and destination port numbers that are representative of the two communicating applications. When the data is received at the host, the port number is examined to determine which application or process is the correct destination for the data. 2.5.5warriors of the net An entertaining resource to help you visualize networking concepts is the animated movie "Warriors of the Net" by TNG Media Lab. Before viewing the video, there are a few things to consider. First, in terms of concepts you have learned in this chapter, think about when in the video you are on the LAN, on WAN, on intranet, on Internet; and what are end devices

versus intermediate devices; how the OSI and TCP/IP models apply; what protocols are involved. Second, some terms are mentioned in the video which may not be familiar. The types of packets mentioned refers to the type of upper level data (TCP, UDP, ICMP Ping, PING of death) that is encapsulated in the IP Packets (everything is eventually converted into IP Packets). The devices the packet encounters on its journey are router, proxy server, router switch, corporate intranet, the proxy, URL, firewall, bandwidth, hosts, web server. Third, while port numbers 21, 23, 25, 53, and 80 are referred to explicitly in the video, IP addresses are referred to only implicitly - can you see where? Where in the video might MAC addresses have been involved? Finally, though all animations often have simplifications in them, there is one outright error in the video. About 5 minutes in, the statement is made "What happens when Mr. IP doesn't receive an acknowledgement, he simply sends a replacement packet." As you will find out in later chapters, this is not a function of the Layer 3 Internet Protocol, which is an "unreliable", best effort delivery protocol, but rather a function of the Transport Layer TCP Protocol.

By the end of this course you will have a much better understanding of the breadth and depth of the concepts depicted in the video. We hope you enjoy it. Download the movie from http://www.warriorsofthe.net 2.6.1lab: topology orientation and building a small network This lab begins by having you construct two small networks. It then shows how they are connected to the larger hands-on lab network used throughout the course. This network is a simplified model of a section of the Internet and will be used to develop your practical networking skills. The following sequence of labs will introduce the networking terms below. This networking terminology will be studied in detail in subsequent chapters. Straight-through Cable: Unshielded twisted pair (UTP) copper cable for connecting dissimilar networking devices Crossover Cable: UTP copper cable for connecting similar networking devices Serial Cable: Copper cable typical of wide area connections Ethernet: Dominant local area network technology

(typical Ethernet MAC addresses) MAC Address: Ethernet Layer 2, physical address IP Address: Layer 3 logical address Subnet Mask: Required to interpret the IP address Default Gateway: The IP address on a router interface to which a network sends traffic leaving the local network NIC: Network Interface Card, the port or interface that allows an end device to participate in a network Port (hardware): An interface that allows a networking device to participate in network and to be connected via networking media Port (software): Layer 4 protocol address in the TCP/IP suite Interface (hardware): A port Interface (software): A logical interaction point within software PC: End device Computer: End device Workstation: End device Switch: Intermediate device which makes decision on frames based on Layer 2 addresses These devices, and the services that operate on them, can interconnect in a global and usertransparent way because they comply with rules and protocols. The use of layered models as abstractions means that the Router: Layer 3, 2, and 1 device which makes decisions on packets based on Layer 3 addresses (typically IPv4 addresses) Bit: Binary digit, logical 1 or zero, has various physical representations as electrical, optical, or microwave pulses; Layer 1 PDU Frame: Layer 2 PDU Packet: Layer 3 PDU Click the Lab Icon for more details. In this activity, you will use Packet Tracer to complete the Topology Orientation and Building a Small Network lab. Click the Packet Tracer icon to launch the Packet Tracer activity. 2.7.1 summary and review Data networks are systems of end devices, intermediary devices, and the media connecting the devices, which provide the platform for the human network.

operations of network systems can be analyzed and developed to cater the needs of future communication services. The most widely-used networking models are OSI and TCP/IP. Associating the protocols that set the rules of data communications with the different layers is useful in determining which devices and services are applied at specific points as data passes across LANs and WANs. As it passes down the stack, data is segmented into pieces and encapsulated with addresses and other labels. The process is reversed as the pieces are decapsulated and passed up the destination protocol stack. Applying models allows various individuals, companies, and trade associations to analyze current networks and plan the networks of the future. To Learn More Reflection Questions How are the classifications LAN, WAN, and Internet still useful, and how might they actually be problematic in classifying networks? What are strengths and weaknesses of the OSI and TCP/IP models? Why are both models still used?

Metaphors and analogies can be powerful aids to learning but must be used with care. Consider issues of devices, protocols, and addressing in the following systems: Standard postal service Express parcel delivery service Traditional (analog) telephone system Internet telephony Containerized shipping services Terrestrial and satellite radio systems Broadcast and cable television Discuss what you see as common factors among these systems. Apply any similarities to other networks. How could you apply these common concepts to developing new communications systems and networks? Chapter 3 Application layer functionality and protocols Most of us experience the Internet through the World Wide Web, email services, and file-sharing programs. These applications, and many others, provide the human interface to the underlying network, enabling us to send and receive information with relative ease. Typically the applications that we use are intuitive, meaning we can access and use them without knowing how they work. However, for network

professionals, it is important to know how an application is able to format, transmit and interpret messages that are sent and received across the network. Visualizing the mechanisms that enable communication across the network is made easier if we use the layered framework of the Open System Interconnection (OSI) model. In this chapter, we will focus on the role of one layer, the Application layer and its components: applications, services, and protocols. We will explore how these three elements make the robust communication across the information network possible. In this chapter, you will learn to: Describe how the functions of the three upper OSI model layers provide network services to end user applications. Describe how the TCP/IP Application Layer protocols provide the services specified by the upper layers of the OSI model. Define how people use the Application Layer to communicate across the information network. Describe the function of wellknown TCP/IP applications, such as the World Wide Web and email, and their related services (HTTP, DNS, SMB, DHCP, SMTP/POP, and Telnet). Describe file-sharing processes that use peer-to-peer applications

and the Gnutella protocol. Explain how protocols ensure services running on one kind of device can send to and receive data from many different network devices. Use network analysis tools to examine and explain how common user applications work. 3.1.1 OSI and TCP/IP model The Open Systems Interconnection reference model is a layered, abstract representation created as a guideline for network protocol design. The OSI model divides the networking process into seven logical layers, each of which has unique functionality and to which are assigned specific services and protocols. In this model, information is passed from one layer to the next, starting at the Application layer on the transmitting host, proceeding down the hierarchy to the Physical layer, then passing over the communications channel to the destination host, where the information proceeds back up the hierarchy, ending at the Application layer. The figure depicts the steps in this process. The Application layer, Layer seven, is the top layer of both the OSI and TCP/IP models. It is the layer that provides the interface between the applications we use to communicate and the

underlying network over which our messages are transmitted. Application layer protocols are used to exchange data between programs running on the source and destination hosts. There are many Application layer protocols and new protocols are always being developed. Although the TCP/IP protocol suite was developed prior to the definition of the OSI model, the functionality of the TCP/IP Application layer protocols fit roughly into the framework of the top three layers of the OSI model: Application, Presentation and Session layers. Most TCP/IP Application layer protocols were developed before the emergence of personal computers, graphical user interfaces and multimedia objects. As a result, these protocols implement very little of the functionality that is specified in the OSI model Presentation and Session layers. The Presentation Layer The Presentation layer has three primary functions: Coding and conversion of Application layer data to ensure that data from the source device can be interpreted by the appropriate application on the destination device. Compression of the data in a

manner that can be decompressed by the destination device. Encryption of the data for transmission and the decryption of data upon receipt by the destination. Presentation layer implementations are not typically associated with a particular protocol stack. The standards for video and graphics are examples. Some well-known standards for video include QuickTime and Motion Picture Experts Group (MPEG). QuickTime is an Apple Computer specification for video and audio, and MPEG is a standard for video compression and coding. Among the well-known graphic image formats are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format (TIFF). GIF and JPEG are compression and coding standards for graphic images, and TIFF is a standard coding format for graphic images. The Session Layer As the name of the Session layer implies, functions at this layer create and maintain dialogs between source and destination applications. The Session layer handles the exchange of information to initiate dialogs, keep them active, and to restart

sessions that are disrupted or idle for a long period of time. Most applications, like web browsers or e-mail clients, incorporate functionality of the OSI layers 5, 6 and 7. The most widely-known TCP/IP Application layer protocols are those that provide for the exchange of user information. These protocols specify the format and control information necessary for many of the common Internet communication functions. Among these TCP/IP protocols are: Domain Name Service Protocol (DNS) is used to resolve Internet names to IP addresses. Hypertext Transfer Protocol (HTTP) is used to transfer files that make up the Web pages of the World Wide Web. Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail messages and attachments. Telnet, a terminal emulation protocol, is used to provide remote access to servers and networking devices. File Transfer Protocol (FTP) is used for interactive file transfer between systems. The protocols in the TCP/IP suite are generally defined by Requests for Comments (RFCs). The Internet Engineering Task Force maintains the RFCs as the standards for the TCP/IP suite. 3.1.2application layer software

The functions associated with the Application layer protocols enable our human network to interface with the underlying data network. When we open a web browser or an instant message window, an application is started, and the program is put into the device's memory where it is executed. Each executing program loaded on a device is referred to as a process. Within the Application layer, there are two forms of software programs or processes that provide access to the network: applications and services. Network-Aware Applications Applications are the software programs used by people to communicate over the network. Some end-user applications are network-aware, meaning that they implement the Application layer protocols and are able to communicate directly with the lower layers of the protocol stack. E-mail clients and web browsers are examples of these types of applications. Application layer Services Other programs may need the assistance of Application layer services to use network resources, like file transfer or network print spooling. Though transparent to the user, these services are the

programs that interface with the network and prepare the data for transfer. Different types of data whether it is text, graphics, or video - require different network services to ensure that it is properly prepared for processing by the functions occurring at the lower layers of OSI model. Each application or network service uses protocols which define the standards and data formats to be used. Without protocols, the data network would not have a common way to format and direct data. In order to understand the function of various network services, it is necessary to become familiar with the underlying protocols that govern their operation. Roll over the buttons in the figure to view examples. 3.1.3 user applications, services, and application layer protocols As mentioned previously, the Application layer uses protocols that are implemented within applications and services. While applications provide people with a way to create messages and Application layer services establish an interface to the network, protocols provide the rules and formats that govern how data is treated. All three components may be used by a single executable program and may even use the same name. For example, when discussing

"Telnet" we could be referring to the application, the service, or the protocol. In the OSI model, applications that interact directly with people are considered to be at the top of the stack, as are the people themselves. Like all layers within the OSI model, the Application layer relies on the functions of the lower layers in order to complete the communication process. Within the Application layer, protocols specify what messages are exchanged between the source and destination hosts, the syntax of the control commands, the type and format of the data being transmitted, and the appropriate methods for error notification and recovery. Play the animation to see the interaction between applications, services, and protocols. 3.1.4Application layer protocol functions Application layer protocols are used by both the source and destination devices during a communication session. In order for the communications to be successful, the Application layer protocols implemented on the source and destination host must match. Protocols establish consistent rules for exchanging data between applications and services loaded on the participating devices.

Protocols specify how data inside the messages is structured and the types of messages that are sent between source and destination. These messages can be requests for services, acknowledgments, data messages, status messages, or error messages. Protocols also define message dialogues, ensuring that a message being sent is met by the expected response and the correct services are invoked when data transfer occurs. Many different types of applications communicate across data networks. Therefore, Application layer services must implement multiple protocols to provide the desired range of communication experiences. Each protocol has a specific purpose and contains the characteristics required to meet that purpose. The right protocol details in each layer must be followed so that the functions at one layer interface properly with the services in the lower layer. Applications and services may also use multiple protocols in the course of a single conversation. One protocol may specify how to establish the network connection and another describe the process for the data transfer when the message is passed to the next lower layer. 3.2.1 the client-server model When people attempt to access

information on their device, whether it is a PC, laptop, PDA, cell phone, or some other device connected to a network, the data may not be physically stored on their device. If that is the case, a request to access that information must be made to the device where the data resides. The Client/Server model In the client/server model, the device requesting the information is called a client and the device responding to the request is called a server. Client and server processes are considered to be in the Application layer. The client begins the exchange by requesting data from the server, which responds by sending one or more streams of data to the client. Application layer protocols describe the format of the requests and responses between clients and servers. In addition to the actual data transfer, this exchange may also require control information, such as user authentication and the identification of a data file to be transferred. One example of a client/server network is a corporate environment where employees use a company e-mail server to send, receive and store e-mail. The email client on an employee computer issues a request to the email server for any unread mail. The server responds by sending

the requested e-mail to the client. Although data is typically described as flowing from the server to the client, some data always flows from the client to the server. Data flow may be equal in both directions, or may even be greater in the direction going from the client to the server. For example, a client may transfer a file to the server for storage purposes. Data transfer from a client to a server is referred to as an upload and data from a server to a client as a download. Roll over the tabs in the figure to view file transfer. 3.2.2 servers In a general networking context, any device that responds to requests from client applications is functioning as a server. A server is usually a computer that contains information to be shared with many client systems. For example, web pages, documents, databases, pictures, video, and audio files can all be stored on a server and delivered to requesting clients. In other cases, such as a network printer, the print server delivers the client print requests to the specified printer. Different types of server applications may have different requirements for client access. Some servers may require authentication of user account information to verify if the user

has permission to access the requested data or to use a particular operation. Such servers rely on a central list of user accounts and the authorizations, or permissions, (both for data access and operations) granted to each user. When using an FTP client, for example, if you request to upload data to the FTP server, you may have permission to write to your individual folder but not to read other files on the site. In a client/server network, the server runs a service, or process, sometimes called a server daemon. Like most services, daemons typically run in the background and are not under an end user's direct control. Daemons are described as "listening" for a request from a client, because they are programmed to respond whenever the server receives a request for the service provided by the daemon. When a daemon "hears" a request from a client, it exchanges appropriate messages with the client, as required by its protocol, and proceeds to send the requested data to the client in the proper format. 3.2.3 application layer services and protocols A single application may employ many different supporting Application layer services; thus what appears to the user as one request for a web page may, in fact, amount to dozens of individual requests. And for each

request, multiple processes may be executed. For example, a client may require several individual processes to formulate just one request to a server. Additionally, servers typically have multiple clients requesting information at the same time. For example, a Telnet server may have many clients requesting connections to it. These individual client requests must be handled simultaneously and separately for the network to succeed. The Application layer processes and services rely on support from lower layer functions to successfully manage the multiple conversations. In this activity, you will study a simple example of client-server interaction, which can serve as a model for more complex interactions later in the course. Click the Packet Tracer icon for more details. 3.2.4 peer-to-peer neworking and application(P2P) The Peer-to-Peer Model In addition to the client/server model for networking, there is also a peer-to-peer model. Peer-topeer networking involves two distinct forms: peer-to-peer network design and peer-to-peer applications (P2P). Both forms have similar features but in practice work very differently.

Peer-to-Peer Networks In a peer-to-peer network, two or more computers are connected via a network and can share resources (such as printers and files) without having a dedicated server. Every connected end device (known as a peer) can function as either a server or a client. One computer might assume the role of server for one transaction while simultaneously serving as a client for another. The roles of client and server are set on a per request basis. A simple home network with two connected computers sharing a printer is an example of a peer-topeer network. Each person can set his or her computer to share files, enable networked games, or share an Internet connection. Another example of peer-to-peer network functionality is two computers connected to a large network that use software applications to share resources between one another through the network. Unlike the client/server model, which uses dedicated servers, peer-to-peer networks decentralize the resources on a network. Instead of locating information to be shared on dedicated servers, information can be located anywhere on any connected device. Most of the current operating systems support file and

print sharing without requiring additional server software. Because peer-to-peer networks usually do not use centralized user accounts, permissions, or monitors, it is difficult to enforce security and access policies in networks containing more than just a few computers. User accounts and access rights must be set individually on each peer device. Peer-to-Peer Applications A peer-to-peer application (P2P), unlike a peer-to-peer network, allows a device to act as both a client and a server within the same communication. In this model, every client is a server and every server a client. Both can initiate a communication and are considered equal in the communication process. However, peer-to-peer applications require that each end device provide a user interface and run a background service. When you launch a specific peer-to-peer application it invokes the required user interface and background services. After that the devices can communicate directly. Some P2P applications use a hybrid system where resource sharing is decentralized but the indexes that point to resource locations are stored in a centralized directory. In a hybrid system, each peer accesses an

index server to get the location of a resource stored on another peer. The index server can also help connect two peers, but once connected, the communication takes place between the two peers without additional communication to the index server. Peer-to-peer applications can be used on peer-to-peer networks, client/server networks, and across the Internet. 3.3.1DNS services and protocol Now that we have a better understanding of how applications provide an interface for the user and provide access to the network, we will take a look at some specific commonly used protocols. As we will see later in this course, the Transport layer uses an addressing scheme called a port number. Port numbers identify applications and Application layer services that are the source and destination of data. Server programs generally use predefined port numbers that are commonly known by clients. As we examine the different TCP/IP Application layer protocols and services, we will be referring to the TCP and UDP port numbers normally associated with these services. Some of these services are: Domain Name System (DNS) TCP/UDP Port 53 Hypertext Transfer Protocol

(HTTP) - TCP Port 80 Simple Mail Transfer Protocol (SMTP) - TCP Port 25 Post Office Protocol (POP) - TCP Port 110 Telnet - TCP Port 23 Dynamic Host Configuration Protocol - UDP Ports 67 and 68 File Transfer Protocol (FTP) TCP Ports 20 and 21 DNS In data networks, devices are labeled with numeric IP addresses, so that they can participate in sending and receiving messages over the network. However, most people have a hard time remembering this numeric address. Hence, domain names were created to convert the numeric address into a simple, recognizable name. On the Internet these domain names, such as www.cisco.com, are much easier for people to remember than, which is the actual numeric address for this server. Also, if Cisco decides to change the numeric address, it is transparent to the user, since the domain name will remain www.cisco.com. The new address will simply be linked to the existing domain name and connectivity is maintained. When networks were small, it was a simple task to maintain the mapping between domain names and the addresses they

represented. However, as networks began to grow and the number of devices increased, this manual system became unworkable. The Domain Name System (DNS) was created for domain name to address resolution for these networks. DNS uses a distributed set of servers to resolve the names associated with these numbered addresses. The DNS protocol defines an automated service that matches resource names with the required numeric network address. It includes the format for queries, responses, and data formats. DNS protocol communications use a single format called a message. This message format is used for all types of client queries and server responses, error messages, and the transfer of resource record information between servers. DNS is a client/server service; however, it differs from the other client/server services that we are examining. While other services use a client that is an application (such as web browser, e-mail client), the DNS client runs as a service itself. The DNS client, sometimes called the DNS resolver, supports name resolution for our other network applications and other services that need it. When configuring a network device, we generally provide one

or more DNS Server addresses that the DNS client can use for name resolution. Usually the Internet service provider provides the addresses to use for the DNS servers. When a user's application requests to connect to a remote device by name, the requesting DNS client queries one of these name servers to resolve the name to a numeric address. Computer operating systems also have a utility called nslookup that allows the user to manually query the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers. In the figure, when the nslookup is issued, the default DNS server configured for your host is displayed. In this example, the DNS server is dns-sjk.cisco.com which has an address of We then can type the name of a host or domain for which we wish to get the address. In the first query in the figure, a query is made for www.cisco.com. The responding name server provides the address of The queries shown in the figure are only simple tests. The nslookup has many options available for extensive testing and verification of the DNS process.

cache. A DNS server provides the name resolution using the name daemon, which is often called named, (pronounced name-dee). The DNS server stores different types of resource records used to resolve names. These records contain the name, address, and type of record. Some of these record types are: A - an end device address NS - an authoritative name server CNAME - the canonical name (or Fully Qualified Domain Name) for an alias; used when multiple services have the single network address but each service has its own entry in DNS MX - mail exchange record; maps a domain name to a list of mail exchange servers for that domain When a client makes a query, the server's "named" process first looks at its own records to see if it can resolve the name. If it is unable to resolve the name using its stored records, it contacts other servers in order to resolve the name. The request may be passed along to a number of servers, which can take extra time and consume bandwidth. Once a match is found and returned to the original requesting server, the server temporarily stores the numbered address that matches the name in If that same name is requested again, the first server can return the address by using the value stored in its name cache. Caching reduces both the DNS query data network traffic and the workloads of servers higher up the hierarchy. The DNS Client service on Windows PCs optimizes the performance of DNS name resolution by storing previously resolved names in memory, as well. The ipconfig /displaydns command displays all of the cached DNS entries on a Windows XP or 2000 computer system. The Domain Name System uses a hierarchical system to create a name database to provide name resolution. The hierarchy looks like an inverted tree with the root at the top and branches below. At the top of the hierarchy, the root servers maintain records about how to reach the top-level domain servers, which in turn have records that point to the secondary level domain servers and so on. The different top-level domains represent either the type of organization or the country of origin. Examples of top-level domains are: .au - Australia .co - Colombia .com - a business or industry

.jp - Japan .org - a non-profit organization After top-level domains are second-level domain names, and below them are other lower level domains. Each domain name is a path down this inverted tree starting from the root. For example, as shown in the figure, the root DNS server may not know exactly where the e-mail server mail.cisco.com is located, but it maintains a record for the "com" domain within the top-level domain. Likewise, the servers within the "com" domain may not have a record for mail.cisco.com, but they do have a record for the "cisco.com" domain. The servers within the cisco.com domain have a record (a MX record to be precise) for mail.cisco.com. The Domain Name System relies on this hierarchy of decentralized servers to store and maintain these resource records. The resource records list domain names that the server can resolve and alternative servers that can also process requests. If a given server has resource records that correspond to its level in the domain hierarchy, it is said to be authoritative for those records. For example, a name server in the cisco.netacad.net domain would

not be authoritative for the mail.cisco.com record because that record is held at a higher domain level server, specifically the name server in the cisco.com domain. Links http://www.ietf.org//rfc/rfc1034.tx t http://www.ietf.org/rfc/rfc1035.txt 3.3.2 WWW service and HTTP When a web address (or URL) is typed into a web browser, the web browser establishes a connection to the web service running on the server using the HTTP protocol. URLs (or Uniform Resource Locator) and URIs (Uniform Resource Identifier) are the names most people associate with web addresses. The URL http://www.cisco.com/index.html is an example of a URL that refers to a specific resource - a web page named index.html on a server identified as cisco.com (click the tabs in the figure to see the steps used by HTTP). Web browsers are the client applications our computers use to connect to the World Wide Web and access resources stored on a web server. As with most server processes, the web server runs as a background service and makes different types of files available.

In order to access the content, web clients make connections to the server and request the desired resources. The server replies with the resources and, upon receipt, the browser interprets the data and presents it to the user. Browsers can interpret and present many data types, such as plain text or Hypertext Markup Language (HTML, the language in which web pages are constructed). Other types of data, however, may require another service or program, typically referred to as plug-ins or add-ons. To help the browser determine what type of file it is receiving, the server specifies what kind of data the file contains. To better understand how the web browser and web client interact, we can examine how a web page is opened in a browser. For this example, we will use the URL: http://www.cisco.com/webserver.htm. First, the browser interprets the three parts of the URL: 1. http (the protocol or scheme) 2. www.cisco.com (the server name) 3. web-server.htm (the specific file name requested).

The browser then checks with a name server to convert www.cisco.com into a numeric address, which it uses to connect to the server. Using the HTTP protocol requirements, the browser sends a GET request to the server and asks for the file web-server.htm. The server in turn sends the HTML code for this web page to the browser. Finally, the browser deciphers the HTML code and formats the page for the browser window. The Hypertext Transfer Protocol (HTTP), one of the protocols in the TCP/IP suite, was originally developed to publish and retrieve HTML pages and is now used for distributed, collaborative information systems. HTTP is used across the World Wide Web for data transfer and is one of the most used application protocols. HTTP specifies a request/response protocol. When a client, typically a web browser, sends a request message to a server, the HTTP protocol defines the message types the client uses to request the web page and also the message types the server uses to respond. The three common message types are GET, POST, and PUT. GET is a client request for data. A web browser sends the GET message to request pages from a web server. As shown in the figure, once the server receives the GET request, it responds with

a status line, such as HTTP/1.1 200 OK, and a message of its own, the body of which may be the requested file, an error message, or some other information. POST and PUT are used to send messages that upload data to the web server. For example, when the user enters data into a form embedded in a web page, POST includes the data in the message sent to the server. PUT uploads resources or content to the web server. Although it is remarkably flexible, HTTP is not a secure protocol. The POST messages upload information to the server in plain text that can be intercepted and read. Similarly, the server responses, typically HTML pages, are also unencrypted. For secure communication across the Internet, the HTTP Secure (HTTPS) protocol is used for accessing or posting web server information. HTTPS can use authentication and encryption to secure data as it travels between the client and server. HTTPS specifies additional rules for passing data between the Application layer and the Transport Layer. In this activity, you will configure DNS and HTTP services, and then study the packets that result when

a web page is requested by typing a URL. Click the Packet Tracer icon for more details. 3.3.3 e-mail services and smtp/pop protocols E-mail, the most popular network service, has revolutionized how people communicate through its simplicity and speed. Yet to run on a computer or other end device, email requires several applications and services. Two example Application layer protocols are Post Office Protocol (POP) and Simple Mail Transfer Protocol (SMTP), shown in the figure. As with HTTP, these protocols define client/server processes. When people compose e-mail messages, they typically use an application called a Mail User Agent (MUA), or e-mail client. The MUA allows messages to be sent and places received messages into the client's mailbox, both of which are distinct processes. In order to receive e-mail messages from an e-mail server, the e-mail client can use POP. Sending e-mail from either a client or a server uses message formats and command strings defined by the SMTP protocol. Usually an e-mail client provides the functionality of both protocols within one application. E-mail Server Processes - MTA and MDA

The e-mail server operates two separate processes: Mail Transfer Agent (MTA) Mail Delivery Agent (MDA) The Mail Transfer Agent (MTA) process is used to forward e-mail. As shown in the figure, the MTA receives messages from the MUA or from another MTA on another e-mail server. Based on the message header, it determines how a message has to be forwarded to reach its destination. If the mail is addressed to a user whose mailbox is on the local server, the mail is passed to the MDA. If the mail is for a user not on the local server, the MTA routes the e-mail to the MTA on the appropriate server. In the figure, we see that the Mail Delivery Agent (MDA) accepts a piece of e-mail from a Mail Transfer Agent (MTA) and performs the actual delivery. The MDA receives all the inbound mail from the MTA and places it into the appropriate users' mailboxes. The MDA can also resolve final delivery issues, such as virus scanning, spam filtering, and return-receipt handling. Most e-mail communications use the MUA, MTA, and MDA applications. However, there are other alternatives for e-mail delivery. A client may be connected to a corporate e-mail system, such as

IBM's Lotus Notes, Novell's Groupwise, or Microsoft's Exchange. These systems often have their own internal e-mail format, and their clients typically communicate with the e-mail server using a proprietary protocol. The server sends or receives e-mail via the Internet through the product's Internet mail gateway, which performs any necessary reformatting. As another alternative, computers that do not have an MUA can still connect to a mail service on a web browser in order to retrieve and send messages in this manner. Some computers may run their own MTA and manage interdomain e-mail themselves. If, for example, two people who work for the same company exchange e-mail with each other using a proprietary protocol, their messages may stay completely within the company's corporate email system. As mentioned earlier, e-mail can use the protocols, POP and SMTP (see the figure for an explanation of how they each work). POP and POP3 (Post Office Protocol, version 3) are inbound mail delivery protocols and are typical client/server protocols. They deliver e-mail from the e-mail server to the client (MUA). The MDA listens for when a client connects to a server. Once a connection is established, the server can deliver the e-mail to the

client. The Simple Mail Transfer Protocol (SMTP), on the other hand, governs the transfer of outbound e-mail from the sending client to the e-mail server (MDA), as well as the transport of e-mail between e-mail servers (MTA). SMTP enables e-mail to be transported across data networks between different types of server and client software and makes email exchange over the Internet possible. The SMTP protocol message format uses a rigid set of commands and replies. These commands support the procedures used in SMTP, such as session initiation, mail transaction, forwarding mail, verifying mailbox names, expanding mailing lists, and the opening and closing exchanges. Some of the commands specified in the SMTP protocol are: HELO - identifies the SMTP client process to the SMTP server process EHLO - Is a newer version of HELO, which includes services extensions MAIL FROM - Identifies the sender RCPT TO - Identifies the recipient DATA - Identifies the body of the message 3.3.4 FTP The File Transfer Protocol (FTP)

is another commonly used Application layer protocol. FTP was developed to allow for file transfers between a client and a server. An FTP client is an application that runs on a computer that is used to push and pull files from a server running the FTP daemon (FTPd). To successfully transfer files, FTP requires two connections between the client and the server: one for commands and replies, the other for the actual file transfer. The client establishes the first connection to the server on TCP port 21. This connection is used for control traffic, consisting of client commands and server replies. The client establishes the second connection to the server over TCP port 20. This connection is for the actual file transfer and is created every time there is a file transferred. The file transfer can happen in either direction. The client can download (pull) a file from the server or, the client can upload (push) a file to the server. 3.3.5 DHCP The Dynamic Host Configuration Protocol (DHCP) service enables devices on a network to obtain IP addresses and other information from a DHCP server. This service

automates the assignment of IP addresses, subnet masks, gateway and other IP networking parameters. DHCP allows a host to obtain an IP address dynamically when it connects to the network. The DHCP server is contacted and an address requested. The DHCP server chooses an address from a configured range of addresses called a pool and assigns ("leases") it to the host for a set period. On larger local networks, or where the user population changes frequently, DHCP is preferred. New users may arrive with laptops and need a connection. Others have new workstations that need to be connected. Rather than have the network administrator assign IP addresses for each workstation, it is more efficient to have IP addresses assigned automatically using DHCP. DHCP distributed addresses are not permanently assigned to hosts but are only leased for a period of time. If the host is powered down or taken off the network, the address is returned to the pool for reuse. This is especially helpful with mobile users that come and go on a network. Users can freely move from location to location and re-establish network connections. The host can obtain an IP address once the hardware

connection is made, either via a wired or wireless LAN. DHCP makes it possible for you to access the Internet using wireless hotspots at airports or coffee shops. As you enter the area, your laptop DHCP client contacts the local DHCP server via a wireless connection. The DHCP server assigns an IP address to your laptop. As the figure shows, various types of devices can be DHCP servers when running DHCP service software. The DHCP server in most medium to large networks is usually a local dedicated PCbased server. With home networks the DHCP server is usually located at the ISP and a host on the home network receives its IP configuration directly from the ISP. DHCP can pose a security risk because any device connected to the network can receive an address. This risk makes physical security an important factor when determining whether to use dynamic or manual addressing. Dynamic and static addressing both have their places in network designs. Many networks use both DHCP and static addressing. DHCP is used for general purpose hosts such as end user devices, and fixed addresses are used for

network devices such as gateways, switches, servers and printers. Without DHCP, users have to manually input the IP address, subnet mask and other network settings in order to join the network. The DHCP server maintains a pool of IP addresses and leases an address to any DHCP-enabled client when the client is powered on. Because the IP addresses are dynamic (leased) rather than static (permanently assigned), addresses no longer in use are automatically returned to the pool for reallocation. When a DHCP-configured device boots up or connects to the network, the client broadcasts a DHCP DISCOVER packet to identify any available DHCP servers on the network. A DHCP server replies with a DHCP OFFER, which is a lease offer message with an assigned IP address, subnet mask, DNS server, and default gateway information as well as the duration of the lease. The client may receive multiple DHCP OFFER packets if there is more than one DHCP server on the local network, so it must choose between them, and broadcast a DHCP REQUEST packet that identifies the explicit server and lease offer that the client is accepting. A client may choose to request an address that it had previously been allocated by the server.

Assuming that the IP address requested by the client, or offered by the server, is still valid, the server would return a DHCP ACK message that acknowledges to the client the lease is finalized. If the offer is no longer valid - perhaps due to a time-out or another client allocating the lease - then the selected server will respond with a DHCP NAK message (Negative Acknowledgement). If a DHCP NAK message is returned, then the selection process must begin again with a new DHCP DISCOVER message being transmitted. Once the client has the lease, it must be renewed prior to the lease expiration through another DHCP REQUEST message. The DHCP server ensures that all IP addresses are unique (an IP address cannot be assigned to two different network devices simultaneously). Using DHCP enables network administrators to easily reconfigure client IP addresses without having to manually make changes to the clients. Most Internet providers use DHCP to allocate addresses to their customers who do not require a static address. The fourth CCNA Exploration course will cover the operation of DHCP in greater detail. 3.3.6 file sharing services and

smb protocol The Server Message Block (SMB) is a client/server file sharing protocol. IBM developed Server Message Block (SMB) in the late 1980s to describe the structure of shared network resources, such as directories, files, printers, and serial ports. It is a requestresponse protocol. Unlike the file sharing supported by FTP, clients establish a long term connection to servers. Once the connection is established, the user of the client can access the resources on the server as if the resource is local to the client host. SMB file-sharing and print services have become the mainstay of Microsoft networking. With the introduction of the Windows 2000 series of software, Microsoft changed the underlying structure for using SMB. In previous versions of Microsoft products, the SMB services used a non-TCP/IP protocol to implement name resolution. Beginning with Windows 2000, all subsequent Microsoft products use DNS naming. This allows TCP/IP protocols to directly support SMB resource sharing, as shown in the figure. The LINUX and UNIX operating systems also provide a method of sharing resources with Microsoft networks using a version of SMB called SAMBA. The Apple

Macintosh operating systems also support resource sharing using the SMB protocol. The SMB protocol describes file system access and how clients can make requests for files. It also describes the SMB protocol interprocess communication. All SMB messages share a common format. This format uses a fixed-sized header followed by a variablesized parameter and data component. SMB messages can: Start, authenticate, and terminate sessions Control file and printer access Allow an application to send or receive messages to or from another device The SMB file exchange process is shown in the figure. 3.3.7 P2P services and Gnutella Protocol You learned about FTP and SMB as ways of obtaining files, here is another Application protocol. Sharing files over the Internet has become extremely popular. With P2P applications based on the Gnutella protocol, people can make files on their hard disks available to others for downloading. Gnutellacompatible client software allows users to connect to Gnutella services over the Internet and to locate and access resources shared by other Gnutella peers.

Many client applications are available for accessing the Gnutella network, including: BearShare, Gnucleus, LimeWire, Morpheus, WinMX and XoloX (see a screen capture of LimeWire in the figure). While the Gnutella Developer Forum maintains the basic protocol, application vendors often develop extensions to make the protocol work better on their applications. Many P2P applications do not use a central database to record all the files available on the peers. Instead, the devices on the network each tell the other what files are available when queried and use the Gnutella protocol and services to support locating resources. See the figure. When a user is connected to a Gnutella service, the client applications will search for other Gnutella nodes to connect to. These nodes handle queries for resource locations and replies to those requests. They also govern control messages, which help the service discover other nodes. The actual file transfers usually rely on HTTP services. The Gnutella protocol defines five different packet types: ping - for device discovery pong - as a reply to a ping query - for file location query hit - as a reply to a query push - as a download request 3.3.8 telnet services and protocol

Long before desktop computers with sophisticated graphical interfaces existed, people used text-based systems which were often just display terminals physically attached to a central computer. Once networks were available, people needed a way to remotely access the computer systems in the same manner that they did with the directly attached terminals. Telnet was developed to meet that need. Telnet dates back to the early 1970s and is among the oldest of the Application layer protocols and services in the TCP/IP suite. Telnet provides a standard method of emulating text-based terminal devices over the data network. Both the protocol itself and the client software that implements the protocol are commonly referred to as Telnet. Appropriately enough, a connection using Telnet is called a Virtual Terminal (VTY) session, or connection. Rather than using a physical device to connect to the server, Telnet uses software to create a virtual device that provides the same features of a terminal session with access to the server command line interface (CLI). To support Telnet client connections, the server runs a service called the Telnet daemon.

A virtual terminal connection is established from an end device using a Telnet client application. Most operating systems include an Application layer Telnet client. On a Microsoft Windows PC, Telnet can be run from the command prompt. Other common terminal applications that run as Telnet clients are HyperTerminal, Minicom, and TeraTerm. Once a Telnet connection is established, users can perform any authorized function on the server, just as if they were using a command line session on the server itself. If authorized, they can start and stop processes, configure the device, and even shut down the system. Click the tabs in the figure to view the Telnet example. Telnet is a client/server protocol and it specifies how a VTY session is established and terminated. It also provides the syntax and order of the commands used to initiate the Telnet session, as well as control commands that can be issued during a session. Each Telnet command consists of at least two bytes. The first byte is a special character called the Interpret as Command (IAC) character. As its name implies, the IAC defines the next byte as a command rather than text. Some sample Telnet protocol

commands include: Are You There (AYT) - Lets the user request that something appear on the terminal screen to indicate that the VTY session is active. Erase Line (EL) - Deletes all text from the current line. Interrupt Process (IP) - Suspends, interrupts, aborts, or terminates the process to which the Virtual Terminal is connected. For example, if a user started a program on the Telnet server via the VTY, he or she could send an IP command to stop the program. While the Telnet protocol supports user authentication, it does not support the transport of encrypted data. All data exchanged during a Telnet sessions is transported as plain text across the network. This means that the data can be intercepted and easily understood. If security is a concern, the Secure Shell (SSH) protocol offers an alternate and secure method for server access. SSH provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports the transport of session data using encryption. As a best practice, network professionals should always use SSH in place of Telnet, whenever possible.

Later in this course, we will use Telnet and SSH to access and configure network devices over the lab network. 3.4.1data stream capture In this activity, you will use a computer that has a microphone and Microsoft Sound Recorder or Internet access so that an audio file can be downloaded. Click the lab icon for more details. Activity 3.4.1: Data Stream Capture Learning Objectives Upon completion of this activity, you will be able to: Capture or download an audio stream Record the characteristics of the file Examine data transfer rates associated with the file

Sound Recorder to capture an audio stream. Microsoft Sound Recorder is a Windows accessory that can be found in Windows XP at Start > Programs > Accessories > Entertainment > Sound Recorder. If a microphone and Microsoft Sound Recorder are not available, you can download an audio file to use in this activity from http://newsroom.cisco.com/dlls/ podcasts/audio_feeds.html. Scenario This activity is to be performed on a computer that has a microphone and Microsoft Sound Recorder or Internet access so that an audio file can be downloaded. Estimated completion time, depending on network speed, is 30 minutes. Task 1: Create a Sound File Step 1: Open the Windows Sound Recorder application. The application can be found in Windows XP at Start > Programs > Accessories > Entertainment > Sound Recorder. The Sound Recorder interface is shown in Figure 1. Figure 1. The Sound Recorder Interface

Background When an application creates a file, the data that comprises that file must be stored somewhere. The data can be stored on the end device where it was created, or it can be transferred for storage on another device. In this activity, you will use a microphone and Microsoft

All contents are Copyright 19922009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 3 CCNA Exploration Network Fundamentals: Application Layer Functionality and Protocols Activity 3.4.1: Data Stream Capture

Step 2: Record an audio file. 1. To begin recording, click the Record button on the Sound Recorder interface. 2. Speak into the microphone, or create sounds that can be picked up by the microphone. As the audio is recorded, the waveform of the sound should appear on the Sound Recorder interface, as shown in Figure 2. Figure 2. Recording in Progress 3. Click the Stop button when you are finished.

volume settings, and attempt to create the recording again. If you are unable to create a recording, download an audio file from News@Cisco at the following URL: http://newsroom.cisco.com/dlls/ podcasts/audio_feeds.html 2. Save the audio file to the desktop and proceed to Task 2.

Step 4: Save the audio file. 1. Save the audio file that you have created to the desktop. Name the file myaudio.wav. 2. After the file is saved, close the Sound Recorder application. All contents are Copyright 19922009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 3 CCNA Exploration Network Fundamentals: Application Layer Functionality and Protocols Activity 3.4.1: Data Stream Capture

Step 3: Check the audio file that was recorded. 1. Press the Play button to listen to the recording. The recording that you have made should be played back, as shown in Figure 3. Figure 3. Playback If you are unable to hear the recording, check the configuration of the microphone, speakers, and

Task 4: Clean Up Task 2: Observe the Properties of the Audio File Step 1: View audio file properties. Right-click the audio file that you saved to the desktop and click Properties from the popup menu. What is the file size in kilobytes? _______________ What is the file size in bytes? _______________ What is the file size in bits? _______________ Step 2: Open the audio file in Windows Media Player. 1. Right-click the audio file and select Open With > Windows Media Player. 2. When the file is open, right-click at the top of the Media Player interface and select File > Properties from the popup menu. What is the length of the audio file in seconds? _______________ Calculate the amount of data per second in the audio file and record the result. _______________ Task 3: Reflection Data files do not have to remain on the end devices where they are created. For example, you may want to copy the audio file that you created to another computer or a portable audio device. If the audio file that you saved to the desktop were to be transferred at a rate of 100 megabits per second (Mbps), how long would it take for the file transfer to be completed? _________________________ _________________________ _________________________ _______ Even with an Ethernet connection operating at 100 Mbps, the data that makes up a file is not transferred at this speed. All Ethernet frames contain other information, such as source and destination addresses, that is necessary for the delivery of the frame. If 5% of the available 100 Mbps bandwidth is used up by the Ethernet overhead, and 95% of the bandwidth is left for the data payload, how long would it take for the file transfer to be completed? _________________________ _________________________ _________________________ ________ You may be required to remove the audio file that you have saved from the computer. If so, delete the file from the desktop. Unless instructed otherwise, turn off the computer. All contents are Copyright 19922009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 3 3.4.2 lab-managing a web server In this lab you will download, install, and configure the popular Apache web server. A web browser will be used to connect to the server, and Wireshark will be used to capture the communication. Analysis of the capture will aid students in understanding how the HTTP protocol operates. Click the lab icon for more details 3.4.3 lab-email services and protocolsIn this lab, you will configure and use an e-mail client application to connect to eagleserver network services. You will then monitor the communication with Wireshark and analyze the captured packets. Click the lab icon for more details Lab 3.4.3: E-mail Services

and Protocols Topology Diagram Addressing Table Device R1-ISP


Eagle Server

hostPod#A hostPod#B S1-Central

3.5.1summary and review

The Application layer is responsible for directly accessing the underlying processes that manage and deliver communication to the human network. This layer serves as the source and destination of communications across data networks. The Application layer applications, protocols, and services enable users to interact with the data network in a way that is

meaningful and effective. Applications are computer programs with which the user interacts and which initiate the data transfer process at the user's request. Services are background programs that provide the connection between the Application layer and the lower layers of the networking model. Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices. Delivery of data over the network can be requested from a server by a client, or between devices that operate in a peer-to-peer arrangement, where the client/server relationship is established according to which device is the source and destination at that time. Messages are exchanged between the Application layer services at each end device in accordance with the protocol specifications to establish and use these relationships. Protocols like HTTP, for example, support the delivery of web pages to end devices. SMTP/POP protocols support sending and receiving e-mail. SMB enables users to share files. DNS resolves the human legible names used to refer to network resources into numeric addresses usable by the network. 3.5.1: Skills Integration

Challenge-Configuring Hosts and Services Addressin g Table Device R1-ISP Interface Fa0/0 S0/ 0/0 Fa0/0 S0/ 0/0 S1Central PC 1A PC 1B Eagle Server VLAN 1 NIC NIC NIC

Topology Diagram

IP Address


To Learn More Reflection Questions Why is it important to distinguish between a particular Application layer application, the associated service, and the protocol? Discuss this in the context of network reference models. What if it was possible to include all Application layer services with a single allencompassing protocol? Discuss the advantages and disadvantages of having one such protocol. How would you go about developing a new protocol for a new Application layer service? What would have to be included? Who would have to be involved in the process and how would the information be disseminated? Links http://www.ietf.org/ http://www.protocols.com/ All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 3

Activity 2.2.5: Using NeoTrace to View Internetworks Learning Objectives Explain the use of route tracing programs, such as tracert and NeoTrace. Use tracert and NeoTrace to trace a route from its PC to a distant server. Describe the interconnected and global nature of the Internet with respect to data flow. Background Route tracing computer software is a utility that lists the networks data has to traverse from the user's originating end device to a distant destination network. This network tool is typically executed at the command line as: traceroute <destination network name or end device address> (Unix and similar systems) or tracert <destination network name or end device address> (MS Windows systems) and determines the route taken by packets across an IP network. The traceroute (or tracert) tool is often used for network troubleshooting. By showing a list of routers traversed, it allows the user to identify the path taken to reach a particular destination on the network or

across internetworks. Each router represents a point where one network connects to another network and the packet was forwarded through. The number of routers is known as the number of "hops" the data traveled from source to destination. The displayed list can help identify data flow problems when trying to access a service such as a website. It can also be useful when performing tasks such as downloading data. If there are multiple websites (mirrors) available for the same file of data, one can trace each mirror to get a good idea of which mirror would be the fastest to use. However, it should be noted that because of the "meshed" nature of the interconnected networks that make up the Internet and the Internet Protocol's ability to select different pathways over which to send packets, two trace routes between the same source and destination conducted some time apart may produce different results. Tools such as these are usually embedded with the operating system of the end device. Others such as NeoTrace are proprietary programs that provide extra information. NeoTrace uses available online information to display graphically the route traced on a global map, for example.

Scenario Using an Internet connection, you will use two routing tracing programs to examine the Internet pathway to destination networks. This activity should be preformed on a computer that has Internet access and access to a command line. First, you will use the Windows embedded tracert utility and then the more enhanced NeoTrace program. This lab assumes the installation of NeoTrace. If the computer you are using does not have NeoTrace installed, you can download the program using the following link: http://www.softpedia.com/get/N etwork-Tools/TracerouteWhois-Tools/McAfeeNeoTrace-Professional.shtml CCNA Exploration Network Fundamentals: Communicating over the Network Activity 2.2.5: Using NeoTrace to View Internetworks All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 3

If you have any trouble downloading or installing NeoTrace, ask your instructor for assistance. Task 1: Trace Route to Remote Server. Step 1: Trace the route to a distant network. To trace the route to a distant network, the PC being used must have a working connection to the class/lab network. 1. At the command line prompt, type: tracert www.cisco.com The first output line should show the Fully Qualified Domain Name (FQDN) followed by the IP address. The Lab Domain Name Service (DNS) server was able to resolve the name to an IP address. Without this name resolution, the tracert would have failed, because this tool operates at the TCP/IP layers that only understand valid IP addresses. If DNS is not available, the IP address of the destination device has to be entered after the tracert command instead of the server name. 2. Examine the output displayed. How many hops between the source and destination? ________ Figure 1. tracert Command Figure 1 shows the successful result when running: tracert

www.cisco.com from a location in Bavaria, Germany. The first output line shows the FQDN, followed by the IP address. Therefore, a DNS server was able to resolve the name to an IP address. Then there are listings of all routers through which the tracert requests had to pass to get to the destination. 3. Try the same trace route on a PC connected to the Internet, and examine your output. Number of hops to www.cisco.com: ___________ CCNA Exploration Network Fundamentals: Communicating over the Network Activity 2.2.5: Using NeoTrace to View Internetworks All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 3

Step 2: Try another trace route on the same PC, and examine your output. Destination URL: _________________________ _________________ Destination IP Address: _________________________ ____________ Task 2: Trace Route using NeoTrace. 1. Launch the NeoTrace program. 2. On the View menu, choose Options. Click the Map tab and in the Home Location section click the Set Home Location button. 3. Follow the instructions to select your country and location in your country. Alternatively, you can click the Advanced button, which enables you to enter the precise latitude and longitude of your location. See the Challenge section of Activity 1.2.5(1). 4. Enter www.cisco.com in the Target field and click Go. 5. From the View menu, List View displays the list of routers similar to tracert. Node View from the View menu displays the connections graphically with symbols. Map View on the View menu displays the links and routers in their geographic location on a global map.

6. Select each view in turn and note the differences and similarities. 7. Try a number of different URLs and view the routes to those destinations. Task 3: Reflection Review the purpose and usefulness of trace route programs. Relate the displays of the output of NeoTrace to the concept of interconnected networks and the global nature of the Internet. Task 4: Challenge Consider and discuss possible network security issues that could arise from the use of programs like traceroute and NeoTrace. Consider what technical details are revealed and how perhaps this information could be misused. Task 5: Clean Up Exit the NeoTrace program. Unless instructed otherwise by your instructor, properly shut down the computer. All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 7 Lab 2.6.1: Topology Orientation and Building a Small Network Topology Diagram Peer to Peer Network Switched Network

Learning Objectives Upon completion of this lab, you will be able to: Correctly identify cables for use in the network. Physically cable a peer-topeer and switched network. Verify basic connectivity on each network. Background Many network problems can be fixed at the Physical layer of a network. For this reason, it is important to have a clear understanding of which cables to use for your network connections. At the Physical layer (Layer 1) of the OSI model, end devices must be connected by media (cables). The type of media required depends on the type of device being connected. In the basic portion of this lab, straightthrough or patch cables will be used to connect workstations and switches. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a

Small Network All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 7 In addition, two or more devices communicate through an address. The Network layer (Layer 3) requires a unique address (also know as a logical address or IP Addresses), which allows the data to reach the appropriate destination device. Addressing for this lab will be applied to the workstations and will be used to enable communication between the devices. Scenario This lab starts with the simplest form of networking (peer-to-peer) and ends with the lab connecting through a switch. Task 1: Create a Peer-toPeer Network. Step 1: Select a lab partner. Step 2: Obtain equipment and resources for the lab. Equipment needed:

2 workstations 2 straight through (patch) cables 1 crossover cable 1 switch (or hub) Task 2: Identify the Cables used in a Network. Before the devices can be cabled, you will need to identify the types of media you will be using. The cables used in this lab are crossover and straight-through. Use a crossover cable to connect two workstations to each other through their NICs Ethernet port. This is an Ethernet cable. When you look at the plug you will notice that the orange and green wires are in opposite positions on each end of the cable. Use a straight-through cable to connect the routers Ethernet port to a switch port or a workstation to a switch port. This is also an Ethernet cable. When you look at the plug you will notice that both ends of the cable are exactly the same in

each pin position. Task 3: Cable the Peerto-peer Network. Step 1: Connect two workstations. Using the correct Ethernet cable, connect two workstations together. Connect one end of the cable to the NIC port on PC1 and the other end of the cable to PC2. Which cable did you use? _________________________ ______ CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a Small Network All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 7 Step 2: Apply a Layer 3 address to the workstations. To complete this task, you will need to follow the step-by-step instructions below. Note: These steps must be completed on each workstation. The instructions

are for Windows XPsteps may differ slightly if you are using a different operating system. 1. On your computer, click Start, right-click My Network Places, and then click Properties. The Network Connections window should appear, with icons showing the different network connections. 2. Right-click the Local Area Connection and click Properties. 3. Select the Internet Protocol (TCP/IP) item and then click the Properties button. 4. On the General tab of the Internet Protocol (TCP/IP) Properties window, select the Use the following IP address option. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a Small Network All contents are Copyright 19922007 Cisco Systems,

Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 7 5. In the IP address box, enter the IP address for PC1. (Enter the IP address for PC2.) 6. Press the tab key and the Subnet mask is automatically entered. The subnet address should be If this address is not automatically entered, enter this address manually. 7. Click OK. 8. Close the Local Area Connection Properties window. Step 3: Verify connectivity. 1. On your computer, click Start, and then click Run. 2. Type cmd in the Open box and then click OK. The DOS command (cmd.exe) window will appear. You can enter DOS commands using this window. For the purposes of this lab, basic network commands will be entered to allow you to test you computer connections.

CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a Small Network All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 7 The ping command is a computer network tool used to test whether a host (workstation, router, server, etc.) is reachable across an IP network. 3. Use the ping command to verify that PC1 can reach PC2 and PC2 can reach PC1. From the PC1 DOS command prompt, type ping From the PC2 DOS command prompt, type ping What is the output of the ping command? _________________________ _________________________ ____________ _________________________ _________________________

____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________ If the ping command displays an error message or doesnt receive a reply from the other workstation, troubleshoot as necessary. Possible areas to troubleshoot include: Verifying the correct IP addresses on both workstations Ensuring that the correct type of cable is used between the workstations What is the output of the ping command if you unplug the network cable and ping the other workstation? _________________________ _________________________ ____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________

_________________________ _________________________ ____________ CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a Small Network All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 7 Task 4: Connect Your Workstations to the Classroom Lab Switch. Step 1: Connect workstation to switch. Using the correct cable, connect one end of the cable to the NIC port on the workstation and the other end to a port on the switch. Step 2: Repeat this process for each workstation on your network. Which cable did you use? _________________________ _____ Step 3: Verify connectivity. Verify network connectivity by using the ping command to

reach the other workstations attached to the switch. What is the output of the ping command? _________________________ _________________________ ____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________ What is the output of the ping command if you ping an address that is not connected to this network? _________________________ _________________________ ____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________ _________________________ _________________________ ____________

Step 4: Share a document between PCs. 1. On your desktop, create a new folder and name it test. 2. Right-click the folder and click File sharing. Note: A hand will be placed under the icon. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.1: Topology Orientation and Building a Small Network All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 7 3. Place a file in the folder. 4. On the desktop, double-click My Network Places and then Computers Near Me. 5. Double-click the workstation icon. The test folder should appear. You will be able to access this folder across the network. Once you are able to see it and work with the file, you have access through all 7 layers of the OSI model.

Task 5: Reflection What could prevent a ping from being sent between the workstations when they are directly connected? _________________________ _________________________ _________________________ ________ _________________________ _________________________ _________________________ ________ _________________________ _________________________ _________________________ ________ _________________________ _________________________ _________________________ ________ What could prevent the ping from being sent to the workstations when they are connected through the switch? _________________________ _________________________ _________________________ ________ _________________________ _________________________ _________________________

________ All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 11 Lab 2.6.2: Using Wireshark to View Protocol Data Units Learning Objectives Be able to explain the purpose of a protocol analyzer (Wireshark). Be able to perform basic PDU capture using Wireshark. Be able to perform basic PDU analysis on straightforward network data traffic. Experiment with Wireshark features and options such as PDU capture and display filtering. Background Wireshark is a software protocol analyzer, or "packet sniffer" application, used for network troubleshooting, analysis, software and protocol development, and education. Before June 2006, Wireshark was known as Ethereal. A packet sniffer (also known

as a network analyzer or protocol analyzer) is computer software that can intercept and log data traffic passing over a data network. As data streams travel back and forth over the network, the sniffer "captures" each protocol data unit (PDU) and can decode and analyze its content according to the appropriate RFC or other specifications. Wireshark is programmed to recognize the structure of different network protocols. This enables it to display the encapsulation and individual fields of a PDU and interpret their meaning. It is a useful tool for anyone working with networks and can be used with most labs in the CCNA courses for data analysis and troubleshooting. For information and to download the program go to http://www.Wireshark.org Scenario To capture PDUs the computer on which Wireshark is installed must have a working connection to the network and Wireshark must be running before any

data can be captured. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 11 When Wireshark is launched, the screen below is displayed. To start data capture it is first necessary to go to the Capture menu and select the Options choice. The Options dialog provides a range of settings and filters which determines which and how much data traffic is captured. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 11 First, it is necessary to ensure that Wireshark is set to monitor the correct interface. From the

Interface drop down list, select the network adapter in use. Typically, for a computer this will be the connected Ethernet Adapter. Then other Options can be set. Among those available in Capture Options, the two highlighted below are worth examination. Setting Wireshark to capture packets in promiscuous mode If this feature is NOT checked, only PDUs destined for this computer will be captured. If this feature is checked, all PDUs destined for this computer AND all those detected by the computer NIC on the same network segment (i.e., those that "pass by" the NIC but are not destined for the computer) are captured. Note: The capturing of these other PDUs depends on the intermediary device connecting the end device computers on this network. As you use different intermediary devices (hubs, switches, routers) throughout these courses, you will experience the different Wireshark results. Setting Wireshark for network name resolution This option allows you to

control whether or not Wireshark translates network addresses found in PDUs into names. Although this is a useful feature, the name resolution process may add extra PDUs to your captured data perhaps distorting the analysis. There are also a number of other capture filtering and process settings available. Clicking on the Start button starts the data capture process and a message box displays the progress of this process. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 11 As data PDUs are captured, the types and number are indicated in the message box The examples above show the capture of a ping process and then accessing a web page. When the Stop button is clicked, the capture process is terminated and the main

screen is displayed. This main display window of Wireshark has three panes. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 11 The PDU (or Packet) List Pane at the top of the diagram displays a summary of each packet captured. By clicking on packets in this pane, you control what is displayed in the other two panes. The PDU (or Packet) Details Pane in the middle of the diagram displays the packet selected in the Packet List Pane in more detail. The PDU (or Packet) Bytes Pane at the bottom of the diagram displays the actual data (in hexadecimal form representing the actual binary) from the packet selected in the Packet List Pane, and highlights the field selected in the Packet Details Pane. Each line in the Packet List corresponds to one PDU or

packet of the captured data. If you select a line in this pane, more details will be displayed in the "Packet Details" and "Packet Bytes" panes. The example above shows the PDUs captured when the ping utility was used and http://www.Wireshark.org was accessed. Packet number 1 is selected in this pane. The Packet Details pane shows the current packet (selected in the "Packet List" pane) in a more detailed form. This pane shows the protocols and protocol fields of the selected packet. The protocols and fields of the packet are displayed using a tree, which can be expanded and collapsed. The Packet Bytes pane shows the data of the current packet (selected in the "Packet List" pane) in what is known as "hexdump" style. In this lab, this pane will not be examined in detail. However, when a more in-depth analysis is required this displayed information is useful for examining the binary values and content of PDUs. Packet List Pane Packet Details Pane

Packets Bytes Pane CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 11 The information captured for the data PDUs can be saved in a file. This file can then be opened in Wireshark for analysis some time in the future without the need to re-capture the same data traffic again. The information displayed when a capture file is opened is the same as the original capture. When closing a data capture screen or exiting Wireshark you are prompted to save the captured PDUs. Clicking on Continue without Saving closes the file or exits Wireshark without saving the displayed captured data. Task 1: Ping PDU Capture Step 1: After ensuring that the standard lab topology and configuration is correct,

launch Wireshark on a computer in a lab pod. Set the Capture Options as described above in the overview and start the capture process. From the command line of the computer, ping the IP address of another network connected and powered on end device on in the lab topology. In this case, ping the Eagle Server at using the command ping After receiving the successful replies to the ping in the command line window, stop the packet capture. Step 2: Examine the Packet List pane. The Packet List pane on Wireshark should now look something like this: Look at the packets listed above; we are interested in packet numbers 6, 7, 8, 9, 11, 12, 14 and 15. Locate the equivalent packets on the packet list on your computer. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights

reserved. This document is Cisco Public Information. Page 7 of 11 If you performed Step 1A above match the messages displayed in the command line window when the ping was issued with the six packets captured by Wireshark. From the Wireshark Packet List answer the following: What protocol is used by ping? ____________________________ __ What is the full protocol name? ____________________________ __ What are the names of the two ping messages? ____________________________ __ ____________________________ ____________________________ _____________ Are the listed source and destination IP addresses what you expected? Yes / No Why? ____________________________ _______ Step 3: Select (highlight) the first echo request packet on the list with the mouse. The Packet Detail pane will now display something similar to: Click on each of the four

"+" to expand the information. The packet Detail Pane will now be similar to: CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 11 As you can see, the details for each section and protocol can be expanded further. Spend some time scrolling through this information. At this stage of the course, you may not fully understand the information displayed but make a note of the information you do recognize. Locate the two different types of 'Source" and "Destination". Why are there two types? ____________________________ ____________________________ __________ What protocols are in the Ethernet frame? ____________________________ ____________________________ ____ As you select a line in the Packets Detail pane all or

part of the information in the Packet Bytes pane also becomes highlighted. For example, if the second line (+ Ethernet II) is highlighted in the Details pane the Bytes pane now highlights the corresponding values. This shows the particular binary values that represent that information in the PDU. At this stage of the course, it is not necessary to understand this information in detail. Step 4: Go to the File menu and select Close. Click on Continue without Saving when this message box appears. Task 2: FTP PDU Capture Step 1: Start packet capture. Assuming Wireshark is still running from the previous steps, start packet capture by clicking on the Start option on the Capture menu of Wireshark. At the command line on your computer running Wireshark, enter ftp When the connection is established, enter anonymous as the user without a password. Userid: anonymous Password: <ENTER> You may alternatively use

login with userid cisco and with password cisco. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 9 of 11 When successfully logged in enter get /pub/eagle_labs/eagle1/c hapter1/gaim-1.5.0.exe and press the enter key <ENTER>. This will start downloading the file from the ftp server. The output will look similar to: C:\Documents and Settings\ccna1>ftp eagleserver.example.com Connected to eagleserver.example.com. 220 Welcome to the eagle-server FTP service. User (eagleserver.example.com: (none)): anonymous 331 Please specify the password. Password:<ENTER> 230 Login successful. ftp> get /pub/eagle_labs/eagle1/

chapter1/gaim-1.5.0.exe 200 PORT command successful. Consider using PASV. 150 Opening BINARY mode data connection for pub/eagle_labs/eagle1/c hapter1/gaim-1.5.0.exe (6967072 bytes). 226 File send OK. ftp: 6967072 bytes received in 0.59Seconds 11729.08Kbytes/sec. When the file download is complete enter quit ftp> quit 221 Goodbye. C:\Documents and Settings\ccna1> When the file has successfully downloaded, stop the PDU capture in Wireshark. Step 2: Increase the size of the Wireshark Packet List pane and scroll through the PDUs listed. Locate and note those PDUs associated with the file download. These will be the PDUs from the Layer 4 protocol TCP and the Layer 7 protocol FTP. Identify the three groups of PDUs associated with the file transfer. If you performed the step above, match the packets with the messages and prompts in the FTP command

line window. The first group is associated with the "connection" phase and logging into the server. List examples of messages exchanged in this phase. ____________________________ ____________________________ ___________ Locate and list examples of messages exchanged in the second phase that is the actual download request and the data transfer. ____________________________ ____________________________ __________ ____________________________ ____________________________ ___________ The third group of PDUs relate to logging out and "breaking the connection". List examples of messages exchanged during this process. ____________________________ ____________________________ __________ ____________________________ ____________________________ ___________ CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights

reserved. This document is Cisco Public Information. Page 10 of 11 Locate recurring TCP exchanges throughout the FTP process. What feature of TCP does this indicate? ____________________________ ____________________________ ___________ ____________________________ ____________________________ ___________ Step 3: Examine Packet Details. Select (highlight) a packet on the list associated with the first phase of the FTP process. View the packet details in the Details pane. What are the protocols encapsulated in the frame? ____________________________ ____________________________ ___________ Highlight the packets containing the user name and password. Examine the highlighted portion in the Packet Byte pane. What does this say about the security of this FTP login process? ____________________________ ____________________________ ___________ Highlight a packet associated with the second phase. From any pane, locate the

packet containing the file name. The filename is: ____________________________ __ Highlight a packet containing the actual file content - note the plain text visible in the Byte pane. Highlight and examine, in the Details and Byte panes, some packets exchanged in the third phase of the file download. What features distinguish the content of these packets? ____________________________ ____________________________ ___________ When finished, close the Wireshark file and continue without saving Task 3: HTTP PDU Capture Step 1: Start packet capture. Assuming Wireshark is still running from the previous steps, start packet capture by clicking on the Start option on the Capture menu of Wireshark. Note: Capture Options do not have to be set if continuing from previous steps of this lab. Launch a web browser on the computer that is running Wireshark. Enter the URL of the Eagle Server of example.com or

enter the IP address192.168.254.254. When the webpage has fully downloaded, stop the Wireshark packet capture. Step 2: Increase the size of the Wireshark Packet List pane and scroll through the PDUs listed. Locate and identify the TCP and HTTP packets associated with the webpage download. CCNA Exploration Network Fundamentals: Communicating over the Network Lab 2.6.2: Using Wireshark to View Protocol Data Units All contents are Copyright 19922007 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 11 of 11 Note the similarity between this message exchange and the FTP exchange. Step 3: In the Packet List pane, highlight an HTTP packet that has the notation "(text/html)" in the Info column. In the Packet Detail pane click on the "+" next to "Line-based text data: html" When this information expands what is displayed? ____________________________ ____________________________

___________ Examine the highlighted portion of the Byte Panel. This shows the HTML data carried by the packet. When finished close the Wireshark file and continue without saving Task 4: Reflection Consider the encapsulation information pertaining to captured network data Wireshark can provide. Relate this to the OSI and TCP/IP layer models. It is important that you can recognize and link both the protocols represented and the protocol layer and encapsulation types of the models with the information provided by Wireshark. Task 5: Challenge Discuss how you could use a protocol analyzer such as Wireshark to: (1) Troubleshoot the failure of a webpage to download successfully to a browser on a computer.

and (2) Identify data traffic on a network that is requested by users. ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ ____________________________ ____________________________ _____________________ Task 6: Cleanup Unless instructed otherwise by your instructor, exit Wireshark and properly shutdown the computer.