Netwok Concept Refrence

Network Concepts
Reference
NETWORK CONCEPTS REFERENCE OCTOBER 19998
Table of contents
NETWORK CONCEPTS......................................................................................................................................3
TERMINOLOGY ....................................................................................................................................................................3
NETWORK STANDARDS .........................................................................................................................................................4
NETWORK HISTORY .............................................................................................................................................................5
SERVER BASED LANS ..........................................................................................................................................................7
INTRODUCTION TO OSI ........................................................................................................................................................7
LAN COMPONENTS .............................................................................................................................................................8
Network servers ..........................................................................................................................................................8
Workstations ...............................................................................................................................................................9
Cabling........................................................................................................................................................................9
Cabling schemes.........................................................................................................................................................9
Lower level protocols (OSI 2)..................................................................................................................................... 10
TOPOLOGIES .................................................................................................................................................................... 11
Higher level protocols (OSI 3 and above)................................................................................................................... 12
Network operating systems ....................................................................................................................................... 12
Network linking devices ............................................................................................................................................. 12
Network management tools ....................................................................................................................................... 13
NETWORK ARCHITECTURE............................................................................................................................ 13
OSI MODEL ..................................................................................................................................................................... 13
TOPOLOGIES ................................................................................................................................................... 19
ETHERNET ....................................................................................................................................................................... 20
TOKEN RING .................................................................................................................................................................... 24
FDDI.............................................................................................................................................................................. 26
LINKING DEVICES............................................................................................................................................ 26
REPEATERS ..................................................................................................................................................................... 27
BRIDGES ......................................................................................................................................................................... 28
ROUTERS AND BROUTERS................................................................................................................................................... 29
MULTIPROTOCOL ROUTER (MPR)........................................................................................................................................ 31
GATEWAYS ...................................................................................................................................................................... 32
LINKING MEDIA .................................................................................................................................................................. 33
LINKING MEDIA PROTOCOLS ................................................................................................................................................ 34
PROTOCOL SUITES......................................................................................................................................... 35
TCP/IP........................................................................................................................................................................... 35
Datagrams ................................................................................................................................................................ 38
TCP to IP .................................................................................................................................................................. 40
Network Address ....................................................................................................................................................... 42
UDP .......................................................................................................................................................................... 44
ICMP......................................................................................................................................................................... 44
Ethernet address....................................................................................................................................................... 45
NOVELL ........................................................................................................................................................................... 49
APPLETALK ...................................................................................................................................................................... 50
NETWORK SHELLS ......................................................................................................................................... 51
SINGLE PROTOCOL ............................................................................................................................................................ 52
MULTIPROTOCOL .............................................................................................................................................................. 52
NDIS.............................................................................................................................................................................. 52
ODI................................................................................................................................................................................ 52
TROUBLESHOOTING TOOLS.......................................................................................................................... 53
REFLECTOMETER .............................................................................................................................................................. 53
PACKET MONITOR ............................................................................................................................................................. 53
NETWORK MANAGEMENT SOFTWARE..................................................................................................................................... 54
NETWORK COMPONENTS .................................................................................................................................................... 54
PING, TELNET, AND FTP UTILITIES ......................................................................................................................................... 55
REVIEW............................................................................................................................................................. 56
2 DOCUPRINT IPS/NPS REFERENCE MANUAL

OCTOBER 1998 NETWORK CONCEPTS REFERENCE
Network concepts
This overview will provide an introduction to the essential
concepts of networking: topologies, protocol suites, devices for
linking network segments, and operating systems.
Terminology
Before we can begin a discussion of networking, you need to be
familiar with various terminology used throughout the discussion.
Some of the terms that are used throughout the reference are:
Node Any of several terminal points that can be addressed in a network. Servers,
workstations, printers, etc. can be nodes. Each node has a unique network
address that is used for sending and receiving messages.
Segment A portion of a Local Area Network (LAN) connected by a linking device to limit
traffic within that segment. NOTE: This could also indicate a separate LAN.
Protocol A set of rules that controls the flow of messages and communicating processes
between computers.
Peer Level The communications between equivalent levels in a layered protocol network.
Communications
Server A device enabling resource sharing on a LAN, such as print, file and
communications servers.
Client Hardware and software that initiates a service.
Packet A collection of bytes that can be a complete message or a portion of a
message. A packet is the basic unit of communications over networks.
Datagram A formatted unit of data in the Internet Protocol (IP) suite. This should not be
confused with a packet.
Leased lines Dedicated digital or analog communications lines leased for exclusive use.
Switched lines A public telephone network.
Broadcast The transmission of a message to all addresses on the network.
DOCUPRINT IPS/NPS REFERENCE MANUAL 3

Network standards
In the communications industry, standards are used to govern the
physical, electrical, and procedural attributes of communications
equipment. The dominant organizations that set standards for
data and computer communications are ISO and CCITT.
ISO
The International Organization for Standardization is voluntary
and non-governmental; nevertheless, more than 70% of the ISO
members are governmental standards institutions incorporated by
public law. The development of communications standards is
just one of the topics covered by ISO. The organizations
objective is to develop standards that are acceptable to as many
countries as possible.
CCITT (Consultative Committee of International Telegraphy

and Telephony)
The Consultative Committee of International Telegraphy and
Telephony is a United Nations treaty organization; thus, the
members of CCITT are governments. The U.S. representation is
located in the Department of State. The objective of CCITT is
standardize techniques and operations in international
telecommunications.
CCITT has been concerned primarily with communications
network and data transmission issues. Whereas, ISO has been
primarily concerned with distributed processing and computer-
communications issues.
Two other groups that are important to our discussion are IEEE
and ANSI.
IEEE
The Institute of Electrical and Electronics Engineers
standards are an on-going development by experts in the
communications industry. These standards are revised as the
technology changes and are reaffirmed at least every five years.
If you possess an IEEE standards document that is more than
five years old and has not been reaffirmed, chances are the
content will not accurately reflect current technology.
ANSI
The American National Standards Institute is a voluntary, non-
governmental organization. ANSI is the clearinghouse of
voluntary standards in the United States. It is also the United
States voting member of ISO.
Its important to note that there are many other organizations that
set standards for data and computer communications. We

addressed just a few to acquaint you with various standards

organizations.
Network history
In the mid-60s, data processing consisted of batch jobs being
submitted from dumb terminals, tape, or card readers to the
mainframe host. Each user used a terminal to access the
processing power, memory, and physical storage capabilities of
the host system as well as to share output devices such as
printers.
By the mid 70s (Figure 1), dumb and semi-smart terminals were
able to access several host computers. This was accomplished
using Front End Processors (FEP) and multi-tasking host
computers allowing several users to be logged in to a single host
at the same time. Linking two or more host computers via FEPs
was the first step in developing distributed processing,
In the early 80s, microcomputers provided users with local
processing at their desks; however, users were unable to share
devices or data.
In the mid to late 80s (Figure 2), with the advancements in
networking technology, true distributed processing was now
possible. Users gained the ability not only to process data
locally, but also to share data and devices. This capability grew to
become Local Area Networking (LAN). Then the next
generation of networking allowed users to connect workstations
to multiple servers and into the host environment.
The 90's have seen the development of the networking trends
into the proliferation of the Internet and the World Wide Web
communication, with users accessing text, graphics, audio, and
video from public and private servers all over the world.
Figure 1. Multi-tasking Host Computers (circa mid 1970s)
Host Host
FEP FEP
CPU CPU
Printer File Printer File

Storage Storage
Modems
Tape Dumb Tape
Drive Terminals Drive

Figure 2. Local Area Network (circa mid 1980s)
Dumb Terminals
Terminal
PC Server PC
Network Bus
Host
CPU
File Printer PC
Server
Next, LANs were connected together outside the geographical

area. This was originally known as a Wide Area Networking
(WAN). See Figure 3. However, the terms LAN and WAN
currently are used interchangeably when referring to LAN
segments being connected over a great distance. Although an
arguable definition, WAN now often refers to two or more different
types of LANs connected together.
Figure 3. Wide Area Network
LAN LAN
Linking Linking
Device Device
LAN LAN
Digital Telecommunications Line

Telcom Telcom

Server based LANs

Server based LANs tie two or more workstations together with
one or more servers to provide extended computing services
such as file sharing, printer sharing, centralized data storage and
backup, electronic mail, and the ability to link to other networks
and hosts. In a standard server environment, each user can run
applications within their local workstation or "use" copies of
applications and/or data files off the server. In all cases, though,
all data processing occurs within the local workstation.
Server based LANs, can be easily understood as a technological
mix of mainframe and microcomputer capabilities.
In the mainframe environment, each user uses a terminal to
access the processing power, memory, and physical storage
capabilities of the host system as well as to share output devices
such as printers and plotters among users.
In a microcomputer environment, each user uses the
processing power, memory, and storage capabilities of his or her
individual computer system and its peripheral devices.
In a server based LAN, by mixing features of the microcomputer
and mainframe environments, we gain the independence of
individually powerful workstations with their own memory and
processing power, plus the storage capacity, centralized data
storage, and shared device capabilities of the host environment.
It is also important to note that the functions of client and
server are not fixed. A particular node in a network could
function as a client (using the services of another node) in one
instance while functioning as a server (providing services for
other nodes) in another instance.
Introduction to OSI
In order for network components to communicate with each other,
there must be a common set of rules that defines the details of
their communications. A set of such rules is called protocol.
Network communication is a complex task, particularly if the
components are as different as those found in modern networks.
Instead of trying to solve the complex problem of network
communications all at once, the problem can be divided into
several manageable sub-problems. Networks then, will
communicate on several different functional levels which can
operate independently.
In order to aid in the designing of network systems, the
International Organization for Standardization (ISO) has defined
a model of seven different levels, or layers, of protocol. This
model is called the Open Systems Interconnection (OSI)
model. Although no particular system conforms exactly to this
model, it is a convenient way to describe the various tasks that
must be performed in order for a message to be sent from the

source node across a network and received and interpreted by

the destination node.
The seven layers of the OSI Model are:
7 APPLICATION LAYER
6 PRESENTATION LAYER
5 SESSION LAYER
4 TRANSPORT LAYER
3 NETWORK LAYER
2 DATA LINK LAYER
1 PHYSICAL LAYER
Layers 1 and 2 are often considered to govern lower level
protocol, because they deal directly with the transmission
medium. Layers 3 and above are considered to govern higher
level protocol because they perform such tasks as interpreting
network addresses and interfacing with software applications.
A set of protocols, operating independently in a scheme such as
the OSI Model, can be referred to as a layered protocol suite or a
protocol stack. We will often refer to the OSI model as a standard
when describing network communications.
LAN components
Now that we have an idea of local area networking and the OSI
Model, lets look at the components which make up a LAN.
These include Network Servers, Workstations, Cabling, Cabling
Schemes, Lower Level Protocols, Topologies, Higher Level
Protocols, Network Operating Systems, Network Linking
Devices and Network Management Tools.
Network servers
A server is typically a high performance microcomputer with 32 or
greater megabytes of RAM and 600 or greater megabytes of disk
storage. There are three main types of servers found on a
network; file servers, printer servers, and communications
servers.
File servers make hard disk storage space available to other
network users (PCs, workstations, etc.), answering requests for
data read and write actions and managing simultaneous requests
for access to that same data.
Print servers accept print jobs sent from the client workstation,
store the job in a disk queue, and send the job to a printer when
the queue is started.
Communications servers link client workstations on the LAN
with mainframe computers and other LANs in other locations as
well as share modem and facsimile boards among the client
stations.

Workstations
An adapter card is needed in each workstation which is to be
connected to the network. Network interface adapters, such as
Ethernet, ARCnet, and Token-Ring network interface cards, are
required to move the signals over the network media into a PCs
parallel data stream and to specify the address of the node. This
is called Media Access Control (MAC). The adapters must be
compatible with the workstations and have the appropriate
connector to attach to the network cabling.
Network software must also be resident on each network node.
We will discuss this software later, in the section concerning
network shells.
Cabling
The major types of cabling between network nodes or switching
points on the network) include twisted pair, shielded twisted pair,
coaxial, or fiber optics.
Twisted pair is one or more pairs of wire twisted together which
may or may not be within a jacket, for example, common phone
line cable.
Shielded twisted pair is one or more pairs of wire twisted and
covered with a matrix of grounding wire. The ground helps to
prevent outside electromagnetic waves from disrupting the
signals within the twisted wires.
Coaxial is a single wire protected by a grounding shield.
Fiber optics is made of fine glass "wires", which use light,
instead of electricity, to transmit the signal from point-to-point.
The major advantages of fiber optics are the ability to transmit
over long distances, and immunity to its electromagnetic
interference (EMI).
Cabling schemes
The network cabling scheme describes the methodology by
which the nodes of the network are interconnected. There are
three primary cabling schemes (Figure 4):

N N
Bus
(e.g.
Ethernet)
N N Hub
N
N N N
N N Star
Ring
N
N
Double
N N
Hub (FDDI)
Ring
Ring and
Combinatio
Star
(e.g.
n Token N
Ring N
N N
Figure 4. Cabling schemes
Bus in which each node of the network is connected in line with

the other nodes. The cable runs from workstation to workstation
with the server or servers anywhere along the length of the cable.
Star in which workstations and servers are wired directly to a
centralized hub or patch panel.
Ring is a bus which terminates at the beginning node.
The bus method uses less wire, but because of its design, a
break at any location will cause the network to fail. The star
scheme uses a greater amount of wire, but provides a greater
amount of independence for each node on the network.
Double-Ring is also a bus which terminates at the beginning
node; however, a second ring is added for back-up purposes in
case of failure.
In some network designs, notably IBM's Token-Ring, the physical
wiring is installed as a star, yet the logical path across the
network cabling is in a ring fashion.
Lower level protocols (OSI 2)

The lower level protocol of a local area network system defines
how the information is bundled together and passed over
different cabling and cabling schemes. These lower level
protocols are also called packet frames. The IEEE standards

committee has created several standards that are defined for OSI
layers 1 & 2 (the Physical and Data Link layers).
802.2, 802.3 and Ethernet-II use a Carrier Sense Multiple
Access with Collision Detection (CSMA/CD) signal on a bus
which sends its message only when no transmitted signal is
detected over the LAN cable.
802.4 uses a token passing methodology on a bus in which a
message (token) is passed from node to node by active nodes on
the network.
802.5 use a token passing methodology on a ring in which a
message (token) is passed from node to node by active nodes on
the network.
802.6 uses the Distributed Queue Dual Bus (DQDB). Two
parallel runs of cable (typically fiber optic) link each node
(typically a router connected to another LAN) to the DQDB. This
standard is relatively new and was developed for metropolitan
area networks (MANs).
These standards and some specific implementations are
discussed later in this reference.
Topologies
The term topology refers to a cabling scheme and protocol used
to bundle and transmit the data across the network. Note that
some other documents define topology as the cabling scheme
(physical layer or OSI layer 1) only. The following describes some
of the currently used network topologies.
Ethernet configurations:
10Base2 is CSMA/CD running across thin coaxial cable. It
designates a 10 Megabit per second signaling rate, and has a
maximum cable segment distance of 185 meters.
10BaseT is CSMA/CD running across twisted pair cabling. It
designates a 10 megabit per second signaling rate.
10Base5 is CSMA/CD running across thick coaxial cable. It
designates a 10 megabit per second signaling rate and has
maximum cable segment distance of 500 meters.
10BaseF is CSMA/CD running across fiber optics cable. It
designates a 10 megabit per second signaling rate and has a
maximum distance of 4 kilometers (approx. 2.5 miles).
Token-Ring is 802.4 or 802.5 in a ring cabling scheme which
uses a 16 megabit per second signaling rate.
There are many other topologies with and without standards.

Higher level protocols (OSI 3 and above)

As we have learned, the lower level protocol defines the format of
the information as it is crossing the physical aspects of the
network. The higher level protocol controls the transport of the
information from the source node to its specific destination(s) and
is the translator which provides the link to the networks
applications. Some examples of higher level protocol would
include:
TCP/IP (Transmission Control Protocol/Internet Protocol) which is
a Department of Defense (DOD) defined protocol suite (including
several layers of protocols and some applications) has become
one of the most popular in the marketplace. TCP/IP is often
associated with the UNIX operating system, as it is included on
most UNIX workstations. However, TCP/IP protocol and
applications are not part of UNIX and may run on other operating
systems such as DOS.
NetBIOS which is a generic term used by multiple companies for
the software that provides the higher level protocol within their
system.
AFP (AppleTalk Filing Protocol) which is Apple Computers high
level protocol for the Macintosh systems. (NOTE: Dont confuse
the acronym with IBMs Advanced Function Printing.)
NFS (Network File System) which is a high level protocol
developed by Sun Microsystems.
We will provide a detailed examination of the TCP/IP protocol
suite later in this module
Network operating systems

Software running at a network server can provide management of
devices, node addresses, network users, as well as security and
reporting on all aspects of the network. Three common network
operating systems are:
Novell NetWare
Banyan Vines
XNS.
The network operating system is loaded onto the server. Each
workstation is provided with client software to send and receive
messages via a Network Interface Card (NIC) to the server. In
most cases the lower and higher level protocols are supplied with
the network operating system software.
Network linking devices

Hardware and software devices are used to link networks
together, thereby extending the range of communications for any
node. These devices fall into the following categories:

Repeaters, Bridges, Routers, Brouters, Gateways, Multiprotocol

Routers (MPR). We will discuss each of these in detail later in
this module.
Network management tools

The primary reason for implementing network management tools
is to resolve network problems efficiently and to have the
information necessary to improve the efficiency of your network.
Network management tools provide:
Wiring status and control
Protocol analysis and traffic counting
Workstation information
General network reporting on critical and everyday events.
Network architecture
To understand networking, it is important to recognize that
networks today are constructed using one of two methodologies:
globally defined and component based.
Globally defined networks are defined by set of rules which are
often created by large corporations to ensure compatibility
between multiple network installations. Examples of these
include IBMs SNA, Xerox XNS, and Digital Equipments DECnet
(or DNA), Apple Computers AppleTalk, etc. These network
architecture standards define the complete networking
environment, including topologies, protocols, and communication
specifications.
Component based networks are networks which have been
constructed piece-by-piece, based on the individual work groups
needs. Many currently existing, large networks have evolved
through the interconnection of smaller, independent networks.
The Internet is in fact a collection of independent networks that
are linked together.
OSI model
For all the networking elements to function together, whether built
upon a global or component based definition, there must be a
common thread which allows the individual pieces of the network
to interact. These interactions are defined as standardized
models for network implementations. The most common of
these, is ISOs OSI model.
As we discussed previously, the basic design of a network is a
layered design, each layer performing a separate function. This
way, network design becomes more manageable; it becomes a
study of the parts rather than a study of the whole. A layered

design implies independence of the layers which aid in the

creation of a component based architecture.
The structure for the layering of a LAN is based on a model
developed by the International Organization for Standardization
(ISO). Their model, (the Open System Interconnection reference
model, Figure 5), consists of 7 layers. Let us take a brief look at
this model and discuss the functions of each layer.
Layer 7 Application
Layer 6 Presentation
OSI
Layer 5 Session Reference
Layer 4 Transport Model
Layer 3 Network
Layer 2 Data Link
Layer 1 Physical
Transmission Medium
Figure 5. OSI Reference Model
Layer 1 - Physical - Performs all of the functions necessary to
transmit and receive data over the physical medium. It describes
the physical media over which the bit stream is to be transmitted.
This layer specifies the type of cable, (coax, twisted pair, fiber
optics), signal levels, bit rate and data encoding. Its Xeroxs
plan to be able to support different types of physical media as
they become accepted in the Industry.
Layer 2 - Data Link - The Data Link layer takes the raw
transmission and transforms it into a line that appears to be error
free to the Network layer. It performs framing, addressing, error
detection and solves contention problems.
Layer 3 - Network - Controls switching between links within the
network, (gateways, communication servers, routing, and dial up
communications).
Layer 4 - Transport - Ensures end to end message integrity.
Layer 5 - Session - Responsible for the mapping of logical
names into network addresses.

Layer 6 - Presentation - Provides any necessary translation,

format conversion or code conversion to put the information into a
recognizable format.
Layer 7 - Application - Provides network based services to the
end user such as filing or electronic mail.
Remember, this is only a model. As we will see, different
architectures utilize this model differently.
Associated with each layer is a layer header. Headers consist of
information that is to be added by a particular layer at one node
to be read by its corresponding layer at another node. This type
of communications between corresponding layers is called Peer
Level Communications (Figure 6).
At the source node, each layer adds a header to the message.
Then, at the destination node (and for some layers, at the
intermediate linking devices) these headers are read and stripped
off. By the time the message is received by the destination
application, the original data is intact, with no additional headers.
Later in this reference, we will discuss in detail one of the most
common network architectures: the TCP/IP Protocol Suite. The
TCP/IP suite is an example of a component based architecture,
and aspects of this suite are used in a variety of different
networks. We will also discuss the structure of TCP/IP layer
headers and show how they are used for Peer Level
Communications.
To show how different architectures can be thought of in terms of
the OSI model, we will take a short time to discuss a familiar
globally defined architecture: Xeroxs XNS network.

Figure 6. OSI model - peer level communications
Source DATA Destination DATA
7 AH DATA Applications Header 7
6 6
PH AH DATA Presentation Header
5 SH PH AH DATA Session Header 5
4 TH SH PH AH DATA Transport Header 4
3 3
NH TH SH PH AH DATA Network Header
2 2
DH NH TH SH PH AH DATA Data Link Header
1 1
Transmission medium (Physical Layer)
Figure 7 shows the relationship between the XNS protocol layers

and the OSI Model. Note that the XNS Layer 4 corresponds to
OSI Layer 7. The XNS Layer 3 corresponds to OSI Layers 6 & 5.
The XNS Layer 2 corresponds to OSI Layers 4 & 3. And the XNS
Layer 1 corresponds to OSI Layers 2 & 1.

Figure 7. OSI layers vs. XNS layers
OSI Layers XNS Layers
Layer 7
Application
Layer 4
Presentation
Courier
Layers 5 & 6 Layer 3
Session
Transport
Layers 3 & 4 Internet Layer 2
Network
Data Link
Layers 1 & 2 Layer 1
Ethernet
E
v Physical
e
n
t
h
o
u Transmission Cable
g
h the XNS scheme differs significantly from the OSI Model, it is
possible to show their relationship. In this way the OSI Model
acts as a common gauge that we can use in describing network
architecture. Other network architectures, such as DECnet, SNA,
and AppleTalk can also be compared to the OSI Model for
analysis.
Figure 8 shows the layer protocol structures for several common
network architectures.

Figure 8. Comparison of various layer protocol structures
DNA (DECNET) TCP/IP (Sun, PCs, Macs) SNA (IBM)
Network Mgmt. Transaction Srvc.
Applications
(email, FTP, Presentation Srvc.
Network Appl.
Telnet, etc.)
Session Control Data Flow Control
End Comm. TCP or UDP End Comm.
Routing IP Routing
Data Link Data Link Data Link
Physical Physical Physical
NOVELL NETWARE APPLETALK
NPL Presentation
(or other appl.)
Session
SPX Transport
IPX Network
Data Link Link Access
Physical Physical
Some of the protocol structures are unique to a particular

hardware manufacturer (SNA to IBM, DNA to DEC, AppleTalk to
Apple). The others, TCP/IP and Novell NetWare, may be found
in a variety of different environments (such as Sun workstations,
IBM compatible PCs, or Apple Macintoshes). Though there are

differences in each architecture, each of these schemes can be

compared to the OSI Model.
The first two layers (sometimes called low level protocols,
corresponding to OSI 1 & 2) are equivalent for all of these
schemes. But, the specific options allowed for each architecture
may vary. Some examples of these options would be SDLC,
Token Ring, Ethernet, X.25, or FDDI.
The higher level layer protocol schemes vary more for each brand
of architecture. But, in general, layer 3 is used for network
routing and layer 4 is used for end to end transmission integrity,
corresponding to the OSI Model. Layers 5 and above are used
for interaction with the application, as in the OSI Model. But,
because of these differences in layer protocols, in order to pass
data between networks with different architectures, a software
gateway is needed. This gateway must contain the complete
protocol schemes for both the source and destination networks.
We will talk more about gateways later in this reference.
Topologies
Network topology is often determined by the accessibility
between the workstations and the server. If wiring is difficult,
then a bus topology often is the easiest to install, but the most
difficult to maintain. A star configuration is more difficult to install
and requires more wire, but is much easier to troubleshoot when
there is a problem.
Other factors for choosing a topology could be based on whether
the network:
Is in an area with a high level of electromagnetic interference
Has long distances between workstations and servers
Is accessible to existing cabling.
Topologies function at OSI layers 1 and 2, the physical and data
link layers. Commonly used topologies include:
Ethernet
Token-Ring
Fiber Data Distributed Interface (FDDI)
Lets look at each of these topologies in more detail.

Ethernet
Ethernet is a logical bus topology that uses the CSMA/CD access
method. CSMA/CD stands for Carrier Sense with Multiple Access
using Collision Detection and is the means by which two or more
devices share the Ethernet when they want to transmit data.
Along with the CSMA/CD access method, some of the particulars
the Ethernet specification describes are:
The type of cable used, e.g., low noise shielded 50 ohm
Coaxial cable, Lattice net, fiber optics, etc.
Length of the segments of the cable, which can be up to
500 meters long (for thick coax cable). These can be
connected into larger lengths using repeaters.
Signal levels, within the cable.
The transceiver, which transmits and receives signals on the
coaxial cable. In addition it isolates the node from the
channel in case of a failure within the node and detects
collisions on the cable.
The transceiver drop cable. The transceiver is connected to
the coax using a simple tap and to the device by a transceiver
cable (drop cable), which may consist of four twisted pairs
and may be up to 50 meters in length.
A logical bus transmission medium. Although Ethernet is
most often associated with a physical bus cabling scheme,
portions of an Ethernet may be wired using a star cabling
scheme with a wiring concentrator as the hub. Even in this
case, the Ethernet logically acts as a bus, that is signals are
received by all nodes.
Nodes are connected to the LAN by an Ethernet controller
card, which contains the nodes unique address (Figure 9).
These addresses are assigned by a standards group to ensure
no two cards have the same physical address.
In addition to the original 802.3 specification, Ethernet cables
may also transmit 802.2 or Ethernet-II packet frames. The type
of packet frame must be identified to the network operating
system.

Figure 9. Ethernet header (layer 2 of OSI model)
4 Bytes (32 bits)
Destination Address (first 32 bits)
Destination (last 16 bits) Source (first 16 bits)

Header
Source Address (last 32 bits
Type Code
Data
Checksum
Header Data
Ethernet Packet
Now lets discuss how the data is manipulated so that it can be

recognized by an individual node on the network. The Ethernet
software adds a header to each packet to be sent. The header
contains source and destination addresses.
The CSMA/CD scheme allows each node access to the LAN.
The source node is able to detect that the LAN is idle before
sending a packet. However, if two nodes send a packet at the
same time, there will be a packet collision. Both nodes are able
to sense the collision and they will each retransmit after a wait
time. The wait times between transmission attempts are varied
with each node to avoid repeated collisions.

There are two Ethernet transmission types (Figure 10):

Baseband, where only one frequency is transmitted at a time.
Broadband, where many frequencies are transmitted at the
same time. (e.g., cable TV).
Figure 10. Ethernet transmission types
Baseband:
Broadband:
Now lets discuss the Ethernet topology types in detail (Figure

11). As previously stated, Ethernet configurations include:
10Base2 is thin coaxial cable in baseband mode. It designates a
10 Megabit per second signaling rate, and has a maximum cable
segment distance of 185 meters.
10BaseT is twisted pair cabling in baseband mode. It designates
a 10 megabit per second signaling rate.
10Base5 is thick coaxial cable in baseband mode. It designates
a 10 megabit per second signaling rate and has maximum cable
segment distance of 500 meters.
10BaseF is fiber optics cable in baseband mode at 10 megabits
per second.
The original Ethernet specifications are 802.3 running on coaxial
cable (10Base5) However, Ethernet specifications have
expanded to include 802.3 running across other media, such as
10Base2. This type of cable is less expensive and more flexible
than 10Base5.

Figure 11. Ethernet hardware implementations
Tape with 10 Base 5 T-connector 10 Base 2

Transceiver
Transceiver Cable
Ethernet
Card
with
15-pin Connector Transceiver
10 Base T
Ethernet Twisted Pair
Controller
Card Wiring
Concen- Ethernet
trator Card
Although standard 802.3 interface cards for PC, mini, and

microcomputers from various vendors (AT&T, 3Com, etc.) are
popular, these same vendors have developed standards for 10
megabit-per-second service on 10 BaseT twisted-pair wiring in a
physical star topology. The star topology requires a
concentrator into which each node is connected. The
concentrator is then connected to the backbone of the Ethernet
bus. This has become the most popular scheme for connecting
PCs.
10BaseT provides the option of using installed telephone wiring.
Although this theoretically should save installation problems and
costs, often the existing wiring cannot support a LAN, requiring
more wire to be pulled. However, maintenance is often cheaper,
since technicians typically are familiar with twisted-pair wiring.
This would decrease the need for additional training and/or staff.
Additional advantages to 10BaseT are:
Its commonality. 10BaseT adapter cards can be mixed with
various wiring hubs from many companies, placing them
together onto the same network.
Equal performance to those networks wired via Ethernet
coaxial cabling.
Use of the star wiring scheme. If one wire run is broken or
shorted, the network will remain operational, even when a
node is down. (In a thin Ethernet or Token-Ring wiring
scheme, one bad connection will bring down the entire
network.)

10Base5 is the medium described in the original Ethernet

specification. This is thick coaxial cable that transmits at a speed
of 10 Mbps in baseband mode. Because it is thick and inflexible,
it is not suitable for every installation. It is generally used as a
backbone for the Ethernet bus.
Token Ring
The Token-Ring specification has adopted the IEEE 802.5
standard. IEEE 802.5 defines a baseband implementation with
the following speeds:
4 Mbps on twisted pair
16 Mbps on shielded twisted pair
4 or 16 Mbps on fiber optics cable.
Token-Ring uses a logical ring cabling scheme which is
commonly wired in a star fashion.
802.5 uses a token passing methodology in which a special type
of message (token) is passed from node to node by active nodes
on the network. A token packet is generated by a node
designated to be the token monitor. Then, the token packet is
passed around the ring. Each node in turn has a chance to use
the token packet to receive or send data in the packet.
During transmission, the source node holds the token packet and
then releases it after transmission has been acknowledged. The
data packet is read and regenerated by each node until the
destination node is reached. Then the destination node changes
the acknowledgment bit in the Token-Ring header and sends it
back to the source node.
The source receives and stops data packet transmission and
then finally releases the token packet. Figure 12 illustrates the
Token-Ring header.

Figure 12. Token-Ring header (layer 2 of OSI model)
4 Bytes (32 bits)
ACC CTRL FRM CTRL DEST (first 16 bits)
Destination (last 32 bits)
Source Address (first 32 bits)
Source (last 16 bits) Misc

Header
RD1 RD2
RD3 DFAP FFAP
Control Protocol ID
Type Code
Data
Checksum
Header Data
Packet
A Multi Station Access Unit (MAU) is used as hub for the star
configuration. The MAU contains a bypass circuit which allows a
node to be passed if its defective. In addition, MAUs can be
interconnected to expand the ring. The Token Ring MAU should
not be confused with the Ethernet MAU (Medium Access Unit)
which is a type of transceiver tap for the Ethernet bus.

FDDI
The Fiber Distributed Data Interface (FDDI) defines a 100
Mbps baseband implementation of the Physical layer using a
double ring wiring scheme using fiber optics cable. FDDI allows
the longest LAN lengths between nodes (up to 2 kilometers) and
is often used as the backbone for other LANs. As an example,
an FDDI backbone might be used to connect several Ethernet
LANs in different buildings within a town. This would require a
FDDI/Ethernet bridge at each connection. Fiber Optics cable is
free of electrical interference and is thus well suited to otherwise
difficult installations. An FDDI controller is located at each node
connected by FDDI.
Linking devices
As previously stated, linking devices extend the capability,
functionality, and accessibility of our network. These devices fall
into the following general categories. Specific implementations
may combine functions from several categories.
Repeaters
Bridges
Routers and Brouters
Multiprotocol Router (MPR)
Gateways.
The media used to interconnect these devices include:
Fiber optics
Leased lines, Public Switched lines
Private telecommunication networks
Microwave
Satellite.
Some protocols that are used over interconnection media
include:
X.25
HDLC.
The following discusses the original intent of these devices;
however, as technology changes, the distinction among the
various devices becomes less apparent.

Repeaters
A repeater extends the range of network connections to a
workstation, server, or output device and transmits all data
between the nodes to which it is connected (Figure 13). This
data can be transmitted over multiple types of media, such as
fiber to thick coax cable.
Figure 13. Repeaters
Local Repeater
PC PC PC PC
Repeater
PC PC
Remote Repeater
PC PC
Repeater
PC PC
PC PC
Repeater
PC PC
Repeaters, which are inexpensive and provide fast transmission,

can be used to connect a workstation in a warehouse several
thousand feet from the server, limited only by the media access
protocol.
Repeaters deal with OSI layer 1, the physical layer; therefore,
the LANs being linked must have like topologies, for example
Ethernet to Ethernet. In addition, repeaters cannot:
Connect different transmission rates
Detect transmission errors or collisions
Filter traffic on the LAN
Connect different layer protocols.

Bridges
Bridges, in many ways, are intelligent repeaters (Figure 14).
They are associated with OSI layer 2, the data-link layer,
providing the added intelligence to know whether a data packet
needs to be transmitted or not. A bridge cannot link different
LANs (i.e., Ethernet to Token Ring).
Figure 14. Bridges
PC PC Bridge
PC
Bridge
PC PC
PC
PC PC Remote Bridge
Bridge
PC PC
PC PC
Bridge
PC PC
A bridge is used to reduce the overall traffic in a LAN by

limiting local traffic to its own segment. Access time to local
servers is reduced and fault isolation is easier because only the
segment with the fault will need to be shut down.
Bridges contain a table of node addresses identifying the devices
location on a LAN. They are then told whether or not to route
specific information to those devices by sending a broadcast
message. The bridge then listens for traffic on the cable
segments.
The bridge decides whether to filter or forward a packet by
reading its layer 2 header to determine the address of the
destination node.
With regard to node management, here are three types of
bridges:
Simple in which node addresses must be manually entered.
Learning in which node addresses are automatically recorded
by monitoring traffic through the bridge.

Multi-port in which multiple LAN segments can be connected.

If the destination of a packet is unknown, the device
broadcasts to all segments.
The LANs being linked must have like high level protocols, for
example, NetBIOS to NetBIOS.
Typically, bridges are a part of a dedicated PC which houses the
bridge and associated adapter card. Bridges, like repeaters, are
external devices.
When a LAN is configured in a cascading design (that is, the
source and destination are across several segments) problems
can occur. For example, a message traveling through several
LAN segments will use more time and network resources than the
same message traveling through a backbone to the destination
segment. A backbone configuration will reduce overall traffic
on the LAN and reduce access time to local servers. See Figure
15.
Figure 15. Bridge configurations
Source
Source BACKBONE
PC PC
PC PC
Bridge
PC
Bridge PC
PC
PC
Bridge
PC
Dest.
Bridge PC PC
CASCADE PC
Bridge
Dest. Bridge
PC
PC
Routers and brouters

Routers (Figure 16), using OSI layer 3, provide links between
LAN segments and are located at each end of the link. Routers
read level 3 headers to determine the address of the destination
node. Often, to provide alternate paths for data to reach a LAN
segment, redundant links are provided. In general, routers
bundle LAN data to send it across to another LAN segment.

Figure 16. Routers and brouters
Source
PC
1 Hop Router
Router
1 Hop
1 Hop
1 Hop
Router
PC PC
Dest.
PC
Brouter
PC PC
Routers maintain tables to provide the best path for network

traffic, and can reroute data through an alternate path if the
routers primary data path is non-functional. Although the method
differs with different software, routing tables are commonly
generated by the routing software. When a workstation is set up
with routing software, network nodes are polled and their
addresses are entered in the routing table. Routers periodically
update the routing table to learn of additions to the network or to
log a failed network portion so it can be avoided.
Routing protocols are used for router-to-router communication.
Examples of router protocols are: Router Information Protocol
(RIP), Open Shortest Path First (OSPF), and Exterior Gateway
Protocol (EGP).
OSPF primarily uses the hop count to determine the best routing
path. Other factors, such as band width and line cost can be
brought into the equation by manually increasing the hop count
for certain paths.
EGP allows external networks to be connected.
When a local router receives a packet, but does not know the
nodes local address, the Address Resolution Protocol (ARP) is
used to poll the nodes within the LAN to find which node matches
the destination address.
Routers can be used locally, within the same geographic area, or
used to provide transmission services across a variety of

different media including fiber optics, wire, microwave, and

satellite links.
As with a bridge, the LANs being linked with a router must have
like high level protocols, for example, NetBIOS-to-NetBIOS,
TCP/IP-to-TCP/IP, etc. However, routers can connect different
topologies, such as Token Ring-to-Ethernet.
As the name implies, a brouter (Figure 16) is a combination of a
bridge and a router. The services are the same, but they are
combined within a single physical unit.
Multiprotocol router (MPR)

A Multiprotocol Router (MPR) can route packets over different
networks as long as the source and destination nodes are in the
same type of network.
For instance, an MPR can route a TCP packet to another TCP
LAN or a DECnet packet to another DECnet LAN. However, an
MPR cannot translate between LAN protocols. Instead, MPRs
use a technique called encapsulation.
Figure 17 shows two Novell networks that are linked together
through a TCP/IP network using MPRs.
When the first MPR receives the source Novell packet, it reads
but does not strip off the Novell headers. Instead, it simply adds
the TCP/IP headers to the packet using the technique of
encapsulation. This allows the Novell packet to be transmitted
through the TCP/IP network. Then at the other end, the second
MPR strips off the TCP/IP headers. Thus, the original Novell
packet is preserved for transmission through to the Novell
destination network. Note again that this will only work if the
source and destination networks are the same type. To transmit
packets to a different type of network, a software gateway is
needed.
It is important to note that the four devices just mentioned
(repeater, bridge, router, and brouter), do not modify the
information or data being passed by them in any manner. They
might, as in the case of a router, modify the datas addressing
information. This indicates that all of these devices must function
between network segments utilizing identical communication
protocols. Next, we will look at how we can pass data between
networks or network segments using different communications
protocol.

Figure 17. Multiprotocol Routers (MPR)
Source Dest.
Multi-Protocol
Novell Routers (MPR) Novell
Network Network
MPR MPR
TCP/IP
Network
Gateways
Gateways (Figure 18) provide protocol conversion at all OSI
layers. A gateways main purpose is to exchange data between
dissimilar networks. This task is generally performed by
reformatting the data to the new communications protocol when
the data reaches the new network or network segment.

Figure 18. Gateway
TCP/IP Network SNA Network

Source
Gateway translates all protocol

PC
layers (OSI 1-7)
Router
Gateway
Server
PC
Destination
Router
Thus, with a gateway, you can exchange data between a TCP/IP

network and an ARCnet network. Gateways are usually
implemented as software running on a server. Furthermore,
several networks can be installed together on a common server.
For example: TCP/IP to SNA, SNA to DECnet, DECnet to
TCP/IP.
Gateways are used to transfer a variety of dissimilar information
in many types of applications including:
Terminal Emulation Gateway, which provides remote login
capabilities and processes information in real time (converts
data stream as it is received).
E-MAIL which provides mail services, translating packets for
each message after all are received.
Linking media
Networks can be linked several hundred feet between floors of a
building, across town, across the nation, or even between
continents. No matter how far a company needs to link, there are
several communication alternatives for each circumstance.
These include:
Fiber optics - This medium provides efficient links between
networks within several thousand feet of each other. It is easy to
connect and extremely reliable.
Leased lines - Leased, or direct connected lines, such as T1 and
T2 (these terms specify the transmission speed) are available
from the local telephone company. They are a suitable choice for
extending the network across town, across the state, or even

across the nation. They are reliable, yet tend to be expensive

since you pay for the line even when you are not sending network
traffic over it.
Private telecommunication networks - Private
telecommunication networks provide a transparent link between
two locations. You link the network to them through a router. The
telecommunications network provides the data routing to the
specified end point where another router receives the data and
places it on the distant network. Even though the link is always
attached, you are charged only for the amount of traffic sent
across the private network plus the base monthly fee.
Microwave - Microwaves provide the ability to broadcast a
network signal over radio waves. Microwave radio transmitters
require that the source and destination be within line of sight of
each other. An example of the average distance covered is 3 to
5 miles.
Satellite - For longer distance radio transmission, satellites are
used. Satellites provide a cost effective solution for
communication links over a distance of 500 miles or greater,
since satellite services are not billed by distance (as land based
lines are). Another advantage is that a small antenna and radio
system can be installed easily in multiple sites so that temporary
or even portable networks can communicate. The drawback is
that a slow throughput is associated with small antenna systems.
Large antenna systems are more expensive and difficult to install
and maintain. But, many cities have installations where several
companies can share a large antenna system.
Linking media protocols

Associated with linking media, are linking media protocols. Two
of the most common protocols are HDLC and X.25.
High Level Data Link Control (HDLC) is used to transmit data
across different types of WAN media. HDLC adds a header and
trailer to identify the start and end of the data packet (Figure 19).
Figure 19. HDLC packet
HEADER: DATA: TRAILER:
Flag Address Control Data FCS Flag

X Checksum (end)
.
25 is a packet management protocol for dividing messages into
packets at the sources and reassembling them at the destination.

Protocol suites
A set of layered protocols that work together is called a
protocol suite. We will discuss the following common suites:
TCP/IP
Novell
AppleTalk.
TCP/IP
TCP/IP is a layered set of protocols which allows computers to
share resources across a network (Figure 19). Its development
was centered around ARPAnet; however, a wide range of
vendors now have products which support TCP/IP and thousands
of various networks use it.
The most accurate name for the set of protocols being described
is Internet Protocol Suite. TCP and IP are two of the protocols
in this suite. Because TCP and IP are the best known of the
protocols, it has become common to use the term TCP/IP to refer
to the whole family. Other Internet protocols include UDP and
ICMP.
Figure 20. TCP/IP protocol suite
E-Mail Remote File

OSI 5, 6, 7 (SMTP) Logon Transfer
(TELNET)
Applications
(ftp)
OSI 4 TCP UDP
OSI 3 IP
OSI 2 DATA LINK Ethernet,

Token Ring,
OSI 1 PHYSICAL
FDDI
Transmission Control Protocol (TCP) is responsible for making

sure that the commands get through to the receiving device. It
keeps track of what is sent and retransmits anything that did not
get through.
You can think of TCP as forming a library of routines that
applications can use when they need reliable network

communication with another computer. Similarly, TCP calls on

the services of IP. As with TCP, you can think of IP as a library of
routines that TCP calls on, but which is also available to
applications that dont use TCP. This strategy of building several
levels of protocol is called layering.
Generally, TCP/IP applications use 4 layers:
An application protocol such as mail (corresponding to OSI
layers 5, 6, and 7)
A protocol such as TCP that provides services needed by
many applications (corresponding to OSI layer 4)
IP, which provides the basic service of getting datagrams to
their destination
The protocols needed to manage a specific physical medium,
such as Ethernet or a point-to-point line. (corresponding to
OSI layers 1 and 2).
TCP/IP is a family of protocols. A few provide low level
functions needed for many applications. Others are applications
for doing specific tasks such as:
ftp
File transfer, via the file transfer protocol (ftp) that allows a user
on any computer to get files from another computer or to send
files to another computer. Security is handled by requiring the
user to specify a user name and password for the other
computer.
Provisions are made for handling file transfer between machines
with different character sets, end of line conventions, etc. This is
not the same as the more recent Network File System (NFS) or
NETBIOS protocols. Rather, ftp is a utility that you run any time
you want to get a file from another system, or put a file to another
system.
telnet
Remote login via the network terminal protocol (telnet) that
allows a user to log in on any other networked computer. You
start a remote session by specifying a computer to connect to.
From that time until you finish the session, anything you type is
sent to the other computer.
SMTP
Simple Mail Transfer Protocol (SMTP) is used to transmit
messages between computers, such as electronic mail (e-mail)
These are the most common applications that use TCP/IP
services and should be present in any implementation of TCP/IP,

except that micro-oriented implementations might not support

computer mail.
Servers
As you know from the LAN overview, servers provide services for
the rest of the network. Within the framework of TCP/IP, the
following application protocol services are provided:
Network file systems that allow a system to access files on
another computer in a more closely integrated fashion than
ftp. A network file system provides the illusion that disks or
other devices from one system are directly connected to other
systems. There is no need to use a special network utility to
access a file on another system.
Remote printing that allows you to access printers on other
computers as if they were directly attached to your computer.
Remote execution that allows you to request that a particular
program be run on a different computer.
Name servers that provide a database of users and their
passwords, names and network addresses for computers,
and accounts.
Terminal servers which are small computers that only know
how to run telnet or some other protocol to do remote login.
Generally, it is possible to have active connections to more
than one computer at the same time. The terminal server will
have provisions to switch between connections rapidly and to
notify you when output is waiting for another connection.
Network oriented window systems that allow a program to
use a display on a different computer. A full scale network
window system provides an interface that lets you distribute
jobs to the systems that are best suited to handle them, but
still give you a single graphically based user interface. The
most widely implemented window system is X (sometimes
called X-windows), and is often found on UNIX workstations
such as Sun.
Some of the application protocols just described were designed
by various organizations and are not officially part of the Internet
Protocol suite. However, they are implemented using TCP/IP,
just like normal TCP/IP application protocols.
Since the protocol definitions are not considered proprietary, and
since commercially supported implementations are widely
available, it is reasonable to think of these protocols as being
effectively part of the Internet suite. Note that the application
protocols listed are a sample of the sort of services available
through TCP/IP. However, there are many more.

Datagrams
TCP/IP is not hardware oriented or dependent. Information is
transferred as a sequence of datagrams. A datagram is a
collection of data that is sent as a single message. Each of
these datagrams is sent through the network individually.
If a message is broken into datagrams, and those datagrams are
treated by the network as completely separate. Datagrams are
transmitted separately and later, combined at the destination.
For example, if you want to transfer a 15,000 octet (or 8 bit-byte)
file and the network could not handle a datagram that large, the
protocols break this up into a more manageable size such as
thirty 500 octet datagrams. Each of these datagrams will be sent
to the receiving device. At that point, they will be put back
together into the 15,000 octet file.
However, while the datagrams are in transit, the network
doesnt know that there is any connection between them. It
is possible that datagram 14 will arrive before datagram 17. Is
also possible that somewhere in the network an error will occur
and some datagrams will not arrive at the receiving device. If this
is the case, the datagram has to be sent again. TCP assembles
packets in a buffer to facilitate reconstructing packets into the
correct sequence.
Two separate protocols are involved in handling TCP/IP
datagrams. TCP is responsible for:
Dividing the message into datagrams based on the maximum
segment size
Reassembling them at the other end
Resending anything that gets lost
Putting things back in the right order.
TCP hands IP a datagram with a destination and IP routes it to
the specified device. IP doesnt know how this datagram relates
to any datagram before it or after it. TCP holds a copy of each
datagram until it is received properly in case retransmission is
required.
Demultiplexing
It isnt enough to get a datagram to the right destination. TCP
has to know which connection this datagram is part of. This task
is referred to as demultiplexing.
There are several levels of demultiplexing going on in TCP/IP.
The information needed to do this demultiplexing is contained in
a series of headers. A header consists of extra octets placed at
the beginning of a datagram by the source node, and read and
stripped off by the destination node.

TCP adds a layer four header (Figure 21). The header contains
at least 20 octets, but the most important ones are a source and
destination port number and sequence number.
Port numbers
Port numbers are used to track different conversations. For
example, if three different people are transferring files, your TCP
might allocate port numbers 1000, 1001, and 1002 to these
transfers. When the datagram is sent, these numbers become
the source port number.
Figure 21. TCP header (OSI layer 4)
Interface to Applications Layer
Source Port Destination Port

message
segmentation and
assembly Sequence Number
Acknowledgement Number
error detection and
retransmission flow
Offset Reserved Code Window control
Checksum Urgent Pointer
Options (plus padding)
At this stage the package looks like this:
TCP Header Data
The TCP at the other end has assigned a port number of its own
for the conversation. Your TCP has to know the port number
used by the other end as well. (This is identified when the
connection starts.) TCP puts this in the destination port field.
The source and destination port numbers reverse if the other end
sends a datagram back to you. Port Numbers are also
associated with particular applications, such as e-mail or telnet,
so the message is given to the application to process.
Sequence Number
Each datagram has a sequence number that tells the receiving
end the order in which the data is to be received. TCP doesnt
number the datagrams, but the octets. So, if there are 500 octets

of data in each datagram, the first datagram might be numbered

0, the second 500, the next 1000, and so on.
Flow Control
TCP also manages flow control. The window field of the header
is used by the destination to inform the source how much room is
left on the buffer. (This occurs during the acknowledge packet).
Checksum
The checksum is a number that is computed via an algorithm
using all the octets in the datagram. The result is put in the
header. TCP at the destination node computes the checksum
again. If they disagree, then an error has occurred while
transmitting the datagram.
Acknowledgment
To ensure the datagram has arrived at its destination, the
recipient has to send back an acknowledgment. This is a
datagram whose acknowledgment number field is filled in. For
example, sending a packet with an acknowledgment of 1500
indicates that you have received all the data up to octet number
1500.
If the sender doesnt get an acknowledgment within a reasonable
amount of time, it sends the data again. The window is used to
control how much data can be in transit at any one time. It is not
practical to wait for each datagram to be acknowledged before
sending the next one.
TCP to IP
In summary, TCP provides:
Reliable end-to-end transmission
A sequence field to provide message segmentation and
reassembly
A window field to manage flow control
A port field to interface to the applications
Error detection via acknowledgment and retransmission
An acknowledgment (ACK) field.
TCP sends each of these datagrams to the Internet Protocol (IP).
TCP has to tell IP the recipient computers Internet address
(Figure 22). This is all IP is concerned with. It doesnt care what
is in the datagram or even in the TCP header. The header
operates on OSI layer 7. IP's job is to find a route for the
datagram and to get it to the other end, using the most efficient
path.

IP header
To allow gateways or other intermediate systems to forward the
datagram, it adds its own header. The main items in the IP
header are the:
Source Internet address, which is the address of the
sending machine
Destination Internet address, which is the address of the
recipient machine
Protocol number, which tells IP at the recipient end to send
the datagram to TCP
Checksum, which allows IP at the recipient end to verify that
the header wasnt damaged in transit.
Figure 22.
Internet (IP)
3 2 b its to ta l address
8 b it s
4 b y te s (o r o c te ts )
N e tw o rk ID H o s t ID
/ 0 -2 5 5 / 0 -2 5 5 / 0 -2 5 5 / 0 -2 5 5
E a c h o c te t r e p r e s e n ts a d e c im a l n u m b e r
A t t h i s s t a g e t h e p a c k e t l o o k s l ik e t h i s :
IP H e a d e r TC P Header D a ta
The IP (or Internet) address is comprised of four 8 bit bytes,

each byte (or octet) is numbered from 0-255. Internet addresses
consist of two parts:
Network address
Host address (Figure 23).

Figure 23. IP addresses (Class A, Class B, Class C)
0-255 0-255 0-255 0-255
0-255 0-255 0-255 0-255
0-255 0-255 0-255 0-255
Network Address
The network address is assigned by a central authority (Stanford
Research Institutes Network Information Center or NIC). One of
3 different types of Internet addresses is assigned depending on
the size of the network.
Class A addresses are assigned to large organizations. The
network manager may assign up to 16,777,214 host addresses
within that network. Class A addresses all share the same first
byte.
Class B addresses are for medium size organizations with up to
65,543 hosts. Class B addresses all share the same first and
second bytes.
Class C addresses are for small organizations with up to 254
hosts. Since, at this time, Class A addresses have all been
assigned, and Class B addresses are difficult to obtain, a medium
to large organization can request a series of Class C addresses.
Class C addresses all share the same first, second, and third
bytes.
Xerox Corporation was assigned a Class A address of 13. A
particular node, such as 13.240.38.28, can be identified as part
of Xerox since all Xerox nodes begin with the same first byte (13).
With the IP header added, the message appears as shown in
Figure 24.

Figure 24. Message with IP header
Version IHL Type of Service Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
TCP header, then data
IP header
The flags and fragment offset are used to keep track of the
pieces when a datagram has to be split.
The Time to Live is a number that is decremented whenever the
datagram passes through a system. When it reaches zero, the
datagram is discarded. This is done in case a loop develops in
the system.
IP routing
The IP description states that IP implementation is responsible for
getting datagrams to the destination indicated by the destination
address, but little was said about how this would be
accomplished. The task of finding how to get a datagram to its
destination is referred to as routing.
To understand IP routing, it is necessary to understand the model
on which IP is based. IP assumes that a system is attached to a
local network. It is assumed that the system can send datagrams
to any other system on its own network. The problem arises
when a system is asked to send a datagram to a system on a
different network (e.g., SNA to TCP/IP). This problem is handled
by gateways.
Routing in IP is based entirely upon the network number of the
destination address. Each computer has a table of network
numbers. For each network number, a gateway is listed.
Routers use the Internet address to determine location or
destination and the best route or path.
When a computer wants to send a datagram, it first checks to see
if the destination address is on the systems own local network. If
so, the datagram can be sent directly. Otherwise, the system
expects to find an entry for the network that the destination

address is on. The datagram is sent to the gateway listed in that

entry.
Netmask
Routing of messages across the Internet can be facilitated
through the use of a netmask. This enables more efficient
routing within an organization, while maintaining a single interface
to the Internet. When a message arrives at the gateway to the
organization, the netmask is ORed with the messages Internet
address (leaving only the Net portion). If the Net portion of the
address matches the organizations Class B address, then the
message is accepted. Otherwise it is routed elsewhere. In this
way, the organizations gateway doesnt need to export its entire
local routing structure (the host portion) to the Internet at large.
As an example, to limit traffic to all nodes within Xerox (which has
a class A address of 13.x.x.x), you would use 255.0.0.0 as the
netmask. To limit traffic to all nodes within a department in which
all addresses begin with 13.240.x.x, use a netmask of
255.255.0.0 and so on.
00001101.10001000.11101110.11111111 Hosts IP
11111111.00000000.00000000.00000000 netmask (255.0.0.0)
00001101.01101001.01111100.01101101 message accepted
00011110.01101101.01101001.10010011 message rejected
UDP
An alternative to TCP is the User Datagram Protocol (UDP)
shown in Figure 25. UDP is less complex than TCP and is often
used instead of TCP. It does not use acknowledgment packets
or segmentation. UDP is used by SNMP to gather network
management information.
Figure 25. UDP header (OSI layer 4)
Source Port Destination Port
Message Length Checksum
ICMP
The Internet Control Message Protocol (ICMP) is part of layer
three of the OSI model (Figure 26). ICMP does not use a port
field. ICMP is sent by network devices, such as a router. Its
function is as an echo request and reply mechanism. This is
commonly referred to as pinging.

Figure 26. . ICMP header (OSI layer 3)
TYPE CODE Checksum
ID Sequence Header
(Data is optional)
TYPE=ECHO REQUEST
Used for Pinging
TYPE=ECHO REPLY
Ethernet address
The message with the Ethernet header added, is shown in Figure
27. Each Ethernet controller comes from the factory with an
address built into the interface board or stored in ROM on the
board. To ensure that an address would never be reused, the
Ethernet designers allocated 48 bits for the Ethernet address.
IEEEs Standards Board assigns the first 24 bits of that address
to a manufacturer, which then allocates the remaining 24 bits
sequentially.
Figure 27. Message with Ethernet address
Ethernet destination address (first 32 bits)
Ethernet destination (last 16 bits) Ethernet source (first 16 bits
Ethernet source address (last 32 bits)
Type code
IP header, then TCP header, then your data
end of data
Ethernet Checksum
At this stage the packet looks like this:
Ethernet Header IP Header TCP Header Data Checksum

Every Ethernet packet has a 14 octet header that includes the

source and destination Ethernet address and a type code
address in the destination field.
The type code allows several different protocol families to be
used on the same network. Therefore, you can use TCP/IP,
DECnet, XNS, etc. at the same time. Each high level protocol will
put a different value in the field.
The Ethernet controller computes a checksum of the entire
packet. When the recipient receives the packet, it recomputes
the checksum and throws the packet away if the answer
disagrees with the original. The checksum is put on the end of
the packet, not in the header.
The Ethernet interface removes the Ethernet header and the
checksum. The interface then checks the type code which
references IP.
The Ethernet device driver passes the datagram to IP which
removes the IP header.
Next, the IP protocol field is checked to identify the protocol type,
which is TCP.
IP passes the datagram to TCP, which checks the sequence
number to properly combine all the datagrams into the original
file.
Ethernet and IP addresses

Remember that a nodes Ethernet address and its Internet
address are two separate entities. To determine what Ethernet
address to use when you want to talk to a given Internet address,
the Address Resolution Protocol, known as ARP, is used. ARP is
not an IP protocol. That is, the ARP datagrams do not have IP
headers. If you are on a system and want to connect to a
different system, your system first must verify that the other
system is on the same network so it can talk directly via Ethernet.
The system checks the ARP table to see if it already knows the
Ethernet address. If so, it will add an Ethernet header and send
the packet. If the system is not listed in the ARP table, the ARP
protocol sends a request for an Ethernet address.
ARP requests must be sent as broadcasts. Broadcasts are
messages sent to every node. A special host address consisting
of all 1s (i.e., 255) is used to indicate a broadcast message. An
answer will be sent back from the appropriate node. There is no
way that an ARP request can be sent directly to the right system
without knowing the Ethernet address. Therefore, an Ethernet
address of all ones is used. By convention, every machine on
the Ethernet is required to pay attention to packets with this as an
address.
After the Ethernet address is identified, your system will save this
information in its ARP table so future packets will be sent directly.

Most systems treat the ARP table as a cache and clear entries in
it if they have not been used within a certain period of time.
/etc/ethers
On UNIX systems, the /etc/ethers file associates a systems IP
address and its Ethernet address.
Domain name
Additionally, each host may have a Domain Name that
corresponds to its Internet address. A Domain Name uses words
rather than numbers to make it easier for people to remember. In
E-Mail applications, for instance, Domain Names are used to
identify source and destination fields.
Domain Names have the following format:
node_name@A.B.C.D
Domain Names consist of:
A node name, followed by the symbol, @
Higher level domains (C and D) that are assigned by Network
Information Center (NIC); C usually being the name of the
organization and D being the type of organization (e.g.,
xerox.com, ge.com, mit.edu).
D =.edu (education)
.com (commercial)
.gov (government)
.mil (military)
.org (nonprofit organizations)
Optional lower level domains (A and B) that are assigned
locally, usually corresponding to host computers or subnets.
/etc/hosts
The simple way of creating a correspondence between a Domain
Name (or any name used for that node) and an Internet Address
is to use the /etc/hosts file (on UNIX systems). This file is a list of
Internet addresses followed by the name of the node. While this
is fine for small local networks, if the network is connected to the
global Internet, then a more comprehensive solution is needed.
In this case, a tool called a name server is used. On Berkeley
UNIX systems, the Berkeley Internet Name Domain (BIND) server
is used. The user interface to the name server is called the
resolver.

File transfer
So far we have described how a stream of data is divided into
datagrams, sent to another computer, and put back together.
However, there also must be a way for the user to:
Open a connection to a specified computer
Log into it
Tell it what file is wanted
Control the file transmission.
To send a file to a computer, the user must connect to the File
Transfer Protocol (ftp) server at the recipient end. Each server
has well known sockets (or dedicated applications port numbers)
which allow you to specify that you want to talk to the ftp server.
Specific port numbers are assigned to programs that wait for
requests.
There are two different programs involved. The sending side
runs ftp. File Transfer Protocol is designed to accept commands
from the terminal and pass them to the recipient. The program
that the user talks to on the other machine is the ftp server. It is
designed to accept commands from the network connection
rather than an interactive terminal.
Recall that a connection is actually described by a set of four
numbers: the Internet address at each end and the TCP port
number at each end. Every datagram has all four of these
numbers in it.
The file transfer protocol involves two different connections. The
users program sends commands to identify the user. After the
command to send data is sent, a second connection is opened
for the data itself.
File transfers often take a long time. The designers of the file
transfer protocol wanted to allow the user to continue issuing
commands while file transfer is taking place. Thus, the designers
felt it was best to use a separate connection for the data and
leave the original command connection for commands.
Remote Login
Remote terminal connections use another mechanism. For
remote logins there is just one connection. It normally sends
data. When it is necessary to send a command, a special
character is used to indicate that the next character is a
command.

Novell
Novell network architecture uses a 5 layer protocol stack
(Figure 28). As with TCP/IP, layers 5-7 of the OSI model are
combined. The Data Link and Physical layers (OSI 1 &2) are
open to different options, such as Ethernet or Token Ring
enabling the connection of Novell clients to heterogeneous
networks. A Novell gateway is provided to handle the higher
level protocols of the Novell suite.
Figure 28. Novell protocol suite
NCP
NPC
OSI 5, 6, 7
Applications
OSI 4 SPX
OSI 3 IPX
OSI 2 DATA LINK Ethernet,

for example
OSI 1 PHYSICAL
Novell networks require a dedicated server, running the NetWare

operating system, which handles communication between clients,
running a NetWare shell. All file transfers, print jobs and so forth,
are handled via the server. Clients can map directories on the
server to local drive letters, and use the server resources as if
they were local.

AppleTalk
AppleTalk network architecture specifies six protocol layers,
corresponding to OSI layers 1-6 (Figure 29). For the first two
layers (Data Link and Physical), AppleTalk offers three different
options, as follows.
LocalTalk - This is the standard AppleTalk low level protocol for
homogeneous Apple networks.
TokenTalk - This allows AppleTalk network members to
communicate over a Token Ring.
EtherTalk - This allows AppleTalk network members to
communicate over the Ethernet.
Figure 29. AppleTalk protocol suite
Layer 6 Presentation
Layer 5 Session
Layer 4 Transport
Layer 3 Network
Layer 2 Data Link

LocalTalk EtherTalk TokenTalk
option option option
Layer 1 Physical
Apple clients using the EtherTalk or TokenTalk options can be

easily connected to non-AppleTalk networks.

Network shells
This interpretation of network commands is the job of a special
piece of software that must be loaded onto every workstation that
is connected to a network. This piece of special software is often
referred to as a network shell.
To use the operating systems command interpreter on the client
workstation, the user simply types commands at the command
line. But, when the user types a command that is intended for
the network, a network shell is needed to intercept that command
and route it to the network. The same mechanism is still at work
in systems with a Graphical User Interface (GUI), such as
Windows.
Every workstation on a network must have the network shell
software loaded. The shell examines every input typed at the
workstation. If the command is a Network command then the
shell reroutes the command to the packet generation software
(e.g. Novells IPX.com) that will configure the packet and send it
out to the network cable through the Network Interface Card.
Figure 30 below shows a Novell NetWare shell (Netx) in
operation.
Figure 30. Novell NetWare shell
packets out to the net
1. The shell, netx, captures

all of the incoming commands N
E
T
PC
W
O
RAM
2. If the command is for DOS, R
then the shell lets the K
command pass through to the
I
DOS layer
N
T DOS Input
E from the
R netx keyboard
3. If the command is for F
Netware, then the shell A
or a
sends the command to IPX
C IPX program
to turn into packets for the
network. E
C
A
R
D
keyboard

Single protocol
A shell is said to be single protocol if the workstation only creates
packets through the use of one protocol suite (such as TCP/IP or
Novell). Single protocol shells are still commonly used in todays
networks.
Note that more than one single protocol shell may be used,
alternately or a particular client. For instance, it is possible to
configure a PC to send jobs to a printer via TCP/IP mapped to
one LPT port, then to another printer via Novell mapped to
another LPT port.
Multiprotocol
Multiprotocol shells utilize some of the latest advances in network
technology. Multiprotocol shells combine the ability to send and
receive packets, to and from, more than one network protocol
suite.
Clients which are configured with multiprotocol shells often act as
passive protocol bridges for other clients. In this scenario,
packets are sent to the multiprotocol client from one network, for
forwarding to another network.
The term passive bridge is used because the client will not
forward the packets without some user intervention. The
forwarding is not automatic.
NDIS
The Network Driver Interface Specification or NDIS, defines the
protocols that are to be used in the creation of client shells. The
NDIS specification was written primarily by Microsoft.
ODI
The Open Datalink Interface Specification or ODI, also defines
the protocols that are to be used in the creation of client shells.
The ODI specification was written by Novell for use primarily with
its NetWare products.
NDIS and ODI allow for the configuring of more than one protocol
to be used in the generation of network packets.

Troubleshooting tools
This section addresses the various types of tools used to
troubleshoot LAN problems. These include:
A topology cable tester (Reflectometer)
A protocol packet monitor
Network Management Software
Network components used as troubleshooting tools
ping, telnet and ftp commands.
Reflectometer
The reflectometer is used to detect physical connection problems.
It is often simply referred to as a cable tester or cable scanner.
A cable tester is usually implemented as a hand-held battery
operated box with a small LCD display and a simple keypad for
numeric and command input. Some models may include a
hardcopy report capability by attaching the unit to a serial printer.
Cable testers can be for a specific application (such as a fiber
optic cable tester to detect loss of signal), or they can be multi-
purpose testers for various cable types (e.g., twisted pair and
coax).
Some of the possible functions of a cable tester are to:
Detect and locate faults, shorts, breaks in cable
Detect and locate faulty connectors
Detect and locate faults in a hub
Detect signal loss
Certify cable compliance with specifications
Measure length of cable.
Packet monitor
The Protocol Packet Monitor is used to troubleshoot transmission
problems. It is usually implemented as software running on a PC
(or other workstation) node. It may be called other names such
as LAN Monitor, Ethernet Monitor, ARCnet Monitor or simply
Monitor. Separate software packages are written for each
specific type of network (e.g., Token Ring, Ethernet, etc.).
Some of the possible functions of a Packet Monitors are to:
Capture and display packets and packet headers
Analyze packet transmissions using charts and graphs
Monitor amount of traffic on LAN

Monitor data collisions

Monitor average packet transmission time
Test individual nodes for transmission errors
Isolate defective hardware
Provide functions of cable tester.
Network management software

Network management software is used to manage overall
network operation. There are a wide variety of types of software
available for network management. The software is designed for
a specific network and runs on a PC or workstation node.
Some of the possible functions of Network Management Software
are to:
Collect and display statistical node and LAN traffic information
Display a logical map of the network
Display charts and graphs of network and file server activity
Run connectivity tests and hardware diagnostics
Remote workstation assist via modem
Control print jobs and queues
Manage file server hard disks
Implement network security
Provide various terminal emulations
Detect software viruses
Monitor and limit use of shared software resources
Provide functions of packet monitor and cable tester.
Network components
Network components can also be used as troubleshooting tools
directly or functioning as agents that report to network
management software.
Concentrators, Transceivers - A example of a basic
troubleshooting tool would be the LED indicators on wiring
concentrators and transceivers. Since these LEDs are lit when a
node is connected, it is easy to determine specific node failures.
Dynamic routers - Some types of routers (referred to as dynamic
routers) can examine factors such as cost of sending traffic over
a specific line, amount of traffic on a specific line, and can
determine that a specific line is not functioning. In examining and
acting upon these factors, the router is effectively managing
network activities.

Bridges, Routers - Devices such as bridges and routers can

read protocol headers, maintain tables of nodes and
communicate with other devices. This information can be
collected into the form of a report that is passed to network
management software for processing. In this scenario, the
device is said to be an agent of the network management
software.
ping, telnet, and ftp utilities

In the TCP/IP environment, three applications utilities can be
utilized as troubleshooting tools.
ping
The ping utility sends a message to the specified node and
requests an acknowledgment. This provides a simple
connectivity test. If there is a suspected problem, this should be
the first step in troubleshooting. The syntax is as follows:
ping network_ID
The network_ID can be either the IP address or the node name
assigned in the etc/hosts file. The etc/hosts file contains a list of
nodes that may be directly accessed by names which are
equated to the IP addresses of each node.
The ping utility will display a message to notify the user whether
or not the specified node can be accessed. A broken network
connection or an inoperable node can be easily determined by
the ping utility.
telnet
The telnet utility provides a means of logging in to a remote node.
The syntax is as follows:
telnet network_ID
When the node responds, the user will be prompted for a login
account name and password. On entry to the system, the telnet
node functions as a dumb terminal providing input and receiving
output from the remote node. In this way the user can utilize
resources of a remote system, make changes to its configuration
or do anything that a local user could do.
ftp
The ftp utility provides a means to transfer files to and from a
remote node. The syntax is as follows:
ftp network_ID
When the node responds, the user will be prompted for a login
account name and password. On entry to the system, the
greater than sign (>) is used as a prompt. The UNIX change

directory (cd), print working directory (pwd), and list (ls)

commands may be used to find a particular file. The ftp utility
also has three important commands of its own, as follows:
> get filename
> put filename
> quit
The get command is used to transfer a file from the remote node
to the local node. The put command is used to transfer a file
from the local node to the remote node. The quit command is
used to terminate the ftp session.
Further information can be found about these utilities by using the
UNIX man command to access manual pages for these utilities.
Review
This reference discussed:
Network concepts
Network architecture
Topologies
Linking devices
Protocol suites
Network shells
Troubleshooting tools

Netwok Concept Refrence

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Netwok Concept Refrence

Transféré par

Droits d'auteur :

Formats disponibles

Network Concepts

2 DOCUPRINT IPS/NPS REFERENCE MANUAL

DOCUPRINT IPS/NPS REFERENCE MANUAL 3

CCITT (Consultative Committee of International Telegraphy

4 DOCUPRINT IPS/NPS REFERENCE MANUAL

addressed just a few to acquaint you with various standards

Figure 1. Multi-tasking Host Computers (circa mid 1970s)

Printer File Printer File

DOCUPRINT IPS/NPS REFERENCE MANUAL 5

Figure 2. Local Area Network (circa mid 1980s)

Next, LANs were connected together outside the geographical

Figure 3. Wide Area Network

Digital Telecommunications Line

6 DOCUPRINT IPS/NPS REFERENCE MANUAL

Server based LANs

DOCUPRINT IPS/NPS REFERENCE MANUAL 7

source node across a network and received and interpreted by

8 DOCUPRINT IPS/NPS REFERENCE MANUAL

DOCUPRINT IPS/NPS REFERENCE MANUAL 9

Figure 4. Cabling schemes

Bus in which each node of the network is connected in line with

Lower level protocols (OSI 2)

10 DOCUPRINT IPS/NPS REFERENCE MANUAL

DOCUPRINT IPS/NPS REFERENCE MANUAL 11

Higher level protocols (OSI 3 and above)

Network operating systems

Network linking devices

12 DOCUPRINT IPS/NPS REFERENCE MANUAL

Repeaters, Bridges, Routers, Brouters, Gateways, Multiprotocol

Network management tools

DOCUPRINT IPS/NPS REFERENCE MANUAL 13

design implies independence of the layers which aid in the

14 DOCUPRINT IPS/NPS REFERENCE MANUAL

Layer 6 - Presentation - Provides any necessary translation,

DOCUPRINT IPS/NPS REFERENCE MANUAL 15

Figure 6. OSI model - peer level communications

Source DATA Destination DATA

7 AH DATA Applications Header 7

5 SH PH AH DATA Session Header 5

4 TH SH PH AH DATA Transport Header 4

Transmission medium (Physical Layer)

Figure 7 shows the relationship between the XNS protocol layers

16 DOCUPRINT IPS/NPS REFERENCE MANUAL

Figure 7. OSI layers vs. XNS layers

OSI Layers XNS Layers

DOCUPRINT IPS/NPS REFERENCE MANUAL 17

Figure 8. Comparison of various layer protocol structures

DNA (DECNET) TCP/IP (Sun, PCs, Macs) SNA (IBM)

Network Mgmt. Transaction Srvc.

Session Control Data Flow Control

End Comm. TCP or UDP End Comm.

Data Link Data Link Data Link

Physical Physical Physical

NOVELL NETWARE APPLETALK

Data Link Link Access

Some of the protocol structures are unique to a particular

18 DOCUPRINT IPS/NPS REFERENCE MANUAL

differences in each architecture, each of these schemes can be

Lets look at each of these topologies in more detail.

DOCUPRINT IPS/NPS REFERENCE MANUAL 19

20 DOCUPRINT IPS/NPS REFERENCE MANUAL

Figure 9. Ethernet header (layer 2 of OSI model)

4 Bytes (32 bits)

Destination Address (first 32 bits)