457 110 19MB
English Pages 349 Year 2015
Computer Networking
Computer Networking
Shriram K. Vasudevan Subashri V. D. P. Kothari Palanisamy Thangaraj
a
Alpha Science International Ltd. Oxford, U.K.
Computer Networking 352 pgs. | 283 figs. | 43 tbls.
Shriram K. Vasudevan Assistant Professor Department of Computer Science and Engineering Amrita University, Coimbatore Subashri V. Programmer Analyst, Cognizant Technology Solutions, Chennai D. P. Kothari Director – Research, MVSR Engineering College, Hyderabad Palanisamy Thangaraj Senior Engineer – Testing, Aricent Technologies, Chennai Copyright © 2015 ALPHA SCIENCE INTERNATIONAL LTD. 7200 The Quorum, Oxford Business Park North Garsington Road, Oxford OX4 2JZ, U.K. www.alphasci.com ISBN 978-1-84265-919-9 E-ISBN 978-1-78332-099-8 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission of the publisher.
Dedication Sunandhini, Saihari and Smt. Jayalakshmi Shriram K. Vasudevan
Smt. Revathy and Sri. Vasudevan Subashri V.
Daughters and Son-in-laws D.P. Kothari
Mekala and Amirthavarshini Palanisamy Thangaraj
Preface
Without Computer Networks, nothing in this world could proceed. From Facebook to bank transactions everything is based on computers which are networked. This book will give the reader an idea on what is networking? How it is done? What are protocols supporting the networks? How is Layering followed? etc., most importantly this book talks everything practically, with relevant examples and results obtained through testing. Every chapter has Quiz which will help the students to get noticed in their interviews. All the most frequently used protocols are described with fullest attention. The book starts with basics of networking covered in Chapter 1 followed by detailed analysis on open system interconnection layers in Chapter 2. Chapter 3 has been framed with attention being paid for the physical media, switching, encoding, decoding etc. Chapter 4 covers complete data link layer concepts. Spanning tree protocols, VLAN concepts are covered with examples which would make readers cherish the learning. Chapter 5 has been focussed on network layer and the protocols that support the network layer. This chapter has been framed with a lot of examples and screenshots of commands which will make reader understand the concepts with ease. Transport layer and the application layer protocols are covered in the successive chapters. Network security has been thoroughly discussed in Chapter 8 followed by simulation of networking scenarios using NS2 in Chapter 9. Last but not the least; three case studies have been added which makes the book unique. Readers can get in touch with the authors with constructive criticism at [email protected] and [email protected]. Acknowledgement First of all we thank Narosa Publishing House for accepting the proposal and giving us an opportunity to write this book. We thank Ms. Sandhya Subramanian for her help in this attempt,
viii Preface
without which it would have been a daunting task for us to complete the book. We also thank Ms. Sunandhini, Mr. Sundar, Mr. Naveen, Mr. Srivathsan, Mr. Shivajegan, Ms. Chandni, Ms. Janani and Ms. Abarna for helping us review the contents. Shriram wishes to thank Prof. Prakash, Prof. Pradeep Kumar, Prof. Baskar and Prof. Gowtham for their constructive inputs and support at all times! Last but not the least; we thank our respective organizations for providing us motivation for writing the book. Shriram K. Vasudevan Subashri V. D. P. Kothari Palanisamy Thangaraj
Contents Preface 1. Introduction to Networking 1.1 Introduction 1.1.1 What is a Network and why is Networking Needed? 1.1.2 Topology – What is it? 1.1.3 Types of Topology 1.2 Components of a Typical Network (A Brief Introduction) 1.3 Types of Networks 1.3.1 Local Area Network 1.3.2 Wide Area Network (WAN) 1.3.3 Metropolitan Area Network (MAN) 1.3.4 Personal Area Network (PAN) 1.3.5 Wired Vs Wireless Networks 1.3.6 Intranet Vs Extranet 1.4 OSI Layering (Open System Interconnection) 1.4.1 Physical Layer 1.4.2 Data Link Layer 1.4.3 Network layer 1.4.4 Transport Layer 1.4.5 Session Layer 1.4.6 Presentation Layer 1.4.7 Application Layer
vii 1.1 1.1 1.1 1.2 1.2 1.5 1.9 1.10 1.10 1.10 1.11 1.11 1.12 1.12 1.13 1.14 1.14 1.14 1.16 1.16 1.16
x Contents
1.5
OSI Model Vs TCP-IP Model Points to Remember Quiz Answers
2. OSI Layer and Network Components 2.1 OSI Layering (Open System Interconnection) Introduction 2.2 Physical Layer and Physical Layer Components 2.2.1 Signals – Analog and Digital 2.2.2 Network Adapters 2.2.3 Repeaters 2.2.4 Hubs 2.2.5 RS-232 (Recommended Standard 232) 2.2.6 RS 232 Terminologies 2.2.7 EIA-449 2.2.8 Modems 2.2.9 X.25 2.3 Data Link Layer 2.3.1 Ethernet – An Analysis 2.3.2 Ethernet Frame 2.3.3 CSMA/CD 2.3.4 Bridges 2.3.5 Switches 2.4 Network Layer 2.4.1 Router 2.5 Transport Layer 2.5.1 TCP 2.5.2 UDP 2.6 Session Layer 2.7 Presentation Layer 2.8 Application Layer 2.8.1 FTP (File Transfer Protocol) 2.8.2 Telnet 2.8.3 DNS (Domain Naming Server) 2.8.4 SNMP (Simple Network Management Protocol) 2.8.5 SMTP (Simple Mail Transfer Protocol)
1.17 1.18 1.19 1.20 2.1 2.1 2.3 2.3 2.4 2.4 2.6 2.7 2.7 2.11 2.13 2.16 2.20 2.21 2.21 2.22 2.26 2.28 2.29 2.29 2.31 2.31 2.31 2.32 2.32 2.32 2.33 2.33 2.33 2.33 2.34
xi Contents
Points to Remember Quiz Answers
3.
Physical Layer 3.1 Introduction 3.1.1 Physical Layer Functions 3.2 Guided Media 3.2.1 Open Wire 3.2.2 Twisted-Pair (TP) Cable 3.2.3 Coaxial cable 3.2.4 Fiber-Optic Cable 3.3 Unguided Media 3.3.1 RF Propagation 3.3.2 Microwave 3.3.3 Satellite 3.3.4 Iridium Telecom System 3.4 Switching 3.4.1 Circuit Switching 3.4.2 Packet Switching 3.5 Datagram Networks Vs Virtual Circuit Networks 3.5.1 Datagram Approach 3.5.2 Virtual Circuit Approach 3.6 Modems 3.7 Encoding and Decoding Mechanisms 3.7.1 Digital to Digital Conversion 3.7.2 Digital to Analog Conversion Points to Remember Quiz Answers
4.
Data Link Layer 4.1 Introduction 4.2 LLC and MAC Sub Layers 4.2.1 Media Access Control Layer 4.2.2 Link Logic Control Layer 4.3 Detection and Correction 4.3.1 Error Detection Mechanisms
2.35 2.36 2.37 3.1 3.1 3.1 3.2 3.3 3.3 3.4 3.4 3.5 3.5 3.7 3.7 3.8 3.9 3.10 3.11 3.11 3.11 3.12 3.13 3.13 3.15 3.18 3.23 3.25 3.26 4.1 4.1 4.2 4.2 4.2 4.2 4.2
xii Contents
4.4
4.5
4.6
4.7 4.8 5.
4.3.2 Error Correction Methods Error Control 4.4.1 Flow Control Methods 4.4.2 Error Control Mechanisms Data Link Layer Services 4.5.1 VLAN Switching and VLAN Protocols 4.5.2 Spanning Tree Protocol (STP) – An In depth Analysis 4.5.3 High Level Data Link Control (HDLC) Protocol 4.5.4 Point-to-Point Protocol (PPP) 4.5.5 SONET – An Introduction 4.5.6 Asynchronous Transfer Mode (ATM) Switching 4.5.7 Frame Relay Introduction Bluetooth – An Introduction 4.6.1 What is Bluetooth? 4.6.2 How Bluetooth Operates? 4.6.3 Bluetooth Connection Establishment 4.6.4 Bluetooth – What are the Threats? WIFI Fiber Distributed Data Interface (FDDI) Point to Remember Quiz
Internet Protocol 5.1 IP Addressing (Internet Protocol) 5.1.1 IP Subnetting 5.1.2 IP Version 4 – Protocol Format 5.2 IP Version 6 5.3 Mobile IP 5.3.1 Brief Overview of Terminologies 5.3.2 Agent Discovery 5.3.3 Registration Request 5.3.4 Registration Reply 5.4 Routing Algorithms 5.4.1 Shortest Path Algorithms 5.4.2 Dijkstra’s Algorithm 5.4.3 Distance Vector (DV) Routing 5.4.4 Link State (LS) Algorithm
4.8 4.12 4.12 4.14 4.15 4.15 4.20 4.37 4.40 4.42 4.46 4.50 4.52 4.52 4.53 4.54 4.55 4.56 4.60 4.65 4.66 5.1 5.1 5.3 5.4 5.8 5.10 5.11 5.13 5.15 5.16 5.17 5.17 5.19 5.22 5.27
xiii Contents
5.4.5 Hierarchical Routing 5.5 Routing Protocols 5.5.1 OSPF (Open Shortest Path First) 5.5.2 BGP (Border Gateway Protocol) 5.5.3 Routing Information Protocol (RIP) 5.6 Important Layer 3 Protocols 5.6.1 ARP (Address Resolution Protocol) 5.6.2 RARP (Reverse Address Resolution Protocol) 5.6.3 Dynamic Host Configuration Protocol (DHCP) 5.6.4 Internet Control Protocols (ICMP) 5.6.5 IGMP (Internet Group Management Protocol) Points to Remember Quiz Answers 6.
Transport Layer 6.1 Introduction 6.2 Transmission Control Protocol (TCP) 6.2.1 TCP Frame Format 6.2.2 TCP Connection Establishment 6.2.3 TCP Connection Termination 6.3 User Datagram Protocol (UDP) 6.3.1 Frame Format 6.3.2 Programming Model 6.4 Quality of Service (QOS) 6.4.1 Over Provisioning 6.4.2 Buffering 6.4.3 Congestion Control Mechanisms Points to Remember Quiz Answers
7.
Application Layer: An In-depth Analysis 7.1 FTP (File Transfer Protocol) 7.1.1 FTP - Basic Client - Server Operation 7.1.2 FTP - Commonly used Commands 7.1.3 How FTP Works?
5.28 5.30 5.30 5.35 5.37 5.41 5.41 5.43 5.46 5.50 5.54 5.58 5.59 5.60 6.1 6.1 6.1 6.2 6.3 6.4 6.5 6.5 6.6 6.9 6.9 6.9 6.10 6.15 6.15 6.16 7.1 7.1 7.1 7.2 7.3
xiv Contents
7.2 Simple Mail Transfer Protocol (SMTP) 7.2.1 Simple Mail Transfer Protocol 7.2.2 How SMTP Works?? 7.2.3 What SMTP can do??? 7.3 MIME (Multipurpose Internet Mail Extensions) 7.4 POP3 (Post Office Protocol) 7.4.1 POP 7.4.2 How POP3 Works?? 7.4.3 Commands and Responses 7.4.4 When to use POP3? 7.5 World Wide Web (WWW) 7.6 Hyper Text Transfer Protocol (HTTP) 7.6.1 HTTP Request Message 7.6.2 HTTP Response Format 7.7 Domain Naming System (DNS) 7.7.1 Domain Naming Space 7.8 Simple Network Management Protocol (SNMP) 7.8.1 SNMP Components 7.8.2 Management Information Bases 7.8.3 SNMP Commands 7.8.4 SNMP Versions 7.9 TELNET 7.9.1 Network Virtual Terminal (NVT) 7.9.2 The Negotiations 7.9.3 How to Login to a Remote System with TELNET? Points to Remember Quiz 8.
Network Security 8.1 Threats to Data Communication 8.1.1 Active Attacks 8.1.2 Passive Attacks 8.2 Security Concepts 8.2.1 Encryption/Decryption 8.2.2 Authentication and Authorization 8.2.3 Authentication Techniques
7.4 7.5 7.5 7.7 7.8 7.10 7.10 7.11 7.11 7.13 7.13 7.16 7.17 7.18 7.21 7.21 7.22 7.23 7.23 7.24 7.25 7.25 7.26 7.27 7.29 7.29 7.30 8.1 8.1 8.2 8.4 8.4 8.4 8.11 8.12
xv Contents
8.3 Security Protocols 8.3.1 TLS/SSL 8.3.2 PGP (Pretty Good Privacy) 8.4 Ethical Hacking 8.5 Interesting Cyber Crimes 8.6 Firewalls 8.6.1 IP Packet Filtering Firewall 8.6.2 Circuit Level Gateway 8.6.3 Application Level Gateway (ALG) Points to Remember Quiz Answers 9.
Network Simulation 9.1 Introduction 9.1.1 Simulation Objects 9.1.2 Popular Network Simulators 9.2 NS2 Introduction 9.2.1 NS2 Characteristics 9.2.2 What can be done with NS2? 9.2.3 Elements and Notations 9.3 Languages used in Simulation 9.4 Installation of NS2 9.5 Programming Concepts 9.5.1 Simple Scripting Program 9.5.2 AWK Programming
Case Study Index
8.18 8.21 8.24 8.28 8.30 8.31 8.32 8.33 8.34 8.34 8.35 8.35 9.1 9.1 9.2 9.2 9.3 9.3 9.3 9.3 9.6 9.7 9.7 9.7 9.10 C.1 I.1
Chapter
1 Introduction to Networking Learning Objectives To get the basic understanding of what a network is all about. After reading, the reader will get a clear understanding on what topologies are all about and what are the different types of topologies available. Also coverage on types of networks are given. Finally, introduction in a brief on OSI (open system interconnection) is given and it will be the foundation for all the future chapters. Lastly, Quiz questions are given and reader can test their understanding by answering them.
1.1
INTRODUCTION
To put it in simple words, to start with, a group of people connected together can be a network. But the intention of the book is to deal with computer networks. So putting the definition with respect to computers as follows.
1.1.1 What is a Network and why is Networking Needed? A Network is a collection of hardware components and computers interconnected by communication channels that allow sharing of information and resources. A network can have any of the following components interconnected. Personal computer, Mobile phones, Personal digital assistant, Printers, Hubs, routers etc., a sample network is shown below in the Fig. 1.1.
1.2 Computer Networking
Fig. 1.1 A sample network
And why is networking needed or why is computer networking important? Simple, to communicate and to transfer information across two different destinations, to get a speedy data transfer and many more. Because of effective networking the globe has become smaller. From here on the reader would be taken through this network in a smooth way. It will be a good learning experience for the reader.
1.1.2 Topology – What is it? A topology is nothing but a network’s virtual shape or structure. In other words it is a schematic description of an arrangement of the network, including its nodes and connecting lines. The topology can be either physical or logical. Physical topology is the actual geometric representation of the nodes connected. First the reader will be taken through physical topology and then Logical topology will be discussed.
1.1.3 Types of Topology 1.1.3.1 Physical Topology Physically nodes can be connected in lot of ways, predominantly following are termed. a. Bus topology b. Ring topology c. Star topology d. Tree topology and e. Mesh topology. Readers will be given details about all of the above in the forth coming pages.
Introduction to Networking 1.3
a. Bus topology In this topology as shown in Fig. 1.2, every node (system) is connected to a common main cable called bus. In other words, as all the nodes are connected though a common cable, the bus forms the backbone of the network. The backbone here serves as the shared communication medium. If any node connected to the network desires to communicate with another node connected to the same network, it has to broadcast the message. The intended recipient will receive that message and process the same. The biggest advantage of this topology lies in its simplicity. That is, it is very easy to install and use. Also, the failure of any of the devices will not affect the functioning of others. Coming to the negative end of it couple of main problems can be cited. One, when the number of nodes connected to the bus is increased; say more than a dozen, the performance may go down. Two, if the bus fails, the entire network will be down and this is a real nightmare.
Fig. 1.2 Bus topology
Example: - Let us say that five nodes are connected to a network which follows the bus topology as shown in Fig. 1.2. The first two nodes are desktops, the third a laptop, the fourth a printer and the fifth an internet modem. The desktops can communicate with each other and the laptop. All the three computers can also access the printer and avail internet service using the modem. If the second desktop fails, the other desktop, laptop, printer and modem can function. But, failure of the bus will render the entire network useless. This setup can be seen in internet cafes. b. Ring topology The next one in queue to be discussed is Ring way of making the topology. Every device has two neighbours for communication. One important thing to remember is, messages can travel only in one direction. That is, either clockwise or anticlockwise. The same problem as with bus topology is faced here as well. If the loop gets cut, the entire network will get affected. The diagrammatic representation is shown in Fig. 1.3.
Fig. 1.3 Ring topology
1.4 Computer Networking
Example: Let us assume four devices connected in ring topology in Desktop – Desktop – Laptop – Printer sequence. The first desktop can communicate with the second desktop alone if the communication is in the clockwise direction. In the anti-clockwise direction, it can communicate only with the printer. If the printer or any other device malfunctions, then the entire network will get affected. c. Star topology This is the next simple topology to be discussed. There is a central server or a computer or a hub to which all the computers are directly connected in this topology. Every node is connected to other node through the central computer/server. Advantage when comparing with the bus topology is that, failure of one cable will not affect all the nodes in the network. Failure will affect only that node and will not disrupt other nodes connected. On the other side, looking at the negatives, this topology requires more cables, increasing the cost factor. Figure 1.3 shows this topology schematic.
Fig. 1.4 Star topology
Example: The example used for bus topology applies here too. However, the devices will be connected to a central computer instead of a common cable. If the laptop wants to access the printer, the communication will be via the main computer. Any device can be removed from the network upon failure and restored after repair. But, the central computer cannot fail as it is the gateway for communication between the devices. d. Tree topology It is a mixture or combination of two or three star networks. Central hub/servers of the star networks are connected to a main bus. So in short tree network is a bus network of star networks. The diagrammatic representation is shown in Fig. 1.5. Expansion is relatively easier in this topology. Multiple networks can be included in this topology. However, the installation is complex.
Fig. 1.5 Tree topology
Introduction to Networking 1.5
xample: Let us consider a case in which the network in the first two examples is placed in a E particular room in an administrative block and where similar networks are installed in other rooms. Communication can be realised between these rooms by connecting the various networks in bus topology. e. Mesh topology Two schemes are used for mesh topology: - full mesh and partial mesh. In the full mesh, each node is directly connected to the other node of the network. Refer Fig. 1.6 for schematic representation. In the partial mesh, a few nodes are connected to all the nodes and the rest are connected only to those nodes with which they desire to communicate. Coming to the advantage, if a link fails, it will affect only that connection and not the whole set. Disadvantage, to mention, it is a little complex to set up in case of full mesh.
Fig. 1.6 Mesh topology [full mesh]
1.1.3.2 Logical Topology A Logical topology refers to the nature of the paths the signal flow from node to node. It can be at times same as the physical topology. In short, it is the signal flow path.
1.2
COMPONENTS OF A TYPICAL NETWORK (A BRIEF INTRODUCTION)
There are numerous components used to form a network. Here the reader will be introduced to few of the most important and frequently used components of a network. The basics are listed below and discussed in order in brief. a. Network adapters b. Repeater c. Bridge d. Hub e. Switch f. Router and g. Gateway The reader will now be taken through a safari in all the above mentioned topics.
1.6 Computer Networking
a. Network adapters Whenever a machine needs to be connected to the network, there comes the necessity of network adapters. I.e. it acts as an interface between a computer or device and a network. There are many types of network adapters available in the market based on the network the node is connected to. A very simple adapter that someone easily recognizes is Ethernet or Wi-Fi. The adapter converts the signals from computer to electrical signal to transmit it and does vice versa. A network adapter is identified with its MAC (Media Access Control) address and it is unique. A sample network adapter is shown below in the Fig. 1.7.
Fig. 1.7 A network interface card
A MAC address is of 6 byte (48 bits) length and that is physically hard-coded to the network adapter by its manufacturer. It is always unique as mentioned already. If someone is using a windows PC, MAC address can be found by getting into command prompt and typing getmac command. It will fetch the MAC address of the Network card and it will be somewhat similar to 00-01-AB-01-D1-01. How this address is framed? This question can be answered by taking the following Fig. 1.8 as reference. In the six bytes, the first three bytes are representation of the vendor details. That is they are issued by manufacturer. These three bytes are called as OUI, Organizationally Unique Identifier. The next three bytes are called as UAA, Universally Administered Address. Since all cards from a given manufacturer have the same first 3 bytes, these three bytes are useful in making the MAC unique.
Fig. 1.8 MAC address
b. Repeaters Repeaters are like re-generators, means amplifiers. It receives a signal from a transmitter, amplifies it and then will re-transmit with better strength. When the signal has to be sent for a
Introduction to Networking 1.7
longer distance, the repeater will play a role there to send the data without distortion or loss. There can be more than one repeater between source and destination. But it cannot be unlimited, as additional repeaters may introduce noise. A simple diagrammatic representation is presented in Fig. 1.9. Here in the above figure it is clearly shown Fig. 1.9 Repeater’s work that, if the data has to be transmitted to a longer distance, data will be weakened due to distortion. So in this event, a repeater will be helpful. It will strengthen the signal and transmit it to its destination. c. Bridge A bridge is seen as a very vital component in the networking world. A bridge is used to connect two different networks. Also it is used to split a network into separate segments. Thus bridge can be used to filter traffic and create a better/efficient network. A simple schematic representation is shown below in Fig. 1.10 in which a bridge is used to connect two entirely different networks.
Fig. 1.10 A bridge-connects two networks
d. Hub Hub basically is deployed to make the sharing of data between computers easier within a network. Whenever star topology is used, hub becomes inevitable. A transmitter, i.e. the computer which sends the information, will send the signal to the hub and then hub retransmits the signal to the destination computer. A hub can remain active or passive. If a hub is passive it will just be relaying the signal. An active hub is repeater, which can regenerate the signal. A question may rise in the mind of the readers, how will the bandwidth be shared by all available computers connected to the hub? Simple, each computer will be given a portion of the bandwidth. If there are lot of computers connected to the hub, bandwidth available for every one of the machine will be lesser and would be problem with the performance. So hubs can be deployed in the place where number of computers connected to it are limited. Figure 1.11 stands a support for making the reader understand the concept.
1.8 Computer Networking
Fig. 1.11 How hub can be deployed?
e. Switch Switch is an improved hub; it can be seen as a better version of hub. It is again a central point of a network. It is an intelligent device. When switch receives a packet from the sender, it will examine the destination address (MAC address) from the packet header and will redirect the packet to the destination alone. This has become possible as switch will maintain a table which has details of all ports and corresponding device’s MAC addresses. Here when switch is used the bandwidth utilization becomes effective and will be more efficiently managed.
Fig. 1.12 Switch’s working
From the above Fig. 1.12 it is clear that when a packet has to be sent from A to C, the signal will be transmitted from A to C alone, it will not be shared with B, hence sharing the bandwidth is efficient. And hence switch is deployed in all the big networks. f. Routers A router is basically used to communicate between network to network in an efficient and intelligent way. Router will transfer the packet from source to destination in the best and short
Introduction to Networking 1.9
route. The routing table will have the IP addresses of other router in the network. Routing table is configured manually and also dynamically. When a data packet is received, router does the following, a. Will read the destination address (IP) of the received packet. b. Looks at the path to reach the destination address. c. Sends the packet to the destination through the shortest path.
Fig. 1.13 Router
A diagrammatic representation is presented above in Fig. 1.13 where a packet from network 1 is sent to network 2 via routers at both the networks. g. Gateway Gateway is used to connect two different networks. It is actually a converter. Here in this Fig. 1.14 a gateway is useful to communicate between VoIP and PSTN networks.
Fig. 1.14 Router
1.3
TYPES OF NETWORKS
There are categories of networks based on the geography the network can cover. They are broadly classified as follows: 1. Local Area Network (LAN) 2. Wide Area Network (WAN) 3. Metropolitan Area Network (MAN) 4. Personal Area Network (PAN) Each of the above networks is briefed here with diagrammatic representations.
1.10 Computer Networking
1.3.1 Local Area Network A LAN (Local Area Network) connects devices over a shorter proximity, i.e. a shorter span of distance. A building, a school, a college building, internet cafes, home comes in this category. Since the operational area is very short it can be maintained and controlled by single person. LAN can have group of LANs in it. For example, if a home is networked, every room can be a LAN and many such rooms will form a network of small LANs. Ethernet is the most commonly used technology for LANs and occasionally Token Rings are also used. The following Fig. 1.15 diagrammatically represents how a LAN can look like.
Fig. 1.15 LAN – Schematic Representation
1.3.2 Wide Area Network (WAN) Wide Area Network, as the name implies it can cover larger area. A WAN is formed by joining many LANs. A best and simple example for WAN would be the internet which covers the entire globe. When an organization has branches all over the world, the WAN will comes into play and LANs of the offices at different geographical region will be connected together to get the WAN formed. Since WAN has to cover a larger span of distance optical fibers, ATM, Frame relays are often used for establishing long distance connectivity. The following Fig. 1.16 is showing a WAN for reader’s understanding.
Fig. 1.16 WAN
1.3.3 Metropolitan Area Network (MAN) This kind of network is not mostly used but it has its own importance for some government bodies and organizations on larger scale. MAN, metropolitan area network falls in middle of LAN and WAN, It covers large span of physical area than LAN but smaller than WAN, such as a city. The following Fig. 1.17 stands as a support for the understanding MAN, where in three different buildings in Newyork city are connected with MAN.
Introduction to Networking 1.11
Fig. 1.17 Metropolitan Area Network
1.3.4 Personal Area Network (PAN) To get rid of the need of cables for all short range communications like computer to printer or computer to mobile phone Bluetooth can be used and it is named as Personal Area Network. It can cover only few meters and it is a short range network. Simple example for the PAN is transferring songs or data from one mobile phone to other through Bluetooth. It needs communication to be established between the two devices. It is called as Pairing. The following Fig. 1.18 represents a PAN.
Fig. 1.18 Personal Area Network
1.3.5 Wired Vs Wireless Networks Computer networks for the home and small business can be built using either wired or wireless technology. Wired Ethernet has been the traditional choice in homes, but Wi-Fi wireless technologies are gaining ground fast. Both wired and wireless can claim advantages over the other; both represent viable options for home and other local area networks (LANs). Computer Networks can be built with wired or wireless technology. Mostly and traditionally wired Ethernet has been preferred for many reasons.
1.12 Computer Networking
Although wireless technologies are growing very fast, wired networking still has a strong place in the field. Before jumping in depth to the analysis of pros and cons, one should understand what would be the basic difference between wired and wireless networks. In a wired network, an Ethernet cable will be used between the computer and router where in case of the wireless networks it would not be the case. The pros and cons are analysed for wired and wireless networks considering few aspects and are summarized below: 1. Ease of setup - Wired networks is very easier to set up. With the modern computers it is just pluged and get in to the net. Wireless configurations are little tougher in this aspect. One disadvantage associated with wired networks is wires may be running across the floors and can look clumsy when there are lot of wires being used, which is not in the case of wireless networks. 2. Reliability and Speed - Ethernet cables are extremely reliable as they are in the market for years and they are well improved. Loose cabling is the only major source of failure in the wired network. Wireless devices are still improving and they are not as reliable as wired networks. Coming to speed part of it, wired networks are always faster comparing wireless networks. 3. Convenience - Needless to say wireless networks once set up, are very convenient. Internet can be accessed from any computer which is networked to the computer easily with wireless networks. A clumsy look will be there if the network is too big, in case of a wired network. 4. Security - A wired network is highly contained. Wired network needs physical access to the router whereas in wireless networks it is not the case. Anybody can try to intrude and gain access.
1.3.6 Intranet Vs Extranet An intranet is a personalized version of internet. For an example every organization will have its own intranet. This intranet network is not available to the world outside of it. If intranet is connected to internet, then the intranet will reside behind the firewall and if access is permitted from the internet it is named as Extranet. The firewall helps to control access between the Intranet and Internet to permit access to the Intranet only to people who are members of the same company or organization. An Extranet is actually an Intranet that is partially accessible to authorized outsiders. The actual server (the computer that serves up the web pages) will reside behind a firewall. The firewall helps to control access between the Intranet and Internet permitting access to the Intranet only to people who have access permissions. The level of access can be set to different levels for individuals or groups of outside users. The access can be based on a username and password or an IP address.
1.4
OSI LAYERING (OPEN SYSTEM INTERCONNECTION)
When the computers were connected first in a networked way to transfer info between them, moving info was not in an ordered way and there were lot of confusions in the same. So International Standards Organization (ISO) recognized the need for a standard pattern of the networking. Thus OSI was created in early 1980s and it is being followed today. OSI layering basically uses
Introduction to Networking 1.13
divide and conquer approach wherein one big problem is spilt and seen as seven different layers. Dividing the problem to layers makes the task look simpler and in case of a problem with one of the layers, it can be easily isolated and identified which makes the fixing easier. Lower layers are generally combination of hardware and software and the upper layers are predominantly software. The seven layers are depicted in the following Fig. 1.19. Application
Data
Network Process to application
Presentation
Data
Data representation representation && Encryption Encryption Data
Data
Interhost communication
Segments
Interhost Communication and Reliability
Packets
Path Determination & Logical Addressing (IP)
Frames
Physical addressing (MAC & LLC)
Bits
Media, Signal and Binary Transmission
Session Transport Network Data link Physical
Fig. 1.19 OSI Layers
All these seven layers are in brief discussed in this chapter and the book will be fully meant for discussion of Layer-2 concepts in depth. There are lot of benefits in following layered approach. They are listed as follows: a. Reduced complexity – divided and conquered. b. Easy to learn with this standard approach and c. Very much modular The seven layers can be remembered with simple term “Please Do Not Touch Steve’s Pet Alligator”. The first and foremost layer is Physical layer.
1.4.1 Physical Layer The physical layer is actually talking about the hardware. In fact it defines the physical characteristics of the network. This physical layer defines the electrical, mechanical and functional specifications of the hardware. This layer basically puts the raw bit stream on the medium (0s and 1s on the cable) and also receives the bits from the medium. This layer will have no understanding of the bits received or transmitted. The devices repeater and hub will fall in this layer and they are Layer -1 devices.
1.14 Computer Networking
1.4.2
Data Link Layer
This layer is responsible for node to node validity and integrity of transmission. The bits received from physical layer which are raw, will be divided into frames here using the available protocols for this layer. This layer is basically concerned with physical addressing (Bridges and Switches), flow control, error notification and topology. It acts as a mediator between the network and physical layers. This layer is further broken into two sub layers. Media Access Control layer (MAC) and Link Logic Control layer (LLC).
1.4.1.1 Media Access Control Layer The MAC layer provides regulated access to the network medium. If there are lot of stations connected to a same medium (channel), identification of the stations are still done successfully. This identification goes easier due to the MAC address which the user had been given a description in the early pages of this chapter. Since the MAC address is burnt into the ROM of interface cards it is not changeable and it remains unique. In short this layer controls how a computer on the network gains access to the data and permission to transmit it.
1.4.1.2 Link Logic Control Layer LLC provides enormous support for the flow control and error checking. Also this sequences the control bits. LLC sits over the MAC layer. The devices that operate on layer -2 are very important for a network to be up and active. Bridges, Switches operate in this layer and they make sure that communication is uplifted. Reader will be fully introduced to the operations at Layer -2. All these will be covered in the fore coming chapters.
1.4.3 Network Layer Network layer is the third layer of OSI layers. This is used to send the packets from source to destination network. Routing and addressing are the most important functionalities of this layer. Finding the best possible and shortest path for reaching the destination and delivering the data to right destination are carried out here with high importance. Also this layer is responsible for managing network problems as congestion and packet switching. If the data received from the source is so large that it can’t be properly delivered. So this layer will breaks the data into smaller units called as packets. And at the receiving end it can be reassembled. Internet Protocol (IP) is the most obvious example for this layer. Router is the commonly referred layer -3 device. To be precise and short this layer is the god of addressing and routing the data to destination. The following Fig. 1.20 depicts which devices and its mapping with corresponding layers.
1.4.4 Transport Layer This layer provides transparent transfer of data between source and destination. I.e. it is responsible for end to end data transfer. The lower layers may drop packets, but transport layer will perform a
Introduction to Networking 1.15
sequence check on the data. If say, 10MB of data is transferred, it will make sure 10MB is received. Transport layer makes sure that it establishes, maintains and terminates the connections after transfer of data is complete. Two common protocols are deployed in this layer. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
Fig. 1.20 OSI Layers-Devices mapping
TCP TCP is the most commonly used protocol on the globe of internet. Excellent error correction is offered in TCP and “guaranteed delivery” is possible with TCP. Flow control is provided with TCP which ensures if the data is being sent correctly, if needs a retransfer or have to wait until the congestion gets cleared. Where ever quality/guaranteed delivery is needed, TCP is the choice. A diagrammatic representation is shown below in Fig. 1.21. TCP- Reliable data transfer
Getting all of this?
No, Slow down So I can save accurately!
Fig. 1.21 TCP works this way
UDP UDP is used for the speedy delivery. There is no guarantee that the data will be delivered in full to the destination. But it does it so fast. Where ever speed is the need, there UDP can get in. The reason for the speed is, there is no flow control or error correction. UDP is deployed widely in streaming applications. A dramatic picture (Fig. 1.22) is given below which make the reader understand the concept easily.
1.16 Computer Networking
1.4.5 Session Layer This layer establishes, manages and terminates connections between applications. Also at each end, session layer sets up and terminates conversations and exchanges between the applications. This layer provides coordination of the communication in a orderly way. It will make sure that new requests are not sent before previous one is answered. Remote procedure call is the widely used session layer protocol.
Fig. 1.22 UDP works this way
1.4.6 Presentation Layer It ensures that information sent by the application layer of one of the systems from other network is made readable by the application layer of the destination system. It makes sure that data is made understood regardless of the types of machines used in the network. All encrypting devices fall in the layer.
1.4.7 Application Layer This is the layer which is near to the end user. It will not let the user know on the complications of the below layers and it will just present the smooth applications to the user which would be very comfortable for the end user. Very common application layer applications that readers are familiar with are a. b. c. d. e.
Browsers FTP (File Transfer Protocol) SSH (Secure Shell) SFTP (Secure FTP) Telnet etc., Now to summarize all the seven layers, the (below) picture can help. (Fig. 1.23)
Introduction to Networking 1.17
1.5
OSI MODEL VS TCP-IP MODEL
The five layers of the TCP/IP architecture can be compared to certain levels of the Seven layer OSI model. It is important to know on the functionalities of each of the layer in TCP/IP architecture and how the layers can be mapped to the commonly used OSI model. As one can see from the diagram the top three layers from OSI model are clubbed as one single layer here in TCP/IP model as application layer. The Application Layer of the TCP/IP model performs much the same tasks as the Application, Presentation, and Session layers of the OSI model. The Transport layer in the TCP/IP architecture is similar to the Transport layer in the OSI model. This layer can use TCP or UDP as well. Network user
Application Layer Type of communication E-mail, le transfer, client/server
6
Presentation Layer Encryption data conversion: Ascft to EBCDIC. DCD to binary, eto.
5
Application Layer Type of communication E-mail, le transfer, client/ server
4
Transport Layer Ensures delivery of entire le or message.
3
Network Layer Routes data to different LANs and WANs based on network address.
2
Data Link (MAC) Layer Transmits packets from node to node based on stations address.
1
Physical Layer Electrical signals and cabling
Fig. 1.23 OSI Layers summary
Lower Layers
7
Upper Layers
OSI MODEL
1.18 Computer Networking
The network layer in the TCP/IP architecture uses IP addresses as in OSI layer to determine how packets should be routed. This layer is also referred to in the TCP/IP model as the Internet layer. Data link and Physical layers do similar sort of functionality as in OSI layers. There is no major difference in the functionalities of these two layers of the TCP/IP and OSI model. Fig. 1.24 represents the comparison.
Fig. 1.24 OSI Vs TCP/IP model
POINTS TO REMEMBER Group of computers/hardware components connected together to have an information sharing is called a network. Topology is the way computers are connected in a network. The available topologies are l Bus topology l Ring topology l Star topology l Tree topology and l Mesh topology. Network adapter acts as an interface for the machine to be connected to the network. The devices used in the networking are Repeaters, Bridges, Switches, Hubs etc., Repeater is a re-generator which amplifies the signal and enables the health transformation of data. A bridge is used to connect two different networks. OSI is open system interconnect which is a standard for networking by ISO.
Introduction to Networking 1.19
OSI has 7 layers starting with physical layer and ends up with application layer. TCP and UDP are the two common protocols followed at the transport layer and TCP is used for reliable and error free transfer, where UDP helps in faster transmission. It has no reliability. Application layer is one which interacts with the user and gives all comfort. It actually hides the internal complications and gives good feel for the user. Ethernet is a LAN protocol used for short range communication normally. Ethernet deploys CSMA/CD which is a collision detection protocol.
QUIZ 1. Which organization defined the OSI Model? a. IEEE b. ISO c. IEC d. ITU-T 2. List the OSI layers in order from Layer 1. 3. In the OSI Model, data is encapsulated with additional header when travelling from a lower layer to the next upper layer. a. True b. False. 4. Which layer in the OSI Model that interfaces a user with the network? 5. Hub is an intelligent device – True or False? 6. Which can someone map Hub to? 7. TCP or UDP, which one is reliable? 8. Is MAC address unique? How many bytes are available in MAC address? 9. FTP/SFTP, which layer of accommodates these services? 10. Expand OSI, ISO, TCP and UDP. 11. Encryption and decryption happens in 7th layer of OSI – True or False. 12. Which layer takes care of frames to packets conversion? 13. What is the basic and most commonly used element in Layer 3? 14. Which layer is responsible for linking the network support layers and user support layers? 15. What are the main responsibilities of Network Layer? 16. What are the functionalities of Session Layer? 17. Application Layer is vital, what does it do? 18. Ethernet belongs to layer -3. True or False? 19. What is a network? 20. Define topology and explain different types of topology 21. What is disadvantage in bus topology?
1.20 Computer Networking
22. 23. 24. 25. 26. 27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43.
Why star topology superior over bus topology? Why tree topology is suitable for multiple networks? Explain the types of mesh topology What is logical topology? What are the basic components of a typical network? What is simple network adapter? What are different types of network? List the differences between wired and wireless network What are the advantages of wireless network? What are the advantages of wired network? Why is the firewall needed? Mention the seven layers of OSI model Which layer talks about the hardware? What are the two sub layers of data link layer? Why is MAC address unique? What are the duties of link logic control layer? What are the most important functions of network layer? What are the two common protocols in transport layer? Why UDP is faster? What are the duties of session layer? Which layer deals with encryption? State some common application layer protocols used.
ANSWERS 1. 2. 3. 4. 5. 6. 7. 8. 9. 10.
ISO. Physical, Data link, Networking, Transport, Session, Presentation and application layer. True. Application layer. False. Physical layer. TCP. Yes, It is. 6 bytes. Application layer. Open System Interconnect, International Standard Organization, Transmission Control Protocol, User Datagram Protocol. 11. False.
Introduction to Networking 1.21
12. Network. 13. Router. 14. The Transport layer is responsible for linking the network support layers (lower layers 1-3) and user support layers. 15. The Network Layer is taking care of the source-to-destination delivery of packet possibly across multiple networks (links). a. Logical Addressing b. Routing. 16. Session layer basically establishes, maintains and synchronizes the interaction between the communicating systems. a. Dialog control b. Synchronization. 17. The Application Layer enables the user to freely access the network. It provides user interfaces and support for applications such as e-mail, shared database management and other types of distributed information services. 18. False. It is in Layer –1. 19. A Network is a collection of hardware components and computers interconnected by communication channels that allow sharing of information and resources 20. It is a schematic description of the arrangement of a network, including its nodes and connecting lines. 21. One, when the number of nodes connected the bus is increased; say more than a dozen, the performance may go down. Secondly, if the bus fails, total network will be down and this is a real panic. 22. Advantage when comparing with the bus topology is that, failure of one cable will not affect all the nodes in the network. 23. It is a mixture or combination of two or three start networks. Central hub/servers of the star networks are connected to a main bus. So in short tree network is a bus network of star networks. This is a better topology for having better expandability. 24. Full mesh and partial mesh. 25. A Logical topology refers to the nature of the paths the signal flow from node to node. 26. Network adapters, Repeater, Bridge, Hub, Switch, Router and Gateway. 27. Ethernet and Wi-Fi. 28. Local area network, wide area network, metropolitan area network, personal area network. 29. In a wired network, an Ethernet cable will be used between the computer and router where in case of the wireless networks it would not be the case. 30. Ease of setup, convenience. 31. Reliability and speed, security. 32. The firewall helps to control access between the Intranet and Internet permitting access to the Intranet only to people who are have access permissions.
1.22 Computer Networking
33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43.
Physical, data link, network, transport, session, presentation, application Physical layer. Media access control layer and link logic layer. Since the MAC address is burnt into the ROM of interface cards it is not changeable and it remains unique. Link Logic Control layer provides enormous support for the flow control and error checking. Routing and addressing. Transmission control protocol and user datagram protocol. The reason for the speed is, there is no flow control or error correction. Session layer establishes, manages and terminates connections between applications. Presentation layer. Browsers, FTP, SSH, SFTP, Telnet.
Chapter
2 OSI Layer and Network Components Learning Objectives Complete understanding on OSI layers can be obtained after reading through this chapter. All the physical layer components and the way they work are clearly presented in the chapter. A detailed discussion on what Ethernet is and how they work is discussed. Collision detection and CSMA/CD is discussed along with examples, in detail. Then attention is paid on Network layer, Transport layer, Session layer, presentation layer and ends up with application layer. Finally, Quiz questions are given and reader can test their understanding by answering them.
2.1
OSI LAYERING (OPEN SYSTEM INTERCONNECTION) INTRODUCTION
When the computers were connected first in a networked way to transfer info between them, moving info was not in an ordered way and there were lot of confusions in the same. So International Standards Organization (ISO) recognized the need for a standard pattern of networking. Thus OSI was created in early 1980s and it is being followed today. OSI layering basically uses divide and conquer approach wherein one big problem is spilt and seen as 7 different layers. Dividing the problem to layers makes the task look simpler and in case of a problem with one of the layers, it can be easily isolated and identified which makes the fixing easier. Lower layers are generally combination of hardware and software. The upper layers are predominantly software. The seven layers are depicted in the following Fig. 2.1. There are lot of benefits in following layered approach. They are listed as follows: a. Reduced complexity – divided and conquered.
2.2 Computer Networking
Application
Data
Network Process to application
Presentation
Data
Data representation representation && Encryption Encryption Data
Data
Interhost communication
Segments
Interhost Communication and Reliability
Packets
Path Determination & Logical Addressing (IP)
Frames
Physical addressing (MAC & LLC)
Bits
Media, Signal and Binary Transmission
Session Transport Network Data link Physical
Fig. 2.1 OSI Layers
b. Easy to learn with this standard approach and c. Very much modular The seven layers can be remembered with simple term “Please Do Not Touch Steve’s Pet Alligator”. The first and foremost layer is Physical layer. Every layer has got components working for it. Figure 2.2 is revealing the same and all the components are touched in the subsequent topics. 7 - application 6 - presentation 5 - session 4 - transport
gateway
3 - network Switch
2 - data link 1 - physical
bridge
router
repeater
Fig. 2.2 OSI Layer and components
OSI Layer and Network Components 2.3
2.2
PHYSICAL LAYER AND PHYSICAL L AYER COMPONENTS
The physical layer is actually talking about the hardware. In fact it defines the physical characteristics of the network. This physical layer defines the electrical, mechanical and functional specifications of the hardware. This layer basically puts the raw bit stream on the medium (0s and 1s on the cable) and also receives the bits from the medium. This layer will have no understanding of the bits received or transmitted. The devices repeater and hub will fall in this layer and they are labelled layer1 devices. Reader would now be introduced with the network components that are working for/from physical layer of OSI model. Before jumping to the components of physical layer, it will be better if there is an introduction to signals.
2.2.1 Signals – Analog and Digital A Signal is anything that conveys information. Human speech is certainly a signal which conveys the thoughts of one person to another. Gestures made by hand are signals as well. But for the purpose of understanding and relevance, signal is referred with respect to electrical quantity. Next, what are Analog and Digital signals?
30
20
20.0°C
10
Before moving further, Fig. 2.3 will help the Fig. 2.3 Analog and Digital thermometer reader to relate the analog and digital signals that are dealt in day to day life. Analog phone lines, digital security, Analog to digital Converter, Digital to analog, etc. What are these terms? First, analog is discussed in brief. It is a process where the audio/video signals are converted to electronic pulses and represented as sine waves (which are continuously varying signals). A digital signal is a discrete signal. Here, the audio or video is broken into the binary form – where it is represented as a series of 0’s and 1’s – and transmitted to the other end where another device – possibly a modem – can reassemble the bit streams to the original signal. The beauty of a digital signal lies in the fact that it knows what it should be when it reaches the end of the transmission. That way, it can correct any errors that might have crept in during the data transfer. So the end user will get a better clarity and better quality of service. Both analog and digital signals are represented Fig. 2.4 Analog and digital signals in Fig. 2.4.
2.4 Computer Networking
In a nutshell, the digital domain is preferred over analog in many systems and is more popular. The simple reason being digital signals can be more reliably transmitted over long distances because of their inherent immunity to noise. Also digital equipment used for processing and storage of these signals are much cheaper, powerful and effective than their analog counterparts.
2.2.2 Network Adapters Whenever a machine needs to be connected to the network, there comes the necessity of network adapters. I.e. it acts as an interface between a computer or device and a network. There are so many types of network adapters available in the market based on the network the node is being in. A very simple adapter that someone easily recognizes is Ethernet or Wi-Fi. The adapter converts the signals from computer to electrical signal to transmit it and does vice versa. A Fig. 2.5 A network interface card network adapter is identified with its MAC (Media Access Control) address and it is unique. A sample network adapter is shown below in the Fig. 2.5. A MAC address is of 6 byte (48 bits) length and that is physically hard-coded to the network adapter by its manufacturer. It is always unique as mentioned already. If someone is using a windows PC, MAC address can be found by getting into command prompt and typing getmac command. It will fetch the MAC MAC ADDRESS address of Network card and it will be somewhat similar to 00-01-AB00 23 A0 CC AF A4 01-D1-01. How this address is framed? This question can be Vendor Area answered by taking the following Fig. 2.6 as reference. OUI UAA In the six bytes, the first Organizationally unique identier Universally Administered Address three bytes are representation of Fig. 2.6 MAC address the vendor details. That is they are issued by manufacturer. These three bytes are called as OUI, Organizationally Unique Identifier. The next three bytes are called as UAA, Universally Administered Address. Since all cards from a given manufacturer have the same first 3 bytes, these three bytes are useful in making the MAC unique.
2.2.3 Repeaters Repeaters are re-generators. They receive a signal from a transmitter, amplify it and then re-transmit with better strength. When the signal has to be sent for a longer distance, the repeater will plays a role in sending the data without distortion or loss. There can be more than one repeater between source and destination. A single Ethernet segment can have a maximum length of 500 meters
OSI Layer and Network Components 2.5
with a maximum of 100 stations (in a cheapernet segment it is 185m). To extend the length of the network, a repeater may be used as shown in Fig. 2.7. Functionally, a repeater can be considered as two transceivers joined together and connected to two different segments of a coaxial cable. The repeater passes the digital signal bit-by-bit in both directions between the two segments. As the signal passes through a repeater, it is regenerated at the other end. The repeater does not isolate one segment from the other. If there is a collision on one segment, it is regenerated on the other segment. Therefore, the two segments form a single LAN and are transparent to the rest of the system. A repeater simply repeats, retransmits and amplifies the bits it receives. The repeater is merely used to extend the span of a single LAN. Important features of a repeater are as follows: • A repeater connects different segments of a LAN • A repeater forwards every frame it receives • A repeater is a regenerator, not an amplifier (Why?) • It can be used to create a single extended LAN
Repeater
Fig. 2.7 A repeater’s deployment
The important point to note here is that a repeater is only a regenerator, not an amplifier. The reason lies within, because an amplifier cannot discriminate between the desired signal and noise; it amplifies everything equally fed into it. A repeater does not amplify the signal as it is, rather it regenerates it. When it receives a weakened or corrupted signal, it creates a copy bit for it, at the original strength. Clean Signal
Distorted Signal
Lengthy Ethernet Cable Clean Signal
Clean Signal
Repeater
Fig. 2.8 Repeater’s work
2.6 Computer Networking
Here the above Fig. 2.8 clearly explains the work of a repeater in a nutshell, if the data has to be transmitted to a longer distance, data will be weakened due to distortion. So in this event, a repeater will be helpful. It will get the signal strengthened in order to reach the destination.
2.2.4 Hubs Hub basically is deployed to make the sharing of data between computers easier within a network. Whenever star topology is used, the presence of hub becomes inevitable. A transmitter, i.e. the computer which sends the information, will send a signal to the hub. The hub then retransmits the signal to the destination computer. Hubs do not read any of the data passing through them and are not aware of their source or destination. Essentially, a hub simply receives incoming packets, possibly amplifies the electrical signal, and broadcasts these packets out to all ports or devices on the network -including the one that originally sent the packet A hub can remain active or passive. If a hub is passive it will just be relaying the signal, meaning it will just pass on the incoming signal as it is and does not care if it is distorted by any means. But an active hub is nothing but a repeater (not exactly a repeater, the reader will be given an insight on it in further sections) which can regenerate the signal. That is, it improves the signal quality and then passes it to the respective devices. A question may rise in the mind of the readers – how will the bandwidth be shared by all available computers connected to the hub? The answer is pretty simple. Each computer will be given a portion of the bandwidth. If there are lot of computers connected to the hub, lesser bandwidth will be available per computer thereby slowing down the performance. So hubs can be deployed in the place where limited numbers of computers are connected. Figure 2.9 stands a support for making the reader understand the concept. Client/ Image Server
Scanner
File Server Client/Gateway
Tape Backup
Modem Hub Network cable Ink Jet Printer
Client Client/ Print Server Laser Printer
Fig. 2.9 How hub can be deployed?
OSI Layer and Network Components 2.7
2.2.5 RS-232 (Recommended Standard 232) RS-232C, EIA RS-232, or simply RS-232, refers to the same standard defined by the Electronic Industries Association in 1969 for serial communication. The RS-232 serial interface was developed for connecting a computer to common peripherals such as modems, overhead projectors, and the sensors and actuators used for industrial automation applications. Despites its limited 15 m transmission distance, RS-232 is low cost and easy-to-wire, making it the first choice for many applications. RS-232 C is a serial interface standard defined by Electronic Industries Association in 1969. RS stands for recommended standard, C stands for version. To project in simple terms, RS232 is used to connect a computer to peripheral devices as Mice, Projectors, actuators and sensors. Most important benefit is, it is a low cost, easy to wire interface. So it is being selected as the first choice amongst other interfaces. Only thing that can pull RS-232’s image down is, it can support only 15 meters. Other than this, there is no big flaw with it.
2.2.6 RS 232 Terminologies To get a better understanding of RS-232, one should first know on few terminologies. They are 1. DTE (Data Terminal Equipment) and 2. DCE (Data Communication Equipment) So what is what is the next question. Assume a computer connected to a Modem. There Computer is referred as DTE which transmits and receives the data. Modem is the DCE, which facilitates the data transfer. A simple diagrammatic representation is shown in Fig. 2.10 which depicts how DTE and DCE are connected. As shown in Fig. 2.10 DTE will have male connector and DCE will have female connector (True for most of the cases). Computer Male DB25
Female DB25 Interface Cable
DTE
Telephone Line
Modem
DCE
Fig. 2.10 DTE and DCE
RS-232 Signalling Originally or traditionally there were 25 Pins in the RS 232 and currently only 9 pins are used. Former is named as DB-25 connector and the latter is called as DB-9 connector. Since DB-25 is almost obsolete, DB 9 signalling is explained in detail. But for an understanding both DB 25 and DB-9 connectors are represented in the following Figs. 2.11 and 2.12.
2.8 Computer Networking
1 2 3 4 5 6 7 8 9 10 11 12 13
141516 171819 20212223 2425
Pin Description 1 Frame Ground 2 Transmitted Data 3 Received Data 4 Request to Send 5 Clear to Send 6 Data Set Ready 7 Signal Gad/common Return 8 Rcvd. Line Signal Detector 11 Undefined 12 Secondary Rcvd. Line Sig. Detector 13 Secondary clear to send
14 Secondary Transmitted Data 15 Transmitter Sig. Element Timing 16 Secondary Received Data 17 Receiver Sig. Element Timing 18 Undefined 19 Secondary Request to Send 20 Data Terminal Ready 21 Sig. Quality Detector 22 Ring Indicator 23 Data Sig. Rate Selector (DCE) 24 Data Sig. Rate Selector (DCE) 25 Undefined
Fig. 2.11 DB-25 Pin layout and signal details
DB-9 connector is the most commonly used and it has only 9 pins out of 25 pins from DB-25 connector. In short it can be called as simplified version of DB-25 connector. The pin out and signal details are presented in Fig. 2.12.
Fig. 2.12 DB-9 Pin layout and signal details
And to get a better understanding, the representation of which pins from DB-25 are used for DB-9 is represented in Fig. 2.13.
OSI Layer and Network Components 2.9 DB-9 1 2 3 4 5 6 7 8 9
DB-25 8 3 2 20 7 6 4 5 22
Fig. 2.13 DB 25 – DB 9 conversion
And coming to the DTE and DCE pin details, it is mandatory for someone to select the pin details for DTE side RS-232 and DCE side RS-232 interface. The same is shown in Fig. 2.14. DTE Pin Assigment (DB-9)
DCE Pin Assigment (DB-9)
1
DCD
Data Carrier Detect
1
DCD
Data Carrier Detect
2
RXD
Receive Data
2
TXD
Data Transmit
3
TXD
Transmit Data
3
RXD
Receive Data
4
DTR
Data Terminal Ready
4
DST
Data Set Ready
5
GND
Ground (Signal)
5
GND
Ground (Signal)
6
DSR
Data set Ready
6
DTR
Data Terminal Ready
7
RTS
Request to send
7
CTS
Clear to Send
8
CTS
Clear to Send
8
RTS
Request to Send
9
RI
Ring Indicator
9
IR
Ring Indicator
Fig. 2.14 DTE and DCE comparison
Signal details Signals for DB9 have to be learnt in clear in order to understand the interface. 1. DCD – Data Carrier Detect – It is a signal triggered by Modem (DCE) to PC (DTE), stating that the connection has been established between the DCE and DTE. 2. R×D – Receive Data – Transmission of data will happen with this signal. 3. T×D – Transmit Data – As name indicated, receive action will happen with this signal. 4. DTR – Data Terminal Ready – When the DTE is turned on, it has to indicate that it is ready for the communication. DTR is the signal to indicate that the DTE is on and it is ready of the communication. This will be acting as intimation for the DCE. And in case of a problem with the DTE this signal would not be triggered and it can act as an alarm and the problem can be found out. 5. Ground – The common ground for establishing proper grounding.
2.10 Computer Networking
6. DSR – Data Set Ready – And it is just like DTR. But this signal is triggered from DCE. As mentioned already it is nothing other than modem. It is fed to DTE and it will inform DTE that DCE is ready for communication. 7. RTS – Request to Send – When some data has to be sent from DTE to DCE, RTS will be sent and it will inform DCE that some data is about to be sent and it has to be ready to receive the same. DTE here raises a request to the DCE to be prepared to receive the data. 8. CTS – Clear to Send – When the RTS is received, if the DCE has got enough space to have the data received from DTE and to store it. it will send CTS (Clear to send) to make DTE understand that, data transmission can be started. It will serve as an input to DTE from DCE. It says that it is ready to accept the data. 9. RI – Ring Indicator – It is an output from modem and it serves as an input to the PC which serves as an indication for telephone ring. It will go on and off with ringing sound accordingly. A simple diagrammatic representation is presented in Fig. 2.15 to get a clear understanding of the flow. DTE
DCE CD (I am here!) DTR (I am ready to start operations) DTR (I am ready as well) RTS (I am ready to send Data) CTS (I am ready to receive) TxD (Data)
Fig. 2.15 RS-232 Signals
RS-232 Flow control (Handshaking) When some data is being sent it should be made sure that the receiver is ready to receive the same and receiver has got a room to store the data which is being received as well. This is referred to be as flow control and if the receiver is not ready, then it may ask the sender to stop the flow. It is a kind of intimation for the sender to take a break in sending process. The signals as discussed already will help in this flow control. RTS and CTS are the signals that will indicate when to pause the data transfer or to re-start.
Voltage Levels RS-232 RS 232 was invented well before TTL (Transistor to Transistor Logic). So it is not compatible with TTL. It supports a voltage level of –3V to –25V for logic one and +3V to +25V for logic zero. Since this is not in sync with the TTL logic. So for making RS232 compatible with TTL devices a converter is needed and MAX-232 is a common converter that supports the purpose.
OSI Layer and Network Components 2.11
Null Modem Configuration The purpose of a null-modem cable is to permit two RS-232 “DTE” devices to communicate with each other without modems or other communication devices (i.e., “DCE”s) between them. To achieve this, the most obvious connection is that the TD signal of one device must be connected to the RD input of the other device (and vice versa). The following Fig. 2.16 is representing how to configure a Null Modem with two DTEs.
Fig. 2.16 Null Modem
As shown above, Receiver of DTE1 is connected to Transmitter of DTE2 and vice versa. Ground of DTE1 is connected to DTE2’s ground. This now accomplishes the task. Null modem set up is ready with just two DTEs connecting this way.
2.2.7 EIA-449 RS-449 or EIA-449 is an enhancement of RS-232 that has been dealt earlier. Speed of up to 2 Mbps can be achieved with RS-449 interface. RS-449 is still maintaining some touch of RS-232 with some additions. RS-449 has been withdrawn and it is superseded by the next better versions. Better speeds have been achieved without noise with usage of differential form of signaling. RS232 used signaling that was referenced to Earth. It was much comfortable and easier with low cost factors, but it again introduces limitations. Since the twisted wire pairs are used in RS-232 for the data lines, even noise will be picked up by both the wires all together. But here in RS-449 it is not so. Differential input is being used and they are not referenced to earth, so noise picked up would not affect the input. So this tolerates even higher levels of noise without any degradation to the performance to the data communications system. RS-449 has 37 pins and the pin out has been diagrammatically referred in Fig. 2.17. The reader can see a label as A or B in the pin out diagram. When setting up a connection it is most important to use correct polarities, there should not be any mix up in this and if it happens there can be erroneous behaviour. A table with Pin details and signal names are presented as follows; Reader can use it for reference. Also this table 2.1 has details on if it is DTE signal or DCE signal.
2.12 Computer Networking
Receive Common
20 21
Send Data (B) Send Timing (B)
22
Receive Data (B)
24
Request to Send (B) 25 26
Terminal in Service
28
Data Mode (B)
29
Terminal Ready (B)
30
Receiver Ready (B)
31
Select Standby
32
Signal Quality
33
New Signal
34
Terminal Timing (B) Standby/indicator
35
Send Common
37
Sheild
2
Signalling Rate Indicator
3
23
Receive Timing (B) Clear to Send (B)
1
27
4
Send Data (A)
5
Send Timing (A)
6
Receive Data (A)
7
Request To Send (A)
8
Recieve Timing (A)
9
Clear To Send (A)
10 Local Loopback 11 Data Mode (A) 12 Terminal Ready (A) 13 Receiver Ready (A) 14 Remote Loopback 15 Incoming Call 16 Select Frequency 17 Terminal Timing (A)
36
18 Test Mode 19 Signal Ground
Fig. 2.17 Interface connection details Table 2.1 DTE signal details Pin Number
DTE/DCE
1
Shield
2
Signal rate indicator
DTE
3
Unassigned
Unassigned
4
Send data
DTE
5
Send timing
DCE
6
Received data
DCE
7
Request to send
DTE
8
Receive timing
DCE
9
Clear to send
DCE
10
Local loopback
DTE
11
Data mode
DCE
12
Terminal ready
DTE
13
Receiver ready
DCE
14
Remote loopback
DTE
15
Incoming call
DCE
16
Select frequency
DTE
17
Terminal timing
DTE
OSI Layer and Network Components 2.13
18
Test mode
DCE
19
Signal ground
Common
20
Receive common
Common
21
Unassigned
Unassigned
22
Send data
Return
23
Send timing
Return
24
Receive data
Return
25
Request to send
Return
26
Receive timing
Return
27
Clear to send
Return
28
Terminal in service
DTE
29
Data mode
Return
30
Terminal ready
Return
31
Receiver ready
Return
32
Select standby
DTE
33
Signal quality
DCE
34
New signal
DTE
35
Terminal timing
Return
36
Standby indicator
DCE
37
Send common
Common
With this information one can move to EIA–530.
2.2.8 Modems The modem is a device that converts digital information to analog by Modulating it on the transmitting end and Demodulating the analog information into digital information at the receiving end. he need to communicate between distant computers led to the use of the existing phone T network for data transmission. Most phone lines were designed to transmit analog information voices, while the computers and their devices work in digital form - pulses. So, in order to use an analog medium, a converter between the two systems is needed. This converter is the MODEM which performs Modulation and Demodulation of transmitted data. It accepts serial binary pulses from a device, modulates some property (amplitude, frequency, or phase) of an analog signal in order to send the signal in an analog medium, and performs the opposite process, enabling the analog information to arrive as digital pulses at the computer or device on the other side of connection. I n simple words, for the readers understanding of role played by a modem taking a simple analogy will help. Suppose you need to pass a paper containing some message to your friend who is sitting next to you, you would give it to him by hand .Now let us say your friend is not sitting
2.14 Computer Networking
next to you but ten feet away from you. You both are in a situation where neither can’t move or talk and nobody is around to pass your paper. What do you do now? The only way is to crush the paper to a ball or make a rocket out of it and pass the message. Let us toughen the situation little more where your friend is much farther away from you such that your paper ball or rocket could not reach him. With all common sense we figure out that the only way to pass the paper is to tie it with a heavier object, say a stone and then throw it. Hence your friend gets your message successfully and reads it by unfolding the paper or untying the stone from the paper depending upon how he got it. This is precisely what happens in the case of modems. In the above situation, you are the modulating part and your friend is the demodulating part. Thus in a network, every message (data) requires modulation while transmission and demodulation while reception for effective communication. PC
PC 110011 Modem
Modem
110011
Fig. 2.18 How modem can be deployed
Classification Modems can be classified according to their characteristics:
Operation Mode a. Half duplex Half duplex means that signals can be passed in either direction, but not in both simultaneously. It is like the dreaded one lane road you may have run into construction sites. Only one direction will be allowed through at a time. b. Full duplex Full duplex means that signals can be passed in either direction, simultaneously. Full duplex operation on a two-wire line requires the ability to separate a receive signal from the reflection of a transmitted signal. It is like a ordinary two-lane highway. In some cases, where traffic is heavy enough, a railroad will decide to lay a double track to allow trains to pass in both directions. In communications, this is most common with networking. Our fiber optic hubs have two connectors on each port, one for each lane of a two-lane roadway. Full-Duplex fiber is two cables bundled or tied together to form a two-lane roadway.
OSI Layer and Network Components 2.15
c. Simplex Simplex is uni-directional. A good example would be your keyboard to your CPU. The CPU never needs to send characters to the keyboard but the keyboard always send characters to the CPU. In many cases, Computers almost always send characters to printers, but printers usually never send characters to computers. Simplex requires only one lane.
Synchronization a. Asynchronous A B Most of the modems that operate in slow and Simplex A to B only moderate rates, up to 1800 bps, are asynchronous. Asynchronous data is not accompanied by any A B clock, and the transmitting and receiving modems Half-Duplex A to B or B to A know only the nominal data rate. To prevent slipping of the data relative to the modem’s clocks, A B this data is always grouped in very short blocks Full-Duplex A to B and B to A (characters) with framing bits (start and stop bits). Fig. 2.19 Operation mode example The most common code used for this is the sevenbit ASCII code with even parity. Asynchronous modems come in three different physical configuration or setup, namely: l Using 2 or 4 wire cable interface l Switched or leased line interface l Automatic answer unit when dialing-up. Let us take two wire line where full duplex operation can be achieved by splitting into two sub channels. The following diagram depicts its asynchronous operation. Frequency band for forward signals
500
Frequency band for reverse signals
1800 2000
3300
f[Hz]
forward Terminal
Modem Modem
Terminal B
A Reverse
Fig. 2.20 Operating asynchronous modem in a two wire line
2.16 Computer Networking
b. Synchronous Synchronous modems operate in the audio domain, at rates up to 28800 bps in audio lines, used in telephones systems. Synchronous modems operate in the same manner as asynchronous modems. However, synchronous modems operate at higher rates and since the requirements to transmit at these rates are increasing, most of the innovations are implemented for synchronous modems. Synchronous data is accompanied by a clock signal, which is the most basic thing that makes us to call them synchronous. Also, synchronous data always come in blocks and the main reason of grouping them is to identify the specific set of signals by the user. These blocks are framed and added with error check bits for secure transmission, by the data source The data source and destination expect the modem to be transparent to this type of data, and from the other side the modem can even ignore the blocking of the data. When channels are split for multiple users, their respective speeds can be different, so that unnecessary usage of the modem is avoided. Such a type of modem is called Split System Modem (SSM). Today in addition to external modems, there are internal modems which are included as an additional board within the computer. There are advantages and disadvantages to each type depending on the requirement of the user.
2.2.9 X.25 packet switched protocol which is meant for transferring data from one network element (referred A to as Data Terminal Equipment (DTE)) to another DTE via a network interface named Data Circuit-terminating equipment. By packet switched, we mean that, the data are broken down into packets before transmitted into the network. Switching technique is used to forward the packets to the destination just like telephone circuits. So, it is like any other protocol for example, TCP/IP. But the difference lies in the way packets are transmitted. In the former case, a connection less approach will be used. In the latter case, a Virtual Circuit approach will be followed. Packets are transmitted via those virtual paths to the destination. Destination information is attached only to the connection (the virtual circuit) setup messages. Once virtual circuit is established, destination information is not needed since all the packets follow the same path. The path is not dedicated; but the virtual circuit will be formed as and when required. It is beneficial as compared to ‘circuit switched’ networks where the paths are permanent for the entire session. It offers significant cost savings since the connection is not dedicated in packet switched networks. It is because, in circuit switched networks, the connection will remain even if there are no packets to be transmitted thereby wasting the bandwidth.
Basic Terminologies DTE–Can be a terminal or any other host like device. Has a unique network address like IP addresses. DCE- A switch like device which inserts the packets emanating from the DTE to which it is attached, to the X.25 network. A sample network is shown in next page.
OSI Layer and Network Components 2.17
x.25 Network DTE
DCE
DCE
DTE
Fig. 2.21 A sample network
X.25 Protocol Architecture Like any other protocol architecture x.25 has a physical layer, a data link layer and network layer. But the responsibilities of the some layers differ from the other protocols.
Physical layer This layer deals with electrical and mechanical aspects of communication. Also, it deals the medium of communication, wired or wireless. Refer to chapter 1 for more information about the physical layer. With respect to x.25, physical layer talks about the ways to connect the DTEs with DCEs.
Data link layer This layer takes care of connection establishments, disconnections, error-free transfer of packets between a DTE and DCE.
Network layer While the data link layer takes care of communications between DTE and DCE, this layer is responsible for establishing virtual circuits, transferring packets, clearing the connections across DTEs (i.e.) between two DTEs.
Types of Virtual circuits (VCs) 1. SVC (Switched Virtual Circuits) 2. PVC (Permanent Virtual Circuits) SVC is similar to telephone conversations. The caller has to dial the number of the callee, the callee will respond then. Similarly, in x.25 SVC, the calling party initiates the connection and the other one responds by receiving the connection. But in PVC, there is no call setup phase. Data can be directly sent to a pre defined destination. There is a problem with PVC when the receiver is not willing to receive any information but the sender keeps on sending data.
Multiplexing VCs x .25 allows a DTE to be connected to many DTEs simultaneously. The VCs to each DTE can be multiplexed. Each VC will be having unique characteristics. VCs are identified by a unique 12 digit number called logical channel. This unique ID assigned may either be static or assigned on demand. X.25 protocol stack
2.18 Computer Networking
Physical Layer The physical layer describes how the DTE is physically connected to DCE. The medium between them (DTE and DCE) should be able to transmit data in both the directions. (i.e.) duplex transmission. the following protocols are specifically defined for x.25 physical layer. • • •
x.21-defines the physical characteristics of interface between an x.25 DTE and DCE on public data network. x.21 bis-defines the characteristics for the interface between a DTE and a V series type DCE on public data network. (Note: V series DCE is for analog data communications). x.31– for x.25 over ISDNs.
Data link Layer The data link layers among the x.25 peers share the data in the form of “Frames” called highlevel data link control (HDLC) frames. This layer is guided by the link access protocol-balanced (LAPB) protocol. For using x.25 over ISDN, link access procedure-D-channel (LAPD) protocol will be followed.
Frame Format Frames are of three types. 1. I frames – carries user data 2. S frames – for flow and error control. 3. U frames – carries network management data The frame format is shown below. Flag
Addr
Control
Information
FCS
Flag
Fig. 2.22 Frame format
FLAG – 8 bit sequence with a bit pattern 01111110 which identifies both the beginning and end of the frames. It is mainly for synchronization purpose. Addr – the Address field, which identifies the end point of the communication. Control – has the control information for controlling the flow of data. Has sequence numbers of the frames sent and expected, and a slot for Unnumbered Acknowledgement (discussed shortly). Information – based on the type of the frame, it carries either user data or control information. FCS- error detection field. Contains 2/4 byte CRC. As we have learnt the communications in x.25 are of two types. 1. Between DTEs 2. Between a DTE and a DCE.
OSI Layer and Network Components 2.19
In the latter case, if the communication has to happen, there are some steps to be followed. The phases involved in the DTE-DCE communication are as follows, 1. Connection setup 2. Data transfer 3. Connection termination This is achieved using three control packets. 1. SABM – Set Asynchronous Balanced Mode 2. UA - unnumbered acknowledgement 3. DISC- for disconnection
DTE
DCE SABM UA DATA TRANSFER DISC
Message Flow
UA
The following diagram shows the way the messages flow while data transfer takes place. Either side Fig. 2.23 Phases of frame layer data transfer of the communication scenario can initiate the message transfer by sending a SABM message. The other party replies with an Unnumbered Acknowledgement. Then the sender can start sending data packets. After the data transfer is over, the initiator can send DISC message to the other party.
Network Layer This layer looks after the communication between DTEs which are far apart. Following table shows some of the messages used in x.25 networks. Packet Type from DCE to DTE Incoming Call Call Connected Clear Indication ECE Clear Confirmation DCE Clear Confirmation DCE Data DCE Interrupt DCE Interrupt Confirmation DCE RR DCE RNR Rester Indication Reset Indication DCE Reset Confirmation Restart Indication DCE Restart Confirmation Diagnostic Registration Confirmation
Packet Type form DTE to ECE Call Request Call Accepted Clear Request DTE Clear Confirmation DTE Clear Confirmation DTE Data DTE Interrupt DTE Interrupt Conformation DTE RR DTE RNR DTE Rej Reset Request DTE Reset Confirmation Restart Request DTE Restart Confirmation – Registration Request
2.20 Computer Networking
Hence, we have seen the basics of x.25 networks with the protocols followed in each layer. Now, let’s quickly go through the advantages of such networks.
Advantages of x.25 networks •
• •
Standardization – Unless other proprietary protocols, x.25 is an ITU-T standard. Hence, any DTE conforming to x.25 norms can very well communicate with the other DTEs which also conform to x.25 norms without making any internal change in the protocol. Multiplexing ability – Since x.25 bundles the VCs together, it reduces equipment costs to a great extent. Integrity – x.25 data link layer ensures 100% integrity over transmitted data thereby reducing the upper layer’s responsibilities.
Disadvantage x.25 behaves very well as compared to TCP/IP when the error rates are so high, but fails in the fact that it will not be able to transmit a packet until it is fully arrived at the buffer. This property eventually increases the transit delays.
2.3
DATA LINK LAYER
This layer is responsible for node to node validity and integrity of transmission. The bits received from physical layer which are raw, will be divided into frames here using the available protocols for this layer. This layer is basically concerned with physical addressing (Bridges and Switches), flow control, error notification and topology. It acts as a mediator between the network and physical layers. This layer is further broken into two sub layers. Media Access Control layer (MAC) and Link Logic Control layer (LLC).
Media Access Control Layer The MAC layer provides regulated access to the network medium. If there are lot of stations connected to a same medium (channel), identification of the stations are still done successfully. This identification goes easier due to the MAC address which the user had been given a description in the early pages of this chapter. Since the MAC address is burnt into the ROM of interface cards it is not changeable and it remains unique. In short this layer controls how a computer on the network gains access to the data and permission to transmit it.
Link Logic Control Layer LLC provides enormous support for the flow control and error checking. Also this sequences the control bits. LLC sits over the MAC layer. The devices that operate on layer 2 are very important for a network to be up and active. Bridges, Switches operate in this layer and they make sure that communication is uplifted.
OSI Layer and Network Components 2.21
2.3.1 Ethernet – An analysis nderstanding Ethernet is the most important thing that someone needs to do. Ethernet is a local U area network protocol introduced by Xerox Corporation in early 1970s and ever since it is ruling the networking world. It is being followed all over the globe. Understanding Ethernet becomes so inevitable for someone who is ambitious on learning networking. Ethernet is basically a standard that talks on communication over a single cable, which is shared by all devices (computers/nodes) on the network. Once any device gets attached to this cable it then gains access to communicate to the other elements attached to the same cable. So there is a greater flexibility here in adding computers to the same network without having necessity to alter the existing network. he only disadvantage of having Ethernet is, it cannot be used over geographically spread area. T It can be used in few kilo meters span alone. Ethernet is deployed mostly in the LAN, particularly in a single building it can be deployed. Reader is aware of what a protocol means, it is a defined set of rules, if followed will get a successful and efficient communication. Ethernet follows some terminologies, first the reader needs to understand the terminologies. a. Medium - The signals/data travel from source to destination in the communication channel, that channel is referred to be as medium and it can be of copper or optical fibres. b. Stations – The components or computers attached to the medium of communication is called as station, it can also be referred as nodes. c. Frame – The stations communicate within each others in a medium in a common format that everyone can understand. That format of communication is called as frame. A frame will have both the source and destination and the reader will be presented with the frame details in the next paragraph.
2.3.2 Ethernet Frame Figure 2.20 is the diagrammatic representation of Ethernet frame.
Fig. 2.24 Ethernet Frame
2.22 Computer Networking
All the fields of Ethernet frame are discussed in brief as follows:
Preamble This is the first portion of the Ethernet frame. It consists of seven bytes which is all are of the form 10101010. It is used by the receiver to get the bit level synchronization done.
Start Frame Delimiter (SFD) SFD is used to indicate the start of a frame. Normally it is of one byte which has been composed with the following bits, 10101011.
Destination Address (DA) Destination address refers to the MAC address of the destination system. As already discussed, it is of 6 bytes. There is an important thing to be noted here. The left most bit in the DA is an indication if the address is an individual address or a group address. Had it been a 0 then it is a individual address, if 1 it is a group address. And the next bit indicates if the DA is globally administered or locally administered. Former goes with a 0 and latter with a 1. The rest of the 46 bits are uniquely assigned value that identifies single station or group of stations or all the stations on that network.
Source addresses (SA) This is also a 6 byte field and it is an identifier to represent the sender (sending station). Always sender can be an individual. So the left most bit of SA remains to be a 0.
Length/Type The field is of 2 bytes. It is an indication of number of bytes of data in the frame.
Data It is sequence of bytes which can be up to 1500 bytes. Data field should be at the minimum at least 46 bytes. If it is lesser than 46 bytes, then filler (padding) has to be added to make the data length to be at least 46 bytes.
FCS (Frame Check Sequence) This is a 4 byte field, where 32 bit Cyclic Redundancy Check (CRC) value is contained and it is generated by the sender and will be re-checked by the receiver to find out the damaged frames.
2.3.3 CSMA/CD What if multiple nodes try to access the medium for sending data?
OSI Layer and Network Components 2.23
I f in a network, only one of the connected stations wants to transfer data, there would not be any problem at all. But in the event of two stations in the network wishing to transfer data on the same time, there comes the trouble. Means, there will be a collision. When the signals get collided, both of them become unusable. So why a need for a set of rules came and that’s why Carrier Sense Multiple Access with Collision Detection, referred to as CSMA/CD has been introduced. If a network has got 3 stations and 2 of them wants to send information at the same time, a collision can be felt. To get out of this collision and to avoid this CSMA/CD is deployed. CSMA/CD forces the stations in the network to listen to the medium (Ethernet) before sending the data. By this way, it can be ensured that no other station is sending the information. If the medium is found free then the station which wishes to transfer data can do so. The sender will then continue to listen, to make sure that sending the data didn’t cause a collision. In the event of a collision is heard, both the senders will send a signal over ethernet. It is normally referred to be a jamming signal. This signal will indicate to all other devices on the network that there is a collision and so no other station should send data on the wire. Thus the collision is not aggravated. After sending the jam signal both of the senders will wait a random amount of time before beginning the transfer again. The random time helps to ensure that the two devices don’t transmit simultaneously again. If another collision occurs, the time intervals from which the random waiting time is selected are increased step by step. This is known as exponential back off. A simple diagrammatic representation would help the reader in understanding the concept. Case: 1 (No collision – So any station can transfer freely) Here station A listens to the ethernet and it has found that there are no other data transfers and hence it can transfer now. Should transfer data now. There is no other data on the ethernet, so there will be no collision
A
B Ethernet - Data to be sent over this medium
C
Fig. 2.25 CSMA/CD – case 1
Case: 2 (Listening has detected active data flow) Here station A listens to the ethernet and it has found some data is flowing on the same. So it will wait for some time and will not try to send data. So collision has been avoided here.
2.24 Computer Networking
Fig. 2.26 CSMA/CD – case 2
Case: 3 (in case of a collision) Unfortunately if there is a collision between station A and B as shown in Fig. 2.26, then the jam signal will be sent which will make the stations to wait for a random amount of time as explained. Figure 2.27 will help the reader in understanding the concept. Sending a Jam Signal......
Sending a Jam Signal......
A Data
Collision
B Data
Ethernet - Data to be sent over this medium
C
Fig. 2.27 CSMA/CD–case 3
The next thing to know is types of available ethernet standards in the market. They are 1. Traditional Ethernet 2. Fast Ethernet and 3. Gigabit Ethernet Reader will be presented with explanation on all the three types as follows: 1. Traditional Ethernet Traditional Ethernet basically supports the data transfers at the rate of 10 Mbps (Mega bits per second). Traditional Ethernet has been the base for the development of much
OSI Layer and Network Components 2.25
appreciable Fast Ethernet Will wait for 140 seconds... Will wait for 200 seconds... and Gigabit Ethernet, where Fast Ethernet supports up to 100 Mbps and Gigabit A B Ethernet supports up to Ethernet - Data to 1000 Mbps speeds. First one Data Data be sent over Collision this medium should know on Traditional Ethernet types and then Fast and Gigabit Ethernet can be discussed in brief. Talking on traditional C Ethernet, 10 Base-T is the Fig. 2.28 CSMA/CD – Waiting for collision clearance one that will be remembered. It has got better electrical properties since unshielded twisted pair wiring is used instead of a coaxial cable. Economically also it is better choice comparing other cabling techniques. When Ethernet is used, Segment is another important aspect to be noted. A segment has to be defined first. It is a single unbroken cable which helps in making a network connection. Ethernet cables/segments will span for a limited distance only. From one type to another, the distance may increase. But it will fail after a certain specified physical distance. The failure might be because of reduced signal strength or noise. A set of specifications are presented below in the Table 2.2 with the span of distance that the Ethernet types can cover. Table 2.2 Traditional Ethernet – types and speed Ethernet 802.3
Speed supported
Segment (in metres)
Cable used
10 Base5
10 Mbps
500
Co-Axial
10Base2
10Mbps
185
Co-Axial
10Baset
10Mbps
90
Twisted pair
Note: BASE is baseband which is used for the data transmission in the cable. T is representing twisted pair cable. 2. Fast Ethernet (IEEE 802.3 u) The design goal of Fast Ethernet is to increase the speed as the name suggests comparing to Traditional Ethernet. It addresses increased performance and provides better bandwidth with increased speed. Traditional Ethernet can be replaced with Fast Ethernet by replacing the traditional NIC to Fast Ethernet card. It is cheap and easy to implement as well. There are two famous types of Fast Ethernet available in the market. They are 1. 100Base-T 2. 100Base-FX The speed, segment and cabling details are presented in Table 2.3.
2.26 Computer Networking Table 2.3 Fast Ethernet – types and speed Ethernet 802.3
Speed supported
Segment (in metres)
Cable used
100 Base-T
10 Mbps
90
Twisted pair
100 BASE-face
100 Mbps
Few Kilo Meters
Optical fiber
3. Gigabit Ethernet Fast Ethernet is faster than the Traditional one, but it is not as faster to meet the requirements. So came the adventure of Gigabit ethernet where the speed is 1000 Mbps to 10 Gbps. IEEE 802.3az, 802.3ab, 802.3ae, 802.3an are the Gigabit Ethernet standards are used as backbone in many networks. Predominantly optical fiber is used for Gigabit Ethernet and some cases copper is used where copper supports a shorter distance. Existing Ethernet LANs with 10 and 100 Mbps cards can feed into a Gigabit Ethernet backbone. Following Table 2.4 summarizes the speed, segment and cable details for the Gigabit Ethernet standard. Table 2.4 Gigabit Ethernet–types and speed Ethernet Standard
Speed
Segment (in metres)
Cable Used
1000 BASE-LX/
1000 Mbps
550 M for short range
Oprical Fiber
1000BASE-SX (IEEE 802.3 Z)
5 Km for long range
1000BASE-SX (IEEE 802.3 Z)
1000 Mbps
100 M
Copper
10GBASE-SR/10BASELR (IEEE802.3 ae)
10 Gbps
200 M for short range, 25 kMs for long range
Optical fiber
10GBASE-T(IEEE802.3 an)
10 Gbps
100 M
Copper
Components of Data Link Layer Bridges and Switches are the most vital components of Layer–2. They are to be discussed in the following paragraphs.
2.3.4 Bridges bridge is seen as a very vital component in the networking world. A bridge is used to connect A two different networks. Also it is used to split a network into separate segments. Thus bridge can be used to filter traffic and create a better/efficient network. A bridge operates in layer–2, that is data-link layer and that is why it is called level-2 relay with reference to the OSI model. It links similar or dissimilar networks, designed to store and forward frames, it is protocol independent and transparent to the end stations. A simple schematic representation is shown below in Fig. 2.29 in which a bridge is used to connect two entirely different networks.
OSI Layer and Network Components 2.27
Fig. 2.29 A bridge – connects two networks
Use of bridges offers a number of advantages, such as higher reliability, performance, security, convenience and larger geographic coverage. But, it is desirable that the quality of service (QOS) offered by a bridge should match that of a single LAN. The parameters that define the QOS include availability, frame mishaps, transit delay, frame lifetime, undetected bit errors, frame size and priority. Key features of a bridge are mentioned below: • A bridge operates both in physical and data-link layer • A bridge uses a table for filtering/routing • A bridge does not change the physical (MAC) addresses in a frame
Types of bridges • Transparent Bridges:
The transparent bridge uses two processes known as bridge forwarding and bridge learning. If the destination address is present in the forwarding database already created, the packet is forwarded to the port number to which the destination host is attached. If it is not present, forwarding is done on all parts (flooding). This process is known as bridge forwarding. Moreover, as each frame arrives, its source address indicates where a particular host is situated, so that the bridge learns which way to forward frames to that address. This process is known as bridge learning. Key features of a transparent bridge are: 1. The stations are unaware of the presence of a transparent bridge 2. Reconfiguration of the bridge is not necessary; it can be added/removed whenever needed It basically performs two functions: 1. Forwarding frames 2. Learning to create forwarding table.
• Source Routing Bridges: The second approach known as source routing, where the routing operation is performed by the source host and the frame specifies which route the frame is to follow. A host can discover a route by sending a discovery frame, which spreads through the entire network using all possible paths to the destination. Each frame gradually gathers addresses as it goes. The destination responds to each frame and the source host chooses an appropriate route from these responses. Source routing approach provides a shortest path at the cost of rapid increase of discovery frames, which can put a serious extra burden on the network.
2.28 Computer Networking
2.3.5 Switches witch is an improved hub; it can be seen as a better version of hub. It is again a central point of a S network. It is an intelligent device. When switch receives a packet from the sender, it will examine the destination address (MAC address) from the packet header and will redirect the packet to the destination alone. This has become possible as switch will maintain a table which has details of all ports and corresponding device’s MAC addresses. Here when switch is used the bandwidth utilization becomes effective and will be more efficiently managed.
Fig. 2.30 Switch’s working
From the above Fig. 2.30 it is clear that when a packet has to be sent from A to C, the signal will be transmitted from A to C alone, it will not be shared with B, hence sharing the bandwidth is efficient. And hence switch is deployed in all the big networks. It would be very much meaningful for the reader to now compare the Hub with the Switch. The comparison is done and is presented in the following Table 2.5. Table 2.5 Comparison between switch and hub Switch
Hub
They operate at layer 2 as per the OSI model
Hub is a physical layer device, i.e. it operates at layer 1
A switch is more sophisticated and more expensive than a hub
A hub is a very primitive device and much cheaper
It is intelligent it transmits the data packets from the source computer to only those networks to which the data packets are originally intended.
It’s got no intelligence as it transmits the data packets to each and every networked computer, not just the target computer of set of computer to which the data packets were originally intended to be sent.
There is optimum utilisation of network bandwidth in case of switches, hence wastage is minimal
Due to their approach of transmission much of the bandwidth is wasted which results in slow rate of operation
Switches are full-duplex devices, i.e. both data transmission and reception can take place simultaneously
Hubs are half duplex devices, i.e. both data transmission and reception cannot take place simultaneously
Network security is much better when compared to hub
Thanks to its transmission mechanism, network security becomes a big issue in case of hubs.
OSI Layer and Network Components 2.29
2.4
NETWORK LAYER
etwork layer is the third layer of OSI layers. This is used to send the packets from source to N destination network. Routing and addressing are the most important functionalities of this layer. Finding the best possible and shortest path for reaching the destination and delivering the data to right destination are carried out here with high importance. Also this layer is responsible for managing network problems as congestion and packet switching. If the data received from the source is so large that it can’t be properly delivered. So this layer will breaks the data into smaller units called as packets. And at the receiving end it can be reassembled. Internet Protocol (IP) is the most obvious example for this layer. Router is the commonly referred layer 3 device. To be precise and short this layer is the god of addressing and routing the data to destination.
Components of Network Layer The main component of Network layer is Router.
2.4.1 Router router is basically used to communicate between network to network in an efficient and intelligent A way. Router will transfer the packet from source to destination in the best and short route. The routing table will have the IP addresses of other router in the network. Routing table is configured manually and also dynamically. Unlike bridges it is not transparent to end stations. When a data packet is received, router does the following, •
Will read the destination address (IP) of the received packet.
•
Looks at the path to reach the destination address.
•
Sends the packet to the destination through the shortest path.
A diagrammatic representation is presented above in Fig. 2.31 where a packet from network 1 is sent to network-2 via routers at both the networks. A router has four basic components: Input ports, output ports, the routing processor and the switching fabric Fig. 2.32. The functions of the four components are briefly mentioned below.
Fig. 2.31 Router
2.30 Computer Networking
•
Input port performs physical and data-link layer functions of the router. As shown in Fig. 2.33, the ports are also provided with buffer to hold the packet before forwarding to the switching fabric. Routing Processor
Input Ports Port n . . . Port 1
Output Ports Port n . . . Port 1
Switching Fabric
Port 2
Port 2
Fig. 2.32 Router – Components Physical layer processor
Data link layer processor Queue Input Port
Fig. 2.33 Router – Input Port
•
Output ports, as shown in Fig. 2.34, performs the same functions as the input ports, but in the reverse order.
Data link layer processor
Physical layer processor
Queue Output Port
Fig. 2.34 Router – Output Port
•
The routing processor performs the function of the network layer. The process involves table lookup. The switching fabric, shown in Fig. 2.35, moves the packet from the input queue to the output queue by using specialized mechanisms. The switching fabric is realized with the help of multistage interconnection networks. Left bit
Middle bit
0
0 A-1 1
1
0 B-1
0 2 3 4 5
A-2
A-3
6 7
A-4
1 0
1
1
1
1 0
B-4
1
0
1 0
1
1 0
3
1 0
5
1
7
C-2
0 B-3
0 C-1
0 B-2
0 1
Right bit
C-3
C-4
Fig. 2.35 Switching fabric of a router
2
4
6
OSI Layer and Network Components 2.31
2.5
TRANSPORT LAYER
his layer provides transparent transfer of data between source and destination. i.e. it is responsible T for end to end data transfer. The lower layers may drop packets, but transport layer will perform a sequence check on the data. If say, 10MB of data is transferred, it will make sure 10MB is received. Transport layer makes sure that it establishes, maintains and terminates the connections after transfer of data is complete. Two common protocols are deployed in this layer. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
2.5.1 TCP
TCP- Reliable data transfer
TCP is the most commonly used No, Slow down Getting all of So I can save protocol on the globe of internet. this? accurately! Excellent error correction is offered in TCP and “guaranteed delivery” is possible with TCP. Flow control is provided with TCP which ensures if the data is being sent correctly, if needs a retransfer or have to wait until the congestion gets cleared. Where ever quality/guaranteed Fig. 2.36 TCP works this way delivery is needed, TCP is the choice. A diagrammatic representation is shown below in Fig. 2.36.
2.5.2 UDP UDP is used for the speedy delivery. There is no guarantee that the data will be delivered in full to the destination. But it does it so fast. Where ever speed is the need, there UDP can get in. The reason for the speed is, there is no flow control or error correction. UDP is deployed widely in streaming applications. A dramatic picture (Fig. 2.37) is given below which make the reader understand the concept easily.
Fig. 2.37 UDP works this way
2.32 Computer Networking
2.6
SESSION LAYER
his layer establishes, manages and terminates connections between applications. Also at each T end, session layer sets up and terminates conversations and exchanges between the applications. This layer provides coordination of the communication in a orderly way. It will make sure that new requests are not sent before previous one is answered. Remote procedure call is the widely used session layer protocol.
2.7
PRESENTATION LAYER
I t ensures that information sent by the application layer of one of the systems from other network is made readable by the application layer of the destination system. It makes sure that data is made understood regardless of the types of machines used in the network. All encrypting devices fall in the layer.
2.8
APPLICATION LAYER
pplication Layer is the seventh layer in the OSI model which is standing very close to the end A user. It will not let the user know on the complications of the below layers and it will just present the smooth applications to the user which would be very comfortable for the end user. It takes the responsibility for displaying the images and data to the user in the readable / human understandable format. Also it stands as the interface with the layer below it, I.e. presentation layer. Very simple and common application layer protocols and applications that everyone is familiar with are listed below: Browsers (Google chrome, Internet explorer and Mozilla Firefox) FTP / SFTP (File transfer protocols) Telnet Network gaming applications DNS (Domain Naming Server) Instant message software applications (GTalk, Yahoo messenger etc.,) There are a lot of protocols and applications that support the network and end-user staying from the application layer. Application layer, to put in simple words provides services for the application program to ensure effective and successful communication with another application program in the network. Application layer performs many tasks, out of which few are summarized below: Ensures authentication of sender/receiver. Helps in privacy, data integrity and error recovery. Supports application layer protocols and helps in accomplishing the tasks meant for it. Helps in getting good quality of service.
OSI Layer and Network Components 2.33
As already quoted there are so many protocols work in application layer. Few are briefed here and they are explained in detail in the descriptive chapter which deals on application layer protocols.
2.8.1 FTP (File Transfer Protocol) I t is a file transfer protocol which is useful for exchanging information/files over the network. FTP is very commonly and frequently used for downloading a file from a server or internet or to upload a file to a server. It follows client server architecture.
2.8.2 Telnet elnet is a protocol used to control / access remote computer from the user’s PC. It is a kind of T remote login one can say. It is a terminal emulator. The reason of arrival of telnet is, in earlier days where the hard drives were all costing more and there were no personal computers for every one as today, one should get some part of the hard drive partition (from server) for usage and can use it through telnet terminals. What needed to accomplish this are a server and some connections. To start a Telnet session, user must log in to a server by entering a valid username and password. It is assigned with the port number 23. One good thing is it supports many text editors, different font options and special characters as well.
2.8.3 DNS (Domain Naming Server) he DNS translates Internet domain and host names to IP addresses. DNS automatically converts T the website name that is typed in Web browser address bar to the IP addresses of Web servers hosting those sites. For an example, when www.yahoo.com is typed, automatically the IP address corresponding to yahoo.com is fetched from the database that is being maintained in the DNS server. A complete description on DNS is presented in detail in chapter on Application layer.
2.8.4 SNMP (Simple Network Management Protocol) NMP is Simple Network Management Protocol defined by IETF (Internet Engineering Task S Force). It is used to manage devices on IP networks. It can run on routers, hubs, bridges, printers, servers, modems and many more. It is used to monitor the conditions of the attached devices in the network. It helps the administrator to monitor the network remotely. It helps in knowing amount of traffic flowing through a device. Also it can help in getting the details of CPU usage. Other than traffic and CPU usage details, one can also know the voltage and environmental details. One instance where the temperature monitoring is useful is with router chassis. If the temperature of the router chassis goes very high, the device may get damaged. In short it helps in managing the network to identify and to isolate the network problems, to plan the network growth and so the performance.
2.34 Computer Networking
2.8.5 SMTP (Simple Mail Transfer Protocol) MTP, Simple Mail Transfer Protocol is used for sending and receiving mail. Port 25 is used for the S protocol. As a limitation in this protocol, it has very limited ability to queue the messages at the receiving end. And so it needs the protocols like POP3 or IMAP to help the user at the receiving end. So SMTP is predominantly used for sending messages from mail client to mail server. And so why the mail admin uses the POP or IMAP server in addition to SMTP while configuring the email application. A small diagrammatic representation of the OSI layers is given below in Fig. 2.38. It will help reader with better understanding. Network user
Application Layer Type of communication E-mail, le transfer, client/server
6
Presentation Layer Encryption data conversion: Ascft to EBCDIC. DCD to binary, eto.
5
Application Layer Type of communication E-mail, le transfer, client/ server
4
Transport Layer Ensures delivery of entire le or message.
3
Network Layer Routes data to different LANs and WANs based on network address.
2
Data Link (MAC) Layer Transmits packets from node to node based on stations address.
1
Physical Layer Electrical signals and cabling
Lower Layers
7
Upper Layers
OSI MODEL
Fig. 2.38 OSI Layers summary
Now to summarize all the seven layers, the above picture can help. (Fig. 2.37)
OSI Layer and Network Components 2.35
Gateways–Operates in all the layers: gateway is normally a computer that operates in all five layers of the Internet (TCP/IP) or seven A layers of OSI model. A gateway takes an application message, reads it, and interprets it. This means that it can be used as a connecting device between two internetworks that use different models. For example, a network designed to use the OSI model can be connected to another network using the Internet model. The gateway connecting the two systems can take a frame as it arrives from the first system, move it up to the OSI application layer, and remove the message. Gateways can provide security. Here in this Fig. 2.39 a gateway is useful to communicate between VoIP and PSTN networks.
Fig. 2.39 Gateway
POINTS TO REMEMBER OSI layering approach is followed for the following reasons:
o Reduced complexity – divided and conquered. o Easy to learn with this standard approach and o Very much modular Seven layers of OSI are Physical, Data Link, Network, Transport, Session, Presentation and Application layers. Each layer will have a corresponding device meant for it. Example, Repeater works for physical layer. Two kinds of signals are there. Analog and digital. A MAC address is of 6 byte (48 bits) length and that is physically hard-coded to the network adapter by its manufacturer. Repeaters are re-generators. It receives a signal from a transmitter, amplifies it and then will re-transmit with better strength Hub basically is deployed to get the sharing of data between computers easier within a network. Whenever star topology is used, Hub becomes inevitable there. DTE and DCE are the most important terminologies with respect to RS232. There Computer is referred as DTE which transmits and receives the data. Modem is the DCE, which facilitates that data transfer.
2.36 Computer Networking The purpose of a null-modem cable is to permit two RS-232 “DTE” devices to communicate
with each other without modems or other communication devices (i.e., “DCE”s) between them. Data link layer is responsible for node to node validity and integrity of transmission. Three Ethernet standards are available in the market. o Traditional Ethernet o Fast Ethernet and o Gigabit Ethernet
QUIZ 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26.
What is the device that can work in all the 7 layers? TELNET is a protocol used in one of the seven layers. Which is that layer? What is the use of FTP? Layer is responsible for node to node validity and integrity of transmission. What is the length of the MAC address? How many bytes are assigned by the manufacturer? Expand – SMTP. What is the use of SNMP? What are the tasks accomplished by session layer? How is presentation layer useful? Can UDP be used for a guaranteed delivery? Where can the Router be deployed? What are the available standards for Traditional Ethernet and what are the corresponding speeds? What are the available standards for Fast Ethernet and what are the corresponding speeds? What is the purpose of FCS in the Ethernet Frame? What is a NULL Modem configuration? What is RS in RS232? Why digital domain is most widely preferred over analog domain? How MAC address can be found in command prompt? Why repeater is called regenerator? What is the maximum range of RS 232? What is modem? What are the modes of operation in modem? What are the two types of synchronization? What is split system modem? Mention the types of virtual circuits in network layer in x.25? What are the protocols used for duplex transmission in x25 physical layer?
OSI Layer and Network Components 2.37
27. 28. 29. 30. 31. 32. 33. 34. 35. 36. 37. 38. 39. 40. 41. 42. 43. 44. 45. 46. 47. 48.
What are the three types of frame format in x25 data link layer? What are 3 control packets used in DTE-DCE communication? Mention the disadvantage of Ethernet What is a node? What is cyclic redundancy check? What is the need for CSMA/CD? What are the available Ethernet standards in the market? What is the protocol of fast Ethernet? What are the components of data link layer? What is a bridge meant for? What are the parameters that define excellent QoS in a bridge? What are the key features in bridge? What are the types of bridges? Which is referred to be as an improved hub? Which is commonly used device in layer 3? What router will do when data packets are received? What are the four basic components of router? What is use of File Transfer Protocol? What is use of Telnet? What is DNS? What is role of SNMP? What is use of SMTP?
ANSWERS 1. 2. 3. 4. 5. 6. 7.
Gateway. Application layer. It is used for the file transfer between the terminals with the get and put commands. Data link layer 6 Bytes. 3 Bytes are allotted by manufacturer. Simple Mail Transfer Protocol. Simple Network Management Protocol, which is used to manage devices on IP networks. 8. This layer establishes, manages and terminates connections between applications. 9. It ensures that information sent by the application layer of one of the systems from other network is made readable by the application layer of the destination system 10. No. Can’t be used. It can be used for speedy delivery of data.
2.38 Computer Networking
11. A router is basically used to communicate between network to network in an efficient and intelligent way. 12.
13.
Ethernet 802.3
Speed supported
Segment (in metres)
Cable used
10 BASE5
10 Mbps
500
Co-Axial
10BASE2
10Mbps
185
Co-Axial
10BASET
10Mbps
90
Twisted pair
Ethernet 802.3
Speed supported
Segment (in metres)
Cable used
100 BASE-T
10 Mbps
90
Twisted pair
100 BASE-FX
100 Mbps
Few Kilo Meters
Optical fiber
14. This is a 4 byte field, where 32 bit Cyclic Redundancy Check (CRC) value is contained and it is generated by the sender and will be re-checked by the receiver to find out the damaged frames. 15. The purpose of a null-modem cable is to permit two RS-232 “DTE” devices to communicate with each other without modems or other communication devices (i.e., “DCE”s) between them. To achieve this, the most obvious connection is that the TD signal of one device must be connected to the RD input of the other device (and vice versa). 16. Recommended Standard. 17. The reason being digital signals can be more reliably transmitted over long distances because of their inherent immunity to noise. Also digital equipment used for processing and storage of these signals are much cheaper, powerful and effective than their analog counterparts. 18. Getmac. 19. When it receives a weakened or corrupted signal, it creates a copy bit for bit, at the original strength. 20. 15 meters. 21. The modem is a device that converts digital information to analog by modulating it on the transmitting end, and DEModulating the analog information into digital information at the receiving end. 22. Half duplex, full duplex, simplex. 23. Asynchronous and synchronous. 24. When channels are split for multiple users, their respective speeds can be different, so that unnecessary usage of the modem is avoided. Such a type of modem is called Split System Modem. 25. SVC (Switched Virtual Circuits) and PVC (Permanent Virtual Circuits) 26. X21, x21 bis, x31 27. I frames – carries user data S frames – for flow and error control. U frames - carries network management data
OSI Layer and Network Components 2.39
28. 29. 30. 31. 32. 33. 34. 35. 36.
37. 38. 39. 40. 41. 42.
43. 44. 45. 46. 47. 48.
SABM - Set Asynchronous Balanced Mode UA - unnumbered acknowledgement DISC - for disconnection The only disadvantage of having Ethernet is, it cannot be used over geographically spread area. It can be used in few kilo meters span alone. The components or computers attached to the medium of communication is called nodes. Cyclic Redundancy Check (CRC) value is contained and it is generated by the sender and will be re-checked by the receiver to find out the damaged frames. To avoid collision between the packets CSMA/CD is introduced Traditional Ethernet (support 10 Mbps), Fast Ethernet (support 100 Mbps), Gigabit Ethernet (support 1000 Mbps to 10Gbps) IEEE 802.3 u Bridges and switches A bridge is seen as a very vital component in the networking world. A bridge is used to connect two different networks. Also it is used to split a network into separate segments. Thus bridge can be used to filter traffic and create a better/efficient network The parameters that define the QOS include availability, frame mishaps, transit delay, frame lifetime, undetected bit errors, frame size and priority A bridge operates both in physical and data-link layer A bridge uses a table for filtering/routing A bridge does not change the physical (MAC) addresses in a frame Transparent bridges and source routing bridges Switches Router a. Will read the destination address (IP) of the received packet. b. Looks at the path to reach the destination address. c. Sends the packet to the destination through the shortest path. Input ports, output ports, the routing processor and the switching fabric FTP is very commonly and frequently used for downloading a file from a server or internet or to upload a file to a server. It follows client server architecture Telnet is a protocol used to control/access remote computer from the user’s PC The DNS translates Internet domain and host names to IP addresses It helps in managing the network, to identify and to isolate the network problems, to plan the network growth and so the performance SMTP, Simple Mail Transfer Protocol is used for sending and receiving mail.
Chapter
3 Physical Layer
Learning Objectives This chapter is completely dedicated for understanding of Physical layer and related stuff. A detailed analysis of Guided and unguided media is presented with clear descriptions. Switching methods, Circuit and Packet are discussed in detail. Then the attention is paid towards datagram and Virtual circuit networks. Light is then thrown on Modems followed by Analog to digital conversion and vice-versa. Finally, Quiz questions are given and reader can test their understanding by answering them.
3.1
INTRODUCTION
he Physical Layer is the lowest layer in the OSI (Open Systems Interconnection) Model of T computer networking and is used to transfer electrical signals that represent data from one place to another. While the Physical Layer does not represent data itself, it does provide a mean for that data to move. Essentially, the Physical Layer represents the hardware of a computer network and consists of everything from the circuit boards and wires to the storage devices and media readers.
3.1.1 Physical Layer Functions The following are the main responsibilities of the physical layer in the OSI Reference Model: l
Definition of Hardware Specifications: The details of operation of cables, connectors, wireless radio transceivers, network interface cards and other hardware devices are generally a function of the physical layer (although part of them are the functions of data link layer also; see below).
3.2 Computer Networking l
Encoding and Signalling: The physical layer is responsible for various encoding and signalling functions that transforms the data from bits that reside within a computer or other device into signals that can be sent over the network. l Data Transmission and Reception: After encoding the data appropriately, the physical layer actually transmits the data, and of course receives it. Note that this applies equally to wired and wireless networks, where there is no tangible cable present! l Topology and Physical Network Design: The physical layer is also considered the domain of many hardware-related network design issues such as LAN and WAN topology. In general, the physical layer technologies are ones that are at the very lowest level and deal with the actual zeroes and ones that are sent over the network. For example, when considering network interconnection devices, the simplest ones operate at the physical layer: repeaters, conventional hubs and transceivers. These devices have absolutely no knowledge of the contents of a message. They just take input bits and send them as output. But devices like switches and routers operate at higher The bit stream arriving Will now go to the data layers of the OSI model and from data link layer link layer interpret the data they receive not just merely as voltage or Bit stream Bit stream Medium/channel light pulses that represent one or zero but as information content and addresses related Fig. 3.1 Data Link Layer- an example to it.
3.2
GUIDED MEDIA
Guided Transmission Media makes use of cables that helps in guiding the data flow through a specific path. Guided Media is also called as Bound Media. Cables are not only made of copper alone but other conducting materials too ( fiber optic). Cable serves as a medium through which information moves from one network device to another. There are four types of Guided media namely, 1. Open Wire 2. Twisted Pair 3. Optical Fiber 4. Coaxial Cable Guided Medium Among these, twisted pair cable and coaxial cable use metallic conductors that accept and transport signals Twisted-pair Open wire Coaxial in the form of electric current. Optical fiber is a Fig. 3.2 Types of Guided Media glass or plastic cable that accepts and transports signals in the form of light (photons).
Optical
Physical Layer 3.3
3.2.1 Open Wire Open Wire is usually used to describe the electrical wire strung along power poles. There is only a single wire strung between poles all the way. No shielding or protection from noise interference is present. We would like to expand the definition of open wires to carry any data signal without implementing any shielding or protection from noise interference. This kind of media is prone to a large degree of noise and interference and hence not acceptable for data transmission except for short distances say, less than 20 ft. Open Wire
Fig. 3.3 Open wire transmission
3.2.2 Twisted-Pair (TP) Cable his cable is the least expensive and most widely used cable of all. Basically, the wires in twisted T pair cabling are twisted together in pairs hence the name. Each pair consists of a wire used for the positive data signal and another used for the negative data signal. We know that noise that appears on one wire affects the other wire of the pair as well. But the good thing is, since the wires are of opposite polarities, they are 180 degrees out of phase; hence when the noise occurs on both wires, it gets cancelled or becomes null at the receiving end of the cable. Twisted Pair cables are most effective when used in systems that has a balanced line method of transmitting data.. Twisted pair cable can take both analog and digital signals as input. TP cable can be either unshielded TP (UTP) cable or shielded TP (STP) cable. Cables with a shield are called Shielded Twisted Pair and abbreviated as STP. Cables without a shield are called Unshielded Twisted Pair or UTP. Shielding means metallic material added to cabling to reduce noise due to electromagnetic interference.
Applications of TP cable l l
l l
Supports both digital and analog signals. TP cables are used in telephone lines to establish voice and data. UTP cable connects subscribers to the central telephone office. The DSL lines used by the telephone companies to provide high data rate connections also make use of high bandwidth capability UTP cable. Local Area Networks (LAN) which run on low budget use twisted-pair cable.
3.4 Computer Networking
3.2.3 Coaxial cable his is a kind of network cable used in older Ethernet networks and in electrically noisy T environments. The name “coax” means it has two conductors which are constructed concentrically with each other along the axis of the cable. Coaxial cables are being extensively replaced by twistedpair cables for local area network (LAN) within buildings, and by fiber-optic cables for high-speed network zones. Coaxial cable supports both analog and digital signals.
Application of Coaxial cable l l l l
l
The use of coaxial cable started in analog telephone networks where a single coaxial network could carry 10,000 voice signals. Later it was used in digital telephone networks where a single coaxial cable could carry digital data up to 600 Mbps. (However, fiber optics have taken over coaxial cables now) Its famous use is in cable TV. Coaxial cabling is often used in places where slow data rates are needed such as in large industrial environments where motors and generators are prone to lot of electromagnetic interference (EMI), and where more expensive fiber-optic cables are not required. Also, coaxial cable finds its place in traditional Ethernet LANs. Because of high bandwidth, and consequently high data rate, coaxial cable was chosen for digital transmission in early Ethernet LANs.
3.2.4 Fiber-Optic Cable iber-optic media uses cables made of glass material that sends network signals in the form of F photons or light energy. Fiber-optic cables boast higher bandwidth capacity than normal copper cables, and is used effectively for high-speed networks such as Asynchronous Transfer Mode (ATM) or Fiber Distributed Buffer Data Interface (FDDI) backbones, long cable runs, and Core connections to high-performance workstations Lets recall light fundamentals a bit. Light is a form of electromagnetic energy. It travels at its fastest in vacuum medium at 3 × 105 Cladding km/s. The speed of light depends on the density of the medium through which it is travelling .For example, it is Fig. 3.4 Fiber optic cable much faster at lower density medium. Light travels through the length of fiber without any loss, by the principle of Total Internal Reflection. This principle of total internal reflection states that when the angle of incidence exceeds a critical value, light cannot get out of the glass, instead, the light bounces back into the same medium. When this principle is applied on the fiber-optic strand, it is possible to transmit light pulses via the fiber lines without any loss. The light is guided down to the centre of fiber called the core. The core is surrounded by an optical material called the cladding that traps the light in the core using the optical technique total internal reflection. The core and cladding are usually
Physical Layer 3.5
made of cent-pure glass, though some are available as all plastic or a glass core and plastic cladding in the market depending on the cost of manufacture. The fiber is coated with a protective plastic (insulation purpose) covering called the primary buffer coating that protects it from moisture and other external factors.
Applications of fiber-optic cable l l l l
SONET network is a common type of fiber optics that serves as backbone for many networks because its wide bandwidth is cost-effective. Fiber optics is combined with coaxial cabling system by few cable TV’s. Telephone companies extensively use fiber optic cable for high speed connection. In Local Area Networks (LANs), Fast Ethernet system makes use of fiber optic cables to fulfil user demands.
3.3
UNGUIDED MEDIA
Unguided transmission media is a media where data signals flow through the air. They are not guided or bound to a channel to follow. They are classified by the type of wave propagation.
3.3.1 RF Propagation There are three types of RF (radio frequency) propagation: Ground Wave Ionosphere l Line of Sight (LOS) Ground wave propagation follows the curvature of the Earth. Ground waves have carrier frequencies up to 2 MHz. AM radio is an example of ground wave propagation. l l
Atmosphere
Radio Tower Earth Ground Wave Propagation
Fig. 3.5 Ground wave propagation
Ionospheric propagation bounces off to the Earth’s Ionospheric layer in the upper atmosphere. It is sometimes called double hop propagation. It operates in the frequency range of 30 - 85 MHz. Because it depends on the Earth’s ionosphere, it changes with the weather and time of the day. The signal bounces off to the ionosphere and comes back to earth. AM radios operate in this range.
3.6 Computer Networking Ionosphere
Radio Tower
Home Earth
Fig. 3.6 Ionospheric propagation
Line of sight propagation transmits exactly in the line of sight. The receiver must be in the view of the transmitter. It is sometimes called space waves or tropospheric propagation. It is limited by the curvature of the Earth for ground-based stations (100 km, from horizon to horizon). Reflected waves can cause problems. Examples of line of sight propagation are: FM radio, microwave and satellite. Atmosphere
Radio Tower
Home Earth
Fig. 3.7 Line of sight propagation
Radio Frequencies The frequency spectrum operates from 0 Hz (DC) to gamma rays (1019 Hz). Table 3.1 Radio Frequencies Range Name Gamma Rays X-Rays Ultra-Violet Light Visible Light
Frequency (Hertz) 1019+ 1017 7.5 x 1015 4.3 x 1014
Infrared Light EHF - Extremely High Frequencies SHF - Super High Frequencies UHF - Ultra High Frequencies
3 x 1011 30 GHz (Giga = 109) 3 GHz 300 MHz (Mega = 106)
Examples Radiotherapy Medical diagnostics Astronomy Colour distinction Remote control Radar Satellite & Microwaves UHF TV (Ch. 14-83)
VHF - Very High Frequencies HF - High Frequencies MF - Medium Frequencies LF - Low Frequencies VLF - Very Low Frequencies VF - Voice Frequencies ELF - Extremely Low Frequencies
30 MHz 3 MHz2 300 kHz (kilo = 103) 30 kHz 3 kHz 300 Hz 30 Hz
FM & TV (Ch2 - 13) Short Wave Radio AM Radio Navigation Submarine Communications Audio Power Transmission
Physical Layer 3.7
Radio frequencies are in the range of 300 kHz to 10 GHz. We are seeing an emerging technology called wireless LANs. Some use radio frequencies to connect the workstations together, some use infrared technology.
3.3.2 Microwave icrowave transmission is line of sight transmission. The transmitter must be in line of sight with M the receiver. This sets a limit on the distance between stations depending on the local geography. Typically the line of sight due to the Earth’s curvature is only 50 km to the horizon. Repeater must be placed so the data signal can hop, skip and jump across the country. Repeater Microwaves operate at high operating frequencies of 3 to 10 GHz. This allows them to carry large quantities of data due to their large bandwidth.
Transmitter
Receiver
Fig. 3.8 Microwave transmission Advantages: a. They employ random routes of communication between towers. b. Since towers occupy a low space area, the cost for land reduces. c. By the concept of antenna theory, a small antenna would suffice for a short wavelength and high frequency signal. d. Due to their high operating frequencies, they are capable of carrying high quantities of information. Disadvantages: a. Attenuation occurs due to solid objects in between the towers or even birds, rain, snow and fog. b. At edges or corners of a solid object, diffraction is more likely to occur. c. Atmospheric refraction takes places making the wave distorted at receiving end. d. Microwaves gets reflected back from surfaces like metal or water.
3.3.3 Satellite atellites are transponders (units that receive S on one frequency and retransmit on another) that are set in geostationary orbits directly over the equator. These geostationary orbits are located at 36,000 km from the Earth’s surface. This point is where the system is in equilibrium as the gravitational pull of the Earth and the centrifugal force of Earth’s rotation are balanced and resultant force is a null vector.
North Pole Equator Satellite 36,000 km orbit
Fig. 3.9 Satellite communication
3.8 Computer Networking Transponders
Satellite
36,000 km Orbit
Solar Panel Antenna
Downlink Earth Stations
Uplink
Downlink
Footprint
Fig. 3.10 Satellite communication
The uplink is the frequency at which the transmitter uploads data to the satellite. The downlink is the frequency at which the receiver downloads the data from the satellite. The footprint is the “shadow” up to which the satellite can transmit to.
3.3.4 Iridium Telecom System he Iridium Telecom System is a new satellite system that will be the largest private aerospace T project. It is a mobile telecom system intended to compete with cellular phones. It relies on satellites in lower Earth orbit (LEO). The satellites will orbit at an altitude of 900 - 10,000 km in a polar, non-stationary orbit. Sixty-six satellites are planned. The user’s handset will require less power and will be cheaper than cellular phones. There will be 100% coverage of the Earth.
Fig. 3.11 Iridium telecom system
Physical Layer 3.9
3.4
SWITCHING
When there are many devices, it is necessary to develop suitable mechanism for communication between any two devices. One possible way is to establish point-to-point communication between each pair of devices using mesh topology. However, mesh topology is impractical for large number of devices, because the number of links increases exponentially (n(n-1)/2, where n is the number of devices) with the number of devices. A better alternative is to use switching techniques leading to a switched communication network. In the switched network methodology, the network consists of a set of interconnected nodes, among which information is transmitted from source to destination via different routes, which is controlled by the switching mechanism.
A
1
End station Communication Network node
4 B
E
2
D
6
3 5 C
Fig. 3.12 Switching example
The end devices that wish to communicate with each other are called stations. The switching devices are called nodes. Some nodes are connected to other nodes and some are connected to stations. Key features of a switched communication network are given below: l l l l l
Network Topology is not regular. Uses frequency division modulation or time division modulation for node-to-node communication. There exist multiple paths between a source-destination pair for better network reliability. The switching nodes are not concerned with the contents of data. Their purpose is to provide a switching facility that will move data from node to node until they reach the destination. Switched Networks
Circuit switched Network
Packet-switched networks
Datagram Networks
Massage-switched networks
Virtual-circuit Networks
Fig. 3.13 Taxonomy of switched networks
3.10 Computer Networking
3.4.1 Circuit Switching ommunication via circuit switching implies that there is a dedicated communication path between C the two stations. The path is connected through a sequence of links between network nodes. On each physical link, a logical channel is dedicated to the connection. Circuit switching is commonly used technique in telephony, where the caller sends a special message with the address of the callee (i.e. by dialling a number) to state its destination. It involves the following three distinct steps,
Circuit Establishment o establish an end-to-end connection before any transfer of data. Some segments of the circuit T may be a dedicated link, while some other segments may be shared. Data transfer: l l l
Transfer data from the source to the destination. The data may be analog or digital, depending on the nature of the network. The connection is generally full-duplex.
Circuit disconnect: l l
Terminate connection at the end of data transfer. Signals must be propagated to deallocate the dedicated resources. Call-request Signal
Time
Node 1 Node 2
Acknowledgment Signal
Message Node 3 Node 4 Call-accept Signal
Fig. 3.14 Circuit switching
Thus the actual physical electrical path or circuit between the source and destination host must be established before the message is transmitted. This connection, once established, remains exclusive and continuous for the complete duration of information exchange and the circuit becomes disconnected only when the source wants to do so. The disadvantage of circuit switching is that bandwidth is wasted as the traffic keeps the connection idle during silent period.
Fig. 3.15 Packet switching
Physical Layer 3.11
3.4.2 Packet Switching This type of switching is based on the ‘store-and-forward’ approach. However, to overcome the limitations of circuit switching, messages are divided into subsets of equal length called packets. This approach was developed for long-distance data communication (in 1970) and it has evolved over time. In packet switching approach, data are transmitted in short packets (few Kbytes). A long message is broken up into a series of packets shown in figure. Every packet contains some control information in its header, which is required for routing and other purposes. Now for simple understanding of the basic differences between circuit switching and Packet switching, we summarize the following. Table 3.2 Circuit Switching Vs Packet Switching Circuit Switching
Packet Switching
1.
In circuit switching, there are various nodes 1. used in the network through which the signals are passed from one system to another.
In packet switching, the data is sent over the network in the form of packets i.e. a large unit of data items wrapped into a single bigger unit.
2.
This concept is mainly used in telephony 2. systems.
It can be used for telephony, DSL services and other data transmission services.
3.
This is best suited for transmission of audio signals and not suitable for data transmission.
3.
It is best suited for sending data over the network and audio and video signals can also be sent over the network in the form of packets.
4.
This type of switching is connection oriented and may be connection less also.
4.
It is usually a connection less service.
5.
As this is an old technique, this technique is less popular and more expensive.
5.
It is a new technology and economic than the circuit switching approach.
3.5
DATAGRAM NETWORKS VS VIRTUAL CIRCUIT NETWORKS
3.5.1 Datagram Approach This approach uses a different, more dynamic scheme, to determine the route through the network links. Each packet is treated as an independent entity, and its header contains full information about the destination of the packet. The intermediate nodes examine the header of the packet, and decide to which node to send the packet so that it will reach its destination. In the decision two factors are taken into account: l
The shortest way to pass the packet to its destination using protocols such as RIP/OSPF to determine the shortest path to the destination.
Figure 3.16 Datagram Packet Switching Technique
3.12 Computer Networking l
Finding a free node to pass the packet to - in this way, bottlenecks are eliminated, since packets can reach the destination in alternate routes. Thus, in this method, the packets don’t follow a pre-established route, and the intermediate nodes (the routers) don’t have pre-defined knowledge of the routes that the packets should be passed through. Packets can follow different routes to the destination, and delivery is not guaranteed (although packets usually do follow the same route, and are reliably sent). Due to the nature of this method, the packets can reach the destination in a different order than they were sent, thus they must be sorted at the destination to form the original message. This approach is time consuming since every router has to decide where to send each packet. The main implementation of Datagram Switching network is the Internet, which uses the IP network protocol.
3.5.2 Virtual Circuit Approach In this approach, an initial setup phase is implemented in order to set up a route between the intermediate nodes. All the packets passed during the session between the two end nodes undergo this phase. In each intermediate node, an entry is registered in a table to indicate the route for the connection that has been already set up. Thus, packets passed through this route, can have short headers, containing only a virtual circuit identifier (VCI), and not their destination. Each intermediate node passes the packets according to the information that was stored in it, in the setup phase. In this way, packets arrive at the destination in the correct sequence, and it is guaranteed that essentially there will not be errors. This approach is slower than Circuit Switching, since different virtual circuits may compete over the same resources, and an initial setup phase is needed to initiate the circuit. As in Circuit Switching, if an intermediate node fails, all virtual circuits that pass through it are lost. The most common forms of Virtual Circuit networks are X.25 and Frame Relay, which are commonly used for public data networks (PDN). Packets Node 1 1
3
2
Node 2 1 Node 3 Call-Request packet Node 4
Call accept packet
3
2
1
2
3
Call-acknowledgment packet
Fig. 3.17 Virtual circuit packet switching technique Table 3.3 Comparison of the three switching techniques Circuit Switching
Datagram Packet
Virtual Circuit Packet
Dedicated path Path established for entire conversation Call set up delay
No dedicated path Route established for each packet Packet transmission delay
No dedicated path Route established for entire conversation
Overload may block call set up
Overload increases packet delay
Overload may block call set up and increases packet delay
Call set up delay, packet transmission delay
Contd...
Physical Layer 3.13 No speed or code conversion
Speed or code conversion
Speed or code conversion
Fixed bandwidth
Dynamic bandwidth
Dynamic bandwidth
No overhead bits after call set up Overhead bits in each packet
3.6
Overhead bits in each packet
MODEMS
odem is a computer device that modulates and demodulates data signals. It enables the computer M to transmit the data over the phone line. The data over the telephone line is transmitted in the analog form and when it reaches at the computer at other end it must be presented in the digital form so that computer can understand it. The modem takes the data and converts it in the readable form for your computer i.e. digital form. Modem can be inserted in the computer in the PCI slot or it can be used as an external modem. Once a telephone line is plugged in the modem, it dials the number of the local ISP to connect to the internet. Once the connection is established, user can browse the web, chat, listen to the songs and download games etc. Many types of the conventional dial up modems now have been replaced by the DSL and cable modems. A DSL (Digital Subscribers Lines) modem is a communication device that provides high speed communication over the regular telephone lines. DSL modem is also known as a broadband modem. DSL modems now have been used in home and office networks to provide the high speed internet connection by using the single telephone line. lmost all modems support the TCP/IP and other communication protocols. The Ethernet A DSL modem can be used to provide the internet connection either to one computer or to the computer network. DSL modem is usually provided free by the Internet Service Providers. Additionally, you can also purchase the DSL modem of your required features at any computer shop or directly through the manufacturer’s website. In the recent years, the broadband technology has evolved so the significance of the DSL internet connection is increased. Many broadband modems now comes with the built-in Ethernet and Wi-Fi ports also they have the features of DHCP and NAT (Network Address Translation). roadband modem is capable of handling the hundreds of data signals at the same time. B Another notable advantage of the DSL modem is that you can use your telephone while using the Internet at the same time. With high speed internet connectivity you can download long files, software, movies, play online games and browse the internet at very high speed. The following Table 3.4 summarizes the differences between dial-up and dsl services.
3.7
ENCODING AND DECODING MECHANISMS
The channel bridging the transmitter and the receiver may be a guided transmission medium such as a wire or a wave-guide or it can be an unguided atmospheric or space channel. But, irrespective of the medium, the signal traversing the channel becomes attenuated and distorted with increasing distance. Hence a process is adopted to match the properties of the transmitted signal to the
3.14 Computer Networking
channel characteristics so as to efficiently communicate over the transmission media. There are two alternatives; the data can be either converted to digital or analog signal. Both the approaches have pros or cons. What to be used depends on the situation and the available bandwidth. Table 3.4 Dialup Vs DSL MODEMS
DSL
Occupy a phone line Phone line is used for either voice service or internet connection
Phone line is not affected by internet connection Simultaneous transmission of data (DSL) and voice or fax services
Connection speed: < 56 Kbps
256 Kbps to 20 Mbps
Have to dial an access number to connect to the internet
Always on
Connected using a computer modem
Connected through a DSL modem
Unique IP address for each connection
Static IP address (higher security risk)
Low monthly fee
Higher monthly fee
Easy setup, no setup fee
Self installation is usually free. A setup fee is needed if installed by a technician.
Available to everyone with a phone line
Not every phone line is equipped for DSL service. May not be available in some remote/rural areas.
Now, either form of data can be encoded into either form of signal. For digital signaling, the data source can be either analog or digital, which is encoded into digital signal, using different encoding techniques. The basis of analog signaling is a constant frequency signal known as a carrier signal, which is chosen to be compatible with the transmission media being used, so that it can traverse a long distance with minimum of attenuation and distortion. Data can be transmitted using these carrier signals by a process called modulation, where one or more fundamental parameters of the carrier wave, i.e. amplitude, frequency and phase are being modulated. The resulting signal, called modulated signal traverses the media, which is demodulated at the receiving end and the original signal is extracted. The four approaches are summarized below in the Table 3.5 as follows: Table 3.5 Encoding and Decoding for Signals Data
Signal
Approach
Digital
Digital
Encoding
Analog
Digital
Encoding
Digital
Analog
Modulation
Analog
Analog
Modulation
Physical Layer 3.15
In this chapter attention will be paid on Digital to Digital conversion and Digital to analog conversion methods alone.
3.7.1 Digital to Digital Conversion There are numerous methods used to encode digital data directly in digital signals. First, it is important to distinguish digital signals from analog ones. An analog signal is a continuously varying wave. Digital signals simply represent ones or zeros, so they are much less variable than analog. Since digital signals generally only represent one of two values, they are much easier to decode than multi-value analog waves. Additionally the lack of multiple values makes digital signals easier to decode even after they have been affected by interference. Digital signals are used internally in computer devices as well as externally in networks. Earlier, there was a brief discussion on modem concepts dealt in this chapter. Dial up or DSL networks typically use analog signals for transmission, while baseband networks generally use digital signals. The current focus is on encoding these baseband signals before transmitting them. Digital signals rely on having a reference point on which to build a signal representing a binary digit (1 or 0). If the reference point changes, then distinguishing ones and zeros can be difficult. The reference point is created by grounding. If a network is properly grounded, then data errors are much fewer due to lack of reference voltage problems. Grounding is typically achieved by driving a metal rod several feet into the earth or by attaching the ground wiring to metal piping that is buried in the ground. All excess voltage drains off into the ground leaving a voltage considered to be a zero voltage or ground reference voltage. The encoding technique employed here is commonly called Line coding which is described by the following diagram.
Fig. 3.19 Line coding
A crucial element for digital signals are timing. Timing (or clocking) is used for synchronization so that the communications between two devices can be coordinated. The clocking may be controlled locally on each device after the devices synchronize with one another, or be assisted by clocking bits, which are special bits used to help synchronize communications. The clocking bits are actually encoded in the information being sent from sender to receiver. When clocking and synchronization is not used, the communication between sender and receiver is said to be asynchronous communication. Asynchronous communications are slower due to the overhead involved in grouping data together. There must be a logical grouping to separate one byte from another since this is not accomplished via timing. The various digital encoding (Line coding) methods vary from one another in the manner in
3.16 Computer Networking
which they carry binary data, susceptibility to interference and clocking information. What follow are a few examples of digital encoding methods with descriptions of each:
3.7.1.1 Polar Encoding This method uses a positive and negative voltage to represent 1s and 0s. A separate clock signal is used to keep sender and receiver synchronized. Fairly resistant to interference, because of the great voltage distance between 1 and 0 signals. Figure 3.20 stands as a support for this. + Voltage 0 Voltage – Voltage 0
1
1
0
1
Fig. 3.20 Polar Encoding
3.7.1.2 Unipolar Encoding Unipolar encoding uses positive voltage but no negative voltage to represent 1s and 0s. Because of low voltage variance, Unipolar systems are more prone to interference problems. Most use separate clocking signals as polar systems because long streams of 0s and 1s may be confusing if clocks are not exactly synchronized at sender and receiver. Figure 3.21 represents unipolar encoding. + Voltage 0 Voltage – Voltage 0
1
1
0
1
Fig. 3.21 Unipolar Encoding
3.7.1.3 Bipolar Encoding Similar to the other polar methods except that a positive, negative and zero voltage are utilized. Whenever a 1 is encountered, the voltage jumps alternately to the positive voltage or the negative voltage. 0 is always represented by zero voltage. This type of encoding is very resistant to interference. Figure 3.22 represents this type of encoding. + Voltage 0 Voltage – Voltage 0
1
1
Fig. 3.22 Bipolar Encoding
0
1
Physical Layer 3.17
3.7.1.4 Manchester Encoding This coding scheme involves voltage changes midway through the item of digital data being encoded. This serves the dual purpose of providing the type of bit being represented plus providing a synchronization cue for clocking purposes. In this encoding scheme a positive to negative midbit voltage transition denotes 0 and a negative to positive transition denotes 1. The Manchester coding scheme is known as biphase encoding as well which is represented in Fig. 3.23. + Voltage 0 Voltage – Voltage 0
1
1
0
1
Fig. 3.23 Manchester Encoding
3.7.1.5 Differential Encoding Similar to the Manchester scheme, this method is also a Manchester biphase encoding scheme. The mid-bit transition from a positive to negative voltage (or vice versa) takes place to offer synchronization (clocking). A 0 is represented by a voltage transition at the beginning of a bit and a 1 is represented by no change in the voltage at the beginning of a bit. This type of coding scheme is implemented in local area networking for token ring systems, while the standard Manchester method is utilized for another popular LAN type called Ethernet. Figure 3.24 stands as a support for this concept. + Voltage 0 Voltage – Voltage 0
1
1
0
1
Fig. 3.24 Differential Encoding
3.7.1.6 RZ (Return to Zero) RZ (Return to Zero) encoding is a variation on bipolar coding. As in bipolar methods, 1 is represented by a negative voltage while 0 is represented by a positive voltage. However, RZ involves switching mid-bit to zero. This provides clocking information for synchronization and better resistance to interference as it is easy to detect a voltage change mid-bit. Figure 3.25 represents the same. + Voltage 0 Voltage – Voltage 0
1
1
Fig. 3.25 RZ
0
1
3.18 Computer Networking
3.7.1.7 NRZ (Non return to zero) NRZ (or Non-Return to Zero) encoding utilizes transitions between positive and negative voltages to denote 1s and 0s. Transitions are relied on rather than specific voltage levels. A 1 is represented by a transition where 0 is represented by no transition. This method is not self-clocking. Figure 3.26 is representing the concept. + Voltage 0 Voltage – Voltage
0
1
1
0
1
Fig. 3.26 NRZ
I t should be plainly evident now that there is a big difference between digital and analog signal types. The method for encoding signals is also radically different. Each has its own advantages and disadvantages so it is not likely that either is going to completely go away. In real life we often have to convert signals from analog to digital or digital to analog several times before a piece of data reaches its destination. In the next section reader will be introduced with what is involved to perform conversion from one type of signal to another.
3.7.2 Digital to Analog Conversion Quite often sending digital data through analog transmission media such as a telephone network is required. In such situations it is essential to convert digital data to analog signal. This conversion is accomplished with the help of special devices such as modem (modulator-demodulator) that converts digital data to analog signal and vice versa. ince modulation involves operations on one or more of the three characteristics of the carrier S signal, namely amplitude, frequency and phase, three basic encoding or modulation techniques are available for conversion of digital data to analog signals. The three techniques are referred to as amplitude shift keying(ASK),frequency shift keying(FSK)and phase shift keying(PSK).There are many situations where ASK and PSK techniques are combined together leading to a modulation technique known as Quadrature Amplitude Modulation(QAM). The basic approach employed by this type of conversion is briefly described by the following Fig. 3.27.
10101100
Digital-toanalog conversion
Fig. 3.27 Digital to Analog conversion
Physical Layer 3.19
3.7.2.1 Amplitude-Shift Keying (ASK) In ASK, two binary values are represented by two different amplitudes of the carrier frequency as shown in the Fig. 3.28. The un-modulated carrier can be represented by Vd(t) Vc(t) VASK(t)
Signal power
Frequency fc – 3f0
fc – f0
fc
fc + f0
fc + 3f0
Frequency spectrum
Fig. 3.28 Amplitude Shift Keying
ec(t) = Ec cos 2πfct The modulated signal can be written as
s(t) = k em cos 2πfct
s(t) = A1 cos 2πfct for 1
s(t) = A2 cos 2πfct for 0
Special case: On/off Keying (OOK), the amplitude A2 = 0. ASK is susceptible to sudden gain changes and OOK is commonly used to transmit digital data over optical fibres. Frequency Spectrum: If Bm is the overall bandwidth of the binary signal, the bandwidth of the modulated signal is BT = Nb, where Nb is the baud rate. This is depicted in the following Fig. 3.29.
A
fc – nb/2
fc
fc + nb/2
Fig. 3.29 Frequency Spectrum
This method is very much susceptible to noise and sudden gain changes and hence it is considered as an inefficient modulation technique.
3.20 Computer Networking
3.7.2.2 Frequency-Shift Keying (FSK) In this case two binary values are represented by two different frequencies near the carrier frequency as shown in the following Fig. 3.30.
Data signal Vd (t) Carrier 1
V1 (t)
Carrier 2
V2 (t) VFSK (t)
Signal power
f1
Frequency spectrum
f2
Frequency
Fig. 3.30 Frequency Shift Keying
In FSK two carrier frequencies f1 and f2 are used to represent 1 and 0 as shown in the above Fig. 3.30. Here s(t) = A cos 2 πfc1t (for binary 1) and s(t) = A cos 2 πfc2t (for binary 0) This method is less susceptible to errors than ASK. It is mainly used in higher frequency radio transmission. Frequency spectrum: FSK may be considered as a combination of two ASK spectra centred around fc1 and fc2,which requires higher bandwidth. The bandwidth = (fc2 – fc1) + Nb as shown in the following frequency spectrum.
Fig. 3.31 Frequency spectrum
3.7.2.3 Phase Shift Keying (PSK) In this method, the phase of the carrier signal is shifted by the modulating signal with the phase measured relative to the previous bit interval. The binary 0 is represented by sending a signal of the same phase as the preceding one and 1 is represented by sending the signal with an opposite phase to the previous one as shown in the following Fig. 3.32.
Physical Layer 3.21
A
0
1
1
1
f
Fig. 3.32 Phase Shift Keying
In 2-PSK the carrier is used to represent either 0 or 1.
s(t) = A cos (2πfct + π) for binary 1
s(t) = A cos (2πf ct) for binary 0
The signal set can be shown geometrically in the following Fig. 3.33. This representation is called a constellation diagram, which provides a graphical representation of the complex envelope of each possible symbol state. The x-axis of a constellation diagram represents the inphase component of the complex envelope, and the y-axis represents the quadrature component of the complex envelope. The distance between signals on a constellation diagram indicates how different the modulation waveforms are, and how well a receiver can differentiate between all possible symbols in presence of noise.
1
0
Constellation diagram for 2 – PSK signal
Fig. 3.33 Constellation diagram
3.7.2.4 M-ary Modulation I nstead of just varying phase, frequency or amplitude of the RF signal, modern modulation techniques allow both envelope (amplitude) and phase (or frequency) of the RF carrier to vary. Because the envelope and phase provide two degrees of freedom, such modulation techniques map baseband data into four or more possible RF carrier signals. Such modulation techniques are known as M-ary modulation. In M-ary modulation scheme, two or more bits are grouped together to form symbols and one of possible signal S1(t), S2(t),…,Sm(t) is transmitted during each symbol period Ts. Normally, the number of possible signals are M = 2n, where n is an integer. Depending on whether the amplitude, phase or frequency is varied, the modulation is referred to as M-ary ASK, M-ary PSK or M-ary FSK, respectively. M-ary modulation technique is attractive for use in band limited channels, because these techniques achieve better bandwidth efficiency at the expense of power efficiency. For example, an 8-PSK technique requires a bandwidth that is log28 = 3 times
3.22 Computer Networking
smaller than 2-PSK (also known as BPSK) system. However, M-ary signalling results in poorer error performance because of smaller distances between signals in the constellation diagram. Several commonly used M-ary signalling schemes are discussed below.
3.7.2.5 Quadrature Phase Shift Keying (QPSK) For more efficient use of bandwidth Quadrature Phase-Shift Keying (QPSK) can be used where,
s(t) = A cos (2πfct) for 00
= A cos (2πfct + 90) for 01 = A cos2πfct + 180) for 10 = A cos (2πfct + 270) for 11 Here phase shift occurs in multiple of 90° as shown in the following constellation Fig. 3.34. Bits
Phase
000 00 01 10 11
0 90 180 220
01
10
00
11
Fig. 3.34 Constellation diagram
1. 8-PSK: The idea can be extended to have 8-PSK. Here the phase is shifted by 45°
Fig. 3.35 Phase shift by 45°
3.7.2.6 QAM (Quadrature Amplitude Modulation) Ability of equipment to distinguish small differences in phase limits the potential bit rate. This can be improved by combining ASK and PSK. This combined modulation technique is known Quardrature Amplitude Modulation (QAM). It is possible to obtain higher data rate using QAM. The constellation diagram of a QAM signal with two amplitude levels and four phases is shown in the Fig. 3.36 below. It may be noted that M-ary QAM does not have constant energy per symbol, nor does it have constant distance between possible symbol values.
Physical Layer 3.23 010 010 100 000
101
001
110 111
Fig. 3.36 Phase shift by 45°
2. Bit rate and Baud rate: Use of different modulation techniques lead to different baud rates (number of signal elements per second) for different values of bit rates,which represents the numbers of data bits per second. The Table 3.6, given below shows how the same baud rate allows different bit rates for different modulation techniques. The baud rate, in turn, implies the bandwidth requirement of the medium used for transmission of the analog signal. Table 3.6 Summary Modulation Technique
Baud rate
Bit rate
ASK, FSK, 2-PSK
N
N
4 PSK
N
2N
8 PSK
N
3N
16 QAM
N
4N
32 QAM
N
5N
64 QAM
N
6N
128 QAM
N
7N
256 QAM
N
8N
POINTS TO REMEMBER
A guided medium provides a physical interface from one device to another. Twisted-pair cable consists of two insulated copper wires twisted together. Twisting enables in nullifying the effect of noise in the cable. Twisted-pair cable is used in telephone lines for voice and data communications. Coaxial cable has the following layers (starting from the centre): a metallic rod-shaped inner conductor, an insulator covering the rod, a metallic outer conductor (shield), an insulator covering the shield, and a plastic cover. Coaxial cable can carry signals of higher frequency ranges than that of twisted-pair cable. Coaxial cable is used in cable TV networks and traditional Ethernet LANs.
3.24 Computer Networking
Fiber-optic cables are made of a glass or plastic core surrounded by cladding all enclosed within an outside jacket. Fiber-optic cables carry data signals in the form of light. The signal is propagated along the inner core by the concept of total internal reflection. Line coding is the process of converting binary data to a digital signal. The number of different values allowed in a signal is the signal level. The number of symbols that represent data is the data level. Bit rate is a function of the pulse rate and data level. Line coding methods must eliminate the dc component and provide a means of synchronization between the sender and the receiver. Line coding methods can be classified as Unipolar, polar, or bipolar. NRZ, RZ, Manchester, and differential Manchester encoding are the most popular polar encoding methods. AMI is a popular bipolar encoding method. Block coding can improve the performance of line coding through redundancy and error correction. Block coding involves grouping the bits, substitution, and line coding. 4B/5B, 8B/10B, and 8B/6T are common block coding methods. Analog-to-digital conversion relies on PCM (pulse code modulation). PCM involves sampling, quantizing, and line coding. The Nyquist theorem says that the sampling rate must be at least twice the highest-frequency component in the original signal. Digital transmission can be either parallel or serial in mode. In parallel transmission, a group of bits is sent simultaneously, with each bit on a separate line. In serial transmission, there is only one line and the bits are sent sequentially. Serial transmission can be either synchronous or asynchronous. In asynchronous serial transmission, each byte (group of 8 bits) is framed with a start bit and a stop bit. There may be a variable-length gap between each byte. In synchronous serial transmission, bits are sent in a continuous stream without start and stop bits and without gaps between bytes. Regrouping the bits into meaningful bytes is the responsibility of the receiver. Digital-to-analog modulation can be accomplished using the following: l Amplitude shift keying (ASK)—the amplitude of the carrier signal varies. l Frequency shift keying (FSK)—the frequency of the carrier signal varies. l Phase shift keying (PSK)—the phase of the carrier signal varies. l Quadrature amplitude modulation (QAM)—both the phase and amplitude of the carrier signal vary.
Physical Layer 3.25
QAM enables a higher data transmission rate than other digital-to-analog methods. Baud rate and bit rate are not the same. Bit rate is defined as the number of bits transmitted per second, whereas Baud rate is defined as the number of signal units transmitted per second. One signal unit can represent one or more bits. The minimum required bandwidth for ASK and PSK is the baud rate. A regular telephone line uses frequencies between 600 and 3000 Hz for data communication. ASK modulation is especially susceptible to noise. Since FSK uses two carrier frequencies, its modulation requires more bandwidth than ASK and PSK. PSK and QAM modulation have two advantages over ASK: l They are not as exposed to noise. l Each signal change can represent more than one bit. Trellis coding is a technique that uses redundancy to provide a lower error rate. The 56K modems are asymmetric; they download at a rate of 56 Kbps and upload at 33.6 Kbps. Analog-to-analog modulation is be implemented by the following: l Amplitude modulation (AM) l Frequency modulation (FM) l Phase modulation (PM) In AM radio, the bandwidth of the modulating signal must be half the bandwidth of the modulated signal. For FM radio purposes, the bandwidth of the modulated signal must be 10 times the bandwidth of the modulating signal.
QUIZ 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12.
What are the main responsibilities of the physical layer? How information transmitted from one network device to another in wired medium? What are the four types of Guided media available? How in optical fiber signals are transmitted? What is the range of coverage in open wire? How noise effect is cancelled in twisted pair cable? What is shielding? What are the applications of twisted pair cable? Give one famous application of coaxial cable? What are applications of fiber optic cable? What is an unguided media? What are the three types of RF PROPAGATION?
3.26 Computer Networking
13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28. 29.
What are the examples of line of sight propagation? What is radio frequency range? Why mesh topology is impractical for large number of devices? What is switched network methodology? What are the key features in switched network methodology? What are the three basic steps involved while making call? State disadvantage of circuit switching. What is packet switching approach? What are the common forms of Virtual Circuit networks? What will happen when telephone line is plugged into modem? What is broadband modem? Write the expansion for NAT? What are the digital encoding methods? Which type of encoding is resistant to interference? State three basic modulation techniques available for digital data to analog signals What is Quadrature Amplitude Modulation (QAM)? What is M-ary Modulation?
ANSWERS 1. Definition of Hardware Specifications, Encoding and Signalling, Data Transmission and Reception and Topology and Physical Network Design 2. Through guided media 3. l Open Wire l Twisted Pair l Optical Fiber l Coaxial Cable 4. Light (photons) 5. Less than 20ft 6. We know that noise that appears on one wire affects the other wire of the pair as well. But the good thing is , since the wires are of opposite polarities, they are 180 degrees out of phase; hence when the noise occurs on both wires, it gets cancelled or becomes null at the receiving end of the cable. 7. Shielding means metallic material added to cabling to reduce noise due to electromagnetic interference. 8. l Supports both digital and analog signals. l TP cables are used in telephone lines to establish voice and data. l UTP cable connects subscribers to the central telephone office.
Physical Layer 3.27 l The
DSL lines used by the telephone companies to provide high data rate connections also make use of high bandwidth capability UTP cable. l Local Area Networks (LAN) which run on low budget use twisted-pair cable. 9. Cable tv 10. l SONET network is a common type of fiber optics that serves as backbone for many networks because its wide bandwidth is cost-effective.. l Fiber optics is combined with coaxial cabling system by few cable TV’s. l Telephone companies extensively use fiber optic cable for high speed connection. l In Local Area Networks (LANs), Fast Ethernet system makes use of fiber optic cables to fulfil user demands. 11. Unguided transmission media is a media where data signals flow through the air. They are not guided or bound to a channel to follow. They are classified by the type of wave propagation 12. Ground Wave l Ionosphere l Line of Sight (LOS) 13. FM radio, microwave and satellite. 14. 300 kHz to 10 GHz 15. Mesh topology is impractical for large number of devices, because the number of links increases exponentially (n(n-1)/2, where n is the number of devices) with the number of devices. 16. The network consists of a set of interconnected nodes, among which information is transmitted from source to destination via different routes, which is controlled by the switching mechanism. 17. l Network Topology is not regular. l Uses FDM or TDM for node-to-node communication. l There exist multiple paths between a source-destination pair for better network reliability. l The switching nodes are not concerned with the contents of data. l Their purpose is to provide a switching facility that will move data from node to node until they reach the destination 18. Circuit establishment, data transfer, circuit disconnect 19. The disadvantage of circuit switching is that bandwidth is wasted as the traffic keeps the connection idle during silent period. 20. In packet switching approach, data are transmitted in short packets (few Kbytes). A long message is broken up into a series of packets. Every packet contains some control information in its header, which is required for routing and other purposes. 21. X.25 and Frame Relay 22. Once a telephone line is plugged in the modem, it dials the number of the local ISP to connect to the internet. 23. Broadband modem is a communication device that provides high speed communication over the regular telephone lines.
3.28 Computer Networking
24. Network Address Translation 25. Polar encoding, unipolar encoding, bipolar encoding, Manchester encoding, differential encoding, Return to Zero encoding and Non Return to Zero encoding 26. Bipolar encoding 27. Amplitude shift keying (ASK), Frequency shift keying (FSK) and Phase shift keying (PSK) 28. ASK and PSK techniques are combined together leading to a modulation technique known as Quadrature Amplitude Modulation (QAM). 29. Instead of just varying phase, frequency or amplitude of the RF signal, modern modulation techniques allow both envelope (amplitude) and phase (or frequency) of the RF carrier to vary. Because the envelope and phase provide two degrees of freedom, such modulation techniques map baseband data into four or more possible RF carrier signals. Such modulation techniques are known as M-ary modulation.
Chapter
4 Data Link Layer
Learning Objectives Complete understanding on Data Link layer can be obtained after reading through this chapter. A detailed discussion on Link logic control layer and Media access control layer is presented in this chapter followed by Error correction and Detection mechanisms. Then Flow and error control is paid attention and methods have been discussed on that area. All the services offered by Data link layer is discussed which will definitely be a value add to the learning. VLAN, SONET, ATM, HDLC and most importantly Spanning Tree Protocols are discussed with relevant examples and frame formats. Bluetooth has been introduced to the reader, followed by a discussion on WiFi and FDDI. Finally, as ever, Quiz questions are given and reader can test their understanding by answering them.
4.1
INTRODUCTION
his layer is responsible for node to node validity and integrity of transmission. The T bits received from physical layer which are raw, will be divided into frames here using the available protocols for this layer. This layer is basically concerned with physical addressing (Bridges and Switches), flow control, error notification and topology. It acts as a mediator between the network and physical layers. This layer is further broken into two sub layers as Media Access Control layer (MAC) and Link Logic Control layer (LLC).
4.2 Computer Networking
4.2
LLC AND MAC SUB LAYERS
4.2.1 Media Access Control Layer he MAC layer provides regulated access to the network medium. If there are lot of stations T connected to a same medium (channel), identification of the stations are still done successfully. This identification goes easier due to the MAC address which the user had been given a description in the early pages of this chapter. Since the MAC address is burnt into the ROM of interface cards it is not changeable and it remains unique. In short this layer controls how a computer on the network gains access to the data and permission to transmit it.
4.2.2 Link Logic Control Layer LC provides enormous support for the flow control and error checking. Also this sequences the L control bits. LLC sits over the MAC layer. The devices that operate on layer 2 are very important for a network to be up and active. Bridges, Switches operate in this layer and they make sure that communication is uplifted. This chapter has information on the error correction, detection, flow and error control. All these topics are discussed in detail with relevant example.
4.3
DETECTION AND CORRECTION
4.3.1 Error Detection Mechanisms a. Parity checking b. CRC c. Checksum method Before looking at the techniques, let’s first understand the need for using such kinds of techniques during transmission of data. Suppose a person ‘X’ living in New York wants his friend ‘F’ who lives in California to access his bank account due to some reason. In order for ‘F’ to access ‘X’s account, he needs the latter’s login credentials. Only when the credentials sent by ‘X’ are absolute and not erroneous, ‘F’ can access the account successfully. Consider the following scenario. ‘X’’s user name is 2547896 and his login password is america. ‘X’ shares the user name straight away through a telephone call; e-mails the password instead, for security reasons. While sending the password, ‘X’ encodes the password ‘america’ in binary digits as follows. (ASCII equivalent of a, m, e, r, i, c, a in binary) In the transmission, any loss might occur to the above data; subsequently changing/garbling the data. This will change the bits for 0 to 1 and vice versa. When ‘F’ receives the values (garbled), he
a
1100001
m
1101101
e
1100101
r
1110010
i
1101001
c
1100011
a
1100001
Data Link Layer 4.3
will convert the data received to its decimal equivalent and thereafter to ASCII equivalent. Due to the transmission error, ‘F’ lands in deriving wrong password making him preventing from logging into ‘X’’s bank account online. ‘F’, on repeated reattempts, ends up in vain. He will not be able to deduce in which piece of data the error occurred. So, what is the strategy to follow? The answer lies in the introduction part of this topic. It’s possible to detect, as well as correct the data received using the parity checking, CRC and checksum methods. Here is the quick overview of the above techniques.
a. Parity Checking I t is the simplest form of detecting errors. With every piece of data, the sender attaches an extra bit of information that helps to actually detect if the received piece of data is intact or not. There are two types of parity. 1. Even parity 2. Odd parity The basic logic behind the above techniques is the number of 1’s in the data. If the communicating parties choose for an odd parity, they keep the data that conforms to odd number of 1’s. For example: In the above ‘america’ example, the following representations holds good.
a m e r i c a
1100001 1101101 1100101 1110010 1101001 1100011 1100001
Parity bit 0 0 1 1 1 1 0
Has odd number of 1's.so parity bit is 0.
Has even number of ones, so parity bit is 1 making it odd.
Fig. 4.1 Odd parity
Similarly, if the communicating parties accept for even parity, they attach the parity bit so that the data has even number of ones. Refer to the following Fig. 4.1. Let the communicating parties choose to follow odd parity. ‘X’ sends the following data with parity information to ‘F’. Figures 4.2, 4.3 and 4.4 are useful in understanding the story behind. 1100001 0
1101101
a m e r i c a
1100001 1101101 1100101 1110010 1101001 1100011 1100001
Parity bit 0 0 1 1 1 1 0
Fig. 4.2 Even Parity
0 100101 1 1110010 1 1101001 1 1100011 1 1100001 0
Fig. 4.3 Data with parity bit attached
4.4 Computer Networking
Consider, the original data reaches perfectly at the receiver end. He checks the message to check if the odd-parity rule holds good. If not, he can be sure of the piece garbled in transmission. For example, the following message arrives at the receiver end. Bits Garbled
1100000 0
1101101
0 1100101 1 1100010 1 1101001 1 1100011 1 1100001 0
Fig. 4.4 Garbled data
As it can be observed from the above data, the parity calculation fails in first piece and forth piece of data. So, the receiver asks the sender to retransmit again. Advantages l This kind of parity checking can detect single bit errors. l With respect to the burst errors, if the number of bits changed is odd, then it detects the burst error. Flaw I f the number of bits garbled is even, the parity calculation doesn’t fail; making the receiver to wrongly assume that the data received is intact. In order to overcome the above mentioned flaw, 2-dimensional parity calculation was introduced. In the above ‘america’ example, parity bits are added column-wise and also row-wise instead of appending only row-wise. a m e r i c a
1 1 1 1 1 1 1
1 1 1 1 1 1 1
0 0 0 1 0 0 0
0 1 0 0 1 0 0
0 1 1 0 0 0 0
0 0 0 1 0 1 0
1
1
1
1 1 1 0 1 1 1
0 0 1 1 1 1 0 Parity Block
0
0
0
1
1
Fig. 4.5 2-D parity
The above parity blocks helps to detect 1, 2, 3 bit errors. Consider the following bit changes. a m e r i c a
1 1 1 1 1 1 1
1 1 1 1 1 1 0
1 0 0 1 0 0 0
0 1 0 0 1 0 1
0 1 1 0 0 0 0
0 0 0 1 0 1 0
1 1 1 0 1 1 1
0
0 0 1
1
1
1
Fig. 4.6 Garbled data
0 0 1 1 1 1 0 1
Data Link Layer 4.5
In order to exactly identify the bits, check the row and column of the parity blocks which do not conform to odd-parity rules. a m e r i c a
1 0 0 1 0 0 0
1 1 1 1 1 1 1
1 1 1 1 1 1 0
0
0 0
0 1 0 0 1 0 1
0 1 1 0 0 0 0
0 0 0 1 0 1 0
1 1 1 0 1 1 1
1 1
1
1
0 0 1 1 1 1 0 1
These bits do not conform to add-parity specication
Fig. 4.7 Finding burst errors
There exists a flaw in this method as well. Suppose that the following scenario occurs. a m e r i c a
0 0 0 1 0 0 0
1 0 1 1 1 1 0
1 1 1 1 1 1 1
0
0 0
0 1 0 0 1 0 0
0 1 1 0 0 0 0
0 1 0 1 0 1 1
1 1 1 0 1 1 1
1 1
1
1
0 0 1 1 1 1 0 1
Fig. 4.8 Flaw in 2-D parity
It can be observed from the above data that, two bits in two data units at the same position have been garbled. In this case, there won’t be any mistake in the parity re- calculation. (i.e.) parity re-calculation will not detect the errors. To prevent these kinds of flaws, CRC (Cyclic Redundancy Check) was introduced.
b. CRC (Cyclic Redundancy Check) There are some points to be made clear before proceeding with the CRC procedure. 1. Unlike Parity method which added a single bit to achieve the desired parity, CRC appends a sequence of bits called CRC Remainder to the message and sends it to the other party. 2. Polynomial division of the message by a pre-determined divisor is done to yield the CRC remainder. 3. Initially, the message is appended with n-1 zeros, where ‘n’ denotes the divisor length. (i.e.) if the divisor is of 5 bits, 4 zeros will be appended to the message.
4.6 Computer Networking
4. Then the message plus n-1 zeros are divided by the divisor, till it yields CRC remainder which is of n-1 bits long. 5. One important quality of the CRC remainder is that, on appending it with the data string and dividing it by the divisor will yield zeros; meaning that the CRC remainder appended data is exactly divisible by the divisor. 6. The divisor should be known to both the communicating parties. 7. While dividing the data by the divisor, when the left most bit is a zero, then the quotient bit will be set to zero yielding to a sequence of zeros in the subtrahend portion of the division. 8. If not, then the divisor will be subtracted from the remainder portion. Note: The divisor is known as, the generator polynomial; the selection of which is the most important portion of CRC, based on which the error-detection ability is improved. Length of the generator polynomial is very important. 9,17,33,65 are the usual lengths of the divisor. An example would make the concept clearer. Let the message to be communicated is 100100. The divisor is 1101 (generally it is used for CRC-8). 111101 1101
Generator polynomial; length = 4 bits
When the last bit is a zero, subtract only zeros instead of subtracting the divisor
100100 000 1101 1000 1101
length of gen. poly minus 1. 3 extra bits appended
1010 1101 1110 1101 0110 0000 1100 1101 001
Note: Subtraction is base on EXOR operation. Identical values lead to 0.
Remainder to be appended to the message
The sender would now append the 3 bits in the remainder ‘001’ to the data as “100100001” and send it to the receiver side. The receiver would calculate the remainder as mentioned above with divisor 1101 and dividend 100100001. If the remainder is all zeros, then the data received is intact, else the data is corrupted in the transmission. If this is the case, the data is rejected and later retransmitted by the sender. The following is the scenario when the data is corrupted in the middle. Calculation Example: CRC Calculation at receiver end
110011 1101 101100 001 1101 1100 1101 0010 0000 0100 0000 1000 1101 1011 1101 110
The remainder!
Data Link Layer 4.7
The remainder is a non-zero value, which indicates that, there is some error at the data received. So, the receiver will ask the sender to transmit the data again. Have a look at the following calculation where the remainder is zero, which in turn conveys that the data is received in a good condition. 111101 1101 100100 001 1101 1000 1101
The remainder!
1010 1101 1110 1101 0110 0000 1101 1101 000
Calculation Example: Data without any error Note: sometimes, the divisor is represented as polynomials. For instance, in the previous example, the divisor can be represented as x^3 + x^2 + 1. In the polynomial representation, the highest degree is 3. CRC can detect burst errors up to the degree of the polynomial.
c. Checksum What is it? What are checksums meant for? It is one of the very oldest and simplest methods used to check the integrity of the data being sent from the sender. It helps in detecting the errors which are possible during the data transfer phase. There is always a possibility that the data may get lost or tampered when they are getting transferred. Checksum will help in detecting those tampered or lost packets in a simpler way. And checksum will help in identifying the sent and received data are the same. And most importantly to mention, it is a cheaper method. In a large network, the leeway of getting the data troubled is more and so the network protocols will use checksum. The transmitter will compute a checksum for the data which is to be sent and the computed checksum will be added to the data and both will be sent towards the destination. The receiver upon receiving will calculate the checksum in the same way the source would have calculated. If they match, there is no error. If they do not match there is a sure error. Upon finding the error the job of receiver goes easier. It will throw away that packet and sender will have to retransmit this information. A simple checksum calculation is presented here for reference. Assuming sender will transmit a data packet as “G O O D D A Y”. And following will be the way to calculate checksum as shown in Fig. 4.9.
4.8 Computer Networking Space G
O
O
D
D
A
Y
44
41
50
20 47
4F
4F
47 + 4F
44
4F + 44 20 + 44
41 + 50
Checksum = F827
Fig. 4.9 Checksum calculations
Where from above example, the ASCII equivalent of the characters are summed up and checksum is generated as shown. The receiver on receiving this information will also try generating the checksum. If they match it is believed to be correct data. One major disadvantage in this method is demoed here in the following Fig. 4.10. In the event of data being received as “G O D O D A Y” as shown in Fig. 4.10, still the checksum will be similar at both the ends which will then fail in detection of errors. So this is a big flaw associated to this methodology. Space G
O
D
O
D
A
Y
44
41
50
20 47
44
4F
47 + 4F
4F
4F + 44 20 + 44 41 + 50 Checksum = F827
Fig. 4.10 Checksum flaw
4.3.2 Error Correction Methods a. Hamming Codes The techniques mentioned above are meant to detect errors. Once the error is detected, the received data is discarded, and the sender is intimated of it. There is no significance about the type of error. Be it a single bit error, or a burst error, it is not given much importance. In error correction scenarios, it cannot be treated so. The type of error should be identified; then the positions of errors should be discovered. Hamming codes are meant to detect the error and correct it. Like CRC, in hamming code technique, we will add some extra bits to the data before transmitting it, so that the receiver will be able to detect the error if any. The extra bits are termed as parity bits. The number of parity bits are based on the length of data. It is based on the following relation.
2p> = m + p + 1
Where, p denotes the parity size, m the message length.
Data Link Layer 4.9
For instance, if the message is of 4 bit length, there should be at least 3 parity bits. (23> = 4 + 3 + 1). Following Table 4.1 shows some examples of the same sort. Table 4.1 Hamming codes Size of data (m)
Parity bits required
1
2
2
3
3
3
4
3
5
4
6
4
7
4
Unlike CRC, the parity bits are not appended at the end of data. Parity bits have their own positions in the data to be sent. The set of data bits and parity bits are together called, ‘the codeword’. The length of the codeword is equal to ‘m+p’. In the codeword, parity bits occupy the positions which are powers of two starting from 20 (=1). For example, let the size of m be 7 bits. There should be at least 4 parity bits as per the above mentioned rule. Those 4 parity bits will occupy the positions 1, 2, 4, 8 respectively. Pictorially, it is Fig. 4.11. 1
2
3
4
5
6
7
8
9
10
11
p1
p2
d1
p3
d2
d3
d4
p4
d5
d6
d7
p Æ parity bit d Æ data bit Fig. 4.11 Hamming code
The data bit positions can be easily filled; just copy the bits into the positions from the given message. But filling the parity bits is bit tricky. Following rules hold good for filling the parity bit positions. 1. p1 is determined by the bits at positions 1, 3, 5, 7, 9, 11, 13, 15, etc. (alternate positions). If the number of 1’s in these places is odd, p1 is assigned with ‘1’. Else it is zero. (Just to maintain the even parity.) 2. p2 is determined by the bits at positions 2, 3, 6, 7, 10, 11, 14, 15, etc. 3. p3 is determined by the bits at positions 4, 5, 6, 7, 12, 13, 14, 15, etc. 4. p4 is determined by the bits at positions 8-15, 24-31, etc. The parity bits are assigned in such a way that, the even parity is maintained. (Either kind of parity can be adopted. Either even or odd. It depends on the consensus between the communicating parties.)
4.10 Computer Networking
At the receiving end, the receiver will check the parity bits to ensure that they are all conforming to the even parity. In case any error occurs, the receiver needs to sort out things. Following is an example for hamming code technique. Let the data be: 1010111 (7 bits). 1. The data bits are entered into the positions as follows. 1
2
3
4
1
5
6
7
0
1
0
8
9
10
11
1
1
1
2. p1 is filled based on 3, 5, 7, 9, and 11. The values at these positions are 1, 0, 0, 1, 1 (totally 3 ones; so odd. So, p1 should be ‘1’). 1
2
1
3
4
1
5
6
7
0
1
0
8
9
10
11
1
1
1
3. p2 is filled based on 3, 6, 7, 10, and 11. The values at these positions are 1,1, 0, 1, 1 (totally 4 ones; so even. So, p2 should be ‘0’). 1
2
3
1
0
1
4
5
6
7
0
1
0
8
9
10
11
1
1
1
4. p3 is filled based on 5, 6, 7. The values at these positions are 0, 1, 0. (totally one bit only is one; so odd. So, p3 should be ‘1’). 1
2
3
4
5
6
7
1
0
1
1
0
1
0
8
9
10
11
1
1
1
5. p4 is filled based on 9,10,11. The values at these positions are 1, 1, 1. (Totally 3 ones; so odd. So, p4 should be ‘1’) 1
2
3
4
5
6
7
8
9
10
11
1
0
1
1
0
1
0
1
1
1
1
6. The codeword becomes 10110101111. This 11 bit codeword is transmitted. Note: During transmission, there might be two types of change occur to the codeword. Either of the two, the parity bits or the data bits can be flipped due to the transmission errors. The receiver can easily identify the type of error and correct it. Remember that the parity bits are present in 1, 2, 4, 8 positions. At the receiver end Suppose there is a bit change in the codeword at the position 10. The codeword received as 10110101101.
Data Link Layer 4.11
The receiver first checks the positions that P1 relies on. The positions checked are, 1, 3, 5, 7, 9, 11. The parity is even (no. of 1’s is 4.) so there is no problem with this parity bit. 1
2
3
4
5
6
7
8
9
10
11
1
0
1
1
0
1
0
1
1
0
1
4 one Next, the positions 2, 3, 6, 7, 10, 11 are checked as follows. The parity is odd; so there is a problem with this parity bit position (2). 1
2
3
4
5
6
7
8
9
10
11
1
0
1
1
0
1
0
1
1
0
1
3 one Similarly, the other bit positions with respect to p3 are checked. 1
2
3
4
5
6
7
8
9
10
11
1
0
1
1
0
1
0
1
1
0
1
2 ones; parity is valid
But there exists a problem with p4 parity. The bits at positions 8, 9 10, 11 do not correspond to even parity. So there is a problem with this parity bit position (8). Now, the receiver is able to deduce that, positions 2 and 8 are in deal now. The receiver then adds up both the positions, (2 + 8) and detect that bit 10 has been flipped in the transmission and the receiver later changes the 10th bit to 1. Thus he recovers the codeword. If there is no error, all the parity bit calculation would conform to the even parity. The above example was with respect to the error in data bit. If the error is in the parity bit, only that parity calculation will fail. For instance, if, in the above codeword, p2 flips to 1, calculation of p1, p3, p4 would pass the test of parity checking. Only p2 will be failing the test. So, the receiver can be confident that the data bits are intact and only the parity bit has changed!
4.12 Computer Networking
4.4
ERROR CONTROL
4.4.1 Flow Control Methods What is Flow control and Error control? Why are they needed? To start with, a small practical example will help. Assume a teacher is writing on the board very fast and rubbing it as soon as writing is over. What will be the situation of the students? It would be pathetic. With this example once can try to get a closer understanding of need for flow and error control. To have a perfect and reliable communication between the source and destination there is a definite need for flow control. The amount of data sent by the sender should be in such a way that can be received by the receiver without drop. In the event of sender sending data which cannot be at the rate that the receiver can accept there raises the problem and here is where the need for flow control comes. And error control is something which will make sure that the data received at the receiver end is error free. A question can be raised now. Why is the flow control and error control done at data link layer as well as transport layer? Node to node links will be taken care by data link layer and end point to end point it is taken care by transport layer. There are lot of mechanisms available to get the flow and error control achieved. 1. Stop and wait 2. Sliding window 3. ARQ (Automatic Repeat Request) 4. Go back-N 5. Selective repeat ARQ The reader would be exposed to all these mechanisms one by one.
4.4.1.1 Stop and Wait Mechanism for Flow Control It is a simple schema. To make reader understand simple figure is presented in Fig. 4.12. It can be referred and then can be moved to core concept. As shown in Fig. 4.12 the sender will have to wait for an acknowledgement from the receiver for every message being sent. When the acknowledgement is received, the next frame will be initiated. So in a way it is a very sluggish mechanism where each frame will need an acknowledgment. And there will be a definite delay caused because of the acknowledgement being sent back. And the sender might have to wait forever for an acknowledgement that may not come at all. Though there is an increased certain reliability, there is a big flaw that it is a slow method.
Data Link Layer 4.13 Hello
Sender wait until receiver acknowledges Hello How are you Sender
Sender wait until receiver acknowledges
Receiver
Am ne
Fig. 4.12 Stop and Wait
4.4.1.2 Sliding Window for Flow Control This is the next very widely used methodology for getting good flow control. Instead of waiting for an acknowledgement for each and every packet, this increases the time of transmission. The idea behind the sliding window protocol is to reduce the clumsy time that is being consumed with Stop and Wait protocol. Here few frames will be sent in one injection and acknowledgement will be expected for all the frames at the same time. Following Fig. 4.13 is a simple and self explanatory one for understanding Sliding Window concept. Hello How are you
Meet me tomorrow
Sender
A window for three questions are set here and all three to be acknowledged Receiver and only then the next set of packets can be sent.
Hello Sir. Thanks am ne. Sure I will meet you.
Fig. 4.13 Sliding Window – Real life example
But that would not be sufficed with this example. So better to move to a networking example, Reader can refer to Fig. 4.14 for getting a clear picture.
4.14 Computer Networking
There is a 3-byte sliding window set in Fig. 4.14. Moving from left to right, the window “slides” as bytes in the stream are sent to the destination and are acknowledged. In the first stage 3 bytes frame will be sent and will be waiting for acknowledgement from receiver and once received it will move on to stage 2, likewise to the last one. A question may get raised. What if acknowledgement is coming back from the receiver? Good question. The source will be having a clear track. There will be a timer set for all the packets. Within that timing the packets should reach destined points and acknowledgement should have arrived. If not, the packet will be resent and thus making sure no packets are dropped. Comparing stop and wait this sounds to be a better protocol. 1
3
2
3 Byte Window
1
{
3
2
{
2
6
5
4
6
3 Byte window
3
7
8
5
4
Sent and acknowledged by receiver
7
{
6
{ 8
Stage -2
9
Yet to be sent
7
{
Stage -1
9
Yet to be sent
Sent and acknowledged by receiver
1
5
4
8
9
{ Stage -3
3 Byte window
Fig. 4.14 Real Sliding Window
Now the reader can take head towards Error control mechanisms which are equally important as well.
4.4.2 Error Control Mechanisms hat would be the result of an error? When a packet is lost what could be the consequence? A W simple real life example would serve the purpose. Reader can refer to Fig. 4.15 which is very much self explanatory. Sent Data You have
Not
Done a bad job
Sender
Receiver
Lost or Dropped packet
You have
Oh my god
Done a bad Job
Sender
Receiver
Received Data
Fig. 4.15 Error Control
Data Link Layer 4.15
And there are few mechanisms to address error control and are discussed as follows. Error control will help in retransmission of lost packets. There is a schema followed and it is named as Automatic Repeat Request (A R Q). In ARQ the sender will have to wait for a positive acknowledgement from receiver and shall proceed only after getting it. Retransmission is mandatory in case of no acknowledgement in a specified interval of time. There are two commonly followed ARQ methods called as Go Back ‘n’ and Selective Repeat. Reader will be introduced to them shortly.
4.4.2.1 Go Back ‘n’ This is also one of the sliding window mechanisms. The sender can keep sending the data and in case of an error raises the problem. Figure 4.16 will help reader in understanding. Assuming as shown in the Fig. 4.16 where 5th frame is lost, there will be a negative acknowledgment and all the frames after that in the error have to be retransmitted which is definitely time consuming in case large data being sent. Sender 1
2
3
4
5
6
7
8
9
3
4
5
6
7
8
9
Receiver 1
2
{
Sender 1
2
3
4
{
Re-transmit
5
6
7
8
9
Fig. 4.16 Go back ‘n’
4.4.2.2 Selective repeat ARQ The only difference is perhaps there is no need for retransmitting all the frames in case of a loss. The buffer at receivers end will store the frames in buffer and in case of a loss, only a particular frame which is lose needs to be resent. Rest all can be restored from buffer. Figure 4.17 is the remodeling of Fig. 4.16. Reader can see that only the frame which is lost, is being resent and rest are restored from buffer.
4.5
DATA LINK LAYER SERVICES
4.5.1 VLAN Switching and VLAN Protocols What is VLAN and why is it needed? A Local Area Network which interconnects computers in a limited area such as school, college or Office, Generally this LAN is defined as a single broadcast domain i.e. any host transmits broadcast
4.16 Computer Networking
traffic on LAN, this traffic will be received by all other users on LAN, Broadcasts will be prevented using the router. Virtual Local Area Networks (VLAN’s) are developed for an alternative solution to hold broadcast traffic in LAN. Sender 1
2
3
4
5
6
7
8
9
3
4
5
6
7
8
9
Receiver 1
2
Re-transmit
Sender 1
2
3
4
5
6
7
8
9 Restore from buffer
1
2
3
4
5
6
7
8
9
Fig. 4.17 Selective Repeat ARQ
What do VLAN’s offer? One can take traditional LAN which is illustrated in Fig. 4.18, in that network all the workstations are connected to each other by hub or repeater or switch.
Hub
Hub
Hub
Hub
Hub
Hub
Bridge or Switch
Bridge or Switch
LAN Segments (Collision Domain)
Workstation
Router
Fig. 4.18 Physical view of LAN segment
LAN (Broadcast domain)
Data Link Layer 4.17
In this LAN segment entire device will propagates incoming data throughout the LAN. However, if two host attempts to send data at the same time, collision will occur this will lead to loss of data. Once collision has occurred, it will continue propagating throughout the network through hubs and repeaters. The original information should be resent after waiting for some time and this will lead to wastage of time and resources, to prevent the collisions in the LAN segment bridges and switches are used. Switches will not forward collisions, but it will allow broadcasts to every user in the LAN or multicast the data to specific user groups, since collisions remain within the LAN segment, this LAN is also called as a collision domain. Defining broadcast and collision domains in a LAN depends on how the workstations, hubs, switches, and routers are physically connected together. This means that everyone on a LAN must be located in the same area.
Fig. 4.19 Switch operation without VLAN (E-Sends date to B)
From 4.19 Host E sends packet to host B, switch A learns host E’s presence now, and will looks into the lookup table for destination host B’s details, if switch is not aware of the host B’s presence, switch A will send packet to all other ports in other switches too, except the received port. After host B receiving the packet from E, B will respond to E, now switch A will learn the B’s presence and lookup for E’s presence and packet will send to host E and not forwarded to all other ports. In this example when any user from group 1 wants to transmit any data to same group unnecessarily all the data is propagated into all other groups, this will lead to waste of bandwidth and this could be avoided by using the VLAN concepts.
How VLAN is working? VLAN’s allows dividing a LAN segment into different broadcast domains and this logical segment are called as a VLAN, Figs. 4.20 and 4.21 shows grouping of VLAN in LAN. In this Group A, Group B, Group C having different set of host but all the hosts is connected into switches.
4.18 Computer Networking
Fig. 4.20 Physical view of LAN segment Sales Accounting
Router
Research
Fig. 4.21 Logical view of VLAN segment
In Fig. 4.22 assuming host E sends packet to host B, switch A learns host E’s presence Lookup table for destination host B’s presence, if switch is not aware of the host B’s presence, switch will send packet to all other ports except the received port. After host B receiving the packet from E, B will respond to E, now switch will learn the B’s presence and lookup for E’s presence and packet will send to host E and not forwards to all other ports.
B
C
D
E
F
G
I
H
J
A Group 1
Group 2
K
M
N
O
P
Group 4
L Group 3
Fig. 4.22 VLAN working principle
Q
Data Link Layer 4.19
Advantages of VLAN l l l
More flexibility in administration and Control, Easy to install and reinstall, Reduction in the broadcasting of traffic on the LAN.
VLAN Frame Format Figure 4.23 shows format of VLAN tag and total size of VLAN header is 2 bytes, in LAN this VLAN headear will encapsulated into ethernet frames.
Fig. 4.23 VLAN Format
Tag Protocol Identifier (TPID): It’s a 16-bit field & this field is set to 0x8100 in order to identify frames in the customer Bridges segment & 0x88a8 for Provider Bridges segment. A Bridge in a LAN segment after receiving the frames, device will compare the TPID field in order to identify Customer frames & provider frames.
Tag Control Information Priority Code Point (PCP): It’s a 3-bit field, Range from 0–7 & this Priority bits are used for QoS(Quality of Service) purposes. These values can be used to prioritize different classes of traffic like voice, video, data, etc. Canonical Format Indicator (CFI): It’s a 1-bit field & this field is always set to zero for Ethernet switches. CFI is used for compatibility between Ethernet and Token Ring networks. If a frame received at an Ethernet port has a CFI set to 1, then that frame should not be bridged to an untagged port. VLAN Identifier (VID): It’s a 12 bit field & VLAN Tag Range is from 0 to 4096. This ID is used to identify the members of the VLAN to which the frames are to be advertised. In some bridges VLAN 1 is reserved for a management VLAN. All other values may be used as VLAN identifiers.
4.20 Computer Networking
4.5.2 Spanning Tree Protocol (STP) – An In depth Analysis What is Spanning Tree? STP is an awesome protocol which can prevent loops on a network. There is an algorithm followed behind this and it is named as Spanning Tree algorithm, using which unwanted links are disabled and ports which may cause loops are blocked. Loops and duplicate frames will lead to worst consequences on a network. The basic action of a switch on a network is to detect the MAC address of a host or a PC (Say PC 1). Then its work is to announce it is finding to the network. But there will be a problem when other switch also finds the same host or PC 1’s MAC address. It will also wishes to inform its finding to the network. Assuming there are so many switches in a network and all have found PC 1’s MAC address, and all will inform the network. Then there will be flooding of the messages on the network on their finding of how to reach the PC 1. So now the same message will be looped on the network which is an overhead and which is a definite source for performance imperfection. The looping must have been avoided to get this problem rectified. An example would clarify this concept. This full chapter is intended to create understanding on all STP concepts. STP is seen as a gift since there is no concept of TTL (Time to Live) in Layer 2. l
How Spanning Tree Works? l How a loop is formed and why is it dangerous? A small example is presented here based on network represented in Fig. 4.24. Reader can understand the concept of looping with ease after reading this example. Suppose a data frame is originating from server and it is destined to work station as shown in the Fig. 4.24. The frame will be first knocking the doors of Switch – 1. Switch -1 will forward that frame to all other ports other than self, since the MAC address of the workstation may not be available with the MAC table.
Server
Switch 1
Switch 2
Switch 3
Work Station
Fig. 4.24 Loop formation in the networks
Switch - 2 and Switch – 3 would now have received the frame for itself (i.e. copy of the frame from the Switch – 1). Now the same action would start here as stated above. Switch - 2 and Switch -3 will start to search the MAC address of destination device in the MAC table. It may not be found there as well and the forwarding action will start now. Switch –2 will forward to all other ports than self and Switch – 3 will also forward it to Switch -2 and Switch –1. So the same frame reaches Switch –1, Switch –2 and Switch –3 again and again so many times and thus creating a loop. This will result in a drastic performance issues and this has to be clogged. And most importantly broadcast storm can be avoided if the STP is implemented. Above discussed flooding of frames is referred to be as broadcast storm and it will lead to severe bandwidth issues.
Data Link Layer 4.21
STP will avoid this looping/bandwidth storm in a neat way, which is discussed shortly. Before jumping into functionalities of STP and the way it works, one needs to know the port states followed in STP algorithm. If someone enables STP with a switch the ports can be in any of the following states: l l l l l
Blocking Listening Learning Forwarding and Disabled.
4.5.2.1 Port States The port will not get jumped into any of the above mentioned states other than blocking state right away.
Blocking State Once the port is opened, immediately port will go into blocking state. The port cannot do wonders with this state. In fact, the port will not be able to forward data frames, receive frames and even there cannot be MAC learning. A port with blocking state can receive STP BPDUs from peer switches but it will discard the data from neighbour switches.
Listening State The port which is in blocking state can next move to listening state. With this state being set it can listen (receive) BPDUs and at the same time, it can also send BPDUs. But again, here this state will not allow the port to receive or to send the data frames. So in simple words, listening mode is a better blocking mode where just sending BPDUs are enabled.
Learning State The port can then travel to the learning state. When a port is in learning mode, it means, port is getting ready to send and receive the data frames. Also the port will start learning MAC addresses which is leading to addition of learnt MAC address to the MAC table.
Forwarding State And the next state the port can moves to forwarding. In this mode the port gets all the privileges. It can forward and receive data frames. It can send and receive the BPDUs. Also it can place the MAC address learnt in the MAC table. So this is a fully operational state.
Disabled state A port in disabled state will not participate in frame forwarding or any operation of STP. To state in simple words the port in disabled state is not operational. It is as good as dead.
4.22 Computer Networking
After having some knowledge on states that a port can be in, it is better to know the transition of port states. A simple diagrammatic representation would be useful for neat understanding. Figure 4.25 is representing the state transitions. Blocking
Blocking Disabled Blocking
Blocking
Fig. 4.25 State transition for ports
A port after initialization will first move to blocking state. Then the port can move to listening or disabled state. If it has moved to listening, then it can further gets into learning state or disabled state. If learning is the state moved, then it can get transition to forwarding or disabled. Diagrammatic representation of state transitions is presented below. The above discussions had a term as BPDU used here and there. This is very important for someone to understand and BPDUs are explained in detail follows. After this discussion, reader will be taken through the working principle of STP and related things.
4.5.2.2 Bridge Protocol Data Unit (BPDU) For two switches to communicate there is a commonly agreed format of communication which is referred to be as BPDUs. BPDUs are basically or simply to be called self advertisers for the switches. A switch when sending a BPDU out from it, it sends out the configuration information to the other switches in the network. BPDUs are source, through which the topology changes, link failures, loops formation are all known and it will trigger the STP algorithm to run immediately. With this little information on BPDU, reader can propagate to BPDU structure (frame format) and understanding the components of the frame. Figure 4.26 is a representation of STP - BPDU frame format.
Protocol Identifier This is an identifier and normally it is filled with value zero. It is a 2 bytes filed. Protocol Version (1 byte) This column contains zero. BPDU Type (1 byte) This field will indicate if it is a configuration BPDU or TCN. (Topology Change Notification)
Data Link Layer 4.23
Fig. 4.26 BPDU format
Flags (1 byte) It is a one byte field. It can serve as an indicator for topology changes or acknowledge-ments to the topology changes. Topology change will be indicated by TC bit and TCA bit of the field will be an indicator of Topology Change Acknowledgement. This field has 8 bits where rest of the 6 bits are not used. They are left unused. Figure 4.27 is diagrammatically representing the field. Topology change flag
Unused
Unused
Unused
Unused
Unused
Unused
Topology Change Acknowledgement
0
1
2
3
4
5
6
7
Fig. 4.27 Flags
Root Identifier (8 bytes) It is an identifier for the root bridge (root concept will be discussed in detail with an example in the next topic). It is a combination of 2 byte priority number followed by its own 6 byte MAC address. Priority is something which is associated with the ports. A lowest priority value is preferred for Switch priority value.
Root Path Cost This root path cost is the cost (a parameter defined by IEEE 802.1) for reaching the root switch from other switches. A set of values are already defined and here it is presented for the different data rates.
4.24 Computer Networking
The following table is having the cost values summarized. Table 4.2 Cost values Data Rate
Cost Value Range
Recommended Cost Value
4 Mb/s
10 – 1000
250
10 Mb/s
50 – 600
100
16 Mb/s
40 – 400
62
100 Mb/s
10 – 60
19
1 Gb/s
3 – 10
4
Bridge Identifier The sender bridge is identified by this 2 byte field of the BPDU. It has priority number followed by 6 byte MAC address.
Port Identifier It is an identifier used to identify the port from which the STP configuration message is being sent.
Message Age Message age defines the last time that the Root switch has advertised BPDU which has the current configuration details.
Max Age This parameter will mention on how long the current configuration can be retained. To be more precise the current configuration will be deleted after the time span set in Maximum age field. After this time got elapsed re-running of STP algorithm will happen to get the new configuration set up.
Hello Time A switch will advertise configuration BPDUs in a frequent interval of time. That time interval is named to be as Hello Time.
Forward Delay This is the maximum amount of time that bridges should wait before getting moved to the new state after a topology change. Or in other words it can be put this way, it is the amount of time that a port can remain in a particular port state.
4.5.2.3 Spanning Tree Protocol – An example The following Fig. 4.28 has a simple triangular topology which has three switches connected to each other.
Data Link Layer 4.25 1/1
1/1
Switch - 1 Bridge - ID: 4096.00-00-00-00-00-0A
1/2
Switch - 2
1/2 Bridge - ID: 4096.00-00-00-00-00-0B
Switch - 3 1/1
Bridge - ID: 4096.00-00-00-00-00-0C 1/2 Bridge - ID: 4096.00-00-00-00-00-0C
Fig. 4.28 Triangular topology
This topology will now serve as an example for the reader to understand the STP concept. Assuming that STP is implemented in the switches, the example is discussed as follows in detail. Each switch is connected to other two switches and thus triangular topology is formed. For connecting one switch to another there needs two ports in each switch. So 1/1 and 1/2 are created in each switch through with connections are established. From switch-1’s port 1/1 a connection is made to 1/1 of switch 2. Likewise other connections are made. Next thing to observe from the Figure is the Bridge ID. It is the combination of priority and MAC address of respective switch. For the better understanding of the reader here priority of all the bridges are kept similar. 4096 is the value referred here. Normally as mentioned earlier in this chapter, smaller the priority value, greater the preference and chances for getting elected as ROOT is more there. Whichever switch has smaller value, will be by default the ROOT and here in this case it is same for all the switches. So MAC will play a role in determining the ROOT. When the system is booted up all the switches will be in an assumption that they are the ROOT. A simple schematic is where every switch will assume itself as ROOT is shown below in Fig. 4.29. Also make a note that ROOT ID is also framed. Initially it will be same as the Bridge ID. Am the Root Switch - 1
1/1
Am the Root 1/1
Switch - 2
1/2 1/2
Bridge - ID: 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A
Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0B Am the Root
1/1 Switch - 3
1/2 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0C
Fig. 4.29 Root Message announcement
4.26 Computer Networking
Assuming that Switch -2 now sends a BPDU with its ROOT ID to switch 1 and 2 (In an assumption that it is the ROOT). Once this message reaches the Switch-1 and 2 there will be a comparison of ROOT ID and whichever ID is lower will be respected and ROOT ID will be changed. This concept is diagrammatically expressed below. Reader will have better understanding after going through Figs. 4.30, 4.31 and 4.32. Bridge - ID: 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A
Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0B
BPDU form Switch 2 Root ID: 4096.00-00-00-00-00-0B
Switch - 1
Switch - 2
1/1
1/1
-0B
1/2
1/1
BP Ro DU f o ot ID: rm S 40 wit 96 ch .00 2 -00 -00
-00
-00
1/2
1/2
Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0C
Fig. 4.30 BPDU from Switch-2 to other two switches Bridge - ID: 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A Switch - 1
Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0B
My Root ID is smaller, Am the Root.
Switch - 2
1/1
1/1 1/2
1/2
BPDU form Switch 2 Root ID: 4096.00-00-00-00-00-0B
My Root ID is Greater than SW-1. 1/1
1/2
Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0C BPDU form Switch 2 Root ID: 4096.00-00-00-00-00-0B
Fig. 4.31 Comparison of ROOT ID
Data Link Layer 4.27
Fig. 4.32 Root ID change for Switch-3
For switch-3, since the ROOT ID is greater than switch-2’s ROOT ID, the ROOT ID will be changed for the switch-2 and it will now assume that switch-2 is ROOT. Switch-1’s ROOT ID is smaller than that of switch-2’s ROOT ID. So there will be no change in the ROOT ID of switch-1, it will claim itself as ROOT. Now the next step would be the comparison of the ROOT The next step would be to send the BPDU from other switches as well, like switch-2. Finally switch–1 has the smallest ROOT ID out of all others and so it will be selected (elected) as the ROOT. So the ROOT ID of other two switches switch-2 and switch-3 will be changed as 4096.00-00-0000-00-0A. This is diagrammatically explained here in Fig. 4.33 where all the switches have elected switch-1 as ROOT.
Fig. 4.33 ROOT Election schematic
4.28 Computer Networking
The next set of formalities to be done here in the STP. It is to elect the ROOT Port for nonRoot elements in the topology. What is ROOT port? To say in simple words, it is the port nearer to the ROOT Bridge. For this topology assumed, the cost also is being assumed to be the same across all the links. So switch–2 and switch–3 should elect their respective ROOT Ports. For switch–3, port 1/1 is the nearest (based on path cost) one to ROOT (Switch-1) and so it is elected as ROOT Port. Similarly for switch–2 port 1/1 is nearer to the ROOT (switch–1) and so it is elected as ROOT port. Figure 4.34 is representation of the above said concept of election of ROOT ports.
Fig. 4.34 ROOT Port Election schematic
Election of the designated ports will be the next task. And how are they selected? Ports that provide least path cost from a segment to root are elected as designated ports. Here in this topology there are three segments. There are three segments in the topology and the same is shown in Fig. 4.35. Root Port
Switch - 1
1/1
Segment-2
1/2 Bridge - ID: 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A
1/2
Segment-2
1/1 Root Port
1/1
Switch - 2 Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0A
Segment-2
1/2
Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0A
Fig. 4.35 Segments in the topology
Data Link Layer 4.29
Ports on switch-1 are directly connected to ROOT (since switch-1 itself being ROOT). So ports 1/1 and 1/2 are right away marked as designated ports. Fig. 4.36 is representing the same. And now for the other two switches the process is simple, the path cost will be calculated and since here in this topology it will be the same. So the Bridge.ID will be compared and since switch-3 has higher one it won’t be respected and so switch-2’s port 1/2 will be elected as designated bridge. And coming to switch-3, port 1/2 will be elected as non designated ports. Again for better understanding, Fig. 4.36 and 4.37 are drafted. Reader can understand things better on having a view at the pictures. Designated Port
Switch - 1
Root Port
1/1
1/1
1/2 Bridge - ID: Designated 4096.00-00-00-00-00-0A Port Root - ID: 4096.00-00-00-00-00-0A
1/1
Switch - 2 Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0A
1/2
1/2
Root Port Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0A
Fig. 4.36 Designated ports election
Designated Port
Switch - 1
1/1
Root Port
1/1
1/2 Bridge - ID: Designated Port 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A
1/1
Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0A Switch - 2
1/2
1/2
Designated Port
Non Designated Port
Root Port Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0A
Fig. 4.37 Non designated ports election
4.30 Computer Networking
Finally what could be the action after all these steps? A million dollar question to be answered. ROOT ports and DESIGNATED ports will go to the forwarding state and it can forward BPDUs. So it will be fully operational. Non designated port will be set to blocked state which is non-operational. Figure 4.38 is representing the port state setup. This stage is called as fully converged state. Designated Port
Switch - 1
1/1 Forwarding
1/2 Forwarding Bridge - ID: 4096.00-00-00-00-00-0A Root - ID: 4096.00-00-00-00-00-0A
1/1
Designated Port
Forwarding 1/1
Bridge - ID: 4096.00-00-00-00-00-0B Root - ID: 4096.00-00-00-00-00-0A
Root Port
Switch - 2 1/2
Designated Port
Forwarding
Blocked 1/2
Non Designated Port
Root Port Switch - 3 Bridge - ID: 4096.00-00-00-00-00-0C Root - ID: 4096.00-00-00-00-00-0A
Fig. 4.38 State change representation
BPDUs can be forwarded with the ports in forwarding state. For example switch-2’s port 1/2 will keep on sending its BPDU mentioning its superiorityover switch-3. Now if at all there is a problem and there is a delay in sending BPDUs, the entire process will be happening again and spanning tree protocol will work and convergence will happen again. So the state if 1/2 for switch-3 may go to forwarding state. With all these simple representations, the reader would be capable of understanding STP. So the next step would be to understand RSTP.
4.5.2.4 Rapid spanning tree protocol - An introduction RSTP works in the same way as STP to the most part. RSTP is different in one better angle. Its reconvergence time is lesser when compared to STP. STP needs about 30 to 50 seconds to re-converge whereas RSTP can get reconverged in less than 10 seconds. The main difference between STP and RSTP is the number of port states that RSTP supports. RSTP has only three states discarding, learning and forwarding. But in the case of STP it had three states called as listening, blocking and disabled, RSTP has combined three of these states—listening, blocking, and disabled—into a single port state discarding. The other major difference that can be spotted out is the BPDU transfer. In STP the bridges can send out a BPDU when one is received on their ROOT Port. It means they can only forward the BPDUs that are generated by the ROOT Bridge. But RSTP enabled bridges can send out BPDUs every Hello time with current information.
Data Link Layer 4.31
There is one more change in RSTP. Alternate and Backup port roles are introduced as two additional roles when compared to STP. An alternate port, as its name indicates, is an alternate path to the root port. It can be considered as an unused root port for now. And coming to the backup port, to make the understanding simpler, it can be considered as an unused designated port. And most important thing is RSTP is backward compatible with STP.
RSTP Port States As already discussed the Root Port and Designated port roles remain as such. As a change, there are two more port roles are included. One is backup port and other is alternate port, where these two were clubbed to be as one state called as blocking in STP. Root Port (though already discussed, a recap here would be helpful) A port if receives the best BPDU on a bridge can be referred to be as ROOT Port. And one more point is this bridge the closest one to the Root bridge in terms of the cost. In a bridged network there can be only one Root Bridge. The Root Bridge sends the BPDU which are very useful than the other BPDUs which are triggered from other bridges. A Root bridge is the only bridge that has no Root Port. Other Bridges in the network will have one Root port at least (Refer Fig. 4.39). The same way as discussed in STP designated ports are marked. To keep it simple, ports in the root bridge can be marked as Designated ports. Root Bridge Designated Port Designated Port
Root Port
SW-2
Root Port
SW-3
Designated Port
Fig. 4.39 RSTP Port Roles
Alternate and Backup Port Roles A port which is not named as designated or root will be into the blocked state. A blocked port will receive BPDUs which are better than the one it literally sends out. Here blocked state in RSTP is framed as Alternate or Backup ports. An alternate port receives more useful BPDUs from another bridge and is a port blocked. This is shown in this Fig. 4.40. A backup port will receive useful BPDUs from the same bridge, but its state will be blocked. This is also depicted in Fig. 4.40.
4.32 Computer Networking Root Bridge Designated Port Designated Port
Root Port
SW-2
Root Port Designated Port
Alternate Port
SW-3
Backup Port
Fig. 4.40 RSTP Port Roles
Having discussed on the port roles, an example with simple triangular topology can again be taken as discussed in STP. The following section will describe on how RSTP is working when implemented in the switch. The Fig. 4.41. Root Bridge SW - 1
1/1
1/1 SW-2
1/2 1/3
1/2
1/2
SW-3 1/1
1/2
Fig. 4.41 RSTP Explanation with triangular topology
Keeping in mind the previous section where STP root bridge election is discussed in detail reader should move on here. If reader gets a query here, probably visiting the STP section again will make the job easier. Assuming that SW-1 has the lowest bridge priority all other switches in the topology will hail the SW–1 as ROOT. Election of Root Bridge will happen in the very same fashion as it got elected in STP. Next step is to mark the ROOT PORT and DESIGNATED PORTS. Here in RSTP there is one more port role, ALTERNATE. This port roles mapping is depicted in Fig. 4.40. The ports from ROOT are obviously the closest ones to the ROOT and they are marked as Designated ports. And the next step is to mark the ROOT ports. From SW–2 the shortest path to reach the ROOT will be through port 1/1. So it will here be marked as ROOT Port. From SW–3 port 1/1 will be marked as ROOT Port. These port roles markings are depicted in Fig. 4.42.
Data Link Layer 4.33 Root Bridge SW - 1 Designated
Designated 1/1
Root Port
1/1
1/2
1/2
SW-2
1/3
1/1
1/2 1/3
Root Port
SW-3
Fig. 4.42 RSTP Port Roles marking
The left out ports are to be marked appropriately. The ports 1/2 and 1/3 in SW-2 and SW-3 are to be marked. Considering the port 1/2 of SW-2 and 1/2 of SW–3, one of those should be marked as Designated and one must be Alternate port. How can this be decided? There is simple way followed as done in STP. In this case if 1/2 of SW–2 has better prospects (Lesser cost value), it will be marked as Designated port and the other end 1/2 of SW–3 will be marked as Alternate port. Same is the case with next link given. So 1/3 of SW–2 will be marked as Designated port and 1/3 of SW-3 will be marked as Alternate port. So how the loop will be avoided? It is simple. Root port and designated ports will be moved to forwarding state. Then Alternate ports will be moved to blocked state. This again is depicted in Fig. 4.43. Ports in blocking states will not be able to forward BPDUs and they will be as good as cut. The same concept is diagrammatically explained below in Fig. 4.43, which shows loop removal as well. This is how RSTP is functionally working.
Fig. 4.43 RSTP Port states
4.34 Computer Networking
RSTP BPDU Frame Format There are very few differences between the STP and RSTP BPDU formats. The comparative study of both the things will be very useful and is presented in Fig. 4.44. Protocol Identier
Version
Massage Flags Root Type ID
Root Bridge Port Path ID ID Cost
6
5
4
Maximum Time
Hello Forward Time Delay
(RSTP) IEEE 802.1W
IEEE 802.1D (STP) 7
Massage Age
3
2
7
0
1
6
5
4
3
2
1
0
Topology Topology Change Change Unused Unused Unused Unused Unused Unused Acknowledgment Flag 0
1
2
3
4
5
6
7 Bit 0-Topology change Bit1- Proposal 00 unknown 01 Alternate/backup 10 Root 11 Designated Bit 4- Learning Bit 5- Forwarding Bit 6- Agreement Bit 7- Topology change ACK
Fig. 4.44 RSTP BPDU Format
As discussed already, STP uses only two flags Topology Change and TC Acknowledgement. But RSTP will use all the bits to perform the encoding operation of role and state of the port which originates the BPDU. Also proposal and agreement mechanisms are handled with this change. Rest of the fields in the RSTP is same as the STP BPDU frame structure. The same has been elaborated in the above Fig. 4.44. Now, what can be the next thing to learn? It is MSTP. It is being dealt in the next subsequent paragraphs. Before moving to MSTP, how RSTP/STP will be tested in the industry is an important thing for the reader to know.
4.5.2.5 Multiple Spanning Tree Protocol (MSTP) Disadvantages of STP and RSTP STP does not support fast transition of port states. A newly elected root port or designated port must wait twice the forward delay time before transitioning to the forwarding state. The RSTP is an optimized version of STP. RSTP allows a newly elected root port or designated port to enter the forwarding state much quicker than STP. As a result, it takes a shorter time for
Data Link Layer 4.35
re-convergence. Though RSTP supports quick network convergence, it has the same drawback as STP, All bridges within a LAN share the same spanning tree, so redundant links cannot be blocked based on VLANs, and the packets of all VLANs are forwarded along the same spanning tree, Due to this redundant link will not be used always.
Features of MSTP The multiple spanning tree protocol (MSTP) overcomes the limitations of STP and RSTP. In addition to support for very fast network convergence, it also allows data flows of different VLANs to be forwarded in different paths, thus providing a better load sharing mechanism for redundant links. l MSTP supports mapping the VLANs to MST instances, l MSTP divides a switched network into multiple regions, each containing multiple spanning trees that are independent of one another region. l MSTP provides multiple redundant paths for data forwarding, thus supporting load balancing of VLAN data in the data forwarding process. l MSTP is compatible with STP and RSTP. Some more concepts in MSTP 1. CIST computing Like RSTP by comparison of “configuration BPDUs”, the device with the highest priority is elected as the root bridge of the CIST. MSTP generates an IST within each MST region through computing and at the same time, MSTP regards each MST region as a single device and generates a CST among these MST regions through computing. The CST and ISTs constitute the CIST of the entire network. 2. MSTI computing Within an MST region, MSTP generates different MSTIs for different VLANs based on the VLAN-to-instance mappings. MSTP performs a separate computing process, which is similar to spanning tree computing in STP, for each spanning tree. In MSTP, a VLAN packet is forwarded along the following paths: l Within an MST region, the packet is forwarded along the corresponding MSTI. l Between two MST regions, the packet is forwarded along the CST. 3. MST region An MST region is composed of multiple devices in a switched. These devices have the following characteristics: l All are MSTP-enabled, l They have the same region name, l They should have the same VLAN-to-instance mapping and l They should have the same MSTP revision level.
4.36 Computer Networking
4. VLAN-to-instance mapping table As an attribute of an MST region, the VLAN-to-instance mapping table describes the mapping relationships between VLANs and MST instances. 5. IST Internal spanning tree (IST) is a spanning tree that runs in an MST region, with the instance number of 0. ISTs in all MST regions and the common spanning tree (CST) jointly constitute the common and internal spanning tree (CIST) of the entire network. An IST is a section of the CIST in an MST region. 6. CST The CST is a single spanning tree that connects all MST regions in a LAN segment. CST is a spanning tree computed by these devices through MSTP. 7. CIST IST &CST are jointly called as CIST, CIST is a single spanning tree that connects all devices in a switched network. 8. MSTI Multiple data forwarding path can be generated within the MST region, all the spanning tree instance being convergence independent of another instance. Each spanning tree instance is referred to as MSTI. 9. Regional root bridge The root bridge of the IST or an MSTI within an MST region is the regional root bridge of the MST or that MSTI. Based on the topology, different spanning trees in an MST region may have different regional roots. 10. Common root bridge The root bridge of the CIST is common root bridge. 11. Boundary port A boundary port is a port that connects an MST region with other MST region, or to a single spanning-tree region running STP, or to a single spanning-tree region running RSTP.
How MSTP works? MSTP divides the entire Layer 2 network into multiple MST regions, which are interconnected by a computed CST. Inside an MST region, multiple spanning trees are generated through computing, each spanning tree called an MST instance. Among these MST instances, instance 0 is the IST, while all the others are MSTIs. Similar to STP, MSTP uses configuration BPDUs to compute spanning trees. The only difference between the two protocols being in that what is carried in an MSTP BPDU is the MSTP configuration on the device from which this BPDU is sent. In Fig. 4.45 there are four multiple spanning tree (MST) regions, each switches running MSTP. In region A0 in all the switches have the same MST region configuration, the same region name, the same VLAN-to-instance mapping (VLAN1 is mapped to MST instance 1, VLAN2 to MST
Data Link Layer 4.37
instance 2 and other VLANs are mapped to CIST). CIST refers to MST instance 0 and the same MSTP revision level. Inside the region A0, B0, C0, D0 MSTIs will be converged independent of another instance. CST will connects all the MSTI regions, based on CST root bridged MSTP will compute boundary port i.eif a device in region A0 is interconnected with the first port of a device in region D0 and the common root bridge of the entire switched network is located in region A0, the first port of that device in region D0 is the boundary port of region D0.
Region AD VLAN 1 mapped to instance 1 VLAN 2 Mapped to instance 2 Other VLANs mapped to CIST BPDU
BPDU
A B
CST D
C
BPDU BPDU
Region D0 VLAN 1 mapped to instance 1, B as regional root bridge VLAN 2 Mapped to instance 2, C as reginal root bridge Other VLANs mapped to CIST
Region B0 VLAN 1 mapped to instance 1 VLAN 2 Mapped to instance 2 Other VLANs mapped to CIST Region C0 VLAN 1 mapped to instance 1 VLAN 2 Mapped to instance 2 Other VLANs mapped to CIST
Fig. 4.45 MSTP working principle
4.5.3 High Level Data Link Control (HDLC) Protocol igh level data link control (HDLC) protocol is a synchronous Data link control protocol used H for point-to-point and multipoint links access. HDLC protocol is used in both synchronous and asynchronous links. HDLC protocol is used as a control channel in E1/T1 carrier and SONET. There are three types of stations are defined in HDLC protocol, • • •
Primary station, Secondary station, Combined station,
Primary Station In HDLC protocol primary station is responsible for controlling the data flow; Fig. 4.46 shows how the primary station manages data flow by issuing commands to other devices and secondary
4.38 Computer Networking
station will respond to the commands. Also this primary station will manage and establish connections with multiple devices. Commands
Primary station
Secondary station
Responses
Fig. 4.46 Illustration of primary station in HDLC
Secondary Station Secondary station always will operate under the control of the primary station. Frames issued by a secondary station are called as responses. The primary station will maintain a separate logical link with each secondary station. Figure 4.47 shows how secondary station communicating with primary stations. Commands
Primary station
Responses
Secondary station
Secondary station
Secondary station
Secondary station
Fig. 4.47 Illustration of secondary station in HDLC
Combined Station Combined station will act as both primary and secondary station and this combined station does not rely on other stations for sending data. Fig. 4.48 shows how secondary station is communicating with primary stations in combined station mode. Combined station
Commands and responses
Combined station
Commands and responses
Fig. 4.48 Illustration of combined station in HDLC
Devices running HDLC can communicate in one of three modes l l l
Normal response mode (NRM) Asynchronous Response mode (ARM) Asynchronous Balanced Mode (ABM)
Normal Response Mode In NRM mode secondary station responds only to the primary station, this NRM mode mainly used in terminal-mainframe networks. In this case, Secondary station can only transmit when
Data Link Layer 4.39
specifically instructed by the primary station in response to polling, NRM mode used in multipoint links.
Asynchronous Response Mode (ARM) In ARM mode secondary station can initiate a message, Same as NRM except that the secondary’s can initiate transmissions without direct polling from the primary station. ARM is used mostly in point-to-point-links.
Asynchronous Balanced Mode (ABM) Both stations send and receive over its part of a duplex line. This mode is used for X.25 packetswitching networks. Mainly used in point-to-point links, for communication between combined stations.
Frame Format Following Fig. 4.49 has the frame format represented. 8 Bits
8 Bits
8 - 16 Bits
1500 Bytes
16 Bits
8 Bits
0111111
Address
Control
Data
FCS
01111110
Fig. 4.49 HDLC frame structure l l
l
l l
Flag – this field has 8 bits, indicates the beginning or end of a frame. The flag field consists of the binary sequence value 01111110. Address – this field has 8 bits, contains the address of a secondary station, this field will be populated only in unbalanced connections and this field is empty for point-to-point (Balanced) links. Control – this field has 1 byte or 2 bytes, this field varies with the data it contains. There are three categories of HDLC frames I-frame - Carries data S-frame - Carries commands and responses U-frame - Carries additional command sequences Information—Zero or more bytes that contain the datagram for the protocol specified in the protocol field. The default maximum length of the information field is 1,500 bytes. Frame check sequence (FCS) – this field has 16 bits. This field provides error detection and corrections.
HDLC Frame Types There are three categories of frame and all of them are presented in Fig. 4.50. l Information frame (I-frame) carries data from the upper network layer, it can also carry flow and error control information’s.
4.40 Computer Networking
Flag Address
•
User Information
FCS
Flag
FCS
Flag
Supervisory Frame
Flag Address
•
Control
Control
FCS
Flag
Unnumbered Frame
Flag Address
Control
User Information
Fig. 4.50 HDLC frame types l l l
Supervisory Frame (S-Frame) used to carries only flow and error control Information (ACK, NAK). Unnumbered Frames (U-frame) carries link management Information and control information between connected devices (connect, disconnect, reset). Information frame
4.5.4 Point-to-Point Protocol (PPP) PPP Over View In an Internet working, the Point-to-Point Protocol (PPP) comes into play when someone tries establishing an internet connection to Internet Service Provider (ISP) via a modem. ISPs have used this protocol, Since IP packets cannot be transmitted over a DSL on their own & IP packets will be encapsulated over PPP. PPP is commonly used in establishing a direct connection between two networking nodes, also this protocol will provide connection, authentication, transmission, encryption and compression. PPP is most widely used over many types of physical networks including serial cable, T1/E1, DSL line, cellular telephone and fibre optic links such as SONET. Two encapsulated forms of PPP are used in, l
Point-to-Point Protocol over Ethernet (PPPoE) l Point-to-Point Protocol over ATM (PPPoA) PPP is commonly used as a data link layer protocol for connection over synchronous and asynchronous circuits, PPP was designed to work with numerous network layer protocols, including Internet Protocol (IP), TRILL, Novell’s Internetwork Packet Exchange (IPX), NBF and AppleTalk.
PPP Components PPP contains three main components l l
PPP uses the High-Level Data Link Control (HDLC) protocol as a basis for encapsulating datagrams over point-to-point links. Link Control Protocol (LCP) is used to establish, configure, and test the data link connection.
Data Link Layer 4.41 l
Network control protocol (NCP) is used for establishing and configuring different network layer protocols.
Link Establishment Phase PPP uses the Link Control Protocol (LCP) to establish the connection through an exchange of configuration packets. Once the peer device agrees this connection, exchange will be complete. If this Link Establishment phase is successful control goes either to the authentication phase or the Network-Layer Protocol phase, depending on whether authentication is desired. Fig. 4.51 has block diagrammatic representation of the phases.
Authentication Phase Few end points may require a peer to authenticate itself before allowing network-layer protocol packets, in that case authentication comes into picture. There are two authentication protocols are used in PPP Password Authentication Protocol(PAP) l Challenge Handshake Authentication Protocol (CHAP) This phase allows the peer to authenticate each other before a connection is established. If this authentication phase is successful, control goes to the network-layer protocol phase. l
Link Dead
Link Establishment Phase
Is link successfully established
Link Termination Phase
Yes
Is Yes Authentication Authentication Phase desired?
Is Network Yes Authentication Layer protocol Successful Phase No
Fig. 4.51 State diagrams for PPP
Network-Layer Protocol Phase Once PPP has finished the previous phases, each network-layer protocols such as IP, IPX, or AppleTalk will be configured separately by using the appropriate Network Control Protocol (NCP). Each NCP will be Opened and Closed at any time.
Link Termination Phase PPP can terminate the link at any time. This might happen because of the loss of carrier, link quality failure, the expiration of an idle-period timer, or the administrative closing of the link.
4.42 Computer Networking
LCP is used to close the link through an exchange of terminate packets. When the link is closing, PPP informs the network-layer protocols so that they may take appropriate action.
PPP Frame Format The following descriptions with the help of Fig. 4.52 summarize the PPP frame fields: 1
1
1
2
Variable
2 or 4
Flag
Address
Control
protocol
Data
FCS
Fig. 4.52 PPP frame format l l l l
Flag – This field has 8 bits, this field indicates the beginning or end of a HDLC frame. The flag field consists of the binary sequence value 01111110. Address – this field has 8 bits, this field contains the binary sequence value 11111111, and this is a standard broadcast address. Control – this field has 1 byte, this field contains binary sequence value 00000011, which calls for transmission of user data in an un-sequenced frame. Protocol – this field has 2 bytes & this field identifies the protocol encapsulated in the information field of the frame, below is the few protocol values used in PPP, Table 4.3 PPP protocol field 0x0021
l l
IP
0xc023
Password Authentication Protocol
0xc021
Link Control Protocol
0xc223
Challenge Handshake Authentication Protocol
Data—Zero or more bytes that contain the datagram for the protocol specified in the protocol field. The default maximum length of the information field is 1,500 bytes. Frame check sequence (FCS)—normally 16 bits (2 bytes) 0r 32-bit (4 byte). This field provides error detection and corrections,
4.5.5 SONET – An Introduction ONET is synchronous optical network and it is defined by ANSI for getting the data transmission S done on optical media. SDH is synchronous digital hierarchy. SONET is similar to SDH in all the aspects. SONET is the name by which America calls it and SDH is the name through with rest of the world calls. What are the special features of SONET? It has many and few are listed below. a. Reduced complexity in the architecture. b. Automatic protection switching which will reduce the failures and
Data Link Layer 4.43
c. Higher interoperability. And before moving to the SONET frame structure and data rate details one should understand What is Synchronous and Asynchronous?
Synchronous and Asynchronous Simple real life example has to be given for the reader to get a clear clarity on what synchronous A and asynchronous mean. The following Fig. 4.53 is self explanatory where when the communication happening at the same time it is said to be synchronous and literal meaning of synchronous is bringing together. Hello
Hello
Hi @ 5.35 pm
Hello @ 6.10 pm
Different time and so asynchronous
Same time, sam place Synchronous
Fig. 4.53 Synchronous and Asynchronous
Coming to networking way of defining it, it goes easier with having above example as reference. When two digital signals are being transmitted at the same rate it is said to be synchronous. There is a possibility of a small phase difference and it should be well within the permissible limits. As seen in the Fig. 4.53 asynchronous is completely opposite. When the transmission of the signal is not occurring at same rate it is said to be asynchronous. There is a new term to be introduced now. It is called as Pleiochronous. It means almost and it is derived from Greek. So what is it? Simple when the transitions of the signals occur almost at the same rate then it is referred to be as Pleiochronous signals. With this little introduction one on move on to understand synchronous optical networks. SONET defines optical carrier (OC) levels and electrically equivalent synchronous transport signals (STSs) for the fiber-optic based transmission hierarchy. The table 4.4 summarizes list of permissible STSs and corresponding OCs. Base signal is STS-1. One of the biggest advantages of SONET is, it is possible that Lower speed facilities are multiplexed into the SONET network utilizing high speed add/drop multiplexors (ADMs). The following table 4.5 summarizes the bit rates for non-synchronous hierarchy and number of channels required for the same. Table 4.4 Non – Synchronous hierarchy Signal
Bit Rate
Channels
DS0
64 kb/s
1 DS0
DS1
1.544 Mb/s
24 DS0
DS2
6.312 Mb/s
96 DS0s
DS3
44.736 Mb/s
28 DS1s
4.44 Computer Networking
And now coming to the SONET World, the following table would help the reader in getting the insight of the bit rates permitted with SONET. Table 4.5 Synchronous hierarchy Signal
Bit Rate
Capacity
STS-1, OC-1
51.840 Mb/s
28 DS1s or 1 DS3
STS-3, OC-3
155.520 Mb/s
84 DS1s or 3 DS3s
STS-12, OC-12
622.080 Mb/s
336 DS1s or 12 DS3s
STS-48, OC-48
2488.320 Mb/s
1344 DS1s or 48 DS3s
STS 192, OC-192
9953.280 Mb/s
5376 DS1s or 192 DS3s
Frame Structure Next step as ever would be to look into the frame structure of SONET. Before navigating to that topic, the reader should understand one thing. As the table STS-1 is the basic unit and with it one can get the higher level signals. For an example STS-12 can be obtained when STS1 * 12 is performed. Figure 4.54 has the frame structure shown for STS-1 since it is the basic frame. 90 Columns B B B
87 B
9 Rows
Transports Overhead
Envelope Capacity
B = 8- bit byte
Fig. 4.54 STS-1 frame structures
The STS-1 frame is made of 90 columns and 9 rows, by forming a sequence of 810 bytes. It can support a massive rate of 8000 frames per second. And data rate supported is 51.840 Mb/s and can be seen from the table 4.2. One can see the frame as two major halves one is Transport overhead and Payload envelope. Transport overhead is composed of section overhead and line overhead. The second part of the frame as depicted already is Synchronous Payload Envelope and it is abbreviated as (SPE).
Synchronous Payload Envelope The following Fig. 4.55 shows the SPE for an STS-1 Frame.
Data Link Layer 4.45
59
87
Fixed Stuff
30
Fixed Stuff
9 Rows
1 2....
STS POH (9 Bytes)
STS- 1 Payload Capacity
87 Columns
STS- 1 SPE
Fig. 4.55 SPE for STS-1
The STS-1 SPE is composed of 783 bytes, and a 87 column X 9 row would be suffice to represent the structure as shown in the Fig. 4.55. Nine bytes are present in the column 1 and they are called as STS POH (Path Overhead). Columns 30 and 59 are left unused for payloads and marked as fixed stuff as shown in Fig. 4.55. Rest of available 756 bytes is the payload capacity for an STS-1 frame (87 × 9).
Line and Section Overheads Figure 4.56 should stand as the support for getting a clear picture on Line and Section overheads.
Section Overhead
Line Overhead
1
2
3
1
A1
A2
J0/Z0
J1
2
B1
E1
F1
B3
3
D1
D2
D3
C2
4
H1
H2
H3
G1
5
B2
K2
K2
F2
6
D4
D5
D6
H4
7
D7
D8
D9
Z3
8
D10
D11
D12
Z4
9
S1/Z1
M0 or 1/22
E2
Z5
Transports Overhead
Path Overhead
Fig. 4.56 Overheads
Section Overhead All the fields of section overhead are explained below. A1 and A2 – Beginning of an STS-1 frame is indicated with this bytes. J0 Section Trace (J0)/Section Growth (Z0) – The byte in each of the N STS-1s in an STS-N that was formerly defined as the STS-1 ID (C1) byte has been refined either as the Section Trace byte (in the first STS-1 of the STS-N), or as a Section Growth byte (in the second through Nth STS-1s).
4.46 Computer Networking
B1 Section bit interleaved parity code (BIP-8) byte – Used to check errors. And it is an even parity code. E1 Section order wire byte – This byte is allocated to be used as a local order wire channel for voice communication between regenerators. F1 Section user channel byte – This byte is set aside for users’ purposes. D1, D2, D3 Section data communications channel (DCC) bytes – These three bytes form a 192 kb/s message channel providing a message-based channel for Operations, Administration, Maintenance, and Provisioning (OAM&P) between pieces of section-terminating equipment. This is mainly used for Monitoring/Control and Administration.
Line Overhead H1, H2 – Used to indicate concatenation and detect path indication alarm. H3 Pointer Action Byte – Used for frequency justification purposes. B2 Line bit interleaved parity code (BIP-8) byte – Used to check errors. And it is an even parity code. K1 and K2 Automatic Protection Switching (APS channel) bytes – used to support the protection switching mechanisms. D4 to D12 Line Data Communications Channel (DCC) bytes – Supports in Alarm, control, monitoring and maintenance. S1 Synchronization Status (S1) – It is used to convey synchronization status of the network element. Z1 Growth (Z1) – Reserved for future. M0 STS-1 REI-L (M0) – Used in error detection Z2 Growth (Z2) – Reserved for future growth.
Path Overhead It is used in monitoring. It helps in monitoring the path status and trace. It also helps in monitoring the status of SPEs. SDH is similar to SONET but the data rates and basic units are different. Here is the Table 4.6 which presents the details of SDH hierarchy.
4.5.6 Asynchronous Transfer Mode (ATM) Switching Asynchronous Transfer Mode (ATM) is a switching technique and it is an ITU-T standard for cell relay. ATM technology uses asynchronous time-division multiplexing (TDM) and it encodes data into fixed-size cells. ATM was designed to handle high-throughput data traffic and real-time low latency traffic such as voice and video. Figure 4.57 shows a private ATM network and a public ATM
Data Link Layer 4.47
network, this whole ATM network is carrying voice, video, and data traffic. ATM uses a connectionoriented model in which virtual circuits are established between two endpoints before the actual data exchange. Table 4.6 SONET Vs SDH Sonet optical carrier level
Sonet frame format
SDH level and frame format
OC- 1
STS- 1
STM-0
OC- 3
STS- 3
STM-1
OC- 12
STS- 12
STM-4
OC- 24
STS- 24
–
OC- 48
STS- 48
STM- 16
OC- 192
STS- 192
STM- 64
OC- 768
STS- 768
STM- 256
ATM Network Interfaces An ATM network consists of a set of ATM switches interconnected by point-to-point ATM links or interfaces. ATM switches support two primary types of interfaces like User Network Interface (UNI) and Network-Network Interface (NNI). The UNI connects ATM end systems (such as hosts and routers) to an ATM switch. The NNI connects two ATM switches. UNI and NNI can be further subdivided into public and private UNIs and NNIs. Figure 4.58 shows ATM interface specifications differ for Private and Public Networks.
Data
ATM switch
Voice
Video
Shared hub
To WAN
Public ATM network
Router
Private ATM Network
Fig. 4.57 Private ATM network and a public ATM network
4.48 Computer Networking
Fig. 4.58 ATM interface specifications differ for private and public networks
ATM Cell Basic Format ATM transfers information in fixed-size units called cells. ATM cell consists of 53 bytes. The first 5 bytes contain cell-header information this will includes Virtual Path Identifier (VPI) and Virtual Circuit Identifier (VCI) and the remaining 48 bytes contain the payload (User data). This ATM cells are suited to transferring voice and video traffic. Figure 4.59 illustrates the basic format of an ATM cell. For AAL segment 48 bytes A T
Header 5 bytes
Data 53 Bytes
M
Fig. 4.59 ATM cell consists of a header and payload data
ATM Cell Header Fields The following Fig. 4.60 summarizes the ATM cell header fields for both UNI ATM cell and NNI ATM cell. Header (5 bytes)
GFC VPI
VPI
VPI
VCI PT CLP HEC
VCI PT CLP HEC
3.5 bytes Payload (48 bytes)
Payload (48 bytes)
Payload (48 bytes)
8 bits ATM cell
ATM UNI cell
ATM NNI cell
Fig. 4.60 Diagram of the UNI ATM Cell
Data Link Layer 4.49
ATM Cell Header Fields l l
l
l l l l l
l
Generic Flow Control (GFC) - This field has 4 bits & default this field has 4-zero bits, GFC provides local functions such as identifying multiple stations that share a single ATM interface. Virtual Path Identifier (VPI) - This field has 8 bits for UNI and 12 bits for NNI. In conjunction with VCI, VPI filed identifies the next destination of a cell as it passes through a series of ATM switches on the way to its destination. Virtual Channel Identifier (VCI) - This field has 16 bits for both UNI as well NNI. In conjunction with VPI, VCI will identifies the next destination of a cell as it passes through a series of ATM switches on the way to its destination. Payload Type (PT) – This field has 3 bits. First bit indicates whether the cell contains user data or control data. If the cell contains user data, the bit is set to 0. If it contains control data, it is set to 1. The second bit indicates congestion bit 0 for no congestion and 1 for congestion. Third bit indicates whether the cell is the last in a series of cells that represent a single AAL 5 frame (1 = last cell for the frame). Cell Loss Priority (CLP) - This field has 1 bit and this field Indicates whether the cell should be discarded if it encounters extreme congestion as it moves through the network. If the CLP bit equals 1, the cell should be discarded in preference to cells with the CLP bit equal to 0. Header Error Control (HEC) - This field has 8 bits and this field is used for error detection/ correction in cells.
ATM Advantages l l l l l l l l l
ATM supports voice, video and data allowing multimedia and mixed services over a single network. High evolution potential, works with existing, legacy technologies. Provides the best multiple service support, Provides the capability to support both connection-oriented and connection less traffic using AALs, Able to use all common physical transmission paths like SONET, Cable can be twisted-pair, coaxial or fiber-optic, Ability to connect LAN to WAN, Higher aggregate bandwidth, High speed Mbps and possibly Gbps.
ATM Disadvantages l l
Flexible to efficiency’s expense, at present, for any one application it is usually possible to find a more optimized technology Cost, although it will decrease with time
4.50 Computer Networking l
New customer premises hardware and software are required,
l
Competition from other technologies -100 Mbps FDDI, 100 Mbps Ethernet and fast Ethernet,
l
Presently the applications that can benefit from ATM such as multimedia are rare.
4.5.7 Frame Relay Introduction Frame Relay (FR) is a high-performance WAN protocol, frame relay operates at the physical and data link layers of the OSI reference model. FR was originally developed to use across Integrated Service Digital Networks (ISDN). Frame relay is a kind of a packet-switched technology. Packetswitched networks enable end stations to dynamically share the network medium and bandwidth. Each end-user gets a leased line to a Frame Relay node. The Frame Relay network handles the transmission over a frequently-changing path transparent to all end-users. Frame relay networks in the U.S. support data transfer rates at T-1 (1.544 Mb/s) and T-3 (45 Mb/s) speeds. Most of the telephone companies provide FR service for customers who want connections at 56 Kb/s to T-1 speeds. Frame Relay is quite popular because it is relatively inexpensive. Frame Relay has become one of the most extensively-used WAN protocols.
Frame Relay Devices Frame relay networks are classified into two types l
Data terminal equipment (DTE) and l Data circuit-terminating equipment (DCE). Data terminal equipment (DTE) - DTEs are generally terminating equipment for a specific network and typically DTEs are located in customer premise. For an example DTE devices are personal computers, routers, and bridges. Data circuit-terminating equipment (DCE) - DCEs are carrier-owned internet working devices and this equipments will provide switching services in a frame relay networks, frame relay switches are called as DCEs. Figure 4.61 illustrated of frame relay network and having DTEs and DCEs in frame relay core.
Frame Relay Virtual Circuits Frame Relay provides connection-oriented data link layer communications. This means that a defined communication exists between each pair of devices and these connections are associated with a connection identifier (ID). This service is implemented by using a virtual circuit; virtual circuits are logical connections which are created between two DTE devices across a frame relay packet-switched network (PSN). Virtual circuits provide a bidirectional communication path from one DTE device to another and are uniquely identified by a data-link connection identifier (DLCI). Virtual circuit can pass through any number of intermediate DCE devices (switches) which is located within the frame relay PSN.
Data Link Layer 4.51
DTE Router 2
Frame relay DTE Router 2 DCE
Frame relay Switch
DCE
DCE
DTE Router 2
Fig. 4.61 Frame relay network example
There are two types of circuits exist in frame relay technology l Switched Virtual Circuits (SVCs), l Permanent Virtual Circuits (PVCs), Switched virtual circuits (SVCs) are temporary connections between DTE devices and it is used in situations requiring only periodic data transfer across the Frame Relay network. A communication session across an SVC consists of the following operational states, l Call setup – During this state virtual connection will be established between two Frame Relay DTE devices. l Data transfer – During this state data will be transmitted between the DTE devices over the virtual circuit. l Idle - The connection between DTE devices is still active, but no data is transferred. l Call termination - The virtual circuit between DTE devices is terminated. Permanent virtual circuits (PVCs) – This is permanently connected between DTE devices. Since it’s a permanent circuit communication across PVC, it does not require the call setup and termination states. DTE devices can start the data transmission at any time. l l
Data transfer - Data is transmitted between the DTE devices over the virtual circuit. Idle - The connection between DTE devices is active, but no data is transferred. Unlike SVCs, PVCs will not be terminated under any conditions when in an idle state.
Frame Relay Frame Formats Frame Relay frames consist of the fields shown in Fig. 4.62.
4.52 Computer Networking 8
16
Variable
16
8
Flags
Address
Data
FCS
Flags
Fig. 4.62 Frame relay frame format
Flags – This field has 16 bits and delimits the beginning and end of the frame. Address – This field has 16 bits and contains the following informations. l
DLCI - this field has 10 bits and this value represents the virtual connection (PVC) between the DTE devices.
l
Extended Address (EA) - this field has 2 bits and it’s an address field extension bit.
l
C/R - this field has 1 bits the C/R bit is not currently defined.
l
Congestion Control – this is 3 bit field and this field will control the Frame Relay congestion-notification mechanism.
Data – This is variable-length field and this field will vary in length up to 16,000 octets. FCS – This field has 16 bit and FCS will ensures the integrity of transmitted data.
Advantages of Frame Relay l
Virtual circuits consume bandwidth only during data transport and many virtual circuits can exist simultaneously across a transmission line,
l
Each device can use more of the bandwidth as necessary,
l
Frame relay provides better error handling.
4.6
BLUETOOTH – AN INTRODUCTION
When there raises a need to establish communication between two devices, there arises the problem. One need to think on so many things and the following are few among them: 1. 2. 3. 4.
Decision on to use wired or wireless technology If wired, number of wires needed for communication. Security aspects Range of communication and so on. Assuming it is a short range communication; choice would be to go with wireless technology. Need for wires will be cut and it would not look clumsy. One such beautiful technology is Bluetooth and the rest of this chapter will talk on the same.
4.6.1 What is Bluetooth? It is a short range radio frequency standard which is very simple, to an extent secured and it is easily usable. One of the biggest benefits with Bluetooth is it is cheap, inexpensive standard to be used.
Data Link Layer 4.53
It is mostly used in portable devices as mobile phones, PDAs, tablets and Laptops. It has found widespread applications in connecting PC to its peripherals as well. Example, there are Bluetooth enabled wireless mouse and keyboards available in market which has drastically removed the need to have wires over the computer table and setting up a cable free environment. And where more it is much more used? Travel and entertainment equipments have got this Bluetooth as a gift. When someone wants to listen to music during travel, there is no need for wires to go around. It will be simple then. Following are the most important highlighted advantages of using Bluetooth: l
Cheap
l
Robust
l
Low power and
l
Decently secured
It is using the frequency of 2.45 GHz, the frequency allotted for ISM (Industrial, Scientific and Medical). The 2.4 GHz ISM band is available and unlicensed in almost all the countries. So there would not be a problem when a Bluetooth device purchased in a country is being used in another country. It will still be compatible with the Bluetooth enabled equipments from that country. The range that a Bluetooth device can cover is 10 Meters. But it may vary various applications.
4.6.2 How Bluetooth Operates? The initial idea of Bluetooth was simple. It was to establish connection between two equipments, which is a personal area network. And the connection should be wireless. Figure 4.63 depicts this idea. Only condition behind is both the devices should be Bluetooth enabled.
Fig. 4.63 Personal area network – with Bluetooth
And here as seen in Fig. 4.64 one of the devices can act as a master and other device can act as a slave. Bluetooth personal area networks are named as piconets. It can have one master and up to 7 slaves. A sample piconet is represented in Fig. 4.64. When coming to Bluetooth piconet one can refer to Fig. 4.65.
4.54 Computer Networking
Master
Slave #1
Slave #7
Fig. 4.64 A Sample piconet
Fig. 4.65 A bluetooth piconet
When two or more piconets get connected they form a scatternet. A sample scatternet is presented in figure 4.66. In the scatternet, a device in one of the piconets which is a slave, can act as a master for another piconet. A scatternet will definitely increase the coverage area.
4.6.3 Bluetooth Connection Establishment There following steps would be followed in order to establish a connection. Master is the one which will always initiate the connections. Slaves will wait for the connection. When connection is being established two important procedures used, one inquiry and the next is paging. Inquiry will help in finding out the available units in the range along with their device address and clocks. Paging is the connection establishment process. A unit that establishes a connection will carry out a page procedure and will automatically be the master of a connection. DAC is Device Access Code and IAC is inquiry access code. These two would be used in Inquiry and Paging.
Data Link Layer 4.55
Piconet 2
Piconet 3
Slave in Piconet 3
Slave in Piconet 2 Master in Piconet 2
Piconet 1
Master in Piconet 3
Slave in Piconet 1
Slave in Piconet 1
Fig. 4.66 A Bluetooth scatternet l
Master will send the inquiry messages.
l
The slaves in the immediacy should be in the Discover mode. If not the connection establishment can’t happen and no reply would be sent to the master.
l
Slaves on seeing the inquiry packets out from master will respond back with a key and clock. Master should play the role now.
l
Master will send a PAGE command and the acknowledgment will be sent out by slave, and connection gets established.
4.6.4 Bluetooth – What are the threats? There are few threats associated with Bluetooth usage and they are Bluejacking and Bluebugging. l
Bluejacking – It is a message sent anonymously from one Bluetooth device to another one in the range. The sender is not aware of the receiver but if the receiver’s equipment has still got Bluetooth enabled, this kind of messages may arrive. This is very common in Airports, Railway stations and Malls.
Fig. 4.67 Bluejacking
4.56 Computer Networking l
Bluebugging – It is a real panic. It will allow the hacker to take full control of the victim’s equipment and without his knowledge accessing the equipment can be done. Even, calls or messages can be sent from the victim’s equipment without his knowledge.
Fig. 4.68 Bluebugging
So how to avoid Bluejacking and bugging? Simple, Make sure the Bluetooth is turned off when not used.
4.7
WIFI
Definition: It is a technology that permits an electronic device to transfer data using radio waves (type of electromagnetic radiation) over a computer network, including high-speed Internet connections. It works up to about 250-300 feet away from the access point indoors, and about 1,000 feet away outdoors. With more distance between your computer/laptop and the access point, the speed and the quality falter tremendously. Wi-Fi (wireless fidelity) is a term for certain types of wireless local area network (WLAN) that use specifications in the 802.11 family. The 802.11 specifications are part of an evolving set of wireless network standards known as the 802.11 family. The term Wi-Fi was created by an organization called the Wi-Fi Alliance, which oversees tests that certify product interoperability. The Wi-Fi Alliance defines Wi-Fi as any “wireless local area network (WLAN)” products that are based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standards. The Wi-Fi Alliance is a trade association that promotes Wireless LAN technology and certifies products if they conform to certain standards of interoperability. Originally, Wi-Fi certification was applicable only to products using the 802.11b standard. Today, Wi-Fi can apply to products that use any 802.11 standard. Wi-Fi is widely used in many businesses, agencies, schools, and homes as an alternative to a wired LAN. Many airports, hotels, and fast-food amenities offer communal access to Wi-Fi networks. These locations are known as hot spots. Many Wi-Fi providers charge a daily or hourly rate for access, but some are free. An interconnected area of hot spots and network access points is known as a hot zone. Unless sufficiently protected, a Wi-Fi network can be vulnerable to access by illegal users who use the access as a gratis Internet connection. The action of locating and exploiting securityexposed wireless LANs is called war driving. An identifying iconography, called war chalking, has evolved. Any entity that has a wireless LAN should use security safeguards such as the Wired Equivalent Privacy (WEP) encryption standard, the more recent Wi-Fi Protected Access (WPA), Internet Protocol Security (IPSec), or a virtual private network (VPN).
Data Link Layer 4.57
Fig. 4.69 WIFI Network
Advantages: l l l l l
Wire free Easy access Automatic allowance of use Ability for 802.11b and 802.11g to frequency hop Supports roaming, the user can walk around a building from one access point to another
Disadvantages: l l l l
Designed for medium range data transfers Operates with in a particular range Signal quality falters when user moves away from the access points Wired Equivalent Privacy easily broken even when configured accurately
Architecture Architecture as such refers to the way a building or a system is built up. Similarly the wireless LAN Architecture is the design and arrangement of the various components in a Wireless local area networking device. Local area network is established between different operating systems by the following essential components: 1. Station Components that can connect into a wireless medium in a network are stations. Each station has a wireless network interface controller (WNICs). The station can fall into two categories: l Access points l Clients
4.58 Computer Networking
2. Access point It is basically a transceiver that transmits data between wired and wireless networking devices. Access point is usually connected with the help of Ethernet. One access point works efficiently only if it supports a small group of networks. It generally has a range of about 100 feet.
Clients A system that accesses a service made available by a server is a client. For example devices such as mobile phones, laptops or personal computers are clients.
Bridge A special type of connector which establishes connection between Ethernet and different wireless networks. In wireless LAN architecture, it acts as a point of control.
Basic Service Set A set of all stations that can communicate with one another is called a Basic Service Set. Each BSS has a unique BSS ID. This BSS ID is the MAC address of the access point servicing the BSS.
Extended Service Set It is a set of Basic Service Sets connected together. Each have an ID called the SSID that is a 32byte string. There are three types of configurations namely, l l l
Infrastructure mode. Ad hoc network mode. Mixed network mode.
Infrastructure Mode Devices in a wireless network communicate indirectly through a central point (the access point). An Access Point has high power and so these networks can cover wide areas. There will be no delay in the transmission of data unlike in Ad-hoc mode. This network is a highly stable network as its topology doesn’t change unpredictably unlike ad-hoc mode. Figure 4.70 depicts the Infrastructure mode.
Ad Hoc Network Mode This type of network does not depend on Access points as it is decentralized. Here, each node participates in routing by transmitting data to other nodes. All devices have equal status on the network and can associate with any other ad hoc network devices inside its link range. Because Ad Hoc Mode does not require an access point, it’s easier to set up, especially in a small or temporary network. The power involved here is limited, that of about 2 or 3 laptops and therefore the range is also less. In an ad- hoc network with a lot of computers, interference may become high since each of them are trying to connect to the same frequency channel. In Ad Hoc Mode, chains of computers will connect to pass your data, if your computer is not directly in range. On the other
Data Link Layer 4.59
hand, you do not have control over the path your data takes. The automatic configuration routines may send your data through several computers, causing significant network delays. Figure 4.71 represents the ad hoc network model.
Fig. 4.70 WIFI network (infrastructure mode)
Fig. 4.71 Adhoc mode
Mixed Network Mode This form of network is developed by mixing both infrastructure and ad hoc network and the workstations can work simultaneously.
4.60 Computer Networking
4.8
FIBER DISTRIBUTED DATA INTERFACE (FDDI)
In the 1990’s the token ring networks that existed specified only a meager 4 Mbps or the existing Ethernet networks up to 10 Mbps transfer rates. Also high-speed engineering workstations needed much larger bandwidths than that of the existing local area networks (LANs) (based on Ethernet and Token Ring). A new LAN media was needed that could easily support these workstations and their new distributed applications. FDDI invented by the ANSI (American National Standards Institute) was a major breakthrough during this time as it filled all these needs, offered a speed of up to 100 Mbps and had an extended range of about 200 kilometers. It conforms to the Open Systems Interconnection (OSI) model of functional layering of LAN’s using other protocols. Though the topology of FDDI is a ring based token network , an interesting fact is that its protocol does not follow the IEEE 802.5 ‘Token Ring Protocol ‘ but follows IEEE 802.4 ‘Token Bus Protocol ‘. It may seem as though the two are totally different; the Token bus Protocol just implements the Token Ring protocol over a “virtual ring”, i.e. the endpoints here do not meet to form a physical ring unlike Token Ring Protocol. Dual-ring architecture is incorporated in FDDI, i.e. there is a primary ring and a secondary ring in which data on each ring flows in opposite directions. This is called counter-rotating. Normally, the primary bus is used for data transmission while the secondary bus remains idle. Figure 4.72 shows the standard architecture of an FDDI ring. Primary
Lan
Secondary FDDI Concentrator
Lan
WAN
Lan
Lan
Fig. 4.72 FDDI uses counter-rotating primary and secondary rings
FDDI uses Optical fiber as the transmission medium. It can also be run over copper cabling in twisted pair cables known as Copper Distributed Data Interface (CDDI).There are a lot of advantages for using optical fiber over copper: 1. Electrical signals are emitted by copper which makes the media easier to tap and so would permit unauthorized access to data being transmitted in the medium. Optical fiber does not emit any electrical signal and so its reliability, security and performance are all very much improved. Precisely, unsafe communications can be prevented.
Data Link Layer 4.61
2. Optical fiber is immune to electromagnetic interference and electrical interference over radio frequency interference (RFI). 3. Much higher bandwidth is supported by Optical fiber than copper. 4. FDDI allows a distance of 2 kilometres between stations. Two types of Optical fiber are defined in FDDI: Single mode and multi-mode. First of all one should understand what a mode is. A mode is a ray of light entering the fiber at a particular angle. Multi-mode fiber allows a large number of modes to propagate through the fiber. Since these have varied angles, they arrive at the end during different times. This is known as modal dispersion. The bandwidth and distances are limited in multi-mode due to modal dispersion. So, the multi mode fiber is generally used for connectivity within a building. This is not the case with single mode fiber. Modal dispersion does not takes place here as only one mode of light propagates through the fiber. This increases its performance connectivity and over larger distances which makes it widely used for connectivity between buildings. LEDs are generally the light sources for multi mode fibers whereas lasers are sources for singlemode fibers. Both the modes are represented in the following fig. 4.73.
Fig. 4.73 Multi and Single mode fibers
FDDI specifies the physical and media-access portions of the OSI reference model. There are four specifications of the FDDI l
Media Access Control (MAC): It is most useful in defining how the medium is accessed which includes frame format, token handling, addressing, algorithms for calculating cyclic redundancy check (CRC) value, and error-recovery mechanisms. l Physical Layer Protocol (PHY): It defines data encoding as well as decoding procedures, clocking requirements, and framing, among other functions. l Physical Medium Dependent (PMD): Characteristics of the transmission medium, including fiber-optic links, power levels, bit-error rates, optical components, and connectors are all defined here in this specification. l Station Management (SMT): FDDI station configuration, ring configuration, and ring control features, including station insertion and removal, initialization, fault isolation and recovery, scheduling, and statistics collection are all defined by this specification. FDDI specifies the physical and media-access portions of the OSI reference model.
4.62 Computer Networking
These four specifications combined together is capable enough to provide high speed connectivity between upper layer protocols such as TCP/IP and IPX and other media such as fiber optic cabling.
Devices used in FDDI A unique feature in FDDI is that there are multiple ways to connect FDDI devices. Three types of devices are available: 1. Concentrator It is a building block of an FDDI network. It attaches directly to both primary and secondary rings and makes sure that it does not brings down the ring in case of a failure or power down of SAS. This is useful mainly when PCs that are frequently switched on and off are connected to the ring. A concentrator has been represented in the Fig. 4.74. 2. Single attachment station (SAS) SAS attaches to only the primary ring through a concentrator. The advantage of this device is that when it is powered off or disconnected, it does not have any effect on the FDDI ring. 3. Dual attachment station (DAS) A DAS has two ports named A and B. Each of the port connects the DAS to the primary and secondary rings of the FDDI network. These devices are affected in case of a power down or if they are disconnected. Figure 4.74 diagrammatically presents DAS.
Fig. 4.74 Dual attachments Station
Fault tolerant features of FDDI A number of fault-tolerant features like dual-ring environment, optical bypass switch and dual homing support make FDDI a resilient media.
a. Dual Ring Whenever a station is powered off or if a cable is damaged, the dual ring automatically wraps up itself and becomes a single ring. This does not affect the performance and the data continues to be transmitted in the single ring. This is one of the most important features which provide continuous availability. Figure 4.75 has this concept drafted.
Data Link Layer 4.63 Failed system
System - 1
System - 2
System - 1
System - 2
Normally functioning ring
Normally functioning ring
System - 3
System - 3
Ring wrapping
Ring wrapping
Fig. 4.75 Dual ring depictions
b. Optical bypass switch A continuous dual ring operation is provided by the optical bypass switch even if a system on the dual ring fails. This is used to eliminate failed stations from the ring and also prevent ring segmentation. During normal operation, optical mirrors pass light from the ring to the DAS devices. When a device fails, the optical bypass switch will pass light through it by using internal mirrors and thereby maintains continuous dual ring operation. This ensures that the ring does not enter a wrapped condition in case of a device failure. Figure 4.76 shows the same. Failed System
Optical bypass Switch
System - 1
System - 2
Normally functioning ring
System - 3
Fig. 4.76 Working of an optical bypass switch
c. Dual homing Routers or mainframe hosts are critical devices which needs a sophisticated fault tolerant technique named Dual homing to provide additional redundancy check and to help guarantee operation. Here the critical device is attached to two concentrators. One pair of concentrator link is declared active and the other passive. When the active link fails, the passive link automatically activates. The passive link stays in back-up mode during normal operation.
4.64 Computer Networking
Fig. 4.77 Dual homing configuration
FDDI Frame Format he FDDI frame format is borrowed from the Token ring frame. The FDDI frames can be as large T as 4,500 bytes. Data frame Preamble
Frame Destination Source Start delimiter control address address
Data
FCS
End Delimiter
Frame Status
Token Preamble
Frame End Start delimiter control delimiter
Fig. 4.78 FDDI frame format l l l l l l l l l
Preamble: It will ready the station to receive the next frame. Start Delimiter: Serves as an indicator for a start of a frame. Frame Control: Size of the address fields and if the frame contains asynchronous or synchronous data is conveyed through this field. Destination Address: Contains a uni-cast (singular), multicast (group), or broadcast (every station) address. FDDI destination addresses are as usual 6 bytes long. Source Address: Identifies the single station that sent the frame. The FDDI source addresses are also 6 bytes long. Data: Could be information meant for an upper-layer protocol or control information. Frame Check Sequence (FCS): For error detection this field is used. End Delimiter : Indicates the end of the frame. Frame Status: Allows the source station to determine whether an error occurred and whether the frame was recognized and copied by a receiving station.
Data Link Layer 4.65
POINT TO REMEMBER
Transport Layer is responsible for node validity and integrity of transmission Transport Layer is broken or divided into two halves as Media Access Control layer (MAC) and Link Logic Control layer (LLC). There are many error detection mechanisms as l Parity checking l CRC l Checksum method There are two types of parities as 1. Even parity and 2. Odd parity CRC is expanded as Cyclic Redundancy Check Unlike Parity method which added a single bit to achieve the desired parity, CRC appends a sequence of bits called CRC Remainder to the message and sends it to the other party. The following are the important flow control methods being followed: l Stop and wait l Sliding window l ARQ l Go back-N l Selective repeat ARQ VLAN provides more flexibility in administration and Control Spanning tree protocol is useful in detecting loop and avoiding the same. STP is further developed to RSTP and MSTP which are good in convergence timing. The following are the states in STP: l Blocking l Listening l Learning l Forwarding and l Disabled. Bridge Protocol Data Unit is abbreviated as BPDU. This root path cost is the cost (a parameter defined by IEEE 802.1) for reaching the root switch from other switches. Message age defines the last time that the Root switch has advertised BPDU which has the current configuration details.
4.66 Computer Networking
A switch will advertise configuration BPDUs in a frequent interval of time. That time interval is named to be as Hello Time. High level data link control (HDLC) protocol is a synchronous Data link control protocol used for point-to-point and multipoint links access SONET is synchronous optical Network; SDH is equivalent of SONET but called by name SDH outside USA. Frame Relay (FR) is a high-performance WAN protocol, frame relay operates at the physical and data link layers of the OSI reference model. Bluetooth is a short range radio frequency standard which is very simple, to an extent secured and it is easily usable. Bluetooth personal area networks are named as piconets. It can have one master and up to 7 slaves. Bluejacking and Bluebugging are the two major concerns with Bluetooth technology. There are two modes of fibers 1. Single mode and 2. Multi mode
QUIZ 1. What is the role of MAC layer? MAC layer controls how a computer on the network gains access to the data and permission to transmit it. 2. What are the duties of Link Logic Control Layer? LLC provides enormous support for the flow control and error checking 3. What are the error detection mechanisms? l Parity checking l CRC l Checksum method 4. What is logic behind parity check? The basic logic behind the techniques is the number of 1’s in the data. 5. What are the advantages of parity checking? l Parity checking can detect single bit errors. l With respect to the burst errors, if the number of bits changed is odd, then it detects the burst error. 6. What is need for 2-dimensional parity? If the number of bits garbled is even, the parity calculation doesn’t fail; making the receiver to wrongly assume that the data received is intact. In order to overcome the above mentioned flaw, 2-dimensional parity calculation was introduced
Data Link Layer 4.67
7. 8.
9. 10.
11. 12.
13. 14.
15.
16.
How flaw faced is rectified in 2-dimensional parity? With cyclic redundancy check. What is checksum? It is one of the very oldest and simplest methods used to check the integrity of the data being sent from the sender. It helps in detecting the errors which are possible during the data transfer phase. What are the types of error correction methods? Hamming codes. What is the need for flow control and error control? To have a perfect and reliable communication between the source and destination there is a definite need for flow control. The amount of data sent by the sender should be in such a way that can be received by the receiver without drop. In the event of sender sending data which cannot be at the rate that the receiver can’t accept, there raises the problem and here is where the need for flow control comes. And error control is something which will make sure that the data received at the receiver end is error free. Why is the flow control and error control done at data link layer as well as transport layer? Node to node links will be taken care by data link layer and end point to end point it is taken care by transport layer. What are the mechanisms available for the flow and error control? l Stop and wait l Sliding window l ARQ l Go back-N l Selective repeat ARQ What is VLAN? VLAN’s allows dividing a LAN segment into different broadcast domains and this logical segment are called as a VLAN. What are the advantages of VLAN? l More flexibility in administration and Control, l Easy to install & reinstall, l Reduction in the broadcasting of traffic on the LAN, What is spanning tree protocol? STP is an awesome protocol which can prevent loops on a network. There is an algorithm followed behind this and it is named as Spanning Tree algorithm, using which unwanted links are disabled and ports which may cause loops are blocked. What is BPDU? For two switches to communicate there is a commonly agreed format of communication which is referred to be as BPDUs.
4.68 Computer Networking
17. What are the disadvantages of STP and RSTP? STP does not support fast transition of port states. A newly elected root port or designated port must wait twice the forward delay time before transitioning to the forwarding state. The RSTP is an optimized version of STP. RSTP allows a newly elected root port or designated port to enter the forwarding state much quicker than STP. As a result, it takes a shorter time for re-convergence. Though RSTP support quick network convergence, it has the same drawback as STP, All bridges within a LAN share the same spanning tree, so redundant links cannot be blocked based on VLANs, and the packets of all VLANs are forwarded along the same spanning tree, Due to this redundant link will not be used always. 18. What are the features of MSTP? The multiple spanning tree protocol (MSTP) overcomes the limitations of STP and RSTP. In addition to support for very fast network convergence, it also allows data flows of different VLANs to be forwarded in different paths, thus providing a better load sharing mechanism for redundant links. l MSTP supports mapping the VLANs to MST instances, l MSTP divides a switched network into multiple regions, each containing multiple spanning trees that are independent of one another region. l MSTP provides multiple redundant paths for data forwarding, thus supporting load balancing of VLAN data in the data forwarding process. l MSTP is compatible with STP and RSTP. 19. What is HDLC protocol? High level data link control (HDLC) protocol is a synchronous Data link control protocol used for point-to-point and multipoint links access. HDLC protocol is used in both synchronous and asynchronous links. 20. How devices running on HDLC can communicate? l Normal response mode (NRM) l Asynchronous Response mode (ARM) l Asynchronous Balanced Mode (ABM) 21. What are the two encapsulation forms of point to point protocol (PPP)? l Point-to-Point Protocol over Ethernet (PPPoE) l Point-to-Point Protocol over ATM (PPPoA) 22. What are the components of point to point protocol (PPP)? PPP contains three main components l PPP uses the High-Level Data Link Control (HDLC) protocol as a basis for encapsulating datagrams over point-to-point links. l Link Control Protocol (LCP) is used to establish, configure, and test the data link connection. l Network control protocol (NCP) is used for establishing and configuring different network layer protocols.
Data Link Layer 4.69
23. What are the special features of SONET? a. Reduced complexity in the architecture. b. Automatic protection switching which will reduce the failures and c. Higher interoperability 24. What is ATM switching? Asynchronous Transfer Mode (ATM) is a switching technique & it is an ITU-T standard for cell relay. ATM technology uses asynchronous time-division multiplexing (TDM) and it encodes data into fixed-sized cells. ATM was designed to handle high-throughput data traffic and real-time low latency traffic such as voice and video. 25. What are the ATM Network Interfaces? ATM switches support two primary types of interfaces like User Network Interface (UNI) and Network-Network Interface (NNI). 26. What are the advantages of ATM? l ATM supports voice, video and data allowing multimedia and mixed services over a single network, l High evolution potential, works with existing, legacy technologies, l Provides the best multiple service support, l Provides the capability to support both connection-oriented and connection less traffic using AALs, l Able to use all common physical transmission paths like SONET, l Cable can be twisted-pair, coaxial or fiber-optic, l Ability to connect LAN to WAN, l Higher aggregate bandwidth, l High speed Mbps and possibly Gbps 27. What are the types of frame relay devices? l Data terminal equipment (DTE) and l Data circuit-terminating equipment (DCE). 28. What are two types of circuits exist in frame relay technology? l Switched Virtual Circuits (SVCs) l Permanent Virtual Circuits (PVCs) 29. What are the advantages of frame relay? l Virtual circuits consume bandwidth only during data transport and many virtual circuits can exist simultaneously across a transmission line, l Each device can use more of the bandwidth as necessary, l Frame relay provides better error handling 30. What is a scatternet? When two or more piconets get connected it is referred to be as scatternet.
4.70 Computer Networking
31. What is Bluejacking? It is a message sent anonymously from one Bluetooth device to another one in the range. The sender is not aware of the receiver but if the receiver’s equipment has still got Bluetooth enabled, this kind of messages may arrive. This is very common in Airports, Railway stations and Malls. 32. What is Bluebugging? It will allow the hacker to take full control of the victim’s equipment and without his knowledge accessing the equipment can be done. Even, calls or messages can be sent from the victim’s equipment without his knowledge. 33. What are the advantages of Wi-Fi? l Wire free l Easy access l Automatic allowance of use l Ability for 802.11 b and 802.11 g to frequency hop l Supports roaming, the user can walk around a building from one access point to another 34. What is an access point referred to? It is basically a transceiver that transmits data between wired and wireless networking devices. Access point is usually connected with the help of Ethernet. One access point works efficiently only if it supports a small group of networks. It generally has a range of about 100 feet.
Chapter
5 Internet Protocol
Learning Objectives Complete attention is paid for network layer in this chapter. A good amount of discussion is done on IP, IPV4, Protocol format etc. A discussion on IPV6 is also carried out. Routing algorithms have been paid complete and full-fledged attention followed by most frequently used routing protocols. Light is thrown on Layer-3 protocols along with support protocol like DHCP. Finally as ever, quiz questions are given for which readers are expected to answer.
5.1
IP ADDRESSING (INTERNET PROTOCOL)
An IP address is a unique identification for a node which is connected on a network. Networks using TCP/IP protocol route messages based on this unique IP address only. Typically IP address will look like 10.10.127.220. This is called as IP-Version 4 and 6 is also being used globally these days. Readers will be introduced to IPV6 in the next few topics. IP addresses are 4 bytes or 32 bits long. They can be represented as binary or decimal format. Since decimal formats are much easier to remember many stay with decimal way of writing IP. Taking an IP as 10.10.10.220 and when represented in binary format it will looks like, 10. 10. 10. 220 fiIP address as decimal. 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1 128 64 32 16 8 4 2 1 fi8421 Representation. 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 fiIP address as Binary.
5.2 Computer Networking
The IP addresses are classified into Class A, Class B, Class C, Class D and E. All the classes are explained below in a brief. Fig. 5.1 shows the same. An IP is basically split into two halves. One is network Id and the second is host id. Classes of IP are formulated based on this net ID and host ID. Class A
0
0 net ID (7 bit)
host ID (24 bit)
Class B
10
0 net ID (7 bit)
host ID (16 bit)
Class C
110
0 net ID (7 bit)
host ID (8 bit)
Class D
1110
Multicast (28 bit)
Class E
11110
Future use (27 bit)
Fig. 5.1 Classes of IP
Class A This class is meant for a very huge network. Say a company which has so many braches and so many people working for it. There Class A will be used. In this IP address class, first octet can be from 1 to 126. It means there can be 126 networks possible with Class A. The first bit of first octet will always be set to zero. The Remaining 24 bits (3 octets) represent the host ID. With this class there can be ((2^24) – 2) IP addresses. It is close to 17 million hosts per network. So it is overt that this class IP will be used by large networks. A simple diagrammatic representation is presented in Fig. 5.2. 127 is used as a loop back address which is used for trouble shooting purpose. This means that it is used by the host computer to send a message back to itself. It is commonly used for troubleshooting and network testing. The ping has been done with 127.0.0.1. Ping has been done with 127.0.0.1 and the snap shot has been presented in Fig. 5.3. Class
IP Address
Network ID
Host ID
A
a.b.c.d.
a
b.c.d
B
a.b.c.d
a.b
c.d
C
a.b.c.d.
a.b.c.
d
Fig. 5.2 A simple way to remember class details {p: \ > ping 127.0.0.1 Pinging 127.0.0.1 with 32 bytes of data: Reply from
127.0.0.1:
bytes=32
timeset path=C:\java\jdk\bin B:\>set classpath=.; Compile server file first. B:\>javac TCPserver.java Execute it. B:\>java TCPserver Compile client file next. B:\>javac TCPclient.java Execute it. B:\>java TCPclient a. Type messages from the server window. Finish the communication by “end”. b. The messages will be sent to the client then. Figure 6.5 is the screen shot presenting the execution results. Screenshot of the execution results B:\>javac TCPserver.java
Note: ICPserver.java uses or overrides a deprecated API. Note: Recompile with -Xlint:deprecation for details. B:\>javac TCPserver hi i am server. pl accept my message. end end Ending.. B:/>_
B:\>javac TCPserver.java B:\>javac TCPclient hi i am server. pl accept my message. end.
Fig. 6.5 Screen shot of TCP server and client side execution results
Note: It is strongly encouraged that the reader should try with UDP programming with JAVA using Datagram Socket and Datagram Packet classes instead of socket n server socket classes
Transport Layer 6.9
6.4
QUALITY OF SERVICE (QOS)
This is very important area in computer networking which catches lot of attention from everyone. To explain what QoS a simple example is taken here is as reference. Reader when downloading some files from internet, if for downloading 10MB it takes one hour, how will be the reaction? Tough, definitely. When someone watches a video from YouTube, if it takes so long time to stream and play, will that person be happy? Not at all. So quality service must be felt by the end users and it is what is termed as Quality of Service. There are many parameters which will affect this QoS. The following paragraphs are going to deal about the ways a better QoS can be provided. QoS can be increased with the following powerful methodologies. 1. Over provisioning 2. Buffering 3. Congestion control a. Leaky bucket algorithm b. Token bucket algorithm c. Choke packets and d. Jitter control. All these are discussed in detail in the following pages.
6.4.1 Over Provisioning This is a little expensive method, but still authoritative. If someone wants their computer to work very fast, what should be done? Simple, adding more RAM, increasing processor speed, keeping latest version high speed OS will increase the speed of the computer and ultimately goal will be met. But, it is an expensive solution. Isn’t it? This is Overprovisioning. Co-relating this concept to networking, how can Overprovisioning be done? Increasing the router capacity, buffer space and bandwidth will help. It will make the packets flow through easily and as already referred it is an expensive solution.
6.4.2 Buffering Jitter is one factor which threatens a good QoS. Delay in the packets reaching the destination is referred to be as jitter. Buffering is the solution which can fight against jitter. Before the video or audio stream getting delivered, it can be buffered for few seconds and this will reduce jitter. Web sites that contain streaming audio or video like YouTube all use players that buffer for about 10 seconds before starting to play. If the bandwidth is low, much more must be buffered, or the whole play must be first stored on a local disk thus reducing the jitter.
6.10 Computer Networking
6.4.3 Congestion Control Mechanisms 6.4.3.1 What is congestion and when is it created? Well, to explain in layman words, If 5 people try to occupy a space where 3 people can stand, it is congestion. Another example, as shown in Fig. 6.6 is self explanatory.
Fig. 6.6 Congestion–A simple example
Coming to networking point of view it can be quoted as follows. “Network congestion is said to have occurred when a link is carrying so much of traffic in such a way that its quality of service is getting hit badly.” So what will be the effect of congestion? The following can be the drastic effects of congestion. 1. 2. 3.
Delayed service. Loss of packets and Increased retransmissions. So avoiding congestion is unavoidable. The following few paragraph will discuss on how congestion can be avoided and through which how improved service can be provided. One of the very important reasons of congestion is that traffic is often burst. If the hosts can control the rate of transmission and if it could be made more uniform, then congestion can be reduced to a great extent. And people from networking domain call it by the name Traffic Shaping. There are many ways to control congestion. Many algorithms have been proposed and many of them are successful and strongly accepted. Here the reader is introduced with two such algorithms which are very commonly followed and they are coming under the category of Traffic Shaping. a. Leaky bucket algorithm and b. Token bucket algorithm.
Transport Layer 6.11
6.4.3.2 Leaky Bucket Algorithm It is very simple to understand it is a very effective mechanism as well. Reader can refer to Fig. 6.7 for understanding the basic concept. Assuming a bucket with a small hole, the concept is explained. Amount of water poured in will come out of the bucket at a constant rate through the hole. So there will be a regulated output through the leaky bucket. If the bucket is in an overflow condition, then the incoming packet (water) will be discarded. And when there is no input, there will be no output as well. Fine, how this concept is related to the networking and that too congestion control. It is interesting. Reader can refer to Fig. 6.8 which has the Fig. 6.7 reframed in such a way that it can fit into networking.
Fig. 6.7 Leaky bucket
Fig. 6.8 Leaky bucket – Refined
Same as real life example shown in Fig. 6.8, here also the constant output rate is obtained irrespective of the burst input. The host will inject one packet per clock tick to the network and this will therefore get the uniform flow of the packets and will smoothen the flow with improved QoS and reduced congestion. When the packets are of same size it has no problem with one tick per packet. But if the packets are of different sizes then it is nice to allow a fixed number of bytes per tick. e.g. 1024 bytes per tick will allow one 1024-byte packet. One common question may ascend in readers mind, how will be buckets implemented? The bucket is finite queue that outputs at finite rate. Congestion control is achieved by discarding packets arriving from the host (input) when the queue is full. Having had a detailed discussion on Leaky bucket algorithm, it would be easier for the reader to get into the Token bucket algorithm which is equally famous and efficient.
6.12 Computer Networking
6.4.3.3 Token Bucket Algorithm In some cases, there might raise a need to send burst data at output. Token bucket algorithm is framed for that purpose. The following steps can be read to understand the algorithm: 1. 2. 3. 4.
In a regular span of time a token is thrown to the bucket. The bucket can have maximum number of tokens. Packets from the host can be transmitted only if there are enough number of tokens exists. When a packet has to be transmitted a token is removed from the bucket and packet can be sent. 5. If there is a need for larger burst transfer, the bucket can store more number of tokens and can facilitate a burst packets transmission. The following Fig. 6.9 stands as a support for understanding the token bucket algorithm.
Fig. 6.9 Token bucket algorithm
There are many other congestion control methodologies followed. Out of them important and most commonly used are explained in detail as follows:
Choke packets Load shedding and Jitter control. The first one to see in the above mentioned list is choke packets.
6.4.3.4 Choke Packets This is yet another congestion control mechanism. It is a simple mechanism and it is explained as follows. It is used for the congestion control and router will right away directly address the source node (Sender) to reduce its sending rate as it is creating congestion. The source node will listen
Transport Layer 6.13
to it and will reduce the sending rate. One of the known examples is Internet Control Message Protocol (ICMP) source quench packet. Normally routers will do a frequent check over the network by analyzing few factors as the line utilization; congestion occurrence etc., In the event of finding a glitch router sends a “Choke Packet” to the source. The source node if co-operative (most of the cases it will be so) will listen to the packet and it will cut the sending rate by 50% and will further ignore the choke packets from the router for a fixed period of time. After the cut-off time is over it will now start looking for the choke packets. If a choke packet again arrives, the rate will be cut by half again. So obviously the congestion will be seen reduced. And in the event of no choke packet arriving, the sender host may increase the sending rate. There might be some uncooperative host which may not respect the choke packet and it will hit the performance and QoS. The above concept is diagrammatically represented in Fig. 6.10.
Fig. 6.10 Choke packets
Over a long distance choke packets may not be very effective. So an efficient way is to send choke packets hop-by-hop and it is termed as hop-by-hop choke packets. This choke packet informs each hop to reduce its sending speed even before the choke packets reach the hops. The next method to be discussed is Load Shedding.
6.14 Computer Networking
6.4.3.5 Load Shedding When the buffer in router becomes full, router will go mad in this situation with being suffused by packets that they cannot handle. So the simple and best way that the router follows is to discard the packets that it cannot handle. And why cannot choke packet will be useful here or what is flaw with it? Well, nice question to answer. When there is congestion already in a network will it not be bad to send one more packet to congested network? Yes. So load shedding will serve the purpose and it solves the congestion to a better extent. And next question which packets can be dropped? What will be the priority for dropping packets? Answer is, it depends on the application. For example, for file transfers it is best to throw away newer packets as discarding older packets will cause a gap in the received data. Taking multimedia applications older packets are best. One important note on Load shedding, this method is followed when all other methods are failing. The following Figs. 6.11 and 6.12 depict the concept of load shedding in a simpler way.
Fig. 6.11 Load shedding - 1
Fig. 6.12 Load shedding - 2
Transport Layer 6.15
Reader will find it interesting with the next topic as well and it is on Jitter control.
6.4.3.6 Jitter Control When there is network congestion, it will cause a delay in the packets reaching the destination. That variation in the time is referred to be as Jitter. So what will be the effect of jitter? Performance degradation and reduced quality of service would be effects of jitter. And how can this be compensated? Calculating the expected transit time for each hop will help. When a packet reaches a router, the router will check what is the status of the packet? It will check if the packet has reached in advance or it is a delayed reach. This information is carried in packets. If at a hop the packet is found to be behind the schedule, the router can increase the priority and send it faster and it will eventually reduce the jitter. If a packet is ahead of schedule, router will decrease the priority and shall schedule it for sending later and thus reducing jitter.
POINTS TO REMEMBER
TCP is transmission control protocol and it is a connection oriented protocol. UDP is a connection less protocol and it is not as reliable as TCP. TCP offers flow control, retransmission and error detection. TCP needs a connection to be established before transferring information. TCP uses 3 cycle handshake mechanism to establish connection. Network congestion is said to have occurred when a link is carrying so much of traffic in such a way that its quality of service is getting hit badly Leaky bucket and token bucket are two commonly used traffic shaping algorithms. Router will send a choke packet to the source node reduce its sending rate when congestion is felt. Load shedding is preferred when all other mechanisms of congestion control fails. Delay in the packets reaching the destination is termed as jitter.
QUIZ 1. 2. 3. 4. 5.
What is the responsibility of transport layer? State the scenario where transport layer is useful? What are the most commonly used transport layer protocols? Why is TCP much preferred? What is the specialty about TCP?
6.16 Computer Networking
6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28.
In TCP packet format, what is the data length of HL? What are the flags supported in TCP? What is the purpose of FIN flag? What does ‘Window’ specify in TCP frame format? What is the need of ‘Checksum’ in TCP frame format? What is urgent pointer and what does it meant for? Write in brief on connection establishment process in TCP? What is passive open and active open? How is TCP different from UDP? Can you prefer UDP over TCP for highly important data transfer? Where can UDP be used? State three differences between TCP and UDP? What is QoS? Why is it important? What are the methodologies followed to get a better QoS? What is a ‘Jitter’? How can it be avoided? What is congestion? What are the effects of congestion? What are the two commonly used traffic shaping algorithms which will help in controlling congestion? How are buckets implemented in Leak Bucket algorithm? What is the sequence of steps followed in Token Bucket algorithm? What is a choke packet? What is Load shedding and how is it useful? Why is choke packet not a great idea? How can Jitter be compensated?
ANSWERS 1. Transport Layer provides transparent transfer of data between source and destination. I.e. it is responsible for end to end data transfer. 2. The lower layers may drop packets, but transport layer will perform a sequence check on the data. If say, 10MB of data is transferred, it will make sure 10MB is received. Transport layer makes sure that it establishes, maintains and terminates the connections after transfer of data is complete. 3. Two common protocols are deployed in this layer. Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). 4. TCP is preferred due to the two main reasons: a) Flow control and b) Guaranteed delivery.
Transport Layer 6.17
5. TCP is a connection oriented protocol. What does that mean? When a message has to be sent from source to destination, a connection will be established first and will be retained until the data transfer is over. So reliability is ensured in a big way here in TCP. Guaranteed delivery is the key when TCP is used. 6. If options are not used TCP header will be 20 bytes long and if used it will be 32 bytes long. 7. URG, ACK, PSH, RST, SYN, FIN. 8. If set, this bit field indicates the receiver that the sender has reached the end of its byte stream for the current TCP connection. 9. ‘Window’ will inform the sender on number of bytes that the receiver wants to receive is willing to receive. 10. ‘Checksum’ is used in error checking. 11. Urgent pointer serves as an indication for the sequence number after which information becomes urgent. 12. TCP Connection establishment is carried out in a 3-way handshake fashion. The server should be ready to listen, await a connection request. It is called as passive open state. 13. When the passive open state of the server is set, the client can now play. It can now raise a connection request and it is called active open. 14. The UDP is connectionless protocol working at transport layer where as TCP is connection oriented protocol in the Transport layer. 15. UDP is unreliable and it does not provide a guaranteed delivery or flow control or error recovery mechanism. As seen already it is a connectionless protocol, it requires no handshaking mechanism. Packets may arrive out of order or may arrive late or may not arrive at all or can be duplicated. So TCP is better for highly important data transfer. 16. UDP is used for the speedy delivery. There is no guarantee that the data will be delivered in full to the destination. But it does it so fast. Where ever speed is the need, there UDP can get in. The reason for the speed is, there is no flow control or error correction. UDP is deployed widely in streaming applications. 17.
S.NO.
TCP
UDP
1
Connection oriented
Connection less
2
Flow control and retransmission
No flow-control
3
Guaranteed delivery
Best effort delivery
18. QoS-Quality of Service. Reader when downloading some files from internet, if for downloading 10MB it takes one hour, how will be the reaction? Tough, definitely. When someone watches a video from YouTube, if it takes so long time to stream and play, will that person be happy? Not at all. So quality service must be felt by the end users and it is what is termed as Quality of Service. 19. QoS can be increased with the following powerful methodologies. 1. Over provisioning 2. Buffering
6.18 Computer Networking
20. 21.
22. 23. 24.
25. 26.
27.
28.
3. Congestion control a. Leaky bucket algorithm b. Token bucket algorithm c. Choke packets and d. Jitter control. Delay in the packets reaching the destination is referred to be as jitter. Buffering is the solution which can fight against jitter. Network congestion is said to have occurred when a link is carrying so much of traffic in such a way that its quality of service is getting hit badly. The following can be the drastic effects of congestion. l Delayed service. l Loss of packets and l Increased retransmissions. a. Leaky bucket algorithm and b. Token bucket algorithm. The bucket is finite queue that outputs at finite rate. Congestion control is achieved by discarding packets arriving from the host (input) when the queue is full. The sequence of steps followed in Token Bucket algorithm are: l In a regular span of time a token is thrown to the bucket. l The bucket can have maximum number of tokens. l Packets from the host can be transmitted only if there are enough number of tokens exists. l When a packet has to be transmitted a token is removed from the bucket and packet can be sent. l If there is a need for larger burst transfer, the bucket can store more number of tokens and can facilitate a burst packets transmission. Choke packet is used for the congestion control and router will right away directly address the source node (Sender) to reduce its sending rate as it is creating congestion. When the buffer in router becomes full, router will go mad in this situation with being suffused by packets that they cannot handle. So the simple and best way that the router follows is to discard the packets that it cannot handle. When there is congestion already in a network will it not be bad to send one more packet to congested network? Yes. So load shedding will serve the purpose and it solves the congestion to a better extent. Calculating the expected transit time for each hop will help. When a packet reaches a router, the router will check what is the status of the packet? It will check if the packet has reached in advance or it is a delayed reach. This information is carried in packets. If at a hop the packet is found to be behind the schedule, the router can increase the priority and send it faster and it will eventually reduce the jitter. If a packet is ahead of schedule, router will decrease the priority and shall schedule it for sending later and thus reducing jitter.
Chapter
7 Application Layer: An In-depth Analysis Learning Objectives Focus is over application layer in this chapter. Protocols like FTP, SMTP, MIME, POP#, WWW, HTTP, DNS, and SNMP are discussed in this chapter. Quiz questions are given at end of chapter for which readers are expected to answer.
7.1
FTP (FILE TRANSFER PROTOCOL)
File Transfer Protocol, known as FTP, is a most commonly used protocol to upload or download files to and from servers.
7.1.1 FTP - Basic Client - Server Operation Basically two machines are needed for performing the FTP transaction. One is a client and the next is the server. To put it in networking terms client is named as local host and server can be called as remote host. Local host will have to initiate the transfer, always. There are many FTP commands available, but two commands are referred here for capturing a clear understanding. put and get are the commands that will help the client to copy and fetch files from the server. put will always copy file from client to server and get will copy the files from server to client. A schematic representation is shown in Fig. 7.1. And a user can have FTP used through a command line interface or graphical user interface. It requires Login permissions with which one can get in to the server and do put and get operations easily.
7.2 Computer Networking
Fig. 7.1 FTP–Diagrammatic representation
7.1.2 FTP - Commonly used Commands Assuming that 10.127.12.103 is the remote server (FTP server) to which the user has to login, following command can be used to get logged in. ftp [email protected] (or) ftp user.ftp.com It will immediately prompt for the user to enter the password. If the password matches, then access permissions are presented to the logged in user. A Schematic which has the snap shot of FTP screen is presented in Fig. 7.2. C:\mywebstuff. ftp pine.edu Connected to pine-edu 220 Microsoft FTP Service User : NAU-STUDENTS\abc1234 331 Password requred for NAU-STUDENTS\abc1234 Password: 230 User NAU-STUDENTS\abc1234 logged in. ftp>
Fig. 7.2 FTP–Login snapshot
A set of few commands are presented here for FTP which are very frequently used. a. Listing ‘ls ‘ is the command used for listing the content of the current directory. It will list the content of the directory with permissions, date and time of creation, memory space occupied etc., Command ‘dir’ can also be used for listing the content of the current directory. b. Change Directory ‘cd ’ will help navigation to the specified directory. If the navigation is successful command successful message will be seen else no such directory message will be displayed. c. To Download a File ‘get ’ will fetch the file from server. if the file specified is present, it will be get and command will be successful. In other case it will say file is not present.
Application Layer: An In-depth Analysis 7.3
d. To Copy a File to FTP Server ‘put ’ is the way to put a file into the server (i.e. copy a file from client to server). Had there been enough space available, the copy will be smooth, else it will throw appropriate error message. e. To Get Multiple Files In the event of user wishes to download many files from the server, then mget can be used. Syntax for the command is similar to get, but with a small change. ftp> mget *, will download all the files from the server. ftp > mget *.txt will download all the text files. Likewise operations can be performed. f. To Put Multiple Files To copy multiple files to the server mput can be used. mput *.txt, will copy all the text files from client to server. g. To Delete a File ‘delete ’ can be used to delete a file. If the file mentioned is not present, it will not be successful. if present it would be removed. h. Making and Removing a Directory ‘mkdir ’ will get a directory created and ‘rmdir ’ will remove the directory specified. i. To Logout/Quit ‘quit’ can be issued to close the current session and quit ftp client. ‘bye’ can also be used to perform the same task. j. Modes of Operation FTP can be prompted to work with binary or ascii mode. To set ascii mode, one should type ascii from ftp prompt. It will be better to use this mode for text files. ‘binary’ has to be typed for setting binary mode. Zip files, images can be transferred through this mode.
7.1.3 How FTP Works? When user wants to transfer data, FTP will set up a TCP connection to the target system. Then the user ID and password will be asked for and if successful, the user can go ahead with desired action. Here a beauty to be noted is, FTP uses two connections. One for commands and other for sending and receiving data. FTP is indicated with a standard port number 21. It is meant for sending commands and it meant only for it. So it is called as command port. For an instance, when command ls is issued, server will list the content of current directory and send that information to the client. So what will be the case for connection used to send and receive data? A port that helps in transferring data is termed as data port. And the data port number is dependent on if the mode of operation is active or passive.
7.4 Computer Networking
Reader now should spend some time in understanding this concept of active and passive connections. FTP server can support active or passive connections or both. Reader is exposed to both the modes of connection.
1. Active Mode In an Active FTP connection, the client opens a port and listens and the server actively connects to it. If Active mode of connection is preferred then the administrator must set firewall to accept connections to the port that FTP client will open. Active FTP servers generally use port 20 as their data port. Figure 7.3 represents the active FTP connection.
FTP Server
FTP Client Data Port 38069*
Command Port 37843*
Command Port 21
Data Port 20
Client uses Random Port to connect to Server's Part 21 to establish connection Server then opens data connection form Server's Port 20 to Client's computer on a Random Port
Fig. 7.3 Active FTP connection
2. Passive Mode I n a Passive FTP connection, the server opens a port and listens (passively) and the client connects to it. It’s a good idea to use Passive mode to connect to an FTP server. Most FTP servers support the Passive mode. For Passive FTP connection to succeed, the FTP server administrator must set her firewall to accept all connections to any ports that the FTP server may open. Figure 7.4 represents the passive FTP connection. Having gone through the details of FTP, it would be a nice journey to move to Telnet. Telnet is the one to be discussed next in detail.
7.2
SIMPLE MAIL TRANSFER PROTOCOL (SMTP)
When data manipulation became a popular application of computers, it was necessary to establish communication between different systems. These systems may be on the same network or different network. For effective communication between the computers on the same or different network, it was necessary to establish a basic protocol so that the message transmitted would be understandable. To generalize the mode of communication between the systems, some kind of rules or standards
Application Layer: An In-depth Analysis 7.5
FTP Client Data Port 55919*
FTP Server Command Port 58405*
Command Port 21
Data Port 50821*
Client uses Random Port to connect to Server's Part 21 to establish connection Client uses Random Port to open data connection. Server must have this random port open in rewall. Client's rewalls usually automatically allow whichever port is chosen.
Fig. 7.4 Passive FTP Connection
needed to be established. This paved way to the beginning of protocol for communication and data exchange. SMTP protocol stands for Simple Mail Transfer Protocol. Without this protocol, e-mails would never been this simple and ubiquitous. Would it not be interesting to understand what forms the basement of our modern e-mails? So, to understand how this protocol works, the reader may go through the following paragraphs.
7.2.1 Simple Mail Transfer Protocol The Simple Mail Transfer Protocol was introduced in RFC 821 in 1980’s. It is based on TCP/IP and the most widely used port number is 25. It was introduced as ASCII and text-based protocol. When binary files were to be sent, they were ASCII encoded and sent. SMTP is not stand alone. It is widely used in combination with POP3 and IMAP protocols. SMTP is widely used at the sender end while POP3/IMAP compliments it at the receiver end. SMTP does not provide facilities for queuing of messages from its client. Hence, it is usually used at the sender side. Since the receiver side mostly have the necessity to store the message, queue or a buffer may be required. Hence, POP3/IMAP is used at the receiver end. Fig. 7.5
7.2.2 How SMTP works?? The working of SMTP can be explained in a simple step by step process as follows: Step 1 – A mail request is raised by the sender (client to SMTP server) to the SMTP server. Step 2 – The sender SMTP establishes 2-way communication channel with the receiver SMTP, which may the final destination for the mail or an intermediate system.
7.6 Computer Networking
Port:25
POP3/IMAP
SMTP server
CLIENT
TCP/IP
Sender
Fig. 7.5 Basic Overview diagram
Step 3 – Once the channel is established, commands are sent from the sender to the receiver. Step 4 – The receiver replies appropriately.
7.2.2.1 Basic Commands There are 3 basic commands which are used to establish connection and communicate between sender and receiver. MAIL – This command indicates identity of the sender. If the receiver accepts this sender, then a reply ‘OK’ is sent as reply/acknowledgement. RCTP – If the recipient replies with an OK, then this command comes into role. It is basically used to identify the mail recipient. If the receiver is an intermediate system and recognizes the receiver address, then it replies an ‘OK’, else rejects it. DATA – once the sender and receiver have recognized each other and acknowledgements have been passed, the message data is sent across the channel. Once the receiver reaches the end of File system Sender data, it sends an ‘OK’ as acknowledgement to the complete data reception. Figure 7.6 has the schematic represented neatly. It is necessary for the sender to know the destination host and destination mail box name. The MAIL command offers the reverse path or the return route as it traces the route back to the sender. The RCPT command provides the forward path or the source route as it throws light on the recipient. If multiple recipients are to be addressed by the sender (i.e. sending the mail to multiple recipients), then 1 copy of data is transmitted for all recipients at the same destination host.
Sender SMTP
SMTP commands/data Receiver SMTP
Receiver
File system
Fig. 7.6 SMTP schematic representation
Application Layer: An In-depth Analysis 7.7
7.2.3 What SMTP can do??? SMTP offers the basic platform required for effective communication or message transfer between systems. Apart from establishing a communication channel and transferring the data between the sender and receiver, SMTP protocol offers few additional services as well. The services are as follows: Mail Transaction: Mail transaction occurs through commands like MAIL, RCTP and DATA, which have been discussed already. These commands help to establish channel, authorizes the sender and receiver and transmits the message. Forwarding: RCTP command usually contains information about the recipient. If the destination information is incorrect in the , then the mail would not be delivered to the expected receiver. To overcome this problem, SMTP provides ‘forwarding’ facility. When destination information is incorrect and the receiver SMTP knows the correct destination, then it can send either of the two responses below: I. Receiver SMTP replies with the message that the user is not local and it automatically forwards the message to the correct path; provided it has information on it. II. Receiver SMTP replies with the message that the user is not local and offers a forward path back which could lead to the expected recipient. Verifying and expanding: Verifying and expanding offer more services than what is expected from basic SMTP. In order to verify the username, VRFY command is used. To expand the mail list, EXPN command is used. The input to the VRFY command is the string of username and the output is full name of the user with or without the mail box of the user. Similarly, the input to the EXPN command is the mailing list and the output is a multiline response containing the full name of the user and the mail box of the mailing list. Username
VRFY
Full name of the user mail box of the user
Mailing list
EXPN
Full name of user + mail box of mailing list
Fig. 7.7 VRFY and EXPN
Sending and Mailing: Though both sending and receiving appear to serve the same functionality; a striking difference exists between both. Delivery of the message to the user’s mailbox is called ‘mailing’. This requires the mail box address of the user to be known while sending the message. Sometimes, messages may have to be delivered directly to the user’s terminal for specific purposes. Message delivery directly to the user’s terminal is referred as ‘sending’.
Sending Commands I. SEND – This command offers the ‘from path’ or the information about the source or sender. II. SOML – SOML stands for Send Or Mail command. Sometimes, the user may not be active. In such cases, the mail data is entered into the user’s mailbox. Transaction is successful if the
7.8 Computer Networking
message is delivered either to the user’s terminal or to the user’s mailbox, hence the name ‘send’ or ‘mail’. III. SAML- SAML is Send and Mail command. As the name indicates, the message should reach both the user’s terminal and the user’s mailbox. Message is delivered to the terminal if the user is active. Irrespective of whether the user is active or not, the message reaches the user mailbox. The transaction is successful if the message reaches the mailbox. Opening and Closing: For message transmission between sender and receiver, a channel needs to be established before the sending starts, i.e. opening of the channel. Once the transmission is over, the channel needs to be closed. If the receiver intends to send the message to the sender, then the reverse path is followed. Identifiers are added to the message as it transmitted from sender to receiver. These identifiers are traced back and the message travels back to the sender from the receiver, when the receiver wishes to return the message to the sender.
7.3
MIME (MULTIPURPOSE INTERNET MAIL EXTENSIONS)
SMTP has a very big limitation, it supports only the ASCII format and it cannot support any other formats or languages. This is a flaw and it has been overcome with the help of MIME which is expanded as Multipurpose Internet Mail Extensions. MIME provides much greater flexibility than RFC-822 and it is an extension of the same. MIME provides a means to interchange text in languages with different character sets. Multimedia e-mail can be sent between different computer systems that use the SMTP protocol. MIME facilitates in sending and receiving email messages that contains any of the following formats as shown in Table 7.1: Table 7.1 File Types Supported by MIME Type of file Files in ATOM format CAS files JavaScript files AutoCAD files MPEG4 files IGES CAD exchange format Non-interpreted binary files Microsoft Word document files Adobe Acrobat files PostScript files Rich text format SGML files
Application Layer: An In-depth Analysis 7.9
Microsoft Excel Spreadsheet Files Microsoft Power point presentation files XML file Compressed ZIP files Basic audio files MPEG audio files MPEG-4 audio files AIFF audio files Wave audio files Gif images Jpeg images Images PNG Tiff images PBM Bitmap files PBM Graymap files PBM Pixmap files Zip archive files GNU zip archive files Style sheet Comma-separated text files HTML files Unformatted text files Rich text files Rich Text Format text files Tab-separated text files XML files H.264 videos DV videos MPEG videos QuickTime videos Microsoft Windows videos
MIME simply transfers the non ASCII format of data (Can be any of the above) to ASCII data and vice versa will be happening at the other end. With MIME one will get the following benefits:
7.10 Computer Networking
1. 2. 3. 4.
To send multiple attachments with a single message; Use of character sets other than ASCII code; Use of rich text (layouts, fonts, colors, etc) Binary attachments (executables, images, audio or video files, etc.), which may be divided if needed. A MIME type is comprised with following components as shown in the header format below (Table 7.2): Table 7.2 MIME Header Format with Description Kyeword
Value
MIME-Version
Specifies the version number. It is 1.0 here in this case.
Content-Type
Used to classify documents attached to an e-mail. A GIF image, has the following MME type: content-type: image/gif
Content-Transfer=Encoding
Transfer encoding header is used to specify an encoding format for the message body.
Content-Description
A plain text description of the object within the body, which can be used then the object is not in the human readable format.
Content-ID
An identifier, but unique
With this one can move on to Post Office Protocol.
7.4
POP3 (POST OFFICE PROTOCOL)
POP stands for Post Office Protocol. It is an application layer internet standard protocol. Just like how SMTP is widely used on the server side to send e-mails, POP is usually used on the receiver side to retrieve emails. POP is employed at the client end to retrieve emails from remote server over TCP/IP. The current version of this protocol is POP3 and this version of the protocol is supported by all webmail caterers like Yahoo, Google, Hotmail, etc.
7.4.1 POP POP compliments the SMTP on the receiver side as it is capable of offering means to store the emails and to retrieve them as and when the client needs it. A similar service is offered by another protocol namely IMAP. POP and IMAP are the most widely used protocols at the client end. When configuring the email client, it is necessary to enter the type of mail server, namely, POP or IMAP. Although IMAP addresses complex issues than POP, POP is widely used as it is simple and widely supported. POP was first introduced in RFC 918 and the current version, POP3 is present in RFC 1081.
Application Layer: An In-depth Analysis 7.11
Whenever a client logs in to the internet and wants to retrieve the messages, POP offers a simple solution. The client simply connects to the network, downloads the email from the server, stores it, and deletes the mail form the server. POP functions on well known port number 110. Security aspects of POP have been increased as the version progresses. POP3 addresses enhanced security aspects. Encrypted communication is achieved in POP3S (secure version) by using Secure Socket Layer (SSL) or Transport Layer Security (TSL). With POP3 in usage, it is not necessary for the client to stay connected to the internet always to receive and store the email messages. The user can login as and when required to send or receive messages. There is a unique identifier attached to every message which is permanent and unique to mail drop. This allows the client to access the same message in different POP sessions.
7.4.2 How POP3 Works?? There may be numerous small nodes in the network. It obviously becomes difficult to install Message Transfer System (MTS). A remedy to this is the mail drop service as in POP3. POP3 is a method of delivering emails. It is widely used to receive emails. Whenever emails are delivered, the server filters the messages to appropriate user folders. When the client logs in, messages are downloaded from the server to the user’s hard disk. A step by step working of POP3 protocol is discussed below: 1. The client establishes connection with the POP3 server. 2. The POP3 offers a greeting to the client as an acknowledgement. 3. The client and the server exchange a series of commands and responses over the established channel. 4. Once the required data transfer is done, the client sends signal to terminate the connection. 5. The server acknowledges it and the connection is closed. Connection Greeting
Client
Commands/Response
POP3 Server
Connection closed
Fig. 7.8 Diagram depicting the working of POP3
7.4.3 Commands and Responses The commands in POP3 are case insensitive. The arguments to the commands are usually up to 40 characters long. The responses to the commands are status indicators and keywords. The
7.12 Computer Networking
status indicators are of two types: positive and negative. The positive responses are indicated by ‘+OK’ and the negative responses are indicated by ‘-ERR’. The maximum length of the responses can be up to 512 characters long. The responses could be multi line sometimes depending on the command issued.
7.4.3.1 Minimal POP3 Commands The following are the most commonly used POP3 commands: 1. 2. 3. 4. 5. 6. 7. 8. 9.
USER name PASS string QUIT STAT LIST [msg] RETR msg DELE msg NOOP RSET
7.4.3.2 POP3 States The Post Office Protocol consists of various steps and states between connection establishment with the client and connection termination. The various states are discussed below: 1. Connection – This is the initial state when the client wants to retrieve an email and hence establishes a channel for communication with the POP3 server. 2. Greeting – This is the second state in the protocol process. The server sends a greeting to the client and confirms the connection establishment. 3. Authorization – The client who initiated the channel must identify itself with the server as an authorized client for message retrieval. If the client authorization fails, then the connection is terminated and the messages cannot be retrieved. 4. Transaction – The transaction is the most important state in the protocol process. This is the state when the commands and responses are exchanged and the email message is subsequently transferred from the server to the client. 5. Update – Once the transaction has been complete, the QUIT command is exchanged. Once this command is received, it implies that the entire message data has been transferred and the client’s folder is updated with the email message. Before closing the connection, it is mandatory to update the folders. 6. Close – Once the QUIT command has been issued and accepted by both the parties involved and the update has been successful, the connection established for message transfer can now be terminated or closed.
Application Layer: An In-depth Analysis 7.13
7.4.4 When to use POP3? OP3 proves to be most efficient for use under the following conditions. These conditions state P the usage of POP3 protocol in daily life.
To check mail from a computer at a single location.
To remove mail from the POP3 server.
When connected to the internet through dial-up and being charged for the connection period.
7.4.4.1 Better Performance Better performance of POP3 can be guaranteed if few precautions are followed. By following and tracking these parameters, it is possible to improve the efficiency of the protocol and be benefitted by it. Reduce the size of the inbox. If the inbox size is too large, then it ends up consuming excessive memory on the server side.
Remove mail from the server after downloading it. By following this practice, it is possible to achieve better memory management. It is advisable to clear the mails once in fifteen days or once a month.
Checking mails frequently may lead to poor performance from the protocol end. Checking mails not frequently than fifteen minutes offers a better performance.
7.5
WORLD WIDE WEB (WWW)
The World Wide Web (Commonly known as WWW) is a system of interlinked hypertext documents accessed via the Internet. With the help of a browser like Google chrome/Mozilla Firefox/Internet explorer, one can access the web pages. In other words, it is a collection of several files stacked together and can be accessed through a browser. The content of the pages can be text, images or videos and there is no restriction in that regard. And one can use the www easily and it is very highly flexible and portable as well. WWW as many other protocols follows the client server architecture. The following Fig. 7.9 can be used as a reference for understanding the architecture followed for WWW. A client can raise a request to multiple servers and there will be no problem with it and it is termed as distributed environment. The request sent by the client will have information such as site address (URL, for example www.en.wikipedia.org/wiki/cricket) to the server. The server will now search for the document on cricket from its repository and will send that to the client. This is the basic idea of the WWW. As seen from the figure shown above there are three important components shown as 1. A browser in client 2. Server and 3. URL (uniform resource locator)
7.14 Computer Networking Browser
Client
Server (Site)
SERVER BROWSER Request for the client through browser
Request
(Browser can be Chrome/Firefox etc.,) Response Response
The requested wed-page or wed-content
Fig. 7.9 WWW – Client Server architecture
Each of them has its own significance and knowing them in detail will help the reader to understand things better.
1. Browser Used by Client A browser like Google chrome or Firefox can be used by a client to access the resources from the server. Browsers interact with the server using protocols. These protocols help in the accurate transfer of data through requests from a browser and responses from the server. There are many protocols available on the Internet. The World Wide Web, which is a part of the Internet, brings all these protocols under one roof. HTTP, FTP, Telnet, email etc are all the protocols which are used through one platform, which is the web browser. To have a better look into the way browsers are built up, a small block diagram will help. Reader can refer to Fig. 7.10 for getting a better picture. A browser is composed of three components. Mainly the controller, next the protocols and finally the interpreters. The input (service request) will be fed from the computer through the browser. Then the protocols as FTP/SFTP/Http/Telnet will be used to fetch the document requested from the server and the interpreter will be used display the content back on the screen. This has been diagrammatically represented in Fig. 7.10.
2. URL A URL (Uniform Resource Locator) is a specific type of URI (Universal Resource Identifier). A URL is used to locate an existing resource on the Internet. A URL is used when a client is raising a request to the server for the service. IETF (Internet Engineering Task Force) has defined the concept of URL. Normally a URL is composed of three components. A URL is taken as a reference here and components are visualized. Reader can refer to Fig. 7.11.
Application Layer: An In-depth Analysis 7.15
Input Controller
Protocols - FTP / SFTP / Http / Telnet / SSH Monitor
Interpreters - HTML / Java Script / PHP / ASP.net
Fig. 7.10 Components of a browser Domain name
Path
World Wide Web
http://www.narosa .edu/Shriram/computer_networks/syllabus.html
Http Protocol
Folder of the person
Section / Topic
File name
Fig. 7.11 A Sample U R L
a. Scheme – The scheme identifies the protocol to be used to access the resource on the Internet. It can be HTTP or HTTPS. Here in this case it http. b. Host – It is the computer on which the information is stored. The information is stored in this host machine and they are named. That is referred to be as website name and it usually starts with www as shown in the above figure. Domain name is a part of URL and here in this case it is .edu which specifies it is an education related site. c. Path – It represents the path name of the file where the information is located. Slashes are used to represent the directories. Here in this example the file needed is syllabus and its complete path is represented.
3. Server All the information will be stored in a computer called as the server. The requests when forwarded through the browser to the server will be responded with the web page and the requested service will be provided to the client. A server can answer multiple queries.
7.16 Computer Networking
Fig. 7.12 Cookies
Food for brain: People whoever work with computer must have heard of the name cookies. What are cookies? How are they useful? These questions have to be answered. What are cookies? – As shown in Fig. 7.12 when a client sends a request to the server, the information on the client will be stored in a file in the server and the same will be sent to the client when the response is being sent and the cookies will be stored in the cookies directory of the browser. Figure 7.13 shows the cookies options in the internet explorer browser. And 7.13 clearly state that it stores the information from the websites as the login credentials. How are cookies useful? – When a request is being sent to a server, the browser will search into the cookies directory to check if there is a cookie already present which is sent by that server. If present then it will also be included in the request which is about to be sent. So there will not be any need for the server to create new cookie file for the client. As it has already dealt with the client the processing goes easier and faster. This is the purpose of cookies. Cookies would be understood neither by the user nor by the browser. It will be used only by server. Having read on the WWW it is apt now for a reader to go ahead and understand on HTTP. The next topic is HTTP.
7.6
HYPER TEXT TRANSFER PROTOCOL (HTTP)
HTTP stands for Hypertext Transfer Protocol. It is the network protocol used to deliver virtually all files and other data on the World Wide Web, whatever is the type of file. Be it image files, query results, or anything else. Usually, HTTP takes place through TCP/IP sockets
Application Layer: An In-depth Analysis 7.17
Fig. 7.13 Cookies Options in IE
A browser is an HTTP client because it sends requests to an HTTP server (Web server), which then sends responses back to the client. The standard (and default) port for HTTP servers to listen on is 80. The entire process can be narrated easily. The client will send the request to the server in a specific format and it will look like an electronic mail message and server will respond in a similar fashion. There are two messages, one request and the second one is obvious, the response. The reader will now be taken through both the message formats with explanation.
7.6.1 HTTP Request Message The following Fig. 7.14 can be taken as reference to understand the request format GET / somedir/syllabus.html HTTP/1.1 Host: www.pearson.edu User-agent: Mozilla/4.0 Connection: close Accept-language:fr
Fig. 7.14 HTTP Request Message
7.18 Computer Networking
A request message as seen above will have request line, headers and a body. The first line of a request message is the request line; the subsequent lines are called the header lines. The request line is composed of three components namely: 1. Method field 2. URL field and 3. HTTP version field. GET, POST, and HEAD are the commonly available methods. HTTP request messages will use the GET method most of the times. The GET method is used when the browser requests an object, with the requested object is present in the URL field. Then comes the version field and it is HTTP 1.1. Connection: close header line implies that the there need not be a continual connection. Once the requested object has been received it can close the connection. And there is a column on user-agent in the request format which states which browser is being used for the request. Here in this example it is Mozilla. And the last line of the request message is having an option as accept-language; it specifies which version of the object the user prefers. If that option, say French is supported it will be sent. Else the default version will be sent. Having seen the request format the reader can now walk through the response format with ease.
7.6.2 HTTP Response Format Figure 7.15 represents the HTTP response format. HTTP/1.1 200 OK Connection: close Data: Fri, 06 July 2008 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modied: Mon,22July 2008 09:23:24 GMT Content-Length: 2321 Content-Type: text/html data data data data data...
Fig. 7.15 HTTP Response Message
It is similar to request format and it has status line, six header lines, and then the entity body. The entity body is the meat of the message and it contains the requested object itself. (Represented by data data data data data in the Fig. 7.15). The status line has three fields: the protocol version field, a status code, and a corresponding status message. Here in this classical example, the status line indicates that the server is using HTTP/1.1 and that that everything is OK (i.e., the server has found, and is sending, the requested object). Connection: Close header line is used to inform the client that the connection will be closed after sending the message. Date: shows the time and date of the response being sent by the server. Server: header line indicates that the message was generated by an Apache Web server and it is similar to the uses agent. User-agent: header line in the HTTP request message.
Application Layer: An In-depth Analysis 7.19
Last-Modified: header line is an indicator of time and date when the object was created or last modified.
Content-Length The header line indicates the size in number of bytes which is being sent in the response. The Content-Type: header line indicates that the object in the entity body is HTML text. The following Table 7.3 is summarizes of all status messages and corresponding codes. Table 7.3 HTTP Status Codes and Corresponding Messages
1xx: Information Messages: Message
Description
100 Continue
The server has received the request headers, and the client should proceed to send the request body
101 Switching Protocols
The requester has asked the server to switch protocols
103 Checkpoint
Used in the resemble requests proposal to resume aborted PUT or POST requests
2xx: Successful Messages Message
Description
200 OK
The request is OK (this is the standard response for successful HTTP requests)
201 Created
The request has been fulfilled, and a new resource is created
202 Accepted
The request has been accepted for processing, but the processing has not been completed
203 Non-Authoritative Information
The request has been successfully processed, but is returning information that may be from another source
204 No Content
The request has been successfully processed, but is not returning any content
205 Reset Content
The request has been successfully processed, but is not returning any content, and requires that the requester reset the document view
206 Partial Content
The server is delivering only part of the resource due to a range header sent by the client
3xx: Redirection Messages Message
Description
300 Multiple Choices
A link list. The user can select a link and go to that location. Maximum five addresses
301 Moved Permanently
The requested page has moved to a new URL
302 Found
The requested page has moved temporarily to a new URL
7.20 Computer Networking 303 See Other
The requested page can be found under a different URL
304 Not Modified
Indicates the requested page has not been modified since last requested
306 Switch Proxy
No longer used
307 Temporary Redirect
The requested page has moved temporarily to a new URL
308 Resume Incomplete
Used in the resumable requests proposal to resume aborted PUT or POST requests
4xx: Client Error Messages Message
Description
400 Bad Request
The request cannot be fulfilled due to bad syntax
401 Unauthorized
The request was a legal request, but the server is refusing to respond to it. For use when authentication is possible but has failed or not yet been provided
402 Payment Required
Reserved for future use
403 Forbidden
The request was a legal request, but the server is refusing to respond to it
404 Not Found
The requested page could not be found but may be available again in the future
405 Method Not Allowed
A request was made of a page using a request method not supported by that page
406 Not Acceptable
The server can only generate a response that is not accepted by the client
407 Proxy Authentication Required
The client must first authenticate itself with the proxy
408 Request Timeout
The server timed out waiting for the request
409 Conflict
The request could not be completed because of a conflict in the request
410 Gone
The requested page is no longer available
411 Length Required
The "Content-Length" is not defined. The server will not accept the request without it
412 Precondition Failed
The precondition given in the request valuated to false by the server
413 Request Entity Too Large
The server will not accept the request, because the request entity is too large
414 Request-URI Too Long
The server will not accept the request, because the URL is too long. Occurs when you convert a POST request to a GET request with a long query information
415 Unsupported Media Type
The server will not accept the request, because the media type is not supported
416 Requested Range Not Satisfiable
The client has asked for a portion of the file, but the server cannot supply that portion
417 Expectation Failed
The server cannot meet the requirements of the Expect request-header field
Application Layer: An In-depth Analysis 7.21
5xx: Server Error Messages Message
Description
500 Internal Server Error
A generic error message, given when no more specific message is suitable
501 Not Implemented
The server either does not recognize the request method, or it lacks the ability to fulfill the request
502 Bad Gateway
The server was acting as a gateway or proxy and received an invalid response from the upstream server
503 Service Unavailable
The server is currently unavailable (overloaded or down)
504 Gateway Timeou
The server was acting as a gateway or proxy and did not receive a timely response from the upstream server
505 HTTP Version Not Supported
The server does not support the HTTP protocol version used in the request
511 Network Authentication Required
The client needs to authenticate to gain network access
308 Resume Incomplete
Used in the resumable requests proposal to resume aborted PUT or POST requests
The above should have given the reader a clear clarity on HTTP and WWW. The next topic to be discussed is DNS and it is expanded as Domain Naming System.
7.7
DOMAIN NAMING SYSTEM (DNS)
Domain Naming System (DNS) is something that helps out the human in remembering lot of websites. It is pretty sure that reader will access google.com so almost all the times that they work on internet. Will the reader be able to convey the ip address of the google.com server? A million dollar question it is and the answer is no. Will the users be able to remember all the ip addresses of all the servers? Not at all possible. But the users can remember names. Yahoo.com, rediff.com or google.com should not be a problem to remember. There should be a system to convert the names to ip addresses and vice versa. The DNS is taking the responsibility to the task. When a user types google.com it immediately maps it 209.85.175.99 which is the ip address of google. com server. The following few lines will talk in depth on the DNS and the related methodologies.
7.7.1 Domain Naming Space The tree of domain names together is called the Domain Name Space. The following Fig. 7.16 represent the domain naming space and corresponding sections. The tree like above structure having lot of domain names is called as domain naming space. The domain names can consist up to 63 characters and only alphanumeric and – are allowed to be the part of the domain names. By taking the Fig. 7.16 as a reference it one can get the web address created. To start with Gmail is taken as an instance from the figure.
7.22 Computer Networking ROOT
arpa edu
com
in-addr
gmail
www
amrita
org
sastra
www
uk
om
icwai
www
www
Fig. 7.16 Domain Naming Space
Node name from the leaf node (www) to the root concatenated with dots and it will fetch www. gmail.com. Since ROOT node is represented by a NULL string it will not have any impact in the result of concatenation and NULL string is represented by a blank, which makes the job easier. Coming to the next interesting area of the domain names, one can refer the above diagram which has lot of domain names included as .org, .edu, .com, .mil, .uk, us, om and so on. What are they? The following table summarizes the list of few available domain names and corresponding description for the same. Table 7.4 Domain Names 1.
.edu – Educational websites, access could be restricted to that particular schools.
2.
.com – Commercial websites and openly accessible to everyone
3.
.org – Non beneficial organization websites and openly accessible to everyone
4.
.om – Represents a country. Here it is Oman.
5.
.uk – Represents a country. Here it is United Kingdom.
6.
.net – Network websites and open to all
On taking a close look into the picture, one can ask a question on what is in-addr and arpa domain mentioned in domain naming space. It is used for the reverse lookup purpose. Take a look into the Fig. 7.17. Reverse lookup option is used to resolve an ip address to a host name. Here in this case 124.89.85.123 has been fed as an input and it will be resolved to an appropriate host name. Having seen on the DNS, it would be apt for a reader to move further with SNMP.
7.8
SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)
SNMP is Simple Network Management Protocol defined by IETF (Internet Engineering Task Force). It is used to manage devices on IP networks. It can run on routers, hubs, bridges, printers,
Application Layer: An In-depth Analysis 7.23 ROOT
servers, modems and many more. It is used to monitor the conditions of the attached devices in the network. It helps the administrator to monitor the network remotely even. It helps in knowing amount of traffic flowing through a device. Also it can help in getting the details of CPU usage. Other than traffic and CPU usage details, one can also know the voltage and environmental details. One instance where the temperature monitoring is useful is with router chassis. If the temperature of the router chassis goes very high, the device may get damaged. In short it helps in managing the network, to identify and to isolate the network problems, to plan the network growth and so the performance.
arpa in-addr
123 85 89 124
Fig. 7.17 Reverse Lookup
7.8.1 SNMP Components SNMP is composed of three components – Agents, Managed devices and Network management systems (NMS). A managed device is the network node that contains an SNMP agent and that resides on a managed network. Managed devices store and collect management information and make this information available to NMSs using SNMP. Managed devices, sometimes called network elements, can be access server and routers, switches and bridges, hubs, computer hosts, or printers. An agent is a network-management software module that resides in a managed device and it will have the local knowledge of management information and translates that available information into a form compatible with SNMP. An NMS executes applications that control and monitor managed devices. NMSs provide the bulk of the processing and memory resources required for network management and one or more NMSs must exist on any managed network. SNMP protocol is used to receive and transmit information between the agents and managers and its role is very vital as well.
7.8.2 Management Information Bases Information in the database is represented by the term called as Management Information Bases and it is abbreviated as MIBs. These MIBs play a vital role in helping the management of the internet. An MIB specifies the managed objects. MIB is a text file and it follows the notation of ASN .1 which is expanded as Abstract Syntax Notation. MIB has got multiple groups and the following figure will help the reader in visualizing the groups available.
7.24 Computer Networking
SMI (Structure of management information) is the standard that defines on how to create an MIB. Object Identifiers (OIDs) are at the root of the Structure of Management Information (SMI) used to describe SNMP data. To make it brief, an OBJECT-IDENTIFIER or OID identifies a node in a global tree. All SNMP definitions – MIBs, objects, etc… are identified by their OID in this global tree. The root of the OID tree is defined by the ASN.1 standard, and has three nodes at its first level iso, ccitt and joint-iso-ccitt. OIDs should be unique, A Sample tree with the managed objects and OIDs mapped to them is shown below in Fig. 7.18. iso(1) 1 org(3) 3 dod(6) 6 internet(1) 1
private(4)
directory(1)
4
1 2
experimental(3)
mgmt(2) 3
mib-2(1) 1 system(1)
1
1
ip(4)
interfaces(2) 2
tcp(6)
4
Fig. 7.18 Sample tree
iso(1) org(3) dod(6) internet(1) mgmt(2) mib-2(1) system(1) should be read as 1.3.6.1.2.1.1. Reader can see lot of branches there from the picture as system, interfaces, Ip, tcp and so on.
7.8.3 SNMP Commands The following are the commands supported by SNMP 1. 2. 3. 4. 5.
GetRequest alias Get GetNextRequest alias GetNext GetResponse alias Response SetRequest alias Set, and Trap
Application Layer: An In-depth Analysis 7.25
How are these commands used in an operation? Reader can take a close look at the Fig. 7.19 can get a clear understanding. a. SNMP manager will get will first send GetRequest message to receive the value from SNMP agent. b. GetNextRequest is sent from the manager to retrieve the value of a next variable according to the hierarchical ordering of OIDs. c. When a manager wishes to modify a value or to set a value set-request is used. d. Get-response is sent by an agent as a reply to all the requests as GetRequest and GetNextRequest. e. Traps are reporting messages sent by the agent to the manager. The traps can pass on messages about the link getting down, cold restart, warm restart and link getting up. Most importantly, traps are received in port-162. GetRequest GetResponse
Port - 161
GetnextRequest
SNMP
GetResponse
Manager
Port - 161
SNMP AGENT
SetRequest GetResponse Port - 162
Port - 161
Trap
Fig. 7.19 Messaging Sequence – S N M P
7.8.4 SNMP Versions There are three versions of SNMP and they are named as 1. SNMP-v1 2. SNMP-v2 3. SNMP-v3 SNMP version had some serious troubles in security and they were addressed in SNMP v2, thus supporting improved security. SNMP v3 is a better version on v2. It supported enhanced security with hashing and encryption.
7.9
TELNET
It again follows client server architecture and it helps someone to login to a remote system after establishing a connection with the remote system which brings an illusion that the user is working
7.26 Computer Networking
directly with that remote computer. Telnet allows the user remotely access a computer over the Internet. There are many RFCs talking on TELNET protocol, but here very few are mentioned which are key RFCs. a. b. c. d.
RFC 854- Telnet Protocol Specifications RFC 855- Telnet Option Specifications RFC 856- Telnet binary transmission RFC 857- Telnet Echo Option Food for brain: What is an RFC? It is Request for Comments. It is a text document defining a protocol or policy used on the Internet. An RFC can be submitted by anyone. And if it gains enough interest, it may evolve into an Internet Standard and will be assigned with an RFC number. Once published, an RFC never changes. Modifications or changes to an original RFC are assigned a new RFC number. The TELNET protocol provides a standardized interface, through which a program on one host (the TELNET client) may access the resources of another host (the TELNET server) as though the client were a local terminal connected to the server. For example, a user on a workstation on a LAN may connect to a host attached to the LAN as though the workstation were a terminal attached directly to the host. Graphics capabilities are not available with most of the TELNET variants. And a notable thing is a TELNET server listens on TCP Port 23. The protocol can be well explained with by dividing it into three sections: a. Network Virtual Terminal (NVT) and b. Negotiations. The reader would be taken through both the above in the following paragraphs.
7.9.1 Network Virtual Terminal (NVT) Today’s network is composed of heterogeneous systems and the configurations can be different from machine to machine (keyboards, character sets, resolutions, length of lines displayed).Establishing communication between these systems with TELNET is always daunting and there needs a solution. Network Virtual terminal was found as a solution and it provides a standard interface. Following Fig. 7.20 can be taken as a reference and the concept of NVT can be understood in a much better way.
Telnet
Telnet
Client
Server
I/O device from the user end Format supported by client
Server Side NVT format conversion
Format supported by server
Fig. 7.20 NVT–Diagrammatic Representation
Application Layer: An In-depth Analysis 7.27
7.9.2 The Negotiations When certain terminals wishes to offer more services (additional), Telnet protocol offers a system of option negotiations enabling the use of advanced functions in the form of options on either side by initiating requests for its authorization from the remote system. The Telnet options separately affect each direction of the data channel. So, each end would be having the luxury to determine the options that it,
wants to use (DO)
refuses to use (DON’T)
wants the other end to use (WILL)
refuses that the other end use (WON’T)
One end can raise a request and it is the responsibility of the other to respond if to use it or not. A sample Table 7.5 is presented below with few options on board. Table 7.5 Negotiations Sender Sent
Receiver Responds
Description
WILL
DO
The sender wants to use one of the available facilities if the receiver can handle it. Option is now in effect
WILL
DONT
Receiver says it cannot support the option. Option is not in effect.
DO
WILL
The sender says it can handle traffic from the sender if the sender wishes to use a certain option. Option is now in effect.
DO
WONT
Receiver says it cannot support the option. Option is not in effect.
WONT
DONT
Option disabled. DONT is only valid response.
DONT
WONT
Option disabled. WONT is only valid response.
The following Table 7.6 summarizes the set of special characters or session control characters meant for TELNET actions. Table 7.6 TELNET Commands Name
Code
SE
240
NOP
241
DM
242
BRK
243
IP AO
244 245
Description
End of sub negotiation parameters. No operation Data mark. Indicates the position of a Sync event within the data stream. This should always be accompanied by a TCP urgent notification. Break. Indicates that the “break” or “attention” key was hit. Suspend, interrupt or abort the process Abort output.
7.28 Computer Networking AYT EC
246
EL GA
248
SB WILL WONT
250
DO
253
DONT
254
Indicates the demand that the other party stop performing, or confirmation that you are no longer expecting the other party to perform, the indicated option.
IAC
255
Interpret as command
247
249
251 252
Are you there? Erase character. The receiver should delete the last preceding undeleted character. Erase line. Go ahead. Used, under certain circumstances, to tell the other end that it can transmit. Sub negotiation of the indicated option follows. Indicates the desire to begin performing. Indicates the refusal to perform, or continue performing. Indicates the request that the other party perform, or confirmation that you are expecting the other party to perform, the indicated option.
There are a set of options available for negotiations between client and server. Few selected options are summarized in the Table 7.7 Table 7.7 TELNET Negotiation Options Code 1 3 5 6 24
Description echo suppress go ahead status timing mark terminal type
A simple example would help reader to understand how the codes will be used. Syntax: IAC,, Where, IAC is “Interpret as command”. If IAC is not specified it would not be seen as a command and instead it would just be seen as special characters. So IAC serves as an indicator. If the sender wants the other end to echo, it should send the following byte sequence 255(IAC), 251(WILL), 1 Where, 255 – IAC 251 – Code for informing that sender wants to do something. 1 – Code for Echo.
Application Layer: An In-depth Analysis 7.29
7.9.3 How to Login to a Remote System with TELNET? Simple task. If user is aware of the IP address or site address login can be done. (Provided user should have login permissions). Assuming a remote server’s IP as 168.165.12.44 login can be done with command $telnet 168.165.12.44 It will prompt for username and password.
POINTS TO REMEMBER
File Transfer Protocol, known as FTP, is a most commonly used protocol to upload or download files to and from servers. Put and get are the common FTP commands used for uploading and downloading the files from server. FTP protocol is based on the basic client and server architecture. Two modes of FTP operations are permitted, ACTIVE and PASSIVE mode. SMTP protocol stands for Simple Mail Transfer Protocol. E-mails would never been this simple and ubiquitous without SMTP. SMTP is not standalone; it is used with POP3 and IMAP widely. MIME is Multipurpose Internet Mail Extensions. MIME provides a means to interchange text in languages with different character sets. POP stands for Post Office Protocol. It is an application layer internet standard protocol. Just like how SMTP is widely used on the server side to send e-mails, POP is usually used on the receiver side to retrieve emails. POP is employed at the client end to retrieve emails from remote server over TCP/IP. WWW is World Wide Web and is a system of interlinked hypertext documents accessed via the Internet with a browser. WWW also follows the client server architecture. DNS is a naming system which helps in resolving the domain names to corresponding IP addresses and vice versa. SNMP is Simple Network Management Protocol defined by IETF (Internet Engineering Task Force). It is used to manage devices on IP networks. It can run on routers, hubs, bridges, printers, servers, modems and many more. It is used to monitor the conditions of the attached devices in the network. SNMP has three versions V1, V2 and V3. Latest versions are having enhanced security. TELNET is a remote logging in protocol and it will give an illusion as such the user is working on the machine itself.
7.30 Computer Networking
QUIZ 1. What is the basic idea behind using FTP? File Transfer Protocol, known as FTP, is a most commonly used protocol to upload or download files to and from servers. 2. What is the basic architecture followed in FTP? Basically two machines are needed for performing the FTP transaction. One is a client and the next is the server. To put it in networking terms client is named as local host and server can be called as remote host. 3. How will you login to the FTP server with IP 10.127.12.103? ftp [email protected] 4. What is the basic command used to download a file from the server? ‘get ’ will fetch the file from server. if the file specified is present, it will be get and command will be successful. In other case it will say file is not present. 5. How will you download multiple files from FTP server? In the event of user wishes to download many files from the server, then mget can be used. Syntax for the command is similar to get, but with a small change. ftp> mget *, will download all the files from the server. ftp > mget *.txt will download all the text files. Likewise operations can be performed. 6. How will you add/save multiple files into the FTP server? To copy multiple files to the server mput can be used. mput *.txt, will copy all the text files from client to server. 7. How will one be able to logout of FTP? ‘quit’ can be issued to close the current session and quit ftp client. ‘bye’ can also be used to perform the same task. 8. What are the two commonly used modes of operation in FTP? FTP can be prompted to work with binary or ascii mode. To set ascii mode, one should type ascii from ftp prompt. It will be better to use this mode for text files. ‘binary’ has to be typed for setting binary mode. Zip files, images can be transferred through this mode. 9. How TCP plays a role in FTP actions? When user wants to transfer data, FTP will set up a TCP connection to the target system. Then the user ID and password will be asked for and if successful, the user can go ahead with desired action. Here a beauty to be noted is, FTP uses two connections. One for commands and other for sending and receiving data. FTP is indicated with a standard port number 21. It is meant for sending commands and it meant only for it. So it is called as command port. 10. What is active mode of operation? In an Active FTP connection, the client opens a port and listens and the server actively connects to it. If Active mode of connection is preferred then the administrator must set firewall to accept connections to the port that FTP client will open. Active FTP servers generally use port 20 as their data port.
Application Layer: An In-depth Analysis 7.31
11. How is passive mode different from active mode? In a Passive FTP connection, the server opens a port and listens (passively) and the client connects to it. It’s a good idea to use Passive mode to connect to an FTP server. Most FTP servers support the Passive mode. For Passive FTP connection to succeed, the FTP server administrator must set her firewall to accept all connections to any ports that the FTP server may open. 12. What is SMTP? Expand? SMTP protocol stands for Simple Mail Transfer Protocol. 13. How is MAIL command used in SMTP? MAIL – This command indicates identity of the sender. If the receiver accepts this sender, then a reply ‘OK’ is sent as reply/acknowledgement. 14. What are the services SMTP can do? Mail Transaction, Forwarding, Verifying and expanding, Sending and Mailing. 15. Expand SAML? SAML is Send and Mail command. 16. Why is MIME needed and is it? SMTP has a very big limitation, it supports only the ASCII format and it cannot support any other formats or languages. This is a flaw and it has been overcome with the help of MIME which is expanded as Multipurpose Internet Mail Extensions. 17. Is H.264 supported in MIME? Yes 18. What is POP? What is it meant for? POP stands for Post Office Protocol. It is an application layer internet standard protocol. Just like how SMTP is widely used on the server side to send e-mails, POP is usually used on the receiver side to retrieve emails. 19. What could be the possible states supported in POP3? Connection, Greeting, Authorization, Transaction, Update, Close. 20. Expand WWW. WWW-World Wide Web. 21. What is the need for a browser? With the help of a browser like Google chrome/Mozilla Firefox/Internet explorer, one can access the web pages. In other words, it is a collection of several files stacked together and can be accessed through a browser. 22. What are the components of WWW? A browser in client ,Server and URL (uniform resource locator). 23. What is an URL and what is it meant for? A URL (Uniform Resource Locator) is a specific type of URI (Universal Resource Identifier). A URL is used to locate an existing resource on the Internet. A URL is used when a client is raising a request to the server for the service.
7.32 Computer Networking
24. What are cookies? How are they useful? When a client sends a request to the server, the information on the client will be stored in a file in the server and the same will be sent to the client when the response is being sent and the cookies will be stored in the cookies directory of the browser. When a request is being sent to a server, the browser will search into the cookies directory to check if there is a cookie already present which is sent by that server. If present then it will also be included in the request which is about to be sent. So there will not be any need for the server to create new cookie file for the client. As it has already dealt with the client the processing goes easier and faster. This is the purpose of cookies. Cookies would be understood neither by the user nor by the browser. It will be used only by server. 25. What is HTTP? HTTP stands for Hypertext Transfer Protocol. It is the network protocol used to deliver virtually all files and other data on the World Wide Web, whatever is the type of file. 26. What is 400 client error message stand for? 400 Bad Request- The request cannot be fulfilled due to bad syntax. 27. What is DNS? Domain Naming System (DNS) is something that helps out the human in remembering lot of websites. It is a system to convert the names to IP addresses and vice versa. For eg: When a user types google.com it immediately maps it 209.85.175.99 which is the IP address of google. com server. 28. What is domain naming space? The tree of domain names together is called the Domain Name Space. 29. What does ‘.edu’ stand for? .edu - Educational websites, access could be restricted to that particular schools. 30. What does ‘.org’ stand for? .org – Non beneficial organization websites and openly accessible to everyone. 31. What is SNMP? SNMP is Simple Network Management Protocol defined by IETF (Internet Engineering Task Force). It is used to manage devices on IP networks. 32. What are the components of SNMP? SNMP is composed of three components – Agents, Managed devices and Network management systems (NMS). 33. Explain the functions of each components in SNMP? A managed device is the network node that contains an SNMP agent and that resides on a managed network. Managed devices store and collect management information and make this information available to NMSs using SNMP. An agent is a network-management software module that resides in a managed device and it will have the local knowledge of management information and translates that available information into a form compatible with SNMP. An NMS executes applications that control and monitor managed devices.
Application Layer: An In-depth Analysis 7.33
34. What are the commands supported by SNMP? The following are the commands supported by SNMP1. GetRequest alias Get, 2. GetNextRequest alias GetNext, 3. GetResponse alias Response, 4. SetRequest alias Set, 5. and Trap. 35. What is TELNET? Telnet allows the user remotely access a computer over the Internet. It again follows client server architecture.
Chapter
8 Network Security
Learning Objectives Focus is over Network security in this chapter. Threats to data communication such as active or passive attacks are discussed. Security Concepts like Encryption/decryption, Authentication techniques etc
are discussed.
Security protocols is discussed which include TLS/SSL, PGP. Ethical hacking, cyber crimes and Firewalls that explain more about IP packet filtering, circuit level gateway
etc are discussed. Quiz questions are given at end of chapter for which readers are expected to answer.
8.1
THREATS TO DATA COMMUNICATION
Today, in almost all the places we visit, be it temples, restaurants, pubs, theatres, we have the access to Internet through the access points installed there. It is undoubtedly a convenient and easy way of accessing Internet compared to the wired networks that need a modem, cables, repeaters/ bridges etc,. With the growing usage of Wireless technology, the threats it faces are also on the rise. Compared with wired networks, which are less prone to attacks, wireless networks are more prone to many kinds of attacks, since the medium used for communication is air! This culprit (the air) allows unauthorized people to gain access to the authorized people’ conversations thereby authorized parties losing the privacy. Generally the attacks are classified into two types. Active and passive attacks, as the names suggest, passive attacks are less harmful. Active attacks involve altering the message being communicated, thereby questioning the integrity and privacy! Hence, confidentiality, integrity, privacy are the major areas of security. Authentication and authorization
8.2 Computer Networking
have become the need of the hour. The following section discusses the active and passive attacks in detail.
8.1.1 Active attacks As previously mentioned, active attacks are performed to modify the content of the message. Since the content is altered, these kinds of attacks can be easily identified. Following are the types of active attacks.
1. Masquerading asquerading party, an unauthorized entity poses as an authorized entity to perform some illegal M activities. Mostly, this attack is followed by replay attacks. For example, the attacker ‘A’ could send a file or message to an authorized party ‘P1’ as if he is an authorized party ‘P2’. P1 will not be able to detect that he received message from an attacker.
2. Replay Attacks These attacks are usually combined with masquerade attacks. Once the attacker assumes the role of an authorized entity, he will gain access to the conversations happening between authorized entities. For example, consider two authorized parties, namely, A and B are talking to each other in a wireless environment. Both of them are sharing some confidential matters during the conversation. They will also share some information to prove their identity to each other. Intruder, I, will sneak the identity information shared by A, for instance. At a later point in time, I will use A’s identity to talk to B as if I is A. B will not know about this scenario. This kind of attacks will be risky while dealing with online banking, e-commerce kind of things.
3. Modification of Messages The reader would be familiar with the routing techniques by now. The sole purpose of the routers is to redirect the packets to the intended destination. The destination is usually identified from the header of packets. The routers generally do not check the source of the message, (i.e.) source IP address is not checked. The intruders can play smart using the just mentioned nature of routers. The attacker can modify the header of a IP packet by replacing the original destination’s IP address with the attacker’s IP address. Thereafter, the router will automatically redirect the packets to the attacker.
4. Denial of Service Denying the service to the authorized entities due to the ill-behaved activity of the attackers. The attackers will flood the network with unwanted messages or sometimes with repeated ping requests to the server thereby increasing the network traffic. In effect, the server will become too busy to look into the requests of authorized entities. This is known as Denial Of Service attack!
Application Layer: An In-depth Analysis 8.3
5. Man-in-the Middle Attack This type of attack is very severe in nature. The attacker can intercept every message sent across the network. The attacker will be able to victimize both the parties involved in communication. For example, consider the scenario in Fig. 8.1.
Fig. 8.1 MITM attack – Scenario 1
In the above scenario, Ahimsa and Babuji are the actual authorized entities. TERROR is the intruder who is going to intercept messages sent between Ahimsa and Babuji. When Ahimsa requests Babuji’s public key, the message is intercepted by TERROR, who in turn intercepts Babuji’s public key (25486). TERROR starts playing then. He saves Babuji’s public key in his database and forward his own public key (25456) to Ahimsa. Ahimsa, the victim, starts encrypting all her messages by TERROR’s key. Refer to the Fig. 8.2. Let's not be friendsmodied msg, encrypted using 25456
Let's be friends- the msg encrypted using key 25456
Baby feels bad I don't want to talk to you anymore
What happened suddenly??
Ahimsa feels bad Ahimsa
Get lost!
gud bye :(
Terror
Get lost !
Babu loses patience Bye
Misunderstanding between the two!!
Fig. 8.2 MITM attack–scenario 2
Babuji
8.4 Computer Networking
Now, the TERROR’s job becomes simpler. He easily decrypts the message with his private key and reads the entire private message sent by Ahimsa to Babuji. He then composes message in his own style and encrypts the message using Babuji’s public key and forwards the same. Babuji will be shocked to see the messages received since they are of offending nature. Babuji is also victimized now. The same scenario occurs with every message being shared among them leading to a misunderstanding between the two!
8.1.2 Passive Attacks Passive attacks are less harmful than active attacks. These types of attacks won’t harm the integrity of the message. It simply plays with the privacy/confidentiality of the message. The following attacks are passive natured ones.
1. Eaves Dropping and Traffic Analysis This kind of attacks involves in monitoring the traffic pattern to discover some information related to the location of a communicating party, size of the message, and frequency of the message in order to identify the nature of communication. This technique is also termed as network sniffing in the networking terminology. This unauthorized real-time sniffing could also be done in telephonic conversations, video conferencing applications. In order for the sniffer to listen to the telephonic conversations, he has to gain access to the switches installed in telephone companies.
2. Release of Message Content The communication among the authorized parties is also visible to some unauthorized third person. In this case, the confidentiality is lost. This will not pose any threat to integrity of the message; simply the privacy is lost. In simple words, this attack could be explained as ‘interception’ attack. Non repudiation is another threat, when the sender of the message denies that he/she never sent that message before. Apart from these threats, there are a lot more threats to the wireless communication including password hacking, email hacking, phishing attacks etc. What is the remedy to the above threats? Following section deals with the remedial measures to be taken to thwart the aforementioned attacks.
8.2
SECURITY CONCEPTS
8.2.1 Encryption/Decryption The primary technique to prevent eavesdroppers from reading the messages as in MITM attack, eavesdropping attack, replay attack, is to encrypt the messages in such a way that, even if the attacker is able to intercept the message, he will not be able to understand the message content. The message will be encrypted at the sender’s end and decrypted at the receiver end. Only the intended recipient will be able to correctly decrypt the message. There are two types of encryption techniques available.
Application Layer: An In-depth Analysis 8.5
1. Symmetric encryption (conventional encryption) 2. Asymmetric encryption (public key encryption) If encryption and decryption both are performed on the same key, then the encryption technique is called symmetric encryption. For example, consider the following scenario in Figure.
There, the sender encrypts the message in such a format that, every character in the encrypted message is the 7th character to the right of plain text character, alphabetically! (Plain text is the original message before encryption. After encryption, it becomes cipher text) the sender sends the cipher text to the receiver side. If some hacker/ intruder gains access to the communication and taps the message, he will be looking into some meaningless text “op ovd hyl fvb”. He will not be able to recognize what the text actually means. In the receiver side, the above operation is performed in the reverse. The receiver decrypts the message by replacing the encrypted message with the 7th characters to the left alphabetically. Refer to the Fig. 8.3.
Fig. 8.3 Symmetric Encryption
In order to perform encryption and decryption successfully, the sender and the receiver must come to an understanding before choosing the key. Since only one key is involved in encryption and decryption, the technique is named as ‘Symmetric Key cryptography’. The advantage of symmetric key encryption is, messages encrypted using one key cannot be decrypted using some other key. Hence, as long as the key is kept secret, this technique proves efficient. But if the key is revealed, then, if affects both confidentiality and authentication. As it is evident from the above scheme that, if the intruder is somewhat clever, he will be able to easily deduce the key used. So, some more kind of protection was needed. Asymmetric key encryption was proved to be better than this. In asymmetric key encryption, two different keys will be used for encryption and decryption. The pair of keys is called public key and private key. As their names suggest, public key is known to almost all in the wireless environment. Private key is kept secret by the owners. Encryption is done by the public key of the intended recipient. (Anybody can do encryption since public key is publicly available). Decryption can only be done by the private key of the intended recipient.
8.6 Computer Networking
Only the intended person will own the key. Hence, there is no worry about interception or modification. Compared to symmetric key cryptosystem, public key cryptosystems involve more calculations, (from sharing the public keys to decrypting) due to which they can’t be used over large amounts of data. RSA algorithm is the well known, widely used public key cryptography. It is described here for your reference. RSA Algorithm (for generating private and public keys) 1. 2. 3. 4. 5. 6. 7.
Select random prime numbers p and q, and check that p! = q Compute modulus n = pq Compute phi(n)= (p – 1)(q – 1) Select public exponent e, 1 < e