Professional Documents
Culture Documents
Course Objectives:
Understand
the
reference
models
of
Contents
Chapter 1 .........................................................................1
Network Model and TCP/IP Protocol Family ..................1
Introduction to TCP/IP Protocol Suite ................................. 1
History of OSI Network Model .................................................. 1
Origin of TCP/IP Protocol Family ............................................... 2
Comparison between TCP/IP and OSI Reference Model ............... 3
Chapter 2 .......................................................................23
Common Network Devices ............................................23
HUB ............................................................................. 23
Switch .......................................................................... 24
Router .......................................................................... 25
Routing Switch .............................................................. 26
Comparison between Common Devices ............................. 27
Chapter 3 .......................................................................29
Chapter
Understand
processes
packet
encapsulation
and
decapsulation
Introduction to TCP/IP
Protocol Suite
History of OSI Network Model
ISO/IEC
(International
Organization
for
Standardization/International Electrotechnical Commission) is a
voluntary, non-profit and special organization devoted to
international standardization. The OSI model is protocol
international standardization used on various network layers on
the basis of the ISO recommendations. The model is called ISO
OSI open system interconnection reference model, OSI model
for short. The OSI model contains 7 layers. The layers are
classified virtually to realize one determined function for each
layer. The stipulation of the function of each layer is helpful to
clarify the international standard of network protocols. And clear
distinction of the layers is helpful to avoid confusion of functions
of the layers.
With the classification of layers, the information switching issue
of the open system can be resolved through the hierarchic
architecture to the layer of hardware and software modules for
easy control; each layer can be modified and added with new
functions independently according to its requirement; it is
helpful to perform interconnection between devices from
different manufacturers. And it is helpful for us to study and
understand data communication networks.
Different layer in the OSI reference model provide different
functions. And different layers collaborate to communicate with
each other through standard interfaces.
The application layer provides the network with application
program communication interfaces; the presentation layer
processes data formats and data encryption; the session layer
establishes, maintains and manages sessions; the transport
layer establishes host end-to-end interconnection; the network
layer is responsible for addressing and routing; the data link
layer provides media access and link management; the physical
layer provides bit-stream transport.
The application layer, the presentation layer and the session
layer together are called the upper layer or application layer.
Their functions are usually performed through application
program software; the physical layer, data link layer, network
layer and transport layer together are called data stream layer.
Their functions are mostly performed through cooperation of
hardware and software.
Application layer
Application layer
Presentation layer
Presentation layer
Session layer
Session layer
Transport layer
Transport layer
Network layer
Network layer
Physical layer
Physical layer
the
the
the
are
FIGURE 3
D ATA ENCAPSULATION
WWW information
TCP layer
IP layer
TCP segment
IP packet
Frame of
Network
access layer actual physical
network
TCP segment
IP packet
TCP layer
IP layer
Network
Frame of
access
layer
actual physical
network
FIGURE 5
Port Numbers
TCP and UDP use port numbers of 16bits to express and identify
different application programs in the network. The network layer
protocol IP uses designated protocol numbers (TCP 6 and UDP
17) to express and identify the transport layer protocols.
Each port number between 1 and 1023 represents a type of
service provided by TCP/IP. These port numbers are assigned
and managed by the IANA (Internet Assigned Numbers
Authority). Port numbers smaller than 255 are reserved for
public use; port numbers from 255 to 1023 are assigned to
companies for special use; any port number bigger than 1023 is
called a temporary port number, but not stipulated by the IANA
yet.
Common TCP port numbers are: HTTP 80, FTP 20/21, Telnet 23,
SMTP 25 and DNS 53; common reserved UDP port numbers are:
DNS 53, BootP 67 (server) / 68 (client), TFTP 69 and SNMP 161.
10
Source port
Destination
port
Dest. port=23.
Send data
packets to my
TELNET port
11
FIGURE 8
Source port
Destination
port
TC P S E Q U E N C E N U M B E R S AN D AC K N O W L E D G E M E N T N U M B E R S
Source
port
Destination
port
Serial
No. #
Confirmed
serial No. #
12
is
usually
called
three-way
13
increases
64000
every
time
Host A
Application
program closed
Host B
ACK of FIN
Application
program closed
14
15
16
IP Packet Format
FIGURE 14
IP P ACKET FORMAT
17
18
following the header. ICMP, IGMP, UDP and TCP all contain a
checksum code in their headers specifying the header and data.
Each IP packet contains 32-bit source IP address and destination
IP address.
The last field is the options, namely, optional information of
variable length in the packet. These options are defined as
follows:
These options are seldom used, which are not supported by all
hosts and routers. The option field always takes 32 bits as the
boundary. Filling bytes with value of 0 can be inserted if
necessary. In this way, the IP header is always an integer
multiple of 32 bits.
Lastly, data of the upper layer, such as data segments of TCP or
UDP.
Transport layer
Protocol number
Network end
TCP, UDP, ICMP, IGMP and some other protocols all use the IP to
transmit data. A flag must be added into the IP header
generated to identify the type of the data. For this purpose, an
8-bit long value is stored in the IP header. This value is called
Protocol domain.
19
ICMP
ICMP is a protocol that integrates error report and control. It can
be used on all TCP/IP hosts. ICMP messages are encapsulated in
an IP packet. ICMP is often considered as a component of the IP
layer. ICMP transfers error packets and other important
information. ICMP packets are usually used by protocols of the
IP layer or upper layers (TCP or UDP). Some ICMP packets are
used to return error packet to the user process.
The common ping command uses the ICMP. The word ping is
originated from locating operations by sonar. The objective is to
test whether another host is reachable. This program sends a
request packet for ICMP response to the host, and waits for the
response from the ICMP. Generally, if we cannot Ping a host, we
cannot use Telnet or FTP to connect the host either. On the
contrary, if we cannot use Telnet to connect a host, we can
usually use the Ping program to locate the problem. The Ping
program can also test how long it takes to reach and return from
the host. In this way, we can figure out how far the host is
away from us.
However, with stronger consciousness of Internet security, more
and more routers and firewalls provide access control. The
above assertion may not function sometimes. We cannot only
confirm a reachable host with its reachable IP layer. We must
also take protocol and port number used into consideration.
AR P W O R K I N G M E C H A N I S M
I need the
physical address
of a host whose
IP address is
176.16.3.2.
20
address). This is a rule any network layer that uses data links
must obey. When a host transmits an Ethernet data frame to
another host on the same LAN, it determines the destination
interface according to the 48-bit Ethernet address. The
equipment driver never checks the destination IP address in an
IP packet.
The ARP must provide correspondence between an IP address
and an MAC address.
ARP process: The ARP sends an Ethernet data frame (called ARP
request) to each host on the Ethernet. This process is called
broadcast. The ARP request data frame contains the IP address
of the destination host, which means If you are the owner of
this IP address, please reply your hardware address.
All the hosts in the same LAN must receive and process the ARP
broadcast. After receiving the broadcast packets, the ARP layer
of the destination host will judge, according to the destination IP
address, that the originating end is querying its MAC address.
So, it sends a unicast ARP response, which contains the IP
address and the corresponding hardware address. Upon
receiving this ARP response, the originating end can obtain the
MAC address of the receiving end.
The key to the highly efficient ARP operation is that each host
provides an ARP cache. This cache stores the recent mapping
record between the IP address and the hardware address. When
a host wants to query the correspondence between the IP
address and the MAC address, it must look for it in the local ARP
cache table. It will resort to ARP broadcast only when it cannot
be found.
: Knowledge point
ARP request is in broadcast mode while ARP response is in
unicast mode.
R AR P W O R K I N G M E C H A N I S M
What is my
IP address?
I hear the
broadcast packet.
Your IP address
is 172.16.3.25
21
For a system with the local disk, the IP address is usually read
from the configuration file on the local disk. However, we need
to use other methods to get the IP address of a diskless
workstation or a host configured with dynamical IP address.
RARP process: The host reads a unique hardware address from
the interface card. Then it sends an RARP request (data
broadcast on the network), asking a certain host (such as the
DHCP server or BOOTP server) to assign an IP address the host
system in response.
Upon receiving the RARP request, the DHCP server or BOOTP
server assigns configuration information (IP address and so on)
to it and returns an RARP response to the source host.
22
Chapter
Common Network
Devices
Knowledge point
HUB
FIGURE 18
HUB
23
Switch
A HUB only provides signal regeneration and amplification. Using
Hubs in the network, all the devices share a transport medium,
and perform data exchange in CSMA/CD mode. All workstations
in the HUB network are configured in the same collision domain
and the same broadcast domain.
The layer-2 switch is a data link layer device.. It performs
switching by reading the MAC address information in a packet. It
isolates the collision domain and works on the data link layer.
So, each port of the switch is an individual collision domain.
There is an address table in the switch. The address table shows
the mapping between the MAC address and the switch port.
When receiving a packet from a port, the switch first reads the
source MAC address in the packet header. Then it can obtain the
port connected to the machine with this source MAC. With the
destination MAC address in the packet header, the switch
searches the related port from the address table. If a port
corresponding to the destination MAC address is available in the
table, it copies the packet directly onto the port. If no
corresponding port is found in the table, it will broadcast the
packet to all ports. When the switch receives the response of the
destination machine, it can obtain the port corresponding to the
destination MAC address. In this way, the switch will not have to
broadcast to all the ports in transmitting data the next time.
Above section describes how layer-2 switch establishes and
maintains its own address table. Layer-2 switch usually
possesses a broad switching bus bandwidth to exchange data
with multiple ports simultaneously. Suppose the layer-2 switch
provides N ports, and each has a bandwidth of M. If its switching
bus bandwidth is greater than NM. the switch can enable
wire-speed switching. Layer-2 switch imposes no limit to
broadcast packets, and it copies broadcast packets to all the
ports.
Layer-2 switch can transfer packets in relatively high rate due to
an ASIC (Application Specific Integrated Circuit) chip especially
for packets transfer.
24
Router
A router operates on the third layer of OSI model, namely, the
network layer.
The routing table inside a router directs packet routing. When
the router receives a packet from a certain port, it removes the
link layer packet header (Packet disassembly). Then, it queries
the routing table with the destination IP address carried in the
packet. If the address of the next intermediate destination is
determined, the packet header of the link layer will be added
(Packet assembly) before the packet is transferred. If not, the
router will send a response message to the source address, and
discard this packet.
FIGURE 19
Route Table
Networks Interfaces
Route Table
Networks Interfaces
25
Routing Switch
Routing switch is also called the layer-3 switch. It is a layer-2
switch providing the layer-3 routing functions. However, it is
organic combination of the two, instead of simply overlaying the
hardware and software of the router equipment onto the LAN
switch.
In terms of the hardware, the interface modules of the layer-2
switch exchange data by way of the high-rate backplane/bus (as
high as scores of Gbit/s). In the layer-3 switch, the layer-3 route
hardware modules related with the router are also inserted on
the high-rate backplane/bus. This mode allows high-speed data
exchange between the route modules and other modules, hence
eliminating the transmission rate limit of the traditional external
router interfaces.
In terms of software, the layer-3 switch also regulates the
traditional router software in the following procedure. For packet
transfer: for example, IP/IPX packet is transferred in high speed
through hardware configuration. The layer-3 routing software
can be used for: route information update, routing table
maintenance, route calculation, and route determination. For
example, they can be enabled through optimized and high
efficient software.
Suppose two machines (using IP) communicate with each other
through the layer-3 switch. Machine A acquires the destination
IP address when starting transmission. However, it does not
obtain the MAC address, which is required for transmitting on a
LAN. Then it uses address resolution protocol (ARP) to obtain the
destination MAC address. Machine A makes a comparison
between its own IP address and the destination IP address. It
checks whether the destination machine is located in the same
subnet with the network address converted from its subnet
mask. If the destination machine B and machine A are located in
the same subnet, machine A broadcasts an ARP request to
machine B. Then machine B returns its MAC address. Upon
getting the MAC address of B, machine A caches the address,
and uses the MAC address to perform data encapsulation. The
layer-2 switching module queries the MAC address table and
determines to transfer the packet to the destination port.
If the two machines are not in the same subnet, machine A
needs to communicate with the destination machine C. A must
send an ARP packet to the Default gateway, whose IP address
is already configured in the system software. This IP address
26
Comparison between
Common Devices
Normally, the layer-2 switch is used in a small-size LAN, with 20
to 30 machines. In such network environment, broadcast packet
is not a very big issue. The layer-2 switch features quick
switching functions, multiple access ports and low price. This can
be a complete solution for small-scale network users. In this
type of the network environment, it is unnecessary to adopt the
routing function, which involves higher deployment difficulty and
higher cost in management. The layer-3 switch is not required
either.
The layer-3 switch is designed for the IP with simple type
interfaces. It provides powerful layer-2 processing capability, so
it is applicable to a large-size LAN. To reduce the risk of a
broadcast storm, a large-size LAN must be divided into several
small-size LANs, namely, small network segments. This will
arouse communication between these different network
segments, which the layer-2 switch alone is unable to support. If
27
only routers are used in the network, the network scale and
access rate are limited, due to the limited number of router
ports and low rate of routing. In this case, the layer-3 switch is
the most appropriate solution because it integrates the layer-2
switching and routing technology.
Routers provide multiple types of ports to support multiple
layer-3 protocols with its powerful routing capability. They are
applicable to interconnection between large-scale networks.
Many layer-3 switches or even layer-2 switches provide ports for
interconnection between heterogeneous networks. However,
large-scale
networks
usually
do
not
provide
many
interconnection ports. Instead of quick switching between ports,
the main function of the router is to select the optimal path. The
routes are also able: to share the load, to perform link backup
and, the most important, to conduct information exchange with
other networks.
For large-scale network construction, it is impossible to use the
layer-2 switch. However, we are required to use the layer-3
switch based on specific conditions. The main factors here
include: network traffic amount, requirement on response rate,
and investment budget. The most important objective of the
layer-3 switch is to accelerate data exchange within a large-size
LAN. Its routing function integrated is also to serve this
objective, which is not as powerful as that of a professional
router of the same class. In case of large network flow, if the
layer-3 switch serves both for intra-network switching and
inter-network routing, its load will be inevitably heavy. Its
response rate is surely affected. In this case, to guarantee high
response rate of the layer-3 switch, we can employ routers to
share the routing processing of the layer-3 switch. It will be
satisfactory collaboration for the layer-3 switch to act for
intra-network switching, while the routers do the routing works,
so as to bring the superiority of different devices to full play. Of
course, if the budget is limited, it will also be a good choice with
the layer-3 switch also serving for interconnection between
networks.
28
Chapter
IP Address Planning
Knowledge point
Introduction to IP Addresses
The specifications of the Internet Protocol (IP) were set up by
RFC791 in 1982. Some contents of the specifications stipulate
the structure of IP addresses. The structure provides each host
and router interface with 32-bit binary logical addresses,
including the network part and the host part.
For easy writing and remembering, one IP address is usually
expressed by 4 decimal digits within 0~255, with a period
separating each adjacent two digits. Each of these decimal digits
represents 8 bits of the 32-bit address, namely the so-called
octet. This is called dotted decimal notation.
FIGURE 20
I P AD D R E S S E S
Types of IP Addresses
The address types are classified according to network scale,
shown as following allows:
Class A: super-large networks
29
I P AD D R E S S T Y P E S
30
Reserved IP Address
An IP address is used to identify a unique network device.
However, not all IP addresses can be used. Some special IP
addresses are used for various purposes, instead of identifying
network devices.
An IP addresses with 0 exclusively for the whole host bits is
called network address. A network address is used for identifying
a network segment. For example, class A address 1.0.0.0,
private addresses 10.0.0.0, and 192.168.1.0 are network
addresses.
An IP addresses with 1 exclusively for the whole host bits is
called network segment broadcast address. A network segment
broadcast address is used to identify all the hosts of a network,
for example, 10.255.255.255, 192.168.1.255, and so on. A
router can transfer broadcast packets on network segments as
10.0.0.0 or 192.168.1.0. A broadcast address is used for
transmitting packets to all nodes of the local network segment.
31
C AL C U L A T I O N O F N U M B E R O F AV AI L AB L E H O S T AD D R E S S E S
32
AD D R E S S I N G W I TH O U T S U B N E T
33
FIGURE 24
AD D R E S S I N G W I TH S U B N E T S
In this example, the subnet bits occupy the 8 bits of the third
segment. Compared with the previous example, the original
class B network is divided into 256 subnets, and the number of
hosts each subnet can accommodate is reduced to 254.
When different subnets are divided, different logical networks
are created accordingly. The routers are responsible for
communication between these different networks. That is, an
original large broadcast domain is divided into multiple smaller
broadcast domains.
A network device uses a subnet mask to identify network bits,
subnet bits and host bits. The network device can distinguish the
destination address of an IP packet, according to the IP address
and subnet mask configured. The network device can distinguish
whether the destination address of an IP packet and its address
are located in the same subnet, or in the network of same type
but in different subnets, or in networks of different types.
Subnet Mask
An IP address without the related subnet mask is of no
significance.
A subnet mask defines how many bits from the 32 bits of an IP
address are used as the network bits, or as bits for the network
and its related subnet bits.
34
FIGURE 25
SUBNET M ASK
Network bits
Host bits
Network bits
Host bits
IP address
Default mask
8-bit subnet
mask
The binary bits in the subnet mask can be used as a filter, which
calculates the network address by identifying the part of the IP
address of the network address. The process of this task is
called Bitwise AND.
Bitwise AND is a logical operation, which performs calculation
of each bit of the address and the corresponding mask bit.
To divide a subnet is actually to borrow the host bits in the
original address to be used as the subnet bits. It is currently
stipulated that bits shall be borrowed from the left to the right in
succession, that is, the 1 and 0 in the subnet mask shall be
consecutive.
EX AM PL ES OF AD D RE SS C ALC UL ATI ON
35
36
into level-2
subnets of
will use IP
establishing
37