02 PO - BT1005 - C01 - 0 TCPIP Basis PDF

DL_BT03_E1 TCPIP Basis
Course Objectives:
Understand
the
reference
models
of
TCP\IP and OSI networks

Comprehend the functions and principles
of layers of TCP\IP protocol suite
Master the packet encapsulation and
decapsulation procedures
Grasp IP address types and application
Understand subnet address division
Contents
Chapter 1 .........................................................................1
Network Model and TCP/IP Protocol Family ..................1
Introduction to TCP/IP Protocol Suite ................................. 1
History of OSI Network Model .................................................. 1
Origin of TCP/IP Protocol Family ............................................... 2
Comparison between TCP/IP and OSI Reference Model ............... 3
Packet Encapsulation and Decapsulation ............................. 3

OSI Data Encapsulation Process ............................................... 3
TCP/IP Data Encapsulation Process ........................................... 5
TCP/IP Protocol Family ..................................................... 6

Application Layer Protocols ............................................... 7
Transport Layer Protocols ................................................. 8
Transport Layer Functions ....................................................... 8
Port Numbers ........................................................................ 9
TCP Transport Control Protocol............................................... 10
User Datagram Protocol UDP ................................................. 16
Network Layer Protocol ................................................... 16

IP Packet Format .................................................................. 17
Protocol Type Field ............................................................... 19
ICMP................................................................................... 20
ARP Working Mechanism ....................................................... 20
RARP Working Mechanism ..................................................... 21
Chapter 2 .......................................................................23
Common Network Devices ............................................23
HUB ............................................................................. 23
Switch .......................................................................... 24
Router .......................................................................... 25
Routing Switch .............................................................. 26
Comparison between Common Devices ............................. 27
Chapter 3 .......................................................................29
IP Address Planning ......................................................29

Introduction to IP Addresses ........................................... 29
Types of IP Addresses .......................................................... 29
Reserved IP Address ............................................................ 31
Calculation of Usable Host Addresses ..................................... 32
Addresses with Subnet Division ....................................... 33

Subnet Mask ....................................................................... 34
Examples of Address Calculation ............................................ 35
Variable Length Subnet Mask (VLSM) ............................... 36
Chapter
Network Model and

TCP/IP Protocol Family
Knowledge point
Understand TCP/IP and OSI network models
Understand
processes
packet
encapsulation
and
decapsulation
Master the functions and principles of layers of the TCP/IP

protocol suite
Introduction to TCP/IP
Protocol Suite
History of OSI Network Model
ISO/IEC
(International
Organization
for
Standardization/International Electrotechnical Commission) is a
voluntary, non-profit and special organization devoted to
international standardization. The OSI model is protocol
international standardization used on various network layers on
the basis of the ISO recommendations. The model is called ISO
OSI open system interconnection reference model, OSI model
for short. The OSI model contains 7 layers. The layers are
classified virtually to realize one determined function for each
layer. The stipulation of the function of each layer is helpful to
clarify the international standard of network protocols. And clear
distinction of the layers is helpful to avoid confusion of functions
of the layers.
With the classification of layers, the information switching issue
of the open system can be resolved through the hierarchic
architecture to the layer of hardware and software modules for
Confidential and Proprietary Information of ZTE CORPORATION
easy control; each layer can be modified and added with new
functions independently according to its requirement; it is
helpful to perform interconnection between devices from
different manufacturers. And it is helpful for us to study and
understand data communication networks.
Different layer in the OSI reference model provide different
functions. And different layers collaborate to communicate with
each other through standard interfaces.
The application layer provides the network with application
program communication interfaces; the presentation layer
processes data formats and data encryption; the session layer
establishes, maintains and manages sessions; the transport
layer establishes host end-to-end interconnection; the network
layer is responsible for addressing and routing; the data link
layer provides media access and link management; the physical
layer provides bit-stream transport.
The application layer, the presentation layer and the session
layer together are called the upper layer or application layer.
Their functions are usually performed through application
program software; the physical layer, data link layer, network
layer and transport layer together are called data stream layer.
Their functions are mostly performed through cooperation of
hardware and software.
Origin of TCP/IP Protocol Family

TCP/IP can be traced back to a research project of WAN (Wide
Area Network) concerning packet switching (Packet-Switched
Wide-Area Network) by the Advanced Research Projects Agency
(APRA) under the United States Department of Defense (DOD)
in 1969, so the primary network was called ARPANET.
In 1973, TCP (Transport Control Protocol) was officially put into
use; in 1981, IP (Internet Protocol) was put into use; in 1983,
TCP/IP protocols were officially integrated into the UNIX version
of University of California, Berkeley. The operation system of the
Network version met the ardent requirements at that time by
universities,
institutions
and
enterprises
for
network
interconnection. As a result of wide use of the operation system,
which was free of charge then, TCP/IP protocols started to
prevail.
Supported by multiple manufacturers, the TCP/IP technology
soon resulted in many distributed networks. Internet is making
all these individual TCP/IP networks interconnected. The TCP/IP
protocol-based Internet has become a super-large computer
network with the largest scale. It also holds the greatest number
of users and the most abundant resources throughout the world.
The TCP/IP protocols have become an industrial standard as a
matter of fact. The IP networks are becoming the main stream
of computer networks at present and even in the future.
Chapter 1 Network Model and TCP/IP Protocol Family
Comparison between TCP/IP and

OSI Reference Model
Like the OSI reference model, TCP (Transfer Control Protocol)/IP
(Internet Protocol) are also developed with different layers; each
layer provides a different function of communication. But there
are fewer layers in the system of the TCP/IP protocolsfour
layers from the original seven layers, which are: Application
layer, transport layer, Internet layer and data link layer
respectively from the top down; the presentation layer and
session layer in the OSI model are not available here. Clear
correspondence between the TCP/IP protocol suite and the OSI
model can be seen from the following diagram. The TCP/IP
protocol suite cover all the layers of the OSI model, and the
application layer of TCP/IP protocol suite includes all the upper
protocols of the OSI model.
FIGURE 1
COMPARISON BETWEEN TCP/IP AND OSI REFERENCE M ODEL
Packet Encapsulation and

Decapsulation
OSI Data Encapsulation Process
Upon receiving data from the upper layer, each layer in the OSI
model will add the control information of this layer into the
header of the data unit. And some layers attach information,
such as checksum, to the trailer of the data unit. This process is

called encapsulation.
The data unit after encapsulation has a different name in
different layers. The protocol data units on the application,
presentation layer and session layer are all called data; on the
transport layer, the protocol data unit is called segment; on
the network layer, it is called packet; on the data link layer, it
is called frame; on the physical layer it is called bits, as
shown below.
FIGURE 2
OSI D ATA ENCAPSULATION
Application layer
Application layer
Presentation layer
Presentation layer
Session layer
Session layer
Transport layer
Transport layer
Network layer
Network layer
Data link layer
Data link layer
Physical layer
Physical layer
When data reaches the receiving end, each layer reads

related control information and, according to the content of
information, transfers a data unit to the upper layer. Then
header and trailer information (if available) of this layer
removed. This process is called Decapsulation.
the
the
the
are
This process is implemented layer by layer till the peer end

sends data as required. The required data on the peer
application layer is sent to the related application process of the
local end.
Processes of data encapsulation and decapsulation are described
below with an example of browsing a website by a user.
FIGURE 3
D ATA ENCAPSULATION
WWW information
With information of a website inputted by a user, the related

data will be generated by the application layer; the data is
converted through the presentation to an ASCII code that can be
identified by computer; and then the data is transferred to the
transport layer after the related host process is generated by the
session layer. The transport layer treats the above-mentioned
information as the data added with the related port number for
the host to identify the packet. And it assigns the task of the
local computer is to process the information; on the network
layer, the IP address is added, so that the packet is able to
reach the destination host; on the data link layer, the MAC
address is added to convert the packet to bit format, which can
be transported on networks. The packet is received by each
host, which checks the destination MAC address of the packet to
judge whether it is the destination host of the packet; if the MAC
address is found to be inconsistent with its own, it will discard
the packet. If consistent, it will send the packet, with the MAC
information removed, to the network layer to judge the IP
address; finally, the system assigns the related process to
handle the packet, through the destination port number of the
packet,. This is the process of packet decapsulation.
TCP/IP Data Encapsulation Process

Like the data encapsulation of the OSI reference model, the
encapsulation and decapsulation of TCP/IP packets during their
transfer takes place between layers.
On the transmitting side, operations of encapsulation are
performed layer by layer. Each application program sends data
to the transport layer. The transport layer (TCP/UDP) divides the
data into segments of a certain size, and transmits the data to
the network layer with the header of this layer attached. The
packet header of the transport layer contains the port number of
the upper protocol or application program in the packet. For

example, the port number of Telnet is 23. The transport layer
protocol uses a port number to invoke and identify various
application programs of the application layer.
The network layer processes the segment from the transport
layer in certain steps (distinguishes the transport layer protocol,
looks for the address of the next hop, resolves the physical
address of the data link layer, etc.) Then the data is attached
with the packet header of this layer, and converted it to a
packet. The network layer transmits this packet to the data link
layer (Ethernet, frame trunk, PPP, HDLC and so on);
The frame header of this packet layer varies with data link layer
protocols. The data link layer adds header to packet according to
its protocol and then transmits the packets in the form of bits.
On the receiving end, the decapsulation operations are also
performed layer by layer. From the physical layer to the data
link layer, the packet header of each layer is removed layer by
layer. And the data is transferred to the application program for
implementation.
FIGURE 4
TCP/IP D ATA ENCAPSULATION
Application Subscriber data

layer
TCP layer
IP layer
TCP segment
IP packet
Frame of
Network
access layer actual physical
network
Subscriber data Application

layer
TCP segment
IP packet
TCP layer
IP layer
Network
Frame of
access
layer
actual physical
network
TCP/IP Protocol Family

The TCP/IP protocol suite is composed of different protocols of
different network layers.
FIGURE 5
TCP/IP PROTOCOL F AMILY
Network access layer
The network interface layer involves primitive bits that are

transmitted on communication channels. It provides mechanical,
electrical and functional means and processes required for data
transmission. It provides a correct channel for transmitting data
by implementing error detection, error correction and
synchronization. It is also responsible for flow control. The
network layer checks network topology to determine the optimal
route for message transmission, and transfers data. The key
factor is to determine the best route for transmitting data
packets from the source end to the destination end. The main
protocols on the network layer are: IP, ICMP (Internet Control
Message Protocol), IGMP (Internet Group Management Protocol),
ARP (Address Resolution Protocol) and RARP (Reverse Address
Resolution Protocol).
The basic function of the transport layer is to implement
end-to-end communication for the application program between
two hosts. The transport layer receives data from the application
layer, and then divides it into smaller units if necessary. Before
sending it to the network layer, the system ensures that the
data is sent to correct segments of the peer. The main protocols
on the transport layer are: TCP and UDP (User Datagram
Protocol).
The application layer is responsible for processing details of a
specified application program. The application layer displays
received information, transmits user data to the lower layer and
provides network interfaces for application software. The
application layer contains quite a few common application
protocols, such as HTTP (HyperText Transfer Protocol), Telnet
(Remote login), FTP (File Transfer Protocol) and so on.
Application Layer Protocols

On the application layer, there are multiple network application
programs developed for user network requirement, such as file
transfer, network management, and even routing. Here are
some common application layer protocols.
FTP (File Transfer Protocol) is an Internet standard for file

transfer. FTP supports file architectures of some text files (such
as ASCII, binary system) and byte-stream-oriented files. FTP
uses TCP of the transport layer to transfer files between terminal
systems that support FTP. FTP provides reliable connection
services, so it is suitable for file transfer on long-distance lines of
low reliability.
TFTP (Trivial File Transfer Protocol) is also used for file transfer.
Because it uses UDP to provide services, it is considered as
unreliable and connectionless. TFTP is usually used for
transferring files within a reliable LAN.
SMTP (Simple Mail Transfer Protocol) supports text mail transfer
through Internet.
Telnet is a standard terminal emulation protocol used by the
client for establishing connection with the remote server.
SNMP (Simple Network Management Protocol) is responsible for
monitoring and maintaining network devices, supports security
management and performance management.
The Ping command is an effective tool that judges whether
network devices are correctly connected.
Similar to the Ping command, the Tracert command is also a
good diagnosis command as it displays the information of each
device the packet passes through.
The DNS (Domain Name System) converts names (for easy
memory) of the network nodes to network addresses.
Transport Layer Protocols

Transport Layer Functions
The transport layer is located between the application layer and
the network layer. It provides end-to-end connection to terminal
hosts, implements flow control (realized by the window
mechanism) and reliability (realized by sequence numbers and
acknowledgment technology), and supports full duplex
transmission. Protocols on the transport layer are: TCP and UDP.
TCP and UDP use the same network layer protocol IP, but they
provide completely different services to the application layer.
Transport Control Protocol TCP: It provides the application
program with reliable connection-oriented communication
services. It is applicable to an application program that requires
response. Currently, many popular application programs use
TCP.
User Datagram Protocol UDP: It provides connectionless
communication, and does not provide assurance for the
reliability of data packets transported. It is applicable to

transporting of small-volume data at one time, while the
reliability is ensured by the application layer.
TCP ensures the reliability of end-to-end data communication in
the following procedure:
1. The TCP entity generates segments by means of dividing an
application program into suitable data blocks with TCP
header.
2. The TCP entity starts the timer immediately after issuing
segments. It will transmit the segments issue again if the
source equipment does not receive an acknowledging
message from the destination equipment after the timer is
cleared.
3. Upon receiving the data, the remote TCP entity returns an
acknowledgement.
4. TCP contains a field of end-to-end checksum, which tests any
change during the data transmission. If the calculation of the
data checksum received by the destination equipment is
incorrect, TCP will discard the segments, and the source
equipment will re-transmit the segments after the timer is
cleared.
5. Since IP provides connectionless and unreliable service, the
TCP data carried in IP packets may be out of sequence. TCP
data can be rearranged. With this function, the destination
equipment rearranges the received data and sends it to the
application program.
6. TCP provides flow control. There is a buffer window on each
end of TCP connection. The destination equipment only
receives the data from the source equipment with its
permission. In this way, it can prevent overflow of the buffer.
7. TCP supports full duplex data transmission.
Port Numbers
TCP and UDP use port numbers of 16bits to express and identify
different application programs in the network. The network layer
protocol IP uses designated protocol numbers (TCP 6 and UDP
17) to express and identify the transport layer protocols.
Each port number between 1 and 1023 represents a type of
service provided by TCP/IP. These port numbers are assigned
and managed by the IANA (Internet Assigned Numbers
Authority). Port numbers smaller than 255 are reserved for
public use; port numbers from 255 to 1023 are assigned to
companies for special use; any port number bigger than 1023 is
called a temporary port number, but not stipulated by the IANA
yet.
Common TCP port numbers are: HTTP 80, FTP 20/21, Telnet 23,
SMTP 25 and DNS 53; common reserved UDP port numbers are:
DNS 53, BootP 67 (server) / 68 (client), TFTP 69 and SNMP 161.
TCP Transport Control Protocol

TCP Packet Format
TCP provides terminal equipment with connection-oriented and
reliable network services. And UDP provides terminal equipment
with connectionless and unreliable packet services. From the
diagram below, to ensure reliability of data transmission, the
TCP packet header offers more options of fields in comparison
with UDP packet header.
FIGURE 6
TCP P ACKET FORMAT
Main fields of a TCP packet header:

Each TCP packet header contains source port numbers (source
port) and destination port numbers (destination port), which are
used to identify and distinguish application processes of the
source equipment and destination equipment. In the TCP/IP
protocol suite, source port numbers and destination port
numbers form a socket together with the source IP address and
destination IP address respectively, which determines a unique
TCP connection.
The sequence number field is used to identify byte streams
transmitted from the TCP source equipment to the destination
equipment. It indicates the first data byte in the packet
segment. If a byte stream is seen as a unidirectional flow
between two application programs, TCP will count each byte by
means of a sequence number. A sequence number is a digit of
32 bits.
10
Because each byte transmitted is counted, an acknowledgement

number (32 bits) contains the next sequence number which the
receiving end expects to receive. The acknowledgement number
must be the data byte sequence number plus 1 compared with
the number successfully received last time.
TCP flow control is performed by each end connected through
the prompt windows size. Window size is expressed in a data
packet. For example, when Windows size=3, it indicates three
packets can be transmitted once. The window size is specified by
the value in acknowledgement field. The window size is an
adjustable field of 16 bits.
The checksum field is used to check the accuracy of the TCP
packet header and the data part.
TCP Port Number

FIGURE 7
TCP P ORT NUMBER
Source port
Destination
port
Dest. port=23.
Send data
packets to my
TELNET port
Host A connects host Z in TELNET mode, where the destination

port number is 23 and the source port number is 1028. There is
no special requirement on the source port number. You only
need to ensure the port number is unique on the local computer.
Generally, you can assign vacant port numbers with value bigger
than 1023. A source port number is also called a temporary port
number. It is because this number functions in a very short
period of time.
11
FIGURE 8
USE OF PORT NUMBER IN MULTIPLE CONNECTIONS
Source port
Destination
port
Here is an example of multiple application processes on one host

simultaneously accessing one service. Host A provides two
connections simultaneously in offers Telnet service to access
host Z. Host A use different source port numbers to distinguish
different application processes on the local computer.
An IP address and a port number are used to determine the
unique data communication.
Overview on TCP Serial Number and

Acknowledged Number
FIGURE 9
TC P S E Q U E N C E N U M B E R S AN D AC K N O W L E D G E M E N T N U M B E R S
Source
port
Destination
port
Serial
No. #
Confirmed
serial No. #
Function of a sequence number:

that the receiver can assemble
before transmitting it to the
eliminates repeated packets on
congestion.
12
It identifies data sequence, so

the data in correct sequence
application program. It also
the network during network
Function of an acknowledgement number: The receiver informs

the sender of the segment received successfully. It also informs
the sender the next byte required by the receiver.
: Attention:
An acknowledgement number is the sequence number of the
next data segment required by the receiver. When a data
segment fails to be transmitted, the system will perform
separate acknowledgement and retransmission.
TCP Three-Way Handshake/Connection

Established
FIGURE 10
TCP THREE-WAY HANDSHAKE/ CONNECTION ESTABLISHED
TCP is a connection-oriented protocol of the transport layer. It

means
connection
must
be
completed
before
data
communication.
The TCP connection process
handshake, which is as follows:
The requesting end

segment, indicating
wants to connect.
sequence number
segment 1.
is
usually
called
three-way
(usually called the client) sends a SYN

the port of a server which the client
And the segment also carries initial
(ISN). This SYN segment is packet
The server returns a SYN segment (segment 2) containing

the initial sequence number of the server. It sets the
acknowledgement number as the clients ISN plus 1 for
acknowledging the clients SYN segment at the same time.
One SYN will occupy a sequence number.
The customer shall set the acknowledgement number as the
servers ISN plus 1 to acknowledge the servers SYN
segment (segment 3).
These three segments are used to establish the connection.

The end sending the fist SYN segment performs the functions of
active open, while the other end, which receives this SYN
13
segment, responses with the next SYN segment to perform the

functions of passive open.
When sending its SYN for establishing connection, one end
selects an initial sequence number (ISN). ISN changes as time
elapses, so each connection will have a different ISN. In RFC
793 [Postel 1981c], an ISN can be seen as a 32-bit counter,
with 1 increased in value every 4 ms. The aim of selecting a
sequence number in this way is to prevent any packet delayed in
the network from retransmission. In this way, misinterpretation
can be avoided between the connected parties.
How to select a sequence number? In 4.4 BSD (and most
Berkeley versions), the sequence number sent is initialized as 1.
This variable increases 64000 every 0.5 second, and returns to 0
every 9.5 hours.
In addition, this variable
connection is established.
increases
64000
every
time
TCP Four-Way Handshake/Connection

Terminated
FIGURE 11
TCP FOUR -W AY H ANDSHAKE/CONNECTION TERMIN ATE D
Host A
Application
program closed
Host B
ACK of FIN
Application
program closed
One TCP connection is duplex (that is, data can be transmitted

in two directions simultaneously), so it must be closed in each
direction individually. Upon accomplishing transmission of data,
one end sends a FIN to terminate the connection in this
direction. Once receiving a FIN, one end must notify the
application layer that the other end has terminated transmission
of data in that direction. So, it takes four processes for TCP to
terminate a connection. This is called Four-Way Handshake.
14
Basic ConceptWindow Control

FIGURE 12
TCP WINDOW CONTROL
The window is actually a mechanism of flow control.

When the size of the window is 1, after a data segment is
transmitted, the system waits for an acknowledgement before
transmitting the next data segment. The advantage is that the
correct sequence of data segments received is guaranteed at the
receiving end. And the disadvantage is that the transmission
speed and efficiency are low.
By using a window greater than 1, several packets can be
transmitted simultaneously. When an acknowledgement is
returned, a new data segment can be transmitted. This mode
assures higher transmission efficiency. A well configured sliding
window protocol can keep high efficient packet transmission in
the network. And a relatively throughput can be attained.
The advantage is high transmission speed and high operation
efficiency; the disadvantage is that it may result in incorrect
sequence of data segments at the receiving end. Because
different paths are used during data transmission for TCP/IP, the
sequence of data segments may not be in correct order.
15
User Datagram Protocol UDP

FIGURE 13
UDP P ACKET F ORM AT
In comparison with TCP packet, UDP packet has fewer fields:

Source port number, destination port number, length and
checksum, each filed provides the same functions as the
corresponding filed of TCP packet.
UDP packet does not have reliability assurance, sequence
assurance fields or flow control field, so it is low in reliability. Of
course, you can notice the advantages by using the application
program of the transport layer UDP service. Because of the
fewer control options of the UDP protocol, there is little delay
during data communication, and the high efficiency of data
communication is assured. It is applicable to application
programs that do not have high requirements for reliability, or
applicable to application programs with reliability assurance,
such as DNS, TFTP, SNMP and so on; UDP protocol is also
applicable to networks with reliable transmission links.
Network Layer Protocol

The network layer is located between the data link layer and the
transport layer in TCP/IP suite. The network layer receives
packet from the transport layer. Then, it divides the data into
segments of appropriate size, and encapsulates them with an IP
header before sending them to the data link layer. To ensure
successful transfer of packets, the network layer defines the
following protocols:
IP (Internet Protocol): IP collaborates with the route protocol to
find the optimal route for transferring packets to the destination.
Because the IP does not care about the content of packets, it
provides connectionless and unreliable services.
ARP (Address Resolution Protocol): It resolves a given IP
address to an MAC address.
16
RARP (Reverse Address Resolution Protocol): It resolves an IP

address when the address of the data link layer is provided.
ICMP (Internet Control Message Protocol) defines functions of
network layer control and message transferring.
IP Packet Format
FIGURE 14
IP P ACKET FORMAT
A common IP header is 20-byte long, excluding the IP option

field.
An IP packet contains the following parts:
Version field: It indicates the version number of the IP protocol.
The current protocol version number is 4. The subsequent
version number of the IP protocol is 6.
Header length: it refers to the bytes number of the 32 bit in an
IP header, including other options. Since it is a 4-bit field, the
longest header is 60 bytes. The value of a common IP packet
(without any option) field is 5, that is, 20 bytes in length.
Type of service (TOS) field: It contains a 3-bit priority sub-field.
A 4-bit TOS sub-field and a 1-bit sub-field are unused (they
must be set as 0). The 4-bit TOS represents: minimal time
delay, maximal throughput, highest reliability and minimal
expense respectively. Only one of the 4 bits can be set. If all the
4 bits are 0, it indicates a common service. Currently, TOS is not
supported by most TCP/IP applications, but it is set in the new
versions later than 4.3 BSD Reno. In addition, new route
protocols, such as OSPF and IS-IS, can determine routes
according to the values of these fields.
Total length field: It refers to the length of the whole IP packet,
taking the byte as a unit. With the header length field and total
length field, we can know the initiating location and length of the
data content in the IP packet. Since the field is 16-bit long, the
IP packet can be 65535 bytes at the maximum. Though an IP
17
packet of 65535 bytes can be transmitted, most link layers will

divide it into segments. The total length field is an indispensable
part of the IP header. Because some data links (such an
Ethernet) need add some data to reach the minimal length as
required. The minimal frame of the Ethernet is 46 bytes, but the
IP data may be shorter. With the total length field, the IP layer
will obtain the content of the IP packet among the 46 bytes
data.
Identification field: It identifies the unique packet that the host
transmits. Usually, whenever a packet is transmitted, its value
will increase by 1. The physical network layer usually limits the
maximal length of the data frame every time it is sent. IP makes
a comparison between lengths of the MTU and the packet, and
divides it into segments if necessary. IP packet can be divided
either on the originating host, or on the intermediate router. A
divided IP packet will be reassembled when it reaches the
destination. Reassembly is accomplished on the IP layer at the
destination end, so that the dividing and reassembling processes
are transparent to the transport layer (TCP and UDP). And the
whole packet is to be re-transmitted even if only a bit of datum
is lost.
A packet fragment may be divided again (possibly for many
packet fragmentations). The data contained in the IP header
provides sufficient information for packet fragmentation and
reassembling.
For every IP packet transmitted from the sending end, its
identification field contains a unique value. The value is copied
into every segment during packet fragmentation. The
identification field uses one of the bits to express more
segments; except in the last segment. In each of above
segment, this bit must be set to 1.
Fragment offset field: It refers to the position the segment is in
when it starts to take its offset from the original packet. When a
packet is fragmented, the length value of each segment must be
changed to that of the fragmented segment. One bit in the
identification field is called no fragment bit. If this bit is set as
1, the IP will not perform packet fragmentation. During the
network data transmission, if the MTU of the link layer is less
than the packet length, the packet will be discarded and an ICMP
error packet will be transmitted.
TTL (time-to-live): This field specifies the maximal number of
routers a packet can pass through. It specifies the valid duration
(time-to-live) of a packet. The initial value of the TTL (usually 32
or 64) is set by the source host. Once the packet passes through
a router that processes it, the value will be deducted by 1. When
the value of the field is 0, the packet will be discarded, and an
ICMP packet will be transmitted to notify the source host.
Protocol field: This is a field by which we can identify the
protocol transmitting data to the IP.
Header checksum field: This is a checksum code calculated
according to the IP header. It does not calculate any data
18
following the header. ICMP, IGMP, UDP and TCP all contain a
checksum code in their headers specifying the header and data.
Each IP packet contains 32-bit source IP address and destination
IP address.
The last field is the options, namely, optional information of
variable length in the packet. These options are defined as
follows:
Security and processing restriction (It is usually used in

military field. Refer to RFC 1108 [Kent 1991] for details.)
Recording paths (the IP address of each router is recorded);
Time stamp (The IP address and routing time of each router
is recorded);
Loose routing of source sites (providing a series of IP
addresses a packet pass through);
Strict routing of source sites (similar to loose routing of
source sites, but it requires that a packet can pass through
these addresses only. That is, the routing is fixed).
These options are seldom used, which are not supported by all
hosts and routers. The option field always takes 32 bits as the
boundary. Filling bytes with value of 0 can be inserted if
necessary. In this way, the IP header is always an integer
multiple of 32 bits.
Lastly, data of the upper layer, such as data segments of TCP or
UDP.
Protocol Type Field

FIGURE 15
PROTOCOL TYPE FIELD
Transport layer
Protocol number
Network end
TCP, UDP, ICMP, IGMP and some other protocols all use the IP to
transmit data. A flag must be added into the IP header
generated to identify the type of the data. For this purpose, an
8-bit long value is stored in the IP header. This value is called
Protocol domain.
19
Where, 1 represents ICMP, 2 represents IGMP, 6 represents TCP

and 17 represents UDP.
ICMP
ICMP is a protocol that integrates error report and control. It can
be used on all TCP/IP hosts. ICMP messages are encapsulated in
an IP packet. ICMP is often considered as a component of the IP
layer. ICMP transfers error packets and other important
information. ICMP packets are usually used by protocols of the
IP layer or upper layers (TCP or UDP). Some ICMP packets are
used to return error packet to the user process.
The common ping command uses the ICMP. The word ping is
originated from locating operations by sonar. The objective is to
test whether another host is reachable. This program sends a
request packet for ICMP response to the host, and waits for the
response from the ICMP. Generally, if we cannot Ping a host, we
cannot use Telnet or FTP to connect the host either. On the
contrary, if we cannot use Telnet to connect a host, we can
usually use the Ping program to locate the problem. The Ping
program can also test how long it takes to reach and return from
the host. In this way, we can figure out how far the host is
away from us.
However, with stronger consciousness of Internet security, more
and more routers and firewalls provide access control. The
above assertion may not function sometimes. We cannot only
confirm a reachable host with its reachable IP layer. We must
also take protocol and port number used into consideration.
ARP Working Mechanism

FIGURE 16
AR P W O R K I N G M E C H A N I S M
I need the
physical address
of a host whose
IP address is
176.16.3.2.
I hear the broadcast

packet. The message
is for me. Here is my
physical address.
The data link layer protocols, such as Ethernet or token ring

network, have their own addressing mechanism (usually a 48-bit
20
address). This is a rule any network layer that uses data links
must obey. When a host transmits an Ethernet data frame to
another host on the same LAN, it determines the destination
interface according to the 48-bit Ethernet address. The
equipment driver never checks the destination IP address in an
IP packet.
The ARP must provide correspondence between an IP address
and an MAC address.
ARP process: The ARP sends an Ethernet data frame (called ARP
request) to each host on the Ethernet. This process is called
broadcast. The ARP request data frame contains the IP address
of the destination host, which means If you are the owner of
this IP address, please reply your hardware address.
All the hosts in the same LAN must receive and process the ARP
broadcast. After receiving the broadcast packets, the ARP layer
of the destination host will judge, according to the destination IP
address, that the originating end is querying its MAC address.
So, it sends a unicast ARP response, which contains the IP
address and the corresponding hardware address. Upon
receiving this ARP response, the originating end can obtain the
MAC address of the receiving end.
The key to the highly efficient ARP operation is that each host
provides an ARP cache. This cache stores the recent mapping
record between the IP address and the hardware address. When
a host wants to query the correspondence between the IP
address and the MAC address, it must look for it in the local ARP
cache table. It will resort to ARP broadcast only when it cannot
be found.
: Knowledge point
ARP request is in broadcast mode while ARP response is in
unicast mode.
RARP Working Mechanism

FIGURE 17
R AR P W O R K I N G M E C H A N I S M
What is my
IP address?
I hear the
broadcast packet.
Your IP address
is 172.16.3.25
21
For a system with the local disk, the IP address is usually read
from the configuration file on the local disk. However, we need
to use other methods to get the IP address of a diskless
workstation or a host configured with dynamical IP address.
RARP process: The host reads a unique hardware address from
the interface card. Then it sends an RARP request (data
broadcast on the network), asking a certain host (such as the
DHCP server or BOOTP server) to assign an IP address the host
system in response.
Upon receiving the RARP request, the DHCP server or BOOTP
server assigns configuration information (IP address and so on)
to it and returns an RARP response to the source host.
22
Chapter
Common Network
Devices
Knowledge point
Understand the functions and working principles of common

network devices in an IP network
HUB
FIGURE 18
HUB
Located on the physical layer, a HUB provides following

functions: signal regeneration and amplification, and noise
elimination. A network that connected by a HUB is a star
topology in physical, but it is a bus topology in logical. All
workstations connected by a HUB share the same transmission
media, so all the devices are located in the same broadcast
domain, and share the same bandwidth.
: Attention:
For a 10M HUB, 10M is the physical bandwidth. The effective
bandwidth shared by all the hosts connected to this HUB is less
than 10M due to protocol overhead incurred by collision and
other events in the Ethernet.
Ethernet uses a CSMA/CD (Carrier Sense Multiple Access with
Collision Detection) mechanism. When more terminals are
connected in the network, there will be more collisions. If too
many hosts are connect in a collision domain, large number of
23
collisions will occur. More occupied bandwidth causes lower

network performance, or even network breakdown.
: Knowledge point
Collision is not a fault in an Ethernet. The collision mechanism
can be seen as a flow control mode used for the Ethernet.
However, if there are abnormal collisions in the Ethernet, faults
will occur to the network.
Switch
A HUB only provides signal regeneration and amplification. Using
Hubs in the network, all the devices share a transport medium,
and perform data exchange in CSMA/CD mode. All workstations
in the HUB network are configured in the same collision domain
and the same broadcast domain.
The layer-2 switch is a data link layer device.. It performs
switching by reading the MAC address information in a packet. It
isolates the collision domain and works on the data link layer.
So, each port of the switch is an individual collision domain.
There is an address table in the switch. The address table shows
the mapping between the MAC address and the switch port.
When receiving a packet from a port, the switch first reads the
source MAC address in the packet header. Then it can obtain the
port connected to the machine with this source MAC. With the
destination MAC address in the packet header, the switch
searches the related port from the address table. If a port
corresponding to the destination MAC address is available in the
table, it copies the packet directly onto the port. If no
corresponding port is found in the table, it will broadcast the
packet to all ports. When the switch receives the response of the
destination machine, it can obtain the port corresponding to the
destination MAC address. In this way, the switch will not have to
broadcast to all the ports in transmitting data the next time.
Above section describes how layer-2 switch establishes and
maintains its own address table. Layer-2 switch usually
possesses a broad switching bus bandwidth to exchange data
with multiple ports simultaneously. Suppose the layer-2 switch
provides N ports, and each has a bandwidth of M. If its switching
bus bandwidth is greater than NM. the switch can enable
wire-speed switching. Layer-2 switch imposes no limit to
broadcast packets, and it copies broadcast packets to all the
ports.
Layer-2 switch can transfer packets in relatively high rate due to
an ASIC (Application Specific Integrated Circuit) chip especially
for packets transfer.
24
Chapter 2 Common Network Devices
Router
A router operates on the third layer of OSI model, namely, the
network layer.
The routing table inside a router directs packet routing. When
the router receives a packet from a certain port, it removes the
link layer packet header (Packet disassembly). Then, it queries
the routing table with the destination IP address carried in the
packet. If the address of the next intermediate destination is
determined, the packet header of the link layer will be added
(Packet assembly) before the packet is transferred. If not, the
router will send a response message to the source address, and
discard this packet.
FIGURE 19
ROUTER OPERATING PROCESS
Route Table
Networks Interfaces
Route Table
Networks Interfaces
The routing technology looks somewhat similar to layer-2

switch, but there is a difference: Switching takes place on the
second layer of OSI model (the data link layer), whereas routing
takes place on the third layer. Therefore, different control
information shall be used for routing and switching during data
transfer. Their own functions are provided in different modes.
The routing technology actually involves two basic activities:
determining the optimal path and transferring packets. Packet
transfer is simple and direct, while packet routing is relatively
complex. The routing algorithm writes various kinds of
information into the routing table. The router will choose the
optimal path for packet transmission according to the
destination. The router sends the packet to the next router
through the optimal path that can reach the destination. Upon
receiving the packet, the next router will, according to the
destination address, transfer the packet to the subsequent
router through an appropriate path. In this way, the packet can
be sent to the destination through various intermediate routers.
Router can communicate with each other, can maintain and
update their own routing table through exchanging different
types of messages. Route update message is composed of
25
partial or all routing table information. By way of analyzing route

update messages from other routers, a router can obtain the
topology of the entire network. Link state broadcast is another
kind of common message that is transferred between routers.
This message is used to timely inform other routers of the
senders link state.
Routing Switch
Routing switch is also called the layer-3 switch. It is a layer-2
switch providing the layer-3 routing functions. However, it is
organic combination of the two, instead of simply overlaying the
hardware and software of the router equipment onto the LAN
switch.
In terms of the hardware, the interface modules of the layer-2
switch exchange data by way of the high-rate backplane/bus (as
high as scores of Gbit/s). In the layer-3 switch, the layer-3 route
hardware modules related with the router are also inserted on
the high-rate backplane/bus. This mode allows high-speed data
exchange between the route modules and other modules, hence
eliminating the transmission rate limit of the traditional external
router interfaces.
In terms of software, the layer-3 switch also regulates the
traditional router software in the following procedure. For packet
transfer: for example, IP/IPX packet is transferred in high speed
through hardware configuration. The layer-3 routing software
can be used for: route information update, routing table
maintenance, route calculation, and route determination. For
example, they can be enabled through optimized and high
efficient software.
Suppose two machines (using IP) communicate with each other
through the layer-3 switch. Machine A acquires the destination
IP address when starting transmission. However, it does not
obtain the MAC address, which is required for transmitting on a
LAN. Then it uses address resolution protocol (ARP) to obtain the
destination MAC address. Machine A makes a comparison
between its own IP address and the destination IP address. It
checks whether the destination machine is located in the same
subnet with the network address converted from its subnet
mask. If the destination machine B and machine A are located in
the same subnet, machine A broadcasts an ARP request to
machine B. Then machine B returns its MAC address. Upon
getting the MAC address of B, machine A caches the address,
and uses the MAC address to perform data encapsulation. The
layer-2 switching module queries the MAC address table and
determines to transfer the packet to the destination port.
If the two machines are not in the same subnet, machine A
needs to communicate with the destination machine C. A must
send an ARP packet to the Default gateway, whose IP address
is already configured in the system software. This IP address
26
Chapter 2 Common Network Devices
actually corresponds to the layer-3 witching module of the

lsyer-3 switch. Therefore, when machine A broadcasts an ARP
request to the IP address of the Default gateway, if the layer-3
switching module has acquired the MAC address of the
destination machine C, it will reply the MAC address of machine
C to machine A. Otherwise, the layer-3 switching module will
broadcast an ARP request to destination machine C according to
the route information. When getting the ARP request, the
destination machine C returns its MAC address to the layer-3
switching module. The layer-3 switching module stores the
address and replies it to machine A. For subsequent packet
exchange between A and C, the MAC address of destination
machine C will be used for data encapsulation. The layer-2
switch is responsible for data forwarding, thus ensuring
high-speed exchange of information. This is the so-called
Routing for once and switching for multi-times.
The layer-3 switching presents the following features:
Organic hardware combination allows higher speed of data
switching.
Optimized routing software enables higher efficiency of routing
process.
Most of the data transfer process is processed by the layer-2
switch unless otherwise specified by compulsory route process;
In case of interconnection of multiple subnets, only logical
interconnections are made with the layer-3 switching module,
instead of adding ports for external routes in the traditional way.
This helps to protect user investment.
Comparison between
Common Devices
Normally, the layer-2 switch is used in a small-size LAN, with 20
to 30 machines. In such network environment, broadcast packet
is not a very big issue. The layer-2 switch features quick
switching functions, multiple access ports and low price. This can
be a complete solution for small-scale network users. In this
type of the network environment, it is unnecessary to adopt the
routing function, which involves higher deployment difficulty and
higher cost in management. The layer-3 switch is not required
either.
The layer-3 switch is designed for the IP with simple type
interfaces. It provides powerful layer-2 processing capability, so
it is applicable to a large-size LAN. To reduce the risk of a
broadcast storm, a large-size LAN must be divided into several
small-size LANs, namely, small network segments. This will
arouse communication between these different network
segments, which the layer-2 switch alone is unable to support. If
27
only routers are used in the network, the network scale and
access rate are limited, due to the limited number of router
ports and low rate of routing. In this case, the layer-3 switch is
the most appropriate solution because it integrates the layer-2
switching and routing technology.
Routers provide multiple types of ports to support multiple
layer-3 protocols with its powerful routing capability. They are
applicable to interconnection between large-scale networks.
Many layer-3 switches or even layer-2 switches provide ports for
interconnection between heterogeneous networks. However,
large-scale
networks
usually
do
not
provide
many
interconnection ports. Instead of quick switching between ports,
the main function of the router is to select the optimal path. The
routes are also able: to share the load, to perform link backup
and, the most important, to conduct information exchange with
other networks.
For large-scale network construction, it is impossible to use the
layer-2 switch. However, we are required to use the layer-3
switch based on specific conditions. The main factors here
include: network traffic amount, requirement on response rate,
and investment budget. The most important objective of the
layer-3 switch is to accelerate data exchange within a large-size
LAN. Its routing function integrated is also to serve this
objective, which is not as powerful as that of a professional
router of the same class. In case of large network flow, if the
layer-3 switch serves both for intra-network switching and
inter-network routing, its load will be inevitably heavy. Its
response rate is surely affected. In this case, to guarantee high
response rate of the layer-3 switch, we can employ routers to
share the routing processing of the layer-3 switch. It will be
satisfactory collaboration for the layer-3 switch to act for
intra-network switching, while the routers do the routing works,
so as to bring the superiority of different devices to full play. Of
course, if the budget is limited, it will also be a good choice with
the layer-3 switch also serving for interconnection between
networks.
28
Chapter
IP Address Planning
Knowledge point
Understand IP address types and application
Understand classification of subnets
Introduction to IP Addresses
The specifications of the Internet Protocol (IP) were set up by
RFC791 in 1982. Some contents of the specifications stipulate
the structure of IP addresses. The structure provides each host
and router interface with 32-bit binary logical addresses,
including the network part and the host part.
For easy writing and remembering, one IP address is usually
expressed by 4 decimal digits within 0~255, with a period
separating each adjacent two digits. Each of these decimal digits
represents 8 bits of the 32-bit address, namely the so-called
octet. This is called dotted decimal notation.
FIGURE 20
I P AD D R E S S E S
Types of IP Addresses
The address types are classified according to network scale,
shown as following allows:
Class A: super-large networks
29
Class B: medium-size networks of limited number

Class C: small-size network of large number
Special class: Class D (for multi-point transmission) and Class E,
usually for test and research purpose
FIGURE 21
I P AD D R E S S T Y P E S
Types of IP addresses can be determined by way of checking the

first octet in the address (the most important). The highest bit
value determines the type of address. The bit format also
defines the decimal value range of the octet related with each
address type.
Class A:
For class A addresses, 8 bits are assigned to the network
address and the other 24 bits are assigned to the host address.
If the most significant bit of the first octet is 0, the address is a
class A address.
This corresponds to the possible octet of 0~127. Among these
addresses, 0 and 127 are reserved, so the actual value range is
1~126. Among type A addresses, only 126 networks can be
used. Since only 8 bits are reserved for the network address, so
the first bit must be 0. However, the digits for a host can be of
24 bits, so, each network can supports up to 16,777,214 hosts.
Class B:
Of class B addresses, 16 bits are assigned to the network
address and the other 16 bits are assigned to the host address.
A type B address can be identified by means of the first two bits
(set to 10) of the first octet. This corresponds to values of
128~191. Since the first two bits have been pre-defined,
actually 14 bits are reserved for the network address. Therefore,
the possible combination generates 16,384 networks, whereas
each network supports 65,534 hosts.
Class C:
30
Chapter 3 IP Address Planning
Of class C addresses, 24 bits are assigned to the network

address and the other 8 bits are reserved for the host address.
In class C addressthe first three bits of the first octet is 110.
This corresponds to decimal digits of 192~223. Among class C
addresses, only the last octet is used for the host addresses.
This imposes a limit that each network can have 254 hosts at
the maximum. Now that there are 21 bits that can be used as a
network number (3 bits have been preset as 110), there can be
2,097,152 possible networks.
Class D:
A class D address starts from 1110. This means that the octet is
within 224~239. These addresses are not used as standard IP
addresses. On the contrary, class D addresses refer to a group
of hosts, which are registered as multi-point transmission group
members. The assignment list of multi-point transmission group
is similar to that of emails. You can use names in an assignment
list to send a message to a user group. You are also able to send
data to some hosts by way of multi-point transmission
addresses. Multi-point transmission needs be configured with
special routes. It will not be transferred by default.
Class E:
If the first four bits of the first octet are set as 1111, the address
is a class E address. These addresses are within the range of
240~254; addresses of this type are not used as the common IP
addresses. Addresses of this type are sometimes used in
laboratories or for research.
We focus on types A, B and C in our discussion, for they are
used for conventional IP addressing.
Reserved IP Address
An IP address is used to identify a unique network device.
However, not all IP addresses can be used. Some special IP
addresses are used for various purposes, instead of identifying
network devices.
An IP addresses with 0 exclusively for the whole host bits is
called network address. A network address is used for identifying
a network segment. For example, class A address 1.0.0.0,
private addresses 10.0.0.0, and 192.168.1.0 are network
addresses.
An IP addresses with 1 exclusively for the whole host bits is
called network segment broadcast address. A network segment
broadcast address is used to identify all the hosts of a network,
for example, 10.255.255.255, 192.168.1.255, and so on. A
router can transfer broadcast packets on network segments as
10.0.0.0 or 192.168.1.0. A broadcast address is used for
transmitting packets to all nodes of the local network segment.
31
An IP addresses with 127 for the network part, such as

127.0.0.1, is usually for loop test.
An IP addresses with the value 0 configured for all bits, such
as 0.0.0.0, represents all the hosts. On a router, address 0.0.0.0
is used for designating the default route.
An IP addresses with the value 1 configured for al bits, such as
255.255.255.255, is also a broadcast address. The address
255.255.255.255 represents all the hosts, which is used for
transmitting packets to all nodes of the network. Broadcast like
this cannot be transferred by a router.
Calculation of Usable Host

Addresses
As mentioned above, there may be some IP addresses in each
network segment that cannot be used as IP addresses for hosts.
Now, lets calculate the available IP addresses.
FIGURE 22
C AL C U L A T I O N O F N U M B E R O F AV AI L AB L E H O S T AD D R E S S E S
In class B network segment 172.16.0.0, there are 16 host bits,

so there can be 216 IP addresses accordingly. With one network
address 172.16.0.0 and one broadcast address 172.16.255.255
deducted (they cannot identify a host), there will be 216-2
addresses available for hosts. In type C network segment
1192.168.1.0, there are 8 host bits, so there can be 28(256) IP
addresses; with one network address 192.168.1.0 and one
broadcast address 192.168.1.255 deducted, there will be 254
addresses available for hosts. We can calculate the addresses
available for hosts in each network segment with following
method: If there are n bits for hosts in the network segment,
the number of addresses available for hosts will be: 2n-2.
32
A network layer device (such as a router) uses a network

address to represent the hosts in the network segment, thus
greatly reducing entries of the routing table of the router.
Addresses with Subnet

Division
Any IP address organization without subnet will be considered as
a single network. It is not necessary to know its internal
architecture. For instance, all routes to address 172.16 .X.X are
considered as in the same direction, so the third and fourth
octets of the address will not be taken into consideration. A plan
like this can have fewer entries in the routing table.
FIGURE 23
AD D R E S S I N G W I TH O U T S U B N E T
However, this plan is unable to distinguish different subnet

segments in a large network. In this case, all the hosts in the
network receives broadcast in the large network. Therefore, it
will reduce the network performance, and hinder the network
management.
For example, a class B network can accommodate 65000 hosts,
but it is too difficult to manage so many hosts simultaneously.
So we need to divide such a network into different segments. In
this way, we can manage the subnet according to network
segments. Usually, host bits can be divided into subnet bits and
host bits.
33
FIGURE 24
AD D R E S S I N G W I TH S U B N E T S
In this example, the subnet bits occupy the 8 bits of the third
segment. Compared with the previous example, the original
class B network is divided into 256 subnets, and the number of
hosts each subnet can accommodate is reduced to 254.
When different subnets are divided, different logical networks
are created accordingly. The routers are responsible for
communication between these different networks. That is, an
original large broadcast domain is divided into multiple smaller
broadcast domains.
A network device uses a subnet mask to identify network bits,
subnet bits and host bits. The network device can distinguish the
destination address of an IP packet, according to the IP address
and subnet mask configured. The network device can distinguish
whether the destination address of an IP packet and its address
are located in the same subnet, or in the network of same type
but in different subnets, or in networks of different types.
Subnet Mask
An IP address without the related subnet mask is of no
significance.
A subnet mask defines how many bits from the 32 bits of an IP
address are used as the network bits, or as bits for the network
and its related subnet bits.
34
FIGURE 25
SUBNET M ASK
Network bits
Host bits
Network bits
Host bits
IP address
Default mask
8-bit subnet
mask
It can also be "/16", where 16 is the digits for the mask

Network bits
Subnet bits Host bits
It can also be "/24", where 24 is the bits for the mask
The binary bits in the subnet mask can be used as a filter, which
calculates the network address by identifying the part of the IP
address of the network address. The process of this task is
called Bitwise AND.
Bitwise AND is a logical operation, which performs calculation
of each bit of the address and the corresponding mask bit.
To divide a subnet is actually to borrow the host bits in the
original address to be used as the subnet bits. It is currently
stipulated that bits shall be borrowed from the left to the right in
succession, that is, the 1 and 0 in the subnet mask shall be
consecutive.
Examples of Address Calculation

FIGURE 26
EX AM PL ES OF AD D RE SS C ALC UL ATI ON
Above are examples of address calculation:
35
For given IP address and subnet mask, the address calculation

involves: the address, the broadcast address and the available
IP address range of the subnet where the IP address is located.
Convert the IP address to one presented in the binary

system.
Also convert the subnet mask to one presented in the binary
system.
Draw a vertical line between 1 and 0 of the subnet mask.
Bits on the left side of the line are for the network (including
subnet), and bits on the right are for the host.
Set all the host bits as 0. The network bits are the network
address of the subnet.
Set all the host bits as 1. The network bits are the broadcast
address of the subnet.
The available IP addresses range from the network address
to the broadcast address of the subnet.
Complete the above three network addresses.
Finally, convert them to the decimal numbers.
Variable Length Subnet

Mask (VLSM)
When defining the subnet mask, suppose that the mask will be
used in a unified way throughout the network. This setting
causes waste of many host addresses.
FIGURE 27
EX AMPLE OF V ARI ABLE LENGTH SUBNET MASK
For instance, a subnet connects 2 routers by way of serial

interfaces. On the subnet, there are only 2 hosts, each
connecting a port. We have assigned the whole address of the
subnet to the two interfaces, thus many IP addresses will be
wasted.
36
If we use one of the subnets, we can divide it

subnets. In this way, we can effectively establish
subnets and reserve other subnets. Then we
addresses to the maximal extent. The concept of
subnets of subnets is the foundation of VLSM.
into level-2
subnets of
will use IP
establishing
To use the VLSM, we usually define a basic subnet mask, which

will be used for dividing the level-1 subnet. With this subnet
mask, a level-2 mask will be used for dividing one or more
level-1 subnets.
The VLSM can be identified by a new route protocol only, such
as BGP, OSPF or RIPv2.
: Attention:
VLSM is supported by static routing.
37

02 PO - BT1005 - C01 - 0 TCPIP Basis PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

02 PO - BT1005 - C01 - 0 TCPIP Basis PDF

Uploaded by

Copyright:

Available Formats

DL_BT03_E1 TCPIP Basis

TCP\IP and OSI networks

Packet Encapsulation and Decapsulation ............................. 3

TCP/IP Protocol Family ..................................................... 6

Network Layer Protocol ................................................... 16

IP Address Planning ......................................................29

Addresses with Subnet Division ....................................... 33

Variable Length Subnet Mask (VLSM) ............................... 36

Network Model and

Understand TCP/IP and OSI network models

Master the functions and principles of layers of the TCP/IP

Confidential and Proprietary Information of ZTE CORPORATION

DL_BT03_E1 TCPIP Basis

Origin of TCP/IP Protocol Family

Confidential and Proprietary Information of ZTE CORPORATION

Chapter 1 Network Model and TCP/IP Protocol Family

Comparison between TCP/IP and

COMPARISON BETWEEN TCP/IP AND OSI REFERENCE M ODEL

Packet Encapsulation and

Confidential and Proprietary Information of ZTE CORPORATION

DL_BT03_E1 TCPIP Basis

such as checksum, to the trailer of the data unit. This process is

OSI D ATA ENCAPSULATION

Data link layer

Data link layer

When data reaches the receiving end, each layer reads

This process is implemented layer by layer till the peer end

Confidential and Proprietary Information of ZTE CORPORATION

Chapter 1 Network Model and TCP/IP Protocol Family

With information of a website inputted by a user, the related

TCP/IP Data Encapsulation Process

Confidential and Proprietary Information of ZTE CORPORATION

DL_BT03_E1 TCPIP Basis

the upper protocol or application program in the packet. For

TCP/IP D ATA ENCAPSULATION

Application Subscriber data

Subscriber data Application

TCP/IP Protocol Family

Confidential and Proprietary Information of ZTE CORPORATION

Chapter 1 Network Model and TCP/IP Protocol Family

TCP/IP PROTOCOL F AMILY

Network access layer

The network interface layer involves primitive bits that are

Application Layer Protocols

Confidential and Proprietary Information of ZTE CORPORATION

DL_BT03_E1 TCPIP Basis

FTP (File Transfer Protocol) is an Internet standard for file

Transport Layer Protocols

Confidential and Proprietary Information of ZTE CORPORATION

Chapter 1 Network Model and TCP/IP Protocol Family

reliability of data packets transported. It is applicable to

Confidential and Proprietary Information of ZTE CORPORATION

DL_BT03_E1 TCPIP Basis

TCP Transport Control Protocol

TCP P ACKET FORMAT

Main fields of a TCP packet header:

Confidential and Proprietary Information of ZTE CORPORATION

Chapter 1 Network Model and TCP/IP Protocol Family

Because each byte transmitted is counted, an acknowledgement

TCP Port Number

TCP P ORT NUMBER

Host A connects host Z in TELNET mode, where the destination