Professional Documents
Culture Documents
Module CCNA 1 v3.1 Final
Module CCNA 1 v3.1 Final
NETWORKING BASIC
V3.1
dedicated to :
Table of Content
20
51
87
103
125
148
166
182
218
243
...
Overview
To understand the role that computers play in a networking system, consider the Internet.
Internet connections are essential for businesses and education. Careful planning is required to build
a network that will connect to the Internet. Even for an individual personal computer (PC) to connect to
the Internet, some planning and decisions are required. Computer resources must be considered for
Internet connection. This includes the type of device that connects the PC to the Internet, such as a
network interface card (NIC) or modem. Protocols, or rules, must be configured before a computer can
connect to the Internet. Proper selection of a Web browser is also important.
1.1 Connecting to the Internet
1.1.1 Requirements for Internet connection
The Internet is the largest data network on earth. The Internet consists of many large and small
networks that are interconnected. Individual computers are the sources and destinations of information
through the Internet. Connection to the Internet can be broken down into the physical connection, the
logical connection, and applications.
A physical connection is made by connecting an adapter card, such as a modem or a NIC, from
a PC to a network. The physical connection is used to transfer signals between PCs within the localarea network (LAN) and to remote devices on the Internet.
The logical connection uses standards called protocols. A protocol is a formal description of a
set of rules and conventions that govern how devices on a network communicate. Connections to the
Internet may use multiple protocols. The Transmission Control Protocol/Internet Protocol (TCP/IP)
suite is the primary set of protocols used on the Internet. The TCP/IP suite works together to transmit
and receive data, or information.
The last part of the connection is the applications, or software programs, that interpret and
display data in an understandable form. Applications work with protocols to send and receive data
across the Internet. A Web browser displays HTML as a Web page. Examples of Web browsers
include Internet Explorer and Netscape. File Transfer Protocol (FTP) is used to download files and
programs from the Internet. Web browsers also use proprietary plug-in applications to display special
data types such as movies or flash animations.
This is an introductory view of the Internet, and it may seem to be a simplistic process. As the
topic is explored in greater depth, students will learn that data transmission across the Internet is a
complicated task.
1.1.2. PC basic
Computers are important building blocks in a network. Therefore, students must be able to
identify the major components of a PC. Many networking devices are special purpose computers, with
many of the same components as general purpose PCs.
Integrated circuit Device made of semiconductor material that contains many transistors
and performs a specific task.
Resistor An electrical component that limits or regulates the flow of electrical current in
an electronic circuit.
Capacitor Electronic component that stores energy in the form of an electrostatic field
that consists of two conducting metal plates separated by an insulating material.
Light emitting diode (LED) Semiconductor device that emits light when a current passes
through it.
Printed circuit board (PCB) A circuit board which has conducting tracks superimposed,
or printed, on one or both sides. It may also contain internal signal layers and power and
ground planes. Microprocessors, chips and integrated circuits and other electronic
components are mounted on the PCB.
Floppy
Floppy disk drive A computer drive that reads and writes data to a 3.5-inch, circular
piece of metal-coated plastic disk. A standard floppy disk can store approximately 1 MB of
information.
Hard disk drive A computer storage device that uses a set of rotating, magnetically
coated disks called platters to store data or programs. Hard drives come in different
storage capacity sizes.
...
Motherboard The main printed circuit board in a computer. The motherboard contains
the bus, the microprocessor, and integrated circuits used for controlling any built-in
peripherals such as the keyboard, text and graphics display, serial ports and parallel ports,
joystick, and mouse interfaces.
Bus A collection of wires on the motherboard through which data and timing signals are
transmitted from one part of a computer to another.
RandomRandom-access memory (RAM) Also known as read-write memory because new data
can be written to it and stored data can be read from it. RAM requires electrical power to
maintain data storage. If a computer is turned off or loses power all data stored in RAM is
lost.
ReadRead-only memory (ROM) Computer memory on which data has been prerecorded.
Once data has been written onto a ROM chip, it cannot be removed and can only be read.
System unit The main part of a PC, which includes the chassis, microprocessor, main
memory, bus, and ports. The system unit does not include the keyboard, monitor, or any
external devices connected to the computer.
Expansion slot A socket on the motherboard where a circuit board can be inserted to
add new capabilities to the computer. Figure 1.2. shows Peripheral Component
Interconnect (PCI) and Accelerated Graphics Port (AGP) expansion slots. PCI is a fast
connection for boards such as NICs, internal modems, and video cards. The AGP port
provides a high bandwidth connection between the graphics device and the system
memory. AGP provides a fast connection for 3-D graphics on computer systems.
...
Network interface card (NIC) An expansion board inserted into a computer so that the
computer can be connected to a network.
Audio card An expansion board that enables a computer to manipulate and output
sounds.
Parallel port An interface capable of transferring more than one bit simultaneously that is
used to connect external devices such as printers.
Serial port An interface that can be used for serial communication in which only one bit
is transmitted at a time.
USB port A Universal Serial Bus connector. A USB port connects devices such as a
mouse or printer to the computer quickly and easily.
Power cord A cord used to connect an electrical device to an electrical outlet that
provides power to the device.
Think of the internal components of a PC as a network of devices that are all attached to the
system bus.
1.1.3. Network interface card
A NIC, or LAN adapter, provides network communication capabilities to and from a PC. On
desktop computer systems, it is a printed circuit board that resides in a slot on the motherboard and
provides an interface connection to the network media. On laptop computer systems, it is commonly
integrated into the laptop or available on a small, credit card-sized PCMCIA card. PCMCIA stands for
Personal Computer Memory Card International Association. PCMCIA cards are also known as PC
cards. The type of NIC must match the media and protocol used on the local network.
Figure 1.3. Internal network interface card (left) and PCMCIA network interface card (right)
...
Figure 1.4. PC card modem (left) and 56k external modem (right)
A NIC must be installed for each device on a network. A NIC provides a network interface for
each host. Different types of NICs are used for various device configurations. Notebook computers
may have a built-in interface or use a PCMCIA card. Figure 1.5 shows PCMCIA wired, wireless
network cards, and a Universal Serial Bus (USB) Ethernet adapter. Desktop systems may use an
internal network adapter, called a NIC, or an external network adapter that connects to the network
through a USB port.
Situations that require NIC installation include the following :
...
To perform the installation of a NIC or modem the following resources may be required :
Knowledge of how the adapter, jumpers, and plug-and-play software are configured
Figure 1.5. USB 10/100 network adapter (left) and PCMCIA network cards (right)
1.1.5. Overview of highhigh-speed and dialdial-up connectivity
In the early 1960s, modems were introduced to connect dumb terminals to a central computer.
Many companies used to rent computer time since it was too expensive to own an on-site system. The
connection rate was very slow. It was 300 bits per second (bps), which are about 30 characters per
second.
As PCs became more affordable in the 1970s, bulletin board systems (BBSs) appeared. These
BBSs allowed users to connect and post or read messages on a discussion board. The 300-bps
speed was acceptable since it was faster than the speed at which most people could read or type. In
the early 1980s, use of bulletin boards increased exponentially and the 300 bps speed quickly became
too slow for the transfer of large files and graphics. In the 1990s, modems could operate at 9600 bps.
By 1998, they reached the current standard of 56,000 bps, or 56 kbps.
Soon the high-speed services used in the corporate environment such as Digital Subscriber
Line (DSL) and cable modem access moved to the consumer market. These services no longer
required expensive equipment or a second phone line. These are "always on" services that provide
instant access and do not require a connection to be established for each session. This provides more
reliability and flexibility and has simplified Internet connection sharing in small office and home
networks.
1.1.6. TCP/IP description and configuration
TCP/IP is a set of protocols or rules that have been developed to allow computers to share
resources across a network. The operating system tools must be used to configure TCP/IP on a
workstation. The process is very similar for Windows or Mac operating systems.
...
ping 127.0.0.1 This is a unique ping and is called an internal loopback test. It is
used to verify the TCP/IP network configuration.
Requests information
Receives information
A Web browser is software that interprets HTML, which is one of the languages used to code
Web page content. Some new technologies use other markup languages with more advanced
features. HTML, which is the most common markup language, can display graphics or play sound,
movies, and other multimedia files. Hyperlinks that are embedded in a Web page provide a quick link
to another location on the same page or a different Internet address.
...
There are also many special, or proprietary, file types that standard Web browsers are not able
to display. To view these files the browser must be configured to use the plug-in applications. These
applications work with the browser to launch the programs required to view special files :
Quicktime
Quicktime Plays video files created by Apple
...
Spreadsheet software contains tables that consist of columns and rows and it is often
used with formulas to process and analyze data.
Modern word processors allow users to create documents that include graphics and richly
formatted text.
Database management software is used to store, maintain, organize, sort, and filter
records. A record is a collection of information identified by some common theme such as
customer name.
A personal information manager includes an e-mail utility, contact lists, a calendar, and a
to-do list.
Office applications are now a part of daily work, as typewriters were before PCs.
...
...
10
...
11
128 is less than 168 so the left most bit in the binary number is a 1. 168 - 128 = 40.
64 is not less than or equal to 40 so the second bit from the left is a 0.
16 is not less than or equal to 8 so the fourth bit from the left is a 0.
8 is equal to 8 so the fifth bit from the left is a 1. 8 - 8 = 0. Therefore, the bits to the right
are all 0.
This example shows that the decimal number 168 is equal to the binary number 10101000. The
number converter activity in Figure 1.15 will allow students to practice decimal to binary conversions.
...
12
...
13
...
14
1.2.8. Hexadecimal
The hexadecimal or Base 16 number system is commonly used to represent binary numbers in
a more readable form. Computers perform computations in binary. However, there are several
instances when the binary output of a computer is expressed in hexadecimal to make it easier to read.
...
15
...
16
...
17
In the first example, the first eight bits from the left represent the network portion of the address,
and the last 24 bits represent the host portion of the address. In the second example the first 16 bits
represent the network portion of the address, and the last 16 bits represent the host portion of the
address.
The IP address 10.34.23.134 in binary form is 00001010.00100010.00010111.10000110. A
Boolean AND of the IP address 10.34.23.134 and the subnet mask 255.0.0.0 produces the network
address of this host :
00001010.00100010.00010111.10000110
11111111.00000000.00000000.00000000
00001010.00000000.00000000.00000000
...
18
...
19
Overview
Bandwidth decisions are among the most important considerations when a network is designed.
This module discusses the importance of bandwidth and explains how it is measured.
Layered models are used to describe network functions. This module covers the two most
important models, which are the Open System Interconnection (OSI) model and the Transmission
Control Protocol/Internet Protocol (TCP/IP) model. The module also presents the differences and
similarities between the two models.
This module also includes a brief history of networking. Students will learn about network
devices and different types of physical and logical layouts. This module also defines and compares
LANs, MANs, WANs, SANs, and VPNs.
2.1. Networking Terminology
2.1.1. Data networks
Data networks developed as a result of business applications that were written for
microcomputers. The microcomputers were not connected so there was no efficient way to share data
among them. It was not efficient or cost-effective for businesses to use floppy disks to share data.
Sneakernet created multiple copies of the data. Each time a file was modified it would have to be
shared again with all other people who needed that file. If two people modified the file and then tried to
share it, one of the sets of changes would be lost. Businesses needed a solution that would
successfully address the following three problems :
...
21
...
22
Figure 2.6.
Network history
...
23
...
24
Figure 2.8. End user device icons and network device icons
A repeater is a network device used to regenerate a signal. Repeaters regenerate analog or
digital signals that are distorted by transmission loss due to attenuation. A repeater does not make
intelligent decision concerning forwarding packets like a router or bridge.
...
25
A bus topology uses a single backbone cable that is terminated at both ends. All the hosts
connect directly to this backbone.
A ring topology connects one host to the next and the last host to the first. This creates a
physical ring of cable.
An extended star topology links individual stars together by connecting the hubs or
switches.
A hierarchical topology is similar to an extended star. However, instead of linking the hubs
or switches together, the system is linked to a computer that controls the traffic on the
topology.
...
26
...
27
These network rules are created and maintained by many different organizations and
committees. Included in these groups are the Institute of Electrical and Electronic Engineers (IEEE),
American National Standards Institute (ANSI), Telecommunications Industry Association (TIA),
Electronic Industries Alliance (EIA) and the International Telecommunications Union (ITU), formerly
known as the Comit Consultatif International Tlphonique et Tlgraphique (CCITT).
2.1.6. LocalLocal-area networks (LANs)
LANs consist of the following components :
Computers
Peripheral devices
Networking media
Network devices
...
28
Ethernet
Token Ring
FDDI
Modems
Frame Relay
...
29
...
30
Performance SANs allow concurrent access of disk or tape arrays by two or more servers
at high speeds. This provides enhanced system performance.
Availability SANs have built-in disaster tolerance. Data can be duplicated on a SAN up to
10 km (6.2 miles) away.
Scalability A SAN can use a variety of technologies. This allows easy relocation of
backup data, operations, file migration, and data replication between systems.
Access VPNs provide remote access for mobile and small office, home office (SOHO)
users to an Intranet or Extranet over a shared infrastructure. Access VPNs use analog,
dialup, ISDN, DSL, mobile IP, and cable technologies to securely connect mobile users,
telecommuters, and branch offices.
...
31
Intranet VPNs use dedicated connections to link regional and remote offices to an internal
network over a shared infrastructure. Intranet VPNs differ from Extranet VPNs in that they
allow access only to the employees of the enterprise.
Extranet VPNs use dedicated connections to link business partners to an internal network
over a shared infrastructure. Extranet VPNs differ from Intranet VPNs in that they allow
access to users outside the enterprise.
...
32
...
33
...
34
2.2.3. Measurement
In digital systems, the basic unit of bandwidth is bits per second (bps). Bandwidth is the
measure of how many bits of information can flow from one place to another in a given amount of time.
Although bandwidth can be described in bps, a larger unit of measurement is generally used. Network
bandwidth is typically described as thousands of bits per second (kbps), millions of bits per second
(Mbps), billions of bits per second (Gbps), and trillions of bits per second (Tbps). Although the terms
bandwidth and speed are often used interchangeably, they are not exactly the same thing. One may
say, for example, that a T3 connection at 45 Mbps operates at a higher speed than a T1 connection at
1.544 Mbps. However, if only a small amount of their data-carrying capacity is being used, each of
these connection types will carry data at roughly the same speed. For example, a small amount of
water will flow at the same rate through a small pipe as through a large pipe. Therefore, it is usually
more accurate to say that a T3 connection has greater bandwidth than a T1 connection. This is
because the T3 connection is able to carry more information in the same period of time, not because it
has a higher speed.
...
35
...
36
User computer
Server computer
Internetworking devices
Power conditions
...
37
The result is an estimate only, because the file size does not include any overhead added
by encapsulation.
The result is likely to be a best-case transfer time, because available bandwidth is almost
never at the theoretical maximum for the network type. A more accurate estimate can be
attained if throughput is substituted for bandwidth in the equation.
Although the data transfer calculation is quite simple, one must be careful to use the same units
throughout the equation. In other words, if the bandwidth is measured in megabits per second (Mbps),
the file size must be in megabits (Mb), not megabytes (MB). Since file sizes are typically given in
megabytes, it may be necessary to multiply the number of megabytes by eight to convert to megabits.
Try to answer the following question, using the formula T=S/BW. Be sure to convert units of
measurement as necessary.
Would it take less time to send the contents of a floppy disk full of data (1.44 MB) over an ISDN
line, or to send the contents of a ten GB hard drive full of data over an OC-48 line?
2.2.7. Digital versus analog
Radio, television, and telephone transmissions have, until recently, been sent through the air
and over wires using electromagnetic waves. These waves are called analog because they have the
same shapes as the light and sound waves produced by the transmitters. As light and sound waves
change size and shape, the electrical signal that carries the transmission changes proportionately. In
other words, the electromagnetic waves are analogous to the light and sound waves.
...
38
...
39
...
40
...
41
...
42
It allows different types of network hardware and software to communicate with each other.
7 Application
Network processes
processes to applications :
Data representation :
6 Presentation
5 Session
Format data
Data structures
Interhost communication :
Establishes, manages, and terminates sessions between applications
EndEnd-toto-end connection :
4 Transport
3 Network
2 Data Link
1 Physical
Logical addressing
Binary transmission :
...
43
...
44
...
45
The network access layer refers to any particular technology used on a specific network.
Regardless of which network application services are provided and which transport protocol is
used, there is only one Internet protocol, IP. This is a deliberate design decision. IP serves as a
universal protocol that allows any computer anywhere to communicate at any time.
Both have application layers, though they include very different services.
...
46
Both assume packets are switched. This means that individual packets may take different
paths to reach the same destination. This is contrasted with circuit-switched networks
where all the packets take the same path.
Differences include :
TCP/IP combines the presentation and session layer issues into its application layer.
TCP/IP combines the OSI data link and physical layers into the network access layer.
TCP/IP protocols are the standards around which the Internet developed, so the TCP/IP
model gains credibility just because of its protocols. In contrast, networks are not usually
built on the OSI protocol, even though the OSI model is used as a guide.
Although TCP/IP protocols are the standards with which the Internet has grown, this curriculum
will use the OSI model for the following reasons :
It has more details, which make it more helpful for teaching and learning.
Networking professionals differ in their opinions on which model to use. Due to the nature of the
industry it is necessary to become familiar with both. Both the OSI and TCP/IP models will be referred
to throughout the curriculum. The focus will be on the following :
Remember that there is a difference between a model and an actual protocol that is used in
networking. The OSI model will be used to describe TCP/IP protocols.
...
47
...
48
...
49
Reduces complexity
Standardizes interfaces
Ensures interoperability
Accelerates evolution
Two such layered models are the Open System Interconnection (OSI) and the TCP/IP
networking models. In the OSI reference model, there are seven numbered layers, each of which
illustrates a particular network function: application, presentation, session, transport, network, data link,
and physical. The TCP/IP model has the following four layers: application, transport, Internet, and
network access.
Although some of the layers in the TCP/IP model have the same name as layers in the OSI
model, the layers of the two models do not correspond exactly. The TCP/IP application layer is
equivalent to the OSI application, presentation, and session layers. The TCP/IP model combines the
OSI data link and physical layers into the network access layer.
No matter which model is applied, networks layers perform the following five conversion steps in
order to encapsulate and transmit data :
1. Images and text are converted to data.
2. The data is packaged into segments.
3. The data segment is encapsulated in a packet with the source and destination addresses.
4. The packet is encapsulated in a frame with the MAC address of the next directly connected
device.
5. The frame is converted to a pattern of ones and zeros (bits) for transmission on the media.
...
50
Module
Module 11-3 Networking Media
Overview
Copper cable is used in almost every LAN. Many different types of copper cable are available.
Each type has advantages and disadvantages. Proper selection of cabling is key to efficient network
operation. Since copper uses electrical currents to transmit information, it is important to understand
some basics of electricity.
Optical fiber is the most frequently used medium for the longer, high bandwidth, point-to-point
transmissions required on LAN backbones and on WANs. Optical media uses light to transmit data
through thin glass or plastic fiber. Electrical signals cause a fiber-optic transmitter to generate the light
signals sent down the fiber. The receiving host receives the light signals and converts them to
electrical signals at the far end of the fiber. However, there is no electricity in the fiber-optic cable. In
fact, the glass used in fiber-optic cable is a very good electrical insulator.
Physical connectivity allows users to share printers, servers, and software, which can increase
productivity. Traditional networked systems require the workstations to remain stationary and permit
moves only within the limits of the media and office area.
The introduction of wireless technology removes these restraints and brings true portability to
computer networks. Currently, wireless technology does not provide the high-speed transfers, security,
or uptime reliability of cabled networks. However, flexibility of wireless has justified the trade off.
Administrators often consider wireless when they install or upgrade a network. A simple wireless
network could be working just a few minutes after the workstations are turned on. Connectivity to the
Internet is provided through a wired connection, router, cable, or DSL modem and a wireless access
point that acts as a hub for the wireless nodes. In a residential or small office environment these
devices may be combined into a single unit.
3.1. Copper Media
3.1.1. Atoms and electrons
All matter is composed of atoms. The Periodic Table of Elements lists all known types of atoms
and their properties. The atom is comprised of three basic particles :
The protons and neutrons are combined together in a small group called a nucleus.
To better understand the electrical properties of different elements, locate helium (He) on the
periodic table. Helium has an atomic number of 2, which means that helium has two protons and two
electrons. It has an atomic weight of 4. If the atomic number of 2 is subtracted from the atomic weight
of 4, the result shows that helium also has two neutrons.
The Danish physicist, Niels Bohr, developed a simplified model to illustrate the atom. This
illustration shows the model for a helium atom. If the protons and neutrons of an atom were the size of
The Bohr model Protons have positive charges and electrons have negative charges.
There is more than one proton in the nucleus.
...
52
...
53
...
54
...
55
...
56
...
57
What speeds for data transmission can be achieved? The speed of bit transmission
through the cable is extremely important. The speed of transmission is affected by the kind
of conduit used.
Will the transmissions be digital or analog? Digital or baseband transmission and analog or
broadband transmission require different types of cable.
How far can a signal travel before attenuation becomes a concern? If the signal is
degraded, network devices might not be able to receive and interpret the signal. The
distance the signal travels through the cable affects attenuation of the signal. Degradation
is directly related to the distance the signal travels and the type of cable used.
10BASE-T
10BASE5
10BASE2
...
58
...
59
...
60
...
61
Figure 3.16. Connecting different devices and straight through cable pinouts
In Figure 3.17 in the next page, two switches are connected together. The cable that connects
from one switch port to another switch port is called a crossover cable.
...
62
An Ethernet (10 Base-T and 100 Base-TX) crossconnect cable has only four active wires 1,2,3,and 6
...
63
...
64
...
65
Figure3.23. Reflection
3.2.4. Refraction
When a light strikes the interface between two transparent materials, the light divides into two
parts. Part of the light ray is reflected back into the first substance, with the angle of reflection equaling
the angle of incidence. The remaining energy in the light ray crosses the interface and enters into the
second substance.
If the incident ray strikes the glass surface at an exact 90-degree angle, the ray goes straight
into the glass. The ray is not bent. However, if the incident ray is not at an exact 90-degree angle to
the surface, then the transmitted ray that enters the glass is bent. The bending of the entering ray is
called refraction. How much the ray is refracted depends on the index of refraction of the two
transparent materials. If the light ray travels from a substance whose index of refraction is smaller, into
a substance where the index of refraction is larger, the refracted ray is bent towards the normal. If the
light ray travels from a substance where the index of refraction is larger into a substance where the
index of refraction is smaller, the refracted ray is bent away from the normal.
Consider a light ray moving at an angle other than 90 degrees through the boundary between
glass and a diamond. The glass has an index of refraction of about 1.523. The diamond has an index
of refraction of about 2.419. Therefore, the ray that continues into the diamond will be bent towards
the normal. When that light ray crosses the boundary between the diamond and the air at some angle
...
66
The core of the optical fiber has to have a larger index of refraction (n) than the material
that surrounds it. The material that surrounds the core of the fiber is called the cladding.
The angle of incidence of the light ray is greater than the critical angle for the core and its
cladding.
...
67
The numerical aperture of the fiber The numerical aperture of a core is the range of
angles of incident light rays entering the fiber that will be completely reflected.
Modes The paths which a light ray can follow when traveling down a fiber.
By controlling both conditions, the fiber run will have total internal reflection. This gives a light
wave guide that can be used for data communications.
(a)
(b)
Figure 3.27. Numerical aperture (a) and critical angle (b)
...
68
...
69
...
70
...
71
...
72
A light emitting diode (LED) producing infrared light with wavelengths of either 850 nm or
1310 nm. These are used with multimode fiber in LANs. Lenses are used to focus the
infrared light on the end of the fiber.
Light amplification by stimulated emission radiation (LASER) a light source producing a thin
beam of intense infrared light usually with wavelengths of 1310nm or 1550 nm. Lasers are
used with single-mode fiber over the longer distances involved in WANs or campus
backbones. Extra care should be exercised to prevent eye injury.
Each of these light sources can be lighted and darkened very quickly to send data (1s and 0s)
at a high number of bits per second.
At the other end of the optical fiber from the transmitter is the receiver. The receiver functions
something like the photoelectric cell in a solar powered calculator. When light strikes the receiver, it
produces electricity. The first job of the receiver is to detect a light pulse that arrives from the fiber.
Then the receiver converts the light pulse back into the original electrical signal that first entered the
transmitter at the far end of the fiber. Now the signal is again in the form of voltage changes. The
signal is ready to be sent over copper wire into any receiving electronic device such as a computer,
switch, or router. The semiconductor devices that are usually used as receivers with fiber-optic links
are called p-intrinsic-n diodes (PIN photodiodes).
PIN photodiodes are manufactured to be sensitive to 850, 1310, or 1550 nm of light that are
generated by the transmitter at the far end of the fiber. When struck by a pulse of light at the proper
wavelength, the PIN photodiode quickly produces an electric current of the proper voltage for the
network. It instantly stops producing the voltage when no light strikes the PIN photodiode. This
generates the voltage changes that represent the data 1s and 0s on a copper cable.
Connectors are attached to the fiber ends so that the fibers can be connected to the ports on
the transmitter and receiver. The type of connector most commonly used with multimode fiber is the
Subscriber Connector (SC). On single-mode fiber, the Straight Tip (ST) connector is frequently used.
In addition to the transmitters, receivers, connectors, and fibers that are always required on an
optical network, repeaters and fiber patch panels are often seen.
Repeaters are optical amplifiers that receive attenuating light pulses traveling long distances
and restore them to their original shapes, strengths, and timings. The restored signals can then be
sent on along the journey to the receiver at the far end of the fiber.
...
73
...
74
...
75
...
76
Once the fiber-optic cable and connectors have been installed, the connectors and the ends of
the fibers must be kept spotlessly clean. The ends of the fibers should be covered with protective
covers to prevent damage to the fiber ends. When these covers are removed prior to connecting the
fiber to a port on a switch or a router, the fiber ends must be cleaned. Clean the fiber ends with lint
free lens tissue moistened with pure isopropyl alcohol. The fiber ports on a switch or router should
also be kept covered when not in use and cleaned with lens tissue and isopropyl alcohol before a
connection is made. Dirty ends on a fiber will cause a big drop in the amount of light that reaches the
receiver.
Scattering, absorption, dispersion, improper installation, and dirty fiber ends diminish the
strength of the light signal and are referred to as fiber noise. Before using a fiber-optic cable, it must
be tested to ensure that enough light actually reaches the receiver for it to detect the zeros and ones
in the signal.
When a fiber-optic link is being planned, the amount of signal power loss that can be tolerated
must be calculated. This is referred to as the optical link loss budget. Imagine a monthly financial
budget. After all of the expenses are subtracted from initial income, enough money must be left to get
through the month.
The decibel (dB) is the unit used to measure the amount of power loss. It tells what percent of
the power that leaves the transmitter actually enters the receiver.
Testing fiber links is extremely important and records of the results of these tests must be kept.
Several types of fiber-optic test equipment are used. Two of the most important instruments are
Optical Loss Meters and Optical Time Domain Reflectometers (OTDRs).
These meters both test optical cable to ensure that the cable meets the TIA standards for fiber.
They also test to verify that the link power loss does not fall below the optical link loss budget. OTDRs
can provide much additional detailed diagnostic information about a fiber link. They can be used to
trouble shoot a link when problems occur.
...
77
...
78
...
79
Active scanning causes a probe request to be sent from the wireless node seeking to join the
network. The probe request will contain the Service Set Identifier (SSID) of the network it wishes to
join. When an AP with the same SSID is found, the AP will issue a probe response. The authentication
and association steps are completed.
Passive scanning nodes listen for beacon management frames (beacons), which are
transmitted by the AP (infrastructure mode) or peer nodes (ad hoc). When a node receives a beacon
that contains the SSID of the network it is trying to join, an attempt is made to join the network.
Passive scanning is a continuous process and nodes may associate or disassociate with APs as
signal strength changes.
3.3.3. How wireless LANs communicate
After establishing connectivity to the WLAN, a node will pass frames in the same manner as on
any other 802.x network. WLANs do not use a standard 802.3 frame. Therefore, using the term
wireless Ethernet is misleading. There are three types of frames: control, management, and data. Only
the data frame type is similar to 802.3 frames. The payload of wireless and 802.3 frames is 1500 bytes;
...
80
...
81
Unauthenticated and unassociated : the node is disconnected from the network and not
associated to an access point.
Authenticated and unassociated : the node has been authenticated on the network but has
not yet associated with the access point.
Authenticated and associated : the node is connected to the network and able to transmit
and receive data through the access point.
Methods of authentication
IEEE 802.11 lists two types of authentication processes. The first authentication process is the
open system. This is an open connectivity standard in which only the SSID must match. This may be
used in a secure or non-secure environment although the ability of low level network sniffers to
discover the SSID of the WLAN is high.
The second process is the shared key. This process requires the use of Wireless Equivalency
Protocol (WEP) encryption. WEP is a fairly simple algorithm using 64 and 128 bit keys. The AP is
configured with an encrypted key and nodes attempting to access the network through the AP must
have a matching key. Statically assigned WEP keys provide a higher level of security than the open
system but are definitely not hack proof.
The problem of unauthorized entry into WLANs is being addressed by a number of new security
solution technologies.
3.3.5. The radio wave and microwave spectrums
Computers send data signals electronically. Radio transmitters convert these electrical signals
to radio waves. Changing electric currents in the antenna of a transmitter generates the radio waves.
These radio waves radiate out in straight lines from the antenna. However, radio waves attenuate as
they move out from the transmitting antenna. In a WLAN, a radio signal measured at a distance of just
10 meters (30 feet) from the transmitting antenna would be only 1/100th of its original strength. Like
light, radio waves can be absorbed by some materials and reflected by others. When passing from
one material, like air, into another material, like a plaster wall, radio waves are refracted. Radio waves
are also scattered and absorbed by water droplets in the air.
...
82
...
83
...
84
LEAP (Cisco) Lightweight Extensible Authentication Protocol is the type primarily used on
Cisco WLAN access points. LEAP provides security during credential exchange, encrypts
using dynamic WEP keys, and supports mutual authentication.
User authentication Allows only authorized users to connect, send and receive data over
the wireless network.
Encryption Provides encryption services further protecting the data from intruders.
Data authentication Ensures the integrity of the data, authenticating source and
destination devices.
VPN technology effectively closes the wireless network since an unrestricted WLAN will
automatically forward traffic between nodes that appear to be on the same wireless network. WLANs
often extend outside the perimeter of the home or office in which they are installed and without
security intruders may infiltrate the network with little effort. Conversely it takes minimal effort on the
part of the network administrator to provide low-level security to the WLAN.
Summary
Copper cable carries information using electrical current. The electrical specifications of a cable
determines the kind of signal a particular cable can transmit, the speed at which the signal is
transmitted and the distance the signal will travel.
An understanding of the following electrical concepts is helpful when working with computer
networks :
Voltage the pressure that moves electrons through a circuit from one place to another
Resistance opposition to the flow of electrons and why a signal becomes degraded as it
travels along the conduit
Circuits must be composed of conducting materials, and must have sources of voltage. Voltage
causes current to flow, while resistance and impedance oppose it. A multimeter is used to measure
voltage, current, resistance, and other electrical quantities expressed in numeric form.
Coaxial cable, unshielded twisted pair (UTP) and shielded twisted pair (STP) are types of
copper cables that can be used in a network to provide different capabilities. Twisted-pair cable can be
configured for straight through, crossover, or rollover signaling. These terms refer to the individual wire
connections, or pinouts, from one end to the other end of the cable. A straight-through cable is used to
connect unlike devices such as a switch and a PC. A crossover cable is used to connect similar
devices such as two switches. A rollover cable is used to connect a PC to the console port of a router.
Different pinouts are required because the transmit and receive pins are in different locations on each
of these devices.
Optical fiber is the most frequently used medium for the longer, high-bandwidth, point-to-point
transmissions required on LAN backbones and on WANs. Light energy is used to transmit large
amounts of data securely over relatively long distances The light signal carried by a fiber is produced
...
85
...
86
Overview
Networking media is the backbone of a network. Networking media is literally and physically the
backbone of a network. Inferior quality of network cabling results in network failures and unreliable
performance. Copper, optical fiber, and wireless networking media all require testing to ensure that
they meet strict specification guidelines. These tests involve certain electrical and mathematical
concepts and terms such as signal, wave, frequency, and noise. These terms will help students
understand networks, cables, and cable testing.
The first lesson in this module will provide some basic definitions to help students understand
the cable testing concepts presented in the second lesson. The second lesson of this module
describes issues related to cable testing for physical layer connectivity in LANs. In order for the LAN to
function properly, the physical layer medium should meet the industry standard specifications.
Attenuation, which is signal deterioration, and noise, which is signal interference, can cause
problems in networks because the data sent may be interpreted incorrectly or not recognized at all
after it has been received. Proper termination of cable connectors and proper cable installation are
important. If standards are followed during installations, repairs, and changes, attenuation and noise
levels should be minimized.
After a cable has been installed, a cable certification meter can verify that the installation meets
TIA/EIA specifications. This module also describes some important tests that are performed.
4.1. FrequencyFrequency-Based Cable Testing (Core)
4.1.1. Waves
A wave is energy that travels from one place to another. There are many types of waves, but all
can be described with similar vocabulary.
It is helpful to think of waves as disturbances. A bucket of water that is completely still does not
have waves since there are no disturbances. Conversely, the ocean always has some sort of
detectable waves due to disturbances such as wind and tide.
Ocean waves can be described in terms of their height, or amplitude, which could be measured
in meters. They can also be described in terms of how frequently the waves reach the shore, which
relates to period and frequency. The period of the waves is the amount of time between each wave,
measured in seconds. The frequency is the number of waves that reach the shore each second,
measured in hertz (Hz). 1 Hz is equal to 1 wave per second, or 1 cycle per second. To experiment with
these concepts, adjust the amplitude and frequency in Figure 4.1.
Networking professionals are specifically interested in voltage waves on copper media, light
waves in optical fiber, and alternating electric and magnetic fields called electromagnetic waves. The
amplitude of an electrical signal still represents height, but it is measured in volts (V) instead of meters
(m). The period is the amount of time that it takes to complete 1 cycle. This is measured in seconds.
The frequency is the number of complete cycles per second. This is measured in Hz.
...
88
Base 2 binary
Base 10 decimal
Base 16 hexadecimal
Recall that the base of a number system refers to the number of different symbols that can
occupy one position. For example, binary numbers have only two placeholders, which are zero and
one. Decimal numbers have ten different placeholders, the numbers 0 to 9. Hexadecimal numbers
have 16 different placeholders, the numbers 0 to 9 and the letters A to F.
Remember that 10 x 10 can be written as 102. 102 means ten squared or ten raised to the
second power. 10 is the base of the number and 2 is the exponent of the number. 10 x 10 x 10 can be
written as 103. 103 means ten cubed or ten raised to the third power. The base is ten and the exponent
is three. Use the Interactive Media Activity to calculate exponents. Enter a value for x to calculate y or
a value for y to calculate x.
The base of a number system also refers to the value of each digit. The least significant digit
has a value of base0, or one. The next digit has a value of base1. This is equal to 2 for binary numbers,
10 for decimal numbers, and 16 for hexadecimal numbers.
Numbers with exponents are used to easily represent very large or very small numbers. It is
much easier and less error-prone to represent one billion numerically as 109 than as 1000000000.
Many cable-testing calculations involve numbers that are very large and require exponents. Use the
Interactive Media Activity to learn more about exponents.
One way to work with the very large and very small numbers is to transform the numbers based
on the mathematical rule known as a logarithm. Logarithm is abbreviated as "log". Any number may be
used as a base for a system of logarithms. However, base 10 has many advantages not obtainable in
ordinary calculations with other bases. Base 10 is used almost exclusively for ordinary calculations.
Logarithms with 10 as a base are called common logarithms. It is not possible to obtain the logarithm
of a negative number.
To take the log of a number use a calculator or the Interactive Media Activity. For example, the
log of (109) = 9. It is possible to take the logarithm of numbers that are not powers of ten. It is not
possible to determine the logarithm of a negative number. The study of logarithms is beyond the
...
89
In these formulas, dB represents the loss or gain of the power of a wave. Decibels can be
negative values which would represent a loss in power as the wave travels or a positive value to
represent a gain in power if the signal is amplified.
The log10 variable implies that the number in parentheses will be transformed with the base
10 logarithm rule.
The first formula describes decibels in terms of power (P), and the second in terms of voltage
(V). The power formula is often used to measure light waves on optical fiber and radio waves in the air.
The voltage formula is used to measure electromagnetic waves on copper cables. These formulas
have several things in common.
In the formula dB = 10 log10 (Pfinal / Pref), enter values for dB and Pref to discover the
delivered power. This formula could be used to see how much power is left in a radio wave after it
travels through different materials and stages of electronic systems such as radios.
4.1.5. Time and frequency of signals (Optional)
One of the most important facts of the information age is that characters, words, pictures, video,
or music can be represented electrically by voltage patterns on wires and in electronic devices. The
data represented by these voltage patterns can be converted to light waves or radio waves, and then
back to voltage waves. Consider the example of an analog telephone. The sound waves of the callers
voice enter a microphone in the telephone. The microphone converts the patterns of sound energy
into voltage patterns of electrical energy that represent the voice.
If the voltage is graphed over time, the patterns that represent the voice will be displayed. An
oscilloscope is an important electronic device used to view electrical signals such as voltage waves
and pulses. The x-axis on the display represents time and the y-axis represents voltage or current.
There are usually two y-axis inputs, so two waves can be observed and measured at the same time.
The analysis of signals with an oscilloscope is called time-domain analysis. The x-axis or
domain of the mathematical function represents time. Engineers also use frequency-domain analysis
...
90
...
91
Noise that affects all transmission frequencies equally is called white noise. Noise that only
affects small ranges of frequencies is called narrowband interference. White noise on a radio receiver
would interfere with all radio stations. Narrowband interference would affect only a few stations whose
frequencies are close together. When detected on a LAN, white noise could affect all data
transmissions, but narrowband interference might disrupt only certain signals.
...
92
...
93
...
94
...
95
Wire map
Insertion loss
...
96
Return loss
Propagation delay
Cable length
Delay skew
The Ethernet standard specifies that each of the pins on an RJ-45 connector have a particular
purpose. A NIC transmits signals on pins 1 and 2, and it receives signals on pins 3 and 6. The wires in
UTP cable must be connected to the proper pins at each end of a cable. The wire map test insures
that no open or short circuits exist on the cable. An open circuit occurs if the wire does not attach
properly at the connector. A short circuit occurs if two wires are connected to each other.
...
97
...
98
...
99
...
100
...
101
...
102
Overview
Even though each LAN is unique, there are many design aspects that are common to all LANs.
For example, most LANs follow the same standards and use the same components. This module
presents information on elements of Ethernet LANs and common LAN devices.
There are several types of WAN connections. They range from dial-up to broadband access
and differ in bandwidth, cost, and required equipment. This module presents information on the
various types of WAN connections.
5.1. Cabling LANs
5.1.1. LAN physical layer
Various symbols are used to represent media types. Token Ring is represented by a circle.
FDDI is represented by two concentric circles and the Ethernet symbol is represented by a straight line.
Serial connections are represented by a lightning bolt.
Cable length
Cost
Ease of installation
Susceptibility to interference
Coaxial cable, optical fiber, and space can carry network signals. This module will focus on
Category 5 UTP, which includes the Category 5e family of cables.
Many topologies support LANs, as well as many different physical media. Figure 5.2 in the next
page shows a subset of physical layer implementations that can be deployed to support Ethernet.
...
104
An Ethernet speed of 10 Mbps can be used at the user level to provide good performance.
Clients or servers that require more bandwidth can use 100-Mbps Ethernet.
Fast Ethernet is used as the link between user and network devices. It can support the
combination of all traffic from each Ethernet segment.
Fast Ethernet can be used to connect enterprise servers. This will enhance client-server
performance across the campus network and help prevent bottlenecks.
...
105
...
106
Figure 5.6. RJ-45 connector, RJ-45 female component, and RJ-45 punch-down connection
If the two RJ-45 connectors of a cable are held side by side in the same orientation, the colored
wires will be seen in each. If the order of the colored wires is the same at each end, then the cable is a
straight-through, as seen in Figure 5.8 (left).
In a crossover cable, the RJ-45 connectors on both ends show that some of the wires are
connected to different pins on each side of the cable. Figure 5.7 (right) shows that pins 1 and 2 on one
connector connect to pins 3 and 6 on the other.
Switch to router
Switch to PC or server
Hub to PC or server
...
107
Switch to switch
Switch to hub
Hub to hub
Router to router
PC to PC
Router to PC
Figure 5.10 illustrates how a variety of cable types may be required in a given network. The
category of UTP cable required is based on the type of Ethernet that is chosen.
...
108
Passive A passive hub serves as a physical connection point only. It does not manipulate
or view the traffic that crosses it. It does not boost or clean the signal. A passive hub is
used only to share the physical media. A passive hub does not need electrical power.
Active An active hub must be plugged into an electrical outlet because it needs power to
amplify a signal before it is sent to the other ports.
...
109
Intelligent Intelligent hubs are sometimes called smart hubs. They function like active
hubs with microprocessor chips and diagnostic capabilities. Intelligent hubs are more
expensive than active hubs. They are also more useful in troubleshooting situations.
Devices attached to a hub receive all traffic that travels through the hub. If many devices are
attached to the hub, collisions are more likely to occur. A collision occurs when two or more
workstations send data over the network wire at the same time. All data is corrupted when this occurs.
All devices that are connected to the same network segment are members of the same collision
domain.
Sometimes hubs are called concentrators since they are central connection points for Ethernet
LANs.
5.1.8. Wireless
Wireless signals are electromagnetic waves that travel through the air. Wireless networks use
radio frequency (RF), laser, infrared (IR), satellite, or microwaves to carry signals between computers
without a permanent cable connection. The only permanent cabling can be to the access points for the
network. Workstations within the range of the wireless network can be moved easily without the need
to connect and reconnect network cables.
A common application of wireless data communication is for mobile use. Some examples of
mobile use include commuters, airplanes, satellites, remote space probes, space shuttles, and space
stations.
At the core of wireless communication are devices called transmitters and receivers. The
transmitter converts source data to electromagnetic waves that are sent to the receiver. The receiver
then converts these electromagnetic waves back into data for the destination. For two-way
communication, each device requires a transmitter and a receiver. Many networking device
manufacturers build the transmitter and receiver into a single unit called a transceiver or wireless
network card. All devices in a WLAN must have the correct wireless network card installed.
...
110
...
111
If the destination device is on the same segment as the frame, the bridge will not send the
frame onto other segments. This process is known as filtering.
If the destination device is on a different segment, the bridge forwards the frame to the
appropriate segment.
If the destination address is unknown to the bridge, the bridge forwards the frame to all
segments except the one on which it was received. This process is known as flooding.
...
112
Figure 5.18. Microsegmentation of the network : dedicated paths between sender and receiver hosts
5.1.11. Host connectivity
The function of a NIC is to connect a host device to the network medium. A NIC is a printed
circuit board that fits into the expansion slot on the motherboard or peripheral device of a computer.
The NIC is also referred to as a network adapter. On laptop or notebook computers a NIC is the size
of a credit card.
NICs are considered Layer 2 devices because each NIC carries a unique code called a MAC
address. This address is used to control data communication for the host on the network. More will be
learned about the MAC address later. NICs control host access to the medium.
...
113
...
114
...
115
...
116
...
117
...
118
...
119
...
120
Connect the other end of the phone cable to the phone jack.
To connect a router for DSL service, use a phone cable with RJ-11 connectors. DSL works over
standard telephone lines using pins 3 and 4 on a standard RJ-11 connector.
5.2.6. Routers and cable connections
The Cisco uBR905 cable access router provides high-speed network access on the cable
television system to residential and small office, home office (SOHO) subscribers. The uBR905 router
has a coaxial cable, or F-connector, interface that connects directly to the cable system. Coaxial cable
and an F connector are used to connect the router and cable system.
Locate the RF coaxial cable coming from the coaxial cable (TV) wall outlet.
...
121
Connect the coaxial cable to the F connector of the router. Hand-tighten the connector,
making sure that it is finger-tight, and then give it a 1/6 turn with a wrench.
Make sure that all other coaxial cable connectors, all intermediate splitters, couplers, or
ground blocks, are securely tightened from the distribution tap to the Cisco uBR905 router.
CAUTION :
Do not over tighten the connector. Over tightening may break off the connector. Do not use a torque
wrench because of the danger of tightening the connector more than the recommended 1/6 turns
after it is finger-tight.
5.2.7. Setting up console connections
To initially configure the Cisco device, a management connection must be directly connected to
the device. For Cisco equipment this management attachment is called a console port. The console
port allows monitoring and configuration of a Cisco hub, switch, or router.
The cable used between a terminal and a console port is a rollover cable, with RJ-45
connectors. The rollover cable, also known as a console cable, has a different pinout than the straightthrough or crossover RJ-45 cables used with Ethernet or the ISDN BRI. The pinout for a rollover is as
follows :
1 to 8
2 to 7
3 to 6
4 to 5
5 to 4
6 to 3
7 to 2
8 to 1
To set up a connection between the terminal and the Cisco console port, perform two steps.
First, connect the devices using a rollover cable from the router console port to the workstation serial
port. An RJ-45-to-DB-9 or an RJ-45-to-DB-25 adapter may be required for the PC or terminal. Next,
configure the terminal emulation application with the following common equipment (COM) port settings:
9600 bps, 8 data bits, no parity, 1 stop bit, and no flow control.
...
122
...
123
...
124
Overview
Ethernet is now the dominant LAN technology in the world. Ethernet is a family of LAN
technologies that may be best understood with the OSI reference model. All LANs must deal with the
basic issue of how individual stations, or nodes, are named. Ethernet specifications support different
media, bandwidths, and other Layer 1 and 2 variations. However, the basic frame format and address
scheme is the same for all varieties of Ethernet.
Various MAC strategies have been invented to allow multiple stations to access physical media
and network devices. It is important to understand how network devices gain access to the network
media before students can comprehend and troubleshoot the entire network.
6.1. Ethernet Fundamentals
6.1.1. Introduction to Ethernet
Most of the traffic on the Internet originates and ends with Ethernet connections. Since it began
in the 1970s, Ethernet has evolved to meet the increased demand for high-speed LANs. When optical
fiber media was introduced, Ethernet adapted to take advantage of the superior bandwidth and low
error rate that fiber offers. Now the same protocol that transported data at 3 Mbps in 1973 can carry
data at 10 Gbps.
The success of Ethernet is due to the following factors :
Reliability
The introduction of Gigabit Ethernet has extended the original LAN technology to distances that
make Ethernet a MAN and WAN standard.
The original idea for Ethernet was to allow two or more hosts to use the same medium with no
interference between the signals. This problem of multiple user access to a shared medium was
studied in the early 1970s at the University of Hawaii. A system called Alohanet was developed to
allow various stations on the Hawaiian Islands structured access to the shared radio frequency band
in the atmosphere. This work later formed the basis for the Ethernet access method known as
CSMA/CD.
The first LAN in the world was the original version of Ethernet. Robert Metcalfe and his
coworkers at Xerox designed it more than thirty years ago. The first Ethernet standard was published
in 1980 by a consortium of Digital Equipment Company, Intel, and Xerox (DIX). Metcalfe wanted
Ethernet to be a shared standard from which everyone could benefit, so it was released as an open
standard. The first products that were developed from the Ethernet standard were sold in the early
1980s. Ethernet transmitted at up to 10 Mbps over thick coaxial cable up to a distance of 2 kilometers.
This type of coaxial cable was referred to as thicknet and was about the width of a small finger.
...
126
One or more letters of the alphabet indicating the type of medium used. For example, F =
fiber optical cable and T = copper unshielded twisted pair
Ethernet relies on baseband signaling, which uses the entire bandwidth of the transmission
medium. The data signal is transmitted directly over the transmission medium.
In broadband signaling, the data signal is no longer placed directly on the transmission medium.
Ethernet used broadband signaling in the 10BROAD36 standard. 10BROAD36 is the IEEE standard
for an 802.3 Ethernet network using broadband transmission with thick coaxial cable running at 10
Mbps. 10BROAD36 is now considered obsolete. An analog or carrier signal is modulated by the data
signal and then transmitted. Radio broadcasts and cable TV use broadband signaling.
IEEE cannot force manufacturers to fully comply with any standard. IEEE has two main
objectives :
Supply the information necessary to build devices that comply with Ethernet standards
...
127
...
128
...
129
Framing is the Layer 2 encapsulation process. A frame is the Layer 2 protocol data unit.
A voltage versus time graph could be used to visualize bits. However, it may be too difficult to
graph address and control information for larger units of data. Another type of diagram that could be
used is the frame format diagram, which is based on voltage versus time graphs. Frame format
diagrams are read from left to right, just like an oscilloscope graph. The frame format diagram shows
different groupings of bits, or fields, which perform other functions.
...
130
Address field
Length/Type field
Data field
...
131
Internet checksum adds the values of all of the data bits to arrive at a sum.
The node that transmits data must get the attention of other devices to start and end a frame.
The Length field indicates where the frame ends. The frame ends after the FCS. Sometimes there is a
formal byte sequence referred to as an end-frame delimiter.
6.1.6. Ethernet frame structure
structure
At the data link layer the frame structure is nearly identical for all speeds of Ethernet from 10
Mbps to 10,000 Mbps. However, at the physical layer almost all versions of Ethernet are very different.
Each speed has a distinct set of architecture design rules.
...
132
Preamble
Length/Type
SOF Delimiter
Destination Address
FCS
Source Address
Extension
...
133
Ethernet uses a logical bus topology to control information flow on a linear bus and a
physical star or extended star topology for the cables
Token Ring uses a logical ring topology to control information flow and a physical star
topology
FDDI uses a logical ring topology to control information flow and a physical dual-ring
topology
...
134
Decoding data packets and checking them for valid addresses before passing them to the
upper layers of the OSI model
...
135
Checksum (FCS) used to ensure that the message was not corrupted along the way
...
136
...
137
Figure 6.20. Slot time parameter : slot time only applies to half-duplex Ethernet links
If the MAC layer is unable to send the frame after sixteen attempts, it gives up and generates an
error to the network layer. Such an occurrence is fairly rare and would happen only under extremely
heavy network loads, or when a physical problem exists on the network.
...
138
...
139
Local
Remote
Late
...
140
Collision or runt Simultaneous transmission occurring before slot time has elapsed
Late collision Simultaneous transmission occurring after slot time has elapsed
Jabber,
Jabber long frame and range errors Excessively or illegally long transmission
Short frame,
frame collision fragment or runt Illegally short transmission
...
141
Range error Actual and reported number of octets in frame do not match
While local and remote collisions are considered to be a normal part of Ethernet operation, late
collisions are considered to be an error. The presence of errors on a network always suggests that
further investigation is warranted. The severity of the problem indicates the troubleshooting urgency
related to the detected errors. A handful of errors detected over many minutes or over hours would be
a low priority. Thousands detected over a few minutes suggest that urgent attention is warranted.
Jabber is defined in several places in the 802.3 standard as being a transmission of at least
20,000 to 50,000 bit times in duration. However, most diagnostic tools report jabber whenever a
detected transmission exceeds the maximum legal frame size, which is considerably smaller than
20,000 to 50,000 bit times. Most references to jabber are more properly called long frames.
Figure 6.24. Long frame : jabber and long frames are both in excess of the maximum frame size.
Jabber is significantly larger
A long frame is one that is longer than the maximum legal size, and takes into consideration
whether or not the frame was tagged. It does not consider whether or not the frame had a valid FCS
checksum. This error usually means that jabber was detected on the network.
A short frame is a frame smaller than the minimum legal size of 64 octets, with a good frame
check sequence. Some protocol analyzers and network monitors call these frames runts". In general
the presence of short frames is not a guarantee that the network is failing.
Figure 6.25. Short frame : short frame are properly formed in all but one aspect and have valid FCS
checksums, but are less than the minimum frame size (64 octets)
The term runt is generally an imprecise slang term that means something less than a legal
frame size. It may refer to short frames with a valid FCS checksum although it usually refers to
collision fragments.
6.2.8. FCS and beyond
A received frame that has a bad Frame Check Sequence, also referred to as a checksum or
CRC error, differs from the original transmission by at least one bit. In an FCS error frame the header
information is probably correct, but the checksum calculated by the receiving station does not match
the checksum appended to the end of the frame by the sending station. The frame is then discarded.
...
142
...
143
...
144
Fiber-optic Ethernet implementations are not included in this priority resolution list because the
interface electronics and optics do not permit easy reconfiguration between implementations. It is
assumed that the interface configuration is fixed. If the two interfaces are able to Auto-Negotiate then
they are already using the same Ethernet implementation. However, there remain a number of
configuration choices such as the duplex setting, or which station will act as the Master for clocking
purposes, that must be determined.
...
145
Preamble
Destination Address
Source Address
Length/Type
In 10 Mbps and slower versions of Ethernet, the Preamble provides timing information the
receiving node needs in order to interpret the electrical signals it is receiving. The Start Frame
Delimiter marks the end of the timing information. 10 Mbps and slower versions of Ethernet are
asynchronous. That is, they will use the preamble timing information to synchronize the receive circuit
to the incoming data. 100 Mbps and higher speed implementations of Ethernet are synchronous.
Synchronous means the timing information is not required, however for compatibility reasons the
Preamble and SFD are present.
The address fields of the Ethernet frame contain Layer 2, or MAC, addresses.
All frames are susceptible to errors from a variety of sources. The Frame Check Sequence
(FCS) field of an Ethernet frame contains a number that is calculated by the source node based on the
data in the frame. At the destination it is recalculated and compared to determine that the data
received is complete and error free.
Once the data is framed the Media Access Control (MAC) sublayer is also responsible to
determine which computer on a shared-medium environment, or collision domain, is allowed to
transmit the data. There are two broad categories of Media Access Control, deterministic (taking turns)
and non-deterministic (first come, first served).
Examples of deterministic protocols include Token Ring and FDDI. The carrier sense multiple
access with collision detection (CSMA/CD) access method is a simple non-deterministic system. The
NIC listens for an absence of a signal on the media and starts transmitting. If two nodes or more
...
146
...
147
Overview
Ethernet has been the most successful LAN technology mainly because of how easy it is to
implement. Ethernet has also been successful because it is a flexible technology that has evolved as
needs and media capabilities have changed. This module will provide details about the most important
types of Ethernet. The goal is to help students understand what is common to all forms of Ethernet.
Changes in Ethernet have resulted in major improvements over the 10-Mbps Ethernet of the
early 1980s. The 10-Mbps Ethernet standard remained virtually unchanged until 1995 when IEEE
announced a standard for a 100-Mbps Fast Ethernet. In recent years, an even more rapid growth in
media speed has moved the transition from Fast Ethernet to Gigabit Ethernet. The standards for
Gigabit Ethernet emerged in only three years. A faster Ethernet version called 10-Gigabit Ethernet is
now widely available and faster versions will be developed.
MAC addresses, CSMA/CD, and the frame format have not been changed from earlier versions
of Ethernet. However, other aspects of the MAC sublayer, physical layer, and medium have changed.
Copper-based NICs capable of 10, 100, or 1000 Mbps are now common. Gigabit switch and router
ports are becoming the standard for wiring closets. Optical fiber to support Gigabit Ethernet is
considered a standard for backbone cables in most new installations.
7.1. 1010-Mbps and 100100-Mbps Ethernet
7.1.1. 1010-Mbps Ethernet
10BASE5, 10BASE2, and 10BASE-T Ethernet are considered Legacy Ethernet. The four
common features of Legacy Ethernet are timing parameters, the frame format, transmission processes,
and a basic design rule.
For all speeds of Ethernet transmission 1000 Mbps or slower, transmission can be no slower
than the slot time. Slot time is just longer than the time it theoretically can take to go from one extreme
end of the largest legal Ethernet collision domain to the other extreme end, collide with another
transmission at the last possible instant, and then have the collision fragments return to the sending
station to be detected.
Within 4 to 8 microseconds after a normal transmission to indicate that the outbound frame
was successfully transmitted
Whenever there is an improper signal on the medium, such as jabber, or reflections that
result from a cable short
All 10-Mbps forms of Ethernet take octets received from the MAC sublayer and perform a
process called line encoding. Line encoding describes how the bits are actually signaled on the wire.
The simplest encodings have undesirable timing and electrical characteristics. Therefore, line codes
have been designed with desirable transmission properties. This form of encoding used in 10-Mbps
systems is called Manchester encoding.
...
149
Legacy Ethernet has common architectural features. Networks usually contain multiple types of
media. The standard ensures that interoperability is maintained. The overall architectural design is
most important in mixed-media networks. It becomes easier to violate maximum delay limits as the
network grows. The timing limits are based on the following types of parameters :
Delay of repeaters
Delay of transceivers
10-Mbps Ethernet operates within the timing limits for a series of up to five segments separated
by up to four repeaters. This is known as the 5-4-3 rule. No more than four repeaters can be used in
series between any two stations. There can also be no more than three populated segments between
any two stations.
7.1.2. 10BASE5
10BASE5 is important because it was the first medium used for Ethernet. 10BASE5 was part of
the original 802.3 standard. The primary benefit of 10BASE5 was length. 10BASE5 may be found in
legacy installations. It is not recommended for new installations. 10BASE5 systems are inexpensive
and require no configuration. Two disadvantages are that basic components like NICs are very difficult
to find and it is sensitive to signal reflections on the cable. 10BASE5 systems also represent a single
point of failure.
...
150
...
151
...
152
...
153
...
154
...
155
...
156
...
157
...
158
...
159
...
160
Frame format is the same, allowing interoperability between all varieties of legacy, fast,
gigabit, and 10 gigabit, with no reframing or protocol conversions.
Bit time is now 0.1 nanoseconds. All other time variables scale accordingly.
Since only full-duplex fiber connections are used, CSMA/CD is not necessary.
The IEEE 802.3 sublayers within OSI Layers 1 and 2 are mostly preserved, with a few
additions to accommodate 40 km fiber links and interoperability with SONET/SDH
technologies.
Flexible, efficient, reliable, relatively low cost end-to-end Ethernet networks become
possible.
TCP/IP can run over LANs, MANs, and WANs with one Layer 2 transport method.
...
161
10GBASE10GBASE-SW,
SW 10GBASE10GBASE-LW,
LW and 10GBASE10GBASE-EW Known collectively as 10GBASE-W,
intended to work with OC-192 synchronous transport module SONET/SDH WAN
equipment
The IEEE 802.3ae Task force and the 10-Gigabit Ethernet Alliance (10 GEA) are working to
standardize these emerging technologies.
10-Gbps Ethernet (IEEE 802.3ae) was standardized in June 2002. It is a full-duplex protocol
that uses only optic fiber as a transmission medium. The maximum transmission distances depend on
the type of fiber being used. When using single-mode fiber as the transmission medium, the maximum
transmission distance is 40 kilometers (25 miles). Some discussions between IEEE members have
begun that suggest the possibility of standards for 40, 80, and even 100-Gbps Ethernet.
7.2.6. 1010-Gigabit Ethernet architectures
As with the development of Gigabit Ethernet, the increase in speed comes with extra
requirements. The shorter bit time duration because of increased speed requires special
considerations. For 10 GbE transmissions, each data bit duration is 0.1 nanosecond. This means
there would be 1,000 GbE data bits in the same bit time as one data bit in a 10-Mbps Ethernet data
stream. Because of the short duration of the 10 GbE data bit, it is often difficult to separate a data bit
from noise. 10 GbE data transmissions rely on exact bit timing to separate the data from the effects of
noise on the physical layer. This is the purpose of synchronization.
In response to these issues of synchronization, bandwidth, and Signal-to-Noise Ratio, 10Gigabit Ethernet uses two separate encoding steps. By using codes to represent the user data,
transmission is made more efficient. The encoded data provides synchronization, efficient usage of
bandwidth, and improved Signal-to-Noise Ratio characteristics.
Complex serial bit streams are used for all versions of 10GbE except for 10GBASE-LX4, which
uses Wide Wavelength Division Multiplex (WWDM) to multiplex four bit simultaneous bit streams as
four wavelengths of light launched into the fiber at one time.
Figure 7.23 represents the particular case of using four slightly different wavelength, laser
sources. Upon receipt from the medium, the optical signal stream is demultiplexed into four separate
optical signal streams. The four optical signal streams are then converted back into four electronic bit
streams as they travel in approximately the reverse process back up through the sublayers to the MAC
layer.
Currently, most 10GbE products are in the form of modules, or line cards, for addition to highend switches and routers. As the 10GbE technologies evolve, an increasing diversity of signaling
components can be expected. As optical technologies evolve, improved transmitters and receivers will
be incorporated into these products, taking further advantage of modularity. All 10GbE varieties use
...
162
...
163
While 1-Gigabit Ethernet is now widely available and 10-Gigabit products becoming more
available, the IEEE and the 10-Gigabit Ethernet Alliance are working on 40, 100, or even 160 Gbps
standards. The technologies that are adopted will depend on a number of factors, including the rate of
maturation of the technologies and standards, the rate of adoption in the market, and cost.
Proposals for Ethernet arbitration schemes other than CSMA/CD have been made. The
problem of collisions with physical bus topologies of 10BASE5 and 10BASE2 and 10BASE-T and
100BASE-TX hubs is no longer common. Using UTP and optical fiber with separate Tx and Rx paths,
and the decreasing costs of switches make single shared media, half-duplex media connections much
less important.
The future of networking media is three-fold :
1. Copper (up to 1000 Mbps, perhaps more)
2. Wireless (approaching 100 Mbps, perhaps more)
3. Optical fiber (currently at 10,000 Mbps and soon to be more)
Copper and wireless media have certain physical and practical limitations on the highest
frequency signals that can be transmitted. This is not a limiting factor for optical fiber in the
foreseeable future. The bandwidth limitations on optical fiber are extremely large and are not yet being
threatened. In fiber systems, it is the electronics technology (such as emitters and detectors) and fiber
manufacturing processes that most limit the speed. Upcoming developments in Ethernet are likely to
be heavily weighted towards Laser light sources and single-mode optical fiber.
When Ethernet was slower, half-duplex, subject to collisions and a democratic process for
prioritization, was not considered to have the Quality of Service (QoS) capabilities required to handle
certain types of traffic. This included such things as IP telephony and video multicast.
The full-duplex high-speed Ethernet technologies that now dominate the market are proving to
be sufficient at supporting even QoS-intensive applications. This makes the potential applications of
Ethernet even wider. Ironically end-to-end QoS capability helped drive a push for ATM to the desktop
and to the WAN in the mid-1990s, but now it is Ethernet, not ATM that is approaching this goal.
Summary
Ethernet is a technology that has increased in speed one thousand times, from 10 Mbps to
10,000 Mbps, in less than a decade. All forms of Ethernet share a similar frame structure and this
leads to excellent interoperability. Most Ethernet copper connections are now switched full duplex, and
the fastest copper-based Ethernet is 1000BASE-T, or Gigabit Ethernet. 10 Gigabit Ethernet and faster
are exclusively optical fiber-based technologies.
...
164
Category 5e UTP cable and careful improvements in electronics are used to boost 100
Mbps per wire pair to 125 Mbps per wire pair.
All four wire pairs instead of just two. This allows 125 Mbps per wire pair, or 500 Mbps for
the four wire pairs.
Sophisticated electronics allow permanent collisions on each wire pair and run signals in
full duplex, doubling the 500 Mbps to 1000 Mbps.
On Gigabit Ethernet networks bit signals occur in one tenth of the time of 100 Mbps networks
and 1/100 of the time of 10 Mbps networks. With signals occurring in less time the bits become more
susceptible to noise. The issue becomes how fast the network adapter or interface can change
voltage levels to signal bits and still be detected reliably one hundred meters away at the receiving
NIC or interface. At this speed encoding and decoding data becomes even more complex.
The fiber versions of Gigabit Ethernet, 1000BASE-SX and 1000BASE-LX offer the following
advantages : noise immunity, small size, and increased unrepeated distances and bandwidth. The
IEEE 802.3 standard recommends that Gigabit Ethernet over fiber be the preferred backbone
technology.
...
165
Overview
Shared Ethernet works extremely well under ideal conditions. If the number of devices that try to
access the network is low, the number of collisions stays well within acceptable limits. However, when
the number of users on the network increases, the number of collisions can significantly reduce
performance. Bridges were developed to help correct performance problems that arose from
increased collisions. Switches evolved from bridges to become the main technology in modern
Ethernet LANs.
Collisions and broadcasts are expected events in modern networks. They are engineered into
the design of Ethernet and higher layer technologies. However, when collisions and broadcasts occur
in numbers that are above the optimum, network performance suffers. Collision domains and
broadcast domains should be designed to limit the negative effects of collisions and broadcasts. This
module explores the effects of collisions and broadcasts on network traffic and then describes how
bridges and routers are used to segment networks for improved performance.
8.1. Ethernet Switching
8.1.1. Layer 2 bridging
As more nodes are added to an Ethernet segment, use of the media increases. Ethernet is a
shared media, which means only one node can transmit data at a time. The addition of more nodes
increases the demands on the available bandwidth and places additional loads on the media. This
also increases the probability of collisions, which results in more retransmissions. A solution to the
problem is to break the large segment into parts and separate it into isolated collision domains.
To accomplish this a bridge keeps a table of MAC addresses and the associated ports. The
bridge then forwards or discards frames based on the table entries.
The bridge has just been started so the bridge table is empty. The bridge just waits for
traffic on the segment. When traffic is detected, it is processed by the bridge.
Host A pings Host B. Since the data is transmitted on the entire collision domain segment,
both the bridge and Host B process the packet.
The bridge adds the source address of the frame to its bridge table. Since the address was
in the source address field and the frame was received on Port 1, the frame must be
associated with Port 1 in the table.
The destination address of the frame is checked against the bridge table. Since the
address is not in the table, even though it is on the same collision domain, the frame is
forwarded to the other segment. The address of Host B has not been recorded yet.
Host B processes the ping request and transmits a ping reply back to Host A. The data is
transmitted over the whole collision domain. Both Host A and the bridge receive the frame
and process it.
The bridge adds the source address of the frame to its bridge table. Since the source
address was not in the bridge table and was received on Port 1, the source address of the
frame must be associated with Port 1 in the table.
The destination address of the frame is checked against the bridge table to see if its entry
is there. Since the address is in the table, the port assignment is checked. The address of
Host A is associated with the port the frame was received on, so the frame is not forwarded.
Host A pings Host C. Since the data is transmitted on the entire collision domain segment,
both the bridge and Host B process the frame. Host B discards the frame since it was not
the intended destination.
The bridge adds the source address of the frame to its bridge table. Since the address is
already entered into the bridge table the entry is just renewed.
The destination address of the frame is checked against the bridge table. Since the
address is not in the table, the frame is forwarded to the other segment. The address of
Host C has not been recorded yet.
Host C processes the ping request and transmits a ping reply back to Host A. The data is
transmitted over the whole collision domain. Both Host D and the bridge receive the frame
and process it. Host D discards the frame since it is not the intended destination.
The bridge adds the source address of the frame to its bridge table. Since the address was
in the source address field and the frame was received on Port 2, the frame must be
associated with Port 2 in the table.
The destination address of the frame is checked against the bridge table to see if its entry
is present. The address is in the table but it is associated with Port 1, so the frame is
forwarded to the other segment.
When Host D transmits data, its MAC address will also be recorded in the bridge table.
This is how the bridge controls traffic between to collision domains.
These are the steps that a bridge uses to forward and discard frames that are received on any
of its ports.
...
167
...
168
Media delays may be caused by the finite speed that signals can travel through the
physical media.
Circuit delays may be caused by the electronics that process the signal along the path.
Software delays may be caused by the decisions that software must make to implement
switching and protocols.
Delays may be caused by the content of the frame and the location of the frame switching
decisions. For example, a device cannot route a frame to a destination until the destination
MAC address has been read.
...
169
...
170
...
171
STP is used to create a logical hierarchical tree with no loops. However, the alternate paths are
still available if necessary.
8.2. Collision Domains and Broadcast Domains
8.2.1. Shared media environments
Here are some examples of shared media and directly connected networks :
Shared media environment This occurs when multiple hosts have access to the same
medium. For example, if several PCs are attached to the same physical wire or optical fiber,
they all share the same media environment.
Extended shared media environment This is a special type of shared media environment
in which networking devices can extend the environment so that it can accommodate
multiple access or longer cable distances.
PointPoint-toto-point network environment This is widely used in dialup network connections and
is most common for home users. It is a shared network environment in which one device is
connected to only one other device. An example is a PC that is connected to an Internet
service provider through a modem and a phone line.
...
172
...
173
The 5-4-3-2-1 rule also provides guidelines to keep round-trip delay time within acceptable limits
(see Figure 8.14 in the next page).
8.2.3. Segmentation
The history of how Ethernet handles collisions and collision domains dates back to research at
the University of Hawaii in 1970. In its attempts to develop a wireless communication system for the
...
174
...
175
...
176
...
177
By using a router in
place of a bridging
device a Layer 2
broadcast is
contained. Layer 3
devices are the only
devices that contain
broadcast
...
178
Data flow in a
network focuses on
Layer 1, 2, and 3 of
the OSI model. This
is after being
transmitted by the
sending host and
before at the
receiving host
...
179
One of the parts into which an entity, or quantity is divided or marked off by or as if by
natural boundaries
In a LAN using a bus topology, a segment is a continuous electrical circuit that is often
connected to other such segments with repeaters.
Term used in the TCP specification to describe a single transport layer unit of information.
The terms datagram, frame, message, and packet are also used to describe logical
information groupings at various layers of the OSI reference model and in various
technology circles.
To properly define the term segment, the context of the usage must be presented with the word.
If segment is used in the context of TCP, it would be defined as a separate piece of the data. If
segment is being used in the context of physical networking media in a routed network, it would be
seen as one of the parts or sections of the total network.
Figure 8.22. Segments : there are different types of segments in the networking. The meaning of term
segments depends on the context of a sentence
Summary
Ethernet is a shared media, baseband technology, which means only one node can transmit
data at a time. Increasing the number of nodes on a single segment increases demand on the
available bandwidth. This in turn increases the probability of collisions. A solution to the problem is to
break a large network segment into parts and separate it into isolated collision domains. Bridges and
switches are used to segment the network into multiple collision domains.
A bridge builds a bridge table from the source addresses of packets it processes. An address is
associated with the port the frame came in on. Eventually the bridge table contains enough address
information to allow the bridge to forward a frame out a particular port based on the destination
address. This is how the bridge controls traffic between two collision domains.
Switches learn in much the same way as bridges but provide a virtual connection directly
between the source and destination nodes, rather than the source collision domain and destination
collision domain. Each port creates its own collision domain. A switch dynamically builds and
maintains a Content-Addressable Memory (CAM) table, holding all of the necessary MAC information
...
180
...
181
Overview
The Internet was developed to provide a communication network that could function in wartime.
Although the Internet has evolved from the original plan, it is still based on the TCP/IP protocol suite.
The design of TCP/IP is ideal for the decentralized and robust Internet. Many common protocols were
designed based on the four-layer TCP/IP model.
It is useful to know both the TCP/IP and OSI network models. Each model uses its own
structure to explain how a network works. However, there is much overlap between the two models. A
system administrator should be familiar with both models to understand how a network functions.
Any device on the Internet that wants to communicate with other Internet devices must have a
unique identifier. The identifier is known as the IP address because routers use a Layer 3 protocol
called the IP protocol to find the best route to that device. The current version of IP is IPv4. This was
designed before there was a large demand for addresses. Explosive growth of the Internet has
threatened to deplete the supply of IP addresses. Subnets, Network Address Translation (NAT), and
private addresses are used to extend the supply of IP addresses. IPv6 improves on IPv4 and provides
a much larger address space. Administrators can use IPv6 to integrate or eliminate the methods used
to work with IPv4.
In addition to the physical MAC address, each computer needs a unique IP address to be part
of the Internet. This is also called the logical address. There are several ways to assign an IP address
to a device. Some devices always have a static address. Others have a temporary address assigned
to them each time they connect to the network. When a dynamically assigned IP address is needed, a
device can obtain it several ways.
9.1. Introduction to TCP/IP
9.1.1. History and future of TCP/IP
The U.S. Department of Defense (DoD) created the TCP/IP reference model because it wanted
a network that could survive any conditions. To illustrate further, imagine a world, crossed by multiple
cable runs, wires, microwaves, optical fibers, and satellite links. Then imagine a need for data to be
transmitted without regard for the condition of any particular node or network. The U.S. DoD required
reliable data transmission to any destination on the network under any circumstances. The creation of
the TCP/IP model helped to solve this difficult design problem. The TCP/IP model has since become
the standard on which the Internet is based.
Think about the layers of the TCP/IP model layers in relation to the original intent of the Internet.
This will help reduce confusion. The four layers of the TCP/IP model are the application layer,
transport layer, Internet layer, and network access layer. Some of the layers in the TCP/IP model have
the same name as layers in the OSI model. It is critical not to confuse the layer functions of the two
models because the layers include different functions in each model. The present version of TCP/IP
was standardized in September of 1981.
File Transfer Protocol (FTP) FTP is a reliable, connection-oriented service that uses TCP
to transfer files between systems that support FTP. It supports bi-directional binary file and
ASCII file transfers.
Trivial File Transfer Protocol (TFTP) TFTP is a connectionless service that uses the User
Datagram Protocol (UDP). TFTP is used on the router to transfer configuration files and
Cisco IOS images, and to transfer files between systems that support TFTP. It is useful in
some LANs because it operates faster than FTP in a stable environment.
Network File System (NFS) NFS is a distributed file system protocol suite developed by
Sun Microsystems that allows file access to a remote storage device such as a hard disk
across a network.
...
183
Simple Mail Transfer Protocol (SMTP) SMTP administers the transmission of e-mail over
computer networks. It does not provide support for transmission of data other than plain
text.
Telnet Telnet provides the capability to remotely access another computer. It enables a
user to log into an Internet host and execute commands. A Telnet client is referred to as a
local host. A Telnet server is referred to as a remote host.
Simple Network Management Protocol (SNMP) SNMP is a protocol that provides a way
to monitor and control network devices. SNMP is also used to manage configurations,
statistics, performance, and security.
Domain Name System (DNS) DNS is a system used on the Internet to translate domain
names and publicly advertised network nodes into IP addresses.
The Internet is often represented by a cloud. The transport layer sends data packets from a
source to a destination through the cloud. The primary duty of the transport layer is to provide end-toend control and reliability as data travels through this cloud. This is accomplished through the use of
sliding windows, sequence numbers, and acknowledgments. The transport layer also defines end-toend connectivity between host applications. Transport layer protocols include TCP and UDP.
...
184
Internet Control Message Protocol (ICMP) provides control and messaging capabilities.
Address Resolution Protocol (ARP) determines the data link layer address, or MAC
address, for known IP addresses.
Reverse Address Resolution Protocol (RARP) determines the IP address for a known MAC
address.
Transfers data between the Internet layer and network access layer
...
185
...
186
TCP/IP combines the OSI application, presentation, and session layers into its application
layer.
TCP/IP combines the OSI data link and physical layers into its network access layer.
When the TCP/IP transport layer uses UDP it does not provide reliable delivery of packets.
The transport layer in the OSI model always does.
The Internet was developed based on the standards of the TCP/IP protocols. The TCP/IP model
gains credibility because of its protocols. The OSI model is not generally used to build networks. The
OSI model is used as a guide to help students understand the communication process.
...
187
...
188
Figure 9.11. Users see TCP/IP cloud (left) and physical detail hidden from user (right)
Two computers located anywhere in the world that follow certain hardware, software, and
protocol specifications can communicate reliably. The standardization of ways to move data across
networks has made the Internet possible.
9.2. Internet
Internet Addresses
9.2.1. IP addressing
For any two systems to communicate, they must be able to identify and locate each other. The
addresses in Figure 9.12 are not actual network addresses. They represent and show the concept of
address grouping.
...
189
...
190
Figure 9.17. Two bytes : conversion of 6783 decimal to 00011010 01111111 binary
The second example is 104. Since this number is less than 255, it can be represented by one
byte. The binary equivalent of 104 is 01101000.
Figure 9.18. One byte (eight bits number) : conversion of 104 decimal to 01101000 binary
...
191
Figure 9.19. Two bytes : conversion of 00000100 00011101 binary to 1053 decimal
9.2.3. IPv4 addressing
A router uses IP to forward packets from the source network to the destination network. The
packets must include an identifier for both the source and destination networks. A router uses the IP
address of the destination network to deliver a packet to the correct network. When the packet arrives
at a router connected to the destination network, the router uses the IP address to locate the specific
computer on the network. This system works in much the same way as the national postal system.
When the mail is routed, the zip code is used to deliver it to the post office at the destination city. That
post office must use the street address to locate the final destination in the city.
...
192
...
193
...
194
...
195
Broadcast address Used for broadcasting packets to all the devices on a network
In Figure 9.31, the section that is identified by the upper box represents the
198.150.11.255 broadcast address. Data that is sent to the broadcast address will be read
by all hosts on that network (198.150.11.1- 198.150.11.254). The LAN that is contained in
the lower box is treated the same as the upper LAN, except that its broadcast address is
198.150.12.255.
...
196
...
197
Figure 9.34. Broadcast transmission : host 176.10.16.1 use broadcast transmission to find DNS server
9.2.6. Public and private IP addresses
The stability of the Internet depends directly on the uniqueness of publicly used network
addresses. In Figure 9.35, there is an issue with the network addressing scheme. In looking at the
networks, both have a network address of 198.150.11.0. The router in this illustration will not be able
to forward the data packets correctly. Duplicate network IP addresses prevent the router from
performing its job of best path selection. Unique addresses are required for each device on a network.
...
198
...
199
...
200
Exhaustion of the remaining, unassigned IPv4 network addresses. At the time, the Class B
space was on the verge of depletion.
The rapid and large increase in the size of Internet routing tables occurred as more Class
C networks came online. The resulting flood of new network information threatened the
ability of Internet routers to cope effectively.
Over the past two decades, numerous extensions to IPv4 have been developed. These
extensions are specifically designed to improve the efficiency with which the 32-bit address space can
be used. Two of the more important of these are subnet masks and classless interdomain routing
(CIDR), which are discussed in more detail in later lessons.
Meanwhile, an even more extendible and scalable version of IP, IP Version 6 (IPv6), has been
defined and developed. IPv6 uses 128 bits rather than the 32 bits currently used in IPv4. IPv6 uses
hexadecimal numbers to represent the 128 bits. IPv6 provides 640 sextrillion addresses. This version
of IP should provide enough addresses for future communication needs.
Figure 9.42 shows an IPv4 address and an IPv6 address. IPv4 addresses are 32 bits long,
written in decimal form, and separated by periods. IPv6 addresses are 128-bits long and are identifiers
for individual interfaces and sets of interfaces. IPv6 addresses are assigned to interfaces, not nodes.
...
201
...
202
...
203
...
204
Figure 9.46. In RARP request, destination MAC address is set to FF:FF:FF:FF:FF:FF (step 1 4)
...
205
...
206
...
207
...
208
...
209
...
210
...
211
...
212
...
213
...
214
...
215
...
216
...
217
Overview
Internet Protocol (IP) is the main routed protocol of the Internet. IP addresses are used to route
packets from a source to a destination through the best available path. The propagation of packets,
encapsulation changes, and connection-oriented and connectionless protocols are also critical to
ensure that data is properly transmitted to its destination. This module will provide an overview for
each.
The difference between routing and routed protocols is a common source of confusion. The two
words sound similar but are quite different. Routers use routing protocols to build tables that are used
to determine the best path to a host on the Internet.
Not all organizations can fit into the three class system of A, B, and C addresses. Flexibility
exists within the class system through subnets. Subnets allow network administrators to determine the
size of the network they will work with. After they decide how to segment their networks, they can use
subnet masks to determine the location of each device on a network.
10.1. Routed Protocol
10.1.1. Routable and routed protocols
A protocol is a set of rules that determines how computers communicate with each other across
networks. Computers exchange data messages to communicate with each other. To accept and act
on these messages, computers must have sets of rules that determine how a message is interpreted.
Examples include messages used to establish a connection to a remote machine, e-mail messages,
and files transferred over a network.
A protocol describes the following :
The way that computers must exchange messages for specific activities
A routed protocol allows the router to forward data between nodes on different networks. A
routable protocol must provide the ability to assign a network number and a host number to each
device. Some protocols, such as IPX, require only a network number. These protocols use the MAC
address of the host for the host number. Other protocols, such as IP, require an address with a
network portion and a host portion. These protocols also require a network mask to differentiate the
two numbers. The network address is obtained by ANDing the address with the network mask.
The reason that a network mask is used is to allow groups of sequential IP addresses to be
treated as a single unit (see Figure 10.2). If this grouping were not allowed, each host would have to
be mapped individually for routing. This would be impossible, because according to the Internet
Software Consortium there are approximately 233,101,500 hosts on the Internet.
10.1.2. IP as a routed protocol
IP is the most widely used implementation of a hierarchical network-addressing scheme. IP is a
connectionless, unreliable, best-effort delivery protocol. The term connectionless means that no
...
219
...
220
a.
b.
c.
d.
e.
...
221
f.
g.
h.
i.
...
222
...
223
Version Specifies the format of the IP packet header. The 4-bit version field contains the
number 4 if it is an IPv4 packet and 6 if it is an IPv6 packet. However, this field is not used
to distinguish between IPv4 and IPv6 packets. The protocol type field present in the Layer
2 envelope is used for that.
IP header length (HLEN) Indicates the datagram header length in 32-bit words. This is
the total length of all header information and includes the two variable-length header fields.
Type of service
service (ToS) 8 bits that specify the level of importance that has been assigned
by a particular upper-layer protocol.
Total length 16 bits that specify the length of the entire packet in bytes. This includes the
data and header. To get the length of the data payload subtract the HLEN from the total
length.
Identification 16 bits that identify the current datagram. This is the sequence number.
Flags A 3-bit field in which the two low-order bits control fragmentation. One bit specifies
if the packet can be fragmented and the other indicates if the packet is the last fragment in
a series of fragmented packets.
Fragment offset 13 bits that are used to help piece together datagram fragments. This
field allows the previous field to end on a 16-bit boundary.
Time to Live (TTL) A field that specifies the number of hops a packet may travel. This
number is decreased by one as the packet travels through a router. When the counter
reaches zero the packet is discarded. This prevents packets from looping endlessly.
Protocol 8 bits that indicate which upper-layer protocol such as TCP or UDP receives
incoming packets after the IP processes have been completed.
Source address 32 bits that specify the IP address of the node from which the packet
was sent.
Destination address 32 bits that specify the IP address of the node to which the data is
sent.
Options Allows IP to support various options such as security. The length of this field
varies.
Figure 10.9. Network layer field : these are the header fields in an IP packet header. All field lengths
are fixed except for IP option and the padding fields
...
224
Padding Extra zeros are added to this field to ensure that the IP header is always a
multiple of 32 bits.
While the IP source and destination addresses are important, the other header fields have
made IP very flexible. The header fields list the source and destination address information of the
packet and often indicate the length of the message data. The information for routing the message is
also contained in IP headers, which can get long and complex
10.2. IP Routing Protocols
10.2.1. Routing overview
Routing is an OSI Layer 3 function. Routing is a hierarchical organizational scheme that allows
individual addresses to be grouped together. These individual addresses are treated as a single unit
until the destination address is needed for final delivery of the data. Routing finds the most efficient
path from one device to another. The primary device that performs the routing process is the router.
The following are the two key functions of a router :
Routers must maintain routing tables and make sure other routers know of changes in the
network topology. They use routing protocols to communicate network information with
other routers.
When packets arrive at an interface, the router must use the routing table to determine
where to send them. The router switches the packets to the appropriate interface, adds the
frame information for the interface, and then transmits the frame.
A router is a network layer device that uses one or more routing metrics to determine the
optimal path along which network traffic should be forwarded. Routing metrics are values that are
used to determine the advantage of one route over another. Routing protocols use various
combinations of metrics to determine the best path for data.
Figure 10.10. Routing metric : the network layer is responsible for routing packets through a network.
Routers interconnect network segments or entire networks. Routers pass data frames between
networks based on Layer 3 information. Routers make logical decisions about the best path for the
delivery of data. Routers then direct packets to the appropriate output port to be encapsulated for
...
225
...
226
...
227
...
228
Includes any network protocol suite that provides enough information in its network layer
address to allow a router to forward it to the next device and ultimately to its destination
The Internet Protocol (IP) and Novell Internetwork Packet Exchange (IPX) are examples of
routed protocols. Other examples include DECnet, AppleTalk, Banyan VINES, and Xerox Network
Systems (XNS).
Routers use routing protocols to exchange routing tables and share routing information. In other
words, routing protocols enable routers to route routed protocols.
Some functions of a routing protocol are as follows :
Allows routers to communicate with other routers to update and maintain the routing tables
Examples of routing protocols that support the IP routed protocol include RIP, IGRP, OSPF,
BGP, and EIGRP.
...
229
Figure 10.17. The routing process : while some steps have been left out for clarity, this is the
fundamental process used by a router to route data
The following process is used to determine the path for every packet that is routed :
The router compares the IP address of the packet that it received to the IP tables that it
has.
The mask of the first entry in the routing table is applied to the destination address.
The masked destination and the routing table entry are compared.
...
230
If there is a match, the packet is forwarded to the port that is associated with that table
entry.
If the packet does not match any entries in the table, the router checks to see if a default
route has been set.
If a default route has been set, the packet is forwarded to the associated port. A default
route is a route that is configured by the network administrator as the route to use if there
are no matches in the routing table.
If there is no default route, the packet is discarded. A message is often sent back to the
device that sent the data to indicate that the destination was unreachable.
Protocol type Identifies the type of routing protocol that created each entry.
NextNext-hop associations Tell a router that a destination is either directly connected to the
router or that it can be reached through another router called the next-hop on the way to
the destination. When a router receives a packet, it checks the destination address and
attempts to match this address with a routing table entry.
...
231
Routing metric Different routing protocols use different routing metrics. Routing metrics
are used to determine the desirability of a route. For example, RIP uses hop count as its
only routing metric. IGRP uses bandwidth, load, delay, and reliability metrics to create a
composite metric value.
Outbound interfaces The interface that the data must be sent out of to reach the final
destination.
Routers communicate with one another to maintain their routing tables through the transmission
of routing update messages. Some routing protocols transmit update messages periodically. Other
protocols send them only when there are changes in the network topology. Some protocols transmit
the entire routing table in each update message and some transmit only routes that have changed.
Routers analyze the routing updates from directly-connected routers to build and maintain their routing
tables.
10.2.6. Routing algorithms and metrics
An algorithm is a detailed solution to a problem. Different routing protocols use different
algorithms to choose the port to which a packet should be sent. Routing algorithms depend on metrics
to make these decisions.
Routing protocols often have one or more of the following design goals :
Optimization This is the capability of a routing algorithm to select the best route. The
route will depend on the metrics and metric weights used in the calculation. For example,
one algorithm may use both hop count and delay metrics, but may consider delay metrics
as more important in the calculation.
Robustness and stability A routing algorithm should perform correctly when confronted by
unusual or unforeseen circumstances, such as hardware failures, high load conditions, and
implementation errors.
Routing algorithms use different metrics to determine the best route. Each routing algorithm
interprets what is best in its own way. A routing algorithm generates a number called a metric value for
each path through a network. Sophisticated routing algorithms base route selection on multiple metrics
that are combined in a composite metric value. Typically, smaller metric values indicate preferred
paths.
...
232
Bandwidth Bandwidth is the data capacity of a link. Normally, a 10-Mbps Ethernet link is
preferable to a 64-kbps leased line.
Delay Delay is the length of time required to move a packet along each link from a source
to a destination. Delay depends on the bandwidth of intermediate links, the amount of data
that can be temporarily stored at each router, network congestion, and physical distance.
Load Load is the amount of activity on a network resource such as a router or a link.
Reliability Reliability is usually a reference to the error rate of each network link.
Hop count Hop count is the number of routers that a packet must travel through before
reaching its destination. Each router is equal to one hop. A hop count of four indicates that
data would have to pass through four routers to reach its destination. If multiple paths are
available to a destination, the path with the least number of hops is preferred.
Ticks The delay on a data link using IBM PC clock ticks. One tick is approximately 1/18
second.
Cost Cost is an arbitrary value, usually based on bandwidth, monetary expense, or other
measurement, that is assigned by a network administrator.
Figure 10.19. Routing algorithms and metrics. Routing metrics are the values used to determine the
best path to the next hop
10.2.7. IGP and EGP
An autonomous system is a network or set of networks under common administrative control,
such as the cisco.com domain. An autonomous system consists of routers that present a consistent
view of routing to the external world.
...
233
Routing Information Protocol (RIP) The most common IGP in the Internet, RIP uses hop
count as its only routing metric.
Enhanced IGRP (EIGRP) This Cisco-proprietary IGP includes many of the features of a
link-state routing protocol. Because of this, it has been called a balanced-hybrid protocol,
but it is really an advanced distance-vector routing protocol.
Link-state routing protocols were designed to overcome limitations of distance vector routing
protocols. Link-state routing protocols respond quickly to network changes sending trigger updates
only when a network change has occurred. Link-state routing protocols send periodic updates, known
as link-state refreshes, at longer time intervals, such as every 30 minutes.
When a route or link changes, the device that detected the change creates a link-state
advertisement (LSA) concerning that link. The LSA is then transmitted to all neighboring devices. Each
routing device takes a copy of the LSA, updates its link-state database, and forwards the LSA to all
neighboring devices. This flooding of LSAs is required to ensure that all routing devices create
databases that accurately reflect the network topology before updating their routing tables.
Link-state algorithms typically use their databases to create routing table entries that prefer the
shortest path. Examples of link-state protocols include Open Shortest Path First (OSPF) and
Intermediate System-to-Intermediate System (IS-IS).
10.2.9. Routing protocols
RIP is a distance vector routing protocol that uses hop count as its metric to determine the
direction and distance to any link in the internetwork. If there are multiple paths to a destination, RIP
selects the path with the least number of hops. However, because hop count is the only routing metric
...
234
...
235
...
236
...
237
of borrowed bits
2
2
=
=
usable subnets
6
Number of usable hosts = two to the power of the bits remaining, minus
two. The minus two is for the reserved addresses for subnet id and subnet broadcast.
(2 power
(25)
2
2
=
=
usable hosts
30
...
238
...
239
...
240
...
241
The host address made up of the bits left after borrowing some for subnets
Routers use subnet masks to determine the subnetwork portion of an address for an incoming
packet. This process is referred to as logical ANDing.
...
242
Overview
The TCP/IP transport layer transports data between applications on source and destination
devices. Familiarity with the transport layer is essential to understand modern data networks. This
module will describe the functions and services of this layer.
Many of the network applications that are found at the TCP/IP application layer are familiar to
most network users. HTTP, FTP, and SMTP are acronyms that are commonly seen by users of Web
browsers and e-mail clients. This module also describes the function of these and other applications
from the TCP/IP networking model.
11.1. TCP/IP Transport Layer
11.1.1. Introduction to the TCP/IP transport layer
The primary duties of the transport layer are to transport and regulate the flow of information
from a source to a destination, reliably and accurately. End-to-end control and reliability are provided
by sliding windows, sequencing numbers, and acknowledgments.
...
244
First, a high-speed computer might generate traffic faster than a network can transfer it.
When datagrams arrive too quickly for a host or gateway to process, they are temporarily stored
in memory. If the traffic continues, the host or gateway eventually exhausts its memory and must
discard additional datagrams that arrive.
Instead of allowing data to be lost, the TCP process on the receiving host can issue a not
ready indicator to the sender. This indicator signals the sender to stop data transmission. When the
receiver can handle additional data, it sends a ready transport indicator. When this indicator is
received, the sender can resume the segment transmission.
...
245
...
246
...
247
...
248
Sequence number Number used to ensure the data arrives in the correct order
Option
Option One option currently defined, maximum TCP segment size
...
249
Registered port numbers are for vendor-specific applications. Most of these are above
1024.
...
250
DNS
FTP
HTTP
SMTP
SNMP
Telnet
...
251
...
252
...
253
...
254
...
255
Network management system (NMS) NMS executes applications that monitor and control
managed devices. The bulk of the processing and memory resources required for network
management are provided by NMS. One or more NMSs must exist on any managed
network.
Managed devices Managed devices are network nodes that contain an SNMP agent and
that reside on a managed network. Managed devices collect and store management
information and make this information available to NMSs using SNMP. Managed devices,
sometimes called network elements, can be routers, access servers, switches, and bridges,
hubs, computer hosts, or printers.
11.2.7. Telnet
Telnet client software provides the ability to login to a remote Internet host that is running a
Telnet server application and then to execute commands from the command line. A Telnet client is
referred to as a local host. Telnet server, which uses special software called a daemon, is referred to
as a remote host.
...
256
Domain Name System (DNS) - Used in IP networks to translate names of network nodes into IP
addresses
File Transfer Protocol (FTP) - Used for transferring files between networks
Hypertext Transfer Protocol (HTTP) - Used to deliver hypertext markup language (HTML) documents
to a client application, such as a WWW browser
Simple Mail Transfer Protocol (SMTP) - Used to provide electronic mail services
Simple Network Management Protocol (SNMP) - Used to monitor and control network devices and to
manage configurations, statistics collection, performance and security
Telnet - Used to login to a remote host that is running a Telnet server application and then to execute
commands from the command line
...
257