Professional Documents
Culture Documents
COE141 Notes
COE141 Notes
Common Terms
1. Data Payload – information conveyed.
2. Packet – data unit switched and transmitted on
the network.
3. Header – information segment added before
the data payload.
4. Tail – information segment added after the data
payload.
Routers o Implementing network address
translation
• Router: a network-layer device that forwards o Implementing other security functions
data packets on the Internet. Based on the
destination address in a received packet, a
router selects a path to send the packet to the
next router or destination. The last router on the
path is responsible for sending the packet to the
destination host.
o Implementing communication
between networks of
the same type or different types
o Isolating broadcast domains
o Maintaining the routing table and
running
routing protocols
o Selecting routes and forwarding IP
packets
o Implementing WAN access and
network
address translation
o Connecting Layer 2 networks
established through switches
Wireless Devices
Firewalls
LAN, MAN, and WAN
• Firewall: a network security device used to Local Area Networks (LANs)
ensure secure communication between two
networks. It monitors, restricts, and modifies • A LAN is a network that consists of computers,
data flows passing through it to shield servers, and network devices in a geographic
information, structure, and running status of area. The coverage of a LAN is generally within
internal networks from the public network. several thousand square meters.
o Isolating networks of different security • Typical LANs include a company's office
levels network, a cyber bar network, a home network.
o Implementing access control (using
security policies) Metropolitan Area Networks (MANs)
between networks of different security • A MAN is a computer communication network
levels established within a city.
o Implementing user identity • Typical MANs include broadband MANs,
authentication education MANs, and municipal or provincial
o Implementing remote access e-government private lines.
o Supporting data encryption and VPN
services
Wide Area Networks (WANs) Network Engineering
• A WAN generally covers a large geographical • Network engineering refers to planning and
area ranging from tens of square kilometers to designing feasible solutions based on network
thousands of square kilometers. It can connect application requirements and computer
networks of multiple cities or even networks of network system standards, specifications, and
countries (as an international large-scale technologies under the guidance of information
network) and provide long-distance system engineering methods and complete
communication. organizations, as well as integrating computer
• The Internet is a typical WAN. network hardware devices, software, and
technologies to form a cost-effective network
system that meets user requirements.
• Technical modules covered by network
engineering:
Network Topologies
TCP Connection Setup – Three-Way Handshake • Assume that PC1 needs to send segments of
data to PC2. The transmission process is as
• Before sending data, a TCP-based application follows:
needs to establish a connection through three- o PC1 numbers each byte to be sent by
way handshake. TCP. Assume that the number of the
• The TCP connection setup process is as first byte is a+1. Then, the number of
follows: the second byte is a+2, the number of
o The TCP connection initiator (PC1 in the third byte is a+3, and so on.
the figure) sends the first TCP segment o PC1 uses the number of the first byte of
with SYN being set. The initial each segment of data as the sequence
sequence number a is a randomly number and sends out the TCP
generated number. The segment.
acknowledgment number is 0 because
o After receiving the TCP segment from disconnect the TCP connection and release
PC1, PC2 needs to acknowledge the system resources.
segment and request the next segment
of data. How is the next segment of
data determined? Sequence number
(a+1) + Payload length = Sequence
number of the first byte of the next
segment (a+1+12)
o After receiving the TCP segment sent
by PC2, PC1 finds that the
acknowledgment number is a+1+12,
indicating that the segments from a+1
to a+12 have been received and the
sequence number of the upcoming • TCP supports data transmission in full-duplex
segment to be sent should be a+1+12. mode, which means that data can be transmitted
• To improve the sending efficiency, multiple in both directions at the same time. Before data
segments of data can be sent at a time by the is transmitted, TCP sets up a connection in both
sender and then acknowledged at a time by the directions through three-way handshake.
receiver. Therefore, after data transmission is complete,
the connection must be closed in both
TCP Window Sliding Mechanism directions. This is shown in the figure.
• TCP uses the sliding window mechanism to 1. PC1 sends a TCP segment with FIN
control the data transmission rate. being set. The segment does not carry
data.
2. After receiving the TCP segment from
PC1, PC2 replies with a TCP segment
with ACK being set.
3. PC2 checks whether data needs to be
sent. If so, PC2 sends the data, and then
a TCP segment with FIN being set to
close the connection. Otherwise, PC2
directly sends a TCP segment with FIN
• During the TCP three-way handshake, both being set.
ends notify each other of the maximum number 4. After receiving the TCP segment with
of bytes (buffer size) that can be received by the FIN being set, PC1 replies with an
local end through the Window field. ACK segment. The TCP connection is
• After the TCP connection is set up, the sender then torn down in both directions.
sends data of the specified number of bytes
based on the window size declared by the Network Layer
receiver.
• The transport layer is responsible for
• After receiving the data, the receiver stores the
establishing connections between processes on
data in the buffer and waits for the upper-layer
hosts, and the network layer is responsible for
application to obtain the buffered data. After the
transmitting data from one host to another.
data is obtained by the upper-layer application,
• PDUs transmitted at the network layer are
the corresponding buffer space is released.
called packets.
• The receiver notifies the current acceptable data
• The network layer is also called the Internet
size (window) according to its buffer size.
layer.
• The sender sends a certain amount of data based
o It sends packets from source hosts to
on the current window size of the receiver
destination hosts.
TCP Shutdown – Four-Way Handshake • Functions of the network layer:
o Provides logical addresses for network
• After data transmission is complete, TCP needs devices.
to use the four-way handshake mechanism to o Routes and forwards data packets.
o Common network layer protocols Data Link Layer
include IPv4, IPv6, ICMP, and IGMP.
• The data link layer is located between the
• Internet Protocol Version 4 (IPv4) is the most
network layer and the physical layer and
widely used network layer protocol.
provides services for protocols such as IP and
Working Process of a Network Layer Protocol IPv6 at the network layer. PDUs transmitted at
the data link layer are called frames.
• When IP is used as the network layer protocol,
• Ethernet is the most common data link layer
both communication parties are assigned a
protocol.
unique IP address to identify themselves. An IP
• The data link layer is located between the
address can be written as a 32-bit binary integer.
network layer and the physical layer.
To facilitate reading and analysis, an IP address
o The data link layer provides intra-
is usually represented in dot-decimal notation,
segment communication for the
consisting of four decimal numbers, each
network layer.
ranging from 0 to 255, separated by dots, such
o The functions of the data link layer
as, 192.168.1.1.
include framing, physical addressing,
• Encapsulation and forwarding of IP data
and error control.
packets:
o Common data link layer protocols
o When receiving data from an upper
include Ethernet, PPPoE, and PPP.
layer (such as the transport layer), the
network layer encapsulates an IP Ethernet and Source MAC Addresses
packet header and adds the source and
destination IP addresses to the header. • Ethernet:
o Each intermediate network device o Ethernet is a broadcast multiple access
(such as a router) maintains a routing protocol that works at the data link
table that guides IP packet forwarding layer protocol.
like a map. After receiving a packet, the o The network interfaces of PCs comply
intermediate network device reads the with the Ethernet standard.
destination address of the packet, o Generally, a broadcast domain
searches the local routing table for a corresponds to an IP network segment.
matching entry, and forwards the IP • Ethernet Source MAC Address
packet according to the instruction of o A media access control (MAC) address
the matching entry. uniquely identifies a NIC on a network.
o When the IP packet reaches the Each NIC requires and has a unique
destination host, the destination host MAC address.
determines whether to accept the o MAC addresses are used to locate
packet based on the destination IP specific physical devices in an IP
address and then processes the packet network segment.
accordingly. o A device that works at the data link
• When the IP protocol is running, routing layer, such as an Ethernet switch,
protocols such as OSPF, IS-IS, and BGP are maintains a MAC address table to
required to help routers build routing tables, and guide data frame forwarding.
ICMP is required to help control networks and • A MAC address is recognizable as six groups of
diagnose network status. two hexadecimal digits, separated by hyphens,
• The network layer header of a packet sent by a colons, or without a separator. Example: 48-A4-
source device carries the network layer 72-1C-8F-4F
addresses of the source and destination devices. Address Resolution Protocol (ARP)
• Each network device (such as a router) that has
the routing function maintains a routing table • Discovers the MAC address associated with a
(like a map of the network device). given IP address.
• After receiving a packet, the network device • The Address Resolution Protocol (ARP) is a
reads the network layer destination address of TCP/IP protocol that discovers the data link
the packet, searches the routing table for the layer address associated with a given IP
matching entry of the destination address, and address.
forwards the packet according to the instruction • ARP is an indispensable protocol in IPv4. It
of the matching entry. provides the following functions:
o Discovers the MAC address associated o In this step, Host 2 has discovered the
with a given IP address. MAC address of Host 1, so the ARP
o Maintains and caches the mapping reply is a unicast data frame.
between IP addresses and MAC • Step 6
addresses through ARP entries. o After receiving the unicast data frame,
o Detects duplicate IP addresses on a the switch forwards the frame.
network segment. • Step 7
o After receiving the ARP reply message,
Host 1 checks whether it is the
destination of the message based on the
carried destination IP address.
o If so, Host 1 records the carried sender's
MAC and IP addresses in its ARP table.
• Generally, a network device has an ARP cache. • After data arrives at the physical layer, the
The ARP cache stores the mapping between IP physical layer converts a digital signal into an
addresses and MAC addresses. optical signal, an electrical signal, or an
• Step 1: electromagnetic wave signal based on the
o Before sending a datagram, a device physical media.
searches its ARP table for the • PDUs transmitted at the physical layer are
destination MAC address of the called bitstreams.
datagram. • The physical layer is at the bottom of the model.
o If the destination MAC address exists o This layer transmits bitstreams on
in the ARP table, the device media.
encapsulates the MAC address in the o It standardizes physical features such
frame and sends out the frame. If the as cables, pins, voltages, and interfaces.
destination MAC address does not exist o Common transmission media include
in the ARP table, the device sends an twisted pairs, optical fibers, and
ARP request to discover the MAC electromagnetic waves.
address.
Common Transmission Media
• Step 2:
o Host 1 sends an ARP request to • Twisted pairs: most common transmission
discover the MAC address of Host 2. media used on Ethernet networks. Twisted pairs
o The destination MAC address in the can be classified into the following types based
ARP request is 0 because the on their anti-electromagnetic interference
destination MAC address is unknown. capabilities:
o STP: shielded twisted pairs
o UTP: unshielded twisted pairs
• Step 3: • Optical fiber transmission can be classified into
o The ARP request message is a the following types based on functional
broadcast data frame. After receiving components:
the ARP request message, the switch o Fibers: optical transmission media,
floods it. which are glass fibers, used to restrict
• Step 4: optical transmission channels.
o After receiving the ARP request o Optical modules: convert electrical
message, each host checks whether it is signals into optical signals to generate
the destination of the message based on optical signals.
the carried destination IP address. • Serial cables are widely used on wide area
o Host 2 finds that it is the destination of networks (WANs). The types of interfaces
the message and then records the connected to serial cables vary according to
mapping between the sender's MAC WAN line types. The interfaces include
and IP addresses in its ARP table. synchronous/synchronous serial interfaces,
• Step 5 ATM interfaces, POS interfaces, and CE1/PRI
o Host 2 sends an ARP reply to Host 1. interfaces.
• Wireless signals may be transmitted by using into electrical signals, optical signals,
electromagnetic waves. For example, a wireless or electromagnetic (wireless) signals.
router modulates data and sends the data by
o The converted signals start to
using electromagnetic waves, and a wireless
be transmitted on the network.
network interface card of a mobile terminal
demodulates the electromagnetic waves to
obtain data. Data transmission from the
wireless router to the mobile terminal is then
complete.
Data Encapsulation on the Sender
• The network layer is often called the IP layer. • The IP packet header contains the following
Network layer protocols include Internet information:
Control Message Protocol (ICMP) and Internet o Version: 4 bits long. Value 4 indicates
Packet Exchange (IPX), in addition to IP. IPv4. Value 6 indicates IPv6.
o Header Length: 4 bits long, indicating
Internet Protocol the size of a header. If the Option field
is not carried, the length is 20 bytes.
• IP is short for the Internet Protocol. IP is the
The maximum length is 60 bytes.
name of a protocol file with small content. It
o Type of Service: 8 bits long, indicating
defines and describes the format of IP packets.
a service type. This field takes effect
• The frequently mentioned IP refers to any
only when the QoS differentiated
content related directly or indirectly to the
service (DiffServ) is required.
Internet Protocol, instead of the Internet
o Total Length: 16 bits long. It indicates
Protocol itself.
the total length of an IP data packet.
• Function:
o Identification: 16 bits long. This field is
o Provides logical addresses for devices
used for fragment reassembly.
at the network layer.
o Flags: 3 bits long.
o Is responsible for addressing and o Fragment Offset: 13 bits long. This
forwarding data packets.
field is used for fragment reassembly.
• Versions: o Time to Live: 8 bits long.
o IPv4 - the core protocol in the TCP/IP
• Protocol: 8 bits long. It indicates a next-layer
protocol suite. It works at the network protocol. This field identifies the protocol used
layer in the TCP/IP protocol stack and
by the data carried in the data packet so that the
this layer corresponds to the network
IP layer of the destination host sends the data to
layer in the Open System
the process mapped to the Protocol field.
Interconnection Reference Model (OSI Common values are as follows:
RM).
o 1: ICMP, Internet Control Message
o IPv6 - also called IP Next Generation
Protocol
(IPng), is the second-generation
o 2: IGMP, Internet Group Management
standard protocol of network layer Protocol
protocols. Designed by the Internet
o 6: TCP, Transmission Control Protocol
o 17: UDP, User Datagram Protocol cyclically. As the number of such
• Header Checksum: 16 bits long. packets increases, network congestion
• Source IP Address: 32 bits long. It indicates a occurs.
source IP address. o To prevent network congestion induced
• Destination IP Address: 32 bits long. It by loops, a TTL field is added to the IP
indicates a destination IP address. packet header. The TTL value
• Options: a variable field. decreases by 1 each time a packet
• Padding: padded with all 0s. passes through a Layer 3 device. The
initial TTL value is set on the source
Data Packet Fragmentation device. After the TTL value of a packet
decreases to 0, the packet is discarded.
• The process of dividing a packet into multiple
In addition, the device that discards the
fragments is called fragmentation.
packet sends an ICMP error message to
• The sizes of IP packets forwarded on a
the source based on the source IP
network may be different. If the size of an IP
address in the packet header.
packet exceeds the maximum size supported
by a data link, the packet needs to be divided Protocol
into several smaller fragments before being
transmitted on the link. • The Protocol field in the IP packet header
identifies a protocol that will continue to
• Identification: 16 bits long. This field carries a
process the packet.
value assigned by a sender host and is used for
fragment reassembly. • This field identifies the protocol used by the
data carried in the data packet so that the IP
• Flags: 3 bits long.
layer of the destination host sends the data to
o Reserved Fragment: 0 (reserved).
the process mapped to the Protocol field.
o Don't Fragment: Value 1 indicates that
fragmentation is not allowed, and value • After receiving and processing the packet at the
0 indicates that fragmentation is network layer, the destination end needs to
allowed. determine which protocol is used to further
o More Fragment: Value 1 indicates that process the packet. The Protocol field in the IP
there are more segments following the packet header identifies the number of a
segment, and value 0 indicates that the protocol that will continue to process the
segment is the last data segment. packet.
• Fragment Offset: 13 bits long. This field is • The field may identify a network layer protocol
used for fragment reassembly. This field (for example, ICMP of value 0x01) or an upper-
indicates the relative position of a fragment in layer protocol (for example, Transmission
an original packet that is fragmented. This field Control Protocol [TCP] of value 0x06 or the
is used together with the More Fragment bit to User Datagram Protocol [UDP] of value 0x11).
help the receiver assemble the fragments. What is an IP Address?
Time to Live • An IP address identifies a node (or an interface
• The TTL field specifies the number of routers on a network device) on a network and is used
that a packet can pass through. to find the destination for data.
• Once a packet passes through a router, the TTL • IP addresses are used to forward IP packets on
is reduced by 1. If the TTL value is reduced to the network.
0, a data packet is discarded. • An IP address is an attribute of a network device
• Time to Live: 8 bits long. It specifies the interface, not an attribute of the network device
maximum number of routers that a packet can itself. To assign an IP address to a device is to
pass through on a network. assign an IP address to an interface on the
o When packets are forwarded between device. If a device has multiple interfaces, each
network segments, loops may occur if interface needs at least one IP address.
routes are not properly planned on IP Address Notation
network devices. As a result, packets
are infinitely looped on the network • IP address notation
and cannot reach the destination. If a o An IP address is 32 bits long and
loop occurs, all packets destined for consists of 4 bytes. It is in dotted
this destination are forwarded
decimal notation, which is convenient IP Addressing
for reading and writing.
• Network part (network ID): indicates the
• Dotted decimal notation
network where a host is located, which is
o The IP address format helps us better
similar to the function of "Community A in
use and configure a network. However,
district B of City X in province Y."
a communication device uses the
binary mode to operate an IP address. • Host part: identifies a specific host interface
Therefore, it is necessary to be familiar within a network segment defined by the
with the decimal and binary network ID. The function of host ID is like a
conversion. host location "No. A Street B".
• IPv4 address range • Network addressing:
o 00000000.00000000.00000000.00000 o Layer 2 network addressing: A host
000– interface can be found based on an IP
11111111.11111111.11111111.1111111 address.
1, that is, 0.0.0.0–255.255.255.255 o Layer 3 network addressing: A gateway
is used to forward data packets between
IP Address Structure network segments.
• Gateway:
• An IPv4 address is divided into two parts:
o During packet forwarding, a device
o Network part (network ID): identifies determines a forwarding path and an
a network. interface connected to a destination
▪ IP addresses do not show any network segment. If the destination
geographical information. The host and source host are on different
network ID represents the network segments, packets are
network to which a host forwarded to the gateway and then the
belongs. gateway forwards the packets to the
▪ Network devices with the same destination network segment.
network ID are located on the o A gateway receives and processes
same network, regardless of packets sent by hosts on a local
their physical locations. network segment and forwards the
o Host part: identifies a host and is used packets to the destination network
to differentiate hosts on a network. segment. To implement this function,
• A network mask is also called a subnet mask: the gateway must know the route of the
o A network mask is 32 bits long, which destination network segment. The IP
is also represented in dotted decimal address of the interface on the gateway
notation, like bits in an IP address. connected to the local network segment
o The network mask is not an IP address. is the gateway address of the network
The network mask consists of segment.
consecutive 1s followed by
IP Address Classification
consecutive 0s in binary notation.
o Generally, the number of 1s indicates • Class A
the length of a network mask. For o 0.0.0.0 – 127.255.255.255
example, the length of mask 0.0.0.0 is o Assigned to hosts
0, and the length of mask 252.0.0.0 is o 8 bits
6. • Class B
o The network mask is generally used o 128.0.0.0 – 191.255.255.255
together with the IP address. Bits of 0 o Assigned to hosts
correspond to host bits in the IP o 16 bits
address. In other words, in an IP • Class C
address, the number of 1s in a network o 192.0.0.0 – 223.255.255.255
mask is the number of bits of the o Assigned to hosts
network ID, and the number of 0s is the o 24 bits
number of bits in the host ID. • Class D
o 224.0.0.0 – 239.255.255.255
o Used for multicast
• Class E Internet. Such an IP address is a public IP
o 240.0.0.0–255.255.255.255 address.
o Used for Research • Private IP address: In practice, some networks
• A host refers to a router or a computer. In do not need to connect to the Internet. For
addition, the IP address of an interface on a host example, on a network of a lab in a college, IP
is called a host IP address. addresses of devices need to avoid conflicting
• Multicast address: is used to implement one-to- with each other only within the same network.
multiple message transmission. In the IP address space, some IP addresses of
class A, B, and C addresses are reserved for the
IP Address Types preceding situations. These IP addresses are
• A network range defined by a network ID is called private IP addresses.
called a network segment o Class A: 10.0.0.0–10.255.255.255
o Class B: 172.16.0.0–172.31.255.255
• Network address
o Class C: 192.168.0.0–192.168.255.255
o Identifies a network.
o The network ID is X, and each bit in the • Network Address Translation (NAT) is used to
host ID is 0. translate addresses between private and public
o It cannot be assigned to a host interface. IP address realms.
• Broadcast address Special IP Addresses
o A special address used to send data to
all hosts on a network. 1. Limited Broadcast Address
o The network ID is X, and each bit in the o Address Scope: 255.255.255.255
host ID is 1. o Function: It can be used as a
o It cannot be assigned to a host interface. destination address and traffic destined
• Available address for it is sent to all hosts on the network
o IP addresses that can be allocated to segment to which the address belongs.
device interfaces on a network (Its usage is restricted by a gateway).
o It is also called a host address. It can be 2. Any IP Address
assigned to a host interface. o Address Scope: 0.0.0.0
• The number of available IP addresses on a o Function: It is an address of any
network segment is calculated using the network. Addresses in this block refer
following method: to source hosts on "this" network.
o Given that the host part of a network 3. Loopback Address
segment is n bits, the number of IP o Address Scope: 127.0.0.0/8
addresses is 2n, and the number of o Function: It is used to test the software
available IP addresses is 2n – 2 (one system of a test device.
network address and one broadcast 4. Link-local Address
address). o Address Scope: 169.254.0.0/24
o Function: If a host fails to
IP Address Calculation automatically obtain an IP address, the
host can use an IP address in this
address block for temporary
communication
IPv4 vs IPv6