ESSENCE

ESSENCE

Technical Field 03 Understanding of Network

ESSENCE Ver.2

Technical Field
03 Understanding of Network
 16
20
ht
rig
py

Technical Field
Co

03 Understanding of Network
ⓒ
 16

16
TOPCIT ESSENCE is published to provide learning materials for TOPCIT
examinees.
The TOPCIT Division desires the TOPCIT examinees who want to acquire the

20

20
necessary practical competency in the field of ICTto exploit as self-directed
learning materials.

For more information about TOPCIT ESSENCE, visit TOPCIT website or send us
an e-mail.
ht

ht
As part of the TOPCIT ESSENCE contents feed into authors’ personal opinions, it
is not the TOPCIT Division’s official stance.

ESSENCE
rig

rig
Ver.2

Ministry of Science, ICT and Future Planning

Technical Field
py

py
Institute for Information and Communications Technology Promotion
Korea Productivity Center

Publisher TOPCIT Division

03 Understanding of Network
Co

Co
+82-2-398-7649 www.topcit.or.kr/en [email protected]

Date of Publication 1st Edition 2014. 12. 10

2nd Edition 2016. 2. 26

Copyright © Ministry of Science, ICT and Future Planning

ⓒ

ⓒ
All rights reserved.
No part of this book may be used or reproduced in any manner whatever
without written permission.
 16

16
20

20
ht

ht
Technical Field
rig

rig
03 Understanding of Network

ESSENCE Ver.2
py

py
Co

Co
ⓒ

ⓒ
 CONTENTS
Introduction to Network 12
01 What is Protocol? 16
16
02 OSI Reference Model and TCP/IP Protocol Layer Structure 17
03 Internet Address Structure 19
20
MAC Address, IP Address, Port Number 19
IPv4 Address Structure 20
IPv6 Address Structure 23
ht
04 Internet Standards 24
rig
Data Link Layer and Physical Layer 28
py
01 Basic Idea about Data Link Layer 30
02 Data Link Layer Encapsulation 30
Co
Data Link Layer Encapsulation 30
Frame Header and Trailer 31
03 Structure of Data Link Layer 31
ⓒ
Sub-layer of Data Link Layer 31
Logical Link Control 31
MAC 32
04 MAC Address Search 32
IP Address and MAC Address Resolution Protocol 32
06 TOPCIT ESSENCE
ESSENCE
MAC Address Search Scenario 33
05 Error Detection and Correction in Data Link Layer 34
Definition of Error Control 34
16
Error Detection and Error Correction 35
06 Physical Layer 36
20
Operation Scenario 36
Signal Delivery Method 37
07 Classification of Physical Layer Medium 37
ht
Transmission Medium 37
Guided Medium 38
rig
Wireless Medium 41
08 IEEE 802 Standard 41
py
Basic Concept of IEEE 802 41
IEEE 802.3 Standard 42
IEEE 802.11 Standard 42
Co
IEEE 802.15 Standard 43
Understanding Routing Protocols and the IPv4
ⓒ
Address System and to Utilize the Same 47
01 Outline of Network Layer and Device 49
What is Network Layer? 49
Function of Network Layer 49
Internetworking Device 50
M3 Network 07
 CONTENTS
What is Router? 50
What is Switch? 52
VLAN (Virtual Local Area Network) 53
16
02 Encapsulation of Network Layer 53
Encapsulation of Network Layer 53
IPv4 Header 54
20
03 Packet Switching and Network Layer Protocol/Command 54
Packet Switching 54
Network Layer Protocol/command
ht 55
Network Layer Command 55
rig
04 Network Service Quality 56
QoS(Quality of Service) 56
Techniques Used to Secure Quality of Service 56
py
05 Routing Protocols and Algorithms 58
What is Routing Protocol? 58
Co
What is Routing Algorithm? 58
Types of Routing Protocols 59
Types of Routing Protocols 60
ⓒ
06 Outline of IPv4 60
What is IPv4 (Internet Protocol Version 4)? 60
An Example of a Network Using the IPv4 61
07 IPv4 Addressing and Subnetting 62
IPv4 Expression 62
08 TOPCIT ESSENCE
ESSENCE
IPv4 Addressing Structure 62
Special IPv4 Address 63
Subnetting 64
CIDR (Classless Inter-Domain Routing) 64
16
Supernetting 65
How IPv4 Address is Assigned? 66
20
Transport Layer Protocol 69
01 Concept of Transport Layer Protocol 70
ht
02 TCP 71
rig
Characteristics of TCP 71
Scenario for TCP Operation 73
TCP Protocol 74
py
03 UDP (User Datagram Protocol) 83
Characteristics of UDP 83
Co
UDP Protocol 84
Use Case of Multicast Sockets via UDP 86
04 SCTP(Stream Control Transmission Protocol) 88
ⓒ
Features of SCTP 88
SCTP Protocol 88
Application Layer Technologies, including Web Applications 94
01 What is Application Layer Protocol? 97
M3 Network 09
 CONTENTS ESSENCE

02 HTTP 97 RTP(Real-time Transport Protocol) 139

Characteristics of HTTP 97 RTCP(Real-time Transport Control Protocol) 141
HTTP Protocol 97 IMS (IP Multimedia Subsystem) 141

16

16
03 File Transmission Protocol 101 04 Network Technologies for IoT (Internet of Things) 144

Characteristics of FTP 101 Introduction to IoT 144

FTP Protocol 102 Trend of IoT standardization 145

20

20
Example of Actual FTP Protocol 105 Core Technology of IoT 147
Example of FTP Implementation with Library 112 Major Protocols for IoT 147

04 JSP Web Programming 118 05 Software Based Network 149

ht

ht
Characteristics of Web Programming 118 Limitation of Conventional Communications Environment and Paradigm Shift 149
Examples of Web Programming 119 SDN (Software Defined Network) 150
rig

rig
NFV (Network Function Virtualization) 153
SDN & NFV 154
Keep up with the Recent Trends in Network Technology 131
py

py
01 Multimedia Network 132
Type of Image Compression 132
Co

Co
Multimedia Data 132
QoS(Quality of Service) 133

02 Basic Idea about VoIP and Call Signaling Protocol 135

ⓒ

ⓒ
What is Voice over Internet Protocol (VoIP)? 135
VoIP call Signaling Protocol 136
H.323 138

03 Media Transport Protocol 139

Types of Media Transport Protocol 139

10 TOPCIT ESSENCE M3 Network 11

TOPCIT ESSENCE Network

M3
Ⅰ Introduction to Network

Latest Trends and Key Issues

16

16
The network technology has been developed from 56kbps wired data communications to tens of Mbps Practical tips How to understand network?
level wireless network. The technology has become an integral part of our lives not only in business
domains but also in our daily lives because of the emergence of diverse connected terminals. Hence,

20

20
any software used in a terminal or in a system has close interaction with network and bi-directional
communications feature comes as default. Hence, it is necessary to understand the standard protocols IPv4 Address : 14.32.172.167
used in the network so that we can design and build agile and optimized software out of the basic Subnet mask : 255.255.255.0
Gateway : 14.32.172.254 my.server.com
principles about the network. DHCP Server : 121.138.7.42 220.17.23.15
14.32.172.0
DNS Server1 : 168.126.63.1
ht

ht
DNS Server2 : 168.126.63.2

Switching hub D
Study Objectives Wireless/wired IP Router C
rig

rig
sharing device B
To be able to explain about the basic theory of the Internet and protocol layers
192.168.11.0 220.17.23.0
To be able to understand and utilize MAC addresses, IP addresses, and port numbers that are used
for the Internet address structure.
IPv4 Address : 192.168.11.5
py

py
To be able to explain how data is transmitted on the network and to identify which standard protocol IPv4 Subnet mask :
255.255.255.0
is used during the transmission IPv4 Gateway : 192.168.11.1
IPv4 DHCP Server : 192.168.11.1
IPv4 DNS Server : 192.168.11.1 User A
Co

Co
Practical Importance Medium
<Figure 1> Networking between a user and a server

<Figure 1> displays how network connection works when User A wants to search for information after
Keywords having an access to a web server (my.server.com). This kind of connection frequently takes place at
ⓒ

Protocol, internet, IETF, 3GPP, 3GPP2, ITU-T, OSI reference model, Application layer, Presentation layer,
transport layer, Network layer, Data link layer, Physical layer, Internet protocol layer, Internet layer, Network
interface layer, Internet address system, MAC address, IP address, Port number, IPv4 address, IPv6 address,
Private network, NAT, CIDR, RFC
ⓒ
home, school, or company but not many users are fully aware of the network information they are using.
Let’s take a specific example of how network service is provided.

12 TOPCIT ESSENCE M3 Network 13

TOPCIT ESSENCE Network

M3
Step 3-3 A packet is generated, including the information for inter-network routing. However, this packet
cannot move from one network to another and needs some more preparation within the network.
User A’s computer has the IPv4 address of 192.168.11.5, which cannot be directly delivered to
User A my.server.com my.server.com. Hence, the computer tries to deliver the address to its gateway: wireless/ wired IP
① Request to homepage sharing device B (192.168.11.1)
However, the IP address cannot be used for transmission within the network, so it is necessary to
Transmit contents from homepage get the MAC address information which is designed for transmission within the network. The MAC
address matched to the gateway’s IP address (192.168.11.1) should be found out by conducting

16

16
② Request for my.pdf
broadcasting within the 192.168.11.0 network, and the packet is sent to IP sharing device B.
(ARP, Ethernet, private network, NAT)
Transmit my.pdf file

20

20
Step 3-4 The wireless/wired IP sharing device B receives the packet from User A’s computer and looks
<Figure 2> User A’s web usage sequence
into the final destination of the packet because the packet is not directed to the IP sharing device.
The IP header contains the final destination (my.server.com) and the IP sharing device B can
<Figure 2> shows a case where User A is connected to a web server (my.server.com) and tries to search for the recognize that the final destination is not for 192.168.11.0 or 14.32.172.0 where the IP sharing device
information, whereas <Table 1> provides a step-by-step explanation about what kind of changes are happening belongs. The IP sharing devices passes the packet to Router C where it belongs. (Routing
on the network corresponding to the activities shown in <Figure 2>. The standard protocol used in each step is protocol)
ht

ht
written in parenthesis and the definition and mechanism of action for each of them will be explained in the following
chapters.
Step 3-5 Router C can recognize that the packet is directed to the network 220.17.23.0 where it belongs and
rig

rig
Let’s take <Figure 2> as an example and look into how a simple network service can be provided. tries to send the packet to the web server’s IP address 220.17.23.15. Just as in the case of step 3.3,
the packet movement within the network requires a physical address of my.server.com or MAC
<Table 1> User A’s web usage scenario address. Hence, the broadcasting job is conducted within the network to acquire the MAC address
corresponding to my.server.com’s IP address (220.17.23.15) and the packet can be delivered to the
Step 1 User A types in http://my.server.com/ on a web browser and hits the enter key.
py

py
address.

Step 2 The web browser wants to send out the request of User A to the web server (my.server.com). Step 3-6 My.server.com receives the packet, and looks into the IP address to identify whether the packet is
However, my.server.com is a domain name that can only be easily recognized by humans, so the directed to the right address. After that, the server removes the header information and sends the
Co

Co
browser cannot send out the request. Therefore, the web browser has to ask for an IP address
remaining data to a higher protocol layer. (IP)
given to my.server.com to a Doman Name Server.(DNS)

Step 3-7 The data is delivered to the application of the web server (my.server.com) after identifying to which
Step 3 The DNS gives back the IP address (220.17.23.15) for my.server.com to the web browser. The web
application of the web server the data should be delivered and then unnecessary information is
browser gains access to the web server using this IP address and asks for the information in the
removed.
document root.(HTTP)
ⓒ

ⓒ
Step 3-8 The web server application recognizes that the message is intended to request information from the
Step 3-1 To deliver the request to my.server.com, the web browser hands over the request information to the
document root and transmits the relevant information to User A’s computer.
TCP protocol. This information is encapsulated properly and delivered to a web server program of
my.server.com. (TCP)
Step 4 The web browser, which receives the information in the document root from the web server, visually
presents the information for User A. If a hyperlink within the document is selected, it is possible to
Step 3-2 The information generated from TCP protocol goes through various network hops and is
view a video clip on the web browser.
encapsulated again so that the information can be routed to 220.17.23.0 where my.server.com is
(HTTP, HTML)
connected. (IP)

14 TOPCIT ESSENCE M3 Network 15

TOPCIT ESSENCE Network

M3
01 What is Protocol? 02 OSI Reference Model and TCP/IP Protocol Layer Structure

In the previous <Table 1> ARP, IP, TCP, HTTP, DNS, NAT and many other standard protocols were introduced. A
standard protocol can be defined as a standardized communication rule which is intended to send and receive data
through the network. In general, the Internet has a wide network wherein multiple networks come together and each
of the networks is connected with many PCs and servers.
There are tens of thousands or hundreds of thousands of PCs, servers, and routers which connect these PCs and
servers. For data communication among these many devices, it is absolutely necessary to have a common protocol
<Figure 4> is a conceptual diagram for communications based on the OSI reference model, including relay open
system; described in ISO / IEC 7498-1: 1994 (E). This figure is cited often when talking about the so called ISO’s OSI
reference model or OSI 7 layers. ISO originates from the Greek word ‘ισο’(Romanization isos), which means “equal”.
One must be careful not to be confused with ‘International Organization for Standardization (ISO)’. OSI stands for Open
Systems Interconnection.

16

16
that can be understood from any devices. That is why there are many international organizations that make efforts to Open Open
standardize these protocols. System Relay open system System
Application
• IETF(Internet Engineering Task Force) usually takes care of Internet-related protocols
Presentation

20

20
• 3GPP(Third Generation Partnership Project) and 3GPP2 cover wireless communications protocol such as GSM,
Session
CDMA, UMTS, LTE, LTE-A Transport
• ITU-T(International Telecommunication Union Telecommunication Standardization Sector) works on the Network
standardization for telecom communications Data Link
Physical
Therefore, in order to develop the software for network / telecommunications industries, it is necessary to understand
ht

ht
Physical media for OSI
the standard protocols established by these standardization bodies and to be able to accommodate those protocols
during <Figure 3> showcases the basic ideas about the network protocol discussed above and to describe the <Figure 4> Conceptual diagram for communications based on OSI reference model, including relay open system
contents of <Figure I>. If a user searches for information via a web browser, the request and response data are
rig

rig
moving over the network based on the protocols that are relevant to the user's computer, wireless or wired IP sharing The protocols and their functions for each layer of the OSI reference model are summarized in Table 2. [1]
device, switching hubs, and routers. The physical layer is a directly connected with hardware such as physical wires
or switch and is operated by an electrical signal, but the protocol layers above the data link layer (including the data <Table 2> Protocols and relevant functions for each layer of OSI reference model
link layer) is implemented and operated with software. If one can understand how many software components interact
py

py
Layer Protocol Function
with each other, it is possible to develop application program or system software via network. There will be further
HTTP, SMTP, SNMP, FTP, Providing services such as user interface, e-mail, database
step-by-step explanation for each of the protocol layers shown in <Figure 3>: especially how they are operated and Application layer
Telnet, etc. management, etc.
interconnected.
Supporting encoding translation and encryption for syntax and
Presentation layer JPEG, MPEG, XDR, etc.
Co

Co
semantics exchanged between two systems.
The layer that builds sessions for communications: establishing
TLS, SSH, RPC, NetBIOS,
Session layer and maintaining interaction among communication devices and
etc.
Network layer synchronizes them.
Data link layer my.server.com Providing reliable message transmission between end-to-end
14.32.172.0 220.17.23.15 Transport layer TCP, UDP, SCTP, etc.
Application layer processes and error control
Router C
Transport layer Physical layer Application layer IP, IPX, ICMP, X.25, ARP, Supporting packet transmission between networks from starting
Switching hub D Network layer
ⓒ

ⓒ
Wireless/wired IP Transport layer OSPF, etc. point to destination.
Network layer
sharing device B
Network layer Network layer Ethernet, Token Ring, Providing functions which transports frames between hops without
Data link layer Data link layer
192.168.11.0 220.17.23.0 wireless LAN, etc. errors.
Data link layer Data link layer
Physical layer Radio wave, optical fiber,
Physical layer Transmitting actual bit stream through physical medium.
Physical layer Physical layer PSTN, etc.
User A

<Figure 3> A virtual network that presents basic ideas about protocol layer
The Internet protocol layer is based on the ARPANET reference model, as shown in <Figure 5>, which came out
earlier than the OSI layer model [3] [9] [10]. The term and expression can slightly vary from one source to another,
but in this chapter, we use the most commonly used term.

16 TOPCIT ESSENCE M3 Network 17

TOPCIT ESSENCE Network

① Application layer : allows applications (including web (HTTP), DNS, Telnet, FTP, e-mail transmission (SMTP /
POP3 / IMAP4)) to gain access to the service of other layers. This layer covers not only the application layer but
also the presentation layer and session layer of an OSI reference model.
② Transport layer : also called a host-to-host transport layer and responsible for data exchanges among abstract
ports such as TCP, UDP, and SCTP which are managed by application programs. This layer is equivalent to the
transport layer of an OSI model.
M3
The network layer protocol (IP), which contains the routing information that can cover the network where the target
host resides, is used to transport user data (including TCP header information) and such IP information is included
within the header.
In the network layer, the TCP header and user data received from the transport layer are all regarded as data. As
for the data link layer, which contains information necessary for physical delivery to the other host within the same
network, Ethernet protocol is usually used. In this process, the pair of Ethernet header and IP header passed down
from the network layer (TCP header and user data) is regarded as data. It is good to remember that each layer only
uses the header that is relevant to the given role of each layer.

③ Internet layer : also known as a network layer and responsible for addressing and routing. This layer

16

16
corresponds to the network layer of an OSI model.

④ Network interface layer : also called a network access layer and responsible for actual transmission and

20

20
reception f TCP/IP packets through physical medium, such as IEEE 802.3 Ethernet or IEEE 802.11 WiFi. When Application layer User data
compared to the OSI model, this layer is equivalent to the data link layer that takes care of MAC function and
Transport layer TCP Header User data
Physical layer that defines electrical signal.
Network layer IP Header TCP Header User data

TCP/IP Protocol Suite Data link layer Ethernet Header IP Header TCP Header User data
ht

ht
OSI model layers DARPA layers <Figure 6> Example of network protocol header and data composition
Application Layer
rig

rig
Presentation Layer Application Layer HTTP FTP SMTP DNS RIP SNMP

Session Layer 03 Internet Address Structure

py

py
Transport Layer TCP UDP
Transport Layer MAC Address, IP Address, Port Number
Networt Layer IGMP ICMP ND MLD
Internet Layer You will encounter terminologies that contain various numbers such as MAC address, IP address, and port number
ICMPv6
ARP IP(IPv4) IPv6 when you are using the Internet. It can be helpful if you understand the meaning of the protocols of each layer
Co

Co
Data Link Layer rather than just memorizing them. Just as in the case of the Internet address, there are numbers that comprise MAC
802.11
Network Interface
Ethernet wireless Frame Relay ATM address, IP address, and port number.
Layer LAN
Physical Layer
① MAC Address : MAC (Medium Access Control) is an addressing system used in the data link layer, which is
usually used for frame transport between the nodes that are physically connected. The information is stored in the
<Figure 5> TCP / IP protocol layers: based on ARPANET reference model [10]
LAN expansion card (also known as NIC (Network Interface Card)) in the form of hardware, and MAC address is
ⓒ

As was expressed in <Figure 4,> these protocols define the rules for communications between one protocol layer
and the equivalent protocol layer of the other host which are connected through a network. In general, in order to
make communications possible, it is necessary to obtain the header information so that the same level layers can
communicate with each other and to obtain the data passed down from the layer one level higher.
Just as in <Figure 6>, the user data to be sent from the application layer can be transmitted through the transport
layer protocol TCP (or UDP), which is connected to the host of the other end. In this process, it is necessary to
obtain a TCP header (or UDP header) to carry out the service.
ⓒ
also called Physical Address or EHA (Ethernet Hardware Address). The address has 48 bits, wherein the first 24
bits are used for unique ID of a hardware manufacturer and the last 24 bits are for NIC-dependent address.
② IP address : IP address refers to the address system used in the network layer, which is used in transporting
datagram between two hosts/routers. IP address helps right data be transported from the start node to the
destination node through the various networks that belong to the Internet. While MAC address is called a
physical address, IP address is called a logical address. The existing IP address structure or the IPv4 address is
composed of 32 bits, but there has been an exponential increase of the Internet usage globally and the address
structure did not have enough vacancy. Hence, there has been discussion for the adoption of the IPv6 which has

18 TOPCIT ESSENCE M3 Network 19

TOPCIT ESSENCE Network

M3
128 bits, but still the IPv4 address is mainly used. IANA (Internet Assigned Numbers Authority) used to take the <Table 3> Special IPv4 address types
responsibility of IP address allocation, but ICANN (International Corporation for Assigned Names and Numbers) is Special address Network identifier Host identifier
doing the role these days.
Network address Specific 0

③ Port number : Port number is used to transport messages between the two processes (the application that is
Direct broadcast address Specific All= 1
currently running) and it can be simply said the port number connects the web browser and web server program
of my.server.com shown in <Figure 1>. It is composed of 16 bits and can identify up to 65535 application programs.
Limited broadcast address All= 1 All= 1
The number from 0 to 1023 are also called well-known ports and allocated by the IANA. These numbers
are usually used for the application program that has been used for a long time such as Telnet or e-mail Host within the network All= 0 All= 0

16

16
communications. The number from 1024 to 49,151 are called registered ports and usually used for servers just as
in the case of well-known ports. Typical examples are the Internet chatting protocol IRC (TCP port number 6667) Specific host within the network All= 0 Specific
and Git version control system (TCP port number 9418). The number from 49,152 to 65,535 are usually used on

20
Loopback address

20
the client side on a temporary basis. They are also called dynamic ports or ephemeral ports. 127 Don’t Care

Some of the IPv4 address space is dedicated for private address space. The network that uses the private address
IPv4 Address Structure space is called a private network and the network should comply with RFC 1918[11] and RFC 4193[12].
IETF has established RFC 1918 and makes recommendations about Class A, B, and C level address specifically for
IPv4 address, composed of 32 bits, is used in the IP layer, and provides a unique but universally used identifier for
ht

ht
independent networks that are not linked to the internet.
a router or a host to gain access to the Internet. In general, the IPv4 address is classified into five classes as shown
IPv4 address is allocated either by IANA or ICANN, so an individual cannot choose to use a random IPv4 address.
in <Figure 7>. Class A, B, and C are for the Internet, while Class D is for multicast and Class E is for research and
However, if you build your own private network, it is not only easy to configure but also the IPv4 address within the
development.
rig

rig
private space can be allocated for individuals. If you use NAT (Network Address Translation) you can connect the
IPv4 address can be divided into two parts: network identifier and host identifier within the network. The length of
private network to the public Internet.
the network identifier for Class A, B, and C is 8 bits, 16 bits, and 24 bits respectively. Out of the whole 32 bits, the
remaining bits other than the network identifier are used as host identifier.
<Table 4> Private address space
That means Class A network can have 24 bits as a host identifier (after excluding 8 bits for network identifier), so
py

py
224 – 2 hosts can be utilized. The reason ‘2’ was subtracted because if all the bits of the host identifier equals to RFC 1918 name Range of IP address Number of addresses
zero, the IPv4 address is the network address, while if all the bits of the host identifier equals to one, it means direct
broadcast address. When the network identifier and host identifier have specific value, they have special meaning 24bit block 10.0.0.0 ~ 10.255.255.255 16,777,216 (Class A: 1)
rather than indicating a specific host. <Table 3> summarizes types of ‘special addresses’.
Co

Co
20bit block 172.16.0.0 ~ 172.31.255.255 1,048,576 (Class B: 6)

Network Host Host Host

Class A
1.0.0.0~126.255.255.255
16bit block 192.168.0.0 ~ 192.168.255.255 65,536 (Class C: 256)
Network Network Host Host
Class B
ⓒ

ⓒ
128.0.0.0~191.255.255.255
Network Network Network Host
Class C NAT (Network Address Translation) can provide mapping between private address and global address, supports
192.0.0.0~223.255.255.255
virtual private network [15], and works as a core technology for networking firewall. In <Figure 1>, you can see the
Multicast
Class D network where User A’s computer and wireless/wired IP sharing device B are located, the network (192.168.11.0) is
224.0.0.0~239.255.255.255
an example of a private network. NAT is working based on the ideas of reusing the private address. Such ideas can
Research and Development be implemented within a router, which means the router can receive data from each of the ports and translates IP
Class E
240.0.0.0~255.255.255.255 address field of IP packet’s initiation point into unique public IP address, following the NAT mapping rules. The types
of NAT are explained in <Table 5>.
<Figure 7> IPv4 address classes

20 TOPCIT ESSENCE M3 Network 21

TOPCIT ESSENCE Network

M3
<Table 5>Types of NAT

NAT type Detail

Static NAT One on one mapping between an internal network address and an external network address

Dynamic NAT Dynamic mapping between the address pool of internal network and one external network address

Communications with external network: between a number of internal network addresses and one or
Port NAT (PAT)
multiple external network addresses with different port numbers

16

16
<Figure 8> shows the details about network connection within the Windows environment. The IPv4 address allocated

20

20
to the computer is 192.168.11.4 which falls in the private address space of Class C. Sub-net mask is 255.255.255.0
and the bit value=1 refers to a network identifier. The outcome of XOR between the IPv4 address (192.168.11.4) and
Sub-net mask (255.255.255.0) is 192.168.11.0 and this value works as the network identifier and 4 (difference against
192.168.11.0) works as the host identifier for the network.
<Figure 9> CIDR address format [14]
Details of network connection
IPv6 Address Structure
ht

ht
Details of network connection(D):
Attribute Value
The number of hosts and terminals connected to the IPv4 network increased significantly and the IPv4 space was
Connection-specific DNS suffix
running out and Internet security vulnerability issue emerged. To address these problems, the IPv6 protocol was
rig

rig
Description
Physical Address
DHCP enabled Yes developed in the mid 1990s and fundamentally resolved the space issue. As opposed to the existing IPv4 (32 bits),
IPv4 Address
the IPv6 can be characterized with bigger space (128 bits) and can accommodate 3.4 x 1032 addresses. In addition,
IPv4 Subnet Mask
Lease Obtained 31 July 2014 Thursday 8:27:58 p.m. the header field, which was not used often in the IPv4, was removed to make the header format simpler and thereby
Lease Expires 8 August 2014 Friday 4:49:07 p.m.
providing more effective QoS.
py

py
IPv4 Default Gateway
IPv4 DHCP Server
IPv4 DNS Server
IPv4 did not have any security measures within itself and additionally required IPsec (Internet Protocol Security) [17]
IPv4 WINS Server [18] for security features. However, the IPv6 provided end-to-end encryption feature for better security and privacy
NetBIOS over TCP/IP Enabled Yes
Link-local IPv6 Address protection.
IPv6 Default Gateway
IPv6 has 128 bits, which is 4 times longer than the IPv4 address, and expressed in a hexadecimal number. The new
Co

Co
IPv4 DNS Server
address structure has ‘Format Prefix’ which is used to describe the form of address and ‘Address Field’ which
literally describes the actual address. To make the long address easy to read, the address is divided by a colon in
Close(C) every 16 bits and each filed is expressed in hexadecimal number. The prefix of IPv6 has a similar structure with the
CIDR of IPv4; i.e. IPv6 address/length of network prefix in a decimal number. <Table 6> shows the typical example of
<Figure 8> Details of network connection within Windows environment the IPv6 prefix.
ⓒ

ⓒ
There is a more flexible way of address allocation compared to the existing “class-based” address allocation. It is <Table 6> IPv6 format prefix
called CIDR (Classless Inter-Domain Routing) and pronounced either as /saId (r)/ or /sId (r)/. In this method, it is
e e
FP Description
possible to have more flexible segmentation of IP address range compared to the class-based method. The method
0000 001 Reserved for NSAP (Network Service Access Point)
uses “IP address/prefix size”. To be more specific 192.168.11.4 (Subnet mask 255.255.255.0) can be expressed as
192.168.11.4/24. The existing Class A, B, and C have a prefix length of 8, 16, 24 bits respectively, so this method is 0000 010 Reserved for IPX (Internetwork Packet Exchange)
useful in describing the network with different prefix size. <Figure 9> clearly shows how CIDR works without classes 001 Aggregatable global unicast address
which were described in RFC 4632.
1111 1110 10 Link local address

22 TOPCIT ESSENCE M3 Network 23

TOPCIT ESSENCE Network

M3
FP Description institute defines: basic transport protocols such as IP, TCP, UDP; and most widely used internet application layer
protocols such as HTTP, SSH, FTP, SMTP, POP3, IMAP. In addition to the IETF, there are other international institutes
1111 1110 11 Site local address
working to manage the internet related standards as shown in <Table 8>.
1111 1111 Multicast address

<Table 8> Institute for internet standardization

IPv6 addresses can be categorized into link-local, uni-cast, multi-cast, and any-cast addresses and <Table 7> Standardization
Details Standards (Ex)
summarizes how they are used and how they are presented. institute

• International Organization for Standardization

<Table 7> IPv6 address structure ISO • An international body established in 1946 for global cooperation in intellectual OSI reference model

16

16
activities and in the fields of science, technology, and economy.
Category Details

• International Telecommunications Union-Telecommunication Standards Sector

ITU-T ITU-T G.711
• The address that can be used only within an internal network. • A part of ITU specialized for telecommunication standards

20

20
Link-local • Address that can be utilized within a single network; used for identification only within the network.
addresses  • Institute of Electrical and Electronics Engineers IEEE 802.3
FE80:0000:0000:0000:2CDA:D834:EC83:CBA2
IEEE • A specialized institute authorized to develop American national standards by IEEE 802.11
Fill with 0 up to 64 bits American National Standards Institute IEEE 802.15
10bit Prefix EUI-64ID
• Electronic Industries Association
TIA/EIA-568-B
EIA • An association planning for a uniform standard in size, measurement method,
ht

ht
(T568B)
• While link-local address can be used within a single network, global uni-cast address can be used and marking in electronic devices.
to external networks as well
Global uni-cast • World Wide Web Consortium
addresses 2001:DB8:131F:0000:0000:070D:126A:140B / 64 HTML 4.01/5
W3C • An international consortium for the Internet that created the web standard:
rig

rig
CSS 2/3
established in 1994 and working for long-term development of the web.
② Network Address ③ Interface ① Prefix • Open Mobile Alliance
Push-to-talk over
OMA • A forum for the technological standard development and validation of
Cellular (PoC)
interoperability under the purpose of boosting global mobile data service
py

py
• To transport the packet to all the interfaces that are registered in the multi-cast group
Multi-cast • Format prefix is 8 bits and FF, and followed by 4-bit flag, 4-bit scope, and 112-bit group ID field.
addresses • The first 3 bits of the 4-bit flag are not used. If the final bit is ‘0’, it is well-known multi-cast address.
In addition, the IETF published RFC (Request for Comments) as a part of the Internet standard, the maturity level of
If the value is “1”, it is a temporarily used multi-cast address.
RFC is defined as in <Table 9>. This maturity level is usually written at the very top of the first page of RFC document.
Just as shown in <Figure 10>, if a standard is used by many people, it can be initiated with the Draft standard level
Co

Co
and sometimes becomes the Internet standard or sometimes goes away after a period of experimental usage.
• It is similar to multi-cast address in that multiple interfaces are selected, but the packet is not
Any-cast transported to all the hosts within the group but the packet is transported only to the nearest
addresses interface. <Table 9> RFC document category
• Presented with n-bit FP and (128-n) bit 0 Maturity level Details

• A stabilized standard that has been made with a lot of effort and gone through enough
ⓒ

ⓒ
Proposed standard
discussion in the Internet community

• More than two independent success and interoperability validated.

Draft standard
• Issues to be corrected continuously

04 Internet Standards Internet standard • A standard which was fully implemented

• A standard that has yet to pass a process to be the Internet standard

Historic
• Has important meaning from a historic perspective
IETF (Internet Engineering Task Force) is one of the main institutes in charge of the internet related standards. The

24 TOPCIT ESSENCE M3 Network 25

TOPCIT ESSENCE Network

M3
Maturity level Details Example Question
• An experimental working standard that does not have any impact on the internet operation.
Experimental
• Might not be implemented as a part of the Internet service Question type

Informational • General and historic tutorial information related to the Internet Descriptive question

Question

Please write down three ‘address’ or ‘number’ structure used for sending and receiving data among the
Internet draft
hosts on the internet and describe their purpose/usage

16

16
Experimental Proposed standard Informational
Intent of the question

20

20
Draft standard In order to understand the end-to-end data flow on the internet, it is necessary to comprehend the
addresses and numbers used in each layer.
Internet standard
Answer and explanation
Historic
① MAC address: physical address used to transport frame of the data link layer
ht

ht
② IP address: logical address used to transmit packets in between networks in the network layer.
<Figure 10> RFC standardization maturity level
③ Port number: a number structure used to deliver messages between two processes (or number
structure used to transport segment of the transport layer)
rig

rig
Related E-learning Contents
py

py
•Lecture 1 Basic Concept of Network
Co

Co
ⓒ

ⓒ
26 TOPCIT ESSENCE M3 Network 27
TOPCIT ESSENCE Network

M3
Ⅱ Data Link Layer and Physical Layer

Latest Trends and Key Issues

16

16
Communications, by definition, means various data are sent and received through the physical medium Practical tips Mechanism of action in the data link layer
using an electric or optical signals. The physical layer is located at the bottom of the OSI seven layers.
The purpose of this module is: to learn about the types of media and protocols working specifically

20

for the physical layer and eventually understand the mechanism of action happening at the bottom
of a network; and to understand the data link layer that works as a bridge between the medium and
protocols of the physical layer and the upper layers; and to learn about diverse methods used in
medium access control and logical link control.
ht
20
[Step 3-3] A packet was generated, including the information for inter-network routing. However, this
packet cannot move from one network to another and needs some more preparation within the network.
User A’s computer has the IPv4 address of 192.168.11.5, which cannot be directly delivered to my.server.
com. Hence, the computer tries to deliver the address to its gateway: wireless/ wired IP sharing device

ht
B (192.168.11.1). However, IP addresses cannot be used for transmission within the network, so it is
necessary to get the MAC address information which is designed for transmission within the network.
Study Objectives The MAC address matched to the gateway’s IP address (192.168.11.1) should be found out by conducting
rig

Able to explain about the standards of the physical layer
Able to explain about the sub-layer of the data link layer (data link control, medium access control)
Able to explain about the data link layer error detection and error correction technique.
py
rig
broadcasting within the 192.168.11.0 network, and the packet is sent to IP sharing device B.
[Step 3-5] Router C can recognize that the packet is directed to the network 220.17.23.0 where it belongs
and tries to send the packet to the web server’s IP address 220.17.23.15. Just as in the case of [Step 3-3],
the packet movement within the network requires a physical address of my.server.com or MAC address.

py
Hence, the broadcasting is conducted within the network to acquire the MAC address corresponding to
the IP address of my.server.com (220.17.23.15) and the packet can be delivered to the address.

Practical Importance Medium

Co

Co
Network layer

Data link layer Switching hub D my.server.com

14.32.172.0
220.17.23.15
Keywords Application layer Physical layer
Data link layer
Application layer
Transport layer Physical layer
LLC, topology, CSMA/CD, CSMA/CA, ARP, RARP, Forward error correction, Backward error correction, Wireless/wired IP Transport layer
Network layer sharing device B Router C
Turbo code, Convolution code, BCH, Hamming code, Reed-Solomon, Parity test, Block sum check,
ⓒ

ⓒ
Network layer
Data link layer 192.168.11.0 Network layer
220.17.23.0
Cyclic redundancy check, Stop-and-wait ARQ, Go-back-N, Selective-repeat, Adaptive ARQ, H-ARQ, Data link layer
Data link layer
VRC, LRC, Optical able, IEEE 802.11, DSSS, OFDM, MIMO, 256-QAM, FHSS, Beam forming, UHD, IEEE Physical layer
User A Physical layer
802.15, WPAN, ZigBee, Bluetooth, UWB Physical layer

<Figure 11] Mechanism of action within data link layer

28 TOPCIT ESSENCE M3 Network 29

TOPCIT ESSENCE Network

M3
01 Basic Idea about Data Link Layer Frame Header and Trailer

A frame header is composed of: a Preamble which is for bit synchronization among hosts; SFD (Start of Frame
The data link layer is responsible for transferring data between the peripheral devices on the network using the
Delimiter) which is a field that indicates the start of a frame; and physical addresses such as the destination address
Physical layer that is responsible for transporting a signal between devices. This layer has two main features: address
and source address. The physical address has 48bit address structure and each of the devices has unique physical
allocation and error detection. The address allocation feature allows signals received from the Physical layer to be
address as opposed to logical IP address. To identify the location of the devices in the layer 2 and below, the IP
properly delivered securely to the devices on the network and the error detection feature detects whether there is
address of the layer 3 cannot be used and physical address should be used. A trailer has FCS (Frame Check
any error in the process of signal delivery.
Sequence) which is used to check the error in the process of transportation.
It does not matter a lot even though an application software developer does not fully understand the data link layer

16

16
and the Physical layer. However, in the case of network related products, sometimes it is necessary for a developer
to understand the standard protocols because of the following reasons: a developer may have a case that requires
debugging where network access is not working or there is a data error; or a case that requires various MAC layer 03 Structure of Data Link Layer
involvements. As for the embedded software development, sometimes even a driver level development should be done

20

20
by developers. Once embedded software is ported in the test environment prepared by a hardware developer, it is
difficult to find out whether any issue is directly coming from hardware side or from the ported program. In that case, Sub-layer of Data Link Layer
JTAG debugging may be used. In the network environment, it may be needed to validate whether there is any issue
from physically delivered bit or the error is from the data link layer. As more short distance communications technologies The data link layer is composed of two sub-layers: LLC (Logical Link Control) and MAC (Media Access Control). The
such as Bluetooth and ZigBee are accepted, it has become more important to understand the data link layer. LLC sub-layer is responsible for the connection between MAC sub-layer and the network layer (Layer 3). The MAC
ht

ht
sub-layer is responsible for controlling mechanism, considering the topology and other characteristics of the Physical
layer.

02 Data Link Layer Encapsulation

rig

rig
Network layer
Logical Link Control(LLC)
Data Link Layer Encapsulation Data link layer
Media Access Control(MAC)
py

py
As shown below, a frame of the data link layer is composed of a Header and a Trailer added onto the packet of the Physical layer
network layer. This kind of process is called Encapsulation of the data link layer. On the receiving end, a reversal OSI reference model
process is performed and called Decapsulation.

<Figure 13> Sub-layer of data link layer

Co

Co
Network layer L3 Data Logical Link Control

① Basic concept of logical link control

ⓒ

ⓒ
Data link layer Header L3 Data Trailer
7 1 6 6 2 1 1 1 or 2 Variable 4
S Destination Source D
S
S
S
Preamble F Length A A Ctrl DATA FCS
D Address Address P P

Physical layer L2 Data

802.3 802.2 802.3

<Figure 14> IEEE 802.3 frame structure

<Figure 12> Encapsulation for data link layer

30 TOPCIT ESSENCE M3 Network 31

TOPCIT ESSENCE Network

This sub-layer is the upper part of the two sub-layers of the data link layer and is also called the IEEE 802.2. This
sub-layer is responsible for data transport between two neighboring nodes of the data link layer. In this case, the
neighboring node has DSAP and SSAP address within the LLC sub-layer. LLC sub-layer allows diverse protocols of
the MAC sub-layer to be utilized so that topology agnostic communications can be made available.
M3
resolution; ARP and RARP (Reverse Address Resolution Protocol). Address resolution protocol is used to learn the
MAC address by using the IP address, and RARP literally works in a reverse way as the protocol is used to learn the
IP address via MAC address and the like.

② Logical link service control option 32 bits

There are three types of options in logical link service control. Type 1 is called an on-acknowledgement datagram
8 8 8 8
service or called a connectionless service because the service does not require delivery acknowledgement
messages. Type 2 is using virtual circuit access, just like TCP service, and a virtual session is made for data

16

16
transfer. Type 3 is called acknowledgment datagram service and the service provides point-to-point datagram
with delivery acknowledgement.
Hardware Type Protocol Type

20

20
Hardware Protocol
MAC Address Length Address Length
Operation

MAC is a layer that is responsible how data should be transferred out through physical medium.
Sender Hardware Address
MAC, as shown below, includes the MAC address for transmitting and receiving systems. MAC addresses can be (OCTETS 0-3)
divided: 224 for OUI (Organizationally Unique Identifier), an identification code for the manufacturer; and 224 for NIC
ht

ht
serial number from a specific manufacturer. Sender Hardware Address Sender IP Address
(OCTETS 4-5) (OCTETS 0-1)
rig

rig
Destination MAC Source MAC Sender IP Address Target Hardware Address
(OCTETS 2-3) (OCTETS 0-1)

Target Hardware Address

py

py
2 24 2 24 (OCTETS 2-5)
OUI : PID :
Manufacturer identification number Product serial number
Target IP Addresss
Co

Co
<Figure 15> MAC address structure
<Figure 16> ARP packet structure

There are standardized MAC protocols: IEEE 802.3 or CSMA/CD, IEEE 802.4 or token bus, IEEE 802.5 or token ring
for wired LAN; IEEE 802.11 MAC sub-layer is based on CSMA/CA for wireless LAN.
ⓒ
ARP packet is composed of: 6-byte destination MAC address, 6-byte source MAC address, 2-byte Ethernet protocol
type, 2-byte hardware type, 2-byte protocol type, 1-byte hardware address length, 1-byte protocol address length,
2-byte operation code, 6-byte sender hardware address, 4-byte sender protocol address, 6-byte target hardware

04 MAC Address Search
IP Address and MAC Address Resolution Protocol
In order to send a packet to another host, it is necessary to acquire the MAC address of the host. This job can be
done by ARP (Address Resolution Protocol). There are two types of protocols used in IP address and MAC address
ⓒ
address, 4-byte target protocol address, and 18-byte padding.
MAC Address Search Scenario
In <Figure 11>, User A’s computer and Router C are on the same network segment, it is necessary to acquire the
MAC address to make communications possible. In this case, User A’s computer performs broadcast to make ARP
requests to all the systems within the network segment. The frame delivered during the ARP request contains an

32 TOPCIT ESSENCE M3 Network 33

TOPCIT ESSENCE Network

ARP packet, as shown in <Figure 16> in the data portion of the frame. The Router C, which receives a request,
puts its MAC address into ARP packet and delivers the information to User A’s computer via uni-cast to acquire
MAC addresses of both sides and the MAC addresses are stored in the cache memory of each system. During this
process, wired/wireless IP sharing device B manages the port-MAC address table for the systems connected to the
port onto its cache memory.
M3
Error Detection and Error Correction
① Error detection
Error detection refers to a method to add redundant data to detect error on the receiving end. There are various
ways of error detection such as VRC (Vertical Redundancy Check), LRC (Longitudinal Redundancy Check), CRC
(Cyclic Redundancy Check), and checksum. The details are explained in the table below.

<Table 10> Error detection method

05 Error Detection and Correction in Data Link Layer

16

16
Method Details

• Vertical Redundancy Check

VRC
Definition of Error Control • A parity check and most widely used for error detection

• Longitudinal Redundancy Check

20

20
Various errors might come about when a frame is delivered through the data link layer depending on how good LRC • Collect all the even number parity of all the bytes to create a data unit and add it at the end of the
data block
the network condition is or how the transmitting and receiving devices are working. The types of errors can be
divided into: Single-bit error where only one bit gets changed in the data portion, multi-bit error where two or more CRC
• Cyclic redundancy check
• A detection method using binary division
non-consecutive bits get changed in the data portion; and burst error where two or more bits get changed in a
consecutive way in the data portion.
Checksum • Used in the protocols for the upper layer and basically founded on redundancy (VRC, LRC, CRC, etc.)
ht

ht
The definition of error control: to detect and correct errors when a transmitted data is not received or when there
is an error during the transmission. Such error control methods can be divided in two: 1) Forward Error Correction
(FEC) which allows the receiving end to detect and correct the error and the sender adds redundant data for error
② Error correction
rig

rig
correction before sending the data; 2) Backward Error Correction (BEC) which means to give notice to the transmitting
A receiving end can ask a sender to send the whole data again, or a receiver can correct the error by
end when there is an error in the transported data and the transmitting end sends the data again for recovery.
mechanically using an error correction code.
py

py
<Table 11> Error correction method
Error Control
Method Details

Single bit error • To identify the location of wrong bit (parity bit)
Forward Error Correction (FEC) Backward Error Correction (BEC)
correction • ASCII code needs 3-bit redundant code
Co

Co
Redundant bit error • To calculate the number of redundant bits in order to correct the number of bits in the given
Non-block Code Block Code Error Detection Method Error Correction Method correction data by validating the relationship between the number of data bits and redundant bits

Turbo Code BCH Parity Check Stop-Wait ARQ Hamming code • To identify the location of redundant bit using hamming code

Convolution Code Hamming Code Blocksum Check Go-Back-N Multi-bit error

• The calculated outcome of redundant bit is used to correct multi-bit error.
ⓒ

ⓒ
correction
Reed-Solomon Cyclical Redundancy Check Selective-Repeat

Adaptive ARQ ③ ARQ: Automatic Repeat Request

H-ARQ ARQ means: a receiver notifies to a sender about the error and the sender shall resend the frame relevant to the
error in order to resolve the issue. Typical ARQ types are stop and wait, Go-back-N ARQ, and adaptive ARQ.
The details for each of the repeat request algorithms are explained below.
<Figure 17> Type of error control

34 TOPCIT ESSENCE M3 Network 35

TOPCIT ESSENCE Network

M3
<Table 12> Types of ARQ algorithm

Algorithm Details
Network layer

Data link layer

• A sender transmits one frame to a receiver. The receiver sends out either AC K or NAC signal 14.32.172.0 Switching hub D
Stop and wait ARQ Application layer
in accordance with the presence or absence of the error in the frame. Data link layer
Physical layer
Transport layer
Application layer
Wireless/wired IP Physical layer Network layer
• A method to send frames continuously, to address the delivery inefficiency of stop and wait Transport layer sharing device B Router C
Data link layer
Go-back-N ARQ ARQ method. A sender allocates a frame sequence number that is as big as the window size Network layer 192.168.11.0 Network layer
220.17.23.0
and sends them out continuously with a certain size.
Data link layer Data link layer Physical layer

16

16
Physical layer User A Physical layer
• Similar to Go-back-N ARQ, but only resends the error-specific frame
Selective-repeat ARQ
• Buffer for sending and receiving should be large enough.
<Figure 18> Mechanism of action in Physical layer

20

20
• To detect the error rate on the communications line and dynamically modifies the optimal
Adaptive ARQ
length of the frame Signal Delivery Method

The signal delivery method of the Physical layer can be explained as follows: frames from the data link layer (upper
• Compromise between forward error correction and backward error correction layer of the Physical layer are transformed into digital signals of 1 and 0, and the transformed signals are delivered to
ht

ht
Hybrid-ARQ • In a normal situation, the network efficiency is secured by using FEC. However, BEC is used
in case of an error in order to enhance reliability.
the receiving end via the transmission medium.
rig

rig
From data link layer To data link layer

1.2 data 1.2 data

06 Physical Layer
py

py
10101000000010 10101000000010

Physical layer Physical layer

Operation Scenario
Co

Co
Transmission medium
The Physical layer, as shown below, is intended to deliver electric signals among the devices such as User A’s
computer, wired/wireless IP sharing device, router switching hub, and server (my.server.com). The frames of the data
link layer are transformed into digital signals of 1 and 0 in the Physical layer and the digital signals are transformed into
electric signals in the transmission medium before delivery is made. <Figure 19> Signal delivery of Physical layer
The transmission medium is a physical pathway between transmission and receiving devices. Typical examples of
ⓒ

ⓒ
transmission medium are twisted-pair cable, coaxial cable, radio link, fiber optical cable, and the like. Usually, UTP is
used in building LAN and fiber optical cable is used for backbone network provided by the ISP. It is a trend to use fiber
optical cable more so that gigabyte level high speed delivery can be made. 07 Classification of Physical Layer Medium
In our scenario, UTP cable can cover from User A’s computer to wired/wireless IP sharing device B, and from wired/
wireless IP sharing device B to Router C. If the scenario wants to cover a wider area than shown in the example, fiber
optical cable connection can be used along with a transmission device. Transmission Medium

The transmission medium is a physical path between a receiver and a transmitter. The transmission medium can be
divided into Guided Media and Unguided Media and the typical examples are twisted pair cables, coaxial cables,
radio links, and fiber optical cables.

36 TOPCIT ESSENCE M3 Network 37

TOPCIT ESSENCE Network

M3
Guided Medium <Table 13> Structure of twisted-pair cables

UTP STP
① Types of guided medium
As for the guided medium: coaxial cables have been used a lot until the early 1990s; twisted-pair cables have
been used a lot for the node connection and local area network; fiber optical cables have been used a lot for the
backbone network to cover a long distance since the mid 1990s. The guided medium can be categorized into
twisted pair cables, coaxial cables, and fiber optical cables as shown below.

16

16
Guided
medium UTP cable is typically categorized into CAT3, CAT5, CAT5e, CAT6 and each category can support different speed
and frequency levels.

20

20
CAT3 can provide 10Mbps level signal transmission. It can be used for data transmission for a network with the
minimal specifications, but usually used for delivering voice signals on the phone. CAT5 can provide 100Mbps level
Twisted-pair Fiber-optical signal transmission, and is generally used for transmitting the data and voice signals in the Ethernet. CAT6 allows
Coaxial cable
cable cable
1Gbps level signal transmission and can be used for high-speed Ethernet and gigabit Ethernet data transmission.

ht

ht
<Table 14> Types of UTP cables
<Figure 20> Types of guided medium
Category Speed and frequency Details
rig

rig
Voice signal for brand-new telephones, data transmission for the network with
② Twisted-pair cable CAT3 10Mbps, 16MHz
minimal specifications
Generally, twisted-pair cables are used a lot for the LAN. As shown below, two cables are twisted with each CAT5 100Mbps, 100MHz 10~100Mbps data and voice transmission in the Ethernet
other to minimize the mutual interference. Every pair has different twist rates on different segments (in every inch)
CAT6 1Gbps, 250MHz High-speed Ethernet and gigabit Ethernet data transmission
in order to minimize the electromagnetic interference.
py

py
② Coaxial cable
The structure of coaxial cables is composed of a single wire inside and the round conductors covering the wire
outside.
Co

Co
ⓒ

ⓒ
<Figure 21> Twisted-pair cable

Twisted pair cables can be divided into UTP (Unshielded Twisted Pair) and STP (Shield Twisted Pair). UTP means
a stranded wire not surrounded by conductive materials and is usually used as a transmission medium for an
<Figure 22> Structure of coaxial cables
internal telephone line or an information network.
On the other hand, STP (Shield Twisted Pair) means a stranded wire surrounded by conductive materials. It is
tolerant against electrical noises and is used as a transmission medium for an internal information network using Coaxial cables can be categorized into a thin cable and a thick cable, considering the difference in data transfer
the IEEE 802.5 token-ring method. specifications.
Presence of conductive materials can make a significant difference in the two types of twisted-pair cables. The thin cable is categorized as an RG-5 cable which supports up to 10Mbps data transfer rate and covers up

38 TOPCIT ESSENCE M3 Network 39

TOPCIT ESSENCE Network

M3
to 185m. The thick cable is categorized as an RG-8 cable which supports up to 100Mbps data transfer rate and Type Details
covers up to 500m. Beams from the source are delivered through the core in various pathways.

<Table 15> Types of coaxial cables Multimode graded

index
Type RG designations Details
Thin Cable RG-5 Data transfer rate 10Mbps, Maximum coverage 185m

Thick Cable RG-8 Data transfer rate 10Mbps, Maximum coverage 500m

Wireless Medium

16

16
④ Optical fiber cable
An optical fiber cable is composed of a core, cladding, and coating as shown in <Figure 23>. The core is a The wireless medium can be categorized into radio wave, microwave, and infrared wave.
transparent wrapper that has a high refractive index where the light passes through; the cladding is a transparent The radio wave, by definition, means the electromagnetic wave between 3 KHz and 1 GHz. In most cases, the radio

20

20
wrapper surrounding the core and has less refractive index compared to the core; and the coating is a synthetic wave radiates into all directions.
resin wrapper protecting the core and the cladding. This wave form is suitable for the multicasting which has only one transmitter but with multiple receivers.
The microwave, by definition, means the electromagnetic wave between 1 GHz and 300 GHz. As this wave form
moves into a single direction, it is possible to send the wave in a single direction with a specific focus.
The microwave can be used in the uni-cast communications such as mobile phones, satellite communications, and
ht

ht
the wireless LAN. The infrared ray, by definition, means the electromagnetic wave between 300 GHz and 400 TGHz
(with 1nm-770nm wavelength) and is used for the short distance communications. The infrared ray, due to its high
Core frequency, cannot penetrate through a wall and can be used for shorter distance communications within a closed
Cladding
rig

rig
Coding
space by using the line-of-sight propagation.
<Figure 23> Structure of optical-fiber cables

Optical fiber cables can be divided as follows: single mode where a beam from the source is delivered through
Wireless medium
py

py
the core in a single pathway; and multimode step index and multimode graded index where multiple beams from
the source are delivered through the core in various pathways.

Radio wave Micro wave Infrared

<Table 16> Types of optical-fiber cables wave
Co

Co
Type Details
<Figure 24> Classification of wireless medium
The beam from the source is delivered through the core in a single pathway.

Single mode
08 IEEE 802 Standard
ⓒ

ⓒ
Beams from the source are delivered through the core in various pathways. Basic Concept of IEEE 802

Multimode step index <Figure 25> shows services on each layer which are defined by the IEEE Committee. Let’s look at the services of
each layer. The Logical Link Control (LCC) layer provides services: Type 1 (Unacknowledged datagram service),
Type 2 (Virtual circuit service) and Type 3 (Acknowledged datagram service).
The Medium Access Control (MAC) layer offers the IEEE 802.3 CDMA/CD medium access control, the IEEE 802.4
token bus medium access control, and the IEEE 802.5 token ring medium access control.

40 TOPCIT ESSENCE M3 Network 41

TOPCIT ESSENCE Network

M3
which provides data transfer rate of up to 54 Mbps and operates in the 2.4 GHz band. The IEEE 802.11n, another
Type 1 (Unacknowledged datagram service) expansion from the 802.11 standard, is a standard which operates in the 2.4 GHz and 5 GHz band and utilizes the
Logical Link Layer
Type 2 (Virtual circuit service)
(LLC) MIMO (Multiple-Input Multiple-Output) to improve the data transfer speeds up to 600 Mbps. Wireless AP products
Type 3 (Acknowledged datagram service)
that can support Gbps level are being launched these days. The IEEE 802.11ac achieves a theoretical maximum
Physical Medium CSMA/CD medium access Token bus medium Token ring medium
control access control access control
rate of 6.93 Gbps in the 80/160MHz band, using the multi-user MIMO/multiple MIMO spatial streams, 256-QAM, and
Access Control
(MAC) beam forming. The IEEE 802.11ad operates in the 60 GHz frequency band and offers Gbps rate of transmissions,
8 8 8
0 0 0 using various technologies. The development work for the ‘Gigabit wireless LAN’ standards is still going on to make it
2 Baseband coaxial cable: 2 Broadband coaxial 2 Shielded twisted pair
1. 10Mbps cable: cable: possible to transmit the UHD images and explosively growing wireless data at a higher speed.
ㆍ ㆍ ㆍ
3 Baseband twisted pair 4 1, 5, 10Mbps 5 1, 4Mbps
Physical medium cable: 10Mbps

16

16
Broadband coaxial cable : Optical fiber: <Table 17> IEEE 802.11 protocol standards
100Mbps 이상 5, 10, 20Mbps
Allowable
802.11 Frequency Bandwidth Stream data rate
MIMO Modulation
Protocol (GHz) (MHz) (Mbps)
<Figure 25> Services on each layer streams

20

20
• DSSS,
- • 2.4 • 20 • 1,2 • 1
• FHSS

a • 5 • 20 • 6,9,12,18,24,36,48,54 • 1 • OFDM

IEEE 802.3 Standard b • 2.4 • 20 • 1,2,5,5,11 • 1 • DSSS

• OFDM,
ht

ht
In the IEEE 802.3 protocol stack which is used most among the IEEE 802 standard, there are: the IEEE 802.2 protocol g • 2.4 • 20 • 6,9,12,18,24,36,48,54 • 1
• DSSS
which is specific to the LLC sub-layer of the data link layer; and the IEEE 802.3, the IEEE 802.5 token ring, the FDDI
• 2.4 • 20 • 7.2,14.4,21.7,28.9,43.3,57.8,65,72.2
and the like which cover the MAC sub-layer and the Physical layer. n • 4 • OFDM
• 5
rig

rig
• 40 • 15,30,45,60,90,120,135,150

• 20 • 87.6
Network Layer • 40 • 200
ac • 5 • 8 • OFDM
• 80 • 433.3
py

py
Data LLC Sublayer IEEE 802.2
Link • 160 • 866.7
Layer MAC Sublayer
Token Ring /
IEEE 802.3 FDDI
802.5
Physical layer
Co

Co
IEEE 802.15 Standard

OSI reference model LAN protocol The IEEE 802.15, derived from the IEEE 802.11 committee for wireless LAN standards, is a working group which
specifies the wireless personal area network (WPAN) standards. It is usually related to building a wireless network at
<Figure 26> IEEE 802.3 protocol stack
home for mobile communications terminals, PCs and other peripheral devices. The IEEE 802.15 consists of several
study groups, such as the WPAN Study Group (Data rates of less than 1 Mbps), the WPAN High Rate Study Group
ⓒ

IEEE 802.11 Standard
The IEEE 802.11 is a working group, responsible for managing wireless local area network (also known as wireless
LAN or Wi-Fi) standards. It aims to minimize costs required for wiring and maintenance, so as to overcome the
limitations of the wired LAN type Ethernet. Some common specifications in the 802.11 family include the following:
the IEEE 802.11b which is capable of transmissions of up to 11 Mbps and utilizes the DSSS; the IEEE 802.11a which
is capable of transmissions of up to 54 Mbps and operates in the 5 GHz band using the OFDM; and the 802.11g
ⓒ
(Data rates of up to 20 Mbps) and others.
The IEEE 802.15.1 Bluetooth, the IEEE 802.15.3 UWB, the IEEE 802.15.4 ZigBee are the most widely used WPAN
technologies.
The IEEE 802.15.1 Bluetooth is a wireless technology standard for exchanging data over a short distance by using
mobile phones, laptops, and other mobile devices. The IEEE 802.15.3 UWB refers to a wireless technology that aims
to transmit a large amount of digital data within a short range with low power through a wide spectrum frequency
band. The IEEE 802.15.4 ZigBee is a standard technology which is designed for a low-rate home automation and
data network.

42 TOPCIT ESSENCE M3 Network 43

TOPCIT ESSENCE Network

M3
<Table 18> IEEE 802.15 protocols •GPIO: types of the ports for controlling the external signal input/output and port configuration methods
WPAN Bluetooth UWB ZigBee •Development tool: tools required to develop the chipset
Considering the application area where an embedded product needs to be developed, a hardware developer is
Standard IEEE 802.15.1 IEEE 802.15.3 IEEE 802.15.4
required to investigate an initial chipset and figure out how to generate an entire circuit configuration using this
Frequency 2.4GHz 3.1~10.6GHz 868MHz chipset. The hardware developer needs to review the chipset based on some criteria pertaining to a hardware
Data transfer perspective, such as electrical characteristics, reliability, complexity circuit configuration, chipset package appropriate
Varying on each version 480Mbps 20/40/250Kbps
rate for each device design, and costs. Meanwhile, a software developer needs to review various aspects of the chipset
Transmission – its compliance with the applicable standards, ease of control methods, appropriateness of memory size, whether
10~100m 10m 10~75m
range the reuse of the existing control method is possible, whether there are enough ports to control input/output of a target

16

16
Transmission of voice and file, product, whether it is better to separate the chipset from other chipsets, and whether it is better to have one chipset
Application Multimedia, etc. Sensor communications, etc.
etc. equipped with various functions. An active communication process with hardware developers should come after the
previously mentioned considerations in order to select the most suitable chipset.

20

Based on the understanding of the specifications for ZigBee, Bluetooth and other technologies, an embedded
software developer is required to know which chipset should be used, which communications can be used for
controlling the chipset, and which development tools can support the chipset, and ultimately, is required to draw a
whole picture about the chipset. The following is an example of the specifications for a ZigBee chipset. It shows a list
of applications where the chipset can be used, its key features, and the eligible ZigBee standards.
ht
20
<Figure 28> shows a screenshot taken by the Frontline’s Frame Display packet capture program which displays data
transmitted via Bluetooth. A CRC error is detected in the Frame 1, as seen in the figure. The embedded software
developer should investigate whether the data is transmitted as expected with the program written by him/herself.
A certain data is hardly likely to be transmitted at once without any errors right after porting the program on the test
board. In general, the developer is required to: debug the self-made program and then; look into whether the data
transmission and reception works fine by using the tools such as a packet capture program. If the aforementioned

ht
step is not available, the developer needs to directly validate data transmission at the Physical layer level by using
a spectrum analyzer or the like. As more and more products are being launched with various wireless media and
protocols, there is a rising need for understanding the data link layer and physical layer.
rig

rig
py

py
Co

Co
ⓒ

ⓒ
<Figure 27> Example of ZigBee specifications [7]

The following shows what software developers need to understand in chipset specifications
•Block diagram: the understanding of the entire chipset structure and flow in the chipset
•Communications type: SPI, I2C, etc., chipset control methods <Figure 28> Frame Display’s screenshot: data transmitted via Bluetooth
•Memory: RAM, ROM, available size of memory, address type, etc.

44 TOPCIT ESSENCE M3 Network 45

TOPCIT ESSENCE Network

M3
Example Question
Understanding Routing Protocols and the
Ⅲ
Question type Ipv4 Address System and to Utilize the Same
Descriptive question

Question

Suppose you write a product development plan for a smart wrist band for healthcare. Latest Trends and Key Issues

16

16
You need to select a right method for the near distance communications and to select a right chipset.
The network layer is the one which is most closely engaged with the data transmission and plays
According to the market survey, Bluetooth, ZigBee, UWB (Ultra Wide Band), and NFC (Near Field
important roles for efficient data transmission. This chapter will cover: how packets are generated based
Communication) are widely used technologies. Because of the price for the product, the product shall
on IPs; how packets are effectively delivered on the Internet network; and eventually how data is moved

20

20
support only one technology for communications rather than many of them.
1) Select just one communications method to fulfill the conditions mentioned below. (15 points) and processed on the network. This chapter will explain about a router, which is a device used in the
2) Describe why the method was selected, especially about its characteristics and features. (15 points) network layer, its basic structure, the working mechanism for packet routing, the routing algorithm, and
the routing protocol that is actually implemented.
Condition 1. The ISM band should be used
Condition 2. Need to transport the smart phone voice data and personal healthcare record
ht

ht
Condition 3. The transfer rate should be higher than 1Mbps
Study Objectives
To be able to understand protocols and devices of the network layer and to be able to explain about
rig

rig
Intent of the question
the same
Need to understand WPAN communications technologies thoroughly rather than just memorizing them.
To be able to explain about the basic ideas of the routing protocol, its type and algorithm
To be able to understand the IPv4 addressing structure and to work on subnetting
Answer and explanation
py

py
1) Bluetooth
2) Condition 1: Generally using 2.4GHz (ISM band)
Condition 2: Bluetooth is used for file and voice communications.
Practical Importance
Co

Co
Condition 3: Theoretically, Bluetooth 1.0 can support 1 Mbps, Bluetooth 2.0 can support 2Mbps, High
and Bluetooth 3.0 can support up to 24Mbps.

ZigBee is usually used for small data volume such as sensor-based communications.
NFC requires physical distance closer than 10cm: not suitable Keywords
UWB can support up to 500Mbps, but cannot meet Condition 1.
ⓒ

ⓒ
Router, Routing table, Packet, PDU, Datagram method, Virtual circuit, APIPA, Segment, Metrics, MTU,
ZigBee can support 250Kbps.
STP, ARP, RARP, ICMP, IGMP, QoS, Bandwidth, IntServ, RSVP, DiffServ, Routing algorithm, Routing
protocol, EGP, IGP, Distance Vector, Link State, BGP, RIP, IGRP, OSPF, IPv4, Subnetting, Supernetting,
APIPA, CIDR, DHCP, NAT
Related E-learning Contents
•Lecture 2 Physical layer and Data Link Layer

46 TOPCIT ESSENCE M3 Network 47

TOPCIT ESSENCE Network

M3
01 Outline of Network Layer and Device
Practical tips Network Layer and Routing Protocol
What is Network Layer?
Mechanism of action of the network layer The network layer is the third layer in the OSI 7 model and TCP/IP, which is responsible for packet transport from
the transmitting end to the receiving end. The network layer receives the Segment from the transport layer and
Encapsulates the segment to deliver it to the data link layer.
Network layer

16

16
Data link layer Switching hub D
14.32.172.0
Data link layer Application layer
Physical layer Transport Layer
Application layer Transport layer
Physical layer

20

20
Transport layer Wireless/wired IP Network layer
sharing device B Router C
Data link layer
Routing Protocal IP Protocol
Network layer 192.168.11.0 220.17.23.0
Network layer Network
Data link layer Layer
Data link layer Routing Table ICMP Protocol
Physical layer

Physical layer User A Physical layer

Link Layer
ht

ht
<Figure 29] Conceptual diagram of router
Physical layer
rig

rig
Various scenarios have been already explained regarding the network layer as shown in <Figure
<Figure 30> Network layer in TCP/IP layer
29].

[Step 3-2] The information created in the TCP protocol goes through a number of hops and is
Function of Network Layer
py

py
encapsulated so that it can be routed to the network (220.17.23.0) where my.server.com is residing.

[Step 3-4] The wireless/wired IP sharing device B receives the packet from User A’s computer The network layer encapsulates a payload on the transmitting end and decapsulates the payload on the receiving
and looks into the final destination of the packet because the packet is not directed to the IP sharing end. In addition, the layer has various functions: Packetization so that the payload will not be changed during the
Co

Co
device. The IP header contains the final destination (my.server.com) and the IP sharing device B can data delivery; Routing that finds a path for the packet delivery; and Forwarding that is run by a router when the
recognize that the final destination is not for 192.168.11.0 or 14.32.172.0 where the IP sharing device packet is delivered to one of the interfaces of the router. A routing rule is applied in the process of forwarding in
belongs. The IP sharing devices passes the packet to Router C where it belongs. order to create a table for decision making. The decision making table is also called a forwarding or Routing Table.

[Step 3-6] My.server.com receives the packet and looks into the IP address to identify whether the <Table 19> Function of network layer

packet is directed to the right address. After that, the server removes the header information and Function Details
ⓒ

ⓒ
sends the remaining data to a higher protocol layer. •Payload encapsulation on the transmitting end and payload decapsulation on the receiving end
Packetization •Responsible for the payload delivery without changes about the payload from the transmitting end
to the receiving end

Routing •Path finding for a packet from the transmitting end to the receiving end

•A function performed by a router when a packet arrives into one of the interfaces of the router
Forwarding •Routing rules are applied to create a decision making table for a router.
※ The decision making table is called a routing table.

48 TOPCIT ESSENCE M3 Network 49

TOPCIT ESSENCE Network

M3
Internetworking Device
Management Functions
Internetworking means a connection between a network and another network. Typical internetworking devices are router
… CLI SNMP
Repeater, Bridge, Switch, and Router manager

BGP4+ PIM-SM
<Table 20> Internetworking devices

Device Details OSPF RIB

Repeater Strengthening signals between the connection points (amplification, signal regeneration)
RIP IGMP/MLD

16

16
Bridging two LANs and performing translation and format transformation to make the two different factors
Bridge
as one Multicast Routing
IS-IS FEA
Switch A MAC address-based network separator that works like a multi-port bridge
Unicast Routing

20

20
Router Transmitting data after finding out the optimal communications path between heterogeneous networks
Forwarcling Plane

Let’s take a look at the role of internetworking devices in the world of the seven layers of the OSI and the four layers RIB = routing information base
FEA = forwarding engine abstraction
of the TCP/IP. A router performs packet routing using the IP address in the network layer. A bridge and a switch are
<Figure 31> Conceptual diagram of router [1]
responsible for frame transportation in the data link layer, while a hub and a repeater simply deliver physical signals
ht

ht
on the Physical layer. The function of each of the devices is listed for comparison in <Table 21>.
A router looks like as shown in <Table 22>. In a small network, Cisco 2500 can be used and Cisco 7300 can be used
<Table 21> Protocol layers and device for each layer in a medium size or bigger networks.
rig

rig
OSI 7 layers TCP/IP 4 layers Device
<Table 22> Routers [2]
Application
Cisco 7300 Cisco 2500
Presentation Application
Gateway
py

py
Session

Transport Transport

Network Internet Router

Co

Co
Data Link Bridge, Switch
Network Access
Physical Hub, Repeater

② Router metrics
What is Router? It means a set of data collected within a given timeframe for a certain routing path. The types of router metrics are
ⓒ

ⓒ
as follows:
A router uses more than one metric for network traffic forwarding and defines an optimal pathway. In other words, the
device forwards packets from one network to another based on the information of the network layer.
<Table 23> Routing metrics [3]

① Structure of router Metric Details

A router is composed of a Router Control Plane and a Forwarding Plane. The router control plane, which is The total number of hops between the starting point and the final destination; the smaller the
Number of hops
number is, the faster the processing is.
implemented with software, is composed of processes of determining where the packets, coming through the
router, should be forwarded and tables that are required for the process. The forward plane performs actual MTU Maximum Transmission Unit; literally means the maximum data a protocol can take up.
packet transmission following the requirements made in the router control plane.

50 TOPCIT ESSENCE M3 Network 51

TOPCIT ESSENCE Network

M3
Metric Details VLAN (Virtual Local Area Network)
The cost is determined by various factors such as transmission time, link reliability, and
Cost VLAN is aimed to overcome the physical and geographical limitations of the existing network and to build a logical
characteristics of a band. The higher the cost is, the lower the efficiency is.
network that can meet users’ demands. In other words, a network is not categorized by the factors such as
Latency To determine the bottleneck and to manage packet delay records between routers
geographic or spatial location but other factors are used to build a logical network such as IPs, protocols, MAC
③ Routing Table addresses, and ports. There are VLAN protocols relevant to a switch such as the ISL, 802.1Q, and VTP. The ISL
 Routing Table and 802.1Q are VLAN tagging protocols, while the VTP is a VLAN management protocol.

16

16
Sales VLAN
B C E G H L
1.0.0.0 2.0.0.0 3.0.0.0 4.0.0.0
R1 R2 R3 Marketing VLAN

20

20
EO SO SO S1 S1 EO
A D F I J K

A B C D E F G H I J K L
Routing table Routing table Routing table
1.0.0.0 EO 0 2.0.0.0 SO 0 3.0.0.0 SO 0

ht

ht
2.0.0.0 SO 0 3.0.0.0 S1 0 4.0.0.0 EO 0
3.0.0.0 SO 1 1.0.0.0 SO 1 2.0.0.0 S1 1 Switch 1 Switch 2
4.0.0.0 SO 2 4.0.0.0 S1 1 1.0.0.0 S1 2
<Figure 33> VLAN structure [4]
rig

rig
<Figure 32> Routing table
<Table 25> Switch Vs. Router

Comparison target Switch Router

What is Switch?
py

py
Reference table MAC address table Routing table

Reference PDU Ethernet frame IP packet

A Switch is a device that connects network segments and provides various functions such MAC Address Learning,
Loop Prevention, and Filtering. In addition, the switch has port mirroring and VLAN function). Port Mirroring (also Reference field Destination MAC address Destination IP address
Co

Co
called a port monitoring) means that a set of data transported to a certain port is replicated and the copied data Frame used Ethernet Ethernet, frame relay, PPP, etc.
is sent to a mirrored port. Port mirroring is important in that an administrator can use the mirrored port to monitor
Layer 2 header No change Replaced with new header
network traffic.

<Table 24> Main functions of switches

Function Details 02 Encapsulation of Network Layer

ⓒ

ⓒ
Address learning •To learn all the MAC addresses of all the systems connected to the port.

Encapsulation of Network Layer

Filtering •To perform port-specific data traffic filtering using the MAC address
As shown in <Figure 34>, a packet of the network layer is made by adding a header on the segment of the transport
•To avoid a network loop when multiple paths are generated to the destination system layer. This kind of process is called Encapsulation and a reversal process, called Decapsulation, is carried out on
Loop prevention
•STP (Spanning Tree Protocol) is used in the system to prevent a network loop
the receiving end.

52 TOPCIT ESSENCE M3 Network 53

TOPCIT ESSENCE Network

M3
packet. On the other hand, the virtual circuit approach is a connection-oriented service which sets out the virtual
Transport layer L4 Data route for the datagram even before transmission begins and the actual transmission for all the datagram is made
through the same route after the connection establishment is finished. The forwarding decision is made by the Packet
Network layer Header L4 Data Label (identifier for virtual circuit).

Data link layer L3 Data

Network Layer Protocol/Command
<Figure 34> Encapsulation of network layer
In the network layer, there are address resolution protocols between the IP address and the MAC address: ARP

16

16
(Address Resolution Protocol) which resolves the IP address into the MAC address; and RARP (Reverse Address
IPv4 Header
Resolution Protocol) which resolves the MAC address into the IP address. In addition, ICMP (Internet Control
Message Protocol) is a protocol used to send out the information of network errors, and IGMP (Internet Group

20

20
Management Protocol) is for the IP multicast transmission.

Application
TEL
Application FTP SMTP DNS TFTP SNMP Presentation
NET
21 23 25 53 69 161 Session
ht

ht
Transport TCP UDP Transport

Internet IP ICMP ARP RARP Network

rig

rig
Network Network Interface Data Link
Interface Ethernet
Physical

<Figure 36> Protocols of network layer

py

py
<Figure 35> Network packet structure [5]

<Table 26> Protocols of network layer

In <Figure 35>, ‘Version’ indicates the version of the protocol where the datagram belongs, ‘IHL’ is the length of the Protocol Details
header, and ‘Type of Service’ indicates what kind of service the host wants in the subnet. In addition, ‘Total length’
Co

Co
• Address Resolution Protocol (RFC 826)
is the sum of the length of the header and the data in the datagram, ‘Time to live’ means the life limit of the packet, ARP
•To resolve the IP address into the MAC address
and ‘Protocol’ is used to deliver the TCP/UDP information so that the recombination of the datagram can be made
• Reverse Address Resolution Protocol (RFC 903)
at the network layer. Whereas, ‘Source address’ and ‘Destination address’ literally means the sending address and RARP
•To reversely resolve the MAC address into the IP address
destination address which sends or receives the 32-bit datagram respectively.
• Internet Control Message Protocol(RFC 792)
ICMP
• To send out the information about network errors
ⓒ

ⓒ
• Internet Group Management Protocol(RFC 1112)
IGMP
•To perform IP multicast
03 Packet Switching and Network Layer Protocol/Command

Packet Switching Network Layer Command

There are two ways to find packet routes in the packet switching network: Datagram Approach and Virtual Circuit
A list of commands, used to view status information or to activate a certain action, is presented in <Table 27>.
Approach. The datagram approach is a connectionless service which handles all the packets independently.
Packets can be delivered in different routes and forwarding decision is made from the destination address of the

54 TOPCIT ESSENCE M3 Network 55

TOPCIT ESSENCE Network

M3
<Table 27> Commands relevant to network layer <Table 29> Packet scheduling method

Command Details Scheduling method Details

• To test reachability to the network layer by using the ICMP
Ping
• To use the echo request /reply message among the ICMP types
FIFO queuing • A basic scheduling of the Internet, packets are delivered on a first-in-first-out basis
Tracert/ • To display the route to the desired destination
Traceroute • To find out where a bottleneck is (when there is an issue to get access to a certain site)

Route • To allow a manual modification of the routing table • Priority is given to the packets so that the packet in the highest priority queue can be
Priority queuing
processed first.
Ipconfig/ • To display the TCP/IP network configuration values of a computer

16

16
Ifconfig • To validate and renew the DHCP and the DNS configuration values

• To check out the overall status of a network: network connection, routing table, network interface • Priority is given to packets and the packets are allocated to each of the priority queues.
Netstat
and the like Weighted fair queuing • A round-robin selection of the queues to deliver the packets, but the number of selected
packets can increase in accordance with the weight given to a certain queue.

20

20
Arp • To display or modify the local ARP cache values

② Traffic shaping and traffic policing

Traffic shaping and traffic policing are intended to control the speed and volume of the traffic: Traffic Shaping is
04 Network Service Quality used when the traffic leaves the network, while Traffic Policing is used when the traffic comes into the network.
ht

ht
<Table 30> Methods for traffic shaping and traffic policing
QoS(Quality of Service)
rig

rig
Traffic shaping /policing Details

The term QoS means to guarantee a certain level of service quality and performance in various telecommunication
• Packets coming under the burstiness limit can be stored in the packet bucket and go out of
services to meet the needs of users. The quality of services can be defined by various factors such as reliability, Leaky-bucket the bucket at normal speed.
delay, jitter, and bandwidth as listed in <Table 28>. •When the incoming packets exceed the bucket limit, the packets can be removed.
py

py
<Table 26> Protocols of network layer
Token bucket •A basic algorithm used in traffic shaping and traffic policing
Factor Details
Co

Co
Reliability •Reliability is required for a flow to securely deliver a packet to the destination

③ Resource reservation
Delay •Delay literally means the delay in the packet delivery from the transmitting end to the receiving end
A way to reserve resources necessary for a data flow of a certain service to secure service quality: buffer,
Jitter •Jitter means packet delay variations within a single flow
bandwidth, CPU, time, and the like.
ⓒ

ⓒ
Bandwidth •Bandwidth means the maximum transmission speed or the capability to transport information ④ Admission control
A process used in the controlling part of a communications network node in order to make a decision whether to
accept a request for admission.

Techniques Used to Secure Quality of Service ⑤ Service quality model and protocol
There are service quality models such as integrated service model (IntServ) and differentiated service model
① Scheduling
(DiffServ). In addition, the protocol used for service quality is the resource reservation protocol (RSVP).
The packet processing job for the Internet is carried out by routers, which means the way scheduling is done can
change how packets will move.

56 TOPCIT ESSENCE M3 Network 57

TOPCIT ESSENCE Network

M3
<Table 31> Service quality model and protocol [6] Dijkstra's Algorithm()
{
Service quality model Details //Initialization
Tree = {root} //Tree is made only of the root
• To make a clear-cut reservation for the resources such as bandwidth specific to the given data
IntServ for (y = 1 to N) //N is the number of nodes
flow. (per-flow basis) {
if(y is the root)
• A standardized protocol to reserve/secure the bandwidth required for application programs on D[y]=0 //D[y]is shortest distance from root to node y
RSVP
the two ends to provide a certain service. (RFC 2110) else if (y is a neighbor)
D[y] - c[root][y] // c[x][y] is cost between nodes x and y in LSDB
• The types of services are selected every time when packets are transmitted, and the else
DiffServ D[y]=∞
differentiated service model works based on the priority given to the packets.
}
// Calculation

16

16
repeat
{
find a node w, with D[w]
Tree = Tree ∪ {w} //Add wto tree
05 Routing Protocols and Algorithms // Update distances for all neifhbors of w

20

20
for (every node x, which is a neighbor of w and not n the Tree
{
D[x] = min{D[x],(D[w]+c[w][x]}
}
What is Routing Protocol? } until(all nodes included in the Tree)
} // End of Dijkstra
Routing Protocol means a set of rules that define the type of messages exchanged among routers, processes of <Figure 37> Pseudo code of Dijkstra’s algorithm
ht

ht
message exchange, and activities related to receiving messages, so that a routing table can be established and
updated effectively.
Types of Routing Protocols
rig

rig
Routing protocols, as shown in <Figure 38>, can be divided into Static Routing and Dynamic Routing based on how
What is Routing Algorithm? routing works. To drill down further, the dynamic routing can be divided into EGP (Exterior Gateway Protocol) and
IGP (Interior Gateway Protocol) based on how two of them interact with AS (Autonomous System), and IGP can be
Routing Algorithm is intended to find out the most cost-effective path between a starting router and a destination categorized into Distance Vector, Link State, and Hybrid routing based on how the routing configuration is done.
py

py
router in a network graph that showcases links along with costs. The most cost effective path is the one that has
the lowest sum of cost out of all the possible paths between a starting router and a destination router. The types of
routing algorithms are listed in <Table 32>. Routing Protocols
Co

Co
<Table 32> Types of routing algorithms Static Routing Dynamic Routing
Algorithm Details
EGP IGP
Link State • Each router has information about the overall network structure and link state in order to find out the
Routing path with the lowest cost to all the destinations. Distance Vector Link State Hybrid
ⓒ

ⓒ
BGP RIP OSPF EIGRP
• Each router keeps the table for ‘the path with the lowest cost’ to all destination routers.(Vector)
Distance Vector IGRP IS-IS
• An initial router path-cost table keeps the cost information pertaining to the router it is connected to
Routing
and its path-cost information is notified to neighboring routers.
<Figure 38> Classification of routing protocols

① Dijkstra’s Algorithm
Routing protocols can also be divided into the interior router protocol and the exterior router protocol when the
Dijkstra Algorithm is the most well known among link state algorithms. A set of pseudo code for the algorithm is shown Autonomous System (AS) is placed as a border line for classification. AS (Autonomous System) is a collection of
in <Figure 37>. networks that have the same operation policy and independent management system.

58 TOPCIT ESSENCE M3 Network 59

TOPCIT ESSENCE Network

M3
The protocol within the AS is called IGP (Inter Gateway Protocol). IGP can be divided into: RIP (Routing Information
Protocol) which uses a distance vector routing algorithm; OSPF (Open Shortest Path First) which uses a link state 32bit
routing algorithm. The routing protocol between autonomous systems is called EGP (Exterior Gateway Protocol) and
the most widely used EGP is BGP (Border Gateway Protocol) which uses a path vector routing algorithm. 8bit 8bit 8bit 8bit

<Figure 39> IPv4 address structure

Types of Routing Protocols
IPv4 address is composed of: an IP address (a unique identifier given to all the communications networks connected
Routing protocols can be categorized into: RIP which uses a distance vector algorithm and routing tables perform to the Internet and to the computers connected to the communications network); a network ID (used to identify

16

16
broadcasting in every 30 seconds for the mutual information interaction; IGRP which has updated some of RIP issues the TCP/IP hosts located on the same physical network); a host ID (used to differentiate the TCP/IP hosts on the
and factored in networking conditions (bandwidth, delay time, load, and the like) in the routing decision; OSPF which network); and a subnet mask (made with 32-bit size to define the network name for an IP address from the host
uses a link state routing algorithm; and BGP that is used to connect between autonomous systems. Details are name.)

20

20
explained in <Table 33>. There are various ways of describing IP addresses, one way is CIDR (Classless Inter-Domain Routing, RFC 1519)
which is a way of IP address allocation where the existing 8-bit network portion and host portion are not divided.
<Table 33> Types of routing protocols There are subnetting and supernetting as well, which does not divide the network ID of the IPv4 address with fixed
Protocol Details 8-bit unit, but the network and host IP can be flexibly presented in accordance with the needs from a network.
Subnetting means to divide a given IP address into small subnets considering the networking environment, while
•Uses a distance vector algorithm and routing tables performs broadcast in every 30 seconds for
ht

ht
RIP the mutual information interaction Supernetting means a number of network IDs are aggregated into a single network ID.
(RFC 1058) •Hop limit: Max 16 hops, VLSM not supported, load balancing not supported
•Network condition (bandwidth, delay time, load, and the like) was not factored in.
rig

rig
•Updated some of the issues of RIP
An Example of a Network Using the IPv4
IGRP •Networking conditions (bandwidth, delay time, load, and the like) were factored in.
•More hops (Max 225 hops), VLSM not supported, load balancing supported

223.1.1.1 223.1.2.1
py

py
•Uses a link state routing algorithm
OSPF •Distributes the information about changes faster than the RIP (such as user defined path, most cost
(RFC 2328, RFC effective path, multi paths, and the like).
1247) •All the routers maintain the same topology-related information, the VLSM and load balancing are 223.1.1.2 223.1.1.4 223.1.2.9
supported.
Co

Co
BGP •A kind of EGP connection between one AS to another, mutual connection for large size networks. 223.1.1.3 223.1.3.27 223.1.2.2
(RFC 4271) •Uses TCP and based on a path vector routing
ⓒ

ⓒ
223.1.3.1 223.1.3.2
06 Outline of IPv4 223.1.1.1 = 11011111 00000001 00000001 00000001
223 1 1 1

What is IPv4 (Internet Protocol Version 4)? <Figure 40> Network using IPv4

IPv4 Address is a 32-bit address used in the IP layer, as shown in <Figure 39>, and makes the Internet connection
of a router or a host universal but unique at the same time.

60 TOPCIT ESSENCE M3 Network 61

TOPCIT ESSENCE Network

M3
<Table 34> IPv4 addressing structure [7]
07 IPv4 Addressing and Subnetting
Class Address Details
• Network ID: first octet
A 1.0.0.0 ~ 126.0.0.0 • Host ID: last three octets
IPv4 Expression • Default subnet mask: 255.0.0.0
• Network ID: first two octets
B 128.0.0.0 ~ 191.255.0.0 • Host ID: last two octets
• Default subnet mask: 255.255.0.0
• Network ID: last three octets
C 192.0.0.0 ~ 223.255.255.0 • Host ID: last octet

16

16
• Default subnet mask: 255.255.255.0

- Binary notation: 01110101 10010101 00011101 00000010 D 224.0.0.0 ~ 239.0.0.0 • Multicast address
- Dotted decimal notation

20

20
E 240.0.0.0 ~ 255.0.0.0 • Experimental

IPv4 Addressing Structure In the IPv4 addressing, Subnetting means to divide one network ID into many network IDs, while Supernetting
means to aggregate a number of small networks into one large network.
The 169.254.0.0 range is reserved for the Automatic Private IP Addressing, and DHCP can automatically work on this
ht

ht
Class A Network Host Host Host kind addressing to set up an IPv4 address, in the versions higher than the Windows 2000. However, this address
cannot be routed to the Internet. Such addressing system is called Automatic Private IP Addressing or APIPA.
1.0.0.0 ~ 126.255.255.255
rig

rig
Class B Network Network Host Host
128.0.0.0 ~ 191.255.255.255 Special IPv4 Address
Class C Network Network Network Host In addition to the generally used classing systems (Class A, B, and C), there are special addresses which are called
py

py
192.0.0.0 ~ 223.255.255.255 special IPv4 addresses and they are listed in <Table 35>.

Class D Multicast
<Table 35> Special IPv4 address [7]
224.0.0.0 ~ 239.255.255.255
Co

Co
Network ID Host ID Address name Details
Class E Research and Development specific All 0 Network address •Means a network address
240.0.0.0 ~ 255.255.255.255 specific All 1 Net-directed broadcast to netID •Used to broadcast to all the terminals within a certain network
•Specifies a terminal within the network
All 0 specific Specific host on this network
<Figure 41> IPv4 addressing structure •Cannot pass through a router
127.X.X.X Local loopback address •Used as a destination address looped back within a system
ⓒ

ⓒ
IPv4 addressing structure is composed of: a network address which was given by an institute in charge of the •Used to broadcast to all the terminals within a router’s network
255.255.255.255 Limited broadcast
•Cannot pass through a router
Internet address resource management; and a host address given by a network administrator to identify individual
•Used to present a terminal, when a terminal does not know its IP
hosts on the network. 0.0.0.0 This host on this network address
Considering the size of a network and the number of hosts, networks can be classified into Class A, B, C, D, or •Cannot pass through a router
E. Class A, B, and C are given to general users to build a network. Class D is for the multicasting and Class E is Class A private address
10. ~ Any
reserved for the future use. (10.0.0.0 ~ 10.255.255.255)
Class B private address •A private address range that can be used without getting an
172.16~172.31 Any
(172.16.0.0 ~ 172.31.255.255) authorization as a public IP.
192.168.0 ~ Class C private address
Any
192.168.255 (192.168.0.0 ~ 192.168.255.255)

62 TOPCIT ESSENCE M3 Network 63

TOPCIT ESSENCE Network

M3
Subnetting the size of a routing table and in using IP addresses with various subnet types.

① Concept of subnetting ② Role of CIDR

Subnetting means to divide a single network address into various small networks. Subnet mask refers to a mask • The IP address is not classified by Class A, B, or C, but the network identifier can be flexibly assigned to make
used to identify the network address portion out of the IP address. [8]. the IP address operation more flexible.
• As there is flexibility in assigning network addresses, CIDR can prevent IP addresses from being wasted and
General Class C address can help build a more efficient network.
11111111111111111111111100 000000
• It is possible to effectively manage IP addresses that are used for routing among domains.
Subnet mask : 255 255 255 0

16

16
2 bits used for subnetting ③ How CIDR is expressed?
11111111111111111111111111 00000
The subnet portion of the IP address has a random length, and is expressed in a.b.c.d/x. Here, ‘x’ is the subnet
Subnet mask : 255 255 255 192
portion of the address.

20

20
<Figure 42> IP address using subnetting

subnet host
② How subnet is used? part part
When a sub-network is added, a middle level layer is generated in the IP address and the IP address can be 11001000 00010111 00010000 00000000
divided into three levels such as site, subnet, and host. 200.23.16.0 / 23
ht

ht
<Figure 44> CIDR expression
141 • 14 • 192 • 2 141 • 14 • 192 • 192
rig

rig
Netid Hostid Site Subnetid Hostid
<Subnetting used> <Subnetting not used> Supernetting
<Figure 43> Address structure when subnetting was used and not used ① What is supernetting?
py

py
S
 upernetting, which literally works in a reverse way as subnetting does, aggregates multiple small networks
③ How subnet is applied? (Subnetting outcome using 2 or 3 bits in the Class C IP address) into a single large network. A series of class address blocks are assigned to a single organization, so that those
blocks can be regarded as one block from outside and the routing can be made to the block [9].
<Table 36> Outcome of subnetting

Number of bits used for subnetting

Co

Co
Classification ② How supernetting works?
(Not divided) Using 2 bits Using 3 bits
• Building a single network by aggregating a lot of Class C addresses
Subnet mask 255.255.255.0 255.255.255.192 255.255.255.254
• A part of network identifier is used as a host identifier.
Number of subnets 1 4 8 • The number of Class C addresses to be aggregated should be ‘2 powered by N’ and the addresses should be
Number of hosts within a in a consecutive order.
256-2 = 254 64-2 = 62 32-2 = 30
subnet
ⓒ

ⓒ
Number of IP addresses
that can be potentially 254 4x62 = 248 8x30=240 8 bits: 254 hosts acceptable
assigned C class with before subnetting

Network identifier Host identifier

Supernet mask 255.255.248.0

(11111111.11111111.11111000.00000000) 11bits: 8190 hosts acceptable
CIDR (Classless Inter-Domain Routing) Subnetting used

Network identifier Host identifier

① What is CIDR?
CIDR is intended to aggregate Class C addresses into a single network. This method can be helpful in reducing <Figure 45> Supernetting mechanism

64 TOPCIT ESSENCE M3 Network 65

TOPCIT ESSENCE Network

M3
How IPv4 Address is Assigned? Example Question
① DHCP(Dynamic Host Configuration Protocol) Question type
D
 HCP means a protocol that provides a way to dynamically assign IP addresses and other detailed information to
Descriptive question
the DHCP client by using a DHCP server.
A DHCP server can assign the IP address and subnet mask and can additionally assign the default gateway,
DNS server address, local router, lease time, domain name, and the like with the DHCP option.
Question
The IPv4 DHCP lease process is conducted through the exchanges of four UDP messages. DHCPDISCOVER, The diagram below shows an ISP (Internet Service Provider) network covering the Seoul area. A node of
DHCPOFFER, DHCPREQUEST, and DHCPACK are the four UDP messages and the details about them are listed each area has a routing table to send the data to other nodes at the lowest cost. Fill out the routing table

16

16
in <Table 37>. of the node in Seodaemoon District.

<Table 37> DHCP message [10]

[Seodaemoon District node routing table]

20

20
Node name Node
A Kangseo District
Message Details B Eunpyeong District Transmission cost
C Seodaemun District Destination Next Node
DHCPDISCOVER The IP address sent from a client, corresponding to 255.255.255.255 D Kwanack District
E Dongdaemun District
Kangseo District
The IP address, subnet mask, default gateway, lease limit and other information are delivered from F Kangdong District
DHCPOFFER
the DHCP server
Eunpyeong District
This message is sent from the client to the server. (Including that the client selected lease related
ht

ht
DHCPREQUEST
information) Kwanack District

The DHCP server sends the DHCPACK message to the client in order to allow the use of the IP Dongdaemoon District
DHCPACK
address.
rig

rig
Kangdong District

② NAT(Network Address Translation)

N
 AT refers to a function which can allow terminals on the private network to have communications with the public Intent of the question
py

py
network such as the Internet. It is well defined in RFC 3022 and RFC 2663.
The reason to use NAT is: to resolve the lack of IP addresses; and to hide the internal IP from external attackers. To understand how the routing protocol works and how to make a routing table
NAPT (Network Address Port Translation) is an expanded version of the basic NAT and intended to translate
the source port number in the packet. NAPT is used because it allows a single IP address to gain access to Answer and explanation
Co

Co
multiple internal hosts. Theoretically, NAPT can handle up to 65,535 internal host communications only with a
Following is the path with the lowest cost from Seodaemoon District to other five nodes
single public IP address.
•Kangseo District: Seodaemoon District – Eunpyeong District - Kangseo District
•Eunpyeong District: Seodaemoon District - Eunpyeong District
<Table 38> Types of NAT [11] •Kwanack District: Seodaemoon District - Kwanack District
Type Details •Dongdaemoon District: Seodaemoon District – Eunpyeong District – Kangseo District – Kangdong
•One to one mapping for the Internet communications between ‘terminals with private IP address’ and District - Dongdaemoon District
ⓒ

ⓒ
Basic NAT
‘public IP’ of the Internet •Kangdong District: Seodaemoon District – Eunpyeong District – Kangseo District – Kangdong District
•One to many mapping for the Internet communications between ‘many terminals with private IP’ and Therefore, the data whose destination is Kangseo District, Eunpyeong District, Kwanack District,
NAPT
‘single public IP” in order to save the number of public IP addresses Dongdaemoon District, Kangdong District moves: from Seodaemoon District to Eunpyeong District,
Eunpyeong District, Kwanack District, Eunpyeong District, Eunpyeong District respectively.

Related E-learning Contents

• Lecture 3 Network Layer and Routing Protocol

66 TOPCIT ESSENCE M3 Network 67

TOPCIT ESSENCE Network

M3
• Lecture 4 IP Address Structure and Mobile IP
• [Advanced] Lecture 1 Network Layer and the IPv4 Address Structure
Lecture 2 IPv4 Sub-netting/super-netting and Address Allocation Ⅳ Transport Layer Protocol
Lecture 3 Routing Algorithm and Routing Protocol

Latest Trends and Key Issues

16

16
The rise of the 4G wireless communications services enables voice communications to be delivered as
a part of data communications in the form of VoIP. It has become a trend that many applications are run
on the Internet. The transport layer is a protocol layer which is directly linked with these applications.

20

20
The network can be utilized efficiently only when an appropriate transport layer protocol is used in
accordance with the features of the application.

ht Study Objectives

ht
To be able to understand the purpose and functions of the transport layer and utilize the same
rig

rig
To be able to understand the concept of TCP, related services, and control methods and to utilize the same
To be able to understand the concept of UDP, related services, and control method and to utilize the same
To be able to explain the concept of SCTP and how it works
py

py
Practical Importance High
Co

Co
Keywords
TCP, UDP, SCTP, Flow control, Error control, Congestion control, Slow Start, SNMP, Multicasting, NTP,
DHCP, Kerberos, Multi-homing
ⓒ

ⓒ
68 TOPCIT ESSENCE M3 Network 69
TOPCIT ESSENCE Network

Practical tips Mechanism of Action of the Transport Layer Protocol
The transport layer protocol works end-to-end, which means it provides the data delivery service
between User A’s computer and the web server (my.server.com) to which the request for information is
delivered. Data packets go through a number of hops between the client and the server. In the end-
M3
UDP is usually known as a protocol which offers a connectionless service. It does not mean that the service is
provided without a connection. It means that data is transferred without a prior arrangement (without establishing a
connection). On the contrary, TCP is a protocol which provides a connection-oriented service. The connection-
oriented service requires that a connection be established before the data is sent or received. In this connection-
oriented protocol, the connection and the service between the client and the server are terminated after the data
transfer is done.
Reliability is a key feature which always comes along with the theory of the connection-oriented/connectionless
services. UDP is usually known as an Unreliable Protocol, while TCP is regarded as a protocol which offers Reliable
inter-process communications. TCP utilizes the response acknowledgement technique, a way of using sequence

16

to-end connection, intermediate nodes, such as wired/wireless IP sharing devices or routers, are not
involved in the operation of the transport layer protocol. TCP[1], UDP[2] and SCTP[3] are regarded as
most widely used transport layer protocols.
16
numbers and acknowledge numbers to validate that the transmitted data was received successfully.
For an application program developer, it is not a must to understand all the details on the transport layer. Rather,
the developer is generally required: to know which protocol, TCP or UDP, should be selected and used, based on

20

20
the understanding about their strengths and weaknesses; and to understand the service ports. In reality, however,
the program development is mostly a group work, such as a project where at least two companies are working
Network layer
together, and a program is developed based on the linkage with a variety of other programs. Accordingly, most of
Data link layer
programs, developed by the developers, send and receive data through the network. Hence, the developer is often
14.32.172.0
Switching hub D Application layer required to validate that the data was sent successfully to the destination when the program is not working even
Physical layer
Application layer Transport layer after the program was fully developed to meet the service requirement and protocols defined between the application
ht

ht
Transport layer Wireless/wired IP Network layer programs. In such a case, a network debugging tool, such as Wireshark or tcpdump, can be used to inspect the
sharing device B Router C
Network layer Data link layer transmission of packets and the developer can work on debugging. There are a number of reasons for the packet
192.168.11.0 Network layer
220.17.23.0
Data link layer transmission failures: wrong encoding method, wrong order (between big-endian and little-endian), incorrect packet
rig

rig
Data link layer Physical layer
processing order, wrong data format, or incorrect data parsing. The problem is that if the software developer only
Physical layer User A Physical layer debugs a self-written application program (unit level), it might be time-consuming to both of the receiving end and
the transmitting end. Therefore, the developer needs to understand how the transport layer works and how the data
<Figure 46> Mechanism of actions of transport layer protocol is transferred to the application layer. It is recommended to inspect the packets being transferred on the network so
py

py
as to reduce the time required for debugging.
Co

Co
02 TCP
01 Concept of Transport Layer Protocol
Characteristics of TCP

The transport layer protocol is responsible for transmitting the application data from one endpoint host to the other. TCP lies between the application layer and the network layer of the TCP/IP model and offers inter-process
ⓒ

The server application, which runs on the server, receives and processes the request from the client and then,
sends back the response to the client. On the client side, the user selects an application which can deliver the
service he/she needs and sends a request to the server. The response to that request is sent back to the client and
shown to the user. Applications running on the network usually operate in the client-server model and the transport
layer protocol is the lowest layer protocol which connects the client application to the server application.
TCP (Transmission Control Protocol) [1] and UDP (User Datagram Protocol) [2] have long been widely used among the
transport layer protocols. SCTP (Stream Control Transmission Protocol) [3] has newly emerged since 2000, combining
the strengths from both TCP and UDP. In this chapter, we only look at TCP and UDP which are most commonly used.
ⓒ
communications between two application layers. TCP is a stream-based protocol and has a sending buffer and a
receiving buffer used for data transfer. The IP layer, residing at the bottom of the TCP protocol, offers packet-based
services, not stream-based services in the data transfer. To this end, a single data is broken into a number of
Segments by TCP. TCP defines the flow control, the error control, and the congestion control techniques to guarantee
the reliable delivery of data. TCP assigns a number to each byte transmitted, and then, the sequence number is
given to each segment. Maximum value should be in place so as to include the sequence number of each packet in
the header. If m bits are reserved for the sequence number in the packet header, then the sequence numbers shall
range from 0 to 2m-1. In other words, the sequence numbers are modulo 2m.

70 TOPCIT ESSENCE M3 Network 71

TOPCIT ESSENCE Network

M3
① Flow control
Web browser Transport layer Transport layer Httpd@
Flow control coordinates the amount of packet flows to avoid packet losses, which can take place when too my.server.com
many data packets come in beyond the receiving capacity. The sending/receiving buffers are used for the flow
1.1 Request for
control, which can store packets on the transmitting end and receiving end. The size of the sending/receiving connection to web
buffer is specified, in the case of Linux, in /proc/sys/net/core/wmem_max and /proc/sys/net/core/rmem_max server
① Request for connection
files respectively. 1.2 "GET / HTTP / 1.1"
Transfer
② GET / HTTP / 1.1 Request for homepage
② Error control
③ HTTP / 1.1 200 OK (text/html) homepage
Error control is a technique of detecting errors occurring during the transmission to ensure that the correct 200 Response received

16

16
information is recovered. Error control detects and discards corrupted packets, keeps track of lost or removed ④ Connection termination
packet, retransmits the lost or removed packets, and checks and discards packets received redundantly. 2.1 "GET / HTTP / 1.1"
Transfer
⑤ SYN

20

20
③ Congestion control ⑥ SYN + ACK

Congestion occurs when the network load (which refers to the number of packets being transmitted per unit time ⑦ ACK
2.2 "GET / HTTP / 1.1"
through the network) exceeds the network capacity (which means the number of packets that can be processed Transfer ⑧ GET / my.pdf HTTP / 1.1 Request for part of
per unit time through the network). TCP uses this technique to control the congestion end-to-end and keeps the my.pdf
load level below the network bandwidth. ⑨ my.pdf Data segment 1
my.pdf (1/m)

ht

ht
The following table presents the well-known ports which are employed by the widely used TCP services. FTP (file Repeat
transfer protocol), SSH (secure remote login protocol), SMTP, POP3 and IMAP4 (protocols for mail transfer), HTTP my.pdf (m/m)
206 Response received ⑩ my.pdf Data segment m (m: not fixed)
(a protocol for web service), and many other widely used internet services are the examples of the well-known
rig

rig
ports. ⑪ FIN
⑫ ACK
⑬ FIN
<Table 39> Well-known TCP ports
⑭ ACK
Service TCP port Service TCP port
py

py
FTP [4] 21 (control), 20 (data) DNS [8] 53 (UDP as well) <Figure 47> Scenario of TCP operation

The request for a connection (Step ①) is a simple summary drawing of Step ⑤~⑦, while The connection termination
SSH [5] 22 HTTP [9] TCP 80
Co

Co
(Step ④) is a summary drawing of Step ⑪~⑭. Step ②~③ and ⑧~⑩ are the application layer data which comes right
after the TCP header. This data is generated by the web browser of User A’s computer and the web server program
Telnet [6] 23 POP3 [10] 110 (my.server.com) in accordance with the HTTP protocol. The details of the TCP protocol and the TCP operation steps
will be explained in the following paragraphs.
SMTP [7] 25 IMAP4 [11] 143
IP packets may be delivered via many different network paths when a number of data, such as PDF files, are
ⓒ

Scenario for TCP Operation
The following figure shows how data is sent and received on the TCP protocol when User A downloads a file (my.
pdf) from a homepage (my.server.com). Requests and responses, between the application layer program (web
browser) and the web server (Httpd), are transferred via TCP which is a transport layer protocol. This chapter will
mainly focus on the operation of the TCP protocol.
ⓒ
transferred at once, as shown in Step ⑧~⑩. In this regard, the flow control by TCP serves a significant role. Error
control is also one of the important techniques of TCP, as it can be useful in addressing transmission errors caused
by hosts on the network or on the Internet lines. TCP performance is also highly affected by congestion control, a
method of keeping the amount of packets transmitted on the network below the network capacity (the number of
packets that can be processed per unit time). Therefore, it is important to understand these techniques which are
critical to the reliable operation of TCP.

72 TOPCIT ESSENCE M3 Network 73

TOPCIT ESSENCE Network

M3
TCP Protocol The Sequence number, SEQ, increments by one in each 8-bits octet and is based on unsigned modulo 232
arithmetic. Therefore, the SEQ is changed as follows: 0 → 232 – 1 → 0 → …
The header format used in the TCP protocol is shown in the following [1].
When adding options, the padding bytes should be added in a multiple of 4 bytes. A TCP header is 20 bytes if there Six flags which can be used for the controlling purpose are explained below. It is useful to understand SYN, ACK and
is no option, which is equivalent to the size of the IP header. A TCP/IP header is 40 bytes in total and should be sent FIN control flags which are widely used in the TCP protocol.
even when a single byte of user data is sent. Therefore, the amount of data transferred to the transport layer should
reach a certain level so as to allow the application layer program to transfer the data more efficiently on the network. • URG: urgent pointer field is valid
• ACK: acknowledgement field is valid
• PSH: push function

16

16
• RST: reset the connection
• SYN: synchronize sequence numbers
• FIN: no more data from the sender

20

20
① TCP connection establishment
The three-way handshake is a basic procedure for establishing a TCP connection. As shown in the Step 2 of
<Figure 49>, this procedure starts by sending a SYN segment (SEQ=100) from one TCP endpoint (TCP A) to the
other (TCP B). The SYN segment (SEQ=100) indicates the SYN control flag for this segment is set to 1. An ACK
segment indicates that the ACK control flag is set to 1. A SYN+ACK segment means that both SYN and ACK
ht

ht
control flags are set to 1.
In the Step 3 of <Figure 49>, TCP B, after receiving the SYN segment, replies back with an ACK segment (ACK=101
) and sends a SYN segment of its own for the connection establishment by setting a SYN control flag (SEQ=300).
rig

rig
<Figure 48> TCP header format [1]
The aforementioned actions are carried out in a single segment called "SYN+ACK segment". TCP A receives the
ACK control flag and ACK=101 which indicates that the request for connection was successfully delivered.
<Table 40> Components of TCP protocol header From the SYN control flag set, TCP A also acknowledges that the request for the connection was sent by TCP B.
Then, as the final step of the three-way handshake procedure, TCP A replies with the ACK segment (ACK=301)
py

py
Classification Details
for TCP B. At this point, a two way connection is established between TCP A and TCP B as the three-way
•Defines the port number of the host application program which sends the segment (16 bits)
Source port address handshake was completed.
•Offers the same function as the source port number in the UDP header
In the three-way handshake procedure, which was used to establish a TCP connection, SYN segment, SYN+ACK
Destination port •Defines the port number of the host application program which receives the segment (16 bits)
segment, and ACK segment are transferred between the two TCP endpoints. The SEQs, which are sent/received
Co

Co
address •Offers the same function as the destination port number in the UDP header
between the two points, serve a significant role in the flow control and the error control- a set of techniques to
Sequence number •The number assigned to the first byte of the data included in the segment (32 bits)
ensure that data streams to be sent/received are successfully transferred in the units of bytes.
Acknowledgement
•The byte number that the receiver of the segment expects to receive (32 bits)
number (ACK number)

•The length of the TCP header, measured in the units of 4 bytes (4 bits) TCP A TCP B
Header length
•(Header length: 20 ~ 60 bytes)
ⓒ

ⓒ
Control •Defines 6 different control fields or flag bits 1. CLOSED LISTEN

•Window size which should be kept by the opposing party, in the units of bytes 2. SYN-SENT → <SEQ=100><CTL=SYN> → SYN-RECEIVED
•Field length: 16 bits, max. Window size: 65,536 bytes
Window size 3. ESTABLISHED ← <SEQ=300><ACK=101><CTL=SYN,ACK> ← SYN-RECEIVED
•The size of the data which can be sent to the segment, used in the window mechanism
•The size of buffers 4. ESTABLISHED → <SEQ=101><ACK=301><CTL=ACK> → ESTABLISHED
Source port address •Checksum, which detects errors in the entire segment (16 bits) 5. ESTABLISHED → <SEQ=101><ACK=301><CTL=ACK><DATA> → ESTABLISHED
Destination port •Valid only when the urgent flag is set (16 bits)
address •Utilized when the segment includes the urgent data <Figure 49> Three-way handshake procedure for connection establishment [1]

74 TOPCIT ESSENCE M3 Network 75

TOPCIT ESSENCE Network

After receiving the SYN segment for establishing a TCP connection, TCB (Transmission Control Block), a system
resource, is allocated to manage the TCP connection. However, it can be maliciously used in a way that a large
number of SYN segments are sent in a short period of time to the TCP terminal host, so that there is no TCB left
to be allocated in the host and then, the service becomes unavailable. This attack is called SYN flooding, a type
of Denial-of-Service (DoS) attack.
In order to capture and analyze packets by using the computer’s NIC (Network Interface Card) when TCP is in
operation, as shown in <Figure 47>, a network protocol analyzer, such as Wireshark, can be used. Programs,
such as tcpdump, can offer a similar service on the Linux environment. The following figure shows the screenshot
of packets captured by Wireshark on the Windows, which explains what happens when the user downloads and
M3
flag is set and sent to acknowledge the previously-delivered segment. After receiving them, TCP B replies with
the ACK segment (SEQ=300, ACK=101) to acknowledge, like in the Step 3. The ACK number of this segment is
101 (calculated by adding 1 to the SEQ number 100 of the FIN segment) because it is sent to acknowledge the
receipt of the FIN segment (SEQ=100).
Next, TCP B sends the FIN segment (SEQ=300, ACK=101) to TCP A in order to terminate the connection just as in
the Step 4. As was done in the Step 2, the ACK is sent together to acknowledge the receipt. Then, just as in the
Step 5, TCP A sends back the ACK segment (SEQ=101, ACK=301) and the TCP connection is closed.

16

16
TCP A TCP B
stores a PDF file on the web. Let’s suppose that User A’s host IP address is 192.168.11.4 and the web server’s IP
1. ESTABLISHED ESTABLISHED
address is 220.73.233.214. Even though HTTP uses TCP, it is connectionless on the application layer. Therefore,
2. (Close)
in such a case, a connection is newly created, requested, and terminated after the request for the connection is FIN-WAIT-1 → <SEQ=100><ACK=300><CTL=FIN,ACK> → CLOSE-WAIT
3. FIN-WAIT-2 ← <SEQ=300><ACK=101><CTL=ACK> ← CLOSE-WAIT

20

20
processed, whenever there is an attempt to gain access to the web server.
4. TIME-WAIT ← <SEQ=300><ACK=101><CTL=FIN,ACK> ← (Close)
FIN-WAIT-1
5. TIME-WAIT → <SEQ=101><ACK=301><CTL=ACK> → CLOSED
6. (2 MSL)
CLOSED

<Figure 51> General procedure for connection termination [1]

ht

ht
In the scenario of the TCP operation shown in <Figure 47>, the steps of ④, ⑪~⑭ constitute the TCP connection
rig

rig
termination.
In the packet capture screenshot shown below, packets from No. 6428 to No. 6435 represent the processes for
TCP connection termination. Steps for TCP connection termination simplified in <Figure 53> may seem different from
the steps illustrated in <Figure 52>, because <Figure 53> shows the termination procedures of two different TCP
connections in the same figure. However, if you distinguish the transfer of the packets drawn in a solid line from the
py

py
transfer of the packets drawn in a dotted line, you can realize that the steps illustrated in the both figures are identical.
Co

Co
<Figure 50> Wireshark (Network protocol analyzer): screenshot on TCP connection procedures

“Request for connection”, shown in <Figure 47>, is a step in which User A makes a request for a TCP connection
between the web browser and the web server (my.server.com) to see the homepage of the web server (my.
server.com) on the web browser. In TCP, this can be done by using three-way handshake procedures. Packet
ⓒ

ⓒ
No. 13, shown in <Figure 50>, is the SYN segment sent to the web server by User A and its SEQ number is set to
0 . Accordingly, the ACK number in the SYN+ACK segment (No. 14) sent by the web server is set to 1. The SYN
control flag is also set to 1 in order to establish a TCP connection. User A receives the SYN segment from the web
server which is set to synchronize the SEQ number. Then, User A sends the ACK segment (No. 15) with ACK=1
and the TCP connection is finally established.

② TCP connection termination

TCP connection termination is achieved in the following steps. As in the Step 2, TCP A sends a FIN segment
(SEQ=100, ACK=300) to TCP B in order to terminate the connection. Along with the FIN segment, the ACK control
<Figure 52> Wireshark (Network protocol analyzer): screenshot on TCP connection termination procedures

76 TOPCIT ESSENCE M3 Network 77

TOPCIT ESSENCE Network

M3
TCP @ TCP @ Sender Receiver
User A my.server.com
ACK 2
=511) Packet
FIN, ACK (SEQ=1139, ACK No. 6428
Window size = 3
Window size = 3
Packet Send 1
No. 6429 ACK (SEQ=511, ACK=1140)

Packet Window size = 3

ACK=36679)
FIN, ACK (SEQ=5776640, No. 6430 Send 2
Packet ACK (SEQ=36679, ACK=57 Packet 3 is Dropped
76641) Window size = 3

16

16
No. 6431
Send 3 ACK 3
Packet Window size = 2
FIN (SEQ=511, ACK=1140)
No. 6432 Window size = 3
Send 3

20

20
Packet FIN (SEQ=36679, ACK=57
No. 6433 76641)
Window size = 3
Packet Send 4
ACK (SEQ=1140, ACK=512) No. 6434 ACK 5
Window Filed Window size = 2
680) Packet
ACK (SEQ=5776641, ACK=36 No. 6435
<Figure 54> Example of packet transmission in sliding window protocol
ht

ht
<Figure 53> Packet transfer when terminating TCP connection
rig

rig
<Figure 53> shows the termination procedures for two different TCP connections, each drawn in a solid line and n-1 n n+1 m-1 m m+1
dotted line respectively. However, we will only look at the packet transfer illustrated in a solid line as the termination
procedures for the two connections are achieved in the same manner. The web server sends an FIN+ACK segment Sliding window
py

py
(SEQ=1139, ACK=511, Packet No. 6429) to User A in order to terminate the TCP connection. Then, User A replies with Close Open
an ACK segment (SEQ=511, ACK=1140, Packet No. 6429) for the acknowledgement of the receipt. The ACK number
of the ACK segment sent by User A is 1140, calculated by adding 1 to 1139 which is the SEQ number of the FIN+ACK <Figure 55> Concept of sliding window protocol

segment. User A, after sending the ACK segment, sends a FIN segment (SEQ=511, ACK=1140, Packet No. 6432) to
Co

Co
the web server in order to terminate the connection. After receiving the FIN segment, the web server replies with
<Table 41> Window open/close of the sliding window protocol
the ACK segment (SEQ=1140, ACK=512) for the acknowledgement. In the same way the ACK number of the ACK
segment (Packet No. 6429) sent by User A is calculated, the ACK number of the ACK segment sent by the web Action Details

server is 512, calculated by adding 1 to the SEQ number of the FIN segment.
•The right edge of the window moves to the right when an ACK arrives from the receiver.
Window open
• Data is allowed to be transmitted as much as the window moves.
③ Flow control
ⓒ

ⓒ
Flow control is a mechanism for speed-matching - matching the rate at which data is generated to the rate at
which data is used. For the flow control, TCP uses a sliding window protocol. The receiving TCP sets the number • The left edge of the window moves to the right when data (bytes) transfer is acknowledged.
Window close
of octets (1 byte) and advertises it to the sender TCP. The sending TCP refers to the number in order to adjust the • The sender doesn’t have to pay attentions to the data.
sliding window size. The length of this field is 16 bits, so the maximum window size is 65,535 bytes.

Receiver window (rwnd) and congestion window (cwnd) are utilized. The size of the window is determined by the
lesser of the two values: rwnd or cwnd.

78 TOPCIT ESSENCE M3 Network 79

TOPCIT ESSENCE Network

M3
<Table 42> Receiver window (rwnd) and congestion window (cwnd)
Client Server
Classification Details

• The size of packets permitted to be transmitted without any data losses, when sending data from
Receiver window, 1 Segment
the sender to the receiver
rwnd
• Advertised by using the segment which includes an ACK Congestion window
RTT ACK

• The size of packets permitted to be transmitted at once, in accordance with the congestion level 2
Congestion window, on the network
Congestion window
cwnd •When the level of congestion goes up, the congestion window decreases, in order to avoid data

16

16
RTT
losses. When the level of congestion goes down, the congestion window increases.

4
Congestion window
④ Error control

20

20
Error control is a mechanism for detecting and handling lost, corrupted, out-of-order or duplicated segments. RTT

<Table 43> Tools used for TCP error control 8

Congestion window
Tools Details Time Time
ht

ht
<Figure 56> Concept of slow start
Checksum • Each segment includes a checksum field, used to check for corrupted segments
rig

rig
Congestion avoidance algorithm is a strategy to increase the congestion window additively until congestion is
detected.

Acknowledgement • Used to confirm the receipt of data segments

py

py
Client Server

cwnd
• A key tool used for the error control mechanism. Segments are stored in the buffer until an
Retransmission
acknowledgement is received. i=2 Segment
Co

Co
Congestion window
RTT ACK

⑤ Congestion control i+1

Congestion control is a mechanism (or technique) for keeping the amount of traffic, sent by the user on the Congestion window
RTT
network, below the capacity of the network. TCP’s congestion control can be achieved by two key algorithms:
ⓒ

ⓒ
Slow Start and Congestion Avoidance.
i+2
Slow start algorithm is a strategy used for congestion control by increasing the congestion window exponentially to Congestion window
its threshold.
RTT

i+3
Congestion window
Time Time

<Figure 57> Concept of congestion avoidance algorithm

80 TOPCIT ESSENCE M3 Network 81

TOPCIT ESSENCE Network

M3
Let’s take an example which shows how the actual data is transmitted by the TCP flow control, error control, and
congestion control on the screenshot of packets captured. It is identical to the screenshot in <Figure 50>, but we will
look at the packets which are received/transmitted after the TCP connection establishment.

16

16
<Figure 60> Example of HTTP GET

⑥ TCP timer

20

20
TCP implementation usually depends on four timers to make the TCP operation smooth.

<Table 44> Types of TCP timers

Type of timer Details

ht

ht
<Figure 58> Screenshot on the packet transmission captured by Wireshark (network protocol analyzer)
•Timer used to retransmit a lost segment. It works based on the RTO (retransmission time-out) which
Retransmission
indicates the duration of waiting for the acknowledgement of the segment.
<Figure 59> is presented for your better understanding. In this figure, Packet No. 16 sends a request for downloading
a file via the HTTP protocol. This packet actually has user data, as shown in <Figure 60>, but it will not be explained
rig

rig
in detail. The size of user data is 785 bytes, so the ACK number of the ACK segment (Packet No. 17) for the request Persistence • Used in every TCP connection to prevent a deadlock between the two TCP ends.
is set to 786. This indicates that user data corresponding to ‘HTTP GET’ is successfully received by the web
server. This request was sent for downloading a file. Therefore, the web server sends the requested files in units of
segments, as shown in Packet No. 18 and 19. A total of 2920 bytes of user data is received (1460 bytes for each
py

py
Keepalive • Used to prevent a long idle TCP connection
segment). The TCP end-host of User A sends an ACK segment (ACK=2921) to confirm that the two TCP segments
were successfully received. All processes explained above shows what happens when transmitting user data by
using the TCP flow control and error control mechanisms. • Used during the connection termination and initiated when the last ACK is being sent. (To prevent
Time-Wait
potential failure to make a new connection.)
Co

Co
TCP @ TCP @
User A my.server.com

Packet
No. 16
HTTP-GET (SEQ=1, ACK=1,
WIN=16616, LEN=785) 03 UDP (User Datagram Protocol)
ⓒ

ⓒ
=15700, LEN=0) Packet
ACK (SEQ=1, ACK=786, WIN
No. 17
=786, WIN=15700, LEN=14
60) Packet
Characteristics of UDP
TCP Segment (SEQ=1, ACK No. 18
60)
=786, WIN=15700, LEN=14 Packet User Datagram Protocol (UDP) is a protocol which provides connectionless service without prior arrangement. As
TCP Segment (SEQ=1, ACK No. 19
opposed to TCP, UDP offers less reliable transport layer service.
Packet ACK (SEQ=786, ACK=2921,
WIN=16616, LEN=0) Each user datagram sent by UDP is an independent datagram and is not numbered, as opposed to TCP. UDP is
No. 20
so simple protocol that it doesn’t have a flow control mechanism and window mechanism, which may cause packet
overflowing. The checksum is the only tool for the error control mechanism in UDP. When the receiver detects an
<Figure 59> Exchange of packets for user data transmission

82 TOPCIT ESSENCE M3 Network 83

TOPCIT ESSENCE Network

M3
error through Checksum, the user datagram is removed and congestion control is not provided. This feature of the
UDP transport protocol often makes the application layer directly define and implement the mechanisms of the flow
control and the error control, if necessary. UDP has no functions for acknowledgement and retransmission, which
makes the continuous transmission possible at a minimum transmission rate even though some packets are lost.
For this reason, it provides the best-effort-service which is suitable for video playing. In order to play motion images
transmitted in real time, the sender is required to include the order of the image frames in the data. Meanwhile, the
receiver is required to store the images in different buffers in accordance with the frame order and process them in
sequence. When a video is streamed, as opposed to downloading, the transmission might be delayed or only B and
P frames are successfully received while I frame was not. In such a case, the application layer needs to come into

16

16
service in order to destroy data and maintain the real-time service. <Figure 61> Format of user datagram header [2]

The UDP protocol is generally used for the following purposes.

20

20
<Table 46> Fields of user datagram header
•A process which needs a simple request-response communications and does not need the flow and the error Field name Length Details
control
Source Port 2Bytes Port number of source port packets, ranging from 0 to 65,535
•A process which has a mechanism for the flow and the error control in itself
•Multicasting transmission technique Destination Port 2Bytes Port number of destination port packets
•A management process, such as SNMP
ht

ht
•Path update protocol, such as Routing Information Protocol (RIP) Length 2Bytes The total length of UDP header and data field

Checksum 2Bytes Used to detect data errors

The following table presents well-known ports which are employed by the widely used UDP services. NTP service
rig

rig
which sets the host time correctly through the network, BOOTP and DHCP which are used for the network IP Data octets Variable Save data to be transmitted
management, TFTP which is a simplified version of FTP, RIP and OLSR which are used as a routing protocol, and
Kerberos which is a computer network authentication protocol. These are some examples of the well-known ports of
UDP. Source Port indicates the port used by the sending process, while Destination Port means the port number used by
py

py
the process running on the destination host. The total length is defined by UDP header size (the minimum value of
the length is eight.), plus data size. The checksum is the 16-bit one's complement of the one's complement sum of a
<Table 45> Well-known UDP ports Pseudo Header of information from the IP header, the UDP header, and the data. If not calculated, the checksum field
Service UDP port Service UDP port is filled with 0s. <Figure 62> indicates the pseudo-IP header comprising some IP header fields which are necessary
Co

Co
NTP [12,13] 123 Syslog 514 to calculate the checksum of UDP.

BOOTP Server, DHCP Server [14,15] 67 RIP [18] 520

BOOTP Client, DHCP Client [14,15] 68 RIPng 521

TFTP [16] 69 Timed (Time Server) 525

ⓒ

ⓒ
Kerberos [7] 88 OLSR [19] 698

<Figure 62> Pseudo-IP header [2]

UDP Protocol
As mentioned above, the implementation of UDP is simpler compared to that of TCP: it receives data from the
application layer and sends the data to the IP layer; receives a UDP user datagram from the IP layer and sends it to
A UDP packet, which is also called a user datagram, has an 8-byte header (fixed size) which consists of 4 fields (2
an appropriate application program based on the analysis of the datagram.
bytes or 16 bits for each). Each field of the UDP header is used for the purposes illustrated in <Table 46>.

84 TOPCIT ESSENCE M3 Network 85

TOPCIT ESSENCE Network

M3
Use Case of Multicast Sockets via UDP <Table 48> Source code used on receiver’s side: for receiving multicast data [20]

1 int main(int argc, char **argv)

As there is growing needs for multimedia data transfer, such as the sending and receiving video traffic on the 2 {
network, multicasting starts to be widely employed to reduce the overload on the network. UDP should be used for
3 /* Initialization and declaration */
transmission of multicast packets
4 ...SKIP...
5 /* Making UDP Socket for Multicast */
<Table 47> Source code used on sender’s side: sending multicast data [20]
6 recv_sock=socket(PF_INET, SOCK_DGRAM, 0);
1 int main(int argc, char **argv)
7 memset(&addr, 0, sizeof(addr));

16

16
2 { 8 addr.sin_familiy = AF_INET;

3 /* Initialization and declaration */ 9 addr.sin_addr.s_addr = htonl("Receiver IP");

10 multi_addr.sin_port = htons("Multicast Port"); 입력

20

20
4 ...SKIP...
11 /* Binding */
5 /* Making UDP Socket for Multicast */
12 ...SKIP...
6 sender_sock = socket(PF_INET, SOCK_DGRAM, 0); 13 /* Join the Multicast Group */
14 join_addr.imr_multiaddr.s_addr = inet_addr("Multicast Group IP");
7 /* Setting Multicast IP */
ht

ht
15 join_addr.imr_interface.s_addr = htonl("Receiver IP");
8 memset(&multi_addr, 0, sizeof(multi_addr));
16 state = setsockopt(recv_sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void*)&join_addr, sizeof(join_addr));
9 multi_addr.sin_familiy = AF_INET; 17 ...SKIP...
rig

rig
10 multi_addr.sin_addr.s_addr = inet_addr("Multicast Group IP"); 18 /* Receiving data */
19 str_len = recvfrom(recv_sock, buf, BUFSIZE-1, 0, NULL, 0);
11 multi_addr.sin_port = htons("Multicast Port");
20 ...SKIP...
12 　
py

py
21 }
13 state = setsockopt(send_sock, IPPROTO_IP, IP_MULTICAST_TTL, (void*)&multi_TTL, sizeof(multi_TTL));

14 ...SKIP... <Table 48> presents a part of source codes which are used by the receiver to receive multicast data. In ‘Row 6’,
like the case for the source code on the sender’s side, the socket is configured as UDP socket. In ‘Row 14’, the IP
Co

Co
15 /* Sending data */
address of multicast group where the receiver wants to join is selected. In ‘Row 16’, preparation to receive the data is
16 sendto(send_sock, buf, strlen(buf), 0, (struct sockaddr*)&multi_addr, sizeof(multi_addr)); completed (i.e. the data to be sent to the multicast group selected by “IP_ADD_MEMBERSHIP” option).
A socket created to utilize the multicast service should be a UDP socket. Right after joining the multicast group,
17 ...SKIP...
the receiver can receive data. When testing whether a written program works well, the following points should be
18 } considered. The connection between the multicast server and the client is generally established and tested with a
hub or L2 switch. In such a case, however, the multicast packets are sent to all the ports of the hub, so it is difficult
ⓒ

ⓒ
to know that the delivery of the packets was made through a multicast or unicast. Therefore, the client and the
<Table 47> shows a part of source codes which are employed on the sender’s side to transfer data over a multicast
server should be connected in the L3 switch or higher. Without any specific configuration works, an L3 switch should
connection. As seen in ‘Row 6’, if the socket type is set to ‘SOCK_DGRAM’, it works as UDP socket, while if the type
work like an L2 switch. Therefore, VLANs should be separated between the sender and the receiver. IP address
is set to ‘SOCK_STREAM’, it works as a TCP socket. In ‘Row 10’, the IP address of the multicast group, to be used
ranges should be also assigned to each separately, so that the packets can be routed. The IGMP protocol should be
on the sender’s side, is selected. In ‘Row 11’, the port to be used for this connection is selected. In ‘Row 13’, you can
established so that multicast packets can be routed and fully transmitted. Even though the sender and receiver get
select “IP_MULTICAST_TTL” in socket option. As the default value is 1 and it should be changed to an appropriate
ready for the transmission of the multicast packets in the real Internet environment, if routers and endpoint hubs are
value in order to enable data to be forwarded beyond the router. If the value is too big, data can overflow into the
not configured to support multicast service, the multicast packets cannot be transported.
network which you don’t intend to use. ‘Row 16’ shows the source code which is used for actual data transmission.

86 TOPCIT ESSENCE M3 Network 87

TOPCIT ESSENCE Network

M3
•Association startup and takedown
04 SCTP(Stream Control Transmission Protocol)
•Sequenced delivery within streams
•User data fragmentation
Features of SCTP •Acknowledgement
•Congestion avoidance
Stream control transmission protocol, or SCTP, is a newly-developed transport layer protocol which combines the •Chunk bundling
strengths of UDP and TCP for multimedia communications [3]. The SCTP protocol provides the services shown •Packet validation
in the following table. The SCTP association is a broader concept than the end-to-end TCP connection. In the •Path management
SCTP association, a single SCTP endpoint is allowed to have multiple IP addresses. This is called Multi-homing. It

16

16
is designed to allow the network-level fault tolerance. To emphasize the use and meaning of the multi-homing, a
connection is called an association in the SCTP context. Each association in the SCTP context can support multiple
streams, whereas TCP covers a single stream in an end-to-end connection.

20

20
<Table 49> Features of SCTP service

Feature Details

Process-to-process
• Offers a process-to-process communications
communications
ht

ht
• Delivers a multiple stream service in each connection, which is called an association in the
Multiple streams
SCTP context
rig

rig
• The sending/receiving host defines multiple IP addresses for an association in each of the
ends.
Multi-homing
• Among those IP addresses, one address is used as a primary address and others are
secondary.

Full-duplex communications • A full-duplex service in which data can be delivered to both directions at the same time
py

py
Connection-oriented • A connection-oriented protocol. In the SCTP context, a connection is called an association.
Co

Co
• A reliable transport protocol which uses an acknowledgement to check whether data is
Reliability <Figure 63> View on functions of SCTP transmission service [3]
successfully delivered.

① Association startup and takedown

TSN (Transmission Sequence Number), SI (Stream Identifier) and SSN (Stream Sequence Number) are the numbers
An association can be initiated upon the SCTP user’s request. The four-way handshake technique, shown in
(identifiers) used for SCTP. While, a byte is the unit of data in TCP, Data Chunk is the unit of data in SCTP. Role of
<Figure 64>, is employed in order to prevent the synchronization attack (SYN attack). Endpoint A sends an INIT
Transmission Sequence Number (TSN) in SCTP is similar to that of the sequence number in TCP. In SCTP, there
ⓒ

ⓒ
chunk to the Endpoint Z to initiate an association. After receiving the INIT chunk, the Endpoint Z replies with an
may be several streams in each association. Each stream needs to be identified by using a 16-bit stream identifier (SI)
INIT-ACK chunk which contains the cookie information. On receipt of this INIT-ACK chunk, the Endpoint A sends
which starts from ‘0’. SSN (Stream Sequence Number) is used to define each data chunk within the same stream.
a COOKIE-ECHO chunk, which echoes the cookie, to acknowledge the receipt of the INIT-ACK chunk. The
Endpoint Z then sends a COOKIE-ACK chunk, which is the final step of the four-way handshake process. In
the SCTP association, TCB (transmission control block), a key system resources, can be allocated only when the
SCTP Protocol Endpoint Z receives the authentic COOKIE-ECHO chunk, which helps eliminate the risk of DoS attack that was
caused by the SYN attack when TCB was generated upon receiving the SYN segment in the TCP connection.
This chapter will briefly explain about the functions of the SCTP services, shown in the following figure, instead of the
detailed explanation of SCTP. There are eight SCTP functions as shown below.

88 TOPCIT ESSENCE M3 Network 89

TOPCIT ESSENCE Network

M3
⑥ Packet validation
Each SCTP common header has a Verification Tag and a 32-bit checksum field. A verification tag, VT, means the
value which is selected by each endpoint at the time of association startup. All packets are sent with the same
verification tag during the lifetime of the association. If, during the lifetime of the association, a packet is received
with an unexpected verification tag, the packet is discarded. In addition, the CRC-32 checksum can be set for the
SCTP packet transmission in order to provide better protection against the data corruption.

⑦ Path management
SCTP offers the Path Management mechanism in which the sender, an SCTP user, can manipulate the Transport

16

16
Address (SCTP port number and IP address) used at the destination point of the SCTP packet. At the time of the
association establishment, the Primary Path is defined for each SCTP endpoint and is used for the transmission
of the SCTP packets. In case the primary path goes down, another available transport address or one of the

20

20
transport addresses defined by Multi-Homing, can be selected and used. The Path management and the Packet
Verification (a mechanism achieved by using verification tags and checksum) are performed at the same time.
SCTP packets contain blocks which are composed of a common header and chunks. Chunks are divided into:
<Figure 64> General procedure for association setup [3] control chunks; and data chunks. The control chunk is delivered prior to the data chunk.

② Sequenced delivery step within the stream

ht

ht
A stream in the SCTP context refers to the sequence of user messages. At the time of association setup, a user
can specify the number of streams that can be supported. Each stream is identified by a stream identifier (SI).
rig

rig
In addition to SI, user messages within the stream will be assigned with the stream sequence number (SSN) to
ensure that data chunks are delivered in an ordered fashion. Even when one stream is blocked to deliver the
next user message, other streams can still offer transmission services.
py

py
③ User data fragmentation
Like in the TCP context, SCTP’s user message has a certain limitation in MTU (path Maximum Transmission Unit),
hence, SCTP is providing the Fragmentation feature to overcome this issue. The fragments delivered individually
<Figure 65> Format of SCTP packet [3]
are reassembled into one user message on the SCTP layer.
Co

Co
④ Acknowledgement and congestion avoidance A general header defines the endpoints of each association to which the packet belongs, guarantees that the
Regardless of streams, a transmission sequence number (TSN) is assigned to each data chunk when SCTP is packet belongs to a particular association, and preserves the integrity of the contents of the packet including
used. In addition to sequenced delivery, a reliable data delivery can be guaranteed as the receiver sends an ACK header itself.
to every TSN it received. The ACK and congestion control are relevant to triggering retransmission of the packet
in case when an ACK is not received within the given time. In other words, packet retransmission is carried out
ⓒ

ⓒ
in accordance with the procedures for the congestion avoidance, which is similar to the congestion control of the
TCP context.

⑤ Chunk bundling
An SCTP packet is composed of a common header, followed by several user data and chunks which contain the
SCTP control information. An SCTP user can request the assembly of multiple user data into one SCTP packet.
This is called a chunk bundling, which is responsible for assembling multiple chunks into one SCTP packet and
subsequently disassembling the packet into multiple chunks. <Figure 66> Format of SCTP common header [3]

90 TOPCIT ESSENCE M3 Network 91

TOPCIT ESSENCE Network

M3
<Table 50> Components of SCTP common header
Example Question
Classification Details
Question type
Source port number • Identical to that of TCP and UDP
Short-answer question
Destination port number •Identical to that of TCP and UDP
Question
• Used as an association identifier and repeated for all packets during the time of the
Verification Tag
association The figure below shows the overload on the network when downloading a file by using TCP. A sawtooth
wave is generated during the data transfer because of the feature of TCP, even though its network

16

16
• The size of checksum is 32 bits to allow the use of the CRC-32 checksum
Checksum capacity is enough. In TCP, congestion control is achieved by using the (①) algorithm, which slowly
(The checksum in UDP, TCP and IP is 16 bits)
increases the bandwidth of the network used for the data transfer from its initial value, not using all
available bandwidths at once. If it reaches the limit, the congestion control is achieved by using the (②)

20

20
Control information and user data are carried in chunks. The first three fields – type, flag and length – are algorithm, which additively increases the congestion window.
common to all chunks. The information field refers to the type of chunk and the type field is limited to 256 bytes of Please fill in the blanks.
the chunk. Only some fields, however, are defined and the remaining fields have yet to be defined for the future.
The flag field defines a specific flag which may require a specific chunk.

ht

ht
rig

rig
Intent of the question

To evaluate whether a learner understands the key features of TCP and the mechanisms used for the
py

py
congestion control

<Figure 67> Chunk format [3] Answer and explanation

① Slow Start
Co

Co
Chunks are classified into the data chunk and the control chunk, depending on its type. The table shown below
② Congestion Avoidance
presents some of the major chunk types.

<Table 51> Types of chunk Related E-learning Contents

ID value Chunk type ID value Chunk type • Lecture 5 Understanding of Transport Layer and UDP Protocol
ⓒ

ⓒ
0 DATA 6 ABORT • Lecture 6 TCP and SCTP Protocols
• [Advanced] IGP and EGP
1 INIT 7 SHUTDOWN

2 INIT ACK 8 SHUTDOWN ACK

3 SACK 9 ERROR

4 HEARTBEAT 10 COOKIE ECHO

5 HEARTBEAT ACK 11 COOKIE ACK

92 TOPCIT ESSENCE M3 Network 93

TOPCIT ESSENCE Network

M3
Application Layer Technologies, Including
Ⅴ
Web Applications

Latest Trends and Key Issues

16

16
Since the mid-2000s, with the rise of mobile platforms, such as Android and iPhone, the society has Practical tips: Operation of the application layer protocol
entered into the Mobile Age. In this society, many application programs, useful for business and leisure
activities, have been launched. Among them, some programs use the standard application layer

20

20
<Figure 68> displays how the application program operates on the Internet. Along with the transport
protocols, such as SMTP, POP3, IMAP, and FTP. On the other hand, SNS apps, including KakaoTalk,
layer, the application layer provides an end-to-end communications service from one application
LINE, and Facebook, are run on the self-defined application layer protocol. In order to provide a
program to another. It means that, just like in the operation of the transport layer protocol, such as TCP,
convenient and great application programs to users, a developer is required to understand the concept
the intermediate nodes, including wired/wireless IP sharing devices or routers, are not involved in the
of the application layer protocol which lies on the transport layer and how it works.
operation of the application layer protocol. The data can be generated and transferred in a way that
ht

ht
users want; however, widely-used application programs usually employ globally-recognized standard
Study Objectives application layer protocols to minimize incompatibility issues.
rig

rig
To be able to understand the meaning of the application layer protocol, and design and utilize the
same
Network layer
To be able to understand and utilize the HTTP protocol which is used for the data transfer between Data link layer
Switching hub D my.server.com
the client and the web server 14.32.172.0
py

py
Physical layer
220.17.23.15
To be able to understand the FTP protocol which is used for the file exchange with the server, and
Application layer Application layer
utilize the same to develop programs. To be able to enhance the productivity in the development of
Transport layer Wireless/wired IP Transport layer
application programs by using open source libraries sharing device B Router C
Network layer Network layer
192.168.11.0 220.17.23.0
Co

Co
To be able to understand a JSP-based server programming technology and the client programming Network layer
Data link layer Data link layer
technology, both used for the development of web application programs, and utilize them in Data link layer

developing software User A Physical layer

Physical layer Physical layer

<Figure 69> Scenario on application layer operation

Practical Importance High
ⓒ

Keywords
Application Layer Protocol, HTTP, GET Method, POST Method, FTP, Control Connection, Data
Connection, PORT mode, PASV Mode, Apache 2.0 License, Web Application Program, Server
Programming Technology, Client Programming Technology, JSP, HTML, JavaScript, AJAX, Scriptlet
Expression, Scriptlet, Directives, Standard Action, Expression Language, Tag Extension
ⓒ
<Figure 69> illustrates how the application layer protocol and transport layer protocol interacts with one
another under the scenario of User A’s web usage described in the Chapter 1: Introduction to Network.
It shows what happens when User A downloads a file (my.pdf) on the homepage of the web server (my.
server.com). This chapter will explain how HTTP, an application layer protocol, works. In addition, how
HTTP interacts with the transport layer protocol will be explained to help you understand better about
the protocol.

94 TOPCIT ESSENCE M3 Network 95

TOPCIT ESSENCE Network

M3
01 What is Application Layer Protocol?
User A Web browser Transfer layer Transfer layer Httpd@
my.server.com
You might encounter application layer technologies many times when you operate the network-related systems or
1.1 Web Server
1.Request for Request for develop network application programs. An Application Layer Protocol, which is applied to the application layer
homepage connection Request for connection technologies, serves as a protocol used by application programs to send/receive required information. There are
1.2 "GET / several application layer protocols which are widely used: FTP[1] (used for file transfer), TELNET[2] (used for terminal
HTTP / GET / Request for connection), SMTP[3], POP3[4] , and IMAP[5] (all of these three are used for e-mail access and transmission), The
1.1" Transfer HTTP / 1.1 homepage DNS[6] (used for host name and IP address mapping), and SNMP[7] (used for network management). HTTP[8] is
200

16

16
Response HTTP /
Display 1.1 200 OK (text/html) homepage also one example of the application layer protocol used for the data transfer between the web client and the web
homepage received
server. Another example of the application layer protocol is BitTorrent that is widely recognized among the P2P
Connection termination
2.1 Web Server protocols (a method for terminal-to-terminal communications, not for conventional communications with the network

20

20
2. Request for Request for infrastructure).
my.pdf connection SYN
SYN + ACK
ACK
2.2 "GET/
my.pdf..." Transfer
GET /my.pdf HTTP / 1.1 my.pdf 02 HTTP
일부 Request
ht

ht
my.pdf
my.pdf (1/m)
Data segment 1
206 Repeat Characteristics of HTTP
Response
my.pdf Data segment m
received my.pdf (m/m)
rig

rig
Display (m: not fixed)
my.pdf HTTP (Hypertext Transfer Protocol) is a protocol for the application layer for hypermedia information systems that
FIN can link texts with video clips or voice files. HTTP has been used to transport contents of the World Wide Web that
ACK was started to be used in the early 1990s. The first version, HTTP/0.9, was used just for low level data transmission
FIN through the Internet. However, HTTP/1.0 (RFC 1945) and above has been using messages defined for the MIME.
py

py
ACK HTTP/1.1 is the currently used version, which is a little bit more reliable than HTTP/1.0.

Just like other application-level protocols, HTTP is built based on the “Request/response protocol” model in the
<Figure 69> Scenario on application layer operation client-server environment. Microsoft's Internet Explorer, Google’s Chrome browser, Mozilla’s Firefox web browser and
Co

Co
the web servers such as Apache HTTP Server are utilized to make the HTTP protocol working, so the end users
This chapter explains how the HTTP protocol works in [Step 1] and [Step 3-4] from the scenario ① on
can use the web without any difficulty even they do not know how the HTTP protocol is implemented. However, if
User A’s web usage, which was described in the Chapter I. Introduction to Network. The web browser,
you, as a developer, can refer to the text-based application layer protocols such as HTTP in the process of building
an application program, is connected with httpd, a web server program, through the TCP connection.
an Internet application program or new application-level protocols, it will help you with the design and implementation.
Then, it brings the web contents requested by User A and displays the contents in the readable form. In
this process, the web browser utilizes the HTTP/1.1 protocol for the communications with the web server.
ⓒ

This application layer protocol, the HTTP/1.1 protocol, is text-based [8]. The text data that is generated in
accordance with the HTTP/1.1 protocol is delivered to the application layer program on the opposite side
over the transport layer protocol.
Transmission and receipt of the user data between application layer programs over the transport layer
is achieved by using the Socket Programming. The socket programming is a programming mechanism
required to implement the application layer protocols. Detailed explanation, however, will not be provided
as it goes beyond the scope of this chapter. Please refer to other books for further details.
ⓒ
HTTP Protocol
HTTP works based on the request/response model. The client sends the Request Message to the server, including
the request method, URI, protocol version, and MIME information message. The server sends back the response to
the client, including the Status Line: protocol version, success or fail code, MIME server information, and the like.
HTTP/1.1 (the up-to-date version) is widely used in this process.

96 TOPCIT ESSENCE M3 Network 97

TOPCIT ESSENCE Network

M3
<Table 53> Request-header definition for HTTP request message

Request-header = Accept | Accept-Charset | Accept-Encoding | Accept-Language

| Authorization | Expect | From | Host | If-Match | If-Modified-Since
| If-None-Match | If-Range | Max-Forwards | Range | Referer

16

16
<Figure 70> Example of the HTTP request message

20

20
<Figure 70> shows an example of the HTTP request message. The request message is clearly defined in RFC 2616[8]
as shown below. Some of them, that may need further explanations, are listed in <Table 52>. To find out more, you
can refer to RFC 2616. If you take another look at <Figure 70> which shows an example of an HTTP request after
understanding the request message and definition, it will be helpful for you to understand better.
<Figure 71> Example of HTTP response message

ht

ht
<Table 52> HTTP request message and definition
<Figure 71> is an example of an HTTP response message. Just like in the case of the request message, only some
Request = Request-Line of them, which may need further explanation, are included in this textbook. You can refer to RFC 2616 for more
rig

rig
*(( general-header | request-header | entity-header) CRLF)
CRLF details. When you take another look into the example after studying the message and the definition, it will be easier
[message-body] to understand <Figure 71>. The Status-Code information of Status-Line tells us how the HTTP request message was
processed. When the code starts with “2”, just like 200 (OK) or 206 (Partial Content), it means the processing was
Request-Line = Method SP Request-URI SP HTTP-Version CRLF
successful. When the code starts with “4” or “5”, it indicates “client error” or “server error” respectively.
py

py
Method = “OPTIONS” | “GET” | “HEAD” | “POST” | “PUT” | “DELETE”
| “TRACE” | “CONNECT” | extension-method
Request-URI = "*" | absoluteURI | abs_path | authority <Table 54> HTTP response message definition

HTTP-Version = "HTTP" "/" 1*DIGIT "." 1*DIGIT Response = Status-Line

Co

Co
SP = <US-ASCII SP, space (32)> *(( general-header | response-header | entity-header ) CRLF)
CRLF = CR LF CRLF
CR = <US-ASCII CR, carriage return (13)> [ message-body ]
LF = <US-ASCII LF, linefeed (10)>
Status-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF

Status-Code =
The method selected in the Request-Line of the HTTP request message is used to define how HTTP protocol will "100" ; Section 10.1.1: Continue
ⓒ

ⓒ
work. RFC 2616 contains definitions for eight methods, but expansion is also possible. Among them, GET and POST | "101" ; Section 10.1.2: Switching Protocols
| "200" ; Section 10.2.1: OK
are widely used. . GET Method is usually used when searching for the contents in the server when having access
| "201" ; Section 10.2.2: Created
to a homepage. POST Method is usually used to deliver the information, a user typed-in, to the web server (just like … SKIP …
a form). | "206" ; Section 10.2.7: Partial Content
| "300" ; Section 10.3.1: Multiple Choices
In the HTTP request message, the method selected in the Request-Line is important, and there is another important
… SKIP …
information called a request-header shown in <Table 53>. The detailed definition about the request - header is well | "403" ; Section 10.4.4: Forbidden
defined in RFC 2616, so we will skip the definition in this text book. | "404" ; Section 10.4.5: Not Found
| "405" ; Section 10.4.6: Method Not Allowed
| "406" ; Section 10.4.7: Not Acceptable

98 TOPCIT ESSENCE M3 Network 99

TOPCIT ESSENCE Network

In the HTTP response message, the Status-Code selected in the Status-Line is important, and there is another
important information called a response-header shown in <Table 55>. The detailed definition about response -header
can be found in RFC 2616.
<Table 55> HTTP response message’s response-header definition
response-header = Accept-Range | Age | ETag | Location | Retry-After | Server
| Vary | WWW-Authenticate | Proxt-Authenticate
M3
When a part of the file is selected from the client side by using the Range Header Parameter in the GET method,
the server sends back the corresponding file. When you look at the Content-Range header parameter and the
Content-Length parameter, you can see whether the transmission was conducted as expected or not. As such,
the client can make rounds of request to bring partial files first. Later, the web browser makes the partial files into a
complete file and sends the file in an appropriate format.
The server sends “HTTP/1.1 206 Partial Content\r\n … SKIP … pdf file binary data” to the client. However, the total
size is bigger than the TCP MSS (Maximum Segment Size, default value: 1460). Therefore, the data is sent from the
server to the client in multiple TCP segments. This can be found in the TCP segments transferred over the transport
layer which links the web browser and the web server, as shown in <Figure 69>: the scenario of the application

16

16
<Table 56> shows more details, especially focusing on the HTTP header, about what is sent and received in a scenario
layer. It is easy to understand this way: the transport layer receives multiple TCP segments, collects them to make the
of the application layer which was shown in <Figure 69>. ‘C’ and ‘S’ means a client and a server respectively, which
meaningful user data, and sends them to the application layer.
means the client and server correspond to the web browser User A is using and the web server (my.server.com)
respectively. The file size of my.pdf 3 was too big in the previous transmission, and the transmission was initialized.

20

20
Hence, the client side already knows about the file size and started to make the preparation to bring the file again.
03 File Transmission Protocol
<Table 56> Scenario of file transfer (HTTP example)

C: GET /my.pdf HTTP/1.1\r\n Characteristics of FTP

Host: my.server.com:8080\r\n
ht

ht
Connection: keep-alive\r\n
Accept: */*\r\n FTP is a protocol to transmit a file or a part of a file from one system to another system; it has two connections as
Accept-Encoding: gzip,deflate,sdch\r\n opposed to other application layer protocols. The connections are the Control Connection and the Data Connection,
Accept-Language: ko-KR,ko;q=0.8,en-US;q=0.6,en;q=0.4\r\n
using Port 21 and 20 respectively. The control connection is sustained up until a client is terminated or an FTP
rig

rig
Range: bytes=0-32767\r\n\r\n
S: HTTP/1.1 206 Partial Content\r\n session is finished. The data connection establishes a TCP connection whenever a file starts to be transmitted.
ETag: W/”5763831-1385516368000\r\n
Content-Range: bytes 0-32767/5763831\r\n
Another port, other than port 20, can be used depending on how the port is used within the connection.
Content-Type: application/pdf\r\n <Figure 72> shows an FTP model which is defined by the FTP standard [1]. PI is an abbreviation for Protocol
Content-Length: 32768\r\n Interpreter and DTP stands for Data Transfer Process.
py

py
Date: Wed, 16 Jul 2014 07:52:18 GMT\r\n\r\n
pdf file binary data
C: GET /my.pdf HTTP/1.1\r\n
Range: bytes=32768-337615\r\n
If-Range: W/”5763831-1385516368000\r\n\r\n
S: HTTP/1.1 206 Partial Content\r\n
Co

Co
ETag: W/”5763831-1385516368000\r\n
Content-Range: bytes 32768-337615/5763831\r\n
Content-Type: application/pdf\r\n
Content-Length: 304848\r\n
Date: Wed, 16 Jul 2014 07:52:18 GMT\r\n\r\n
pdf file binary data
……
C: GET /my.pdf HTTP/1.1\r\n
ⓒ

ⓒ
Range: bytes=5187280-5731062\r\n
If-Range: W/”5763831-1385516368000\r\n\r\n
S: HTTP/1.1 206 Partial Content\r\n <Figure 72> FTP model [1]
ETag: W/”5763831-1385516368000\r\n
Content-Range: bytes 5187280-5731062/5763831\r\n
Content-Type: application/pdf\r\n
Content-Length: 543783\r\n FTP connection can be divided into two modes: active transfer and passive transfer (PASV). In the case of the
Date: Wed, 16 Jul 2014 07:52:27 GMT\r\n\r\n
Active Transfer, a server makes a connection request to a client; however, there is an issue when the connection
pdf file binary data
is directed to an external server system through a firewall and the like. In the case of the PASV, on the other hand,
3 When downloading an actual PDF through Wireshark network protocol analyzer, another server was used (not my.server. a client asks for a connection to a server first using another channel (NOT the default data channel). As the client
com) and the pdf file name was not my.pdf. We used my.pdf as an example to make the explanation easier

100 TOPCIT ESSENCE M3 Network 101

TOPCIT ESSENCE Network

M3
is asking for an FTP connection, it is possible to pass through a firewall. This method can be applicable even when ④ The client uses PORT command to deliver the open port number to the server.
you cannot see the client IP from outside because the client network is using a proxy server.
Client Port No. 63500 Server

<Table 57> Comparison between active transfer and passive transfer
Control process Port No. 63231 Port No. 21 Control process
Classification Active transfer Passive transfer
A server is connected to a certain port of a client to A client is connected to a certain port of a server to
Summary Data transfer Data transfer
send the data send the data Port No. 63500
process process
Purpose Generally used FTP FTP for a client which has security features

16

16
Control port: 21 Control port: 21 ⑤ The server receives a random port number sent by the client, and turns port 20 into the passive port open status.
Port number
Data port: 20 Data port: higher than 1024
Client Server

20

20
Control process Port No. 63231 Port No. 21 Control process
FTP Protocol
Data transfer Data transfer
Port No. 63500 Port No. 20
The FTP control connection works as follows. process process
① An FTP server opens port 21 and waits for a request from a client (passive port open)

ht

ht
Client Server
The procedure for the FTP command processing and the list of available commands are as follows.
Control process Port No. 21 Control process FTP command processing
• A control connection is established between a server control process and a client control process in order to initiate
rig

rig
communications.
Data transfer Data transfer
process process
Control connection Command message
py

py
LF CR Parameter SP Command
② The client is selecting a random port and sends out an FTP request (active port open)

Client Server Response code SP Meaning CR LF

Client Server

Response message
Co

Co
Control process Port No. 63231 Port No. 21 Control process

Data transfer Data transfer • It is a conversational processing: a user gives a command to a server and the server responses to the command.
process process
Types of commands included in the FTP message
Types of command Actual command
ⓒ

ⓒ
The FTP data connection works as follows. Access commands USER, PASS ACCT, REIN, QUIT, ABOR

File management
CWD, CDUP, DELE, LIST, NLIST, MKD, PWD, RMD, RNFR, RNTO, SMNT
③ A client is opening a random port and activates the passive open status. commands

Data format commands TYPE, STRU, MODE

Client Server
Data port selection
PORT, PASV
Control process Control process
commands
Port No. 63231 Port No. 21
File transfer commands GET, PUT, MGET, MPUT, RETR, STOR, APPE, STOU, ALLO, REST, STAT

Data transfer Data transfer Other commands HELP, NOOP, SITE, SYST
Port No. 63500
process process

102 TOPCIT ESSENCE M3 Network 103

TOPCIT ESSENCE Network

M3
The active and passive transfer modes work in time sequence as shown below. Example of Actual FTP Protocol

<Figure 73> shows a scenario to view file/sub-directory list located in a certain directory of a user account of an FTP
Active transfer mode
server. The first example will be using the “C” language based on RFC 959[1], which defines the FTP protocol. The
FTP Server reason for taking this example is because you may work in a special environment like the embedded environment
FTP Client
or work on programming based on a newly defined protocol. It is also recommended to utilize a pre-built library, if
available, because it can enhance productivity. To this end, the next chapter will cover how to utilize the Apache
Commons NetTM Library in order to meet the goal described in the scenario.
20 21
DATA COMMAND 5150 5151

16

16
5151”
“PORT
“OK”

20

20
FTP Client FTP Server
DATA C
HANN EL 1. Connection

2. Response
“OK”
3. Log-in (User ID, Password)

ht

ht
4. Response
1) A client is connected to port 21 of a server and informs about ‘the second port that the client will use’ to a server.
2) The server responses with “ack”. 5. Passive Mode Connection
3) The server’s port 20 will try a connection to the second port as informed by the client.
rig

rig
4) The client will respond with “ack”. 6. Response

7. View Directory List

8. File/Directory List
Passive FTP mode
py

py
FTP Server FTP CLient <Figure 73> Scenario to display directory list
Co

Co
<Table 58> ftp_pasv_list.c
20 21
DATA COMMAND 5150 5151 1 #include <stdio.h>
2 #include <sys/socket.h>
”
3267 “PASV 3 #include <arpa/inet.h>
“OK 325 4 #include <stdlib.h>
67”
5 #include <string.h>
HANN EL
ⓒ

ⓒ
DATA C 6 #include <unistd.h>
7
“OK” 8 #define RCVBUFSIZE 2048
9 #define FTP_SERVER "192.168.11.20"
10 #define USER "tester"
1) A client will try a connection to a command port. 11 #define PASSWD "tester"
2) A server will inform about the second port the server will use.
12 /* Control connection port */
3) The client will open another port to try a connection to the port as informed by the server.
4) The server will respond with “ack”. 13 #define FTP_CPORT 21

104 TOPCIT ESSENCE M3 Network 105

TOPCIT ESSENCE Network

M3
14 58
15 const char *CLIENT = "client"; 59 return -1; // error if reached here
16 60 }
17 61
18 void DieWithError(char *errorMessage) 62
19 { 63 int main(int argc, char *argv[])
20 perror(errorMessage); 64 {
21 exit(1); 65 int sock;
22 } 66 struct sockaddr_in ftpServerAddr;

16

16
23 67 unsigned short ftpServerPort;
24 int get_data_port(char *msg) 68 char servIP[16];
25 { 69 char strBuffer[RCVBUFSIZE];

20

20
26 int p1 = 0; 70 int bytesRcvd, totalBytesRcvd;
27 int p2 = 0; 71 int data_port;
28 int cnt = 0; 72
29 char *ptr = msg; 73 pid_t pid;
30 char buf[10]; 74
31 int j; 75 memset(servIP, 0, 16);
ht

ht
32 76 strcpy(servIP, FTP_SERVER);
33 memset(buf, 0, 10); 77 ftpServerPort = FTP_CPORT;
rig

rig
34 while (*ptr) { 78
35 if (*ptr == ',') { 79 if ((sock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
36 cnt++; 80 DieWithError("socket() failed\n");
37 } 81
38 if (cnt == 4) { 82
py

py
39 ptr++; 83 memset(&ftpServerAddr, 0, sizeof(ftpServerAddr));
40 j = 0; 84 ftpServerAddr.sin_family = AF_INET;
41 while ((buf[j++] = *ptr++) != ','); 85 ftpServerAddr.sin_addr.s_addr = inet_addr(servIP);
42 buf[j - 1] = '\0'; // erase ',' 86 ftpServerAddr.sin_port = htons(ftpServerPort);
Co

Co
43 p1 = atoi(buf); 87
44 printf("p1 = %d\n", p1); 88 if (connect(sock, (struct sockaddr *) &ftpServerAddr,
45 89 sizeof(ftpServerAddr)) < 0)
46 memset(buf, 0, 10); 90 DieWithError("connect() failed\n");
47 j = 0; 91
ⓒ

ⓒ
48 while ((buf[j++] = *ptr++) != ')'); 92
49 buf[j - 1] = '\0'; // erase ')' 93 totalBytesRcvd = 0;
50 p2 = atoi(buf); 94 memset(strBuffer, 0, RCVBUFSIZE);
51 printf("p2 = %d\n", p2); 95 bytesRcvd = recv(sock, strBuffer, RCVBUFSIZE - 1, 0);
52 return (p1 * 256 + p2); 96 printf("< %s : %s", FTP_SERVER, strBuffer);
53 } 97
54 ptr++; 98 /* USER */
55 } 99 memset(strBuffer, 0, RCVBUFSIZE);
56 100 sprintf(strBuffer, "USER %s\r\n", USER); // LJM: should be modified
57 printf("p1 = %d, p2 = %d\n", p1, p2);

106 TOPCIT ESSENCE M3 Network 107

TOPCIT ESSENCE Network

M3
101 printf("> %s : %s", CLIENT, strBuffer); 144
102 send(sock, strBuffer, strlen(strBuffer), 0); 145 memset(&serverAddr, 0, sizeof(serverAddr));
103 totalBytesRcvd = 0; 146 serverAddr.sin_family = AF_INET;
104 memset(strBuffer, 0, RCVBUFSIZE); 147 serverAddr.sin_addr.s_addr = inet_addr(FTP_SERVER);
105 bytesRcvd = recv(sock, strBuffer, RCVBUFSIZE - 1, 0); 148 serverAddr.sin_port = htons(data_port);
106 printf("< %s : %s", FTP_SERVER, strBuffer); 149
107 150 // socket for data connection
108 151 if ((childSock = socket(AF_INET, SOCK_STREAM, 0)) < 0)
109 /* PASS */ 152 DieWithError("socket() failed\n");

16

16
110 memset(strBuffer, 0, RCVBUFSIZE); 153
111 sprintf(strBuffer, "PASS %s\r\n", PASSWD); // LJM: should be modified 154 if (connect(childSock, (struct sockaddr *) &serverAddr,
112 printf("> %s : %s", CLIENT, strBuffer); 155 sizeof(serverAddr)) < 0) {

20

20
113 send(sock, strBuffer, strlen(strBuffer), 0); 156 DieWithError("connect() failed.");
114 157 }
115 totalBytesRcvd = 0; 158
116 memset(strBuffer, 0, RCVBUFSIZE); 159 totalBytesRcvd = 0;
117 bytesRcvd = recv(sock, strBuffer, RCVBUFSIZE - 1, 0); 160 memset(strBuffer, 0, RCVBUFSIZE);
118 printf("< %s : %s", FTP_SERVER, strBuffer); 161 bytesRcvd = recv(childSock, strBuffer, RCVBUFSIZE - 1, 0);
ht

ht
119 162 printf("< %s : \n%s\n", FTP_SERVER, strBuffer);
120 163
rig

rig
121 /* PASV */ 164 printf("\n\nchild: terminated...\n");
122 memset(strBuffer, 0, RCVBUFSIZE); 165 exit(0);
123 strcpy(strBuffer, "PASV\r\n"); 166 } else {
124 printf("> %s : %s", CLIENT, strBuffer); 167 /* send LIST cmd thru the control connection */
125 send(sock, strBuffer, strlen(strBuffer), 0); 168 memset(strBuffer, 0, RCVBUFSIZE);
py

py
126 169 strcpy(strBuffer, "LIST\r\n");
127 totalBytesRcvd = 0; 170 printf("> %s : %s", CLIENT, strBuffer);
128 memset(strBuffer, 0, RCVBUFSIZE); 171 send(sock, strBuffer, strlen(strBuffer), 0);
129 bytesRcvd = recv(sock, strBuffer, RCVBUFSIZE - 1, 0); 172
Co

Co
130 printf("< %s : %s", FTP_SERVER, strBuffer); 173 totalBytesRcvd = 0;
131 174 memset(strBuffer, 0, RCVBUFSIZE);
132 data_port = get_data_port(strBuffer); 175 bytesRcvd = recv(sock, strBuffer, RCVBUFSIZE - 1, 0);
133 176 printf("< %s : %s\n", FTP_SERVER, strBuffer);
134 /* LIST */ 177 }
ⓒ

ⓒ
135 /* First, fork a process */ 178
136 179 close(sock);
137 pid = fork(); 180
138 181 } /* main */
139 if (pid == 0) { /* child process */
140 int childSock;
<Table 58> showcases an example of implementing the scenario shown in <Figure 73>. For better understanding, we
141 struct sockaddr_in serverAddr;
will explain the actions described in the scenario in sequence. ‘1: Connection’ corresponds to ‘Row 75~90’ which is
142 int len = sizeof(serverAddr);
calling the connect() function by using the FTP server’s IP address (FTP_SERVER) and control port number (FTP_
143 char buf[800];

108 TOPCIT ESSENCE M3 Network 109

TOPCIT ESSENCE Network

M3
CPORT). ‘2: Response’, to the above mentioned connection, corresponds to ‘Row 93~96’. <Table 59> describes the 137’. The newly created sub-process receives the outcome of the LSIT Command as shown in ‘Row 139~165’. The
meaning of the response codes. The FTP response codes are composed of three numbers. It is easy to analyze the process which has control connection sends the LIST Command to the FTP server as shown in ‘Row 168~171’.
message if you understand the meaning of the first and the second number. Then, the FTP server sends out a response message through the control connection and this message is received
in ‘Row 173~176’. The first response code for the LIST Command is 150, which tells you about the file system status
<Table 59> Meaning of response code (5 on the second digit) and means positive preliminary reply (1 on the first digit). When sending the LIST Command,
if the directory is not selected as a parameter, the FTP server will send the directory files and directory list of the
Response code Meaning
current working directory through the data connection. The data connection made for the sub-process is sustained
1yz Positive Preliminary reply
only during the outcome is being received so that the data stream, sent from the FTP server in response to the
2yz Positive Completion reply LIST Command, can be processed. ‘Row 145~157’ is about making a new socket connection by using the data

16

16
3yz Positive Intermediate reply connection port number of the server which is a part of the PSAV Command response message. If the connection
4yz Transient Negative Completion reply is successful, the outcome of the LIST Command, which corresponds to ‘8: File/Directory List’, is received in ‘Row
159~162’. As the data connection was completed, ‘Row 165’ calls the exit() function to terminate the sub-process.
5yz Permanent Negative Completion reply

20

20
x0z Syntax
<Table 60> Outcome of viewing FTP list
x1z Information
1 ubuntu:~/Projects/FTP1$ ./ftp_pasv_test
x2z Connections
2 < 192.168.11.20 : 220 Welcome to Prof.Lee's FTP service.
x3z Authentication and Accounting 3 > client : USER tester

ht

ht
x4z Unspecified yet 4 < 192.168.11.20 : 331 Please specify the password.
5 > client : PASS tester
x5z File system status
6 < 192.168.11.20 : 230 Login successful.
rig

rig
7 > client : PASV
‘3: Log-in (User ID, Password)’ is a step to make a connection to a specific user account. The ID and password 8 < 192.168.11.20 : 227 Entering Passive Mode (192,168,11,20,117,247).
should match each other. ‘Row 99~106’ is about sending the USER Command to the FTP server, where USER 9 p1 = 117
ID is sent to the FTP server following the USER Command. ‘Row 110~118’ corresponds to the PASS Command, 10 p2 = 247
responding to the USER Command, which sends out the password to the FTP server for the authentication. The
py

py
11 > client : LIST
next step can work only when the response codes for the USER Command and the PASS Command are in normal
12 < 192.168.11.20 : 150 Here comes the directory listing.
status. <Figure 73> briefly shows ‘4: Response’ as a single step (actually, there are two responses one for the USER
13
Command and the other for the PASS Command).
14 < 192.168.11.20 :
After the user authentication, ‘5: Passive Mode Connection’ is carried out in ‘Row 122~125’. This action is intended
Co

Co
15 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Desktop
to remove the possibility of network connection issue that might be caused by firewalls and the like. At this time, the
16 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Documents
PASV Command is delivered to the FTP server. The response for the command is received in ‘Row 127~130’ or ‘6:
17 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Downloads
Response’ step. When the FTP client sends the PASV Command to the FTP server in request of a passive mode
18 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Music
connection, the FTP server replies with “227 Entering Passive Mode. A1,A2,A3,A4,a1,a2” message to the FPT client.
19 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Pictures
“A1, A2, A3, A4” means the IP address of the FTP server (A1.A2.A3.A4). While, “a1, a2” means the port number
20 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Public
ⓒ

ⓒ
opened for the data connection. The actual port number is a1*256 + a2. The contents in the response message
21 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Templates
may be different but the structure is “A1,A2,A3,A4,a1,a2”, which includes the IP address of the FTP server and data
22 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Videos
connection port number. The FTP client, receives this information, should be able to process the information properly.
23 -rw-r--r-- 1 1001 1001 8980 Oct 04 2013 examples.desktop
The get_data_port() function of ‘Row 24~60’ extracts the open port number from the server’s response message
24 -rw-r--r-- 1 1001 1001 5241 Aug 30 20:10 ftp_pasv_test.c
relevant to the PASV Command and returns the value. Then, ‘Row 132’ uses the get_data_port() function to get the
25 drwxrwxr-x 2 1001 1001 4096 Aug 30 20:10 temp
open FTP server’s port number.
26 drwxrwxr-x 2 1001 1001 4096 Aug 30 20:10 work
To run the command for ‘7: View Directory List’, a new data connection needs to be generated by using the IP
27
address of the FTP server and the port number received in ‘6: Response’ step which were designated for the
28
passive mode connection. To do that, a new process is generated by using the fork() function as shown in ‘Row

110 TOPCIT ESSENCE M3 Network 111

TOPCIT ESSENCE Network

M3
29 12 * distributed under the License is distributed on an "AS IS" BASIS,
30 child: terminated... 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 ubuntu:~/Projects/FTP1$ 14 * See the License for the specific language governing permissions and
15 * limitations under the License.
<Table 60> shows the outcome of the program described in <Table 58>. As a result of ‘1: Connection’ step, the 16 */
welcome message of ‘Row 2’, which corresponds to ‘2: Response’ is received from the FTP server. According to 17
<Table 59>, Response Code 220 means ‘Positive Completion Reply’ and is related to the ‘Connection’. Any other 18 import java.io.IOException;
response codes can also be interpreted with the same mechanism. The outcome of ‘3: Log-in (User ID, Password)’ 19 import java.io.PrintWriter;
and ‘4: Response’ correspond to ‘Row 3~6’. ‘5: Passive Mode Connection’ and its pair ‘6: Response’ correspond

16

16
20 import java.util.logging.Level;
to ‘Row 7 and 8’ respectively. ‘Row 9~10’ is the message printed out of the console to validate whether the right 21 import java.util.logging.Logger;
port number was found in the message delivered from the get_data_port () function. ‘7: View Directory List’ covers: 22 import org.apache.commons.net.PrintCommandListener;
sending the LIST Command to the FTP server which corresponds to ‘Row 11’; and receiving the response, for the 23 import org.apache.commons.net.ftp.FTPClient;

20

20
LIST command, coming from the control connection, and this action corresponds to ‘Row 12’. As the response code 24 import org.apache.commons.net.ftp.FTPFile;
is 150, it means the file system status and positive preliminary reply. The outcome was transmitted through the data import org.apache.commons.net.ftp.FTPReply;
25
connection and is printed in ‘Row 15~26’. As a result of the LIST Command, which was sent to the FTP server, the
26
files and directory information of the current working directory are displayed.
27 /**
28 * Simplified version of FTPClientExample.java to show how to use the Apache
ht

ht
29 * Commons Net library
Example of FTP Implementation with Library 30 * <br> <br>
31 * URL: https://commons.apache.org/proper/commons-net/index.html <br>
rig

rig
The previous example was intended to give an instruction how to implement a protocol based on the standard and
32 * URL:
how to use the ‘C’ language in building an FTP protocol. In this chapter, we will look into how a pre-built Open
33 * https://commons.apache.org/proper/commons-net/javadocs/api-3.3/index.html
Source Library can help us enhance productivity as opposed to building from scratch. In the case of the network
34 *
program development, most of them are built based on the standard. However, FTP protocol has two implementation
py

py
options: one is starting from scratch; and the other is to utilize a pre-built library for higher productivity. 35 *

Apache Commons NetTM ,which was used for FTP protocol implementation, has been used in implementing many 36 * @author Gil-Dong Hong

of the widely used Internet protocols such as FTP/FTPS, FTP over HTTP, NNTP, SMTP(S), POP3(S), IMAP(S), Telnet, 37 * @since August 30, 2015
NTP/SNTP. [9]. 38 */
Co

Co
39 public class FtpList {

<Table 61> FtpList.java 40

41 private FTPClient ftpClient = new FTPClient();
1 /*
42 private String hostIp = null;
2 * Licensed to the Apache Software Foundation (ASF) under one or more
43 private String userid = null;
3 * contributor license agreements. See the NOTICE file distributed with
44 private String passwd = null;
ⓒ

ⓒ
4 * this work for additional information regarding copyright ownership.
45 private int cPort = 21;
5 * The ASF licenses this file to You under the Apache License, Version 2.0
46
6 * (the "License"); you may not use this file except in compliance with
47 /**
7 * the License. You may obtain a copy of the License at
48 * Constructor
8 *
49 *
9 * http://www.apache.org/licenses/LICENSE-2.0
50 * @param hostIp an IP address of an FTP server. ex) "192.168.11.110"
10 *
51 * @param userid a user account
11 * Unless required by applicable law or agreed to in writing, software

112 TOPCIT ESSENCE M3 Network 113

TOPCIT ESSENCE Network

M3
52 * @param passwd a password of a user account 92 /**
53 * @param cPort a control port of an FTP server. ex) 21 (default) 93 * Indicates whether the login is successful or not
54 */ 94 *
55 public FtpList(String hostIp, String userid, String passwd, int cPort) { 95 * @return TRUE if login is successful
56 this.hostIp = hostIp; 96 */
57 this.userid = userid; 97 private boolean login() {
58 this.passwd = passwd; 98 boolean status = false;
59 this.cPort = cPort; 99 int reply;

16

16
60 100
61 ftpClient.addProtocolCommandListener( 101 try {
62 new PrintCommandListener(new PrintWriter(System.out))); 102 ftpClient.connect(hostIp, cPort);
63 } 103 reply = ftpClient.getReplyCode();

20

20
64 104
65 /** 105 if (!FTPReply.isPositiveCompletion(reply)) {
66 * Gets the result of an FTP LIST command 106 ftpClient.disconnect();
67 * 107 System.err.println("FTP server refused connection.");
68 * @return if the list of directories or files is present. <br> 108 System.exit(1);
ht

ht
69 * null if login is not successful. 109 }
70 */ 110
71 public String getList() { 111 if (!ftpClient.login(userid, passwd)) {
rig

rig
72 StringBuilder buffer = new StringBuilder(); 112 ftpClient.logout();
73 113 }
74 boolean loginSuccessful = login(); 114 status = true;
py

py
75 115
76 if (loginSuccessful) { 116 } catch (IOException ex) {
77 ftpClient.enterLocalPassiveMode(); 117 Logger.getLogger(FtpList.class.getName()).log(Level.SEVERE, null, ex);
78 118 }
Co

Co
79 try { 119 return status;
80 FTPFile[] files = ftpClient.listFiles(); 120 }
81 for (FTPFile f : files) { 121 }
82 buffer.append(f.getRawListing() + "\r\n");
83 } <Table 61> shows an example how the FTPClientExample.java, a sample from the Apache Commons NetTM Library,
84 } catch (IOException ex) { was modified to meet the goal described in the scenario of <Figure 5>. The FTPClientExample.java program is in
ⓒ

ⓒ
85 Logger.getLogger(FtpList.class.getName()).log(Level.SEVERE, null, ex); compliance with the Apache 2.0 License, and the modified program FtpList.java also includes the Apache 2.0
86 } License in ‘Row 1~16’. The instance variables to be used in the FtpList class are defined in ‘Row 41~45. While,
87 } ‘Row 41’ creates the FTPClient object which works as an FTP client so that it can be utilized within the class. In
88 ‘Row 56~59’, string objects such as hostIp, userId, passwd, are initialized with the parameters of constructors which
89 return buffer.toString(); were delivered. The last row of the FtpList constructor, ‘Row 61~62’ will add a protocol command listener in order to
90 } monitor how the FtpClient object behaves and make the FTP command and responses are printed with System.out
91 on the console. In this manner, it is easier to verify whether the FTP protocol works normally within the library.
Among the steps shown in <Figure 73>, ‘1: Connection ~ 6: Response’ are conducted in the login method. ‘1:

114 TOPCIT ESSENCE M3 Network 115

TOPCIT ESSENCE Network

Connection’ is carried out in ‘Row 102’, and ‘2: Response’ for the Connection is carried out in ‘Row 103’. In ‘Row
105~109’, the received code is validated and the connection is terminated if the response code is not ‘positive
completion reply’ (code 220). If a connection is made with the FTP server, ‘3: Log-in (user ID, password)’ ~ ‘6:
Response’ steps are conducted in ‘Row 111’. As the FTPClient object is providing the login method, it is simpler
than the previous example which was using the ‘C’ language. (In the previous example, it was necessary to send
the USER command and the PASS command respectively and then process the responses for those commands.)
Because of this benefit, a good library can make the program development easier and enhance productivity. If the
log-in is made normally, ‘true’ is returned in order to notify that the log-in was completed normally.
M3
first to print out strings onto the console from ‘Row 2’ to ‘Row 8’. The FTP-related commands and the response
messages are displayed onto the console as an outcome of running the addProtocolCommandListener method of the
FtpClient class. The outcome of running the enterLocalPassiveMode method of the FtpClient class is shown onto the
console just like in ‘Row 9~10’. The contents in ‘Row 11~18’ are printed onto the console by ‘Row 83~88’ of <Table
61>. When comparing the two examples, the same directory name was printed as you can see in <Table 60>. This
means sending and receiving commands with the FTP server worked fine just as intended in the given scenario.
<Table 63> Outcome of View FTP List

16

16
The getList method in ‘Row 71~90’ is responsible displaying the directory list. First, the login method is run from ‘Row 1 ubuntu:~/NetBeansProjects/FtpClient$ java -jar dist/FtpClient.jar

74’ in order to cover ‘1: Connection’ ~ ‘6: Response’ steps shown in <Figure 73>. ‘Row 76’ validates whether the 2 220 Welcome to Prof.Lee's FTP service.
log-in was successful or not, and calls the enterLocalPassiveMode method of the FTPClient object in order to make 3 USER tester

20

20
the Passive Mode Connection as was shown in ‘Row 77’. This method makes the PASV (or EPSV) Command 4 331 Please specify the password.
sent to the FTP server before the data connection so that ’5: Passive Mode Connection’ and ‘6: Response’ can be
5 PASS tester
processed.
6 230 Login successful.

‘7: View Directory List’ is carried out in ‘Row 80’. The LIST Command is sent to the FTP server in order to view file/ 7 SYST

directory information of the selected directory. ‘8: File/Directory List’ returns the file/directory information sent from 8 215 UNIX Type: L8
ht

ht
the FTP server into the FTPFile object array so that file/directory list can be processed. In ‘Row 81~82’, the contents 9 PASV
of the FTPFile object array should be stored at the StringBuilder object (buffer), and they are used as a return value 10 227 Entering Passive Mode (192,168,11,20,76,215).
of the getList method.
rig

rig
11 LIST

12 150 Here comes the directory listing.

<Table 62> TestDrive.java
13 226 Directory send OK.
1 public class TestDrive {
14 LIST result =
py

py
2 public static void main(String[] args) { 15 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Desktop

FtpList ftpList = new FtpList("192.168.11.20", "tester", "tester", 21); 16 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Documents
3
17 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Downloads
4 String listResult = ftpList.getList();
Co

Co
18 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Music
5 System.out.println("LIST result = \r\n" + listResult); drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Pictures
19

6 } 20 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Public

21 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Templates

7 }
22 drwxr-xr-x 2 1001 1001 4096 Sep 13 13:19 Videos
ⓒ

ⓒ
23 -rw-r--r-- 1 1001 1001 8980 Oct 04 2013 examples.desktop
TestDrive.java of <Table 62> shows whether the FtpList class can work in accordance with the scenario shown in
24 -rw-r--r-- 1 1001 1001 5241 Aug 30 20:10 ftp_pasv_test.c
<Figure 73>. In ‘Row 3’, the FtpList object is generated. In configuring the parameters, it should be set as hostIp =
25 drwxrwxr-x 2 1001 1001 4096 Aug 30 20:10 temp
“192.168.11.20”, userid = “tester”, passwd = “tester”, cPort = 21 in order to generate an object that can try access to
26 drwxrwxr-x 2 1001 1001 4096 Aug 30 20:10 work
the FTP server, just like the FTP program example of <Table 58> written in the ‘C’ language. Next, ‘Row 4’ calls the
getList method of the FtpList object to get the directory list as a string object (listResult). Next, ‘Row 5’ prints out the 27
returned value so that users can see the selected directory list. 28 ubuntu:~/NetBeansProjects/FtpClient$

<Table 63> shows the Outcome. When the getList method of the FtpList object is called, the login method is called

116 TOPCIT ESSENCE M3 Network 117

TOPCIT ESSENCE Network

M3
04 JSP Web Programming

Characteristics of Web Programming

Generally used application programs are hardware/OS-dependent and should be installed on machines to run the
program. However, Web Applications can be run in any environment as long as web browsers can work. Recently,
it is not a trend to develop a set of application programs: one for the mobile environment and the other for the
desktop environment. As the Responsive Web Technology is available, it is possible to develop a single application

16

16
which can respond to various devices.

There are diverse Server Programming Technologies for web application program development such as JSP,

20

20
ASP, PHP, Python, and the like. Also, there are Client Programming Technologies such as: HTML 4[11] and
HTML 5[12]-description languages for web page structure; CSS2/CSS3[13]-description languages of web page
presentation; and JavaScript[14]-a script language of the web client side. JavaScript was originally called ECMAScript,
which was created as an object-oriented programming language used for calculation and object manipulation in the
host environment. JavaScript was used in the Netscape browser and Microsoft introduced similar technology called
Jscript. JavaScript was used along with XML to support asynchronous communications technology for conversational
ht

ht
applications. Since then, AJAX (Asynchronous JavaScript and XML) technique has been used widely for the web
development.
rig

rig
There will be a brief introduction about the JSP technology which can be used for developing web applications. In <Figure 74> How to implement a web application program using the servlet [16]
1997, Sun Microsystems developed a Java-based technology called a servlet for dynamic content generation. The
technology was not widely used as a web server technology due to its convenience in use. However, the technology Hence, JSP pages and servlets can be used to build the same feature. In addition, features only specific to JSP
is used in many areas these days because of the JSP (JavaServer Pages) technology which can allow descriptions
py

in the XML format and translate them into the servlet.
A JSP web application program is composed of: JSP page, servlet, JavaBeans component on the server side; and
static documents such as HTML/image, Java applets, JavaScript on the client side [16]. In a JSP web application
Co
py
pages can be used to implement a certain function easier than using servlets. For example: Declaration, Scriptlet
Expression, Scriptlet can be used to make the Java programming language elements available in JSP pages;
Directives which are used to select attributes in JSP pages or works as a tag to do page-level work in the XML
format; Standard Action which can have the impact on the current ‘out stream’ and can modify or create objects [16].

program, a JSP page plays an important role and takes the responsibility for the “View” out of ‘Model–View–
Controller’. However, once the program is running, JSP pages are turned into the servlet, so practically there is no
difference with the servlet. However, it is more convenient for developers because they can simply describe what
they want in the XML format instead of Java programming.
ⓒ
Co
In addition, there are various other features to help developers with implementation: Expression Language which
makes it possible to write JSP pages without a script and which is differentiated from the Scriptlet in its expression
and syntax; Tag Extension which can introduce a new action into JSP pages; and Standard Tag Library such as
JSTL. There is a certain limitation to introduce all the JSP features in detail in the TOPCIT Essence. It is recommended
to study other materials and standard documents such as JSR-245 (JSP) and JSR-315 (Servlet).

A servlet is composed of various components as shown in <Figure 74>: the javax.servlet.Servlet interface which
defines the Servlet Life Cycle; the javax.servlet.ServletConfig interface which takes the responsibility of Initializing
Servlet; and the javax.servlet.GenericServlet abstract class which specifies a Protocol-Independent Servlet by
implementing the two interfaces mentioned above. The GenericServlet abstract class is inherited to specify the javax.
servlet.http.HttpServlet class that can be operated through the HTTP protocol. Usually, this HttpServlet class is
inherited so that developers can specify the servlet with the features he/she would like to put in.
ⓒ
Examples of Web Programming
There will be an introduction about the steps how a web application programs can be built by using multiple
technological components of JSP. To that end, a simple web application program will be developed: which takes the
English name as an input and shows its meaning as an output. To make the explanation easier, screen shots will
be introduced, following the sequence of actions. This kind of screen design will be used during the web application
program development/analysis/design process. <Figure 75> shows a default screen of the web application program
we will build. There is a ‘Form Field’ where you can put a name in and an ‘OK’ button.

118 TOPCIT ESSENCE M3 Network 119

TOPCIT ESSENCE Network

M3
Screen shot: meaning of the name
AJAX-JSP Example

Input a name to see the meaning Meaning of the name

Meaning of Ajax: Eagle

Go back to the default screen to search the meaning of another name

16

16
20

20
<Figure 77> Screen shot: meaning of the searched name

<Figure 78> is a UML class diagram that indicates what kinds of classes are necessary and what kinds of relationship
<Figure 75> Default screen
should be built among them to meet the goal of our scenario. For easier understanding, attributes and operations are
written in Java syntax. The default screen shown in <Figure 75> corresponds to the InitialScreen class. The automatic
ht

To find out the meaning of a name, a user can start to type-in a name as shown in <Figure 76>. As the user cannot
know what names are available on the list, there is an automatic completion feature so that the user can select one
from the recommendation. The names in the gray box are the matches for ‘A’.
rig
ht
completion of the candidates shown in <Figure 76> is carried out by the NameCandidates class. The screen for
showing the meaning of the searched name shown in <Figure 77> corresponds to the ShowNameMeaning class.
Other classes are doing additional roles so that the classes mentioned above can work as intended.

rig
AJAX-JSP Example
py

py
Input a name to see the meaning
Co

Co
<Figure 78> Class diagram: ‘Finding the meaning of names‘
ⓒ

ⓒ
InitialScreen class which is equivalent to the default screen of <Figure 75> is implemented in index.html file as shown
in <Table 64>. ‘Row 1’ tells you it is based on HTML 5. In ‘Row 8~10’, the CCS technology defines the font color
and background color of the tag whose id is nameHint. ‘Row 12~29’ shows how the showCandidateNames function
of the InitialScreen class is implemented with JavaScript. Whenever a letter is typed in, a call is made so that the
<Figure 76> Screen shot: partial input and automatic completion
getNameHint.jsp of ‘Row 25’ can be called in AJAX method to bring in the name candidates corresponding to the
alphabet, and finally the inside of a tag, whose id is nameHint, gets changed. The getNameHint.jsp is equivalent to
Next, the user types in ‘j’, ‘a’, ‘x’ in sequence and click the OK button in order to move to another screen that shows
the NameCandidates class of <Figure 75>. ‘Row 35~40’ presents the HTML form where the user name comes as an
the meaning of a name as shown in <Figure 77>.
input. If the OK button is clicked, the getMeaning.jsp, which is equivalent to the ShowNameMeaning class, is called

120 TOPCIT ESSENCE M3 Network 121

TOPCIT ESSENCE Network

M3
as shown in ‘Row 35’ in order to display the meaning of the name which was typed-in. ‘Row 36’ shows that the 38 <div id="nameHint"> </div>
showCandidateNames JavaScript function is called when a KEYUP event takes place. (A KEYUP event happens 39 <input type="submit" value="OK" name="OK" />
when a user pushes a keyboard with a finger and puts the finger off from the keyboard.). 40 </form>
41 </body>
<Table 64> index.html 42 </html>

1 <!DOCTYPE html>
2 The getNameHint.jsp is equivalent to the NameCandidates class of <Figure 78> and can be implemented as <Table
3 <html> 65> shows. ‘Row 1~5’ shows the Comment used in JSP. The comment used in JSP, as opposed to the HTML
4 <head> comment, is not shown to the user of the web application programs. ‘Row 7’ presents a Page Directive that

16

16
5 <title>AJAX-JSP 예제</title> defines the attributes of a page. ‘Row 10’ is about the <jsp:useBean> Standard Action which enables JavaBeans
6 <meta charset="UTF-8"> components to be used along with JSP. By using JavaBeans components, which can be reused, it is possible to use
7 all the benefits of the Java programming language in JSP. This means user/customer requests can be met easily and

20

20
8 <style> flexibly as if you were using the Java language. Here, we are using the NameFinder class of the beans package.
9 #nameHint { color: aliceblue; background-color: lightslategray } ‘Row 19~28’ works as a Scriptlet which enables users to use Java programming language easily within JSP pages.
10 </style> These kinds of features of the programming language can be used within JSP pages, which come with pros and
11 cons; development work can become easier but it is hard to read at the same time. Hence, it is recommended not to
12 <script> use scriptlets within JSP pages, and the Tag Extension is provided as an alternative.
ht

ht
13 function showCandidateNames( name ) {
14 if (name.length === 0) { Here, the names in the form filed, which were delivered by the request object in the scriptlet, are delivered as
15 document.getElementById("nameHint").innerHTML = ""; parameters to the getCandidateNames method of the NameFinder object to bring the candidate names in a string
rig

rig
16 return; array. Just as in ‘Row 23~25’, if the returned string array is not equal to null, they are printed line-by-line on the
17 } else { out object. These outcomes are delivered in asynchronous way to the JavaScript code of the index.html so that the
18 var xmlhttp = new XMLHttpRequest(); candidate names can be displayed to users.
19 xmlhttp.onreadystatechange = function () {
py

py
20 if (xmlhttp.readyState === 4 && xmlhttp.status === 200) { <Table 65> getNameHint.jsp
21 document.getElementById("nameHint").innerHTML = 1 <%--
22 xmlhttp.responseText; 2 Document : getNameHint
23 } 3 Created on : Aug 30, 2015, 10:04:50 AM
Co

Co
24 } 4 Author : jongmin
25 xmlhttp.open("GET", "getNameHint.jsp?name=" + name, true); 5 --%>
26 xmlhttp.send(); 6
27 } 7 <%@page contentType="text/html" pageEncoding="UTF-8"%>
28 } 8 <!DOCTYPE html>
29 </script>
ⓒ

ⓒ
9
30 10 <jsp:useBean id="finder" scope="page" class="beans.NameFinder"/>
31 </head> 11
32 <body> 12
33 Type-in the name, to see the meaning of the name! 13 <html>
34 14 <head>
35 <form name="info" action="getMeaning.jsp" method="POST" 15 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
36 onkeyup="showCandidateNames(name.value)"> 16 <title>find name candidate</title>
37 <input type="text" name="name" value="" size="20" /> 17 </head>

122 TOPCIT ESSENCE M3 Network 123

TOPCIT ESSENCE Network

M3
18 <body> 16
19 <% 17 public String[] getCandidateNames(String partialName) {
20 String partialName = request.getParameter("name"); 18 String[] candidates = null;
21 System.out.println(partialName); 19 int count = 0;
22 String[] candidates = finder.getCandidateNames(partialName); 20 for (String name : names) {
23 if (candidates != null) { 21 if (name.startsWith(partialName)) {
24 for (String name : candidates) { 22 count++;
25 out.println(name + "<br/>"); 23 }
26 } 24 }

16

16
27 } 25 if (count > 0) {
28 %> 26 candidates = new String[count];
29 27

20

20
30 </body> 28 int i = 0;
31 </html> 29 for (String name : names) {
30 if (name.startsWith(partialName)) {

The NameFinder class used in the scriptlet within the getNameHint.jsp, shown in <Table 65>, is implemented just as 31 candidates[i++] = name;

shown in <Table 66>. ‘Row 14~15’ means all the names within the current working system. Usually, this type of data 32 }

ht

ht
should have been managed in a table of a DBMS, but the data is intentionally managed in a string array type for 33 }

simpler operation. ‘Row 17~36’ defines the getCandidateNames method. ‘Row 18’ is intended to declare variables so 34 }

that the candidates meeting the requirement of ‘Row 18’ can be returned as string array type. To find how many names 35 return candidates;
rig

rig
match to the pre-typed information, ‘Row 20~24’ is scanning through the string array. If the number of candidates is 36 }

higher than 0, the string objects are generated as shown in ‘Row 25~26’, as many as the number of the candidates. 37 }

The next step is to find out the names which match with the condition and to store them in the variable ‘candidates’. If
all the steps are completed, the final value is returned as shown in ‘Row 35’. The ShowNameMeaning class of <Figure 78> is used to realize the getMeaning of index.html shown in <Table 67>.
py

py
Here, ‘Row 8’ is using the Taglib Directive, which is very important in that it can connect JSP page script with
<Table 66> NameFinder.java existing Java programming language. In the getNameHint.jsp of <Table 65>, it was possible to use the scriptlet in order
1 package beans;
to freely use the Java codes in JSP pages. However, it does not provide good readability as codes and tags are
2
mixed together. To overcome this kind of weakness, JSP provides the tag extension method so that the Java codes
Co

Co
3 /*
can be used in a tag structure, which means the presentation layer and the logical layer are separated to make
independent development possible for each of the layers. This chapter will not cover details about the tag extension
4 * To change this license header, choose License Headers in Project Properties.
which is used to specify a tag library with the taglib directive.
5 * To change this template file, choose Tools | Templates
6 * and open the template in the editor.
The taglib directive in ‘Row 8’ needs to be connected to the MeaningTagHandler.java of <Table 68> so that it can
7 */
be used in the getMeaning.jsp. The doTag method of the MeaningTagHandler.java is called in ‘Row 19’ so that the
ⓒ

ⓒ
8 /**
meaning for the selected name can be displayed. In this step, $param[“name”] is used as a parameter value, which
9 *
indicates that the value of the name sent from the form of index.html in Expression Language. In the Java code
10 * @author jongmin
terms, it has the same meaning with the request.getParameter(“name”). The Expression Language can help reduce
11 */
the use of the Java codes within JSP pages to make JSP pages simpler.
12 public class NameFinder {
13
<Table 67> getMeaning.jsp
14 private String[] names =
15 {"Aaron", "Abel", "Adam", "Adel", "Ajax", "Jack", "Jacob", "James"}; 1 <%--
2 Document : getMeaning

124 TOPCIT ESSENCE M3 Network 125

TOPCIT ESSENCE Network

M3
3 Created on : 8 August 2015 11:35:06 p.m. 12 * @author jongmin
4 Author : jongmin 13 */
5 --%> 14 public class MeaningTagHandler extends SimpleTagSupport {
6 15 private String name;
7 <%@page contentType="text/html" pageEncoding="UTF-8"%> 16
8 <%@taglib uri="/WEB-INF/tlds/tag_library.tld" prefix="mylib" %> 17 @Override
9 18 public void doTag() throws JspException {
10 <!DOCTYPE html> 19 JspWriter out = getJspContext().getOut();
11 <html>

16

16
20
12 <head>
21 try {
13 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
22 // TODO: insert code to write html before writing the body content.
14 <title>Display the meaning of the name</title>
23 MeaningFinder meaningFinder = new MeaningFinder();

20

20
15 </head>
24 String meaning = meaningFinder.getMeaning(name);
16 <body>
25
17 <h1>Meaning of the name</h1>
26 out.println(name + "means: " + meaning);
18
27 out.println("<br/><br/> if you want to see the name of the meaning again");
19 <mylib:meaning name="${param['name']}" />
28 out.println("<a href=\"/JSPTest/index.html\">Go back to the</a>default screen");
ht

ht
20
29
21 </body>
30 JspFragment f = getJspBody();
22 </html>
31 if (f != null) {
rig

rig
32 f.invoke(out);
The MeaningTagHanlder.java which defines the tag library used in 속 getMeaning.jsp is implemented as shown in
33 }
<Table 68>. When the <mylib:meaning> tag is called, the doTag method of the MeaningTagHandler.java is called. The
34
JspWriter object (out) in ‘Row 19’ is related to the PriterWriter object of the ServletReponse which is connected to
py

py
35 } catch (java.io.IOException ex) {
the web browser. Therefore, when HTML data is sent to the JspWriter object, a user can see the rendered contents
36 throw new JspException("Error in MeaningTagHandler tag", ex);
through the web browser. The MeaningFinder object, which can tell you about user name and the relevant meaning,
37 }
is generated in ‘Row 23’. While, ‘Row 24’ calls the getMeaning method of the MeaningFinder object in order to bring
up the wanted information. ‘Row 26~28’ is about showing this information to users. 38 }
Co

Co
39
40 public void setName(String name) {
<Table 68> MeaningTagHandler.java
41 this.name = name;
1
42 }
2 package taghandler;
43
3
44 }
ⓒ

ⓒ
4 import beans.MeaningFinder;
5 import javax.servlet.jsp.JspWriter;
6 import javax.servlet.jsp.JspException; The MeaningFinder class is implemented as shown in <Table 69> and such information should be managed in a
7 import javax.servlet.jsp.tagext.JspFragment; table structure of a DBMS just like the case of the NameFinder.java of <Table 66>. However, it is implemented in a
8 import javax.servlet.jsp.tagext.SimpleTagSupport; simple array on purpose in this example. The NameMeaning object is used as an element of the array, and in <Table
9 70>, it is defined as a simple class which expresses the name and the corresponding meaning in strings. In ‘Row
10 /** 26~36’, the getMeaning method is implemented. However, we skip the detailed explanation here as it is not so much
*
different from general Java programming.
11

126 TOPCIT ESSENCE M3 Network 127

TOPCIT ESSENCE Network

M3
<Table 69> MeaningFinder.java <Table 70> NameMeaning.java

1 package beans; 1 package beans;

2 2
3 /**
3 /**
4 * cf. http://www.aussiethings.com.au/babynames/aboy.htm
4 *
5 *
5 * @author jongmin
6 * @author jongmin
7 */ 6 */

16

16
8 public class MeaningFinder { 7 public class NameMeaning {

9 private NameMeaning[] nameMeaningInfo = { 8 private String name;

10 new NameMeaning("Aaron", "To sing; Messenger"), private String meaning;
9

20

20
11 new NameMeaning("Abel", "A breath, Son"),
10
12 new NameMeaning("Adam", "Of the red earth"),
11 public NameMeaning(String name, String meaning) {
13 new NameMeaning("Adel", "Fire, Noble"),
12 this.name = name;
14 new NameMeaning("Ajax", "Eagle"),
15 new NameMeaning("Jack", "Replacer. A form of James/John"), 13 this.meaning = meaning;

ht

ht
16 new NameMeaning("Jacob", "Held by the heel, Replacer. A form of James"), 14 }
17 new NameMeaning("James", "Supplanter, Replacer") 15
18 };
public String getName() {
rig

rig
16
19
17 return name;
20 /**
18 }
21 * gets the meaning of a given name
22 * 19
py

py
23 * @param name name to want to know the meaning 20 public String getMeaning() {

24 * @return if a corresponing name exists 21 return meaning;

25 */ }
22
Co

Co
26 public String getMeaning(String name) {
23 }
27 String meaning = null;
28
for (NameMeaning temp : nameMeaningInfo) {
To meet the goals of the scenarios shown in <Figure 75>~<Figure 77> in the JSP web application programs, many
29
technologies were used: client programming technologies such as HTML, CSS, JavaScript, AJAX; and JSP server
30 if (temp.getName().equals(name)) {
programming technology. Also the JSP technical elements were used such as page, directive, <jsp:useBean>,
meaning = temp.getMeaning();
ⓒ

ⓒ
31
standard action, scriptlet, tag extension, and expression language. As software becomes more sophisticated, we
32 break;
need various technical elements as was described in our examples. Therefore, it is important to further develop
33 }
programming capability based on the knowledge of these technical elements.
34 }
35 return meaning;
36 }
37 }

128 TOPCIT ESSENCE M3 Network 129

TOPCIT ESSENCE Network

M3
Example Question
Keep up with the Recent Trends in Network
Question type Ⅵ
Multiple choice question
Technology
Question

Following are the examples of the application layer protocols.

Choose just one protocol which has different client-server connection method. Latest Trends and Key Issues

16

16
Briefly describe what is the feature and characteristics of the protocol.
Cutting-edge network technologies have emerged backed by the high-speed data transmission and

various convergence technologies. With the rise of technologies which can offer high quality services in
traffic transmission on the Internet, services such as multimedia communications and VoIP have been

20

20
① FTP ② HTTP ③ POP3 ④ SMTP ⑤ TELNET
initiated. More recently, technologies based on Internet of Thing (IoT) have been more widely used and
the number of IoT standardization groups and institutes are growing as well. Software-based network,
which has a whole different structure from the existing network, has been newly introduced. In this
Intent of the question
chapter, we will take a look at the recent network trends and key issues.
It is necessary to understand how the client-server connection works in order to build and realize
ht

ht
application layer protocols.
Study Objectives
Answer and explanation
rig

rig
To be able to understand the concept of multimedia network and VoIP and explain relevant protocols
FTP: there are two types of client-server connection- Control Connection and Data Connection
To be able to explain basic network technologies for IoT (Internet of Thing)
To be able to explain the concept of software-based network
py

py
Related E-learning Contents
• Lecture 7 Application Layer Technologies Practical Importance Medium
Co

Co
Keywords
Lossless compression, Lossy compression, QoS, SIP, H.323, RTP, RTCP, IMS, CSCF, HSS, 3GPP, SDN,
OpenFlow, Control Plane, Data Plane, NFV, Virtualization, MQTT, CoAP
ⓒ

ⓒ
130 TOPCIT ESSENCE M3 Network 131
TOPCIT ESSENCE Network

M3
01 Multimedia Network Multimedia data

Type of Image Compression
Image data makes up the majority of traffic on the multimedia network and the compression techniques of the image
data can be divided into Lossless (reversible) compression and Lossy (irreversible) compression. The lossless
compression, which is also called a reversible compression, is a compression algorithm that can recover all the
original data without any data loss when the image data is decompressed. It provides a lower compression ratio than
Multimedia data refers to the data that consists of various media types like text, image, video and audio whereas
the text comes in two formats: Plain Text and Hypertext. The text data uses Unicode as the underlying language to
represent symbols. The text can be compressed using lossless compression method.
Image, which is also called a still image in the multimedia context, is the representation of a photograph, a fax page,
or a frame in a moving picture. As shown in <Figure 79>, an image is converted into the binary data through the
transformation, quantization, and encoding procedures. This binary data can be converted to the image by going
through the inversed procedures.

16

16
the lossy compression algorithm. DCT (Discrete Cosine Transform) is a mechanism which is widely used in the first step of transformation
The lossy compression, which is also called an irreversible compression, is a compression algorithm in which some processes for JPEG image compression. The decompression is achieved by an ‘inverse DCT mechanism’. For the
data is lost when the image data is decompressed, so the decompressed data is not perfectly identical to the original transformation and inverse transformation, the image is split into 8 x 8 blocks. The quantization refers to a process

20

20
data. where the real numbers in the output of the DCT transformation are rounded off to the nearest integer, mostly
resulting in 0. After the quantization, the image components are arranged in a zigzag order before the image is
① Lossless compression encoded. Finally, the lossless compression is made, using the run-length encoding or the arithmetic coding. [1]
In the lossless compression technique, compression and decompression algorithms work exactly in the opposite
way each other, so not any part of the data is lost. In this technique, every single bit of data remains the same
ht

ht
after the data is decompressed or compressed. Some of the main lossless compression techniques in use are:
Run-length Encoding, Dictionary Coding, Huffman Coding, and Arithmetic Coding. Transformer Quantizer Encoder
Image 1010101010
(Lossless) (Lossy) (Lossless)
rig

rig
<Table 71> Types of lossless compression

Compression Type Details

Run-length •Repeated occurrences of a symbol are represented by the symbol and the number of occurrences Inverse
encoding 1010101010 Decoder Dequantizer Image
(run-length) of the symbol. transformer
(RLE)
py

py
•It scans through a message to build up a dictionary. When a string of symbols in the dictionary
Dictionary coding
entry is found in the message, it is replaced by a code value (index value) assigned to that entry.
•When data is coded in a binary pattern, shorter codes are assigned to the symbols that occur <Figure 79> Image data transformation process
Huffman coding
more frequently and longer codes are assigned to those that occur less frequently.
Co

Co
•The entire message is mapped to a small interval inside [0,1] and the small interval is then
Arithmetic coding Video data is composed of multiple frames and each frame represents one image. This means that a video file
encoded as a binary pattern.
requires a high transmission rate. The video compression is achieved by two compression methods: spatial and
temporal. The spatial compression of each frame is done in the JPEG format and each frame is compressed
② Lossy compression
independently. In the temporal compression, redundant frames are removed and three types of previously coded
The Lossy compression refers to a data compression technique which eliminates redundant or unnecessary
frames are used: I-frame (coded independently), B-frame and P-frame (both coded based on other I-frames).
information in order to gain higher compression ratio at the expense of accuracy. Some of the main lossy
ⓒ

compression techniques in use are Predictive Coding and Transform Coding. The predictive coding refers
to a technique used to convert an analog signal to a digital signal. Instead of quantizing a PCM (Pulse Code
Modulation) sample independently, it quantizes the difference between two adjacent samples. The difference
values are smaller than the values of the original sample, so it can be coded using fewer bits. The transform
coding is a technique used to transform a signal from one domain (typically, spatial/time domain) into another
domain (generally, frequency domain), and then compress this signal.
ⓒ
An analog audio signal is converted to a digital signal, using an Analog to Digital Converter (ADC). The ADC is
composed of two main functions of sampling and quantization.
QoS(Quality of Service)
To preserve the QoS on the multimedia network, RSVP (Resource reservation protocol) and the TOS Field are
mainly used. As shown in <Figure 80>, RSVP is designed to reserve the network bandwidth for an end-to-end data
transmission where data is processed on a first-in first-out basis. In the TOS field method, each packet is given with
a ‘TOS field class’ and the processing priority is determined based on the value in the TOS field.

132 TOPCIT ESSENCE M3 Network 133

TOPCIT ESSENCE Network

M3
TOS field is expressed as 4-bit binary numbers. Each number has a meaning, as shown in <Table 72>.
Delivery in best effort if
RSVP is not possible.
End Points Send Unicast
Signaling Messages(RSVP PATH + RESV) <Table 72> TOS field values [4]
RSVP PATH Messages Binary number Meaning

1000 minimize delay

RSVP RESV Messages 0100 maximize throughput

<Figure 80> How RSVP contributes to the Quality of Service 0010 maximize reliability

16

16
0001 minimize cost
RSVP is one of the signaling protocols from the IETF where a data flow can be reserved with the static bandwidth
0000 normal service
through an end-to-end signaling. It is generally designed to reserve a queue [2]. There are two fundamental

20

20
RSVP message types: Path and Resv. The path message which is initiated by the sender host travels through the
network to all the receivers along the path. It stores information which is necessary for the receiver. On receipt of the
path message, the receiver sends back the Resv message upstream to the sender. This Resv message reserves
resources of the routers that support RSVP. When the router does not support RSVP along the way, packets are 02 Basic Idea about VoIP and Call Signaling Protocol
delivered through the best-effort delivery mechanism.

ht

ht
What is Voice Over Internet Protocol (VoIP)?
rig

rig
VoIP is a voice communications technology that relies on the packet data transferred over the IP network. <Figure
83> shows the VoIP system architecture. The two main blocks for the VoIP services are the Media Gateway and
the Signaling Gateway. The media gateway provides support for the delivery of multimedia data. It converts the data
to the relevant format and sends it to the target network. It is controlled by MGCP (Media Gateway Control Protocol).
A signaling gateway is a network component responsible for call signaling by using protocols, such as H.323, SIP,
py

py
MGCP and MEGACO. Its function is to convert signals on the PSTN and the IP network, so that the signals can be
used between the two.
Co

Co
<Figure 81> Format of RSVP PATH message [3] IP Device
Signaling
Gateway
PSTN H.323,SIP PSTN
As shown in <Figure 82>, in the mechanism where a TOS field is used to prioritize the IP datagram, 1-byte TOS (Type RTP/RTCP
of Service) field is checked and the priority is made based on the value. There are eight classes in the TOS Class, SS7 H.323,SIP SS7
ranging from 0 to 7 and the priority goes up if the number is higher. SSP SSP
ⓒ

ⓒ
The first field, labeled PRECEDENCE, represents the priority or importance of the packet. The second field, labeled as SIGTran
TOS, denotes how the network makes tradeoffs among throughput, delay, reliability, and cost. The last field, labeled MGCP/
as MBZ (must be zero), is currently unused. MEGACO
RTP / RTCP

IP network
Media
Gateway

<Figure 83> VoIP system architecture

<Figure 82> TOS field structure [4]

134 TOPCIT ESSENCE M3 Network 135

TOPCIT ESSENCE Network

M3
VoIP Call Signaling Protocol Classification Details

• H.263, MPEG-4, H.264

Video Codec
VoIP call signaling protocol is composed of SIP (Session Initiation Protocol) and H.323. SIP is an application layer • Used for the video coding. H.263 is commonly used. Up-to-date version is H.264
signaling protocol which specifies procedures that guide intelligent terminals, which want to join a communications on
• Real-time Transport (Control) Protocol, RFC 3550, RFC 3551
the Internet, to identify each other and find their locations. It is also used to create, modify, and terminate multimedia RTP/RTCP
• Real-time communications protocol
sessions between the terminals. H.323 protocol is a standard method defined by the ITU-T to provide audio,
data, video communication services on the LAN which does not provide guaranteed quality of service. Multimedia
communication services can be provided by following simple procedures which do not require any modification in the ② SIP message structure
existing network elements. It has been widely used by the early VoIP operators. In SIP, users are identified by an SIP URI (Uniform Resource Identifier), which is similar to an e-mail address. By

16

16
utilizing the SIP URI, SIP can provide the IP address agnostic services. A SIP message consists of the Start Line
① SIP (Session Initiation Protocol) (which specifies the method type in request and SIP URI), Header (which sets the value for controlling sessions),
SIP is an application layer signaling protocol used for setting, modifying, and terminating multimedia communication Body (which shows what type is set in the content-type), and CR/LF (which is a blank line between the header

20

20
sessions. It is independent of the lower-layer transport protocol and is scalable because SIP is an HTTP text- and the body).
based protocol.
SIP provides mechanisms to control sessions, which enables circuit-switched call control in the packet-switched
<Table 74> SIP Header [5]
network. It also enables multimedia applications to run on the packet network, the Internet. It is a convenient
Classification Details
solution for the text-based addressing, such as URL and E-mail, and for the message parsing and extension.
The SIP stack is shown in <Figure 84>. It is located above the transport layer protocols, TCP and UDP. <Table 73>
ht

ht
• Set to the same value of the URI in the To header
Request-URI
illustrates components of the session initiation protocol. • When setting the Request-URI of REGISTER, it is set as a domain name without @

To • Specify the logical recipient of the request

rig

rig
SIP API
• Indicates the identity of the initiator of the request message
From • It contains the destination UA (User Agent), the end point URI (Uniform Resource Indicators), and a tag
Audio Video
Codec Codec parameter.
SIP SDP
py

py
RTP / RTCP • Identify the identity of the initiator of the request message
• It contains a print-out name and a URI of a UA who sends the request.
Call-ID
TCP / UDP UDP • It contains a tag parameter. The tag parameter serves as a general mechanism used together with the
Call-ID to identify a dialogue. Its value should be unique and encrypted.
Co

Co
IP

• Serves to identify and orderly arrange transactions

Physical CSeq
• It consists of a sequence number and the method.

<Figure 84> Stack of the session initiation protocol • Used to limit the number of hops that the request may take before reaching the destination
Max-Forwards • When a request reaches 0 before reaching its destination, the 483 response (Too Many Hops_error) is
returned as a reply.
ⓒ

ⓒ
<Table 73> Components of SIP

Classification Details Via • It contains the transport protocol used to send the message and the SIP version.

SIP • RFC 3261, defines the basic set of information regarding SIP • An address designated to a UAC (User Agent Client) which sends the SIP request message
Contact(option) • A contact address is used as a reference when the UAS sends a response.
• Session Description Protocol, RFC 4566/3264 • It is the mandatory header to send an INVITE.
SDP
• Defines a multimedia session parameter

• G.711A, G.723.1, G.729A Require(option) • Used by a UAC to identify an extension necessary to handle the request sent.
Audio Codec
• Used for the voice coding, Spec of audio codec varies for the compatibility with various systems.

136 TOPCIT ESSENCE M3 Network 137

TOPCIT ESSENCE Network

M3
H.323 Endpoint 1 Endpoint 2
Setup (1)
H.323 is a standard defined by the ITU-T to provide audio, data, video services on the LAN which does not offer
guaranteed quality of service. Multimedia communications services are provided by following simple procedures Call proceeding (2)
which do not require any modification of the existing network elements. It has been widely used by the early VoIP
operators. Alerting (3)
The architecture of H.323 network is shown in <Figure 85>. It consists of the following components: a terminal which
is a machine used by a real user, such as general telephone devices, fax and PC equipped with multimedia devices; Connect (4)

a gatekeeper which is used to perform the translation between the E.164 and an IP address, to perform redirection

16

16
and call verification, and to manage call signaling, components, and bandwidths; and a gateway which provides a
H.323(06-06)_F29
mapping function to logically connect (through encoding, protocol, and call control) different networks (IP network, Call signaling messages
PSTN, ISDN, ATM, etc.)

20

20
<Figure 87> Basic call configuration (without a gatekeeper) [6]
H.225.0
H.323 Annex G
endpoint Inter-Domain
IP-based
H.323 H.450 Voice Mail Gate - Gate -
endpoint Call Deflectoin Server MCU
Keeper Keeper 03 Media Transport Protocol
ht

ht
H.323
CO
POTSISUP

Voice Annex E
Fax IP LAN UDP Signaling
GW Firewall Egress Types of Media Transport Protocol
PBX Server Router ISP
rig

rig
The media transport protocol comprises two parts: RTP (Real Time Transport Protocol) and RTCP (Real Time
H.320
ISDN

CO Control Protocol). RTP is designed to carry traffic real-time on the Internet. It is mainly used to transmit the video or
GW H.323 Annex D (T.38 Fax)
H.323 Annex F (Simple Endpoint Types) audio data in real time on the Internet. Meanwhile, RTCP is used to control RTP that is a protocol for streaming the
video or audio on the Internet. Both RTP and RTCP are specified in the IETF RFC 1889.
py

py
<Figure 85> H.323 network architecture

The H.323 stack is shown in <Figure 86>. <Figure 87> illustrates how an end-to-end call is basically established RTP(Real-time Transport Protocol)
without a gatekeeper.
Co

Co
RTP (Real-time Transport Protocol) is designed to address real-time traffic request on the Internet and mainly used
to deliver video or audio data in real time on the Internet. RTP is mostly used upon the UDP (User Datagram Protocol)
AV App Terminal Control and Management Data App of the transport layer.
In the media file transfer over the RTP protocol, the sender packetizes media data, which is compressed with the
G.7xx H.26x H.225
Terminal to T.125 codec, into the RTP packet and sends it to the receiver using UDP. Since it runs on the UDP, RTP doesn’t guarantee
Call
Gatekeeper H.245
ⓒ

ⓒ
RTCT Signaling timely delivery of packets, nor does it prevent packet losses. Hence, a variety of information included in the RTP
Signaling
RTP (RAS) T.124
packet header should be utilized properly in the video and audio applications to make sure that the processing
Reliable Transport(TCP) T.123 can be completed seamlessly. RTCP can be used to maintain the QoS of RTP and to make the media streams
UDP
synchronized.
Network Layer(IP)
The format of the RTP header is shown in <Figure 88>. The RTP header consists of a fixed header (min. 12 bytes,
Link Layer from V to SSRC), followed by optional extension headers. The RTP payload comes after the RTP header.
Physical Layer

<Figure 86> The H.323 protocol stack

138 TOPCIT ESSENCE M3 Network 139

TOPCIT ESSENCE Network

M3
<Table 76> Payload Type

Type Application Type Application Type Application

0 PCMμ Audio 7 LPC audio 15 G728 audio

1 1016 8 PCMA audio 26 Motion JPEG

2 G721 audio 9 G722 audio 31 H.261

3 GSM audio 10-11 L16 audio 32 MPEG1 video

16

16
<Figure 88> Structure of the RTP packet header [7]
5-6 DV14 audio 14 MPEG audio 33 MPEG2 video

<Table 75> Components of RTP packet header [7]

20

20
Header Bits Details
RTCP(Real-time Transport Control Protocol)
V (Version) 2 bits •Indicates the version of the protocol. The current version is 2.
RTCP is a protocol for controlling RTP which is used for the video and voice streaming over the Internet and is
defined in RFC 1889 along with RTP as a part of the IETF standard. RTCP packet types include: Sender Report

ht

ht
•Used to indicate if there are extra padding bytes. If this field is set, padding bytes are added Packet, Receiver Report Packet, Source Description Message, Bye Message, and Application Specific Packet. The
P (Padding) 1 bit at the end of the RTP packet.
role of each packet type is described in <Table 77>.
•Padding bytes are used in the encryption algorithm or used to align the packet length.
rig

rig
<Table 77> RTCP packet type [8]
X (Extension) 1 bit •Indicates the existence of an extension header between the fixed header and the payload.
Type Details

Sender report A type of packet used to report about the sending and receiving statistics of all the RTP packets that
packet were sent by active senders within a certain session.
py

py
CC (CSRC Count) 4 bits •Indicates the number of CSRC identifiers that comes after the fixed header
A type of packet generated by passive participants; participants not sending any RTP packets.
Receiver report
Reporting is about the service quality information directed to senders and other receivers except for
Packet
•Defined by a profile, and its usage is determined by the payload type the packet receiver.
M (Marker) 1 bit
•Used to mark the frame boundary of the media file (or the like)
Co

Co
Source description
A type of packet that is periodically sent to deliver the additional information about the source
packet
PT (Payload
7 bits •Indicates the format of the payload; audio or video encoding type field
Type)
Bye packet A type of packet that is delivered to terminate a stream

•Incremented by one for each RTP packet sent, and used by the receiver to detect packet
Sequence Application specific
16 bits losses and to restore packet sequence A type of pack that is used experimentally for the application programs
ⓒ

ⓒ
Number packet
•Used at the application layer

•Reflects the sampling timing of the first byte of the RTP data packet
•Used to enable the receiver to play back the received media at in the order of the contents
Timestamp 32 bits transferred
•It is derived from the media sampling clock of the sender. The field unit is determined in IMS (IP Multimedia Subsystem)
accordance with the payload type. It is determined by the RTP profile for applications.

•Synchronization Source IMS (IP Multimedia Subsystem) was first introduced by the 3GPP (3rd Generation Partnership Project) which
SSRC 32 bits •Used to identify the RTP stream source is developing the international standards for mobile communications. The IMS is a basic platform to provide IP
•The values in this field should be unique within the same RTP session. multimedia services and the SIP-based call control is used as a core technology for the IMS.

140 TOPCIT ESSENCE M3 Network 141

TOPCIT ESSENCE Network

M3
① Introduction to IMS <Table 78> Main components of IMS service domain

IMS is a communications platform defined by the 3GPP (an international standards institute) in order to control Classification Detail
multimedia sessions and provide multimedia services based on SIP. The IMS can also be defined as a core
•The first IMS node encountered when a user (UE, User Equipment) is trying to establish a
network designed to provide integrated services in the wired/wireless multi access network environment. P-CSCF
connection.

② Goal of IMS service I-CSCF •The first IMS node encountered when the user’s home network is connected to IMS.

IMS is intended to provide multimedia services such as voice, audio, video based on the Internet protocol, and
•A subsystem that controls the user’s session
to develop and modify the services swiftly. A set of commonly used internet-based technologies were used to S-CSCF •A registrar sending an authentication challenge to the user with the authentication vectors supplied
make the price more affordable. In addition, an effective session management has been introduced to make the by the HSS.

16

16
interface with various 3rd party applications easier. Hence, it is possible to expand the business further thanks to
global interconnectivity among services. HSS •Supports the user authentication, message integrity check, and encryption

20

20
③ Structure of IMS network
The logical structure of the all IP networks can be categorized into Radio Network Domain, the GPRS Packet Application Application Application Application Application Application
Switched Service Domain, and IP Multimedia Service Domain. The GPRS packet switched service domain can be server server server server server server
replaced with the IP network provided by packet routers, which is beyond the 3GPP scope. While, the wireless
domain can be replaced by other wireless network access domains and the data network access domains such
ht

ht
as Wibro and Mobile-LAN, which are beyond the 3GPP scope. The service domain for IMS is composed of:
Siloed authentication, connection and management IMS Central authentication, connection and
between a terminal and an application management
CSCF (Call Session Control Function) which is responsible for the registration and multimedia call processing of
SIP messages; and HSS (Home Subscriber Server) which is an upgrade from the existing HLR (Home Location
rig

rig
Register) of the legacy mobile network with the addition of the IP multimedia user mobility management and Terminal Terminal Terminal Terminal Terminal Terminal
authentication.

<Figure 90> IMS’s centralized session control [10]

py

py
④ Role of IMS in convergence environment
•To build a structure for the ID and authentication management in the convergence environment
•To provide bidirectional channels for service control
Co

Co
•To make service session connections via independent service infrastructure

Phone call or messaging

IPTV service Web or WAP service
services

Core IMS
ⓒ

ⓒ
IPTV STB

PC VolP Video terminal

IPTV STB VolP Wireless terminal

<Figure 89> IP Multimedia: core network system reference architecture [9] <Figure 91> Convergence service using IMS [10]

142 TOPCIT ESSENCE M3 Network 143

TOPCIT ESSENCE Network

M3
Providing an ID and authentication required for an integrated service, for clear personalization in a wired/
wireless environment

• Providing a service ID and authentication mechanism based on UICC

Providing session control function between the terminal and the server

• Bidirectional session control between the terminal and the server and bidirectional session control
between terminals

16

16
• Providing an exchange channel for service information and control information that are required
between the terminal and the server

Accommodating various AS for service control and provision

20

20
•Accommodating various AS required for service control such as Service mobility and control
information exchange

Providing basic communications services required in the integrated (wireless/wired) environment such as call
and messaging.
ht

ht
• Call service: voice/video call and various other additional services such as call forwarding and call
<Figure 93> How IoT can be applied
waiting/
• Messaging service: IM, PS, SMS, MMS, Buddy List management and the like
rig

rig
<Figure 92> Role of IMS for convergence [10]
Trend of IoT Standardization
py

py
IoT standards, especially on the mobile communications, were mainly driven by the 3GPP and ETSI. However,
oneM2M started to lead the standardization works from 2012. The Open Mobile Alliance (OMA), which was designed
to manage a myriad of devices, created the LWM2M (Lightweight M2M) protocol and suggested a client-server
based communications method. The most up-to-date LWM2M, which uses CoAP (Constrained Application Protocol)
04 Network Technologies for IoT (Internet of Things)
Co

Co
and HTTP for the data transfer, was released by oneM2M.

<Table 79> Trend of IoT standardization

Introduction to IoT
Standardization
Details
institute
IoT (Internet of Things) refers to equip various things with sensors and functions that can enable communications
•Started to work on standardization in 2008 to enhance the 3GPP networks and systems under the
ⓒ

ⓒ
under the purpose of sensing, networking, and information processing in a mutually collaborative way without any
name of MTC
human involvement. In addition, IoT means to allow everything, be it a human or a thing, can exchange information •The scope of standardization covers M2M/IoT devices, wireless network sections, and mobile
thanks to the evolution of technologies: ubiquitous technology that enables users to gain access to information networks comprising core networks. There are four TSGs (Technical Specification Group) which
3GPP MTC create the standards respectively.
network at any time and at any place; and the Machine To Machine technology that makes intelligent communications
•SA: Service & System Aspects
possible between things. •CT: CN and Terminal
•RAN: Radio Access Network
•GERAN: GSM EDGE Radio Access Network

144 TOPCIT ESSENCE M3 Network 145

TOPCIT ESSENCE Network

M3
Core Technology of IoT
•Started the standardization of machine to machine communications based on the service use The core technologies of IoT cover the areas of sensing, wireless/wired communications, network infrastructure, IoT
cases in 2009 under the name of TC M2M
ETSI TC M2M •The scope of standardization covers overall components end-to-end, including users and service service, and interface.
providers.
•The M2M standards, related to the mobile communications, are made in cooperation with the 3GPP
① Sensing technology
The information we get from machines and objects are collected via sensors. A wide range of sensors are
embedded within devices so as to acquire the information from the environment where the devices are located,

16

•A standardization of common platforms that can support smart phone, smart cars, and various
other IoT services.
•Seven regional standardization institutes TTA (Korea), TIA, ATIS (US), ETSI (Europe), CCSA
oneM2M
(China), TTC and ARIB (Japan), and major companies across the world are participating via the
standardization institutes.
16
be it temperature, humidity, heat, illumination, and ultrasonic wave. Those sensors should be optimized to
consume the least amount of electricity so that they can work for a long period of time. There is a development
trend of sensors: physical sensors are replaced by smart sensors which have a standardized interface and
information processing power. In addition, those smart sensors have so called virtual sensing function; extracting

20

•The recently released Rel.1 includes CoAP and HTTP as its standard protocols.
•As a part of the ITU-T, the IoT-GSI(Internet of Things Global Standards Initiative) is responsible for
IoT realted standardization planning.
•The JCA-IoT(Joint Coordination Activity on Internet of Things) developed the JCA-IoT Roadmap 3.0
ht
20
certain information from the data those sensors already acquired. As such, sensors come to have more roles to
play. This means a wide range of sensors should be covered with convenient control functions and interactive
communications. Hence, a market for the hardware platform, especially open source hardware, is growing.
② Wired/wireless communications and network infrastructure technology

ht
and is working in coordination with other standardization institutes.
ITU-T IoT-GSI/ Generally, wired technology such as Ethernet or PLC (Power Line Communication) can be used for machines to
•SG2(Study Group 2) is responsible for operational aspects of service provision and
ITU-T JCA-IoT
telecommunications management; SG11 for signaling requirements, protocols, and test gain access to the Internet. However, mobile communications can be more effective, considering its easiness of
specifications; SG 16 for multimedia coding, systems, and applications; SG3 for economic and
installation and convenience of mobility; such as WLAN, Bluetooth, ZigBee, UWB (for near field communications)
rig

policy issues; SG9 for broadband cable and TV; SG13 for future networks including cloud
computing, mobile, and next-generation networks; and SG17 for security.
<Figure 94> shows institute-level and protocol layer-level information regarding the scope of standardization.
py
rig
and 3G, LTE, and the like. In addition, there are new and emerging technologies for the sensor networking.
• BLE (Bluetooth Low Energy): also called Bluetooth Smart, not compatible with the existing Bluetooth, but
compatible with the Bluetooth 4.0, a low power near filed wireless communication standard
• Z-Wave: Using the intelligent mesh network topology, but not having a master node, a protocol for the devices

py
that require low power and low bandwidth
M2M Device / Gateway M2M Platform
Application Application ③ IoT service and interface technology
ETSI In order to automatically analyze and share a lot of data collected by the sensors, we need technologies such as
Co

Co
Presentation Presentation ontology-based Semantic Web, cloud computing for large-scale distributed processing, and Open API for various
Session Wireless Core Session service accesses.
Network
Wireless Access Transport
Transport Network
Networt Networt Major Protocols for IoT
Core network
ⓒ

ⓒ
IEEE (IP network)
AP
Link Link The biggest requirement for IoT protocol is ‘light weight’, and the generally used protocols can be favorite ones for
BS ASN-GW
3GPP IoT thanks to their compatibility and expandability. In particular, technologies such as CoAP and MQTT have unique
Physical Node BS RNC SGSN GGSN IETF Physical characteristics that make them suitable for small device connection to the Internet for data transfer. Hence, these two
are suggested as a communications protocol for various architectures.
<Figure 94> IoT standardization scope of each institute [10]
① CoAP
CoAP (Constrained Application Protocol) is a light way application layer protocol that was developed by the IETF
CORE working group for the machine to machine communications. Even though the protocol is supposed to use

146 TOPCIT ESSENCE M3 Network 147

TOPCIT ESSENCE Network

M3
the UDP transport layer (located above the IP layer), the design is independent from the lower layers and the MQTT is a model for flexible data transmission between multiple endpoints and multiple servers, which publish
protocol can be used in the network and transport layers. To reduce the load on the end point, binary encoding and subscribe topics. <Figure 96> describes how the information acquired from Arduino’s pressure sensor can be
was employed to make the message smaller and to make the encoding and decoding easier. delivered by publishing the ‘topic door open’ to access the control system, video management system, and building
energy management system and how the metadata topic generated from the camera’s image sensor can be
delivered to the other system by using MQTT.
Application Layer Application Protocols that are based on CoAP and HTTP are leading the trend in many standardization institutes, but still
CoRE WG there are architectures adopting MQTT and the REST protocol. Meanwhile, the OASIS is continuously updating the
Transport Layer CoAP REST
(TCP / UDP) standards for MQTT.
CoAP Transactions

16

16
Network Layer
(IPv4 / IPv6) IETF Standard <Table 80> MQTT vs. CoAP
UDP

Adaptation Layer 6LoWPAN WG Classification MQTT CoAP

Purpose Messaging protocol for IoT Messaging protocol for IoT

20

20
MAC
IEEE 802.15.4
PHY Topology N:M 1:1

Model Broker and multiple client Server-client

<Figure 95> Conceptual diagram for CoAP
Mechanism of
Publish and subscribe Request and response
Action
ht

ht
The reason CoAP is drawing an attention is because there are increasing number of cases where ZigBee and the
Information Event Status information
like are favored choices for the communications with the endpoints, rather than using fast and stable methods such
as the Ethernet or Wi-Fi. Protocol Mainly TCP Mainly UDP
rig

rig
Standards OASIS standards IETF CoRE standards
② MQTT
MQTT (Message Queue Telemetry Transport) is a “Publish-Subscribe” based light weight and low speed messaging
protocol which can be used on an unreliable and high latency networks.
py

py
05 Software Based Network
Access
Control Software Defined Network (SDN) and Network Function Virtualization (NFV) must be the two technologies that are
Co

Co
Subscribe :
System
Topic Open Door getting the hottest attention in the networking industry. In the past, a few hardware manufacturers dominated the
Camera
Publish : global market but it will be changed thanks to the openness and virtualization trend in networking. This means there
Image Subscribe :
Topic Intrusion image Meta data
Sensor Topic Intrusion image Meta data will be a growing market potential for 3rd party software/hardware companies. In Korea, a task for ‘research and
Subscribe : standardization of smart internet’ was launched in 2012 with a specific focus on the SDN and NFV. ETRI and many
Topic Intrusion image Meta data Video
MQTT Broker Management other participants are making efforts to enhance national technological capability in the SDN. TTA’s PG220 and the
ⓒ

ⓒ
Subscribe : System Smart Internet Technology Standardization Council are working hard to develop a Korean Standard and to make the
Topic Open Door
Korean Standard a part of the international standards.
Arduino
Publish :
Pressure
Topic Open Door
Sensor
Building
Subscribe : Energy Limitation of Conventional Communications Environment and Paradigm Shift
Topic Open Door Management
System
① Changes in traffic pattern
The existing applications generate a huge volume of traffic because they go through various application servers
<Figure 96> Use case of MQTT

148 TOPCIT ESSENCE M3 Network 149

TOPCIT ESSENCE Network

M3
and DBs before delivering the actual data to users. Such a limited client-server communications is now replaced
with the system-to-system access environment. APPLICATION LAYER

Business Applications
② Boom of virtualization technology
The number of servers connected to the network increased significantly because of virtualization technology, API API API
which fundamentally changed the existing assumption about the physical location of hosts.
CONTROL LAYER SDN
Control
③ Increasing complexity of network Software Network Services
The network structure is becoming more complex as a lot of computers rely on a set of discrete protocols.

16

16
Control Data Plane interface
(e.g,.OpenFlow)
④ Difficulty in network design and management
INFRASTRUCTURE LAYER
In the initial stage of network design, the oversubscription method has been used, considering various factors

20

20
such as traffic pattern and concurrency. However, the traffic pattern is dynamically changing these days, making it Network Device Network Device Network Device
more difficult to predict the traffic volume.
Network Device Network Device

⑤ Mounting reliance on hardware manufacturers

As the market is driven by major manufacturers, especially in the core networking, it is difficult to introduce a new
<Figure 97> SDN architecture [15]
service or technology.
ht

ht
③ OpenFlow technology
OpenFlow, as shown in <Figure 98>, separates the packet control functions from the transfer functions, and
SDN (Software Defined Network)
rig

SDN is a next generation technology that can handle the route configuration/control and complex operation of
networking with software programming. The SDN started to draw attention mainly because of the OpenFlow of ONF.
In addition, other international standardization institutes such as the IETF and the ITU-T started to develop standards
py
rig
controls networks based on programming. OpenFlow is composed of a Controller and a Switch, whereas the
controller gives an order to the switch, and the switch takes care of activities related to data flow such as packet
delivery or correction.

py
for the core technologies of SDN in earnest. Therefore, there is a severe competition among rival companies to
secure dominance in the SDN technology standards.
Controller
Co

Co
① Beginning of SDN
OpenFlow Protocol
SDN’s beginning goes back to Oct of 2010 when Stanford University hosted the ‘Open Network Summit’, an
expert conference on the SDN and OpenFlow. The SDN and OpenFlow can be defined as a technology that
enables programming-level configuration and manipulation of network just like any other computer program OpenFlow Group
Channel Table
works. This innovative communications technology is drawing a lot of attention. In March 2011, the Open
Networking Foundation (ONF) was established to facilitate the introduction and to develop standards of the SDN
ⓒ

ⓒ
and OpenFlow.
Flow … Flow
Table Table
② How SDN works? Pipeline

<Figure 97> shows how network programming is possible: the Control Plane (to tell the network what should
OpenFlow Switch
be moved to where) and the Data Plane (to send the packet to the destination) are separated. The foundation
for the SDN are switching devices which use the industry standard control protocols like the OpenFlow and is
<Figure 98> Main components of OpenFlow switch [16]
programmable though the SDN controller.

150 TOPCIT ESSENCE M3 Network 151

TOPCIT ESSENCE Network

④ How SDN is applied?
Existing network devices had control planes and data planes within a single box as shown in <Figure 99>.
However, a controller can work as a control plane for each of the physical devices and the physical device will
have a data plane only.
Here, the OpenFlow works as a standard of the interface technology for the SDN operation.
M3
NFV (Network Function Virtualization)
NFV is emerging as a buzz word thanks to the high interest from network operators. In addition, the NFV groups
are preparing a set of standards for communications service providers and hardware manufacturers, and they are
working on rounds of proof of concept to validate the feasibility of this technology.

① Beginning of NFV
With the rise of various services and increase in the network speed, current internet service providers face
Controller
serious issues about the hardware space and power supply. In addition, as the life cycle of network devices

16

16
becomes shorter, it has become more difficult to achieve return on investment in a sustainable way. Therefore, the
NFV was introduced to address these issues with virtualization technology.
Control Plane

20

20
Data Plane Data Plane ② Basic concept of NFV
Control Plane Control Plane NFV is running on the high-performance x86 platforms, and a user can activate network functions if and when
necessary. A VM (Virtual Machine) or Service Profile is created to realize the virtualization on the network by
Data Plane Data Plane Data Plane Data Plane using x86.

ht

ht
③ Structure of NFV architecture framework
<Figure 99> Network structure before/after SDN
As seen in <Table 81>, the NFV architecture framework is composed of three functional groups: VNF group, NFV
infrastructure, Management and Orchestration.
It means to remove a processing module out of a mid-large size router and to leave only switching functions as
rig

rig
shown in <Figure 100>, which means the router will simply operate, only following the order from the controller.
NFV Managament and Orchestration
Os-Ma
NFV
CSS/BSS Orchestrator
py

py
Removing
controllin plane Or-Vnfm
EM1 EM2 EM3
SWA-4 Ve-Vnfm Service, VNF and
VNF
Manager(s) Infrastructure
VNF1 Description
VNF2 SWA-1 VNF3 SWA-3
Co

Co
SWA-2
Vn-Nf
NFVI Vi-Vnfm

Virtual Virtual Virtual

Computing Storage Network

VirtualisatisationLayer Nf-Vi Virtualised Or-Vi

Infrastructure
VI-Ha SWA-5 Manager(s)
ⓒ

ⓒ
Hardware resources
Computing Storage Network
Hardware Hardware Hardware

<Figure 100> Removing controlling plane from mid-size router Execution reference points Other reference points Main NFV reference points

<Figure 101> NFV architecture framework (Five types of VNF interface) [17]

152 TOPCIT ESSENCE M3 Network 153

TOPCIT ESSENCE Network

M3
<Table 81> Components of the NFV architecture framework ① Relationship between NFV and SDN
Classification Details

•Virtual Network Functions

VNFs Creates
•Software implementations of network functions that can support various application programs competitive
supply of Creates network
Open Software abstractions to
innovative Defined
applications Innovation enable faster
Networks innovation
by third
•NFV Infrastructure parties
NFVI •Providing support for virtualization and VNF operation, and providing computing, storage, physical

16

16
hardware resources to support networking functions
Network Reduces CAPEX, OPEX, Space & Power
Functions Consumption
Virtualisation

Management &

20

20
•Hardware and software resource management, delivery, and VFN management.
Orchestration

<Figure 103> Relationship between NFV and SDN [18]

④ Example of NFV implementation

NFV literally means to achieve functions of networking devices through the virtualization, which also means NFV SDN can make a network virtualized in order to facilitate faster changes in the network and the NFV can save the
ht

ht
does not require a specific device. As shown in <Figure 102>, a generally used high-performance x 86 server CAPEX (Capital expenditures), OPEX (Operating expenditures), space, and resources. In addition, the SDN and the
platforms can be used for virtualizing the functions which used to be provided by networking devices. NFV are mutually complementary but can be implemented independently as well.
rig

rig
② Comparison of NFV and SDN

Virtual Network
Functions DPI Firewall PE Router UTM GG SN <Table 82> Comparison of NFV and SDN

Item SDN NFV

py

py
Software approach to realize network functions: Using VM (Virtual Machine) and high-performance
Purpose separation of control and data planes and centralized x86 servers to realize the functions used to be
network control provided by networking devices
Common Hardware Started from campus, data center, and cloud, but
Co

Co
(Servers & Switches) Started with a specific target: network devices of
User Base started to be used by telecommunications service
telecommunications service providers.
providers

<Figure 102> NFV implementation case Networking devices such as mid-large size routers Networking devices such as mid-large size routers
Target
and switches and switches

Router, firewall, gateway, CDN, WAN optimization,

ⓒ

ⓒ
Function Cloud orchestration and networking
SDN & NFV definite SLA

At the initial stage, the SDN was developed mainly by researchers and data center architects, and NFV was Protocol Mainly OpenFlow None
developed by the ISPs (Internet Service Provider). However, SDN and NFV are mutually complementary and it is a
trend that ISPs are utilizing these two technologies on their networks.
Leading
Open Networking Foundation (ONF) ETSI NFV Working Group
institute

154 TOPCIT ESSENCE M3 Network 155

TOPCIT ESSENCE Network

M3
Example Question

Question type

Short-answer question

Question

Please refer to the following images and explanations to answer the question.
1. What is the next generation networking technology that can handle the network routing configuration/

16

16
control and the complex operation activities with software programming?
2. What is the ONF (Open Networking Foundation)’s control data plane interface technology or protocol?
(Packet forwarding function and controller function of a networking device is separated into a standard

20

20
interface to grant openness.)

Controller

ht

ht
Control Plane

Data Plane Data Plane

Control Plane Control Plane
rig

rig
Data Plane Data Plane Data Plane Data Plane

• Existing network devices had control planes and data planes within a single box.
• However, a technology was commercialized recently, which can enable a centralized controller to work as
py

py
a control plane for each of the physical devices and the physical device will have a data plane function
only.

Intent of the question

Co

Co
To understand the up-to-date trend of networking

Answer and explanation

1. SDN (Software Defined Network)

2. OpenFlow
ⓒ

ⓒ
Related E-learning Contents
• Lecture 8 Multimedia Technology

156 TOPCIT ESSENCE M3 Network 157