DIPLOMA IN INFORMATION COMMUNICATION TECHNOLOGY

MODULE 3

DATA COMMUNICATION AND NETWORKS NOTES

MEANING OF COMPUTER NETWORK .................................................................................................................. 3

COMPONENTS OF A COMPUTER NETWORK ...................................................................................................... 3
TYPES OF COMPUTER NETWORK ....................................................................................................................... 4
Local Area Network (LAN) .................................................................................................................................... 4
Metropolitan Area Network (MAN) ...................................................................................................................... 5
Inter Network ........................................................................................................................................................ 7
client/server network ............................................................................................................................................ 7
peer-to-peer network ........................................................................................................................................... 7
ROLE OF COMPUTER NETWORKS ....................................................................................................................... 8
NETWORK MEDIA ................................................................................................................................................. 8
ELECTRICAL PROPERTIES OF MATTER .............................................................................................................. 8
Electrical Properties of Matter .............................................................................................................................. 8
IMPORTANCE OF DIFFERENT TRANSMISSION MEDIA ....................................................................................10
TYPES OF TRANSMISSION MEDIA .....................................................................................................................10
DATA COMMUNICATION .....................................................................................................................................18
PRINCIPLES OD DATA COMMUNICATION .........................................................................................................18
Components of data communication system.....................................................................................................18
TECHNIQUES IN DATA COMMUNICATION ........................................................................................................20
Serial and Parallel Transmission .................................................................................................................21
NETWORKING MODELS AND THEIR IMPORTANCE ..........................................................................................23
OSI NETWORK MODEL ........................................................................................................................................23
ETHERNET STANDARDS......................................................................................................................................40
Ethernet 10BASE5 ................................................................................................................................................41
Ethernet 10BASE2 ................................................................................................................................................43
Ethernet 10BASE2 ................................................................................................................................................46
Ethernet 10BASE-T...............................................................................................................................................47
Ethernet 10BASE-F ...............................................................................................................................................49
Ethernet 100BASE-T (Fast) Ethernet ..................................................................................................................51

Page 1 of 152
100BaseT4 ............................................................................................................................................................52
100BaseFX..............................................................................................................................................................52
Gigabit Ethernet .....................................................................................................................................................52
1000BaseX .............................................................................................................................................................53
10 Gigabit Ethernet ................................................................................................................................................55
10GBaseSR/SW ......................................................................................................................................................55
NETWORK COMPONENTS AS THEY MAP ON OSI MODEL ........................................................................................56
NETWORK CONNECTIONS AND PROTOCOL ............................................................................................................59
OTHER PROTOCOLS ................................................................................................................................................63
NETWORK CONNECTIVITY ......................................................................................................................................71
LOCAL AREA NETWORK (LAN) .................................................................................................................................71
LAN PROTOCOLS ....................................................................................................................................................71
WIDE AREA NETWORK............................................................................................................................................73
WAN PROTOCOLS...................................................................................................................................................73
ETHERNET TECHNOLOGY ........................................................................................................................................77
Ethernet Technologies Background ....................................................................................................................78
ETHERNET STANDARDS ..........................................................................................................................................82
NETWORK TROUBLESHOOTING ..............................................................................................................................87
methods of network troubleshooting .....................................................................................................................89
MORE NETWORK TROBLESHOOTING METHODS/TOOLS .........................................................................................91
NETWORK SECURITY ............................................................................................................................................104
SECURITY TECHNIQUES ........................................................................................................................................106
ENCRYPTION TECHNIQUES ...................................................................................................................................107
SECURITY THREATS AND OTHER VULNERABILITIES ...............................................................................................112
NETWORK DESIGN................................................................................................................................................119
COMPUTER DEVELOPMENT LIFE CYCLE ................................................................................................................122
HARDWARE AND SOFTWARE SELECTION CRITERIA ...............................................................................................124
TCP/IP PROTOCOLS ..............................................................................................................................................128
IP(INTERNET PROTOCOL) ......................................................................................................................................138
TYPES OF DATA FLOW/TRANSMISSION MODES IN COMPUTER NETWORKS ..........................................................141
COMMUNICATION SOFTWARE .............................................................................................................................142
TYPES OF COMMUNICATION SOFTWARE ..............................................................................................................143
Installing different types of network software ......................................................................................................147

Page 2 of 152
INTERNET .............................................................................................................................................................148
EMERGING TRENDS IN NETWORKING...................................................................................................................151

MEANING OF COMPUTER NETWORK

A computer network is a group of computer systems and other computing hardware devices that
are linked together through communication channels to facilitate communication and resource-
sharing among a wide range of users.

COMPONENTS OF A COMPUTER NETWORK

Computer networks share common devices, functions, and features including servers, clients,
transmission media, shared data, shared printers and other hardware and software resources,
network interface card(NIC), local operating system(LOS), and the network operating system
(NOS).
Servers - Servers are computers that hold shared files, programs, and the network operating
system. Servers provide access to network resources to all the users of the network. There are
many different kinds of servers, and one server can provide several functions. For example,
there are file servers, print servers, mail servers, communication servers, database servers, fax
servers and web servers, to name a few.
Clients - Clients are computers that access and use the network and shared network resources.
Client computers are basically the customers(users) of the network, as they request and receive
services from the servers.
Transmission Media - Transmission media are the facilities used to interconnect computers in a
network, such as twisted-pair wire, coaxial cable, and optical fiber cable. Transmission media are
sometimes called channels, links or lines.
Shared data - Shared data are data that file servers provide to clients such as data files, printer
access programs and e-mail.
Shared printers and other peripherals - Shared printers and peripherals are hardware resources
provided to the users of the network by servers. Resources provided include data files, printers,
software, or any other items used by clients on the network.
Network Interface Card - Each computer in a network has a special expansion card called a
network interface card (NIC). The NIC prepares(formats) and sends data, receives data, and
controls data flow between the computer and the network. On the transmit side, the NIC passes
frames of data on to the physical layer, which transmits the data to the physical link. On the
receiver's side, the NIC processes bits received from the physical layer and processes the
message based on its contents.
Local Operating System - A local operating system allows personal computers to access files,
print to a local printer, and have and use one or more disk and CD drives that are located on the
computer. Examples are MS-DOS, Unix, Linux, Windows 2000, Windows 98, Windows XP etc.
Network Operating System - The network operating system is a program that runs on
computers and servers, and allows the computers to communicate over the network.

Page 3 of 152
Hub - Hub is a device that splits a network connection into multiple computers. It is like a
distribution center. When a computer requests information from a network or a specific
computer, it sends the request to the hub through a cable. The hub will receive the request and
transmit it to the entire network. Each computer in the network should then figure out whether
the broadcast data is for them or not.
Switch - Switch is a telecommunication device grouped as one of computer network
components. Switch is like a Hub but built in with advanced features. It uses physical device
addresses in each incoming messages so that it can deliver the message to the right destination
or port.
Like a hub, switch doesn't broadcast the received message to entire network, rather before
sending it checks to which system or port should the message be sent. In other words, switch
connects the source and destination directly which increases the speed of the network. Both
switch and hub have common features: Multiple RJ-45 ports, power supply and connection
lights.
5. Router: When we talk about computer network components, the other device that used to
connect a LAN with an internet connection is called Router. When you have two distinct
networks (LANs) or want to share a single internet connection to multiple computers, we use a
Router. In most cases, recent routers also include a switch which in other words can be used as
a switch. You don’t need to buy both switch and router, particularly if you are installing small
business and home networks. There are two types of Router: wired and wireless. The choice
depends on your physical office/home setting, speed and cost.

TYPES OF COMPUTER NETWORK

Types of Communication Networks

Local Area Network (LAN)

It is also called LAN and designed for small physical areas such as an office, group of buildings
or a factory. LANs are used widely as it is easy to design and to troubleshoot. Personal
computers and workstations are connected to each other through LANs. We can use different
types of topologies through LAN, these are Star, Ring, Bus, Tree etc.
LAN can be a simple network like connecting two computers, to share files and network among
each other while it can also be as complex as interconnecting an entire building.

Page 4 of 152
LAN networks are also widely used to share resources like printers, shared hard-drive etc.

Applications of LAN

 One of the computer in a network can become a server serving all the remaining computers
called clients. Software can be stored on the server and it can be used by the remaining
clients.
 Connecting Locally all the workstations in a building to let them communicate with each
other locally without any internet access.
 Sharing common resources like printers etc are some common applications of LAN.

Metropolitan Area Network (MAN)

It is basically a bigger version of LAN. It is also called MAN and uses the similar technology as
LAN. It is designed to extend over the entire city. It can be means to connecting a number of
LANs into a larger network or it can be a single cable. It is mainly hold and operated by single
private company or a public company.

Page 5 of 152
 Wide Area
Network (WAN)
It is also called WAN. WAN can be private or it can be public leased network. It is used for the
network that covers large distance such as cover states of a country. It is not easy to design and
maintain. Communication medium used by WAN are PSTN or Satellite links. WAN operates on
low data rates.

Wireless
Network
It is the fastest growing segment of computer. They are becoming very important in our daily
life because wind connections are not possible in cars or aeroplane. We can access Internet at
any place avoiding wire related troubles.. These can be used also when the telephone systems
gets destroyed due to some calamity/disaster. WANs are really important now-a-days.

Page 6 of 152
 Inter Network
When we connect two or more networks then they are called internetwork or internet. We can
join two or more individual networks to form an internetwork through devices like routers
gateways or bridges.

client/server network
A computer network in which one centralized, powerful computer (called theserver) is a hub to
which many less powerful personal computers orworkstations (called clients) are connected. The
clients run programs andaccess data that are stored on the server.

peer-to-peer network

A network of personal computers, each of which acts as both client and sever, so that each can
exchange files and email directly with every other computer on the network. Each computer can
access any of the others, although access can be restricted to those files that a computer's user
chooses to make available. Peer-to-peer networks are less expensive than client/server networks
but less efficient when large amounts of data need to be exchanged.

Page 7 of 152
 ROLE OF COMPUTER NETWORKS
Computer networks allow the user to access remote programs and remote databases either of
the same organization or from other enterprises or public sources. Computer networks provide
communication possibilities faster than other facilities.

 cost reduction by sharing hard- and software resources

 high reliability by having multiple sources of supply
 cost reduction by downsizing to microcomputer-based networks instead of using
mainframes
 greater flexibility because of possibility to connect devices from various vendors

Practical:

Assembling network components

NETWORK MEDIA
Network media is the actual path over which an electrical signal travels as it moves from one
component to another. Network media refers exclusively to the communication channels used
to interconnect device (nodes) on a computer network or data communications network. Typical
examples of network media include copper Coaxial_cable, copper Twisted_pair cables and fibre
optic cables used in "wired" networks, and radio frequency waves used in wireless data
communications networks

ELECTRICAL PROPERTIES OF MATTER

Based on the OSI Model , the Pysical Layer is the one responsible for transfering data (text,
pictures, audio) between the source and the destination. Data that travels between the source
and the destination is represented by the presence of electrical pulse. It represented by an
electrical pulse if the media been is used is a wire, copper, or light pulses in in optical fibers.

In today network environment the most popular type of media is a type of cable composed by
copper and the type of signal that travels through this copper wire is a electrical signal.

Like any other element from the Periodic Table of Element Copper has it own properties:

The basic unit of all matter, including copper, in the universe is the atom. An atom is made of
threee tyny particles: Protons (particles positivelly charge) Neutrons (particles that have not
charge) Electrons (particles that a have a negative charge)
Electrical Properties of Matter

Page 8 of 152
Atoms normallly have a equal number of protons and electrons. Atoms bond together in different
combinations to form molecules of various types of matter.

The nucleus of a atom is bound together by a powerfull force. The electrons on the nucleus are
bound together with much weaker force. Since this force is much weaker certain electrons can
be pulled away and orbit around nearby atoms. This movement of electrons is definied
as Electrical Current

Explainning how the movement of one electron changes the molecules of the atom therefore
changing the nature of the matter (Atom) is out of scope for this Article. But we can tells you
that Atoms and molecules are classified as belonging to one of the threee groups:

1. Insulators
2. Conductors
3. Semiconductors.

Material Flow Examples

Plastic, paper, rubber, dry wood, air, pure water
Insulators Electrons flow poorly
and glass
Copper(CU), Silver(Ag), Gold(Au),Water with
Conductors Electrons flow well
ions and Human body
Electrons flow can be Sillicon (Si), Carbon, Germanium(Ge), Gallium
Semiconductors
controlled precisely Arsenide (GaAs)

Copper is an excellent Electrical conductor. But we need to measure the electricity that travels
through the wire to be able to used it. Electricity can be measure in numerous ways, AS shown
below

1. Voltage
2. Current
3. Resistance
4. Impedance
Voltage
Is the forced generated by the separation of an electron and proton. The forced created pulls
toward the opposite charge and pushes away from the like charge. The seperation of charges
results in voltage Voltage can be created by friction, by nagnetism or by solar energey.

Voltage is represented by the letter V and the Unit of measurement is is the volt. Two kinds of
voltage exits:

Page 9 of 152
 Direct-current (DC)
The movement of electrons in a DC circuit is always in the same direction, from negative to
positive. A battery is an example of a DC voltage.

 Alternative-current (AC)
In a circuit, the positive and negative terminals of the C volatage change to negative and
positive back and forth. This change makes the direction of electrons movements change, or
alternate, with respect of time.
Resistance and Impedence
Resistance is the property of a material that resists electron movement, Conductors have low
resistance and insulators have high resistance Resistance is represented by the letter R and the
unit of measurement is ohm.The term resistance is generally used when referring to DC circuits.
The resistance to the movement of electrons in an AC circuit is called Impidence. Impidence is
represented by the letter Z and the unit of measurement is the ohm.
Current
Electrical current is the flow of charges that is created when electrons move. Whe electrical
pressure (voltage) is applied and a path for the current exits, electrom move from the negative
terminal (which repels them), long the path, to the positive terminal (which attract them).
Current is represented the letter I. The unit of measurement for current is ampere and it is
represented by the letter A, or amp.
Amp
Is the number of charges per second that pass by a point along a path or in other words the
amount of electron traffic is flowing through a circuit.
Wattage
The combination of amperage(quantity of electrons past a given point) and voltage (pressure or
speed of electrons ) equals Wattage or electrical power. A watt (W)is the basic unit of electrical
power. Wattage equals voltages times amperage (W=V x I)
IMPORTANCE OF DIFFERENT TRANSMISSION MEDIA
Transmission media is the material pathway that connects computers, different kinds of devices
and people on a network. It can be compared to a superhighway carrying lots of information.
Transmission media uses cables or electromagnetic signals to transmit data.

TYPES OF TRANSMISSION MEDIA

Bounded/Guided Transmission Media

It is the transmission media in which signals are confined to a specific path using wire or cable.
The types of Bounded/ Guided are discussed below.
Page 10 of 152
Twisted Pair Cable
This cable is the most commonly used and is cheaper than others. It is lightweight, cheap, can
be installed easily, and they support many different types of network. Some important points :

 Its frequency range is 0 to 3.5 kHz.

 Typical attenuation is 0.2 dB/Km @ 1kHz.
 Typical delay is 50 µs/km.
 Repeater spacing is 2km.

Twisted Pair is of two types :

 Unshielded Twisted Pair (UTP)

 Shielded Twisted Pair (STP)

Unshielded Twisted Pair Cable

It is the most common type of telecommunication when compared with Shielded Twisted Pair
Cable which consists of two conductors usually copper, each with its own colour plastic insulator.
Identification is the reason behind coloured plastic insulation.
UTP cables consist of 2 or 4 pairs of twisted cable. Cable with 2 pair use RJ-11 connector and 4
pair cable use RJ-45 connector.

Advantages :

 Installation is easy
 Flexible
Page 11 of 152
 Cheap
 It has high speed capacity,
 100 meter limit
 Higher grades of UTP are used in LAN technologies like Ethernet.

It consists of two insulating copper wires (1mm thick). The wires are twisted together in a helical
form to reduce electrical interference from similar pair.
Disadvantages :

 Bandwidth is low when compared with Coaxial Cable

 Provides less protection from interference.

Shielded Twisted Pair Cable

This cable has a metal foil or braided-mesh covering which encases each pair of insulated
conductors. Electromagnetic noise penetration is prevented by metal casing. Shielding also
eliminates crosstalk (explained in KEY TERMS Chapter).
It has same attenuation as unshielded twisted pair. It is faster the unshielded and coaxial cable.
It is more expensive than coaxial and unshielded twisted pair.

Advantages :

 Easy to install
 Performance is adequate
 Can be used for Analog or Digital transmission
 Increases the signalling rate
Page 12 of 152
 Higher capacity than unshielded twisted pair
 Eliminates crosstalk

Disadvantages :

 Difficult to manufacture
 Heavy

Coaxial Cable
Coaxial is called by this name because it contains two conductors that are parallel to each other.
Copper is used in this as centre conductor which can be a solid wire or a standard one. It is
surrounded by PVC installation, a sheath which is encased in an outer conductor of metal foil,
barid or both.
Outer metallic wrapping is used as a shield against noise and as the second conductor which
completes the circuit. The outer conductor is also encased in an insulating sheath. The
outermost part is the plastic cover which protects the whole cable.
Here the most common coaxial standards.

 50-Ohm RG-7 or RG-11 : used with thick Ethernet.

 50-Ohm RG-58 : used with thin Ethernet
 75-Ohm RG-59 : used with cable television
 93-Ohm RG-62 : used with ARCNET.

Page 13 of 152
There are two types of Coaxial cables :
BaseBand
This is a 50 ohm (Ω) coaxial cable which is used for digital transmission. It is mostly used for
LAN’s. Baseband transmits a single signal at a time with very high speed. The major drawback is
that it needs amplification after every 1000 feet.
BroadBand
This uses analog transmission on standard cable television cabling. It transmits several
simultaneous signal using different frequencies. It covers large area when compared with
Baseband Coaxial Cable.
Advantages :

 Bandwidth is high
 Used in long distance telephone lines.
 Transmits digital signals at a very high rate of 10Mbps.
 Much higher noise immunity
 Data transmission without distortion.
 The can span to longer distance at higher speeds as they have better shielding when
compared to twisted pair cable

Disadvantages :

Page 14 of 152
 Single cable failure can fail the entire network.
 Difficult to install and expensive when compared with twisted pair.
 If the shield is imperfect, it can lead to grounded loop.

Fiber Optic Cable

These are similar to coaxial cable. It uses electric signals to transmit data. At the centre is the
glass core through which light propagates.
In multimode fibres, the core is 50microns, and In single mode fibres, the thickness is 8 to 10
microns.
The core in fiber optic cable is surrounded by glass cladding with lower index of refraction as
compared to core to keep all the light in core. This is covered with a thin plastic jacket to protect
the cladding. The fibers are grouped together in bundles protected by an outer shield.
Fiber optic cable has bandwidth more than 2 gbps (Gigabytes per Second)

Advantages :

 Provides high quality transmission of signals at very high speed.

 These are not affected by electromagnetic interference, so noise and distortion is very less.
 Used for both analog and digital signals.

Disadvantages :

 It is expensive
 Difficult to install.
 Maintenance is expensive and difficult.
 Do not allow complete routing of light signals.

Page 15 of 152
UnBounded/UnGuided Transmission Media
Unguided or wireless media sends the data through air (or water), which is available to anyone
who has a device capable of receiving them. Types of unguided/ unbounded media are
discussed below :

 Radio Transmission
 MicroWave Transmission

Radio Transmission
Its frequency is between 10 kHz to 1GHz. It is simple to install and has high attenuation. These
waves are used for multicast communications.
Types of Propogation
Radio Transmission utilizes different types of propogation :

 Troposphere : The lowest portion of earth’s atmosphere extending outward approximately

30 miles from the earth’s surface. Clouds, jet planes, wind is found here.
 Ionosphere : The layer of the atmosphere above troposphere, but below space. Contains
electrically charged particles.

Microwave Transmission
It travels at high frequency than the radio waves. It requires the sender to be inside of the
receiver. It operates in a system with a low gigahertz range. It is mostly used for unicast
communication.
There are 2 types of Microwave Transmission :

1. Terrestrial Microwave
2. Satellite Microwave

Advantages of Microwave Transmission

 Used for long distance telephone communication

 Carries 1000’s of voice channels at the same time

Disadvantages of Microwave Transmission

Page 16 of 152
 It is Very costly

Terrestrial Microwave

For increasing the distance served by terrestrial microwave, repeaters can be installed with each
antenna .The signal received by an antenna can be converted into transmittable form and
relayed to next antenna as shown in below figure. It is an example of telephone systems all over
the world

There are two types of antennas used for terrestrial microwave communication :
1. Parabolic Dish Antenna
In this every line parallel to the line of symmetry reflects off the curve at angles in a way that
they intersect at a common point called focus. This antenna is based on geometry of parabola.
2. Horn Antenna
It is a like gigantic scoop. The outgoing transmissions are broadcast up a stem and deflected
outward in a series of narrow parallel beams by curved head.

Satellite Microwave
This is a microwave relay station which is placed in outer space. The satellites are launched
either by rockets or space shuttles carry them.
These are positioned 3600KM above the equator with an orbit speed that exactly matches the
rotation speed of the earth. As the satellite is positioned in a geo-synchronous orbit, it is
stationery relative to earth and always stays over the same point on the ground. This is usually
done to allow ground stations to aim antenna at a fixed point in the sky.
Features of Satellite Microwave :

 Bandwidth capacity depends on the frequency used.

 Satellite microwave deployment for orbiting satellite is difficult.

Advantages of Satellite Microwave :

 Transmitting station can receive back its own transmission and check whether the satellite
has transmitted information correctly.
 A single microwave relay station which is visible from any point.

Disadvantages of Satellite Microwave :

Page 17 of 152
 Satellite manufacturing cost is very high
 Cost of launching satellite is very expensive
 Transmission highly depends on whether conditions, it can go down in bad weather

DATA COMMUNICATION
Data communication refers to the exchange of data between a source and a receiver. Data
communication is said to be local if communicating devices are in the same building or a
similarly restricted geographical area. The meanings of source and receiver are very simple. The
device that transmits the data is known as source and the device that receives the transmitted
data is known as receiver. Data communication aims at the transfer of data and maintenance of
the data during the process but not the actual generation of the information at the source and
receiver.

PRINCIPLES OD DATA COMMUNICATION

Data can exist in a variety of forms such as numbers, text, bits and bytes. The Figure is an
illustration of a simple data communication system.

A data communication system may collect data from remote locations through data transmission
circuits, and then outputs processed results to remote locations. Figure provides a broader view
of data communication networks. The different data communication techniques which are
presently in widespread use evolved gradually either to improve the data communication
techniques already existing or to replace the same with better options and features. Then, there
are data communication jargons to contend with such as baud rate, modems, routers, LAN,
WAN, TCP/IP, ISDN, during the selection of communication systems. Hence, it becomes
necessary to review and understand these terms and gradual development of data
communication methods.
Components of data communication system
A Communication system has following components:
1. Message: It is the information or data to be communicated. It can consist of text, numbers,
pictures, sound or video or any combination of these.
2. Sender: It is the device/computer that generates and sends that message.
3. Receiver: It is the device or computer that receives the message. The location of receiver
computer is generally different from the sender computer. The distance between sender and
receiver depends upon the types of network used in between.

Page 18 of 152
4. Medium: It is the channel or physical path through which the message is carried from sender
to the receiver. The medium can be wired like twisted pair wire, coaxial cable, fiber-optic cable
or wireless like laser, radio waves, and microwaves.
5. Protocol: It is a set of rules that govern the communication between the devices. Both
sender and receiver follow same protocols to communicate with each other.

A protocol performs the following functions:

. Data sequencing. It refers to breaking a long message into smaller packets of fixed size.
Data sequencing rules define the method of numbering packets to detect loss or duplication of
packets, and to correctly identify packets, which belong to same message.
2. Data routing. Data routing defines the most efficient path between the source and
destination.
3. Data formatting. Data formatting rules define which group of bits or characters within
packet constitute data, control, addressing, or other information.
4. Flow control. A communication protocol also prevents a fast sender from overwhelming a
slow receiver. It ensures resource sharing and protection against traffic congestion by regulating
the flow of data on communication lines.
5. Error control. These rules are designed to detect errors in messages and to ensure
transmission of correct messages. The most common method is to retransmit erroneous
message block. In such a case, a block having error is discarded by the receiver and is
retransmitted by the sender.
6. Precedence and order of transmission. These rules ensure that all the nodes get a
chance to use the communication lines and other resources of the network based on the
priorities assigned to them.
7. Connection establishment and termination. These rules define how connections are
established, maintained and terminated when two nodes of a network want to communicate
with each other.

Page 19 of 152
8. Data security. Providing data security and privacy is also built into most communication
software packages. It prevents access of data by unauthorized users.
9. Log information. Several communication software are designed to develop log information,
which consists of all jobs and data communications tasks that have taken place. Such
information may be used for charging the users of the network based on their usage of the
network resource

TECHNIQUES IN DATA COMMUNICATION

Asynchronous and Synchronous Transmission

With asynchronous transmission signal timing is not required; signals are sent in an agreed
pattern of bits and if both ends are agreed on the pattern then communication can take place.

Bits are grouped together and consist of both data and control bits. If the signal is not
synchronised the receiver will not be able to distinguish when the next group of bits will arrive.
To overcome this the data is preceded by a start bit, usually binary 0, the byte is then sent and
a stop bit or bits are added to the end. Each byte to be sent now incorporates extra control data.
In addition to the control data small gaps are inserted between each chunk to distinguish each
group.In asynchronous transmission each bit remains timed in the usual way. Therefore, at bit
level the transmission is still synchronous (timed). However, the asynchronous transmission is
applied at byte level, once the receiver realises that there is a chunk of incoming data timing
(synchronisation) takes place for the chunk of data.

Asynchronous transmission is relatively slow due to the increased number of bits and gaps. It is
a cheap and effective form of serial transmission and is particularly suited for low speed
connections such as keyboard and mouse.

One example of asynchronous transfer is Asynchronous Transfer Mode (ATM) switching. ATM
allows voice, data and video to be transmitted in fixed length cells of 53 bytes.

Page 20 of 152
Synchronous Transmission

Synchronous transmission sends data as one long bit stream or block of data. There are no gaps
in transmission; each bit is sent one after the other. The receiver counts the bits and
reconstructs bytes. It is essential that timing is maintained as there are no start and stop bits
and no gaps. Accuracy is dependent on the receiver keeping an accurate count of the bits as
they come in.

Synchronous transmission is faster than asynchronous because fewer bits have to be

transmitted; ie: only data bits and no extra control bits. For this reason it is the choice for
network communications links.

Serial and Parallel Transmission

Digital data transmission can occur in two basic modes: serial or parallel. Data within a computer
system is transmitted via parallel mode on buses with the width of the parallel bus matched to
the word size of the computer system. Data between computer systems is usually transmitted in
bit serial mode . Consequently, it is necessary to make a parallel-to-serial conversion at a
computer interface when sending data from a computer system into a network and a serial-to-
parallel conversion at a computer interface when receiving information from a network. The type
of transmission mode used may also depend upon distance and required data rate.

Parallel Transmission

In parallel transmission, multiple bits (usually 8 bits or a byte/character) are sent simultaneously
on different channels (wires, frequency channels) within the same cable, or radio path, and
synchronized to a clock. Parallel devices have a wider data bus than serial devices and can
therefore transfer data in words of one or more bytes at a time. As a result, there is a speedup
in parallel transmission bit rate over serial transmission bit rate. However, this speedup is a
tradeoff versus cost since multiple wires cost more than a single wire, and as a parallel cable
gets longer, the synchronization timing between multiple channels becomes more sensitive to
distance. The timing for parallel transmission is provided by a constant clocking signal sent over
a separate wire within the parallel cable; thus parallel transmission is considered synchronous .

Serial Transmission

In serial transmission, bits are sent sequentially on the same channel (wire) which reduces
costs for wire but also slows the speed of transmission. Also, for serial transmission, some
overhead time is needed since bits must be assembled and sent as a unit and then disassembled
at the receiver.

Serial transmission can be either synchronous or asynchronous . In synchronous transmission,

groups of bits are combined into frames and frames are sent continuously with or without data
to be transmitted. In asynchronous transmission, groups of bits are sent as independent units
with start/stop flags and no data link synchronization, to allow for arbitrary size gaps between
frames. However, start/stop bits maintain physical bit level synchronization once detected.

Page 21 of 152
Applications

Serial transmission is between two computers or from a computer to an external device located
some distance away. Parallel transmission either takes place within a computer system (on a
computer bus) or to an external device located a close distance away.

A special computer chip known as a universal asynchronous receiver transmitter (UART) acts as
the interface between the parallel transmission of the computer bus and the serial transmission
of the serial port. UARTs differ in performance capabilities based on the amount of on-chip
memory they possess.

Examples

Examples of parallel mode transmission include connections between a computer and a printer
(parallel printer port and cable). Most printers are within 6 meters or 20 feet of the transmitting
computer and the slight cost for extra wires is offset by the added speed gained through parallel
transmission of data.

Examples of serial mode transmission include connections between a computer and a modem
using the RS-232 protocol . Although an RS-232 cable can theoretically accommodate 25 wires,
all but two of these wires are for overhead control signaling and not data transmission; the two
data wires perform simple serial transmission in either direction. In this case, a computer may
not be close to a modem, making the cost of parallel transmission prohibitive—thus speed of
transmission may be considered less important than the economical advantage of serial
transmission.

Tradeoffs

Serial transmission via RS-232 is officially limited to 20 Kbps for a distance of 15 meters or 50
feet. Depending on the type of media used and the amount of external interference present, RS-
232 can be transmitted at higher speeds, or over greater distances, or both. Parallel
transmission has similar distance-versus-speed tradeoffs, as well as a clocking threshold
distance. Techniques to increase the performance of serial and parallel transmission (longer
distance for same speed or higher speed for same distance) include using better transmission
media, such as fiber optics or conditioned cables, implementing repeaters, or using
shielded/multiple wires for noise immunity.

Technology

To resolve the speed and distance limitations of serial transmission via RS-232, several other
serial transmission standards have been developed including RS-449, V.35, Universal Serial Bus
(USB), and IEEE-1394 (Firewire). Each of these standards has different electrical, mechanical,
functional, and procedural characteristics. The electrical characteristics define voltage levels and
timing of voltage level changes. Mechanical characteristics define the actual connector shape
and number of wires. Common mechanical interface standards associated with parallel
transmission are the DB-25 and Centronics connectors. The Centronics connector is a 36-pin
parallel interface that also defines electrical signaling. Functional characteristics specify the
Page 22 of 152
operations performed by each pin in a connector; these can be classified into the broad
categories of data, control, timing, and electrical ground. The procedural characteristics or
protocol define the sequence of operations performed by pins in the connector.

NETWORKING MODELS AND THEIR IMPORTANCE

Network models define a set of network layers and how they interact. There are several different
network models depending on what organization or company started them. Network standards
are like laws: They regulate how different networks talk with each other. Network models, on
the other hand, provide the guiding principles for the development of these network standards
and for the implementation of these networks. The most important two are:

 The TCP/IP Model - This model is sometimes called the DOD model since it was
designed for the department of defense It is also called the internet model because
TCP/IP is the protocol used on the internet.
 OSI Network Model - The International Standards Organization (ISO) has defined a
standard called the Open Systems Interconnection (OSI) reference model. This is a seven
layer architecture listed in the next section.

OSI NETWORK MODEL

The ISO-OSI model is a seven layer architecture. It defines seven layers or levels in a complete
communication system.

Page 23 of 152
Feature of OSI Model :

1. Big picture of communication over network is understandable through this OSI model.
2. We see how hardware and software work together.
3. We can understand new technologies as they are developed.
4. Troubleshooting is easier by separate networks.
5. Can be used to compare basic functional relationships on different networks.

Page 24 of 152
 The layers are stacked this way:

Application

 Presentation
 Session
 Transport
 Network
 Data Link
 Physical

PHYSICAL LAYER

The physical layer, the lowest layer of the OSI model, is concerned with the transmission and
reception of the unstructured raw bit stream over a physical medium. It describes the
electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the
signals for all of the higher layers. It provides:

 Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better
accommodate the characteristics of the physical medium, and to aid in bit and frame
synchronization. It determines:
 What signal state represents a binary 1
 How the receiving station knows when a "bit-time" starts
 How the receiving station delimits a frame
 Physical medium attachment, accommodating various possibilities in the medium:
 Will an external transceiver (MAU) be used to connect to the medium?
 How many pins do the connectors have and what is each pin used for?
 Transmission technique: determines whether the encoded bits will be transmitted by baseband
(digital) or broadband (analog) signaling.
 Physical medium transmission: transmits bits as electrical or optical signals appropriate for the
physical medium, and determines:
 What physical medium options can be used
 How many volts/db should be used to represent a given signal state, using a given physical
medium

DATA LINK LAYER

Page 25 of 152
 The data link layer provides error-free transfer of data frames from one node to another over
the physical layer, allowing layers above it to assume virtually error-free transmission over the
link. To do this, the data link layer provides:

 Link establishment and termination: establishes and terminates the logical link between two
nodes.
 Frame traffic control: tells the transmitting node to "back-off" when no frame buffers are
available.
 Frame sequencing: transmits/receives frames sequentially.
 Frame acknowledgment: provides/expects frame acknowledgments. Detects and recovers from
errors that occur in the physical layer by retransmitting non-acknowledged frames and handling
duplicate frame receipt.
 Frame delimiting: creates and recognizes frame boundaries.
 Frame error checking: checks received frames for integrity.
 Media access management: determines when the node "has the right" to use the physical
medium.

NETWORK LAYER

The network layer controls the operation of the subnet, deciding which physical path the data
should take based on network conditions, priority of service, and other factors. It provides:

 Routing: routes frames among networks.

 Subnet traffic control: routers (network layer intermediate systems) can instruct a sending
station to "throttle back" its frame transmission when the router's buffer fills up.
 Frame fragmentation: if it determines that a downstream router's maximum transmission unit
(MTU) size is less than the frame size, a router can fragment a frame for transmission and re-
assembly at the destination station.
 Logical-physical address mapping: translates logical addresses, or names, into physical
addresses.
 Subnet usage accounting: has accounting functions to keep track of frames forwarded by subnet
intermediate systems, to produce billing information.

Communications Subnet

The network layer software must build headers so that the network layer software residing in
the subnet intermediate systems can recognize them and use them to route data to the
destination address.

Page 26 of 152
 This layer relieves the upper layers of the need to know anything about the data transmission
and intermediate switching technologies used to connect systems. It establishes, maintains and
terminates connections across the intervening communications facility (one or several
intermediate systems in the communication subnet).

In the network layer and the layers below, peer protocols exist between a node and its
immediate neighbor, but the neighbor may be a node through which data is routed, not the
destination station. The source and destination stations may be separated by many intermediate
systems.

TRANSPORT LAYER

The transport layer ensures that messages are delivered error-free, in sequence, and with no
losses or duplications. It relieves the higher layer protocols from any concern with the transfer of
data between them and their peers.

The size and complexity of a transport protocol depends on the type of service it can get from
the network layer. For a reliable network layer with virtual circuit capability, a minimal transport
layer is required. If the network layer is unreliable and/or only supports datagrams, the transport
protocol should include extensive error detection and recovery.

The transport layer provides:

Message segmentation: accepts a message from the (session) layer above it, splits the message
into smaller units (if not already small enough), and passes the smaller units down to the
network layer. The transport layer at the destination station reassembles the message.

 Message acknowledgment: provides reliable end-to-end message delivery with

acknowledgments.
 Message traffic control: tells the transmitting station to "back-off" when no message buffers are
available.
 Session multiplexing: multiplexes several message streams, or sessions onto one logical link and
keeps track of which messages belong to which sessions (see session layer).
Typically, the transport layer can accept relatively large messages, but there are strict message
size limits imposed by the network (or lower) layer. Consequently, the transport layer must
break up the messages into smaller units, or frames, prepending a header to each frame.

The transport layer header information must then include control information, such as message
start and message end flags, to enable the transport layer on the other end to recognize
message boundaries. In addition, if the lower layers do not maintain sequence, the transport
header must contain sequence information to enable the transport layer on the receiving end to
get the pieces back together in the right order before handing the received message up to the
layer above.

Page 27 of 152
 End-to-end layers
Unlike the lower "subnet" layers whose protocol is between immediately adjacent nodes, the
transport layer and the layers above are true "source to destination" or end-to-end layers, and
are not concerned with the details of the underlying communications facility. Transport layer
software (and software above it) on the source station carries on a conversation with similar
software on the destination station by using message headers and control messages.

SESSION LAYER

The session layer allows session establishment between processes running on different stations.
It provides:

 Session establishment, maintenance and termination: allows two application processes on

different machines to establish, use and terminate a connection, called a session.
 Session support: performs the functions that allow these processes to communicate over the
network, performing security, name recognition, logging, and so on.

PRESENTATION LAYER

The presentation layer formats the data to be presented to the application layer. It can be
viewed as the translator for the network. This layer may translate data from a format used by
the application layer into a common format at the sending station, then translate the common
format to a format known to the application layer at the receiving station.

The presentation layer provides:

 Character code translation: for example, ASCII to EBCDIC.

 Data conversion: bit order, CR-CR/LF, integer-floating point, and so on.
 Data compression: reduces the number of bits that need to be transmitted on the network.
 Data encryption: encrypt data for security purposes. For example, password encryption.

APPLICATION LAYER
The application layer serves as the window for users and application processes to access
network services. This layer contains a variety of commonly needed functions:

 Resource sharing and device redirection

 Remote file access
 Remote printer access

Page 28 of 152
 Inter-process communication
 Network management
 Directory services
 Electronic messaging (such as mail)
 Network virtual terminals

Merits of OSI reference model:

1. OSI model distinguishes well between the services, interfaces and protocols.
2. Protocols of OSI model are very well hidden.
3. Protocols can be replaced by new protocols as technology changes.
4. Supports connection oriented services as well as connectionless service.

Demerits of OSI reference model:

1. Model was devised before the invention of protocols.

2. Fitting of protocols is tedious task.
3. It is just used as a reference model.

2.TCP/IP MODEL

ike OSI network model, TCP/IP also has a network model. TCP/IP was on the path of
development when the OSI standard was published and there was interaction between the
designers of OSI and TCP/IP standards. The TCP/IP model is not same as OSI model. OSI is a
seven-layered standard, but TCP/IP is a four layered standard. The OSI model has been very
influential in the growth and development of TCP/IP standard, and that is why much OSI
terminology is applied to TCP/IP. The following figure compares the TCP/IP and OSI network
models.

Page 29 of 152
Comparison between seven layer OSI and four layer TCP/IP Models

As we can see from the above figure, presentation and session layers are not there in TCP/IP
model. Also note that the Network Access Layer in TCP/IP model combines the functions of
Datalink Layer and Physical Layer.

Layer 4. Application Layer

Application layer is the top most layer of four layer TCP/IP model. Application layer is present on
the top of the Transport layer. Application layer defines TCP/IP application protocols and how
host programs interface with Transport layer services to use the network.

Application layer includes all the higher-level protocols like DNS (Domain Naming System), HTTP
(Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP (Trivial File
Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP (Simple Mail Transfer
Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows, RDP (Remote Desktop
Protocol) etc.

Layer 3. Transport Layer

Transport Layer is the third layer of the four layer TCP/IP model. The position of the Transport
layer is between Application layer and Internet layer. The purpose of Transport layer is to permit
devices on the source and destination hosts to carry on a conversation. Transport layer defines
the level of service and status of the connection used when transporting data.

The main protocols included at Transport layer are TCP (Transmission Control Protocol) and UDP
(User Datagram Protocol).

Layer 2. Internet Layer

Page 30 of 152
Internet Layer is the second layer of the four layer TCP/IP model. The position of Internet
layer is between Network Access Layer and Transport layer. Internet layer pack data into data
packets known as IP datagrams, which contain source and destination address (logical address
or IP address) information that is used to forward the datagrams between hosts and across
networks. The Internet layer is also responsible for routing of IP datagrams.

Packet switching network depends upon a connectionless internetwork layer. This layer is known
as Internet layer. Its job is to allow hosts to insert packets into any network and have them to
deliver independently to the destination. At the destination side data packets may appear in a
different order than they were sent. It is the job of the higher layers to rearrange them in order
to deliver them to proper network applications operating at the Application layer.

The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet Control
Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address Resolution
Protocol) and IGMP (Internet Group Management Protocol).

Layer 1. Network Access Layer

Network Access Layer is the first layer of the four layer TCP/IP model. Network Access
Layer defines details of how data is physically sent through the network, including how bits are
electrically or optically signaled by hardware devices that interface directly with a network
medium, such as coaxial cable, optical fiber, or twisted pair copper wire.

The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25, Frame
Relay etc.

The most popular LAN architecture among those listed above is Ethernet. Ethernet uses
an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to access
the media, when Ethernet operates in a shared media. An Access Method determines how a host
will place data on the medium.

IN CSMA/CD Access Method, every host has equal access to the medium and can place data on
the wire when the wire is free from network traffic. When a host wants to place data on the
wire, it will check the wire to find whether another host is already using the medium. If there is
traffic already in the medium, the host will wait and if there is no traffic, it will place the data in
the medium. But, if two systems place data on the medium at the same instance, they will
collide with each other, destroying the data. If the data is destroyed during transmission, the
data will need to be retransmitted. After collision, each host will wait for a small interval of time
and again the data will be retransmitted.

Overview of TCP/IP reference model

TCP/IP that is Transmission Control Protocol and Internet Protocol was developed by
Department of Defence's Project Research Agency (ARPA, later DARPA) as a part of a research
project of network interconnection to connect remote machines.
The features that stood out during the research, which led to making the TCP/IP reference
model were:
Page 31 of 152
 Support for a flexible architecture. Adding more machines to a network was easy.
 The network was robust, and connections remained intact untill the source and destination
machines were functioning.

The overall idea was to allow one application on one computer to talk to(send data packets)
another application running on different computer.

Overview description of different tcp/ip protocols

Layer 1: Host-to-network Layer

1. Lowest layer of the all.

2. Protocol is used to connect to the host, so that the packets can be sent over it.
3. Varies from host to host and network to network.

Layer 2: Internet layer

1. Selection of a packet switching network which is based on a connectionless internetwork

layer is called a internet layer.
2. It is the layer which holds the whole architecture together.
3. It helps the packet to travel independently to the destination.
4. Order in which packets are received is different from the way they are sent.
5. IP (Internet Protocol) is used in this layer.

Layer 3: Transport Layer

1. It decides if data transmission should be on parallel path or single path.

2. Functions such as multiplexing, segmenting or splitting on the data is done by transport
layer.
3. The applications can read and write to the transport layer.
4. Transport layer adds header information to the data.
5. Transport layer breaks the message (data) into small units so that they are handled more
efficiently by the network layer.
6. Transport layer also arrange the packets to be sent, in sequence.

Page 32 of 152
Layer 4: Application Layer
The TCP/IP specifications described a lot of applications that were at the top of the protocol
stack. Some of them were TELNET, FTP, SMTP, DNS etc.

1. TELNET is a two-way communication protocol which allows connecting to a remote machine

and run applications on it.
2. FTP(File Transfer Protocol) is a protocol, that allows File transfer amongst computer users
connected over a network. It is reliable, simple and efficient.
3. SMTP(Simple Mail Transport Protocol) is a protocol, which is used to transport electronic mail
between a source and destination, directed via a route.
4. DNS(Domain Name Server) resolves an IP address into a textual address for Hosts connected
over a network.

Merits of TCP/IP model

1. It operated independently.
2. It is scalable.
3. Client/server architecture.
4. Supports a number of routing protocols.
5. Can be used to establish a connection between two computers.

Demerits of TCP/IP

1. In this, the transport layer does not guarantee delivery of packets.

2. The model cannot be used in any other application.
3. Replacing protocol is not easy.
4. It has not clearly separated its services, interfaces and protocols

3.802 IEEE PROJECT MODEL

The IEEE 802 Standard comprises a family of networking standards that cover the physical layer
specifications of technologies from Ethernet to wireless. IEEE 802 is subdivided into 22 parts that
cover the physical and data-link aspects of networking. The better known specifications (bold in
table below) include 802.3 Ethernet, 802.11 Wi-Fi, 802.15 Bluetooth/ZigBee, and 802.16. IEEE
802 is a family of IEEE standards dealing with local area networks and metropolitan area
Page 33 of 152
networks. All the 802.11 specifications use the Ethernet protocol and Carrier Sense Multiple
Access with Collision Avoidance (CSMA/CA) for path sharing. The original modulation used in
802.11 was phase-shift keying (PSK). However, other schemes, such as complementary code
keying (CCK), are used in some of the newer specifications. The newer modulation methods
provide higher data speed and reduced vulnerability to interference.

802 Overview Basics of physical and logical networking

concepts.

802.1 Bridging LAN/MAN bridging and management. Covers

management and the lower sub-layers of OSI Layer 2,
including MAC-based bridging (Media Access Control),
virtual LANs and port-based access control.

802.2 Logical Link Commonly referred to as the LLC or Logical Link Control
specification. The LLC is the top sub-layer in the data-
link layer, OSI Layer 2. Interfaces with the network
Layer 3.

802.3 Ethernet "Grandaddy" of the 802 specifications. Provides

asynchronous networking using "carrier sense, multiple
access with collision detect" (CSMA/CD) over coax,
twisted-pair copper, and fiber media. Current speeds
range from 10 Mbps to 10 Gbps.

802.4 Token Bus Disbanded

802.5 Token Ring The original token-passing standard for twisted-pair,

shielded copper cables. Supports copper and fiber
cabling from 4 Mbps to 100 Mbps. Often called "IBM
Token-Ring."

Page 34 of 152
802.6 Distributed "Superseded **Revision of 802.1D-1990 edition
queue dual bus (ISO/IEC 10038). 802.1D incorporates P802.1p and
(DQDB) P802.12e. It also incorporates and supersedes published
standards 802.1j and 802.6k. Superseded by 802.1D-
2004."

802.7 Broadband LAN Withdrawn Standard. Withdrawn Date: Feb 07, 2003.
Practices No longer endorsed by the IEEE.

802.8 Fiber Optic Withdrawn PAR. Standards project no longer endorsed

Practices by the IEEE.

802.9 Integrated Withdrawn PAR. Standards project no longer endorsed

Services LAN by the IEEE.

802.10 Interoperable Superseded **Contains: IEEE Std 802.10b-1992.

LAN security

802.11 Wi-Fi Wireless LAN Media Access Control and Physical Layer
specification. 802.11a,b,g,etc. are amendments to the
original 802.11 standard. Products that implement
802.11 standards must pass tests and are referred to as
"Wi-Fi certified."

802.11a
 Specifies a PHY that operates in the 5 GHz U-NII
band in the US - initially 5.15-5.35 AND 5.725-5.85 -
since expanded to additional frequencies

 Uses Orthogonal Frequency-Division Multiplexing

 Enhanced data speed to 54 Mbps

Page 35 of 152
  Ratified after 802.11b

802.11b
 Enhancement to 802.11 that added higher data rate
modes to the DSSS (Direct Sequence Spread
Spectrum) already defined in the original 802.11
standard

 Boosted data speed to 11 Mbps

 22 MHz Bandwidth yields 3 non-overlaping channels

in the frequency range of 2.400 GHz to 2.4835 GHz

 Beacons at 1 Mbps, falls back to 5.5, 2, or 1 Mbps

from 11 Mbps max.

802.11d
 Enhancement to 802.11a and 802.11b that allows
for global roaming

 Particulars can be set at Media Access Control (MAC)

layer

802.11e
 Enhancement to 802.11 that includes quality of
service (QoS) features

 Facilitates prioritization of data, voice, and video

transmissions

802.11g
 Extends the maximum data rate of WLAN devices
that operate in the 2.4 GHz band, in a fashion that
permits interoperation with 802.11b devices

 Uses OFDM Modulation (Orthogonal FDM)

 Operates at up to 54 megabits per second (Mbps),

Page 36 of 152
 with fall-back speeds that include the "b" speeds

802.11h
 Enhancement to 802.11a that resolves interference
issues

 Dynamic frequency selection (DFS)

 Transmit power control (TPC)

802.11i
 Enhancement to 802.11 that offers additional
security for WLAN applications

 Defines more robust encryption, authentication, and

key exchange, as well as options for key caching and
pre-authentication

802.11j
 Japanese regulatory extensions to 802.11a
specification

 Frequency range 4.9 GHz to 5.0 GHz

802.11k
 Radio resource measurements for networks using
802.11 family specifications

802.11m
 Maintenance of 802.11 family specifications

 Corrections and amendments to existing

documentation

802.11n
 Higher-speed standards

 Several competing and non-compatible technologies;

often called "pre-n"

Page 37 of 152
  Top speeds claimed of 108, 240, and 350+ MHz

 Competing proposals come from the groups, EWC,

TGn Sync, and WWiSE and are all variations based
on MIMO (multiple input, multiple output)

802.11x
 Mis-used "generic" term for 802.11 family
specifications

802.12 Demand Priority Increases Ethernet data rate to 100 Mbps by controlling
media utilization.

802.13 Not used Not used

802.14 Cable modems Withdrawn PAR. Standards project no longer endorsed

by the IEEE.

802.15 Wireless Communications specification that was approved in early

Personal Area 2002 by the IEEE for wireless personal area networks
Networks (WPANs).

802.15.1 Bluetooth Short range (10m) wireless technology for cordless

mouse, keyboard, and hands-free headset at 2.4 GHz.

802.15.3a UWB Short range, high-bandwidth "ultra wideband" link

802.15.4 ZigBee Short range wireless sensor networks

802.15.5 Mesh Network

 Extension of network coverage without increasing
the transmit power or the receiver sensitivity

Page 38 of 152
  Enhanced reliability via route redundancy

 Easier network configuration - Better device battery

life

802.16 Wireless This family of standards covers Fixed and Mobile

Metropolitan Broadband Wireless Access methods used to create
Area Networks Wireless Metropolitan Area Networks (WMANs.)
Connects Base Stations to the Internet using OFDM in
unlicensed (900 MHz, 2.4, 5.8 GHz) or licensed (700
MHz, 2.5 – 3.6 GHz) frequency bands. Products that
implement 802.16 standards can
undergo WiMAX certification testing.

802.17 Resilient Packet IEEE working group description

Ring

802.18 Radio Regulatory IEEE 802.18 standards committee

TAG

802.19 Coexistence IEEE 802.19 Coexistence Technical Advisory Group

802.20 Mobile IEEE 802.20 mission and project scope

Broadband
Wireless Access

802.21 Media IEEE 802.21 mission and project scope

Independent
Handoff

802.22 Wireless IEEE 802.22 mission and project scope

Page 39 of 152
 Regional Area
Network

ETHERNET STANDARDS

Ethernet
Ethernet is the most popular physical layer LAN technology in use today. It defines the number
of conductors that are required for a connection, the performance thresholds that can be
expected, and provides the framework for data transmission. A standard Ethernet network can
transmit data at a rate up to 10 Megabits per second (10 Mbps). Other LAN types include Token
Ring, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, Fiber Distributed Data Interface
(FDDI), Asynchronous Transfer Mode (ATM) and LocalTalk.

Ethernet is popular because it strikes a good balance between speed, cost and ease of
installation. These benefits, combined with wide acceptance in the computer marketplace and
the ability to support virtually all popular network protocols, make Ethernet an ideal networking
technology for most computer users today.

The Institute for Electrical and Electronic Engineers developed an Ethernet standard known as
IEEE Standard 802.3. This standard defines rules for configuring an Ethernet network and also
specifies how the elements in an Ethernet network interact with one another. By adhering to the
IEEE standard, network equipment and network protocols can communicate efficiently.

DEFINITION OF TERMS

 Attachment Unit Interface (AUI) An electrical and mechanical interface defined by

the IEEE 802.3 (10 Mb/s) standard. A transceiver cable sometimes called a drop cable,
and the 15-pin connector used to connect a NIC to an external transceiver. External
transceivers are used in 10BASE5 Ethernet networks.
 BNC T Connector The interface used to connect Ethernet 10BASE2 cable directly to the
NIC and the coaxial cable.
 Daisy chain Devices connected in series, one after the other. Transmitted signals go to
the first device, then to the second device and on until finding the destination.
 Fan-out unit A fan-out unit is a single transceiver that connects multiple receivers.
 Fiber Optic Medium Access Unit (FOMAU) A type of transceiver used for fiber to
copper connections. The two types of connections that can be used are AUI to fiber or
10BASE-T and RJ-45 to fiber.
 Intrusive Tap A connection in 10BASE5 networks that necessitates cutting the cable
and requires that the network be shut down.
 Media Access Unit (MAU) Point at which the data signals access (transmit and
receive) the physical media. A MAU is another name for the external transceiver used in
10BASE5 networks. Another name for a MAU is a vampire tap.
Page 40 of 152
 Media Dependent Interface (MDI) The IEEE standard for the interface to
unshielded twisted pair (UTP) cable. The connection is established through a crossover
function, which can be a crossover cable or a port that implements the crossover
function internally.
Ports that implement the crossover function internally are known as
MDI-X ports.
 N-Connector A type of media dependent interface used with thick coaxial cable that
allows a connection at the core of the cable and is used to join two ends of thick
coaxial cable.
 Non-Intrusive Tap A connection used in 10BASE5 networks that does not require a
cut into the cable.
 Square-Connector (SC)--Ports used for fiber optic connections that are square
tabbed connectors on the end of the fiber cable.
Straight-Tip Port (ST) Ports used for fiber optic connections that

Ethernet Standards
Ethernet standards define several elements that enable transmission of data over LANs.
Ethernet refers to both the original DIX Ethernet and IEEE’s 802.3 specifications. Data link
layer protocols were discussed in the Ethernet Basics lesson. This lesson focuses on the
physical layer protocols, comparing various Ethernet signaling devices and physical media.
The IEEE 802.3 Ethernet CSMA/CD architecture is based on the original DIX format
established in the early 1980s by Digital, Intel, and Xerox.
Ethernet employs physical/logical bus and physical star/logical bus topology. Current
Ethernet networks use a combination of copper and fiber optic cabling. The IEEE 802.3
cabling standards recommend the specifications for cable types, lengths, signaling devices,
and so on.
Ethernet standards change as the demands and needs of networking change. With each
change, new protocols are established.
The naming schemes for each of the Ethernet standards assist with the identification of
transmission type and cable used. For example, 10BASE5 is a 10 Mbs baseband transmission
with a 500 meter distance limitation and 100BASE-T is a 100 Mbs baseband transmission using
category 5 UTP cabling.

Ethernet 10BASE5
The 10BASE5 standard describes the original Ethernet DIX LAN. It is a linear bus topology
design where all of the computer devices are connected together to a common shared cable.
10BASE5 transmissions are 10 Mbs baseband as the name suggests. Recall that baseband
signals use the entire bandwidth for signaling. The ―5‖ in the name also gives us
information about the network topology. It represents the maximum length for each cable
segment, in this case, 500 meters.

Page 41 of 152
The cable type used for 10BASE5 is thick coaxial RG-8 or RG-11 with a 50 ohm resistance.
Thick coaxial, also known as thicknet, is an inexpensive cable that provides superior
protection against EMI, which makes it preferable choice for noisy environments. On the
negative side, ―thick coax,‖ which is about the thickness of a rubber garden hose, is
cumbersome and difficult to work with and takes up a lot of space. Since thick coaxial
cannot operate at speeds higher than 10Mbs, its usefulness is limited in higher speed
networks. Because of these factors, thicknet has been phased out of networks and is being
replaced with fiber.
IEEE 10BASE5 specifications allow for a total of five cable segments per LAN.
Therefore, 10BASE5 LANs may have a total cable length of up to 2,500 meters. Because
of the extended length allowances and superior EMI protection, thick coax was once
considered the best choice for backbone cabling. Up to four repeaters may be used to
connect these cable segments to the LAN, however, only three of the segments can
have devices. Extending the length of the LAN is the only function of the two
additional cable segments.
The five cable segment and four repeater limitations and the fact that only three of the
cable segments may be used for transceivers is referred to as the Ethernet 5-4-3 Rule.
Each of the three cable segments that are allowed to have devices may have up to 100
transceivers (taps) attached. Transceivers will be explained later in this lesson. A
minimum of 2.5 meters between transceivers is recommended. Each cable segment
must be terminated at both ends with one of the ends grounded. Termination of the
cable prevents signal bounce-back.
Ethernet DIX standards allow a maximum of 1,024 computer devices per LAN.

Minimum 2.5 Meters Between Transceivers

Minimum of Transceiver

2.5 meters
between
transceivers

Transceiver

10Base5

Cable

Page 42 of 152
 Attachment Unit Interface
Transceiver cable

If only three of the five cable segments can be used for transceivers and the limit is 100
transceivers per segment, why do the standards allow up to a maximum of 1,024
devices? It would appear that the maximum should beIt is the number of transceivers
that are limited to 100 per segment, not the number of computer devices. A fan-out
unit, a single transceiver that can accommodate multiple connections, may have up to 8
devices attached. Since this requires only one transceiver connection, the 100-
transceiver limitation actually allows more than 100 devices to be connected to a cable
segment. Care must be used when daisy chaining fan- out units. The single transceiver
is a shared device, so signal delays may occur causing higher rates of collisions, which
may slow down or completely disable the network.

10BASE5 Components
Media Access Unit (MAU)

A media access unit (MAU), as the name implies, is the point at which the data signals access
the physical media. A MAU is another name for the external transceiver used in 10BASE5
networks. It provides the electrical connection and transmits signals between the Ethernet
interface and network. A MAU is a combination of a transceiver and a tap.
Taps may be either intrusive or non-intrusive. When using non-intrusive taps, it is not
necessary to cut into the cable. A non-intrusive connection is achieved with the use of a
device that clamps around the cable and inserts a sharp metal probe through the core of the
cable. An intrusive tap uses the core of the cable as the connection point and requires cutting
the cable, which necessitates shutting down the entire network.

N-Connector

An N-connector is a type of Media Dependent Interface (MDI) connector used with thick
coaxial cable. It allows a connection at the core of the cable and is used to join two ends of
thick coaxial cable. An MDI is simply the piece of hardware that makes the direct physical
and electrical connection to the cable. Installation of N-connectors requires an intrusive tap,
cutting directly into the cable. Special stripping and crimping tools are needed for installation
purposes and care must be taken not to damage the cable or signal problems will result. An
N-connector can also serve as a connection point for transceivers or fan-out units
(transceivers with multiple ports).

Ethernet 10BASE2
10BASE2 is the IEEE 802.3 Ethernet standard proposed in 1985. Signaling is baseband at a
Page 43 of 152
speed of 10 Mbs over physical/logical bus architecture using 50-ohm thin coaxial cable. The
―2‖ in 10BASE2 represents the approximate cable segment length, which is 185 meters.
Thin coaxial is less expensive and more flexible than thick coaxial, which makes it easier to
install. However, thin coax is more susceptible to EMI resulting in the significantly shorter
length specification. The shorter distance limitation, however, makes it easier to
troubleshoot. If distance and EMI are not main concerns, 10BASE2 is generally the more
economical. Both thin and thick coaxial are compatible with one another and are often used
on the same network, with thin cable located in the offices and thick cable in the ceilings and
walls. When upgrades are made to networks, it is common for 10BASE2 cabling to be
replaced with the newer 10BASET, which is explained later in this lesson.
The 5-4-3 rule also applies to 10BASE2 networks allowing up to five cable segments, four
repeaters, and three segments with devices. Use of all five segments extends the network
length to approximately 925 meters. Only 30 taps per segment are permitted under 10BASE2
specifications, with a minimum distance between taps of 0.5 meters. Once again, the
maximum number of network devices is 1024.
10BASE2 has two versions, one uses external transceivers and can support either single or
multiple devices. The other version uses built-in transceivers, which means that fan-out units
can not be used and each transceiver supports only one device. Fan-out units are necessary
to build a medium to large network.

10BASE2 Components

MAUs and AUIs

When an external transceiver (MAU) is used, an attachment unit interface (AUI) and/or
connector is needed to ensure that the signals can be transmitted across the 10BASE2
cable.

BNC Connector Connects NIC Directly to the 10BASE2 Cable

Page 44 of 152
 BNC T Connector BNC T Connector 10Base2
Cable

British Naval Connectors (BNC)

Ethernet interfaces with built in transceivers can attach directly to the cable. This is done
using a BNC T Connector. One end of the T connector connects directly to the NIC
interface; the ThinNet cable is attached to the other two T connector openings.

Attachment Unit Interface (AUI) and Connector

An AUI is a transceiver cable, also called drop cable, and is used to connect a NIC to
an external transceiver. Drop cables may run a maximum of 50 meters from the
transceiver (MAU) to the computer device. The AUI cable length is not included as
part of the 500 meter per segment IEEE specification.

Transceiver, Transceiver Cable (AUI), and DIX (AUI) Connector

Transcei
ver cable
DIX connector

Transceiver
AUI

Page 45 of 152
 An AUI connector, sometimes called a DIX connector, is a 15-pin
connector used to connect a drop cable to a NIC.
Ethernet 10BASE2
10BASE2 is the IEEE 802.3 Ethernet standard proposed in 1985. Signaling is baseband
at a speed of 10 Mbs over physical/logical bus architecture using 50-ohm thin coaxial
cable. The ―2‖ in 10BASE2 represents the approximate cable segment length, which is
185 meters.
Thin coaxial is less expensive and more flexible than thick coaxial, which makes it
easier to install. However, thin coax is more susceptible to EMI resulting in the
significantly shorter length specification. The shorter distance limitation, however,
makes it easier to troubleshoot. If distance and EMI are not main concerns, 10BASE2
is generally the more economical. Both thin and thick coaxial are compatible with one
another and are often used on the same network, with thin cable located in the offices
and thick cable in the ceilings and walls. When upgrades are made to networks, it is
common for 10BASE2 cabling to be replaced with the newer 10BASET, which is
explained later in this lesson.
The 5-4-3 rule also applies to 10BASE2 networks allowing up to five cable segments,
four repeaters, and three segments with devices. Use of all five segments extends the
network length to approximately 925 meters. Only 30 taps per segment are permitted
under 10BASE2 specifications, with a minimum distance between taps of 0.5 meters.
Once again, the maximum number of network devices is 1024.
10BASE2 has two versions, one uses external transceivers and can support either single
or multiple devices. The other version uses built-in transceivers, which means that
fan-out units can not be used and each transceiver supports only one device. Fan-out
units are necessary to build a medium to large network.

10BASE2 Components

MAUs and AUIs

When an external transceiver (MAU) is used, an attachment unit interface (AUI) and/or
connector is needed to ensure that the signals can be transmitted across the 10BASE2
cable

Page 46 of 152
 BNC Connector Connects NIC Directly to the 10BASE2 Cable

BNC T Connector BNC T Connector 10Base2

Cable

British Naval Connectors (BNC)

Ethernet interfaces with built in transceivers can attach directly to the cable. This is
done using a BNC T Connector. One end of the T connector connects directly to the
NIC interface; the ThinNet cable is attached to the other two T connector openings.

Ethernet 10BASE-T
As networks expanded, cost became an issue and the demand for less expensive
LANs increased. The 10BASE-T standard, published in 1990, used twisted (T) pair
cable and specifications that enabled networks to use existing telephone cabling,
often already installed in buildings. Use of twisted pair cabling reduced costs and
made installation much easier.
10BASE-T uses either 100-ohm unshielded twisted pair or 150 ohm shielded twisted
pair cabling. It supports different signal speeds depending upon the cable type.
The maximum cable segment distance is 100 meters, 90 meters from the wiring
closet and another 10 meters shared between the wiring closet and office space.
These smaller cable segments are called patch cables. The maximum number of
cable segments is 1,024 with up to two devices connected to each cable segment.
If an Ethernet LAN did have 1024 devices, it would not be functional because of
excessive collisions from everyone trying to access the network at the same time. In
reality the maximum number should be no more than 200 or so devices with often
as few as 5 or 10 devices.

Page 47 of 152
10BASE-T is a Physical Star/Logical Bus Topology

10BaseT

cable BayStack 152

10BaseT Hub

The topology of 10BASET, while logically a bus, is physically a star. Recall that bus
topology is a cable with devices directly attached to the same cable. The star
configuration is created when devices are connected by way of a single cable to a single
point, a hub. The hub repeats the transmission to all of the devices on the network and
the devices contend for access as if they were a bus topology. The maximum number
of daisy-chained hubs is four.
10BASE-T offers low cost, flexibility in design, ease of installation and troubleshooting,
and a choice of cable types. In addition, it can be mixed with 10BASE5 or 10BASE2.

Unshielded Twisted Pair (UTP)

10BASE-T UTP cable is a 100 ohm cable with 4 twisted pairs, and a maximum cable
distance of 100 meters. The three UTP cable categories are:
Category 3: Supports up to 16 Mbs Category 4: Supports
up to 20 Mbs Category 5: Supports up to 1000 Mbs
Networks built today use category 5 cabling to ensure that a network may be upgraded
to faster speeds.

Shielded Twisted Pair (STP)

Page 48 of 152
10BASE-T STP cable is a 150 ohm cable with 4 pairs and a maximum cable distance of
100 meters. STP may be used to connect devices to hubs.
When mixing STP and UTP cabling, it may be necessary to use a resistance matching
device because of the resistance difference.

10BASE-T Connectors and Ports

The ports on hubs are configured as Media Dependent Interface with Crossover (MDI-
X) ports. The RJ-45 port on the back of a NIC is a Media Dependent Interface MDI
port. The transmit and receive connections of the two ports are opposite of each
other. The pairs used by MDI to transmit are used to receive on an MDI-X connection
and vice versa. This twisted pair arrangement allows transmitting and receiving of
signals to take place.

NIC With 8-Pin RJ-45 and BNC Coaxial Connectors

RJ-45

Connector

BNC Coaxial Connector

There are two types of RJ-45 connectors, MDI-X RJ-45 connectors and MDI RJ-45
connectors. You cannot connect a MDI RJ-45 connector to another MDI RJ-45
connector; it must be connected to an MDI-X RJ-45 connector. If the connectors are
the same a special type of cable, a crossover cable is required.
Patch cables with RJ-45 connectors at each end are used to connect the devices to the
NICs in the back of the devices and the hubs in the wiring closet.
Ethernet 10BASE-F
10BASE-F, where ―F‖ means fiber, defines a 10 Mbs network connected with a
62.5/125 µs multi-mode fiber optic cable. Multi-mode fiber uses an LED signal and
has a maximum distance of 2,000 meters. It has a defined maximum attenuation of
3.75 dB/km for 850nm wavelength transmissions, and 1.5 dB/km for 1300
wavelength transmissions.

Page 49 of 152
10BASE-F Maximum Distance 2,000 Meters

Building 1

Terminator
Repeater Building 2

2000 meters

The maximum number of devices per segment is 2, with a 1024 maximum number of
segments, each of which may have a device attached, up to a maximum of 1024
devices. 10BASES-F topology requires a hub to receive the signal from the network
device and is therefore a physical star topology.
In addition to allowing increased cable lengths, fiber optic cable has several other
advantages over copper cable. It is not subject to EMI, cannot be tapped into, and
no unknown devices can be added to the network. Its extremely high bandwidths
allow transmission speeds from 100 Mbs to over 2 gigabits per second. Although it
is more expensive and difficult to install than twisted pair or coax cable, it is now
the preferred cable to use as a network backbone. As the price of fiber continues to
drop, it will become more common in networks.

10BASE-F Components

Fiber Optic Medium Access Unit (FOMAU)

A transceiver must be used to connect a network interface card with a fiber cable.
There are two types of connections which may be used, AUI to fiber or 10BASE-T RJ-
45 to fiber. The transceiver is called a FOMAU for fiber to copper connection.
FOMAU provides access by converting electrical signals to optical signals.

Page 50 of 152
Straight-tip (ST) Ports

The ports used for fiber optic connections are called straight tip or ―ST‖ ports.
They connect to bayonet style connectors on the ends of the fiber cable.
Square-Tip (SC) Ports

SC fiber optic connections are quickly replacing ST connectors as they are more
durable and the crossover at each end for transmit and receive is standardized.
Each port has two connectors, one to transmit and one to receive. When a fiber
connection is made, each end must be connected in the opposite manner. The
cable ends are usually color coded red and black. If the red connector on one end
of the cable is plugged into the transmit connector, then the red connector on the
other end of the cable must be plugged into the receive connector.

Ethernet 100BASE-T (Fast) Ethernet

100BASE-T is basically the same as 10BASE-T with two important differences: it runs
at a faster rate and it has a full duplex capacity, which means that it can send and
receive packets simultaneously. Although very similar to 10BASE-T, several changes
have increased the transmission speed. Some of the adjustments include reducing
the maximum cabling distance to 250 meters, limiting the network to no more than
two repeaters, increasing the clock signal, and decreasing the time for
transmission of bits. To make these changes and still remain Ethernet compatible,
a sub-layer was added to the OSI MAC sub-layer.
There are three media types specified by the 100BASE-T standards. The 100BASE-
T4 uses category 3, 4, or 5 STP or UTP cable, 100BASE-TX uses category 5 STP or
UTP cable, and 100BASE-FX uses duplex fiber optic cable.
Since 10BASE-T Ethernet environments utilize category 5 cable, some minor
modifications to an existing LAN can convert it to a 100Mbs environment. Simply
replace the NICs with 10/100 base Ethernet NICs, make sure you are using category
5 cabling, and replace the 10BASE-T hub with a hub designed for Fast Ethernet
environments.
100BaseTX

Page 51 of 152
100BaseTX is a Fast Ethernet networking design and is one of three 802.3u standards.
As its name suggests, 100BaseTX transmits network data at speeds up to 100Mbps, the
speeds at which most LANs operate today. 100BaseTX is most often implemented with
UTP cable, but it can use STP; therefore, it suffers from the same 100-meter distance
limitations as other UTP-based networks. 100BaseTX uses Category 5 UTP cable, and,
like 10BaseT, it uses independent transmit and receive paths and can therefore support
full-duplex operation. 100BaseTX is without question the most common Fast Ethernet
standard.

100BaseT4
100BaseT4 is the second Fast Ethernet standard specified under 802.3u. It can use
Category 3, 4, and 5 UTP cable, and it uses all four of the available pairs of wires within
the cable, limiting full-duplex transfer. 100BaseT4 is similar in other respects to
100BaseTX: Its cable distance is limited to 100 meters, and its maximum transfer speed
is 100Mbps. 100BaseT4 is not widely implemented, but it is sometimes used in
environments where existing cable, such as Category 3 cable, exists. In such a
situation, you can use 100BaseT4 instead of replacing the Category 3 cable with
Category 5 UTP.

100BaseFX
100BaseFX is the IEEE standard for running Fast Ethernet over fiber-optic cable.
Because of the expense of fiber implementations, 100BaseFX is largely limited to use as
a network backbone. 100BaseFX can use two-strand multimode fiber or single-mode
fiber media. The maximum segment length for half-duplex multimode fiber is 412
meters, but when used in full-duplex mode over multimode fiber, distances can reach 2
kilometers. Using full-duplex single-mode fiber, 100BaseFX can reach distances up to
10,000 meters. 100BaseFX often uses SC or ST fiber connectors.

Gigabit Ethernet
Fast Ethernet and the Fast Ethernet standards are still used today. However, in many
modern network environments, real-time applications and heavier network use means
something faster than Fast Ethernet and 100Mbps networking is required. This has led
to the development of Gigabit Ethernet.

Gigabit Ethernet describes the ethernet implementations that provide the potential for
1000Mbps (1 Gbps) bandwidth. Gigabit Ethernet standards are available that define the

Page 52 of 152
use of both fiber- and copper-based media. The Gigabit standards include 1000BaseX
and 1000BaseT.

1000BaseX
1000BaseX refers collectively to three distinct standards: 1000BaseLX, 1000BaseSX, and
1000BaseCX.

Both 1000BaseSX and 1000BaseLX are laser standards used over fiber. LX refers to long
wavelength laser, and SX refers to short wavelength laser. Both the SX and LX wave
lasers can be supported over two types of multimode fiber-optic cable: fibers of 62.5
micron and 50 micron diameters. Only LX wave lasers support the use of single-mode
fiber. Information on the difference between the types of fiber-optic cable is given in
Chapter 2.

At the end of the day, the differences between 1000BaseLX and the 1000BaseSX have
to do with cost and transmission distance. 1000BaseLX can transmit over 316 meters in
half duplex for both multimode fiber and single-mode fiber, 550 meters for full-duplex
multimode fiber, and 5,000 meters for full-duplex single-mode fiber. Although
1000BaseSX is less expensive than 1000BaseLX, it cannot match the distances achieved
by 1000BaseLX.

1000BaseCX moves away from the fiber cable and uses shielded copper wire. Segment
lengths in 1000BaseCX are severely restricted; the maximum cable distance is 25
meters. Because of the restricted cable lengths, 1000BaseCX networks are not widely
implemented. Table 6.4 summarizes the characteristics of Gigabit Ethernet 802.3z
standards.

Summary of IEEE 802.3z Gigabit Ethernet Characteristics

Characteristic 1000BaseSX 1000BaseLX 1000BaseCX

Transmission Baseband Baseband Baseband

method

Transfer rate 1000Mbps 1000Mbps 1000Mbps

Page 53 of 152
Characteristic 1000BaseSX 1000BaseLX 1000BaseCX

Distance Half-duplex 275 meters Half-duplex 316 25 meters for

(62.5 micron multimode meters (multimode both full-duplex
fiber); half-duplex 316 and single-mode and half-duplex
meters (50 micron fiber); full-duplex 550 operations
multimode fiber); full- meters (mulitmode
duplex 275 meters (62.5 fiber); full-duplex
micron multimode fiber); 5000 (single-mode
full-duplex 550 meters (50 fiber)
micron multimode fiber)

Cable type 62.5/125 and 50/125 62.5/125 and 50/125 Shielded copper
multimode fiber multimode fiber; two cable
10-micron single-
mode optical fibers

Connector type Fiber connectors Fiber connectors 9-pin shielded

connector

1000BaseT
1000BaseT, sometimes referred to as 1000BaseTX, is another Gigabit Ethernet
standard, and it is given the IEEE 802.3ab designation. The 802.3ab standard specifies
Gigabit Ethernet over Category 5 UTP cable. The standard allows for full-duplex
transmission using the four pairs of twisted cable. To reach data transfer rates of
1000Mbps over copper, a data transmission speed of 250Mbps is achieved using Cat 5e
or Cat6 cabling. Table 6.5 summarizes the characteristics of 1000BaseT.

Summary of 1000BaseT Characteristics

Characteristic Description

Transmission method Baseband

Page 54 of 152
Characteristic Description

Maximum transfer rate 1000Mbps

Total distance/segment 100 meters

Cable type Category 5 or better

Connector type RJ-45

10 Gigabit Ethernet
In the never-ending quest for faster data transmission rates, network standards are
always being pushed to the next level. In today's networking environments, that level is
10 Gigabit Ethernet, also referred to as 10GbE. As the name suggests, 10GbE has the
capability to provide data transmission rates of up to 10 gigabits per second. That's
10,000Mbps, or 100 times faster than most modern LAN implementations. There are a
number of 10GbE implementations; this section explores the 10GBaseSR/SW,
10GBaseLR/LW, 10GBaseER/EW, and 10GBaseT standards highlighted in the Network+
objectives.

Designed primarily as a WAN and MAN connectivity medium, 10GbE was ratified as the
IEEE 802.3ae standard in June 2002. Many networking hardware manufacturers now
market 10GbE equipment. Although 10GbE network implementations are very
expensive, companies such as ISPs that require extremely high-speed networks have
been relatively quick to implement 10GbE.

10GBaseSR/SW
The IEEE 802.3ae 10 Gigabit Ethernet specification includes a serial interface referred
to as 10GBaseS that is designed for transmission on multimode fiber. Two ethernet
standards that fall under the S category include 10GBaseSR and 10GBaseSW. Both SR
and SW are designed for deployment over short wavelength multimode fiber. The
distance for both classifications ranges from as little as 2 meters to 300 meters. The
difference between the two classifications is that SR is designed for use over dark fiber.
In the networking world, dark fiber refers to "unlit" fiber, or fiber that is not in use and
connected to any other equipment. The 10GBaseSW standard is designed for longer

Page 55 of 152
distance data communications and connects to Sonet equipment. Sonet stands for
Synchronous Optical Network. It is a fiber-optic transmission system for high-speed
digital traffic. Sonet is discussed in Chapter 8, "Wide Area Networking."

NETWORK COMPONENTS AS THEY MAP ON OSI MODEL

Networking component, also known as network equipment or computer networking

devices, are physical devices which are required for communication and interaction
between devices on a computer network.

 Gateway: An interface providing acompatibility between networks by converting

transmission speeds, protocols, codes, or security measures.
 Router: A networking device that forwards data packets between computer
networks. Routers perform the "traffic directing" functions on the Internet. A
data packet is typically forwarded from one router to another through the
networks that constitute the internetwork until it reaches its destination node. It
works on OSI layer 3.
 Switch: A device that connects devices together on a computer network, by
using packet switching to receive, process and forward data to the destination
device. Unlike less advanced network hubs, a network switch forwards data only
to one or multiple devices that need to receive it, rather than broadcasting the
same data out of each of its ports. It works on OSI layer 2.
 Bridge: A device that connects multiple network segments. It works on OSI
layers 1 and 2.
 Hub: For connecting multiple Ethernet devices together and making them act as
a single network segment. It has multiple input/output (I/O) ports, in which a
signal introduced at the input of any port appears at the output of every port
except the original incoming. A hub works at the physical layer (layer 1) of the
OSI model.
 Repeater: An electronic device that receives a signal and retransmits it at a
higher level or higher power, or onto the other side of an obstruction, so that the
signal can cover longer distances.

When you have an understanding of the OSI model, it is possible to relate network
connectivity devices to the appropriate layer of the OSI model. Knowing at which OSI
level a device operates allows you to better understand how it functions on the network

Page 56 of 152
Mapping Network Devices to the OSI Model
Device OSI Layer

Hub Physical (Layer 1)

Switch Data-link (Layer 2)

Bridge Data-link (Layer 2)

Router Network (Layer 3)

NIC Data-link (Layer 2)

WAP Data-link (Layer 2)

COMPARISON BETWEEN TCP MODEL AND OSI MODEL

Comparison of OSI Reference Model and TCP/IP Reference Model

Following are some major differences between OSI Reference Model and TCP/IP
Reference Model, with diagrammatic comparison below.
OSI(Open System Interconnection) TCP/IP(Transmission Control Protocol /
Internet Protocol)

1. OSI is a generic, protocol independent 1. TCP/IP model is based on standard protocols

standard, acting as a communication around which the Internet has developed. It is a
gateway between the network and end communication protocol, which allows connection
user. of hosts over a network.

2. In OSI model the transport layer 2. In TCP/IP model the transport layer does not
guarantees the delivery of packets. guarantees delivery of packets. Still the TCP/IP
model is more reliable.

3. Follows vertical approach. 3. Follows horizontal approach.

4. OSI model has a separate Presentation 4. TCP/IP does not have a separate Presentation

Page 57 of 152
layer and Session layer. layer or Session layer.

5. OSI is a reference model around which 5. TCP/IP model is, in a way implementation of
the networks are built. Generally it is the OSI model.
used as a guidance tool.

6. Network layer of OSI model provides 6. The Network layer in TCP/IP model provides
both connection oriented and connectionless service.
connectionless service.

7. OSI model has a problem of fitting the 7. TCP/IP model does not fit any protocol
protocols into the model.

8. Protocols are hidden in OSI model and 8. In TCP/IP replacing protocol is not easy.
are easily replaced as the technology
changes.

9. OSI model defines services, interfaces 9. In TCP/IP, services, interfaces and protocols are
and protocols very clearly and makes not clearly separated. It is also protocol
clear distinction between them. It is dependent.
protocol independent.

10. It has 7 layers 10. It has 4 layers

Diagrammatic Comparison between OSI Reference Model and TCP/IP

Reference Model

Page 58 of 152
Key Differences summary

 The OSI model is a ―generic, protocol-independent standard‖. The TCP/IP are

regarded as the standard around which the internet has developed.
 TCP/IP is a simple model because of fewer layers (four) as compare to OSI that
defined seven layers in original version.
 TCP/IP is more reliable model as compare to OSI model because the internet
was developed around it.
 The OSI model is bottom to up process of network connection whereas the
TCP/IP is the top to bottom process structure for internet purpose.
 The TCP/IP combines the OSI data link and physical into network access layer.
 OSI model is a reference model while TCP/IP is an implementation of OSI model.

NETWORK CONNECTIONS AND PROTOCOL

TRANSPORT PROTOCOL

the transport layer is a conceptual division of methods in the layered architecture of

protocols in the network stack in the Internet Protocol Suite and the Open Systems
Interconnection (OSI). The protocols of the layer provide host-to-host communication

Page 59 of 152
services for applications.It provides services such as connection-oriented data
stream support, reliability, flow control, and multiplexing.

Transport layer services are conveyed to an application via a programming interface to

the transport layer protocols. The services may include the following features:

 Connection-oriented communication: It is normally easier for an application to

interpret a connection as a data stream rather than having to deal with the
underlying connection-less models, such as the datagram model of the User
Datagram Protocol (UDP) and of the Internet Protocol (IP).

n/b

Connection-oriented communication is a network communication

mode in telecommunications and computer networking, where
a communication session or a semi-permanent connection is
established before any useful data can be transferred, enabling the
ability to ensure that data is delivered in the correct order to the upper
communication layer. The alternative to connection-oriented
transmission is connectionless communication, for example
the datagram mode communication used by the IP and UDP
protocols, where data may be delivered out of order, since
different network packets are routed independently, and may be
delivered over different paths.
 Same order delivery: The network layer doesn't generally guarantee that packets
of data will arrive in the same order that they were sent, but often this is a desirable
feature. This is usually done through the use of segment numbering, with the
receiver passing them to the application in order. This can cause head-of-line
blocking.
 Reliability: Packets may be lost during transport due to network congestion and
errors. By means of an error detection code, such as a checksum, the transport
protocol may check that the data is not corrupted, and verify correct receipt by
sending an ACK or NACK message to the sender. Automatic repeat request schemes
may be used to retransmit lost or corrupted data.
 Flow control: The rate of data transmission between two nodes must sometimes
be managed to prevent a fast sender from transmitting more data than can be
supported by the receiving data buffer, causing a buffer overrun. This can also be
used to improve efficiency by reducing buffer underrun.
 Congestion avoidance: Congestion control can control traffic entry into a
telecommunications network, so as to avoid congestive collapse by attempting to

Page 60 of 152
 avoid oversubscription of any of the processing or link capabilities of the
intermediate nodes and networks and taking resource reducing steps, such as
reducing the rate of sending packets. For example, automatic repeat requests may
keep the network in a congested state; this situation can be avoided by adding
congestion avoidance to the flow control, including slow-start. This keeps the
bandwidth consumption at a low level in the beginning of the transmission, or after
packet retransmission.
 Multiplexing: Ports can provide multiple endpoints on a single node. For example,
the name on a postal address is a kind of multiplexing, and distinguishes between
different recipients of the same location. Computer applications will each listen for
information on their own ports, which enables the use of more than one network
service at the same time. It is part of the transport layer in the TCP/IP model, but of
the session layer in the OSI model.
The Transport Layer of the TCP/IP suite has various protocols which operate at the
Transport level. This Layer is responsible for the connection from host to host. The
Transport Layer manages connection oriented streams, flow control, reliable transport
and multiple transmissions (multiplexing).

There are five basic protocols for the Transport Layer:

 Transmission Control Protocol (TCP)

 User Datagram Protocol (UDP)
 Datagram Congestion Control Protocol (DCCP)
 Stream Control Transmission Protocol (SCTP)
 Resource Reservation Protocol (RSVP)
Let’s look at each of these protocols in a little more detail.

Transmission Control Protocol (TCP)

TCP handles the transmission of the data from the Application Layer. When a large file
needs to be received from a host system, TCP manages the IP packets from the layer
below it. TCP organizes the packets into its sequential order in case packets were
delivered out of order. TCP also takes the smaller IP packets and merges them into the
file that was originally sent. If a packet is not received TCP can send an ICMP message
to have the specified packet retransmitted.

NOTE: When packets are delivered out of order due to passing through different
routers, this is called segmentation.
Where IP was a connectionless protocol or did not guarantee delivery, TCP guarantees
delivery of all packets.

Page 61 of 152
When TCP sets up a connection between hosts, there is a three-way handshake. First, a
SYN (synchronize) packet is sent to the host. Second, the other host sends a SYN-ACK,
or acknowledgement to the initiating host. Finally, the initiating host sends an ACK
(acknowledgement) to complete the handshake. Now, a connection is established
between the two hosts.

When one host terminates the connection, it sends a FIN (finished) packet. Once
received, the other host responds with a FIN-ACK (finished acknowledgment). The
terminating host sends a final ACK packet to finalize the termination.

TCP manages flow control by setting up a window size. The window size is the amount
of data being transmitted. If congestion or Source Quench occurs, the window size can
be decreased. If the other host sends a message to send more, the window size can be
increased.

User Datagram Protocol (UDP)

UDP is similar to TCP, but without the guarantee of delivery. UDP has a lower overhead
by not requiring acknowledgments of packet receipt, retransmission of data and packet
ordering. UDP can be faster, but data can definitely be lost. UDP is more for
multicasting data such as streaming video. If packets are out of order or lost, then
those packets are skipped. Because of the lost packets streaming video may seem
jumpy.

UDP can be used for simple queries such as DNS queries since it is faster than TCP. For
these types of uses other protocols manage the guarantee of retrieval. If a DNS query
is made and the response is not received, then the query will be made again.

UDP is used more commonly in streaming media or any type of multicast operation.

Datagram Congestion Control Protocol (DCCP)

DCCP handles setup and teardown of reliable connections while generating ECP
messages when congestion occurs.

Since DCCP is at the Transport Layer, applications do not need to be programmed to

use DCCP. DCCP is usually implemented for multicast operations such as telephony,
streaming media and online gaming. DCCP uses UDP for a faster transport mechanism

Page 62 of 152
since lost packets and resending those packets are not necessary.

Stream Control Transmission Protocol (SCTP)

SCTP is a protocol which can send multiple streams through one stream. For instance,
most browsers treat each image on a web page as a connection and then one
connection for the text. With SCTP, these can be sent as one connection.

SCTP can support a connection between two hosts which each have two connections to
the network (multi-homed). If one connection goes down, the other connection can be
used as a redundant connection to resume transmission.

Resource Reservation Protocol (RSVP)

RSVP allows for reservation of resources. RSVP can reserve bandwidth for unicast (one-
host-to-one-host transmission) or multicast (one-host-to-many-hosts).

RSVP can be utilized on routers to provide a Quality of Service (QoS) to hosts.

RSVP is oriented by the receiver. The receiving host initiates the reservation of
resources for the transmission rate it requires. Routers will reset the reservations as
needed to accommodate other reservations. Rate reservations are not guaranteed, but
bandwidth should not drop to nothing.

The Transport Layer is important to handle guaranteed delivery and multicast (not
guaranteed) delivery of data. TCP/IP is a suite that is made up of many protocols which
not only account for transmission and receiving of frames, but control of the
transmissions themselves. TCP/IP manages itself to reduce problems that may occur on
a network or on the Internet. It should be apparent why TCP/IP is used by the Internet
and how the Internet can function as well as it does.

OTHER PROTOCOLS
1. RIP

The Routing Information Protocol (RIP) is one of the oldest distance-vector

routing protocols which employ the hop count as a routing metric. RIP prevents routing
loops by implementing limit on the number of hops allowed in a path from source to
destination. The maximum number of hops allowed for RIP is 15, which limits the size
of networks that RIP can support. A hop count of 16 is considered an infinite distance

Page 63 of 152
and the route is considered unreachable. RIP implements the split horizon, route
poisoning and holddown mechanisms to prevent incorrect routing information from
being propagated. The Routing Information Protocol (RIP) defines a way for routers,
which connect networks using the Internet Protocol (IP), to share information about
how to route traffic among networks. RIP is a routing protocol which exchanges
network information between routers dynamically. It uses broadcast to share routing
information.

Routers aware only about the networks those are directly connected with them

In brief the RIP protocol works as follows.

 Each router initializes its routing table with a list of locally connected networks.
 Periodically, each router advertises the entire contents of its routing table over all
of its RIP-enabled interfaces.
o Whenever a RIP router receives such an advertisement, it puts all of the
appropriate routes into its routing table and begins using it to forward
packets. This process ensures that every network connected to every
router eventually becomes known to all routers.
o If a router does not continue to receive advertisements for a remote
route, it eventually times out that route and stops forwarding packets over
it. In other words, RIP is a "soft state" protocol.
 Every route has a property called a metric, which indicates the "distance" to the
route's destination.
o Every time a router receives a route advertisement, it increments the
metric.
o Routers prefer shorter routes to longer routes when deciding which of two
versions of a route to program in the routing table.
o The maximum metric permitted by RIP is 16, which means that a route is
unreachable. This means that the protocol cannot scale to networks
where there may be more than 15 hops to a given destination.

RIP also includes some optimizations of this basic algorithm to improve stabilization of
the routing database and to eliminate routing loops.

 When a router detects a change to its routing table, it sends an immediate

"triggered" update. This speeds up stabilization of the routing table and
elimination of routing loops.
 When a route is determined to be unreachable, RIP routers do not delete it
straightaway. Instead they continue to advertise the route with a metric of 16
(unreachable). This ensures that neighbors are rapidly notified of unreachable
routes, rather than having to wait for a soft state timeout.

Page 64 of 152
  When router A has learnt a route from router B, it advertises the route back to B
with a metric of 16 (unreachable). This ensures that B is never under the
impression that A has a different way of getting to the same destination. This
technique is known as "split horizon with poison reverse."
 A "Request" message allows a newly-started router to rapidly query all of its
neighbors' routing tables.

SAMMARY

network has changed or not. Once 30 seconds expires, routers running RIP protocol will
broadcast their routing information to any devices connected to their interfaces.

has and increments the metric of incoming routes in advertisements so the listing router
can learn how far destination network is.

updates or not.
not care whether neighbors received these
broadcast updates or not.

already has in its routing table.

ts routing table,
router will consider that route as a new route.

with new route.

If update has worse information for any existing route, router will ignore it.

timer for that entry in routing table

Limitations
routes will be dropped.

RIP networks are flat. There is no concept of areas or boundaries in RIP

networks (but aggregation is possible).

Length Subnet Masks are not supported by RIP version 1 (which is

obsolete).

count to infinity problems

2. BGP

Page 65 of 152
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol
designed to exchange routing and reachability information among autonomous systems
(AS) on the Internet.[ The protocol is often classified as a path vector protocol but is
sometimes also classed as a distance-vector routing protocol. The Border Gateway
Protocol makes routing decisions based on paths, network policies, or rule-sets
configured by a network administrator and is involved in making core routing
decisions.BGP may be used for routing within an autonomous system. In this
application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP.
In contrast, the Internet application of the protocol may be referred to as Exterior
Border Gateway Protocol, External BGP, or eBGP. BGP (Border Gateway Protocol) is
protocol that manages how packets are routed across the internet through the
exchange of routing and reachability information between edge routers. BGP directs
packets between autonomous systems (AS) -- networks managed by a single enterprise
or service provider. Traffic that is routed within a single network AS is referred to as
internal BGP, or iBGP. More often, BGP is used to connect one AS to other autonomous
systems, and it is then referred to as an external BGP, or eBGP.

What is BGP used for?

BGP offers network stability that guarantees routers can quickly adapt to send packets
through another reconnection if one internet path goes down. BGP makes routing
decisions based on paths, rules or network policies configured by a network
administrator. Each BGP router maintains a standard routing table used to direct
packets in transit. This table is used in conjunction with a separate routing table, known
as the routing information base (RIB), which is a data table stored on a server on the
BGP router. The RIB contains route information both from directly connected external
peers, as well as internal peers, and continually updates the routing table as changes
occur. BGP is based on TCP/IP and uses client-server topology to communicate routing
information, with the client-server initiating a BGP session by sending a request to the
server.

BGP routing basics

BGP sends updated router table information only when something changes -- and even
then, it sends only the affected information. BGP has no automatic discovery
mechanism, which means connections between peers have to be set up manually, with
peer addresses programmed in at both ends.

Page 66 of 152
BGP makes best-path decisions based on current reachability, hop counts and other
path characteristics. In situations where multiple paths are available -- as within a
major hosting facility -- BGP can be used to communicate an organization's own
preferences in terms of what path traffic should follow in and out of its networks. BGP
even has a mechanism for defining arbitrary tags, called communities, which can be
used to control route advertisement behavior by mutual agreement among peers.

Ratified in 2006, BGP-4, the current version of BGP, supports both IPv6 and classless
interdomain routing (CIDR), which enables the continued viability of IPv4. Use of the
CIDR is a way to have more addresses within the network than with the current IP
address assignment scheme.

BGP problems and mitigation

Internal BGP scalability

An autonomous system with internal BGP (iBGP) must have all of its iBGP peers connect
to each other in a full mesh (where everyone speaks to everyone directly). This full-
mesh configuration requires that each router maintain a session to every other router.
In large networks, this number of sessions may degrade performance of routers, due to
either a lack of memory, or high CPU process requirements.

Route reflectors and confederations both reduce the number of iBGP peers to each
router and thus reduce processing overhead. Route reflectors are a pure performance-
enhancing technique, while confederations also can be used to implement more fine-
grained policy.

Route reflectors reduce the number of connections required in an AS. A single router (or
two for redundancy) can be made a route reflector: other routers in the AS need only
be configured as peers to them.

Page 67 of 152
Confederations are sets of autonomous systems. In common practice, only one of the
confederation AS numbers is seen by the Internet as a whole. Confederations are used
in very large networks where a large AS can be configured to encompass smaller more
manageable internal ASs.

Confederations can be used in conjunction with route reflectors. Both confederations

and route reflectors can be subject to persistent oscillation unless specific design rules,
affecting both BGP and the interior routing protocol, are followed.

However, these alternatives can introduce problems of their own, including the
following:

 route oscillation
 sub-optimal routing
 increase of BGP convergence time

Additionally, route reflectors and BGP confederations were not designed to ease BGP
router configuration. Nevertheless, these are common tools for experienced BGP
network architects. These tools may be combined, for example, as a hierarchy of route
reflectors.

Instability

The routing tables managed by a BGP implementation are adjusted continually to reflect
actual changes in the network, such as links breaking and being restored or routers
going down and coming back up. In the network as a whole it is normal for these
changes to happen almost continuously, but for any particular router or link, changes
are supposed to be relatively infrequent. If a router is misconfigured or mismanaged
then it may get into a rapid cycle between down and up states. This pattern of repeated
withdrawal and re-announcement known as route flapping can cause excessive activity
in all the other routers that know about the broken link, as the same route is continually
injected and withdrawn from the routing tables. The BGP design is such that delivery of
traffic may not function while routes are being updated. On the Internet, a BGP routing
change may cause outages for several minutes.

A feature known as route flap damping (RFC 2439) is built into many BGP
implementations in an attempt to mitigate the effects of route flapping. Without
damping the excessive activity can cause a heavy processing load on routers, which
may in turn delay updates on other routes, and so affect overall routing stability. With
damping, a route's flapping is exponentially decayed. At the first instance when a route
becomes unavailable and quickly reappears, damping does not take effect, so as to
maintain the normal fail-over times of BGP. At the second occurrence, BGP shuns that
prefix for a certain length of time; subsequent occurrences are timed out exponentially.
After the abnormalities have ceased and a suitable length of time has passed for the

Page 68 of 152
offending route, prefixes can be reinstated and its slate wiped clean. Damping can also
mitigate denial of service attacks; damping timings are highly customizable.

It is also suggested in RFC 2439 (under "Design Choices -> Stability Sensitive
Suppression of Route Advertisement") that route flap damping is a feature more
desirable if implemented to Exterior Border Gateway Protocol Sessions (eBGP sessions
or simply called exterior peers) and not on Interior Border Gateway Protocol Sessions
(iBGP sessions or simply called internal peers); With this approach when a route flaps
inside an autonomous system, it is not propagated to the external ASs – flapping a
route to an eBGP will have a chain of flapping for the particular route throughout the
backbone. This method also successfully avoids the overhead of route flap damping for
iBGP sessions.

However, subsequent research has shown that flap damping can actually lengthen
convergence times in some cases, and can cause interruptions in connectivity even
when links are not flapping.Moreover, as backbone links and router processors have
become faster, some network architects have suggested that flap damping may not be
as important as it used to be, since changes to the routing table can be handled much
faster by routers.This has led the RIPE Routing Working Group to write that "with the
current implementations of BGP flap damping, the application of flap damping in ISP
networks is NOT recommended. ... If flap damping is implemented, the ISP operating
that network will cause side-effects to their customers and the Internet users of their
customers' content and services ... . These side-effects would quite likely be worse than
the impact caused by simply not running flap damping at all." Improving stability
without the problems of flap damping is the subject of current research.

Routing table growth

One of the largest problems faced by BGP, and indeed the Internet infrastructure as a
whole, is the growth of the Internet routing table. If the global routing table grows to
the point where some older, less capable, routers cannot cope with the memory
requirements or the CPU load of maintaining the table, these routers will cease to be
effective gateways between the parts of the Internet they connect. In addition, and
perhaps even more importantly, larger routing tables take longer to stabilize (see
above) after a major connectivity change, leaving network service unreliable, or even
unavailable, in the interim.

Route summarization is often used to improve aggregation of the BGP global routing
table, thereby reducing the necessary table size in routers of an AS.

Load-balancing problem

Another factor causing this growth of the routing table is the need for load balancing of
multi-homed networks. It is not a trivial task to balance the inbound traffic to a multi-

Page 69 of 152
homed network across its multiple inbound paths, due to limitation of the BGP route
selection process. For a multi-homed network, if it announces the same network blocks
across all of its BGP peers, the result may be that one or several of its inbound links
become congested while the other links remain under-utilized, because external
networks all picked that set of congested paths as optimal. Like most other routing
protocols, BGP does not detect congestion.

To work around this problem, BGP administrators of that multihomed network may
divide a large contiguous IP address block into smaller blocks and tweak the route
announcement to make different blocks look optimal on different paths, so that external
networks will choose a different path to reach different blocks of that multi-homed
network. Such cases will increase the number of routes as seen on the global BGP
table.

Security issues

By design, routers running BGP accept advertised routes from other BGP routers by
default. This allows for automatic and decentralized routing of traffic across the
Internet, but it also leaves the Internet potentially vulnerable to accidental or malicious
disruptions. Due to the extent to which BGP is embedded in the core systems of the
Internet, and the number of different networks operated by many different
organizations which collectively make up the Internet, correcting this vulnerability (such
as by introducing the use of cryptographic keys to verify the identity of BGP routers) is
a technically and economically challenging problem.

3. OSPF

Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) standardized by
the Internet Engineering Task Force (IETF) and commonly used in large Enterprise
networks. OSPF is a link-state routing protocol providing fast convergence and excellent
scalability. Like all link-state protocols, OSPF is very efficient in its use of network
bandwidth. The OSPF routing protocol has largely replaced the older Routing
Information Protocol (RIP) in corporate networks. Using OSPF, a router that learns of a
change to a routing table (when it is reconfigured by network staff, for example) or
detects a change in the network immediately multicasts the information to all other
OSPF hosts in the network so they will all have the same routing table information.
Unlike RIP, which requires routers to send the entire routing table to neighbors every
30 seconds, OSPF sends only the part that has changed and only when a change has
taken place. When routes change -- sometimes due to equipment failure -- the time it
takes OSPF routers to find a new path between endpoints with no loops (which is called
"open") and that minimizes the length of the path is called the convergence time.

Rather than simply counting the number of router hops between hosts on a network, as
RIP does, OSPF bases its path choices on "link states" that take into account additional

Page 70 of 152
network information, including IT-assigned cost metrics that give some paths higher
assigned costs. For example, a satellite link may be assigned higher cost than a wireless
WAN link, which in turn may be assigned higher cost than a metro Ethernet link.

OSPF Version 2, as defined by IEEE RFC 2328 for IPv4, is broadly implemented in
enterprise routers. IPv6 revisions to this standard are captured in the newer OSPF
Version 3 (as defined in IEEE RFC 5340).

Although it is intended to replace RIP, OSPF has RIP support built in both for router-to-
host communication and for compatibility with older networks using RIP as their
primary protocol.

In a Nutshell

 OSPF is a fast-converging, link-state IGP used by millions.

 OSPF forms adjacencies with neighbors and shares information via the DR and
BDR using Link State Advertisements.
 Areas in OSPF are used to limit LSAs and summarize routes. Everyone connects
to area zero, the backbone.

NETWORK CONNECTIVITY
Connecting a switch to a switch-use crossover cable

Connecting a switch to a computer-use straight through cable

LOCAL AREA NETWORK (LAN)

A local area network (LAN) is a computer network within a small geographical area such
as a home, school, computer laboratory, office building or group of buildings. A LAN is
composed of inter-connected workstations and personal computers which are each
capable of accessing and sharing data and devices, such as printers, scanners and data
storage devices, anywhere on the LAN. LANs are characterized by higher
communication and data transfer rates and the lack of any need for leased
communication lines.

LAN PROTOCOLS
There are many LAN protocols in use today. Some of the more common ones are
Ethernet, Asynchronous Transfer Mode (ATM), Token Ring and Fiber Distributed Data
Interface (FDDI). Ethernet is a common LAN protocol that can be found in most
organizations. ATM is gaining popularity. The quality of service and class of service
make ATM a very reliable LAN protocol that can handle voice and video more efficiently
than other protocols. Token Ring is a well-established protocol originally developed by
IBM in the 1970's. FDDI is a high bandwidth protocol that utilizes fiber optic cable as its

Page 71 of 152
physical medium of transmission. FDDI is less popular due to it's high cost of
implementation.

Ethernet Protocol

The term "Ethernet" is like the term "4th Dimension." It can refer to a specific protocol
or can be used as a catch-all for a variety of Ethernet implementations. Ethernet has
been widely implemented due to its versatility and simplicity. It can be implemented
quickly with little knowledge of the protocol. For this reason, most small to medium
sized businesses use Ethernet as their LAN protocol. However, the simplicity does not
limit it to smaller implementations. Ethernet is also widely implemented in larger
organizations and campuses. There are three basic variants: 10 Mbps, 100 Mbps and
1000 Mbps.

The Ethernet specification was developed by Xerox Corporation in the 1970's. Operating
at 10 Mbps, it was designed to handle sporadic and occasionally heavy network traffic.
Data is transmitted over coaxial cable while media access is achieved through CSMA/CD

Media Access Methods

A LAN protocol must have a standard for which it gains access to the network. If there
were no rules or standards governing network access, collisions and failures would
bring the network to a grinding halt. There are two basic media access methods used
by LAN protocols: token passing and carrier sense multiple access collision detect, or
CSMA/CD.

In CSMA/CD, the LAN protocol first checks for another node transmitting data. If there
is, it waits for a specified time and then rechecks. If the network is free, it sends the
data across the network physical medium. Occasionally there will be a collision of
packets sent from two different nodes. If this happens, the LAN protocol senses the
collision, initiates a backoff algorithm, and resends the data. Each node in the system
will have a different backoff algorithm so that the packets will not immediately collide
again.

The second major media access method is token passing. Possession of a "token"
enables a node on the network to transmit data. Only one node at a time can have
control of the token. After the transmission is completed, the sending node passes the
token to the next node on the network. If a node that receives the token has data to
transmit, it seizes the token and begins to transmit across the network. If the receiving
node has nothing to transmit, it immediately passes the token to the next node.

Page 72 of 152
LAN Transmission Methods

LAN data transmissions fall into three classifications: unicast, multicast, and broadcast.
In each type of transmission, a single packet is sent to one or more nodes.

In a unicast transmission, a single packet is sent from the source to a destination on a

network. First, the source node addresses the packet by using the address of the
destination node. The package is then sent onto the network, and finally, the network
passes the packet to its destination.

A multicast transmission consists of a single data packet that is copied and sent to a
specific subset of nodes on the network. First, the source node addresses the packet by
using a multicast address. The packet is then sent into the network, which makes
copies of the packet and sends a copy to each node that is part of the multicast
address.

A broadcast transmission consists of a single data packet that is copied and sent to all
nodes on the network. In these types of transmissions, the source node addresses the
packet by using the broadcast address. The packet is then sent on to the network,
which makes copies of the packet and sends a copy to every node on the network.

LAN Topologies
LAN topologies define the manner in which network devices are organized. Four
common LAN topologies exist: bus, ring, star, and tree. These topologies are logical
architectures, but the actual devices need not be physically organized in these
configurations. Logical bus and ring topologies, for example, are commonly organized
physically as a star. A bus topology is a linear LAN architecture in which transmissions
from network stations propagate the length of the medium and are received by all other
stations.

WIDE AREA NETWORK

A wide area network (WAN) is a telecommunications network or computer network

that extends over a large geographical distance. Wide area networks are often
established with leased telecommunication circuits.Business, education and government
entities use wide area networks to relay data among staff, students, clients, buyers,
and suppliers from various locations in whole world. In essence, this mode of
telecommunication allows a business to effectively carry out its daily function regardless
of location. The Internet may be considered a WAN

WAN PROTOCOLS

1. Frame Relay

Page 73 of 152
Frame Relay, a WAN protocol based on packet switching technology, is exclusively for
internetworking Local Area Networks (LANs), that is, transmission of data between
LANs and WAN end points. A cost-efficient method, frame relay is widely used by
network providers as an encapsulation method for voice and data, and used between
LANs across a Wide Area Network. The user will have a private or leased line to a frame
relay node. Frame relay works on the physical and data link layer, and facilitates
information transfer from one user device to another over multiple switches and
routers.

Advancements in other technology have resulted in a steady decline in usage level of

frame relay technology. However, rural areas that are yet to experience technology
such as DSL and cable modem, continue to use this cost-effective WAN protocol with
continuous connectivity at 64 kb/s.

Frame Relay is a Layer 2 protocol and commonly known as a service from carriers. For
example, people will say ―I ordered a frame-relay circuit‖. Frame relay creates a private
network through a carrier’s network. This is done with permanent virtual circuits (PVC).
A PVC is a connection from one site, to another site, through the carrier’s network. This
is really just a configuration entry that a carrier makes on their frame relay switches.

Obtaining a frame-relay circuit is done by ordering a T1 or fractional T1 from the

carrier. On top of that, you order a frame-relay port, matching the size of the circuit you
ordered. Finally, you order a PVC that connects your frame relay port to another of your
ports inside the network.

The benefits to frame-relay are:

 Ability to have a single circuit that connects to the ―frame relay cloud‖ and gain
access to all other sites (as long as you have PVCs). As the number of locations
grow, you would save more and more money because you don’t need as many
circuits as you would if you were trying to fully-mesh your network with point to
point leased lines.
 Improved disaster recovery because all you have to do is to order a single circuit
to the cloud and PVC’s to gain access to all remote sites.
 By using the PVCs, you can design your WAN however you want. Meaning, you
define what sites have direct connections to other sites and you only pay the
small monthly PVC fee for each connection.

Some other terms you should know, concerning frame relay are:

 LMI = local management interface. LMI is the management protocol of frame

relay. LMI is sent between the frame relay switches and routers to communicate
what DLCI’s are available and if there is congestion in the network.

Page 74 of 152
  DLCI = data link connection identifier. This is a number used to identify each
PVC in the frame relay network.
 CIR = committed information rate. This is the amount bandwidth you pay to
guarantee you will receive, on each PVC. Generally you have much less CIR than
you have port speed. You can, of course, burst above your CIR to your port
speed but that traffic is marked DE.
 DE = discard eligible. Traffic marked DE (that was above your CIR) CAN be
discarded by the frame-relay network if there is congestion.
 FECN & BECN = forward explicit congestion notification & backward explicit
congestion notification. These are bits set inside LMI packets to alert the frame-
relay devices that there is congestion in the network.

2. Point-to-Point Protocol

PPP is a data link protocol that is used to directly connect two nodes across serial
cables, telephone line, trunk line, cellular phone, exclusive radio links, or fiber optic
links. Point-to-point protocol is a WAN protocol widely used by customers for dial-up
access to the Internet. This protocol helps to establish connection over synchronous
and asynchronous circuits. Encapsulation is an important function of PPP wherein PPP
frames, in order to provide framing and other routines such as detection of transmission
errors, are encapsulated in a lower layer protocol. Point-to-Point Protocol over Ethernet
(PPPoE) and Point-to-Point Protocol over ATM (PPPoA) are the two standard
encapsulated PPP forms. They are employed to perform functions such as those
executed by DSL services.

ISDN will typically use the Point-to-Point (PPP) Tunnelling protocol as its basis of
transmitting packets over the ISDN circuit. The IP Packets are encapsulated into the
PPP packets before the traffic is sent.

PPP provides link specific control functions via Link Control Protocol (LCP) such as Link
Configuration, Link Quality Testing & Address Negotiation. LCP provides more advanced
features, such as Multilink, Header Compression, Callback, Scripting, Demand Dialing,
Filtering, Tunnelling and Server Routing. There are also authentication mechanisms that
can help to ensure that the ISDN connection that is established is from a trusted
source. Authentication is optional which can be performed by the use of PAP, CHAP &
EAP (although EAP is not used in ISDN implementations, EAP is however a valid
authentication method of PPP).

PAP – Password Authentication Protocol is not strong since the password is sent in
clear text. PAP occurs during the LCP phase of the PPP connection.

CHAP – Challenge Handshake Authentication Protocol, is much stronger then PAP and
is much more widely used. It uses a Challenge/Response security mechanism which
uses a one way Hash Function to ensure that the passwords are not sent over the link.

Page 75 of 152
The password is Hashed and sent over the link, the other side of the link then performs
the same hashing function on the password that they have configured then check to
ensure that the two hash values are the same. This can also provide protection against
playback.

EAP – Extensible Authentication Protocol provides the ability to use multiple

authentication protocols such as static passwords, CHAP, Token Cards, Biometrics, etc...
As you can imagine, since CHAP is available on its own and ISDN cannot really work
with Token Cards or Biometrics it isn't used in ISDN implementations.

3. ISDN

ISDN (Integrated Services Digital Network) is a digital telephone standard designed to

replace analogue connections by utilising ordinary copper wires that are used in
standard analogue telephone systems. It started as a recommendation within the ITU's
(International Telecommunication Union) Red Book in 1984, although prior to 1992, the
ITU was known as the CCITT (International Telegraph and Telephone Consultative
Committee). The ITU is responsible for developing recommendations on International
Standards within the industry.

ISDN was developed to provide digital transmission of both voice and data resulting in
better quality and speeds over that of PSTN (Public Switched Telephone Network)
systems.

Getting to Know the Digital Protocol

There are two types of IDSN Channels.

• The B-Channel – This is known as the Bearer (―B‖) channel which is a 64Kbps
channel used for voice, video, data or multimedia transfer. These can be aggregated
together to get higher bandwidth utilisation.

• The D-Channel – This is known as the Delta (―D‖) channel which can be either
16Kbps or 64Kbps used primarily for the signalling between the switching equipment.
Some say that this adds to the security of ISDN because the controlling and data
channels are separate.

N.B. Digital Signal 0 (DS0) is a basic digital signalling rate of 64Kbits which may be used
to describe a single Bearer channel.

BRI (Basic Rate Interface)

Can also be known as BA (Basic Access), this operates a single 16Kbps D channel and
two 64Kbps B channels. Although it isn't usually pointed out, the BRI total speed is

Page 76 of 152
192Kbps, this is because you have an additional 48Kbps overhead for framing and
synchronisation on the D channel. (64 * 2) + (16 + 48) = (128 + 64) = 192Kbps.

PRI (Primary Rate Interface)

Can also be known as PA (Primary Access), this can operate in two different modes
depending on your geographic location. For European locations, PRI is made up of 30
x 64Kbps B channels and a single 64Kbps D channel which gives a total of
2.048Mbps which is also known as an E1 line (or DS1).

For American and Japanese locations, PRI is made up of 23 x 64Kbps B channels

and a single 64Kbps D channel which give a total of 1.544Mbps which is also
known as a T1 line (or DS1). Framing and Synchronisation is at 8Kbps for T1 or
64Kbps for E1. T1 PRI is commonly referred to as ―23B+D‖ and for E1 PRI is commonly
referred to as ―30B+D‖.

N.B. E1 PRI actually has 32 channels which are comprised of 30 x B Channels, 1 x D

Channel and 1 Synchronisation Channel.

ETHERNET TECHNOLOGY

The term Ethernet refers to the family of local-area network (LAN) products covered by
the IEEE 802.3 standard that defines what is commonly known as the CSMA/CD

Page 77 of 152
protocol. Three data rates are currently defined for operation over optical fiber and
twisted-pair cables:

 10 Mbps-10Base-T Ethernet
 100 Mbps-Fast Ethernet
 1000 Mbps-Gigabit Ethernet

10-Gigabit Ethernet is under development and will likely be published as the IEEE
802.3ae supplement to the IEEE 802.3 base standard in late 2001 or early 2002.

Other technologies and protocols have been touted as likely replacements, but the
market has spoken. Ethernet has survived as the major LAN technology (it is currently
used for approximately 85 percent of the world's LAN-connected PCs and workstations)
because its protocol has the following characteristics:

 Is easy to understand, implement, manage, and maintain

 Allows low-cost network implementations
 Provides extensive topological flexibility for network installation
 Guarantees successful interconnection and operation of standards-compliant
products, regardless of manufacturer

Ethernet Network Elements

Ethernet LANs consist of network nodes and interconnecting media. The network nodes
fall into two major classes:

 Data terminal equipment (DTE) - Devices that are either the source or the
destination of data frames. DTEs are typically devices such as PCs, workstations,
file servers, or print servers that, as a group, are all often referred to as end
stations.
 Data communication equipment (DCE) - intermediate network devices that
receive and forward frames across the network. DCEs may be either standalone
devices such as repeaters, network switches, and routers, or communications
interface units such as interface cards and modems.

Throughout this article, standalone intermediate network devices will be referred to as

either intermediate nodes or DCEs. Network interface cards will be referred to as NICs.

The current Ethernet media options include two general types of copper cable:
unshielded twisted-pair (UTP) and shielded twisted-pair (STP), plus several types of
optical fiber cable.

Ethernet Technologies Background

Page 78 of 152
The term Ethernet refers to the family of local area network (LAN) implementations that
includes three principal categories.

 Ethernet and IEEE 802.3---LAN specifications that operate at 10 Mbps over

coaxial cable.
 100-Mbps Ethernet---A single LAN specification, also known as Fast Ethernet,
that operates at 100 Mbps over twisted-pair cable.
 1000-Mbps Ethernet---A single LAN specification, also known as Gigabit Ethernet,
that operates at 1000 Mbps (1 Gbps) over fiber and twisted-pair cables.

This chapter provides a high-level overview of each technology variant.

Ethernet has survived as an essential media technology because of its tremendous

flexibility and its relative simplicity to implement and understand. Although other
technologies have been touted as likely replacements, network managers have turned
to Ethernet and its derivatives as effective solutions for a range of campus
implementation requirements. To resolve Ethernet's limitations, innovators (and
standards bodies) have created progressively larger Ethernet pipes. Critics might
dismiss Ethernet as a technology that cannot scale, but its underlying transmission
scheme continues to be one of the principal means of transporting data for
contemporary campus applications. This chapter outlines the various Ethernet
technologies that have evolved to date.

Ethernet and IEEE 802.3

Ethernet is a baseband LAN specification invented by Xerox Corporation that operates

at 10 Mbps using carrier sense multiple access collision detect (CSMA/CD) to run over
coaxial cable. Ethernet was created by Xerox in the 1970s, but the term is now often
used to refer to all CSMA/CD LANs. Ethernet was designed to serve in networks with
sporadic, occasionally heavy traffic requirements, and the IEEE 802.3 specification was
developed in 1980 based on the original Ethernet technology. Ethernet Version 2.0 was
jointly developed by Digital Equipment Corporation, Intel Corporation, and Xerox
Corporation It is compatible with IEEE 802.3. Figure 7-1 illustrates an Ethernet network.

Figure 7-1: An Ethernet network runs CSMA/CD over coaxial cable.

Page 79 of 152
 Ethernet and IEEE 802.3 are usually implemented in either an interface card or in
circuitry on a primary circuit board. Ethernet cabling conventions specify the use of a
transceiver to attach a cable to the physical network medium. The transceiver performs
many of the physical-layer functions, including collision detection. The transceiver cable
connects end stations to a transceiver.

IEEE 802.3 provides for a variety of cabling options, one of which is a specification
referred to as 10Base5. This specification is the closest to Ethernet. The connecting
cable is referred to as an attachment unit interface (AUI), and the network attachment
device is called a media attachment unit (MAU), instead of a transceiver.

Table below summarizes the differences between Ethernet and IEEE 802.3, as well as
the differences between the various IEEE 802.3 physical-layer specifications.

Table 7-1: Comparison of Various IEEE 802.3 Physical-Layer Specifications

Characteristi Ethernet IEEE 802.3 Values

c Value

10Base5 10Base2 10BaseT 10BaseF 100BaseT

L

Data rate 10 10 10 10 10 100

(Mbps)

Page 80 of 152
Signaling Baseband Baseband Baseband Baseband Baseband Baseband
method

Maximum 500 500 185 100 2,000 100

segment
length (m)

Media 50-ohm 50-ohm 50-ohm Unshielde Fiber- Unshielded

coax coax coax d twisted- optic twisted-
(thick) (thick) (thin) pair cable pair cable

Topology Bus Bus Bus Star Point-to- Bus

point

Ethernet and IEEE 802.3 Frame Formats

Figure 7-4 illustrates the frame fields associated with both Ethernet and IEEE 802.3
frames.

Figure 7-4: Various frame fields exist for both Ethernet and IEEE 802.3.

The Ethernet and IEEE 802.3 frame fields illustrated in Figure 7-4 are as follows:

Page 81 of 152
  Preamble---The alternating pattern of ones and zeros tells receiving stations that
a frame is coming (Ethernet or IEEE 802.3). The Ethernet frame includes an
additional byte that is the equivalent of the Start-of-Frame field specified in the
IEEE 802.3 frame.
 Start-of-Frame (SOF)---The IEEE 802.3 delimiter byte ends with two consecutive
1 bits, which serve to synchronize the frame-reception portions of all stations on
the LAN. SOF is explicitly specified in Ethernet.
 Destination and Source Addresses---The first 3 bytes of the addresses are
specified by the IEEE on a vendor-dependent basis. The last 3 bytes are
specified by the Ethernet or IEEE 802.3 vendor. The source address is always a
unicast (single-node) address. The destination address can be unicast, multicast
(group), or broadcast (all nodes).
 Type (Ethernet)---The type specifies the upper-layer protocol to receive the data
after Ethernet processing is completed.
 Length (IEEE 802.3)---The length indicates the number of bytes of data that
follows this field.
 Data (Ethernet)---After physical-layer and link-layer processing is complete, the
data contained in the frame is sent to an upper-layer protocol, which is identified
in the Type field. Although Ethernet Version 2 does not specify any padding (in
contrast to IEEE 802.3), Ethernet expects at least 46 bytes of data.
 Data (IEEE 802.3)---After physical-layer and link-layer processing is complete,
the data is sent to an upper-layer protocol, which must be defined within the
data portion of the frame, if at all. If data in the frame is insufficient to fill the
frame to its minimum 64-byte size, padding bytes are inserted to ensure at least
a 64-byte frame.
 Frame Check Sequence (FCS)---This sequence contains a 4-byte cyclic
redundancy check (CRC) value, which is created by the sending device and is
recalculated by the receiving device to check for damaged frames.

Encoding data transmitted at high speeds provides some advantages:

 Encoding limits the effective transmission characteristics, such as ratio of 1s to

0s, on the error rate.
 Bit-level clock recovery of the receiver can be greatly improved by using data
encoding.
 Encoding increases the possibility that the receiving station can detect and
correct transmission or reception errors.
 Encoding can help distinguish data bits from control bits.

ETHERNET STANDARDS

10 base 2

Page 82 of 152
A type of standard for implementing Ethernet networks. 10Base2 is sometimes referred
to as thinnet (or ―thin coax‖) because it uses thin coaxial cabling for connecting stations
to form a network. 10Base2 supports a maximum bandwidth of 10 Mbps, but in actual
networks, the presence of collisions reduces this to more like 4 to 6 Mbps. 10Base2 is
based on the 802.3 specifications of Project 802 developed by the Institute of Electrical
and Electronic Engineers (IEEE).

Graphic 0-3. A 10Base2 network.

How a 10Base2 network Works

10Base2 networks are wired together in a bus topology, in which individual stations
(computers) are connected directly to one long cable. The maximum length of any
particular segment of a 10Base2 network is 185 meters. If distances longer than this
are required, two or more segments must be connected using repeaters. Altogether,
there can be a total of five segments connected using four repeaters, as long as only
three of the segments have stations attached to them. This is referred to as the 5-4-3
rule.

A 10Base2 segment should have no more than 30 stations wired to it. The minimum
distance between these stations must be 0.5 meters. Stations are attached to the cable
using BNC connectors, and the ends of the thinnet cabling have BNC cable connectors
soldered or crimped to them.

The designation 10Base2 comes from the speed of the network (10 Mbps), the signal
transmission method (baseband transmission), and the maximum segment length (185
meters, rounded off to 200 with the zeros removed).

Page 83 of 152
NOTE

10Base2 networks are not implemented much anymore for two reasons. First, because
their speed is limited to 10 Mbps, the networks perform poorly in today’s bandwidth-
hungry, Internet-connected world. Second, 10Base2 networks have a single point of
failure—the long, linear bus cable used to connect the stations. A single break or loose
connection brings down the entire network, and every cable segment and station
connection must be checked to determine the problem. If you are wiring an office for a
small LAN with low bandwidth requirements, use 10BaseT instead. For moderate to
high bandwidth requirements, try using Fast Ethernet instead.

10 base 5

10BASE5 (also known as thick Ethernet or thicknet) was the first commercially
available variant of Ethernet. 10BASE5 uses a thick and stiff coaxial cable up to 500
metres (1,600 ft) in length. Up to 100 stations can be connected to the cable using
vampire taps and share a single collision domain with 10 Mbit/s of bandwidth shared
among them. The system is difficult to install and maintain.

10BASE5 was superseded by much cheaper and more convenient alternatives: first by
10BASE2 based on a thinner coaxial cable, and then once Ethernet over twisted pair
was developed, by 10BASE-T and its successors 100BASE-TX and 1000BASE-T. As of
2003, IEEE 802.3 has deprecated this standard for new installations

A type of standard for implementing Ethernet networks. 10Base5 is sometimes referred

to as thicknet because it uses thick coaxial cabling for connecting stations to form a
network. Another name for 10Base5 is Standard Ethernet because it was the first type
of Ethernet to be implemented. 10Base5 supports a maximum bandwidth of 10 Mbps,
but in actual networks, the presence of collisions reduces this to more like 4 to 6 Mbps.
10Base5 is based on the 802.3 specifications of Project 802 developed by the Institute
of Electrical and Electronic Engineers (IEEE).

How a 10Base5 network Works

10Base5 networks are wired together in a bus topology—that is, in a linear fashion
using one long cable. The maximum length of any particular segment of a 10Base5
network is 500 meters, hence the 5 in 10Base5. If distances longer than this are
required, two or more segments must be connected using repeaters. Altogether, there
can be a total of five segments connected using four repeaters, as long as only three of

Page 84 of 152
the segments have stations (computers) attached to them. This is referred to as the 5-
4-3 rule.

A 10Base5 segment should have no more than 100 stations wired to it. These stations
are not connected directly to the thicknet cable as in 10Base2 networks. Instead, a
transceiver is attached to the thicknet cable, usually using a cable-piercing connector
called a vampire tap. From the transceiver, a drop cable is attached, which then
connects to the network interface card (NIC) in the computer. The minimum distance
between transceivers attached to the thicknet cable is 2.5 meters, and the maximum
length for a drop cable is 50 meters. Thicknet cable ends have N-series connectors
soldered or crimped on them for connecting segments together.

10Base5 networks were often used as backbones for large networks. In a typical
configuration, transceivers on the thicknet backbone would attach to repeaters, which
would join smaller thinnet segments to the thicknet backbone. In this way, a
combination of 10Base5 and 10Base2 standards could support sufficient numbers of
stations for a moderately large company.

NOTE

10Base5 networks are legacy networks that are no longer implemented, although some
companies might choose to maintain them for cost reasons. The complexity and
bandwidth limitations of 10Base5 networks render them obsolete. If you are wiring an
office for a small LAN with low bandwidth requirements, use 10BaseT instead. For
moderate to high bandwidth requirements, try using Fast Ethernet. If you are
implementing a backbone for today’s high-speed enterprise networks, try using Gigabit
Ethernet, Fiber Distributed Data Interface (FDDI), or some other advanced technology.

10 base T

10Base-T is the Ethernet wiring standard for 10 Mbps (megabits per second) for a
maximum distance of approximately 100 meters per segment over unshielded twisted
pair cables terminated with RJ-45 connectors.

Ethernet is by far the most commonly used local area network (LAN) architecture as a
result of its high speeds, robustness (i.e., high reliability), low cost and adaptability to
new technologies. A key feature is the breaking of data into packets, which are then
transmitted using the CSMA/CD (carrier sense multiple access/collision detection)
protocol until they arrive at the destination without colliding with any other packets.

The name 10Base-T is derived from several aspects of the physical medium. The 10
refers to the transmission speed of 10 Mbps. The base is short for baseband, which
means that only one Ethernet signal is present on the send and/or receive pair (i.e.,

Page 85 of 152
there is no multiplexing as with broadband transmissions). The T comes from twisted
pair.

The cable consists of two pairs of unshielded, but insulated twisted wires. One pair is
for transmitting data. and the other for receiving data. The cable is most commonly Cat
5, but it can also be Cat 3 or Cat 4. Unlike earlier Ethernet standards (e.g., 10Base5 and
10Base2, 10Base-T does not specify the exact type of wiring to be used.

10Base-T was the first vendor-independent standard implementation of Ethernet on

twisted pair wiring. The currently most commonly used form of Ethernet is 100Base-T,
also referred to as fast Ethernet, which can accommodate data transfer speeds of up to
about 100Mbps. The newer gigabit Ethernet supports data rates of one gigabit (1,000
megabits) per second.

-F (optical fiber cable)

-36 (broadband coaxial cable carrying multiple baseband channels for a

maximum length of 3,600 meters)

100 base XX(FAST ETHERNET)

Fast Ethernet is a collective term for a number of Ethernet standards that carry traffic
at the nominal rate of 100 Mbit/s (the earlier Ethernet speed was 10 Mbit/s). Of the
Fast Ethernet standards, 100BASE-TX is by far the most common.

100BASE-X uses a star bus topology similar to 10BASE-T’s. 100BASE-X provides a data
transmission speed of 100 Mbps using baseband.

The 100BASE-X standard provides the following cabling specifications:

 100BASE-TX. Two twisted-pairs of Category 5 UTP or STP

 100BASE-FX. Fiber-optic cabling using 2-strand cable
 100BASE-T4. Four twisted-pairs of Category 3, 4, or 5 UTP

100BASE-X is sometimes referred to as ―Fast Ethernet.‖ Like 100VG-AnyLAN, 100BASE-

X provides compatibility with existing 10BASE-T systems and thus enables plug-and-
play upgrades from 10BASE-T.

LAN Technology Specifications

Name IEEE Data Media Type Maximum Distance

Standard Rate

Page 86 of 152
 Ethernet 802.3 10 Mbps 10Base-T 100 meters
Fast Ethernet/ 802.3u 100 100Base-TX 100 meters
100Base-T Mbps 100Base-FX 2000 meters
Gigabit Ethernet/ 802.3z 1000 1000Base-T 100 meters
GigE Mbps 1000Base-SX 275/550 meters
1000Base-LX 550/5000 meters
10 Gigabit IEEE 10 Gbps 10GBase-SR 300 meters
Ethernet 802.3ae 10GBase-LX4 300m MMF/ 10km
10GBase-LR/ER SMF
10GBase- 10km/40km
SW/LW/EW 300m/10km/40km

NETWORK TROUBLESHOOTING
Troubleshooting is a form of problem solving, often applied to repair failed products
or processes on a machine or a system. It is a logical, systematic search for the source
of a problem in order to solve it, and make the product or process operational again.
Troubleshooting is needed to identify the symptoms. Determining the most likely cause
is a process of elimination—eliminating potential causes of a problem. Finally,
troubleshooting requires confirmation that the solution restores the product or process
to its working state.

Local area networks (LAN) are integral to the operation of many businesses today. The
most common LANs use Ethernet, a data link layer protocol, and Internet Protocol (IP),
a network layer protocol.

A LAN is comprised of many elements: printers, monitors, PCs, IP phones, servers,

storage hardware, networking equipment, security software, network applications,
enterprise applications, office productivity applications, and more. Devices on the
network are linked physically by twisted pair copper, fiber or wireless access points.

LAN Network Troubleshooting is typically the job for the frontline network support staff
- engineers and technicians. Common Ethernet network troubleshooting problems
include user connection issues and slow networks.

Root causes of Ethernet network troubleshooting problems are frequently caused by

one of these three sources:

1. Physical layer: copper, fiber or wireless

Possible causes:

 Damaged or dirty cabling or terminations

Page 87 of 152
 Excessive signal attenuation
 Insufficient cable bandwidth
 Wireless interference

2. Network Layer: Ethernet and IP

Possible causes:

 Damaged networking devices

 Incorrect or sub-optimal device configurations
 Authentication and association issues
 Insufficient network bandwidth

3. Switches and VLANs

Possible causes:

 Excessive utilization
 Too many errors
 Incorrectly assigned VLAN membership
 Traffic priority (CoS/QoS) issues

Best practices for successful network Ethernet troubleshooting include these steps:

1. Identify the exact issue or problem: Have the person who reported the problem
explain how normal operation appears, and then demonstrate the perceived problem.

2. Recreate the problem if possible: Ask yourself if you understand the symptoms,
and verify the reported problem yourself if possible.

3. Localize and isolate the cause: Attempt to isolate the problem to a single device,
connection, or software application.

4. Formulate a network troubleshooting plan for solving the

problem: Research and/or consider the possible solutions to the problem. Consider the
possibility that some solutions to the problem at hand may introduce other problems.

5. Implement the network troubleshooting plan: Your actual solution to the

problem may be replacing hardware, implementing a software patch, reinstalling the

Page 88 of 152
application or component or cleaning a virus infected file. If the problem is the user
account, the user’s security settings or logon scripts may need to be adjusted.

6. Test to verify that the problem has been resolved: After you have
implemented the solution, ensure that the entire problem has been resolved by having
the user test for the problem again.

7. Document the problem and solution: Documentation can be used for future
reference to help you troubleshoot the same or similar problem. You can also use the
documentation to prepare reports on common network problems for management
and/or users, or to train new network users, network troubleshooters, or members of
the network support team.

8. Provide feedback to the user: This encourages users to report similar situations
in the future, which will improve the performance of your network. If the user could
have done something to correct or avoid the issue, providing feedback may reduce the
number of future network problems.

Importance of LAN troubleshooting tools and training

Giving frontline network support staff the proper training, the right tools, and a solid
network troubleshooting methodology results in faster LAN problem solving - saving
staff time, closing trouble tickets quicker, minimizing downtime, and getting network
users back to productivity faster.

methods of network troubleshooting

Echo

Often referred to as an echo check, echo describes when data is sent to a computer
or other network device, and that information is sent back to verify the information was
received. Echo can be a command used with operating systems, network devices, or a
function of a device. echo is the display or return of sent data at or to the sending end
of a transmission. Echo can be either local echo, where the sending device itself
displays the sent data, or remote echo, where the receiving device returns the sent
data that it receives to the sender (which is of course simply no local echo from the
point of view of the sending device itself).

Echo syntax

Displays messages, or turns command-echoing on or off.

Page 89 of 152
ECHO [ON | OFF]
ECHO [message]
Type ECHO without parameters to display the current echo setting.
Echo examples

echo ata > com1

Depending if your modem was on com1, this would make the modem try responding
and you should hear some squealing from the modem. To stop the squealing, type echo
atz > com1.
echo this is a test > test.bat

This would put in the file test.bat "echo this is a test", then whenever you type in test,
it would type in echo this is a test.
echo this is an example >> test.txt

In the above example, this would echo "this is an example" then using >> it
would append that text into the test.txt file.
echo testing the echo string

This would type on your screen, testing the echo string, and then take you back to the
prompt.

TELNET

Telnet is a protocol used on the Internet or local area networks to provide a

bidirectional interactive text-oriented communication facility using a virtual terminal
connection. User data is interspersed in-band with Telnet control information in an 8-bit

Page 90 of 152
byte oriented data connection over the Transmission Control Protocol (TCP). Telnet is a
client-server protocol, based on a reliable connection-oriented transport. Typically, this
protocol is used to establish a connection to Transmission Control Protocol (TCP) port
number 23, where a Telnet server application (telnetd) is listening. Telnet, however,
predates TCP/IP and was originally run over Network Control Program (NCP) protocols.
Telnet is a user command and an underlying TCP/IP protocol for accessing remote
computers. Through Telnet, an administrator or another user can access someone
else's computer remotely. On the Web, HTTP and FTP protocols allow you to request
specific files from remote computers, but not to actually be logged on as a user of that
computer. With Telnet, you log on as a regular user with whatever privileges you may
have been granted to the specific application and data on that computer.

Even though Telnet was an ad hoc protocol with no official definition until March 5,
1997the name actually referred to Teletype Over Network Protocol as the RFC 206 (NIC
7176) on Telnet makes the connection clear:

The telnet commands allow you to communicate with a remote computer that is using
the Telnet protocol. You can run telnet without parameters in order to enter the telnet
context, indicated by the Telnet prompt (telnet>). From the Telnet prompt, use the
following commands to manage a computer running Telnet Client.

The tlntadmn commands allow you to remotely manage a computer running Telnet
Server. These commands are run from the command prompt. Used without parameters,
tlntadmn displays local server settings.

To use telnet commands at the Telnet prompt

To start Telnet Client and to enter the Telnet prompt

Syntax

telnet [\\RemoteServer]

MORE NETWORK TROBLESHOOTING METHODS/TOOLS

10. Ping

The most commonly used network tool is the ping utility. This utility is used to provide a
basic connectivity test between the requesting host and a destination host. This is done
by using the Internet Control Message Protocol (ICMP) which has the ability to send an
echo packet to a destination host and a mechanism to listen for a response from this
host. Simply stated, if the requesting host receives a response from the destination
host, this host is reachable. This utility is commonly used to provide a basic picture of
where a specific networking problem may exist. For example, if an Internet connection
is down at an office, the ping utility can be used to figure out whether the problem

Page 91 of 152
exists within the office or within the network of the Internet provider. Figure 1 below
shows an example of the ping utility being used to obtain the reachability status of the
locally connected router.

Figure 1: Ping utility

9. Tracert/traceroute

Typically, once the ping utility has been used to determine basic connectivity, the
tracert/traceroute utility can used to determine more specific information about the
path to the destination host including the route the packet takes and the response time
of these intermediate hosts. Figure 2 below shows an example of the tracert utility
being used to find the path from a host inside an office to www.google.com. The tracert
utility and traceroute utilities perform the same function but operate on different
operating systems, Tracert for Windows machines and traceroute for Linux/*nix based
machines.

Page 92 of 152
Figure 2: Tracert/traceroute utility

8. Ipconfig/ifconfig

One of the most important things that must be completed when troubleshooting a
networking issue is to find out the specific IP configuration of the variously affected
hosts. Sometimes this information is already known when addressing is configured
statically, but when a dynamic addressing method is used, the IP address of each host
can potentially change often. The utilities that can be used to find out this IP
configuration information include the ipconfig utility on Windows machines and the
ifconfig utility on Linux/*nix based machines. Figure 3 below shows an example of the
ifconfig utility showing the IP configuration information of a queries host.

Page 93 of 152
Figure 3: Ifconfig utility

7. Nslookup

Some of the most common networking issues revolve around issues with Dynamic
Name System (DNS) address resolution issues. DNS is used by everyone using the
Internet to resolve commonly known domain names (i.e. google.com) to commonly
unknown IP addresses (i.e. 74.125.115.147). When this system does not work, most of
the functionality that people are used to goes away, as there is no way to resolve this
information. The nslookup utility can be used to lookup the specific IP address(es)
associated with a domain name. If this utility is unable to resolve this information, there
is a DNS issue. Along with simple lookup, the nslookup utility is able to query specific
DNS servers to determine an issue with the default DNS servers configured on a host.
Figure 4 below shows an example of how the nslookup utility can be used to query the
associated IP address information.

Page 94 of 152
Figure 4: Nslookup utility

6. Netstat

Often, one of the things that are required to be figured out is the current state of the
active network connections on a host. This is very important information to find for a
variety of reasons. For example, when verifying the status of a listening port on a host
or to check and see what remote hosts are connected to a local host on a specific port.
It is also possible to use the netstat utility to determine which services on a host that is
associated with specific active ports. Figure 5 below shows an example of the netstat
utility being used to display the currently active ports on a Linux machine.

Page 95 of 152
Figure 5: Netstat utility

5. PuTTY/Tera Term

When connecting to a variety of different types of equipment, a telnet, SSH or serial

client is required; when this is required both the puTTY and Tera Term programs are
able to provide these functionalities. The selection of one over the other is strictly a
personal preference. Figures 6 and 7 below show both puTTY and Tera Term being
used to connect to a host via SSH.

Page 96 of 152
Figure 6: PuTTY

Page 97 of 152
Figure 7: Tera Term

4. Subnet and IP Calculator

One of the most important tools in the belt of a junior network engineer is an IP
network calculator. These can be used to unsure a correct IP address selection and with
this a correct IP address configuration. While this type of tool is used by senior level
network engineers, much of the information obtained from the tool becomes simpler to
calculate the longer and more experience you have in the field. Two of the more
commonly used free IP calculators include Wildpackets (Bitcricket) Network Calculator
and Solarwinds

Figure 8: Subnet calculator

3. Speedtest.net/pingtest.net

Page 98 of 152
A very easy test that can be used to both determine the Internet bandwidth available to
a specific host and to determine the quality of an Internet connection is the use of the
tools available at the speedtest.net and pingtest.net websites. The speedtest.net site
provides the ability to determine the amount of bandwidth that is available to a specific
host at a specific point in time; this is often a good tool to use when measuring how
long it is going to take to upload or download information from a local to remote host.
This measurement can also be used to determine whether the connection is offering the
amount of bandwidth that was purchased from the Internet provider; keep in mind
however that some amount of bandwidth difference is expected between the quoted
bandwidth purchased and the measured bandwidth. The pingtest.net website is used to
determine the quality of the connection by measuring the ping response times and jitter
amounts over a short period of time. This information can be used to determine a
likelihood of how well the measured connection will deal with certain types of high
demand traffic like Voice over IP (VoIP) or gaming. Figure 9 and 10 below show
example output from both of these sites.

Page 99 of 152
Figure 9: Speedtest

Page 100 of 152

Figure 10: Pingtest

2. Pathping/mtr

In an effort to take advantage of the benefits of both the ping and tracert/traceroute
commands, the pathping and mtr utilities were developed. Both of these tools take the
functionality and information that can be obtained from these types of tools and provide
a more detailed single picture of the path characteristics from a specific host to a
specific destination. Figure 11 and 12 below show examples of these two tools and
what information they provide.

Page 101 of 152

Figure 11: Pathping

Page 102 of 152

Figure 12: Mtr

1. Route

The last of the tools covered in this article is the route utility. This utility is used to
display the current status of the routing table on a host. While the use of the route
utility is limited in common situations where the host only has a single IP address with a
single gateway, it is vital in other situations where multiple IP address and multiple
gateways are available. Figure 13 below shows an example of the route utility being
used on a Windows machine.

Figure 13: Route Utility

Summary

Page 103 of 152

As with any job, the type of tools that are quickly available can greatly influence the
amount of time that it takes to complete a job. When troubleshooting a networking
issue, the amount of time that it takes to find and fix a problem directly affect the
wasted costs that it causes to any system relying on the network. This article has taken
a look at the 10 most commonly used tools that can help in ensuring that the time that
it takes to find and fix a problem is as short as possible. I hope the information in this
article can be helpful in future troubleshooting.

NETWORK SECURITY
Network Security is the process of taking physical and software preventative measures
to protect the underlying networking infrastructure from unauthorized access, misuse,
malfunction, modification, destruction, or improper disclosure, thereby creating a secure
platform for computers, users and programs to perform their permitted critical functions
within a secure environment.Network security" refers to any activity designed to protect
the usability and integrity of your network and data. It includes both hardware and
software technologies. Effective network security manages access to the network. It
targets a variety of threats and stops them from entering or spreading on your network.

Types of network security

Access control

Not every user should have access to your network. To keep out potential attackers,
you need to recognize each user and each device. Then you can enforce your security
policies. You can block noncompliant endpoint devices or give them only limited access.
This process is network access control (NAC).

Antivirus and antimalware software

"Malware," short for "malicious software," includes viruses, worms, Trojans,

ransomware, and spyware. Sometimes malware will infect a network but lie dormant for
days or even weeks. The best antimalware programs not only scan for malware upon
entry, but also continuously track files afterward to find anomalies, remove malware,
and fix damage.

Application security

Any software you use to run your business needs to be protected, whether your IT staff
builds it or whether you buy it. Unfortunately, any application may contain holes, or
vulnerabilities, that attackers can use to infiltrate your network. Application security
encompasses the hardware, software, and processes you use to close those holes.

Behavioral analytics

Page 104 of 152

To detect abnormal network behavior, you must know what normal behavior looks like.
Behavioral analytics tools automatically discern activities that deviate from the norm.
Your security team can then better identify indicators of compromise that pose a
potential problem and quickly remediate threats.

Data loss prevention

Organizations must make sure that their staff does not send sensitive information
outside the network. Data loss prevention, or DLP, technologies can stop people from
uploading, forwarding, or even printing critical information in an unsafe manner.

Email security

Email gateways are the number one threat vector for a security breach. Attackers use
personal information and social engineering tactics to build sophisticated phishing
campaigns to deceive recipients and send them to sites serving up malware. An email
security application blocks incoming attacks and controls outbound messages to prevent
the loss of sensitive data.

Firewalls

Firewalls put up a barrier between your trusted internal network and untrusted outside
networks, such as the Internet. They use a set of defined rules to allow or block
traffic. A firewall can be hardware, software, or both. Cisco offers unified threat
management (UTM) devices and threat-focused next-generation firewalls.

Intrusion prevention systems

An intrusion prevention system (IPS) scans network traffic to actively block attacks.
Cisco Next-Generation IPS (NGIPS) appliances do this by correlating huge amounts of
global threat intelligence to not only block malicious activity but also track the
progression of suspect files and malware across the network to prevent the spread of
outbreaks and reinfection.

Mobile device security

Cybercriminals are increasingly targeting mobile devices and apps. Within the next 3
years, 90 percent of IT organizations may support corporate applications on personal
mobile devices. Of course, you need to control which devices can access your network.
You will also need to configure their connections to keep network traffic private.

Network segmentation

Software-defined segmentation puts network traffic into different classifications and

makes enforcing security policies easier. Ideally, the classifications are based on

Page 105 of 152

endpoint identity, not mere IP addresses. You can assign access rights based on role,
location, and more so that the right level of access is given to the right people and
suspicious devices are contained and remediated.

Security information and event management

SIEM products pull together the information that your security staff needs to identify
and respond to threats. These products come in various forms, including physical and
virtual appliances and server software.

VPN

A virtual private network encrypts the connection from an endpoint to a network, often
over the Internet. Typically, a remote-access VPN uses IPsec or Secure Sockets Layer to
authenticate the communication between device and network.

Web security

A web security solution will control your staff’s web use, block web-based threats, and
deny access to malicious websites. It will protect your web gateway on site or in the
cloud. "Web security" also refers to the steps you take to protect your own website.

Wireless security

Wireless networks are not as secure as wired ones. Without stringent security
measures, installing a wireless LAN can be like putting Ethernet ports everywhere,
including the parking lot. To prevent an exploit from taking hold, you need products
specifically designed to protect a wireless network.

SECURITY TECHNIQUES
PASSWORD

Passwords are like keys to your personal home online. You should do everything you
can prevent people from gaining access to your password. You can also further secure
your accounts by using additional authentication methods.

Passwords

Passwords can be inconvenient, but they’re important if you want to keep your
information safe.

Protecting your personal information starts with STOP. THINK. CONNECT.: take security
precautions, think about the consequences of your actions online and enjoy the
Internet with peace of mind. Here are some simple ways to secure your accounts
through better password practices.

Page 106 of 152

  Make your password a sentence: A strong password is a sentence that is at
least 12 characters long. Focus on positive sentences or phrases that you like to
think about and are easy to remember (for example, ―I love country music.‖). On
many sites, you can even use spaces!
 Unique account, unique password: Having separate passwords for every
account helps to thwart cybercriminals. At a minimum, separate your work and
personal accounts and make sure that your critical accounts have the strongest
passwords.
 Write it down and keep it safe: Everyone can forget a password. Keep a list
that’s stored in a safe, secure place away from your computer. You can
alternatively use a service like a password manager to keep track of your
passwords.

ENCRYPTION TECHNIQUES
encryption is the process of encoding a message or information in such a way that
only authorized parties can access it. Encryption does not of itself prevent interference,
but denies the intelligible content to a would-be interceptor. In an encryption scheme,
the intended information or message, referred to as plaintext, is encrypted using an
encryption algorithm, generating ciphertext that can only be read if decrypted. For
technical reasons, an encryption scheme usually uses a pseudo-random encryption key
generated by an algorithm. It is in principle possible to decrypt the message without
possessing the key, but, for a well-designed encryption scheme, considerable
computational resources and skills are required. An authorized recipient can easily
decrypt the message with the key provided by the originator to recipients but not to
unauthorized users.

Types

Symmetric key / Private key

In symmetric-key schemes, the encryption and decryption keys are the same.
Communicating parties must have the same key before they can achieve secure
communication.

Public key

In public-key encryption schemes, the encryption key is published for anyone to use
and encrypt messages. However, only the receiving party has access to the decryption
key that enables messages to be read.Public-key encryption was first described in a
secret document in 1973; before then all encryption schemes were symmetric-key (also
called private-key).A publicly available public key encryption application called Pretty
Good Privacy (PGP) was written in 1991 by Phil Zimmermann, and distributed free of

Page 107 of 152

charge with source code; it was purchased by Symantec in 2010 and is regularly
updated.

Uses

Encryption has long been used by militaries and governments to facilitate secret
communication. It is now commonly used in protecting information within many kinds
of civilian systems. For example, the Computer Security Institute reported that in 2007,
71% of companies surveyed utilized encryption for some of their data in transit, and
53% utilized encryption for some of their data in storage Encryption can be used to
protect data "at rest", such as information stored on computers and storage devices
(e.g. USB flash drives). In recent years, there have been numerous reports of
confidential data, such as customers' personal records, being exposed through loss or
theft of laptops or backup drives. Encrypting such files at rest helps protect them should
physical security measures fail. Digital rights management systems, which prevent
unauthorized use or reproduction of copyrighted material and protect software against
reverse engineering (see also copy protection), is another somewhat different example
of using encryption on data at rest

In response to encryption of data at rest, cyber-adversaries have developed new types

of attacks. These more recent threats to encryption of data at rest include
cryptographic attacks, stolen ciphertext attacks, attacks on encryption keys, insider
attacks, data corruption or integrity attacks, data destruction attacks, and ransomware
attacks. Data fragmentation and active defense data protection technologies attempt to
counter some of these attacks, by distributing, moving, or mutating ciphertext so it is
more difficult to identify, steal, corrupt, or destroy.

Encryption is also used to protect data in transit, for example data being transferred via
networks (e.g. the Internet, e-commerce), mobile telephones, wireless microphones,
wireless intercom systems, Bluetooth devices and bank automatic teller machines.
There have been numerous reports of data in transit being intercepted in recent years.
Data should also be encrypted when transmitted across networks in order to protect
against eavesdropping of network traffic by unauthorized users

AUTHENTICATION

Authentication is the process of determining whether someone or something is, in fact,

who or what it is declared to be.

Logically, authentication precedes authorization (although they may often seem to be

combined). The two terms are often used synonymously but they are two different
processes.

Authentication vs. authorization

Page 108 of 152

Authentication is a process in which the credentials provided are compared to those on
file in a database of authorized users’ information on a local operating system or within
an authentication server. If the credentials match, the process is completed and the
user is granted authorization for access. The permissions and folders returned define
both the environment the user sees and the way he can interact with it, including hours
of access and other rights such as the amount of allocated storage space.

The process of an administrator granting rights and the process of checking user
account permissions for access to resources are both referred to as authorization. The
privileges and preferences granted for the authorized account depend on the user’s
permissions, which are either stored locally or on the authentication server. The
settings defined for all these environment variables are set by an administrator.

User authentication vs. machine authentication

User authentication occurs within most human-to-computer interactions other than

guest accounts, automatically logged-in accounts and kiosk computer systems.
Generally, a user has to enter or choose an ID and provide their password to begin
using a system. User authentication authorizes human-to-machine interactions in
operating systems and applications as well as both wired and wireless networks to
enable access to networked and Internet-connected systems, applications and
resources.

Password-based authentication

In private and public computer networks (including the Internet), authentication is

commonly done through the use of login IDs (user names) and passwords. Knowledge
of the login credentials is assumed to guarantee that the user is authentic. Each user
registers initially (or is registered by someone else, such as a systems administrator),
using an assigned or self-declared password. On each subsequent use, the user must
know and use the previously declared password. However, password-based
authentication is not considered to provide adequately strong security for any system
that contains sensitive data.

The problem with password-based authentication:

User names are frequently a combination of the individual’s first initial and last name,
which makes them easy to guess. If constraints are not imposed, people often create
weak passwords -- and even strong passwords may be stolen, accidentally revealed or
forgotten. For this reason, Internet business and many other transactions require a
more stringent authentication process.

Password-based authentication weaknesses can be addressed to some extent with

smarter user names and password rules like minimum length and stipulations for
complexity, such as including capitals and symbols. However, password-based

Page 109 of 152

authentication and knowledge-based authentication (KBA) are more vulnerable than
systems that require multiple independent methods.

An authentication factor is a category of credential used for identity verification. The

three most common categories are often described as something you know (the
knowledge factor), something you have (the possession factor) and something you are
(the inherence factor).

Authentication factors:

 Knowledge factors -- a category of authentication credentials consisting of

information that the user possesses, such as a personal identification number
(PIN), a user name, a password or the answer to a secret question.
 Possession factors -- a category of credentials based on items that the user has
with them, typically a hardware device such as a security token or a mobile
phone used in conjunction with a software token.
 Inherence factors -- a category of user authentication credentials consisting of
elements that are integral to the individual in question, in the form of biometric
data.

User location and current time are sometimes considered the fourth factor and fifth
factor for authentication. The ubiquity of smartphones can help ease the burdens of
multifactor authentication for users. Most smartphones are equipped with GPS,
enabling reasonable surety confirmation of the login location. Lower surety measures
include the MAC address of the login point or physical presence verifications through
cards and other possession factor elements.

Types

The most frequent types of authentication available in use for authenticating online
users differ in the level of security provided by combining factors from the one or more
of the three categories of factors for authentication:

Single-factor authentication

As the weakest level of authentication, only a single component from one of the three
categories of factors is used to authenticate an individual’s identity. The use of only one
factor does not offer much protection from misuse or malicious intrusion. This type of
authentication is not recommended for financial or personally relevant transactions that
warrant a higher level of security.

Two-factor authentication

When elements representing two factors are required for authentication, the term two-
factor authentication is applied — e.g. a bankcard (something the user has) and a PIN

Page 110 of 152

(something the user knows). Business networks may require users to provide a
password (knowledge factor) and a pseudorandom number from a security token
(ownership factor). Access to a very-high-security system might require a mantrap
screening of height, weight, facial, and fingerprint checks (several inherence factor
elements) plus a PIN and a day code (knowledge factor elements), but this is still a
two-factor authentication.

Multi-factor authentication

Instead of using two factors as used in 2FA, multiple authentication factors are used to
enhance security of a transaction in comparison to the 2FA authentication process.

Strong authentication

AUTHORIZATION

Authorization is the function of specifying access rights to resources related to

information security and computer security in general and to access control in
particular. More formally, "to authorize" is to define an access policy. For example,
human resources staff is normally authorized to access employee records and this policy
is usually formalized as access control rules in a computer system. During operation,
the system uses the access control rules to decide whether access requests from
(authenticated) consumers shall be approved (granted) or disapproved (rejected).
Resources include individual files or an item's data, computer programs, computer
devices and functionality provided by computer applications. Examples of consumers
are computer users, computer Software and other Hardware on the computer.

 Authorization is a process by which a server determines if the client has

permission to use a resource or access a file.
 Authorization is usually coupled with authentication so that the server has some
concept of who the client is that is requesting access.
 The type of authentication required for authorization may vary; passwords may
be required in some cases but not in others.
 In some cases, there is no authorization; any user may be use a resource or
access a file simply by asking for it. Most of the web pages on the Internet
require no authentication or authorization.

PRIVILEGES

privilege is defined as the delegation of authority over a computer system. A privilege

allows a user to perform an action. Examples of various privileges include the ability to
create a file in a directory, or to read or delete a file, access a device, or have read or
write permission to a socket for communicating over the Internet.Users who have been

Page 111 of 152

delegated extra levels of control are called privileged. Users who lack most privileges
are defined as unprivileged, regular, or normal users.

Privileges can either be automatic, granted, or applied for.

An automatic privilege exists when there is no requirement to have permission to

perform an action. For example, on systems where people are required to log in to a
system to use it, logging out will not require a privilege. Systems that do not implement
file protection - such as MS-DOS - essentially give unlimited privilege to perform any
action on a file.

A granted privilege exists as a result of presenting some credential to the privilege

granting authority. This is usually accomplished by logging on to a system with a
username and password, and if the username and password supplied are correct, the
user is granted additional privileges.

SECURITY THREATS AND OTHER VULNERABILITIES

A vulnerability is a weakness in a system or its design that could be exploited by a

threat. Vulnerabilities are sometimes found in the protocols themselves, as in the case
of some security weaknesses in TCP/IP. Often, the vulnerabilities are in the operating
systems and applications. A vulnerability is a weak spot in your network that might be
exploited by a security threat. Risks are the potential consequences and impacts of
unaddressed vulnerabilities. In other words, failing to do Windows Updates on your
Web server is vulnerability. Some of the risks associated with that vulnerability include
loss of data, hours or days of site downtime and the staff time needed to rebuild a
server after it’s been compromised.

A threat is any potential danger to assets. A threat is realized when someone or

something identifies a specific vulnerability and exploits it, creating exposure. If the
vulnerability exists theoretically but has not yet been exploited, the threat is considered
latent. The entity that takes advantage of the vulnerability is known as the threat agent
or threat vector.

A risk is the likelihood that a particular threat using a specific attack will exploit a
particular vulnerability of a system that results in an undesirable consequence. Although
the roof of the data center might be vulnerable to being penetrated by a falling meteor,
for example, the risk is minimal because the likelihood of that threat being realized is
negligible.

If you have a vulnerability but there is no threat toward that vulnerability, technically
you have no risk.

An exploit happens when computer code is developed to take advantage of a

vulnerability. For example, suppose that a vulnerability exists in a piece of software, but

Page 112 of 152

nobody knows about this vulnerability. Although the vulnerability exists theoretically,
there is no exploit yet developed for it. Because there is no exploit, there really is no
problem yet.

A countermeasure is a safeguard that mitigates a potential risk. A countermeasure

mitigates risk either by eliminating or reducing the vulnerability or by reducing the
likelihood that a threat agent will be able to exploit the risk.

Basic Security Requirements

To provide adequate protection of network resources, the procedures and technologies

that you deploy need to guarantee three things, sometimes referred to as the CIA triad:

 Confidentiality: Providing confidentiality of data guarantees that only

authorized users can view sensitive information.
 Integrity: Providing integrity of data guarantees that only authorized users can
change sensitive information and provides a way to detect whether data has
been tampered with during transmission; this might also guarantee the
authenticity of data.
 Availability of systems and data: System and data availability provides
uninterrupted access by authorized users to important computing resources and
data.

When designing network security, a designer must be aware of the following:

 The threats (possible attacks) that could compromise security

 The associated risks of the threats (that is, how relevant those threats are for a
particular system)
 The cost to implement the proper security countermeasures for a threat
 A cost versus benefit analysis to dete

Kinds of Different Network Threats

Logic Attacks

The majority of security professionals group the various threats to network security in
one of two significant categories. Either they are logic attacks or resource attacks.

Logic attacks are famed for taking advantage of already extant vulnerabilities and bugs
in programs with the stated intention of causing a system to crash. There are cyber
criminals who exploit this attack with the intention of willfully gaining illegal access to
the system, or alternatively of downgrading the performance of a given network.

Page 113 of 152

An example of this type of exploiting weaknesses inherent in platforms and software
includes the Microsoft PNP MS05-039 vulnerability to overflow. Such an attack revolves
around the intruder taking advantage of a stack overflow found in the Windows Plug
and Play, or PnP, service. This can be carried out against the Windows 2000 operating
system without possessing a legitimate user account.

A second example of such a threat to network security concerns the notorious ping of
death. In this vile attack, the perpetrator dispatches ICMP packets off to a system
which will be greater in size than the maximum allowed capacity.

The majority of these sorts of assaults are simply avoided by upgrading software which
proves to be vulnerable or by filtering out particular packet sequences.

Resource Attacks

The second classification of network security threats are resource attacks. Such assaults
are primarily meant to overwhelm important system resources, like RAM and CPU
resources. This is principally accomplished via dispatching numerous forged requests or
IP packets to the network in question.

The vile cyber-criminal is capable of launching a greater and more potent assault in
compromising the integrity of a multitude of hosts and then installing malicious forms of
software. This type of exploit typically results in what is well-known as a botnet or a
zombie. Once the botnet attack has been successful, the assailant is then capable of
launching off additional later assaults from literally thousands of these zombie infected
machines, all with the end goal of compromising a single target victim.

Such malicious programs typically hold the code for starting a myriad of different
attacks, along with a typical infrastructure for communications which allows them to
successfully operate under a remote control feature.

some of the common security threats you may come across:

Malware: Malware is short for ―malicious software.‖ Wikipedia describes malware as a

term used to mean a ―variety of forms of hostile, intrusive, or annoying software or
program code.‖ Malware could be computer viruses, worms, Trojan horses, dishonest
spyware, and malicious rootkits—all of which are defined below.

Computer virus: A computer virus is a small piece of software that can spread from
one infected computer to another. The virus could corrupt, steal, or delete data on your
computer—even erasing everything on your hard drive. A virus could also use other
programs like your email program to spread itself to other computers.

Rogue security software: Have you ever seen a pop-up window that advertises a
security update or alert? It appears legitimate and asks you to click on a link to install

Page 114 of 152

the ―update‖ or ―remove‖ unwanted malicious software that it has apparently detected.
This could be rogue security software designed to lure people into clicking and
downloading malicious software. Microsoft has a useful webpage that describes rogue
security software and how you can protect yourself.

Trojan horse: Users can infect their computers with Trojan horse software simply by
downloading an application they thought was legitimate but was in fact malicious. Once
inside your computer, a Trojan horse can do anything from record your passwords by
logging keystrokes (known as a keystroke logger) to hijacking your webcam to watch
and record your every move.

These viruses are intended solely to permit the computer hacker the ability to remotely
access the targeted computer. This is accomplished easily after such a Trojan horse is
installed on the computer. Such operations which the cyber hacker is then able to
engage in on the machine are limited by the Trojan horse’s design, as well as by user
privileges on the computer in question. They include the following:

 Stealing of data, such as credit card data or passwords

 Utilization of the computer as a portion of a botnet attack, for spamming or
creating Denial of service attacks
 Uploading or downloading of files
 Software installation, such as additional malware
 Keystroke logging
 Deletion or modification of files
 Wasting of computer storage and memory resources
 Viewing the screen of the user
 Causing the computer to crash

Malicious spyware: Malicious spyware is used to describe the Trojan application that
was created by cybercriminals to spy on their victims. An example would be keylogger
software that records a victim’s every keystroke on his or her keyboard. The recorded
information is periodically sent back to the originating cybercriminal over the Internet.
Keylogging software is widely available and is marketed to parents or businesses that
want to monitor their kids’ or employees’ Internet usage.

Computer worm: A computer worm is a software program that can copy itself from
one computer to another, without human interaction. Worms can replicate in great
volume and with great speed. For example, a worm can send copies of itself to every
contact in your email address book and then send itself to all the contacts in your
contacts’ address books.

Because of their speed of infection, worms often gain notoriety overnight infecting
computers across the globe as quickly as victims around the world switch them on and
open their email. This happened with the Conficker worm (also known as Downadup),

Page 115 of 152

which, in just four days, had more than tripled the number of computers it infected to
8.9 million.

Botnet: A botnet is a group of computers connected to the Internet that have been
compromised by a hacker using a computer virus or Trojan horse. An individual
computer in the group is known as a ―zombie― computer.

The botnet is under the command of a ―bot herder‖ or a ―bot master,‖ usually to
perform nefarious activities. This could include distributing spam to the email contact
addresses on each zombie computer, for example. If the botnet is sufficiently big in
number, it could be used to access a targeted website simultaneously in what’s known
as a denial-of-service (DoS) attack. The goal of a DoS attack is to bring down a web
server by overloading it with access requests. Popular websites such as Google and
Twitter have been victims of DoS attacks.

Spam: Spam in the security context is primarily used to describe email spam —
unwanted messages in your email inbox. Spam, or electronic junk mail, is a nuisance as
it can clutter your mailbox as well as potentially take up space on your mail server.
Unwanted junk mail advertising items you don’t care for is harmless, relatively
speaking. However, spam messages can contain links that when clicked on could go to
a website that installs malicious software onto your computer.

Phishing: Phishing scams are fraudulent attempts by cybercriminals to obtain private

information. Phishing scams often appear in the guise of email messages designed to
appear as though they are from legitimate sources. For example, the message would
try to lure you into giving your personal information by pretending that your bank or
email service provider is updating its website and that you must click on the link in the
email to verify your account information and password details.

Rootkit: According to TechTarget, a rootkit is a collection of tools that are used to

obtain administrator-level access to a computer or a network of computers. A rootkit
could be installed on your computer by a cybercriminal exploiting a vulnerability or
security hole in a legitimate application on your PC and may contain spyware that
monitors and records keystrokes.

VULNERABILITIES

 Complicated user interface

 Default passwords not changed
 Disposal of storage media without deleting data
 Equipment sensitivity to changes in voltage
 Equipment sensitivity to moisture and contaminants
 Equipment sensitivity to temperature
 Inadequate cabling security

Page 116 of 152

  Inadequate capacity management
 Inadequate change management
 Inadequate classification of information
 Inadequate control of physical access
 Inadequate maintenance
 Inadequate network management
 Inadequate or irregular backup
 Inadequate password management
 Inadequate physical protection
 Inadequate protection of cryptographic keys
 Inadequate replacement of older equipment
 Inadequate security awareness
 Inadequate segregation of duties
 Inadequate segregation of operational and testing facilities
 Inadequate supervision of employees
 Inadequate supervision of vendors
 Inadequate training of employees
 Incomplete specification for software development
 Insufficient software testing
 Lack of access control policy
 Lack of clean desk and clear screen policy
 Lack of control over the input and output data
 Lack of internal documentation
 Lack of or poor implementation of internal audit
 Lack of policy for the use of cryptography
 Lack of procedure for removing access rights upon termination of employment
 Lack of protection for mobile equipment
 Lack of redundancy
 Lack of systems for identification and authentication
 Lack of validation of the processed data
 Location vulnerable to flooding
 Poor selection of test data
 Single copy
 Too much power in one person
 Uncontrolled copying of data
 Uncontrolled download from the Internet
 Uncontrolled use of information systems
 Undocumented software
 Unmotivated employees
 Unprotected public network connections
 User rights are not reviewed regularly

FIREWALL

Page 117 of 152

a firewall is a network security system that monitors and controls the incoming and
outgoing network traffic based on predetermined security rules.[1] A firewall typically
establishes a barrier between a trusted, secure internal network and another outside
network, such as the Internet, that is assumed not to be secure or trusted

Different kinds of Firewalls

Packet filtering

Data travels on the internet in small pieces; these are called packets. Each packet has
certain metadata attached, like where it is coming from, and where it should be sent to.
The easiest thing to do is to look at the metadata. Based on rules, certain packets are
then dropped or rejected. All firewalls can do this. It is done at the network layer

Stateful packet inspection

In addition to the simple packet filtering (above) this kind of firewall also keeps track of
connections. A packet can be the start of a new connection, or it can be part of an
existing connection. If it is neither of the two, it is probably useless and can be
dropped.

Application-layer firewalls

Application-layer firewalls do not just look at the metadata; they also look at the actual
data transported. They know how certain protocols work, for example FTP or HTTP.
They can then look if the data that is in the packet is valid (for that protocol). If it is
not, it can be dropped.

Other things firewalls are used for

Tunnelling

Firewalls can provide a secure connection between two networks. This is called
tunnelling. The data may be encrypted. It is unencrypted at the other end. Since the
firewalls are doing this, the rest of the network is unaware of it. An alternative is to
provide a secure access (to the corporate network).

Network address translation

Very often, firewalls can translate IP addresses. That way, many computers can share a
few public IP addresses. The firewall translates between the public and the private IP
addresses.

Page 118 of 152

Types of firewalls

In general, there are two types of firewalls:

 Software-based firewalls: these are often run as additional programs on

computers that are used for other things. They are often known as personal
firewalls which can be updates on personal computers.

 Hardware-based firewalls: Hardware based firewalls run on a dedicated

computer (or appliance). Often, these offer a better performance than software
firewalls, but they are also more expensive.

What firewalls cannot protect against

Firewalls can protect against some problems (viruses and attacks) that come from the
internet. They cannot protect against viruses, that come from infected media (like an
infected office document on an USB flash drive).

NETWORK DESIGN

Network design refers to the planning of the implementation of a computer network

infrastructure.Network design is generally performed by network designers, engineers,
IT administrators and other related staff. It is done before the implementation of a
network infrastructure. Network design involves evaluating, understanding and scoping
the network to be implemented. The whole network design is usually represented as a
network diagram that serves as the blueprint for implementing the network physically.
Typically, network design includes the following:

 Logical map of the network to be designed

 Cabling structure
 Quantity, type and location of network devices (router, switches, servers)
 IP addressing structure
 Network security architecture and overall network security processes

Network Requirements

When discussing network design, it is useful to categorize networks based on the

number of devices serviced:

 Small network: Provides services for up to 200 devices.

 Medium-size network: Provides services for 200 to 1,000 devices.
 Large network: Provides services for 1,000+ devices.

Network designs vary depending on the size and requirements of the organizations. For
example, the networking infrastructure needs of a small organization with fewer devices

Page 119 of 152

will be less complex than the infrastructure of a large organization with a significant
number of devices and connections.

Structured Engineering Principles

Regardless of network size or requirements, a critical factor for the successful

implementation of any network design is to follow good structured engineering
principles. These principles include

 Hierarchy: A hierarchical network model is a useful high-level tool for designing

a reliable network infrastructure. It breaks the complex problem of network
design into smaller and more manageable areas.
 Modularity: By separating the various functions that exist on a network into
modules, the network is easier to design. Cisco has identified several modules,
including the enterprise campus, services block, data center, and Internet edge.
 Resiliency: The network must remain available for use under both normal and
abnormal conditions. Normal conditions include normal or expected traffic flows
and traffic patterns, as well as scheduled events such as maintenance windows.
Abnormal conditions include hardware or software failures, extreme traffic loads,
unusual traffic patterns, denial-of-service (DoS) events, whether intentional or
unintentional, and other unplanned events.
 Flexibility: The ability to modify portions of the network, add new services, or
increase capacity without going through a major forklift upgrade (i.e., replacing
major hardware devices).

Network planning and design is an iterative process, encompassing topological

design, network-synthesis, and network-realization, and is aimed at ensuring that a new
telecommunications network or service meets the needs of the subscriber and operator.

A network planning methodology

A traditional network planning methodology in the context of business decisions

involves five layers of planning, namely:

 need assessment and resource assessment

 short-term network planning
 IT resource sourcing
 long-term and medium-term network planning
 operations and maintenance.

Each of these layers incorporates plans for different time horizons, i.e. the business
planning layer determines the planning that the operator must perform to ensure that
the network will perform as required for its intended life-span. The Operations and
Maintenance layer, however, examines how the network will run on a day-to-day basis.

Page 120 of 152

The network planning process begins with the acquisition of external information. This
includes:

 forecasts of how the new network/service will operate;

 the economic information concerning costs; and
 the technical details of the network’s capabilities.

Planning a new network/service involves implementing the new system across the first
four layers of the OSI Reference Model.Choices must be made for the protocols and
transmission technologies.

Network planning process involves three main steps:

 Topological design: This stage involves determining where to place the

components and how to connect them. The (topological) optimisation methods
that can be used in this stage come from an area of mathematics called Graph
Theory. These methods involve determining the costs of transmission and the
cost of switching, and thereby determining the optimum connection matrix and
location of switches and concentrators.
 Network-synthesis: This stage involves determining the size of the
components used, subject to performance criteria such as the Grade of Service
(GOS). The method used is known as "Nonlinear Optimisation", and involves
determining the topology, required GoS, cost of transmission, etc., and using this
information to calculate a routing plan, and the size of the components.
 Network realization: This stage involves determining how to meet capacity
requirements, and ensure reliability within the network. The method used is
known as "Multicommodity Flow Optimisation", and involves determining all
information relating to demand, costs and reliability, and then using this
information to calculate an actual physical circuit plan.

These steps are performed iteratively in parallel with one another

Dimensioning

Dimensioning a new network determines the minimum capacity requirements that will
still allow the Teletraffic Grade of Service (GoS) requirements to be met. To do this,
dimensioning involves planning for peak-hour traffic, i.e. that hour during the day
during which traffic intensity is at its peak.

The dimensioning process involves determining the network’s topology, routing plan,
traffic matrix, and GoS requirements, and using this information to determine the
maximum call handling capacity of the switches, and the maximum number of channels
required between the switches.This process requires a complex model that simulates
the behavior of the network equipment and routing protocols.

Page 121 of 152

A dimensioning rule is that the planner must ensure that the traffic load should never
approach a load of 100 percent.To calculate the correct dimensioning to comply with
the above rule, the planner must take on-going measurements of the network’s traffic,
and continuously maintain and upgrade resources to meet the changing requirements.
Another reason for overprovisioning is to make sure that traffic can be rerouted in
case a failure occurs in the network.

Because of the complexity of network dimensioning, this is typically done using

specialized software tools. Whereas researchers typically develop custom software to
study a particular problem, network operators typically make use of commercial
network planning software.

Traffic engineering

Compared to network engineering, which adds resources such as links, routers and
switches into the network, traffic engineering targets changing traffic paths on the
existing network to alleviate traffic congestion or accommodate more traffic demand.

This technology is critical when the cost of network expansion is prohibitively high and
network load is not optimally balanced. The first part provides financial motivation for
traffic engineering while the second part grants the possibility of deploying this
technology.

Survivability

Network survivability enables the network to maintain maximum network connectivity

and quality of service under failure conditions. It has been one of the critical
requirements in network planning and design. It involves design requirements on
topology, protocol, bandwidth allocation, etc.. Topology requirement can be maintaining
a minimum two-connected network against any failure of a single link or node. Protocol
requirements include using dynamic routing protocol to reroute traffic against network
dynamics during the transition of network dimensioning or equipment failures.
Bandwidth allocation requirements pro-actively allocate extra bandwidth to avoid traffic
loss under failure conditions. This topic has been actively studied in conferences, such
as the International Workshop on Design of Reliable Communication Networks

COMPUTER DEVELOPMENT LIFE CYCLE

A systems development life cycle is composed of a number of clearly defined and

distinct work phases which are used by systems engineers and systems developers to
plan for, design, build, test, and deliver information systems. The product life cycle
describes the process for building information systems in a very deliberate, structured
and methodical way, reiterating each stage of the product's life. The system

Page 122 of 152

development life cycle framework provides a sequence of activities for system designers
and developers to follow. It consists of a set of steps or phases in which each phase of
the SDLC uses the results of the previous one.

The SDLC adheres to important phases that are essential for developers, such as
planning, analysis, design, and implementation, and are explained in the section below.
It includes evaluation of present system, information gathering, feasibility study and
request approval. A number of SDLC models have been created: waterfall, fountain,
spiral, build and fix, rapid prototyping, incremental, synchronize and stabilize. The
oldest of these, and the best known, is the waterfall model: a sequence of stages in
which the output of each stage becomes the input for the next. These stages can be
characterized and divided up in different ways, including the following:

 Preliminary analysis: The objective of phase 1 is to conduct a preliminary

analysis, propose alternative solutions, describe costs and benefits and submit a
preliminary plan with recommendations.

Conduct the preliminary analysis: in this step, you need to find out the
organization's objectives and the nature and scope of the problem under study.
Even if a problem refers only to a small segment of the organization itself, you
need to find out what the objectives of the organization itself are. Then you need
to see how the problem being studied fits in with them.
Propose alternative solutions: In digging into the organization's objectives and
specific problems, you may have already covered some solutions. Alternate
proposals may come from interviewing employees, clients, suppliers, and/or
consultants. You can also study what competitors are doing. With this data, you
will have three choices: leave the system as is, improve it, or develop a new
system.

Describe the costs and benefits.

 Systems analysis, requirements definition: Defines project goals into

defined functions and operation of the intended application. It is the process of
gathering and interpreting facts, diagnosing problems and recommending
improvements to the system. Analyzes end-user information needs and also
removes any inconsistencies and incompleteness in these requirements.

A series of steps followed by the developer are:

1. Collection of Facts: End user requirements are obtained through documentation,

client interviews, observation and questionnaires,
2. Scrutiny of the existing system: Identify pros and cons of the current system in-
place, so as to carry forward the pros and avoid the cons in the new system.

Page 123 of 152

 3. Analyzing the proposed system: Solutions to the shortcomings in step two are
found and any specific user proposals are used to prepare the specifications.

 Systems design: Describes desired features and operations in detail, including

screen layouts, business rules, process diagrams, pseudocode and other
documentation.
 Development: The real code is written here.
 Integration and testing: Brings all the pieces together into a special testing
environment, then checks for errors, bugs and interoperability.
 Acceptance, installation, deployment: The final stage of initial development,
where the software is put into production and runs actual business.
 Maintenance: During the maintenance stage of the SDLC, the system is
assessed to ensure it does not become obsolete. This is also where changes are
made to initial software. It involves continuous evaluation of the system in terms
of its performance.
 Evaluation: Some companies do not view this as an official stage of the SDLC,
while others consider it to be an extension of the maintenance stage, and may
be referred to in some circles as post-implementation review. This is where the
system that was developed, as well as the entire process, is evaluated. Some of
the questions that need to be answered include: does the newly implemented
system meet the initial business requirements and objectives? Is the system
reliable and fault-tolerant? Does the system function according to the approved
functional requirements? In addition to evaluating the software that was
released, it is important to assess the effectiveness of the development process.
If there are any aspects of the entire process, or certain stages, that
management is not satisfied with, this is the time to improve. Evaluation and
assessment is a difficult issue. However, the company must reflect on the
process and address weaknesses.
 Disposal: In this phase, plans are developed for discarding system information,
hardware and software in making the transition to a new system. The purpose
here is to properly move, archive, discard or destroy information, hardware and
software that is being replaced, in a manner that prevents any possibility of
unauthorized disclosure of sensitive data. The disposal activities ensure proper
migration to a new system. Particular emphasis is given to proper preservation
and archival of data processed by the previous system. All of this should be done
in accordance with the organization's security requirements

HARDWARE AND SOFTWARE SELECTION CRITERIA

There is a bewildering array of IT hardware, software, and services available to
businesses today.

Selecting hardware and software for implementing information system in an

organization is a serious and time-consuming process that passes through several
phases

Page 124 of 152

The main steps of the selection process are listed below:

1. Requirement analysis: - System configuration requirements are clearly identified and

a decision to acquire the system is taken in this step.

2. Preparation of tender specifications: - After studying the feasibility and deciding upon
the configuration, tender documents are prepared for the benefit of vendors to clarify
the details of various specifications, as listed below.

I) Purchase procedure and schedule: it includes

a) Date of tender submission

b) Evaluation criteria

c) Scope for negotiations, if any and

d) Expected usage environment and load pattern

ii) Equipment specification

Detailed technical specifications of each item required for both mandatory and optional
items.

II) Quotation format:

a) Format for stating technical details and quoting prices

b) Whether deviations from specifications should be specifically listed

c) Prices and levies (duties, taxes etc.) could be quoted as lumpsum or required
separately.

d) Required validity of the quotation.

e) Earnest money deposit required, if any.

III) Proposed terms of contract

a) Expected delivery schedule.

b) Uptime warranties required

c) Penalty clause, if any

d) Payment terms (Whether advance payment acceptable)

Page 125 of 152

e) Arbitrary clauses

f) Training needs.

g) Post warranty maintenance terms expected.

v) Any additional information required.

3. Inviting tenders: - After the preparation of tender specifications, tenders are invited.
Invitation of tenders may depend upon the magnitude of purchase (estimate equipment
cost). It may be through

i) Open tender (through newspaper advertisement)

ii) Limited tender (queries sent to a few selected vendors)

iii) Propriety purchase (applies mostly to upgrade requirements)

iv) Direct purchase from market. (applies mostly to consumables)

4. Technical scrutiny and short listing: - This step involves the following activities.

i) All tendered bids are opened on a pre-defined date and time.

ii) Deviations from the specifications, if any, in each bid are noted.

iii) A comparative summery is prepared against the list of tendered technical features.

Additional factors to considered are:

i) Financial health of the vendor (from balance sheets)

ii) Nature and extent of support

(from information provided on number of support staff per installed site an cross-check
with selected customers)

iii) Engineering quality pf products(factory inspection of product facilities, QA

procedures and R&D)

5. Detailed evaluation of short listed vendors: - This step primarily involves getting any
finer technical clarifications. Visits to customer sites and factory inspections may be
planned. If any specific performance requirement is stipulated, the offered product is to

Page 126 of 152

be examined at this stage through suitable benchmark tests. For benchmark tests,
standard benchmarks may be used as adequate performance indicators.

6. Negotiation and procurement decision: - Because of the extensive competition,

computer system vendors may offer significant concessions. Negotiations are held to
maximize these concessions. However, price negotiations are often not permitted by
some organizations.

When price negotiations are permitted, the committee members should have a good
knowledge of the prevailing market prices, current trends, and also the duty/tax
structure.

i) Computer magazines

ii) Vendor directories.

iii) Contact with other users

iv) Past personal experience.

7. Delivery and installation: - In this step, the vendor delivers the hardware/software
to the buyer’s organization, where it is matched with the specifications mentioned in the
purchase order. If conforms to these specifications, the vendor installs the system in
the premises of the organization.

8. Post-installation review: - After the system is installed, a system evaluation is made

to determine how closely the new system conforms to the plan. A post-installation
review, in which system specifications and user requirements are audited, is made. The
feedback obtained in this step helps in taking corrective decision.

Hardware Selection Criteria

 Hardware must support current software as well as software planned for

procurement over the next planning interval [year, 18 months, three years]
 Hardware must be compatible with existing or planned networks
 Hardware must be upgradeable and expandable to meet the needs of the next
planning interval
 Hardware warranties must be of an appropriate length
 Hardware maintenance must be performed by [local/remote vendor, in-house
personnel]
 Whenever feasible, hardware standards will dictate procurement of like brands
and configurations to simplify installation and support
 Routine assessments of installed infrastructure will feed an upgrade/replace
decision process

Page 127 of 152

Software Selection Criteria

 Software must be compatible with current and future hardware over the next
planning interval
 Software maintenance and warranties must be of appropriate length and cost
 Sotware help desk must be maintained by [vendor, third party, in-house
personnel]
 Software must be standardized throughout the business to improve purchasing
power, simplify training, and facilitate support
 Software must comply with current standards set by technology leadership
 Software must support and enhance business goals

In addition to these hardware and software selection criteria, it is important to evaluate

the proposed vendors on several criteria, including:

Stability — Vendor's attributes such as length of operations, size of customer base,

size of income and revenue, company size, leadership, stock history and more can
affect a technology purchasing decision

Proven Track Record — A vendor's experience not only in the broader market but in
your business' specific industry can be key

Business Model Fit — If the vendor is offering, for example, software as a service,
but your business isn't always Internet-connected, this business model mismatch could
rule out the vendor

Mature Technology — You want to see continuity in the vendor's offerings. If the
vendor has been through a series of acquisitions and is just now integrating new
technology with an old line of business, you may want to obtain assurances on the
longevity of the vendor's solution.

Service Level Agreements — Unfortunately, most vendor Service Level Agreements

(SLAs) aren't worth the paper they are printed on.

TCP/IP PROTOCOLS
MEANING OF CONCEPTS

1. TCP

The Transmission Control Protocol (TCP) is one of the main protocols of the
Internet protocol suite. It originated in the initial network implementation in which it
complemented the Internet Protocol (IP). Therefore, the entire suite is commonly

Page 128 of 152

referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a
stream of octets between applications running on hosts communicating by an IP
network. Major Internet applications such as the World Wide Web, email, remote
administration, and file transfer rely on TCP. Applications that do not require reliable
data stream service may use the User Datagram Protocol (UDP), which provides a
connectionless datagram service that emphasizes reduced latency over reliability.
Transmission Control Protocol (TCP) is a Transport Layer host-to-host protocol that
provides reliable, connection-oriented communication over IP networks between two
endpoints. TCP uses virtual ports to create a virtual end-to-end connection that can
reuse the physical connections between two computers. TCP is encapsulated within the
data field of IP datagrams and TCP encapsulates higher level protocol data such as
HTTP (web), SMTP (email) and many other protoocols.

Functions Performed By TCP

Despite the complexity of TCP, its basic operation can be reasonably simplified by
describing its primary functions. The following are what I believe to be the five main
tasks that TCP performs:

o Addressing/Multiplexing: TCP is used by many different applications for their

transport protocol. Therefore, like its simpler sibling UDP, an important job for
TCP is multiplexing the data received from these different processes so they can
be sent out using the underlying network-layer protocol. At the same time, these
higher-layer application processes are identified using TCP ports.

o Connection Establishment, Management and Termination: TCP provides

a set of procedures that devices follow to negotiate and establish a TCP
connection over which data can travel. Once opened, TCP includes logic for
managing connections and handling problems that may result with them. When a
device is done with a TCP connection, a special process is followed to terminate
it.

o Data Handling and Packaging: TCP defines a mechanism by which

applications are able to send data to it from higher layers. This data is then
packaged into messages to be sent to the destination TCP software. The
destination software unpackages the data and gives it to the application on the
destination machine.

o Data Transfer: Conceptually, the TCP implementation on a transmitting device

is responsible for the transfer of packaged data to the TCP process on the other
device. Following the principle of layering, this is done by having the TCP
software on the sending machine pass the data packets to the underlying
network-layer protocol, which again normally means IP.

Page 129 of 152

 o Providing Reliability and Transmission Quality Services: TCP includes a
set of services and features that allow an application to consider the sending of
data using the protocol to be ―reliable‖. This means that normally, a TCP
application doesn't have to worry about data being sent and never showing up,
or arriving in the wrong order. It also means other common problems that might
arise if IP were used directly are avoided.

o Providing Flow Control and Congestion Avoidance Features: TCP allows

the flow of data between two devices to be controlled and managed. It also
includes features to deal with congestion that may be experienced during
communication between devices.

The TCP/IP Layered Architecture

advantages of tcp

 the operating system does all the work. you just sit back and watch the show. no
need to have the same bugs in your code that everyone else did on their first
try; it's all been figured out for you.
 since it's in the os, handling incoming packets has fewer context switches from
kernel to user space and back; all the reassembly, acking, flow control, etc is
done by the kernel.

Page 130 of 152

  tcp guarantees three things: that your data gets there, that it gets there in order,
and that it gets there without duplication. (the truth, the whole truth, and
nothing but the truth...)
 routers may notice tcp packets and treat them specially. they can buffer and
retransmit them, and in limited cases preack them.
 tcp has good relative throughput on a modem or a lan.

Disadvantages of TCP

 the operating system may be buggy, and you can't escape it. it may be
inefficient, and you have to put up with it. it may be optimized for conditions
other than the ones you are facing, and you may not be able to retune it.
 tcp makes it very difficult to try harder; you can set a few socket options, but
beyond that you have to tolerate the built in flow control.
 tcp may have lots of features you don't need. it may waste bandwidth, time, or
effort on ensuring things that are irrelevant to the task at hand.
 tcp has no block boundaries; you must create your own.
 routers on the internet today are out of memory. they can't pay much attention
to tcp flying by, and try to help it. design assumptions of tcp break down in this
environment.
 tcp has relatively poor throughput on a lossy, high bandwidth, high latency link,
such as a satellite connection or an overfull t1.
 tcp cannot be used for broadcast or multicast transmission.
 tcp cannot conclude a transmission without all data in motion being explicitly
acked.

Disadvantages of UDP
 there are no guarantees with udp. a packet may not be delivered, or delivered
twice, or delivered out of order; you get no indication of this unless the listening
program at the other end decides to say something. tcp is really working in the
same environment; you get roughly the same services from ip and udp.
however, tcp makes up for it fairly well, and in a standardized manner.
 udp has no flow control. implementation is the duty of user programs.
 routers are quite careless with udp. they never retransmit it if it collides, and it
seems to be the first thing dropped when a router is short on memory. udp
suffers from worse packet loss than tcp.

Advantages of UDP

 it doesn't restrict you to a connection based communication model, so startup

Page 131 of 152

 latency in distributed applications is much lower, as is operating system
overhead.

 all flow control, acking, transaction logging, etc is up to user programs; a broken
os implementation is not going to get in your way. additionally, you only need to
implement and use the features you need.

 the recipient of udp packets gets them unmangled, including block boundaries.

 broadcast and multicast transmission are available with udp.

Disadvantages of TCP for file transfer

 startup latency is significant. it takes at least twice rtt to start getting data back.

 tcp allows a window of at most 64k, and the acking mechanism means that
packet loss is misdetected. tcp stalls easily under packet loss. tcp is more
throttled by rtt than bandwidth.

 tcp transfer servers have to maintain a separate socket (and often separate
thread) for each client.

 load balancing is crude and approximate. especially on local networks that allow
collisions, two simultaneous tcp transfers have a tendency to fight with each
other, even if the sender is the same.

Advantages of UDP for file transfer

 latency can be as low as rtt if the protocol is suitably designed.

 flow control is up to user space; windows can be infinite, artificial stalls

nonexistant, latency well tolerated, and maximum speeds enforced only by real
network bandwidth, yet actual speeds chosen by agreement of sender and
receiver.

 receiving an image simultaneously from multiple hosts is much easier with udp,
as is sending one to multiple hosts, especially if they happen to be part of the
same broadcast or multicast group.

TCP vs. UDP

TCP UDP

Page 132 of 152

  Connection-Oriented  Connectionless

 Reliability in delivery of  No attempt to fragment messages

messages
 No reassembly and synchronization
 Splitting messages into
 In case of error, message is
datagrams
retransmitted
 Keep track of order (or
 No acknowledgment
sequence)

 Use checksums for detecting

errors

 Remote procedures are not  Remote procedures are idempotent

idempotent
 Server and client messages fit
 Reliability is a must completely within a packet

 Messages exceed UDP packet  The server handles multiple clients

size (UDP is stateless)

TCP HEADER

The Transmission Control Protocol (TCP) header is the first 24 bytes of a TCP segment
that contains the parameters and state of an end-to-end TCP socket. The TCP header is
used to track the state of communication between two TCP endpoints. Since TCP
segments are inserted (encapsulated) in the payload of the IP packet the TCP header
immediately follows the IP header during transmission. TCP does not need to keep
track of which systems are communicating, it only needs to track which end to end
sockets are currently open. Internet Protocol handles the logical addressing, routing
and host-to-host connectivity.

TCP uses port numbers on each side of the connection to track the connection
endpoints, state bits such as SYN, ACK, RST, FIN, sequence numbers and
acknowledgement numbers to track the communication at each step in transmission.

An example of a TCP header is shown below.

TCP Packet Diagram

Source Port Destination Port

Page 133 of 152

 (0 - 65535) (0 - 65535)
Sequence Number
(0 - 4294967295)
Acknowledgement Number
(0 - 4294967295)
U A P R S F
Data
Reserved R C S S Y I Window
Offset
G K H T N N

Checksum
Urgent Pointer
(CRC-Check)

Options Padding

Data

TCP 'Packet'
Bits Usage
Field

The TCP Source Port is the port number used by the

Source Port computer sending the TCP segment and is usually a
16
number above 1024 (but not always).

The TCP Destination Port is the port number used by the

Destination
computer receiving the TCP packet and is usually a number
Port 16
below 1024 (but not always).

Used for segmentation of application data into TCP

segments and reassembling them on the other side. The
sequence number helps the TCP software on both sides
Sequence
keep track of how much data has been transferred and to
Number 32
put the data back into the correct order if it is received in
the wrong order, and to request data when it has been lost
in transit.

Data Offset The TCP Data Offset indicates number of bytes into the
4
TCP packet where data can be found Thus, it actually

Page 134 of 152

 indicates the number of bytes in the TCP header and allows
the receiver to jump directly to the data.

Reserved 6

URG
Urgent Flag 1

ACK
Acknowledgement 1 Used during 3-way handshake and data transfers.
Flag

PSH Used for TCP push, which returns the buffer to the user
Push Flag 1 application. Used primarilly in streaming.

RST
Used to reset a TCP connection
Reset Flag 1

SYN
Used during 3-way handshake
Synchronize Flag 1

FIN
Indicates end of the TCP session
End of data 1

Window Number of octets in the TCP header

16

A Cyclic Redundancy Check (CRC) checksum is calculated

by the sender and added to this field before transmission.
Checksum This field is used by the receiver to verify the integrity of
16
the data in the TCP payload and rejects data that fails the
CRC check.

Points to the end of "urgent" data in the packet, but this

Urgent Pointer
16 field only exists if the URG flag is set.

Options Varies

Padding Varies

Page 135 of 152

 This field contains a segment of data from the user
Data
Varies application, such as part of an email or web page.

3 WAY HAND SHAKE

Before the sending device and the receiving device start the exchange of data, both
devices need to be synchronized. During the TCP initialization process, the sending
device and the receiving device exchange a few control packets for synchronization
purposes. This exchange is known as Three-way handshake. A three-way handshake is
primarily used to create a TCP socket connection. It works when:

 A client node sends a SYN data packet over an IP network to a server on the
same or an external network. The objective of this packet is to ask/infer if the
server is open for new connections.
 The target server must have open ports that can accept and initiate new
connections. When the server receives the SYN packet from the client node, it
responds and returns a confirmation receipt – the ACK packet or SYN/ACK
packet.
 The client node receives the SYN/ACK from the server and responds with an ACK
packet.

Upon completion of this process, the connection is created and the host and server can
communicate. The Three-way handshake begins with the initiator sending a TCP
segment with the SYN control bit flag set.TCP allows one side to establish a connection.
The other side may either accept the connection or refuse it. If we consider this from
application layer point of view, the side that is establishing the connection is the client
and the side waiting for a connection is the server.

TCP identifies two types of OPEN calls:

Active Open. In an Active Open call a device (client process) using TCP takes the active
role and initiates the connection by sending a TCP SYN message to start the
connection.

Passive Open A passive OPEN can specify that the device (server process) is waiting for
an active OPEN from a specific client. It does not generate any TCP message segment.
The server processes listening for the clients are in Passive Open mode.

Page 136 of 152

TCP Three-way Handshake

Step 1. Device A (Client) sends a TCP segment with SYN = 1, ACK = 0, ISN (Initial
Sequence Number) = 2000.

An Initial Sequence Number (ISN) is a random Sequence Number, allocated for the first
packet in a new TCP connection.

The Active Open device (Device A) sends a segment with the SYN flag set to 1, ACK
flag set to 0 and an Initial Sequence Number 2000 (For Example), which marks the
beginning of the sequence numbers for data that device A will transmit. SYN is short for
SYNchronize. SYN flag announces an attempt to open a connection.

Step 2. Device B (Server) receives Device A's TCP segment and returns a TCP segment
with SYN = 1, ACK = 1, ISN = 5000 (Device B's Initial Sequence Number),
Acknowledgment Number = 2001 (2000 + 1, the next sequence number Device B
expecting from Device A).

Step 3. Device A sends a TCP segment to Device B that acknowledges receipt of Device
B's ISN, With flags set as SYN = 0, ACK = 1, Sequence number = 2001,
Acknowledgment number = 5001 (5000 + 1, the next sequence number Device A
expecting from Device B)

This handshaking technique is referred to as TCP Three-way handshake or SYN, SYN-

ACK, ACK. After the Three-way handshake, the connection is open and the participant
computers start sending data using the agreed sequence and acknowledge numbers.

Page 137 of 152

Three of the most common TCP/IP protocols

 HTTP - Used between a web client and a web server, for non-secure data
transmissions. A web client (i.e. Internet browser on a computer) sends a
request to a web server to view a web page. The web server receives that
request and sends the web page information back to the web client.
 HTTPS - Used between a web client and a web server, for secure data
transmissions. Often used for sending credit card transaction data or other
private data from a web client (i.e. Internet browser on a computer) to a web
server.
 FTP - Used between two or more computers. One computer sends data to or
receives data from another computer directly.
 TCP State machine:

State Description
CLOSE-WAIT Waits for a connection termination request from the remote host.
CLOSED Represents no connection state at all.
Waits for a connection termination request acknowledgment from the
CLOSING
remote host.
Represents an open connection, data received can be delivered to the
ESTABLISHED
user. The normal state for the data transfer phase of the connection.
Waits for a connection termination request from the remote host or an
FIN-WAIT-1
acknowledgment of the connection termination request previously sent.
FIN-WAIT-2 Waits for a connection termination request from the remote host.
Waits for an acknowledgment of the connection termination request
LAST-ACK previously sent to the remote host (which includes an acknowledgment
of its connection termination request).
LISTEN Waits for a connection request from any remote TCP and port.
SYN- Waits for a confirming connection request acknowledgment after having
RECEIVED both received and sent a connection request.
Waits for a matching connection request after having sent a connection
SYN-SENT
request.
Waits for enough time to pass to be sure the remote host received the
TIME-WAIT
acknowledgment of its connection termination request.

IP(INTERNET PROTOCOL)

Page 138 of 152

The Internet Protocol (IP) is the principal communications protocol in the Internet
protocol suite for relaying datagrams across network boundaries. Its routing function
enables internetworking, and essentially establishes the Internet.IP has the task of
delivering packets from the source host to the destination host solely based on the IP
addresses in the packet headers. For this purpose, IP defines packet structures that
encapsulate the data to be delivered. It also defines addressing methods that are used
to label the datagram with source and destination information.

FUNCTIONS OF IP

IP has four basic functions (or more accurately, function sets):

o Addressing: In order to perform the job of delivering datagrams, IP must know

where to deliver them to! For this reason, IP includes a mechanism for host
addressing. Furthermore, since IP operates over internetworks, its system is
designed to allow unique addressing of devices across arbitrarily large networks.
It also contains a structure to facilitate the routing of datagrams to distant
networks if that is required.
.

o Data Encapsulation and Formatting/Packaging: As the TCP/IP network

layer protocol, IP accepts data from the transport layer protocols UDP and TCP.
It then encapsulates this data into an IP datagram using a special format prior to
transmission.

o Fragmentation and Reassembly: IP datagrams are passed down to the data

link layer for transmission on the local network. However, the maximum frame
size of each physical/data-link network using IP may be different. For this
reason, IP includes the ability to fragment IP datagrams into pieces so they can
each be carried on the local network. The receiving device uses the reassembly
function to recreate the whole IP datagram again.

IPv4 Datagram Format

0 4 8 12 16 20 24 28
Version IHL Service Type Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source address
Destination address
Options + Padding (0 or more 32-bit words)
Data
More Data ...

Page 139 of 152

Header Contents
Version

Version of the IP protocol which determines how to interpret the header.

Currently the only permitted values are 4 (0100) or 6 (0110). The header format
shown here is valid for IPv4 only.

IHL

Length of header as a number of 32-bit words

Type of service

This field is is often ignored by current routers but is meant to allow traffic to be
prioritised (among other things).

Total Length

The length of the entire datagram including header and data: maximum
permitted it 65,535 bytes or 64K.

Identification, Flags and Fragment Offset

These values allow datagrams to be fragmented for transmission and

reassembled at the destination

Time to live

An integer which is decremented at each router "hop"; supposed to be

interpreted as a number of seconds but more often treated as a "hop count". If
the value reaches zero the datagram is discarded and an ICMP message is sent
to the source host.

Protocol

Identifies the transport-layer protocol which will interpret the Data section. This
will typically be TCP or UDP but other values are possible.

Header checksum

This is used to verify the header, and is recomputed at each router hop. This
field is left out of IPv6 which relies on the transport layer for verification.

Addresses and Options

Page 140 of 152

 These are 32-bit IP addresses which identify the network and host address. Note
that IP does not have to specify addresses of any intermediate nodes; this can
be left to the router. Routing requirements can also be specified in the Options
field, along with options to do with security and debugging.

TYPES OF DATA FLOW/TRANSMISSION MODES IN COMPUTER NETWORKS

Transmission mode means transferring of data between two devices. It is also called
communication mode. These modes direct the direction of flow of information. There
are three types of transmission mode. They are :

 Simplex Mode
 Half duplex Mode
 Full duplex Mode

SIMPLEX Mode

In this type of transmission mode data can be sent only through one direction i.e.
communication is unidirectional. We cannot send a message back to the sender.
Unidirectional communication is done in Simplex Systems.

Examples of simplex Mode is loudspeaker, television broadcasting, television and

remote, keyboard and monitor etc.

HALF DUPLEX Mode

In half duplex system we can send data in both directions but it is done one at a time
that is when the sender is sending the data then at that time we can’t send the sender
our message. The data is sent in one direction.

Page 141 of 152

Example of half duplex is a walkie- talkie in which message is sent one at a time and
messages are sent in both the directions.

FULL DUPLEX Mode

In full duplex system we can send data in both directions as it is bidirectional. Data can
be sent in both directions simultaneously. We can send as well as we receive the data.

Example of Full Duplex is a Telephone Network in which there is communication

between two persons by a telephone line, through which both can talk and listen at the
same time.

In full duplex system there can be two lines one for sending the data and the other for
receiving data.

COMMUNICATION SOFTWARE

Page 142 of 152

Meaning of terms

Computer software

Computer software, or simply software, is that part of a computer system that

consists of data or computer instructions, in contrast to the physical hardware from
which the system is built. In computer science and software engineering, computer
software is all information processed by computer systems, programs and data.
Computer software includes computer programs, libraries and related non-executable
data, such as online documentation or digital media. Computer hardware and software
require each other and neither can be realistically used on its own

Network software

A general phrase for software that is designed to help set up, manage, and/or monitor
computer networks. Networking software applications are available to manage and
monitor networks of all sizes, from the smallest home networks to the largest enterprise
networks.Networking software is a foundational element for any network. It helps
administrators deploy, manage and monitor a network. Traditional networks are made
up of specialized hardware, such as routers and switches, that bundle the networking
software into the solution. Software-defined networking (SDN) separates that software
from the hardware, making it easier to innovate and adapt the network to quickly meet
changing network demands.

Networking software is not the same as software applications. Network software

exposes the inner-workings of the network to administrators, while software
applications enable end users to perform specific tasks. Network software is ―invisible‖
to end users – it is simply used to facilitate the access those users have to network
resources, in a seamless way.

The basic functionality of network software includes:

 User management – enables administrators to add or remove users from the

network.
 File management – allows administrators to define the location of data storage
and user access to that data.

Network software allows multiple devices, such as desktops, laptops, mobile phones,
tablets, and other systems to connect to one another, as well as other networks. The
Internet is a prime example of a globally connected system of servers and computers
that relies on networking software to ensure accessibility by end users.

TYPES OF COMMUNICATION SOFTWARE

Page 143 of 152

Communications Software is a set of web applications that make it possible for team
members to exchange data and discuss corporate operations in real time. You can use
it to transmit information from one system to another, exchange files in various
formats, or simply discuss sensitive corporate data in a protected, internal environment.

Popular communication software types are messaging apps, live chat systems, FTPs
(file transfer protocols), VoIP, and email providers which make it possible to
communicate at low to no cost.

more types of Communications Software are as described below:

Unified Communications Software and Call Center Software: These software

products are a suite that offer features such as email or telephony management tools,
PBX (Private Branch Exchange), and Voice over Internet Protocol (VoIP). They are used
in call centers and companies with a huge amount of telephone lines.

Web Conferencing and Video Software: This type of software is used for
conducting online meetings and webinars with video connection on desktop and mobile,
and includes document and screen sharing capabilities.

Live Chat: This type of software is installed on websites to enable businesses to

provide personalized customer support. It provides reports on the browsing behavior of
website visitors which can be used to create customized chat and support experiences.
The data can also be used to create and manage advertising campaigns.

Email Software - all types for email software

Wireless Software - all types of wireless related software

Broadcast Software - including MP3s, audio recording and call recording software

Telephony Software - IVR and telephony related applications

Internet Communication Software - all types of internet communication software

Instant Communication Software - including web based instant messaging, and peer to
peer messaging.

Voicemail Software - voicemail software solutions and recording

Messaging Software - all types of messaging and related programs

Mass Communciation - tools and utilities for mass communication

Page 144 of 152

Paging Software - software for paging

SMS Communication Software - SMS messaging related software

Key Features of Communications Software

 Cloud PBX – Utilizes the benefits of cloud service to offer a phone system over
the internet.
 Auto-Receptionist – Handles and forwards calls automatically without manual
aid.
 Call Forwarding – Forwards calls accurately to the right internal unit and
individual employee.
 Call Recording – Helps to record calls for future reference and training
purposes.
 Video Conferencing – You can conduct virtual meetings with team members in
diverse locations around the world.
 Audio Conferencing – You can chat with team members in other locations
through this feature.
 Internet Fax – Makes use of internet protocol to send faxes.
 Voicemail and Greeting – Offers a bunch of greetings as well as voicemail
facility to record messages when you are not available.
 Multi-level IVR – Expands the capability of the auto-receptionist feature to
manage large volume of incoming calls.

Benefits of Communications Software

The best communications software for you business is supposed to offer the following
benefits:

 Improve Your Communication Capabilities: An integrated communications

system can help to automate communication processes so that users are able to
communicate effectively with one another regardless of device, location, or
media type.
 Boost Personal and Business Productivity: A scalable solution can offer
quick payback and improve performance and speed in a high volume
atmosphere.
 Increase Accuracy: Minimize manual intervention and boost the reliability,
accuracy, and speed of information exchange between users.
 Gain Flexibility: Scale the range and number of communication channels to
keep up with the growing requirements of your business.

Page 145 of 152

  Improve Compliance: Use centralized rights management and tracking to
capture all important communication events in accordance with regulatory
requirements.
 Reduce Administration and Infrastructure Costs: Use a consolidated
communications solution to minimize the cost of maintaining multiple device-
specific channels.

TYPES OF NETWORK SOFTWARE

Network software, which operates over a network rather than on an individual

computer, may perform tasks that supplement, enable or replace end-user software.
Network-based antivirus software supplements desktop antivirus software. Network
messaging server software enables end-user computers to send instant messages back
and forth. And server application software, such as Customer Relationship Management
software, replaces end-user contact management software. All network software shares
the common goal of increasing productivity and improving security for network users.

Types

Network-based versions of desktop software exist for numerous software types, with
the greatest number of varieties concentrated in areas such as communications and
security. Network software for communications includes email, instant message,
teleconferencing and video conferencing applications. Network software for security
includes antivirus, spam filtering, firewall and data-access management applications.
Although they are less common, network software versions of office productivity tools,
such as spreadsheets and word processors, are beginning to proliferate.

Benefits

The advantages of network software compared to desktop software include centralized

management and reduced end-user technical support problems. For example, if a
particular desktop software application stores all its data on a network share, the
danger of data being lost when an end-user accidentally damages his computer
diminishes.

Considerations

The centralized nature of network software entails that if the network application fails,
all the users trying to connect to the application will be unable to do so. The failure of a
single network software application can result in widespread productivity decreases.

Potential

Page 146 of 152

The types and uses of network software can evolve as wireless networking technology
becomes more widely available. Without the restrictions imposed by the need for cabled
connections such as Ethernet, network coverage can widen rapidly, allowing more and
more users to access networks where cabled networks were previously unavailable.

Differences

The terms "network software" and "networking software" are often used
interchangeably. However, networking software most often refers to the software that
enables networking. Novell and Microsoft, for example, are two widely known
developers of networking software. Network software, by contrast, is software that
operates once the network is already enabled.

INSTALLING COMMUNICATION SOFTWARE

Pine

Pine is a freeware, text-based email client which was developed at the University of
Washington

Eudora

is an email client that was used on the classic Mac OS, Mac OS X, and Microsoft
Windows operating systems but is no longer under development. It also supported
several palmtop computing platforms, including Newton and the Palm OS.

Outlook express

Microsoft Outlook Express puts the world of online communication on your desktop.
Whether you want to exchange e-mail with colleagues and friends or join newsgroups
to trade ideas and information, the tools you need are here.

Others

Installing different types of network software

Linux

is a Unix-like computer operating system assembled under the model of free and open-
source software development and distribution.

UNIX

UNIX is an operating system which was first developed in the 1960s, and has been
under constant development ever since. By operating system, we mean the suite of
programs which make the computer work. It is a stable, multi-user, multi-tasking

Page 147 of 152

system for servers, desktops and laptops. UNIX systems also have a graphical user
interface (GUI) similar to Microsoft Windows which provides an easy to use
environment. However, knowledge of UNIX is required for operations which aren't
covered by a graphical program, or for when there is no windows interface available,
for example, in a telnet session

Novel

Is a computer network operating system developed by Novell, Inc. It initially used

cooperative multitasking to run various services on a personal computer, using the IPX
network protocol.

Windows NT

Windows NT is a family of operating systems produced by Microsoft, the first version

of which was released in July 1993. It is a processor-independent, multiprocessing,
multi-user operating system

Others

INTERNET
MEANING

The Internet is the global system of interconnected computer networks that use the
Internet protocol suite (TCP/IP) to link devices worldwide. It is a network of networks
that consists of private, public, academic, business, and government networks of local
to global scope, linked by a broad array of electronic, wireless, and optical networking
technologies. The Internet carries an extensive range of information resources and
services, such as the inter-linked hypertext documents and applications of the World
Wide Web (WWW), electronic mail, telephony, and peer-to-peer networks for file
sharing.

The origins of the Internet date back to research commissioned by the United States
federal government in the 1960s to build robust, fault-tolerant communication via
computer networks.[1] The primary precursor network, the ARPANET, initially served as
a backbone for interconnection of regional academic and military networks in the
1980s. The funding of the National Science Foundation Network as a new backbone in
the 1980s, as well as private funding for other commercial extensions, led to worldwide
participation in the development of new networking technologies, and the merger of
many networks.The linking of commercial networks and enterprises by the early 1990s
marks the beginning of the transition to the modern Internet, and generated a
sustained exponential growth as generations of institutional, personal, and mobile

Page 148 of 152

computers were connected to the network. Although the Internet was widely used by
academia since the 1980s, the commercialization incorporated its services and
technologies into virtually every aspect of modern life.

Importance of internet

it provides the following services:

World Wide Web

The World Wide Web and the Internet function together but are not the same thing.
The World Wide Web functions as the part of the Internet accessible to users. The
Internet serves as a vast electronic communications network and the World Wide Web
makes navigation on the Internet easier by utilizing hypertext links and graphical user
interfaces between different addresses on computers around the world. Think of the
Internet as providing the foundation and structure while the Web uses the Internet to
provide communications, information and access to all sorts of digital services.

Electronic Mail

More commonly known as email, electronic mail started as an afterthought to the

Internet. Today, email holds the number one position as the most popular service
offered on the Internet. A protocol for sending, receiving and storing electronic
messages, email has become the preferred method of communication. The U.S. Postal
Service handles around 200 billion pieces of mail each year. Email service on the
Internet handles around 247 billion emails every day.

Health Information Access

Individual computers may remotely access information stored on other computers or

servers anywhere in the world in a matter of seconds. The Pew Research Center
estimates that 59% of adults go on the Internet to seek health information. 80% of
caregivers have access to the Internet and use that access to health information to
assist with their day-to-day job duties. Internet access to health information may
improve quality of care, provide 24-hour access to medical or health information and
allow more efficient handling of specific health issues.

E-Commerce

The ability to do business without the usual constraints of time or distance make e-
commerce one of the most important services provided by the Internet. With the single
click of a mouse, online customers can purchase almost anything day or night from the
comfort of their own home. Since human interaction and the need for an actual brick-
and-mortar location do not figure into the e-commerce equation, doing business on the

Page 149 of 152

Internet does not cost as much. This levels the business playing field and allows small
business to compete with large corporations.

(File Transfer Protocol)

Before the World Wide Web and FTP was the only way to transfer large files between
computers of Internet users. Allows access to a computer on the Internet (if it's public
or available to the password), preview content on its hard disk, finding the necessary
files and copy on its own disk. This Internet service is not as simple as the World Wide
Web, but it is very useful.

Telnet

Internet service that allows the user logs on and runs on a remote computer and use
programs installed on the remote computer. Of course, the remote computer must be
enabled in the user access rights to the computer. For security reasons this service on
many servers is not allowed. It is better to say that the Telnet 'Terminal Emulation'
software support, which to communicate with a computer connected via a TCP / IP
stack. Thus, the emulator work former unit called 'Terminal' (from the mainframe era).
This same role today better performed by programs that use SSH (Secure Shell)
connections over TCP / IP as the carrier of connection, but all traffic is encrypted.
Although this mechanism provides plenty of security in the work with the server, system
administrators are reluctant to make this service available to all users.

User from their computers at work or at home by joining the Internet can:

 Exchange electronic mail (e-mail) to any Internet user in any location on the
planet.
 Participate in off-line (indirectly, not in real time) discussions via e-mail with
people with similar interests through 'mailing lists' and 'News Groups'.
 Participate live (in real time) in a conversation with another person via the
'Internet video phone' (like Skype), or audio-video conferencing between
multiple people using a specially designed computer programs and equipment.
 Participate in on-line (directly, in real time) written discussion with a larger group
of people who use the 'Internet Relay Chat' (IRC) service - chat rooms.
 To work on a remote computer using the 'Telnet' service or some per function
quite the same.
 Take files of any type (download) from remote computers and deliver files
(upload) them with an FTP (File Transfer Protocol) service.
 Reading complex documents using 'hypertext'. Clicking on a keyword or image
on the screen the user is automatically goes to other facilities within the same or
other domains.

Page 150 of 152

  Read multimedia documents found on WWW (World Wide Web) that contain
text, graphics, sound, and video using intelligent browser web presentation, as
'Google Chrome', 'Firefox' or 'Internet Explorer' program support.
 Learning and practicing for the exam and achieve appropriate certification.
 Search the Web, documents, various WWW sites or via dedicated international
service, as 'Google' and 'Yahoo!', over subscribed keywords to find the desired
documents.
 Publicly disclose their images or pictures of his grandchildren, and who wants to
can publish a picture of mother in law.
 Advertise your business in a variety of ways, from setting up video clips to the
creation of their own website.
 Paying bills through the 'Internet Banking'.
 Buy and spend money :-), advertise and offer for sale.
 Read web editions of newspapers or say 'IT Alphabet'.
 Play simple games

EMERGING TRENDS IN NETWORKING

With all the changes in IT infrastructure with the rise of virtualization and cloud,
networks are under tremendous pressure. The networking industry is evolving rapidly to
keep up and focusing more on software than traditional hardware speeds and feeds.
For networking pros, this means a lot of new options and changes in the way they go
about their work. key emerging trends in networking. Here are his top four.

SD-WAN

While the industry is still waiting for software-defined networking to reach

mass adoption in the enterprise, software-defined WAN continues to be red hot. "SDN
broadly hasn't turned into a single thing or a new networking paradigm. It's become a
bunch of specific use cases….SD-WAN is the best single example of success in that
space."Software-defined WAN is a real thing people can buy today and it brings them
value"

Automation and orchestration

Another hot emerging networking trend is automation and orchestration, As

enterprises stand up containerized applications using Docker or orchestration platforms
like Kubernetes, networking elements are automatically provisioned

Orchestration and automation (which orchestration leverage as a tool) do some of the

"nitty-gritty work that you would have to do by hand as a network engineer

Cloud networking

Page 151 of 152

With the growth of hybrid cloud, companies are looking for help with connectivity
between their private and public clouds. "A lot of this is cost driven. You may start in
the public cloud and need to bring those workloads back to your private data
center.Technology from vendors such as Nuage Networks automate the connectivity
between a company's on-premises data center and their public cloud resources.
VMware also announced a partnership last year with Amazon Web Services that
provides connectivity between public and private clouds by offering its software like
NSX on AWS, he said.

Visibility and analytics

For years, network monitoring and analytics tools have been pulled data from the
network, but the telemetry movement is changing that,. Vendors are now pushing lots
of data from the network infrastructure and using their own big-data analytics tools to
generate trend information.

Page 152 of 152