UNIVERSITY OF PORT HARCOURT

CENTRE OF INFORMATION AND TELECOMMUNICATION ENGINEERING

PGD

DIT 711 – COMPUTER NETWORK AND SECURITY

By

ENOCH, Joseph Diema

1
DIT 711- Contents

Introduction: Definition, Uses of Computer Networks, Network Topology, Network

Media, Network Devices, Different Types of Network: LAN, MAN, WAN etc IP
addressing: Classful IP Addressing, Subnetmask, CIDR, Private IP Address, Public IP
Address, Subnetting, VLSM etc. Network Model: OSI Reference Model, TCP/IT
Reference Model, ATM Reference Model, Functions of the Layers of different models,
Network Protocols working at different layers. Data Link Layer Design Issues, Framing:
Character Count, Byte Stuffing, Bit Stuffing, Error Detection: Cyclic Redundancy Check,
Parity Bit Checking, and Correction: Hamming Code. Windowing Protocols: Go back N
ARQ, Selective repeat ARQ, Elementary Data Link Protocols, High-level Data Link
Control, Point to Point Protocol, The Medium Access Control Sub-layer. Multiple
Accesses: Random Access; ALOHA, CSMA, CSMA/CD, CSMA/CA, Channelized Access;
CDMA, TDMA, FDMA, Controlled Access; Reservation, Poling, Token Passing. Ethernet,
Wireless LANs, and Bluetooth. Switching: Circuit Switching, Packet Switching, Message
Switching, Routing Algorithms, Virtual Circuit and Datagram, Congestion Control
Algorithms, Quality of Service, Internetworking, Internetworking Devices etc. Network
Layer Protocols: Address Resolution Protocol, Internet Protocol, Internet Control
Message Protocol, IPV6, Routing Information Protocol, Open Shortest Path First, Border
Gateway Protocol, User Datagram Protocol, Transmission Control Protocol. Network
Security:

2
Introduction to Computer Network
The first computers were stand-alone machines that one person used at a time. Later,
timesharing computers were invented that allowed more than one person to use the
machine concurrently. Today, most computers are networked, i.e., connected to one
another, so that they can communicate with one another, share resources, and access
the Internet. Virtually, 100 percent of business and industrial computers are networked.
Most home and personal computers are also networked. Network today, has no
boundary and supports the way we:
• Learn
• Communicate
• Work
• Play

1.1 What is Computer Network?

Computer network is the connection of multiple devices (or hosts) that communicate
with one another to share data and resources. Computing devices on a network may be
linked together through cables, telephone lines, radio waves, satellites, or infrared light
beams.

We define a computer network from two perspectives: physically (hardware) and

logically (software and data).

Physically From a physical (hardware) perspective, a computer network is a hardware

infrastructure interconnecting end-devices, where end-devices can be in one of the
many possible forms such as personal computers, personal digital assistants, smart
phones, wireless sensors, wireless actuators (e.g. a Philips Hue lamp) and smart
televisions. End-devices are typically made up of (embedded) hardware with a Network
Interface Card (NIC) and operating systems or basic middleware.
Logically From a software and data perspective, a computer network is a system
facilitating information exchange between applications that do not share a physical
memory component or memory space.

The basic structure of most computer networks consists of the following:

 Network edge:
 Applications and hosts/devices – end devices
o computing devices: laptops, desktops, servers, smartphones, and
tablets
o array of IoT devices: cameras, door locks, doorbells, refrigerators,
audio/visual systems, thermostats, and various sensors
 Network core – network devices:
 Hubs, Switches: communication inside a particular network
 Routers: for communication outside a local network area, assist in wireless
communication, it connects more than 2 LANs, a wired network do not
3
 need a router, it is used to connect different networks even within an
organization.
on. Gives a link to networks without the internet.
 Gateway: links devices with different networks. It can be a router, mi
mi-fi that
perform such duty. e.g. MTN network (ISP) modem that has connection to
the internet and allows others to connect through it. EEg connects to GLO
network. ISP gives the gateway to connect to the internet
 network of networks
NOTE: Peer-to-peer
peer network (ad-hoc
(ad hoc connection) do not need the network
core devices
 Access networks, physical media:
 Communication link
o Wired link: cables,
cables telephone
ephone lines, optical fibers
o Wireless link: radio waves, satellites, infrared light beams
 The data: text, images, videos, audio and others
 Resources: printer, an internet connection, applications, etc.

Uses of Computer Networks

Computers are playing a vital role in almost every field and making our day
day-to-day tasks
more manageable. Computers were only used to perform complex numerical
calculations in a previous time, but they have reached too far and now perform many
different roles. They are now performing
performing diverse set functions from complicated
calculations to generating business reports, bill generation to education, programming
or development to entertainment, etc. Because of their characteristics and powerful
functionalities, computers are used in various
various fields, such as homes, businesses,
government offices, research organizations, educational institutions, medical,
entertainment, etc. Computers have taken industries and businesses to a whole new
level. In this article, we have elaborated the most common
common uses of computers in
different fields:

4
Business: Currently, computers can be seen in almost every business. Computers are
almost part of a business setup because they increase productivity and help race in a
competitive environment. In businesses, computers are primarily used to store and
manage accounts and personal data, maintain projects, track inventory status, and
make reports and presentations. Besides, computers are best suited for transaction
processing because they are more accurate and faster than humans. Computers also
help people analyze their investment, expenses, profits, sales and many other aspects of
the business.
Science: Scientists are amongst one of those people who use computers as their
primary work tool. In science, research and engineering, computers are best suited for
collecting, analyzing, categorizing, and storing the data. They also help scientists to
exchange data with each other both internally and internationally. Computers enable
scientists from different locations (such as different countries) to work together on the
same project with cloud support. Besides, computers play a crucial role in launching,
maintaining, controlling spacecraft, and operating many other technologies.
Government: In the government sector, computers are beneficial. They are getting used
to performing various functions in different departments and improving their services'
quality, efficiency, and productivity. Some examples of such services are city planning,
traffic control, law enforcement, infrastructure developments, and tourism. In most
cases, the primary purposes of using computers are performing data processing tasks,
maintaining citizens' database, and promoting a paperless environment. Apart from
this, computers are playing a crucial role in the country's defense system. They are
helping in missile development, rocket, satellite launches, etc.
Health and Medical: Computers are radically changing the methods of diagnosis in
hospitals. They are used for maintaining patients' information, records, live monitoring
of patients, X-rays, and more. Everything is being digitized with the help of computers.
Computers help configure lab-tools, monitor heart rate, and blood pressure, etc.
Doctors get extra advantages in treating patients with proper drugs and medicines.
Additionally, computers enable doctors to exchange patient's data easily with other
medical specialists. Besides, advanced surgical devices are based on robotics that
helping surgeons to conduct complex operations and surgeries remotely.
Education: Computers are broadly getting used in the education field. They help people
get different educational materials (such as images, videos, e-books, etc.) in one place.
All such information can be accessed through the Internet. Additionally, computers are
best suited for online classes, online tutoring, online examinations, and creating
assignments and projects. Apart from this, they can also be used to maintain and
monitor student performance and other information.
Industry: Computers are used in industries to perform various tasks, such as
maintaining inventory, interior designing, designing samples or virtual products,
communicating over video conferencing, and more. Online marketing has made it easier
for people to buy products in rural areas. Online trading in stock markets has also seen a
significant revolution due to its easy participation potential. Computers have enabled
people from different levels of different locations to participate easily in stock
marketing.
5
Banking: Banking has become so advanced in the past few years. Most countries use
online banking systems where customers can access their data directly using computers
and the Internet. People can check their account balance, transfer money, and pay
online bills, including credit cards. Besides, Banks use computers to perform
transactions and store customer data, transaction records, etc. Banks have reduced the
number of manual errors, number of employees, and costs to a great extent by using
computers. ATMs are the best example of computers that are helping people to
withdraw and deposit the money themselves.
Entertainment: Computers nowadays are one of the best mediums for entertainment.
Computers can be used to watch movies, play games, listen to music, etc. Computers
combined with MIDI instruments can be used to record audio through artificial
instruments. Besides, people can also enjoy recording their videos with webcam and
apply several entertaining AI effects. Several Photo editor programs are also available
with fabulous powerful features.
Training: Most companies use computers to provide training to their employees.
Computer-based training helps companies save their time, money, and increase
productivity. Also, computer-based training can be used to train employees for large
distances in various locations. This will eliminate travel time and costs, making the
training process much more comfortable and smoother.
Arts: Computers have become part of art, photography, dance, and culture. Computers
with advanced features allow users to draw their projects directly on it. Besides, people
can use computers to digitize their photos. There are several photo editor software that
can help people edit and customize their photos. Apart from this, the dance's
movements and steps can be shown live with animations' help.
Sports: In today's technologically developed world, computers are being used in almost
every sport. There are many sports activities where computers are making things
possible. In sports, computers are mainly used to maintain scoreboards, records, and
other statistics. Furthermore, they are used to analyze player movements and make
various in-game decisions. Computers help make complex in-game decisions (especially
in umpiring), which cannot be seen by human eyes.
Robotics: Robotics is one of the emerging fields of technology that uses computers for
science and engineering as well as designing machines. These machines can be virtual
(such as software bots) and physical ones that can reduce or eliminate human workload.
Additionally, some machines can perform heavy tasks that humans cannot complete, or
that may take a long time to complete. Car manufacturing was one of the first examples
where robots helped to assemble car parts and perform many other heavy tasks.
However, nowadays, robots are beneficial in many fields, such as exploring areas where
conditions are difficult for humans, helping the military, helping law enforcement and
helping health professionals, etc.
Safety and Security: Computers are capable of working together with different
equipment, tools, and technologies. When it comes to safety, computers are widely
being used with the security camera. Almost every private and government
organizations are equipped with security cameras to monitor people and goods. Also,
these cameras are helping security intelligence agencies to identify terrorists or
6
criminals in public places. Computers attached with a fingerprint scanner and face-
recognition technology have made it harder for fraudsters to use fake identities and
take government benefits using someone else's identity. Security systems have become
so powerful with the introduction of computer technology and the Internet.
Publishing: Computers are one of the first choices when it comes to publication.
Computers are mainly used for designing newsletters, novels, posters, magazines, or
newspapers, etc. They are suitable for almost every type of publication. Computers can
be seen in both types of publishing methods, either its hard-copy or e-books. Apart from
this, computers play a vital role in blogging and writing articles on websites.
Weather Forecasting: Weather forecasting is never easy for humans because it depends
on many factors that are continually changing. It is almost impossible for humans to
predict the weather without using a computer. The weather forecasting process
involves complex computation and monitoring of data from satellites and many other
technological devices. The computer has made it a little easier to predict weather
conditions because it can process information from different sources and make complex
calculations related to it, which are necessary for forecasting. Computers process
enormous amounts of meteorological information during weather forecasting.
Communication: Computers have become one of the primary sources of
communication. Modern computers come with a built-in webcam and microphone to
make use of communication easier. People can use software like Skype and Hangout to
connect with other people over the Internet. Because of the videoconferencing feature,
people can connect with audio and video. Computers help families connect to their
relatives, businesses to organize meetings, and companies to take interviews, between
two different locations that are too far. Apart from this, older communications methods
such as emails are also still used widely.

Network Topology
A Network Topology is the arrangement with which computer systems or network
devices are connected to each other. Topologies may define both physical and logical
aspect of the network. Both logical and physical topologies could be same or different in
a same network.

Point-to-Point
Point-to-point networks contains exactly two hosts such as computer, switches or
routers, servers connected back to back using a single piece of cable. Often, the
receiving end of one host is connected to sending end of the other and vice-versa.

7
If the hosts are connected point-to-point logically, then may have multiple intermediate
devices. But the end hosts are unaware of underlying network and see each other as if
they are connected directly.

Bus Topology
In case of Bus topology, all devices share single communication line or cable. Bus
topology may have problem while multiple hosts sending data at the same time.
Therefore, Bus topology either uses CSMA/CD technology or recognizes one host as Bus
Master to solve the issue. It is one of the simple forms of networking where a failure of
a device does not affect the other devices. But failure of the shared communication line
can make all other devices stop functioning.

Both ends of the shared channel have line terminator. The data is sent in only one
direction and as soon as it reaches the extreme end, the terminator removes the data
from the line.

Star Topology
All hosts in Star topology are connected to a central device, known as hub device, using
a point-to-point connection. That is, there exists a point to point connection between
hosts and hub. The hub device can be any of the following:
 Layer-1 device such as hub or repeater
 Layer-2 device such as switch or bridge
 Layer-3 device such as router or gateway

8
As in Bus topology, hub acts as single point of failure. If hub fails, connectivity of all
hosts to all other hosts fails. Every communication between hosts, takes place through
only the hub. Star topology is not expensive as to connect one more host, only one
cable is required and configuration is simple.

Ring Topology
In ring topology, each host machine connects to exactly two other machines, creating a
circular network structure. When one host tries to communicate or send message to a
host which is not adjacent to it, the data travels through all intermediate hosts. To
connect one more host in the existing structure, the administrator may need only one
more extra cable.

Failure of any host results in failure of the whole ring. Thus, every connection in the ring
is a point of failure. There are methods which employ one more backup ring.

Mesh Topology
In this type of topology, a host is connected to one or multiple hosts. This topology has
hosts in point-to-point connection with every other host or may also have hosts which
are in point-to-point connection to few hosts only.

Hosts in Mesh topology also work as relay for other hosts which do not have direct
point-to-point links. Mesh technology comes into two types:

9
  Full Mesh: All hosts have a point-to-point connection to every other host in the
network. Thus for every new host n(n-1)/2 connections are required. It provides
the most reliable network structure among all network topologies.
 Partially Mesh: Not all hosts have point-to-point connection to every other host.
Hosts connect to each other in some arbitrarily fashion. This topology exists
where we need to provide reliability to some hosts out of all.

Tree Topology
Also known as Hierarchical Topology, this is the most common form of network
topology in use presently. This topology imitates as extended Star topology and inherits
properties of bus topology. This topology divides the network in to multiple
levels/layers of network. Mainly in LANs, a network is bifurcated into three types of
network devices. The lowermost is access-layer where computers are attached. The
middle layer is known as distribution layer, which works as mediator between upper
layer and lower layer. The highest layer is known as core layer, and is central point of
the network, i.e. root of the tree from which all nodes fork.

All neighboring hosts have point-to-point connection between them. Similar to the Bus
topology, if the root goes down, then the entire network suffers even though it is not
the single point of failure. Every connection serves as point of failure, failing of which
divides the network into unreachable segment.

Daisy Chain
This topology connects all the hosts in a linear fashion. Similar to Ring topology, all hosts
are connected to two hosts only, except the end hosts. Means, if the end hosts in daisy
chain are connected then it represents Ring topology.

10
Each link in daisy chain topology represents single point of failure. Every link failure
splits the network into two segments. Every intermediate host works as relay for its
immediate hosts.

Hybrid Topology
A network structure whose design contains more than one topology is said to be hybrid
topology. Hybrid topology inherits merits and demerits of all the incorporating
topologies.

The above picture represents an arbitrarily hybrid topology. The combining topologies
may contain attributes of Star, Ring, Bus, and Daisy-chain topologies. Most WANs are
connected by means of Dual-Ring topology and networks connected to them are mostly
Star topology networks. Internet is the best example of largest Hybrid topology.

Network Media
Network media is the actual path over which an electrical signal travels as it moves from
one component to another. This chapter describes the common types of network
media, including twisted-pair cable, coaxial cable, fiber-optic cable, and wireless.

Twisted-Pair Cable
Twisted-pair cable is a type of cabling that is used for telephone communications and
most modern Ethernet networks. A pair of wires forms a circuit that can transmit data.
The pairs are twisted to provide protection against crosstalk, the noise generated by
adjacent pairs. When electrical current flows through a wire, it creates a small, circular
magnetic field around the wire. When two wires in an electrical circuit are placed close
together, their magnetic fields are the exact opposite of each other. Thus, the two
magnetic fields cancel each other out. They also cancel out any outside magnetic fields.
Twisting the wires can enhance this cancellation effect. Using cancellation together with
twisting the wires, cable designers can effectively provide self-shielding for wire pairs
within the network media.
Two basic types of twisted-pair cable exist: unshielded twisted pair (UTP) and shielded
twisted pair (STP). The following sections discuss UTP and STP cable in more detail.

11
UTP Cable
UTP cable is a medium that is composed of pairs of wires (see Figure below). UTP cable
is used in a variety of networks. Each of the eight individual copper wires in UTP cable
\is covered by an insulating material. In addition, the wires in each pair are twisted
around each other.
Unshielded Twisted-Pair Cable

UTP cable relies solely on the cancellation effect produced by the twisted wire pairs to
limit signal degradation caused by electromagnetic interference (EMI) and radio
frequency interference (RFI). To further reduce crosstalk between the pairs in UTP
cable, the number of twists in the wire pairs varies. UTP cable must follow precise
specifications governing how many twists or braids are permitted per meter (3.28 feet)
of cable. UTP cable often is installed using a Registered Jack 45 (RJ-45) connector (see
Figure below). The RJ-45 is an eight-wire connector used commonly to connect
computers onto a local-area network (LAN), especially Ethernets.
RJ-45 Connectors

When used as a networking medium, UTP cable has four pairs of either 22- or 24-gauge
copper wire. UTP used as a networking medium has an impedance of 100 ohms; this
differentiates it from other types of twisted-pair wiring such as that used for telephone
wiring, which has impedance of 600 ohms.
UTP cable offers many advantages. Because UTP has an external diameter of
approximately 0.43 cm (0.17 inches), its small size can be advantageous during
installation. Because it has such a small external diameter, UTP does not fill up wiring
ducts as rapidly as other types of cable. This can be an extremely important factor to
consider, particularly when installing a network in an older building. UTP cable is easy to
install and is less expensive than other types of networking media. In fact, UTP costs less
per meter than any other type of LAN cabling. And because UTP can be used with most
of the major networking architectures, it continues to grow in popularity.
Disadvantages also are involved in using twisted-pair cabling, however. UTP cable is
more prone to electrical noise and interference than other types of networking media,
and the distance between signal boosts is shorter for UTP than it is for coaxial and fiber-
optic cables.
Although UTP was once considered to be slower at transmitting data than other types of
cable, this is no longer true. In fact, UTP is considered the fastest copper-based medium
today. The following summarizes the features of UTP cable:
 Speed and throughput—10 to 1000 Mbps
 Average cost per node—Least expensive
 Media and connector size—Small
 Maximum cable length—100 m (short)

12
Commonly used types of UTP cabling are as follows:
 Category 1—Used for telephone communications. Not suitable for transmitting
data.
 Category 2—Capable of transmitting data at speeds up to 4 megabits per second
(Mbps).
 Category 3—Used in 10BASE-T networks. Can transmit data at speeds up to 10
Mbps.
 Category 4—Used in Token Ring networks. Can transmit data at speeds up to 16
Mbps.
 Category 5—Can transmit data at speeds up to 100 Mbps.
 Category 5e —Used in networks running at speeds up to 1000 Mbps (1 gigabit per
second [Gbps]).
 Category 6—Typically, Category 6 cable consists of four pairs of 24 American Wire
Gauge (AWG) copper wires. Category 6 cable is currently the fastest standard for
UTP.

Shielded Twisted-Pair Cable

Shielded twisted-pair (STP) cable combines the techniques of shielding, cancellation, and
wire twisting. Each pair of wires is wrapped in a metallic foil (see Figure below). The four
pairs of wires then are wrapped in an overall metallic braid or foil, usually 150-ohm
cable. As specified for use in Ethernet network installations, STP reduces electrical noise
both within the cable (pair-to-pair coupling, or crosstalk) and from outside the cable
(EMI and RFI). STP usually is installed with STP data connector, which is created
especially for the STP cable. However, STP cabling also can use the same RJ connectors
that UTP uses.
Shielded Twisted-Pair Cable

Although STP prevents interference better than UTP, it is more expensive and difficult to
install. In addition, the metallic shielding must be grounded at both ends. If it is
improperly grounded, the shield acts like an antenna and picks up unwanted signals.
Because of its cost and difficulty with termination, STP is rarely used in Ethernet
networks. STP is primarily used in Europe.
The following summarizes the features of STP cable:
 Speed and throughput—10 to 100 Mbps
 Average cost per node—Moderately expensive
 Media and connector size—Medium to large
 Maximum cable length—100 m (short)
When comparing UTP and STP, keep the following points in mind:
 The speed of both types of cable is usually satisfactory for local-area distances.
 These are the least-expensive media for data communication. UTP is less
expensive than STP.
 Because most buildings are already wired with UTP, many transmission standards
are adapted to use it, to avoid costly rewiring with an alternative cable type.
13
Coaxial Cable
Coaxial cable consists of a hollow outer cylindrical conductor that surrounds a single
inner wire made of two conducting elements. One of these elements, located in the
center of the cable, is a copper conductor. Surrounding the copper conductor is a layer
of flexible insulation. Over this insulating material is a woven copper braid or metallic
foil that acts both as the second wire in the circuit and as a shield for the inner
conductor. This second layer, or shield, can help reduce the amount of outside
interference. Covering this shield is the cable jacket. (See Figure
below) Coaxial Cable

Coaxial cable supports 10 to 100 Mbps and is relatively inexpensive, although it is more
costly than UTP on a per-unit length. However, coaxial cable can be cheaper for a
physical bus topology because less cable will be needed. Coaxial cable can be cabled
over longer distances than twisted-pair cable. For example, Ethernet can run
approximately 100 meters (328 feet) using twisted-pair cabling. Using coaxial cable
increases this distance to 500m (1640.4 feet).
For LANs, coaxial cable offers several advantages. It can be run with fewer boosts from
repeaters for longer distances between network nodes than either STP or UTP cable.
Repeaters regenerate the signals in a network so that they can cover greater distances.
Coaxial cable is less expensive than fiber-optic cable, and the technology is well known;
it has been used for many years for all types of data communication.
When working with cable, you need to consider its size. As the thickness, or diameter, of
the cable increases, so does the difficulty in working with it. Many times cable must be
pulled through existing conduits and troughs that are limited in size. Coaxial cable
comes in a variety of sizes. The largest diameter (1 centimeter [cm]) was specified for
use as Ethernet backbone cable because historically it had greater transmission length
and noise-rejection characteristics. This type of coaxial cable is frequently referred to as
Thicknet. As its nickname suggests, Thicknet cable can be too rigid to install easily in
some situations because of its thickness. The general rule is that the more difficult the
network medium is to install, the more expensive it is to install. Coaxial cable is more
expensive to install than twisted-pair cable. Thicknet cable is almost never used except
for special-purpose installations.
A connection device known as a vampire tap was used to connect network devices to
Thicknet. The vampire tap then was connected to the computers via a more flexible
cable called the attachment unit interface (AUI). Although this 15-pin cable was still
thick and tricky to terminate, it was much easier to work with than Thicknet.
In the past, coaxial cable with an outside diameter of only 0.35 cm (sometimes referred
to as Thinnet) was used in Ethernet networks. Thinnet was especially useful for cable
installations that required the cable to make many twists and turns. Because it was
easier to install, it was also cheaper to install. Thus, it was sometimes referred to as
Cheapernet. However, because the outer copper or metallic braid in coaxial cable
comprises half the electrical circuit, special care had to be taken to ensure that it was
properly grounded. Grounding was done by ensuring that a solid electrical connection
14
existed at both ends of the cable. Frequently, however, installers failed to properly
ground the cable. As a result, poor shield connection was one of the biggest sources of
connection problems in the installation of coaxial cable. Connection problems resulted
in electrical noise, which interfered with signal transmittal on the networking medium.
For this reason, despite its small diameter, Thinnet no longer is commonly used in
Ethernet networks.
The most common connectors used with Thinnet are BNC, short for British Naval
Connector or Bayonet Neill Concelman, connectors (see Figure below). The basic BNC
connector is a male type mounted at each end of a cable. This connector has a center
pin connected to the center cable conductor and a metal tube connected to the outer
cable shield. A rotating ring outside the tube locks the cable to any female connector.
BNC T-connectors are female devices for connecting two cables to a network interface
card (NIC). A BNC barrel connector facilitates connecting two cables
together.
Thinnet and BNC Connector
The following summarizes the features of coaxial cables:
 Speed and throughput—10 to 100 Mbps
 Average cost per node—Inexpensive
 Media and connector size—Medium
 Maximum cable length—500 m (medium)

Plenum Cable
Plenum cable is the cable that runs in plenum spaces of a building. In building
construction, a plenum (pronounced PLEH-nuhm, from Latin meaning "full") is a
separate space provided for air circulation for heating, ventilation, and air-conditioning
(sometimes referred to as HVAC), typically in the space between the structural ceiling
and a drop-down ceiling. In buildings with computer installations, the plenum space
often is used to house connecting communication cables. Because ordinary cable
introduces a toxic hazard in the event of fire, special plenum cabling is required in
plenum areas.
In the United States, typical plenum cable sizes are AWG sizes 22 and 24. Plenum
cabling often is made of Teflon and is more expensive than ordinary cabling. Its outer
material is more resistant to flames and, when burning, produces less smoke than
ordinary cabling. Both twisted-pair and coaxial cable are made in plenum cable versions.

Wireless Communication
Wireless communication uses radio frequencies (RF) or infrared (IR) waves to transmit
data between devices on a LAN. For wireless LANs, a key component is the wireless hub,
or access point, used for signal distribution (see Figure below).
Wireless Network
To receive the signals from the access point, a PC or laptop must install a
wireless adapter card (wireless NIC). Wireless signals are electromagnetic
waves that can travel through the vacuum of outer space and through a
medium such as air. Therefore, no physical medium is necessary for wireless signals,
making them a very versatile way to build a network. Wireless signals use portions of
15
the RF spectrum to transmit voice, video, and data. Wireless frequencies range from 3
kilohertz (kHz) to 300 gigahertz (GHz). The data-transmission rates range from 9 kilobits
per second (kbps) to as high as 54 Mbps.
The primary difference between electromagnetic waves is their frequency. Low-
frequency electromagnetic waves have a long wavelength (the distance from one peak
to the next on the sine wave), while high-frequency electromagnetic waves have a short
wavelength.
Some common applications of wireless data communication include the following:
 Accessing the Internet using a cellular phone
 Establishing a home or business Internet connection over satellite
 Beaming data between two hand-held computing devices
 Using a wireless keyboard and mouse for the PC
Another common application of wireless data communication is the wireless LAN
(WLAN), which is built in accordance with Institute of Electrical and Electronics
Engineers (IEEE) 802.11 standards. WLANs typically use radio waves (for example, 902
megahertz [MHz]), microwaves (for example, 2.4 GHz), and IR waves (for example, 820
nanometers [nm]) for communication. Wireless technologies are a crucial part of the
today's networking. See Chapter 28, "Wireless LANs," for a more detailed discuss on
wireless networking.

Comparing Media Types

Presented in Table 8-1 are comparisons of the features of the common network media.
This chart provides an overview of various media that you can use as a reference. The
medium is possibly the single most important long-term investment made in a network.
The choice of media type will affect the type of NICs installed, the speed of the network,
and the capability of the network to meet future needs.

Table 8-1 Media Type Comparison

Media Maximum Speed Cost Advantages Disadvantages
Type Segment
Length
UTP 100 m 10 Mbps to Least Easy to install; Susceptible to
1000 Mbps expensive widely available interference; can
and widely used cover only a
limited distance
STP 100 m 10 Mbps to More Reduced Difficult to work
100 Mbps expensive crosstalk; more with; can cover
than UTP resistant to EMI only a limited
than Thinnet or distance
UTP
Coaxial 500 m 10 Mbps to Relatively Less susceptible Difficult to work
(Thicknet) 100 Mbps inexpensive, to EMI with (Thicknet);
185 m but more interference limited
16
Media Maximum Speed Cost Advantages Disadvantages
Type Segment
Length
(Thinnet) costly than than other types bandwidth;
UTP of copper media limited
application
(Thinnet); damage
to cable can bring
down entire
network
Fiber- 10 km and 100 Mbps to Expensive Cannot be Difficult to
Optic farther 100 Gbps tapped, so terminate
(single- (single security is
mode) mode) better; can be
2 km and 100 Mbps to used over great
farther 9.92 Gbps distances; is not
(multimode) (multimode) susceptible to
EMI; has a
higher data rate
than coaxial and
twisted-pair
cable

Summary
In this chapter, you learned the following key points:
 Coaxial cable consists of a hollow outer cylindrical conductor that surrounds a
single inner wire conductor.
 UTP cable is a four-pair wire medium used in a variety of networks.
 STP cable combines the techniques of shielding, cancellation, and wire twisting.
 Fiber-optic cable is a networking medium capable of conducting modulated light
transmission.
 Wireless signals are electromagnetic waves that can travel through the vacuum of
outer space and through a medium such as air.

Making LAN Connections

UTP cabling connections are specified by the Electronics Industry Alliance/Telecommunications
Industry Association (EIA/TIA).

The RJ-45 connector is the male component crimped on the end of the cable. When viewed
from the front, the pins are numbered from 8 to 1. When viewed from above with the opening

17
gate facing you, the pins are numbered 1 through 8, from left to right. This orientation is
important to remember when identifying a cable.

Types of Interfaces
In an Ethernet LAN, devices use one of two types of UTP interfaces - MDI or MDIX.

The MDI (media-dependent interface) uses the normal Ethernet pinout. Pins 1 and 2 are used
for transmitting and pins 3 and 6 are used for receiving. Devices such as computers, servers, or
routers will have MDI connections.

The devices that provide LAN connectivity - usually hubs or switches - typically use MDIX
(media-dependent interface, crossover) connections. The MDIX connection swaps the transmit
pairs internally. This swapping allows the end devices to be connected to the hub or switch
using a straight-through cable.

Typically, when connecting different types of devices, use a straight-through cable. And when
connecting the same type of device, use a crossover cable.

Straight-through UTP Cables

A straight-through cable has connectors on each end that are terminated the same in
accordance with either the T568A or T568B standards.

Identifying the cable standard used allows you to determine if you have the right cable for the
job. More importantly, it is a common practice to use the same color codes throughout the
LAN for consistency in documentation.

Use straight-through cables for the following connections:

 Switch to a router Ethernet port

 Computer to switch
18
  Computer to hub

Crossover UTP Cables

For two devices to communicate through a cable that is directly connected between the two,
the transmit terminal of one device needs to be connected to the receive terminal of the other
device.

The cable must be terminated so the transmit pin, Tx, taking the signal from device A at one
end, is wired to the receive pin, Rx, on device B. Similarly, device B's Tx pin must be connected
to device A's Rx pin. If the Tx pin on a device is numbered 1, and the Rx pin is numbered 2, the
cable connects pin 1 at one end with pin 2 at the other end. These "crossed over" pin
connections give this type of cable its name, crossover.

To achieve this type of connection with a UTP cable, one end must be terminated as EIA/TIA
T568A pinout, and the other end terminated with T568B pinout.

To summarize, crossover cables directly connect the following devices on a LAN:

 Switch to switch
 Switch to hub
 Hub to hub
 Router to router Ethernet port connection
 Computer to computer
 Computer to a router Ethernet port

19
On the figure, identify the cable type used based on the devices being connected.
As a reminder, the common uses are listed again:
Use straight-through cables for connecting:

 Switch to router
 Computer to switch
 Computer to hub

Use crossover cables for connecting:

 Switch to switch
 Switch to hub
 Hub to hub
 Router to router
 Computer to computer
 Computer to router

Network Devices
Hardware devices that are used to connect computers, printers, fax machines and other
electronic devices to a network are called network devices. These devices transfer data
in a fast, secure and correct way over same or different networks. Network devices may
be inter-network or intra-network. Some devices are installed on the device, like NIC
card or RJ45 connector, whereas some are part of the network, like router, switch, etc.
Let us explore some of these devices in greater detail.

Modem
Modem is a device that enables a computer to send or receive data over telephone or
cable lines. The data stored on the computer is digital whereas a telephone line or cable
wire can transmit only analog data.

20
The main function of the modem is to convert digital signal into analog and vice versa.
Modem is a combination of two devices − modulator and demodulator. The modulator
converts digital data into analog data when the data is being sent by the computer. The
demodulator converts analog data signals into digital data when it is being received by
the computer.

Types of Modem
Modem can be categorized in several ways like direction in which it can transmit data,
type of connection to the transmission line, transmission mode, etc.
Depending on direction of data transmission, modem can be of these types −
 Simplex − A simplex modem can transfer data in only one direc on, from digital
device to network (modulator) or network to digital device (demodulator).
 Half duplex − A half-duplex modem has the capacity to transfer data in both the
directions but only one at a time.
 Full duplex − A full duplex modem can transmit data in both the direc ons
simultaneously.

RJ45 Connector
RJ45 is the acronym for Registered Jack 45. RJ45 connector is an 8-pin jack used by
devices to physically connect to Ethernet based local area networks (LANs). Ethernet is
a technology that defines protocols for establishing a LAN. The cable used for Ethernet
LANs are twisted pair ones and have RJ45 connector pins at both ends. These pins go
into the corresponding socket on devices and connect the device to the network.

Ethernet Card
Ethernet card, also known as network interface card (NIC), is a hardware component
used by computers to connect to Ethernet LAN and communicate with other devices on
the LAN. The earliest Ethernet cards were external to the system and needed to be
installed manually. In modern computer systems, it is an internal hardware component.
The NIC has RJ45 socket where network cable is physically plugged in.
21
Ethernet card speeds may vary depending upon the protocols it supports. Old Ethernet
cards had maximum speed of 10 Mbps. However, modern cards support fast Ethernets
up to a speed of 100 Mbps. Some cards even have capacity of 1 Gbps.

Router
A router is a network layer hardware device that transmits data from one LAN to
another if both networks support the same set of protocols. So a router is typically
connected to at least two LANs and the internet service provider (ISP). It receives its
data in the form of packets, which are data frames with their destination address
added. Router also strengthens the signals before transmitting them. That is why it is
also called repeater.

Routing Table
A router reads its routing table to decide the best available route the packet can take to
reach its destination quickly and accurately. The routing table may be of these two
types −
 Static − In a sta c rou ng table the routes are fed manually. So it is suitable only
for very small networks that have maximum two to three routers.
 Dynamic − In a dynamic rou ng table, the router communicates with other
routers through protocols to determine which routes are free. This is suited for
larger networks where manual feeding may not be feasible due to large number
of routers.

Switch
Switch is a network device that connects other devices to Ethernet networks through
twisted pair cables. It uses packet switching technique to receive, store and forward
22
data packets on the network. The switch maintains a list of network addresses of all the
devices connected to it. On receiving a packet, it checks the destination address and
transmits the packet to the correct port. Before forwarding, the packets are checked for
collision and other network errors. The data is transmitted in full duplex mode

Data transmission speed in switches can be double that of other network devices like
hubs used for networking. This is because switch shares its maximum speed with all the
devices connected to it. This helps in maintaining network speed even during high
traffic. In fact, higher data speeds are achieved on networks through use of multiple
switches.

Gateway: is a network device used to connect two or more dissimilar networks. In

networking parlance, networks that use different protocols are dissimilar networks. A
gateway usually is a computer with multiple NICs connected to different networks. A
gateway can also be configured completely using software. As networks connect to a
different network through gateways, these gateways are usually hosts or end points of
the network.

Gateway uses packet switching technique to transmit data from one network to
another. In this way it is similar to a router, the only difference being router can
transmit data only over networks that use same protocols.

Wi-Fi Card
Wi-Fi is the acronym for wireless fidelity. Wi-Fi technology is used to achieve wireless
connection to any network. Wi-Fi card is a card used to connect any device to the local

23
network wirelessly. The physical area of the network which provides internet access
through Wi-Fi is called Wi-Fi hotspot. Hotspots can be set up at home, office or any
public space. Hotspots themselves are connected to the network through wires.

A Wi-Fi card is used to add capabilities like teleconferencing, downloading digital

camera images, video chat, etc. to old devices. Modern devices come with their in-built
wireless network adapter.

Different Types of Network

While similar in their overall objectives, various types of networks fulfil different
purposes. Networks today are classified by their size in the broad categories below

1. PAN (Personal Area Network):

 Smallest network that covers a range within a limited area (approx. 10 to
100m)
 Connection link (wired and wireless): cables, Bluetooth, ZigBee, infrared,
light etc.
 Example: Wireless Sensor Network; wireless network that connects a
computer with its peripherals like monitor, keyboard, mouse, printer, etc.
2. LAN (Local Area Network):
 Connection of a small number of the computing devices within a relatively
close geographical area
 Connection link: twisted pair cables, coaxial cable, WiFi, cellular networks.
 Example: an office network like CITE network
3. MAN (Metropolitan Area Network):
 Interconnection of different LANs within larger area like city coverage or
campus coverage
 Connection media: telephone exchange line, satellite, cellular network.
 Example: Military network, Campus network
4. WAN (Wide Area Network):
 Connection of multiple LANs and MANs over a much larger geographical
distances such as states or countries coverages.
 Connection link: leased lines, fiber optic cable, mobile broadband
connections, satellite link.
24
  Example: The Internet, network used by international organizations
5. Wireless LAN (WLAN) - Similar to a LAN but wirelessly interconnects users and
end points in a small geographical area.
6. Storage Area Network (SAN) - A network infrastructure designed to support file
servers and provide data storage, retrieval, and replication.

Range and media of the network types

IP addressing: Classful IP Addressing, Subnetmask, CIDR, Private IP Address, Public IP

Address, Subnetting, VLSM etc.

IP addressing
Additional Information
If definitions are helpful to you, use these vocabulary terms in order to get you started:
 Address - The unique number ID assigned to one host or interface in a network.
 Subnet - A portion of a network that shares a particular subnet address.
 Subnet mask - A 32-bit combination used to describe which portion of an address
refers to the subnet and which part refers to the host.
 Interface - A network connection.
If you have already received your legitimate address(es) from the Internet Network
Information Center (InterNIC), you are ready to begin. If you do not plan to connect to
the Internet, Cisco strongly suggests that you use reserved addresses from RFC 1918.

Understand IP Addresses
An IP address is an address used in order to uniquely identify a device on an IP network.
The address is made up of 32 binary bits, which can be divisible into a network portion
and host portion with the help of a subnet mask. The 32 binary bits are broken into four
octets (1 octet = 8 bits). Each octet is converted to decimal and separated by a period
(dot). For this reason, an IP address is said to be expressed in dotted decimal format (for
example, 172.16.81.100). The value in each octet ranges from 0 to 255 decimal, or
00000000 - 11111111 binary.
Here is how binary octets convert to decimal: The right most bit, or least significant bit,
of an octet holds a value of 20. The bit just to the left of that holds a value of 21. This
continues until the left-most bit, or most significant bit, which holds a value of 27. So if
all binary bits are a one, the decimal equivalent would be 255 as shown here:
25
 1 1 1 11111
128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)
Here is a sample octet conversion when not all of the bits are set to 1.
0 1000001
0 64 0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)

And this sample shows an IP address represented in both binary and decimal.
10. 1. 23. 19 (decimal)
00001010.00000001.00010111.00010011 (binary)

These octets are broken down to provide an addressing scheme that can accommodate
large and small networks. There are five different classes of networks, A to E. This
document focuses on classes A to C, since classes D and E are reserved and discussion of
them is beyond the scope of this document.
Note: Also note that the terms "Class A, Class B" and so on are used in this document in
order to help facilitate the understanding of IP addressing and subnetting. These terms
are rarely used in the industry anymore because of the introduction of classless
interdomain routing (CIDR).
Given an IP address, its class can be determined from the three high-order bits (the
three left-most bits in the first octet). Figure 1 shows the significance in the three high
order bits and the range of addresses that fall into each class. For informational
purposes, Class D and Class E addresses are also shown.
Figure below

26
In a Class A address, the first octet is the network portion, so the Class A example in
Figure 1 has a major network address of 1.0.0.0 - 127.255.255.255. Octets 2, 3, and 4
(the next 24 bits) are for the network manager to divide into subnets and hosts as
he/she sees fit. Class A addresses are used for networks that have more than 65,536
hosts (actually, up to 16777214 hosts!).
In a Class B address, the first two octets are the network portion, so the Class B example
in Figure 1 has a major network address of 128.0.0.0 - 191.255.255.255. Octets 3 and 4
(16 bits) are for local subnets and hosts. Class B addresses are used for networks that
have between 256 and 65534 hosts.
In a Class C address, the first three octets are the network portion. The Class C example
in Figure 1 has a major network address of 192.0.0.0 - 223.255.255.255. Octet 4 (8 bits)
is for local subnets and hosts - perfect for networks with less than 254 hosts.

Network Masks
A network mask helps you know which portion of the address identifies the network
and which portion of the address identifies the node. Class A, B, and C networks have
default masks, also known as natural masks, as shown here:

Class A: 255.0.0.0
Class B: 255.255.0.0
Class C: 255.255.255.0

An IP address on a Class A network that has not been subnetted would have an
address/mask pair similar to: 8.20.15.1 255.0.0.0. In order to see how the mask helps
you identify the network and node parts of the address, convert the address and mask
to binary numbers.

8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000

Once you have the address and the mask represented in binary, then identification of
the network and host ID is easier. Any address bits which have corresponding mask bits
set to 1 represent the network ID. Any address bits that have corresponding mask bits
set to 0 represent the node ID.

8.20.15.1 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000
-----------------------------------
net id | host id

netid = 00001000 = 8
hostid = 00010100.00001111.00000001 = 20.15.1

27
Understand Subnetting
Subnetting allows you to create multiple logical networks that exist within a single Class
A, B, or C network. If you do not subnet, you are only able to use one network from your
Class A, B, or C network, which is unrealistic.
Each data link on a network must have a unique network ID, with every node on that
link being a member of the same network. If you break a major network (Class A, B, or
C) into smaller subnetworks, it allows you to create a network of interconnecting
subnetworks. Each data link on this network would then have a unique
network/subnetwork ID. Any device, or gateway, that connects n
networks/subnetworks has n distinct IP addresses, one for each network / subnetwork
that it interconnects.
In order to subnet a network, extend the natural mask with some of the bits from the
host ID portion of the address in order to create a subnetwork ID. For example, given a
Class C network of 204.17.5.0 which has a natural mask of 255.255.255.0, you can
create subnets in this manner:

204.17.5.0 - 11001100.00010001.00000101.00000000
255.255.255.224 - 11111111.11111111.11111111.11100000
--------------------------|sub|----

By extending the mask to be 255.255.255.224, you have taken three bits (indicated by
"sub") from the original host portion of the address and used them to make subnets.
With these three bits, it is possible to create eight subnets. With the remaining five host
ID bits, each subnet can have up to 32 host addresses, 30 of which can actually be
assigned to a device since host ids of all zeros or all ones are not allowed (it is very
important to remember this). So, with this in mind, these subnets have been created.

204.17.5.0 255.255.255.224 host address range 1 to 30

204.17.5.32 255.255.255.224 host address range 33 to 62
204.17.5.64 255.255.255.224 host address range 65 to 94
204.17.5.96 255.255.255.224 host address range 97 to 126
204.17.5.128 255.255.255.224 host address range 129 to 158
204.17.5.160 255.255.255.224 host address range 161 to 190
204.17.5.192 255.255.255.224 host address range 193 to 222
204.17.5.224 255.255.255.224 host address range 225 to 254

Note: There are two ways to denote these masks. First, since you use three bits more
than the "natural" Class C mask, you can denote these addresses as having a 3-bit
subnet mask. Or, secondly, the mask of 255.255.255.224 can also be denoted as /27 as
there are 27 bits that are set in the mask. This second method is used with CIDR. With
this method, one of these networks can be described with the notation prefix/length.
For example, 204.17.5.32/27 denotes the network 204.17.5.32 255.255.255.224. When
appropriate, the prefix/length notation is used to denote the mask throughout the rest
of this document.

28
The network subnetting scheme in this section allows for eight subnets, and the
network might appear as:
Figure below

Notice that each of the routers in Figure above is attached to four subnetworks, one
subnetwork is common to both routers. Also, each router has an IP address for each
subnetwork to which it is attached. Each subnetwork could potentially support up to 30
host addresses.
This brings up an interesting point. The more host bits you use for a subnet mask, the
more subnets you have available. However, the more subnets available, the less host
addresses available per subnet. For example, a Class C network of 204.17.5.0 and a
mask of 255.255.255.224 (/27) allows you to have eight subnets, each with 32 host
addresses (30 of which could be assigned to devices). If you use a mask of
255.255.255.240 (/28), the breakdown is:

204.17.5.0 - 11001100.00010001.00000101.00000000
255.255.255.240 - 11111111.11111111.11111111.11110000
--------------------------|sub |---

Since you now have four bits to make subnets with, you only have four bits left for host
addresses. So in this case you can have up to 16 subnets, each of which can have up to
16 host addresses (14 of which can be assigned to devices).
Take a look at how a Class B network might be subnetted. If you have network
172.16.0.0, then you know that its natural mask is 255.255.0.0 or 172.16.0.0/16.
Extending the mask to anything beyond 255.255.0.0 means you are subnetting. You can
quickly see that you have the ability to create a lot more subnets than with the Class C
network. If you use a mask of 255.255.248.0 (/21), how many subnets and hosts per
subnet does this allow for?

172.16.0.0 - 10101100.00010000.00000000.00000000
255.255.248.0 - 11111111.11111111.11111000.00000000
-----------------| sub |-----------

You use five bits from the original host bits for subnets. This allows you to have 32
subnets (25). After using the five bits for subnetting, you are left with 11 bits for host
addresses. This allows each subnet so have 2048 host addresses (211), 2046 of which
could be assigned to devices.

29
Note: In the past, there were limitations to the use of a subnet 0 (all subnet bits are set
to zero) and all ones subnet (all subnet bits set to one). Some devices would not allow
the use of these subnets. Cisco Systems devices allow the use of these subnets when
the ip subnet zero command is configured.

Examples

Sample Exercise 1
Now that you have an understanding of subnetting, put this knowledge to use. In this
example, you are given two address / mask combinations, written with the prefix/length
notation, which have been assigned to two devices. Your task is to determine if these
devices are on the same subnet or different subnets. You can use the address and mask
of each device in order to determine to which subnet each address belongs.

DeviceA: 172.16.17.30/20
DeviceB: 172.16.28.15/20

Determine the Subnet for DeviceA:

172.16.17.30 - 10101100.00010000.00010001.00011110
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0

Looking at the address bits that have a corresponding mask bit set to one, and setting all
the other address bits to zero (this is equivalent to performing a logical "AND" between
the mask and address), shows you to which subnet this address belongs. In this case,
DeviceA belongs to subnet 172.16.16.0.
Determine the Subnet for DeviceB:

172.16.28.15 - 10101100.00010000.00011100.00001111
255.255.240.0 - 11111111.11111111.11110000.00000000
-----------------| sub|------------
subnet = 10101100.00010000.00010000.00000000 = 172.16.16.0

From these determinations, DeviceA and DeviceB have addresses that are part of the
same subnet.

Sample Exercise 2
Given the Class C network of 204.15.5.0/24, subnet the network in order to create the
network in Figure below with the host requirements shown.
Figure below

30
Looking at the network shown in Figure above, you can see that you are required to
create five subnets. The largest subnet must support 28 host addresses. Is this possible
with a Class C network? And if so, then how?
You can start by looking at the subnet requirement. In order to create the five needed
subnets you would need to use three bits from the Class C host bits. Two bits would
only allow you four subnets (22).
Since you need three subnet bits, that leaves you with five bits for the host portion of
the address. How many hosts does this support? 25 = 32 (30 usable). This meets the
requirement.
Therefore you have determined that it is possible to create this network with a Class C
network. An example of how you might assign the subnetworks is:

netA: 204.15.5.0/27 host address range 1 to 30

netB: 204.15.5.32/27 host address range 33 to 62
netC: 204.15.5.64/27 host address range 65 to 94
netD: 204.15.5.96/27 host address range 97 to 126
netE: 204.15.5.128/27 host address range 129 to 158
VLSM Example
In all of the previous examples of subnetting, notice that the same subnet mask was
applied for all the subnets. This means that each subnet has the same number of
available host addresses. You can need this in some cases, but, in most cases, having the
same subnet mask for all subnets ends up wasting address space. For example, in the
Sample Exercise 2 section, a class C network was split into eight equal-size subnets;
however, each subnet did not utilize all available host addresses, which results in
wasted address space. Figure below illustrates this wasted address space.
Figure

31
Figure above illustrates that of the subnets that are being used, NetA, NetC, and NetD
have a lot of unused host address space. It is possible that this was a deliberate design
accounting for future growth, but in many cases this is just wasted address space due to
the fact that the same subnet mask is used for all the subnets.
Variable Length Subnet Masks (VLSM) allows you to use different masks for each
subnet, thereby using address space efficiently.

VLSM Example
Given the same network and requirements as in Sample Exercise 2 develop a subnetting
scheme with the use of VLSM, given:

netA: must support 14 hosts

netB: must support 28 hosts
netC: must support 2 hosts
netD: must support 7 hosts
netE: must support 28 host

Determine what mask allows the required number of hosts.

netA: requires a /28 (255.255.255.240) mask to support 14 hosts

netB: requires a /27 (255.255.255.224) mask to support 28 hosts
netC: requires a /30 (255.255.255.252) mask to support 2 hosts
netD*: requires a /28 (255.255.255.240) mask to support 7 hosts

32
netE: requires a /27 (255.255.255.224) mask to support 28 hosts

* a /29 (255.255.255.248) would only allow 6 usable host addresses

therefore netD requires a /28 mask.

The easiest way to assign the subnets is to assign the largest first. For example, you can
assign in this manner:

netB: 204.15.5.0/27 host address range 1 to 30

netE: 204.15.5.32/27 host address range 33 to 62
netA: 204.15.5.64/28 host address range 65 to 78
netD: 204.15.5.80/28 host address range 81 to 94
netC: 204.15.5.96/30 host address range 97 to 98

This can be graphically represented as shown in Figure below:

Figure

Figure above illustrates how using VLSM helped save more than half of the address
space.

CIDR
Classless Interdomain Routing (CIDR) was introduced in order to improve both address
space utilization and routing scalability in the Internet. It was needed because of the
rapid growth of the Internet and growth of the IP routing tables held in the Internet
routers.
CIDR moves away from the traditional IP classes (Class A, Class B, Class C, and so on). In
CIDR , an IP network is represented by a prefix, which is an IP address and some
33
indication of the length of the mask. Length means the number of left-most contiguous
mask bits that are set to one. So network 172.16.0.0 255.255.0.0 can be represented as
172.16.0.0/16. CIDR also depicts a more hierarchical Internet architecture, where each
domain takes its IP addresses from a higher level. This allows for the summarization of
the domains to be done at the higher level. For example, if an ISP owns network
172.16.0.0/16, then the ISP can offer 172.16.1.0/24, 172.16.2.0/24, and so on to
customers. Yet, when advertising to other providers, the ISP only needs to advertise
172.16.0.0/16.
For more information on CIDR, see RFC 1518 and RFC 1519.

Special Subnets

31-bit Subnets
A 30-bit subnet mask allows for four IPv4 addresses: two host addresses, one all-zeros
network, and one all-ones broadcast address. A point-to-point link can only have two
host addresses. There is no real need to have the broadcast and all-zeros addresses with
point-to-point links. A 31-bit subnet mask will allow for exactly two host addresses, and
eliminates the broadcast and all-zeros addresses, thus conserving the use of IP
addresses to the minimum for point-to-point links.
Refer to RFC 3021 - Using 31-Bit Prefixes on IPv4 Point-to-Point Links.
The mask is 255.255.255.254 or /31.

The /31 subnet can be used on true point-to-point links, such as serial or POS interfaces.
However, they can also be used on broadcast interface types like ethernet interfaces. If
that is the case, make sure there are only two IPv4 addresses needed on that ethernet
segment.
Example
192.168.1.0 and 192.168.1.1 are on the subnet 192.168.1.0/31.

R1(config)#int gigabitEthernet 0/1

R1(config-if)#ip address 192.168.1.0 255.255.255.254
% Warning: use /31 mask on non point-to-point interface cautiously

The warning is printed because gigabitEthernet is a broadcast segment.

32-bit Subnets
A subnet mask of 255.255.255.255 (a /32 subnet) describes a subnet with only one IPv4
host address. These subnets cannot be used for assigning address to network links,
because they always need more than one address per link. The use of /32 is strictly
reserved for use on links that can have only one address. The example for Cisco routers
is the loopback interface. These interfaces are internal interfaces and do not connect to
other devices. As such, they can have a /32 subnet.

Example

34
interface Loopback0
ip address 192.168.2.1 255.255.255.255

Network Model
When we are talking about layer 2 switches and layer 3 Ethernet switch
switch, we are actually
referring to the layers of a generic protocol model—Open
model Open Source Interconnect (OSI)
model. It is a commonly used in describing network communications. The data
communications between different networks are not possible if ththere are no common
rules for transmitting and receiving the packets of data. These rules are known as
protocols, among which the Transmission Control Protocol (TCP)/Internet Protocol (IP)
is one of the most widely used. The TCP/IP model is popularly used in network
description and is older than OSI model. They both have many layers, what’s the
difference between them?
OSI Reference Model Layers
OSI model is a conceptual model that characterizes and standardizes how different
software and hardware components involved in a network communication should
divide labor and interact with one another. It has seven layers.

S
Seven layers of the OSI model.
Layer 7: Application Layer
The application layer of OSI model interacts directly with software applications to
provide communication functions as required, and it is the closest to end users.
Functions of application layer typically include verifying the availability of

35
communication partners and resources to support any data transfer. This layer also
defines protocols for end applications, such as domain name system (DNS), file transfer
protocol (FTP), hypertext transfer protocol (HTTP), Internet massage access protocol
(IMAP), post office protocol (POP), simple mail transfer protocol (SMTP), Simple
Network Management Protocol (SNMP), and Telnet (a terminal emulation).

Layer 6: Presentation Layer

The presentation layer checks the data to ensure it is compatible with the
communications resources. It translates the data into the form that the application level
and lower levels accept. Any needed data formatting or code conversion is also handled
by the sixth layer, such as converting an Extended Binary Coded Decimal Interchange
Code (EBCDIC) coded text file to an American Standard Code for Information
Interchange (ASCII) coded text file. It functions for data compression and encryption as
well. For example, video calls will be compressed during the transmission so that it can
be transmitted faster, and the data will be recovered at the receiving side. For the data
that has high security requirements, such as a text message containing your password, it
will be encrypted at this layer.

Layer 5: Session Layer

The session layer controls the dialogues (connections) between computers. It
establishes, manages, maintains and ultimately terminates the connections between
the local and remote application. Layer 5 software also handles authentication and
authorization functions. It verifies the data is delivered as well. The session layer is
commonly implemented explicitly in application environments that use remote
procedure calls.

Layer 4: Transport Layer

The transport layer provides the functions and means of transferring data sequences
from a source to a destination host via one or more networks, while maintaining the
quality of service (QoS) functions and ensure the complete delivery of the data. The
integrity of the data can be guaranteed via error correction and similar functions. It can
also provide explicit flow control function. Though not strictly conforming to the OSI
model, the TCP and User Datagram Protocols (UDP) are essential protocols in layer 4.

Layer 3: Network Layer

The network layer handles packet routing via logical addressing and switching functions.
A network is a medium to which many nodes can be connected. Every node has an
address. When a node needs to transfer message to other nodes, it can merely provide
the content of the massage and the address of the destination node, then the network
will find the way to deliver the message to the destination node, possibly routing
through other nodes. If the message is too long, the network may split it into several
segments at one node, sending them separately and reassembling the fragments at
another node.

36
Layer 2: Data Link Layer
The data link layer provides node-to-node transfer—a link between two directly
connected nodes. It handles packaging and unpacking the data in frames. It defines the
protocol to establish and terminate a connection between two physically connected
devices, such as Point-to-Point Protocol (PPP). The data link layer is generally divided
into two sublayers—media access control (MAC) layer and logical link control (LLC)
layer. MAC layer is responsible for controlling how devices in a network gain access to a
media and permission to transmit data. LLC layer is responsible for identifying and
encapsulating network layer protocols, and controls error checking and frame
synchronization.

Layer 1: Physical Layer

The physical layer defines the electrical and physical specifications of the data
connection. For example, the layout of pins of the connector, the operation voltages of
an electrical cable, optical fiber cable specifications, and the frequency for wireless
devices. It is responsible for transmission and reception of unstructured raw data in a
physical medium. Bit rate control is done at the physical layer. It is the layer of low-level
networking equipment and is never concerned with protocols or other higher-layer
items.

TCP/IP Model Layers

TCP/IP model is also a layered reference model, but it is a four-layer model. Another
name for it is Internet protocol suite. It is commonly known as TCP/IP because the
foundational protocols are TCP and IP, but not only these two protocols are used in this
model.

Application Layer
The application layer of TCP/IP model provides applications the ability to access to
services of the other layers, and defines the protocols that applications use to exchange
data. Most widely-known application layer protocols include HTTP, FTP, SMTP, Telnet,
DNS, SNMP and Routing Information Protocol (RIP).
37
Transport Layer
The transport layer, also known as the host-to-host transport layer, is responsible for
providing the application layer with session and datagram communication services. The
core protocols of this layer are TCP and UDP. TCP provides a one-to-one, connection-
oriented, reliable communications service. It is responsible for sequencing and
acknowledgment of packets sent, and recovery of packets lost in transmission. UDP
provides one-to-one or one-to-many, connectionless, unreliable communications
service. UDP is used typically when the amount of data to be transferred is small (such
as that data would fit into a single packet).

Internet Layer
The Internet layer is responsible for host addressing, packaging, and routing functions.
The core protocols of the Internet protocol layer are IP, Address Resolution Protocol
(ARP), Internet Control Message Protocol (ICMP) and Internet Group Management
Protocol (IGMP). The IP is a routable protocol responsible for IP addressing, routing, and
the fragmentation and reassembly of packets. The ARP is responsible for the discovering
the network access layer address such as a hardware address associated with a given
Internet layer access. The ICMP is responsible for providing diagnostic functions and
reporting errors due to the unsuccessful delivery of IP packets. The IGMP is responsible
for the management of IP multicast groups. In this layer, the IP adds header to the
packets, which is known as IP address. Now there’s both IPv4 (32-bit) address and IP
Ipv6 (128-bit) address.

Figure 2: IPv4 address and IPv6 address examples.

Network Access Layer
Network access layer (or link layer) is responsible for placing the TCP/IP packets on the
network medium and receiving TCP/IP packets off the network medium. TCP/IP is
designed to be independent of the network access method, frame format, and medium.
In other word, it is independent from any specific network technology. In this way,
TCP/IP can be used to connect different network types, such as Ethernet, Token Ring,
X.25, Frame Relay, and Asynchronous Transfer Mode (ATM).

How Is Data Processed During the Transmission?

In a layered system, devices of a layer exchange data in different format, which is
known as protocol data unit (PDU). The table below shows the PDUs in different layers.

38
For example, when a user requests to browse a website on the computer, the remote
server software firstly gives the requested data to the application layer, where it is
processed from layer to layer down with each layer performing its designated functions.
The data is then transmitted over the physical layer of the network until the destination
server or another device receives it. At this point the data is passed up through the
layers again, each layer performing its assigned operations until the data is used by the
receiving software.

Data flows down from upper layers to lower layers, each layer add header/footer to
the PDU.

During the transmission, each layer adds a header, or footer, or both to the PDU coming
from the upper layer, which directs and identifies the packet. This process is called
encapsulation. The header (and footer) and the data together form the PDU for the next
layer. The process continues until reaching the lowest-level layer (physical layer or
network access layer), from which the data is transmitted to the receiving device. The
receiving device reverses the process, de-encapsulating the data at each layer with the

39
header and footer information directing the operations. Then the application finally
uses the data. The process is continued until all data is transmitted and received.

The Significance of TCP/IP and OSI to Troubleshooting

With the knowledge of division of layers, we can diagnose where the problem lies when
a connection fails. The principle is to check from the lowest level, rather than from the
highest level. Because each layer serves for the layer higher than it, and it will be easier
to deal with lower-layer problems. For example, if your computer cannot connect the
Internet, the first thing you should do is checking if the network cable is plugged your
computer, or if the wireless access point (WAP) is connected to the switch, or if the pins
of the RJ45 connectors are in good condition.

TCP/IP Model vs. OSI Model

The TCP/IP model is older than the OSI model. The following figure shows
corresponding relationship of their layers.

Figure 4: OSI model vs. TCP/IP model, and TCP/IP protocl suite.
Comparing the layers of the TCP/IP model and the OSI model, the application layer of
the TCP/IP model is similar to the OSI layers 5, 6, 7 combined, but TCP/IP model does
not have a separate presentation layer or session layer. The transport layer of TCP/IP
encompasses the responsibilities of the OSI transport layer and some of the
responsibilities of the OSI session layer. The network access layer of the TCP/IP model
encompasses the data link and physical layers of the OSI model. Note that the Internet
layer of TCP/IP does not take advantage of sequencing and acknowledgment services
that might be present in the data link layer of OSI model. The responsibility is of the
transport layer in TCP/IP model.

40
Considering the meanings of the two reference models, the OSI model is just a
conceptual model. It is mainly used for describing, discussing, and understanding
individual network functions. However, TCP/IP is firstly designed to solve a specific set
of problems, not to function as a generation description for all network communications
as OSI model. OSI model is generic, protocol independent, yet most protocols and
systems adhere to it, while TCP/IP model is based on standard protocols which the
Internet has developed. Another thing should be noted in OSI model is that not all layers
are used in simpler applications. While the layers 1, 2, 3 are mandatory for any data
communication, the application may use some unique interface layer to the application
instead of the usual upper layers in the model.

Summary
The TCP/IP model and OSI model are both conceptual models used for description of all
network communications, while TCP/IP itself is also an important protocol used in all
Internet operations. Generally, when we talk about layer 2, layer 3 or layer 7 in which a
network device works, we are referring to the OSI model. The TCP/IP model is used for
both modelling current Internet architecture and providing a set of rules that are
followed by all forms of transmission over the network.

ATM Reference Model

ATM stands for Asynchronous Transfer Mode. It is a switching technique that uses time
division multiplexing (TDM) for data communications.
ATM networks are connection oriented networks for cell relay that supports voice,
video and data communications. It encodes data into small fixed - size cells so that they
are suitable for TDM and transmits them over a physical medium.
The size of an ATM cell is 53 bytes: 5 byte header and 48 byte payload. There are two
different cell formats - user-network interface (UNI) and network-network interface
(NNI). The below image represents the Functional Reference Model of the
Asynchronous Transfer Mode.

Benefits of ATM Networks are

 It provides the dynamic bandwidth that is particularly suited for bursty traffic.
 Since all data are encoded into identical cells, data transmission is simple, uniform
and predictable.
 Uniform packet size ensures that mixed traffic is handled efficiently.

41
  Small sized header reduces packet overload, thus ensuring effective bandwidth
usage.
 ATM networks are scalable both in size and speed.
ATM reference model comprises of three layers
 Physical Layer − This layer corresponds to physical layer of OSI model. At this
layer, the cells are converted into bit streams and transmitted over the physical
medium. This layer has two sub layers: PMD sub layer (Physical Medium
Dependent) and TC (Transmission Convergence) sub layer.
 ATM Layer −This layer is comparable to data link layer of OSI model. It accepts
the 48 byte segments from the upper layer, adds a 5 byte header to each
segment and converts into 53 byte cells. This layer is responsible for routing of
each cell, traffic management, multiplexing and switching.
 ATM Adaptation Layer (AAL) −This layer corresponds to network layer of OSI
model. It provides facilities to the existing packet switched networks to connect
to ATM network and use its services. It accepts the data and converts them into
fixed sized segments. The transmissions can be of fixed or variable data rate. This
layer has two sub layers − Convergence sub layer and Segmentation and
Reassembly sub layer.
 ATM endpoints − It contains ATM network interface adaptor. Examples of
endpoints are workstations, routers, CODECs, LAN switches, etc.
 ATM switch −It transmits cells through the ATM networks. It accepts the
incoming cells from ATM endpoints (UNI) or another switch (NNI), updates cell
header and retransmits cell towards destination.

Network Protocols working at different layers

Layer-3 in the OSI model is called Network layer. Network layer manages options
pertaining to host and network addressing, managing sub-networks, and
internetworking.
Network layer takes the responsibility for routing packets from source to destination
within or outside a subnet. Two different subnet may have different addressing
schemes or non-compatible addressing types. Same with protocols, two different
subnet may be operating on different protocols which are not compatible with each
other. Network layer has the responsibility to route the packets from source to
destination, mapping different addressing schemes and protocols.

Layer-3 Functionalities
Devices which work on Network Layer mainly focus on routing. Routing may include
various tasks aimed to achieve a single goal. These can be:
 Addressing devices and networks.
 Populating routing tables or static routes.
 Queuing incoming and outgoing data and then forwarding them according to
quality of service constraints set for those packets.
 Internetworking between two different subnets.
 Delivering packets to destination with best efforts.
 Provides connection oriented and connection less mechanism.
42
Network Layer Features
With its standard functionalities, Layer 3 can provide various features as:
 Quality of service management
 Load balancing and link management
 Security
 Interrelation of different protocols and subnets with different schema.
 Different logical network design over the physical network design.
 L3 VPN and tunnels can be used to provide end to end dedicated connectivity.
Internet protocol is widely respected and deployed Network Layer protocol which helps
to communicate end to end devices over the internet. It comes in two flavors. IPv4
which has ruled the world for decades but now is running out of address space. IPv6 is
created to replace IPv4 and hopefully mitigates limitations of IPv4 too.

Layer 3 network addressing is one of the major tasks of Network Layer. Network
Addresses are always logical i.e. these are software based addresses which can be
changed by appropriate configurations.
A network address always points to host / node / server or it can represent a whole
network. Network address is always configured on network interface card and is
generally mapped by system with the MAC address (hardware address or layer-2
address) of the machine for Layer-2 communication.
There are different kinds of network addresses in existence:
 IP
 IPX
 AppleTalk
We are discussing IP here as it is the only one we use in practice these days.

IP addressing provides mechanism to differentiate between hosts and network. Because

IP addresses are assigned in hierarchical manner, a host always resides under a specific
network. The host which needs to communicate outside its subnet, needs to know
destination network address, where the packet/data is to be sent.
Hosts in different subnet need a mechanism to locate each other. This task can be done
by DNS. DNS is a server which provides Layer-3 address of remote host mapped with its
domain name or FQDN. When a host acquires the Layer-3 Address (IP Address) of the

43
remote host, it forwards all its packet to its gateway. A gateway is a router equipped
with all the information which leads to route packets to the destination host.
Routers take help of routing tables, which has the following information:
 Method to reach the network
Routers upon receiving a forwarding request, forwards packet to its next hop (adjacent
router) towards the destination.
The next router on the path follows the same thing and eventually the data packet
reaches its destination.
Network address can be of one of the following:
 Unicast (destined to one host)
 Multicast (destined to group)
 Broadcast (destined to all)
 Anycast (destined to nearest one)
A router never forwards broadcast traffic by default. Multicast traffic uses special
treatment as it is most a video stream or audio with highest priority. Anycast is just
similar to unicast, except that the packets are delivered to the nearest destination when
multiple destinations are available.

Data Link Layer

Data Link Layer is second layer of OSI Layered Model. This layer is one of the most
complicated layers and has complex functionalities and liabilities. Data link layer hides
the details of underlying hardware and represents itself to upper layer as the medium to
communicate.
Data link layer works between two hosts which are directly connected in some sense.
This direct connection could be point to point or broadcast. Systems on broadcast
network are said to be on same link. The work of data link layer tends to get more
complex when it is dealing with multiple hosts on single collision domain.
Data link layer is responsible for converting data stream to signals bit by bit and to send
that over the underlying hardware. At the receiving end, Data link layer picks up data
from hardware which are in the form of electrical signals, assembles them in a
recognizable frame format, and hands over to upper layer.
Data link layer has two sub-layers:
 Logical Link Control: It deals with protocols, flow-control, and error control
 Media Access Control: It deals with actual control of media

Functionality of Data-link Layer

Data link layer does many tasks on behalf of upper layer. These are:
 Framing
Data-link layer takes packets from Network Layer and encapsulates them into
Frames. Then, it sends each frame bit-by-bit on the hardware. At receiver’ end,
data link layer picks up signals from hardware and assembles them into frames.
 Addressing
Data-link layer provides layer-2 hardware addressing mechanism. Hardware
address is assumed to be unique on the link. It is encoded into hardware at the
time of manufacturing.
44
  Synchronization
When data frames are sent on the link, both machines must be synchronized in
order to transfer to take place.
 Error Control
Sometimes signals may have encountered problem in transition and the bits are
flipped. These errors are detected and attempted to recover actual data bits. It
also provides error reporting mechanism to the sender.
 Flow Control
Stations on same link may have different speed or capacity. Data-link layer
ensures flow control that enables both machine to exchange data on same speed.
 Multi-Access
When host on the shared link tries to transfer the data, it has a high probability of
collision. Data-link layer provides mechanism such as CSMA/CD to equip
capability of accessing a shared media among multiple Systems.
There are many reasons such as noise, cross-talk etc., which may help data to get
corrupted during transmission. The upper layers work on some generalized view of
network architecture and are not aware of actual hardware data processing. Hence, the
upper layers expect error-free transmission between the systems. Most of the
applications would not function expectedly if they receive erroneous data. Applications
such as voice and video may not be that affected and with some errors they may still
function well.
Data-link layer uses some error control mechanism to ensure that frames (data bit
streams) are transmitted with certain level of accuracy. But to understand how errors is
controlled, it is essential to know what types of errors may occur.

Types of Errors
There may be three types of errors:
 Single bit error

In a frame, there is only one bit, anywhere though, which is corrupt.

 Multiple bits error

Frame is received with more than one bits in corrupted state.

 Burst error

45
 Frame contains more than1 consecutive bits corrupted.
Error control mechanism may involve two possible ways:
 Error detection
 Error correction

Error Detection
Errors in the received frames are detected by means of Parity Check and Cyclic
Redundancy Check (CRC). In both cases, few extra bits are sent along with actual data to
confirm that bits received at other end are same as they were sent. If the counter-check
at receiver’ end fails, the bits are considered corrupted.

Parity Check
One extra bit is sent along with the original bits to make number of 1s either even in
case of even parity, or odd in case of odd parity.
The sender while creating a frame counts the number of 1s in it. For example, if even
parity is used and number of 1s is even then one bit with value 0 is added. This way
number of 1s remains even.If the number of 1s is odd, to make it even a bit with value 1
is added.

The receiver simply counts the number of 1s in a frame. If the count of 1s is even and
even parity is used, the frame is considered to be not-corrupted and is accepted. If the
count of 1s is odd and odd parity is used, the frame is still not corrupted.
If a single bit flips in transit, the receiver can detect it by counting the number of 1s. But
when more than one bits are erro neous, then it is very hard for the receiver to detect
the error.

Cyclic Redundancy Check (CRC)

CRC is a different approach to detect if the received frame contains valid data. This
technique involves binary division of the data bits being sent. The divisor is generated
using polynomials. The sender performs a division operation on the bits being sent and
calculates the remainder. Before sending the actual bits, the sender adds the remainder
at the end of the actual bits. Actual data bits plus the remainder is called a codeword.
The sender transmits data bits as codewords.

46
At the other end, the receiver performs division operation on codewords using the same
CRC divisor. If the remainder contains all zeros the data bits are accepted, otherwise it is
considered as there some data corruption occurred in transit.

Error Correction
In the digital world, error correction can be done in two ways:
 Backward Error Correction When the receiver detects an error in the data
received, it requests back the sender to retransmit the data unit.
 Forward Error Correction When the receiver detects some error in the data
received, it executes error-correcting code, which helps it to auto-recover and to
correct some kinds of errors.
The first one, Backward Error Correction, is simple and can only be efficiently used
where retransmitting is not expensive. For example, fiber optics. But in case of wireless
transmission retransmitting may cost too much. In the latter case, Forward Error
Correction is used.
To correct the error in data frame, the receiver must know exactly which bit in the
frame is corrupted. To locate the bit in error, redundant bits are used as parity bits for
error detection. For example, we take ASCII words (7 bits data), then there could be 8
kind of information we need: first seven bits to tell us which bit is error and one more
bit to tell that there is no error.
For m data bits, r redundant bits are used. r bits can provide 2r combinations of
information. In m+r bit codeword, there is possibility that the r bits themselves may get
corrupted. So the number of r bits used must inform about m+r bit locations plus no-
error information, i.e. m+r+1.
Data-link layer is responsible for implementation of point-to-point flow and error
control mechanism.

47
Flow Control
When a data frame (Layer-2 data) is sent from one host to another over a single
medium, it is required that the sender and receiver should work at the same speed.
That is, sender sends at a speed on which the receiver can process and accept the data.
What if the speed (hardware/software) of the sender or receiver differs? If sender is
sending too fast the receiver may be overloaded, (swamped) and data may be lost.
Two types of mechanisms can be deployed to control the flow:
 Stop and Wait

This flow control mechanism forces the sender after transmitting a data frame to
stop and wait until the acknowledgement of the data-frame sent is received.

 Sliding Window
In this flow control mechanism, both sender and receiver agree on the number of
data-frames after which the acknowledgement should be sent. As we learnt, stop
and wait flow control mechanism wastes resources, this protocol tries to make
use of underlying resources as much as possible.

Error Control
When data-frame is transmitted, there is a probability that data-frame may be lost in
the transit or it is received corrupted. In both cases, the receiver does not receive the
correct data-frame and sender does not know anything about any loss. In such case,
both sender and receiver are equipped with some protocols which helps them to detect
transit errors such as loss of data-frame. Hence, either the sender retransmits the data-
frame or the receiver may request to resend the previous data-frame.
Requirements for error control mechanism:
 Error detection - The sender and receiver, either both or any, must ascertain that
there is some error in the transit.
 Positive ACK - When the receiver receives a correct frame, it should acknowledge
it.
48
  Negative ACK - When the receiver receives a damaged frame or a duplicate
frame, it sends a NACK back to the sender and the sender must retransmit the
correct frame.
 Retransmission: The sender maintains a clock and sets a timeout period. If an
acknowledgement of a data-frame previously transmitted does not arrive before
the timeout the sender retransmits the frame, thinking that the frame or it’s
acknowledgement is lost in transit.
There are three types of techniques available which Data-link layer may deploy to
control the errors by Automatic Repeat Requests (ARQ):

 Stop-and-wait ARQ

The following transition may occur in Stop-and-Wait ARQ:

o The sender maintains a timeout counter.
o When a frame is sent, the sender starts the timeout counter.
o If acknowledgement of frame comes in time, the sender transmits the next
frame in queue.
o If acknowledgement does not come in time, the sender assumes that either
the frame or its acknowledgement is lost in transit. Sender retransmits the
frame and starts the timeout counter.
o If a negative acknowledgement is received, the sender retransmits the
frame.
49
 Go-Back-N ARQ
Stop and wait ARQ mechanism does not utilize the resources at their best. When
the acknowledgement is received, the sender sits idle and does nothing. In Go-
Back-N ARQ method, both sender and receiver maintain a window.

The sending-window size enables the sender to send multiple frames without
receiving the acknowledgement of the previous ones. The receiving-window
enables the receiver to receive multiple frames and acknowledge them. The
receiver keeps track of incoming frame’s sequence number.
When the sender sends all the frames in window, it checks up to what sequence
number it has received positive acknowledgement. If all frames are positively
acknowledged, the sender sends next set of frames. If sender finds that it has
received NACK or has not receive any ACK for a particular frame, it retransmits all
the frames after which it does not receive any positive ACK.

 Selective Repeat ARQ

In Go-back-N ARQ, it is assumed that the receiver does not have any buffer space
for its window size and has to process each frame as it comes. This enforces the
sender to retransmit all the frames which are not acknowledged.

50
 In Selective-Repeat ARQ, the receiver while keeping track of sequence numbers,
buffers the frames in memory and sends NACK for only frame which is missing or
damaged.
The sender in this case, sends only packet for which NACK is received.

Multiple access protocol- ALOHA, CSMA, CSMA/CA and CSMA/CD

Data Link Layer
The data link layer is used in a computer network to transmit the data between two
devices or nodes. It divides the layer into parts such as data link control and the
multiple access resolution/protocol. The upper layer has the responsibility to flow
control and the error control in the data link layer, and hence it is termed as logical of
data link control. Whereas the lower sub-layer is used to handle and reduce the
collision or multiple access on a channel. Hence it is termed as media access control or
the multiple access resolutions.

Data Link Control

A data link control is a reliable channel for transmitting data over a dedicated link using
various techniques such as framing, error control and flow control of data packets in the
computer network.
51
What is a multiple access protocol?
When a sender and receiver have a dedicated link to transmit data packets, the data link
control is enough to handle the channel. Suppose there is no dedicated path to
communicate or transferr the data between two devices. In that case, multiple stations
access the channel and simultaneously transmits the data over the channel. It may
create collision and cross talk. Hence, the multiple access protocol is required to reduce
the collision and avoid
void crosstalk between the channels.
For example, suppose that there is a classroom full of students. When a teacher asks a
question, all the students (small channels) in the class start answering the question at
the same time (transferring the data simultaneously). All the students respond at the
same time due to which data is overlap or data lost. Therefore it is the responsibility of
a teacher (multiple access protocol) to manage the students and make them one
answer.
Following are the types of multiple
multiple access protocol that is subdivided into the different
process as:

A. Random Access Protocol

In this protocol, all the station has the equal priority to send the data over a channel. In
random access protocol, one or more stations cannot depend on aanother station nor
any station control another station. Depending on the channel's state (idle or busy),
each station transmits the data frame. However, if more than one station sends the
data over a channel, there may be a collision or data conflict. Due to the collision, the
data frame packets may be lost or changed. And hence, it does not receive by the
receiver end. Following are the different methods of random- random-access protocols for
broadcasting frames on the channel.

 Aloha
 CSMA
 CSMA/CD
 CSMA/CA

52
ALOHA Randomdom Access Protocol
It is designed for wireless LAN (Local Area Network) but can also be used in a shared
medium to transmit data. Using this method, any station can transmit data across a
network simultaneously when a data frameset is available for transm
transmission.

Aloha Rules
1. Any station can transmit data to a channel at any time.
2. It does not require any carrier sensing.
3. Collision and data frames may be lost during the transmission of data through
multiple stations.
4. Acknowledgment of the frames exists in Aloha. Hence, there is no collision
detection.
5. It requires retransmission of data after some random amount of time.

Pure Aloha
Whenever data is available for sending over a channel at stations, we use Pure Aloha. In
pure Aloha, when each station transmits
transmits data to a channel without checking whether
the channel is idle or not, the chances of collision may occur, and the data frame can be
lost. When any station transmits the data frame to a channel, the pure Aloha waits for
the receiver's acknowledgment. If it does not acknowledge the receiver end within the
specified time, the station waits for a random amount of time, called the backoff time
(Tb). And the station may assume the frame has been lost or destroyed. Therefore, it
retransmits the frame until all the data are successfully transmitted to the receiver.
1. The total vulnerable time of pure Aloha is 2 * Tfr.
2. Maximum throughput occurs when G = 1/ 2 that is 18.4%.
3. Successful transmission of data frame is S = G * e ^ - 2 G.

53
As we can see in the figure above,
above, there are four stations for accessing a shared channel
and transmitting data frames. Some frames collide because most stations send their
frames at the same time. Only two frames, frame 1.1 and frame 2.2, are successfully
transmitted to the receiver end.
end. At the same time, other frames are lost or destroyed.
Whenever two frames fall on a shared channel simultaneously, collisions can occur, and
both will suffer damage. If the new frame's first bit enters the channel before finishing
the last bit of the second
ond frame. Both frames are completely finished, and both stations
must retransmit the data frame.
Slotted Aloha
The slotted Aloha is designed to overcome the pure Aloha's efficiency because pure
Aloha has a very high possibility of frame hitting. In slotted
slotted Aloha, the shared channel is
divided into a fixed time interval called slots.. So that, if a station wants to send a frame
to a shared channel, the frame can only be sent at the beginning of the slot, and only
one frame is allowed to be sent to each slot. And if the stations are unable to send data
to the beginning of the slot, the station will have to wait until the beginning of the slot
for the next time. However, the possibility of a collision remains when trying to send a
frame at the beginning of two or more station time slot.

1. Maximum throughput occurs in the slotted Aloha when G = 1 that is 37%.

2. The probability of successfully transmitting the data frame in the slotted Aloha is
S = G * e ^ - 2 G.
3. The total vulnerable time required in slotted Aloha is Tfr.

CSMA (Carrier Sense Multiple Access)

It is a carrier sense multiple access based on media access protocol to sense the traffic
on a channel (idle or busy) before transmitting the data. It means that if the channel is
idle, the station can send data to the channel. Otherwise, it must wait until the channel
becomes idle. Hence, it reduces the chances of a collision on a transmission medium.

54
CSMA Access Modes
1-Persistent: In the 1-Persistent
Persistent mode of CSMA that defines each node, first sense the
shared channel and if the channel is idle, it immediately sends the data. Else it must
wait
it and keep track of the status of the channel to be idle and broadcast the frame
unconditionally as soon as the channel is idle.
Non-Persistent: It is the access mode of CSMA that defines before transmitting the
data, each node must sense the channel, and if the channel is inactive, it immediately
sends the data. Otherwise, the station must wait for a random time (not continuously),
and when the channel is found to be idle, it transmits the frames.
P-Persistent: It is the combination of 1-Persistent
1 and Non-persistent
persistent modes. The P P-
Persistent mode defines that each node senses the channel, and if the channel is
inactive, it sends a frame with a P probability. If the data is not transmitted, it waits for a
(q = 1-p probability)) random time and resumes the frame
frame with the next time slot.
O- Persistent: It is an O-persistent
persistent method that defines the superiority of the station
before the transmission of the frame on the shared channel. If it is found that the
channel is inactive, each station waits for its turn to retransmit the data.

CSMA/ CD
It is a carrier sense multiple access/ collision detection network protocol to transmit
data frames. The CSMA/CD protocol works with a medium access control layer.
55
Therefore, it first senses the shared channel before broadcasting the frames, and if the
channel is idle, it transmits a frame to check whether the transmission was successful. If
the frame is successfully received, the station sends another frame. If any collision is
detected in the CSMA/CD, the station sends a jam/ stop signal to the shared channel to
terminate data transmission. After that, it waits for a random time before sending a
frame to a channel.

CSMA/ CA
It is a carrier sense multiple access/collision avoidance network protocol for carrier
transmission of data frames. It is a protocol that works with a medium access control
layer. When a data frame is sent to a channel, it receives an acknowledgment to check
whether the channel is clear. If the station receives only a single (own)
acknowledgments, that means the data frame has been successfully transmitted to the
receiver. But if it gets two signals (its own and one more in which the collision of
frames), a collision of the frame occurs in the shared channel. Detects the collision of
the frame when a sender receives an acknowledgment signal.
Following are the methods used in the CSMA/ CA to avoid the collision:
Interframe space: In this method, the station waits for the channel to become idle, and
if it gets the channel is idle, it does not immediately send the data. Instead of this, it
waits for some time, and this time period is called the Interframe space or IFS.
However, the IFS time is often used to define the priority of the station.
Contention window: In the Contention window, the total time is divided into different
slots. When the station/ sender is ready to transmit the data frame, it chooses a random
slot number of slots as wait time. If the channel is still busy, it does not restart the
entire process, except that it restarts the timer only to send data packets when the
channel is inactive.
Acknowledgment: In the acknowledgment method, the sender station sends the data
frame to the shared channel if the acknowledgment is not received ahead of time.

B. Controlled Access Protocol

It is a method of reducing data frame collision on a shared channel. In the controlled
access method, each station interacts and decides to send a data frame by a particular
station approved by all other stations. It means that a single station cannot send the
data frames unless all other stations are not approved. It has three types of controlled
access: Reservation, Polling, and Token Passing.

C. Channelization Protocols
It is a channelization protocol that allows the total usable bandwidth in a shared
channel to be shared across multiple stations based on their time, distance and codes. It
can access all the stations at the same time to send the data frames to the channel.
Following are the various methods to access the channel based on their time, distance
and codes:
1. FDMA (Frequency Division Multiple Access)
2. TDMA (Time Division Multiple Access)
3. CDMA (Code Division Multiple Access)
56
FDMA
It is a frequency division multiple access (FDMA)
( ) method used to divide the available
bandwidth into equal bands so that multiple users can send data through a different
frequency to the subchannel. Each station is reserved with a particular band to prevent
the crosstalk between the channels and interferences of stations.

TDMA
Time Division Multiple Access (TDMA)
( ) is a channel access method. It allows the same
frequency bandwidth to be shared across multiple stations. And to avoid collisions in
the shared channel, it divides the channel into different frequency slots that allocate
stations to transmit the data frames. The same frequency bandwibandwidth into the shared
channel by dividing the signal into various time slots to transmit it. However, TDMA has
an overhead of synchronization that specifies each station's time slot by adding
synchronization bits to each slot.

CDMA
The code division multiplee access (CDMA) is a channel access method. In CDMA, all
stations can simultaneously send the data over the same channel. It means that it
allows each station to transmit the data frames with full frequency on the shared
channel at all times. It does not require
require the division of bandwidth on a shared channel
based on time slots. If multiple stations send data to a channel simultaneously, their
data frames are separated by a unique code sequence. Each station has a different
unique code for transmitting the data
data over a shared channel. For example, there are
multiple users in a room that are continuously speaking. Data is received by the users if
57
only two-person interact with each other using the same language. Similarly, in the
network, if different stations communicate with each other simultaneously with
different code language.

Controlled Access Protocols - Reservation, Polling & Token Passing

Can two people speak at the same time and still understand each other's statements?
Well, not. The same goes for data-frames in a computer network. If we transmit two
frames at a time, they'll collide with each other, and data will get lost.
Before discussing Controlled access protocols, please do refer to Random access
protocols.
So how are controlled access protocols different from random access protocols?
The difference is, only that station can transmit the data which is approved by all other
stations in that network. And we saw that in random access protocols the transmission
is based on the availability of the transmission channel.
So, here in controlled access protocols only one station can transmit the data-frames at
a time, which leads us to a collision-free transmission through the communication
channel.
Let us now discuss the types of controlled access protocols. There are three types of
Controlled access protocols:
1. Reservation
2. Polling
3. Token Passing
Let's learn about them one by one.

Reservation
Whenever we travel from a train or an airplane, the first thing we do is to reserve our
seats, similarly here a station must make a reservation first before transmitting any
data-frames.
This reservation timeline consists of two kinds of periods:
1. Reservation interval of a fixed time duration
2. Data transmission period of variable frames
Consider there are 4 stations then the reservation intervals are divided into 4 slots so
that each station has a slot. Means if n number of stations are there then n slot will be
allotted.
Now let us assume that these 4 stations are 4 friends, now is friend-1 speaks in his slot-1
then no other friend can speak at this time. Similarly, if station-1 transmits a 1-bit data-
frame in slot-1 then at that time no other station can transmit its data-frames and they
must wait for their time slot. After all the slots have transmitted and checked then each
station knows which station now wishes for transmission.
The biggest advantage of this method is since all stations agree on which station is next
to transmit then there are no possible collisions.
The illustration below shows a scenario with five stations with a five-slot reservation
frame. here, in the time interval station 1,3,4 are the only stations with reservations and
in the second interval station-1 is the only station with a reservation.

58
Polling
Recall your school or college classroom, what was the first thing the teacher does after
entering the class? The answer is roll call or attendance. Let's compare the scenario. The
teacherr calls roll number 1 and gets a response if he/she is present then switches to the
next roll number, say roll number two and roll number 2 is absent, so the teacher gets
no response in return or say a negative response. Similarly, in a computer network th there
is a primary station or controller (teacher) and all other stations are secondary
(students), the primary station sends a message to each station. The message which is
sent by the primary station consists of the address of the station which is selected for
granting access.
The point to remember is that all the nodes receive the message but the addressed one
responds and sends data in return, but if the station has no data to transmit then it
sends a message called Poll Reject or NAK (negative acknowledgment).ment).
But this method has some drawbacks like the high overhead of the polling messages
and high dependence on the reliability of the primary station.
We calculate the efficiency of this method in terms of time for polling & time required
for transmission of data.
Tpoll = time for polling
Tt = time required for transmission of data
So, efficiency = Tt / (Tt + Tpoll)
Whenever the primary station wants to recieve the data, it asks the secondary stations
present in its channel, this method is polling.. In the first diagram, we see that primary
station asks station A if it has any data ready for transmission, since A does not have any
data queued for transmission it sends NAK (negative acknowledgement), and then it
asks station B, since B has data ready for transmission, so it transmits the data and in
return recieves acknowledgement from primary station.

59
In the next case, if primary station wants to send data to the secondary stations, it sends
a select message, and if the secondary station accepts the the request from the primary
station, then it sends back an acknowledgement and then primary station transmits the
data and inreturn recieves an acknowledgement.

60
Token Passing
Now, say 4 people are sitting on a round table and only that person can speak w who has
the token. In computer networks a token is a special bit pattern that allows the token
possessing system to send data or we can say that a token represents permission to
transmit data. The token circulation around the table (or a network ring) is in a
predefined order. A station can only pass the token to its adjacent station and not to
any other station in the network. If a station has some data queued for transmission it
can not transmit the data until it receives the token and makes sure it has trtransmitted
all the data before passing on the received token.
This method has some drawbacks like duplication of token or sometimes the token is
damaged or lost during the circulation, or some times if we introduce a new station or
remove an existing station n from the network, this leads to a huge disturbance, which
should be taken care of so that the efficiency of the method is not affected.
The performance of a token ring is governed by 2 parameters, which are delay and
throughput.

61
Delay is a measure of the time; it is the time difference between a packet ready for
transmission and when it is transmitted. Hence, the average time required to send a
token to the next station is a/N.
Throughput is a measure of the successful traffic in the communication channel
channel.
Throughput, S = 1/ (1 + a/N) for a<1
S = 1/[a(1+1/N)] for a>1, here N = number of stations & a = Tp/Tt
Tp = propagation delay &Tt = transmission delay
In the diagram below when station-1
station 1 posses the token it starts transmitting all the data
data-
frames which are in it's queue. now after transmission, station-1
station 1 passes the token to
station-2 and so on. Station-11 can now transmit data again, only when all the stations in
the network have transmitted their data and passed the token.

Note:: A token can only work in

in that channel, for which it is generated and not for any
other.

Ethernet
is the traditional technology for connecting devices in a wired local area network ((LAN)
or wide
ide area network (WAN), enabling them to communicate with each other via
a protocol -- a set of rules or common network language. Ethernet describes how
network devices can format and and transmit data so other devices on the same local or
campus area network segment can recognize, receive and process the information. An
Ethernet cable is the physical, encased wiring over which the data travels.

Wireless LAN (WLAN)

is a wireless computer network that links two or more devices using wireless
communication to form a local area network (LAN) within a limited area such as a home,
school, computer laboratory, campus, or office building. This gives users the ability to
movee around within the area and remain connected to the network. Through a
gateway, a WLAN can also provide a connection to the wider Internet. Wireless LANs
62
based on the IEEE 802.11 standards are the most widely used computer networks in the
world. These are commonly called Wi-Fi, which is a trademark belonging to the Wi-Fi
Alliance.
Bluetooth.
A form of wireless connection used to exchange data between mobile and fixed devices
over short distances, Bluetooth is a common form of connection between devices
located no more than 10 metres apart, and where data rates are relatively low.
Bluetooth has a surprisingly small power requirement, meaning that its effect on a
device's battery life is less than using Wi-Fi or an ethernet connection.

Switching techniques
In large networks, there can be multiple paths from sender to receiver. The switching
technique will decide the best route for data transmission.
Switching technique is used to connect the systems for making one-to-one
communication.
Classification Of Switching Techniques

Circuit Switching
 Circuit switching is a switching technique that establishes a dedicated path
between sender and receiver.
 In the Circuit Switching Technique, once the connection is established then the
dedicated path will remain to exist until the connection is terminated.
 Circuit switching in a network operates in a similar way as the telephone works.
 A complete end-to-end path must exist before the communication takes place.
 In case of circuit switching technique, when any user wants to send the data,
voice, video, a request signal is sent to the receiver then the receiver sends back

63
 the acknowledgment to ensure the availability of the dedicated path. After
receiving the acknowledgment, dedicated path transfers the data.
 Circuit switching is used in public telephone network. It is used for voice
transmission.
 Fixed data can be transferred at a time in circuit switching technology.

Communication through circuit switching has 3 phases:

 Circuit establishment
 Data transfer
 Circuit Disconnect

Circuit Switching can use either of the two technologies:

Space Division Switches:

 Space Division Switching is a circuit switching technology in which a single
transmission path is accomplished in a switch by using a physically separate set of
crosspoints.
 Space Division Switching can be achieved by using crossbar switch. A crossbar
switch is a metallic crosspoint or semiconductor gate that can be enabled or
disabled by a control unit.
 The Crossbar switch is made by using the semiconductor. For example, Xilinx
crossbar switch using FPGAs.
 Space Division Switching has high speed, high capacity, and nonblocking switches.

Space Division Switches can be categorized in two ways:

 Crossbar Switch
 Multistage Switch

Crossbar Switch
The Crossbar switch is a switch that has n input lines and n output lines. The crossbar
switch has n2 intersection points known as crosspoints.
Disadvantage of Crossbar switch:
The number of crosspoints increases as the number of stations is increased. Therefore,
it becomes very expensive for a large switch. The solution to this is to use a multistage
switch.

64
Multistage Switch
 Multistage Switch is made by splitting the crossbar switch into the smaller units
and then interconnecting them.
 It reduces the number of crosspoints.
 If one path fails, then there will be an availability of another path.

Advantages Of Circuit Switching:

 In the case of Circuit Switching technique, the communication channel is
dedicated.
 It has fixed bandwidth.

Disadvantages Of Circuit Switching:

 Once the dedicated path is established, the only delay occurs in the speed of data
transmission.
 It takes a long time to establish a connection approx 10 seconds during which no
data can be transmitted.
 It is more expensive than other switching techniques as a dedicated path is
required for each connection.
 It is inefficient to use because once the path is established and no data is
transferred, then the capacity of the path is wasted.
 In this case, the connection is dedicated therefore no other data can be
transferred even if the channel is free.

Message Switching
 Message Switching is a switching technique in which a message is transferred as a
complete unit and routed through intermediate nodes at which it is stored and
forwarded.
 In Message Switching technique, there is no establishment of a dedicated path
between the sender and receiver.
 The destination address is appended to the message. Message Switching provides
a dynamic routing as the message is routed through the intermediate nodes
based on the information available in the message.
 Message switches are programmed in such a way so that they can provide the
most efficient routes.
 Each and every node stores the entire message and then forward it to the next
node. This type of network is known as store and forward network.
 Message switching treats each message as an independent entity.

65
Advantages Of Message Switching
 Data channels are shared among the communicating devices that improve the
efficiency of using available bandwidth.
 Traffic congestion can be reduced because the message is temporarily stored in
the nodes.
 Message priority can be used to manage the network.
 The size of the message which is sent over the network can be varied. Therefore,
it supports the data of unlimited size.

Disadvantages Of Message Switching

 The message switches must be equipped with sufficient storage to enable them
to store the messages until the message is forwarded.
 The Long delay can occur due to the storing and forwarding facility provided by
the message switching technique.

Packet Switching
 The packet switching is a switching technique in which the message is sent in one
go, but it is divided into smaller pieces, and they are sent individually.
 The message splits into smaller pieces known as packets and packets are given a
unique number to identify their order at the receiving end.
 Every packet contains some information in its headers such as source address,
destination address and sequence number.
 Packets will travel across the network, taking the shortest path as possible.
 All the packets are reassembled at the receiving end in correct order.
 If any packet is missing or corrupted, then the message will be sent to resend the
message.
 If the correct order of the packets is reached, then the acknowledgment message
will be sent.

66
Approaches Of Packet Switching:

There are two approaches to Packet Switching:

Datagram Packet switching:

 It is a packet switching technology in which packet is known as a datagram, is
considered as an independent entity. Each packet contains the information about
the destination and switch uses this information to forward the packet to the
correct destination.
 The packets are reassembled at the receiving end in correct order.
 In Datagram Packet Switching technique, the path is not fixed.
 Intermediate nodes take the routing decisions to forward the packets.
 Datagram Packet Switching is also known as connectionless switching.

Virtual Circuit Switching

 Virtual Circuit Switching is also known as connection-oriented switching.

 In the case of Virtual circuit switching, a preplanned route is established before
the messages are sent.
 Call request and call accept packets are used to establish the connection between
sender and receiver.
 In this case, the path is fixed for the duration of a logical connection.

Let's understand the concept of virtual circuit switching through a diagram:

67
  In the above diagram, A and B are the sender and receiver respectively. 1 and 2
are the nodes.
 Call request and call accept packets are used to establish a connection between
the sender and receiver.
 When a route is established, data will be transferred.
 After transmission of data, an acknowledgment signal is sent by the receiver that
the message has been received.
 If the user wants to terminate the connection, a clear signal is sent for the
termination.

Differences b/w Datagram approach and Virtual Circuit approach

Datagram approach Virtual Circuit approach
Node takes routing decisions to
Node does not take any routing decision.
forward the packets.
Congestion can occur when the node is busy,
Congestion cannot occur as all the
and it does not allow other packets to pass
packets travel in different directions.
through.
It is more flexible as all the packets are
It is not very flexible.
treated as an independent entity.

Advantages Of Packet Switching:

 Cost-effective: In packet switching technique, switching devices do not require
massive secondary storage to store the packets, so cost is minimized to some
extent. Therefore, we can say that the packet switching technique is a cost-
effective technique.
 Reliable: If any node is busy, then the packets can be rerouted. This ensures that
the Packet Switching technique provides reliable communication.
 Efficient: Packet Switching is an efficient technique. It does not require any
established path prior to the transmission, and many users can use the same

68
 communication channel simultaneously, hence makes use of available bandwidth
very efficiently.

Disadvantages Of Packet Switching:

 Packet Switching technique cannot be implemented in those applications that
require low delay and high-quality services.
 The protocols used in a packet switching technique are very complex and requires
high implementation cost.
 If the network is overloaded or corrupted, then it requires retransmission of lost
packets. It can also lead to the loss of critical information if errors are nor
recovered.

Routing Algorithms
A routing algorithm is a procedure that lays down the route or path to transfer data
packets from source to the destination. They help in directing Internet traffic efficiently.
After a data packet leaves its source, it can choose among the many different paths to
reach its destination. Routing algorithm mathematically computes the best path, i.e.
“least – cost path” that the packet can be routed through.
Types of Routing Algorithms
Routing algorithms can be broadly categorized into two types, adaptive and
nonadaptive routing algorithms. They can be further categorized as shown in the
following diagram −

Adaptive Routing Algorithms

Adaptive routing algorithms, also known as dynamic routing algorithms, makes routing
decisions dynamically depending on the network conditions. It constructs the routing
table depending upon the network traffic and topology. They try to compute the
optimized route depending upon the hop count, transit time and distance.
The three popular types of adaptive routing algorithms are −

69
  Centralized algorithm − It finds the least-cost path between source and
destination nodes by using global knowledge about the network. So, it is also
known as global routing algorithm.
 Isolated algorithm − This algorithm procures the rou ng informa on by using
local information instead of gathering information from other nodes.
 Distributed algorithm − This is a decentralized algorithm that computes the least-
cost path between source and destination iteratively in a distributed manner.

Non – Adaptive Routing Algorithms

Non-adaptive Routing algorithms, also known as static routing algorithms, construct a
static routing table to determine the path through which packets are to be sent. The
static routing table is constructed based upon the routing information stored in the
routers when the network is booted up.
The two types of non – adaptive routing algorithms are −
 Flooding − In flooding, when a data packet arrives at a router, it is sent to all the
outgoing links except the one it has arrived on. Flooding may be uncontrolled,
controlled or selective flooding.
 Random walks − This is a probabilis c algorithm where a data packet is sent by
the router to any one of its neighbours randomly.

Virtual Circuits & Datagram Networks

Both Virtual Circuits and Datagram Networks are the type of connection services which
are used for transmission of information from sender to receiver.
Following are the important differences between Virtual Circuits & Datagram Networks
Sr.
Key Virtual Circuits Datagram Networks
No.
Virtual Circuit is the connection
oriented service in which there is a On other hand Datagram is the
implementation of resources like connection less service where
1 Definition
buffers, CPU, bandwidth, etc., used by no such resources are required
virtual circuit for a data transfer for the data transmission.
session.
In Virtual circuits as all the resources On other hand in case
and bandwidth get reserved before Datagram network, the path is
the transmission, the path which is not fixed as data packets are
2 Path utilized or followed by first data packet free to decide the path on any
would get fixed and all other data intermediate router on the go
packets will use the same path and by dynamically changing
consume same resources. routing tables on routers.
On other hand different
As there is same path followed by all
headers with information of
3 Header the data packets, a common and same
other data packet is being used
header is being used by all the packets.
in Datagram network.

70
Sr.
Key Virtual Circuits Datagram Networks
No.
However on other hand
Virtual Circuit is less complex as
Datagram network are more
4 Complexity compared to that of Datagram
complex as compared to Virtual
network.
circuit.
On other hand Datagram
Due to fixed path and assurance of network due to dynamic
fixed resources, Virtual Circuits are resource allocation and follow
5 Reliability
more reliable for data transmission as dynamic path is more prone to
compared to Datagram network. error and is less reliable than
Virtual circuits.
On the other hand Datagram
Virtual circuits are costlier in
network are cheaper as
installation and maintenance and are
Example compared to the Virtual
6 widely used by ATM (Asynchronous
and Cost Circuits and are mainly used by
Transfer Mode) Network, which is
IP network, which is used for
used for the Telephone calls.
Data services like Internet.

Congestion Control Algorithms

A state occurring in network layer when the message traffic is so heavy that it slows
down network response time.
Effects of Congestion
 As delay increases, performance decreases.
 If delay increases, retransmission occurs, making situation worse.
Congestion control algorithms
 Leaky Bucket Algorithm
Let us consider an example to understand
Imagine a bucket with a small hole in the bottom. No matter at what rate water enters
the bucket, the outflow is at constant rate. When the bucket is full with water additional
water entering spills over the sides and is lost.

Similarly, each network interface contains a leaky bucket and the following steps are
involved in leaky bucket algorithm:
1. When host wants to send packet, packet is thrown into the bucket.

71
 2. The bucket leaks at a constant rate, meaning the network interface transmits
packets at a constant rate.
3. Bursty traffic is converted to a uniform traffic by the leaky bucket.
4. In practice the bucket is a finite queue that outputs at a finite rate.
 Token bucket Algorithm
Need of token bucket Algorithm:-
The leaky bucket algorithm enforces output pattern at the average rate, no matter how
bursty the traffic is. So in order to deal with the bursty traffic we need a flexible
algorithm so that the data is not lost. One such algorithm is token bucket algorithm.
Steps of this algorithm can be described as follows:
1. In regular intervals tokens are thrown into the bucket. ƒ
2. The bucket has a maximum capacity. ƒ
3. If there is a ready packet, a token is removed from the bucket, and the packet is
sent.
4. If there is no token in the bucket, the packet cannot be sent.
Let’s understand with an example,
In figure (A) we see a bucket holding three tokens, with five packets waiting to be
transmitted. For a packet to be transmitted, it must capture and destroy one token. In
figure (B) We see that three of the five packets have gotten through, but the other two
are stuck waiting for more tokens to be generated.
Ways in which token bucket is superior to leaky bucket:
The leaky bucket algorithm controls the rate at which the packets are introduced in the
network, but it is very conservative in nature. Some flexibility is introduced in the token
bucket algorithm. In the token bucket, algorithm tokens are generated at each tick (up
to a certain limit). For an incoming packet to be transmitted, it must capture a token
and the transmission takes place at the same rate. Hence some of the busty packets are
transmitted at the same rate if tokens are available and thus introduces some amount
of flexibility in the system.
Formula: M * s = C + ρ * s
where S – is time taken
M – Maximum output rate
ρ – Token arrival rate
C – Capacity of the token bucket in byte
Let’s understand with an example,

72
Quality of Service
QoS (Quality of Service) is a term that refers to the technology used to manage data
traffic via the network. Designed to reduce interference such as packet loss, jitter, and
latency, QoS oversees network resources control and management. QoS also sets
boundaries and priorities for different data categories that travel between IP networks
as bandwidth traffic across the network.
Modern-day businesses are expected to provide reliable, dependable services with
minimal disruption to the end-user. In recent years applications such as voice, video, file
sharing and streamed data have increasingly become part of our everyday lives,
meaning QoS has become ever more important.
The volume of application usage, an increasing number of devices connecting to the
network, and a significant rise in social media use mean a network can frequently be
flooded. This network overload can lead to discrepancies in performance. As a result, IT
departments become inundated with reports of interrupted video meetings, poor audio
quality, delays and even dropped phone calls, which can significantly damage day-to-
day efficiencies in the workplace.
Using QoS, these businesses can prevent disruption in the form of IP packet loss, delays
and jitter for VoIP (voice over IP), AoIP (audio over IP) and other real-time
communications applications.
More often than not, QoS will be incorporated within the Service Level Agreement (SLA)
given by their service provider. This guarantees a specific level of service. However,
tools and techniques can be used independently to achieve QoS.

Why is QoS important?

QoS policing is essentially the traffic management of data packets travelling across a
network simultaneously. QoS policies have been developed to allow better network
administrators to prioritise certain applications according to their core business needs,
allocating weightier importance to specific data delivery types over others.
These QoS policies are integral for businesses that rely on live video meetings, online
training, and media streaming to function in their day to day tasks. QoS prevents the
delivery of these types of data from being jeopardized by high traffic levels on the
network.
QoS mitigates these issues by classifying and implementing several functions, including
the following:

Latency Reduction
Latency is the amount of time it takes for a packet to venture from the source to its
intended IP address. Ideally, the latency of these packets should be as close to zero as
possible. Still, it can result in an echo effect for the recipient or overlapping audio in IP
audio and voice packets if latency occurs.
Network latency can be a common and troublesome issue for IT departments if real-
time transport protocol (RTP) packets are left unclassified. Classification and
prioritisation are essential in these cases to avoid latency issues in video and audio IP
exchanges.

73
Jitter Reduction
Jitter is another ill-effect of network congestion and results in a degradation in voice
quality, audio and video data. The irregular signal pulses often result in erratic
distribution and speed of data packets between IP addresses – this can cause flickering
effects, gaps in audio or imagery and out-of-sequence packet delivery.

Packet Loss Prevention

Packet loss is, as it sounds – the loss of data packets because of congestion on a
network. Packet loss occurs when the router or switch has to disregard inbound data
packets due to overload until the issue is resolved. With QoS effectively in place, the
steady stream of traffic is supported, meaning packets don’t drop out completely.
Prioritisation policies dictate that types of data are pipelined accordingly and eradicate
jams within a congested network.

Improved Security
QoS has the ability to block unwanted or suspicious data traffic in its path, acting as a
firewall to make it a key component of a more secure network infrastructure. Security
policies also dictate that encrypted packets are ranked higher, ensuring that safe data
packets take priority.

Internetworking Device Mean?

An internetworking device is a widely-used term for any hardware within networks that
connect different network resources. Key devices that comprise a network are routers,
bridges, repeaters and gateways.

Routers
This is the most intelligent device that exists on the network. It handles all the traffic in
your network and sends it to the proper destination. Routers have an Internetworking
Operating System (IOS) that allows the router to have a set of features that will allow
you to configure it for the specifications needed on your network to get that data
across:

Routers have the following components you need to be aware of, not only for your
certification, but for real-world applications: ROM, RAM, NVRAM, and Flash—each of
these components serves a unique purpose.

74
For now, you need to know that routers create multiple collision domains and multiple
broadcast domains, and they work on layer three, or the network layer, of the OSI
model. Don't fret; we will be getting to that shortly.

Switches
Switches come in different flavors, meaning they could have different functionalities
depending on the IOS that they had and the needs of your network. For certification
purposes, layer-two switches will be the focus of our studies, but we will briefly cover
some layer-three switching features:

The main purpose of a switch on a network is functionality. The switch is where all your
devices will be connected for them to communicate with each other, but the switch
offers a lot of features we can use to our advantage, in making our network more
efficient. The following bullet points concern some of those features:
 VLANs
 Switchport security
 Spanning Tree Protocol
 EtherChannel
And there is much more, depending on the IOS you have. The switch also has the same
components as the router, but it maintains a VLAN database file that you need to be
aware of. Once again, all of these features and their details will be revealed later in the
book.

Bridges
Bridges are like switches, but they are much more limited, with fewer ports, are
software-based instead of hardware-based, and offer fewer features:

Bridges operates at layer two and their main function on the network is to segment the
network. They also create multiple collision domains and broadcast domains.

Hubs
Hubs are not used on a network in today's IT world. Hubs are unintelligent devices. They
are a layer one device; their main function is to act like a multiport repeater. It will
75
create one collision domain and one broadcast domain, which is a very bad thing,
especially in an Ethernet network. But this will be explained in detail later.

Just remember not to use hubs in your network, because they will slow it down.

Network cabling
I know what you are saying, Cabling is not an internetworking devicedevice, but know that
when building, repairing, or enhancing a network, the type of network cabling used is
very important. The following diagram shows the typical CAT5e cabling used tto connect
end devices to internetworking devices to allow them to communicate. We will discuss
cabling more in depth later, but for now just keep it in the back of your mind:

Network Layer Protocols

TCP/IP supports the following protocols:

ARP
 ARP stands for Address Resolution Protocol.
 It is used to associate an IP address with the MAC address.
 Each device on the network is recognized by the MAC address imprinted on the
NIC. Therefore, we can say that devices need the MAC address for
communication on a local area network. MAC address can be changed easily. For
example, if the NIC on a particular machine fails, the MAC address changes but IP
address does not change. ARP is used to find the MAC address of the node when
an internet addresss is known.

Note: MAC address: The MAC address is used to identify the actual device.
IP address: It is an address used to locate a device on the network.
How ARP works
If the host wants to know the physical address of another host on its network, then it
sends an ARP query packet that includes the IP address and broadcast it over the
network. Every host on the network receives and processes the ARP packet, but only

76
the intended recipient recognizes the IP address and sends back the physical address.
The host
st holding the datagram adds the physical address to the cache memory and to
the datagram header, then sends back to the sender.

Steps taken by ARP protocol

If a device wants to communicate with another device, the following steps are taken by
the device:

 The device will first look at its internet list, called the ARP cache to check whether
an IP address contains a matching MAC address or not. It will check the ARP cache
in command prompt by using a command arp-a.

 If ARP cache is empty, then device broadcast

broadcast the message to the entire network
asking each device for a matching MAC address.
 The device that has the matching IP address will then respond back to the sender
with its MAC address
 Once the MAC address is received by the device, then the communicati
communication can
take place between two devices.
 If the device receives the MAC address, then the MAC address gets stored in the
ARP cache. We can check the ARP cache in command prompt by using a
command arp -a.

Note: ARP cache is used to make a network more efficient.

effic
In the above screenshot, we observe the association of IP address to the MAC address.

There are two types of ARP entries:

 Dynamic entry: It is an entry which is created automatically when the sender
broadcast its message to the entire network. Dynamic entries are not permanent,
and they are removed periodically.
77
  Static entry: It is an entry where someone manually enters the IP to MAC addre
address
association by using the ARP command utility.

RARP
 RARP stands for Reverse Address Resolution Protocol.
Protocol
 If the host wants to know its IP address, then it broadcast the RARP query packet
that contains its physical address to the entire network. A RARP server on the
network recognizes the RARP packet and responds back with the host IP address.
 The protocol which is used to obtain the IP address from a server is known as
Reverse Address Resolution Protocol.
Protocol
 The message format of the RARP protocol is similar
similar to the ARP protocol.
 Like ARP frame, RARP frame is sent from one machine to another encapsulated in
the data portion of a frame.

ICMP

 ICMP stands for Internet Control Message Protocol.

 The ICMP is a network layer protocol used by hosts and routers to send the
notifications of IP datagram problems back to the sender.
 ICMP uses echo test/reply to check whether the destination is reachable and
responding.

78
  ICMP handles both control and error messages, but its main function is to report
the error but not
ot to correct them.
 An IP datagram contains the addresses of both source and destination, but it does
not know the address of the previous router through which it has been passed.
Due to this reason, ICMP can only send the messages to the source, but not tto the
immediate routers.
 ICMP protocol communicates the error messages to the sender. ICMP messages
cause the errors to be returned back to the user processes.
 ICMP messages are transmitted within IP datagram.

The Format of an ICMP message

 The first field

ield specifies the type of the message.
 The second field specifies the reason for a particular message type.
 The checksum field covers the entire ICMP message.

Error Reporting
ICMP protocol reports the error messages to the sender.
Five types of errors are handled by the ICMP protocol:

 Destination unreachable
 Source Quench
 Time Exceeded
 Parameter problems
 Redirection

 Destination unreachable: The message of "Destination Unreachable" is sent from

receiver to the sender when destination cannot be reached, or packet is
discarded when the destination is not reachable.

79
  Source Quench: The purpose of the source quench message is congestion control.
The message sent from the congested router to the source host to reduce the
transmission rate. ICMP will take the IP of the discarded packet and then add the
source quench message to the IP datagram to inform the source host to reduce
its transmission rate. The source host will reduce the transmission rate so that the
router will be free from congestion.
 Time Exceeded: Time Exceeded is also known as "Time-To-Live". It is a parameter
that defines how long a packet should live before it would be discarded.

There are two ways when Time Exceeded message can be generated:
Sometimes packet discarded due to some bad routing implementation, and this causes
the looping issue and network congestion. Due to the looping issue, the value of TTL
keeps on decrementing, and when it reaches zero, the router discards the datagram.
However, when the datagram is discarded by the router, the time exceeded message
will be sent by the router to the source host.
When destination host does not receive all the fragments in a certain time limit, then
the received fragments are also discarded, and the destination host sends time
Exceeded message to the source host.

 Parameter problems: When a router or host discovers any missing value in the IP
datagram, the router discards the datagram, and the "parameter problem"
message is sent back to the source host.
 Redirection: Redirection message is generated when host consists of a small
routing table. When the host consists of a limited number of entries due to which
it sends the datagram to a wrong router. The router that receives a datagram will
forward a datagram to a correct router and also sends the "Redirection message"
to the host to update its routing table.

IGMP

 IGMP stands for Internet Group Message Protocol.

 The IP protocol supports two types of communication:
o Unicasting: It is a communication between one sender and one receiver.
Therefore, we can say that it is one-to-one communication.
o Multicasting: Sometimes the sender wants to send the same message to a
large number of receivers simultaneously. This process is known as
multicasting which has one-to-many communication.
 The IGMP protocol is used by the hosts and router to support multicasting.
 The IGMP protocol is used by the hosts and router to identify the hosts in a LAN
that are the members of a group.

80
  IGMP is a part of the IP layer, and IGMP has a fixed-size
fixed size message.
 The IGMP message is encapsulated within an IP datagram.

The Format of IGMP message

ssage

Where,
Type: It determines the type of IGMP message. There are three types of IGMP message:
Membership Query, Membership Report and Leave Report.
Maximum Response Time: This field is used only by the Membership Query message. It
determines the maximum time the host can send the Membership Report message in
response to the Membership Query message.
Checksum: It determines the entire payload of the IP datagram in which IGM
IGMP message
is encapsulated.
Group Address: The behavior of this field depends on the type of the message sent.

 For Membership Query,

Query, the group address is set to zero for General Query and
set to multicast group address for a specific query.
 For Membership Report
eport,, the group address is set to the multicast group address.
 For Leave Group,, it is set to the multicast group address.

81
IGMP Messages

 Membership Query message

o This message is sent by a router to all hosts on a local area network to
determine the setset of all the multicast groups that have been joined by the
host.
o It also determines whether a specific multicast group has been joined by
the hosts on a attached interface.
o The group address in the query is zero since the router expects one
response from a host for every group that contains one or more members
on that host.
 Membership Report message
o The host responds to the membership query message with a membership
report message.
o Membership report messages can also be generated by the host when a
host wants
ants to join the multicast group without waiting for a membership
query message from the router.
o Membership report messages are received by a router as well as all the
hosts on an attached interface.
o Each membership report message includes the multicast address of a single
group that the host wants to join.
o IGMP protocol does not care which host has joined the group or how many
hosts are present in a single group. It only cares whether one or more
attached hosts belong to a single multicast group.
o The membership
bership Query message sent by a router also includes a
"Maximum
Maximum Response time". time". After receiving a membership query message
and before sending the membership report message, the host waits for the
random amount of time from 0 to the maximum response time. IIf a host
observes that some other attached host has sent the ""Maximum Report
message", ", then it discards its "Maximum
"Maximum Report message
message" as it knows that
the attached router already knows that one or more hosts have joined a
single multicast group. This process
process is known as feedback suppression. It
82
 provides the performance optimization, thus avoiding the unnecessary
transmission of a "Membership Report message".
 Leave Report
When the host does not send the "Membership Report message", it means that
the host has left the group. The host knows that there are no members in the
group, so even when it receives the next query, it would not report the group.

Internet Protocol (IP)?

The Internet Protocol (IP) is a protocol, or set of rules, for routing and addressing
packets of data so that they can travel across networks and arrive at the correct
destination. Data traversing the Internet is divided into smaller pieces, called packets. IP
information is attached to each packet, and this information helps routers to send
packets to the right place. Every device or domain that connects to the Internet is
assigned an IP address, and as packets are directed to the IP address attached to them,
data arrives where it is needed.
Once the packets arrive at their destination, they are handled differently depending on
which transport protocol is used in combination with IP. The most common transport
protocols are TCP and UDP.

IPv6
IPv6 is the most recent version of Internet Protocol (IP). It's designed to supply IP
addressing and additional security to support the predicted growth of connected
devices in IoT, manufacturing, and emerging areas like autonomous driving.

Why use IPv6 vs IPv4?

The primary reason to make the change is due to IPv6 addressing. IPv4 is based on 32-
bit addressing, limiting it to a total of 4.3 billion addresses. IPv6 is based on 128-bit
addressing and can support 340 undecillion, which is 340 trillion3 addresses. Having
more addresses has grown in importance with the expansion of smart devices and
connectivity. IPv6 provides more than enough globally unique IP addresses for every
networked device currently on the planet, helping ensure providers can keep pace with
the expected proliferation of IP-based devices.
In addition to addressing, IPv6 benefits include:
 Stateless address autoconfiguration
 Optional NAT (Network Address Translation)
 Easier administration with DHCPv6
 Improved quality of service with flow labeling

IPv6 addresses are 128 bits in length and written as a string of hexadecimal values.
Every 4 bits is represented by a single hexadecimal digit; for a total of 32 hexadecimal
values, as shown in Figure 1. IPv6 addresses are not case-sensitive and can be written in
either lowercase or uppercase.
Preferred Format
As shown in Figure 1, the preferred format for writing an IPv6 address is x:x:x:x:x:x:x:x,
with each “x” consisting of four hexadecimal values. When referring to 8 bits of an IPv4
83
address we use the term octet. In IPv6, a hextet is the unofficial term used to refer to a
segment of 16 bits or four hexadecimal values. Each “x” is a single hextet, 16 bits or four
hexadecimal digits.
Preferred format means the IPv6 address is written using all 32 hexadecimal digits. It
does not necessarily mean it is the ideal method for representing the IPv6 address. In
the following pages, we will see two rules to help reduce the number of digits needed to
represent an IPv6 address.
Figure 2 is a review of the relationship between decimal, binary and hexadecimal. Figure
3 has examples of IPv6 addresses in the preferred format.

84
Rule 1 – Omit Leading 0s

The first rule to help reduce the notation of IPv6 addresses is to omit any leading 0s
(zeros) in any 16-bit section or hextet. For example:
 01AB can be represented as 1AB
 09F0 can be represented as 9F0
 0A00 can be represented as A00
 00AB can be represented as AB
This rule only applies to leading 0s, NOT to trailing 0s, otherwise the address would be
ambiguous. For example, the hextet “ABC” could be either “0ABC” or “ABC0”, but these
do not represent the same value.
The Figures 1 to 8 show several examples of how omitting leading 0s can be used to
reduce the size of an IPv6 address. For each example, the preferred format is shown.
Notice how omitting the leading 0s in most examples results in a smaller address
representation.

85
86
Rule 2 – Omit All 0 Segments

The second rule to help reduce the notation of IPv6 addresses is that a double colon (::)
can replace any single, contiguous string of one or more 16-bit segments (hextets)
consisting of all 0s.
The double colon (::) can only be used once within an address, otherwise there would
be more than one possible resulting address. When used with the omitting leading 0s
technique, the notation of IPv6 address can often be greatly reduced. This is commonly
known as the compressed format.
Incorrect address:
 2001:0DB8::ABCD::1234
Possible expansions of ambiguous compressed addresses:
 2001:0DB8::ABCD:0000:0000:1234
 2001:0DB8::ABCD:0000:0000:0000:1234

87
  2001:0DB8:0000:ABCD::1234
 2001:0DB8:0000:0000:ABCD::1234
The Figures 1 to 7 show several examples of how using the double colon (::) and
omitting leading 0s can reduce the size of an IPv6 address.

88
89
90
IPv6 Address Types

There are three types of IPv6 addresses:

 Unicast - An IPv6 unicast address uniquely identifies an interface on an IPv6-
enabled device. As shown in the figure, a source IPv6 address must be a unicast
address.
 Multicast - An IPv6 multicast address is used to send a single IPv6 packet to multiple
destinations.
 Anycast - An IPv6 anycast address is any IPv6 unicast address that can be assigned
to multiple devices. A packet sent to an anycast address is routed to the nearest
device having that address. Anycast addresses are beyond the scope of this course.

91
Unlike IPv4, IPv6 does not have a broadcast address. However, there is an IPv6 all-nodes
multicast address that essentially gives the same result.

Routing Protocols
Once you know how to categorize routing protocols, you can learn more about the
seven different types.
1. Routing information protocol (RIP)
RIP, an interior gateway protocol, is one of the first protocols created. You can use it
with local area networks (LANs), which are linked computers in a small range, or wide
area networks (WANs), which are telecommunications networks that cover a greater
range. There are two different versions of this protocol type: RIPv1 and RIPv2.
RIPv1, the original version, is a classful protocol that examines and evaluates network
paths based on the hops to the pre-determined destination. Typically, it communicates
with other networks by broadcasting its IP address. Meanwhile, the newer version,
RIPv2, shares its routing table through a multicast address, which identifies the main
computer network. This version, which is a classless protocol, also features advanced
security measures, like authentication, to protect data. RIPv2 is beneficial for smaller
networks because it can only support router journeys of 15 hops or fewer.
2. Interior gateway protocol (IGRP)
Cisco, an international technology company, created IGRP. It uses many of RIP's
foundational functions but increases the maximum amount of supported hops to 100.
As a result, it may work better for larger networks. IGRPs are distance vector and
classful protocols. To function, IGRP includes metrics like network capacity, reliability
and load to compare. This type also automatically updates when changes, like route
adjustments, occur. This helps prevent routing loops, which are errors that create an
endless circle of data transfer.
3. Enhanced interior gateway routing protocol (EIGRP)
Cisco also developed EIGRP, which allows for 255 hops. This type classifies as a distance
vector, interior gateway and classless protocol. It uses the reliable transport protocol
and the diffusing update algorithm to speed up the data convergence process, which
maximizes efficiency. When in use, a router can take information from other routers'
tables and record them as references. If a change occurs, each router notifies its
neighbor to help ensure they all know which data routes are in use. This helps prevent
potential miscommunications between routers.
4. Open shortest path first (OSPF)
OSPF—which classifies as a link state, interior gateway and classless protocol—uses the
shortest path first (SPF) algorithm to ensure the efficient transmission of data.
Internally, this type maintains multiple databases with topology tables and information
about its entire network. Typically, the information comes from link state
advertisements sent by individual routers. The advertisements, which are like reports,
share detailed descriptions of the path's distance and how many resources it may
require.

92
OSPF uses an algorithm called Dijkstra to recalculate pathways when topology changes
occur. It also uses authentication practices to ensure its data is secure throughout
changes or network breaches. Small and large network organizations may benefit from
using OSPF because of its scalability features.
5. Exterior Gateway Protocol (EGP)
EGP, a type of exterior gateway protocol, is useful for exchanging data or information
between different gateway hosts in autonomous systems. Specifically, it helps provide
routers with space to share information across domains, like the internet. The routing
table for this protocol includes:
 Recognized routers
 Route costs
 Network addresses of nearby devices
EGP maintains closely located network databases to route the different pathways data
might take to reach its destination. The databases then share the information between
the connected routers to ensure all routers update their tables. The new routing tables
can help determine the best route for data.
6. Border gateway protocol (BGP)
BGP is another type of exterior gateway protocol that was initially developed to replace
EGP. It uses the best path selection algorithm for performing data package transfers,
making it a distance vector protocol as well. To automatically determine the best route,
BGP references factors like:
 Path length
 Origin type
 Router identification
 Neighbor IP addresses
BGP allows administrators to alter transfer routes depending on their needs and offers
advanced security features so only authorized routers can exchange data and
information with each other.
7. Immediate system-to-immediate system (IS-IS)
IS-IS—classified as a link state, interior gateway and classless protocol—is commonly
used to send and share IP routing information on the internet. The protocol uses an
altered version of the Dijkstra algorithm. Usually, the protocol organizes routers into
groups to create larger domains and connect routers for data transferring. IS-IS
frequently uses these two network types:
 Network service access point (NSAP): Similar to an IP address, an NSAP is the
identification of a service access point in systems that use the open system
interconnection (OSI) model.
 Network entity title (NET): This helps identify individual network routers within
larger computer networks.

User Datagram Protocol and Transmission Control Protocol

Prerequisite – Transport Layer responsibilities, TCP, UDP

93
 Transmission control protocol (TCP)
TCP is a connection-oriented protocol.
Connection-orientation means that the
communicating devices should establish a
connection before transmitting data and
should close the connection after
transmitting the data.
TCP is reliable as it guarantees the delivery
of data to the destination router.
TCP provides extensive error checking
mechanisms. It is because it provides flow
control and acknowledgement of data.
Sequencing of data is a feature of
Transmission Control Protocol (TCP). this
means that packets arrive in-order at the
receiver.
TCP is comparatively slower than UDP.
Retransmission of lost packets is possible in There is no retransmission of lost packets
TCP, but not in UDP.
TCP has a (20-60) bytes variable length
header.
TCP is heavy-weight.
TCP doesn’t support Broadcasting.
TCP is used by HTTP, HTTPs, FTP, SMTP and UDP is used by DNS, DHCP, TFTP, SNMP,
Telnet.
User datagram protocol (UDP)
UDP is the Datagram oriented protocol.
This is because there is no overhead for
opening a connection, maintaining a
connection, and terminating a connection.
UDP is efficient for broadcast and multicast
type of network transmission.
The delivery of data to the destination
cannot be guaranteed in UDP.
UDP has only the basic error checking
mechanism using checksums.
There is no sequencing of data in UDP. If
the order is required, it has to be managed
by the application layer.
UDP is faster, simpler, and more efficient
than TCP.
in the User Datagram Protocol (UDP).
UDP has an 8 bytes fixed-length header.
UDP is lightweight.
UDP supports Broadcasting.
RIP, and VoIP.

Network Security
Now, we live in an era where we need to keep and use information in our daily lives. In
other words, information is an asset that has a value like any other asset. To be secured,
information needs to be hidden from unauthorized access (confidentiality), protected
from unauthorized change (integrity), and available to an authorized entity when it is
needed (availability). Whether physical files or computer-stored files, theses three
security requirements will not change.

Security is the most important and unavoidable parameter in the computer system in
today’s world. With increase in dependency on online systems today, there is an
increase in the demand of the system’s security. Hacking, of either stand-alone systems
or online systems, has become the socio-technical problem of the world.A system is
secure if its resources are used and accessed, as intended under all circumstances.

94
There are 4 types of computing security that are used interchangeably. However, there
is slight different between them.
 Information Security: protective measures to guard and prevent the information
(both physical and digital data) from unauthorized access.
 Cybersecurity (also called Internet Security): protective measures to guard
networked systems and data connected to the Internet from harm or
unauthorized use. Cybersecurity protects only digital data.
 Network Security: Theplanning and implementing network security m measures to
protect the integrity of networks and programs against hacking and unauthorized
access.
 Computer Security: protection of computer systems (usually standalone systems)
and their information from harm, theft, and unauthorized access/use

NOTE: Protective
tective measures are set of techniques, technologies, and processes designed
to protect

Fig 3: Aspect of Computing Security

2.2 Security Goals/Requirements

There are three main primary objectives in any security service, namely: confidentiality,
integrity
rity and authority usually called C-I-A
C Triad or security Triad

 Confidentiality: computer-related
computer related assets must be accessed only by authorised
parties.
----Synonyms: secrecy,, privacy

 Integrity: computer-related
related assets must be maintained in a correct state and
nobody should be able to improperly modify it, either accidentally or maliciously.
---Purpose:: accuracy, consistency, and trustworthiness of assets.
Integrity covers the following
 Data Integrity - Data has not been modified by unauthorised parties.
 Authentication (Origin Integrity) – proof about origin of a
message(e.g.Something
Something you know, Something you have, Something you are,
etc.)
 Non-Repudiation - Sender cannot deny having sent a message
95
  Availability: computer-related assets must be accessible to authorised parties at
appropriate times (whenever they need to do so). It describes the services and
data being well maintained and able to be accessed all the time
 Access control:This refers to the ability to control the level of access that
individuals or entities have to a network or system and how much information
they can receive. The right parties should have access permission at the right
time

Other attacks include the following:

 Brute force attackis an activity which involves repetitive successive attempts of
trying various password combinations to break into any website.
 Virus is malware which requires some form of user’s interaction to infect the user’s
device.
 Worm is malware which can enter a device without any explicit user interaction.
 Trojan horse is a type of malicious code or program that developed by hackers to
disguise as legitimate software to gain access to victim’s systems.
 Botnet is a network of private computers infected with malicious software and
controlled as a group without the owners’ knowledge, e.g. to send spam.
 DoS (Denial of Service) attack renders a network, host, or other pieces of
infrastructure unusable by legitimate users. Most Internet DoS attacks fall into one
of three categories:
 Vulnerability attack: This involves sending a few well-crafted messages to a
vulnerable application or operating system running on a targeted host. If the

96
 right sequence of packets is sent to a vulnerable application or operating
system, the service can stop or, worse, the host can crash.
 Bandwidth flooding: The attacker sends a deluge of packets to the targeted
host—so many packets that the target’s access link becomes clogged,
preventing legitimate packets from reaching the server.
 Connection flooding: The attacker establishes a large number of half-open or
fully open TCP connections at the target host. The host can become so bogged
down with these bogus connections that it stops accepting legitimate
connections.
 Packet sniffer is a passive receiver that records a copy of every packet that flies by is
called a packet sniffer. By placing a passive receiver in the vicinity of the wireless
transmitter, that receiver can obtain a copy of every packet that is transmitted. One
defence against packet sniffing involve cryptography.
 IP Spoofing is the ability to inject packets into the Internet with a false source
address is known as IP spoofing, and is but one of many ways in which one user can
masquerade as another user. End-point authentication can help.
 Compromised-Key Attack – A key is a secret code or number necessary to interpret
secured information. An attacker uses the compromised key to gain access to a
secured communication without the sender or receiver being aware of the attack.
 DNS spoofing – Also referred to as DNS cache poisoning, is a form of computer
security hacking in which corrupt Domain Name System data is introduced into the
DNS resolver’s cache, causing the name server to return an incorrect IP address.
 Rootkits are stealthy packages designed to benefit administrative rights and get the
right of entry to a community tool. Once installed, hackers have complete and
unrestricted get right of entry to the tool and can, therefore, execute any movement
including spying on customers or stealing exclusive data with no hindrance.

Methods of Network Security

• Must understand methods and tools formaintaining a secure network
• Internal security must also be addressed
• Best security stems from a proactive,preventative approach
• Network is only as secure as weakest link
• Finally, must detect attacks by auditing &(hopefully) recover
• Not just dealing with hackers
• Four types of network security required
• Physical Security
• User Security
• File Security
• Intruder Security
• You will need to address all 4

Network Security - Physical

• Obviously, must not allow computers to be stolen, so may need bolting down
• Secure cables that carry sensitive information
97
• Is another aspect to the physical security –availability
• Introduce redundancy and duplication

Network Security - User

• Two aspects
• Access to required resources
• No access to Private/Confidential data
• Users will need authentication
• May use extra authentication for specific resources, but don’t go overboard
• Group users logically

Network Security - File

• Must protect your files
• Two aspects
• Unauthorised access
• File integrity
• Most OS provide many permissions on bothfiles and folders
• Users will require access to the files theyrequire for their job

Network Security - Intruder

• Firewalls
• security for All connections
• Users should be forced to periodically changepasswords
• Administrative accounts should be usedsparingly

• configuration of the devices/files

INTRODUCTION TO CRYPTOGRAPHY
Cryptography is one of the techniques used for security control. It concerned with the
writing (ciphering or encoding) and deciphering (decoding) of messages in secret code.
Most cryptographic algorithms work in combination with keys (numbers, word, phrase),
to encrypt the plaintext. Cryptography enables you to store sensitive information or
transmit it across insecure networks (like the internet) so that it cannot be read by
anyone except the intended recipient. While cryptography is the science of securing
data, cryptanalysis is the science of analysing and breaking secure communication.
Some of the cryptographic mechanisms are:
 Encipherment: the process of transforming readable information to unreadable for
unauthorized users.
 Digital Signature: Data or cryptographic transformation of a data unit is appended
to the data, so that the recipientof the data unit is convinced of the source and
integrity of the data unit and this can also serve toprotect the data against forgery
 Access Control: A variety of mechanisms are available that enforce access rights to
resources.

98
Most cryptographic techniques are based on encryption/decryption algorithms.
Encryptionis the process of using mathematical algorithms to convert plaintext
intocipher text in such a way as to hide its substance. The transformation and
subsequent recovery of the data depend on an algorithm and zero or more c
keys.Decryption is the opposite of encryption – used of algorithm to change cipher text
(scrambled code) to readable message (plaintext).

Encryption itself does not prevent someone from intercepting the data. It can only
prevent an unauthorized person from viewing or accessing the content. It is mainly used
to implement confidentiality and integrity

Two main requirements are needed for secure use of conventional encryption:

 A strong encryption algorithm is needed. It is desirable that the algorithm should

be in such a way that, even the attacker who knows the algorithm and has access
to one or more cipher texts would be unable to decipher the cipher text or figure
out the key.
 The secret key must be distributed among the sender and receiver in a very
secured way. If in any way the key is discovered and with the knowledge of
algorithm, all communication using this key is readable.

Cryptographic Techniques
There are different types cryptographic techniques used in many applications
AES: The Advanced Encryption Standard
AES is a block cipher symmetry cryptography. The very first step of AES encryption is
dividing the plaintext (text that is not written in code) into these blocks. AES encrypts
128-bit blocksize data with 128-bit, 192-bit,or 256-bit keys using 10, 12, or 14 rounds,
respectively. Each round consists of 4 steps:

o Substitute byte: a non-linear substitution step where each byte is replaced with
another according to a lookup table.
o Shift rows: a transposition step where each row of the state is shifted cyclically a
certain number of steps.
o Mix column: a mixing operation which operates on the columns of the state,
combining the four bytes in each column.
o Add round key: each byte of the state is combined with the round key using
bitwise XOR. New round keys are produced through key expansion, which can be
128-bit, 192-bit or 256-bit keys
AES encryption is fast and flexible. It can be implemented on various platforms
especially in small devices.

99
 Fig 11: AES algorithm

RSA - Rivest, Shamir & Adleman

• Most well-known and commonly used Publickeyalgorithm
• Still difficult to implement, although not asimpractical as others
• Have to work with big keys to make it secureas encryption and decryption keys are
mathematically linked

The algorithm is based on:

 Two integers will play important role: d and e, such that the public key is (n, e) and
the private key is (n, d)
 Difficulty of factoring large integers
 Arithmetic modulo n
When we divide two integers we will have an equation that looks like the
following:
⁄ = ;where A = dividend, B = divisor, Q = quotient; R =
remainder
In modular arithmetic, A mod B = R
Example: 13/5 = 2 reminder 3, thus, 13 mod 5 = 3

How RSA works

 Choose two large prime numbers (p and q). Both p and q should be large (100 digits
each) and should be kept secret
 Calculate:
 N = p*qwhere n is called the modulus for encryption and decryption.
 z = (p-1)*(q-1)
 Choose a number e, where 1 < e<z, such that e and zhave no common factor except
1. that is e and z are co-prime so the gcd (e, z) =1
100
 Calculate d = e-1mod(p-1)(q-1) that is d*e= 1 mod z
 Private key pair = (N,d) and public key pair = (N,e)
NOTE: Keep d, e and Nsecretlywhile discard p, q and z

To carry out RSA Encryption/Decryption, we assume that plaintext is represented by an

integer (or a sequence of integers <N)

 We have obtained N, d, e
 Hence: given plaintext P, we encode it by computing =
 Given ciphertext C, we decode it by computing =
 Needed operation: multiplying/raising to the power of(large) integers modulo (even
larger) integer

Example
• Let p = 11 and q = 13
• Then N= 11*13 = 143, and z= 10*12 = 120
• Choose e = 17 relatively prime to 120
• Compute the inverse of e mod 120: d = 113
• Check: e*d = 17*113 = 1921 = 1+16*120= 1 mod 120
• Encode P by computing
• Decode C by computing

How does this work in practice?

• Let’s encode the message “PEACE”

• We use ASCII for the individual letters. This gives: 80 69 65 67 69
• Encoding: 80 69 65 67 69 ( 143)
• Result: 97 75 65 45 75
• Decoding: 97 75 65 45 75 ( 143)
• Result: 80 69 65 67 69 (original message!)

Hash algorithm
Hash algorithm are used to create digital fingerprint of data called digest, message
digest or simply hash.
 Basic Characteristics of hash algorithm include
 Secure – Non- reversible function (one-way encryption: cannot get original
data)
 Fixed size – long or short data will produce the fixed-size digest
 Unique – two datasets cannot produce the same digest
 It is used for comparison, not encryption (data integrity)
 It is used for password storage

Hash algorithm is more complex and higher level of security than digital signature

101
 Fig 12: Hash algorithm

Digital signature
 A digital signature is equivalent to hand written signature.
 It is an electronic verification of the sender
 Use asymmetric cryptography
 Purposes:
 Authentication: DS makes receiver believe sender created and sent the
message
 Non-repudiation:
repudiation: with DS, sender cannot deny having sent the message
later
 Integrity: a DS ensures the message was not altered in transit
 DS does not encrypt the message itselfitsel
 It should be tied to the signing user, and to the message
 Used: financial transaction, software distribution, email, and other cases where it
is important to detect fraud

Fig 13: Digital signature for non-repudiation

non repudiation and authentication

102
Here is how sending a digital signature works:
1. The sender selects the file to be digitally signed in the document platform or
application.
2. The sender’s computer calculates the unique hash value of the file content.
3. This hash value is encrypted with the sender’s private key to create the digital
signature.
4. The original file along with its digital signature is sent to the receiver.
5. The receiver uses the associated document application, which identifies that the
file has been digitally signed.
6. The receiver’s computer
computer then decrypts the digital signature using the sender’s
public key.
The receiver’s computer then calculates the hash of the original file and compares the
hash it has computed with the now decrypted hash of the sender’s file.
The process to create a digital al signature is easy and straightforward for the average user
and for enterprises to adopt. You first need a digital signing certificate, which can be
acquired through a trusted Certificate Authority like Sectigo. After downloading and
installing the certificate,
ficate, you simply use the digital signing function of the appropriate
document platform or application. For example, most email applications provide a
“Digitally Sign” button to digitally sign your emails.

When sending out a document signed using a private

private key, the receiving party obtains
the signer’s public key which will allow one to decrypt the document. Once the
document is decrypted, the receiving party can view the unaltered document as the
user intended.
If the receiving party cannot decrypt the document
document using the public key, then it signifies
that the document has been altered, or even that the signature doesn’t even belong to
the original signer.

Many protocols like secure shell, OpenPGP, S/MIME, and SSL/TLS rely on RSA for
encryption and digital signature functions. It is also used in software programs --
103
 browsers are an obvious example, as they need to establish a secure connection over
an insecure network, like the internet, or validate a digital signature. RSA signature
verification is one of the most commonly performed operations in network-connected
systems.

SECURITY IN WIRELESS LOCAL AREA NETWORKS (WLANs)

Wireless Local Area Networks (WLANs) are cost effective and desirable gateways to
mobile computing. They allow computers to be mobile, cable less and communicate
with speeds close to the speeds of wired LANs. These features came with expensive
price to pay in areas of security of the network. WLANs are deployed as an extension to
the existing fixed/wired LANs and due to the fact that the nature of WLANs are different
from their wired counterparts, it is important to raise the security of WLANs to levels
closer or equal to the wired LANs. In general, IEEE802.11 can operate in two network
topology modes, Ad hoc and Infrastructure modes.

Wireless Security Protocols

Wireless traffic is inherently different from traffic traveling over a wired infrastructure.
Any wireless device operating in the same frequency can hear the frames and
potentially read them. Therefore, WLANs need to be secured to allow only authorized
users and devices and to prevent eavesdropping and tampering of wireless traffic.

5.1.1 WPA and WPA2

The current industry standard for securing wireless networks. It uses the Advanced
Encryption Standard (AES) for encryption. AES is currently considered the strongest
encryption protocol.
Home routers typically have two choices for authentication: WPA and WPA2. WPA2 is
the stronger of the two. WPA2 authentication methods included the following:
 Personal: Intended for home or small office networks, users authenticate using a
pre-shared key (PSK). Wireless clients authenticate with the wireless router using
a pre-shared password. No special authentication server is required.
 Enterprise: Intended for enterprise networks but requires a Remote
Authentication Dial-In User Service (RADIUS) authentication server. Although
more complicated to set up, it provides additional security. The device must be
authenticated by the RADIUS server, and then users must authenticate using the
802.1X standard, which uses Extensible Authentication Protocol (EAP) for
authentication.

5.1.2 WPA3
The next generation of Wi-Fi security. All WPA3-enabled devices use the latest security
methods, disallow outdated legacy protocols, and require the use of Protected
Management Frames (PMF). However, devices with WPA3 are not yet readily available.
WPA3 includes four features:
 WPA3-Personal: In WPA2-Personal, threat actors can listen in on the
“handshake” between a wireless client and the AP and use brute-force attacks to
104
 try to guess the PSK. WPA3-Personal thwarts such attacks by using Simultaneous
Authentication of Equals (SAE), a feature specified in the IEEE 802.11-2016. The
PSK is never exposed, making it impossible for the threat actor to guess.
 WPA3-Enterprise: WPA3-Enterprise still uses 802.1X/EAP authentication.
However, it requires the use of a 192-bit cryptographic suite and eliminates the
mixing of security protocols for previous 802.11 standards. WPA3-Enterprise
adheres to the Commercial National Security Algorithm (CNSA) suite, which is
commonly used in high-security Wi-Fi networks.
 Open networks: Open networks in WPA2 send user traffic in unauthenticated
plaintext. In WPA3, open or public Wi-Fi networks still do not use any
authentication. However, they do use Opportunistic Wireless Encryption (OWE)
to encrypt all wireless traffic.
 IoT onboarding: Although WPA2 included Wi-Fi Protected Setup (WPS) to quickly
onboard devices that were not previously configured; WPS is vulnerable to a
variety of attacks and is not recommended. Furthermore, IoT devices are typically
headless, meaning they have no built-in GUI (Graphical User Interface) for
configuration and need any easy way to get connected to the wireless network.
Device Provisioning Protocol (DPP) was designed to address this need. Each
headless device has a hard-coded public key. The key is typically stamped on the
outside of the device or its packaging as a Quick Response (QR) code. The
network administrator can scan the QR code and quickly onboard the device.
Although DPP is not strictly part of the WPA3 standard, it will replace WPS over
time.

105