Introduction to

Networking
Drew Saunders
Network Operations
Stanford University
 Goals of class
Basic understanding of common modern
networking technology and terminology
What makes Stanford’s network
“special”

This class is reduced from a 9-hour class to a 90-minute class. The old, outdated, 9-hour presentation
can be found at https://www.stanford.edu/group/networking/NetConsult/IntroNet/

2
Not Goals of Class
Deep understanding of networking
Server administration
Setting up your computer
How to use email, web, etc.
Troubleshooting (another Tech Briefing)
TCP/IP details (another Tech Briefing)

3
What is a “Network”?

A network is a way to get “stuff”

between 2 or more “things”
Examples: Mail, phone system,
conversations, railroad system,
highways and roads.

4
 Computer Networking Models

Models, also called protocol stacks, represented in layers, help to

understand where things go right or wrong.

OSI 7-layer model DOD 3-layer model Simplified 4/5-layer model

7 Application

6 Presentation Application Application

5 Session

4 Transport Transport
Protocol
3 Network Network

2 Data Local Network Data

1 Physical (LAN) Physical

OSI (Open Systems Interconnection) mnemonic: All People Seem To Need Data Processing. If you ever take
a test on networking, you’ll have to now this, otherwise, use the simplified model.

5
Protocol Concepts
Protocols are sets of rules.
What do you want to do? (Application)
Where are you going? (Addressing)
How do you get there? (Media types)
Did you get there? (Acknowledgments,
Error checking)

6
Physical Layer (Layer 1)

Nowadays: Pretty much just Cat 5 (or Cat 5e)

twisted pair copper wire and microwave
(wireless).
Other: Fiber (multi-mode or single-mode)
coaxial copper (thick- and thin-net), Cable
Modem, plain phone (DSL), etc.

7
Twisted Pair (Cat 5, Cat 5e)
Unshielded twisted pairs. Twists in wire keep down interference (from
fluorescent lights, for example). Cat5e has more twists than Cat5, costs
a bit more, works better for Gigabit, can exceed the 100m limitation for
100Mbit ethernet.

Cat3 and 4 are older, fewer twists, similar to phone, only good for
10Mbit. Cat 6 is even fancier Cat5e, but isn’t quite as common. Phones
work on Cat5/5e so current University standard is Cat5e everywhere.

Good for up to 100m, we don’t like to go over 80m when wiring a

building though.

Standard connecter: RJ45.

Star topology, each user gets their own path, easy to troubleshoot,
costs more than a shared topology. Troubleshooting costs so much
that bus and ring (shared) topologies are functionally dead.

8
 Twisted Pair (continued)
Common Terms: 10BaseT, 100BaseT, 1000BaseT. The “T” is for Twisted
pair, the number is the speed, the base is “baseband” and ask someone
with an EE degree what that means.

8 strands, 4 pairs. A couple of different standards, but 568A and 568B

are the most common. Stanford uses 568B (for 568A, swap the labels
for pairs 2 and 3, but no real functional difference):
Strands: 1 2 3 4 5 6 7 8

568B:

Pairs: 2 1 4
(orange) (blue) (brown)

3 (green)

10BaseT and 100BaseT only use pairs 2 and 3, so you may see some cables with
only 4 strands, but since 1000T (gigabit) uses all pairs, don’t keep those cables.
9
Physical: Wireless
Terms: 802.11b, 802.11a, 802.11g (coming soon: 802.16)

Uses microwave radio waves in the 2.4Ghz (802.11b and g) and 5.4Ghz
(802.11a) bands to transmit data. These are unregulated frequencies, so
other things (cordless phones, etc.) can use the same frequencies, but
hopefully one or the other is smart enough to hop frequencies to stay
clear of the other. 802.11b and g devices can use the same access points
easily. 802.11a requires separate (or dual) antennae.

For the most part, completely and utterly insecure. Very easy to
capture someone else’s data. Make sure your application is secure
(SSL, SSH, etc.)

Although 802.11b at 11Mbps is the slowest (both 802.11a and g claim

54Mbps) it’s the cheapest and most ubiquitous, so that’s what you’ll
find the most of at Stanford for now. New ITSS wireless is 802.11g.

10
Data Layer (Layer 2)
The data layer takes the 1’s and 0’s handed it by the Network layer and
turns them into some kind of signal that can go over the physical layer
(electrical current, light pulses, microwaves, etc.) It also takes this
signal and turns it back into 1’s and 0’s to pass up the stack on the
receiving end.

If there might be more than 2 devices on the connection, some form of

addressing scheme is required to get the packet to the right
destination.

Some data layers: Token Ring, FDDI, LocalTalk, and the

overwhelmingly most common data layer protocol: Ethernet.

11
Data Layer: Ethernet
CSMA/CD: Carrier Sense, Multiple Access, Collision Detect. Simple!

Since Ethernet was designed to be on shared media, with 2 or more

users, and the “more” part can be very big (that’s the “Multiple Access”
part) you have to listen to see if anyone else is talking before you talk
(Carrier Sense) and if you and someone else start talking at the same
time, notice it (Collision Detect), say “excuse me” stop and try again
later. A polite free for all with rules.

Ethernet is 10Mbit (10 million bits per second) only. Fast ethernet,
which has nearly the same rules, is 100Mbit only. Gigabit ethernet is
1000Mbit only. Some Network Interface Cards (NIC’s) can speak at 10
or 100 (and sometimes 10 or 100 or 1000) but each end has to be using
the same speed or there’s no connection.

12
Ethernet: Addressing
Since there can be many users on an ethernet network, everyone has to
have their own unique address.

This is called the Media Access Control (or MAC) address, or

sometimes ethernet address, physical address, adaptor address,
hardware addres, etc.

It’s a 12-digit (48 bit) hexadecimal address that is unique to that

ethernet adaptor and no other in the world. It can be written as 00:30:
65:83:fc:0a or 0030.6583.fc0a or 003065:83fc0a or 00-30-65-83-fc
-0a but they all mean the same thing.

The first 6 digits are the Vendor code, (003065 belongs to Apple), the
last 6 are the individual inteface’s own. Like a car’s VIN. See http://
coffer.com/mac_find/ to look up some vendor codes.

13
Ethernet: Finding your
Address(es)
On Windows 95/98, from the “run” menu type “winipcfg”

On Windows NT, 2000 and XP, open a command window and type
“ipconfig /all”

On MacOS 9, open the TCP/IP control panel and select “Get info”

On MacOS X and most Unix or Unix-like systems, from a terminal, type

ifconfig -a.

Instructions with nice pictures are at http://www.stanford.edu/dept/

itss/ess/pc/sunet.html and http://www.stanford.edu/dept/itss/ess/
mac/sunet.html

Just type “ess” in your browser.

14
Ethernet addresses: now
what?
To send someone a message, start with a broadcast (FFFF.FFFF.FFFF)
asking “where’s Bob?” Everyone’s supposed to look at broadcasts.

“Bob” replies, in his reply, he has his ethernet address. Since every
ethernet packet has the destination and sender address listed, “Bob”
knows your address (from your broadcast) so doesn’t have to start
with a broadcast.

For the rest of the conversation, you’ll put each other’s address as the
destination (and yours as the sender), so the conversation can pass
along the ethernet media between you.

Who’s “Bob” and how did he get that name? That’s a layer 3 (Network)
problem, layer 2 (Data) doesn’t care.

15
Hubs vs. Switches
Hubs are shared media devices. Everyone sees everyone’s packets,
you’re only supposed to pay attention to those specifically directed to
you, or to broadcasts. Not too secure, but cheap. Most wireless still
qualifies as a “hub,” while actual wired ethernet hubs are becoming hard
to find.

Switches aren’t shared, most of the time. The switch pays attention to
the packets and makes a list of the “sender” ethernet addresses and
makes a table (it removes old data after a while). When a packet comes
along whose destination address is in the table (because that host has
recently “talked” and identified itself) the packet only goes to that
port. Unknown packets and broadcasts still go to all ports, but overall,
there are nearly no collisions and is generally more secure. Switches are
now much more common than hubs.

16
Network Layer (Layer 3)
Network packets can be routed. This means they can be passed from
one local network to another. Data layer packets can’t be routed,
they’re local only. Your computer can only get data layer packets on its
data layer interface, so network layer packets have to be stuffed inside
the data layer packets. This is called “encapsulation” and is why a
layered model is so handy.

When you link computers up, via layers 1 (Physical) and 2 (Data) you
get a network. When you link networks up, you get an internetwork. You
need the Network layer (3) to get data between all the little networks
(often called subnets) of your internetwork. There’s one internetwork
so well known, it drops the “work” and gets a capital “I.”

Network Layer Protocols: Internet Protocol (IP) and some others that
aren’t used any more (AppleTalk, Netware, etc.)

17
Network Layer: IP
The Internet Protocol (IP) is the Network layer protocol used on the
Internet! It’s so handy that most everyone uses it on all their networks
big and small.

Designed for huge, ever-expanding networks of networks. Works

pretty well with unreliable links, routes can be re-built when links go
down.

ARP: Address Resolution Protocol. Turns an IP number into an ethernet

number, very important. Instead of asking “Who’s Bob?” you ask “Who’s
172.19.4.15” and if you get a reply, associate the ethernet address with
the IP address in your arp table, and now you can keep sending your
data to the intended recipient via the correct ethernet address.

Remember: the only packet you can actually send on ethernet is an

ethernet packet, everything else has to be stuffed inside it.

18
IP Addressing
IP addresses consists of 4 “octets” such as: 171.64.20.23

Each “octet” consists of numbers between 0 and 255 (or OO and FF in

hex! Don’t ask why ethernet is in hex but IP isn’t, they just are.)

It works sort of like the phone system, with “area codes” to the left,
then “prefix” etc. but more flexible. On campus, your computer will
know that “171.64” means “Stanford” while it will figure out that “20”
means “Pine Hall” and will learn that “23” means the computer called
“networking.” It does this via subnet masking (in this case,
255.255.255.0), which isn’t covered in this class.

Stanford’s Network ranges are: 171.64.0.0 through 171.67.255.255,

128.12.0.0 through 128.12.255.255 and a few others.

19
IP: Domain Name Resolution
(DNS)
Since most people find it easier to remember names instead of numbers,
IP numbers can and almost always are associated with names.

Your computer, however, needs a number, so the Domain Name System

(DNS) exists to make everyone happy.

A name, such as networking.stanford.edu tells you the first (or top)

level domain (.edu, for educational institutions) the second level
domain (stanford) and the actual host’s name (networking). If you want
the number for a host name within stanford.edu, you’ll ask one of our
DNS servers to give it to you. If you need to go outside stanford.edu,
you’ll still ask our servers, but they’ll figure out which other server(s)
should get your request, send it to them, and will send the reply back to
you.

20
DNS Servers
Since you need the DNS servers to turn names into numbers, you really
need to know the numbers of the DNS servers.

DHCP (Dynamic Host Configuration Protocol), covered in another

Tech Briefing, can hand this information to you automatically.

Stanford’s main DNS servers for campus users are:

Caribou, 171.64.7.55

Cassandra, 171.64.7.77

Cilantro, 171.64.7.99

We have others, but these are the most important ones for most campus
people.

21
IP: Routing. How do you get there
from here?
As mentioned before, you can only send ethernet packets out of your
ethernet interface, and ethernet packets stay on your local network.

You can put an IP (Network layer) packet inside of an ethernet (data

layer) packet, but somebody’s got to pass it along, and that
somebody’s a router.

Every IP number not on your local network will “belong” to your router
in your ARP table.

If you want to talk to someone outside your local network, you’ll send
that ethernet packet to your router’s ethernet address and trust that it
will work afterwards. It’s out of your hands now. You know what’s “local”
or “not” by the subnet mask.

22
More routing.
Routers keep tables of networks, often many and often large.

Routers know: 1- Networks directly connected to them (sometimes one

or two, sometimes a hundred or more), 2- Networks connected to their
“friends and neighbors” and 3- The “default route” for everything else.

When your ethernet packet arrives at the router, it takes the Network
packet (and all its contents), looks at the destination IP number,
checks its tables, and sends a new ethernet (or other layer 2) packet
(where the “sender” is now the router, not you) out the (hopefully)
correct interface. That may go to the final host if it’s on one of the
routers directly connected networks, or to another router, which does
the same process, until your packet gets to the router responsible for
that local network, who then sends your packet to to the intended
host. Whether your final destination host is in the next building or on
the other side of the world, it works the same way.

23
Who’s my router?
We serve most people on campus with only a handful of routers, each
one serving many different networks.

We also “cheat,” in that we tell you on the main campus to use 171.64.1.1
(and perhaps 171.65.1.1, 171.66.1.1 and 171.67.1.1) which really isn’t your
router, but is much easier to remember. Plus we use a subnet mask of
255.255.0.0, which is another “cheat.”

When you try to talk to the “1.1” router, your actual router will intercept
the packet and say: “That’s me, I’ll take care of that !” and you’ll be
none the wiser.

This “cheat” is called Proxy ARP and makes it easier to increase or

decrease a network size without everyone changing their settings.

DHCP hands this information to you, so most folks never have to worry
about their router’s number. If we can convince everyone to move to
DHCP, we can stop using Proxy ARP, and will do so soon.
24
It really can’t be a networking class
without ping and traceroute
Ping and Traceroute are two somewhat useful tools for looking at and
learning about your network.

Ping sends a small packet to a host which may or may not choose to
reply to it, and times how long the packet takes to get back. Lack of a
reply doesn’t indicate a problem with the host or network.

Traceroute asks all routers along the path between you and the
destination host if they’d like to respond to you, and times how long
each of 3 requests take to get back to you. Some routers may not
respond, but may still pass the traceroute packet along, and many
hosts will not reply to the traceroute inquiry at all. Lack of a reply
doesn’t indicate a problem with the host or network.

25
Review.
What’s a network?

What’s a Protocol Stack?

What happened to layers 4 through 7?

What’s Cat 5? Cat 5e? What layer are they?

What’s Ethernet? Why do I care?

What’s IP?

What kind of conversations can my computer have? Who can help it with
more conversations?

What’s DNS?

What’s a router do? Why do I care? Does each building have one?

26
Resources
Networking Web Page: http://www.stanford.edu/group/networking

Lots of links. Check out SUNet reports for lots of statistics on

our network.

LNA Guide: http://lnaguide.stanford.edu

Go to “training” for this presentation and others.

Useful web pages for networking folks: https://www.stanford.edu/

group/networking/NetConsult/IntroNet/pages.htm

Stanford’s wireless networks: http://wirelessnet.stanford.edu

Wireless Guest feature: http://wirelessguest.stanford.edu

Essential Stanford Software: http://ess.stanford.edu

Instructions with pictures on how to get your computer onto the

network.

27