2.

Network Reference Model

1. What is Data and Data Transfer

In the digital age, data represents information such as text, images, and
videos in binary form (0s and 1s) that computers can process.

For applications to use and transmit this information, it must first be

translated into data using specific rules.

Data transfer is the process of transmitting this data between devices

across a network.

The process involves encapsulation at each layer and decapsulation at the

receiving device to retrieve the original data.

2. Common Standard Protocols

Standard protocols are rules governing data transmission over a network.

They ensure interoperability and proper data flow between devices, with
each layer of the network model using Packet Data Units (PDUs).

Common standardization organizations include:

IETF: Develops and promotes TCP/IP protocols.

IEEE: Responsible for Ethernet and Wi-Fi standards.

ISO: Created the OSI model, a key reference for networking standards.

Common Protocols by Layer:

Application Layer:

HTTP, FTP, DNS, SMTP, Telnet, TFTP, SNMP, DHCP.

Transport Layer:

TCP (reliable, connection-oriented communication), UDP

(connectionless, faster, but unreliable).

Network Layer:

2. Network Reference Model 1

 IP (addressing and forwarding), ICMP (control and diagnostics), IGMP
(multicast management).

Data Link Layer:

Ethernet (used in LANs), PPP (used in WANs), PPPoE (for connecting

multiple hosts to a concentrator).

3. Layered Model Concept

The layered model organizes the functions of network protocols into
different layers, simplifying development and troubleshooting while
promoting standardization.
Key Benefits:

Simplified Development: Clear divisions allow developers to focus on

specific layers.

Industry Standardization: Functions are defined by international

bodies, ensuring compatibility across networks.

Improved Compatibility: Layers provide interfaces to ensure

communication between different hardware and software​​.

The two most common models are:

OSI Model (7 layers): Physical, Data Link, Network, Transport, Session,

Presentation, Application.

TCP/IP Model (4 layers): Network Access, Internet, Transport, Application​.

4. OSI Model
The Seven Layers of the OSI Model:

1. Physical Layer:

Responsible for the transmission of raw bitstreams (0s and 1s) over a
physical medium like cables, fiber optics, or wireless.

Defines electrical and physical specifications (e.g., voltage levels, cable

types, and pin configurations).

2. Network Reference Model 2

 2. Data Link Layer:

Encapsulates data packets into frames and controls how data is placed
onto the physical medium.

Provides error detection and correction using techniques like

checksums.

Uses MAC addresses to identify devices on the same network segment.

3. Network Layer:

Defines logical addressing (e.g., IP addresses) and determines the best

path for data to travel between networks.

Routers operate at this layer, handling data routing from source to

destination.

4. Transport Layer:

Manages end-to-end communication between devices. It ensures

reliable data transmission (via protocols like TCP) or provides faster, but
less reliable, communication (via protocols like UDP).

Responsible for error checking, flow control, and data sequencing.

5. Session Layer:

Establishes, manages, and terminates sessions or connections between

applications on different devices.

Coordinates communication between systems and maintains sessions,

even when interruptions occur.

6. Presentation Layer:

Translates data formats so that the application layer of one system can
understand the data from another system.

Provides functions like data encryption, compression, and translation

(e.g., converting from ASCII to EBCDIC).

7. Application Layer:

The layer closest to the end user, providing network services directly to
applications (e.g., web browsers, email clients).

Examples include HTTP, FTP, SMTP, and DNS.

2. Network Reference Model 3

 5. TCP/IP Model
The Layers of the TCP/IP Model:

1. Network Access Layer:

Combines the physical and data link layers of the OSI model.

Manages the transmission of data between devices on the same

network, handling physical transmission and data framing.

2. Internet Layer:

Equivalent to the network layer of the OSI model.

Responsible for logical addressing and routing, using IP addresses to

move packets from source to destination across different networks.

3. Host-to-Host Layer (Transport Layer):

Combines the transport layer functions from the OSI model, ensuring
reliable communication between devices.

Manages data flow control, error checking, and packet retransmission

(e.g., using TCP for reliability and UDP for speed).

4. Application Layer:

Combines the functions of the session, presentation, and application

layers from the OSI model.

Directly supports application-level functions, including protocols like

HTTP, FTP, and DNS.

Differences Between OSI and TCP/IP Models

The OSI model is a conceptual framework with seven distinct layers, while
the TCP/IP model is a practical implementation with four layers.

The TCP/IP model is more widely used due to its direct relevance to Internet
protocols like TCP and IP.

The OSI model separates network functions in detail, which is useful for
understanding specific aspects of network communication, but the TCP/IP
model simplifies this into fewer layers.

2. Network Reference Model 4

 6. Application Layer and Related Protocols
Purpose:

The application layer provides interfaces and protocols for applications

to use network services, such as file transfer, remote login, and web
browsing.

PDU (Protocol Data Unit):

At the application layer, data is referred to simply as "data" and contains

information relevant to the specific application protocol in use.

Communication Structure:

It often uses the client/server model, where a client (requesting service)

communicates with a server (providing service) using defined
protocols.

i. FTP (File Transfer Protocol)

Purpose:

FTP is used for transferring files between computers over a network,

allowing users to download and upload files.

Structure: FTP follows a Client/Server (C/S) architecture.

FTP Client: The client software allows users to connect to an FTP

server, authenticate, and operate files (e.g., uploading, downloading,
renaming).

FTP Server: The server hosts files and manages client access. It listens
for incoming client connections, authenticates users, and provides
access to stored files.

Ports: FTP uses TCP ports 20 (data transfer) and 21 (control commands).

Usage: Often used in website management, software distribution, and

backup systems.

ii. Telnet

2. Network Reference Model 5

 Purpose: Telnet provides a standard protocol for remote login, allowing
users to operate devices or servers remotely as if they were physically
present.

Structure:

A Telnet client is installed on a local PC, allowing the user to connect to

a remote Telnet server.

The Telnet server runs on the remote device, processing commands

received from the client as if they were entered directly on the server’s
console.

Ports: Telnet operates over TCP port 23.

Security Considerations: Telnet transmits data, including login credentials,

in plain text, which is insecure. SSH (Secure Shell) is often preferred as a
secure alternative.

Usage: Telnet is useful for managing network devices like routers and
switches, but its use is limited today due to security concerns.

iii. HTTP (HyperText Transfer Protocol)

Purpose: It is used to transmit hypertext documents (e.g., HTML) and
multimedia resources between web servers and clients (browsers).

Structure: HTTP operates using the client/server model:

HTTP Client: Usually a web browser, which sends requests to a web

server.

HTTP Server: Responds to client requests by delivering web pages,

files, or other resources.

Ports: HTTP typically uses TCP port 80. HTTPS operates on TCP port 443.

Usage: HTTP is used for browsing websites, accessing APIs, and

transferring web data.

7. Transport Layer and Related Protocols

Role: The transport layer receives data from application layer protocols and
encapsulates it with transport-layer protocol headers, enabling end-to-end

2. Network Reference Model 6

 (port-to-port) connections.

PDU: At the transport layer, PDUs are called segments (for TCP) or
datagrams (for UDP).

i. TCP (Transmission Control Protocol):

Connection-Oriented: TCP establishes a connection before data transfer
using a three-way handshake.

Reliable: TCP ensures that all segments are delivered in sequence and
without errors using acknowledgments and retransmission mechanisms.

Header Details:

Source Port (16 bits): The port number of the application sending the
segment.

Destination Port (16 bits): The port number of the application receiving
the segment.

Sequence Number (32 bits): Used to keep track of data byte order.

Acknowledgment Number (32 bits): Indicates the next expected byte

from the other party.

Header Length (4 bits): Specifies the size of the TCP header.

Control Bits (Flags): Includes SYN, ACK, FIN, etc., to manage the state
of the connection.

Window Size (16 bits): Controls flow by specifying how much data the
receiver can accept.

Checksum (16 bits): Ensures data integrity.

Urgent Pointer (16 bits): Indicates urgent data if the URG flag is set.

Options: Optional fields (up to 40 bytes) used for additional features

like maximum segment size.

ii. UDP (User Datagram Protocol):

Connectionless: UDP sends data without establishing a connection,
making it faster but less reliable.

Header Details:

2. Network Reference Model 7

 Source Port (16 bits): The port number of the application sending the
datagram.

Destination Port (16 bits): The port number of the application receiving
the datagram.

Length (16 bits): The total length of the UDP header and data.

Checksum (16 bits): Provides data integrity verification.

Use Cases: Best for time-sensitive applications like video streaming or

gaming, where speed is more critical than reliability.

TCP Connection Setup - Three-Way Handshake

TCP uses a three-step process to establish a connection:

1. SYN (Synchronization) Packet:

Client → Server: The client sends a TCP segment with the SYN flag set.
This segment indicates that the client wants to establish a connection
and begins the process.

Sequence Number: The client includes an initial sequence number ( a ),

which is a randomly generated 32-bit number.

Acknowledgment Number: Since this is the first segment, the

acknowledgment number is set to 0.

2. SYN-ACK (Synchronization-Acknowledgment) Packet:

Server → Client: The server receives the SYN packet, acknowledges it,
and responds with a TCP segment that has both the SYN and ACK flags
set.

Sequence Number: The server sends its own randomly generated

initial sequence number ( b ).

Acknowledgment Number: The server sets this number to a + 1 to

acknowledge receipt of the client’s SYN segment. This indicates that
the server has received and is expecting the next segment from the
client to begin with sequence number a + 1 .

3. ACK (Acknowledgment) Packet:

Client → Server: After receiving the SYN-ACK packet, the client sends a
final ACK packet to the server.

2. Network Reference Model 8

 Sequence Number: The client sets this sequence number to a + 1 ,
which is the next sequence number in line after the original SYN
segment.

Acknowledgment Number: The client sets this to b + 1 to

acknowledge the receipt of the server’s SYN segment.

TCP Sequence and Acknowledgment Numbers

TCP uses sequence and acknowledgment numbers for reliability:

Sequence Numbers: Every byte in the data stream is numbered. The

segment's sequence number indicates the first byte in that segment.

Acknowledgment Numbers: After receiving a segment, the receiver

acknowledges it by sending the next expected sequence number. This
ensures data is received in the correct order.

TCP Sliding Window Mechanism

The sliding window controls data flow to match the receiver’s buffer size,
ensuring efficient data transfer:

1. Window Initialization:

During the TCP handshake, both the sender and receiver negotiate the
window size.

The receiver specifies the maximum number of bytes it can receive and
store in its buffer at one time.

This value is communicated to the sender in the Window Size field of

the TCP header

2. Data Transmission: The sender transmits data up to the window size

advertised by the receiver.

3. Acknowledgment and Window Adjustment:

The receiver stores incoming data in its buffer and updates the window
size as it processes the data.

As the receiver receives data, it sends back an acknowledgment (ACK)

to the sender, indicating the next expected sequence number. This tells
the sender that all bytes up to that sequence number have been
successfully received.

2. Network Reference Model 9

 4. Sliding the Window

As the sender receives acknowledgments, it "slides" the window

forward, allowing it to send more data.

TCP dynamically adjusts the window size based on network conditions

and the receiver’s buffer availability:

TCP Connection Termination - Four-Way Handshake

To close a TCP connection, a four-step process is used:

1. FIN from PC1: The client sends a segment with the FIN flag, indicating it
wants to terminate the connection.

2. ACK from PC2: The server acknowledges the FIN with an ACK segment.

3. Data Check and FIN from PC2: If the server has remaining data, it sends it
and then sends a FIN segment. Otherwise, it directly sends the FIN
segment.

4. ACK from PC1: The client acknowledges the FIN, and the connection is
closed.

This four-step process ensures that both sides properly close the connection
and release resources.

8. Network Layer and Related Protocols

The network layer ensures data (packets) is transmitted from one host to
another, across networks. It determines the best path for data to travel and
manages logical addressing and packet forwarding.

PDU: At the network layer, the Protocol Data Units (PDUs) are called
packets.

Key Functions of the Network Layer

1. Logical Addressing:

The network layer assigns logical addresses (IP addresses) to identify

devices on the network.

IP addresses help identify both the source and the destination of each
packet, allowing for communication across different networks.

2. Network Reference Model 10

 2. Routing:

The network layer determines the best path for packets to travel from
the source to the destination using routing protocols and routing
tables.

Routers, the devices that operate at this layer, read the destination
address of packets and consult their routing tables to forward packets
toward the destination.

3. Forwarding:

Routers forward packets from one network to another based on routing

information. This involves checking the destination IP address in the
packet header and finding the best match in the routing table.

Network Layer Protocols

1. IPv4 (Internet Protocol Version 4):

IPv4 is the most widely used network layer protocol.

It uses a 32-bit address space, represented in dot-decimal notation

(e.g., 192.168.1.1 ).

IPv4 handles packet encapsulation, addressing, and routing.

2. IPv6 (Internet Protocol Version 6):

IPv6 is the next generation of IP addressing, designed to replace IPv4

due to address exhaustion.

It uses a 128-bit address space, providing a vastly larger number of

addresses.

IPv6 addresses are written in hexadecimal and separated by colons

(e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334 ).

3. ICMP (Internet Control Message Protocol):

ICMP helps manage and control the network, providing diagnostic

functions like ping and traceroute.

It is used to report errors (e.g., destination unreachable) and to check

connectivity between devices.

4. IGMP (Internet Group Management Protocol):

2. Network Reference Model 11

 IGMP is used for managing multicast group memberships in IPv4
networks. It allows hosts and routers to communicate about multicast
group membership, supporting applications like streaming media.

IP Addresses and Routing

IP Addresses: Each device on a network has a unique IP address used for
identifying it in communication.

Routing Tables: Routers maintain routing tables, which are essentially maps
that determine the best path for packets to reach their destination. Routing
tables are populated using routing protocols

How IP Packets Are Encapsulated and Forwarded

1. Encapsulation:

When the network layer receives data from the transport layer (e.g., a
TCP segment or UDP datagram), it encapsulates this data into an IP
packet.

The IP packet header contains essential information, including:

Source IP Address: The address of the device sending the packet.

Destination IP Address: The address of the target device.

Other fields such as Time-to-Live (TTL) to prevent infinite looping.

2. Packet Forwarding:

Each router the packet encounters along its path reads the destination
IP address and checks its routing table for the best match.

Based on the routing table entry, the router forwards the packet to the
next hop (another router or the final destination).

This process repeats until the packet reaches its destination.

3. Receiving the Packet:

When the packet arrives at the destination host, the network layer
checks if the destination IP matches its own. If it matches, the packet is
passed up to the transport layer for further processing.

9. Data Link Layer and Related Protocols

2. Network Reference Model 12

 The Data Link Layer provides communication within a local network.

PDU (Protocol Data Unit): At the data link layer, PDUs are called frames.

Functions of the Data Link Layer

1. Framing:

The data link layer encapsulates network layer packets into frames.

This encapsulation includes adding headers and trailers that contain

information such as the source and destination MAC addresses and
error-checking data.

2. Physical Addressing:

Unlike the network layer, which uses IP addresses, the data link layer
uses MAC (Media Access Control) addresses to identify devices on
the same network segment.

MAC addresses are unique to each network interface card (NIC).

3. Error Control:

Error-checking mechanisms, such as cyclic redundancy checks (CRC),

are added to the frame to detect and potentially correct errors during
transmission.

Data Link Layer Protocols

Ethernet: The most widely used protocol at this layer. It supports multiple
access and operates within a broadcast domain, typically defined as an IP
network segment.

PPP (Point-to-Point Protocol) and PPPoE (PPP over Ethernet): Used in

direct connections like DSL.

Ethernet and MAC Addresses

Ethernet: Functions as a broadcast multiple access protocol, meaning that
when a device sends a frame, it can be received by all devices within the
broadcast domain.

MAC Address: A 48-bit hardware address assigned to the NIC, usually

represented in formats like 48-A4-72-1C-8F-4F . It is used to identify and

2. Network Reference Model 13

 communicate with specific devices within the network segment.

ARP (Address Resolution Protocol)

ARP is essential for mapping IP addresses (used at the network layer) to MAC
addresses (used at the data link layer). It enables devices to find the MAC
address corresponding to a given IP address, allowing for proper frame delivery
within the same network segment.

ARP Implementation Process (Steps):

1. ARP Table Lookup:

Before sending a frame, a device (e.g., Host 1) checks its ARP table to
see if it already has the MAC address corresponding to the destination
IP address.

If the MAC address is found in the ARP table, the device uses it to send
the frame. If not, the device initiates an ARP request.

2. Sending an ARP Request:

If the destination MAC address is not in the ARP table, the device sends
an ARP request. This is a broadcast message sent to all devices within
the network segment.

The ARP request contains:

The source MAC and IP addresses (from Host 1).

The target IP address (IP address of Host 2).

The destination MAC address is set to FF-FF-FF-FF-FF-FF (broadcast).

3. Flooding the ARP Request:

The ARP request, encapsulated in an Ethernet frame, is broadcast to all

devices within the network segment. The Ethernet switch forwards the
frame to all ports except the one it was received on.

4. Receiving the ARP Request:

Each device that receives the ARP request checks whether the target IP
address matches its own IP address.

If the IP address matches (e.g., Host 2), the device records the sender's
(Host 1’s) MAC and IP addresses in its ARP table and prepares an ARP

2. Network Reference Model 14

 reply.

5. Sending an ARP Reply:

Host 2 sends an ARP reply directly to Host 1. This is a unicast message,

meaning it is sent only to Host 1 (not broadcasted).

The ARP reply includes:

The source MAC and IP addresses (from Host 2).

The destination MAC and IP addresses (for Host 1).

The operation type in the ARP reply is set to “reply.”

6. Forwarding the ARP Reply:

The switch forwards the ARP reply only to Host 1 based on the MAC
address of Host 1 contained in the frame.

7. Updating the ARP Table:

Upon receiving the ARP reply, Host 1 updates its ARP table with the
MAC address of Host 2.

Host 1 now has the MAC address associated with Host 2’s IP address
and can encapsulate this MAC address in the frame header for data
transmission.

ARP Cache
ARP Table: Devices maintain an ARP cache to store IP-to-MAC address
mappings temporarily. This cache helps reduce network traffic by
preventing the need for frequent ARP requests.

Expiration: ARP entries have a validity period (usually around 180 seconds).
After this period, entries are removed, and a new ARP request is necessary
if the device needs to communicate again.

10. Physical Layer and Related Protocols

The Physical Layer deals with the transmission of bitstreams over physical
media like cables or wireless signals. It defines the electrical, optical, and
mechanical properties of data transmission.

PDU (Protocol Data Unit): At the physical layer, the PDUs are called
bitstreams.

2. Network Reference Model 15

 Functions of the Physical Layer
1. Bitstream Transmission:

The physical layer is responsible for converting digital data

(bitstreams) into physical signals suitable for the transmission
medium (e.g., electrical signals for copper cables, optical signals for
fiber, or electromagnetic waves for wireless communication).

2. Media and Interface Standardization:

This layer defines the physical characteristics of the transmission

media, such as cable types, connectors, and pin configurations.

It also sets standards for electrical voltages, modulation techniques,

and interface specifications to ensure devices can transmit and
receive data correctly

Common Transmission Media:

Twisted Pairs:

Common in Ethernet networks.

Composed of pairs of wires twisted together to reduce

electromagnetic interference (EMI).

Optical Fibers:

Transmits data as light pulses, providing high-speed and long-

distance communication capabilities.

Serial Cables:

Widely used in WANs (Wide Area Networks) for connecting

devices over long distances.

Wireless Signals:

Uses electromagnetic waves to transmit data through the air.

Commonly used in wireless local area networks (WLANs) and
mobile networks.

11. Data Transfer, Encapsulation, and Decapsulation

Data Transfer: Data moves from one device to another through various
network layers. Each layer adds its own headers to the data, preparing it for

2. Network Reference Model 16

 transmission.

Encapsulation: The process of adding headers (and sometimes trailers) to

the data at each layer, such as adding the TCP header at the transport layer
or the IP header at the network layer.

Decapsulation: The reverse of encapsulation, where headers are removed

at each layer on the receiving device to retrieve the original data.

For example, when you access a website, the data (HTML page) is
encapsulated with HTTP, TCP, IP, and Ethernet headers before being
transmitted over the network. At the receiving end, these headers are removed
(decapsulated) layer by layer until the web page data is delivered to your
browser.

2. Network Reference Model 17