Computer Networks
Uploaded by
hlt.ariapalaComputer Networks
Uploaded by
hlt.ariapalaAccredited Course Provider
Table of Contents
1. Introduction to Networks ..................................................................................... 1
1.1. Why networks? ........................................................................................................... 1
1.2. A Basic communication Model ................................................................................... 1
1.3. Modes of transmission................................................................................................ 2
1.4. Modes of communication ........................................................................................... 2
2. Local Area Networks — LAN ............................................................................... 3
2.1. Characteristics of LAN ................................................................................................ 3
2.2. Topologies .................................................................................................................. 3
2.3. Standards ................................................................................................................... 6
2.4. Networks: .................................................................................................................... 6
2.5. Media Access Control (MAC) Methods ...................................................................... 8
2.6. Wireless LAN .............................................................................................................. 9
2.7. Client/Server architecture ......................................................................................... 10
3. Internetworking Models...................................................................................... 13
3.1. The Layered Approach ............................................................................................. 13
3.2. ISO OSI Reference Model........................................................................................ 14
3.3. TCP/IP Protocol Suite............................................................................................... 17
3.4. Flow and Error Control ............................................................................................. 22
3.5. IP Addressing ........................................................................................................... 25
4. Network Components ......................................................................................... 35
4.1. Hubs, Repeaters:...................................................................................................... 35
4.2. Switches.................................................................................................................... 35
4.3. Bridges ...................................................................................................................... 36
4.4. Routers ..................................................................................................................... 37
5. Digital Communication ....................................................................................... 39
5.1. Transmission media ................................................................................................. 39
5.2. Data Encoding Techniques ...................................................................................... 43
5.3. Multiplexing ............................................................................................................... 44
5.4. Modulation ................................................................................................................ 46
5.5. Types of Services ..................................................................................................... 47
6. Wide Area Networks ........................................................................................... 49
6.1. Characteristics of WAN ............................................................................................ 49
6.2. Switching technologies ............................................................................................. 49
6.2.1. Circuit Switching........................................................................................................... 49
6.2.2. Message Switching ...................................................................................................... 50
6.2.3. Packet Switching .......................................................................................................... 50
6.3. X.25 ........................................................................................................................... 54
6.4. Frame relay............................................................................................................... 55
6.5. ATM .......................................................................................................................... 58
6.6. ISDN ......................................................................................................................... 61
6.7. Narrow band & Broadband ....................................................................................... 64
6.8. MPLS - Multiprotocol Label Switching ..................................................................... 64
7. Errors .................................................................................................................... 67
7.1. Transmission impairments ....................................................................................... 67
7.2. Errors Detection & Correction .................................................................................. 68
7.3. Parity check .............................................................................................................. 69
7.4. Block Sum Check ..................................................................................................... 70
7.5. Cyclic Redundancy Check (CRC) ............................................................................ 70
7.6. Hamming code.......................................................................................................... 73
7.7. Quality of Service (QoS) ........................................................................................... 75
7.8. Class of Service (C0S) ............................................................................................. 76
8. Network Security ................................................................................................. 77
8.1. Authentication ........................................................................................................... 77
8.2. Encryption ................................................................................................................. 78
8.3. Digital Signatures ..................................................................................................... 81
Diploma – Computer Networks i
Accredited Course Provider
8.4. VPN .......................................................................................................................... 82
8.5. Firewalls ................................................................................................................... 82
ii Diploma – Computer Networks
Accredited Course Provider
1. Introduction to Networks
What is a Computer Network?
A Computer Network is an interconnected collection of computers, printers and other
resources interconnected for the purposes of communication and resource sharing.
A group of computers and associated devices connected by communications facilities (both
hardware and software) to share information and peripheral devices, such as printers and
modems.
1.1. Why networks?
✓ V Is a method for communication.
✓ V File/Data sharing
✓ V Sharing of printers and other resources
✓ V Can centralize administration and support
✓ V Can reduce the cost involved in communication & information gathering.
1.2. A Basic communication Model
1. Source
2. Encoder
3. Channel
4. Decoder
5. Destination
Diploma – Computer Networks 1
Accredited Course Provider
1.3. Modes of transmission
Serial Transmission
✓ Bits can be transmitted only 1 bit at a time, using only one communications line. This
is suitable for long distance, cheap but slow.
Eg.
DTE1 11001001 DTE2
Parallel Transmission
✓ Sends each byte (a series of bits) simultaneously using separate lines. This is very
fast, suitable for short distance but expensive.
Eg.
1
1
0
0
DTE1 DTE2
1
0
0
1
DTE – Data Terminal Equipment (Eg. Router, PC)
1.4. Modes of communication
1. Simplex
✓ This is where messages are passed only in one direction.
Eg.
2. Half duplex
✓ This is a two way communication, but one after the other.
Eg.
3. Full duplex / Duplex
✓ This is also a two way communication where both happens simultaneously
Eg.
2 Diploma – Computer Networks
Accredited Course Provider
2. Local Area Networks — LAN
2.1. Characteristics of LAN
✓ LAN is a network within a geographical location.
✓ Usually within a room/building
✓ Faster than a WAN
✓ Usually a broadcast system
✓ Will be owned by the same organization.
✓ Ethernet, FDDI, and Token Ring are the most popular LAN technologies.
2.2. Topologies
A network topology is the pattern of links connecting pairs of nodes of a network. A given
node has one or more links to others, and the links can appear in a variety of different
shapes. Network topology is determined only by the configuration of connections between
nodes
1. Bus
2. Star
3. Ring
4. Mesh
Bus topology
All devices are connected to a central cable, called the bus or backbone. Bus / linear
networks are relatively inexpensive and easy to install for small networks. Ethernet systems
use a bus topology. Uses thin coaxial cable.
Advantages of Bus Topology
✓ Easy to connect a computer or peripheral
✓ Requires less cable length than a star topology.
✓ Inexpensive to install
✓ Works well for small networks
Disadvantages of Bus Topology
✓ Entire network shuts down if there is a break in the main cable.
✓ Terminators are required at both ends of the backbone cable.
✓ Difficult to identify the problem if the entire network shuts down.
Diploma – Computer Networks 3
Accredited Course Provider
✓ No longer recommended
Ring topology
All devices are connected to one another in the shape of a closed loop, so that each device
is connected directly to two other devices, one on either side of it. No beginning or end (a
ring in fact!). Ring topologies are relatively expensive and difficult to install, but they offer
high bandwidth and can span large distances.
Advantages of Ring Topology
✓ Data packets travel at great speed
✓ No collisions
✓ Easier to fault find
✓ No hub/switch required
Disadvantages of Ring Topology
✓ Requires more cable than a bus
✓ A break in the ring will bring it down.
Star Topology
All devices are connected to a central hub/Switch. Star networks are relatively easy to install
and manage, but bottlenecks can occur because all data must pass through the hub.
Advantages of a Star Topology
✓ Easy to install and wire.
✓ No disruptions to the network when connecting or removing devices.
✓ Easy to detect faults and to remove parts.
✓ Easy to add devices as the network expands.
4 Diploma – Computer Networks
Accredited Course Provider
✓ One cable failure does not bring down the entire network.
✓ Switch provides centralised management.
✓ Lots of support as it is the most used.
Disadvantages of a Star Topology
✓ Requires more cable length than a linear/bus topology.
✓ If the hub fails, the entire network fails.
✓ More expensive than linear bus topologies.
Mesh Topology
Each node is connected to every other node. Allows communication to continue in the event
of a break in any one connection. It is fault tolerant.
Advantages of a Mesh Topology
✓ Improves Fault Tolerance Disadvantages of a Mesh Topology
✓ Expensive
✓ Difficult to install
✓ Difficult to manage.
Hybrid Topology
Combines two or more different physical topologies
Physical vs. Logical Topology
✓ The actual layout of a network and its media is its Physical Topology
✓ The way in which the data access the medium and transmits packets is the Logical
Topology
✓ Your choice of Logical Topology will affect the Physical Topology — and vice versa
✓ Only two Logical Topologies (Bus or Ring)
✓ Your choice will determine cable installation, network devices, network connections,
protocols (and where you will drill holes in the building!)
Deciding factors:
✓ Cost
Diploma – Computer Networks 5
Accredited Course Provider
✓ Scalability
✓ Bandwidth Capacity
✓ Ease of Installation
✓ Ease of fault finding and maintenance
2.3. Standards
Various organizations have been involved in the development or promotion of standards of
data and computer communications. The most important organizations are as follows:
• Internet Society: The Internet SOCiety (ISOC) is a professional membership society
with more than 150 organizational and 6000 individual members in over 100 countries. It
provides leadership in addressing issues that confront the future of the Internet and is the
organization home for the groups responsible for Internet infrastructure standards,
including the Internet Engineering Task Force (IETF). and the Internet Architecture Board
(TAB). All of the RFCs and Internet standards are developed through these
organizations.
• IEEE Standards
The Institute of Electrical and Electronics Engineers a professional organization that,
among other activities, defines standards in a number of fields within computing and
electronics, including networking and communications. IEEE standards are the
predominant LAN standards used today throughout the industry. Many protocols are
commonly known by the reference number of the corresponding IEEE standard.
IEEE 802: The TEE (Institute of Electrical and Electronics Engineers) 802
LAN/MAN Standards Committee develops local area network standards and
metropolitan area network standards. The most widely used standards are for the
Ethernet family, token ring, wireless LAN, bridging, and virtual bridged LANs.
An individual working group provides the focus for each area.
• ITU-T: The International Telecommunication Union (ITU) is an international organization
within the United Nations System where governments and the private sector coordinate
global telecom networks and services. The ITU Telecommunication Standardization
Sector (ITU-T) is one of the three sectors of the ITU. ITU-T’s mission is the production of
standards covering all fields of telecommunications.
• ISO: The International Organization for Standardization (ISO) is a world wide federation of
national standards bodies from mote than 140 countries, one from each country. ISO is a
nongovernmental organization that promotes the development of standardization and
related activities with a view to facilitating the international exchange of goods and
services and to developing cooperation in the spheres of intellectual, scientific,
technological, and economic activity. ISO’s work results in international agreements that
are published as International Standards.
2.4. Networks:
Ethernet
6 Diploma – Computer Networks
Accredited Course Provider
A baseband LAN specification created by the Xerox Corporation and then improved through
joint efforts of Xerox, Digital Equipment Corporation, and Intel. Ethernet is similar to the IEEE
802.3 series standard and, using CSMAJCD, operates over various types of cables at
10Mbps.
Ethernet frame Format (IEEE 802.3):
SFD Destination Source
Preamble Length Data Pad FCS
Address Address
Preamble - Each frame starts with a Preamble of 7 bytes (this produces a 10 MHz
square wave) which allows the receiver’s clock to synchronize with the sender’s.
SFD (Start Frame Delimiter) - The SFD is 10101011, allows the receiver to detect
the beginning of the data.
Destination Address (DA) - This transmits a 48-bit value. The DA is used by
receiving stations to determine whether an incoming packet is addressed to a
particular node.
Source Address (SA) - The SA is a 48-bit MAC address used to identify the
transmitting device,
Length field - The number of bytes within the data field.
Data - This is a packet sent down to the Data Link layer from the Network layer. The
size can vary from 46 to 1500 bytes.
Pad - Ethernet requires that valid frames must be at least 46 bytes long, from DA to
FCS including both. If the data portion of a frame is less than 46 bytes, the Pad field
is used to fill out the frame to the minimum size.
Frame Check Sequence (FCS) - FCS is a field at the end of the frame that’s used to
store the cyclic redundancy check (CRC).
Fast Ethernet and Gigabit Ethernet
Fast Ethernet is an Ethernet specification with a speed of 100Mbps. Fast Ethernet is ten
times faster than 10BaseT, while retaining qualities such as MAC mechanisms and frame
format. These similarities make it possible for existing 10BaseT applications and
management tools to be used on Fast Ethernet networks. Fast Ethernet is based on an
extension of IEEE 802.3u and Gigabit Ethernet is defined as 802.3Q with a speed of
1000Mbps.
10 GB Ethernet
10-Gigabit Ethernet (1 OGBASE-T), being standardized in IEEE 802.3 a. 10 GB Ethernet
uses the familiar IEEE 802.3 Ethernet media access control (MAC) protocol and its frame
format and size. Like Fast Ethernet and Gigabit Ethernet, 10-Gigabit Ethernet uses full
duplex transmission. This is a version of Ethernet with a nominal data rate of 10 Gbit/s, ten
times as fast as Gigabit Ethernet.
Token Ring
Diploma – Computer Networks 7
Accredited Course Provider
Token Ring / token-passing is IBM’s LAN technology. It runs at 4Mbps or 16Mbps over a ring
topology. Defined formally by IEEE 802.5.
FDDI
Fiber Distributed Data Interface. A LAN! MAN that can run at speeds up to 200Mbps and
uses token-passing media access on fiber-optic cable.
For redundancy, FDDI can use a dual-ring architecture, which would create Higher
Availability. FDDI’s primary fault-tolerant feature is the dual ring. If a station on the dual ring
fails or is powered down, or if the cable is damaged, the dual ring is automatically wrapped
(doubled back onto itself) into a single ring. When the ring is wrapped, the dual- ring topology
becomes a single-ring topology. Data continues to be transmitted on the FDDI ring without
performance impact during the wrap condition.
Longer Distance Loops ranging from 2 kilometers to 100 kilometers. FDDI is expensive but
have a higher performance.
2.5. Media Access Control (MAC) Methods
When computers in a network want to transmit data/messages among them there should be
a way of approaching to the network. MAC defines how packets are placed on the media.
The two types of media access methods:
1. CSMA/CD (Ethernet)
2. Token passing (Token Ring and FDDI)
CSMA/CD
Ethernet networking uses Carrier Sense Multiple Access with Collision Detection
(CSMAJCD), a protocol that helps devices share the bandwidth evenly without having two
devices transmit at the same time on the network medium. CSMAICD was created to
overcome the problem of those collisions that occur when packets are transmitted
simultaneously from different nodes.
This is how CSMAJCD protocol works:
8 Diploma – Computer Networks
Accredited Course Provider
1. If the medium is idle, transmit; otherwise, go to step 2.
2. If the medium is busy, continue to listen until the channel is idle, then transmit
immediately.
3. If a collision is detected during transmission, transmit a brief jamming signal to assure
that all stations know that there has been a collision and then cease transmission.
4. After transmitting the jamming signal, wait a random amount of time, referred to as
the backoff, then attempt to transmit again (repeat from step 1).
Token passing
A token is a special control frame on token ring, token bus, and FDDI networks that
determines which stations can transmit data on a shared network.
Token-passing networks move a small frame, called a token, around the network.
Possession of the token grants the right to transmit. If a node receiving the token has no
information to send, it passes the token to the next end station.
If a station possessing the token have information to transmit, it seizes the token, alters 1 bit
of the token (which turns the token into a start-of-frame sequence), appends the information
that it wants to transmit, and sends this information to the next station on the ring. While the
information frame is circling the ring, no token is on the network, which means that other
stations wanting to transmit must wait. Therefore, collisions cannot occur in Token Ring
networks.
The information frame circulates the ring until it reaches the intended destination station,
which copies the information for further processing. The information frame continues to circle
the ring and is finally removed when it reaches the sending station. The sending station can
check the returning frame to see whether the frame was seen and subsequently copied by
the destination.
Token Ring networks have a priority system that allows stations with high priority to use the
network more frequently. The priority is defined by the frame’s priority and reservation fields.
Discuss the Media Access Control methods with an example using a diagram.
2.6. Wireless LAN
Local area network using wireless transmissions, such as radio or infrared instead of phone
lines or fiber-optic cable to connect data devices. Wireless LANs provide all the functionality
of wired LANs, without the need for physical connections (wires).
The IEEE 802.11 is a wireless LAN industry standard, and the objective of IEEE 802.11 is to
make sure that different manufactures’ wireless LAN devices can communicate to each
other.
Diploma – Computer Networks 9
Accredited Course Provider
Advantages of Wireless LANs:
✓ Installation Speed and Simplicity - Installing a wireless LAN system can be fast and
easy and can eliminate the need to pull cable through walls and ceilings.
✓ Installation Flexibility - Wireless technology allows the network to go where wire
cannot go.
✓ Reduced Cost-of-Ownership - While the initial investment required for wireless LAN
hardware can be higher than the cost of wired LAN hardware, overall installation
expenses and life-cycle costs can be significantly lower. Long-term cost benefits are
greatest in dynamic environments requiring frequent moves and changes.
✓ Flexible movement - Ideal for trade shows, exhibitions and construction sites that
employ temporary networks and retailers requiring frequent relocation Or office
rearrangement.
✓ Provides high network availability for mobile laptop and PDA users.
Disadvantages of Wireless LANs:
✓ The speed of Wireless LAN is still relative slower than wired LAN.
✓ The setup cost of Wireless LAN is relative high because the equipment cost including
access point and PCMCIA Wireless LAN card is higher than hubs and CAT 5 cables.
2.7. Client/Server architecture
A network architecture in which each computer or process on the network is either a client or
a server. Servers are powerful computers or processes dedicated to managing disk drives
(file servers), printers (print servers), or network traffic (network servers). Clients are PCs or
workstations on which users run applications. Clients rely on servers for resources, such as
files, devices, and even processing power.
The below diagram illustrates the client/server exchange. The client process sends a request
to the server. The server interprets the message and then attempts to fulfill the request. In
order to fulfill the request, the server may have to refer to a knowledge source (database),
process data (perform calculations), control a peripheral, or make an additional request of
another server. In much architecture, a client can make requests of multiple servers and a
server can service multiple clients.
10 Diploma – Computer Networks
Accredited Course Provider
The following diagram illustrates a simple client-server interaction
The basic WWW architecture is based on the client/server model of distributed systems. A
client process makes a request to a server process, normally running on a different machine
and using a network such as the Internet for communication. The server process receives
the request, establishes a connection with the client, performs the desired function, returns
the result to the client, and breaks the connection.
3-tier Architecture
N-tier Architecture
Diploma – Computer Networks 11
Accredited Course Provider
In designing a client-server application, there is a decision 10 be made as to which parts of
the task should be done on the client, and which on the server. This decision can crucially
affect the cost of clients and servers, the robustness and security of the application as a
whole. Depending on the outcome of these decisions we might say that we use either a thin
client or a thick/fat client.
A thin client is a computer in a client-server architecture which has little or no application
logic, so it has to depend primarily on the central server for processing activities. A thin client
as a device is designed to provide just those functions which are useful for user-interface
programs.
A thick or fat client does as much processing (All or most of the application logic) as
possible and passes only data required for communications and archival storage to the
server.
Advantages of client-server
✓ Centralisation — Access, resources, and data security are controlled through the
server.
✓ Scalability — Any element can be upgraded when needed.
✓ Flexibility — New technology can be easily integrated into the system.
✓ Interoperability — All components work together (Client, network, server)
✓ Accessibility — server can be accessed remotely and across multiple platforms.
✓ Lower total cost than mainframe legacy system
✓ User friendly.
12 Diploma – Computer Networks
Accredited Course Provider
3. Internetworking Models
When networks first came into being, computers could typically communicate only with
computers from the same manufacturer. In the late 1970s, the Open Systems
Interconnection (OSI) reference model was created by the International Organization for
Standardization (ISO) to break this barrier.
The OSI model was meant to help vendors create interoperable network devices and
software in the form of protocols so that different vendor networks could work with each
other. The OSI model is the primary architectural model for networks. It describes how data
and network information are communicated from an application on one computer, through
the network media, to an application on another computer. The OSI reference model breaks
this approach into layers.
3.1. The Layered Approach
A reference model is a conceptual blueprint of how communications should take place. It
addresses all the processes required for effective communication and divides these
processes into logical groupings called layers. When a communication system is designed in
this manner, it’s known as layered architecture.
Advantages of Reference Models
The OSI model is hierarchical, and the same benefits and advantages can apply to any
layered model. The primary purpose of all such models, especially the OSI model, is to allow
different vendors’ networks to interoperate.
Advantages of using the OSI layered model include, but are not limited to, the following:
• Allows multiple-vendor development through standardization of network components
• Allows various types of network hardware and software to communicate
• Prevents changes in one layer from affecting other layers, so it does not hamper
development
The principles that were applied to arrive at the 7 layers can be summarized as follows:
1. A layer should be created where a different abstraction is needed.
2. Each layer should perform a well defined function.
3. The function of each layer should be chosen with an eye toward defining
internationally standardized protocols.
4. The layer boundaries should be chosen to minimize the information flow across the
interfaces.
5. The number of layers should be large enough that distinct functions need not be
thrown together in the same layer out of necessity and small enough that the
architecture does not become unwieldy.
Diploma – Computer Networks 13
Accredited Course Provider
3.2. ISO OSI Reference Model
One of the greatest functions of the OSI specifications is to assist in data transfer between
disparate hosts - meaning, for example, that they enable us to transfer data between a Unix
host and a PC or a Mac.
The OSI seven layers are as:
Application
7
6 Presentation
5 Session
4 Transport
3 Network
2 Data Link
1 Physical
The seven different layers are divided into two groups. The top three layers define how the
applications within the end stations will communicate with each other and with users. The
bottom four layers define how data is transmitted end-to-end.
14 Diploma – Computer Networks
Accredited Course Provider
The Application Layer
The Application layer of the OSI model marks the spot where users actually communicate to
the computer.
The application layer contains a variety of protocols that are commonly needed by users.
One widely used application protocol is HTTP, which is the basis for the WWW. When a
browser wants a web page, it sends the name of the page it wants to the server using HTTP.
The server then sends the page back. Other application protocols are used for file transfer
(FTP), E-mail (SMTP) etc.
The Presentation Layer
The Presentation layer gets its name from its purpose It presents data to the Application
layer and is responsible for data translation and code formatting.
This layer is essentially a translator and provides coding and conversion functions. A
successful data-transfer technique is to adapt the data into a standard format before
transmission. Computers are configured to receive this generically formatted data and then
convert the data back into its native format for actual reading (for example, EBCDIC to
ASCII). By providing translation services, the Presentation layer ensures that data
transferred from the Application layer of one system can be read by the Application layer of
another one. The OSI has ‘protocol standards that define how standard data should be
formatted. Tasks like data compression, decompression, encryption, and decryption are
associated with this layer.
The Session Layer
The Session layer is responsible for setting up, managing, and then tearing down sessions
between Presentation layer entities. This layer also provides dialogue control (keeping track
of whose turn it is to transmit) between devices, or nodes. It coordinates communication
between systems, and serves to organize their communication by offering three different
modes: simplex, half duplex, and full duplex. As another service that is offered as a part of
the Session Layer might include data synchronization.
The Transport Layer
Diploma – Computer Networks 15
Accredited Course Provider
The Transport layer segments and reassembles data into a data stream. Services located in
the Transport layer both segment and reassemble data from upper-layer applications and
unite it onto the same data stream. They provide end-to-end data transport services and can
establish a logical connection between the sending host and destination host on an
internetwork.
The Network Layer
The Network layer manages device addressing, tracks the location of devices on the
network, and determines the best way to move data, which means that the Network layer
must transport traffic between devices that aren’t locally attached. Routers are specified at
the Network layer and provide the routing services within an internetwork.
The Data Link Layer
The Data Link layer provides the physical transmission of the data and handles error
notification, network topology, and flow control. This means the Data Link layer will ensure
that messages are delivered to the proper device on a LAN using hardware addresses, and
translates messages from the Network layer into bits for the Physical layer to transmit.
The Data Link layer formats the message into pieces, each called a data frame, and adds a
customized header containing the hardware destination and source address.
The IEEE Ethernet Data Link layer has two sublayers:
Media Access Control (MAC) 802.3 Defines how packets are placed on the media.
Contention media access is “first come/first served” access where everyone shares
the same bandwidth. Line discipline, error notification (not correction), ordered
delivery of frames, and optional flow control can also be used at this sub layer.
Logical Link Control (LLC) 802.2 Responsible for identifying Network layer
protocols and then encapsulating them. An LLC header tells the Data Link layer what
to do with a packet once a frame is received. It works like this: A host will receive a
frame and look in the LLC header to find out where the packet is destined for - say,
the IP protocol at the Network layer. The LLC can also provide flow control and
sequencing of control bits.
The Physical Layer
Finally arriving at the bottom, we find that the Physical layer does two things: It sends bits
and receives bits. Bits come only in values of 1 or 0. The Physical layer communicates
directly with the various types of actual communication media. Different kinds of media
represent these bit values in different ways. Some use audio tones, while others employ
state transitions - changes in voltage from high to low and low to high. Specific protocols are
needed for each type of media t describe the proper bit patterns to be used, how data is
encoded into media signals, and the various qualities of the physical media’s attachment
interface.
The Physical layer specifies the electrical, mechanical, procedural, and functional
requirements for activating, maintaining, and deactivating a physical link between end
systems. This layer is also where you identify the interface between the data terminal
equipment (DTE) and the data communication equipment (DCE).
16 Diploma – Computer Networks
Accredited Course Provider
Data Encapsulation
When a host transmits data across a network to another device, the data goes through
encapsulation: it is wrapped with protocol information at each layer of the OSI model. Each
layer communicates only with its peer layer on the receiving device.
The OSI model allows all network elements to operate together, regardless of who built
them. By the late 1970’s, ISO was recommending the implementation of the 051 model as a
networking standard, unfortunately, TCP/IP had been in use for years. TCP/IP was
fundamental to ARPANET and the other networks that evolved into the Internet.
3.3. TCP/IP Protocol Suite
TCP/IP is a suite of protocols, also known as the Internet Protocol Suite. It should not be
confused with the OSI reference model, although elements of TCP/IP exist in OSI. The
transmission control protocol and the Internet Protocol are fundamental to the suite, hence
the TCP/IP title. The suite was originally developed for the US Department of Defence (DoD)
Advanced Research Project Agency (DARPA) network, but it is now the basis for the Internet
and many intranets.
The DoD model is basically a condensed version of the OSI model. It’s composed of four,
instead of seven, layers:
Diploma – Computer Networks 17
Accredited Course Provider
4 Application
3 Transport
2 Internet
1 Host to Network
Application layer
To integrate the various activities and.. duties spanning the focus of the OSI’s corresponding
top three layers (Application, Presentation, and Session). The Application layer defines
protocols for node-to-node application communication and also controls user-interface
specifications.
Examples of protocols found at this layer are Telnet, FTP (File Transfer Protocol), SNMP
(Simple Network Management Protocol), HTTP (Hyper Text Transfer Protocol), DNS, DHCP
(Dynamic Host Configuration Protocol) and SMTP (Simple Mail Transfer Protocol).
Transport layer
Parallels the functions of the OSI’s Transport layer, defining protocols for setting up the level
of transmission service for applications. It tackles issues such as creating reliable end-to-end
communication and ensuring the error-free delivery of data. It handles packet sequencing
and maintains data integrity.
The two protocols found at the transport layer are TCP (Transmission Control Protocol) and
UDP (User Datagram Protocol). Either of these two protocols are used by the application
layer process, the choice depends on the application’s transmission reliability requirements.
TCP is a reliable, connection-oriented protocol that provides error checking and flow control
through a virtual link that it establishes and finally terminates. This gives a reliable service,
therefore TCP would be utilized by FTP and SNMP - file transfer and email delivery have to
be accurate and error free.
UDP is an unreliable, connectionless protocol that provides data transport with lower network
traffic overheads than TCP - UDP does not error check or offer any flow control, this is left to
the application process. SNMP uses UDP - SNMP is used to monitor network performance,
so its operation must not contribute to congestion.
Key Features of TCP and UDP;
18 Diploma – Computer Networks
Accredited Course Provider
TCP UDP
Sequenced Unsequenced
Reliable Unreliable
Connection-oriented Connectionless
Virtual circuit Low overhead
Acknowledgments No acknowledgment
Windowing flow control No windowing or flow control
Port Numbers
TCP and UDP must use port numbers to communicate with the upper layers, because
they’re what keeps track of different conversations crossing the network simultaneously.
Internet layer
Corresponds to the OSI’s Network layer, designating the protocols relating to the logical
transmission of packets over the entire network. It takes care of the addressing of hosts by
giving them an IP (Internet Protocol) address, and it handles the routing of packets among
multiple networks.
Host to Network layer
Monitors the data exchange between the host and the network. The equivalent of the Data
Link and Physical layers of the OS! model, the Host to Network layer oversees hardware
addressing and defines protocols for the physical transmission of data.
Deals with pure hardware (wires, satellite links, network interface cards, etc.) and access
methods such as CSMAICD (carrier sensed multiple access with collision detection).
The following diagram shows the TCP/IP protocol suite and how its protocols relate to the
DoD model layers:
Diploma – Computer Networks 19
Accredited Course Provider
Application
Transport
Internet
Host to Network
The following diagram illustrates a comparison of the DoD model (TCP/IP) and the OSI
reference model. As you can see, the two are similar in concept, but each has a different
number of layers with different names.
The diagram illustrates where software, hardware and firmware are used in the TCP/IP and
OSI reference model.
The diagram below shows how bridging is performed from 802.x to 8O2.y networks
20 Diploma – Computer Networks
Accredited Course Provider
The IEEE 802.11 Protocol Stack
The protocols used by all the 802 variants have a certain commonality of structure. The
physical layer corresponds to the OSI physical layer fairly well, but the data link layer in all
the 802 protocols is split into two or more sub layers. In 802.11, the MAC sub layer
determines how the channel is allocated, that is, who gets to transmit next. Above it is the
LLC sub layer, whose job it is to hide the differences between the different 802 variants and
make them indistinguishable as far as the network layer is concerned.
A partial view of the 802.11 protocol stack is as follows:
The 802.11 standard specifies three transmission techniques allowed in the physical layer.
The Infrared method uses much the same technology as television remote controls do. The
other two use short range radio, using techniques called FHSS (Frequency Hopping Spread
Spectrum) and DSSS (Direct Sequence Spread Spectrum). Cordless telephones and
microwave ovens also use this band. All of these techniques operate at 1 or 2 Mbps and at
low enough power that they do not conflict too much.
Diploma – Computer Networks 21
Accredited Course Provider
In 1999, two new technologies were introduced to achieve higher bandwidth. These are
called OFDM (Orthogonal Frequency Division Multiplexing) and HR-DSSS (High Rate Direct
Sequence Spread Spectrum), they operate at up to 54 Mbps and 11 Mbps respectively.
In 2001, a second OFPM modulation was introduced, but in a different frequency band from
the first one.
Discuss - Protocols: Routed (Eg. IP) & Routing (Eg. RIP, IGRP, OSPF)
Routing algorithms: Adaptive & Non-adaptive
Classes of routing protocols: Link-state database & Distance vector
3.4. Flow and Error Control
To ensure reliable communication, there needs to exist flow control (managing the amount of
data the sender sends), and error control (that data arrives at the destination error free). Flow
and error control needs to be done at several layers. For node-to-node links, flow and error
control is carried out in the data-link layer. For end-point to endpoint, flow and error control is
carried out in the transport layer.
Flow Control
In communications, the process of adjusting the flow of data from one device to another to
ensure that the receiving device can handle all of the incoming data. This is particularly
important where the sending device is capable of sending data much faster than the
receiving device can receive it.’
Flow control tells the sender how much data to send. It makes the sender wait for some sort
of an acknowledgment (ACK) before continuing to send more data. There are two primary
methods of flow control:
Stop-and-wait
Sliding Window
Stop and Wait
Stop and Wait is a simple scheme, where the sender has to wait for an acknowledgment of
every frame that it sends. It sends a frame, waits for acknowledgment, then it sends another
frame, and again, waits for acknowledgment.
Operations:
1. Sender: Transmit a single frame
2. Receiver: Transmit acknowledgment (ACK)
3. Goto 1.
The trouble with this scheme is that it’s very slow. For every frame that is sent, there needs
to be an acknowledgment, which takes a similar amount of propagation time to get back to
the sender. The advantage is simplicity.
Sliding Window
22 Diploma – Computer Networks
Accredited Course Provider
The whole idea behind Sliding Window is not to wait for an acknowledgment for individual
frames, but to send a few frames (and then get an acknowledgment that acknowledges
several frames at the same time). It works by having the sender and receiver have a
“window” of frames. The sender can send as many frames as would fit into a window.
The receiver, upon receiving enough frames, will respond with an acknowledgment of all
frames up to a certain point in the window. The window it then said to “slide”, and the whole
thing starts again (the sender sends more frames, the receiver gets more frames, sends an
acknowledgment of those frames, etc.) Each frame has to be numbered in relation to the
sliding window. For a window of size N, frames get a number from 0 to N—l. Subsequent
frames get a number mod N.
Error Control
Error control involves retransmission of the lost, damaged, or corrupted frame. The scheme
is called ARQ, for Automatic Repeat Request.
The general scheme works this way:
The sender sends the data. If data arrives without any problems, the receiver sends out an
ACK message (acknowledgment). If the data has a problem (corrupt), the receiver sends out
an NAK (negative acknowledgment). Upon getting a NAK message, the sender retransmits.
There is also a timer; which allows for data retransmission if the original message or ACK or
NAK got lost. There are several forms:
Stop-and-Wait ARQ
Sliding Window ARQ
Stop-and-Wait ARQ
Each frame has an alternating bit (0 or 1). The sender sends out the message, and starts the
timeout counter. If the receiver gets the message without any problems, it sounds out an
ACK message, otherwise it sends out a NAK message.
If the sender gets an NAK message, it retransmits the sent message. If the timer expires
(and no NAK nor ACK arrived) then the sender retransmits the frame. If it happened that the
message was received fine, but the ACK got lost, then the even/odd bit in the data frame will
alert the receiver to the duplicate frame.
Below are figures showing the working of the Stop and Wait ARQ in the without error
scenario and with error scenario
Diploma – Computer Networks 23
Accredited Course Provider
Stop and Wait: When No error Stop and Wait: Packet Loss and Time out
Sliding Window ARQ
There are two categories of Sliding Window ARQ: Go-back-n, and Selective reject. Both of
these schemes keep a copy of all the sent frames until they have been acknowledged.
The receiver has the option of responding with a ACK (acknowledgment) or NAK (negative
acknowledgment). Each frame needs to be numbered. The ACK indicates the next expected
frame number, while a NAK identifies the broken frame that needs to be resent. There is also
a timer, in case the sender doesn’t hear an ACK or NAK, the sender will resend the data
from the last time it got an ACK or a NAK.
Go-back-n
In the Go-back-n scheme, upon an error, the sender retransmits all the frames that
came after the error. For example, sender may send frames 1,2,3,4 and get an NAK
with a value of 2. The NAK acknowledges everything that came before it, and asks for
frame 2 (and subsequent frames) to be resent.
24 Diploma – Computer Networks
Accredited Course Provider
Selective reject
Selective reject allows the sender to reject any particular frame, without having the sender
resend all the following frames. For example, the sender may send frames 1,2,3,4 and the
receiver may send a NAK with value of 2. At which point, the sender retransmits frame 2. If
frames 3,4 were received without any problems, then the receiver acknowledges them with a
ACK 4 (note that ACK now points to the last successful frame, as opposed to the next
expected frame).
In order to support Selective reject, the sender needs hasn’t been acknowledged yet. The
receiver also (rearranging) logic to be able to re-order frames that to maintain all data that
needs to have sorting may have arrived out of sequence (or some frames that were
damaged and retransmitted out of sequence). The sender needs to be able to find any
particular frame for retransmission.
3.5. IP Addressing
An IP address is an identifier for a computer or device on a TCP/IP network. Networks using
the TCP/IP protocol route messages based on the IP address of the destination. The format
of an IP address is a 32-bit numeric address written as four numbers separated by periods.
Each number can be zero to 255. For example, 192.168.10.113 could be an IP address.
Diploma – Computer Networks 25
Accredited Course Provider
There are 5 different address classes. You can determine which class any IP address is in by
examining the first 4 bits of the IP address.
Class A 1.0.0.1 - 126.255.255.254
Class B 128.1.0.1 - 191.254.255.254
Class C 192.0.1.1 - 223.255.254.254
Class D 224.x.x.x
Class E 240.x.x.x
Addresses beginning with 01111111 or 127 decimal are reserved for loopback and for
internal testing on a local machine. [You can test this: you should always be able to ping
127.0.0.1, which points to yourself]. Class D addresses are reserved for multicasting.
Class E addresses are reserved for future use.
The Internet Assigned Numbers Authority (lANA) has reserved the following three blocks of
the IP address space for private internets (local networks):
An IP Address consists of two parts:
The first part of an Internet address identifies the network on which the host resides, while
the second part identifies the particular host on the given network.
The network address (which can also be called the network number) uniquely identifies each
network. Every machine on the same network shares that network address as part of its IP
address. In the IP address 172.16.30.56, for example, 172.16 is the network address. The
node address is assigned to, and uniquely identifies, each machine on a network. This part
of the address must be unique because it identifies a particular machine. This number can
also be referred to as a host address. In the sample IP address 172.16.30.56, the 30.56 is
the node address.
The designers of the Internet decided to create classes of networks based on network size.
For the small number of networks possessing a very large number of nodes, they created the
rank Class A network. At the other extreme is the Class C network, which is reserved for the
26 Diploma – Computer Networks
Accredited Course Provider
numerous networks with a small number of nodes. The class distinction for networks
between very large and very small is predictably called the Class B network.
126 Class A networks total, each with 16,777,214 hosts (256 3 - 2).
16,382 Class B networks total, each with 65,534 hosts (2562 - 2).
2,097,150 Class C networks total, each with 254 hosts.
Internet standards define the following types of IPv4 addresses:
• Unicast
Assigned to a single network interface located on a specific subnet; used for one-to-one
communication.
• Multicast
Assigned to one or more network interfaces located on various subnets; used for one- to-
many communication. (These are packets sent from a single source, and transmitted to
many devices on different networks.)
IPv4 uses multicast addresses to deliver single packets from one source to many
destinations. On an IPv4 intranet that is enabled for multicast, routers forward an IPv4 packet
addressed to an IPv4 multicast address to the subnets on which hosts are listening to the
traffic sent to the IPv4 multicast address.
Diploma – Computer Networks 27
Accredited Course Provider
• Broadcast
Assigned to all network interfaces located on a subnet; used for one-to-everyone on a subnet
communication. (A data frame or packet that is transmitted to every node on the local
network segment)
Subnet Mask - Blocks part of the IP address to distinguish the network ID from the Host ID.
This will determine if the TCP/IP clients are on the same network or on a remote network. An
example of a subnet mask is 255.255.255.0. An improper Subnet mask can cause
connectivity problems. (The subnet mask is used to determine where the network number in
an IP address ends and the node number in an IP address begins).
The diagram below shows two networks interconnected through a router
For what class do they belong?
Subnetting
Subnetting allows you to create multiple logical networks that exist within a single Class A, B,
or C network. If you do not subnet, you will only be able to use one network from your Class
A, B, or C network, which is unrealistic.
Each data link on a network must have a unique network ID, with every node on that link
being a member of the same network. If you break a major network (Class A, B, or C) into
smaller subnetworks, it allows you to create a network of interconnecting subnetworks. Each
data link on this network would then have a unique network / subnetwork ID.
IP Addressing without Subnets
IP Addressing without Subnets
28 Diploma – Computer Networks
Accredited Course Provider
To subnet a network, extend the natural mask using some of the bits from the host ID portion
of the address to create a subnetwork ID. For example, given a Class C network of
204.15.5.0 which has a natural mask of 255.255.255.0, you can create subnets in this
manner:
204.15.5.0 - 11001100.00001111.00000101.00000000
255.255.255.224 - 11111111.11111111.11111111.11100000
--------------------------------------|sub|-------
By extending the mask to be 255.255.255.224, you have taken three bits (indicated by “sub”)
from the original host portion of the address and used them to make subnets. With these
three bits, it is possible to create eight subnets. With the remaining five host ID bits, each
subnet can have up to 32 host addresses, 30 of which can actually be assigned to a device
since host ids of all zeros or all ones are not allowed (it is very important to remember this).
So, with this in mind, these subnets have been created.
204.15.5.0 255.255.255.224 host address range 1 to 30
204.15.5.32 255.255.255.224 host address range 33 to 62
204.15.5.64 255.255.255.224 host address range 65 to 94
204.15.5.96 255.255.255.224 host address range 97 to 126
204.15.5.128 255.255.255.224 host address range 129 to 158
204.15.5.160 255.255.255.224 host address range 161 to 190
204.15.5.192 255.255.255.224 host address range 193 to 222
204.15.5.224 255.255.255.224 host address range 225 to 254
There are two ways to denote these masks. First, since you are using three bits more than
the “natural” Class C mask, you can denote these addresses as having a 3-bit subnet mask.
Or, secondly, the mask of 255.255.255.224 can also be denoted as /27 as there are 27 bits
that are set in the mask.
The more host bits you use for a subnet mask, the more subnets you have available.
However, the more subnets available, the less host addresses available per subnet. For
example, a Class C network of 204.17.5.0 and a mask of 255.255.255.224 (/27) allows you
to have eight subnets, each with 32 host addresses (30 of which could be assigned to
devices).
204.15.5.0 — 11001100.00001111.00000101.00000000
255.255.255.240 — 11111111.11111111.11111111.11110000
------------------------------------------|sub|-------
Diploma – Computer Networks 29
Accredited Course Provider
Since you now have four bits to make subnets with, you only have four bits left for host
addresses. So in this case you can have up to 16 subnets, each of which can have up to 16
host addresses (14 of which can be assigned to devices).
CIDR
Classless Interdomain Routing (CIDR) was introduced to improve both address space
utilization and routing scalability in the Internet. It was needed because of the rapid growth of
the Internet and growth of the IP routing tables held in the Internet routers.
CIDR moves way from the traditional IP classes (Class A, Class B, Class C, and so on). In
CIDR, an IP network is represented by a prefix, which is an IP address and some indication
of the length of the mask. Length means the number of left-most contiguous mask bits that
are set to one. So network 172.16.0.0 255.255.0.0 can be represented as 172.16.0.0/16.
CIDR also depicts a more hierarchical Internet architecture, where each domain takes its IP
addresses from a higher level. This allows for the summarization of the domains to be done
at the higher level. For example, if an ISP owns network 172.16.0.0/16, then the ISP can
offer 172.16.1.0124, 172.16.2.0/24,and so on to customers. Yet, when advertising to other
providers, the ISP only needs to advertise
172.16.0.0/16.
Currently there are two types of Internet Protocol (IP) addresses in active use: IP version 4
(IPv4) and IP version 6 (IPv6). IPv4 was initially deployed on 1 January 1983 and is still the
most commonly used version. IPv4 addresses are 32-bit numbers often expressed as 4
octets in “dotted decimal” notation (for example, 192.0.32.67). Deployment of the IPv6
protocol began in 1999. IPv6 addresses are 128-bit numbers and are conventionally
expressed using hexadecimal strings (for example, 1080:0:0:0:8:800:200C:4 1 7A).
Some fey features of IPv6:
• Larger IP address space. IPv4 uses only 32 bits for IP address space, IPv6 allows
128 bits for IP address space.
• Autoconfiguration. With IPv4, DHCP exists but is optional. With IPv6, a “stateless
host autoconfiguration” mechanism is mandatory.
• Security. With IPv4, IPsec is optional and you need to ask the peer if it supports
IPsec. With lPv6, IPsec support is mandatory. By mandating IPsec, we can assume
that you can secure your IP communication whenever you talk to JPv6 devices.
• Multicast. Multicast is mandatory in lPv6, which was optional in IPv4. The lPv6 base
specifications themselves extensively use multicast.
• Designed for less operation cost in routers
• Simplified header structures. IPv6 has simpler packet header structures than IPv4.
It will allow future vendors to implement hardware acceleration for IPv6 routers
easier.
• Can coexist with IPv4 network
• Header Checksum. IPv4 header includes a checksum where as IPv6 header does
not include a checksum.
• Only needs software update in most cases (You do not need to buy new routers)
In IPv6, the notation has been devised for writing 16 byte address. They are written as eight
groups of four hexadecimal digits with colons between the groups. Like this:
30 Diploma – Computer Networks
Accredited Course Provider
8000:0000:0000:0000:0123 :4567:89AB:CDEF
Since many addresses will have many zeros inside them, three optimizations have been
authorized. First, leading zeros within a group can be omitted, so 0123 can be written as 123.
Second, one or more groups of 16 zero bits can be replaced by a pair of colons. Thus the
above address now becomes:
8000::123:4567:89AB:CDEF
Discuss - The use of:
DHCP (Dynamic Host Configuration Protocol) — for automatic IP addressing. DNS
(Domain Name System) — for name resolution.
Tutorial
1. Which P address should be assigned to the PC host?
A. 192.168.5.5
B. 192.168.5.32
C. 192.168.5.40
D. 192.168.5.63
E. 192.168.5.75
Show the working:
2. If a host on a network has the address 172.16.45.14/30, what is the address of the
subnetwork to which this host belongs?
A. 172.16.45.0
B. 172.16.45.4
C. 172.16.45.8
D. 172.16.45.12
E. 172.16.45.18
3. Which two of the addresses below are available for host addresses on the subnet
192.168.15.19/28? (Select two answer choices)
A. 192.168.15.17
B. 192.168.15.14
Diploma – Computer Networks 31
Accredited Course Provider
C. 192.168.15.29
D. 192.168.15.16
E. 192.168.15.31
F. None of the above
4. You have a Class C network, and you need ten subnets. You wish to have as many
addresses available for hosts as possible. Which one of the following subnet masks
should you use?
A. 255.255.255.192
B. 255.255.255.224
C. 255.255.255.240
D. 255.255.255.248
E. None of the above
5. How many subnetworks and hosts are available per subnet if you apply a /28 mask to
the 210.10.2.0 class C network?
A. 30 networks and 6 hosts.
B. 6 networks and 30 hosts.
C. 8 networks and 32 hosts.
D. 32 networks and 18 hosts.
E. 14 networks and 14 hosts.
F. None of the above
6. A network administrator is adding host PC3 to the network shown in the exhibit.
Which P address can be assigned this host on this network?
A. 192.1.1.14 PC3 ?
B. 192. 1.1.18 192.1.1.22
255.255.255.240
C. 192.1.1.20
D. 192. 1. 1.30 PC1 PC2
E. 192.1.1.31 192.1.1.20
F. 192. 1. 1.36 255.255.255.240
7. What is the subnetwork address for a host with the IP address 201.100.5.68/28?
A. 201.100.5.0
B. 201.100.5.32
C. 201.100.5.64
D. 201. 100.5.65
E. 201. 100.5 .31
F. 201.100.5.1
32 Diploma – Computer Networks
Accredited Course Provider
8. A network consists of 5 different departments as shown below:
Departments
Stock_Con. Accounts IT Sales HR
(7 Users) (15 Users) (16 Users) (13 Users) (7 Users)
You are a systems administrator and you’ve just acquired a new Class C P network. Which
of one of the subnet masks below is capable of providing one useful subnet for each of the
above departments while still allowing enough usable host addresses to meet the needs of
each department?
A. 255.255.255. 128
B. 255.255.255. 192
C. 255.255.255.224
D. 255.255.255.240
E. 255.255.255.248
F. 255.255.255.252
Diploma – Computer Networks 33
Accredited Course Provider
34 Diploma – Computer Networks
Accredited Course Provider
4. Network Components
4.1. Hubs, Repeaters:
A hub is really a multiple-port repeater. A repeater receives a digital signal and reamplifies or
regenerates that signal, and then forwards the digital signal out all active ports without
looking at any data. An active hub does the same thing. Any digital signal received from a
segment on a hub port is regenerated or reamplified and transmitted out all ports on the hub.
This means all devices plugged into a hub are in the same collision domain as well as in the
same broadcast domain.
Hubs, like repeaters, don’t actually examine any of the traffic as it enters. and is then
transmitted out to the other parts of the physical media.
4.2. Switches
By default, switches break up collision domains but are one large broadcast domain.
Switches aren’t used to create internetworks, they’re employed to add functionality to an
internetwork LAN. The main purpose of a switch is to make a LAN work better, to optimize its
performance, providing more bandwidth for the LAN’s users.
And switches don’t forward packets to other networks as
routers do. Instead, they only “switch” frames from one port
to another within the switched network. A switch is basically
just a multiple-port bridge.
Diploma – Computer Networks 35
Accredited Course Provider
4.3. Bridges
The bridge provides a means of interconnecting similar LANs. Bridges function at the Data
Link layer, layer 2 of the OSI reference model. The bridge is designed for use between local
area networks (LAN5) that use identical protocols for the physical and link layers (e.g., all
conforming to IEEE 802.3). Because the devices all use the same protocols, the amount of
processing required at the bridge is minimal. More sophisticated bridges are capable of
mapping from one MAC format to another (e.g., to interconnect an Ethernet and a token ring
LAN).
Because the bridge is used in a situation in which all the LANs have the same
characteristics, the reader may ask, why not simply have one large LAN? Depending on
circumstance, there are several reasons for the use of multiple LANs connected by bridges:
✓ Reliability: The danger in connecting all data processing devices in an organization to
one network is that a fault on the network may disable communication for all devices.
By using bridges, the network can be partitioned into self-contained units.
✓ Performance: In general, performance on a LAN declines with an increase in the
number of devices or the length of the wire. A number of smaller LANs will often give
improved performance.
✓ Security: The establishment of multiple LANs may improve security of
communications. It is desirable to keep different types of traffic (e.g., accounting,
personnel, strategic planning) that have different security needs on physically
separate media. At the same time, the different types of users with different levels of
security need to communicate through controlled and monitored mechanisms.
✓ Geography: Clearly, two separate LANs are needed to support devices clustered in
two geographically distant locations.. Even in the case of two building separated by a
highway, it may be far easier to use a microwave bridge link than to attempt to string
coaxial cable between the two buildings.
Functions of a Bridge:
The diagram illustrates the action of a bridge connecting two LANs, A and B, using the same
MAC protocol. In this example, a single bridge attaches to both LANs; frequently, the bridge
function is performed by two “half-bridges,” one on each LAN. The functions of the bridge are
few and simple:
✓ Read all frames transmitted on A and accept those addressed to any station on B.
✓ Using the medium access control protocol for B, retransmit each frame on B.
✓ Do the same for B-to-A traffic.
The diagram illustrates a bridge operation:
36 Diploma – Computer Networks
Accredited Course Provider
4.4. Routers
Routers are used to connect networks together and route packets Cisco 800 Series
of data from one network to another. Routers, by default, break up
a broadcast domain.
A router creates & maintains a table of the available routes and
their conditions and use this information along with distance and
cost algorithms to determine the best route for a given packet.
Typically, a packet may travel through a number of network points
with routers before arriving at its destination.
Cisco 2600 Moduler
Gateway Series
Often used as a connection to a mainframe or the Internet. Gateways enable
communications between different protocols, data types and environments. This is achieved
via protocol conversion, whereby the gateway strips the protocol stack off of the packet and
adds the appropriate stack for the other side. Gateways operate at all layers of the OSI
model without making any forwarding decisions.
Discuss –
L3 Switches
VLAN (Virtual LAN)
Tutorial
Diploma – Computer Networks 37
Accredited Course Provider
See how the network devices are used in these diagrams:
Discuss: The use of the Gateway, an ADSL splitter.
Differences between a Hub and a Switch
38 Diploma – Computer Networks
Accredited Course Provider
5. Digital Communication
5.1. Transmission media
Guided - Wire
Twisted pair
Coaxial cable
Fiber optics
Unguided – Wireless
Radio waves
Microwaves
Satellite
Infrared
Bluetooth
Twisted pair
o Is the most common medium.
o Is mainly used in Star topology networks.
o Cheap and easy to work with
o There are several categories available in Twisted pairs
Eg. CAT1, CAT2, CAT5, CAT5E
Coaxial cable
• Is mainly used in Bus topology networks.
• Television
–Ariel to TV
–Cable TV
• Coaxial cable are in two categories:
–Thin coaxial
–Thick coaxial
• Difficult to handle, install and troubleshoot.
An early cable television system using Coaxial cable:
Diploma – Computer Networks 39
Accredited Course Provider
Fiber optics
• Signals are sent as light beams and transmitted over a glass fiber
• Fiber optic technology offers high bandwidth
• Optical fibers come in two types:
–Single-mode
–Multi-mode
Eg. SLT
Four types of cabling:
The three wiring schemes:
40 Diploma – Computer Networks
Accredited Course Provider
Unguided media:
Radio waves
- Omni directional
- Suffers from interference
Microwave
- Microwares travel nearly in a straight line.
- Tall building is a barrier
- 100 Meter high towers, repeaters for every 80 KM
- Is widely used for mobile phone, television etc.
Satellite
- Used for long distance telephone
- Television
- Private business networks
Infrared
- Is limited for a small area. E.g. a room
- Walls/barriers will block the signals
- Mainly used for TV remote control, IRD port
Microwave & Satellite communication
Diploma – Computer Networks 41
Accredited Course Provider
Bluetooth
So many new users have hard time plugging all the cables in to the right ports of the
computer, consequently some companies got together to design a short-range wireless
network called Bluetooth to connect these components without wires. Bluetooth also allows
digital cameras, headsets, scanners, mobile phones and other devices to connect to a
computer with no cables, no driver installation, just put them down, turn them on, and they
work.
A Bluetooth configuration and a wireless LAN
Discuss -
Last mile technologies:
Wired - XDSL, FTTH
Wireless - WiMAX, GPRS, EDGE, HSDPA (2G / 3G)
42 Diploma – Computer Networks
Accredited Course Provider
5.2. Data Encoding Techniques
In order to transport digital bits of data across carrier waves, encoding techniques have been
developed. None of the versions of Ethernet uses straight binary encoding with 0 volts for a 0
bit and 5 volts for a 1 bit.
Manchester Encoding
Manchester encoding is a synchronous clock encoding technique used by the OSI physical
layer to encode the clock and data of a synchronous bit stream.
With Manchester encoding each bit period is divided into two equal intervals. A binary 1 bit is
sent by having the voltage set high during the first interval and low in the second one. A 0 is
just the reverse, first low and then high. A disadvantage of Manchester encoding is that it
requires twice as much bandwidth as straight binary encoding because the pulses are half
the width.
Differential Manchester
Differential Manchester is a variation of basic Manchester encoding. It changes its signaling
state only when there is a change in data that differs from the prior bit. The differential
scheme requires more complex equipment but offers better noise immunity.
All Ethernet systems uses Manchester encoding due to its simplicity, but Token ring IEEE
802.5 uses Differential Manchester.
The following is an example illustrating the encoding scheme:
Diploma – Computer Networks 43
Accredited Course Provider
5.3. Multiplexing
Multiplexing is the set of techniques that allows the simultaneous transmission of multiple
signals across a single data link. Whenever the transmission capacity of a medium linking
two devices is greater than the transmission needs of the devices, the link can be shared in
order to maximize the utilization of the link, much as one cable can carry a hundred channels
of TV.
(a (b
) A A ) A A
Trunk
B B B MUX MUX B
C C C C
Time Division Multiplexing – TDM
Time Division Multiplex (TDM) is a technique of transmitting multiple digitized data, voice,
and video signals simultaneously over one communication media by interleaving pulses
representing bits from different channels or time slots.
Most of the digital transmission systems which are in service today operate on a concept
called Time Division Multiplexing (TDM). The operation of TDM is very simple. A piece of
equipment called a multiplexor collects bits (0 and 1's) of information from several interfaces.
It "multiplexes" the bits received from several interfaces into a single bit stream which will be
transmitted onto a single high speed interface. Likewise, when the multiplexor receives data
on the high speed interface, it will "demultiplex" the data stream into one or more individual
data interfaces.
Wavelength-Division Multiplexing (WDM)
44 Diploma – Computer Networks
Accredited Course Provider
Wavelength Division Multiplexing (WDM) is a technique that multiple signals are carried
together as separate wavelengths of light in a multiplexed signal. WDM is used in optical
fiber networks. WDM and FDM (Frequency Division multiplex) are both based on the same
principles but WDM applies to wavelengths of light in optical fiber while FDM is used in
electrical analog transmission. A WDM optical system using a diffraction grating is
completely passive, unlike electrical FDM, and thus is highly reliable. Further, a carrier wave
of each WDM optical channel is higher than that of an FDM channel by a million times in
frequency (THz versus MHz).
Wavelength Division Multiplexer is a device that combines optical signals from multiple
different single-wavelength end devices onto a single fiber. Wavelength Division Multiplexer
carries two to four wavelengths per fiber. Typically, the same device can also perform the
reverse process with the same WDM techniques: de-compose the data stream with multiple
wavelength into multiple single wavelength data streams, a process call de-multiplexing.
Therefore, it is very often a Wavelength Division Multiplexer and Demultiplexer are in the
same box.
WDM: Wavelength Division Multiplex and Multiplexer
Frequency-Division Multiplexing (FDM)
Frequency Division Multiplexing (FDM) is a technique the carrier bandwidth is divided into
sub-channels of different frequency widths, each carrying a signal at the same time in
parallel. Each channel is 30 kHz. All the signals may be amplified, conducted, translated in
frequency and routed toward a destination as a single signal, resulting in economies which
are the motivation for multiplexing. Receivers at the receiving end separates the multiplexed
signals by means of frequency passing or rejecting filters, and demodulates the results
individually, each in the manner appropriate for the modulation scheme used for that band or
group.
FDM is used in analog transmission such as twisted pair telephone line, cable access,
cellular, radio and TV communications. TDMA and CDMA are always used in combination
with FDMA, i.e., a given frequency channel may be used for either TDMA or CDMA
independently of signals on other frequency channels.
Where frequency division multiplexing is used as to allow multiple users to share a physical
communications channel, it is called frequency division multiple access (FDMA). FDMA
Diploma – Computer Networks 45
Accredited Course Provider
analog transmissions are the least efficient networks since each analog channel can only be
used one user at a time. Analog channels don't take full advantage of band-width. Analog
signals are especially susceptible to noise and the extra noise cannot get filtered out.
FDM: Frequency Division Multiplex
5.4. Modulation
Digital Data, Analog Signals
The most familiar use of this transformation is for transmitting digital data through the public
telephone network. The telephone network was designed to receive, switch, and transmit
analog signals in the voice-frequency range of about 300 to 3400 Hz. It is not at present
suitable for handling digital signals from the subscriber locations (although this is beginning
to change). Thus digital devices are attached to the network via a modem (modulator-
demodulator), which converts digital data to analog signals, and vice versa.
For the telephone network, modems are used that produce signals in the voice-frequency
range. The same basic techniques are used for modems that produce signals at higher
frequencies (e.g., microwave).
Modulation involves operation on one or more of the three characteristics of a carrier signal:
amplitude, frequency, and phase. Accordingly, there are three basic encoding or modulation
techniques for transforming digital data into analog signals.
The below diagram shows how digital data is encoded by modulating one of the three
characteristics of the carrier: amplitude, frequency, or phase or some combination of these.
46 Diploma – Computer Networks
Accredited Course Provider
5.5. Types of Services
There are two types of Network Services, connection-oriented and connectionless.
Connection-oriented service (or Virtual Circuit) is modelled after the telephone system. To
talk to someone, you pick up the phone, dial the number, talk, and then hang up. Similarly, to
use a connection-oriented network service, the service user:
1. First establishes a connection,
2. Uses the connection,
3. Releases the connection.
The essential aspect of a connection is that it acts like a tube: the sender pushes objects
(bits) in at one end, and the receiver takes them out at the other end. In most cases the order
is preserved so that the bits arrive in the order they were sent.
In some cases when a connection is established, the sender, receiver, and subnet conduct a
negotiation about parameters to be used, such as maximum message size, quality of service
required, and other issues. Typically, one side makes a proposal and the other side can
accept it, reject it, or make a counterproposal. The Transmission Control Protocol (TCP) is a
connection-oriented protocol.
In contrast, connectionless service (or Datagram) is modelled after the postal system. This
does not require a session connection between the sender and receiver. The sender simply
starts sending packets to the destination. Each message (letter) caries the full destination
addresses and each one is routed through the system independent of all the others.
Normally, when two messages are sent to the same destination, the first one sent will be the
Diploma – Computer Networks 47
Accredited Course Provider
first one to arrive. However, it is possible that the first one sent can be delayed so that the
second one arrives first.
Each service can be characterized by a quality of service. Some services are reliable in the
sense that they never lose data. Usually, a reliable service is implemented by having the
receiver acknowledge the receipt of each message so the sender is sure that it arrived. The
acknowledgement process introduces overhead and delays, which are often worth it but are
sometimes undesirable.
A typical situation in which a reliable connection-oriented service is appropriate is file
transfer. The owner of the file wants to be sure that all the bits arrive correctly and in the
same order they were sent. Very few file transfer customers would prefer a service that
occasionally scrambles or loses a few bits, even if it is much faster.
Reliable connection-oriented service has two minor variations: message sequences and byte
streams. In the former variant, the message boundaries are preserved. When two 1024-byte
messages are sent, they arrive as two distinct 1024-byte messages, never as one 2048-byte
message. In the latter, the connection is simply a stream of bytes, with no message
boundaries. When 2048 bytes arrive at the receiver, there is no way to tell if they were sent
as one 2048-byte message, two 1024-byte messages, or 2048 1-byte messages.
Unreliable (meaning not acknowledged) connectionless service is often called datagram
service, in analogy with telegram service, which also does not return an acknowledgement to
the sender. The User Datagram Protocol (UDP) is a connectionless protocol.
48 Diploma – Computer Networks
Accredited Course Provider
6. Wide Area Networks
6.1. Characteristics of WAN
• A WAN is a network in a large geographical location, maybe across cities or
countries.
• Crosses the public ‘right of way’
• Is usually owned by a service provider
• More expensive and complicated than a LAN.
• X.25, Frame Relay, ISDN and ATM are some WAN technologies.
6.2. Switching technologies
A switched network goes through a switch instead of a router. This actually is the way most
networks are headed, toward flat switches on VLANs instead of routers. Long distance
transmission is typically done over a network of switched nodes
6.2.1. Circuit Switching
• Originated in public telephone networks.
• Well suited to analog transmission of voice signal.
• Dedicated communication path between two stations.
Three phases
1. Establish
2. Transfer
3. Disconnect
• Must have switching capacity and channel capacity to establish connection
• Must have intelligence to work out routing
• Once connected, transfer is transparent
• Developed for voice traffic (phone)
• Inefficient - Channel capacity dedicated for duration of connection. If no data, capacity
wasted.
• Set up (connection) takes time
Diploma – Computer Networks 49
Accredited Course Provider
Blocking or Non-blocking Circuit Switching
1. Blocking
• A network may not be able to connect stations because all paths are in use
(more stations than path)
• Used on voice systems (Short duration calls)
2. Non-blocking
• Permits all stations to connect (in pairs) at once (at least as many paths as
stations)
• Used for some data connections
6.2.2. Message Switching
An alternative switching strategy is message switching. When this form of switching is used,
no physical path is established in advance between sender and receiver. Instead, when the
sender has a block of data to be sent, it is stored in the first switching office (i.e., router) and
then for warded later, one hop at a time. Each block is received in its entirety, inspected for
errors, and then retransmitted. A network using this technique is called a store-and-forward
network.
A circuit switching and packet switching technique is shown below:
6.2.3. Packet Switching
• Data transmitted in small packets.
— Longer messages are split into series of packets
— Each packet contains a portion of user data plus some control info. Control
info - Routing (addressing) info.
50 Diploma – Computer Networks
Accredited Course Provider
• Packets are received, stored briefly (buffered) and passed on to the next node (Store
and forward).
The differences of circuit switching and packet switching are:
Types of Service in a Packet Switched Network
Packets are handled in two ways:
I. Datagram
• Each packet is treated independently
• Packets can take any practical route
• Packets may arrive out of order.
• No sequencing is guaranteed.
• Packets may go missing
• Up to receiver to re-order packets and recover from missing packets
• A datagram service is similar to a mail-service. Each packet is treated as a
completely different entity and is routed independently.
• Reliable delivery may or may not be guaranteed.
The diagram below explains a Datagram environment:
Diploma – Computer Networks 51
Accredited Course Provider
II. Virtual Circuit
• Preplanned route established before any packets sent
• Appears to be similar to circuit switched in that all data is received in order sent.
• Call request and call accept packets establish connection (handshake)
• No routing decisions required for each packet
• Each connection is associated with a particular virtual circuit identifier.
• Provides error and flow control
• Clear request to drop circuit
• Not a dedicated path
The diagram below explains a Virtual Circuit environment:
52 Diploma – Computer Networks
Accredited Course Provider
Circuit Switching (a), Message Switching (b) and Packet Switching (c) are illustrated
below:
Diploma – Computer Networks 53
Accredited Course Provider
6.3. X.25
X.25 is an International Telecommunication Union - Telecommunication Standardization
Sector (ITU-T) protocol standard for WAN communications that defines how connections
between user devices and network devices are established and maintained. X.25 is designed
to operate effectively regardless of the type of systems connected to the network. It is
typically used in the packet-switched networks (PSNs) of common carriers, such as the
telephone companies. Subscribers are charged based on their use of the network. The
development of the X.25 standard was initiated by the common carriers in the 1970s. At that
time, there was a need for WAN protocols capable of providing connectivity across public
data networks (PDNs). X.25 is now administered as an international standard by the ITU-T.
X.25 network devices fall into three general categories: data terminal equipment (DTE), data
circuit-terminating equipment (DCE), and packet-switching exchange (PSE). Data terminal
equipment devices are end systems that communicate across the X.25 network. They are
usually terminals, personal computers, or network hosts, and are located on the premises of
individual subscribers. DCE devices are communications devices, such as modems and
packet switches that provide the interface between DTE devices and a PSE, and are
generally located in the carrier's facilities. PSEs are switches that compose the bulk of the
carrier's network. They transfer data from one DTE device to another through the X.25 PSN.
The below diagram illustrates the relationships among the three types of X.25 network
devices.
X.25 Virtual Circuits
A virtual circuit is a logical connection created to ensure reliable communication between two
network devices. A virtual circuit denotes the existence of a logical, bidirectional path from
one DTE device to another across an X.25 network. Physically, the connection can pass
through any number of intermediate nodes, such as DCE devices and PSEs. Multiple virtual
circuits (logical connections) can be multiplexed onto a single physical circuit (a physical
connection). Virtual circuits are demultiplexed at the remote end, and data is sent to the
appropriate destinations.
The diagram below illustrates four separate virtual circuits being multiplexed onto a single
physical circuit.
54 Diploma – Computer Networks
Accredited Course Provider
X.25 comes with three levels based on the first three layers of the Open Systems
Interconnection (OSI) seven layers architecture as defined by the International Standard
Organization (ISO).
The levels are:
• The Physical Level describes the interface with the physical environment. It is similar
to the Physical Layer in the OSI model.
• The Link Level responsible for the reliable communication between the DTE and the
DCE. It is similar to the Data Link Layer in the OSI model.
• The Packet Level describes the data transfer protocol in the packet switched network.
It is similar to the Network Layer in the OSI model.
6.4. Frame relay
Frame Relay has become one of the most popular WAN services deployed over the past
decade. There are good reasons for this, but primarily it has to do with cost. Frame Relay
technology frequently saves money over alternatives.
Frame Relay is a packet-switched technology that emerged in the early 1990s, Frame Relay
is a Data Link and Physical layer specification that provides high performance. Frame Relay
is a successor to X.25, except that much of the technology in X.25 used to compensate for
Diploma – Computer Networks 55
Accredited Course Provider
physical errors (noisy lines) has been eliminated. Frame Relay can be more cost-effective
than point-to-point links, and can typically run at speeds of 64Kbps up to 45Mbps (T3).
Frame Relay provides features for dynamic bandwidth allocation and congestion control. The
below diagram elaborates a frame relay environment.
Frame Relay relies on the customer equipment to perform end to end error correction. Each
switch inside a frame relay network just relays the data (frame) to the next switch. X.25, in
contrast, performs error correction from switch to switch. The networks of today are
sufficiently error free to move the burden of error correction to the end points.
Frame Relay works by providing a portion of dedicated bandwidth to each user, and also
allowing the user to exceed their guaranteed bandwidth if resources on the tele com network
are available. So basically, Frame Relay providers allow customers to buy a lower amount of
bandwidth than what they really use. There are two separate bandwidth specifications with
Frame Relay:
CIR committed information rate: Averaged over a minimum span of time and measured in
bps, a Frame Relay network’s agreed-upon minimum rate of transferring information.
Access rate The maximum speed at which the Frame Relay interface can transmit.
If these two values are the same, the Frame Relay connection is pretty much just like a
leased line. However, they can also be set to different values. Here’s an example: Let’s say
that you buy an access rate of T1 (1.544Mbps) and a CIR of 256Kbps. By doing this, the first
256Kbps of traffic you send is guaranteed to be delivered. Anything beyond that is called a
“burst,” which is a transmission that exceeds your guaranteed 256Kbps, and can be any
amount up to the T1 access rate
Virtual Circuits
Frame Relay operates using virtual circuits, as opposed to real circuits that leased lines use.
These virtual circuits are what link together the thousands of devices connected to the
provider’s “cloud.” Assuming that you want to connect two LANs in two cities, you want these
56 Diploma – Computer Networks
Accredited Course Provider
routers to connect to each other. That is, you want a circuit between them. Frame Relay
provides a virtual circuit to be established between your two DTE devices making them
appear to be connected via a circuit, when in reality they are dumping their frames into a
large, shared infrastructure. You never see the complexity of what is happening inside the
cloud because you have a virtual circuit.
The virtual circuits created in the Frame Relay are shown below:
Advantages of Frame Relay
Frame Relay offers an attractive alternative to both dedicated lines and X.25 networks for
connecting LANs to bridges and routers. The success of the Frame Relay protocol is based
on the following two underlying factors:
• Because virtual circuits consume bandwidth only when they transport data, many
virtual circuits can exist simultaneously across a given transmission line. In addition,
each device can use more of the bandwidth as necessary, and thus operate at higher
speeds.
Diploma – Computer Networks 57
Accredited Course Provider
• The improved reliability of communication lines and increased error-handling
sophistication at end stations allows the Frame Relay protocol to discard erroneous
frames and thus eliminate time-consuming error-handling processing.
These two factors make Frame Relay a desirable choice for data transmission; however,
they also necessitate testing to determine that the system works properly and that data is not
lost.
The following is a comparison of X.25 and Frame Relay layers with the OSI Reference
Model:
A standard Frame Relay frame consist of the following fields:
Flag Address Data FCS Flag
A standard X.25 frame consist of the following fields:
Flag Address Control Data FCS Flag
6.5. ATM
Asynchronous Transfer Mode (ATM) is an International Telecommunication Union-
Telecommunications Standards Section (ITU-T) standard for cell relay where information for
multiple service types, such as voice, video, or data, is conveyed in small, fixed-size cells (a
fixed 53 bytes long).
ATM has been designed to provide a high-speed (multimegabit), low-latency (low overhead)
multiplexing and switching network. The network is multiplexed meaning that it combines
multiple connections onto the same line to take best advantage of network capacity. The
network is switched meaning that it can dynamically configure connections between any two
sites on the network on demand. The ATM network supports any type of traffic including
voice, data, and video applications.
58 Diploma – Computer Networks
Accredited Course Provider
ATM provides no error detection, error correction, or retransmission services. While earlier
networking protocols have/do provide these, it has been determined that today's networking
equipment is quite reliable and therefore these services are no longer needed.
A Private ATM Network and a Public ATM Network:
ATM Virtual Connections
ATM networks are fundamentally connection-oriented, which means that a virtual channel
(VC) must be set up across the ATM network prior to any data transfer. (A virtual channel is
roughly equivalent to a virtual circuit.)
• Transmission Path -
• Virtual channels -
• Virtual paths -
Since ATM networks are connection-oriented, sending data requires first sending a packet to
set up the connection. As the setup packet wends its way through the subnet, all the routers
on the path make an entry in their internal tables noting the existence of the connection and
reserving whatever resources are needed for it. Connections are often called virtual circuits,
in analogy with the physical circuits used within the telephone system. Most ATM networks
also support permanent virtual circuits, which are permanent connections between two
(distant) hosts. They are similar to leased lines in the telephone world. Each connection,
temporary or permanent, has a unique connection identifier. A virtual circuit is illustrated in
below.
Diploma – Computer Networks 59
Accredited Course Provider
Once a connection has been established, either side can begin transmitting data. The basic
idea behind ATM is to transmit all information in small, fixed- size packets called cells. The
cells are 53 bytes long, of which 5 bytes are header and 48 bytes are payload, as shown in
the below diagram.
Part of the header is the connection identifier, so the sending and receiving hosts and all the
intermediate routers can tell which cells belong to which connections. This information allows
each router to know how to route each incoming cell. Cell routing is done in hardware, at
high speed. In fact, the main argument for having fixed-size cells is that it is easy to build
hardware routers to handle short, fixed-length cells. Variable-length IP packets have to be
routed by software, which is a slower process. Another plus of ATM is that the hardware can
be set up to copy one incoming cell to multiple output lines, a property that is required for
handling a television program that is being broadcast to many receivers. Finally, small cells
do not block any line for very long, which makes guaranteeing quality of service easier.
The most common speeds for ATM networks are 155 Mbps and 622 Mbps, although higher
speeds are also supported.
The ATM Reference Model
ATM has its own reference model, different from the OSI model and also different from the
TCP/IP model. It consists of three layers, the physical, ATM, and ATM adaptation layers,
plus whatever users want to put on top of that. The below diagram shows the ATM
Reference Model:
60 Diploma – Computer Networks
Accredited Course Provider
The physical layer deals with the physical medium: voltages, bit timing, and various other
issues. ATM does not prescribe a particular set of rules but instead says that ATM cells can
be sent on a wire or fiber by themselves, but they can also be packaged inside the payload
of other carrier systems. In other words, ATM has been designed to be independent of the
transmission medium.
The ATM layer deals with cells and cell transport. It defines the layout of a cell and tells what
the header fields mean. It also deals with establishment and release of virtual circuits.
Congestion control is also located here. A layer above the ATM layer has been defined to
allow users to send packets larger than a cell.
The ATM interface segments these packets, transmits the cells individually, and reassembles
them at the other end. This layer is the AAL (ATM Adaptation Layer).
Unlike the earlier two-dimensional reference models, the ATM model is defined as being
three-dimensional.
The user plane deals with data transport, flow control, error correction, and other user
functions.
The control plane is concerned with connection management. The layer and plane
management functions relate to resource management and interlayer coordination.
6.6. ISDN
Integrated Services Digital Network (ISDN) is a digital service designed to run over existing
telephone networks. ISDN can support both data and voice. Typical ISDN applications and
implementations include high-speed file transfer, videoconferencing, and multiple links into
homes of telecommuters. The basic structure of ISDN network is as follows:
ISDN is actually a set of communication protocols proposed by telephone companies that
allows them to carry a group of digital services that simultaneously convey data, text, voice,
music, graphics, and video to end users, and it was designed to achieve this over the
Diploma – Computer Networks 61
Accredited Course Provider
telephone systems already in place. ISDN is referenced by a suite of ITU-T standards that
encompass the OSI model’s Physical, Data Link, and Network layers.
ISDN can offer a cost-effective solution for remote users who need a higher-speed
connection than analog dial-up links offer. ISDN is also a good choice as a backup link for
other types of links such as Frame Relay or a T1 connection.
These are the benefits of ISDN:
✓ It can carry voice, video, and data simultaneously.
✓ Call setup is faster than with an analog modem.
✓ Data rates are faster than on an analog modem connection.
✓ Small office and home office sites can be economically supported with ISDN BRI
services.
✓ ISDN can be used as a backup service for a leased-line connection between the
remote and central offices.
✓ Digital transmissions produce clearer and quieter voice telephone service and
more reliable and accurate connectivity than analog technology.
✓ ISDN’s dynamic bandwidth allocation feature accommodates the bandwidth-
intensive applications.
There are two types of ISDN:
1. Basic Rate Interface (BRI) - consists of 2 B-channels and one D-channel for
transmitting control information. This BRI service is intended to meet the needs of
most individual users.
2. Primary Rate Interface (PRI) - consists of 23 B-channels and one D-channel (U.S.) or
30 B-channels and one D-channel (Europe). The PRI is intended for users with
greater capacity requirements.
Basic Rate Interface (BRI)
ISDN Basic Rate Interface (BRI) service, also known as 2B+D, provides two B channels and
one D channel. The BRI B-channel (Bearer channels) service operates at 64Kbps and
carries data, while the BRI D channel service operates at 16Kbps and usually carries control
and signaling information. The total bandwidth for ISDN BRI is then 144Kbps (64 + 64 + 16 =
144).
The D-channel signaling protocols span the OSI reference model’s Physical, Data Link, and
Network layers. The D channel carries signaling information to set up and control calls. The
D channel can also be used for other functions, such as an alarm system for a building or
anything else that doesn’t need much bandwidth, since it’s only giving you a whopping 16K.
ISDN is as easy to use as analog but offers much more. For example, you can utilize the two
64 kbps B channels as individual voice and data lines at the same time. You can use one
channel to talk while you're using the second to send data files.
To set up a BRI and PRI call, four events must take place:
1. The D channel between the router and the local ISDN switch comes up.
62 Diploma – Computer Networks
Accredited Course Provider
2. The ISDN switch uses the SS7 signaling technique to set up a path to a remote
switch.
3. The remote switch sets up the D-channel link to the remote router.
4. The B channels are then connected end-to-end.
The below diagram elaborated the four stages:
Primary Rate Interface (PRI)
In North America and Japan, the ISDN Primary Rate Interface (PRI) also known as 23B+D
service, delivers 23 64Kbps B channels and one 64Kbps D channel, for a total bit rate of
1.544Mbps (T1).
In Europe, Australia, and other parts of the world, ISDN provides 30 64Kbps B channels and
one 64Kbps D channel, for a total bit rate of 2.048Mbps (E1)
H channels provide a way to aggregate B channels. They are implemented as:
• H0=384 kb/s (6 B channels)
• H10=1472 kb/s (23 B channels)
• H11=1536 kb/s (24 B channels)
• H12=1920 kb/s (30 B channels) - International (E1) only
How ISDN works in Brief:
ISDN carries voice and data on bearer (B) channels, which transmit at 64 Kbps each. (H
channels, which are the functional equivalent to B channels, are available and provide faster
bit rates.) A data (D) channel, sometimes referred to as a delta channel, operates at 16 or 64
Kbps and provides signaling to construct and tear down a connection, request network
services, and route data over the B channels. The D channel can also be used to transmit
user packet or frame data at times when bandwidth on the D channel is not required for
signaling and control. Utilizing the D channel in this way provides the most efficient use of
ISDN.
One major advantage of the ISDN architecture is its dynamic bandwidth allocation feature.
Also known as bandwidth-on-demand, inverse multiplexing, and channel aggregation,
Diploma – Computer Networks 63
Accredited Course Provider
dynamic bandwidth allocation is the process of combining any or all of the B channels into a
single broadband conduit.
The original version of ISDN employs baseband transmission. Another version, called B-
ISDN, uses broadband transmission and is able to support transmission rates of 1.5 Mbps.
B-ISDN requires fiber optic cables and is not widely available.
Point-to-Point Dedicated Leased Services
Private leased lines currently make up the majority of all worldwide WAN connections. Point-
to-point leased lines consist of a dedicated digital connection between two points, providing
security and control. Transmission rates vary between 56 Kbps and 1.544 Mbps in the United
States (T1 rates). In Europe, E1 rates deliver between 64 Kbps and 2.048 Mbps. Leased line
services provide a fixed bandwidth at a fixed speed. In many cases, leased lines are used at
under 20 percent of their total capacity. Also, leased lines are not efficient at handling burst
network traffic.
6.7. Narrow band & Broadband
Baseband A feature of a network technology that uses only one carrier frequency. Ethernet
is an example. Also named “narrowband.”
Broadband A transmission methodology for multiplexing several independent signals onto
one cable. In telecommunications, broadband is classified as any channel with bandwidth
greater than 4kHz (typical voice grade In LAN terminology, it is classified as a coaxial cable
on which analog signaling is employed). Also known as wideband.”
6.8. MPLS - Multiprotocol Label Switching
MPLS is an Internet Engineering Task Force (IETF) specified framework that provides
efficient destination, routing, forwarding and switching of traffic flows through the network.
MPLS is focused on adding a label in front of each packet and doing the routing based on
the label rather than on the destination address. Making the label an index into an internal
64 Diploma – Computer Networks
Accredited Course Provider
table makes finding the correct output line becomes just a matter of table lookup. Using this
technique, routing can be done very quickly and any necessary resources can be reserved
along the path.
Routers on the edge of the service provider’s network, known as Provider Edge (or PE)
routers communicate with devices at the customer sites, known as Customer Edge (or CE)
devices. PE routers are the only ones that need to make a forwarding decision based on the
information provided by the CE devices. All other routers in the core of the network, known
as Provider (or P) routers, just use the label forwarding table to select the appropriate Label
Switch Path (LSP) though the network (see Figure 2). A typical scheme to distribute and
exchange labels uses Label Distribution Protocol (LDP).
In MPLS a new MPLS header is added in front of the P header. On a router-to-router line
using PPP as the framing protocol, the frame format, including the PPP, MPLS, IP, and TCP
headers, are seen as follows:
Headers
PPP MPLS IP TCP User Data CRC
20 3 1 8
Lable Qos S TTL
The generic MPLS header has four fields:
1. Label - Which holds the index.
2. QoS- Indicates the class of service.
3. S field - Relates to stacking multiple labels in hierarchical networks.
Diploma – Computer Networks 65
Accredited Course Provider
4. TTL - If it hits 0, the packet is discarded. This feature prevents infinite looping in the
case of routing instability.
One major difference between MPLS and conventional VC designs is how the forwarding
table is constructed. In traditional virtual-circuit networks, when a user wants to establish a
connection, a setup packet is launched into the network to create the path and make the
forwarding table entries. MPLS does not work that way because. Instead, there are two ways
for the forwarding table entries to be created.
Data-driven: when a packet arrives, the first router it hits contacts the router
downstream where the packet has to go and asks it to generate a label for the flow.
This method is applied recursively. Effectively, this is on-demand virtual-circuit
creation.
Control-driven: it has several variants. One of these works like this. When a router is
booted, it checks to see for which routes it is the final destination (e.g., which hosts
are on its LAN). It then creates one or more FECs for them, allocates a label for each
one, and passes the labels to its neighbors. They, in turn, enter the labels in their
forwarding tables and send new labels to their neighbors, until all the routers have
acquired the path. Resources can also be reserved as the path is constructed to
guarantee an appropriate quality of service.
66 Diploma – Computer Networks
Accredited Course Provider
7. Errors
7.1. Transmission impairments
Transmission impairment is a property of a transmission medium which causes the signal to
be degraded, reduced in amplitude, distorted or contaminated. Impairment can introduce
errors into digital signals. Examples of transmission impairments are attenuation, delay
distortion, and several sources of noise including, thermal noise, impulse noise, and inter-
modulation noise.
Impairments exist in all forms of data transmission:
• Analog signal impairments result in random modifications that impair signal quality
• Digital signal impairments result in bit errors (1s and 0s transposed)
Attenuation
• Signal becomes weaker over distance. Amplifiers (analog) and repeaters (digital)
used to strengthen and recover.
• Attenuation distortion is more of a problem with analog signals
Delay Distortion
• Only with cables
• Propagation through a cable is different speeds for different frequencies
• Various components of a signal arrive at receiver at different times
• Effects digital more
Noise
Noise is unwanted sound or an unwanted electrical interference on the signal wires. There
are several types of noises.
• Thermal
• Intermodulation
• Crosstalk
• Impulse
The effect of noise:
Diploma – Computer Networks 67
Accredited Course Provider
• Thermal
– Present in all electronic devices
– Known as white noise
– Cant be eliminated
– From thermal agitation of electrons
• Intermodulation Noise
– Signals of different frequencies share a medium and can produce a new
frequency that is the sum or the difference of the original frequency
• Crosstalk
– Unwanted coupling of signal paths
– Ex. Hear someone else’s conversation on phone
• Impulse
– Irregular pulses, high amplitude, non-continuous
– Ex. Lightning or faults in communication system
– More damaging to digital than analog
– Difficult to deal with.
7.2. Errors Detection & Correction
Errors can occur as either single-bit errors, or burst error. A burst error is a collection of
multiple single error bits in close proximity (in time or in the message stream) to each other.
Error detection is the ability to detect errors that are made due to noise or other impairments
in the course of the transmission from the transmitter to the receiver. Error correction has the
additional feature that enables localization of the errors and correcting them.
Error correction schemes permit error localization but also give the possibility of correcting
errors that have been introduced. Error correction and detection schemes find use in
implementations of reliable data transfer over noisy transmission links, data storage media,
and other applications where the integrity of data is important.
68 Diploma – Computer Networks
Accredited Course Provider
Error correction coding is more sophisticated than error detection coding. Its aim is to detect
and locate errors in transmission.
There are two ways to manage Error Control:
1. Forward Error Control - Additional or redundant information is passed to the
receiver, so it can not only detect, but also correct errors. This requires more
information to be sent and has tradeoffs.
2. Backward Error Control - Enough information is sent to allow the receiver to detect
errors, but not correct them. Upon error detection, retransmission may be requested.
Widely used error detection schemes:
• Parity
• Block Sum Check (BSC)
• Cyclic Redundancy Check (CRC)
7.3. Parity check
In communications, parity checking refers to the use of parity bits to check that data has
been transmitted accurately. The parity bit is added to every data unit (typically seven or
eight bits) that are transmitted. The parity bit for each unit is set so that all bytes have either
an odd number or an even number of set bits.
Assume, for example, that two devices are communicating with even parity (the most
common form of parity checking). As the transmitting device sends data, it counts the
number of set bits in each group of seven bits. If the number of set bits is even, it sets the
parity bit to 0; if the number of set bits is odd, it sets the parity bit to 1. In this way, every byte
has an even number of set bits. On the receiving side, the device checks each byte to make
sure that it has an even number of set bits. If it finds an odd number of set bits, the receiver
knows there was an error during transmission.
The sender and receiver must both agree to use parity checking and to agree on whether
parity is to be odd or even. If the two sides are not configured with the same parity sense,
communication will be impossible.
Parity checking is the most basic form of error detection in communications. Although it
detects many errors, it is not foolproof, because it cannot detect situations in which an even
number of bits in the same data unit are changed due to electrical noise. Consider an even
parity scheme using nine bit codewords, consisting of eight data bits followed by a parity bit.
1. The parity of the data 10111101 is even (there are 6 '1' bits). The parity bit will be 0,
giving the codeword 101111010.
2. The parity of the data 01110011 is odd (there are 5 '1' bits). The parity bit will be 1,
giving the codeword 011100111.
Diploma – Computer Networks 69
Accredited Course Provider
3. The parity of the data 00000000 is even (zero is even). The parity bit will be 0, giving
the codeword 000000000.
7.4. Block Sum Check
Block Sum Check is an extension of the parity scheme to cover blocks of data. This use of
an additional set of parity bits computed for the complete block of Characters, Each
character (byte) is assigned a parity bit transverse or row parity and an extra bit is computed
for each bit position in the complete frame - longitudinal or column parity.
In this scheme the resulting set of parity bits for each column is referred to as the Block
(sum) Check Character (BCC)
Each bit making up the BCC is the modulo-2 sum of all the bits in the corresponding column.
Block Sum Check can do some error corrections as long as the erroneous bits don’t have a
common row or column. Although two bit errors in a character will escape the row parity
check, they will be detected in the corresponding column parity check. A remote possibility of
two bit errors occurring in the same row and column - which will not be detected.
An example of a Block Sum Check is shown below:
7.5. Cyclic Redundancy Check (CRC)
One of the most popular methods of error detection for digital signals is the Cyclic
Redundancy Check (CRC). CRCs are useful because they are capable of detecting all single
and double errors and many multiple errors with a small number of bits. Communications
protocols often use two CRCs in a packet - one to protect the header of the packet and
another to protect the data portion of the packet.
70 Diploma – Computer Networks
Accredited Course Provider
Transmitted messages are divided into predetermined lengths that are divided by a fixed
divisor. According to the calculation, the remainder number is appended onto and sent with
the message. When the message is received, the computer recalculates the remainder and
compares it to the transmitted remainder. If the numbers do not match, an error is detected.
When discussing CRCs it's customary to present the key word k in the form of a "generator
polynomial". For example, suppose we want our CRC to use the key k=37. This number
written in binary is 100101, and expressed as a polynomial as x^5 + x^2 + 1. In order to
implement a CRC based on this polynomial, the transmitter and receiver must have agreed
in advance that this is the key word they intend to use.
say, x^2 + x + 1 = 111
x^3 + x + 1 = 1011
x^5 + x^4 + x^0 = 110001
Polynomial arithmetic is done using modulo 2, here there are no carries for addition or
borrows for subtraction. Both addition and subtraction are identical to exclusive OR.
10110011 01110001 11010101
+ 11010110 + 10011010 - 10110010
01100101 11101011 01100111
The below diagram illustrates the calculation for a frame 1101011011 using the generator
x^4 + x + 1.
Diploma – Computer Networks 71
Accredited Course Provider
Upon receiving the checksummed frame, the receiver divides it by the generator, if the
remainder is zero, no error has occurred.
Error Correction methods:
Error correction coding is more sophisticated than error detection coding. Its aim is to detect
and locate errors in transmission.
With Forward Error Control (FEC), sufficient additional check digits are added to each
transmitted message. Enables the receiver to detect the presence of the error/s and also to
locate the position of the error/s. Correction is achieved by simply inverting the bits, since the
data are in binary format
72 Diploma – Computer Networks
Accredited Course Provider
7.6. Hamming code
Hamming code is an error-correcting code named after its inventor, Richard Hamming.
Hamming codes can detect single and double-bit errors, and correct single bit errors as well.
One possible way of calculating the Hamming Code:
1. Mark all bit positions that are powers of two as parity bits.
(Positions 1, 2, 4, 8, 16, 32, 64, etc.)
2. All other bit positions are for the data to be encoded.
(Positions 3, 5, 6, 7, 9, 10, 11, 12, 13, 14, 15, 17, etc.)
3. Each parity bit calculates the parity for some of the bits in the code word. The position
of the parity bit determines the sequence of bits that it alternately checks and skips.
Position 1: check 1 bit, skip 1 bit, check 1 bit, skip 1 bit, etc.
(1, 3,5,7,9,11,13,15,...)
Position 2: check 2 bits, skip 2 bits, check 2 bits, skip 2 bits, etc.
(2, 3, 6,7,10,11,14,15,...)
Position 4: check 4 bits, skip 4 bits, check 4 bits, skip 4 bits, etc.
(4,5,6,7,12,13,14,15,20,21,22,23,...)
Position 8: check 8 bits, skip 8 bits, check 8 bits, skip 8 bits, etc.
(8-15, 24-31, 40-47,...)
Position 16: check 16 bits, skip 16 bits, check 16 bits, skip 16 bits, etc.
(16-31, 48-63, 80-95,...)
Position 32: check 32 bits, skip 32 bits, check 32 bits, skip 32 bits, etc.
(32-63, 96-127,160-191,...) etc.
4. Set a parity bit to 1 if the total number of ones in the positions it checks is odd. Set a
parity bit to 0 if the total number of ones in the positions it checks is even.
Consider the 7-bit data word "0110101", the Hamming codes are calculated and used to
detect an error, see the tables below. They use d to signify data bits and p to signify parity
bits.
Initially the data bits are inserted into their appropriate positions and the parity bits calculated
in each case using even parity.
Diploma – Computer Networks 73
Accredited Course Provider
The new data word (with parity bits) is now "10001100101". We now assume the final bit
gets corrupted and turned from 1 to 0. Our new data word is "10001100100"; and this time
when we analyse how the Hamming codes were created we flag each parity bit as 1 when
the even parity check fails.
The final step is to evaluate the value of the parity bits (remembering the lowest value bit
goes furthest to the right). The integer value of the parity bits is 11, signifying that the 11th bit
in the data word (including parity bits) is wrong and needs to be flipped.
Flipping the 11th bit gives changes 10001100100 back into 10001100101. Removing the
Hamming codes gives the original data word of 0110101.
74 Diploma – Computer Networks
Accredited Course Provider
7.7. Quality of Service (QoS)
The term QoS refers to a broad collection of networking technologies and techniques. The
goal of QoS is to provide guarantees on the ability of a network to deliver predictable results.
Elements of network performance within the scope of QoS often include availability (uptime),
bandwidth (throughput), latency (delay), and error rate.
QoS generally involves prioritization of network traffic. QoS can defined in terms of the total
network "pipe," in terms of a given server's or router's performance, or in terms of specific
applications. A network monitoring system must typically be deployed as part of QoS, to
insure that networks are performing at the desired level.
QoS is an increasingly important area of research and development in computer networking.
It is especially important for the new generation of Internet applications such as video-on-
demand and other consumer services. Some core Internet technologies like Ethernet were
not designed to support prioritized traffic or guaranteed performance levels, making it much
more difficult to implement QoS solutions. One of the most attractive features of ATM is its
built-in support for QoS.
Andrew S. Tanenbaum in his Computer Networks – 4th Edition mentions (Page – 397): A
stream of packets from a source to a destination is called a flow. In a connection-oriented
network, all the packets belonging to a flow follow the same route; in a connectionless
network, they may follow different routes. The needs of each flow can be characterized by
four primary parameters: reliability, delay, jitter, and bandwidth. Together these determine
the QoS (Quality of Service) the flow requires. Several common applications and the
stringency of their requirements are listed in Fig. 5-30
The first four applications have stringent requirements on reliability. NO bits may be delivered
incorrectly. This goal is usually achieved by checksumming each packet and verifying the
checksum at the destination. The four final (audio/video) applications can tolerate errors, so
no checksums, are computed or verified. File transfer applications, including e-mail and
video, are not delay sensitive. If all packets are delayed uniformly by a few seconds, no harm
is done. Interactive applications, such as Web surfing and remote login, are more delay
sensitive.
Diploma – Computer Networks 75
Accredited Course Provider
For applications such as audio and video streaming, it does not matter much if packets take
20 msec or 30 msec to be delivered, as long as the transit time is constant. The variation
(i.e., standard deviation) in the packet arrival time is called Jitter.
High jitter, for example, having some packets taking 20 msec and others taking 30 msec to
arrive will give an uneven quality to the sound or movie. In contrast, an agreement that 99
percent of the packets be delivered with a delay in the range of 24.5 msec to 25.5 msec
might be acceptable.
In some applications, such as video on demand, jitter can be eliminated by buffering at the
receiver and then fetching data for display from the buffer instead of from the network in real
time. However, for other applications, especially those that require real-time interaction
between people such as Internet telephony and videoconferencing, the delay inherent in
buffering is not acceptable.
7.8. Class of Service (C0S)
Class of Service is a way of managing traffic in a network by grouping similar types of traffic
(for example, e-mail, streaming video, voice, large document file transfer) together and
treating each type as a class with its own level of service priority. Unlike Quality of Service
(QoS) traffic management, Class of Service technologies do not guarantee a level of service
in terms of bandwidth and delivery time; they offer a “best-effort.” On the other hand, CoS
technology is simpler to manage and scalable as a network grows in the structure and traffic
volume.
76 Diploma – Computer Networks
Accredited Course Provider
8. Network Security
Most security problems are intentionally caused by malicious people trying to gain some
benefit, get attention, or to harm someone. Some people who cause security problems are
tabulated below:
8.1. Authentication
Authentication is any process by which you verify that someone is who they claim they are.
This usually involves a username and a password, but can include any other method of
demonstrating identity, such as a smart card, voice recognition, or fingerprints.
Authentication is equivalent to showing your drivers license at the ticket counter at the
airport. (Or Authentication is the process of identifying an individual, usually based on a
username and password).
The two diagrams below illustrate how the authentication process happens. (Both these
method has certain limitations)
Diploma – Computer Networks 77
Accredited Course Provider
Authorization is finding out if the person, once identified, is permitted to have the resource.
This is usually determined by finding out if that person is a part of a particular group, if that
person has paid admission, or has a particular level of security clearance.
Access control is a much more general way of talking about controlling access to a resource.
Access can be granted or denied based on a wide variety of criteria, such as the network
address of the client, the time of day. (Read, Write, Full Control).
8.2. Encryption
Encryption (Transforms data which cannot be understood by unauthorised users) is used to
protect the confidentiality of information when it must reside or be transmitted through
otherwise unsafe environments. Encryption is also used for "digital signatures" to
authenticate the origin of messages or data. Encryption algorithms themselves are rarely
used alone in practice. Rather, they are typically embedded into a larger security systems to
ensure their correct and consistent use, since a failure to do can compromise the security of
other messages, even those that have been properly encrypted.
The encryption model is elaborated below:
Only listens Can alter Can insert
Encryption Ciphertext Decryption
Plaintext, P method C = EK(P) method Plaintext, P
Encryption Decryption
Sender Key, EK Key, DK Receiver
Algorithms
Many different cryptography algorithms (Cryptography is the science of writing messages in
secret codes) have been done, but there are two main algorithms used in cryptography. Here
is a general overview of these two cryptography standards.
1. Symmetric cryptosystem - Private key algorithm. Eg. DES
2. Asymmetric cryptosystem - Public key algorithm. Eg. RSA
Notation Description
KA,B Secret key shared by A and B
+
KA Public key of A
KA - Private key of A
• Private key: This key must be know only by its owner.
78 Diploma – Computer Networks
Accredited Course Provider
• Public key: This key is known to everyone (it is public)
• Relation between both keys: One key encrypts, the other one decrypts,
and vice versa. That means that if you encrypt something with my public key, I
would need my private key to decrypt the message.
Private key algorithm
In private key algorithm (Secret key algorithms) the same key is used for both encryption and
decryption.
Public key algorithm
A public key algorithm consists of a public key (B) used to crypt a message and a private key
(A) used to decrypt the message, for one public key there is one private key (A1, B1) and
only the private key that belongs to the public key can decrypt a message encrypted by the
public key. Public key methods are important because they can be used to transmit
encryption keys or other data securely even when the parties have no opportunity to agree
on a secret key in private.
The diagram below illustrates the Public key algorithm, which uses a Public key to encrypt &
a Private key to decrypt.
DES
Diploma – Computer Networks 79
Accredited Course Provider
DES stands for "Data Encryption Standard" and is at the moment still being used as an
algorithm in the world. It has been created by IBM (International Business Machines
Corporation) in 1977 and is a private key algorithm.
The DES works like this in brief.
✓ It is a block cipher algorithm that encrypts data by 64 bits length block, that means
that the clear text / plaintext is divided into 64 bits length block
✓ Each block is encrypted by 16 complex operations
✓ After the last iteration step, a 32 bit swap is done.
✓ The entire 64-bit length encrypted block constitutes the final cipher text.
The decrypt algorithm is nearly the same as the encrypt algorithm, the same key (the private
key) is used to encrypt and to decrypt a message; the bigger your private key is the safer it
is.
The following diagram gives a pictorial representation of DES.
Weaknesses
The number of iterations is only16
Key length is only 56 bits
RSA
80 Diploma – Computer Networks
Accredited Course Provider
RSA is the initial letters of the name of its creator (Rivest-Shamir-Adelman). RSA is the most
commonly used public key algorithm. Can be used both for encryption and for signing. It is
generally considered to be secure when sufficiently long keys are used. The security of RSA
relies on the difficulty of factoring large integers.
Public vs. Private Key
The major differentiator between encryption methods is that of public vs. private key. In a
traditional private key system, the encryption and decryption keys are identical and must be
kept secret. Each pair of communicating partners or groups must have a secret key.
In a public key scheme, each individual has a pair of keys; a non-secret one for encrypting
and a secret one for decrypting. The encryption key is known to anyone who wants it and is
generally available from a well-known location to prevent spoofing. Because the encryption
key is non-secret, anyone can encrypt a message for a particular recipient, but only the
intended recipient has the decryption key allowing the message to be read.
Even if the cryptography used is very powerful if to encrypt clear text / plaintext, a weak key
is used (e.g., a password with only one or two letters), the cipher text generated will be easy
to break, so the key has to be chosen carefully.
8.3. Digital Signatures
Digital signatures are a way to ensure the integrity of a message or other data using public
key cryptography. Like traditional signatures written with ink on paper, they can be used to
authenticate the identity of the signer of the data. However, digital signatures go beyond
traditional signatures in that they can also ensure that the data itself has not been altered.
The below diagram elloborates a basic model of a Digital signaturer:
Why Digital signature?
Diploma – Computer Networks 81
Accredited Course Provider
• It insures by means of verification and validation that the user is whom he/she claims to
be. This is done by combine the users credential to the digital certificate and in turn this
method uses one point of authentication.
• Digital certificates insure data Integrity giving the user piece of mind that the message or
transaction has not been accidentally or maliciously altered. This is done cryptographically.
• Digital certificates ensure confidentiality and ensure that messages can only be read by
authorized intended recipients.
• Digital certificates also verify date and time so that senders or recipients can not dispute
if the message was actually sent or received.
The block diagram shows how Alice is using digital signature to send a msg to Bob:
(Compared to the above basic model of a Digital signaturer, this is more secure if the msg is
to be sent to a specific user only)
8.4. VPN
Discuss:
What’s VPN?
Show how a VPN connection would be created with the aid of a diagram.
What are the two key security features in VPN?
8.5. Firewalls
A firewall is a system designed to prevent unauthorized access to or from a private network.
Firewalls are now widely used because of the vast amount of broadband connections
present. They provide a first line of defence for your computer or network.
A firewall can be either hardware or software. High Level Hardware firewalls are very
expensive and are not practical for the home user. However, low-end routers that perform
NAT act as a hardware firewall. Cheaper broadband routers such as Linksys, Belkin, D-Link,
etc provide this functionality. In a corporate environment, very expensive devices such as the
Cisco PIX, Symantec firewall, and Sonicwall are commonly used hardware solutions.
Hardware firewalls are better solutions for networks with a large amount of clients.
82 Diploma – Computer Networks
Accredited Course Provider
Software firewalls are nothing more than a program that runs with your operating system.
These programs are usually inexpensive, free, or come built into the operating system. The
below diagram shows a firewall configuration:
To show how firewalls decide to allow or deny traffic. TCP/IP traffic is broken into packets,
and firewalls must examine each packet to determine whether to drop it or forward it to the
destination.
(A packet will include the IP header, the TCP or UDP header, and the actual contents of the
packet etc.) The IP header contains the IP addresses of the source, which is the sender, and
the destination, which is the receiver. The TCP or UDP header contains the source port of
the sender and the destination port of the receiver to identify the applications that are
sending and receiving the traffic. In addition, TCP headers contain additional information
such as sequence numbers, acknowledgment numbers, and the conversation state. The
destination TCP or UDP ports define the locations for delivery of the data on the server when
the packet reaches its destination.
When a browser, for example, sends an HTTP request to a Web server, the request contains
the identity of the client computer, the source IP address, and the source port that the
request went out on. The source port of the client identifies the client application that sent the
request, in this case, the browser. When the Web server sends a response, it uses the
client’s source port as the destination port in the response. The client operating system
Diploma – Computer Networks 83
Accredited Course Provider
recognizes the port number as belonging to a session the browser application started, and
gives the data to the browser.
Common Port Numbers
Service Port
HTTP 80/tcp
SSL (Secure Sockets Layer) Web server 443/tcp
FTP 21/tcp
POP3 110/tcp
SMTP 25/tcp
Remote Desktop (Terminal Services) 3389/tcp
Telnet 23/tcp
SQL Server 1433/tcp
IRC (Internet Relay Chat) 6665-6669/tcp
DNS 53/tcp,udp
SNMP 161/tcp
Some types of firewalls can filter traffic based on source or destination IP address. Filtering
based on source or destination address is useful because it enables you to allow or deny
traffic based on the computers or networks that are sending or receiving the traffic.
84 Diploma – Computer Networks
You might also like
- DCN Which Is Engineering Subject of Data CommunicationsNo ratings yetDCN Which Is Engineering Subject of Data Communications465 pages
- Checkpoint R77 Gaia Administration GuideNo ratings yetCheckpoint R77 Gaia Administration Guide234 pages
- 07projectcostmanagement 140327050222 Phpapp01No ratings yet07projectcostmanagement 140327050222 Phpapp0150 pages
- Computer Networking and Network SecurityNo ratings yetComputer Networking and Network Security221 pages
- 19cab09 - Data Communication and Networks: Prepared byNo ratings yet19cab09 - Data Communication and Networks: Prepared by465 pages
- FSP 150CC-GE-V1.0 Course - 4 - ManagementNo ratings yetFSP 150CC-GE-V1.0 Course - 4 - Management51 pages
- 3.3.3.4 Lab - Using Wireshark To View Network Traffic0% (2)3.3.3.4 Lab - Using Wireshark To View Network Traffic20 pages
- BCS - Cer - IS - Lesson1 - IntroductionNo ratings yetBCS - Cer - IS - Lesson1 - Introduction17 pages
- 9 Computer Network and Network SecurityNo ratings yet9 Computer Network and Network Security184 pages
- CACS 303 Computer Networking BCA 5th SemNo ratings yetCACS 303 Computer Networking BCA 5th Sem3 pages
- SCU-LAN10 Installation Manual ENG 2311-DNo ratings yetSCU-LAN10 Installation Manual ENG 2311-D51 pages
- Fundamentals of Networking Course OutlineNo ratings yetFundamentals of Networking Course Outline3 pages
- Supplemental Reading For Broadband ProtocolsNo ratings yetSupplemental Reading For Broadband Protocols21 pages
- Huawei EkitEngine S310 Series Switches DatasheetNo ratings yetHuawei EkitEngine S310 Series Switches Datasheet10 pages
- Computer Networking Syllabus PreparationNo ratings yetComputer Networking Syllabus Preparation10 pages
- National Open University of Nigeria: School of Science and TechnologyNo ratings yetNational Open University of Nigeria: School of Science and Technology112 pages
- EdgeRouter - L2TP IPsec VPN Server - Ubiquiti Networks Support and Help Center100% (1)EdgeRouter - L2TP IPsec VPN Server - Ubiquiti Networks Support and Help Center11 pages
- Computer Networks & Lab (IT-215 & IT-216)No ratings yetComputer Networks & Lab (IT-215 & IT-216)7 pages
- 24-Port 10/100/1000T 802.3at Poe + 4-Port Gigabit TP/SFP Combo Managed SwitchNo ratings yet24-Port 10/100/1000T 802.3at Poe + 4-Port Gigabit TP/SFP Combo Managed Switch9 pages
- 4436 FTTH Self Install Guide Updates FA Digital May22No ratings yet4436 FTTH Self Install Guide Updates FA Digital May228 pages
- 300Mbps Wireless LAN Access Point: Step 1. Step 1No ratings yet300Mbps Wireless LAN Access Point: Step 1. Step 12 pages
- CSI2103 Computer Networks and Data Communications INo ratings yetCSI2103 Computer Networks and Data Communications I47 pages
- 9.2.9 Packet Tracer - Examine The ARP Table - ILMNo ratings yet9.2.9 Packet Tracer - Examine The ARP Table - ILM4 pages
- Data Communication and Computer Network Course OutlineNo ratings yetData Communication and Computer Network Course Outline4 pages
- Fundamentals of Networking Course OutlineNo ratings yetFundamentals of Networking Course Outline4 pages
- Active Directory Users and Computers - II Additional Domain ControllerNo ratings yetActive Directory Users and Computers - II Additional Domain Controller4 pages
- Low Cost Home Automation With ESP8266 and Lightweight Protocol MQTTNo ratings yetLow Cost Home Automation With ESP8266 and Lightweight Protocol MQTT6 pages
- Computer Communication and Telecom Networks SyllabusNo ratings yetComputer Communication and Telecom Networks Syllabus3 pages
- Exam Questions: Nguyen The Nhat - Take ExamNo ratings yetExam Questions: Nguyen The Nhat - Take Exam11 pages
- Cisco Voip/Ccme: Introduction To Cisco Unified Communication Manager Express (Callmanager Express - Cme)100% (1)Cisco Voip/Ccme: Introduction To Cisco Unified Communication Manager Express (Callmanager Express - Cme)28 pages
