1.

Introduction

Welcome, gentle reader.

I have written a number of networking HOWTOs in the past, and it occurred to me that there's a hell of pile
of jargon in each one. I had three choices: my other two were ignoring the problem and explaining the terms
everywhere. Neither was attractive.

The point of Free software is that you should have the freedom to explore and play with the software systems
you use. I believe that enabling people to experience this freedom is a noble goal; not only do people feel
empowered by the pursuit (such as rebuilding a car engine) but the nature of the modern Internet and Free
software allows you to share the experience with millions.

But you have to start somewhere, so here we are.

(C) 2000 Paul `Rusty' Russell. Licenced under the GNU GPL.

2. What is a `computer network'?

A computer network is just a set of stuff for nodes to talk to each other (by `nodes' I mean computers,
printers, Coke machines and whatever else you want). It doesn't really matter how they are connected: they
could use fiber-optic cables or carrier pigeons. Obviously, some choices are better than others (especially if
you have a cat).

Usually if you just connect two computers together, it's not called a network; you really need three or more to
become a network. This is a bit like the word `group': two people is just a couple of guys, but three can be an
`group'. Also, networks are often hooked together, to make bigger networks; each little network (usually
called a `sub-network') can be part of a larger network.

The actual connection between two computers is often called a `network link'. If there's a bit of cable running
out of the back of your machine to the other machines, that's your network link.

There are four things which we usually care about when we talk about a computer network:

Size

If you simply connect your four computers at home together, you have what is called a LAN (Local
Area Network). If everything is within walking distance, it's usually called a LAN, however many
machines are connected to it, and whatever you've built the network out of.

The other end of the spectrum is a WAN (Wide Area Network). If you have one computer in Lahore,
Pakistan, one in Birmingham, UK and one in Santiago, Chile, and you manage to connect them, it's a
WAN.
Topology: The Shape

Draw a map of the network: lines are the

network links, and each node is a dot. Maybe each line leads into a central node like a big star,
meaning that everyone talks through one point (a `star topology'):

o o o
\_ | _/
\|/
o-----o-----o
_/|\_
/ | \
o o o

Maybe everyone talks in a line, like so:

o------o------o-------o--------o
| |
| |
| o
| |
o |
o

Or maybe you have three subnetworks connected through one node:

o
o | o--o--o
| | |
o--o--o--o--o o
\ |
o------o
/ |
o--o--o--o--o o
| | |
o | o--o
o

You'll see many topologies like these in real life, and many far more complicated.

Physical: What It's Made Of

The second thing to care about is what you've built the network out of. The cheapest is `sneakernet',
where badly-dressed people carry floppy disks from one machine to the others. Sneakernet is almost
always a LAN. Floppies cost less than $1, and a solid pair of sneakers can be got for around $20.

The most common system used to connect home networks to far bigger networks is called a `modem'
(for MODulator/DEModulator), which turns a normal phone connection into a network link. It turns
the stuff the computer sends into sounds, and listens to sounds coming from the other end to turn
them back into stuff for the computer. As you can imagine, this isn't very efficient, and phone lines
weren't designed for this use, but it's popular because phone lines are so common and cheap: modems
sell for less than $50, and phone lines usually cost a couple of hundred dollars a year.
 The most common way to connect machines into a LAN is to use Ethernet. Ethernet comes in these
main flavors (listed from oldest to newest): Thinwire/Coax/10base2, UTP (Unshielded Twisted
Pair)/10baseT and UTP/100baseT. Gigabit ethernet (the name 1000baseT is starting to get silly) is
starting to be deployed, too. 10base2 wire is usually black coaxial cable, with twist-on T-pieces to
connect them to things: everyone gets connected in a big line, with special `terminator' pieces on the
two ends. UTP is usually blue wire, with clear `click-in' phone-style connectors which plug into
sockets to connect: each wire connects one node to a central `hub'. The cable is a couple of dollars a
meter, and the 10baseT/10base2 cards (many cards have plugs for both) are hard to get brand new.
100baseT cards, which can also speak 10baseT as well, are ten times faster, and about $30.

On the other end of the spectrum is Fiber; a continuous tiny glass filament wrapped in protective
coating which can be used to run between continents. Generally, fiber costs thousands.

We usually call each connection to a node a `network interface', or `interface' for short. Linux gives
these names like `eth0' for the first ethernet interface, and `fddi0' for the first fiber interface. The
`/sbin/ifconfig' command lists them.

Protocol: What It's Speaking

The final thing to care about is the language the two are speaking. When two modems are talking to
each other down a phone line, they need to agree what the different sounds mean, otherwise it simply
won't work. This convention is called a `protocol'. As people discovered new ways of encoding what
the computer says into smaller sounds, new protocols were invented; there are at least a dozen
different modem protocols, and most modems will try a number of them until they find one the other
end understands.

Another example is the 100baseT network mentioned above: it uses the same physical network links (
UTP) as 10baseT above, but talks ten times as fast.

These two protocols are what are called `link-level' protocols; how stuff is handed over the individual
network links, or `one hop'. The word `protocol' also refers to other conventions which are followed,
as we will see next.

3. What is the `Internet'?

The Internet is a WAN which spans the entire globe: it is the largest computer network in existence. The
phrase `internetworking' refers to connecting separate networks to build a larger one, hence `The Internet' is
the connection of a whole pile of subnetworks.

So now we look at the list above and ask ourselves: what is the Internet's size, physical details and protocols?

The size is already established above: it's global.

The physical details are varied however: each little sub-network is connected differently, with a different
layout and physical nature. Attempts to map it in a useful way have generally met with abject failure.

The protocols spoken by each link are also often different: all of the link-level protocols listed above are
used, and many more.

3.1 How Does The Internet Work?

The question then arises: how come every node on the Internet can talk to the others, if they all use different
link-level protocols to talk to each other?

The answer is fairly simple: we need another protocol which controls how stuff flows through the network.
The link-level protocol describes how to get from one node to another if they're connected directly: the
`network protocol' tells us how to get from one point in the network to any other, going through other links if
necessary.

For the Internet, the network protocol is the Internet Protocol (version 4), or `IP'. It's not the only protocol out
there (Apple's AppleTalk, Novell's IPX, Digital's DECNet and Microsoft's NetBEUI being others) but it's the
most widely adopted. There's a newer version of IP called IPv6, but it's still not common.

So to send a message from one side of the globe to another, your computer writes a bit of Internet Protocol,
sends it to your modem, which uses some modem link-level protocol to send it to the modem it's dialed up to,
which is probably plugged into a terminal server (basically a big box of modems), which sends it to a node
inside the ISP's network, which sends it out usually to a bigger node, which sends it to the next node... and so
on. A node which connects two or more networks is called a `router': it will have one interface for each
network.

We call this array of protocols a `protocol stack', usually drawn like so:

[ Application: Handles Porn ] [ Application Layer: Serves Porn ]

| ^
v |
[ TCP: Handles Retransmission ] [ TCP: Handles Retransmission ]
| ^
v |
[ IP: Handles Routing ] [ IP: Handles Routing ]
| ^
v |
[ Link: Handles A Single Hop ] [ Link: Handles A Single Hop ]
| |
+------------------------------------------+

So in the diagram, we see Netscape (the Application on top left) retrieving a web page from a web server (the
Application on top right). To do this it will use `Transmission Control Protocol' or `TCP': over 90% of the
Internet traffic today is TCP, as it is used for Web and EMail.

So Netscape makes the request for a TCP connection to the remote web server: this is handed to the TCP
layer, which hands it to the IP layer, which figures out which direction it has to go in, hands it onto the
appropriate link layer, which transmits it to the other end of the link.

At the other end, the link layer hands it up to the IP layer, which sees it is destined for this host (if not, it
might hand it down to a different link layer to go out to the next node), hands it up to the TCP layer, which
hands it to the server.

So we have the following breakdown:

1. The application (Netscape, or the web server at the other end) decides who it wants to talk to, and
what it wants to send).
2. The TCP layer sends special packets to start the conversation with the other end, and then packs the
data into a TCP `packet': a packet is just a term for a chunk of data which passes through a network.
The TCP layer hands this packet to the IP layer: it then keeps sending it to the IP layer until the TCP
layer at the other end replies to say that it has received it. This is called `retransmission', and has a
whole heap of complex rules which control when to retransmit, how long to wait, etc. It also gives
each packet a set of numbers, which mean that the other end can sort them into the right order.
3. The IP layer looks at the destination of the packet, and figures out the next node to send the packet to.
This simple act is called `routing', and ranges from really simple (if you only have one modem, and
no other network interfaces, all packets should go out that interface) to extremely complex (if you
have 15 major networks connected directly to you).

4. This IP Thing

So the role of the IP layer is to figure out how to `route' packets to their final destination. To make this
possible, every interface on the network needs an `IP address'. An IP address consists of four numbers
separated by periods, like `167.216.245.249'. Each number is between zero and 255.

Interfaces in the same network tend to have neighboring IP addresses. For example, `167.216.245.250' sits
right next to the machine with the IP address `167.216.245.249'. Remember also that a router is a node with
interfaces on more than one network, so the router will have one IP address for each interface.

So the Linux Kernel's IP layer keeps a table of different `routes', describing how to get to various groups of
IP addresses. The simplest of these is called a `default route': if the IP layer doesn't know better, this is where
it will send a packet onwards to. You can see a list of routes using `/sbin/route'.

Routes can either point to a link, or a particular node which is connected to another network. For example,
when you dial up to the ISP, your default route will point to the modem link, because that's where the entire
world is.

Rusty's ISP's ~~~~~~~~~~~~

Modem Modem { }
o------------------o { The Internet }
{ }
~~~~~~~~~~~~

But if you have a permanent machine on your network which connects to the outside world, it's a bit more
complicated. In the diagram below, my machine can talk directly to Tridge and Paul's machines, and to the
firewall, but it needs to know that packets heading the rest of the world need to go to the firewall, which will
pass them on. This means that you have two routes: one which says `if it's on my network, just send it
straight there' and then a default route which says `otherwise, send it to the firewall'.

o Tridge's
| Work Machine ~~~~~~~~~~~~
Rusty's | { }
Work Machine o--------+-----------------o--{ The Internet }
| Firewall { }
| ~~~~~~~~~~~~
o Paul's
Work Machine

4.1 Groups of IP Addresses: Network Masks

There is one last detail: there is a standard notation for groups of IP addresses, sometimes called a `network
address'. Just like a phone number can be broken up into an area prefix and the rest, we can divide an IP
address into a network prefix and the rest.

It used to be that people would talk about `the 1.2.3 network', meaning all 256 addresses from 1.2.3.0 to
1.2.3.255. Or if that wasn't a big enough network, they might talk about the `1.2 network' which meant all
addresses from 1.2.0.0 to 1.2.255.255.

We usually don't write `1.2.0.0 - 1.2.255.255'. Instead, we shorten it to `1.2.0.0/16'. This weird `/16' notation
(it's called a `netmask') requires a little explanation.

Each number between the dots in an IP address is actually 8 binary digits (00000000 to 11111111): we write
them in decimal form to make it more readable for humans. The `/16' means that the first 16 binary digits is
the network address, in other words, the `1.2.' part is the the network (remember: each digit represents 8
binary digits). This means any IP address beginning with `1.2.' is part of the network: `1.2.3.4' and `1.2.3.50'
are, and `1.3.1.1' is not.

To make life easier, we usually use networks ending in `/8', `/16' and `/24'. For example, `10.0.0.0/8' is a big
network containing any address from 10.0.0.0 to 10.255.255.255 (over 16 million addresses!). 10.0.0.0/16 is
smaller, containing only IP addresses from 10.0.0.0 to 10.0.255.255. 10.0.0.0/24 is smaller still, containing
addresses 10.0.0.0 to 10.0.0.255.

To make things confusing, there is another way of writing netmasks. We can write them like IP addresses:

10.0.0.0/255.0.0.0

Finally, it's worth noting that the very highest IP address in any network is reserved as the `broadcast
address', which can be used to send a message to everyone on the network at once.

Here is a table of network masks:

Short Full Maximum Comment

Form Form #Machines

/8 /255.0.0.0 16,777,215 Used to be called an `A-class'

/16 /255.255.0.0 65,535 Used to be called an `B-class'
/17 /255.255.128.0 32,767
/18 /255.255.192.0 16,383
/19 /255.255.224.0 8,191
/20 /255.255.240.0 4,095
/21 /255.255.248.0 2,047
/22 /255.255.252.0 1,023
/23 /255.255.254.0 511
/24 /255.255.255.0 255 Used to be called a `C-class'
/25 /255.255.255.128 127
/26 /255.255.255.192 63
/27 /255.255.255.224 31
/28 /255.255.255.240 15
/29 /255.255.255.248 7
/30 /255.255.255.252 3

5. Machine Names and IP Addresses

So every interface on every node has an IP address. It was realized quite quickly that humans are pretty bad
at remembering numbers, so it was decided (just like phone numbers) to have a directory of names. But since
we're using computers anyway, it's nicer to have the computer look up the names for us automatically.

Hence we have the Domain Name System (DNS). There are nodes with well known IP addresses which
programs can ask to look up names, and return IP addresses. Almost all programs you will use are capable of
doing this, which is why you can put `www.linuxcare.com' into Netscape, instead of `167.216.245.249'.

Of course, you need the IP address of at least one of these `name servers': usually these are kept in the
`/etc/resolv.conf' file.

Since DNS queries and responses are fairly small (1 packet each), the TCP protocol is not usually used: it
provides automatic retransmission, ordering and general reliability, but at a cost of sending extra packets
through the network. Instead we use the very simple `User Datagram Protocol', which doesn't offer any of the
fancy TCP features we don't need.

6. Different Services: Email, Web, FTP, Name Serving

In the earlier example, we showed Netscape sending a TCP request to a web server running on another node.
But imagine that the node with the web server is also running an Email server, an FTP server and a name
server: how does it know which server the TCP connection is for?

This is where TCP and UDP have a concept of `ports'. Every packet has space for a `destination port', which
says what service the packet is for. For example, TCP port 25 is the mail server, and TCP port 80 is the web
server (although sometimes you find web servers on different ports). A list of ports can be found in
`/etc/services'.
Also, if two Netscape windows are both accessing different parts of the same web site, how does the Linux
box running Netscape sort out the TCP packets coming back from the web server?

This is where the `source port' comes in: every new TCP connection gets a different source port, so everyone
can tell them apart, even if they are going to the same destination IP address and the same destination port.
Usually the first source port given will be 1024, and will increase over time.

7. Dialup Interfaces: PPP

When you dial your modem to an ISP, and it connects to their modem, the kernel doesn't just shove IP
packets through it. There is a protocol called `Point-to-Point Protocol', or `PPP', which is used to negotiate
with the other end before any packets are allowed through. This is used by the ISP to identify who is dialed
up: on your Linux box, a program called the `PPP daemon' handles your end of the negotiation.

Because there are so many dialup users in the world, they usually don't have their own IP address: most ISPs
will assign you one of theirs temporarily when you dial up (the PPP daemon will negotiate this). This is often
called a `dynamic IP address', as separate from a `static IP address' which is the normal case where you have
your own address permanently. Usually they are assigned by modem: the next time you dial up, you will
probably get a different modem in the modem pool, and hence a different IP address.

8. What Packets Look Like

For the exceptionally curious (and the curiously exceptional), here is a description of what a packet actually
looks like. There are several tools which watch what packets are passing in and out of your Linux box: the
most common one is `tcpdump' (which understands more than TCP these days), but a nicer one is `ethereal'.
Such programs are known as `packet sniffers'.

The start of each packet says where it's going, where it came from, the type of the packet, and other
administrative details. This part is called the `packet header'. The rest of the packet, containing the actual data
being transmitted, is usually called the `packet body'.

So any IP packet begins with an `IP header': at least 20 bytes long. It looks like (this diagram stolen
shamelessly from RFC 791):

.-------+-------+---------------+-------------------------------.
|Version| IHL |Type of Service| Total Length |
|-------+-------+---------------+-------------------------------|
| Identification |Flags| Fragment Offset |
|---------------+---------------+-------------------------------|
| Time to Live | Protocol | Header Checksum |
|---------------+---------------+-------------------------------|
| Source Address |
|---------------------------------------------------------------|
| Destination Address |
`---------------------------------------------------------------'

The important fields are the Protocol, which indicates whether this is a TCP packet (number 6), a UDP packet
(number 17) or something else, the Source IP Address, and the Destination IP Address.

Now, if the protocol fields says this is a TCP packet, then a TCP header will immediately follow this IP
header: the TCP header is also at least 20 bytes long:

.-------------------------------+-------------------------------.
| Source Port | Destination Port |
|-------------------------------+-------------------------------|
| Sequence Number |
|---------------------------------------------------------------|
| Acknowledgment Number |
|-------------------+-+-+-+-+-+-+-------------------------------|
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
|-------+-----------+-+-+-+-+-+-+-------------------------------|
| Checksum | Urgent Pointer |
`---------------------------------------------------------------'

The most important fields here are the source port, and destination port, which says which service the packet
is going to (or coming from, in the case of reply packets). The sequence and acknowledgement numbers are
used to keep packets in order, and tell the other end what packets have been received. The ACK, SYN, RST
and FIN flags (written downwards) are single bits which are used to negotiate the opening (SYN) and closing
(RST or FIN) of connections.

Following this header comes the actual message which the application sent (the packet body). A normal
packet is up to 1500 bytes: this means that the most space the data can take up is 1460 bytes (20 bytes for the
IP header, and 20 for the TCP header): over 97%.

Summary

So the modern Internet uses IP packets to communicate, and most of these IP packets use TCP inside. Special
nodes called `routers' connect all the little networks together into larger networks, and pass these packets
through to their destination. Most normal machines are only attached to one network (ie. have only one
interface), and so are not routers.

Every interface has a unique IP address, which look like `1.2.3.4': interfaces in the same network will have
related IP addresses, with the same start, the same way that phone connections in the same area have the
same prefix. These network addresses look like IP addresses, with a `/' to say how much of them is the prefix,
eg `1.2.0.0/16' means the first two digits is the network address: each digit represents 8 bits.

Machines are given names by the Domain Name Service: programs ask name servers to give them the IP
address, given a name like `www.linuxcare.com'. This IP address is then used as the destination IP address to
talk to that node.

Rusty is really bad at writing documentation, especially for beginners.

Enjoy!

Rusty.

Learning Path: Basic Network Concepts

BASIC NETWORK CONCEPTS...circuit - network - node - topology - bus - ring - campus - backbone - bridge - switch -
packet - circuit-switched - packet-switched - frame - virtual circuit - local area network - wide area network - metropolitan area
nework - duplex - gateway - giant - runt - Quality of Service (QoS) - network operations center (NOC) - BER

Circuit

1) In electronics, a circuit is a path between two or more points along which an electrical current can be carried. (A
circuit breaker is a device that interrupts the path when necessary to protect other devices attached to the circuit - for
example, in case of a power surge.)

2) In telecommunications, a circuit is a discrete (specific) path between two or more points along which
signals can be carried. Unless otherwise qualified, a circuit is a physical path, consisting of one or more wires
(or wireless paths) and possibly intermediate switching points. A network is an arrangement of circuits. In a
dial-up (switched) connection, a circuit is reserved for use by one user for the duration of the calling session.
In a dedicated or leased line arrangement, a circuit is reserved in advance and can only be used by the owner
or renter of the circuit.

A virtual circuit, sometimes called a logical circuit, is a path between two or more points that seems like a fixed
physical path, but actually is one path out of many possible physical paths that can be arranged. A permanent
virtual circuit(PVC) is a virtual circuit that provides a guaranteed connection between two or more points
when needed without having to reserve or commit to a specific physical path in advance. This allows many
companies to share a common pool of circuits. This approach is used in a frame relay network and offers a
committed set of resources to a telephone company customer at a lower price than if the customer leases their
own circuits. A switched virtual circuit (SVC) is similar to a permanent virtual circuit, but allows users to dial
in to the network of virtual circuits.

Network
In information technology, a network is a series of points or nodes interconnected by communication paths. Networks
can interconnect with other networks and contain subnetworks.

The most common topology or general configurations of networks include the bus, star, Token Ring, and mesh
topologies. Networks can also be characterized in terms of spatial distance as local area networks (LANs),
metropolitan area networks (MANs), and wide area networks (WANs).

A given network can also be characterized by the type of data transmission technology in use on it (for
example, a TCP/IP or Systems Network Architecture network); by whether it carries voice, data, or both kinds of
signals; by who can use the network (public or private); by the usual nature of its connections (dial-up or
switched, dedicated or nonswitched, or virtual connections); and by the types of physical links (for example,
optical fiber, coaxial cable, and Unshielded Twisted Pair). Large telephone networks and networks using their
infrastructure (such as the Internet) have sharing and exchange arrangements with other companies so that
larger networks are created.

Node

In a network, a node is a connection point, either a redistribution point or an end point for data transmissions. In
general, a node has programmed or engineered capability to recognize and process or forward transmissions to other
nodes.

Topology
A topology (from Greek topos meaning place) is a description of any kind of locality in terms of its layout. In
communication networks, a topology is a usually schematic description of the arrangement of a network, including its
nodes and connecting lines. There are two ways of defining network geometry: the physical topology and the logical (or
signal) topology.

The physical topology of a network is the actual geometric layout of workstations. There are several common
physical topologies, as described below and as shown in the illustration.

In the bus network topology, every workstation is connected to a main cable called the bus. Therefore, in effect,
each workstation is directly connected to every other workstation in the network.

In the star network topology, there is a central computer or server to which all the workstations are directly
connected. Every workstation is indirectly connected to every other through the central computer.
In the ring network topology, the workstations are connected in a closed loop configuration. Adjacent pairs of
workstations are directly connected. Other pairs of workstations are indirectly connected, the data passing
through one or more intermediate nodes.

A variation of the ring network topology is known as the Token Ring. In this scheme, the signal travels in only
one direction or senses around the ring, carried by a so-called token from node to node.

The mesh network topology employs either of two schemes, called full mesh and partial mesh. In the full mesh
topology, each workstation is connected directly to each of the others. In the partial mesh topology, some
workstations are connected to all the others, and some are connected only to those other nodes with which
they exchange the most data.

The tree network topology uses two or more star networks connected together. The central computers of the
star networks are connected to a main bus. Thus, a tree network is a bus network of star networks.

Logical (or signal) topology refers to the nature of the paths the signals follow from node to node. In many
instances, the logical topology is the same as the physical topology. But this is not always the case. For
example, some networks are physically laid out in a star configuration, but they operate logically as bus or
ring networks.

Bus
In a computer or on a network, a bus is a transmission path on which signals are dropped off or picked up at every
device attached to the line. Only devices addressed by the signals pay attention to them; the others discard the signals.
According to Winn L. Rosch, the term derives from its similarity to autobuses that stop at every town or block to drop off
or take on riders

In general, the term is used in two somewhat different contexts:

(1) A bus is a network topology or circuit arrangement in which all devices are attached to a line directly and
all signals pass through each of the devices. Each device has a unique identity and can recognize those
signals intended for it.

(2) In a computer, a bus is the data path on the computer's motherboard that interconnects the microprocessor
with attachments to the motherboard in expansion slots (such as hard disk drives, CD-ROM drives, and
graphics adapters).

Ring

Also see Web ring.

A ring is a network topology or circuit arrangement in which each device is attached along the same signal
path to two other devices, forming a path in the shape of a ring. Each device in the ring has a unique address.
Information flow is unidirectional and a controlling device intercepts and manages the flow to and from the
ring. The Token Ring is the most prevalent form of ring network.

Campus

In telecommunications, a campus is a physically contiguous association of locations such as several adjacent office
buildings. Typically, such areas require one or more local area networks and bridging, routing, and aggregation
equipment based on situational needs.

Backbone
A backbone is a larger transmission line that carries data gathered from smaller lines that interconnect with it.

1) At the local level, a backbone is a line or set of lines that local area networks connect to for a wide area network
connection or within a local area network to span distances efficiently (for example, between buildings).

2) On the Internet or other wide area network, a backbone is a set of paths that local or regional networks connect to
for long-distance interconnection. The connection points are known as network nodes or telecommunication data
switching exchanges (DSEs).

Bridge
In telecommunication networks, a bridge is a product that connects a local area network (LAN) to another local area
network that uses the same protocol (for example, Ethernet or Token Ring). You can envision a bridge as being a device
that decides whether a message from you to someone else is going to the local area network in your building or to
someone on the local area network in the building across the street. A bridge examines each message on a LAN,
"passing" those known to be within the same LAN, and forwarding those known to be on the other interconnected LAN
(or LANs).

In bridging networks, computer or node addresses have no specific relationship to location. For this reason,
messages are sent out to every address on the network and accepted only by the intended destination node.
Bridges learn which addresses are on which network and develop a learning table so that subsequent
messages can be forwarded to the right network.

Bridging networks are generally always interconnected local area networks since broadcasting every message
to all possible destinations would flood a larger network with unnecessary traffic. For this reason, router
networks such as the Internet use a scheme that assigns addresses to nodes so that a message or packet can be
forwarded only in one general direction rather than forwarded in all directions.

A bridge works at the data-link (physical network) level of a network, copying a data frame from one network
to the next network along the communications path.

A bridge is sometimes combined with a router in a product called a brouter.

Switch
In a telecommunications network, a switch is a device that channels incoming data from any of multiple
input ports to the specific output port that will take the data toward its intended destination. In the traditional
circuit-switched telephone network, one or more switches are used to set up a dedicated though temporary
connection or circuit for an exchange between two or more parties. On an Ethernet local area network (LAN), a
switch determines from the physical device (Media Access Control or MAC) address in each incoming
message frame which output port to forward it to and out of. In a wide area packet-switched network such as the
Internet, a switch determines from the IP address in each packet which output port to use for the next part of its
trip to the intended destination.

In the Open Systems Interconnection (OSI) communications model, a switch performs the layer 2 or Data-Link
layer function. That is, it simply looks at each packet or data unit and determines from a physical address (the
"MAC address") which device a data unit is intended for and switches it out toward that device. However, in
wide area networks such as the Internet, the destination address requires a look-up in a routing table by a
device known as a router. Some newer switches also perform routing functions (layer 3 or the Network layer
functions in OSI) and are sometimes called IP switches.

On larger networks, the trip from one switch point to another in the network is called a hop. The time a switch
takes to figure out where to forward a data unit is called its latency. The price paid for having the flexibility
that switches provide in a network is this latency. Switches are found at the backbone and gateway levels of a
network where one network connects with another and at the subnetwork level where data is being forwarded
close to its destination or origin. The former are often known as core switches and the latter as desktop
switches.

In the simplest networks, a switch is not required for messages that are sent and received within the network.
For example, a local area network may be organized in a Token Ring or bus arrangement in which each possible
destination inspects each message and reads any message with its address.

Circuit-Switching version Packet-Switching

A network's paths can be used exclusively for a certain duration by two or more parties and then switched for use to
another set of parties. This type of "switching" is known as circuit-switching and is really a dedicated and continuously
connected path for its duration. Today, an ordinary voice phone call generally uses circuit-switching.

Most data today is sent, using digital signals, over networks that use packet-switching. Using packet-
switching, all network users can share the same paths at the same time and the particular route a data unit
travels can be varied as conditions change. In packet-switching, a message is divided into packets, which are
units of a certain number of bytes. The network addresses of the sender and of the destination are added to
the packet. Each network point looks at the packet to see where to send it next. Packets in the same message
may travel different routes and may not arrive in the same order that they were sent. At the destination, the
packets in a message are collected and reassembled into the original message.

Packet
A packet is the unit of data that is routed between an origin and a destination on the Internet or any other packet-
switched network. When any file (e-mail message, HTML file, Graphics Interchange Format file, Uniform Resource Locator
request, and so forth) is sent from one place to another on the Internet, the Transmission Control Protocol (TCP) layer
of TCP/IP divides the file into "chunks" of an efficient size for routing. Each of these packets is separately numbered
and includes the Internet address of the destination. The individual packets for a given file may travel different routes
through the Internet. When they have all arrived, they are reassembled into the original file (by the TCP layer at the
receiving end).

A packet-switching scheme is an efficient way to handle transmissions on a connectionless network such as

the Internet. An alternative scheme, circuit-switched, is used for networks allocated for voice connections. In
circuit-switching, lines in the network are shared among many users as with packet-switching, but each
connection requires the dedication of a particular path for the duration of the connection.

"Packet" and "datagram" are similar in meaning. A protocol similar to TCP, the User Datagram Protocol(UDP)
uses the term datagram.

Circuit-switched
Circuit-switched is a type of network in which a physical path is obtained for and dedicated to a single connection
between two end-points in the network for the duration of the connection. Ordinary voice phone service is circuit-
switched. The telephone company reserves a specific physical path to the number you are calling for the duration of
your call. During that time, no one else can use the physical lines involved.

Circuit-switched is often contrasted with packet-switched. Some packet-switched networks such as the X.25
network are able to have virtual circuit-switching. A virtual circuit-switched connection is a dedicated logical
connection that allows sharing of the physical path among multiple virtual

Packet-switched
Packet-switched describes the type of network in which relatively small units of data called packets are routed through a
network based on the destination address contained within each packet. Breaking communication down into packets
allows the same data path to be shared among many users in the network. This type of communication between
sender and receiver is known as connectionless (rather than dedicated). Most traffic over the Internet uses packet
switching and the Internet is basically a connectionless network.

Contrasted with packet-switched is circuit-switched, a type of network such as the regular voice telephone
network in which the communication circuit (path) for the call is set up and dedicated to the participants in
that call. For the duration of the connection, all resources on that circuit are unavailable for other users. Voice
calls using the Internet's packet-switched system are possible. Each end of the conversation is broken down
into packets that are reassembled at the other end.

Another type of digital network that uses packet-switching is the X.25 network, a widely-installed commercial
wide area network protocol. Internet protocol packets can be carried on an X.25 network. The X.25 network
can also support a virtual circuit in which a logical connection is established for two parties on a dedicated
basis for some duration. A permanent virtual circuit (PVC) reserves the path on an ongoing basis and is an
alternative for corporations to a system of leased lines. A permanent virtual circuit is a dedicated logical
connection but the actual physical resources can be shared among multiple logical connections or users.

Frame

1) In telecommunications, a frame is data that is transmitted between network points as a unit complete with
addressing and necessary protocol control information. A frame is usually transmitted serial bit by bit and
contains a header field and a trailer field that "frame" the data. (Some control frames contain no data.)
Here is a simple representation of a frame, based on the frame used in the frame relay access standard:

-----------Header------- ----------Trailer---------

Information (data)
Flag Address Frame check Flag
field
(01111110) field sequence (01111110)
(0-4096 bytes)

In the figure above, the flag and address fields constitute the header. The frame check sequence and second
flag fields constitute the trailer. The information or data in the frame may contain another encapsulated frame
that is used in a higher-level or different protocol. In fact, a frame relay frame typically carries data that has
been framed by an earlier protocol program.

2) In time-division multiplexing (TDM), a frame is a complete cycle of events within the time division period.

3) In film and video recording and playback, a frame is a single image in a sequence of images that are
recorded and played back.

4) In computer video display technology, a frame is the image that is sent to the display image rendering
devices. It is continuously updated or refreshed from a frame buffer, a highly accessible part of video RAM.

5) In artificial intelligence (AI) applications, a frame is a set of data with information about a particular
object, process, or image. An example is the iris-print visual recognition system used to identify users of
certain bank automated teller machines. This system compares the frame of data for a potential user with the
frames in its database of authorized users.

Virtual circuit
A virtual circuit is a circuit or path between points in a network that appears to be a discrete, physical path but is
actually a managed pool of circuit resources from which specific circuits are allocated as needed to meet traffic
requirements.

A permanent virtual circuit (PVC) is a virtual circuit that is permanently available to the user just as though it
were a dedicated or leased line continuously reserved for that user. A switched virtual circuit (SVC) is a virtual
circuit in which a connection session is set up for a user only for the duration of a connection. PVCs are an
important feature of frame relay networks and SVCs are proposed for later inclusion.

Local area network

A local area network (LAN) is a group of computers and associated devices that share a common communications line
or wireless link and typically share the resources of a single processor or server within a small geographic area (for
example, within an office building). Usually, the server has applications and data storage that are shared in common by
multiple computer users. A local area network may serve as few as two or three users (for example, in a home network)
or as many as thousands of users (for example, in an FDDI network).

Major local area network technologies are:

Ethernet
Token Ring
FDDI

Ethernet is by far the most commonly used LAN technology. A number of corporations use the Token Ring
technology. FDDI is sometimes used as a backbone LAN interconnecting Ethernet or Token Ring LANs.
Another LAN technology, ARCNET, once the most commonly installed LAN technology, is still used in the
industrial automation industry.

Typically, a suite of application programs can be kept on the LAN server. Users who need an application
frequently can download it once and then run it from their local hard disk. Users can order printing and other
services as needed through applications run on the LAN server. A user can share files with others at the LAN
server; read and write access is maintained by a LAN administrator. A LAN server may also be used as a
Web server if safeguards are taken to secure internal applications and data from outside access.

In some situations, a wireless LAN may be preferable to a wired LAN because it is cheaper to install and
maintain.

Wide area network

A wide area network (WAN) is a geographically dispersed telecommunications network. The term distinguishes a
broader telecommunication structure from a local area network (LAN). A wide area network may be privately owned or
rented, but the term usually connotes the inclusion of public (shared user) networks. An intermediate form of network in
terms of geography is a metropolitan area network (MAN).

Duplex
In telecommunication, duplex communication means that both ends of the communication can send and receive signals
at the same time. full-duplex communication is the same thing. half-duplex is also bidirectional communication but
signals can only flow in one direction at a time. Simplex communication means that communication can only flow in
one direction and never flow back the other way.

An ordinary telephone conversation is a duplex communication. Most inexpensive speakerphones in

conference rooms are half-duplex communication. (If you're speaking, you can't hear anyone else interrupt.
You have to pause to let others speak.)

Gateway
A gateway is a network point that acts as an entrance to another network. On the Internet, a node or stopping point can
be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that
serve pages to users are host nodes. The computers that control traffic within your company's network or at your local
Internet service provider (ISP) are gateway nodes.

In the network for an enterprise, a computer server acting as a gateway node is often also acting as a proxy server
and a firewall server. A gateway is often associated with both a router, which knows where to direct a given
packet of
data that arrives at the gateway, and a switch, which furnishes the actual path in and out of the
gateway for a given packet.

Runt
In networks, a runt is a packet that is too small. For example, the Ethernet protocol requires that each packet be at least
64 bytes long. In Ethernet, which operates on the idea that two parties can attempt to get use of the line at the same
time and sometimes do, runts are usually the fragments of packet collisions. Runts can also be the result of bad wiring
or electrical interference. Runts are recorded by programs that use the Remote Network Monitoring (RNM) standard
information base for network adminstration. RMON calls them "undersize packets".

A giant is a packet that's oversize.

*****************************************
****************************

Networking Basics - Key Concepts in

Computer Networking
Begin your study of computer networking basics by exploring these key concepts and essential technologies.

What is (Computer) Networking?

Networking is the practice of linking computing devices together with hardware and software that supports
data communications across these devices.

Networking Basics Interactive Q&A

Answer this series of common questions about basic computer networking concepts to quickly expand your
knowledge of the topic.

Visual Networking Basics

This guide presents the essential concepts of computer networks in a sequence of visual illustrations designed
to teach networking basics by example.

Connecting Two Computers for File Sharing

The simplest kind of home network contains exactly two computers. You can use this kind of network to
share files, a printer or another peripheral device, and even an Internet connection. To connect two computers
for sharing network resources, consider these alternatives.

Network Routers
A router is a small hardware device that joins multiple networks together. These networks can include wired
or wireless home networks, and the Internet.

LAN - Local Area Network

A LAN supplies networking capability to a group of computers in close proximity to each other such as in an
office building, a school or a home. LANs are useful for sharing resources or applications like files, printers
and games.
What Is a Network Protocol?
Protocols serve as a language of communication among network devices. Network protocols like HTTP,
TCP/IP, and SMTP provide a foundation that much of the Internet is built on. Find out more about these
protocols and how they work.

TCP/IP - Transmission Control Protocol / Internet Protocol

TCP/IP provides connection-oriented communication between network devices. TCP/IP is very commonly
used both on the Internet and in home computer networks.
Firewall
A firewall guards a computer against unauthorized network access. Firewalls are one of the essential
elements of a safe home or business network.

Networking Basics: Ethernet

Ethernet is a physical and data link layer technology for local area networks (LANs). Ethernet is reliable and
inexpensive, the leading standard worldwide for building wired LANs.

Networking Basics: Switch

A network switch is a small hardware device that joins multiple computers together at a low-level network
protocol layer. Switches differ in important ways from both routers and hubs.

Network Addresses
Network addresses give computers unique identities they can use to communicate with each other.
Specifically, IP addresses and MAC addresses are used on most home and business networks.

A.
In the world of computers, networking is the practice of linking two or more computing devices together for
the purpose of sharing data. Networks are built with a mix of computer hardware and computer software.

Area Networks

Networks can be categorized in several different ways. One approach defines the type of network according
to the geographic area it spans. Local area networks (LANs), for example, typically reach across a single
home, whereas wide area networks (WANs), reach across cities, states, or even across the world. The Internet
is the world's largest public WAN.

Network Design

Computer networks also differ in their design.

The two types of high-level network design are called client-server and peer-to-peer. Client-server networks
feature centralized server computers that store email, Web pages, files and or applications. On a peer-to-peer
network, conversely, all computers tend to support the same functions. Client-server networks are much more
common in business and peer-to-peer networks much more common in homes.

A network topology represents its layout or structure from the point of view of data flow. In so-called "bus"
networks, for example, all of the computers share and communicate across one common conduit, whereas in
a "star" network, all data flows through one centralized device. Common types of network topologies include
bus, ring and mesh.

Network Protocols

In networking, the communication language used by computer devices is called the protocol. Yet another way
to classify computer networks is by the set of protocols they support. Networks often multiple protocols to
support specific applications. Popular protocols include TCP/IP, the most common protocol found on the
Internet and in home networks.

Wired vs Wireless Networking

Many of the same network protocols, like TCP/IP, work in both wired and wireless networks. Networks with
Ethernet cables has predominated in businesses, schools, and homes for several decades. Recently, however,
wireless networking alternatives have emerged as the premier technology for building new computer
networks.

Definition: Routers are physical devices that join multiple wired or wireless networks together. Technically,
a wired or wireless router is a Layer 3 gateway, meaning that the wired/wireless router connects networks (as
gateways do), and that the router operates at the network layer of the OSI model.

Home networkers often use an Internet Protocol (IP) wired or wireless router, IP being the most common OSI
network layer protocol. An IP router such as a DSL or cable modem broadband router joins the home's local
area network (LAN) to the wide-area network (WAN) of the Internet.

By maintaining configuration information in a piece of storage called the "routing table," wired or wireless
routers also have the ability to filter traffic, either incoming or outgoing, based on the IP addresses of senders
and receivers.

Some routers allow the home networker to update the routing table from a Web browser interface. Broadband
routers combine the functions of a router with those of a network switch and a firewall in a single unit.

Definition: A local area network (LAN) supplies networking capability to a group of computers in close
proximity to each other such as in an office building, a school, or a home. A LAN is useful for sharing
resources like files, printers, games or other applications. A LAN in turn often connects to other LANs, and
to the Internet or other WAN.

Most local area networks are built with relatively inexpensive hardware such as Ethernet cables, network
adapters, and hubs. Wireless LAN and other more advanced LAN hardware options also exist.

Specialized operating system software may be used to configure a local area network. For example, most
flavors of Microsoft Windows provide a software package called Internet Connection Sharing (ICS) that
supports controlled access to LAN resources.

The term LAN party refers to a multiplayer gaming event where participants bring their own computers and
build a temporary LAN.
LANs, WANs, and Other Area Networks
It’s about more than distance

Computer networks come in many different shapes and sizes. Over the years, the networking industry
has coined terms like "LAN" and "WAN" attempting to define sensible categories for the major types of
network designs. The precise meaning of this terminology remains lost on the average person, however.

Area Networks

For historical reasons, the industry refers to nearly every type of network as an "area network." The most
commonly-discussed categories of computer networks include the following -

• Local Area Network (LAN)

• Wide Area Network (WAN)
• Metropolitan Area Network (MAN)
• Storage Area Network (SAN)
• System Area Network (SAN)
• Server Area Network (SAN)
• Small Area Network (SAN)
• Personal Area Network (PAN)
• Desk Area Network (DAN)
• Controller Area Network (CAN)
• Cluster Area Network (CAN)

LANs and WANs were the original flavors of network design. The concept of "area" made good sense at this
time, because a key distinction between a LAN and a WAN involves the physical distance that the network
spans. A third category, the MAN, also fit into this scheme as it too is centered on a distance-based concept.

As technology improved, new types of networks appeared on the scene. These, too, became known as various
types of "area networks" for consistency's sake, although distance no longer proved a useful differentiator.

LAN Basics

A LAN connects network devices over a relatively short distance. A networked office building, school, or
home usually contains a single LAN, though sometimes one building will contain a few small LANs, and
occasionally a LAN will span a group of nearby buildings. In IP networking, one can conceive of a LAN as a
single IP subnet (though this is not necessarily true in practice).

Besides operating in a limited space, LANs include several other distinctive features. LANs are typically
owned, controlled, and managed by a single person or organization. They also use certain specific
connectivity technologies, primarily Ethernet and Token Ring.
WAN Basics

As the term implies, a wide-area network spans a large physical distance. A WAN like the Internet spans most
of the world!

A WAN is a geographically-dispered collection of LANs. A network device called a router connects LANs to
a WAN. In IP networking, the router maintains both a LAN address and a WAN address.

WANs differ from LANs in several important ways. Like the Internet, most WANs are not owned by any one
organization but rather exist under collective or distributed ownership and management. WANs use
technology like ATM, Frame Relay and X.25 for connectivity.

LANs and WANs at Home

Home networkers with cable modem or DSL service already have encountered LANs and WANs in practice,
though they may not have noticed. A cable/DSL router like those in the Linksys family join the home LAN to
the WAN link maintained by one's ISP. The ISP provides a WAN IP address used by the router, and all of the
computers on the home network use private LAN addresses. On a home network, like many LANs, all
computers can communicate directly with each other, but they must go through a central gateway location to
reach devices outside of their local area.

What About MAN, SAN, PAN, DAN, and CAN?

Future articles will describe the many other types of area networks in more detail. After LANs and WANs,
one will most commonly encounter the following three network designs:

A Metropolitan Area Network connects an area larger than a LAN but smaller than a WAN, such as a city,
with dedicated or high-performance hardware. [1]

A Storage Area Network connects servers to data storage devices through a technology like Fibre Channel.
[2]

A System Area Network connects high-performance computers with high-speed connections in a cluster
configuration.

Conclusion

To the uninitiated, LANs, WANs, and the other area network acroymns appear to be just more alphabet soup
in a technology industry already drowning in terminology. The names of these networks are not nearly as
important as the technologies used to construct them, however. A person can use the categorizations as a
learning tool to better understand concepts like subnets, gateways, and routers.
Network Topologies
Bus, ring, star, and all the rest

In networking, the term topology refers to the layout of connected devices on a network. This article
introduces the standard topologies of computer networking.

Topology in Network Design

One can think of a topology as a network's "shape" ... (see below)

... . This shape does not necessarily correspond to the actual physical layout of the devices on the network.
For example, the computers on a home LAN may be arranged in a circle, but it would be highly unlikely to
find an actual ring topology there.

Network topologies are categorized into the following basic types:

• bus
• ring
• star
• tree
• mesh

More complex networks can be built as hybrids of two or more of the above basic topologies.

Bus

Bus networks (not to be confused with the system bus of a computer) use a common
backbone to connect all devices. A single cable, the backbone functions as a shared
communication medium, that devices attach or tap into with an interface connector. A Bus Topology

device wanting to communicate with another device on the network sends a broadcast
message onto the wire that all other devices see, but only the intended recipient actually
accepts and processes the message.

Ethernet bus topologies are relatively easy to install and don't require much cabling compared to the
alternatives. 10Base-2 ("ThinNet") and 10Base-5 ("ThickNet") both were popular Ethernet cabling options
years ago. However, bus networks work best with a limited number of devices. If more than a few dozen
computers are added to a bus, performance
problems will likely result. In addition, if the
backbone cable fails, the entire network effectively
becomes unusable.

Ring

In a ring network, every device has exactly two

neighbors for communication purposes. All
messages travel through a ring in the same direction
(effectively either "clockwise" or
Ring Topology
"counterclockwise"). A failure in any cable or device breaks the loop and can take down the entire network.

To implement a ring network, one typically uses FDDI, SONET, or Token Ring technology. Rings are found
in some office buildings or school campuses.

Star

Many home networks use the star topology. A star network features a central connection point called a "hub"
that may be an actual hub or a switch. Devices typically connect to the hub with Unshielded Twisted Pair
(UTP) Ethernet.

Compared to the bus topology, a star network generally

requires more cable, but a failure in any star network
cable will only take down one computer's network access
and not the entire LAN. (If the hub fails, however, the
entire network also fails.)

Tree

Tree topologies integrate multiple star topologies together

onto a bus. In its simplest form, only hub devices connect
directly to the tree bus, and each hub functions as the
"root" of a tree of devices. This bus/star hybrid approach
supports future expandability of the network much better
Star Topology
than a bus (limited in the number of devices due to the
broadcast traffic it generates) or a star (limited by the
number of hub ports) alone.

Mesh

Mesh topologies involve the concept of routes. Unlike each of the previous topologies, messages sent on a
mesh network can take any of several possible paths from source to destination. (Recall that in a ring,
although two cable paths exist, messages can only travel in one direction.) Some WANs, like the Internet,
employ mesh routing.

Conclusion

Topologies remain an important part of network design theory. You can probably build a home or small
business network without understanding the difference between a bus design and a star design, but
understanding the concepts behind these gives you a deeper understanding of important elements like hubs,
broadcasts, ports, and routes.
Standard layered framework for network design

The Open Systems Interconnection (OSI) reference model has been an essential component of computer
network design since its inception in 1984. OSI is an abstract model, meaning that actual network
implementations need not adhere to it strictly. OSI is also a standards effort, a product of the International
Standards Organization (ISO). (And OSI is ISO spelled backwards, just to add to the fun). Although heavy
on theory, the OSI model still provides a practical, structured introduction to network design.

OSI Model Stack

The OSI model divides the complex task of host-to-host networking, traditionally called internetworking,
into layers. Layers in the OSI model are ordered from lowest level to highest in a stack. The OSI stack
contains seven layers in two groups:

Upper layers:

7. application
6. presentation
5. session

Lower layers:

4. transport
3. network
2. data link
1. physical

OSI Model Upper Layers

OSI designates the application, presentation, and session layers as "upper" layers. Generally speaking,
software in these layers performs application-specific functions like data formatting, encryption, and
connection management. Examples of upper layer technologies in the OSI model are HTTP, SSL and NFS.

OSI Model Lower Layers

The remaining lower layers provide more primitive network-specific functions like routing, addressing, and
flow control. Examples of lower layer technologies in the OSI model are TCP, IP, and Ethernet.

OSI Model Benefits

The layered approach in the OSI model offers several advantages to system implementers. By separating the
design into logical smaller pieces, vendors can more easily solve network design problems through divide-
and-conquer. A product from one vendor that implements OSI Layer 2 functionality, for example, will be
much more likely to interoperate with another vendor's OSI Layer 3 product because both vendors are
following the model. Finally, the OSI model makes network designs more extensible. New protocols and
other network services are generally easier to add to a layered architecture than to a monolithic one.
**********************************************

TCP/IP Network Concepts

As the Internet continues to grow, the use of Transmission Control Protocol/Internet Protocol (TCP/IP)
on internal networks increases. TCP/IP offers a widely deployed set of open protocol standards that are
well suited to forming wide area networks (WANs).

For each computer to identify itself on a TCP/IP network, each host must be uniquely identified by the
following information:

• An IP address A 32-bit field composed of four octets (8-bit numbers from 0 through 255).
Each address has decimal notation to separate octet numbers, such as 10.10.100.201.
• A subnet mask This indicates how the IP address is to be read. It also indicates how to
separate the network identifying information from the host identifying information and interprets
the IP address correctly. For example, if a subnet mask of 255.255.255.0 is applied for an
address 10.85.189.24, it indicates that the host number is 24, located on the 10.85.189
subnetwork.
• A default gateway This is used to specify the address for the nearest routing device that is
used by the host device to forward addressed packets on to the network.

One way to configure this address information is to have a network administrator or technician
manually enter these settings on each computer before it is joined to the local network. This type of
manually applied configuration is referred to as static IP addressing. It requires that all addresses are
recorded and centrally maintained by a network administrator. This provides an orderly procedure for
adding new devices and avoids problems that can arise from duplicating address assignments on the
network.

For small networks, adding new devices does not present a difficult problem. However, as networks
become larger or further divide into multiple subnetworks, integrating new devices into existing
networks becomes a significant chore for network administrators. In addition, this task may need to be
repeated each time a device is moved to a different subnetwork.

Although IP addressing is an efficient scheme that works optimally for computers and routers, network
users find common names for hosts (such as myserver.mycompany.com) much easier to remember
than IP addresses (such as 10.100.206.195). Further solutions for mapping user-friendly names to
assigned IP addresses simplify user access, but compound the existing administrative problems already
inherent in TCP/IP.

The following sections cover some of the accepted and proposed standards that have been drafted to
provide solutions for all of these TCP/IP shortcomings.

What Is DNS?

The Domain Name System (DNS) service was developed by the Internet Engineering Task Force (IETF)
as an attempt to standardize a way to map pairings of logical host names to actual IP addresses on a
TCP/IP network.
DNS is an acceptable method for resolving names to addresses, but it requires the use of host files, and
DNS servers must be overseen and updated manually as names and addresses are modified. This adds
to tasks that a TCP/IP network administrator must perform, although it does simplify network access for
users.

For DNS to work properly it requires the use of a name space. The DNS name space is hierarchical in
nature and allows host names to be stated in absolute or relative terms. Absolute names, or fully
qualified domain names (FQDNs) are defined from the root of the name space and uniquely identify a
node in the hierarchy. FQDNs end with a trailing dot. Relative names are represented relative to a name
in the hierarchy. For example, server.microsoft.com is a relative DNS name of a host defined from the
com part of the DNS name space hierarchy, which contains domain names of commercial organizations.

If the domain name of a company is:

mycompany.com

then the following domain names:

sales.mycompany.com

marketing.mycompany.com

are known as subdomains of the mycompany.com domain.

In addition to planning for domain hierarchies, the DNS service uses host files, which are flat text files
that pair DNS domain names and IP address pairings for hosts on the local network. Host files are used
by the DNS server to process and resolve name query requests forwarded by DNS clients initiating
communications on the local network. In nearly all cases where DNS is used, host files must be created
and updated manually for the DNS service to work properly for all hosts.

Because DNS is a supported standard for all TCP/IP networks, most internal networks that support
TCP/IP have no restrictions regarding the use of DNS services. Although other TCP/IP servers that are
not Windows-based can be made to function as DNS servers, Windows NT Server provides the option of
acting as a DNS server as well.

What Is WINS?

Windows Internet Naming Service (WINS) is another option for resolving host names on networks that
use Microsoft TCP/IP. It provides a distributed database for registering and querying dynamic computer
name-to-IP address mappings in a routed network environment. WINS uses the NetBIOS computer
name for any Windows-based network client to register each client in the WINS database on a
computer running Windows NT Server.

A WINS system consists of the following:

 • WINS server Runs on a Windows NT Server–based computer and handles name registration
requests from WINS clients and registers their names and IP addresses. The server also
responds to name queries from WINS clients by returning the IP address of the name being
queried (assuming the name is registered with the WINS server).
• WINS client Registers its name with the WINS server when it joins or leaves the network. The
client also queries the WINS server for remote name resolution.
• WINS proxy Helps resolve names on behalf of non-WINS clients. The proxy communicates
with the WINS server to resolve names (rather than maintaining its own database) and then
caches the names for a certain amount of time. The proxy serves as an intermediary between
the WINS server and the non-WINS client, either by communicating with the WINS server or by
supplying a name-to-IP address mapping from its cache. The presence of a WINS proxy in a
WINS system is dictated solely by the presence of non-WINS clients.

If you are administering a routed internal network, WINS is the best choice for NetBIOS name
resolution, because it is designed to solve the problems that occur with name resolution in a complex
internal network. WINS goes beyond eliminating the need for an LMHOSTS file (a hosts file of NetBIOS
names–to–IP address pairs) by reducing the use of local broadcasts for name resolution and allowing
users to easily locate systems on remote networks.

Using WINS provides the following benefits:

• In a dynamic network environment where host IP addresses can change frequently, WINS
provides an excellent way to dynamically register these changes as they occur.
• It centralizes management of the NetBIOS names-to-IP addresses mapping database, so that
there is no need to manage multiple LMHOSTS files across several servers on a network.
• It reduces IP broadcast traffic in a NetBIOS-based internal network, while allowing the clients to
locate remote systems across local or wide area networks easily.
• With WINS, users on a Windows NT–based network can browse transparently across routers (for
Windows NT domains that span multiple subnets). Browsing without WINS is complicated and
involves manual procedures.

For more information on TCP/IP networking, see the Networking Supplement in your Windows NT
Server documentation.

What Is DHCP?

The Dynamic Host Configuration Protocol (DHCP) was established to relieve the administrative burden
of manual configuration of TCP/IP hosts on the network. DHCP provides an alternative to static IP
addressing by enabling automatic configuration of the TCP/IP-related parameters when a DHCP client
becomes active on the local network.

Note DHCP provides a way of passing configuration information to hosts that is based on an earlier
protocol standard, known as the Bootstrap Protocol (BOOTP). BOOTP was conceived as a way to allow
diskless workstations to obtain TCP/IP configuration settings and perform a network "boot." DHCP uses
some of the same concepts as BOOTP, such as a shared message format, which allows existing BOOTP
clients to interoperate with DHCP servers. However, further additions to DHCP distinguish it from
BOOTP.

DHCP provides a safe, reliable, and simple TCP/IP network configuration. It ensures that address
conflicts do not occur and helps conserve the use of IP addresses by using centralized management of
address allocation. DHCP conserves addresses that are not in use by having the DHCP server reclaim an
address after the address lease period has elapsed.

The administrator controls how IP addresses are dynamically assigned by the DHCP server. To establish
DHCP service, you set several parameters that are used to manage dynamic assignment of IP
addresses. First, a lease period for each address is set. A lease specifies how long a computer can use
an assigned IP address before having to renew the lease with the DHCP server. Another parameter that
must be set for DHCP service is a scope. A scope indicates the available range of addresses that can be
used within DHCP assignment. The scope provides for an available pool of addresses for the DHCP
server to use when assigning and configuring clients. The scope exists only once for an entire
subnetwork, but it can be further defined by excluding reserved subranges of addresses from the pool
of assignable addresses allowed by the scope.

Setting up a DHCP environment provides three major benefits:

• It requires no additional address configuration for the workstation. Users do not need to know or
maintain their computer’s TCP/IP address configuration. This can be useful for mobile computer
users who use portable computers that are moved to different offices or subnets frequently.
• DHCP clients can be configured with additional TCP/IP parameters, such as the DNS server
address or WINS server addresses that are essential for successful name-to-IP address
resolution by a host.
• DHCP gives you better control of IP address assignment and management. For example, if the IP
address for a router in a network changes and 250 client computers have to be updated with the
new address, you do not have to manually reconfigure every workstation.

DHCP is based on a client/server model. The DHCP server runs on a server, such as a computer running
Windows NT Server. The DHCP client runs on a network client such as a workstation running
Windows 95 or Windows NT Workstation.

During system startup (the initializing state), a DHCP client computer sends a DHCP "discover" message
that is broadcast on the local network and can be forwarded to all the DHCP servers on the internal
network. Each DHCP server that receives the discover message responds with an "offer" message
containing an IP address and valid configuration information for the DHCP client computer that sent the
request.

The DHCP client then collects the configuration and enters a selecting state, where it chooses one of the
address "offers" provided by the DHCP servers. The client selects one of the offered configurations and
enters a requesting state. It then sends a "request" message to specify a request from that DHCP
server. The selected DHCP server sends an "acknowledgment" message that contains the address
requested, a valid lease for the address, and TCP/IP network configuration parameters for the client.
The client enters a bound state after receiving the acknowledgment from the server and can now
participate on the TCP/IP network.

Client computers with local disk storage save the received address for use during subsequent system
startup. As the lease approaches its expiration date, the client attempts to renew its lease with the
DHCP server. If the DHCP server that initially offered the lease is not available or the lease has expired,
the client repeats the process and gets a new configuration from any of the available DHCP servers.

The following three types of hosts can be active in a DHCP configuration process:
 • DHCP server Contains IP addresses, lease duration, and associated TCP/IP configuration
information. The DHCP server listens for client requests and processes them.
• DHCP client Gets its IP address and related TCP/IP configuration parameters from the DHCP
server during the initialization stage. The client also extends the lease on the IP address by
renewing the lease before it expires.
• DHCP relay agent A relay agent software (compliant with RFC 1542) assists in forwarding the
DHCP packets between subnets in a routed internal network. Usually, this component runs on
the routers.

For more information about setting up DHCP services, see your Windows NT Server documentation.

What Are Ports?

Ports are used in TCP/IP to name the ends of logical connections that carry long-term conversations. A
port gives transport protocols such as User Datagram Protocol (UDP) and Transmission Control Protocol
(TCP) the capability of handling communications between multiple hosts. It allows communication to be
uniquely identified. The WinSock Proxy service uses ports extensively to provide a way of redirecting
applications.

For the purpose of providing services to unknown callers, a service contact port is defined. Each
WinSock Proxy–enabled application specifies a port to be used as the contact port on the server for TCP
or UDP. The contact port is sometimes called the "well-known port." To some extent, these same port
assignments are used with UDP. To use UDP, the application must supply the IP address and port
number of the destination application.

Ports are identified by a positive integer. Originally, the assigned ports available were in the range from
0 through 255. Currently, the range for assigned ports has been expanded to allow 4-digit port numbers
up to 9,999. The assigned ports use a small portion of the range of possible port numbers, allowing
other unassigned port numbers to be designated as alternatives if the initial port is not available or is to
be used for new custom server applications.

Ports can be designated to use either TCP or UDP as the transport-level protocol that specifies how
ports send and receive data. In addition, port assignments are enabled separately for inbound ports and
outbound ports on Microsoft Proxy Server. Inbound ports are used to listen for client requests from
Internet clients, and outbound ports are used to listen for requests from clients on the internal network.