FIRST CLASS LECTURE

Book For CCNA + Author Todd Lamle Published By Cybix.

What is a Network
Group of computers joint together for sharing data & resource.
A network is a computer system that allows people to share files
and peripherals like printers, CD-ROMs, Scanners, and what
ever else is available

Network Types
1. LAN
2. WAN

LAN----> Local Area Network

Local area network is a network which is inside the building or floor
* Connect computers in a single room, department, building, or site.
* Allow sharing of peripherals (disks, printers etc.)
* Allow sharing of data (eg: patient information)
* Provides facilities for local email.
* Relatively high speed. On many LANs, you will hardly notice the difference
Between using a peripheral on your own desk top computer, and using a
Remote peripheral on a machine down the corridor, or on the other side of the site.
* Wired or wire-free
* Increasing integration with other services eg: voice, video - "multimedia"

WAN---> Wide Area Network

* Like network amount different cities is called a wide area network.
* Connects together computers over long distances (eg: across the world)
* Made up of two or more LANs connected together.
* Normally have lower functionality than a LAN. Sometimes only email.
* Normally provide access to information (eg: bulletin boards)
* Traditionally, these provide much lower performance than LANs.
You wouldn't want to use a remote disk drive across a WAN for your
word processing. The bandwidth of WAN connections can be very high,
but they are shared by large numbers of people, making the bandwidth
per person relatively low.
* The internet is a very big WAN indeed, connecting hundreds of thousands
of computers in dozens of countries
Data Communication on LAN is also called as Packet Transfer.
Types Of Packets.
UNICAST U/C - In unicast systed data packets are sent from one device to
another device only, It is like 1 to 1 communication.

MULTICAST M/C - In multicast system data packets are sent to a particular

group so that all the members of that group can access it.
It is like 1 to Many relationship

BROADCASTB/C - In broadcast system packets are sent to all the host, each
and every user on the network will receive it.
Exp : When virus attack on the network it send broadcast message
to all the users to effect them.
Exp : when a user login to the network it send a broadcast
message on the network to find the DHCP server, no all the host
server receives this message but only DHCP respond to the
message as it belong to it

Ethernet Card / LAN Card / MIC

Ethernet Card / LAN Card / MIC All these names are of the same devise which is
used to connect the network cable to the computer.
All the Ethernet card posseses a unique MAK Address which is a 48 Bit address
IEEE is a corporation which is responsible for maintaining uniqueness of the
MAK address in the world.This 48 Bit Mak address is in hexadecimal form
Hexadecimal 0-9&A-F
IEEE has sub divided this Mak address into two part each of 24 Bits
The first 24Bit part of this MAK address is maintained and Given by IEEE
itself to the manufacturer and the second 24Bit part is givien to the
Ethernet Card manufacturing company which is called as OUI (Organization
Unique Identifier) to maintain uniquely
MAK Address
24 Bit 24 Bit
IEEE Manufacturers
90001 Motorolla
100001
100002
100003

90002 US Robotics
100001
100002
100003

90003 MSI
100001
 100002
100003

ipconfig Command

When you type ifconfig you get the information as shown in above image

Topologies
1. Method of connecting the computers to the network
2. Network Topologies. Network topologies describe the ways that computers
and peripherals (nodes) are connected together in a network.

Type Of TOPOLOGIES
1. Bus Topology
3. Star Topology
2. Ring Topology

1. Bus Topology / Bus Networks

In the Bus Network, messages are sent in both directions from a single point and are read
by the node (computer or peripheral on the network) identified by the code with the message.
Most Local Area Networks (LANs) are Bus Networks because the network will continue to
function even if one computer is down.
The purpose of the terminators at either end of the network is to stop the signal being
reflected back.
The signals in this method used to move back and fother and caused collision of packet which made
the network slower.

3. Star Topology / Star Network

In a Star Network, all the nodes (PCs, printers and other shared peripherals) are connected
to the central server.
The advantage of Star Networks is that one node that is not working properly will not affect the
rest of the network. It is very easy to add and remove nodes. It can be more expensive because
it uses more cabling than other topologies. If the central server goes down, then no one can
use the network.

HUB ----> Network Hubs: A network hub is called in many different names such as
concentrator, multistation access unit, transceiver, or repeater.
It serves two purposes. First, they provide an easy way to connect network
cables. Second, hubs act as repeaters or amplifiers
Failure of HUBS was the port inside the HUBS were connected through bus
topology so the problem of packet collision happened here as well

Protocols A network communications protocol is a set of procedures for establishing

and controlling communications, It governs format, timing, sequencing,
and error control.

CSMA/CD Carrier Sense Multiple Access Collision Detection

This system was introduced in HUBS so that they can be little intelligent
The use of this system was to avoid the collision of Packets.
CSMA/CD sense the network availability weather it is free to transfer packet
or there is already and commnication going on, its tranffers the packets
when its sense the network is free. But still the rate of packet collision
decreased but did not finished as if two host sense the network together
and find it available for communication and send the packet again it collides
Bridges Bridges were introduced to further decrease the rate of packet collision
during the network communication.
* A network bridge is an abstract device that connects multiple network
segments along the data link layer

Switch A network switch is a computer networking device that connects network segments.
It uses the logic of a Network bridge but allows a physical and logical star topology
Switch is an intelligent device.

ASIC Application specified integrated circuit.

ASIC is a chip used in switches to make it intelligent.
ACIS is responsible to maintain a MAK address table of the Hosts.

Port No MAC Address

1 AA
2 BB
3 CC
4 DD
5 EE
6 FF

Swtich

SWITCH ASIC
Ports
1 2 3 4 5 6

Hosts AA BB CC DD EE FF

If Host AA want to communicate with Host BB it will send message to ASIC

then ASCI will check in the MAK Address table the port no of BB to send
the packets, in this way the packet will straight go to BB intead of disturbing
all the host. ASIC is an intelligent system and it builds its MAK Add table with
the time as it gets requests from the host.
2. Ring Topology / Ring Networks

In this Topology used ARN Net Card instead of

LAN Card

Method used in this topology for packet transfer

was called Tocken Passing.

All the nodes in a Ring Network are connected in a closed circle of cable.Messages that
are transmitted travel around the ring until they reach the computer that they are addressed
to, the signal being refreshed by each node. There may or may not be a fileserver.
The advantage of ring networks is that they can be larger than bus or star because the
signal is regenerated by each node.
A disadvantage is that the network goes down if one node is inoperable. Data clashes
can also occur if two machines send messages at the same time. Tokens or electronic
signals that travel around the ring were invented to solve this problem.
In a Token Ring Network, a computer can only send a message when the token is
with it at the time. Failure of this topology was single piont of failure,
problem at any point destry the whole network

Things to consider for Designing a Network

1. Scalability How much a network can be extended in future in case of more users
2. Availability. In case of a problem in the network what will be the availabily of
services & network
3. Feasibility. In the future how new technologies will be added to the network.
What is Network Cabling?
Cable is the medium through which information usually moves from one network device to another.
There are several types of cable which are commonly used with LANs. In some cases, a network
will utilize only one type of cable, other networks will use a variety of cable types.
The type of cable chosen for a network is related to the network's topology, protocol, and size.
Understanding the characteristics of different types of cable and how they relate to other aspects
of a network is necessary for the development of a successful network.
The following sections discuss the types of cables used in networks and other related topics.

1. Unshielded Twisted Pair (UTP) Cable

2. Shielded Twisted Pair (STP) Cable
3. Coaxial Cable
4. Fiber Optic Cable

Unshielded Twisted Pair (UTP) Cable

Twisted pair cabling comes in two varieties: shielded and unshielded.
Unshielded twisted pair (UTP) is the most popular and is generally the best option
for school networks (See fig. 1).
EMI - Electromagnetic Induction - These radiation can effect UTP cable as they are unshielded
RMI - Radiamagnetic Induction - These radiation can effect UTP cable as they are unshielded

Fig.1. Unshielded twisted pair

The quality of UTP may vary from telephone-grade wire to extremely high-speed cable.
The cable has four pairs of wires inside the jacket. Each pair is twisted with a different number
of twists per inch to help eliminate interference from adjacent pairs and other electrical devices.
The tighter the twisting, the higher the supported transmission rate and the greater the cost per foot.
The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association) has
established standards of UTP and rated five categories of wire.

Categories of Unshielded Twisted Pair

Type Use
Category 1 Voice Only (Telephone Wire)
Category 2 Data to 4 Mbps (LocalTalk)
Category 3 Data to 10 Mbps (Ethernet)
Category 4 Data to 20 Mbps (16 Mbps Token Ring)
Category 5 Data to 100 Mbps (Fast Ethernet)
Buy the best cable you can afford; most schools purchase Category 3 or Category 5.
If you are designing a 10 Mbps Ethernet network and are considering the cost savings
of buying Category 3 wire instead of Category 5, remember that the Category 5 cable
will provide more "room to grow" as transmission technologies increase. Both Category 3
and Category 5 UTP have a maximum segment length of 100 meters. In Florida, Category 5

cable is required for retrofit grants. 10BaseT refers to the specifications for unshielded twisted
pair cable (Category 3, 4, or 5) carrying Ethernet signals. Category 6 is relatively new and is
used for gigabit connections.

Unshielded Twisted Pair Connector

The standard connector for unshielded twisted pair cabling is an RJ-45 connector.
This is a plastic connector that looks like a large telephone-style connector (See fig. 2).
A slot allows the RJ-45 to be inserted only one way. RJ stands for Registered Jack,
implying that the connector follows a standard borrowed from the telephone industry.
This standard designates which wire goes with each pin inside the connector.

Fig. 2. RJ-45 connector

Shielded Twisted Pair (STP) Cable

A disadvantage of UTP is that it may be susceptible to radio and electrical frequency interference.
Shielded twisted pair (STP) is suitable for environments with electrical interference; however,
the extra shielding can make the cables quite bulky. Shielded twisted pair is often used on
networks using Token Ring topology.

Coaxial Cable
Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation
between the center conductor and a braided metal shield (See fig. 3). The metal shield helps to
block any outside interference from fluorescent lights, motors, and other computers.

Fig. 3. Coaxial cable

Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition,
it can support greater cable lengths between network devices than twisted pair cable.
The two types of coaxial cabling are thick coaxial and thin coaxial.
Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin
coaxial cable carrying Ethernet signals. The 2 refers to the approximate maximum segment l
ength being 200 meters. In actual fact the maximum segment length is 185 meters.
Thin coaxial cable is popular in school networks, especially linear bus networks.
Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick
coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500
meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away
from the center conductor. This makes thick coaxial a great choice when running longer lengths
in a linear bus network. One disadvantage of thick coaxial is that it does not bend easily and is
difficult to install.

Coaxial Cable Connectors

The most common type of connector used with coaxial cables is the Bayone-Neill-Concelman
(BNC) connector (See fig. 4). Different types of adapters are available for BNC connectors,
including a T-connector, barrel connector, and terminator. Connectors on the cable are the
weakest points in any network. To help avoid problems with your network, always use the
BNC connectors that crimp, rather than screw, onto the cable.

Fig. 4. BNC connector

Fiber Optic Cable

Fiber optic cabling consists of a center glass core surrounded by several layers of protective
materials (See fig. 5). It transmits light rather than electronic signals eliminating the problem
of electrical interference. This makes it ideal for certain environments that contain a large
amount of electrical interference. It has also made it the standard for connecting networks
between buildings, due to its immunity to the effects of moisture and lighting.
Fiber optic cable has the ability to transmit signals over much longer distances than coaxial
and twisted pair. It also has the capability to carry information at vastly greater speeds.
This capacity broadens communication possibilities to include services such as video
conferencing and interactive services. The cost of fiber optic cabling is comparable to
copper cabling; however, it is more difficult to install and modify. 10BaseF refers to
the specifications for fiber optic cable carrying Ethernet signals.

Fig.5. Fiber optic cable

Facts about fiber optic cables:
* Outer insulating jacket is made of Teflon or PVC.
* Kevlar fiber helps to strengthen the cable and prevent breakage.
* A plastic coating is used to cushion the fiber center.
* Center (core) is made of glass or plastic fibers.

Fiber Optic Connector

The most common connector used with fiber optic cable is an ST connector.
It is barrel shaped, similar to a BNC connector. A newer connector, the SC, is
becoming more popular. It has a squared face and is easier to connect in a confined space.
Ethernet Cable Summary
Specification Cable Type Maximum length
10BaseT Unshielded Twisted Pair 100 meters
10Base2 Thin Coaxial 185 meters
10Base5 Thick Coaxial 500 meters
10BaseF Fiber Optic 2000 meters
100BaseT Unshielded Twisted Pair 100 meters
100BaseTX Unshielded Twisted Pair 220 meters
 SECOND CLASS LECTURE

DATA COMMUNICATIONS

1.. Simplex,
2.. Half-Duplex
3.. Full Duplex

Introduction
This section briefly discusses the modes of channel operation, namely, simplex,
half-duplex and full-duplex operation. Each is suited a particular type of application,
and has its own advantages and disadvantages.

Objectives
At the end of this section you should be able to

* Describe the operation of simplex, half-duplex and full-duplex channel operation

* Identify a given example as one of simplex, half-duplex and full-duplex channel operation

Modes of Channel Operation

1. Simplex
Data in a simplex channel is always one way. Simplex channels are not often used
because it is not possible to send back error or control signals to the transmit end.

It's like a one way street. An example of simplex is Television, or Radio.

The simplex channel also corresponds directly to Shannon's model of
communication discussed earlier.
2. Half Duplex
A half-duplex channel can send and receive, but not at the same time. It's like a
one-lane bridge where two way traffic must give way in order to cross.
Only one end transmits at a time, the other end receives.
In addition, it is possible to perform error detection and request the sender to
retransmit information that arrived corrupted. In some aspects, you can think
of Internet surfing as being half-duplex, as a user issues a request for a web
document, then that document is downloaded and displayed before the user
issues another request.

Another example of half-duplex is talk-back radio, and CB Radio

(Citizens Band). You might have seen movies where truckies
(drivers of very big trucks) communicate to each other, and when
they want the other person to speak they say "over".
This is because only one person can talk at a time.

3. Full Duplex
Data can travel in both directions simultaneously. There is no need to switch from
transmit to receive mode like in half duplex. Its like a two lane bridge on a two-lane
highway. Have you ever watched these television talk shows where the host has a
number of people on the show, and they all try to talk at once. Well, that's full duplex!

Of course, in the world of data communications, full duplex allows both

way communication simultaneously. An example can be a con+B76sumer
which uses a cable connection to not only receive TV channels,
but also the same cable to support their phone and Internet surfing.
All these activities can occur simultaneously.
Summary
The three modes of channel operation are simplex, half-duplex and full-duplex.
Simple is a one way communication and there is no means of informing the
sender to retransmit data in case of errors. There is however a good example
of the retransmission of data, and that is TeleText, which sends text based
data on top of a Television signal. A special decoder displays the Teletext
data as a series of pages. These pages are sequenced and repeated,
so if a page arrives corrupted, the user just needs to wait a little while till it is resent.
Half-duplex and full-duplex are the other two methods. As telephone companies
become more aware of the added services that customers require, such as
Internet access and Television, it is probable that a single connection to
your home will provide you with a range of services, which you can use.
This would require a full-duplex connection.

THE STANDARDS ORGANIZATIONS

There are many standards organizations around the world; here in Australia our standards
body is Standards Australia. In America there is the ANSI (American National Standards
Institute, the world wide standards organization is the ISO (International Standards
Organization). The purpose of standards organizations is to formulate a common set of rules
for everyone in an industry to follow, in this case to specify a cabling system for commercial
premises that is non-exclusive and will support a multi product multi vendor industry. The 568
standards were actually developed by the TIA (Telecommunications Industry Association) and
the EIA (Electronics Industry Association) in America to reduce confusion in their industry.
These were then adopted by other standards organizations around the world.

The AT&T "Standard"

Before the TIA/EIA standard was created in 1985 AT&T the giant telecommunications
company had been developing at its research labs newer and faster computer networks. These
networks were designed to run over existing telecommunications infrastructure, this used
USOC as its termination method (described later in this document). To provide backward
compatibility for a single line phone AT&T created its own way of terminating cables for UTP
networks; this specification was named 258A. 258A started to become well known and widely
used (especially in the USA) and UTP networks became more and more popular
TIA/EIA Standard
In 1985 many companies from the telecommunications industry, becoming
concerned about the lack of a third party premises cabling standard and
their governing body the CCIA (Computer Communications Industry
Association) requested that the EIA (Electronics Industry Association)
develop this standard. The first draft of the standard wasn’t released
until July of 1991 this was given the name EIA/TIA-568. Although similar
to the existing AT&T method of terminating twisted pair cables the new
standard provided backward compatibility for phones that used two pairs
instead of just one – enabling them to operate on pairs 1 and 2.
Later in 1991 a Technical Systems Bulletin (TSB-36) was released with
references to category 4 and 5 cables. Twelve months later TSB-40 was
published addressing higher speed UTP for hardware connecting,
this was revised in January of 1994 to include RJ45 modular jacks and
fly leads. At this time TIA/EIA-568 was also revised and renamed
TIA/EIA 568A, the existing AT&T standard 258A was included
and referred to as TIA/EIA-568B. As both these standards were
popular and widely used they were both adopted into the International
Standards titled Generic Cabling for Customer Premises Cabling
(ISO/IEC 11801:1995).

Technical Specifications

Group of computers joint together for sharing data & resource.

In figure 1.1 you can see the TIA/EIA 568B standard.
Once again note the position of the green/white green and orange/white orange pairs.

DCE and DTE Devices

Two terms you should be familiar with are DTE and DCE. DTE stands for
Data Terminal Equipment, and DCE stands for Data Communications Equipment.
These terms are used to indicate the pin-out for the connectors on a device
and the direction of the signals on the pins. Your computer is a DTE device,
while most other devices are usually DCE devices.
If you have trouble keeping the two straight then replace the term
"DTE device" with "your PC" and the term "DCE device" with "remote device"
in the following discussion.
The RS-232 standard states that DTE devices use a 25-pin male
connector, and DCE devices use a 25-pin female connector. You can
therefore connect a DTE device to a DCE using a straight pin-for-pin
connection. However, to connect two like devices, you must instead
use a null modem cable. Null modem cables cross the transmit and
receive lines in the cable, and are discussed later in this chapter.
The listing below shows the connections and signal directions for
both 25 and 9-pin connectors
OSI SEVEN-LAYERS MODEL
In the 1980s, the European-dominated International Standards Organization (ISO),
began to develop its Open Systems Interconnection (OSI) networking suite.
OSI has two major components: an abstract model of networking (the Basic
Reference Model, or seven-layer model), and a set of concrete protocols.
The standard documents that describe OSI are for sale and not currently available online.
Parts of OSI have influenced Internet protocol development, but none more than
the abstract model itself, documented in OSI 7498 and its various addenda.
In this model, a networking system is divided into layers. Within each layer,
one or more entities implement its functionality. Each entity interacts directly only
with the layer immediately beneath it, and provides facilities for use by the layer above it.
Protocols enable an entity in one host to interact with a corresponding entity at the
same layer in a remote host.

Application layer User application 1 ...

Encryption/ compression/ Choice of
Presentation layer decryption expansion syntax
Session to
Session Session Transport Session
Session layer control synch. mapping management
Layer and flow Error
Transport layer control recovery Multiplexing
Connection
Network layer control Routing Addressing
Data link Error Flow
Link layer establishment control control Synch Framing
 Access to Physical and Activation/
Physical layer transm. media electrical interface deactivation of con.

The seven layers of the OSI Basic Reference Model are (from bottom to top):
1. The Physical Layer describes the physical properties of the various
communications media, as well as the electrical properties and interpretation
of the exchanged signals. Ex: this layer defines the size of Ethernet coaxial cable,
the type of BNC connector used, and the termination method.

2. The Data Link Layer describes the logical organization of data bits
transmitted on a particular medium. Ex: this layer defines the framing,
addressing and checksumming of Ethernet packets.

3. The Network Layer describes how a series of exchanges over various

data links can deliver data between any two nodes in a network. Ex: this layer
defines the addressing and routing structure of the Internet.

4. The Transport Layer describes the quality and nature of the data delivery.
Ex: this layer defines if and how retransmissions will be used to ensure data delivery.

5. The Session Layer describes the organization of data sequences larger

than the packets handled by lower layers. Ex: this layer describes how request
and reply packets are paired in a remote procedure call.
It maintains, keept and terminates different application data seperately.
it created a virtual session for the date from different spplication and also
controls the methods of communication, ie. Simplex,half duplex & full duplex.

6. The Presentation Layer describes the syntax of data being transferred.

Ex: this layer describes how floating point numbers can be exchanged between
hosts with different math formats.
Responsible For
Compression
Deconpression
Increption
Decreption

7. The Application Layer describes how real work actually gets done.
Ex: this layer would implement file system operations.
User interface takes place at application layer,
Application and protocols which provides user interface and require network
access work on application layer of OSI.
Eg. Outlook Express, Internet Explorer, FTP, SMTP, HTTP Etc.
Application layer is also responsible for checking weather the itendid
communication partner is alive or not.
The original Internet protocol specifications defined a four-level model,
and protocols designed around it (like TCP) have difficulty fitting neatly into
the seven-layer model. Most newer designs use the seven-layer model.

\begin{soapbox}
The OSI Basic Reference Model has enjoyed a far greater acceptance than the
OSI protocols themselves. There are several reasons for this. OSI's committee-based
design process bred overgrown, unimaginative protocols that nobody ever accused
of efficiency. Heavy European dominance helped protect their investments in X.25
(CONS is basically X.25 for datagram networks). Perhaps most importantly, X.25
data networks never caught people's imagination like the Internet, which, with a
strong history of free, downloadable protocol specifications, has been loath to
embrace yet another networking scheme where you have to pay to figure how
things work.

And why should we? OSI's biggest problem is that doesn't really offer anything new.
The strongest case for its implementation comes from its status as an "international standard",
but we already have a de facto international standard - the Internet. OSI protocols will
be around, but its most significant contribution is the philosophy of networking represented
by its layered model.
If the Internet community has to worry about anything, it's the danger of IETF turning
into another ISO - a big, overgrown standards organization run by committees,
churning out thousands of pages of rubbish, and dominated by big business players
more interested in preserving investments than advancing the state of the art.
 THIRD CLASS LECTURE

Transport Layer.
Segmentation of Data takes place at transport layer, In transport layer date is
called as segments, it uses two protocols.
1.. TCP
2.. UDP

1 . . TCP Protocol Overview

TCP is a reliable protocol and is connection oriented, It does data segmentation
for reliable data transfer. Date is divided into part with a sequence numbers to
re-assembling.
The Transmission Control Protocol (TCP), documented in RFC 793,
makes up for IP's deficiencies by providing reliable, stream-oriented connections
that hide most of IP's shortcomings. The protocol suite gets its name because most
TCP/IP protocols are based on TCP, which is in turn based on IP.
TCP and IP are the twin pillars of TCP/IP.
TCP adds a great deal of functionality to the IP service it is layered over:

Streams:
TCP data is organized as a stream of bytes, much like a file.
The datagram nature of the network is concealed. A mechanism
(the Urgent Pointer) exists to let out-of-band data be specially flagged.

Reliable delivery:
Sequence numbers are used to coordinate which data has been transmitted
and received. TCP will arrange for retransmission if it determines that data
has been lost.

Network adaptation:
TCP will dynamically learn the delay characteristics of a network and adjust
its operation to maximize throughput without overloading the network.

Flow control.
TCP manages data buffers, and coordinates traffic so its buffers will never overflow.
Fast senders will be stopped periodically to keep up with slower receivers.

Full-duplex Operation
No matter what the particular application, TCP almost always operates full-duplex.
The algorithms described below operate in both directions, in an almost completely
independent manner. It's sometimes useful to think of a TCP session as two
independent byte streams, traveling in opposite directions. No TCP mechanism
exists to associate data in the forward and reverse byte streams. Only during
connection start and close sequences can TCP exhibit asymmetric behavior
(i.e. data transfer in the forward direction but not in the reverse, or vice versa).

Sequence Numbers
TCP uses a 32-bit sequence number that counts bytes in the data stream.
Each TCP packet contains the starting sequence number of the data in
that packet, and the sequence number (called the acknowledgment number)
of the last byte received from the remote peer. With this information,
a sliding-window protocol is implemented. Forward and reverse sequence
numbers are completely independent, and each TCP peer must track both
its own sequence numbering and the numbering being used by the remote peer.
TCP uses a number of control flags to manage the connection. Some of these
flags pertain to a single packet, such as the URG flag indicating valid data in
the Urgent Pointer field, but two flags (SYN and FIN), require reliable delivery
as they mark the beginning and end of the data stream. In order to insure
reliable delivery of these two flags, they are assigned spots in the sequence
number space. Each flag occupies a single byte.

Window Size and Buffering

Each endpoint of a TCP connection will have a buffer for storing data that is
transmitted over the network before the application is ready to read the data.
This lets network transfers take place while applications are busy with other
processing, improving overall performance.

To avoid overflowing the buffer, TCP sets a Window Size field in each
packet it transmits. This field contains the amount of data that may be
transmitted into the buffer. If this number falls to zero, the remote TCP
can send no more data. It must wait until buffer space becomes available
and it receives a packet announcing a non-zero window size.

Sometimes, the buffer space is too small. This happens when the network's
bandwidth-delay product exceeds the buffer size.
The simplest solution is to increase the buffer, but for extreme cases
the protocol itself becomes the bottleneck (because it doesn't support a
large enough Window Size). Under these conditions, the network is
termed an LFN (Long Fat Network - pronounced elephant).
RFC 1072 discusses LFNs.

Round-Trip Time Estimation

When a host transmits a TCP packet to its peer, it must wait a period of
time for an acknowledgment. If the reply does not come within the
expected period, the packet is assumed to have been lost and the data is
retransmitted. The obvious question - How long do we wait? - lacks a
simple answer. Over an Ethernet, no more than a few microseconds should
be needed for a reply. If the traffic must flow over the wide-area Internet,
a second or two might be reasonable during peak utilization times. If we're
talking to an instrument package on a satellite hurtling toward Mars,

minutes might be required before a reply. There is no one answer to the

question - How long?
All modern TCP implementations seek to answer this question by monitoring
the normal exchange of data packets and developing an estimate of how long
is "too long". This process is called Round-Trip Time (RTT) estimation.
RTT estimates are one of the most important performance parameters
in a TCP exchange, especially when you consider that on an indefinitely
large transfer, all TCP implementations eventually drop packets and
retransmit them, no matter how good the quality of the link. If the RTT
estimate is too low, packets are retransmitted unnecessarily; if too high,
the connection can sit idle while the host waits to timeout.
egmentation

d connections
e because most

ll never overflow.

ates full-duplex.
most completely

mechanism
remote peer.

able delivery
 FOURTH CLASS LECTURE

UDP - User Datagram Protocol

UDP takes messages from application process, attaches source and destination port
number fields for the multiplexing/demultiplexing service, adds two other fields of
minor importance, and passes the resulting "segment" to the network layer. The
network layer encapsulates the segment into an IP datagram and then makes a best-
effort attempt to deliver the segment to the receiving host. If the segment arrives at
the receiving host, UDP uses the port numbers and the IP source and destination
addresses to deliver the data in the segment to the correct application process. Note
that with UDP there is no handshaking between sending and receiving transport-
layer entities before sending a segment. For this reason, UDP is said to be
connectionless.

The User Datagram Protocol (UDP) supports network applications that need to
transport data between computers. Applications that use UDP include client/server
programs like video conferencing systems. Although UDP has been in use for many
years -- and overshadowed by more glamorous alternatives -- it remains an
interesting and viable technology.
UDP -- like its cousin the Transmission Control Protocol (TCP) -- sits directly on
top of the base Internet Protocol (IP). Recalling the Open Systems Interconnection
(OSI) model of networking, UDP (and TCP) are transport layer protocols as shown
below.

In general, UDP implements a fairly "lightweight" layer above the Internet Protocol.
UDP's main purpose is to abstract network traffic in the form of datagrams. A
datagram comprises one single "unit" of binary data; the first eight (8) bytes of a
datagram contain the header information and the remaining bytes contain the data
itself.

UDP Headers
The UDP header consists of four (4) fields of two bytes each:
* Source port number
* Destination port number
* Datagram size
* Checksum
 UDP in the OSI Reference Model

Application-layer Underlying Transport

Application protocol Protocol
electronic mail SMTP TCP
remote terminal access Telnet TCP
Web HTTP TCP
file transfer FTP TCP
remote file server NFS typically UDP
streaming multimedia proprietary typically UDP
Internet telephony proprietary typically UDP
Network Management SNMP typically UDP
Routing Protocol RIP typically UDP
Name Translation DNS typically UDP
Figure 3.1-1: Popular Internet applications and their underlying
transport protocols.

UDP Segment Structure

The UDP segment structure, shown in Figure 3.3-2, is defined in [RFC 768].

Figure 3.3-2: UDP segment structure

The application data occupies the data field of the UDP datagram. For example, for
DNS, the data field contains either a query message or a response message. For a
streaming audio application, audio samples fill the data field. The UDP header has
only four fields, each consisting of four bytes. As discussed in the previous section,
the port numbers allow the destination host to pass the application data to the correct
process running on that host (i.e., perform the demultiplexing function). The
checksum is used by the receiving host to check if errors have been introduced into
the segment during the course of its transmission from source to destination. (Basic
principles of error detection are described in Section 5.2.).

TCP UDP
* Connection Oriented Connection Less
* Reliable No Relaiability
* Creates Viartual Circuits No Virtual Circuits
prior to sending data Send Data Immediately
* 3 way hand shake methods is NO
used to create virtual circuits
* Provides sequence nos to each Doesn't provide acknowledgement.
segment
* Requires acknowledgement NO
* Flow Control NO
* Windowing NO

Port No
Port no are used to identify application layer protocols.
1-1024 are well known protocols
Below are some of the famous known port nos

Port Protocol
20 FTP
23 Telnet
25 SMTP - Simple Mail Transfer Protocol
37 Time Protocol
57 MTP - Mail Transfer Protocol
53 DNS - Domain Name System
80 HTTP - HyperText Transfer Protocol
115 SFTP - Simple File Transfer Protocol
38 RAP - Internet Route Access Protocol
69 TFTP - Trivial File Transfer Protocol
995 pop3 over TLS/SSL (was spop3).
Network Layer
Software and IP addressing takes place at Network Layer.
Network layer is also responsible for tracking of devices on the internetwork.
More than one network is joint together by routers is called internetwork

Riyadh Network

Dammam Network Jeddah Network

Router
Network

Describes how a series of exchanges over various data links can deliver
data between any two nodes in a network.
Ex: this layer defines the addressing and routing structure of the Internet.

Router
What is a Router.
On the Internet, a router is a device or, in some cases, software in a
computer, that determines the next network point to which a packet
should be forwarded toward its final destination. The router is connected
to at least two networks and decides which way to send each information
packet based on its current understanding of the state of the networks it
is connected to. A router is located at any juncture of networks or gateway,
including each Internet point-of-presence. A router is often included as part
of a network switch.
A router creates or maintains a table of the available routes and their
conditions and uses this information along with distance and cost algorithms
to determine the best route for a given packet. Typically, a packet may
travel through a number of network points with routers before arriving
at its destination
Router are used to divide broadcast domain.

Router

Broadcast Broadcast
Domain 1 Domain 2
 Broadcast
Domain 3
3 broadcast domain joint together by a Router

A Network in which one systems initiates a broadcast & that broadcast

reaches each and every device connected to that network then this network
belong to a single broadcast domain.
Structure OF a Router
A Router is divided into four parts
ROUTER

Flosh NVRAM DRAM ROM Post

EEPROM Non Volatile Ram RAM Mini IOS
IOS Hardisk

Internet Operating System Startup Configuration Running Configuration Mini Operating System

IP Address
IP was created as a way to hide the complexity of physical addressing by creating
a virtual addressing scheme that is independent of the underlying network.
IP does not ensure that data is delivered to the
application in the appropriate order; that responsibility is left to upper-layer
protocols such as TCP and UDP.
Note: IP is a connectionless, Network-layer protocol
An IP address is 32 bits long. The bits can be broken down into four bytes.
Each byte is expressed in decimal form and separated from other bytes by a
dot (that is, x.x.x.x). This is called dotted-decimal format.
Each bit within a byte carries a binary weight (starting from left to right)
of 128, 64, 32, 16, 8, 4, 2, 1. If you add up these values,
you get a range of 0–255 for each byte

For example, one byte can be translated from binary format to

decimal format as follows:

128 64 32 16 8 4 2 1
0 . 1 . 1 . 1 . 0 . 0 . 0 . 1 = 113

Parts Of IP Addresses
There are two parts of an IP Address.
1 Network Part
2 Host Parts
Classes Of IP Addresses
IP addressing has been broken down into five separate classes based
on the number of maximum hosts required by the network.

Classes Range
Class A. Network Host Host Host 1 - 127
Class B. Network Network Host Host 128 - 191
Class C. Network Network Network Host 192 - 223
Class D. Multicast Address 224 - 247
Class E. Reserved 248 - 255

You can see from above figure that each address class contains a network
portion and a host portion. The network portion identifies the data link
that is in common with all the devices attached to that network. The host
portion uniquely identifies an end device connected to the network

Classes Range Purpose Max, Hosts

Class A. 1 - 127 Large organizations 16,777,214
Class B. 128 - 191 Medium-sized Organizations 65,543
Class C. 192 - 223 Small organizations 254
Class D. 224 - 247 Multicast addresses n/a
Class E. 248 - 255 Experimental n/a

Class A.
Network Host Host Host
Network Address. 12 12 2 0
IP Address. 12 12 2 3
Subnet Mask. 255 0 0 0

Class B.
Network Network Host Host
Network Address. 131 2 1 0
IP Address. 131 2 1 9
Subnet Mask. 255 255 0 0

Class C.
 Network Network Network Host
Network Address. 212 21 1 0
IP Address. 212 21 1 2
Subnet Mask. 255 255 255 0

Class D.
Multiasting Address
The IP Address
An address is a data structure understood by a network which uniquely identifies the recipient within the network.
Addresses in other places than computer networks: Addresses are used by the postal system to allow a postman to
find a person's house; to allow a computer to uniquely identify a location in memory.

A unicast/broadcast IP address is a 32 bit value (i.e. four bytes) which is allocated to each system in the Internet.
The 32-bit value uniquely identifies this system, and therefore no two systems may have the same IP address.
Some systems have more than one IP address, in which case they may be reached by any of their IP addresses.

Each IP address consists of two parts, the network part (identifying the network number, or LAN broadcast domain,
to which the computer is attached) and the host part (which identifies the host within the local network). This is
therefore a flat allocation technique. Administrators of a specific IP network may freely allocate host addresses
within their network, without co-ordination with other any other administrators in the Internet. However, they are not
allowed to allocate host addresses belonging to a network number which has not been assigned to them. If they
require additional addresses, they must apply for a new block of addresses (i.e. a new network number), which will
not normally be consecutive with what was previously assigned.

IPv4 addresses are normally written in a format known as "dotted decimal notation". In this format, each byte of the
4 byte address is expressed as a decimal (base 10) number (i.e. 0 to 255). The four decimal numbers are separated
by "dots" or "periods" as shown below:

The IPv4 address "129.7.1.10" corresponds to a hexadecimal value of 0x8107010A.

An IP address may be unicast (for a specific end system), network broadcast (for all systems on a LAN) or multicast
(for a group of end systems). A network broadcast address sets the destination to the network address, and then
fills each position of the host part of the address with a binary '1'. The special value '0.0.0.0' is reserved for an
unknown address. This is seldom used as a packet address, and is not normally valid.

Network Numbers and Netmasks

The IPv4 network address is identified as the bit-wise logical AND of the 32-bit IPv4 address with another 32-bit
quantity, the netmask. All systems with the same network number share the same netmask (sometimes called a
"subnet mask"). This has a bit with a logical '1' for each bit that is a part of the network number, and a logical '0' for
each bit which is a part of the host number. The netmask may be written in dotted decimal notation, or alternatively
as a hexadecimal number:

e.g. a 24-bit network number has a netmask which may be written as 255.255.255.0, this is identical to 0xFFFFF00.

Hence, the IP address 129.7.1.10 with a netmask of 255.255.255.0 indicates the network number is 129.7.1.0.

A 24-bit network number leaves a host part of 8 bits. That is a network with space for 254 hosts. (Remember the
host number "0" is reserved for the network itself, and the all one's host address is reserved for use as the network
broadcast address). Sometimes the netmask is represented by writing the IP address followed by as a slash ('/') with
the number of bits used to form the network number. The above netmask can therfore also be represented as "/24".
Here are a few more examples:

network
broadcast
IP address subnet mask network number host part address
7.7.7.7/8 255.0.0.0 7.0.0.0 7.7.7 7.255.255.255
139.133.7.10/24 255.255.255.0 139.133.7.0 10 139.133.7.255
129.5.255.2/16 255.255.0.0 129.5.0.0 255.2 129.5.255.255
131.108.2.1/24 255.255.255.0 131.108.2.0 1 131.108.2.255
131.108.2.1/30 255.255.255.252 131.108.2.0 1 131.108.2.3
netmask, only one of the two different ways may be used at any one time. Furthermore, it is important that all
systems connected to this network have the same netmask to operate correctly, can you figure out why?

What is an IP address?
in technical
These format.
addresses are used by networked computers to communicate, so each computer on a network has a unique
IP address on that network.
addresses for computers directly connected to the public internet network.

Decrypting an IP address
An IP address is a 32 bit address, generally written in the format of 4 whole numbers separated by dots. There are two distinct parts to an IP address:
the numbers to the left indicate the network and are called the netID,
the numbers to the right indicate the computers on this network and are called the host-ID.
Shown in the example below:

Note the network to the left 194.28.12.0. It contains the following computers:
194.28.12.1 to 194.28.12.4
Note that of the right 178.12.0.0. It includes the following computers:
178.12.77.1 to 178.12.77.6
network is numbered incrementally.
structure in the hierarchy of the computers and servers.
So, the smaller the number of bits reserved on the network, the more computers it can contain.
2=65,534 possibilities), this is the notion of IP address classes.

Special addresses.
allocated to any of the computers on the network.
the current network.
address, enabling a message to be sent to all the machines on the network specified by the netID.
Conversely, when all the bits of the netid are at 1, the address obtained is called the multicast address.
Finally the address 127.0.0.1 is called the loopback address because it indicates the localhost.

Network classes
IP addresses are divided into classes, according to the number of bytes which represent the network.

Class A
In a class A IP address, the first byte represents the network.
00000000) does not exist and number 127 is reserved to indicate your machine.
zeros
The which
three indicate
bytes that
to the left this is indeed
represent a network
the computers on theand not computers!)
network, the network can therefore contain a number of
computers equal to:
224-2 = 16,777,214 computers.
A class A IP address, in binary looks like:
0 xxxxxxx xxxxxxxx xxxxxxxx xxxxxxxx
Network Computers

Class B
In a class B IP address, the first two bytes represent the network.
are therefore
The two bytes tonetworks going from
the left represent 128.0.0.0
the computers on to
the191.255.0.0.
network. The network can therefore contain a number of
computers equal to:
216-21 = 65,534 computers.
A class B IP address, in binary looks like:
10 xxxxxx xxxxxxxx xxxxxxxx xxxxxxxx
Network Computers

Class C
networks going from 192.0.0.0 to 223.255.255.0.
The byte to the left represents the computers on the network, the network can therefore contain:
28-21 = 254 computers.
In binary, a class C IP address looks like:
110 xxxxx xxxxxxxx xxxxxxxx xxxxxxxx
Network Computers

Allocation of IP addresses
easier. In fact, with this notation it is possible to firstly search for the network that you want to reach, then search for
a computer on this network. So, allocation of IP address is done according to the size of the network.
Maximum
Number of
number of
Class possible
computers on
networks
each one
A 126 16777214
B 16384 65534
C
Class A addresses are used 2097152
for very large networks,254 while class C addresses are for example allocated to small
company networks.

Reserved IP addresses

It frequently happens that in a company or organisation only one computer is linked to the Internet and it is through this that other computers on the network access the Internet (generally we talk of a proxy or gateway).

In such a case, only the computer linked to the network needs to reserve an IP address with ICANN. However, the
other computers still need an IP address to be able to communicate with each other internally.
So, ICANN has reserved a handful of addresses in each class to enable an IP address to be allocated to computers
on a local network linked to the Internet without the risk of creating IP address conflicts on the network of networks.
These are the following addresses:

Private class A IP addresses: 10.0.0.1 to 10.255.255.254, enabling the creation of large private networks comprising
of thousands of computers.

Private class B IP addresses: 172.16.0.1 to 172.31.255.254, making it possible to create medium sized private
networks.

Private class C IP addresses: 192.168.0.1 to 192.168.0.254, for putting in place small private networks.

Subnet masks

In short, a mask is produced containing 1s with the location of bits that you want to keep and 0s for those you want
to cancel. Once this mask is created, you simply put a logical AND between the value you want to mask and the
mask in order to keep the part you wish to cancel separate from the rest.
So a netmask is presented in the form of 4 bytes separated by dots (like an IP address), it comprises
(in its binary notation) zeros at the level of the bits from the IP address that you wish to cancel (and
ones at the level of those you want to keep).

Importance of subnet masks

The primary importance of a subnet mask is to enable the simple identification of the network associated to an IP
address.

Indeed, the network is determined by a certain number of bytes in the IP address (1 byte for class A addresses, 2
for class B and 3 bytes for class C). However, a network is written by taking the number of bytes which characterise
it, then completing it with zeros. For example, the network linked to the address 34.56.123.12 is 34.0.0.0,
because it is a class A type IP address.

To find out the network address linked to the IP address 34.56.123.12, you simply need to apply a mask
where the first byte is only made up of 1s (which is 255 in decimal), then 0s in the following bytes.
The mask is: 11111111.00000000.00000000.00000000
The mask associated with the IP address 34.208.123.12 is therefore 255.0.0.0.
The binary value of 34.208.123.12 is: 00100010.11010000.01111011.00001100
So an AND logic between the IP address and the mask gives the following result:

00100010.11010000.01111011.00001100
AND
11111111.00000000.00000000.00000000
=
00100010.00000000.00000000.00000000

Which is 34.0.0.0. It is the network linked to the address 34.208.123.12

By generalising, it is possible to obtain masks relating to each class of address:

For a Class A address, only the first byte must be retained. The mask has the following format
11111111.00000000.00000000.00000000, i.e. 255.0.0.0 in decimal;
For a Class B address, the first two bytes must be retained, which gives the following mask
11111111.11111111.00000000.00000000, relating to 255.255.0.0 in decimal;

For a Class C address, by the same reasoning, the mask will have the following format
11111111.11111111.11111111.00000000, i.e. 255.255.255.0 in decimal;

Creation of
subnets
Let us re-examine the example of the network 34.0.0.0, and assume that we want the first two bits of the second
byte to make it possible to indicate the network.
The mask to be applied will then be:

11111111.11000000.00000000.00000000

That is 255.192.0.0
If we apply this mask to the address 34.208.123.12 we get:

34.192.0.0

In reality there are 4 possible scenarios for the result of the masking of an IP address of a computer on the network
34.0.0.0
When the first two bits of the second byte are 00, in which case the result of the masking is 34.0.0.0
When the first two bits of the second byte are 01, in which case the result of the masking is 34.64.0.0

When the first two bits of the second byte are 10, in which case the result of the masking is 34.128.0.0

When the first two bits of the second byte are 11, in which case the result of the masking is 34.192.0.0
Therefore, this masking divides a class A network (able to allow 16,777,214 computers) into 4 subnets - from where
the name of subnet mask - can allow 222 computers or 4,194,304 computers.
It may be interesting to note that in these two cases, the total number of computers is the same, which is 16,777,214
computers
The number(4ofx subnets
4,194,304 - 2 = 16,777,214).
depends on the number of additional bits allocated to the network (here 2). The number of
subnets is therefore:
Number of Number of
bits subnets
1 2
2 4
3 8
4 16
5 32
6 64
7 128
8 (impossible
for class C) 256
Introduction to TCP/IP
Summary: TCP and IP were developed by a Department of Defense (DOD) research project to connect a number
different networks designed by different vendors into a network of networks (the "Internet"). It was initially
successful because it delivered a few basic services that everyone needs (file transfer, electronic mail, remote
logon) across a very large number of client and server systems. Several computers in a small department can use
TCP/IP (along with other protocols) on a single LAN. The IP component provides routing from the department to
the enterprise network, then to regional networks, and finally to the global Internet. On the battlefield a
communications network will sustain damage, so the DOD designed TCP/IP to be robust and automatically
recover from any node or phone line failure. This design allows the construction of very large networks with less
central management. However, because of the automatic recovery, network problems can go undiagnosed and
uncorrected for long periods of time.

As with all other communications protocol, TCP/IP is composed of layers:

IP - is responsible for moving packet of data from node to node. IP forwards each packet based on a four byte
destination address (the IP number). The Internet authorities assign ranges of numbers to different organizations.
The organizations assign groups of their numbers to departments. IP operates on gateway machines that move
data from department to organization to region and then around the world.

TCP - is responsible for verifying the correct delivery of data from client to server. Data can be lost in the
intermediate network. TCP adds support to detect errors or lost data and to trigger retransmission until the data is
correctly and completely received.

Sockets - is a name given to the package of subroutines that provide access to TCP/IP on most systems.

Network of Lowest Bidders

The Army puts out a bid on a computer and DEC wins the bid. The Air Force puts out a bid and IBM wins. The
Navy bid is won by Unisys. Then the President decides to invade Grenada and the armed forces discover that
their computers cannot talk to each other. The DOD must build a "network" out of systems each of which, by law,
was delivered by the lowest bidder on a single contract.

The Internet Protocol was developed to create a Network of Networks (the "Internet"). Individual machines are first
connected to a LAN (Ethernet or Token Ring). TCP/IP shares the LAN with other uses (a Novell file server,
Windows for Workgroups peer systems). One device provides the TCP/IP connection between the LAN and the
rest of the world.
To insure that all types of systems from all vendors can communicate, TCP/IP is absolutely standardized on the
LAN. However, larger networks based on long distances and phone lines are more volatile. In the US, many large
corporations would wish to reuse large internal networks based on IBM's SNA. In Europe, the national phone
companies traditionally standardize on X.25. However, the sudden explosion of high speed microprocessors, fiber
optics, and digital phone systems has created a burst of new options: ISDN, frame relay, FDDI, Asynchronous
Transfer Mode (ATM). New technologies arise and become obsolete within a few years. With cable TV and phone
companies competing to build the National Information Superhighway, no single standard can govern citywide,
nationwide, or worldwide communications.

The original design of TCP/IP as a Network of Networks fits nicely within the current technological uncertainty.
TCP/IP data can be sent across a LAN, or it can be carried within an internal corporate SNA network, or it can
piggyback on the cable TV service. Furthermore, machines connected to any of these networks can communicate
to any other network through gateways supplied by the network vendor.

Addresses
Each technology has its own convention for transmitting messages between two machines within the same
network. On a LAN, messages are sent between machines by supplying the six byte unique identifier (the "MAC"
address). In an SNA network, every machine has Logical Units with their own network address. DECNET,
Appletalk, and Novell IPX all have a scheme for assigning numbers to each local network and to each workstation
attached to the network.

On top of these local or vendor specific network addresses, TCP/IP assigns a unique number to every workstation
in the world. This "IP number" is a four byte value that, by convention, is expressed by converting each byte into a
decimal number (0 to 255) and separating the bytes with a period. For example, the PC Lube and Tune server is
130.132.59.234.

An organization begins by sending electronic mail to Hostmaster@INTERNIC.NET requesting assignment of a

network number. It is still possible for almost anyone to get assignment of a number for a small "Class C" network
in which the first three bytes identify the network and the last byte identifies the individual computer. The author
followed this procedure and was assigned the numbers 192.35.91.* for a network of computers at his house.
Larger organizations can get a "Class B" network where the first two bytes identify the network and the last two
bytes identify each of up to 64 thousand individual workstations. Yale's Class B network is 130.132, so all
computers with IP address 130.132.*.* are connected through Yale.

The organization then connects to the Internet through one of a dozen regional or specialized network suppliers.
The network vendor is given the subscriber network number and adds it to the routing configuration in its own
machines and those of the other major network suppliers.

There is no mathematical formula that translates the numbers 192.35.91 or 130.132 into "Yale University" or "New
Haven, CT." The machines that manage large regional networks or the central Internet routers managed by the
National Science Foundation can only locate these networks by looking each network number up in a table. There
are potentially thousands of Class B networks, and millions of Class C networks, but computer memory costs are
low, so the tables are reasonable. Customers that connect to the Internet, even customers as large as IBM, do not
need to maintain any information on other networks. They send all external data to the regional carrier to which
they subscribe, and the regional carrier maintains the tables and does the appropriate routing.
New Haven is in a border state, split 50-50 between the Yankees and the Red Sox. In this spirit, Yale recently
switched its connection from the Middle Atlantic regional network to the New England carrier. When the switch
occurred, tables in the other regional areas and in the national spine had to be updated, so that traffic for 130.132
was routed through Boston instead of New Jersey. The large network carriers handle the paperwork and can
perform such a switch given sufficient notice. During a conversion period, the university was connected to both
networks so that messages could arrive through either path.

Subnets
Although the individual subscribers do not need to tabulate network numbers or provide explicit routing, it is
convenient for most Class B networks to be internally managed as a much smaller and simpler version of the
larger network organizations. It is common to subdivide the two bytes available for internal assignment into a one
byte department number and a one byte workstation ID.

The enterprise network is built using commercially available TCP/IP router boxes. Each router has small tables
with 255 entries to translate the one byte department number into selection of a destination Ethernet connected to
one of the routers. Messages to the PC Lube and Tune server (130.132.59.234) are sent through the national and
New England regional networks based on the 130.132 part of the number. Arriving at Yale, the 59 department ID
selects an Ethernet connector in the C& IS building. The 234 selects a particular workstation on that LAN. The
Yale network must be updated as new Ethernets and departments are added, but it is not effected by changes
outside the university or the movement of machines within the department.

A Uncertain Path

Every time a message arrives at an IP router, it makes an individual decision about where to send it next. There is
concept of a session with a preselected path for all traffic. Consider a company with facilities in New York, Los
Angeles, Chicago and Atlanta. It could build a network from four phone lines forming a loop (NY to Chicago to LA
to Atlanta to NY). A message arriving at the NY router could go to LA via either Chicago or Atlanta. The reply
could come back the other way.

How does the router make a decision between routes? There is no correct answer. Traffic could be routed by the
"clockwise" algorithm (go NY to Atlanta, LA to Chicago). The routers could alternate, sending one message to
Atlanta and the next to Chicago. More sophisticated routing measures traffic patterns and sends data through the
least busy link.
If one phone line in this network breaks down, traffic can still reach its destination through a roundabout path.
After losing the NY to Chicago line, data can be sent NY to Atlanta to LA to Chicago. This provides continued
service though with degraded performance. This kind of recovery is the primary design feature of IP. The loss of
the line is immediately detected by the routers in NY and Chicago, but somehow this information must be sent to
the other nodes. Otherwise, LA could continue to send NY messages through Chicago, where they arrive at a
"dead end." Each network adopts some Router Protocol which periodically updates the routing tables throughout
the network with information about changes in route status.

If the size of the network grows, then the complexity of the routing updates will increase as will the cost of
transmitting them. Building a single network that covers the entire US would be unreasonably complicated.
Fortunately, the Internet is designed as a Network of Networks. This means that loops and redundancy are built
into each regional carrier. The regional network handles its own problems and reroutes messages internally. Its
Router Protocol updates the tables in its own routers, but no routing updates need to propagate from a regional
carrier to the NSF spine or to the other regions (unless, of course, a subscriber switches permanently from one
region to another).

Undiagnosed Problems

IBM designs its SNA networks to be centrally managed. If any error occurs, it is reported to the network
authorities. By design, any error is a problem that should be corrected or repaired. IP networks, however, were
designed to be robust. In battlefield conditions, the loss of a node or line is a normal circumstance. Casualties can
be sorted out later on, but the network must stay up. So IP networks are robust. They automatically (and silently)
reconfigure themselves when something goes wrong. If there is enough redundancy built into the system, then
communication is maintained.

In 1975 when SNA was designed, such redundancy would be prohibitively expensive, or it might have been
argued that only the Defense Department could afford it. Today, however, simple routers cost no more than a PC.
However, the TCP/IP design that, "Errors are normal and can be largely ignored," produces problems of its own.

Data traffic is frequently organized around "hubs," much like airline traffic. One could imagine an IP router in
Atlanta routing messages for smaller cities throughout the Southeast. The problem is that data arrives without a
reservation. Airline companies experience the problem around major events, like the Super Bowl. Just before the
game, everyone wants to fly into the city. After the game, everyone wants to fly out. Imbalance occurs on the
network when something new gets advertised. Adam Curry announced the server at "mtv.com" and his regional
carrier was swamped with traffic the next day. The problem is that messages come in from the entire world over
high speed lines, but they go out to mtv.com over what was then a slow speed phone line.

Occasionally a snow storm cancels flights and airports fill up with stranded passengers. Many go off to hotels in
town. When data arrives at a congested router, there is no place to send the overflow. Excess packets are simply
discarded. It becomes the responsibility of the sender to retry the data a few seconds later and to persist until it
finally gets through. This recovery is provided by the TCP component of the Internet protocol.

TCP was designed to recover from node or line failures where the network propagates routing table changes to all
router nodes. Since the update takes some time, TCP is slow to initiate recovery. The TCP algorithms are not
tuned to optimally handle packet loss due to traffic congestion. Instead, the traditional Internet response to traffic
problems has been to increase the speed of lines and equipment in order to say ahead of growth in demand.
TCP treats the data as a stream of bytes. It logically assigns a sequence number to each byte. The TCP packet
has a header that says, in effect, "This packet starts with byte 379642 and contains 200 bytes of data." The
receiver can detect missing or incorrectly sequenced packets. TCP acknowledges data that has been received
and retransmits data that has been lost. The TCP design means that error recovery is done end-to-end between
the Client and Server machine. There is no formal standard for tracking problems in the middle of the network,
though each network has adopted some ad hoc tools.

Need to Know
There are three levels of TCP/IP knowledge. Those who administer a regional or national network must design a
system of long distance phone lines, dedicated routing devices, and very large configuration files. They must know
the IP numbers and physical locations of thousands of subscriber networks. They must also have a formal
network monitor strategy to detect problems and respond quickly.

Each large company or university that subscribes to the Internet must have an intermediate level of network
organization and expertise. A half dozen routers might be configured to connect several dozen departmental
LANs in several buildings. All traffic outside the organization would typically be routed to a single connection to a
regional network provider.

However, the end user can install TCP/IP on a personal computer without any knowledge of either the corporate
or regional network. Three pieces of information are required:

1. The IP address assigned to this personal computer

2. The part of the IP address (the subnet mask) that distinguishes other machines on the same LAN (messages
can be sent to them directly) from machines in other departments or elsewhere in the world (which are sent to a
router machine)

3. The IP address of the router machine that connects this LAN to the rest of the world.

In the case of the PCLT server, the IP address is 130.132.59.234. Since the first three bytes designate this
department, a "subnet mask" is defined as 255.255.255.0 (255 is the largest byte value and represents the
number with all bits turned on). It is a Yale convention (which we recommend to everyone) that the router for each
department have station number 1 within the department network. Thus the PCLT router is 130.132.59.1. Thus
the PCLT server is configured with the values:

My IP address: 130.132.59.234

Subnet mask: 255.255.255.0

Default router: 130.132.59.1

The subnet mask tells the server that any other machine with an IP address beginning 130.132.59.* is on the
same department LAN, so messages are sent to it directly. Any IP address beginning with a different value is
accessed indirectly by sending the message through the router at 130.132.59.1 (which is on the departmental
LAN).
TCP/IP Introduction
TCP/IP is the communication protocol for the Internet.

Computer Communication Protocol

A computer communication protocol is a description of the rules computers must follow to communicate with each
other.

What is TCP/IP?
TCP/IP is the communication protocol for communication between computers on the Internet.

TCP/IP stands for Transmission Control Protocol / Internet Protocol.

TCP/IP defines how electronic devices (like computers) should be connected to the Internet, and how data should
be transmitted between them.

Inside TCP/IP
Inside the TCP/IP standard there are several protocols for handling data communication:

TCP (Transmission Control Protocol) communication between applications

UDP (User Datagram Protocol) simple communication between applications
IP (Internet Protocol) communication between computers
ICMP (Internet Control Message Protocol) for errors and statistics
DHCP (Dynamic Host Configuration Protocol) for dynamic addressing

TCP Uses a Fixed Connection

TCP is for communication between applications.

If one application wants to communicate with another via TCP, it sends a communication request. This request
must be sent to an exact address. After a "handshake" between the two applications, TCP will set up a "full-
duplex" communication between the two applications.

The "full-duplex" communication will occupy the communication line between the two computers until it is closed
by one of the two applications.

UDP is very similar to TCP, but simpler and less reliable.

IP is Connection-Less
IP is for communication between computers.

IP is a "connection-less" communication protocol.

IP does not occupy the communication line between two computers. IP reduces the need for network lines. Each
line can be used for communication between many different computers at the same time.

With IP, messages (or other data) are broken up into small independent "packets" and sent between computers
via the Internet.

IP is responsible for "routing" each packet to the correct destination.

IP Routers
When an IP packet is sent from a computer, it arrives at an IP router.

The IP router is responsible for "routing" the packet to the correct destination, directly or via another router.

The path the packet will follow might be different from other packets of the same communication. The router is
responsible for the right addressing, depending on traffic volume, errors in the network, or other parameters.

Connection-Less Analogy
Communicating via IP is like sending a long letter as a large number of small postcards, each finding its own
(often different) way to the receiver.

TCP/IP
TCP/IP is TCP and IP working together.

TCP takes care of the communication between your application software (i.e. your browser) and your network
software.

IP takes care of the communication with other computers.

TCP is responsible for breaking data down into IP packets before they are sent, and for assembling the packets
when they arrive.

IP is responsible for sending the packets to the correct destination.

TCP/IP Addressing
TCP/IP uses 32 bits, or four numbers between 0 and 255, to address a computer.

IP Addresses
Each computer must have an IP address before it can connect to the Internet.

Each IP packet must have an address before it can be sent to another computer.

This is an IP address: 192.68.20.50

This might be the same IP address: www.w3schools.com

An IP Address Contains 4 Numbers.

Each computer must have a unique IP address.

This is your IP address: 77.31.18.232

TCP/IP uses four numbers to address a computer. The numbers are always between 0 and 255.

IP addresses are normally written as four numbers separated by a period, like this: 192.168.1.50.

32 Bits = 4 Bytes
TCP/IP uses 32 bits addressing. One computer byte is 8 bits. So TCP/IP uses 4 computer bytes.

A computer byte can contain 256 different values:

00000000, 00000001, 00000010, 00000011, 00000100, 00000101, 00000110, 00000111, 00001000 .......and all
the way up to 11111111.

Now you know why a TCP/IP address is four numbers between 0 and 255.

Domain Names
A name is much easier to remember than a 12 digit number.

Names used for TCP/IP addresses are called domain names.

w3schools.com is a domain name.

When you address a web site, like http://www.w3schools.com, the name is translated to a number by a Domain
Name Server (DNS).

All over the world, DNS servers are connected to the Internet. DNS servers are responsible for translating domain
names into TCP/IP addresses.

When a new domain name is registered together with a TCP/IP address, DNS servers all over the world are
updated with this information.

TCP/IP Protocols

TCP/IP is a large collection of different communication protocols.

A Family of Protocols
TCP/IP is a large collection of different communication protocols based upon the two original protocols TCP and
IP.
TCP - Transmission Control Protocol
TCP is used for transmission of data from an application to the network.

TCP is responsible for breaking data down into IP packets before they are sent, and for assembling the packets
when they arrive.

IP - Internet Protocol
IP takes care of the communication with other computers.

IP is responsible for the sending and receiving data packets over the Internet.

HTTP - Hyper Text Transfer Protocol

HTTP takes care of the communication between a web server and a web browser.

HTTP is used for sending requests from a web client (a browser) to a web server, returning web content (web
pages) from the server back to the client.

HTTPS - Secure HTTP

HTTPS takes care of secure communication between a web server and a web browser.

HTTPS typically handles credit card transactions and other sensitive data.

SSL - Secure Sockets Layer

The SSL protocol is used for encryption of data for secure data transmission.

SMTP - Simple Mail Transfer Protocol

SMTP is used for transmission of e-mails.

MIME - Multi-purpose Internet Mail Extensions

The MIME protocol lets SMTP transmit multimedia files including voice, audio, and binary data across TCP/IP
networks.

IMAP - Internet Message Access Protocol

IMAP is used for storing and retrieving e-mails.
POP - Post Office Protocol
POP is used for downloading e-mails from an e-mail server to a personal computer.

FTP - File Transfer Protocol

FTP takes care of transmission of files between computers.

NTP - Network Time Protocol

NTP is used to synchronize the time (the clock) between computers.

DHCP - Dynamic Host Configuration Protocol

DHCP is used for allocation of dynamic IP addresses to computers in a network.

SNMP - Simple Network Management Protocol

SNMP is used for administration of computer networks.

LDAP - Lightweight Directory Access Protocol

LDAP is used for collecting information about users and e-mail addresses from the internet.

ICMP - Internet Control Message Protocol

ICMP takes care of error-handling in the network.

ARP - Address Resolution Protocol

ARP is used by IP to find the hardware address of a computer network card based on the IP address.

RARP - Reverse Address Resolution Protocol

RARP is used by IP to find the IP address based on the hardware address of a computer network card.

BOOTP - Boot Protocol

BOOTP is used for booting (starting) computers from the network.
PPTP - Point to Point Tunneling Protocol
PPTP is used for setting up a connection (tunnel) between private networks.

TCP/IP Email
Email is one of the most important uses of TCP/IP.

You Don't
When you write an email, you don't use TCP/IP.

When you write an email, you use an email program like Lotus Notes, Microsoft Outlook or Netscape
Communicator.

Your Email Program Does

Your email program uses different TCP/IP protocols:

It sends your emails using SMTP

It can download your emails from an email server using POP
It can connect to an email server using IMAP

SMTP - Simple Mail Transfer Protocol

The SMTP protocol is used for the transmission of e-mails. SMTP takes care of sending your email to another
computer.

Normally your email is sent to an email server (SMTP server), and then to another server or servers, and finally to
its destination.

SMTP can only transmit pure text. It cannot transmit binary data like pictures, sounds or movies.

SMTP uses the MIME protocol to send binary data across TCP/IP networks. The MIME protocol converts binary
data to pure text.

POP - Post Office Protocol

The POP protocol is used by email programs (like Microsoft Outlook) to retrieve emails from an email server.

If your email program uses POP, all your emails are downloaded to your email program (also called email client),
each time it connects to your email server.

IMAP - Internet Message Access Protocol

The IMAP protocol is used by email programs (like Microsoft Outlook) just like the POP protocol.

The main difference between the IMAP protocol and the POP protocol is that the IMAP protocol will not
automatically download all your emails each time your email program connects to your email server.

The IMAP protocol allows you to look through your email messages at the email server before you download
them. With IMAP you can choose to download your messages or just delete them. This way IMAP is perfect if you
need to connect to your email server from different locations, but only want to download your messages when you
are back in your office.