You are on page 1of 85

SwitchedNetworkAccess

www.jabez.webnode.com

WHYSWITCHING?
Whentwoormorecomputerownedbythesamecompany itisofteneasierjusttorunacablebetweenthem LANsworkthisway. (PointtoPoint)/mesh/star Whendistancesarelarge/manycomput.ers comput ers cableshave topassthroughapublicpremises. Thecostofrunningprivatecablesareusuallyprohibitive.. F th morein Further i j just tabout b tto t acountry t in i th theworld ld, stringingpublictransmissionlinesacross(orunderneath) publicpropertyisalsoillegal. Consequently,networkdesignersmustrelyonswitching.

www.jabez.webnode.com

Imagineanetworkofsixdevices.A,B,C,D,E&F WhenA&Bareconnected,thelinksconnectingAto eachoftheotherdevicesareidleandwasted. Abettersolutionisswitching. switching Aswitchednetworkconsistsofaseriesofinterlinked nodescalledasswitches. Switchesarehardwareorsoftwaredevicescapableof creatingtemporaryconnectionsbetweentwoormore deviceslinkedtotheswitchbutnottoeachother. Inaswitchednetworksomeofthenodesare connectedtothecommunicationdevices. OthersareonlytoRouting Routing. Threemethodsofswitching1.CircuitSwitching2. PacketSwitching3.MessageSwitching.
www.jabez.webnode.com

www.jabez.webnode.com

DeviceD

www.jabez.webnode.com

Createsdirectphysicalconnectionbetweentwodevicessuch phonesorcomputer. Inaboveitisnotusingpointtopointconnectionbetween d i devices. aconnectioncalledacircuitissetupbetweentwodevices. Thisconnectionisusedforthewholecommunication. itmaybeacircuitthatiscreatedonanasneededbasis Evenifmanypotentialpathsthroughintermediatedevices mayexistbetweenthetwodevicescommunicating communicating,onlyone willbeusedforanygivendialog. Herebeforecommunicationcanoccurbetweentwodevices, acircuitisestablishedbetweenthem. thickblueline fromDeviceAtoDeviceB A purplelinefromBbacktoA.
www.jabez.webnode.com

Eg:thetelephonesystem. Ify youcallsomeone they yanswer establishedacircuitconnection passdata you. may ybemany yintermediate betweeny devicesareusedtocarryyourvoice afteruse youcally you terminatethecircuit nexttimey getanewcircuit may(probablywill)use differenthardwarethanthefirstcircuitdid dependingonwhat'savailableatthattimein thenetwork
www.jabez.webnode.com

CircuitSwitch: isadevicewithninputsandmoutputs thatcreatestemporaryconnectionbetween p linkandoutput p link aminput

www.jabez.webnode.com

FoldedSwitch Annbynfoldedswitchcanconnectnlinesin u dup duplex e mode. ode full Eg)itcanconnectntelephonesinsuchaway thateachphonecanbeconnectedtoevery otherphone.

www.jabez.webnode.com

CrossbarSwitches:
Connectsninputstomoutputsinagrid,usingelectronic microswitches(transistors)ateachcrosspoint. ConnectingninputstomoutputsrequiresmXncrosspoints. Eg)1000inputsto1000outputsrequires1,000,000cross points. i t Thismakessizeofthecrossbarhuge. Suchaswitchisinefficientbecausefewerthan25%ofthe crosspointareinuseatagiventime. Restisidle.

www.jabez.webnode.com

www.jabez.webnode.com

www.jabez.webnode.com

MultistageSwitches

Combinesseveralcrossbarswitchinseveralstages.
www.jabez.webnode.com

www.jabez.webnode.com

MultiplePaths: Belowfigureshowstwowaysoftrafficcanmovefromaninputtoanoutputusingtheswitch

www.jabez.webnode.com

TimeDivisionSwitches usestimedivisionmultiplexingtoachieveswitching. Twopopularmethods Time Ti slot l tinterchange i t h and dth theTDMBus. B TimeSlotInterchange(TSI)

www.jabez.webnode.com

Inabovefigasystemconnecting4inputand4outputlines. Ifeachinputwanttosendinfollowingpattern 1 3243142 Figashowsordinarytimedivisionmultiplexing. Heredesiredtaskisnotaccomplished. Dataareoutputinthesameorderastheyareinput. Ie)11223344 Infigb.anewcalledtimeslotinterchangeisinserted. TSIchangestheorderingoftheslotsbasedonthedesired connections. connections InthiscaseitchangestheorderofdatafromA,B,C,Dto C,D,A,B. When Wh the th demultiplexer d lti l separates t th theslots, l t itpassesth them toproperoutputs. TSIworksasinthefollowingfigure.
www.jabez.webnode.com

TSIconsistsofRAMwithseveral

Memorylocations. Sizeofeachlocationissameasthe sizeofasingletimeslot. No.ofmemorylocationisthesame asno.ofinputs. TheRAMfillswithupwith incomingdatafromtimeslotsinthe orderreceived. Slotsarethensentoutindesired orderbasedonthedecisionof controlunit.

www.jabez.webnode.com

www.jabez.webnode.com

Aneg forCircuitSwitchedtelephonenetworkisPSTNinNorth America. America Switchingcentersareorganizedintofiveclasses. Regionaloffices(class1),Sectionaloffices(class2),Primaryoffices ( ) toll (C3), lloffices ff ( (c4), ) endoffices ff ( (c5). ) Subscribertelephonesareconnectedthroughlocalloopstoend offices. Smalltownmayhave1endoffice,largecitymayhaveseveralend office Manyendofficesareconnectedtoonetolloffice. Severaltollofficesmayconnectedtoaprimaryoffices. Severalprimaryofficesmayconnectedtoasectionaloffice,which normallyservesmorethanonestate. Finallyallsectionalofficesareconnectedtooneregionaloffice. Allregionalofficesareconnectedusingmeshtopology.

www.jabez.webnode.com

Todaydialingisaccomplished throughthetouchtone technique. Inthismethodtheusersends twosmallburstanalogsignals calleddualtone. The Th frequency f of fthe h signals i l sent dependsontherowandcolumn ofthepressedpad. Eg)Whenauserdialthenumber 6,twoburstsofanalogsignal withfrequencies q 770and1477 Hzaresenttoendoffice.

www.jabez.webnode.com

PacketSwitching
Circuitswitchisdesignedforvoicecommunication. Inatelephoneconversation,onceacircuitisestablished,itremains connectedforthedurationofthesession session. Circuitswitchingcreatestemporary(dialed)orpermanent(leased) dedicatedlinkstocommunication. Itisnotsuitedtodataandothernonvoicetransmissions. transmissions Nonvoicetransmissionstendtobebursty. Ie)datacomewithidlegapsbetweenthem. Sousingcircuitswitchedlinksiswastesincethelineisoftenidle idle. Circuitswitchingseesalltransmissionequal. Anyrequestisgrantedtowhateverlinkisavailable. Butoftenwithdatatransmissionwewanttoprioritize prioritize. X>cangoanytime,z mustgoimmediately. Abettersolutionfordatatransmissionispacketswitching.

www.jabez.webnode.com

Inpacketswitching, Nospecificpathisusedfordatatransfer. transfer Thedataischoppedupintosmallpiecescalledpackets Eachpacketcontainsnotonlydatabutalsoaheader (SA/DA). (SA/DA) Thesepacketsaresentoverthenetworknodetonode. Ateachnodethepacketisroutedaccordingtothe informationpresentinheader. Thedataisreadfromthepacketsandreassembledinto theformoftheoriginaldatainreceivingend. Inapacketswitchednetwork,nocircuitissetuppriorto sendingdatabetweendevices. Blocksofdata,evenfromthesamefileorcommunication, maytakeanynumberofpathsasitjourneysfromone devicetoanother. Therearetwopopularpacketswitching:Datagramand VirtualCircuit.
www.jabez.webnode.com

www.jabez.webnode.com

DatagramApproach:

www.jabez.webnode.com

DatagramApproach: Indatagramapproach,eachpacketistreatedasindependent packet soifthepacketsareforthesamedestination,eachpacketmay takethedifferentrulestoreachthesamedestination. Thisisp possiblebecauseeachp packetconsistoffullsourceand destinationaddress. Packetinthisapproachisknownasdatagram. Letustakeanexamplewherethereare3packetswhichbelongto thesamesourceanddestination. butmaygobydifferentpathtoreachtheirdestination. Thisapproachcancausethedatagramtoarriveattheirdestination outof forder. d Thisishappenedbecausethedatagrammaytakethedifferent routes. Inmostprotocol, protocol itistheresponsibilityofanupperlayerprotocol (transportlayer)toreorderthedatagrambeforepassingthemto thecorrectprocess.

www.jabez.webnode.com

VirtualCircuitApproach
A B

www.jabez.webnode.com

VirtualCircuitApproach Singlerouteestablishedbeforeanypackets sent se tbet between ee se sender de a and dreceiver. ece e Whenthedataaresentallpacketsofthe transmissiontraveloneaftertheotheralong thatroute. TwoformatsofVCA:Switchedvirtualcircuit (SVC)andpermanentvirtualcircuit(PVC).

www.jabez.webnode.com

SVC DialupLines Virtualcircuitiscreatedwheneverneededand existforcertaindurationofthespecific exchange. exchange


ConnectionEstablishment DataTransfer f ConnectionRelease

www.jabez.webnode.com

PVC Leasedline Thecircuitisdedicatedbetweentwouserson continuousbasis. Nooneelsecanuseit. Canbeusedwithoutconnection establishmentandconnectiontermination. SVCusersmayget tdifferent diff troute t everyti time.

www.jabez.webnode.com

MessageSwitching

www.jabez.webnode.com

Messageswitchingisbestknownby descriptivetermasstoreandforward. Anodereceivesamessage, message storesituntil appropriaterouteisfree,thesendsitalong. Secondary S d disk di kneeded d d Requirementoflargecapacityofstorageat eachnodemakeitunpopular.

www.jabez.webnode.com

Internetworking

www.jabez.webnode.com

Twoofmoredevicesconnectedforthepurpose of fsharing h i data d orresourcesNW. NW LANneedtocovermoredistance.


Numberofstationsmaybetoogreatforefficient framedeliveryormanagementofNW. NWmayneedtobesubdivided.

InfirstcaseaRepeaterisinsertedtoincrease coverabledistance. InsecondcaseBridgeisinsertedfortraffic management.


www.jabez.webnode.com

Internetwork Whentwoormoreseparatenetworks areconnectedforexchangingdataorresource resource. LinkingnumberofLANsintoaninternetrequires additionalinternetworkingdeviceslikeroutersand gateways. g toovercomeobstaclesto Thesedevicesaredesigned interconnectionwithoutdisruptingtheindependent functioningofNW. Aninternetisaninterconnectionofindividual networks. Tocreateinternet i weneed dinternetworking i ki d devices i calledroutersandgateways.
www.jabez.webnode.com

internet(lowercasei) interconnectionof networks. networks Internet(UppercaseI) Worldwidenetwork. AninternetisdifferentfromInternet. Internet Fourcategoriesofnetworkingand internetworkingdevices:Repeaters, Repeaters Bridges, RoutersandGateways. Eachofthesefourdevicetypes yp interactswith protocolsatdifferentlayersoftheOSImodel. HowNetworkcanbeconnected: Networkscanbeinterconnectedbydifferent devices
www.jabez.webnode.com

www.jabez.webnode.com

Repeaters actonlyupontheelectrical

components t of fasignal i l active ti uponphysical h i l layer. Bridges utilizeaddressingprotocolsandcan affecttheflowcontrolofasingleLAN. y Activeatdatalinklayer. Routers providelinkbetweentwoseparatebut sametypeLANs. Activeatnetworklayer. Gateways providetranslationservicesbetween incompatibleLANsorapplications. applications Activeinalllayers.
www.jabez.webnode.com

ConnectingDevices&OSImodel

www.jabez.webnode.com

Repeaters: Isanelectronicdevicethatoperatesonphysicallayer oftheOSImodel. Signalsthatcarryinformationwithinanetworkcan travelafixeddistancebeforeandbecomesweak. Repeaterinstalledonalinkreceivesthesignalbeforeit becomestooweakorcorrupted. corrupted Regeneratestheoriginalbitpatternandputsthe refreshedcopybackontothelink. Allowsustoextendthephysicallengthofanetwork. Itdoesnotchangethefunctionalityofthenetworkin anyway. way Twosectionsareconnectedbytherepeaterinbelow fig.
www.jabez.webnode.com

www.jabez.webnode.com

www.jabez.webnode.com

Repeater p isnotAmplifier p Anamplifiercannotdiscriminatebetweenthe intendedsignalandnoise. Itamplifiesequallyeverythingfedintoit. Arepeaterdoesnotamplifythesignal. Itregeneratesit. Whenitreceivesaweakenedorcorrupted signal,itcreatesacopybitforbitatthe originalstrength. Arepeatermustbeplacedbeforesignalgets weak.
www.jabez.webnode.com

Bridges: Operatesinbothphysical&DataLinkLayersofOSI Models. Bridgescandividealargenetworkintosmaller segments. Canalsorelayframesbetweentwooriginallyseparated LANs. LAN Unlikerepeaters,bridgescontainlogicthatallowsthem tokeep pthetrafficforeachsegment g separate. p Theyfiltertraffic. Makesthemusefulforcontrollingcongestionand isolatingproblemlinks links. Canalsoprovidesecuritythroughthispartitioningof traffic.
www.jabez.webnode.com

www.jabez.webnode.com

Bridgeoperatesatdatalinklayer,givingitaccessto thetothephysicaladdressesofallstations connectedtoit. Whenaframeentersabridge,thenotonly regeneratesthesignalbutalsochecktheaddressof th d the destination ti ti and df forwards d th thenewcopyonly l t to thesegmentwhichthataddressbelongsto. Asabridgesencountersthepacketitreadsthe addresscontainedintheframeandaddresswitha tableofallthestationsonbothsegments. Whenitfindsamatch,itdiscoverstowhichsegment thestationbelongs g andrelays y thepacket p only ytothat segment.
www.jabez.webnode.com

www.jabez.webnode.com

Inabovefig twosegmentsjoinedbythe bridge. Apac packet etfrom o station stat o Aaddressed add essedtostation stat o D arrivesatthebridge. StationAisonthesamesegmentasstationD. D Thereforethepacketisblockedfromcrossing intoothersegment segment.

www.jabez.webnode.com

www.jabez.webnode.com

PacketgeneratedbystationAisintendedfor stationG. The Th b bridges id allow ll th thepacket k t t tocrossand d relaysittoentiresegment. WhereitisreceivedbystationG.

www.jabez.webnode.com

TypesofBridges:
Toselectbetweensegments,abridgemusthavealookup tablethatcontainsthephysicaladdressesofeverystation connectedtoit it. Thetableindicatestowhichsegmentseachstationbelongs.

SimpleBridge:
Mostprimitiveandleastexpensive. Linkstwosegmentsandcontainsatablethatliststhat addressesofallthestationsincludedineachofthem. Whatmakesitprimitiveisthattheaddressesmustbeentered manually. Beforeasimplebridgecanbeusedanoperatormustsitdown andentertheaddressesofeverystation. Whenevernewstationisadded,thetablemustbemodified.
www.jabez.webnode.com

Ifastationisremovedthenewlyinvalidaddressmustbedeleted. Installationandmaintenancearetimeconsumingandpotentially moretroublethancostsaving. MultiportBridge: UsedtoconnectmorethantwoLANs.

Inthisfigure,thebridgehasthreetables,eachoneholdingthe physicaladdressesofstationsreachablethroughcorresponding port.


www.jabez.webnode.com

TransparentBridge:
Itbuildsitstableofstationaddressesonitsown. Duringfirstinstallation,itstableisempty. Asitencounterseachpacketitlooksatboththedestination and dsourceaddress. dd Itchecksthedestinationtodecidewheretosendthepacket. Ifitdoesnotyetrecognizethedestinationaddress address,itrelays thepackettoallofthestationsonbothsegments. Itusesthesourceaddresstobuilditstable. Asitreadsthesourceaddressitnoteswhichsidethepacket camefromandassociatestheaddresswithsegmenttowhich itbelongsto to. Eg)WhenstationAsendsitpackettostationG,bridgelearns thatpacketscomingfromAanditssegment. Nowwhenever,thebridgeencounterspacketsaddressedtoA, www.jabez.webnode.com itknowstorelaytheminto whichsegment.

Bridge d learns l the h segmentassociated dwith hthat h stationwhenthefirstpackettransmittedbyeach station. station Eventuallyithasacompletetableofstationaddress andtheirrespectivesegmentstoredinitsmemory. memory Byrepeatingthisprocessevenaftertableis complete. Itisselfupdating. G. SupposestationAsendsstationG Ifstoredlocationsforbothstationarewrong. Itupdatesaccordingly accordingly.
www.jabez.webnode.com

BridgesconnectingdifferentLANs: FrameFormat DataRate AddressBitorder Payloadsize: sizeofdatathecanbe encapsulatedinaframevariesfromprotocol toprotocol. Howevertherearebridgestodaythatcan handlealloftheseproblems&canconnect onetypeofLANtoother
www.jabez.webnode.com

Routers:
Repeaters&Bridgesaresimplehardwaredevicescapableof executingspecifictasks. Routersaremoresophisticated. hi i d Theyhaveaccesstonetworklayeraddresses. Itcontainsoftwarethatenablesthemtodeterminetobestpath amongseveralpossiblepaths. Routersoperatesinphysical,DataLinkandNetworklayersof theOSImodel. Routersrelaypacketsamongmultipleinterconnectednetworks. They Th routepackets k from f onenetwork ktoanyof fanumber b of f potentialdestinationnetworksonainternet. Thebelowfigureshowsapossibleinternetworkoffive networks.
www.jabez.webnode.com

www.jabez.webnode.com

www.jabez.webnode.com

Apacketsentfromastationononenetworktoastationona neighboring g gnetworkg goesfirstrouter. Whichswitchitovertothedestinationnetwork. ifthereisnoonerouterconnectedtoboththesendingand receivingnetworks. Sendingroutertransfersthepackettooneofitsneighbor router. router ThatNRforwardsthepacketuntilitreachdestination. Routersactslikestationsonanetwork. Butunlikemoststations,whicharemembersofonlyone network. Routershave h links l k totwoormorenetwork katthe h sametime. Theyreceivepacketsfromoneconnectednetworkandpass themtoasecondconnectednetwork. Considersthebestrouteforthepacketandpassesittothe destinationnetwork. www.jabez.webnode.com

GATEWAYS:
PotentiallyoperateinallsevenlayersofOSImodel. Agatewayisaprotocolconverter. Arouterbyitselftransfers,acceptsandrelayspacketsonly acrossnetworksusingsimilarprotocols. Butgatewaycanacceptapacketformattedforonprotocol (Eg.AppleTalk)andconvertittoapacketformattedfor anotherprotocol(TCC/IP)beforeforwardingit. Agatewayisgenerallyasoftwareinstalledwithinarouter. Thegatewayunderstandstheprotocolsusedbyeach networklinkedintotherouterandthereforeabletotranslate fromonetoanother. Headerandtrailermodification(insomecases) Thegatewaymustadjustdatarate,sizeandformataswell.
www.jabez.webnode.com

www.jabez.webnode.com

Internetworking:
Twoormorenetworksareconnectedtoforminternet. Networkscandifferinmanyways. Packetshastocrossthroughdifferentnetworksbeforeit reaches h the th N/W. N/W Differentmodulationtechniquesorframeformatsarein physicalanddatalinklayers.
Serviceoffered connectionorientedversusconnectionless Protocols IP,IPX,SNA,ATM,MPLS,AppleTalketc. Addressing Multicasting PresentorAbsent PacketSize Qualityofservice Errorhandling Flowcontrol Congestioncontrol Security privacyrules,encryption Parameters differenttimeouts, flowspecifications. www.jabez.webnode.com

Manynetworktypesareinoperationtoday thistrendwillcontinuealsointhefuture. future AnexampleofdifferentnetworksinterconnectionisinbelowFig

www.jabez.webnode.com

ConcatenatedVirtualCircuits:
Two stylesofinternetworking arecommon: Aconnectionorientedconcatenationofvirtualcircuit
subnets. b (guarteequality li of fservice) i ) Adatagraminternetstyle.(mistaketothink)

www.jabez.webnode.com

Intheconcatenatedvirtualcircuitmodel(aboveFig.)a connectiontoahostinadistantnetworkissetupinaway similartothewayconnectionsarenormallyestablished. consistsofconcatenatedvirtualcircuitsbetweentheroutersor gatewaysalongthewayfromthesourcenodetothedestination node. Eachgatewaymaintainstables Tellingwhichvirtualcircuitspassthroughit. where h they th areto t b berouted. t d whatthenewvirtualcircuitnumberis.

www.jabez.webnode.com

ConnectionlessInternetworking
Thealternativeinternetworkmodelisthe datagrammodel . Inthismodel,thenetworklayerofferstothetransportlayer justtheabilitytoinjectdatagramintothesubnetandhopeit willgettothedestination. Notallpacketfromasourcetothesamedestinationtraverse thesamesequenceofgateways gateways. Aroutingdecisionismadeseparatelyforeachpacketpossibly dependingonthetrafficatthemomentthepacketissent.

www.jabez.webnode.com

Tunneling
Handlingthegeneralcaseofmakingtwodifferentnetworks interworkisexceedinglydifficult. However, ,inthespecial p case, ,whenthesourceanddestination hostsareonthesametypeofnetwork, butthereisadifferentnetworkinbetween,thesituation i manageable. is bl EginternationalbankwithTCP/IPbasedEthernetinParisand London.( (nonIPwideareaNWinbetween) ) Thesolutiontothisproblemisatechniquecalledtunneling. InthebelowFig.tosendanIPpackettohost2, host1constructsthepacketcontainingtheIPaddressofhost2, insertsitintoanEthernetframeaddressedtotheParis multiprotocol lti t lrouter, t and dputs t itonthe th Eth Ethernet. t
www.jabez.webnode.com

ThemultiprotocolrouterremovestheIPpacket,insertsitinthe payloadfieldoftheWANnetworklayerpacket. addressesthelatertotheWANaddressoftheLondon multiprotocolrouter. Whenitgetsthere, there theLondonrouterremovestheIPpacket andsendsittohost2insideanEthernetframe. SotheWANcanbeseenasabig gtunnelextending gfromone multiprotocolroutertotheother.

www.jabez.webnode.com

www.jabez.webnode.com

AninternetpacketstartsonitsLANaddressedtothelocalmultiprotocolrouter

routingtablesentry. Ifthatroutercanbereachedusingthepacket'snativenetworkprotocol,itis forwardedtheredirectly Otherwiseitistunneledthere,encapsulatedintheprotocolrequiredbythe interveningnetwork. processisrepeated p untilthep packetreachesthedestinationnetwork. Thisp


www.jabez.webnode.com

Fragmentation
Eachnetworkimposes p somemaximumsizeonitsp packets.These limitshavevariouscauses,amongthem:
Hardware(e.g.,thewidthofaTDMtransmissionslot). Operatingsystem(e.g.,allbuffersare512bytes). Protocols(e.g.,thenumberofbitsinthepacketlengthfield). Compliancewithsome(inter)nationalstandards. Desiretoreduceerrorinducedretransmissionstosomelevel level. Desiretopreventonepacketfromoccupyingthechanneltoolong.

Maximumpayloadrangefrom48bytes(ATMcells)to65515 bytes(IPpackets). packets) Aproblemappearswhenalargepacketwantstotravelthrough anetworkwhosemaximumpacketsizeistoosmall. Theonlysolutiontotheproblemistoallowgatewaystobreak packetsintofragments sendingeachfragmentasaseparateinternetpacket.


www.jabez.webnode.com

Butthenanewproblemarises:howtoputthefragments backtogetheragain. Twoopposingstrategiesexistsfor recombiningthe fragments backintotheoriginalpacket:


Thefragmentsarerecombinedinthenextgateway sothe fragmentation g ismadetransparent p toany ysubsequent q network(Fig. ( g 5 41(a)). Onceapackethasbeenfragmented,eachfragmentistreatedas though g itwereanoriginal g packet. p Recombinationoccursonly yatthe destinationhost(Fig.541(B)).

www.jabez.webnode.com

Whenapacketisfragmented, fragmented thefragmentsmustbenumberedinsuchawaythat theoriginaldatastreamcanbereconstructed.


www.jabez.webnode.com

Firewalls
Forindividualsathome,wanderingaroundtheInternetislotsoffun. Forcorporatesecuritymanagers,itisanightmare. Mechanismsareneededtoprotectsystemsasmuchaspossibleagainstthe unauthorizedaccess. Firewallsareabletoaccomplishthisgoal. Firewall isanelectronicdrawbridge,alltraffictoorfromacompany'sLANis forced o cedto ogothrough oug (Fig. ( g 543). 3) Thefirewallinthisconfigurationhastwocomponents:tworoutersthatdo packetfilteringandanapplicationgateway. Simplerconfigurationsalsoexists exists,buttheadvantageofthisdesignisthat everypacketmusttransittwofiltersandanapplicationgatewaytogoinor out. Eachpacketfilterisastandardrouterequippedwithsomeextrafunctionality allowingeveryincomingoroutgoingpackettobeinspected. Packetsmeetingsomecriterionareforwardednormally. Thosethatfailthetestaredropped. dropped thepacketfilterontheinsideLANcouldcheckoutgoingpacketsandtheone www.jabez.webnode.com ontheoutsideLANchecksincoming packets.

www.jabez.webnode.com

InternetProtocol

www.jabez.webnode.com

http://www.freesoft.org/CIE/RFC/791/12.htm AnIPdatagramconsistsofaheaderpartanda textpart. Theheaderhasa20bytefixedpartanda variablelengthoptionalpart. Itistransmittedfromlefttoright,withthe highorderfieldoftheVersionfieldgoingfirst AllIPpacketsarestructuredthesameway

www.jabez.webnode.com

IPV4Header
www.jabez.webnode.com

Version:
4bits indicatesVersionnumber. alwayssettothevalue4inthecurrentversionofIP(IPV4). lengthoftheinternetheaderin32bitwords words. thuspointstothebeginningofthedata. Notethattheminimumvalueforacorrectheaderis5. 8bits. TheTypeofServiceprovidesanindicationoftheabstractparametersof thequalityofservicedesired. Severalnetworksofferserviceprecedence,whichsomehowtreatshigh precedencetrafficasmoreimportantthanothertraffic . Themajorchoiceisathreewaytradeoffbetweenlowdelay,high reliability andhighthroughput. reliability, throughput TheuseoftheDelay,Throughput,andReliabilityindicationsmayincrease thecost(insomesense)oftheservice. Inmanynetworksbetterperformanceforoneoftheseparametersis coupled l d AboveareDifferentialService
www.jabez.webnode.com

IPHeaderLength :

TypeofService: (DS/ECN)

www.jabez.webnode.com

TotalLength:
16bits TotalLengthisthelengthofthedatagram,measuredinoctets,including internetheaderanddata. 16bits Anidentifyingvalueassignedbythesendertoaidinassemblingthe fragmentsofadatagram. datagram Thisisuniqueduringthetimedatagramwillremainintheinternet. 3bits VariousControlFlags.

Identification:

Flags:

www.jabez.webnode.com

DontFragmentFlagbit prohibitsfragmentationwhen set. Usefulifitisknownthat destinationdoesnothavethe capabilityofreassemble fragments. Thedatagramwillbe discardedifitexceedsthe maximumsizeofanenroute network.

www.jabez.webnode.com

FragmentOffset:

(13bits)

Thisfieldindicateswhereinthedatagramthisfragment belongs. measuredinunitsof8octets(64bits). bits) Thefirstfragmenthasoffsetzero. TimetoLive: (8bits) Thisfieldindicatesthemaximumtimethedatagramis allowedtoremainintheinternet. If fthis h field f ldcontainsthe h value l zero,then h the h d datagrammust bedestroyed. Thetimeismeasuredinunitsofseconds,butsinceevery modulethatprocessesadatagrammustdecreasetheTTLby atleastone Theintentionistocauseundeliverabledatagramstobe discarded www.jabez.webnode.com

Protocol: (8bits) This Thi field fi ldindicates i di t th thenext tl level lprotocol t lused di inthe th d data t portionoftheinternetdatagram. Thevaluesforvariousp protocolsarespecified p in"Assigned g Numbers. ExamplevaluesareTCP=6;UDP=17;ICMP=1. HeaderChecksum: 16bits. Achecksum h k onthe th header h d only. l Sincesomeheaderfieldschange(e.g.,timetolive),thisis recomputed p andverifiedateachp pointthattheinternet headeris.

www.jabez.webnode.com

SourceAddress: 32bits. bits Thesourceaddress. DestinationAddress: 32bits. Thedestinationaddress. Options: Variablelength Encodestheoptionsrequestedbythesendinguser. Insomeenvironmentsthesecurityoptionmayberequiredinall datagrams. datagrams Padding: padding gisusedtoensurethattheinternet Theinternetheaderp headerendsona32bitboundary. Thepaddingiszero. www.jabez.webnode.com