You are on page 1of 24



Introduction: - ISO-OSI Reference Model – TCP/IP Reference Model – Comparison Network hardware-Repeaters, Routers, Bridges, Gateways, Hub, Cable Modem.

The TCP/IP Reference Model

TCP/IP originated out of the investigative research into networking protocols that the US Department of Defense (DoD) initiated in 1969. The following were seen as major design goals:

ability to connect multiple networks together seamlessly

ability for connections to remain intact

as long

as the source and destination

machines were


to be built on flexible architecture

All these requirements led to the choice of a packet-switching network based on a connectionless internetwork layer. The reference model was named after two of its main protocols, TCP (Transmission Control Protocol) and IP (Internet Protocol). The correspondence between TCP/IP and OSI reference model is shown below.

MODULE I PART 1 Introduction: - ISO-OSI Reference Model – TCP/IP Reference Model – Comparison Network


Figure1: The TCP/IP reference model.

Main layers in TCP/IP reference model are Application layer Transport layer Internet layer Host-to-host layer

The Internet Layer

This layer, called the internet layer, is the linchpin (A pin passed through the end of an axle to keep a wheel in position.) that holds the whole architecture together. Its job is to permit hosts to inject packets into any network and have them travel independently to the destination (potentially on a different network). They may even arrive in a different order than they were sent, in which case it is the job of higher layers to rearrange them, if in-order delivery is desired. The internet layer defines an official packet format and protocol called IP (Internet Protocol). The job of the internet layer is to deliver IP packets where they are supposed to go. Packet routing is clearly the major issue here, as is avoiding congestion. For these reasons, it is reasonable to say that the TCP/IP internet layer is similar in functionality to the OSI network layer.

The Transport Layer

The layer above the internet layer in the TCP/IP model is now usually called the transport layer. It is designed to allow peer entities on the source and destination hosts to

carry on a conversation, just as in the OSI transport layer. Two end-to-end transport protocols have been defined here. The first one, TCP (Transmission Control Protocol).


It is a reliable connection-oriented protocol that allows a byte stream originating on one machine to be delivered without error on any other machine in the internet. It fragments the incoming byte stream into discrete messages and passes each one on to the internet layer. At the destination, the receiving TCP process reassembles the received

messages into the output stream. TCP also handles flow control to make sure a fast sender cannot swamp a

slow receiver with more messages than it can handle. The second protocol in this layer, UDP (User Datagram Protocol) It is an unreliable, connectionless protocol for applications that do not want TCP's sequencing or flow control and wish to provide their own. It is also widely used for one-shot, client-server-type request-reply queries and applications in which prompt delivery is more important than accurate delivery, such as transmitting speech or video. The relation of IP, TCP, and UDP is shown in figure 2.

 It is a reliable connection-oriented protocol that allows a byte stream originating on one machine

Figure 2 . Protocols and networks in the TCP/IP model initially.

The Application Layer

On top of the transport layer is the application layer. It contains all the higher-level protocols. The early ones included virtual terminal (TELNET), file transfer (FTP), and electronic mail (SMTP), as shown in Figure 2.


The virtual terminal protocol allows a user on one machine to log onto a distant machine and work there. The file transfer protocol provides a way to move data efficiently from one machine to another. Electronic mail was originally just a kind of file transfer, but later a specialized protocol (SMTP) was developed for it. Many other protocols have been added to these over the years: the Domain Name System (DNS) for mapping host names onto their network addresses, NNTP, the protocol for moving USENET news articles around, and HTTP, the protocol for fetching pages on the World Wide Web, and many others.

The Host-to-Network Layer

The Host-to-Network layer interfaces the TCP/IP protocol stack to the physical network. The TCP/IP reference model does not specify in any great detail the operation of this layer, except that the host has to connect to the network using some protocol so it can send IP packets over it.

As it is not officially defined, it varies from implementation to implementation, with vendors supplying their own version.

A Comparison of the OSI and TCP/IP Reference Models

The OSI and TCP/IP reference models have much in common. Both are based on the concept of a stack of independent protocols. Also, the functionality of the layers is roughly similar. For example, in both models the layers up through and including the transport layer are there to provide an end-to-end, network- independent transport service to processes wishing to communicate. These layers form the transport provider. Again in both models, the layers above transport are application- oriented users of the transport service.


Despite these fundamental similarities, the two models also have many differences.Three concepts are central to the OSI model:

1. Services.

  • 2. Interfaces.

  • 3. Protocols.

The service definition tells what the layer does, not how entities above it access it or how the layer works. It defines the layer's semantics. A layer's interface tells the processes above it how to access it. It specifies what the parameters are and what results to expect. It, too, says nothing about how the layer works inside.

Finally, the peer protocols used in a layer are the layer's own business. It can use any protocols it wants to, as long as it gets the job done (i.e., provides the offered services). It can also change them at will without affecting software in higher layers. The protocols in the OSI model are better hidden than in the TCP/IP model and can be replaced relatively easily as the technology changes. Being able to make such changes is one of the main purposes of having layered protocols in the first place. The OSI reference model was devised before the corresponding protocols were invented. This ordering means that the model was not biased toward one particular set of protocols, a fact that made it quite general. The downside of this ordering is that the designers did not have much experience with the subject and did not have a good idea of which functionality to put in which layer. With TCP/IP the reverse was true: the protocols came first, and the model was really just a description of the existing protocols. There was no problem with the protocols fitting the model. They fit perfectly. The only trouble was that the model did not fit any other protocol stacks.


The difference between the two models is the number of layers: the OSI model has seven layers and the TCP/IP has four layers. Both have (inter)network, transport, and application layers, but the other layers are different. Another difference is in the area of connectionless versus connection-oriented communication. The OSI model supports both connectionless and connection-oriented communication in the network layer, but only connection oriented communication in the transport layer, where it counts (because the transport service is visible to the users). The TCP/IP model has only one mode in the network layer (connectionless) but supports both modes in the transport layer, giving the users a choice. This choice is especially important for simple request-response protocols.

Network Hardware

As stations connected to different LANs and WANs want to communicate with each other, it is necessary to provide this facility. Internetworking creates a single virtual network over which all stations in different network can communicate seamlessly and transparently. HILI subcommittee (IEEE802.1) of the IEEE identified the following possible internetworking scenarios. ` A single LAN Two LANs connected together (LAN-LAN) A LAN connected to a WAN (LAN-WAN) Two LANs connected through a WAN (LAN-WAN-LAN)

Various internetworking devices such as hubs, bridges, switches, routers and gateways are required to link different networks together. These devices operate in different layers, as illustrated in Fig. 3(a).


Figure 3. (a) Which device is in which layer. (b) Frames, packets, and headers. The layer

Figure 3. (a) Which device is in which layer. (b) Frames, packets, and headers.

The layer matters because different devices use different pieces of information to decide how to switch. In a typical scenario, the user generates some data to be sent to a remote machine. Those data are passed to the transport layer, which then adds a header, for example, a TCP header, and passes the resulting unit down to the network layer. The network layer adds its own header to form a network layer packet, for example, an IP packet. In Fig. 3(b) we see the IP packet shaded in gray. Then the packet goes to the data link layer, which adds its own header and checksum (CRC) and gives the resulting frame to the physical layer for transmission, for example, over a LAN.


The physical layer, we find the repeaters. These are analog devices that are connected to two cable segments. A signal appearing on one of them is amplified and put out on the other. Repeaters do not understand frames, packets, or headers. They understand volts. Classic Ethernet, for example, was designed to allow four repeaters, in order to extend the maximum cable length from 500 meters to 2500 meters.

To extend the length of the network, a repeater may be used as shown in Fig 4. Functionally, a repeater can be considered as two transceivers joined together and

connected to two different segments of coaxial cable. The repeater passes the digital signal bit-by-bit in both directions between the two segments. As the signal passes through a repeater, it is amplified and regenerated at the other end. The repeater does not isolate one segment from the other, if there is a collision on one segment, it is regenerated


on the other segment. Therefore, the two segments form a single LAN and it is transparent to rest of the system.

on the other segment. Therefore, the two segments form a single LAN and it is transparent

Figure 4: Repeater connecting two LAN segments

With reference of the ISO model, a repeater is considered as a level-1 relay as depicted in Fig. 5. It simply repeats, retimes and amplifies the bits it receives. The repeater is merely used to extend the span of a single LAN. Important features of a repeater are as follows:

A repeater connects different segments of a LAN A repeater forwards every frame it receives A repeater is a regenerator, not an amplifier It can be used to create a single extended LAN

on the other segment. Therefore, the two segments form a single LAN and it is transparent

Figure 5: Operation of a repeater as a level-1 relay



A hub has a number of input lines that it joins electrically. Frames arriving on any of the lines are sent out on all the others. If two frames arrive at the same time, they will collide, just as on a coaxial cable. In other words, the entire hub forms a single collision domain. All the lines coming into a hub must operate at the same speed. Hubs differ from repeaters in that they do not (usually) amplify the incoming signals and are designed to hold multiple line cards each with multiple inputs, but the differences are slight. Like repeaters, hubs do not examine the 802 addresses or use them in any way. A hub is shown in Fig. 6(a).

A hub has a number of input lines that it joins electrically. Frames arriving on any

Figure 6. (a) A hub. (b) A bridge. (c) A switch

Hub is a generic term, but commonly refers to a multiport repeater. It can be used to create multiple levels of hierarchy of stations. The stations connect to the hub with RJ- 45 connector having maximum segment length is 100 meters. This type of interconnected set of stations is easy to maintain and diagnose. Figure 7 shows how several hubs can be connected in a hierarchical manner to realize a single LAN of bigger size with a large number of nodes.


Figure 7: Hub as a multi-port repeater can be connected in a hierarchical manner to form

Figure 7: Hub as a multi-port repeater can be connected in a hierarchical manner to form a single LAN with many nodes


A bridge connects two or more LANs, as shown in Fig. 6(b). When a frame arrives, software in the bridge extracts the destination address from the frame header 246 and looks it up in a table to see where to send the frame. For Ethernet, this address is the 48- bit destination address. Like a hub, a modern bridge has line cards, usually for four or eight input lines of a certain type. A line card for Ethernet cannot handle, say, token ring frames, because it does not know where to find the destination address in the frame header. However, a bridge may have line cards for different network types and different speeds. With a bridge, each line is its own collision domain, in contrast to a hub. The bridge operates in layer 2, that is data-link layer and that is why it is called level-2 relay with reference to the OSI model. It links similar or dissimilar LANs, designed to store and forward frames, it is protocol independent and transparent to the end stations. The flow of information through a bridge is shown in Fig. 8. Use of bridges offer a number of advantages, such as higher reliability, performance, security, convenience and larger geographic coverage. But, it is desirable that the quality of service (QOS) offered by a bridge should match that of a single LAN. The parameters that define the QOS include availability, frame mishaps, transit delay, frame lifetime,


undetected bit errors, frame size and priority. Key features of a bridge are mentioned below:

• A bridge operates both in physical and data-link layer • A bridge uses a table for filtering/routing • A bridge does not change the physical (MAC) addresses in a frame Types of bridges:

Transparent Bridges Source routing bridges

undetected bit errors, frame size and priority . Key features of a bridge are mentioned below:

Figure 8: Information flow through a bridge

A bridge must contain addressing and routing capability. Two routing algorithms have been proposed for a bridged LAN environment. The first, produced as an extension of IEEE 802.1 and applicable to all IEEE 802 LANs, is known as transparent bridge. And the other, developed for the IEEE 802.5 token rings, is based on source routing approach. It applies to many types of LAN including token ring, token bus and CSMA/CD bus.

Transparent Bridges

The transparent bridge uses two processes known as bridge forwarding and bridge learning. If the destination address is present in the forwarding database already created,


the packet is forwarded to the port number to which the destination host is attached. If it is not present, forwarding is done on all parts (flooding). This process is known as bridge forwarding. Moreover, as each frame arrives, its source address indicates where a particular host is situated, so that the bridge learns which way to forward frames to that address. This process is known as bridge learning. Key features of a transparent bridge are:


The stations are unaware of the presence of a transparent bridge Reconfiguration of the bridge is not necessary, it can be added/removed without being noticed.

It performs two functions:

Forwarding of frames Learning to create the forwarding table

Source Routing Bridges

The second approach, known as source routing, where the routing operation is performed by the source host and the frame specifies which route the frame is to follow. A host can discover a route by sending a discovery frame, which spreads through the entire network using all possible paths to the destination. Each frame gradually gathers addresses as it goes. The destination responds to each frame and the source host chooses an appropriate route from these responses. For example, a route with minimum hop-count can be chosen. Whereas transparent bridges do not modify a frame, a source routing bridge adds a routing information field to the frame. Source routing approach provides a shortest path at the cost of the proliferation of discovery frames, which can put a serious extra burden on the network.



A switch is essentially a fast bridge having additional sophistication that allows faster processing of frames. Switches are similar to bridges in that both route on frame addresses. In fact, many people use the terms interchangeably. The main difference is that a switch is most often used to connect individual computers, as shown in Fig. 6(c). As a consequence, when host A in Fig. 6(b) wants to send a frame to host B, the bridge gets the frame but just discards it. In contrast, in Fig. 6(c), the switch must actively forward the frame from A to B because there is no other way for the frame to get there. Since each switch port usually goes to a single computer, switches must have space for many more line cards than do bridges intended to connect only LANs. Each line card provides buffer space for frames arriving on its ports. Since each port is its own collision domain, switches never lose frames to collisions. However, if frames come in faster than they can be retransmitted, the switch may run out of buffer space and have to start discarding frames. To alleviate this problem slightly, modern switches start forwarding frames as soon as the destination header field has come in, but before the rest of the frame has arrived (provided the output line is available, of course). These switches do not use store-and- forward switching. Sometimes they are referred to as cut-through switches. Usually, cut- through is handled entirely in hardware, whereas bridges traditionally contained an actual CPU that did store-and forward switching in software. But since all modern bridges and switches contain special integrated circuits for switching, the difference between a switch and bridge is more a marketing issue than a technical one. Some of important functionalities are:

Ports are provided with buffer Switch maintains a directory: #address - port# Each frame is forwarded after examining the #address and forwarded to the proper port# Three possible forwarding approaches: Cut-through, Collision-free and Fully- buffered as briefly explained below.


Cut-through: A switch forwards a frame immediately after receiving the destination address. As a consequence, the switch forwards the frame without collision and error detection. Collision-free: In this case, the switch forwards the frame after receiving 64 bytes, which allows detection of collision. However, error detection is not possible because switch is yet to receive the entire frame. Fully buffered: In this case, the switch forwards the frame only after receiving the entire frame. So, the switch can detect both collision and error free frames are forwarded.

Comparison between a switch and a hub

Although a hub and a switch apparently look similar, they have significant differences. As shown in Fig. 9, both can be used to realize physical star topology, the hubs works like a logical bus, because the same signal is repeated on all the ports. On the other hand, a switch functions like a logical star with the possibility of the communication of separate signals between any pair of port lines. As a consequence, all the ports of a hub belong to the same collision domain, and in case of a switch each port operates on separate collision domain. Moreover, in case of a hub, the bandwidth is shared by all the stations connected to all the ports. On the other hand, in case of a switch, each port has dedicated bandwidth. Therefore, switches can be used to increase the bandwidth of a hub-based network by replacing the hubs by switches.


Figure 9: Difference between a switch and a bridge Routers A router is considered as a

Figure 9: Difference between a switch and a bridge


A router is considered as a layer-3 relay that operates in the network layer, that is it acts on network layer frames. It can be used to link two dissimilar LANs. A router isolates LANs in to subnets to manage and control network traffic. However, unlike bridges it is not transparent to end stations. A schematic diagram of the router is shown on Fig. 10. A router has four basic components: Input ports, output ports, the routing processor and the switching fabric. The functions of the four components are briefly mentioned below.

  • 1 Input port performs physical and data-link layer functions of the router. As shown in Fig. 11(a), the ports are also provided with buffer to hold the packet before forwarding to the switching fabric.

Output ports, as shown in Fig. 11 (b), perform the same functions as the input ports, but in the reverse order. The routing processor performs the function of the network layer. The process involves table lookup.


The switching fabric, shown in Fig. 12, moves the packet from the input queue to the output queue by using specialized mechanisms. The switching fabric is realized with the help of multistage interconnection networks. Communication of a frame through a router is shown in Fig.10.

 The switching fabric, shown in Fig. 12, moves the packet from the input queue to

Figure 10: Schematic diagram of a router

 The switching fabric, shown in Fig. 12, moves the packet from the input queue to
(a) (b)

Figure 11: Schematic diagram of a router


Figure 12: Switching fabric of a router Figure 13: Communication through a router Routers are different

Figure 12: Switching fabric of a router

Figure 12: Switching fabric of a router Figure 13: Communication through a router Routers are different

Figure 13: Communication through a router

Routers are different from all of the above. When a packet comes into a router, the frame header and trailer are stripped off and the packet located in the frame's payload field is passed to the routing software. This software uses the packet header to choose an output line. For an IP packet, the packet header will contain a 32-bit (IPv4) or 128-bit (IPv6) address, but not a 48-bit 802 address. The routing software does not see the frame


addresses and does not even know whether the packet came in on a LAN or a point-to- point line.


A gateway works above the network layer, such as application layer as shown in Fig. 14. As a consequence, it is known as a Layer-7 relay. The application level gateways can look into the content application layer packets such as email before forwarding it to the other side. This property has made it suitable for use in Firewalls discussed in the next module.

addresses and does not even know whether the packet came in on a LAN or a

Figure 14: Communication through a gateway

Up another layer we find transport gateways. These connect two computers that use different connection-oriented transport protocols. For example, suppose a computer using the connection-oriented TCP/IP protocol needs to talk to a computer using the connection-oriented ATM transport protocol. The transport gateway can copy the packets from one connection to the other, reformatting them as need be. Finally, application gateways understand the format and contents of the data and translate messages from one format to another. An e-mail gateway could translate Internet messages into SMS messages for mobile phones, for example.


Cable Modem

Cable TV Networks

The cable TV network started as a video service provider, but it has moved to the business of Internet access.

Traditional Cable Networks

Cable TV started to distribute broadcast video signals to locations with poor or no reception in the late 1940s. It was called community antenna TV (CATV) because an antenna at the top of a tall hill or building received the signals from the TV stations and distributed them, via coaxial cables, to the community. Figure shows a schematic diagram of a traditional cable TV network.

Cable Modem Cable TV Networks The cable TV network started as a video service provider, but

Fig 15: Traditional cable TV network

The cable TV office, called the head end, receives video signals from broadcasting stations and feeds the signals into coaxial cables. The signals became weaker and weaker with distance, so amplifiers were installed through the network to renew the signals. There could be up to 35 amplifiers between the head end and the


subscriber premises. At the other end, splitters split the cable, and taps and drop cables make the connections to the subscriber premises.

The traditional cable TV system used coaxial cable end to end. Due to attenuation of the signals and the use of a large number of amplifiers, communication in the traditional network was unidirectional (one-way). Video signals were transmitted downstream, from the head end to the subscriber premises. Communication in the traditional cable TV network is unidirectional.

Hybrid Fiber-Coaxial (HFC) Network

The second generation of cable networks is called a hybrid fiber-coaxial (HFC) network. The network uses a combination of fiber-optic and coaxial cable. The transmission medium from the cable TV office to a box, called the fiber node, is optical fiber; from the fiber node through the neighborhood and into the house is still coaxial cable. Figure shows a schematic diagram of an HFC network.

subscriber premises. At the other end, splitters split the cable, and taps and drop cables make

Fig 16: Hybridfiber-coaxial (HFC) network


The regional cable head (RCH) normally serves up to 400,000 subscribers. The RCHs feed the distribution hubs, each of which serves up to 40,000 subscribers. The distribution hub plays an important role in the new infrastructure. Modulation and distribution of signals are done here; the signals are then fed to the fiber nodes through fiber-optic cables. The fiber node splits the analog signals so that the same signal is sent to each coaxial cable. Each coaxial cable serves up to 1000 subscribers. The use of fiber- optic cable reduces the need for amplifiers down to eight or less. One reason for moving from traditional to hybrid infrastructure is to make the cable network bidirectional (two- way).

Cable companies are now competing with telephone companies for the residential customer who wants high-speed data transfer. DSL technology provides high-data-rate connections for residential subscribers over the local loop. However, DSL uses the existing unshielded twisted-pair cable, which is very susceptible to interference. This imposes an upper limit on the data rate. Another solution is the use of the cable TV network.

Internet access requires a cable modem, a device that has two interfaces on it: one to the computer and one to the cable network. In the early years of cable Internet, each operator had a proprietary cable modem, which was installed by a cable company technician. However, it soon became apparent that an open standard would create a competitive cable modem market and drive down prices, thus encouraging use of the service. Furthermore, having the customers buy cable modems in stores and install them themselves (as they do with V.9x telephone modems) would eliminate the dreaded truck rolls.

Consequently, the larger cable operators teamed up with a company called Cable Labs to produce a cable modem standard and to test products for compliance. This standard, called DOCSIS (Data Over Cable Service Interface Specification) is just


starting to replace proprietary modems. Not all cable operators like the idea of a standard, however, since many of them were making good money leasing their modems to their captive customers. The modem-to-computer interface is straightforward. It is normally 10-Mbps Ethernet (or occasionally USB) at present. In the future, the entire modem might be a small card plugged into the computer, just as with V.9x internal modems. The modem scans the downstream channels looking for a special packet periodically put out by the headend to provide system parameters to modems that have just come on-line. Upon finding this packet, the new modem announces its presence on one of the upstream channels. The headend responds by assigning the modem to its upstream and downstream channels. These assignments can be changed later if the headend deems it necessary to balance the load. The modem then determines its distance from the headend by sending it a special packet and seeing how long it takes to get the response. This process is called ranging. It is important for the modem to know its distance to accommodate the way the upstream channels operate and to get the timing right. They are divided in time in minislots. Each upstream packet must fit in one or more consecutive minislots. The headend announces the start of a new round of minislots periodically, but the starting gun is not heard at all modems simultaneously due to the propagation time down the cable. By knowing how far it is from the headend, each modem can compute how long ago the first minislot really started. Minislot length is network dependent. A typical payload is 8 bytes.

During initialization, the headend also assigns each modem to a minislot to use for requesting upstream bandwidth. As a rule, multiple modems will be assigned the same minislot, which leads to contention. When a computer wants to send a packet, it transfers the packet to the modem, which then requests the necessary number of minislots for it. If the request is accepted, the headend puts an acknowledgement on the downstream channel telling the modem which minislots have been reserved for its packet. The packet


is then sent, starting in the minislot allocated to it. Additional packets can be requested using a field in the header. On the other hand, if there is contention for the request minislot, there will be no acknowledgement and the modem just waits a random time and tries again. After each successive failure, the randomization time is doubled. he downstream channels are managed differently from the upstream channels. For one thing, there is only one sender (the headend) so there is no contention and no need for minislots, which is actually just time division statistical multiplexing. For another, the traffic downstream is usually much larger than upstream, so a fixed packet size of 204 bytes is used. Part of that is a Reed- Solomon error-correcting code and some other overhead, leaving a user payload of 184 bytes. These numbers were chosen for compatibility with digital television using MPEG- 2, so the TV and downstream data channels are formatted the same way. Logically, the connections are as depicted in Fig 17.

is then sent, starting in the minislot allocated to it. Additional packets can be requested using

Fig 17: Typical details of the upstream and downstream channels in North America.

Once the modem has completed ranging and gotten its upstream channel, downstream channel, and minislot assignments, it is free to start sending packets. The first packet it sends is one to the ISP requesting an IP address, which is dynamically assigned using a protocol called DHCP. The next step involves security. Since cable is a shared medium, anybody who wants to go to the trouble to do so can read all the traffic going past him. To prevent everyone from snooping on their neighbors (literally), all


traffic is encrypted in both directions. Part of the initialization procedure involves establishing encryption keys. At first one might think that having two strangers, the headend and the modem, establish a secret key in broad daylight with thousands of people watching would be impossible. Finally, the modem has to log in and provide its unique identifier over the secure channel. At this point the initialization is complete. The user can now log in to the ISP and get to work.