Basic Networking - Pps

Learn Basic Networking
What we are going to learn
• Basic Networking
• Network Topology
– Bus Topology
– Ring Topology
– Star Topology
– Mesh Topology
– Star-Bus Hybrid Topology
– Star-Ring Hybrid Topology
• Media Access Control
– Carrier Sense Multiple Access With Collision Avoidance (C...
– Carrier Sense Multiple Access With Collision detection (C...

– Token Ring
• OSI Layer
• Network Hardware
• Common Network Media
• IP Address
• Subnet Mask Address
• Protocols
– TCP/IP
– IPX/SPX
– AppleTalk
• Network Cabling
• Wide Area Network
– Circuit Switching
– Packet Switching
• SVC
• PVC
– Cell Switching
– ISDN
• B- Channel
• D-Channel
• PRI VS BRI
– FDDI
– SONET and SDH

– Optical Carrier (OC)
– T-Carrier System
– Digital Subscriber Line
• Asymmetric digital subscriber line (ADSL)
• SDSL (Symmetric Digital Subscriber Line)
– Cable Modem (CM)
– HFC Network (Hybrid Fiber-Coax network)
• Network security
Basic Networking
What is Networking?
• Connecting systems to share information and

resources
• Complex and varied technology
• Many choices for physical connections and
related software
Networking Fundamentals
• As simple as two computers connected with a

cable that can transmit data.
• Allows users to share data quickly and efficiently.
• Access to shared peripheral devices such as
printers, scanners, and fax machines.
Advantages of Networks
• Allow groups of users to exchange information

and share data
• Allow easy and efficient communication among
individuals, including electronic mail (e-mail)
• Device sharing can reduce costs
Standalone Computer and a
“Sneakernet”
• Standalone computer
– Single computer not
attached to a network
– Cannot match power and
convenience of network
• “Sneakernet”
– Passing floppy disk from
machine to machine
– Old alternative to
networking
Sharing Resources on a Simple
Network
• Networking
computers allows
them to:
– Share data
– Access shared
printer and other
equipment
A Networking Lexicon
Must understand specialized networking

vocabulary, including
• Protocols: The term protocol means set of
rules. In networking world every system must
be equipped to communicate with different
systems. Protocol plays a vital role to deal with
situation.
• Hosts: The term hosts refers to any computer or device

that is connected to a network and sends or receives
information on that network. A host can be a server, a
workstation, a printer with its own network card, or a
device such as a router. We can summarize by saying
that any system or device that is connected the network
is known as a host.
– Server — shares resources across network,

typically with more central processing unit (CPU)
power and storage capacity than other computers
– Client — accesses shared resources
– Request-response — client requests information;
server responds by providing information
– Client-server relationship — client makes a
request to the server, and the server responds with
requested data
– Peer-to-peer — computers share and request
resources from one another
Network Protocols
• Network protocols – a common set of rules

• Define how to interpret signals, identify individual
computers, initiate and end networked communication,
and manage information exchange across network
medium
• Include TCP/IP, NetBEUI, IPX/SPX, and NWLink
Network Software
• Network software issues requests and responses

• Network operating system (NOS) controls which
computers and users access network resources
– Include both client and server components
– Popular NOSs include Windows Server 2003,
Windows XP, Windows 2000, Windows NT, and
Novell NetWare
• Network applications access the network
– Include e-mail programs, Web browsers, and
network-oriented utilities
Network Types
• Two major types of networks

– Peer-to-peer
– Client/Server (also called server-based)
Peer-to-Peer Networking
• Peers with no centralized control over shared resources

• Can share resources with any other computer on network
• No computer has higher access priority
• No computer has more responsibility to provide or shared
resources
Peer-to-Peer Network
Advantages
• Easy to install and configure

• No dedicated server
• Users control own shared resources
• Inexpensive to purchase and operate
• No additional equipment or software
• No dedicated administrators
• Works best with 10 or fewer users
Disadvantages
• Security applies to single resource at a time

• Users may have many different passwords
• Must back up each machine individually
• Machine sharing resources may suffers reduced
performance
• No centralized organization scheme to locate or
control access to data
• Does not usually work well with more than
10 users
Server-Based Networks
• Server responds to client requests

• Figure 1-6 shows a typical server-based
network
• Provide centralized control over resources
• Servers require faster CPUs, more memory,
larger disk drives, and extra peripherals such
as tape drives
• May be dedicated, handling only requests from
client communities
Server-Based Networks (continued)
Client Server Relationship
• One or more servers may do centralized

verification of user accounts and passwords
• Novell and Windows servers use a directory
service
– Checks account names and passwords against
database
– Manage shared resources
– Windows 2000/2003 calls it Active Directory
– Novell NetWare calls it Novell Directory Services
(NDS)
• Easier to scale
• May handle thousands of users
Server-Based Networking
Advantages
• Simplifies network administration
• Centralizes user accounts, security, and access
controls
• More powerful equipment
• More efficient access to network resources
• Single password for network logon
• Best choice for networks with 10 or more users or
network with heavily-used resources
Server-Based Networking
Disadvantages
• At worst, server failure renders network

unusable
• At least, server failure causes loss of
network resources
• More expensive
• Requires expert staff to handle complex
server software
• Requires dedicated hardware and
specialized software
Storage-Area Networks (SANs)
• Uses high-speed network links between servers

in enterprise and centralized storage systems
• Data and applications reside on centralized
storage
• Sideband link connecting SAN components is
completely separate from network that links
clients and servers
Storage-Area Networks (continued)
• Provide centralized control over network

storage
• Much more expensive than conventional
storage
• Offer many advantages, including:

– Fast access to SAN storage
– Backups from single location
– Fastest, more reliable storage subsystems, including
hot-swappable power supplies and disk drives
– Extra level of security and access control
– Easier to increase storage capacity
Wireless Personal Area Networks
(WPANs)
• Short-range networking technology used to

connect personal computing and
communication devices
• Include devices that user wears or comes in
close contact with
– Cell phones, pagers, personal digital assistants
(PDAs), and even watches
• Short range transmission, typically 10 meters or
less
• Use secure access method
Wireless Personal Area Networks (WPANs)
(continued)
• No single standard exists for PANs

• Ericcson developed short-range networking
technology called Bluetooth
• Emerging standard is IEEE 802.15, dubbed
wireless personal area network (WPAN)
Hybrid Networks
• Combination networks
• Workstations function simultaneously as
peers on a peer-to-peer network and as
clients on server-based networks
• Modern operating systems can function both
as peers and as clients
– Windows Server 2003, Windows 2000, Windows XP
Networking
• Point to point communication not usually

practical
– Devices are too far apart
– Large set of devices would need impractical number of
connections
• Solution
– Wide Area Network (WAN)
– Local Area Network (LAN)
Wide Area Networks (WAN)
– Large geographical area

– Crossing public rights of way
– Rely in part on common carrier circuits
– Alternative technologies
• Circuit switching
• Packet switching
• Frame relay
• Asynchronous Transfer Mode (ATM)
Wide Area Networks (WAN) Continued
Host
Host
Host Host
Host
Host
Host Host
Host
Host
Host
Hosts in a large geographical area connected

together in WAN
Wide Area Networks (WANs) and the
Internet
• Wide area network (WAN) – spans distances

measured in miles; links two or more separate
LANS
• Metropolitan area network (MAN) – uses WAN
technology to interconnect LANs within a specific
geographic region
• Internet – global WAN internetwork; includes
millions of machines and users worldwide
Local Area Networks (LANs) and
Internetworks
• Early networks – custom-built, expensive,

severe restrictions
• Early Ethernet – no more than 30 users with
total span of 607 feet
• Local area network (LAN) – works within
limited geographic area
– Building block for constructing larger networks,
called internetworks
• Internetwork – network 100 or more
computers at distances in excess of 1000 feet
LAN Configurations
• Switched
– Switched Ethernet
• May be single or multiple switches
– ATM LAN
– Fibre Channel
• Wireless
– Mobility
– Ease of installation
Networking Configuration
LAN (1)
• Client/Server Model with Dedicated Servers

LAN (2)
• Client/Server Model with General Servers

Network Topology
Network Topologies
• Topology: Topology is the physical layout of the network

• Cable plant: pattern of physical layout
– Wired networks: cabling laid in office, building, campus
– Wireless networks: types of antennas, devices, direction of
transmission
• Decentralized network layout
– Cable between each station on network
– Analogy: mountain climbers connected by a rope
• Centralized network layout
– Each station physically connected to central device
– Analogy: star with workstation as its points
46
Network Topologies (continued)
• Main topologies: bus, ring, star, and mesh

• Hybrid topologies: star-bus, star-ring
• Selecting topology for network
– Consider intended purpose
• Demand for network services
• Number and kinds of applications used
• Network traffic (number of frames to transmit)
• Connection to other networks
• Security needs
• Network topology influences network growth potential
47
Bus Topology
• Bus topology
– A single backbone cable connects all the systems
– Visualizes connections as chain links
– Terminator attached to each end of bus cable segment
• Transmitting packet across bus
– Detected by all nodes on segment
– Given time limit to reach destination
• IEEE (Institute of Electrical and Electronics Engineers)
– Develops standards for network cabling, transmission
– Specifies length of bus segment
48
Bus Topology
49
Bus Topology (continued)
• Terminator signals end of physical segment

– Functions as resistor that absorbs signal
• Terminator critical on bus networks
– Prevents signal reflection back on to covered path
• Advantages of bus design
– Requires less cable than other topologies
– Easy to extend bus with a workstation
• Disadvantages of bus topology
– High management costs
• Single defective node can take down entire network
– Can become quickly congested with network traffic
50
Ring Topology
• Ring topology: continuous data path

– Each system is connected with its two neighbors
to create a ring.
• Transmitting data across ring topology
– Goes around ring to reach destination
– Continues until ends at source node
• Advantages to ring topology
– Easier to manage than bus
– Handles high volume network better than bus
– Suited to transmitting signals over long distances
• Disadvantages to ring topology
– More expensive to implement than bus
– Fewer equipment options than bus
51
52
Star Topology
• Star topology: multiple nodes attached to central device

(hub, switch, router)
– Cable segments radiate from center like a star
– Example: workstations connected to switch
• Advantages of star topology
– Start-up costs comparable to ring topology
– Easier to manage, defective nodes quickly isolated
– Easier to expand by connecting nodes or networks
– Offers better equipment and high-speed options
• Disadvantages of star topology
– Failure of central device may cause network failure
– Requires more cable than bus
53
54
Mesh Topology
• Mesh topology
– Every node connected to every other node in
network
– Provides network with fault tolerance
• Fault tolerance: built-in protection against failure
• If link breaks, nodes can still communicate
– Alternate communication paths increase as number
of nodes increase
• Mesh topology used less on LANs
– Expensive to implement
• Mesh topology often used in MANs and WANs
55
56
Star-Bus Hybrid Topology
• Star-Bus (star-wired) topology

– Each radiating finger is separate logical bus segment
– Each segment terminated at both ends
• Advantages of Star-Bus topology
– No exposed terminators
– Connect multiple central devices to expand network
– Connection between central devices is a backbone
• Backbone enables high-speed communication
– Central devices have built-in intelligence
– Many equipment and high-speed options available
57
Star-Ring Hybrid Topology
• Star-Ring (Star-Wired) Topology

– Hub or access unit acts as linking device
– Transmission using logical communication of
ring
– No need for built-in terminators
58
Media Access Control
Carrier Sense Multiple Access With
Collision detection (CSMA/CD)
• Carrier Sense means that every Ethernet device listens to

the Ethernet wire before it attempts to transmit. If the
Ethernet device senses that another device is
transmitting, it will wait to transmit.
• Multiple Access means that more than one Ethernet
device can be sensing (listening and waiting to transmit)
at a time.
• Collision Detection means that when multiple Ethernet
devices accidentally transmit at the same time, they are
able to detect this error.
Carrier Sense Multiple Access With Collision
detection (CSMA/CD) (continued)
• It is the protocol used in Ethernet networks

to ensure that only one network node is
transmitting on the network wire at any one
time.
How Collisions Occur under CSMA/CD
• Imagine a very simple Ethernet network with only two nodes.

• Each node, independently, decides to send an Ethernet frame to the other
node.
• Both nodes listen to the Ethernet wire and sense that no carrier is present.
• Both nodes transmit simultaneously, causing a collision.
• Both nodes detect the collision and each node waits a random amount of
time before transmitting again.
• Collisions are normal on an Ethernet network. A small amount of collisions
are expected in the protocol design.
• If too many nodes are transmitting on an Ethernet network the number of
collisions can rise to an unacceptable level. This can reduce the amount of
available bandwidth on an Ethernet network because so much bandwidth is
lost in retransmission.
• Ethernet switches greatly reduce the already minor difficulties experienced
with the CSMA/CD protocol.
Carrier Sense Multiple Access With
Collision Avoidance (CSMA/CA)
• CSMA/CA is a protocol for carrier transmission in

802.11 networks. Unlike CSMA/CD (Carrier Sense
Multiple Access/Collision Detect) which deals with
transmissions after a collision has occurred, CSMA/CA
acts to prevent collisions before they happen.
Carrier Sense Multiple Access With Collision
Avoidance (CSMA/CA) (continued)
• In CSMA, a station wishing to transmit has to first listen to the

channel for a predetermined amount of time so as to check for
any activity on the channel.
• If the channel is sensed "idle" then the station is permitted to

transmit. If the channel is sensed as "busy" the station has to
defer its transmission.
• In CSMA/CA (LocalTalk), once the channel is clear, a station

sends a signal telling all other stations not to transmit, and
then sends its packet. In Ethernet 802.3, the station continues
to wait for a time, and checks to see if the channel is still free.
If it is free, the station transmits, and waits for an
acknowledgment signal that the packet was received.
Token Ring
Token Ring uses a ring topology whereby the data is sent

from one machine to the next and so on around the ring
until it reaches the destination from where it has been
started. It also uses a token passing protocol which
means that a machine can only use the network when it
has control of the Token, this ensures that there are no
collisions because only one machine can use the network
at any given time.
How Token Ring Works
How Token Ring Works (Continued)
• At the start, a free Token is circulating

on the ring, this is a data frame which
to all intents and purposes is an
empty vessel for transporting data. To
use the network, a machine first has
to capture the free Token and replace
the data with its own message.
• In the example, machine 1 wants to
send some data to machine 4, so it
first has to capture the free Token. It
then writes its data and the recipient's
address onto the Token (represented
by the yellow flashing screen).
• The packet of data is then sent to

machine 2 who reads the address,
realizes it is not its own, so passes it on
to machine 3. Machine 3 does the same
and passes the Token on to machine 4.
• This time it is the correct address and
so number 4 reads the message
(represented by the yellow flashing
screen). It cannot, however, release a
free Token on to the ring, it must first
send the message back to number 1
with an acknowledgement to say that it
has received the data (represented by
the purple flashing screen).
• The receipt is then sent to

machine 5 who checks the
address, realizes that it is not
its own and so forwards it on to
the next machine in the ring,
number 6.
• Machine 6 does the same and
forwards the data to number 1,
who sent the original message.
• Machine 1 recognizes the

address, reads the
acknowledgement from
number 4 (represented by
the purple flashing screen)
and then releases the free
Token back on to the ring
ready for the next machine
to use.
Token Ring hub
• A Token Ring hub simply changes the topology

from a physical ring to a star wired ring. The
Token still circulates around the network and is
still controlled in the same manner, however,
using a hub or a switch greatly improves
reliability because the hub can automatically
bypass any ports that are disconnected or have
a cabling fault.
Token Ring hub (Continued)
OSI Layer
Why was the OSI invented?
• Developed in 1977 to create concrete protocols

• It was made as a model of what needed to be
done as opposed to how it was to be done.
• More theoretical rather than in practical use
• Provides a standard for all networking operations
and jobs
What Each Layer Does
2
Application Layer
• Gives end-user
applications access to
network resources
• Where is it on my
computer?
– Workstation or Server
Service in MS Windows
3
Presentation Layer
• Provides common data
formatting between
communicating
devices
• Components make
sure the receiving
station can read the
transferred data
3
Session Layer
• Allows applications to
maintain an ongoing
session
• Example – NetBIOS
• Where is it on my
computer?
– Workstation and
Server Service (MS)
– Windows Client for
NetWare (NetWare)
3
Transport Layer
• Provides reliable data
delivery
• It’s the TCP in TCP/IP
• Receives info from
upper layers and
segments it into packets
• Can provide error
detection and correction
3
Network Layer
• Provides network-wide
addressing and a
mechanism to move
packets between
networks (routing)
• Responsibilities:
– Network addressing
– Routing
• Examples:
– IP from TCP/IP
– IPX from IPX/SPX
3
Network Addresses
• Network-wide addresses
• Used to transfer data across subnets
• Used by routers for packet forwarding
• Example:
– IP Address
• Where is it on my computer?
– TCP/IP Software
Data Link Layer
• Places data and
retrieves it from the
physical layer and
provides error
detection capabilities
3
Sub-layers of the Data Link Layer
• MAC (Media Access Control)
– Gives data to the NIC
– Controls access to the media through:
• CSMA/CD Carrier Sense Multiple Access/Collision
Detection
• Token passing
• LLC (Logical Link Layer)
– Manages the data link interface (or Service Access Points
(SAPs))
– Can detect some transmission errors using a Cyclic
Redundancy Check (CRC). If the packet is bad the LLC
will request the sender to resend that particular packet.
Physical Layer
• Determines the specs for
all physical components
– Cabling
– Interconnect methods
(topology / devices)
– Data encoding (bits to
waves)
– Electrical properties
• Examples:
– Ethernet (IEEE 802.3)
– Token Ring (IEEE 802.5)
– Wireless (IEEE 802.11b)
3
Physical Layer (cont’d)
• What are the Physical Layer components on my
computer?
• NIC
– Network Interface Card
– Has a unique 12 character Hexadecimal number
permanently burned into it at the manufacturer.
– The number is the MAC Address/Physical address of a
computer
• Cabling
– Twister Pair
– Fiber Optic
– Coax Cable
How Does It All Work Together
• Each layer contains a Protocol
Data Unit (PDU)
– PDU’s are used for peer-to-peer
contact between corresponding
layers.
– Data is handled by the top three
layers, then Segmented by the
Transport layer.
– The Network layer places it into
packets and the Data Link frames
the packets for transmission.
– Physical layer coverts it to bits
and sends it out over the media.
– The receiving computer reverses
the process using the information
2
contained in the PDU.
2Cisco Academy Program Semester 1
TCP/IP
• Although OSI model is used as the standard, not

commonly used today by TCP/IP or UDP
• TCP/IP uses a 4 layer model which combines certain
features of the OSI 7 layer model
• (Physical)
• Data Link
• Internet
• Transport
• Application
Physical Layer
• Encodes transmissions of data over network

• Physical layer of sending to physical layer of
receiving
• Ethernet, scsi, hubs, routers, LAN, WAN ect is all
part of physical layer
Data Link
• Place where actual TCP/IP protocols that are

running interface to local network
• Equivalent to layer 2 of the OSI Model (data link)
Network Layer
• Corresponds to Network Layer in OSI

• Responsible for:
– Local device addressing
– Data packaging
– Manipulation and deliver
– Routing
Transport Layer
• Facilitates end to end communication over

internetwork
• Allows logical connections between devices via
unreliably and reliably
• Identification of the specific source and
destination are noted
• Layer 4 in OSI Model
Application Layer
• Covers top 4 layers of OSI model

• Place where FTP and SMTP take place
Network Hardware
Repeater, Switch Hub, Router etc

Network Hardware
• Hub
– An unintelligent network device that
sends one signal to all of the stations
connected to it.
– All computers/devices are competing
for attention because it takes the data
that comes into a port and sends it out
all the other ports in the hub.
– Traditionally, hubs are used for star
topology networks, but they are often
used with other configurations to make
it easy to add and remove computers
without bringing down the network.
– Resides on Layer 1 of the OSI model
Network Hardware
• Switch
– Split large networks into small
segments, decreasing the number
of users sharing the same network
resources and bandwidth.
– Understands when two devices
want to talk to each other, and gives
them a switched connection
– Helps prevent data collisions and
reduces network congestion,
increasing network performance.
– Most home users get very little, if
any, advantage from switches, even
when sharing a broadband
connection.
– Resides on Layer 2 of the OSI
model.
Network Hardware
• Bridge
– Connects two LANs and
forwards or filters data packets
between them.
– Creates an extendedI network in
which any two workstations on
the linked LANs can share data.
– Transparent to protocols and to
higher level devices like routers.
– Forward data depending on the
Hardware (MAC) address, not
the Network address (IP).
model.
Network Hardware
• Repeater
– Used to boost the signal
between two cable segments
or wireless access points.
– Can not connect different
network architecture.
– Does not simply amplify the
signal, it regenerates the
packets and retimes them.
model.
Network Hardware
• Router
– A device that connects any number of
LANs.
– Uses standardized protocols to move
packets efficiently to their destination.
– More sophisticated than bridges,
connecting networks of different types
(for example, star and token ring)
– Forwards data depending on the
Network address (IP), not the Hardware
(MAC) address.
– Routers are the only one of these four
devices that will allow you to share a
single IP address among multiple
network clients.
– Resides on Layer 3 of the OSI model.
Network Hardware
• Additional Network Hardware Devices

– Network Interface Cards (NICs)
• Puts the data into packets and transmits packet onto the network.
• May be wired or wireless.
– Gateway
• Connects networks with different protocols like TCP/IP network and IPX/SPX networks.
• Routers and Gateways often refer to the same device.
– Proxy server
• Isolates internal network computers from the internet.
• The user first access the proxy server and the proxy server accesses the internet and retrieves
the requested web page or document. The user then gets a copy of that page from the proxy
server.
Router connections
Optional
USB Port
LAN Ports
WAN Port – for
- usually devices on
Modem the home
plugs in network
here
RJ-45
Connector
on UTP
cable
Network Addressing – how it
works
Private IP addresses assigned for
internal use (automatically by the
DHCP server or configured
manually by the user)
Public IP address assigned by the
Internet Service Provider (ISP)
Common Network Media
•Electrical (copper)
•Coaxial Cable
•Single copper conductor in the center surrounded by a plastic layer for
insulation and a braided metal outer shield.
•Twisted pair
•Four pairs of wires twisted to certain specifications.
•Available in shielded and unshielded versions.
•Fiber-optic - A cable, consisting of a center glass core surrounded by layers of

plastic, that transmits data using light rather than electricity.
•Atmosphere/Wireless – Uses Electromagnetic waves. whose frequency

range is above that of microwaves, but below that of the visible spectrum.
•Choose Media based on :

•Wiring configurations
•Distance and location limitations
•Speed
•Reliability
•Security
•Budget
Copper - Twisted Pair
• Dialup over telephone line.

– DSL (Digital Subscriber Line)
• High-speed (256 Kbps – 55 Mbps), Full-duplex.
• Asymmetric Digital Subscriber Line (ADSL) and High-bit-rate
Digital Subscriber Line (HDSL)
• CAT5
– Ethernet cable standard defined by the Electronic
Industries Association and Telecommunications Industry
Association (EIA/TIA).
– Speeds up to 100 Mbps.
• Connector
– RJ-45 - Standard connectors used for unshielded
twisted-pair cable.
Ethernet Specifications
• 10BaseT
– Ethernet specification for unshielded twisted pair cable (category 3, 4, or 5), transmits
signals at 10 Mbps (megabits per second) with a distance limit of 100 meters per
segment.
• 10BaseF
– Ethernet specification for fiber optic cable, transmits signals at 10 Mbps (megabits per
second) with a distance limit of 2000 meters per segment.
• 100BaseT
– Ethernet specification for unshielded twisted pair cabling that is used to transmit data
at 100 Mbps (megabits per second) with a distance limit of 100 meters per segment.
• 1000BaseTX
– Ethernet specification for unshielded twisted pair cabling that is used to transmit data
at 1 Gbps (gigabits per second) with a distance limitation of 220 meters per segment.
Optical Fiber
•Infrared light is transmitted through fiber and confined
due to total internal reflection.
•Fibers can be made out of either plastic or glass.
•Used for high speed backbones and pipes over long
distances.
•Comparatively expensive.
Source : http://en.wikipedia.org/wiki/Optical_fiber
MAC Address
What is MAC Address
• Each network card has a

unique address that is
burned into the card by its
manufacturer. This unique
address is known as a MAC
address and is used in the
header of the packet for the
source and destination
addresses of the packet.
IP Address
What is IP address
• Before your computer can communicate with

other computers on a network, it must have an
address. On your network, this address is known
as an “IP address.”
• Current the most popular version of IP address is
v4, but v6 is also gaining it’s popularity.
IPv4 Addressing Overview
• Internet address’s architecture

• Classes of IP addresses
• Subnet mask
IP Address
• An IP address is a 32-bit sequence of 1s and 0s.

• To make the IP address easier to use, the address is
usually written as four decimal numbers separated by
periods.
• This way of writing the address is called the dotted
decimal format.
Every IP address has two parts:
1. Network
2. Host
IP addresses are divided into
classes A,B and C to define
large, medium, and small
networks.
The Class D address class
was created to enable
multicasting.
IETF reserves Class E
addresses for its own
research.
Reserved IP Addresses
• Certain host addresses

are reserved and cannot
be assigned to devices
on a network.
• An IP address that has
binary 0s in all host bit
positions is reserved for
the network address.
• An IP address that has
binary 1s in all host bit
positions is reserved for
the broadcast address.
IP Private Addresses
• No two machines that connect to a public network can have
the same IP address because public IP addresses are global
and standardized
• Private IP addresses are a solution to the problem of the
exhaustion of public IP addresses. Addresses that fall within
these ranges are not routed on the Internet backbone:
• Connecting a network using private addresses to the

Internet requires the usage of NAT
Subnet Mask Address
• Determines which part of an IP address is the network

field and which part is the host field.
• Follow these steps to determine the subnet mask:
– 1. Express the subnetwork IP address in binary form.
– 2. Replace the network and subnet portion of the address
with all 1s.
– 3. Replace the host portion of the address with all 0s.
– 4. Convert the binary expression back to dotted-decimal
notation.
Establishing the Subnet Mask Address
• To determine the number of bits to be used, the

network designer needs to calculate how many hosts
the largest subnetwork requires and the number of
subnetworks needed.
Subnetting example
Variable-Length Subnet Mask - VLSM
• VLSM allows you to use more than one subnet mask

within the same network address space - subnetting a
subnet
S Subnet Add
0 207.21.24.0/27
1 207.21.24.32/27
2 207.21.24.64/27
3 207.21.24.96/27 Sub-sub Sub-Subnet Add
4 207.21.24.128/27 Sub 0 207.21.24.192/30
5 207.21.24.160/27 Sub 1 207.21.24.196/30
6 207.21.24.192/27 ……..
7 207.21.24.224/27 Sub 5 207.21.24.212/30
Sub 6 207.21.24.216/30
Sub 7 207.21.24.220/30
Supernetting
• Using a bitmask to group multiple classful networks as a

single network address.
• Same process with route aggregation.
• supernetting is most often applied when the aggregated
networks are under common administrative control.
• In class C network addresses, supernetting can be used
so that the addresses appear as a single large network, or
supernet
Protocols
TCP/IP
IPX/SPX
AppleTalk
Protocols
• Protocol is the rules and procedures which govern communication.

• The rules and procedures that allow devices on a network to
communicate with each other are referred to as protocols.
• Some protocols deal specifically with the process of transferring data
from one system to another, and others are responsible for things
such as route discovery and providing client functionality.
Various Protocols
• TCP/IP
• IPX/SPX
• AppleTalk
TCP/IP
• Transmission control protocol / Internet Protocol

is the most popular protocol suite used in today’s
network environment.
• It is called a protocol stack i.e. it consists of many
protocols along with two major protocols TCP and
IP.
Four-layer model of TCP/IP
• A four-layer model is contained in TCP/IP model

similar in concept to the seven-layer OSI model.
• The four layers of the TCP/IP model map out to
the seven layers of the OSI, but you may find that
one layer of the TCP/IP model combines multiple
layers of the OSI model, as shown in the next
slide.
Connection oriented protocol
• guaranteed delivery of the data.

• Any packet that is not received by the destination system is
resent by the sending device.
• Communication between the sending and receiving devices
continues until the transmission has been verified.
• connection-oriented protocols have a higher overhead and place
greater demands on bandwidth.
• Ex: TCP
Connection less protocol
• connectionless protocols offer only a best-effort delivery

mechanism.
• If there is an error in the transmission, there is no
mechanism to resend the data, so transmissions made
with connectionless protocols are not guaranteed.
• Connectionless communication requires far less
overhead than connection-oriented communication, so it
is popular in applications such as streaming audio and
video where a small number of dropped packets might
not represent a significant problem.
TCP
• Transmission Control Protocol

• TCP is a connection-oriented protocol.
• TCP provides the following major services to the upper
protocol layers:
– Connection-oriented data management to assure the end-to-end
transfer of data across the network(s).
– Reliable data transfer to assure that all data is accurately received, in
sequence and with no duplicates.
– Stream-oriented data transfer takes place between the sender
application and TCP and the receiving application and TCP.
• To stream is to send individual characters not blocks or frames.
TCP Operation
• Prior to data transmission, hosts establish a virtual

connection via a synchronization process. The synch
process is a 3-way “handshake”, which ensures both
sides are ready to transfer data and determines the
initial sequence numbers.
• Sequence numbers give hosts a way to acknowledge
what they have received. TCP header contain SYN
bits, or flags, to achieve this.
TCP Synchronization or 3-Way Handshake
TCP is a connection oriented protocol. Communicating hosts go through a

synchronization process to establish a virtual connection. This synchronization
process insures that both sides are ready for data transmission and allows the
devices to determine the initial sequence numbers.
Sequence numbers are

reference numbers
between the two devices. Send SYN
The sequence numbers Seq = x Receive SYN
give each host a way to Seq = x
ACK the SYN, so the
Receive SYN Send SYN
receiver knows which Seq = y
connection request the Seq = y ACK = x + 1
ACK = x + 1
sender is responding to.
Send ACK
ACK = y + 1 Receive ACK
ACK = y + 1
Denial of Service Attacks
DoS attacks are designed to deny services to legitimate users.
DoS attacks are used by hackers to overwhelm and crash systems.
SYN flooding is a DoS attack that exploits the three way handshake.
1. Hacker initiates a SYN but spoofs
the source IP address.
2. Target replies to the unreachable IP Send SYN
address and waits for final ACK. Receive SYN
Send SYN
3. Hackers floods target with false Send SYN Send SYN/ACK
Send SYN
SYN requests tying up its Send SYN
connection resources, preventing it Send SYN
from responding to legitimate
connection requests.
To defend against these attacks, decrease the connection timeout period

and increase the connection queue size. Software also exists that can
detect these types of attacks and initiate defensive measures.
TCP Windows and Flow Control
• Data often is too large to be sent in a single segment. TCP splits the data
into multiple segments.
• TCP provides flow control through “windowing” to set the pace of how much
data is sent at a time – IE how many bytes per window, and how many
windows between ACKs.
Window Size = 1 Window Size = 3
Windowing and Window Size
Window size determines the amount of
Fast enough I didn’t get
data that you can transmit before for you? all of that,
receiving an acknowledgment. This is slow down.
how TCP assists in congestion control.
Sliding window refers to the fact
that the window size is negotiated
dynamically during the TCP
session.
Expectational acknowledgment
means that the acknowledgment
number refers to the octet that is
next expected.
If the source receives no
acknowledgment, it knows to
retransmit at a slower rate.
Sequence and ACK Numbers
 Each TCP segment is numbered before transmission so that the
receiver will be able to properly reassemble the bytes in their
original order.
 They also identify missing data pieces so the sender can retransmit
them.
 Only the missing segments need to be re-transmitted.
Positive Acknowledgement and Retransmission

TCP utilizes PAR to control data flow and confirm data delivery.
 Source sends packet, starts timer, and waits for ACK.

 If timer expires before source receives ACK, source retransmits the
packet and restarts the timer.
TCP Encapsulation
0 15 16 31
VERS HLEN TOS Total Length

4 bits 4 bits 8 bits 16 bits
Identification Flags Fragment Offset
16 bits 3 bits 13 bits
TTL Protocol Checksum
Source IP Address IP Header
32 bits
Destination IP Address
32 bits
IP Options(if any)
32 bits
IP Datagram Source Port Destination Port

16 bits 16 bits
Sequence Number
32 bits
Acknowledgement Number
32 bits
Offset Reserved U A P R S F Receive Window Size
TCP Header
Checksum Urgent Pointer
16 bits 16 bits
Options (if any)

TCP Data (if any)
ETHERNET
PREAMBLE DESTINATION SOURCE FIELD IP TCP DATA FCS

ADDRESS ADDRESS TYPE HEADER HEADER 0-65535
8 6 6 2 4
TCP Segment Format
Number of the calling port Number of the called port
Used to ensure correct

sequencing of the
arriving data
Next expected
TCP octet
Number of 32-bit words in
the header
set to zero
Control setup and
termination of session
Number of octets sender is
Indicates the end of the urgent data willing to accept
Upper layer protocol data

Details on TCP Fields (out of
syllabus)
• Sequence Number. TCP numbers each byte in the TCP data with
a sequence number.
– The sequence number identifies the first byte in the data
segment being transmitted from the sending TCP to the
receiving TCP.
• Acknowledgement Number. The acknowledgement number
contains the next sequence number the receiving station (sending
the acknowledgement) expects to receive. The Acknowledgement
flag is set.
– Offset. It is perhaps more descriptive to call this field the
TCP Header Length. This field is required because the
length of the options field is variable.
– It indicates where the TCP header ends and the data begins.
The header is 20 bytes without the options field.
• Reserved. This field is reserved for future use and is set to zero.
Details on TCP Fields (out of
syllabus) Contd
• TCP software uses the 6 Code Bits to determine the purpose and contents of
the segment.
– Urg This flag indicates that this segment contains an Urgent pointer field. The Urgent
Pointer field is explained below. 1 = Urgent, 0 = Not Urgent.
– Ack This flag indicates that this segment contains an Acknowledgement field. 1 =
Ack, 0 = No Ack.
– Psh The segment requests a Push. TCP software usually gathers enough data to fill
the transmit buffer prior to transmitting the data. 1 = Push, 0 = No Push. If an
application requires data to be transmitted even though a buffer may not be full then a
PUSH flag bit is set. At the receive side the PUSH makes the data available to the
application without delay.
– Reset This field will Reset the connection. 1 = Reset, 0 = No Reset.
– Syn This flag field is used to Synchronize sequence numbers to initiate a connection.
1 = Syn, 0 = No Syn
– Fin The Finish flag bit is used to indicate the termination of a connection. 1 = Fin, 0 =
No Fin.
• Urgent Pointer. This field presents a way for the sender to transmit emergency data to the
receiver. The URG flag must be set.
– The Urgent Pointer is a 16 bit positive offset that is added to the sequence number field in the TCP
header to obtain the sequence number of the last byte of the urgent data.
– The application determines where the urgent data starts in the data stream.
– The field is normally used by the application to indicate the pressing of an interrupt key during
Telnet/Rlogin or a file transfer abort during FTP.
UDP/TCP Operation Comparison
• There are two protocols at Layer 4 – TCP UDP

TCP and UDP. Both TCP and UDP
use IP as their underlying protocol. Connection-oriented Connectionless delivery,
delivery faster
• TCP must be used when applications
need to guarantee the delivery of a Uses windows and ACKs No windows or ACKs
packet. When applications do not
need a guarantee, UDP is used.
Full header Smaller header, less
• UDP is often used for applications and overhead
services such as real-time audio and
video. These applications require less Sequencing No sequencing
overhead. They also do not need to be
Provides reliability Relies on app layer
re-sequenced since packets that arrive protocols for reliability
late or out of order have no value.
FTP, HTTP, SMTP, and DNS, TFTP, SNMP, and
DNS DHCP
UDP segment format

 0 – 15   16 - 31   31 - 47   48 – 63  64 
Source Port Destination Port Length Checksum Data…

User Datagram Protocol
0 15 16 31
UDP Source Port UDP Destination Port
UDP Message Length UDP Checksum
Data
. . .
ETHERNET FCS
DESTINATION SOURCE FIELD IP HEADER UDP DATAGRAM
PREAMBLE TYPE
ADDRESS ADDRESS
8 6 6 2 8-1500 4
• UDP is a connectionless, unreliable Transport level service protocol. It is primarily

used for protocols that require a broadcast capability, i.e RIP.
• It provides no packet sequencing, may lose packets, and does not check for
duplicates.
– It is used by applications that do not need a reliable transport service.
– Application data is encapsulated in a UDP header which in turn is encapsulated in an IP
header.
• UDP distinguishes different applications by port number which allows multiple
applications running on a given computer to send /receive datagrams independently
of one another.
UDP Port Numbers
Echo 7 Echo user datagram back to user
Discard 9 Discard user datagrams
Daytime 13 Report time in a user friendly fashion
Quote 17 Return "Quote of the day"
Chargen 19 Character generator
Nameserver 53 Domain Name Server
Sql-Net 66 Oracle Sequel Network
BOOTPS 67 Server port to download configuration information
BOOTPC 68 Client port to receive configuration information
TFTP 69 Trivial File Transport Protocol
POP3 110 Post Office Protocol - V3
SunRPC 111 Sun Remote Procedure Call
NTP 123 Network Time Protocol
SNMP 161 Used to receive network management queries
SNMP-trap 162 Used to receive network problem reports.
IRC 194 Internet Relay Chat
IPX 213 IPX - IP Tunneling
SysLog 514 System Log
RIP 520 Routing Information Protocol
NFS 2049 Network File Service
IP
• Internet Protocol.
• It is a layer 3 protocol.
• IP specifies the format of packets, also called datagrams, and the
addressing scheme.
• Most networks combine IP with a higher-level protocol called
Transmission Control Protocol (TCP), which establishes a virtual
connection between a destination and a source.
• IP is a connectionless protocol, which means that there is no
continuing connection between the end points that are
communicating. Each packet that travels through the Internet is
treated as an independent unit of data without any relation to any
other unit of data.
Version of IP
• The most widely used version of IP today is

Internet Protocol Version 4 (IPv4). However, IP
Version 6 (IPv6) is also beginning to be
supported. IPv6 provides for much longer
addresses and therefore for the possibility of
many more Internet users. IPv6 includes the
capabilities of IPv4 and any server that can
support IPv6 packets can also support IPv4
packets.
ICMP
• Internet Control Message Protocol

• It enables systems on a TCP/IP network to share
status and error message.
• ICMP messages are encapsulated within IP
datagram so that they may have routed
throughout a network.
• PING and Tracert command use ICMP
messages.
ARP
Address Resolution
Protocol
(ARP)
Overview
TCP UDP Transport

Layer
ICMP IP IGMP Network

Layer
Network
ARP Access RARP Link Layer
Media
ARP and RARP
• Note:
– The Internet is based on IP addresses
– Data link protocols (Ethernet, FDDI, ATM) may have different (MAC)
addresses
• The ARP and RARP protocols perform the translation between IP
addresses and MAC layer addresses
• We will discuss ARP for broadcast LANs, particularly Ethernet
LANs
ARP Ethernet MAC

IP address
address
(32 bit)
(48 bit)
RARP
Processing of IP packets by network
device drivers
IP Output IP Input
Put on IP IP destination = multicast Put on IP

Yes
input queue or broadcast ? input queue
No
Yes
IP destination of packet Ethernet
IP datagram
= local IP address ? Driver
loopback
Driver No: get MAC
ARP demultiplex
address with ARP
ARP
Packet Ethernet Frame
Ethernet
Address Translation with ARP
ARP Request:
Argon broadcasts an ARP request to all stations
on the network: “What is the hardware address
ofArgon
Router137?”
Router137
128.143.137.144 128.143.137.1
00:a0:24:71:e4:44 00:e0:f9:23:a8:20
ARP Request:
What is the MAC address
of 128.143.71.1?
Address Translation with ARP
ARP Reply:
Router 137 responds with an ARP Reply which
contains the hardware address
Argon Router137
128.143.137.144 128.143.137.1
00:a0:24:71:e4:44 00:e0:f9:23:a8:20
ARP Reply:
The MAC address of 128.143.71.1
is 00:e0:f9:23:a8:20
ARP Packet Format
Ethernet II header
Destination Source Type

address address 0x8060
ARP Request or ARP Reply Padding CRC
6 6 2 28 10 4
Hardware type (2 bytes) Protocol type (2 bytes)

Hardware address Protocol address
Operation code (2 bytes)
length (1 byte) length (1 byte)
Source hardware address*
Source protocol address*
Target hardware address*
Target protocol address*
* Note: The length of the address fields is determined by the corresponding address length fields
Example
• ARP Request from Argon:
Source hardware address: 00:a0:24:71:e4:44
Source protocol address: 128.143.137.144
Target hardware address: 00:00:00:00:00:00
Target protocol address: 128.143.137.1
• ARP Reply from Router137:

Source hardware address: 00:e0:f9:23:a8:20
Source protocol address: 128.143.137.1
Target hardware address: 00:a0:24:71:e4:44
Target protocol address: 128.143.137.144
ARP Cache
• Since sending an ARP request/reply for each
IP datagram is inefficient, hosts maintain a
cache (ARP Cache) of current entries. The
entries expire after 20 minutes.
• Contents of the ARP Cache:

(128.143.71.37) at 00:10:4B:C5:D1:15 [ether] on eth0
(128.143.71.36) at 00:B0:D0:E1:17:D5 [ether] on eth0
(128.143.71.35) at 00:B0:D0:DE:70:E6 [ether] on eth0
(128.143.136.90) at 00:05:3C:06:27:35 [ether] on eth1
(128.143.71.34) at 00:B0:D0:E1:17:DB [ether] on eth0
(128.143.71.33) at 00:B0:D0:E1:17:DF [ether] on eth0
Proxy ARP
• Proxy ARP: Host or router responds to ARP

Request that arrives from one of its connected
networks for a host that is on another of its
connected networks.
Things to know about ARP
• What happens if an ARP Request is made for a non-existing

host?
Several ARP requests are made with increasing time
intervals between requests. Eventually, ARP gives up.
• On some systems (including Linux) a host periodically sends

ARP Requests for all addresses listed in the ARP cache. This
refreshes the ARP cache content, but also introduces traffic.
• Gratuitous ARP Requests: A host sends an ARP request for

its own IP address:
– Useful for detecting if an IP address has already been
assigned.
Vulnerabilities of ARP
1. Since ARP does not authenticate requests or replies, ARP

Requests and Replies can be forged
2. ARP is stateless: ARP Replies can be sent without a
corresponding ARP Request
3. According to the ARP protocol specification, a node receiving an
ARP packet (Request or Reply) must update its local ARP cache
with the information in the source fields, if the receiving node
already has an entry for the IP address of the source in its ARP
cache. (This applies for ARP Request packets and for ARP
Reply packets)
Typical exploitation of these vulnerabilities:

• A forged ARP Request or Reply can be used to update the ARP
cache of a remote system with a forged entry (ARP Poisoning)
• This can be used to redirect IP traffic to other hosts
TCP/IP Application Layer Protocols
• HTTP
• FTP and TFTP
• SMTP
• POP3
• DNS
• DHCP
• SNMP
HTTP
• HyperText Transfer Protocol

• It is the set of rules for transferring files (text,
graphic images, sound, video, and other
multimedia files) on the World Wide Web.
•
How HTTP works
• As soon as a Web user opens their Web browser, the user is

indirectly making use of HTTP. HTTP is an application protocol
that runs on top of the TCP/IP suite of protocols
• HTTP concepts include the idea that files can contain references
to other files whose selection will bring out additional transfer
requests.
• Any Web server machine contains, in addition to the Web page
files it can serve, an HTTP daemon, a program that is designed
to wait for HTTP requests and handle them when they arrive.
How HTTP works contd
• Your Web browser is an HTTP client, sending requests

to server machines.
• When the browser user enters file requests by either

"opening" a Web file or clicking on a hypertext link, the
browser builds an HTTP request and sends it to the
Internet Protocol address (IP address) indicated by the
URL.
• The HTTP daemon in the destination server machine

receives the request and sends back the requested file
or files associated with the request.
FTP: the file transfer protocol
• File Transfer Protocol

• Purpose: To Transfer files between two computers
• Goals of FTP Service
– Promote sharing of files (programs and/or data)
– Encourage indirect/implicit use of remote computers
– Shield users from variations in file storage among hosts
– Transfer data reliably and efficiently
FTP: The File Transfer Protocol
FTP file transfer

FTP FTP
user client server
interface
user
at host local file remote file
system system
• transfer file to/from remote host

• client/server model
– client: side that initiates transfer (either to/from
remote)
– server: remote host
• ftp: RFC 959
• ftp server: port 21
Problems of File Transfer
• At first, file transfer may seem simple

• Heterogeneous systems use different:
– Operating Systems
– Character Sets
– Naming Conventions
– Directory Structures
– File Structures and Formats
• FTP need to address and resolve these problems
FTP: separate control, data
connections
• FTP client contacts FTP server at TCP control connection
port 21, specifying TCP as transport port 21
protocol
• Client obtains authorization over
TCP data connection
control connection FTP port 20 FTP
• Client browses remote directory by client server
sending commands over control
connection.
• Server opens a second TCP
• When server receives a command
data connection to transfer
for a file transfer, the server opens a
TCP data connection to client another file. (Q: what if we use
mget?)
• After transferring one file, server
closes the data connection. • Control connection: “out of band”
– Different in SMTP or HTTP
• FTP server maintains “state”:
current directory, earlier
authentication
FTP Connections
FTP Connection
Client Server
ftp> open server SYN
SYN|ACK
ACK
220 Service Ready
ACK
ftp> USER haggerty
ACK
331 User OK,password?
ACK
ftp> PASS mypass
ACK
230 User login OK
ACK
FTP Data Transfer
Client Server
PORT 192,168,0,173,19,137
200 Command Successful
NLST client.txt
ACK
150 Data Connection
ACK will be open shortly
Control connection
Data Connection
226 Closing Data

ACK Connection
FTP Client Commands (issued by user interface)
Command Description
get filename Retrieve file from server
mget filename* Retrieve multiple files from server*
put filename Copy local file to server
mput filename* Copy multiple local files to server*
open server Begin login to server
bye / close / exit Logoff server
ls / dir List files in current remote dir on server
lcd Change local directory
cd Change remote directory
rhelp / remotehelp Lists commands the server accepts
* Sent to server as multiple command by User Protocol Interpreter

Trivial FTP (TFTP)
• Used only to read and write files from/to

a remote server
– Cannot list directories
• Useful for bootstrapping diskless systems
– Workstations
– X terminals
• Simple and small:
– 5 message formats
– Runs on UDP
– Designed to fit in ROM
– Uses a “stop and wait” protocol
– NO BUILT IN SECURITY FEATURES (login)
TFTP Message Formats
TFTP Connection Establishment
Example TFTP Session
FTP vs. TFTP
• FTP provides (minimal) security through login

procedure
• TFTP has NO login procedure
• FTP Provides a reliable service through its use
of TCP
• TFTP must handle its own retransmissions
since it uses UDP
• FTP uses two connections
• TFTP uses one connection (stop and wait)
• FTP provides many commands
• TFTP can only read and write files
Electronic Mail: Overview
outgoing
message queue
Three major components: user user mailbox
user agents, mail servers, SMTP agent
User Agent mail
user
– a.k.a. “mail reader” server
– composing, editing, reading mail agent
messages
– e.g., Eudora, Outlook, elm, Netscape
SMTP mail
Messenger, pine server user
Mail Servers SMTP agent
– mailbox contains incoming messages
SMTP
for users
– message queue of outgoing (to be
sent) mail messages mail user
SMTP protocol server agent
between mail servers to send email
messages
• client: sending mail server user
• “server”: receiving mail server agent
user
What are Gmail, Case Webmail? agent
Electronic Mail: SMTP [RFC 821, 2821]
• uses TCP to reliably transfer email message from

client to server, port 25
– sending server (as a client) to receiving server (as a
server)
• three phases of transfer
– handshaking (greeting)
– transfer of messages
– closure
• command/response interaction
– commands: ASCII text
– response: status code and phrase
• messages must be in 7-bit ASCII
Electronic Mail: A common scenario
1) Alice uses UA to compose
message and “to” 4) SMTP client sends Alice’s
bob@someschool.edu message over the TCP
2) Alice’s UA sends message connection
to her mail server; 5) Bob’s mail server places
message placed in the message in Bob’s
message queue mailbox
3) Client side of SMTP opens 6) Bob invokes his user agent
TCP connection with Bob’s to read message
mail server
1 mail
mail
server user
user server
2 agent
agent 3 6
4 5
Electronic Mail: more on SMTP
• SMTP uses persistent Comparison with HTTP:

connections
• HTTP: “pull”
• SMTP requires message
SMTP: “push”
(header & body) to be in 7-bit
ASCII • both have ASCII
• SMTP server uses CRLF.CRLF command/response
to determine end of message interaction, status codes
• HTTP: each object
encapsulated in its own
response msg
SMTP: multiple objects sent in
multipart msg
Electronic Mail: message format
SMTP: protocol for

exchanging email header
messages blank
line
RFC 822: standard for
text message format:
• header lines, e.g., body
– To:
– Date:
– From:
– Subject:
– Message-ID:
different from SMTP
commands!
Read $MAIL on a mail server
• body
– the “message”, plain ASCII
characters only
Electronic Mail: MIME (multipurpose Internet
mail extensions)
• MIME: multimedia mail extension, RFC 2045, 2056

• additional lines in msg header declare MIME content type
From: alice@crepes.fr
MIME version To: bob@hamburger.edu
Subject: Picture of yummy crepe.
method used MIME-Version: 1.0
to encode data Content-Transfer-Encoding: base64
Content-Type: image/jpeg
multimedia data
type, subtype, base64 encoded data .....
parameter declaration .........................
......base64 encoded data
encoded data
Q: What if an email contains text and multiple attachments?
An example
…
Message-ID: <4290a64281e9.4281e94290a6@cwru.edu>
Date: Wed, 07 Sep 2005 13:26:05 -0400
X-Mailer: iPlanet Messenger Express 5.2 HotFix 2.05 (built Mar 3 2005)
MIME-Version: 1.0
Content-Language: en
Subject: An example
X-Accept-Language: en
This is from the $MAIL box
Priority: normal
Content-Type: multipart/mixed; boundary="--3ccd3602166e4b" in the mail server
X-Clamav-Status: No
Status: O
X-UID: 20094
This is a multi-part message in MIME format.
----3ccd3602166e4b
Content-Type: text/html; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: 7bit
<BODY>PDF file is attached.</BODY>
----3ccd3602166e4b
Content-Type: application/pdf
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=“example.pdf"
JVBERi0xLjQNJeLjz9MNCjg5IDAgb2JqIDw8L0xpbmVhcml6ZWQgMS9MIDI0MDQ3Ny9PIDkx
L0UgOTk5Mi9OIDIxL1QgMjM4NjUwL0ggWyA1NzYgNDY4XT4+DWVuZG9iag0gICAgICAgICAg
ICAgICAgDQp4cmVmDQo4OSAxNA0KMDAwMDAwMDAxNiAwMDAwMCBuDQowMDAwMDAxMDQ0IDAw
……
Zg0KMTE2DQolJUVPRg0K
----3ccd3602166e4b--
Q: When you receive an 3MB attachment, how
much space does it use in Case Webmail server?
Electronic Mail: MIME types
Content-Type: type/subtype; parameters
Text Video
• example subtypes: plain, • example subtypes: mpeg,
html quicktime
Image
• example subtypes: jpeg, Application
gif • other data that must be
processed by reader before
Audio “viewable”
• example subtypes: basic (8- • example subtypes: msword,
bit mu-law encoded), octet-stream
32kadpcm (32 kbps coding)
Electronic Mail: mail access protocols
SMTP SMTP access user

user
agent protocol agent
sender’s mail receiver’s mail

server server
• SMTP: delivery/storage to receiver’s server, “push”
• Mail access protocol: retrieval from server, “pull”
– POP: Post Office Protocol [RFC 1939]
• authorization (agent <-->server) and download
– IMAP: Internet Mail Access Protocol [RFC 1730]
• more features (more complex)
• manipulation of stored msgs on server
• Originally designed more for connected operation
– HTTP: Hotmail, Google mail, Yahoo! Mail, WebMail@case
IMAP
IMAP is an Internet Message Access Protocol. It is a

method of accessing electronic mail messages that are
kept on a possibly shared mail server. In other words, it
permits a "client" email program to access remote
message stores as if they were local. For example,
email stored on an IMAP server can be manipulated
from a desktop computer at home, a workstation at the
office, and a notebook computer while travelling,
without the need to transfer messages or files back and
forth between these computers. IMAP uses TCP/IP port
143.
POP
• Short for Post Office Protocol, a protocol used to

retrieve e-mail from a mail server. Most e-mail
applications (sometimes called an e-mail client) use
the POP protocol, although some can use the newer
IMAP (Internet Message Access Protocol).
• There are two versions of POP. The first, called
POP2, became a standard in the mid-80's and
requires SMTP to send messages. The newer
version, POP3, can be used with or without SMTP.
POP3 uses TCP/IP port 110.
POP3 vs IMAP
• With IMAP, all your mail stays on the server in multiple
folders, some of which you have created. This enables you to
connect to any computer and see all your mail and mail
folders. In general, IMAP is great if you have a dedicated
connection to the Internet or you like to check your mail from
various locations.
• With POP3 you only have one folder, the Inbox folder. When
you open your mailbox, new mail is moved from the host
server and saved on your computer. If you want to be able to
see your old mail messages, you have to go back to the
computer where you last opened your mail.
• With POP3 "leave mail on server" only your email messages

are on the server, but with IMAP your email folders are also
on the server.
Post Office Protocol v3
• Simple.
• Allows the user to obtain a list of their Emails.
• Users can retrieve their emails.
• Users can either delete or keep the email on their
system.
• Minimizes server resources.
• POP3 “is intended to permit a workstation to
dynamically access a maildrop on a server host in a
useful fashion. Usually, this means that the POP3
protocol is used to allow a workstation to retrieve mail
that the server is holding for it.“
POP3
• Doesn’t provide extensive mail operations on the

server
• Normally mail is downloaded, then deleted
• Deletion doesn’t really occur until QUIT
• Uses port 110
Minimal POP3 Commands
• USER name – user’s name

• PASS string – user’s password
• QUIT – quits, and updates the mailbox
• STAT – status
• LIST [msg] – lists the mail messages (#’s only)
• RETR msg – retrieves a mail message
• DELE msg – deletes a message
• NOOP – No operation
• RSET – resets the mail to its original state
Example POP3 Transaction
Server
Establish the Socket
Primary Primary
Thread Socket (101) Thread
Server Client
Server is OK
+OK POP3 server ready

Primary Primary
Server Client
Establish the Socket
USER brainware
Primary Primary
Server Client
This user is OK
+OK
Primary Primary
Server Client
Send the Password
PASS nopass123!@#
Primary Primary
Server Client
The Password is OK
+OK
Primary Primary
Server Client
Ask how the Server is Feeling…
STAT
Primary Primary
Server Client
I’m Fine, Thanks!
+OK 2 320
Primary Primary
Server Client
Got Any Mail?
LIST
Primary Primary
Server Client
Yup…
+OK 2 messages (320 octets)

Primary Primary
Server Client
Message One
1 120
Primary Primary
Server Client
Message Two
2 200
Primary Primary
Server Client
End
.
Primary Primary
Server Client
Get Message One
RETR 1
Primary Primary
Server Client
Message One Coming!
+OK 120 octets

Primary Primary
Server Client
Message One Coming!
<the POP3 server sends message 1>

Primary Primary
Server Client
End of Message 1
.
Primary Primary
Server Client
Get Message One
DELE 1
Primary Primary
Server Client
Message 1 Gone!
+OK message 1 deleted

Primary Primary
Server Client
Note: it’s not really gone…

Get Message One
QUIT
Primary Primary
Server Client
QUIT – Commits/Updates
+OK brainware POP3 server signing off
Primary Primary
Server Client
Note: now it’s gone

Socket Disposed
Primary Primary
Thread Thread
Server Client
Domain names and IP addresses
• People prefer to use easy-to-remember names

instead of IP addresses
• Domain names are alphanumeric names for IP

addresses e.g., neon.ece.utoronto.ca,
www.google.com, ietf.org
• The domain name system (DNS) is an Internet-
wide distributed database that translates between
domain names and IP addresses
• How important is DNS?

Before there was DNS ….
…. there was the HOSTS.TXT file
• Before DNS (until 1985), the name-to-IP address

was done by downloading a single file (hosts.txt)
from a central server with FTP.
– Names in hosts.txt are not structured.
– The hosts.txt file still works on most operating
systems. It can be used to define local names.
Resolver and name server
1. An application program
on a host accesses the Hostname (neon.tcpip-lab.edu)
HTTP Resolver
domain system through a IP address (128.143.71.21)
DNS client, called the
IP address (128.143.71.21)
(neon.tcpip-lab.edu)
resolver
Hostname
2. Resolver contacts DNS
server, called name
server
Name
3. DNS server returns IP server
address to resolver which
passes the IP address to
application
Design principle of DNS
• The naming system on which DNS is based is a

hierarchical and logical tree structure called the domain
namespace.
• An organization obtains authority for parts of the name

space, and can add additional layers of the hierarchy
• Names of hosts can be assigned without regard of

location on a link layer network, IP network or
autonomous system
• In practice, allocation of the domain names generally

follows the allocation of IP address, e.g.,
– All hosts with network prefix 128.143/16 have domain name suffix
DNS Name hierarchy
. (root)
• DNS hierarchy can be

represented by a tree
Top-level
• Root and top-level
org edu gov com Domains
domains are
administered by an
Internet central name
registration authority
(ICANN) uci.edu toronto.edu
Managed
• Below top-level domain, by UofT
administration of name math.toronto.edu ece.toronto.edu
space is delegated to
Managed by
organizations ECE Dept.
• Each organization can
neon.ece.toronto.edu
delegate further
Domain name system
• Each node in the DNS .
tree represents a DNS

name edu
• Each branch below a
node is a DNS domain.
– DNS domain can contain virginia.edu
hosts or other domains
(subdomains)
www.virginia.edu cs.virginia.edu
• Example:
DNS domains are neon.cs.virginia.edu
., edu, virginia.edu,
cs.virginia.edu
Domain names
• Hosts and DNS domains are named based on their position

in the domain tree
• Every node in the DNS domain tree can be identified by a
unique Fully Qualified Domain Name (FQDN). The FQDN
gives the position in the DNS tree.
cs.virginia.edu or cs.virginia.edu.
• A FQDN consists of labels (“cs”,“virginia”,”edu”) separated

by a period (“.”)
• There can be a period (“.”) at the end.
• Each label can be up to 63 characters long
Top-level domains
• Three types of top-level domains:

– Organizational: 3-character code indicates the function of the
organization
• Used primarily within the US
• Examples: gov, mil, edu, org, com, net
– Geographical: 2-character country or region code
• Examples: us, va, jp, de
– Reverse domains: A special domain (in-addr.arpa) used for IP
address-to-name mapping
There are more than 200 top-level domains.

Organizational top-level domains
com Commercial organizations

edu Educational institutions
gov Government institutions
int International organizations
mil U.S. military institutions
net Networking organizations
org Non-profit organizations
Hierarchy of name servers
• The resolution of the root server

hierarchical name space
is done by a hierarchy of
name servers
• Each server is responsible org server edu server gov server com server
(authoritative) for a
contiguous portion of the
DNS namespace, called a uci.edu .virginia.edu
server server
zone.
• Zone is a part of the cs.virginia.edu

server
subtree
Authority and delegation
• Authority for the root domain is with the Internet

Corporation for Assigned Numbers and Names
(ICANN)
• ICANN delegates to accredited registrars (for
gTLDs) and countries for country code top level
domains (ccTLDs)
• Authority can be delegated further
• Chain of delegation can be obtained by reading

domain name from right to left.
• Unit of delegation is a “zone”.
DNS domain and zones
• Each zone is anchored at

a specific domain node, . (root)
but zones are not domains.

Zone
.edu
• A DNS domain is a branch

.virginia.edu
of the namespace .uci.edu
• A zone is a portion of the math.virginia.edu cs.virginia.edu
DNS namespace generally

stored in a file (It could
Zone
consists of multiple nodes) and Domain
domain
• A server can divide part of

its zone and delegate it to
Primary and secondary name
servers
• For each zone, there must be a primary name server
and a secondary name server
– The primary server (master server) maintains a zone file
which has information about the zone. Updates are made to
the primary server
– The secondary server copies data stored at the primary
server.
Adding a host:
• When a new host is added (“gold.cs.virginia.edu”) to a
zone, the administrator adds the IP information on the
host (IP address and name) to a configuration file on
the primary server
Root name servers
• The root name

servers know
how to find the
authoritative
name servers
for all top-level
zones.
• There are only

13 root name
servers
• Root servers
Addresses of root servers
A.ROOT-SERVERS.EDU. (formerly NS.INTERNIC.NET) 10.0.2.32

A.ROOT-SERVERS.NET. (formerly NS1.ISI.EDU) 198.41.0.4
B.ROOT-SERVERS.NET. (formerly C.PSI.NET) 128.9.0.107
C.ROOT-SERVERS.NET. (TERP.UMD.EDU) 192.33.4.12
D.ROOT-SERVERS.NET. (NS.NASA.GOV) 128.8.10.90
E.ROOT-SERVERS.NET. (NS.ISC.ORG) 192.203.23
F.ROOT-SERVERS.NET. (NS.NIC.DDN.MIL) 192.5.5.241
G.ROOT-SERVERS.NET. (AOS.ARL.ARMY.MIL) 192.112.36.4
H.ROOT-SERVERS.NET. (NIC.NORDU.NET) 128.63.2.53
I.ROOT-SERVERS.NET. (at NSI (InterNIC)) 192.36.148.17
J.ROOT-SERVERS.NET. (operated by RIPE NCC) 198.41.0.10
K.ROOT-SERVERS.NET. (at ISI (IANA)) 193.0.14.129
L.ROOT-SERVERS.NET. (operated by WIDE, Japan) 198.32.64
M.ROOT-SERVERS.NET. 202.12.27.33
Domain name resolution
1. User program issues a
request for the IP address of
a hostname
2. Local resolver formulates a Hostname (neon.tcpip-lab.edu)
DNS query to the name HTTP IP address (128.143.71.21) Resolver

server of the host
3. Name server checks if it is
IP address (128.143.71.21)
(neon.tcpip-lab.edu)
authorized to answer the
Hostname
query.
a) If yes, it responds.
b) Otherwise, it will query
other name servers,
starting at the root tree Name
server
4. When the name server has
the answer it sends it to the
resolver.
Recursive and Iterative Queries
• There are two types of queries:
– Recursive queries
– Iterative (non-recursive) queries
• The type of query is determined by a bit in the DNS

query
• Recursive query: When the name server of a host

cannot resolve a query, the server issues a query to
resolve the query
• Iterative queries: When the name server of a host
cannot resolve a query, it sends a referral to another
server to the resolver
Recursive queries
root server
• In a recursive query, the 1st query: neon.cs.virginia.edu
resolver expects the Referral to edu name server

response from the name
server 2nd query: neon.cs.virginia.edu
Referral to virginia.edu name
• If the server cannot

server
Name edu server
supply the answer, it will server 3rd query:
neon.cs.virginia.edu
send the query to the
“closest known” response
Referral to
query
cs.virginia.edu
authoritative name server name server virginia.edu
server
(here: In the worst case, 4th query:
the closest known server neon.cs.virginia.edu
Resolver
is the root server) IP address of
cs.virginia.edu
server
• The root sever sends a
Iterative queries
root server
• In an iterative query, the
name server sends a
closest known Name
ia .
ed
u
server in r
ve
authoritative name server .vi
rg
s er
. cs e
n am
a referral to the root y:
ne
o
u
n
referral to root server

er ed
to
server. st
1
qu
fe
rra
l
in i a.ed
u
edu server
g
Re .v i r
m e
.cs
query
o n u na
ne ed
e ry: i n ia .
u
• This involves more work 2
nd q
u
ral
o
t se
g
vir rver
.vir
g i n i a .ed
fe r . c s
n
for the resolver Re
rd q u e
ry : neo
. e du
virginia.edu
ia
3 .v i rgin server server
cs e
rr a l to n am
e
Ref
Resolver 4th query:
IP address of cs.virginia.edu
neon.cs.virginia.edu server
Caching
• To reduce DNS traffic, name servers caches

information on domain name/IP address
mappings
• When an entry for a query is in the cache, the
server does not contact other servers
• Note: If an entry is sent from a cache, the reply
from the server is marked as “unauthoritative”
Resource Records
• The database records db.mylab.com
of the distributed data

$TTL 86400
base are called mylab.com. IN SOA PC4.mylab.com.
hostmaster.mylab.com. (
resource records (RR) 1 ; serial
28800 ; refresh
• Resource records are 7200 ; retry
604800 ; expire
86400 ; ttl
stored in configuration )
files (zone files) at ;

mylab.com. IN NS PC4.mylab.com.
name servers. ;
localhost A 127.0.0.1
PC4.mylab.com. A 10.0.1.41
• Left Resource records PC2.mylab.com.

PC1.mylab.com.
A
A
10.0.1.21
10.0.1.11
for a zone:
Resource Records
db.mylab.com
Max. age of cached data

$TTL 86400 in seconds
mylab.com. IN SOA PC4.mylab.com. hostmaster.mylab.com. (
1 ; serial * Start of authority (SOA) record.
28800 ; refresh Means: “This name server is
7200 ; retry authoritative for the zone
604800 ; expire Mylab.com”
86400 ; ttl
* PC4.mylab.com is the
)
name server
; * hostmaster@mylab.com is the
mylab.com. IN NS PC4.mylab.com. email address of the person
; in charge
localhost A 127.0.0.1
PC4.mylab.com. A 10.0.1.41 Name server (NS) record.
PC3.mylab.com. A 10.0.1.31 One entry for each authoritative
PC2.mylab.com. A 10.0.1.21 name server
Address (A) records.
One entry for each hostaddress
Dynamic Assignment of IP
addresses
• Dynamic assignment of IP addresses is desirable
for several reasons:
– IP addresses are assigned on-demand
– Avoid manual IP configuration
– Support mobility of laptops
Solutions for dynamic assignment of IP
addresses
• Reverse Address Resolution Protocol

(RARP)
– Works similar to ARP
– Broadcast a request for the IP address
associated with a given MAC address
– RARP server responds with an IP address
– Only assigns IP address (not the default router
and subnetmask)
ARP Ethernet MAC
IP address
address
(32 bit)
(48 bit)
RARP
BOOTP
• BOOTstrap Protocol (BOOTP)
• From 1985
• Host can configure its IP parameters at boot time.
• 3 services.
– IP address assignment.
– Detection of the IP address for a serving machine.
– The name of a file to be loaded and executed by the client machine
(boot file name)
– Not only assign IP address, but also default router, network

mask, etc.
– Sent as UDP messages (UDP Port 67 (server) and 68 (host))
– Use limited broadcast address (255.255.255.255):
• These addresses are never forwarded
DHCP
• Dynamic Host Configuration Protocol (DHCP)

– From 1993
– An extension of BOOTP, very similar to DHCP
– Same port numbers as BOOTP
– Extensions:
• Supports temporary allocation (“leases”) of IP addresses
• DHCP client can acquire all IP configuration parameters
needed to operate
– DHCP is the preferred mechanism for dynamic assignment of
IP addresses
– DHCP can interoperate with BOOTP clients.
BOOTP Interaction
Argon
Argon 128.143.137.144
(b)
00:a0:24:71:e4:44
(a) BOOTP Server 00:a0:24:71:e4:44
BOOTP Response:
DHCP Server
BOOTP Request IP address: 128.143.137.144

00:a0:24:71:e4:44 Server IP address: 128.143.137.100
Sent to 255.255.255.255 Boot file name: filename
• BOOTP can be used for

downloading memory image
(c) for diskless workstations.
• Assignment of IP addresses to
hosts is static.
DHCP Interaction (simplified)
Argon
128.143.137.144
00:a0:24:71:e4:44 DHCP Server
DHCP Response:
IP address: 128.143.137.144
Default gateway: 128.143.137.1
Netmask: 255.255.0.0
BOOTP/DHCP Message Format
Hardware Address
OpCode Hardware Type Hop Count
Length
Unused (in BOOTP)
Number of Seconds
Flags (in DHCP)
Transaction ID
Client IP address
Your IP address
Server IP address
Gateway IP address
Client hardware address (16 bytes)
Server host name (64 bytes)
Boot file name (128 bytes)
Options
(There are >100 different options)

BOOTP/DHCP
• OpCode: 1 (Request), 2(Reply)

Note: DHCP message type is sent in an option
• Hardware Type: 1 (for Ethernet)
• Hardware address length: 6 (for Ethernet)
• Hop count: set to 0 by client
• Transaction ID: Integer (used to match reply to
response)
• Seconds: number of seconds since the client started
to boot
• Client IP address, Your IP address, server IP
address, Gateway IP address, client hardware
address, server host name, boot file name:
client fills in the information that it has, leaves rest
blank
DHCP Message Type
• Message type is
Value Message Type
sent as an option.
1 DHCPDISCOVER
2 DHCPOFFER
3 DHCPREQUEST
4 DHCPDECLINE
5 DHCPACK
6 DHCPNAK
7 DHCPRELEASE
8 DHCPINFORM
Other options (selection)
• Other DHCP information that is sent as an option:
Subnet Mask, Name Server, Hostname, Domain Name,

Forward On/Off, Default IP TTL, Broadcast Address,
Static Route, Ethernet Encapsulation, X Window
Manager, X Window Font, DHCP Msg Type, DHCP
Renewal Time, DHCP Rebinding, Time SMTP-Server,
SMTP-Server, Client FQDN, Printer Name, …
DHCP Operation
DHCP Client
DHCPDISCOVER
• DCHP DISCOVER Sent to 255.255.255.255
DHCP Server
DHCP Client
00:a0:24:71:e4:44 DHCPOFFER DHCP Server
DHCPOFFER
• DCHP OFFER
DHCP Server
DHCP Operation
• DCHP DISCOVER DHCP Client

DHCPREQUEST
At this time, the DHCP DHCPACK
client can start to use

the IP address
DHCP Server
• Renewing a Lease
(sent when 50% of DHCP Client
00:a0:24:71:e4:44
lease has expired) DHCP Server
DHCPREQUEST
If DHCP server
DHCPACK
sends DHCPNACK,
then address is
released.
DHCP Server
SNMP
Simple Network Management Protocol
• SNMP is a framework that provides facilities for managing

and monitoring network resources on the Internet.
• Components of SNMP:
– SNMP agents
– SNMP managers
– Management Information Bases (MIBs)
– SNMP protocol itself
SNMP agent
SNMP
manager
SNMP agent
SNMP
protocol
messages
SNMP agent
• SNMP agent is software that runs on a piece of network

equipment (host, router, printer, or others) and that
maintains information about its configuration and current
state in a database
• Information in the database is described by Management
Information Bases (MIBs)
• An SNMP manager is an application program that contacts
an SNMP agent to query or modify the database at the
agent.
• SNMP protocol is the application layer protocol used by
SNMP agents and managers to send and receive data.
SNMP
• Interactions in SNMP
Management Station Managed System
SNMP Manager SNMP Agent

Process Process MIB
Queries
Replies
Access
objects
Traps
Traps
Data
SNMP SNMP messages SNMP
UDP UDP
IP IP
IP Network
SNMP Protocol
• SNMP manager and an SNMP agent

communicate using the SNMP protocol
– Generally: Manager sends queries and agent
responds
– Exception: Traps are initiated by agent.
SNMP Protocol
• Get-request. Requests the values of one or more

objects
• Get-next-request. Requests the value of the next
object, according to a lexicographical ordering of
OIDs.
• Set-request. A request to modify the value of one or
more objects
• Get-response. Sent by SNMP agent in response to
a get-request, get-next-request, or set-request
message.
• Trap. An SNMP trap is a notification sent by an
SNMP agent to an SNMP manager, which is triggered
by certain events at the agent.
Traps
• Traps are messages that asynchronously sent

by an agent to a manager
• Traps are triggered by an event
• Defined traps include:
– linkDown: Even that an interface went donw
– coldStart - unexpected restart (i.e., system crash)
– warmStart - soft reboot
– linkUp - the opposite of linkDown
– (SNMP) AuthenticationFailure
– …
SNMP Versions
• Three versions are in use today:

– SNMPv1 (1990)
– SNMPv2c (1996)
• Adds “GetBulk” function and some new types
• Adds RMON (remote monitoring) capability
– SNMPv3 (2002)
• SNMPv3 started from SNMPv1 (and not SNMPv2c)
• Addresses security
• All versions are still used today

• Many SNMP agents and managers support all
three versions of the protocol.
Format of SNMP Packets
• SNMPv1 Get/Set messages:

Version Community SNMP PDU
Cleartext string that is

used as a password
PDU Type Request ID
PDU type, e.g.:
32: SNMPv1 Get Error Status Error Index
64: SNMPv2 Get
Object 1, Value 1
Unique ID to match Object 2, Value 2

requests with replies
...
Sequence of name-value
pairs
SNMP Security
• SNMPv1 uses plain text community strings for

authentication as plain text without encryption
• SNMPv2 was supposed to fix security problems, but

effort de-railed (The “c” in SNMPv2c stands for
“community”).
• SNMPv3 has numerous security features:

– Ensure that a packet has not been tampered with (integrity),
– Ensures that a message is from a valid source (authentication)
– Ensures that a message cannot be read by unauthorized (privacy).
IPX/SPX
• Internetwork Packet
Exchange/Sequenced
Packet Exchange
(IPX/SPX)
– Protocol originally
developed by Xerox
– Modified and
adopted by Novell
in the 1980s for the
NetWare network
operating system
– MS calls it NWLINK
– Combo of protocols
FIGURE 3-6 IPX/SPX compared to the
and carries network
OSI Model
addr. Info - routable
IPX/SPX Core Protocols
• Internetwork Packet Exchange (IPX)

– Provides routing and internetworking services like IP
• Not hierarchical though
– Also uses datagrams to transport data and is connectionless
– Upper layer sub-protocols depend on IPX
FIGURE 3-7
Components
of an IPX
datagram
• Sequence Packet Exchange (SPX)

– Works in tandem with IPX to ensure data are received:
• Whole
• In sequence
• Error free
– Connection oriented protocol – must verify session before data
will be transmitted
SPX
FIGURE 3-8 SPX packet encapsulated by an IPX datagram

• Service Advertising Protocol (SAP)

– Works in the Application, presentation, and session
– Runs directly over IPX
– Used by NetWare servers and routers to advertise to entire
network which services they can provide
• e.g. print services
– Broadcasts occur every 60 seconds
• You can increase this time or block at the router
– Once advertised, SAP servers maintain a Db of device names
that correlate to their IPX addresses
• Clients query this Db for different services
• NDS (Netware Directory Services) replaced
• NetWare Core Protocol (NCP)

– Works over IPX w/in presentation and session
– Handles request for services, such as printing and file access
between clients and servers
– Acts as a translator of requests that come from client and are
answered from server(s)
• RIP (Routing Information Protocol)
– Every 30 seconds, a routing table is sent to the closest
neighbor providing information about that segment’s services
available
Addressing in SPX/IPX
• IPX address
– Easier than IP because it primarily relies on the
MAC address – still needs to be unique
– Contains two parts
• Network address (external network number)
– The network admin decides on an 8-bit hex address and
assigns it to a server
» Clients will use this as it’s primary server
• Node address – devices MAC address
• Socket address – communicate directly to process
• FULL address
– 000008A2:00805F059822:456h
– All 0’s (network) and all F’s (broadcast) are forbidden
Viewing the IPX Address
• With Windows 95, Windows 98, or Windows NT

workstations while connected to Netware server running
version 4.0 or higher
– Click Start, point to Programs, then click MS-DOS Prompt
– Change directories to a drive letter mapped to the network
– Type nlist XXXXX /a (with XXXXX being NetWare user logon
ID)
Viewing the IPX Address
• With Windows 95 or Windows NT workstations while

connected to NetWare server running a version lower
than 4.0
– Click Start, point to Programs, then click MS-DOS
Prompt
– Type userlist user=XXXXX/a (with XXXXX being
NetWare logon ID)
NetBIOS and NetBEUI
• Network Basic Input Output System (NetBIOS)

– Originally designed by IBM to provide Transport and
Session layer services – small networks
– Adopted by Microsoft as its foundation protocol
– Microsoft added Application layer component called
NetBIOS Enhanced User Interface (NetBEUI)
NetBEUI
• Fast and efficient protocol

• Consumes few network resources
• Provides excellent error correction
• Requires little configuration
• BUT:
– Can only support 254 connections
– Not good security
– No network layer – non-routable
– Can be encapsulated; then routed
– NOT good for large networks
– Good for peer-to-peer
NetBIOS and NetBEUI Compared
to the OSI Model
Neither provides services @ all layers, so both are

commonly paired w/ other protocol suites
FIGURE 3-9 NetBIOS/NetBEUI compared to the OSI Model

NetBIOS Addressing
• NetBIOS name
– 16 or fewer alphanumeric characters
– Once NetBIOS has found the workstation’s name, it will discover
the MAC address and use that for further communication
– Should match DNS (host) name
• WINS (Windows Internet Naming Service)
– Converts NetBIOS name to IP address
– WINS vs. DNS
• NBT (NetBIOS over TCP/IP)
– Usage – non-routable wrapped in a routable protocol
– nbtstat –A ip_address
NetBIOS Addressing
• Viewing:
– Right-click the
Network
Neighborhood icon,
then click
Properties
– Click the
Identification tab
– vs. TCP/IP and host

name
FIGURE 3-10 Identification tab in Network properties

AppleTalk
• Protocol suite used to interconnect Macintosh computers

• Originally designed to support peer-to-peer networking
among Macintoshes
• Can now be routed between network segments and
integrated with NetWare- and Microsoft-based networks
AppleTalk
• AppleTalk zone
– Logical groups of computers defined on an AppleTalk network
– Enables users to share file and print services
– Zone names are used to describe the usage – e.g. ‘sales’
– Not suited for large networks – focus on TCP/IP
FIGURE 3-11
AppleTalk
protocol
compared to
OSI Model
AppleTalk Subprotocols
• AppleShare – file sharing, print services,

accounting information
• AppleTalk Filing Protocol (AFP) – access to
files both locally and remote
• AppleTalk Session Protocol (ASP) –
maintains connections between nodes
• AppleTalk Transaction Protocol (ATP) –
ensures reliable delivery of data
– Packet sequence, retransmits
AppleTalk Subprotocols
• Name Binding Protocol (NBP) – converts numeric

AppleTalk addresses to readable node names
• Routing Table Maintenance Protocol (RTMP) – maintains
routing table of AppleTalk zones and their networks
• Zone Information Protocol (ZIP) – used by RTMP to
update zone information to link zones to their networks
• Datagram Delivery Protocol (DDP) – assigns AppleTalk
node addresses and manages communication between
nodes
Addressing in AppleTalk
• AppleTalk node ID
– Unique 8-bit or 16-bit number identifying a computer
on an AppleTalk network
– AppleTalk randomly assigns a node id to each
workstation when connected to the network
• AppleTalk network number
– Unique 16-bit number identifying the network to which
an AppleTalk node is connected
– Allows nodes from several different networks to
communicate
Installing Protocols
• After installing protocols, they must be bound

• Binding
– Process of assigning one network component to work with
another
– re-boot (sometimes) and bound to NIC and services
– You should only install and bind those protocols needed –
binding order will help with prioritizing traffic
– Multi-homed vs. multi-protocol
Installing Protocols on a Windows NT
Workstation
• Insert Windows NT installation CD-ROM

• Log on to the workstation as an Administrator
• Right-click the Network Neighborhood icon, then
click Properties
• Click Protocols tab
• Click Add
• In list of network protocols, click NWLink IPX/SPX
Compatible Transport, then click OK
• Type the appropriate path to the installation files, then
click Continue
Installing Protocols on a Windows NT
Workstation
• Click OK
• Click Yes to restart your workstation
• Verify protocol was installed by again logging
to workstation as an Administrator
• Right-click the Network Neighborhood
icon, then click Properties
• Click the Protocols tab
• Verify NWLink (IPX/SPX) Protocol appears in
list of installed protocols
• Click Cancel to close dialog box
Installing Protocols on a
Windows 95 Workstation
• Right-click Network Neighborhood icon, then

click Properties
• Verify Configuration tab is selected
• Click Add
• Double-click Protocol
• In the list of manufacturers, click Microsoft
• In list of protocols, click TCP/IP
Installing Protocols on a
Windows 95 Workstation
• Click OK
• If TCP/IP is not already installed on workstation, follow
prompt and click Yes to restart your computer
• Verify protocol was installed by right-clicking Network
Neighborhood icon, then click Properties
• Verify Configuration tab is selected
• Click Cancel to close window
Chapter Summary
• Protocols define the standards for communication between nodes

on a network
• Protocols vary in speed, transmission efficiency, utilization of
resources, ease of setup, compatibility, and ability to travel
between one LAN segment or another
• TCP/IP is fast becoming most popular network protocol
• TCP/IP suite of protocols can be divided into four layers roughly
corresponding to the seven layers of the OSI Model – Application,
Transport, Internet, Network Interface
Chapter Summary
• Operating in Transport or Network layers of OSI Model,

TCP/IP core protocols provide communications between
hosts on a network
• Internet Protocol (IP) provides information about how and
where data should be delivered
• Transport Control Protocol (TCP) provides reliable data
delivery services
• User Datagram Protocol (UDP) is a connectionless transport
service
• Internet Control Message Protocol (ICMP) notifies the sender
that something has gone wrong in the transmission process
and that packets were not delivered
Chapter Summary
• Address Resolution Protocol (ARP) obtains the MAC address

of a host or node then Creates a local database mapping the
MAC address to the host’s IP address
• Each IP address is a unique 32-bit number, divided into four
groups of octets separated by periods
• Range of addresses beginning with 127 is reserved for
loopback information
• Every host on a network must have a unique number
• Internetwork Packet Exchange/Sequenced Packet Exchange
(IPX/SPX) is a protocol originally developed by Xerox then
modified and adopted by Novell in the 1980s for its NetWare
NOS
Chapter Summary
• Core protocols of IPX/SPX provide services at Transport and

Network layers of OSI Model
• Internet Packet Exchange provides routing and internetwork services
similar to IP in TCP/IP suite
• Sequence Packet Exchange (SPX) works in tandem with IPX to
ensure data are received whole, in sequence, and error free
• Service Advertising Protocol (SAP) is used by NetWare servers and
routers to advertise to entire network which services they can
provide
• NetWare Control Protocol (NCP) handles requests for services
between clients and servers
Chapter Summary
• Addresses on an IPX/SPX network are called IPX addresses

• Network Basic Input Output System (NetBIOS) was originally
developed by IBM to provide Transport and Session layer services
• Microsoft adopted NetBIOS as its foundation protocol, then added
an Application layer component called NetBIOS Enhanced User
Interface (NetBEUI)
• To transmit data between network nodes, NetBIOS needs to know
how to reach each workstation
• AppleTalk is the the protocol suite used to interconnect Macintosh
computers
Network Cabling
Making connections with Cat5
Way cool!
Overview
• What cable types are available?

• How do cables work?
• How are cables used in networking?
• How are connections made?
Common network cable types
• Coaxial cable
• Unshielded
twisted pair
• Fiber optic
UTP characteristics
• Unshielded
• Twisted (why?) pairs of insulated conductors
• Covered by
insulating sheath
UTP categories
Category 1 Voice only (Telephone)
Category 2 Data to 4 Mbps (Localtalk)
Category 3 Data to 10Mbps (Ethernet)
Category 4 Data to 20Mbps (Token ring)

Category 5 Data to 100Mbps (Fast Ethernet)
Category 5e Data to 1000Mbps (Gigabit Ethernet)
Category 6 Data to 2500Mbps (Gigabit Ethernet)
Cat5e cable
• 1000Mbps data capacity

• For runs of up to 90 meters
• Solid core cable ideal for structural installations
(PVC or Plenum)
• Stranded cable ideal for patch cables
• Terminated with RJ-45 connectors
RJ45 connector
4-Pair Unshielded Twisted Pair Cable with RJ-45
Connector, Continued
The cord terminates in an 8-pin

RJ-45 connector, which plugs
into an RJ-45 jack in the NIC,
Pin 1 on this side
hub, or switch.
Unshielded
(no metal
shielding around
the 4 pairs) RJ-45
RJ-45
Connector Jack
4-Pair Unshielded Twisted
Pair Cable with RJ-45 Connector, Continued
RJ-45
Connector
Pen
4 Pairs
Separated
RJ-45 Plug in Wall Jack
• Has push-in prong connectors for 8 wires in

back
Front: Back:
RJ-45 Jack 8 Wire Connectors
Solid-Wire Versus Stranded-Wire UTP
• Solid-Wire UTP
– Each of the eight wires is a solid wire surrounded by
insulation
– Solid wires have low attenuation and so can reach 100
meters
– Easy to connectorize (add connectors to)
– Brittle and easy to break if handled roughly. Not good
for runs through open office areas
Solid-Wire Versus Stranded-Wire UTP,
Continued
• Stranded-Wire UTP
– Each of the eight “wires” is really several thin strands
of wire surrounded by insulation
– Flexible and rugged: ideal for running around an office

area
– Higher attenuation than solid-wire UTP so can only be

used in short runs—up to about 10 meters.
Patch Cords Versus Bulk Wire
• Patch Cords
– Cut to popular lengths and connectorized at the factory
– Tested for quality
– Use stranded-wire UTP, which is sufficiently rugged for
open office areas
– TIA/EIA-568 specifies patch cords for the run from the
wall jack to the desktop because it is rugged and
flexible
Patch Cords Versus Bulk Wire,
Continued
• Bulk Wire
– Comes in spools of 50 meters or more
– Can be cut to precise lengths needed to connect
devices
– Solid-wire UTP for longer distance and to make
connectorization easier
– Cut, connectorized, and tested by the user, by the
organization, or by a LAN installer
Patch Cords vs Bulk Wire
• Patch Cords
– Come in packages
– At your local
computer store
– Available in a variety
of lengths
Putting Wires in Order, Continued
• There are two popular color schemes in TIA/EIA-

568
– T568A and T568B
– T568B is the most commonly used color scheme
in the United States.
Note that T568A is a part of the TIA/EIA-568 standard, as

is T568B.
Pin Color
Pin 1 on this side
1 White-Orange T568B on both ends
2 Orange of the cord
3 White-Green
4 Blue
5 White-Blue
6 Green
7 White-Brown RJ-45 RJ-45
Connector Jack
8 Brown
Pin Color
1 White-Orange
NIC Transmits on
2 Orange 1 and 2 (Orange)
3 White-Green
4 Blue
NIC Receives on
5 White-Blue 3 and 6 (Green)
6 Green
7 White-Brown
T568B
8 Brown
Pin Color
1 White-Orange Fan out the wires in their
correct order, with white-
2 Orange
orange on the left and
3 White-Green brown on the right
4 Blue
5 White-Blue
T568B
6 Green
7 White-Brown
8 Brown
Connectorize the Cord
• Cut the wires straight across so that no more than 1.25 cm (a half inch)
of wires are exposed from the jacket
– This controls terminal cross-talk interference
• Be sure to cut straight across or the wires will not all reach the pins
when you push them into the connector in the next step!
Step 2 – Untwist wire ends
• Sort wires by insulation colors

• Insert your wires into the connector, white-
orange on left.
• TIA/EIA 568A: GW-G OW-Bl BlW-O BrW-Br
• TIA/EIA 568B: OW-O GW-Bl BlW-G BrW-Br
Step 4 – Trim wires to size
• Trim all wires evenly

• Leave about ½” of wires exposed
Step 5 – Attach connector
• Insert your wires into the

connector, white-orange
on left.
• Maintain wire order, left-
to-right, with RJ45 tab
facing downward.
Step 6 - Check
• Push the wires all the way to the end

• Check , do all wires extend to end?
• Check if wires sheath well inside connector?
• Push the wires all the way to the end
Check the Connector
• Examine the
Pin Color
Connector
1 White-Orange
– Are the wires in the
correct order? 2 Orange
– Hint: as a rough first 3 White-Green
check, the 1st, 3rd, 5th,
4 Blue
and 7th wires from the
left should be mostly 5 White-Blue
white 6 Green
– If not, reinsert them in
7 White-Brown
the correct order
8 Brown
Stripper
Put Cord
Here
Stripped
Jacket
Crimp the Wire into the Connector
Step 7 - Crimp
• Squeeze firmly to crimp connecter

onto cable end (8P)
RJ-45 Connector (Side View)
Strain Relief
Area for Crimping
Top
Back: Front:
Hole for Connector
UTP Cord Pins
Spring Clip to
Hold Connector in
Test Your Cord
• After you have connectorized both ends, test

your cord
• Misconnection is very common, so every
cord must be checked
• Inexpensive continuity testers make sure
wires are connected electrically and in the
right order
• Expensive performance testers test for the
quality of propagation
Test Your Cord, Continued
• Continuity Tester
– Test for wires being
in right slots and
making good
contact
– Place connectors of
cord into two ends
– Hit Test button
– Did it work?
• If It Didn’t Work
– Be sure you understand the problem
– If an open connection, one or more of the wires was
not pushed all the way to the end or the crimping did
not push the pin all the way through the insulation.
Next time, cut the wires straight across and crimp very
firmly
– If miswired, see where it was miswired
– Cut off the ends of the cord and reconnectorize
• Signal Testers
– Expensive testers
– Test for signal quality
– Test for breaks with
time domain
reflectometry (TDR),
which sends
signals and looks for
reflections that indicate
breaks
Wide Area Network
WAN-wide-area network
• A WAN is a data communications network that covers a

relatively broad geographic area and that often uses
transmission facilities provided by common carriers, such
as telephone companies.
• WAN technologies generally function at the lower three
layers of the OSI reference model: the physical layer, the
data link layer, and the network layer.
Switching Methods
• Switching refers to the routing process used to move data

throughout the WAN. A protocol only uses one type of switching.
Switching methods influence how quickly routing takes place.
The three switching methods we will review are the following:
• Circuit switching
• Packet switching
• Cell switching
Circuit Switching
• Switched circuits allow data connections that can

be initiated when needed and terminated when
communication is complete. This works much like
a normal telephone line works for voice
communication. Integrated Services Digital
Network (ISDN) is a good example of circuit
switching.
Circuit Switching
Packet Switching
• Packet switching is a WAN technology in which users share common

carrier resources.
• In a packet switching setup, networks have connections into the
carrier's network, and many customers share the carrier's network.
The carrier can then create virtual circuits between customers' sites
by which packets of data are delivered from one to the other through
the network.
• Some examples of packet-switching networks include Asynchronous
Transfer Mode (ATM), Frame Relay, Switched Multimegabit Data
Services (SMDS), and X.25.
Packet Switching
WAN Virtual Circuits
• A virtual circuit is a logical circuit created within a

shared network between two network devices.
Two types of virtual circuits exist:
– switched virtual circuits (SVCs) and
– permanent virtual circuits (PVCs).
SVC
• SVCs are virtual circuits that are dynamically established

on demand and terminated when transmission is
complete.
• Communication over an SVC consists of three phases:
– circuit establishment,
– data transfer, and
– circuit termination
SVC
• The establishment phase involves creating the virtual

circuit between the source and destination devices.
• Data transfer involves transmitting data between the
devices over the virtual circuit
• The circuit termination phase involves tearing down the
virtual circuit between the source and destination devices.
PVC
• PVC is a permanently established virtual circuit

that consists of one mode: data transfer. PVCs
are used in situations in which data transfer
between devices is constant.
Cell Switching
• Cell switching is a form of packet switching.

• The main difference between a packet-switched
network and a cell-switched network is the size of
the cell. Cells are extremely small and do not vary
in size. Their size makes them fast and provides
for a network with a low latency.
• An example of a cell-switched network is
Asynchronous Transfer Mode (ATM)
What is ISDN?
• ISDN (Integrated Services Digital Network ) is

comprised of digital telephony and data-transport
services offered by regional telephone carriers. Ex-
BSNL, VSNL etc.
• ISDN includes the digitization of the telephone
network, which permits voice, data, text messages,
graphic games, music and video which can be
transmitted over existing telephone wires.
Features of ISDN
• Uses Digital Signal

• Uses Existing telephone wiring
• Charges are generally based on the duration of
call (How long the WAN link was used)
• Alternate to using leased lines
• Can transport many types of Network traffic
(Voice, Data, Video, Text, Graphics etc)
• Faster Data transfer rate than modems
• Faster Call setup than Modems
ISDN Components
• Terminal Equipment type 1 (TE1)
* ISDN compatible device (Router with ISDN Interface)
* TE1s connect to the ISDN network through a four-wire, twisted-pair
digital link
• Terminal Equipment type 2 (TE2)
* ISDN Non-compatible devices.
* Will require a terminal adapter.
• Terminal Adapter (TA)
* Converts standard electrical signals into the form used by ISDN
* Needed for connection with TE2 devices
* The ISDN TA can be either a standalone device or a board inside
the TE2
ISDN Components
• Network termination type 1 (NT1)
* Network-termination devices that connect the four-wire Subscriber
wiring to the conventional two-wire local loop
* Is a customer premises equipment (CPE) device (North America)
• Network termination type 2 (NT2)

* Intelligent device that performs switching & concentrating.
* Provides multiple ISDN interfaces on an ISDN line. The NT2 may
be as simple as a bridging device connected to an NT1 unit or it may be
as complicated as a PBX (Private Branch exchanges)
ISDN Reference points
ISDN specifies a number of reference points that define logical
interfaces between functional groupings, such as TAs and NT1s.
ISDN reference points include the following:
• R---The reference point between non-ISDN equipment and a TA.

• S---The reference point between user terminals and the NT2.
• T---The reference point between NT1 and NT2 devices.
• U---The reference point between NT1 devices and line-termination
equipment in the carrier network. The U reference point is
relevant only in North America, where the NT1 function is not
provided by the carrier network
ISDN Reference points
Reference points are a series of specifications that define the

connection between specific devices, depending on their
function in the end-to-end connection
Telecommuter/Remote User
 Using Modem>
 Using ISDN>
Telecommuter/Remote Office
Components & Considerations

• ISDN Router.
• Multiple remote users at the same location.
Channels?
• ISDN features two channels to perform at its

best.
– Bearer channel (B-channel=64 kb/s) clear pipe
for data.
– Delta channel (D-channel, 16 kb/s or 64 kb/s)
call signaling information:
• who is calling
• type of call
• calling what number
B- Channel
• B-Channel is known as bearer channel.

• The B-Channel is used for transferring Data, voice,
text and video.
• The B-channel transmits the data at the speed of 64
kbps.
• But as we know as the technology advances, the speed
will increase.
D-Channel
• D-Channel currently known as Delta channel.

• D-channel is used primary for only communication or
signaling.
• The D-channel transfer its voice data on either 16kbps
or 64kbps.
ISDN channels and its
Interfaces
• Now to transfer ISDN channels to its user, it also requires

one or two design.
• A it could be BRI (Basic rate interface)
• B it could be PRI (Primary rate interface)
• BRI is used mostly by people who wants to connect to the
internet using ISDN. This interface uses two 64kbps and
one 16kbps over a standard household phone line.
ISDN Service
BRI (Basic Rate Interface)

• Connection from the ISDN office to the user location provides for access
to three channels. The channels are two 64Kb B-channels and one 16Kb
D-channel.
• The B-channels and the D-channel provide the user with access to the
circuit switched network.
ISDN Service
PRI (Primary Rate Interface)

• ISDN Primary Rate Interface service provides digital access via a T1
line. A T1 line provides a 1.544 bandwidth. This bandwidth is divided into
24 64Kb channels. The ISDN PRI service uses 23 B channel access
and uses the 24th (D) channel for signaling purposes.
PRI VS BRI
• PRI is primary used in big business because of

communication needs plus its also expensive. This
interface uses twenty three 64 kbps and one 64 kbps
from D-Channel over standard phone line.
• BRI is the most common service provided by ISDN
towards its user. The reason why its more common is
because of holding three calls at the same time. Ex-
fax.
WAN Implementation
Speed
Comparison
of WAN
technology
transmission
speeds
FDDI Technology
The Fiber Distributed Data Interface (FDDI) is a

high-speed LAN using ring topology with a data
rate of 100 Mbps. FDDI support high bandwidth
and greater distances than copper .
FDDI Technology
FDDI uses dual-ring architecture with traffic on each ring

flowing in opposite directions (called counter-rotating).
The dual rings consist of a primary and a secondary ring.
During normal operation, the primary ring is used for data
transmission, and the secondary ring remains idle. The
secondary ring is used for backup in the case of primary
breakdown
FDDI TOPOLOGY
FDDI Technology
One of most important features of FDDI is its use of

optical-fiber transmission for media . the main
advantage of using fiber optic over copper wiring
is security; because there is no electrical signal
on the media to tap.
FDDI Technology
FDDI allows up to 1000 stations to be connected to

the ring, with a maximum ring circumference of
200 km .
Next figure shows the counter-rotating primary and
secondary FDDI rings.
FDDI Technology
Components of FDDI
The components of FDDI are a fiber-optic , a

concentrator (ring) , and the stations connected to
the concentrator
Components of FDDI
There are two types of stations used in FDDI

1-Dual Attachment Station (DAS) or class A : DAS is
attached to both rings and has two ports to
connect to the ring , one connected to the primary
ring and other to the secondary ring
2- Single Attachment Station (SAS) or class B : SAS
attaches to the primary ring
Dual Ring
If a station on the dual ring fails or is powered

down, or if the cable is damaged, the dual ring is
automatically wrapped (doubled back onto itself)
into a single ring. When the ring is wrapped, the
dual-ring topology becomes a single-ring
topology
Dual Ring
Data continues to be transmitted on the FDDI ring

without performance impact during the wrap
condition.
Dual Ring
It should be noted that FDDI truly provides fault

tolerance against a single failure only. When two or
more failures occur, the FDDI ring segments into
two or more independent rings that are incapable of
communicating with each other
Why haven't companies converted Ring
to Ethernet and Token FDDI ?
First, the cost of FDDI interfaces has been 5-10

times more than Ethernet interfaces, and 3-5
times more than Token Ring interfaces. Also,
FDDI concentrators have also been expensive.
Second, 100Mbps throughput has not been
needed until recent years.
FDDI Characteristics
FDDI LAN operations offer several advantages over

Ethernet and Token Ring LANs.
First: FDDI will provide 100Mbps of data

throughput. FDDI also offers a redundancy
feature which is not available on Ethernet or
Token Ring.
Second: equipment can be connected to the FDDI

ring with two interfaces Both interfaces are active
and are continuously passing Management
Packets. The primary ring passes data packets
during normal operation. If one interface or set of
interface cables is taken out of service, the other
interface will go into a "loop" state which allows
the equipment to remain part of the ring.
Third: FDDI also provides a method for connecting

equipment to the ring over long distances. The
maximum distances between pieces of
equipment operating on the ring is 2kmeters
using multimode fiber and 20kmeters using
single-mode fiber.
Single-Mode and Multimode Fibers
Fourth: FDDI also allows all pieces of equipment

operating on the ring to have an equal amount of
time to transmit data. This results in high
throughput without data collisions.
A final feature offered with FDDI is distributed

management. FDDI is a LAN with Station
ManagemenT (SMT), The function of s SMT is
ring control, ring initialization, station insertion
and station remove.
Comparison of basic characteristics
Data Rate Ring

Technology Media Recovery
(Mbps) s
IBM Token Can handle a computer failure but can?t recover from a broken
4/16 Twisted pair 1
Ring connection.
Not Can handle a computer failure but can?t recover from a broken
IEEE 802.5 4/16 1
specified connection.
CDDI 4/16 Twisted pair 2 Can recover from a brokenconnection (Self healing).
FDDI 100 Optical fiber 2 Can recover from a brokenconnection (Self healing).
FDDI Access Method
FDDI uses token passing as an access method

similar to the IEEE 802.5 token ring any
station want to transmit information holds the
token and then transmits the information and
when it finish it realizes the token in the ring.
FDDI Access Method
The length of time a station holds the token is

called synchronous allocation time (SAT) and this
time is variable for each station . The allocation of
this time to each station is achieved by station
management
SONET/SDH
SONET/SDH
• Synchronous Optical NETwork (SONET) is a North

American standard that allows the uniting of unlike
transmissions into one single data stream.
• Synchronous Digital Hierarchy (SDH) is the European
standard designed for the same purpose as SONET.
• The Synchronous Optical Network (SONET), or
Synchronous Digital Hierarchy (SDH) as it’s known in
Europe, offers the ability to construct large-scale, high-
speed IP networks over fiber optics.
Characteristics of SONET
• SONET allows multiple companies to transmit the

packets on their networks onto a SONET backbone to be
transmitted to a remote location using fiber-optic cabling
• The SONET topology can be either a dual ring
architecture or a star.
• SONET is often used for Internet and large internetwork
backbone services.
• SONET is capable of providing high-bandwidth capacity
for data transmission as well as voice traffic and even
cable television.
Few words more
• SONET is a global standard focusing on

synchronous communications that are
multiplexed.
• In synchronous networking, all the clocks are
synchronized to the same time.
• The time division multiplexing enables signals
from slower networks to be blended together
directly with SONET signals as they are moved
onto the SONET network.
SONET and SDH
• This architecture allows for different media types and transmission

types to be combined into one stream and sent over a fiber-optic
cable and is measured by optical carrier speed, which is the
standard for fiber transmission.
• SONET runs at the lowest OC rate, which is a minimum speed of

54.84 Mbps, known as SONET-1.
• The highest level is SONET-192 with a speed of 9953.280 Mbps.
• SDH has no equivalent for SONET-1 at the speed of 51.84 Mbps,

but has a low speed of 155.520 Mbps mapping to SONET-3. The
different SDH levels are termed synchronous transfer mode (STM).
• SONET is divided into electrical levels that have varying speeds,

termed synchronous transport signals (STS).
Layers of SONET
• Four layers comprise the SONET protocol stack

– Bottom layer
– Section layer
– line layer
– path layer
Layers of SONET
• The bottom layer, called the photonic layer, provides the

conversion from electrical signals to optical signals.
• The section layer handles the transport of frames across
the media.
• The line layer provides synchronization and multiplexing
for the path layer, which is the next layer.
• The path layer maps services between the equipment at
each end of a path. An upper-layer service could be a T1
or T3 signal. Note that these services can be much
slower than the optical rates available on SONET.
Synchronous Transport Signals
• The signals used to transmit across SONET are

framed as Synchronous Transport Signals. When
SONET transmits across fiber optics, it calls
these signals Optical Carrier signals.
• SONET’s basic transmission rate, Synchronous
Transport Signal level 1 (STS-1), also considered
Optical Carrier 1 (OC1), is 51.84 Mbps.
SONET Signal Level
SONET Signal Level SDH Level Data Rate

STS-1 None 51.84 Mbps
STS-3 STM-1 155.52 Mbps
STS-24 STM-8 1.24 Gbps
STS-48 STM-16 2.488 Gbps
STS-192 STM-64 10 Gbps
STS-256 13.271 Gbps
STS-768 40 Gbps
Optical Carrier (OC)
• The optical carrier (OC) standard is used to specify

bandwidth for transmissions that are sent over fiber-optic
cables. These standards are used to rate the SONET
standards and will correlate to the bandwidths available
for SONET/SDH.
• One OC channel (OC-1) is 51.84 Mbps, as is STS-1.
When multiple channels are used, the bandwidth
increases by 51.84 Mbps per channel. For example, nine
OC channels (OC-9) are composed of nine OC-1
channels at 51.84 Mbps each. This results in a bandwidth
of 9 x 51.84 Mbps, for a total bandwidth of 466.56 Mbps.
Optical Carrier Level
Optical Carrier Level SONET Electrical Level SDH Level Bandwidth

OC-1 STS-1 None 51.84 Mbps
OC-3 STS-3 STM-1 155.52 Mbps
OC-24 STS-24 STM-8 1244.16 Mbps
OC-36 STS-36 STM-12 1866.24 Mbps
OC-48 STS-48 STM-16 2488.32 Mbps
OC-96 STS-96 STM-32 4976.64 Mbps
OC-192 STS-192 STM-64 9953.28 Mbps

T-Carrier System
• The T-carrier system is a series of data transmission

formats developed by Bell Telephone for use in the
telephone network system in North America and Japan.
• E-carrier is used in Europe, Mexico, and South America.
• T1 is composed of twenty-four channels that are made up
of 64 Kbps bandwidth each, for a total of 1.544 Mbps.
The twenty-four channels are referred to as digital signal
level 0 (DS0), with the twenty-four DS0 channels making
a digital signal level 1 (DS1). These lines can be
multiplexed into faster links.
T1/E1
• T1 and E1 lines are each multiples of DS0 signals. The

T1 line provides 1.544 Mbps, while the E1 line provides
2.048 Mbps. The difference in data rates results from the
T-carrier system’s method of bit-robbing.
• Customers can purchase fractional-T1 lines, which are
actually multiples of the DS0 signal. With Frac-T1, the
customer rents a number of the 24 channels within a T1
line. The remaining channels go unused. For example, a
Frac-T1 line can be 128 Kbps, 256 Kbps, 512 Kbps, and
so on.
T3/E3
• T3 lines are digital carriers, equivalent to 28 T1

lines, that can transmit at the rate of 44.736
Mbps. E3 lines provide 16 E1 lines, with a
transmission rate of 34.368 Mbps.
Digital Subscriber Line
• DSL is commonly seen as xDSL, where the x

specifies what type of DSL is in use.
• DSL is commonly used to access the Internet
from both residential and business locations to
provide high-speed access to the Internet. DSL
became very popular as dial-up technologies
become increasingly unable to meet the demand
for fast access to the Internet.
Digital Subscriber Line
• One benefit of DSL is that it is not a shared medium,

unlike cable networks, which use shared access. Shared
access means that when there is heavy usage of the
system, less bandwidth is available to individual users.
DSL is dedicated bandwidth so the only one using that
bandwidth is you.
• One drawback of DSL, however, is that the quality of
service is dependent on the user’s distance from the
central office (CO). The CO is where the network
endpoint is located, and is generally run by your ISP. The
farther you are from the CO, the worse (slower) the
service is.
Types of xDSL
• Two main types of xDSL are

• ADSL ( Asymmetric Digital Subscriber Line)
• SDSL (Symmetric Digital Subscriber Line)
• The other types of of xDSL are
• ISDN Digital Subscriber Line (IDSL)
• High Data Rate Digital Subscriber Line (HDSL)
• Symmetric Digital Subscriber Line (SDSL / SHDSL)
• Symmetric High-speed Digital Subscriber Line G.SHDSL
• Rate-Adaptive Digital Subscriber Line (RADSL)
• Very High Speed Digital Subscriber Line
– And many others
Asymmetric digital subscriber line (ADSL)
• ADSL is the most widely deployed form of DSL

technology. Most homes and small businesses
currently using DSL technology use ADSL.
• ADSL is used to transmit digital information on
pre-existing phone lines. Although using the
phone lines, it is still much quicker than dial-up.
Unlike dial-up ADSL provides an always on
connection to the Internet. ADSL is also able to
place voice and data information on the same
line.
• A number of ADSL modems have the filter built
into the modem so the filter wall plate may not be
needed.
Design feature of ADSL
• The main design feature of ADSL is that is it asymmetric.

This means that ADSL is designed to provide more
bandwidth in one direction than in the other. The reason
for this is quite practical; think of how much data you
download from the Internet (every time you access a Web
page, you are downloading). For most users, the amount
of information that is uploaded is minimal, so in ADSL,
bandwidth is allocated where it’s needed (on the
downstream channel). ADSL generates downstream
speeds of about 8 Mbps and upstream speeds of up to
640 Kbps.
SDSL (Symmetric Digital Subscriber Line)
• SDSL is typically used in larger companies, and the

upstream and downstream channels are the same size;
that is, the download speed and upload speed are equal.
SDSL operates at about 2-2.5 Mbps.
• Asymmetric Digital Subscriber Line (ADSL) uses different
download and upload speeds (asymmetric), whereas
Symmetric Digital Subscriber Line (SDSL) uses an
equivalent upload and download bandwidth; home users
typically use ADSL, but businesses most often use SDSL.
Cable Modem (CM)
• It is the architecture designed to operate over

cable TV lines.
• Because the coaxial cable used by cable TV
provides much greater bandwidth than telephone
lines, a cable modem can be used to achieve
extremely fast access to the World Wide Web
(WWW). Cable modems are commonly used in
small and home offices.
• Cable Modem Termination System. Central
device for connecting the cable TV network to a
data network like the internet. Normally placed in
the head-end of the cable TV system.
Cable Modem
• Cable networks provide a shared access to the

users on the network, so heavy usage can slow it
down, unlike DSL, which has dedicated user
access.
• However, DSL has generally slower upload speeds
than download speeds, unlike cable networks.
Since cable networks do not use preexisting phone
lines in the home, cable companies will have to
install a line into your home if one doesn’t already
exist.
HFC Network (Hybrid Fiber-Coax network)
• Hybrid Fiber-Coax network is a communications

network (typically a cable TV network) that uses a
combination of optical fibers and coaxial cable.
The fiber provides the high-speed backbone, and
the coax is used to connect end users to the
backbone. Such networks typically use matching
DOCSIS cable modems at the head end and the
customer premises, providing bidirectional paths
and Internet access.
Network Security
Network security
• Network security is a very important issue because of

various network security threats that every company is
facing.
• Main security threats

– Altering data.
– Eavesdropping.
– IP address spoofing.
– Password pilfering.
– Denial of service.
– Virus.
Security threats
• Altering data.
This active attack takes place when data is interrupted in
transit and modified before it reaches its destination, or
when stored data is altered.
• Eavesdropping.
This passive attack takes advantage of network traffic
that is transmitted across the wire in clear text. The
attacker simply uses a device that monitors traffic and
“listens in” to discover information. You’ll hear this term
referred to as sniffing the wire, and sometimes as
snooping.
Security threats
• IP address spoofing.
One way to authenticate data is to check the IP
address in data packets. If the IP address is valid,
that data is allowed to pass into the private
network. IP address spoofing is the process of
changing the IP address so that data packets will
be accepted. IP address spoofing can be used to
modify or delete data, or to perpetuate an
additional type of attack.
Security threats
• Password pilfering.
A hacker will obtain user IDs and passwords, or even
encryption keys, to gain access to network data, which
can then be altered, deleted, or even used to create
another attack. This type of attack is usually done by
asking unsuspecting users, reading sticky notes
containing passwords that are posted next to
computers, or sniffing the wire for password
information. Sometimes a hacker will attempt to get
hired at a company merely to obtain an ID and
password with access rights to the network.
Security threats
• Denial of service.
This active attack is intended to cause full or partial
network outages so that people will not be able to use
network resources and productivity will be affected.
The attacker floods so many packets through the
network or through specific resources that other users
can’t access those resources. The denial-of-service
attack can also serve as a diversion while the hacker
alters information or damages systems.
Security threats
• Virus.
A virus is an attack on a system. It is a piece of
software code that is buried inside a trusted application
(or even an e-mail message) that invokes some action
to wreak havoc on the computer or other network
resources.
Security Protocols
• Security protocols are responsible for maintaining

the privacy of our computer by using some
security policy.
Some main Security protocols

– IPSEC
– PPTP
– L2TP
– SSL
– Kerberos
IPSec
• defined by the IETF (Internet Engineering Task Force).

• It is a framework of open standards for ensuring private,
secure communications over Internet Protocol networks,
through the use of cryptographic security services.
• IPSec, ensures the privacy of network traffic as well as its
authentication.

Basic Networking - Pps

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Basic Networking - Pps

Uploaded by

Copyright:

Available Formats

Learn Basic Networking

What we are going to learn

– Carrier Sense Multiple Access With Collision detection (C...

– SONET and SDH

• Connecting systems to share information and

• As simple as two computers connected with a

• Allow groups of users to exchange information

Must understand specialized networking

• Hosts: The term hosts refers to any computer or device

– Server — shares resources across network,

• Network protocols – a common set of rules

• Network software issues requests and responses

• Two major types of networks

• Peers with no centralized control over shared resources

• Easy to install and configure

• Security applies to single resource at a time

• Server responds to client requests

• One or more servers may do centralized

• At worst, server failure renders network

• Uses high-speed network links between servers

• Provide centralized control over network

• Offer many advantages, including:

• Short-range networking technology used to

• No single standard exists for PANs

• Point to point communication not usually

– Large geographical area

Hosts in a large geographical area connected

• Wide area network (WAN) – spans distances

• Early networks – custom-built, expensive,

• Client/Server Model with Dedicated Servers

• Client/Server Model with General Servers

• Topology: Topology is the physical layout of the network

• Main topologies: bus, ring, star, and mesh

• Terminator signals end of physical segment

• Ring topology: continuous data path

• Star topology: multiple nodes attached to central device

• Star-Bus (star-wired) topology

• Star-Ring (Star-Wired) Topology

• Carrier Sense means that every Ethernet device listens to

• It is the protocol used in Ethernet networks

• Imagine a very simple Ethernet network with only two nodes.

• CSMA/CA is a protocol for carrier transmission in

• In CSMA, a station wishing to transmit has to first listen to the

• If the channel is sensed "idle" then the station is permitted to

• In CSMA/CA (LocalTalk), once the channel is clear, a station

Token Ring uses a ring topology whereby the data is sent

• At the start, a free Token is circulating

• The packet of data is then sent to

• The receipt is then sent to

• Machine 1 recognizes the

• A Token Ring hub simply changes the topology

• Developed in 1977 to create concrete protocols

• Although OSI model is used as the standard, not

• Encodes transmissions of data over network

• Place where actual TCP/IP protocols that are

• Corresponds to Network Layer in OSI

• Facilitates end to end communication over

• Covers top 4 layers of OSI model

Repeater, Switch Hub, Router etc

• Additional Network Hardware Devices

•Fiber-optic - A cable, consisting of a center glass core surrounded by layers of

•Atmosphere/Wireless – Uses Electromagnetic waves. whose frequency