Question 1

Overview: As an IT Support Specialist, it’s important that you fully grasp how networks work.
You may need to troubleshoot different aspects of a network, so it’s important that you know
how everything fits together. This assignment will help you demonstrate this knowledge by
describing how networks function.

What You’ll Do: In your own words, describe what happens at every step of our network
model, when a node on one network establishes a TCP connection with a node on another
network. You can assume that the two networks are both connected to the same router.

Your submission must include a detailed explanation of the following:

 Physical layer
 Data link layer
 Network layer
 Transport layer
 MAC address
 IP address
 TCP port
 Checksum check
 Routing table
 TTL
Let’s say computer 1 (node 1) is requesting data from a server (node 2). Node 2 will be
referred as computer 2. Computer 1 is on network A and computer 2 is on network B, but both
networks are connected via the same router. Computer 1 is seeking to establish a TCP
connection with computer 2, to access a web page served by computer 2.

To establish this connection, it starts with the physical layer, which makes connections possible
through the cabling, computers, routers and server hardware that are physically or wirelessly
connected. Through the configuration of these elements, computers are able to send data
back and forth between network A and B.

An application such as a web browser on computer 1 communicates with the local networking
stack, responsible for handling networking functions. The application seeks to establish a TCP
connection to computer 2, which is listening on port 80. The application is seeking to connect
to computer 2’s IP address via a TCP port, as this information is encoded into the URL that
computer 1 is seeking to fetch data from.

At the data link layer, the networking stack examines its own subnet. However, it sees that the
IP destination address lives on another network. Then, computer 1 knows it must send any
data to its gateway for routing to a remote network. Next, computer 1 examines the gateway
configuration number between network A and the router. It looks at the ARP (Address
Resolution Protocol) table to determine the MAC address of the gateway. If it does not find
any corresponding entry, computer 1 crafts an ARP Broadcast using the MAC address
FF:FF:FF:FF:FF:FF. This ARP discovery request is sent to every node on the local network.

When router A received the ARP message, it sees that it is currently assigned the IP address
that computer 1 is connected with. The router responds to computer 1 to specify about the
router’s MAC address. Computer 1 receives the message and knows the hardware address of
its gateway. Now, computer 1 is ready to start building the outbound packet.

The web browser asks Computer 1 to create an outbound TCP connection. Since this is a TCP
connection, the operating system will need an available outbound TCP (ephemeral) port and
open a socket to connect the web browser to this port.

Before transmitting any of the data the web browser wants to, the networking stack needs to
establish a connection. The networking stack starts to build a TCP segment. A TCP segment
(Transport layer) must be constructed. All necessary information is included in the TCP header
such as the source port (5000, ephemeral port) and a destination port (80). In addition, a
sequence number is chosen to fill in the sequence number field. The “SYN” control flag is set,
and a checksum is calculated and written to the checksum field. At the TCP segment data
payload area, the web browser places its data.

Then, the newly constructed TCP segment is encapsulated in the Network Layer IP datagram.
The IP header is constructed and includes the source IP address (computer 1’s network) and
the destination IP address (computer 2’s network). In addition, the TTL field of the IP datagram
is set to 64. Then, the TCP segment is inserted as the data payload of the IP datagram. Then, a
checksum is calculated for the entire IP datagram to check the data integrity of the request.
Then, computer 1 needs to get the IP datagram to its gateway. Based on the ARP request
response received earlier, computer 1 knows the gateway’s MAC address. Computer 1 needs
to construct an Ethernet Datagram. The Ethernet frame will specify the source MAC address
(computer 1’s MAC address) and the destination MAC address (MAC address of the router).
Finally, the IP datagram is inserted as the data payload of the Ethernet frame and another
checksum is calculated.

Now, the Ethernet frame is ready to be sent across the physical layer components that connect
computer 1 to network A to the router. The network interface connected to computer 1
converts the Ethernet frame to binary data and sends it as modulations of the voltage of an
electrical current running across a CAT6 cable that's connected between it and network switch
of network A.

The switch received the frame and inspects the destination MAC address, which is the router
that was specified. The switch knows which of its interfaces this MAC address is attached to,
and forwards the frame across the cable connected from network A to the router.

As the router knows that this frame is intended for itself, it takes the entirety of the frame and
calculates a checksum against it. The compares this checksum with the one in the Ethernet
frame header and sees that they match, meaning that the data in the frame has been
transmitted successfully.

Then, the router strips away the Ethernet frame, leaving it with just the IP datagram. It
performs a checksum calculation against the entire datagram to check all data is correct. It
inspects the destination IP address that is specified within IP datagram and looks up this
destination in its routing table, to determine the quickest path to reach network B, where
Computer 2 lives. The router sees that the destination address of computer 2 is on a locally
connected network. So it decrements the TTL value by 1, calculates a checksum and creates a
new IP datagram.

A new Ethernet frame is created. This frame includes the router’s MAC address as the source
MAC address and computer 2’s MAC address as the destination MAC address. The new IP
datagram is inserted as the data payload of the new frame and a checksum is performed.

The new Ethernet frame is sent to network B. Network B inspect the destination MAC address
and sees that it belongs to computer B, which is also connected to this network. Then it
forwards the Ethernet frame to computer 2. Computer 2 receives the frame, identifies its own
MAC address as the destination and knows that it is intended for itself.

Again, computer 2 strips away the Ethernet frame, leaving the IP datagram. It calculates a
checksum to check that data has delivered intact. It recognized the destination IP address as its
own. Computer 1 strips away the IP datagram, leaving it with just the TCP segment. A
checksum for this layer is examined to check data integrity. Next, computer 2 examines the
destination port, which is port 80.

The networking stack on computer checks to ensure that there is an open socket on port 80
and it is in listen state by the server. Computer 2 sees that this packet has the SYN flag set and
it must respond with a “SYNK/ACK” to computer 1 in order to continue establishing the TCP
connection. Then, Computer 2 checks the sequence number to include it in the
acknowledgement number field of its SYN/ACK response.

To finish establishing the TCP connection, computer 2 would repeat the same steps to
construct a new TCP segment with a “SYN/ACK” response, IP datagram and Ethernet frame
back to computer 1. Then, after receiving the “SYN/ACK” response, computer 1 would repeat
the process again to send an “ACK” response back to computer 2.

When computer 2 receives the ACK response from computer 1, the three-way handshake
would be complete and the TCP connection would be fully established.