Agm Lice Broadband Module

AGM LICE Broadband Module
Chapter-16
OPEN SYSTEM INERCONNECTION (OSI) MODEL
2.1 Introduction
An ISO standard that covers all aspects of network communication is the Open
Systems Interconnection (OSI) model. An open system is a model that allows any two
different systems to communicate regardless of their underlying architecture. The purpose of
the OSI model is to open communication between different systems without requiring
changes to the logic of the underlying hardware and software. It is not a protocol but it is a
reference model. A reference model is a conceptual framework for understanding
relationships. The purpose of the OSI reference model is to guide vendors and developers so
the digital communication products and software programs they create will interoperate, and
to facilitate clear comparisons among communications tools.
2.1 THE MODEL
It consists of seven separate but related layers, each of which defines a segment of the
process of moving information across a network. Understanding the fundamentals of the OSI
model provides a solid basis for exploration of data communication.
2.2 Layered Architecture

The main concept of OSI is that the process of communication between two endpoints in a
telecommunication network can be divided into seven distinct groups of related functions, or
layers. Each communicating user or program is at a computer that can provide those seven
layers of function. So in a given message between users, there will be a flow of data down
through the layers in the source computer, across the network and then up through the layers
in the receiving computer.
OSI Page 1 of 11
For Restricted Circulation

Figure-10 OSI Model

The seven ordered layers: physical (layer 1), data link (layer 2), network (layer 3), transport
(layer 4), session (layer 5), presentation (layer 6), and application (layer 7).
2.3 Organization of the Layers
The seven layers belong to three subgroups. Layers 1, 2, and 3 – physical, data link,
and network – are the network support layers; they deal with the physical aspects of moving
data from one device to another .
Layers 5, 6, and 7 – session, presentation, and application – can be thought of as the user
support layers; they allow interoperability among unrelated software systems.
Layer 4, the transport layer, ensures end-to-end reliable data transmission (while layer 2
ensures reliable transmission on a single link). The upper OSI layers are almost always
implemented in software: lower layers are a combination of hardware and software ; except
for the physical layer, which is mostly hardware.
2.4 Peer-to-Peer processes
The active protocol elements in each layer are called entities, typically implemented
by means of a software process. Entities in the same layer on different computers are
called peer entities.
OSI Page 2 of 11

Within a single machine, each layer calls upon the services of the layer just below it.
E.g.,Layer 3, uses the services provided by layer 2 and provides services to layer 4.
Between machines, layer x on one machine communicates with layer x on another
machine. This communication is governed by an agreed-upon series of rules and conventions
called protocols. The processes on each machine, that communicate, at a given layer are
called peer-to-peer processes. Communication between machines is therefore a peer-to-
peer process using the protocols appropriate to a given layer.
At the physical layer, communication is direct: machine A sends a stream of bits to
machine B. At the higher layers, however, communication must move down through the
layers on machine A, over to machine B, and then back up through the layers. Each layer in
the sending machine adds its own information to the message it receives from the layer just
above it and passes the whole package to the layer just below it. This information is added in
the form of headers or trailers (control data added to the beginning or end of a data parcel).
Headers are added to the message at layers 6,5,4,3, and 2. A trailer is added at layer 2.
At layer 1 the entire package is converted to a form that can be transferred to the
receiving machine. At the receiving machine, the message is unwrapped layer by layer, with
each process receiving and removing the data meant for it. For example, layer 2 removes the
data meant for it, then passes the rest to layer 3. Layer 3 removes the data meant for it and
passes the rest to layer 4, and so on.
2.5 Interfaces between Layers
The passing of the data and network information down through the layers of the sending
machine and back up through the layers of the receiving machine is made possible by an
interface between each pair of adjacent layers.
 The layer- n entity passes an interface data unit (IDU) to the layer-( n – 1) entity.
 The IDU consists of a protocol data unit (PDU) and some interface control
information (ICI). The ICI is information, such as the length of the SDU, and the
addressing information that the layer below needs to perform its function.
 The PDU is the data that the layer- n entity wishes to pass across the network to its peer
entity. It consists of the layer- n header and the data that layer n received from
layer (n+1).
 The layer- n PDU becomes the layer-( n – 1) service data unit (SDU), because it is the
data unit that will be serviced by layer n.
 When layer n – 1 receives the layer- n IDU, it strips off and "considers" the ICI, adds the
header information for its peer entity across the network, adds ICI for the layer below,
and passes the resulting IDU to the layer n – 2 entity.
OSI Page 3 of 11

Each interface defines what information and services a layer must provide for the layer above
it. Well-defined interfaces and layer functions provide modularity to a network.
2.6 Encapsulation
The sending and receiving of data from a source device to the destination device is
possible with the help of networking protocols by using data encapsulation. The data is
encapsulated with protocol information at each layer of the OSI reference model when a host
transmits data to another device across a network
The process starts out at layer 7 (the application layer), then moves from layer in
descending sequential order. At each layer (except layer 7 and 1), a header is added to the
data unit. At layer 2, a trailer is added as well. When the formatted data unit passes through
the physical layer (layer 1), it is changed into an electromagnetic signal and transported along
a physical link.
Figure-11 Data Encapsulation

Upon reaching its destination, the signal passes into layer 1 and is transformed back
into bits. The data units then move back up through the OSI layers. As each block of data
reaches the next higher layer, the headers and trailers attached to it at the corresponding
sending layer are removed, and actions appropriate to that layer are taken. By the time it
reaches layer 7, the message is again in a form appropriate to the application and is made
available to the recipient.
2.7 Functions of The Layers
2.8.1 Physical Layer
OSI Page 4 of 11

The physical layer, the lowest layer of the OSI model, is concerned with the
transmission and reception of the unstructured raw bit stream over a physical medium. It
describes the electrical/optical, mechanical, and functional interfaces to the physical medium,
and carries the signals for all of the higher layers.
Figure-12 Data Transmission in Physical Layer

The physical layer is concerned with the following:
 Physical characteristics of interfaces and media. The physical layer defines the
characteristics of the interface between the devices and the transmission medium. It
also defines the type of transmission medium.
 Representation of bits. The physical layer data consist of a stream of bits (sequence
of 0s and 1s) without any interpretation. To be transmitted, bits must be encoded into
signals – electrical or optical. The physical layer defines the type of encoding (how 0s
and 1s are changed to signals).
 Data rate. The transmission rate – the number of bits sent each second – is also
defined by the physical layer. In order words, the physical layer defines the duration
of a bit, which is how long it lasts.
 Synchronization of bits. The sender and receiver must be synchronized at the bit
level. In other word , the sender and the receiver clocks must be synchronized.
 Line configuration. The physical layer is concerned with the connection of devices
to the medium. In a point-to-point configuration, two devices are connected together
through a dedicated link. In a multipoint configuration, a link is shared between
several devices.
 Physical topology. The physical topology defines how devices are connected to make
a network. Devices can be connected using a mesh topology (every device connected
OSI Page 5 of 11

to every other device), a star topology (devices are connected through a central
device), a ring topology (every device is connected to the next, forming a ring), or a
bus topology (every device on a common link).
 Transmission mode. The physical layer also defines the direction of transmission
between two devices: simplex, half-duplex, or full-duplex. In the simplex mode, only
one device can send; the other can only receive. The simplex mode is a one-way
communication. In the half-duplex mode, two devices can send and receive, but not at
the same time. In a full-duplex (or simply duplex) mode, two devices can send and
receive at the same time.
2.8.2 Data Link Layer
The data link layer transforms the physical layer, a raw transmission facility, to a reliable link
and is responsible for node-to-node delivery. It makes the physical layer appear error free to
the upper layer (network layer).
Specific responsibilities of the data link layer include the following:
 Framing. The data link layer divides the stream of bits received from the network layer
in to manageable data units called frames.
 Physical addressing. If frames are to be distributed to different systems on the network,
the data link layer adds a header to the frame to define the physical address of the
sender (source address) and /or receiver (destination address) of the frame. If the frame
is intended for a system outside the sender’s network, the receiver address is the address
of the device that connects one network to the next.
 Flow control. If the rate at which the data are absorbed by the receiver is less than the
rate produced in the sender, the data link layer imposes a flow control mechanism to
prevent overwhelming the receiver.
 Error control. the data link layer adds reliability to the physical layer by adding
mechanisms to detect and retransmit damaged or lost frames. It also uses a mechanism to
prevent duplication of frames. Error control is normally achieved through a trailer added
to the end of the frame.
 Access control. when two or more devices are connected to the same link, data link layer
protocols are necessary to determine which device has control over the link at any given
time.
OSI Page 6 of 11

Figure-13 Data Flow in Data Link Layer
2.8.3 Network Layer
The network layer is responsible for the source-to destination delivery of a packet
possible across multiple network (link). Whereas the data link layer oversees the delivery of
the packet between two systems on the same network (link), the network layer ensures that
each packet gets from its point of origin to its final destination.
If two systems are connected to the same link, there is usually no need for a network
layer. However, if the two systems are attached to different networks (links) with connecting
devices between the networks (link), there is often a need for the network layer to accomplish
source-to-destination delivery.
Specific responsibilities of the network layer include the following:
 Logical addressing. The physical addressing implemented by the data link layer
handles the addressing problem locally. If a packet passes the network boundary, we
need another addressing system to help distinguish the source and destination systems.
The network layer adds a header to the packet coming form the upper layer that, among
other things, includes the logical addresses of the sender and receiver.
 Routing . When independent networks or links are connected together to create an
internetwork (a networks) or a large network, the connecting devices (called routers or
gateways) route the packets to their final destination. One of the functions of the
network layer is to provide this mechanism.
Figure-14 Data Flow in Network Layer
2.8.4 Transport Layer
OSI Page 7 of 11

The transport layer ensures that messages are delivered error-free, in sequence, and
with no losses or duplications. It relieves the higher layer protocols from any concern with
the transfer of data between them and their peers.
The transport layer provides:
 Service-point addressing. Computers often run several programs at the same time.
For this reason, source-to-destination delivery means delivery not only from one
computer to the next but also from a specific process (running program) on one
computer to a specific process (running program) on the other. The transport layer
header therefore must include a type of address called a service-point address (or
port address). The network layer gets each packet to the correct computer; the
transport layer gets the entire message to the correct process on that computer.
 Segmentation and reassembly. A message is divided into transmittable segments,

each segment containing a sequence number. These numbers enable the transport
layer to reassemble the message correctly upon arriving at the destination and to
identify and replace packets that were lost in the transmission.
 Connection control. The transport layer can be either connectionless or connection-
oriented. A connectionless transport layer treats each segment as an independent
packet and delivers it to the transport layer at the destination machine. A connection-
oriented transport layer makes a connection with the transport layer at the destination
machine first before delivering the packets. After all the data are transferred, the
connection is terminated.
 Flow control. Like the data link layer, the transport layer is responsible for flow
control. However, flow control at this layer is performed end to end rather than across
a single link.
 Error control. Like the data link layer, the transport layer is responsible for error
control. However, error control at this layer is performed end to end rather than across
a single link. The sending transport layer makes sure that the entire message arrives at
the receiving transport layer without error (damage, loss, or duplication). Error
correction is usually achieved through retransmission.
2.8.5 Session Layer
The services provided by the first three layers (physical, data link, and network) are not
sufficient for some processes. The session layer is the network dialog controller. It
establishes, maintains, and synchronizes the interaction between communicating systems
and allows two application processes on different machines to establish, use and terminate a
OSI Page 8 of 11

connection, called a session. Performs the functions that allow these processes to
communicate over the network, performing security, name recognition, logging.
Specific responsibilities of the session layer include the following:

 Dialog control. The session layer allows two systems to enter into a dialog. It allows
the communication between two processes to take place either in half-duplex (one way at a
time) or full-duplex (two ways at a time).
 Synchronization. The session layer allows a process to add checkpoints
(synchronization points) into a stream of data.
Figure-15 Data Flow in Session Layer

2.8.6 Presentation Layer
The presentation layer is concerned with the syntax and semantics of the information
exchanged between two systems.
Specific responsibilities of the presentation layer include the following:
Translation. The processes (running programs) in two systems are usually exchanging
information in the form of character strings, number, and so on. The information should be
changed to bit streams before being transmitted. Because different computers use different
encoding systems, the presentation layer is responsible for interoperability between these
different encoding methods. The presentation layer at the sender
OSI Page 9 of 11

Figure-16 Data Flow in Presentation layer
changes the information from its sender-dependent format into a common format. The
presentation layer at the receiving machine changes the common format into its receiver-
dependent format.
 Encryption. To carry sensitive information, a system must be able to assure privacy.
Encryption means that the sender transforms the original information to another form and
sends the resulting message out over the network. Decryption reverses the original process
to transform the message back to its original form.
.
 Compression Data compression reduces the number of bits to be transmitted. Data
compression becomes particularly important in the transmission of multimedia such as
text, audio, and video.
2.8.7 Application layer
The application layer enables the user, whether human or software, to access the
network. It provides user interfaces and support for services such as electronic mail, remote
file access and transfer, shared database management, and other types of distributed
information services.
Ex.: Of the many application services available, the figure shows only three: X.400
(message-handling services); X.500 (directory services): and file transfer, access, and
management (FTAM). The user in this example uses X.400 to send an e-mail message. Note
that no headers or trailers are added at this layer.
Specific services provided by the application layer include the following:
 Network virtual terminal. A network virtual terminal is a software version of a

physical terminal and allows a use to log on to a remote host. To do so, the
application creates a software emulation of a terminal at the remote host. The user
computer talks to the software terminal which in turn, talks to the host, and vice
versa. The remote host believes it is communicating with one of its own terminal and
allows you to log on.
 File transfer, access, and management (FTAM). This application allows a user to
access files in are remote computer (to make changes or read data), to retrieve files
from a remote computer: and to manage or control files in a remote computer.
OSI Page 10 of 11

 Directory services. This application provides distributed database sources and access
for global information about various objects and services.
 Mail services. This application provides the basis for e-mail forwarding and storage
Figure-17 Data Flow in Application Layer
OSI Page 11 of 11

TCP/IP PROTOCOL SUITE

3.1 Objective
The objective of this chapter is to understand TCP/IP Suite, TCP header, IP header,
UDP header and application layer protocol
3.2 Introduction
TCP/IP (transmission control protocol/Internet protocol) is the suite of
communications protocols that is used to connect hosts on the Internet. The TCP/IP suite is
not a single protocol. Rather, it is four-layer communication architecture that provides some
reasonable network features, such as end-to-end communications, unreliable communications
line fault handling, packet sequencing, internet work routing. The TCP/IP protocol suite
maps to a four-layer conceptual model known as the DARPA model, which was named after
the U.S. government agency that initially developed TCP/IP. The four layers of the DARPA
model are: Application, Transport, Network or Internet and Data link or network interface.
Each layer in this suite corresponds to one or more layers of the seven-layer OSI model.
3.3 Network Interface/Data Link Layer

This layer has the networking scope of the local network connection to which a host
is attached. It is the lowest component layer of the Internet protocols, as TCP/IP is designed
to be hardware independent. As a result, TCP/IP may be implemented on top of virtually any
hardware networking technology. The link layer is used to move packets between the Internet
layer interfaces of two different hosts on the same link. It performs data link functions such
as adding a packet header to prepare it for transmission, then actually transmit the frame over
a physical medium. The TCP/IP model includes specifications of translating the network
addressing methods used in the Internet Protocol to data link addressing, such as Media
Access Control (MAC).The TCP/IP model's link layer corresponds to the Open Systems
Interconnection (OSI) model physical and data link layers.
3.4 Internet/Network Layer

The network layer responsibilities include addressing, packaging, and routing
functions. The network layer is analogous to the Network layer of the OSI model. The core
protocols for the IPv4 network layer consist of the following:
 The Address Resolution Protocol (ARP) which resolves the network layer address to a
link layer address such as a hardware address.
TCP/IP Page 1 of 10

 The Internet Protocol (IP) is a routable protocol that addresses, routes, fragments, and
reassembles packets.
 The Internet Control Message Protocol (ICMP) reports errors and other information
to help you diagnose unsuccessful packet delivery.
 The Internet Group Management Protocol (IGMP) manages IP multicast groups.
1.5 Transport Layer

The Transport layer provides the Application layer with session and datagram
communication services. The Transport layer encompasses the responsibilities of the OSI
Transport layer. The core protocols of the Transport layer are TCP and UDP.
TCP provides a one-to-one, connection-oriented, reliable communications service.
TCP establishes connections, sequences and acknowledges packets sent, and recovers
packets lost during transmission.
In contrast to TCP, UDP provides a one-to-one or one-to-many, connectionless,
unreliable communications service. UDP is used when the amount of data to be transferred is
small (such as the data that would fit into a single packet), when an application developer
does not want the overhead associated with TCP connections, or when the applications or
upper-layer protocols provide reliable delivery.
3.6 Application Layer

The Application layer allows applications to access the services of the other layers,
and it defines the protocols that applications use to exchange data. The most widely known
Application layer protocols help users exchange information. The Hypertext Transfer
Protocol (HTTP) transfers files that make up pages on the WWW.
 The File Transfer Protocol (FTP) transfers individual files, typically for an interactive
user session.
 The Simple Mail Transfer Protocol (SMTP) transfers mail messages and attachments.
 The Domain Name System (DNS) protocol resolves a host name
 The Routing Information Protocol (RIP) is a protocol that routers use to exchange
routing information on an IP network.
3.7 Transmission Control Protocol (TCP)

TCP is a reliable, connection-oriented delivery service. Connection-oriented means
that a connection must be established before hosts can exchange data. Reliability is achieved
by assigning a sequence number to each segment transmitted. TCP peers, the two nodes
using TCP to communicate, acknowledge when they receive data. A TCP segment is the
protocol data unit (PDU) consisting of the TCP header and the TCP payload, also known as a
segment. For each TCP segment sent containing data, the receiving host must return an
TCP/IP Page 2 of 10

acknowledgment (ACK). If an ACK is not received within a calculated time, the TCP
segment is retransmitted. The format of the TCP header is shown in Figure 3.2.The fields in
the header are briefly described in the table 3.1
Source/dest These fields identity multiple streams to the layer above.

ports
Sequence/ack These are used for the windowing acknowledgement technique.

number
Data Offset This is the number of 32-bit words in the TCP header which, like
the IP header has a variable length options field.
Flag bits There are several bits used as status indicators to show, for
example, the resetting of the connection
Window This field is used by the receiver to set the window size.
Checksum Again this covers only the header.
Urgent pointer The sender can indicate that an urgent datagram is coming and
urges the receiver to handle it as quickly as possible.
Option This variable-sized field contains some negotiation parameters to

set the size of the TCP packets for example.
Padding To align to the next 32-bit boundary.

Table 3.1
TCP/IP Page 3 of 10

Figure 3.1 : Architecture of the TCP/IP protocol suite
Source Port Destination Port
Sequence Number
Acknowledgement Number
Data
Reserved Flags
Window
Checksum Urgent Pointer
Options Padding
DATA
Figure 3.2: Format of TCP header
3.8 User Datagram Protocol (UDP)

UDP is an alternative communications protocol to TCP used primarily for
establishing low-latency and loss tolerating connections between applications on the Internet.
UDP provides a connectionless datagram service that offers unreliable, best-effort delivery of
data transmitted in messages. This means that neither the arrival of datagrams nor the correct
sequencing of delivered packets is guaranteed. UDP does not retransmit lost data. UDP
messages consist of a UDP header and a UDP payload, Applications use UDP if they do not
TCP/IP Page 4 of 10

require an acknowledgment of receipt of data, and they typically transmit small amounts of
data at one time. The format of the UDP header is shown in Figure 3.3.In keeping with the
goal of efficiency, the UDP header is smaller in size, in contrast with the TCP header size.
16bits
Source Port 16bits
Destination Port
Length Checksum
DATA
Figure 3.3: Format of UDP header
3.9 Internet Protocol

IP is a connectionless, unreliable datagram protocol primarily responsible for
addressing and routing packets between hosts. Connectionless means that a session is not
established before exchanging data. Unreliable means that delivery is not guaranteed. IP will
always make a best effort attempt to deliver a packet. An IP packet might be lost, delivered
out of sequence, duplicated, or delayed. IP does not attempt to recover from these types of
errors. The acknowledgment of packets delivered and the recovery of lost packets is the
responsibility of a higher-layer protocol, such as TCP. The format of the TCP header is
shown in Figure 3.4. The fields in the header are briefly described in the table 3.2
Table 3.2
Version The version Number of IP. There have been several new releases, which
(given the size of ARPANET) must co-exist for some time.
IHL The IP header length. Because of the options field, the header is not a
fixed length. This field shows where the data starts.
Type of This field allows for a priority system to be imposed, plus an indication of
Service the desired, but not guaranteed, reliability required.
Length The total length of the IP packet. Although there is a theoretical maximum
of 64Kbytes, most networks operate with much smaller packets, though
all must accept at least 576bytes.
TCP/IP Page 5 of 10

ID/Flags/ These fields enable a gateway to split up the datagram into smaller segments.
Offset The ID field ensures that the receiver can piece together the fragments from
the correct datagrams, as fragments from many datagrams may arrive in any
order. The offset tells how far down the datagram this fragment is, and the
flags can be used to mark the datagram as non fragmentable
Time to live This is a count which limits the lifetime of a datagram on the catenet.
Each time it passes through a gateway, the count is decremented by one.
If it reaches zero, the gateway does not forward it. This prevents
permanently circulating datagrams.
Protocol This indicates which higher level protocol is being carried, e.g. TCP or
UDP
Checksum This checksum covers the header only. It is up to the higher layers to
detect transmission errors in the data.
Source/ dest To assist the gateways to route datagrams by the most efficient path, each.
Address IP address is structured into a Network Number and a local address.
There are three classes of network providing different numbers of locally
administered addresses.
Options The final part of the header is a variable number of optional fields, which
are used to enforce security or network management.
Padding This field is used to align the header to the next 32-bit boundary.
TCP/IP Page 6 of 10

Figure 3.4-Format of IP-header
3.10 TCP/IP Applications

The topmost layer, Application Layer of TCP/IP protocol suit is concerned mainly
with human interaction and the implementation of software applications and related
protocols.
TCP/IP protocol suit is included with a large number of applications and application
protocols. Using these applications and application protocols, data can be moved between
hosts, and remote users can communicate. Following are a partial list of applications and
application protocols included with TCP/IP protocol suit and operate in the Application
Layer.
 Hypertext Transfer Protocol (HTTP)
 Simple Mail Transfer Protocol (SMTP)
 Dynamic Host Configuration Protocol (DHCP)
 Domain Name System (DNS)
 File Transfer Protocol (FTP)
TCP/IP Page 7 of 10

 Telnet
 MIME
 POP
3.10.1-Hypertext Transfer Protocol (HTTP)

HTTP is the protocol that enables the connection between a web server and a client.
Hypertext Transfer Protocol (HTTP) is an application layer protocol for distributing
information in the World Wide Web (WWW). Hypertext Transfer Protocol (HTTP) is based
on the client–server architecture. A Hypertext Transfer Protocol (HTTP) server (commonly
called as a web server) uses the well-known port number 80. Examples of Hypertext Transfer
Protocol (HTTP) Server or web server are Internet Information Server (IIS), Apache Web
Server etc. A Hypertext Transfer Protocol (HTTP) client is also called a web browser
(Mozilla Firefox, Internet Explorer, Google chrome etc). Hypertext Transfer Protocol
(HTTP) operates on a request-response model. A browser sends a request to a server for a
file, and the server responds with the requested file if it is available.
3.10.2-Simple Mail Transfer Protocol (SMTP)
SMTP is an Internet standard for electronic mail (email) transmission. SMTP by

default uses TCP port 25. Although electronic mail servers and other mail transfer agents use
SMTP to send and receive mail messages, user-level client mail applications typically use
SMTP only for sending messages to a mail server for relaying. For retrieving messages,
client applications usually use either POP3 or IMAP.
3.10.3-Dynamic Host Configuration Protocol (DHCP)
DHCP is used to dynamically (automatically) assign TCP/IP configuration

parameters to network devices (IP address, Subnet Mask, Default Gateway. A computer that
gets its configuration information by using Dynamic Host Configuration Protocol (DHCP) is
known as a Dynamic Host Configuration Protocol (DHCP) client. DHCP clients
communicate with a DHCP server to obtain IP addresses and related TCP/IP configuration
information.
3.10.4-File Transfer Protocol (FTP)

File transfer facilities are usually provides for by a mechanism known as the File
Transfer Protocol (FTP). FTP is a simple featured file-moving utility that allows a record
oriented (one record at a time) transfer, a block transfer,(which moves chunks of a file), or an
image transfer (which does not look in any way at the file contents). Further, FTP knows
about EBCDIC and ASCII (also NVTASCII)) and may provide some rudimentary
TCP/IP Page 8 of 10

conversion facilities BEFORE a transfer begins. As file systems are very complex and the
need for file transfer between systems is growing, FTP has evolved in some cases to special
implementations that know how to convert specific file formats between certain types of
machine architectures. This conversion facility is not within the defined scope of FTP, but
some vendors include the conversion features anyway. To transfer a file, the user invokes the
host. FTP utility, specifies file name, type (if necessary), remote destination, and off it goes.
One interesting feature on some FTP implementation is the recovery facility. Networks, as
most are well aware; will fail from time to time. In the case of failure, any transfers in
process will usually have to be restarted from scratch. If the file is being transferred with FTP
in block mode, it may be possible to resume the transfer at a later time by specifying which
block was the last transmitted. FTP would then continue to send the file as if nothing had
happened. This feature is not available on all FTP implementations and has some host and
remote system software considerations involved with it but, all in all, it is a useful feature to
have when transferring very large files.
3.10.5-Telnet (Telecommunications Network)

Telnet stands for telecommunications network. It provides remote login to hosts.
TELNET is a virtual terminal facility that allows a user to connect to a remote system as if
the user’s terminal were hard-wired to that remote system. As with file systems, virtual
terminals may need to emulate a wide variety of terminals, which may be impractical on
larger, complex networks. As such, TELNET provides a basic protocol handling facility and
a negotiation facility that allows for the inclusion of different types of terminal protocols and
signaling mechanisms.
3.10.6-Multipurpose Internet Mail Extensions (MIME)

 MIME is an Internet standard that extends the format of email to support:
 Text in character sets other than ASCII
 Non-text attachments: audio, video, images, application programs etc.
 Message bodies with multiple parts
 Header information in non-ASCII character sets
 All human written E-mail and a fairly large proportion of automated email is
transmitted via SMTP in MIME format. Servers insert the MIME header at
the beginning of any Web transmission. Clients use this content type or media
type header to select an appropriate "player" application for the type of data
the header indicates
3.10.7 POP (Post Office Protocol)
POP is also called as POP3 protocol. This is a protocol used by a mail server in
conjunction with SMTP to receive and holds mail for hosts.POP3 mail server receives e-
TCP/IP Page 9 of 10

mails and filters them into the appropriate user folders. When a user connects to the mail
server to retrieve his mail, the messages are downloaded from mail server to the user’s hard
disk
3.11 Conclusion
The aim of this chapter was to give and overview of TCP/IP Suite and the various
protocols. Data communication is wide and complex field. Covering the all the protocols and
concepts is beyond the scope and additional reading may be required to get the expertise in
the field.
******************
TCP/IP Page 10 of 10

IP ADDRESSING, Subnetting VLSM & Supernetting
Course Contents
 What is IP Addressing
 Different types of IP Addresses
 Classful and Classless IP Addresses
 Shortcomings of IPv4 Addresses
4.1 Objective
The objective of the is class is to understand IP addressing, Subnetting, VLSM and CIDR
4.2 Introduction
An IP address is an address used in order to uniquely identify a device on a computer
network. An IP address is an identifier for a computer or device on a TCP/IP network.
Networks uses IP address of the destination to route messages
An IP address is an identifier that is assigned at the Internet layer to an interface or a
set of interfaces. Each IP address can identify the source or destination of IP packets. When
you enable TCP/IP on an interface, you assign it one or more logical IP addresses, either
automatically or manually. The IP address is a logical address because it is assigned at the
Internet layer and has no relation to the physical addresses.
4.3 IP Address
The current version of IP, IP version 4 (IPv4), defines a 32-bit address which means
that there are only 232 (4,294,967,296) IPv4 addresses available. This might seem like a
large number of addresses, but as new markets open and a significant portion of the world's
population becomes candidates for IP addresses, the finite number of IP addresses will
eventually be exhausted. The address shortage problem is aggravated by the fact that portions
of the IP address space have not been efficiently allocated. Also, the traditional model of
classful addressing does not allow the address space to be used to its maximum potential.
4.4 Dotted-Decimal Notation
IP Addressing Page 1 of 12

To make Internet addresses easier for human users to read and write, IP addresses are
often expressed as four decimal numbers, each separated by a dot. This format is called
"dotted-decimal notation". Dotted-decimal notation divides the 32-bit Internet address into
four 8-bit (byte) fields and specifies the value of each field independently as a decimal
number with the fields separated by dots.
4.5 IPv4 Address Syntax

If network administrators expressed IPv4 addresses using binary notation, each
address would appear as a 32-digit string of 1s and 0s. Because such strings are cumbersome
to express and remember, administrators use dotted decimal notation, in which periods (or
dots) separate four decimal numbers (from 0 to 255). Each decimal number, known as an
octet, represents 8 bits (1 byte) of the 32-bit address. Each of these octet are separated by
decimal dot. This type of notation is called Decimal dotted notation.
Example of IP 10.0.0.0 192.168.10.1 252.252.253.10
For example, the IPv4 address 11000000101010000000001100011000 is expressed as
192.168.3.24 in dotted decimal notation.Steps to convert an IPv4 address from binary
notation to dotted decimal notation,
 Segment it into 8-bit blocks: 11000000 10101000 00000011 00011000
 Convert each block to decimal: 192 168 3 24
 Separate the blocks with periods: 192.168.3.24
4.6 Classes Of IP Addresses
In order to provide the flexibility required to support different size networks, the
designers decided that the IP address space should be divided into three different address
classes - Class A, Class B, Class C, Class D and Class E. This is often referred to as
"classful" addressing because the address space is split into three predefined classes,
groupings, or categories. Each class fixes the boundary between the network-prefix and the
host-number at a different point within the 32bit address.
One of the fundamental features of classful IP addressing is that each address
contains a self-encoding key that identifies the dividing point between the network-prefix and
the host-number.
4.6.1 Class A ( / 8 Prefixes)
Network Host

Figure 4-1: Structure of class A addresses
Each Class A network address has an 8-bit network-prefix with the highest order bit
set to 0 and a seven-bit network number, followed by a 24-bit host number. Class A networks
are now referred to as "/8s" (pronounced "slash eight" or just "eights") since they have an 8-
bit network-prefix. A maximum of 126 (27 -2) /8 networks can be d fined. The calculation
requires that the 2 is subtracted because the /8 network 0.0.0.0 is reserved for use as the
default route and the /8 network 127.0.0.0 (also written 127/8 or 127.0.0.0/8) has been
reserved for the "loopback" function. Each /8 supports a maximum of 16,777,214 (224-2)
hosts per network. The host calculation requires that 2 is subtracted because the all-0s ("this
network") and all-1s ("broadcast") host-numbers may not be assigned to individual hosts.
4.6.2 Class B (/16 Prefixes)
Network Host
Figure 4-2: Structure of class B addresses
Each Class B network address has a 16-bit network-prefix with the two highest order
1 8
bits set to 1-0 and a 14-bit network number, followed by a 16-bit host-number. Class B
networks are now referred to as"/16s" since they have a 16-bit network-prefix.A maximum of
16,384 (214) /16 networks can be defined with up to 65,534 (216 -2) hosts per network.
4.6.3-Class C (/24 Prefixes)

Network Host
Figure 4-3 : Structure of class C addresses

Each Class C network address has a 24-bit network-prefix with the three highest
order bits set to 1-1-0 and a 21-bit network number, followed by an 8-bit host-number. Class
C networks are now referred to as "/24s" since they have a 24-bit network-prefix. A
maximum of 2,097,152 ( 221 )/24 networks can be defined with up to 254 (28 -2) hosts per
network.
4.6.4 Class D
These addresses are reserved for IPv4 multicast addresses. The four high-order bits in
a class D address are always set to 1110, which makes the address prefix for all class D
addresses 224.0.0.0/4 (or 224.0.0.0, 240.0.0.0). For more information, see "IPv4 Multicast
Addresses" in this chapter.
4.6.5 Class E
These addresses are reserved for experimental use. The high-order bits in a class E
address are set to 1111, which makes the address prefix for all class E addresses 240.0.0.0/4
(or 240.0.0.0, 240.0.0.0).
The classful A, B, and C octet boundaries were easy to understand and implement,
but they did not foster the efficient allocation of a finite address space. A /24, which supports
254 hosts, is too small while a /16, which supports 65,534 hosts, is too large. In the past, the
Internet has assigned sites with several hundred hosts a single /16 address instead of a couple
of /24s addresses.
Given an IP address, its class can be determined from the three high-order bits (the
three left-most bits in the first octet). Figure 4-4 shows the range of addresses that fall into
each class. For informational purposes, Class D and Class E addresses are also shown.
Table 4.1 : Range of Address
IP CLASS IP RANGE

CLASS A 1.0.0.0----126.255.255.255
CLASS B 128.0.0.0----191.255.255.255
CLASS C 192.0.0.0----223.255.255.255
CLASS D 224.0.0.0-----239.255.255.255
CLASS E 240.0.0.0-----255.255.255.254
4.7 Public Addresses

If you want direct (routed) connectivity to the Internet, then you must use public
addresses. If you want indirect (proxied or translated) connectivity to the Internet, you can
use either public or private addresses. If your intranet is not connected to the Internet in any
way, you can use any unicast IPv4 addresses that you want. However, you should use private
addresses to avoid network renumbering if your intranet ever directly connects to the
Internet.
ICANN (The Internet Corporation for Assigned Names and Numbers -A non-profit
corporation that was formed to assume responsibility for the allocation or management of
domain names, IP addresses, protocols, and root servers) assigns public addresses, which
consist of either historically allocated classful address
When ICANN assigns a public address prefix to an organization, routes are added to
the routers of the Internet so that traffic matching the address prefix can reach the
organization. For example, when an organization is assigned an address prefix, that address
prefix also exists as a route in the routers of the Internet. IPv4 packets that are sent to an
address within the assigned address prefix are routed to the proper destination.
4.8 Illegal Addresses

Private organization intranets that do not need an Internet connection can choose any
address scheme they want, even using public address prefixes that ICANN has assigned to
other networks. If the private organization later decides to directly connect to the Internet,
these addresses could conflict with existing public addresses and become illegal addresses.
Organizations with illegal addresses cannot receive traffic at those addresses because the
routers of the Internet send traffic destined to ICANN-allocated address prefixes to the
assigned organizations, not to the organizations using illegal addresses.
For example, a private organization chooses to use the 206.73.118.0/24 address prefix
for its intranet. ICANN has assigned that prefix to the Microsoft Corporation, and routes
exist on the Internet routers to send all packets for IPv4 addresses on 206.73.118.0/24 to

Microsoft. As long as the private organization does not connect to the Internet, it has no
problem because the two address prefixes are on separate IPv4 networks; therefore, the
addresses are unique to each network. If the private organization later connects directly to the
Internet and continues to use the 206.73.118.0/24 address prefix, any traffic sent through the
Internet to those addresses will arrive at Microsoft, not the private organization.
4.9 Private Addresses

Each IPv4 interface requires an IPv4 address that is unique within the IPv4 network.
In the case of the Internet, each IPv4 interface on a subnet connected to the Internet requires
an IPv4 address that is unique within the Internet. As the Internet grew, organizations
connecting to it required a public address for each interface on their intranets. This
requirement placed a huge demand on the pool of available public addresses.
When analysing the addressing needs of organizations, the designers of the Internet
noted that, for many organizations, most of the hosts did not require direct connectivity to the
Internet. Those hosts that did require a specific set of Internet services, such as Web access
and e-mail, typically accessed the Internet services through Application layer gateways, such
as proxy servers and e-mail servers. The result is that most organizations required only a few
public addresses for those nodes (such as proxies, servers, routers, firewalls, and translators)
that were directly connected to the Internet.
Hosts within the organization that do not require direct access to the Internet required
IPv4 addresses that do not duplicate already-assigned public addresses. To solve this
addressing problem, the Internet designers reserved a portion of the IPv4 address space for
private addresses. IPv4 addresses in the private address space are known as private addresses
and never assigned as public addresses. Because the public and private address spaces do not
overlap, private addresses never duplicate public addresses.
Following address prefixes are private address space:
10.0.0.0/8 (10.0.0.0, 255.0.0.0)
Allows the following range of valid IPv4 unicast addresses: 10.0.0.1 to
10.255.255.254. The 10.0.0.0/8 address prefix has 24 host bits that you can use for any
addressing scheme within a private organization.
172.16.0.0/12 (172.16.0.0, 255.240.0.0)
192.168.0.0/16 (192.168.0.0, 255.255.0.0)

Because ICANN will never assign the IPv4 addresses in the private address space to
an organization connected to the Internet, Internet routers will never contain routes to private
addresses. You cannot connect to a private address over the Internet. Therefore, a host that
has a private address must send its Internet traffic requests to an Application layer gateway
(such as a proxy server) that has a valid public address or through a network address
translation (NAT) device that translates the private address into a valid public address.
4.10 Subnetting
Subnetting was introduced to overcome some of the problems that parts of the
Internet were beginning to experience with the classful addressing. Subnetting allows you to
create multiple logical networks that exist within a single Class A, B, or C network. If you do
not subnet, you are only able to use one network from your Class A, B, or C network, which
is unrealistic. Subnetting is a logical subdivision of an IP network. The practice of dividing a
network into two or more networks is called subnetting. Subnetting is the process of
designating some high-order bits from the host part and grouping them with the network part.
This divides a network into smaller subnets.
Subnetting attacked the expanding routing table problem by ensuring that the subnet
structure of a network is never visible outside of the organization's private network. The
route from the Internet to any subnet of a given IP address is the same, no matter which
subnet the destination host is on. This is because all subnets of a given network number use
the same network-prefix but different subnet numbers. The routers within the private
organization need to differentiate between the individual subnets, but as far as the Internet
routers are concerned, all of the subnets in the organization are collected into a single routing
table entry. This allows the local administrator to introduce arbitrary complexity into the
private network without affecting the size of the Internet's routing tables. Subnetting
overcame the registered number issue by assigning each organization one (or at most a few)
network number(s) from the IPv4 address space. The organization was then free to assign a
distinct subnetwork number for each of its internal networks. This allows the organization to
deploy additional subnets without needing to obtain a new network number from the Internet.
Table 4.2 details of Subnetting
Usable
Available Total
Prefix size Network mask hosts
subnets usable hosts
per subnet
/24 255.255.255.0 1 254 254
/25 255.255.255.128 2 126 252

/26 255.255.255.192 4 62 248
/27 255.255.255.224 8 30 240
/28 255.255.255.240 16 14 224
/29 255.255.255.248 32 6 192
/30 255.255.255.252 64 2 128
/31 255.255.255.254 128 2* 256
The router accepts all traffic from the Internet addressed to the network and forwards
traffic to the interior subnetworks based on the third octet of the classful address. The
deployment of subnetting within the private network provides several benefits: The size of
the global Internet routing table does not grow because the site administrator does not need to
obtain additional address space and the routing advertisements for all of the subnets are
combined into a single routing table entry. The local administrator has the flexibility to
deploy additional subnets without obtaining a new network number from the Internet. Route
flapping (i.e., the rapid changing of routes) within the private network does not affect the
Internet routing table since Internet routers do not know about the reachability of the
individual subnets - they just know about the reachability of the parent network number.
Extended-Network-Prefix Internet routers use only the network-prefix of the destination
address to route traffic to a subnetted environment. Routers within the subnetted environment
use the extended network- prefix to route traffic between the individual subnets. The
extended network-prefix is composed of the classful network-prefix and the subnet-number.
The extended-network-prefix has traditionally been identified by the subnet mask.
For example, if you have the /16 address of 130.5.0.0 and you want to use the entire third
octet to represent the subnet-number, you need to specify a subnet mask of 255.255.255.0.
The bits in the subnet mask and the Internet address have a one-to-one correspondence. The
bits of the subnet mask are set to 1 if the system examining the address should treat the
corresponding bit in the IP address as part of the extended-network- prefix. The bits in the
mask are set to 0 if the system should treat the bit as part of the host-number.
The standards describing modern routing protocols often refer to the extended-
network-prefix-length rather than the subnet mask. The prefix length is equal to the number
of contiguous one-bits in the traditional subnet mask. This means that specifying the network
address 130.5.5.25 with a subnet mask of 255.255.255.0 can also be expressed as
130.5.5.25/24. The /<prefix-length> notation is more compact and easier to understand than
writing out the mask in its traditional dotted-decimal format.

4.11 VLSM (Variable Length Subnet Mask)

The traditional method of subnetting is fixed length subnet mask (FLSM), where in
you have one subnet. When an IP network has more than one subnet mask, it is considered a
network with "variable length subnet masks" since the extended-network-pre-fixes have
different lengths. VLSM or variable length subnet masking is the more realistic way of
subnetting a network to make for the most efficient use of all of the bits. Remember that
when you perform classful subnetting, all subnets have the same number of hosts because
they all use the same subnet mask. This leads to inefficiencies. For example, if you borrow 4
bits on a Class C network, you end up with 14 valid subnets of 14 valid hosts. A serial link to
another router only needs 2 hosts, but with classical subnetting, you end up wasting 12 of
those hosts.
It is for this reason that VLSM is used and to put it simply it is the process of
“subnetting a subnet” and using different subnet masks for different networks in your IP
plan. What you have to remember is that you need to make sure that there is no overlap in
any of the addresses.
VLSM is often used in a college campus environment. If the network administrator
has a Class B block of addresses to use on several campuses, he/she normally uses variable
length subnets. The subnets may then be further divided by building and workgroup on the
campuses, which would require different numbers of addresses. If fixed subnet masks were
used to allocate the same number of IP addresses to the locations, a number of addresses
would be wasted. If VLSM is employed, then there is less waste in the allocated address
space across all of the campus locations, giving more room for network growth
There are several advantages to be gained if more than one subnet mask can be
assigned to a given IP network number: Multiple subnet masks permit more efficient use of
an organization's assigned IP address space. Multiple subnet masks permit route aggregation
which can significantly reduce the amount of routing information at the "backbone" level
within an organization's routing domain. Efficient Use of the Organization's Assigned IP
Address Space.VLSM supports more efficient use of an organization's assigned IP address
space. One of the major problems with the earlier limitation of supporting only a single
subnet mask across a given network-prefix was that once the mask was selected, it locked the
organization into a fixed-number of fixed-sized subnets. For example, assume that a network
administrator decided to configure the 130.5.0.0/16 network with a /22 extended-network-
prefix.
A /16 network with a /22 extended-network prefix permits 64 subnets (26 ), each of
which supports a maximum of 1,022 hosts (210 -2). This is fine if the organization wants to
deploy a number of large subnets, but what about the occasional small subnet containing only
20 or 30 hosts? Since a subnetted network could have only a single mask, the network
administrator was still required to assign the 20 or 30 hosts to a subnet with a 22-bit prefix.
This assignment would waste approximately 1,000 IP host addresses for each small subnet

deployed. Limiting the association of a network number with a single mask did not
encourage the flexible and efficient use of an organization's address space. One solution to
this problem was to allow a subnetted network to be assigned more than one subnet mask.
Assume that in the previous example, the network administrator is also allowed to configure
the 130.5.0.0/16 network with a /26 extended-network-prefix. A /16 network address with a
/26 extended-network prefix permits 1024 subnets (210 ), each of which supports a maximum
of 62 hosts (26 -2). The /26 prefix would be ideal for small subnets with less than 60 hosts,
while the /22 prefix is well suited for larger subnets containing up to 1000 hosts.
Conceptually, a network is first divided into subnets, some of the subnets are further
divided into sub-subnets, and some of the sub-subnets are divided into sub 2 -subnets. This
allows the detailed structure of routing information for one subnet group to be hidden from
routers in another subnet group.
The process of VLSM can be split in to 5 simple rules:
Step 1 –Identify the network with maximum hosts
Step 2 -Determine how many bits will be needed to satisfy this largest network.
Step 3 - Pick a subnet for the largest network to use.
Step 4 - Pick the next largest network to work with.
Step 5 - Pick the third largest network to work with.
Step 6 - Determine network numbers for serial links.
4.12-Classless Inter Domain Routing (CIDR)

By 1992, the exponential growth of the Internet was beginning to raise serious
concerns among members of the IETF about the ability of the Internet's routing system to
scale and support future growth.
The near-term exhaustion of the Class B network address space as it was one of the
most commonly used class. The rapid growth in the size of the global Internet's routing
tables. The eventual exhaustion of the 32-bit IPv4 address space. Projected Internet growth
figures made it clear that it was very likely to become critical by 1994 or 1995. The response
to these immediate challenges was the development of the concept of Super netting or
Classless Inter-Domain Routing (CIDR). The other problem, which is of a more long-term
nature, is currently being explored by the IP Next Generation (IPng or IPv6) working group
of the IETF. CIDR was officially documented in September 1993 in RFC 1517, 1518, 1519,
and 1520. CIDR supports two important features that benefit the global Internet routing
system: CIDR eliminates the traditional concept of Class A, Class B, and Class C network
addresses. This enables the efficient allocation of the IPv4 address space which will allow the
continued growth of the Internet until IPv6 is deployed. CIDR supports route aggregation

where a single routing table entry can represent the address space of perhaps thousands of
traditional classful routes. This allows a single routing table entry to specify how to route
traffic to many individual network addresses. Route aggregation helps control the amount of
routing information in the Internet's backbone routers, reduces route flapping (rapid changes
in route availability), and eases the local administrative burden of updating external routing
information. Without the rapid deployment of CIDR in 1994 and 1995, the Internet routing
tables would have in excess of 70,000 routes (instead of the current 30,000+) and the Internet
would probably not be functioning today.
CIDR Promotes the Efficient Allocation of the IPv4 Address Space CIDR eliminates
the traditional concept of Class A, Class B, and Class C network addresses and replaces them
with the generalized concept of a "network-prefix." Routers use the network-prefix, rather
than the first 3 bits of the IP address, to determine the dividing
point between the network number and the host number. As a result, CIDR supports the
deployment of arbitrarily sized networks rather than the standard 8-bit, 16- bit, or 24-bit
network numbers associated with classful addressing. In the CIDR model, each piece of
routing information is advertised with a bit mask (or prefix-length). The prefix-length is a
way of specifying the number of leftmost contiguous bits in the network-portion of each
routing table entry. For example, a network with 20 bits of network-number and 12-bits of
host-number would be advertised with a 20-bit prefix length (a /20).
The clever thing is that the IP address advertised with the /20 prefix could be a former
Class A, Class B, or Class C. Routers that support CIDR do not make assumptions based on
the first 3-bits of the address, they rely on the prefix- length. In a classless environment,
prefixes are viewed as bit wise contiguous blocks of the IP address space. For example, all
prefixes with a /20 prefix represent the same amount of address space (212 or 4,096 host
addresses). Furthermore, a /20 prefix can be assigned to a traditional Class A, Class B, or
Class C network number.
CIDR is now the routing system used by virtually all gateway routers on the Internet's
backbone network. The Internet's regulating authorities expect every Internet service
provider (ISP) to use it for routing. CIDR is supported by the Border Gateway Protocol, the
prevailing exterior (inter domain) gateway protocol and by the OSPF interior (or intra
domain) gateway protocol. Older gateway protocols like Exterior Gateway Protocol and
Routing Information Protocol do not support CIDR.
4.13 Conclusion
The aim of this chapter was to give an overview of IP Addressing. This subject being
quite vast and complex, it is very difficult to understand in one go. But the basis of data
networking lies on this concept.
*****


Chapter-7
Introduction to Internet Protocol version 6
Course Contents
 Introduction to IPv6
 What is IPv6?
 Why is IPv6 Needed Now?
 IPv6 Addressing & its representation
 Advantages of IPv6
 Features of IPv6
 Types of IPv6 Addresses
 Address Scope
 Transition from IPv4 to IPv6
Objectives
After completion of this module the trainee will be able to
understand
 Drawbacks of IPv4 addressing.
 IPv6 notation and representation in hexadecimal.
 Advantages of IPv6 and features of IPv6
 IPv6 prefixes and types of IPv6 addresses.
 Address scope of IPv6 addresses.
 Technologies for transition from IPv4 to IPv6
IPv6 Page 1 of 19

7.1 Introduction to IPv6
The Internet Engineering Task Force (IETF) is the organization that is responsible for
defining the Internet Protocol standards. When the IETF developed IPv4, the global
expansion of the Internet and the current Internet security issues were not anticipated. In
IPv4's original design, network security was only given minor consideration. In the 1980s,
when IPv4 was developing, the "Internet" was constructed by a set of cooperative
organizations. As IPv4 was developed and the Internet explosion took place in the 1990s,
Internet threats became prolific.
7.2 What is IPv6?
IPv6 is the replacement Internet protocol for IPv4. It corrects some of the
deficiencies of IPv4 and simplifies the way that addresses are configured and how they are
handled by Internet hosts.
IPv4 has proven to be robust, easily implemented, and interoperable, and has stood
the test of scaling an internetwork to a global utility the size of the Internet. However, the
initial design did not anticipate the following conditions:
•Recent exponential growth of the Internet and the impending exhaustion of the IPv4
address space
•The ability of Internet backbone routers to maintain large routing tables
•Need for simpler autoconfiguration and renumbering
•Requirement for security at the IP level (IPSec)
•Need for better support for real-time delivery of data, known as quality of service
(QoS).
7.3 Why is IPv6 Needed Now?
With its 32-bit address format, IPv4 can handle a maximum 4.3 billion unique IP
addresses. While this number may seem very large, it is not enough to sustain and scale the
rapidly rising growth of the Internet. Although improvements to IPv4, including the use of
NAT, have allowed the extended use of the protocol, address exhaustion is inevitable.
With its 128-bit address format, IPv6 can support 3.4 x 10^38 or
340,282,366,920,938,463,463,374,607,431,768,211,456 unique IP addresses. This number
of addresses is large enough to configure a unique address on every node in the Internet
and still have plenty of addresses left over. It is also large enough to eliminate the need for
NAT, which has its own inherent problems.
In the early 1990s, the IETF realized that a new version of IP would be needed, and
the Task Force started by drafting the new protocol's requirements. IP Next Generation
(IPng) was created, which then became IPv6 (RFC 1883). IPv6 is the second network layer
IPv6 Page 2 of 19

standard protocol that follows IPv4 for computer communications across the Internet and
other computer networks. IPv6 offers several compelling functions and is really the next
step in the evolution of the Internet Protocol. These improvements came in the form of
increased address size, a streamlined header format, extensible headers, and the ability to
preserve the confidentiality and integrity of communications. The IPv6 protocol was then
fully standardized at the end of 1998 in RFC 2460, which defines the header structure. IPv6
is now ready to overcome many of the deficiencies in the current IPv4 protocol and to
create new ways of communicating that IPv4 cannot support.
IPv6 provides several improvements over its predecessor. The advantages and
characteristics of IPv6 are
 Larger address space: Increased address size from 32 bits to 128 bits
 Streamlined protocol header: Improves packet-forwarding efficiency
 Stateless autoconfiguration: The ability for nodes to determine their own
address
 Multicast: Increased use of efficient one-to-many communications
 Jumbograms: The ability to have very large packet payloads for greater
efficiency
 Network layer security: Encryption and authentication of communications
 Quality of service (QoS) capabilities: QoS markings of packets and flow labels
that help identify priority traffic
 Anycast: Redundant services using nonunique addresses
 Mobility: Simpler handling of mobile or roaming nodes
7.4 IPv6 Addressing

IPv6 has a capacity of 340 trillion, trillion, trillion individual IP addresses. This vast
amount has been made possible by increasing the length, in bits, of each address.
IPv6 addresses are 128 bits long. They are logically divided into a network prefix and
a host identifier. The number of bits in the network prefix is represented by a prefix length
(for example, /64). The remaining bits are used for the host identifier. If you do not specify a
prefix length for an IPv6 address, the default prefix length is /64.
IPv6 Page 3 of 19

Figure 7.1
An IPv6 address consists of 8 sets of 16-bit hexadecimal values separated by colons
(:), totaling 128 bits in length.
For example: 2001:0db8:1234:5678:9abc:def0:1234:5678
7.4.1 Representing IPv6 in binary format.
2001 : 0db8 : ac10 : fe01 : 0000 : 0000 : 0000 : 0000
0010 0000 0000 0001 0000 1101 1011 1000 1010 1100 0001 0000 1111 1110 0000 0001
0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0010000000000001000011011011100010101100000100001111111000000001000000000
0000000000000000000000000000000000000000000000000000000
7.4.2 How to convert 128 bit binary in to IPv6?

1. Break the 128 bit binary into 8 blocks each of 16 bits.
2. Split each block into 4 segments of 4 bits.
3. Convert each segment into hexadecimal notation.
0010000000000001000011011011100010101100000100001111111000000001000000000
0000000000000000000000000000000000000000000000000000000
Firstly, break the binary into 8 blocks of 16 bits (8 x 16 bit = 128 bits).
0010000000000001 0000110110111000 1010110000010000 1111111000000001
0000000000000000 0000000000000000 0000000000000000 0000000000000000
Then split each block into 4 segments. You'll be left with 32 segments each
containing 4 bits (32 x 4 bits = 128 bits).
0010 0000 0000 0001 0000 1101 1011 1000 1010 1100 0001 0000 1111 1110 0000 0001
IPv6 Page 4 of 19

0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
Then, Convert each segment into hexadecimal notation.
2001 : 0db8 : ac10 : fe01 : 0000 : 0000 : 0000 : 0000
There are 2 methods we can use to reduce the size of the notation making it even
easier to read.
These methods are called 'Zero Compression', and 'Zero Suppression'.
Some addresses contain long sequences of zeros:
2001:0db8:ac10:0000:0000:8a2e:0000:0a52
We can use 'zero compression' to reduce them. If there is more than one
consecutive block where the characters are all zeros you can compress them to :: (a double
colon).
In the address above there are 3 blocks containing all zeros. However only the first
and second segments of zeros can be compressed. This is because they are consecutive
(they are next to each other in the address). The third block of zeros cannot be compressed
but can be supressed.
2001:0db8:ac10::8a2e:0000:0a52
2001:db8:ac10::8a2e:0:a52
Zero Compression and Zero Suppression conceptis used to reduce the size of the
IPv6 notation.
Leading zeros can be omitted, and consecutive zeros in contiguous blocks can be
represented by a double colon (::). Double colons can appear only once in the address.
For example:
1. 2001:0db8:0000:130f:0000:0000:087c:140b can be abbreviated as
2001:0db8:0:130f::o87c:140b --- Zero Compression
2001:db8:0:130f::87c:140b -- Zero Compression and Zero Supression
2. fe80 : 0000 : 0000 : 0000 : 0202 : b3ff : fe1e : 8329
fe80::0202:b3ff:fe1e:8329
3 2001 : 0000 : ac10 : 0000 : 0000 : fe01 : 0db8 : 0000
2001:0000:ac10::fe01:0db8:0000
2001:0:ac10::fe01:0db8:0
4 2001:0db8:0000:0000:c5ef:0000:0000:0001 Can be represented as
IPv6 Page 5 of 19

2001:0db8::c5ef:0:0:1
2001:db8:0:0:c5ef::1
2001:db8::c5ef:0:0:1
7.4.3 IPv6 Prefixes
As with the IPv4 Classless Inter-Domain Routing (CIDR) network prefix
representation (such as 10.1.1.0/24), an IPv6 address network prefix is represented the
same way: 2001:db8:12::/64
IPv6 addressing has a hierarchical structure similar to that of IPv4. This means that
IPv6 addresses can be subnetted for performance and security reasons in the same way as
IPv4.
The bits on the left of an IPv6 address (high-order bits) specify the network, the
other bits specify particular addresses in that network.
2001:0db8:0000:0000:0000:0000:0000:0001 /64
Figure 7.2
7.5 Advantages of IPv6

Besides providing an almost limitless number of unique IP addresses for global end-
to-end reachability and scalability, IPv6 has the following additional advantages:
• Simplified header format for efficient packet handling
• Larger payload for increased throughput and transport efficiency
• Hierarchical network architecture for routing efficiency
• Support for widely deployed routing protocols (OSPF, BGP, etc.)
• Autoconfiguration and plug-and-play support
• Elimination of need for network address translation (NAT) and application layered
gateway (ALG)
IPv6 Page 6 of 19

• Increased number of multicast addresses. IPv6 unicast addresses generally use 64
bits for the network ID and 64 bits for the host ID.The network ID is administratively
assigned, and the host ID can be configured manually or auto-configured by any of
the following methods:
• Using a randomly generated number
• Using DHCPv6
• Using the Extended Unique Identifier (EUI-64) format. This format expands the
device interface.
7.6 Features of IPv6
 Larger Address Space -- IPv6 uses 4 times more bits to address a device on
the Internet. According to an estimate, 1564 addresses can be allocated to
every square meter of this earth.
 Faster Forwarding/Routing -- Simplified header puts all unnecessary
information at the end of the header. The information contained in the first
part of the header is adequate for a Router to take routing decisions, thus
making routing decision as quickly as looking at the mandatory header.
 Simplified Header -- IPv6 header is only twice as bigger than IPv4 provided
the fact that IPv6 address is four times longer.
Figure 7.3
 End-to-end Connectivity -- Every system now has unique IP address and can
traverse through the Internet without using NAT or other translating
components.
 Auto-configuration -- IPv6 supports both stateful and stateless auto
configuration mode of its host devices. This way, absence of a DHCP server
does not put a halt on inter segment communication.
IPv6 Page 7 of 19

 IPSec -- IPsec security is mandated in the IPv6 protocol specification,

allowing IPv6 packet authentication and/or payload encryption via the
Extension Headers. However, IPsec is not automatically implemented, it must
be configured and used with a security key exchange.
 No Broadcast -- Though Ethernet/Token Ring are considered as broadcast
network because they support Broadcasting, IPv6 does not have any
broadcast support any more. It uses multicast to communicate with multiple
hosts.
 Anycast Support -- IPv6 has introduced Anycast mode of packet routing. In
this mode, multiple interfaces over the Internet are assigned same Anycast IP
address. Routers, while routing, send the packet to the nearest destination.
 Mobility -- This feature enables hosts (such as mobile phone) to roam
around in different geographical area and remain connected with the same
IP address. The mobility feature of IPv6 takes advantage of auto IP
configuration and Extension headers.
 Enhanced Priority Support -- Traffic class and Flow label are used to tell the
underlying routers how to efficiently process the packet and route it
 IPv4 used 6 bits DSCP (Differential Service Code Point) and 2 bits ECN
(Explicit Congestion Notification) to provide Quality of Service but it could
only be used if the end-to-end devices support it, that is, the source and
destination device and underlying network must support it.
 Smooth Transition -- Large IP address scheme in IPv6 enables to allocate
devices with globally unique IP addresses. This mechanism saves IP addresses
and NAT is not required. So devices can send/receive data among each other.
As the header is less loaded, routers can take forwarding decisions and forward
them as quickly as they arrive.
 Extensibility -- IPv6 header is extensible to add more information in the option
part. IPv4 provides only 40-bytes for options, whereas options in IPv6 can be as
much as the size of IPv6 packet itself.
7.7 Types of IPv6 Addresses
As with IPv4, IPv6 addresses are assigned to interfaces; however, unlike IPv4, an IPv6
interface is expected to have multiple addresses. The IPv6 addresses assigned to an
interface can be any of the following types:
IPv6 Page 8 of 19

 Unicast address Identifies a single node or interface. Traffic destined for a

unicast address is forwarded to a single interface. An IPv6 unicast address
identifies a single interface. Packets sent to a unicast address are delivered to
that specific interface. So unicast is communication between a single sender and
a single receiver over a network.
Because of the abundance of addresses available with IPv6, it is very likely that
virtually every machine attached to your network has at least one global unicast address
assigned to each interface.
Global Unicast addresses begin with 2000::/3.
Figure 7.4
Example of a Unicast address: 2000::a12:34ff:fe56:7890
 Multicast address Identifies a group of nodes or interfaces. Traffic destined for a
multicast address is forwarded to all the nodes in the group. An IPv6 multicast
address identifies a group of interfaces, again typically belonging to different
nodes. Packets sent to a multicast address are delivered to all interfaces in the
group.
So multicast addresses facilitate communication between a single sender
and multiple receivers.
IPv6 Page 9 of 19

Figure 7.5
Multicast addresses begin with the prefix - ff00::/8.
Example of a Mulicast address: ff01:0:0:0:0:0:0:2
With IPv6, broadcast addresses are no longer used. Broadcast addresses are
too resource intensive, therefore IPv6 uses multicast addresses instead.
 Anycast address Identifies a group of nodes or interfaces. Traffic destined to an
anycast address is forwarded to the nearest node in the group. An anycast
address is essentially a unicast address assigned to multiple devices with a host
ID = 0000:0000:0000:0000. (Anycast addresses are not widely used today.)
Figure 7.6
IPv6 Page 10 of 19

7.8 Address Scopes

Each IPv6 address type has a scope that describes the part of the network where the
address is unique. Some IPv6 addresses are unique only in a subnet or a local network (link-
local scope), others are unique in private networks or between organizations (unique-local
scope), while still others are globally unique (global scope), that is, everywhere in the
Internet.
Note that there is no concept of broadcast addresses in IPv6. For one to many
addressing, use multicast addresses.
Figure 7.7
7.8.1 Interface ID
IPv6 has three different types of Unicast Address scheme. The second half of the
address (last 64 bits) is always used for Interface ID. The MAC address of a system is
composed of 48-bits and represented in Hexadecimal. MAC addresses are considered to be
IPv6 Page 11 of 19

uniquely assigned worldwide. Interface ID takes advantage of this uniqueness of MAC
addresses. A host can auto-configure its Interface ID by using IEEE’s Extended Unique
Identifier (EUI-64) format. First, a host divides its own MAC address into two 24-bits halves.
Then 16-bit Hex value 0xFFFE is sandwiched into those two halves of MAC address, resulting
in EUI-64 ID.
.
Fig7.8: EUI-64 Interface ID
7.8.2 Conversion of EUI-64 ID into IPv6 Interface Identifier
To convert EUI-64 ID into IPv6 Interface Identifier, the most significant 7th bit of EUI-
64 ID is complemented. For example:
Fig7.9 : IPV6 Interface ID
7.8.3 Global Unicast Address

This address type is equivalent to IPv4’s public address. Global Unicast addresses in
IPv6 are globally identifiable and uniquely addressable.
Fig7.10 : Global Unicast Address
IPv6 Page 12 of 19

IPv6 Global Unicast Address Format
Field Size
Description
Name (bits)
Global Routing Prefix: The network ID or prefix of the

4
Prefix address, used for routing. The first three bits are “001” to indicate a
8
unicast address.
1 Subnet Identifier: A number that identifies a subnet within

Subnet ID
6 the site.
Interface ID: The unique identifier for a particular interface

Interface 6
(host or other device). It is unique within the specific prefix and
ID 4
subnet.
7.8.4 IPv6 Global Unicast Address Format
Figure 7.11
Global Routing Prefix: The most significant 48-bits are designated as Global Routing
Prefix which is assigned to specific autonomous system. The three most significant bits of
Global Routing Prefix is always set to 001.
IPv6 Page 13 of 19

Figure 7.12
7.8.5 Unique-Local Address

This type of IPv6 address is globally unique, but it should be used in local
communication. The second half of this address contain Interface ID and the first half is
divided among Prefix, Local Bit, Global ID and Subnet ID.
Figure 7.13 Image: Unique-Local Address

Prefix is always set to 1111 110. L bit, is set to 1 if the address is locally assigned. So
far, the meaning of L bit to 0 is not defined. Therefore, Unique Local IPv6 address always
starts with ‘FD’ instead of ‘FC’
7.8.6 Link-Local Address
IPv6 Page 14 of 19

Auto-configured IPv6 address is known as Link-Local address. This address always
starts with FE80. The first 16 bits of link-local address is always set to 1111 1110 1000 0000
(FE80). The next 48-bits are set to 0, thus:
Figure 7.14 Image: Link-Local Address

Link-local addresses are used for communication among IPv6 hosts on a link
(broadcast segment) only. These addresses are not routable, so a Router never forwards
these addresses.
IPv6 link-local addresses are a special scope of address which can be used only
within the context of a single layer two domain. Packets sourced from or destined to a link-
local address are not forwarded out of the layer two domain by routers. These addresses
are useful for establishing communication across a link in the absence of a globally routable
prefix.
This means that computers on a link can always communicate through IPv6 using
link-local addresses as the network interface always has a link-local address even if you
assign another IPv6 address manually or if the NIC receives an IPv6 address from a DHCP
server.
7.8.7 Scope of IPv6 Addresses:
Figure 7.15
IPv6 Page 15 of 19

Figure 7.16
An address scope defines the region where an address can be defined as a unique
identifier of an interface.
These scopes or regions are the link, the site network, and the global network,
corresponding to link-local, unique local unicast, and global addresses.
Figure 7.17
7.9 Transition From IPv4 to IPv6
IPv6 Page 16 of 19

Complete transition from IPv4 to IPv6 might not be possible because IPv6 is not
backward compatible. This results in a situation where either a site is on IPv6 or it is not. It is
unlike implementation of other new technologies where the newer one is backward
compatible so the older system can still work with the newer version without any additional
changes.
To overcome this short-coming, we have a few technologies that can be used to
ensure slow and smooth transition from IPv4 to IPv6.
7.10 Dual Stack Routers

A router can be installed with both IPv4 and IPv6 addresses configured on its
interfaces pointing to the network of relevant IP scheme.
Figure 7.18
Since IPv6 is a conservative extension of IPv4, it is relatively easy to write a network

stack that supports both IPv4 and IPv6 while sharing most of the code. Such an
implementation is called a dual stack, and a host implementing a dual stack is called a dual-
stack host.
7.11 Tunneling
In order to reach the IPv6 Internet, an isolated host or network must be able to use
the existing IPv4 infrastructure to carry IPv6 packets. This is done using a technique known
as tunnelling which consists of encapsulating IPv6 packets within IPv4, in effect using IPv4 as
a link layer for IPv6.
IPv6 Page 17 of 19

Figure 7.19
7.12 NAT Protocol Translation

This is another important method of transition to IPv6 by means of a NAT-PT
(Network Address Translation – Protocol Translation) enabled device. With the help of a
NAT-PT device, actual can take place happens between IPv4 and IPv6 packets and vice
versa.
Figure 7.20
A host with IPv4 address sends a request to an IPv6 enabled server on Internet that
does not understand IPv4 address. In this scenario, the NAT-PT device can help them
communicate. When the IPv4 host sends a request packet to the IPv6 server, the NAT-PT
device/router strips down the IPv4 packet, removes IPv4 header, and adds IPv6
header and passes it through the Internet. When a response from the IPv6 server comes for
the IPv4 host, the router does vice versa.
******************
IPv6 Page 18 of 19

IPv6 Page 19 of 19

Network Elements
Course Contents
 Different topologies of Computers connectivity
 Various Network types
 Various network connecting devices
 LAN Architecture
Objectives
After studying this module on Local Networking and the various network connecting
devices, participants are able to join and understand the networking devices
Network Elements Page 1 of 25

2.1 Introduction
Networking means interconnection of computers. These computers can be linked
together for different purposes and using a variety of different cabling types.
The basic reasons why computers need to be networked are :
 To share resources (files, printers, modems, fax machines etc.)
 To share application software (MS Office, Adobe Publisher etc.)
 To increase productivity (makes it easier to share data amongst users)
As long as all user computers are connected via a network, they can share their files,
exchange mail, schedule meetings, send faxes and print documents all from any point of the
network.
Small networks are often called Local Area Networks (LAN). A LAN is a network
allowing easy access to other computers or peripherals. The typical characteristics of a LAN
are :
 Physically limited distance (< 2km)
 High bandwidth (> 1mbps)
 Inexpensive cable media (coax or twisted pair)
 Data and hardware sharing between users owned by the user
The factors that determine the nature of a LAN are :
1. Topology
2. Transmission medium
3. Medium access control technique
2.2 LAN Architecture
The layered protocol concept can be employed to describe the architecture of a LAN,
wherein each layer represents the basic functions of a LAN.
2.2.1 Protocol Architecture
The Protocols defined for LAN transmission address issues relating to the
transmission of blocks of data over the network. In the context of OSI model, higher layer
protocols (layer 3 or 4 and above) are independent of network architecture and are not
applicable to LAN. Therefore LAN protocols are concerned primarily with the lower layers of
the OSI model.

A protocol establishes the rules and encoding specifications for sending data. This
defines how computers identify one another on a network, the form that the data should
take in transit, and how this information is processed once it reaches its final destination.
Protocols also define procedures for determining the type of error checking that will be
used, the data compression method, if one is needed, how the sending device will indicate
that it has finished sending a message, how the receiving device will indicate that it has
received a message, and the handling of lost or damaged transmissions or “packets”.
Figure 1 relates the LAN protocols to the OSI model. This architecture has been
developed by the IEEE 802 committee
OSI Reference Model
Application
IEEE 802
Presentation Reference
Model )LLC Service
Session Access Point
~ Upper
layer
~ (LSAP
Transport protocols
Network
() () ()
Logical Link
Control Scope of
Data Link IEEE 802
Medium Standards
access control
Physical Physical
Medium Medium
Figure 1: IEEE 802 Protocol Layers compared to OSI
The lowest layer of the IEEE 802 reference model corresponds to the physical layer
of the OSI model, and includes the following functions:

Encoding/ decoding of signals
Preamble generation/ removal (for synchronization)
Bit transmission/ reception
The physical layer of the 802 model also includes a specification for the transmission
medium and the topology.
The functions associated with providing service to the LAN users comprise:
1. MAC 2. LLC
Functions of MAC are:-
 Assembling data into a frame with address and error-detection fields for onward
transmission.
 Disassemble frame, perform address recognition and error detection during
reception.
 Supervise and control the access to the LAN transmission medium.
Functions of LLC are:-
 Provide an interface to the higher layers and perform flow control and error control.
The separation is done for the following reasons:
 The logic and mechanism required to manage access to a shared- access medium is
not found in the conventional layer-2 data link control.
 For the same LLC, different MAC options may be provided.
Different standards are illustrated in Table 1. Most of the standards were developed
by a committee known as IEEE 802, All of these standards have subsequently been
adopted as international standards by the ISO

Table 1 IEEE802.2 Standard
LAN Topologies
The physical topology of a network refers to the configuration of cables, computers,

and other peripherals. Physical topology should not be confused with logical topology which
is the method used to pass information between workstations
The common topologies for LANs are bus, tree, ring, and star. The bus is a special
case of the tree, with only one trunk and no branches.
Bus Topology: Sometimes referred to as linear-bus topology, Bus is a simple design

that utilizes a single length of cable, also known as the medium, with directly attached LAN
stations through TAP. All stations share this cable segment. Every station on this segment
sees transmissions from every other station on the cable segment; this is known as a

broadcast medium. The LAN attachment stations are definite endpoints to the cable
segment and are known as bus network termination points to avoid reflection.
a) Bus Network Topology.
Figure 2: Bus Network Topology

Working principle:
Stations transmit data in small blocks, known as frames. Each frame consists of a
portion of data that a station wishes to transmit, plus a frame header that contains control
information. Each station on the bus is assigned a unique address, or identifier, and the
destination address for a frame is included in its header.
This is illustrated in the below given figure.

Figure 3: Frame Transmission on a Bus LAN

b) Tree Topology: The tree topology is a logical extension of the bus topology
and could be described as multiple interconnected bus networks. The physical (cable) plant
is known as a branching tree with all stations attached to it with no closed loops . The tree
begins at the root, the pinnacle point, and expands to the network endpoints. This topology
allows a network to expand dynamically with only one active data path between any two
network endpoints.
Advantages of a Tree Topology
 Point-to-point wiring for individual segments.
 Supported by several hardware and software venders.
Disadvantages of a Tree Topology
 Overall length of each segment is limited by the type of cabling used.
 If the backbone line breaks, the entire segment goes down.
 More difficult to configure and wire than other topologies.
Figure 4: Tree topology

c) Ring Topology : In a ring network, every device has exactly two neighbors for
communication purposes. All messages travel through a ring in the same direction (either
"clockwise" or "counterclockwise"). A failure in any cable or device breaks the loop and can
take down the entire network.

To implement a ring network, one typically uses FDDI, SONET, or Token Ring
technology
Figure 5:Ring topology

In the ring topology, the network consists of a set of repeaters joined by point-to
point links in a closed loop. Each station is attached to the network at a repeater and can
transmit data onto the network through that repeater.
As a frame circulates past all other stations, the destination station recognises its
address and copies the frame into a local buffer as it goes by. The frame continues to
circulate until it reaches the source station, where it is ultimately removed
Because multiple stations share the ring , medium access control is needed to
determine when each station may insert frames.
C
C
B
A
B A
A A
(a) C transmits a frame (c) A copies the frame
addressed to A as it goes by
C
Network Elements A Page 8 of 25
B
A
Figure-6 Frame Transmission on a Ring LAN
d) Star Topology
In the Star type topology, each station is directly connected to a common central
node. Typically, each station attaches to a central node, referred to as the star coupler, via
two point-to point links, one for transmission in each direction.
There are two alternatives for the operation of the central node :
One method is for the central node to operate in a broadcast fashion.
Another method is for the central node to act as a frame switching device. An
incoming frame is buffered in the node and then retransmitted on an outgoing link to the
destination station.
Figure 7: Star topology

Advantages of a Star Topology
 Easy to install and wire.
 No disruptions to the network then connecting or removing devices.
 Easy to detect faults and to remove parts.
 Disadvantages of a Star Topology
 Requires more cable length than a linear topology.
 If the hub or concentrator fails, nodes attached are disabled.

 More expensive than linear bus topologies because of the cost of the
concentrators.
 The protocols used with star configurations are usually Ethernet or LocalTalk.
2.3 Medium Access Control
Some means of controlling access to the transmission medium is needed to provide
for an orderly and efficient use of network’s transmission capacity. This is the function of
medium access control (MAC) protocol.
There are two areas for MAC
Where and
How to implement MAC in a LAN.
Where refers to whether control is in a centralized or distributed fashion.
In a centralized scheme, a controller is designated that has the authority to grant
access to the network. A station wishing to transmit must wait until it receives permissions
from the controller.
In a decentralized network, each station collectively performs a medium access
control function to dynamically determine the order in which stations transmit
how, is determined by the topology and is a trade-off among competing factors such
as- including cost, performance, and complexity
Access control techniques could follow the same approach used in circuit switching,
viz. frequency-division multiplexing (FDM), and synchronous time-division multiplexing
(TDM). It is desirable to allocate capacity in an asynchronous (dynamic) fashion,. The
asynchronous approach can be further subdivided into three categories: round robin,
reservation and contention.
2.3.1 Round Robin

With Round robin, each station in turn is given an opportunity to transmit. During
that period, the station may decline to transmit or may transmit subject to a specified upper
bound, usually expressed as a maximum amount of data transmitted or time for this
opportunity. In any case, the station, when it is finished, relinquishes its turn, and the right
to transmit passes to the next station in logical sequence.
Control of this sequence may be centralized or distributed. Polling is an example of a
centralized technique.

2.3.2 Reservation
For stream traffic, reservation techniques are well suited. In general, for these
techniques, time on the medium is divided into slots, similar to synchronous TDM. A station
wanting to transmit, reserves future slots for an extended or even an indefinite period.
Again, reservations may be made in a centralized or distributed manner.
2.3.3 Contention
For bursty traffic, contention techniques are more appropriate. With these
techniques, no control is required to determine whose turn it is; all stations contend for
time. These techniques are by nature distributed. Their principal advantage is that they are
simple to implement and, under light to moderate load, quite efficient. For some of these
techniques, however, performance tends to collapse under heavy load
Standardized Medium Access Control Techniques
Table 2
Bus Topology Ring Topology Switched

Topology
Round Robin Token Bus (IEEE 802.4) Token Ring Request/

(IEEE 802.5 & FDDI) Priority
Polling (IEEE 802.11)
(IEEE 802.12)
Reservation DQDB (IEEE 802.6) - -
Contention CSMA/CD (IEEE 802.3) - CSMA/CD

(IEEE 802.3)
CSMA (IEEE 802.11)
2.4 MAC Frame Format

The MAC layer receives a block of data from the LLC layer and is responsible for
performing functions related to medium access and for transmitting the data. MAC
implements these functions, by making use of protocol data unit at its layer; in this case, the
PDU is referred to as a MAC frame.

The exact format of the MAC frame differs for the various MAC protocols in use. In
general, all of the MAC frames have a format similar to that of Figure 6. The fields of this
frame are :
a) MAC control : This field contains any protocol control information needed for the
functioning of the MAC protocol. For example, a priority level could be indicated
here.
b) Destination MAC Address : The destination physical attachment point on the LAN
for this frame.
c) Source MAC address : The source physical attachment point on the LAN for this
frame.
MAC
MAC Destination Source MAC
Frame LLC PDU CRC
control MAC Address
Address
1 octet 1 or 2 Variable
LLC
PDU DSAP SSAP LLC control Information
I/G DSAP value C/R SSAP

value

Figure 8: LLC PDU with generic MAC Frame format
d) LLC : The LLC Data from the next higher layer.
e) CRC : The cyclic redundancy check field ( also known as the frame check
sequence, FCS, field). This is an error-detecting code, as we have seen in HDLC and other
data link control protocols
The MAC layer is responsible for detecting errors and discarding any frames that are
in error. The LLC layer optionally keeps track of which frames have been successfully
received and retransmits unsuccessful frames.
2.4.1 LLC Services
LLC specifies the mechanism for addressing stations across the medium and for
controlling the exchange of data between two users. The operation and format of this
standard is based on HDLC. Three services are provided as alternatives for devices using
LLC:
a) Unacknowledged connection-less service. This service is a datagram-style service. It
is a very simple service that does not involve any of the flow control and error
control mechanisms. Thus the delivery of a data is not guaranteed. However, in most
devices, there will be some higher layer of software that deals with reliability issues.
b) Connection-mode service. This service is similar to that offered by HDLC. A logical
connection is set up between the two users exchanging data, and flow control and
error control are provided.
c) Acknowledged connection-less service. This is a cross between the previous two
services. It provides that datagram are to be acknowledged, but no prior logical
connection is set up.
2.5 Ethernet And Fast Ethernet (CSMA/ CD)
The most commonly used medium access control technique for bus/ tree and star
topologies is carrier-sense multiple access with collision detection (CSMA/CD). The Ethernet
specification performs the same functions as the OSI physical and Data Link Layer of data
communications. This design is the basis of IEEE’s 802.3 specification.
2.5.1 Ethernet Features
Ethernet media is passive which means it draws power from the computer and thus
will not fail unless the media is physically cut or improperly terminated.
The following list summarizes Ethernet features :
Traditional topology Linear Bus
Other Topologies Star Bus
Type of Architecture Baseband

Access Method CSMA/ CD
Specifications IEEE 802.3
Transfer Speed 10 Mbps or 100 Mbps
Cable Types Thicknet, Thinnet, UTP
IEEE 802.3 Medium Access Control
2.5.2 Description of CSMA/ CD
CSMA, although more efficient, still has one glaring inefficiency, when two frames
collide, the medium remains unusable for the duration of transmission of both damaged
frames. For long frames, compared to propagation time, the amount of wasted capacity can
be considerable. This waste can be reduced if a station continues to listen to the medium
while transmitting.
This leads to the following rules for CSMA/ CD :
If the medium is idle, transmit; otherwise, go to step 2.
If the medium is busy, continue to listen until the channel is idle, then transmit
immediately. If a collision is detected during transmission, transmit a brief jamming signal to
assure that all stations know that there has been a collision and then cease transmission.
After transmitting the jamming signal, wait a random amount of time, then attempt
to transmit again. (Repeat from step 1.)
Figure below illustrates the techniques for a baseband bus. At time t0, station A
begins transmitting a packet addressed to D. At t1, both B and C are ready to transmit. B
senses a transmission and so defers. C, however, is still unaware of A’s transmission and
begins its own transmission. When A’s transmission reaches C, at t2, C detects the collision
and cases transmission. The effect of the collision propagates back to A, where it is detected
some time later, t3, at which time A ceases transmission.
With CSMA/CD, the amount of wasted capacity is reduced to the time it takes to
detect a collision. Question : how long does that take? Let us consider the first case of a
baseband bus and consider the two stations as far apart as possible. For example, in the
above figure, suppose that station A begins a transmission and that just before that
transmission reaches D, D is ready to transmit. Because D is not yet aware of A’s
transmission, it begins to transmit. A collision occurs almost immediately and is recognized
by D. However, the collision must propagate all the way back to A before A is aware of the
collision.t0 By this line of reasoning, we conclude that the amount of time that it takes to
detect a collision is no greater than twice the end-to-end propagation delay
A B C D
t1

A B C D
t2
Figure 9: CSMA/ CD operation

2.6 BASIC NETWORK COMPONENTS
There are a number of components which are used to build networks. An
understanding of these is essential in order to support networks.
2.6.1 Network Adapter Cards

A network adapter card plugs into the workstation, providing the connection to the
network. Adapter cards come from many different manufacturers, and support a wide
variety of cable media and bus types such as - ISA, MCA, EISA, PCI, PCMCIA.
New cards are software configurable, using a software programs to configure the
resources used by the card. Other cards are PNP (plug and Play), which automatically
configure their resources when installed in the computer, simplifying the installation. With
an operating system like Windows 95, auto-detection of new hardware makes network
connections simple and quick.
2.6.2 Cabling
Cables are used to interconnect computers and network components together.
There are 3 main cable types used today :
 Twisted pair
 Coaxial
 Fibre optic
The choice of cable depends upon a number of factors like:
 cost
 distance
 number of computers involved
 speed
 bandwidth i.e. how fast data is to be transferred

2.6.3 Repeaters
Repeaters extend the network segments. They amplify the incoming signal received
from one segment and send it on to all other attached segments. This allows the distance
limitations of network cabling to be extended. There are limits on the number of repeaters
which can be used. The repeater counts as a single node in the maximum node count
associated with the Ethernet standard (30 for thin coax).
Repeaters also allow isolation of segments in the event of failures or fault
conditions. Disconnecting one side of a repeater effectively isolates the associated
segments from the network.
Using repeaters simply allows you to extend your network distance limitations. It
does not give you any more bandwidth or allow you to transmit data faster.
a) Use of Repeaters in a Network

It should be noted that, the network number assigned to the main network segment
and the network number assigned to the other side of the repeater are the same. In
addition, the traffic generated on one segment is propagated onto the other segment. This
causes a rise in the total amount of traffic, so if the network segments are already heavily
loaded, it's not a good idea to use a repeater.
A repeater works at the Physical Layer by simply repeating all data from one
segment to another.
b) Summary of Repeater features :
 increases traffic on segments
 have distance limitations
 limitations on the number of repeaters that can be used
 propagate errors in the network
 cannot be administered or controlled via remote access
 cannot loop back to itself (must be unique single paths)
 no traffic isolation or filtering is possible
2.6.4 HUBS
There are many types of hubs. Passive hubs are simple splitters or combiners that
group workstations into a single segment, whereas active hubs include a repeater function
and are thus capable of supporting many more connections.

Nowadays, with the advent of 10BaseT, hub concentrators are being very popular.
These are very sophisticated and offer significant features which make them radically
different from the older hubs which were available during the 1980's. These 10BaseT hubs
provide each client with exclusive access to the full bandwidth, unlike bus networks where
the bandwidth is shared. Each workstation plugs into a separate port, which runs at 10
Mbps and is for the exclusive use of that workstation, thus there is no contention to worry
about like in Ethernet.
In standard Ethernet, all stations are connected to the same network segment in bus
configuration. Traffic on the bus is controlled using CSMA (Carrier Sense Multiple Access)
protocol, and all stations share the available bandwidth.
BACKPLANE
PORT 1 PORT 2 PORT 3 PORT 4
Figure 10 : HUB
a) Connecting Workstations to a Hub

10BaseT Hubs dedicate the entire bandwidth to each port (workstation). The W/S
attach to the Hub using UTP. The Hub provides a number of ports, which are logically
combined using a single backplane, which often runs at a much higher data rate than that of
the ports.
Ports can also be buffered, to allow packets to be held in case the hub or port is
busy. And, because each workstation has its own port, it does not contend with other
workstations for access, having the entire bandwidth available for its exclusive use.
The ports on a hub all appear as one Ethernet segment. In addition, hubs can be
stacked or cascaded (using master/ slave configurations) together, to add more ports per
segment. As hubs do not count as repeaters, this is a better solution for adding more
workstations than the use of a repeater.
Hub options also include an SNMP (Simple Network Management Protocol) agent.
This allows the use of network management software to remotely administer and configure
the hub.
Advantages of the newer 10 BaseT hubs are :
 Each port has exclusive access to its bandwidth (no CSMA/ CD)
 Hubs may be cascaded to add additional ports
 SNMP managed hubs offer good management tools and statistics
 Utilise existing cabling and other network components
 Becoming a low cost solution
2.7 Switch
A switch is a networking component used to connect workgroup hubs to form a
larger network or to connect computers that have high bandwidth needs.
Switch working
When a signal enters a port of the switch, the switch looks at the destination
address of the frame and internally establishes a logical connection with the port connected
to the destination node.
Each port on the switch corresponds to an individual collision domain, and network
congestion is avoided. Thus, if a 10-Mbps Ethernet switch has 10 ports, each port effectively
gets the entire bandwidth of 10 Mbps-to the frame, the switch's port appears to provide a
dedicated connection to the destination node. Ethernet switches are capable of establishing
multiple internal logical connections simultaneously, while routers generally process
packets on a first-come, first-served.

There are two main types of switches, based on their layer of operation.
 Layer 2.
 Layer 3
Layer-2 switches operate at the data-link layer of the OSI model and are based on
bridging technologies. They establish logical connections between ports based on MAC
addresses.
Use layer-2 switches for segmenting existing network into smaller collision domains
to improve performance.
Layer-3 switches operate at the layer 3 of the OSI model and are based on routing
technologies. They establish logical connections between ports based on network
addresses. Layer-3 switches are sometimes called routing switches or multilayer switches.
Use these for connecting different networks into an internetwork.
There are three types of switches, based on their functioning:
 Cut-through transmission
 Store and forward
 Fragment Free
2.7.1 Cut-through transmission: It allows the packets to be forwarded as soon as they are
received. The method is prompt and quick but the possibility of error checking gets
overlooked in such kind of packet data transmission.
2.7.2 Store and forward: In this switching environment the entire packet are received and
‘checked’ before being forwarded ahead. The errors are thus eliminated before being
propagated further. The downside of this process is that error checking takes relatively
longer time consequently making it a bit slower in processing and delivering.
2.7.3 Fragment Free: In a fragment free switching environment, a greater part of the packet
is examined so that the switch can determine whether the packet has been caught up in a
collision. After the collision status is determined, the packet is forwarded.
2.8 Bridges
Bridges interconnect Ethernet segments. Most bridges today support filtering and
forwarding, as well as Spanning Tree Algorithm. The IEEE 802.1D specification is the
standard for bridges.
During initialization, the bridge learns about the network and the routes. Packets are
passed onto other network segments based on the MAC layer. Each time the bridge is
presented with a frame, the source address is stored. The bridge builds up a table which
identifies the segment to which the device is located on. This internal table is then used to

determine which segment incoming frames should be forwarded to. The size of this table is
important, especially if the network has a large number of workstations/ servers.
Network Segment A Network Segment B
BRIDGE
Figure 11: Bridge connectivity
2.8.1 Use of Bridge in a Network

The diagram above shows two separate network segments connected via a bridge.
Note that each segment must have a unique network address number in order for the
bridge to be able to forward packets from one segment to the other.
The advantages of bridges are
 increase the number of attached workstations and network segments

 since bridges buffer frames, it is possible to interconnect different segments which
use different MAC protocols
 since bridges work at the MAC layer, they are transparent to higher level protocols
 by subdividing the LAN into smaller segments, overall reliability is increased and the
network becomes easier to maintain
 used for non routable protocols like NETBEUI which must be bridged
 help in localizing the network traffic by only forwarding data onto other segments as
required (unlike repeaters)
2.8.2 How Bridges Work

Bridges work at the Data Link layer of the OSI model. Bridges work at the Media
Access Control sub layer and are sometimes referred to as Media Access Control layer
bridges.
a) A Media Access Control layer bridge :
Listens to all traffic. Checks the source and destination addresses of each packet.
Builds a routing table as information becomes available.
b) Creating the Routing Table
Bridges build their routing tables bases on the addresses of computers that have
transmitted data on the network. Specifically, bridges use source addresses – the address of
the device initiates the transmission – to create routing table.
If a bridge knows the location of the destination node, it forwards the packet to it. If
it does not know the destination, it forwards the packet to all segments.
c) Segmenting Network Traffic
A bridge can segment traffic because of it’s routing table.
A large network is not limited to one bridge. Multiple bridges can be used to
combine several small networks into one large network.
2.8.3 Implementing Bridges
A bridge can be either a stand-alone, separate piece of equipment (an external
bridge) or it can be installed in a server. If the network operating system supports it, one or
more network cards (an internal bridge) can be installed.
Network administrators like bridges because they are:
Simple to install and transparent to users.
Flexible and adaptable.
Relatively inexpensive.
2.8.4 Transparent Bridges
(Also known as spanning tree, IEEE 802.1 D) make all routing decisions. The bridge is
said to be transparent (invisible) to the workstations. The bridge will automatically initialize
itself and configure its own routing information after it has been enabled.
2.8.5 Summary of Bridge features :
 operate at the MAC layer (layer 2 of the OSI model)
 can reduce traffic on other segments
 broadcasts are forwarded to every segment

 most allow remote access and configuration

 often SNMP (Simple Network Management Protocol) enabled
 loops can be used (redundant paths) if using spanning tree algorithm
 small delays may be introduced
 fault tolerant by isolating fault segments and reconfiguring paths in the event of
failure
 not efficient with complex networks
 redundant paths to other networks are not used (would be useful if the major
path being used
 was overloaded)
 shortest path is not always chosen by the spanning tree algorithm
2.9 Routers
In an environment consisting of several network segments with differing protocols
and architectures, a bridge may not be adequate for ensuring fast communication among all
of the segments. A network this complex needs a device which not only knows the address of
each segment, but also determine the best path for sending data and filtering broadcast traffic
to the local segment. Such a device is called a router.
Routers work at the Network layer of the OSI model. This means they can switch and
route packets across multiple networks. They do this by exchanging protocol-specific
information between separate networks. Routers read complex network addressing
information in the packet and, because they function at a higher layer in the OSI model than
bridges, they have access to additional information.
Routers can provide the following functions of a bridge :
 Filtering and isolating traffic
 Connecting network segments
 Routers have access to more information in the packet than bridges, and use this
information to improve packet deliveries. Routers are used in complex network situation
because they provide better traffic management than bridges and do not pass broadcast
traffic. Routers can share status and routing information with one another and use this
information to bypass slow or malfunctioning connections.
2.9.1 How Routers Work

The routing table found in routes contain network addresses. However, host addresses
may be kept depending on the protocol the network is running. A router uses a table to
determine the destination address for incoming data. The table lists the following information
:
 All known network addresses
 How to connect to other networks
 The possible path between those routers
 The cost of sending data over those paths
 The router selects the best route for the data based on cost & available paths.
Note : Remember that routing tables were also discussed with bridges. The routing table
maintained by a bridge contains Media Access Control sublayer addresses for each node,
while the routing table maintained by a router contains network numbers. Even though
manufacturers of these two different types of equipment have chosen to use the term routing
table, it has a different meaning for bridge than it does for routers.
Routers require specific addresses. They only understand network numbers which
allow them to talk to other routers and local network adapter card addresses. Routers do not
talk to remote computers.
When router receives packets destined for a remote network, they send them
to the router that manages the destination network. In some ways this is an advantage
because it means routers can :
 Segment large networks into smaller ones.
 Act as safety barrier between segments.
 Prohibit broadcast storms, because broadcasts are not forwarded.
Because routers must perform complex functions on each packet, routers are slower
than most bridges. As packets are passed from router to router, Data Link layer source and
destination addresses are stripped off and then recreated. This enables a router to route a
packet from a TCP/IP Ethernet network to a server on a TCP/IP Token Ring Network.
Because the routers only read addresses network packets, they will not allow bad data
to get passed on to the network. Because they do not pass the bad data or broadcast data
storms, router put little stress on networks.
Routers do not look at the destination node address; they only look at the network
address. Routers will only pass information if the network address is known. This ability to
control the data passing through the router reduces the amount of traffic between networks
and allows router to use these links more efficiently than bridges.
Using the router addressing scheme, administrators can break one large network into
many separate networks, and because routers do not pass or even handle every packet, they

act as a safety barrier between network segments. This can greatly reduce the amount of
traffic on the network and the wait time experienced by users.
2.9.2 Routable Protocols
Not all protocols work with routers. The one that are routable include :
 DECnet
 IP
 IPX
 OSI
 XNS
 DDP (AppleTalk)
Protocols which are not routable include:
LAT (local area transport, a protocol from Digital Equipment Corporation.)
NetBEUI
There are routers available which can accommodate multiple protocols such as IP and
DECnet in the same network.
Packets are only passed to the network segment they are destined for.
They work similar to bridges and switches in that they filter out unnecessary network
traffic and remove it from network segments. Routers generally work at the protocol level.
Routers were devised in order to separate networks logically. For instance, a TCP/ IP
router can segment the network based on groups of TCP/IP addresses. Filtering at this level
(on TCP/IP addresses, also known as level 3 switching) will take longer than that of a bridge
or switch which only looks at the MAC layer.
Most routers can also perform bridging functions. A major feature of routers, because
they can filter packets at a protocol level, is to act as a firewall. This is essentially a barrier,
which prevents unwanted (unauthorised) packets either entering or leaving designated areas
of the network.
Typically, an organization which connects to the Internet will install a router as the
main gateway link between their network and the outside world. By configuring the router
with access lists (which define what protocols and what hosts have access) this enforces
security by restricted (or allowing) access to either internal or external hosts.
A router works at the Network Layer or higher, by looking at information embedded
within the data field, like a TCP/IP address, then forwards the frame to the appropriate
segment upon which the destination computer resides.
2.9.3 Summary of Router features :

 use dynamic routing
 operate at the protocol level
 remote administration and configuration via SNMP
 support complex networks
 the more filtering done, the lower the performance
 provides security
 segment the networks logically
 broadcast storms can be isolated
 often provide bridge functions also
 more complex routing protocols used (such as RIP, IGRP, OSPF)

Routing Concepts & Routing Protocols

Course Contents
 Introduction to Router
 Types of Algorithms used
 Various protocols used for Router configuration
 Differences between various protocols
Objectives
After studying this content on router concepts and router configuration, the trainees are
able to understand what is meant by routing and how the routers are configured for
networks
5.1 Routing
The primary function of a packet switching network is to receive packets from a
source and deliver them to the destination. To achieve this, a path or route through the
network has to be determined. More than one route may be possible. This requires a
routing function/ algorithm to be implemented.
The routing function must achieve the following requirements:
 Correctness
 Simplicity
 Robustness
 Stability
 Fairness
 Optimality
 Efficiency
Correctness and Simplicity are self explanatory.
Robustness has to do with the routing of packets through alternate routes in the
network in case of route failures or overloads.
Stability is an important aspect of the routing algorithm. It implies that the routing
algorithm must converge to equilibrium as quickly as possible, however some never
converge, no matter how long they run.
Routing Concept & Routing Protocols Page 1 of 8

Fairness and optimality are competing requirements. A trade-off exists between the
two. Some performance criteria may give a higher priority to transportation of packets
between adjacent/ nearby stations in comparison to those between distant stations. This
results in higher throughput but is not fair to the stations which have to communicate with
distant stations.
Efficiency of a routing technique/ algorithm gets decided by the quantum of
overhead processing required. Of course these have to be kept to a minimum.
Thus, Routing is essentially a method of path selection and is an overhead activity.
Routed protocol
A routed protocol is a protocol that contains sufficient network-layer addressing
information for user traffic to be directed from one network to another network. Routed
protocols define the format and use of the fields within a packet. Packets that use a routed
protocol are conveyed from one end system to another end system through an
internetwork.
The internet protocol IP and Novell’s IPX are examples of routed protocols.
Routing protocol
A routing protocol provides mechanisms for sharing routing information. Routing
protocol messages move between the routers. A routing protocol allows the routers to
communicate with other routers to update and maintain routing tables. Routing protocol
messages do not carry end-user traffic from network to network. A routing protocol uses
the routed protocol to pass information between routers.
5.2 Types of Routing

Static routing: refers to routes to destinations being setup manually
in the router. Network reach ability in this case is not dependent on the
existence and state of the network itself. Whether a destination is up or
down, the static routes would remain in the routing table, and traffic
would still be sent towards that destination. Static routing generally is not sufficient for
large or complex networks because of the time required to define and maintain static route
table entries.
Default routing : refers to a “last resort” outlet – traffic to destinations
that are unknown to the local router are sent to the default outlet router. Default routing is
the easiest form of routing for a domain connected to a single exit point. A default route is a

path on which a router should forward a packet if it does not have specific knowledge about
the packet’s destination.
Figure 5.1 below illustrate the concept of Static and default Routing.
Static Routing 10.1/16
Traffic to 10.1
R1 R2
WAN
Send all traffic to R1
Default Routing
Figure 5.1 Static and Default Routing

Dynamic routing: refers to routes being learnt via an internal or
external routing protocol. Network reachability is dependent on the existence and state of
the network. If a destination is down, the route would disappear from the routing table, and
traffic will not be sent toward the destination. Dynamic routing is used to enable routers to
build their routing tables automatically and make the appropriate forwarding decisions. This
concept is illustrated in Figure 5.2 below.

R2
Routing update :
I can reach 100.1
X
R2
R3 R1
100.1
Routing update :
I can reach 100.1
Fig. 5.2 Dynamic Routing

5.3 Routing Algorithms
Routing algorithms and protocols form the core of the Internet, because it is here
that all the decisions get made. Network engineers assign costs to network paths, and
routing protocols select the least-cost path to the destination.
Routing algorithms can be grouped into two major classes :
 Non-Adaptive or Static
 Adaptive or Dynamic
Non Adaptive Algorithms do not base their routing decisions on measurements or
estimates of the current traffic and topology. Instead, the choice of the route to use to get
from I to J (for all I to J) is computed in advance, off-line, and downloaded to the routers
when the network is booted. This procedure is also called as Static Routing.
Adaptive algorithms
Adaptive Algorithms change their routing decisions to take into account changes in
the topology, and sometimes the traffic as well. Adaptive algorithms will be classified
depending on :
Where it gets the information from - whether locally, from adjacent Routers, or from
all Routers
When does the algorithm decide to change the routes - whether every T sec, when
the load changes, or when the topology changes, and

What metric (parameter) is used for optimisation i.e. either distance, number of
hops, or estimated transit time.
5.4 Convergence
Information about the network topology needs to be very accurate and also
consistent from Router to Router. This consistency and accuracy is referred to as
Convergence. The network is considered to have converged when all the Routers contain
consistent information.
5.5 Representing Distance With Metrics
When a routing algorithm updates the routing table, its primary goal is to determine
the best information to include in the table. Each routing algorithm will interpret “best” in
its own way. The algorithm generates a number – called the metric- for each path through
the network. Typically, the smaller the metric, the better is the path.
Metrics can be calculated based on a single characteristic of the path or by
combining several key characteristics such as:
1) Hop Count: Refers to the number of routers a packet must go through, to reach a
destination. The lower the hop count, the better is the path. Path length is used to
indicate the sum of the hops to a destination.
2) Cost: Path cost is the sum of cost associated with each link to
a destination. Costs are assigned (automatically or manually) to the process of
crossing a network. Slower networks typically have a higher cost than faster
networks. The lowest ‘cost” route is the one believed to be the fastest route
available.
3) Bandwidth: The rating of a link’s throughput. Routing through links with greater
bandwidth does not always provide the best routes. For example, if a high-speed link
is busy, sending a packet through a slower link might be faster.
4) Delay: Depends on many factors, including the bandwidth of network links, the length
of queues at each router in the path, network congestion on links, and the physical
distance to be travelled. A conglomeration of variables that change with
internetwork conditions, delay is common and useful metric.
5) Load: Dynamic factor that can be based on a variety of measures, including CPU and
packet processed per second. Monitoring these parameters on a continual basis can
be resource intensive.
Modern computer networks generally use dynamic routing algorithms rather than
the static ones. Two dynamic algorithms in particular,
 distance vector routing algorithms

 link state routing algorithms
5.6 Distance Vector Routing

Distance Vector Routing algorithms require that each router maintain a table (a
vector) indicating the best known distance to each destination and which line/ port to use
to reach there. These tables are constantly updated by exchanging information with the
neighbours. The algorithms periodically pass copies of a routing table from router to router.
Updates between routers also communicate topology changes immediately when they
occur.
The distance vector routing is also known by other names, via; the distributed
Bellman-Ford routing algorithm and the Ford-Fulkerson algorithm, after the researchers
who developed it (Bellman, 1957; and Ford and Fulkerson, 1962). It was the original
ARPANET routing algorithm and was also used in the Internet under the name RIP and in
early versions of Decent and Novell’s IPX.
Examples of distance vector routing protocols are IPX RIP and IP RIP.
5.7 Link State Routing
Link State Routing replaced the Distance Vector Routing (used in the ARPANET) in
1979. Two problems caused the demise of Distance Vector algorithm. First, since the delay
metric was queue length, it did not take line bandwidth into account when choosing the
routes. It would have been possible to change the delay metric to take into account the line
bandwidth, but a second problem existed, namely, the algorithm often took too long to
coverage, even with enhancements like split horizon. For these reasons, it was replaced by
an entirely new algorithm now called link state routing. Variants of link state routing are
now widely used.
The 5 step concept is stated below:
1. Discover the neighbors and learn their network addresses
2. Measure the delay or cost to each of the neighbors
3. Construct a packet telling all that has just been learnt
4. Send this packet to all other routers
5. Compute the shortest path to every other router
When a router is booted, its first task is to learn who its neighbours are. This task is
accomplished by sending a special Hello packet on each point-to-point line. The router on
the other end is expected to send back a reply telling who it is.

Link-state routing algorithms - also known as shortest path first (SPF) algorithm
maintain a complex database of topology information. Whereas the distance vector
algorithm has entries for distant networks and a metric value to reach those networks but
no knowledge of distant routers, a link state routing algorithm maintains full knowledge of
distant routers and how they interconnect. Examples of link-state routing protocols are:
NLSP, OSPF, and IS-IS.
Link state routing is widely used in actual networks. The OSPF protocol, which is
increasingly being used in the Internet, uses a link state algorithm.
5.8 Comparison Of Distance Vector Routing & Link-State Routing
Table 5.1 shows comparison between distance-vector routing and link-state
routing
Table 5. 1
Distance Vector Link State
Network Topology is viewed from Entire Network Topology is common to all

neighbours perspective Routers
Metrics are incremented as the update Shortest Path to other Routers is

crosses one Router calculated
Periodic & Frequent Updates results in Updates are triggered by events. Results in
slow convergence faster convergence
Copies of Routing Tables are passed to Link State Packets are passed to other
neighbouring Routers Routers
5.9 Interior Routing And Exterior Routing
Interior routing occurs within an autonomous system. Most common interior routing
protocols are RIP and OSPF. The basic routable element is the IP network or subnetwork, or
CIDR prefix for newer protocols.
Exterior routing occurs between autonomous systems, and is of concern to service
providers and other large or complex networks. Eg BGP-4 (Border Gateway Protocol Version
4) is exterior routing protocol.
IGP
Autonomous
System
BGP tems
Autonomous
IGP Systems IGP
BGP

MULTIPLAY BROADBAND OVERVIEW
Course Contents:
 Introduction to Broadband
 Broadband Services
 Components of Broadband Network
Objectives
The main objective of this chapter is to build up the following
i) Introduction & To understand the need of broadband
ii) To understand what is Broadband
iii) To familiarize with the various broadband technologies
iv) To familiarize with Broadband Network
4.1 INTRODUCTION & NEED OF BROADBAND
With the evolution of computer networking and packet switching concept a new era
of integrated communication has emerged in the telecom world. Rapid growth of data
communication market, integration of telecom and computer networking technology trend
have further amplified the importance of telecommunications in the field of information
communication.
The demand for high-speed bandwidth is growing at a fast pace. The rapid growth of
distributed business applications, e-commerce, and bandwidth-intensive applications (such as
multimedia, videoconferencing, and video on demand) generate the demand for bandwidth
and access network. Service providers and customers both are interested in economy with
fastest tool of communication with more throughput.
A concept of “broadband” services and the means of access technologies refers to
high-speed Internet access. Broadband Solutions represent the convergence of multiple
independent networks including voice, video and data into a single, unified, broadband
network.
4.2 DEFINITION OF BROADBAND
Multiplay Broadband Page 1 of 4

Broadband is the nonspecific term for high-speed digital Internet access. To state the
obvious, „broadband‟ indicates a means of connectivity at a high or „broad‟ bandwidth.
In fact there is no specific International Definition for Broadband

In India, Department of Telecommunications has issued a Broadband policy in 2004.
Broadband connectivity is defined at present as: -
“An „always-on‟ data connection that is able to support interactive services including
Internet access and has the capability of the minimum download speed of 256 kilo bits per
second (kbps) to an individual subscriber from the Point Of Presence (POP) of the service
provider.
4.3 Broadband Services
Broadband services basically can be grouped as given below based on the nature of
activities involved;
4.3.1 Professional Activities:
 Telecommuting (access to corporate networks and systems to support working at
home on a regular basis)
 Video conferencing (one-to-one or multi-person video telephone calls)
 Home-based business (including web serving, e-commerce with customers, and other
financial functions)
 Home office (access to corporate networks and e-mail to supplement work at a
primary office location)
4.3.2 Entertainment Activities:
 Web surfing (as today, but at higher speeds with more video content)
 Video-on-demand (movies and rerun or delayed television shows)
 Video games (interactive multi-player games)
4.3.3 Consumer Activities:
 Shopping (as today, but at higher speeds with more video content)
 Telemedicine (including remote doctor visits and remote medical analyses by medical
specialists)
 Distance learning (including live and pre-recorded educational presentations)
 Public services (including voting and electronic town hall meetings)
 Information gathering (using the Web for non-entertainment purposes)
 Photography (editing, distributing, and displaying of digital photographs)
 Video conferencing among friends and family

These applications have different bandwidth requirements.
Following are the various applications or services on broadband connectivity: -
4.3.4 Virtual Networks
The private virtual networks (LAN/WAN) can be used in an ample variety of
multimedia services, like bank accounts and central offices.
4.3.5 Education by distance
Education will not have any limits to reach from source to destination. Along with the
traditional school a concept of remote leaning center is emerged out and popular for various
courses. There is no limit of distance, area or location in such distance learning. The student
situated in the remote station can intervene directly to his class with a double system via
videoconference, whilst this happens, simultaneously, the file exchange.
4.3.6 Telework
Organization firm workers that incorporate communication systems via satellite, can
work remotely connecting directly to their head offices Internet by a high speed connection
that permits users to work efficiently and comfortable.
4.3.7 Telemedicine
Doctors situated in different clinics can stay in contact and consult themselves
directly to other regional medical centers, using videoconference and the exchange of high
quality images, giving out test results and any type of information. Also rural zone can have
the opinion of specialists situated in remote hospitals quickly and efficiently.
4.3.8 Electronic commerce
Electronic commerce is a system that permits users to pay goods and services by
Internet.
These services are provided by BSNL by installing different network elements in a
phased manner under different projects of NIB .They are ;
I) Project 1 – MPLS core network
II) Project 2 – Access network
 2.1 - Narrowband access
 2.2 - Broadband access
III) Project 3 – Messaging, Storage, EMS etc.
Project 2.2. i.e. broadband access network elements and services are discussed below.

4.4 NIB II-Project 2.2

This Project is for the deployment of broadband services in 198 cities with 69
important cities where Digital Subscriber Line Access Multiplexer (DSLAM) is deployed.
The cities are categorized under A1 (3 cites), A2 (3 cites), A3 (6 cites), A4 (10 cites), B1 (21
cites), B2 (cites), and others (129 cities). Delhi and Mumbai will not have any broadband
equipment under Project 2.2 of NIB-II.
4.4.1 Services of Project 2.2

• Primary source of Internet bandwidth for retail users for application such as Web
browsing, e-commerce etc
• Multicast video services, video on demand etc through Broadband Remote Access
Server (BRAS).
• Allow wholesale BRAS ports to be assigned to smaller ISPs through the franchises
model wherein the later has a separate network of DSLAMs, AAA, LDAP through a
revenue scheme of BSNL.
• Dialup VPN (VPDN) user connects to NIB-II through the Narrow band RAS and
connected to its private network through a secure L2TP tunnel established between
Narrowband RAS and Broadband RAS.
• Support for both prepaid and postpaid Broadband services.
Broadband Multiplay
Broadband Multi-Play focuses on the augmentation of Broadband Access Network to
meet the targets fixed by DOT with planned capacity of 6 millions supporting multi-play
services like Video on Demand, IP TV, VoIP, VPN service etc with guaranteed control of
critical parameters like latency, throughput, jitter to ensure high grade delivery of real time
service, near real time, non real time and best effort”.

Multiplay Broadband Elements and Function
4.5 Components of Broad Band Access Network

• Broad Band Remote Access Server (BBRAS)
• Gigabit and Fast Ethernet Aggregation Switches (LAN Switches)
• Digital Subscriber Line Access Multiplexers (DSLAMs)
• SSSS/SSSC (Subscriber Service Selection System/ Centre)
• Servers for AAA, LDAP at Pune
• Provisioning and configuration management at NOC
4.6 Broadband Network Architecture (NIB 2);
It is a layered architecture as given below

 Access
 Distribution
 Metro Core
 Core
4.6.1 Core
 MPLS based IP infrastructure in 71 cities being expanded to 106 cities, as part of

Project 1 of NIB-II.
4.6.2 Distribution + Metro Core
 From Tier 2 Switch onward (towards the network)
4.6.3 Access
 DSLAM to user
 Below given figures shows very clearly the deployment of network elements, their
arrangement in different types of cities across the country.
Multiplay Broadband Elements & Function

Network diagram of NIB-II

Core
route
r
Broadband GigE
RAS BB
Tier1 GigE ADSL

Aggregation terminals
SW
..DSLAM..
GigE
Tier 2 LAN Switch
FE FE FE
X-ge E
X-ge C
X-ge D
..DSLAM.. X-ge B ..DSLAM.. ..DSLAM..
ADSL ADSL
ADSL ADSL ADSL
terminals terminals
terminals terminals terminals
Figure 20: Network Diagram of NIB-II

Figure 21: Broadband connectivity of A city
Figure 22: Broadband connectivity in B City
4.7 Support for wide range of services

Each service is characterized by its unique requirement of latency, jitter and
throughput.
Internet is by default the best service.
Specific requirement of Voice and Video for bandwidth and quality
Admission Control
Network Resiliency
4.8 How Multiplay will fit into existing BSNL Network

• Multiplay is expansion of DSL Broad band Network of BSNL
• Network Designed to cater to Multiplay services

DSLAM continue to work in star topology.
Uplink bandwidth of DSLAM is min. 1+1 GE
The Aggregation Network for Multiplay will be in Ring Topology based on RPR
instead of the existing tree structure of Project 2.2. (for second layer of aggregation,
RPR is used).
• Connection Admission Control and hierarchal QoS implementation
New applications like automated subscriber installation and on going support is

introduced.
• The Traffic aggregation to Core Backbone happens across 100 cities instead 23 cities
of Project 2.2.
4.9 Network Elements and servers of BB Multiplay Project

• Hardware
– CPE ----- UTStarcom Contract Manufacturer SemIndia
– DSLAM---UTStarcom
– RPR-------UTStarcom
– OCLAN--- ZTE
– BNG------- Redback
– Servers---- SUN
• Miscellaneous Components
– Converters
– DSL Tester
– Desktop/Laptop
– UPS
• Applications

– PMS ---- Metasolve
– Subscriber management --- Motive
– Subscriber Self Service Centre--- Redback
– Internet Policy Server – NetSweeper
– AAA/SSSS -- Elitecore
– DNS/DHCP -- ISC
– eMS for above Hardware
• Database - Oracle
1.10 Application / Server Infrastructure

1. NOC &DR -NOC: SUN HW EMS,PMS, SSSS,SSSC,AAA, Sub Automation , All
Application S/W etc
2. Regional POP : SUN HW EMS , SSSS,SSSC,AAA, Application S/W etc
3. Aggregation Network : BNG, RPR T1, RPRT2, OC LAN switch
4. Access Network : DSLAM, CPEs
5. Other: DSL Tester, UPS, Laptop, Client PCs.

Network Architecture in A Cities

MPLS
Mega POP MPLS
Nation wide
Core Layer
Edge Server
Edge Server STM-16
Regional Server
RPR
10 G Aggregation
10 G RPR Layer
RPR
GE
PE Router Tier 1 Sw
Broadband Network’ Tier 2 Sw

Gateway (BNG)
Figure 23: Network Architecture in A Cities

Broadband Multiplay – (B2-BNG) Cities
In Association 5
Figure 24: Broadband Multiplay B2-BNG Network Architecture
Network Architecture in B Cities without BNG

MPLS
Nation wide
Core
MPLS
Layer
GE
RPR
Aggregation
1G
Layer
RPR
GE
PE Router Tier 1 Sw
BNG Tier 2 Sw

Figure 25: Broadband Multiplay B2 Cities without BNG
Network Architecture in Other Cities
Core
router
BNG GigE
BB
FE
Tier 1 LAN SDH RING
Switch
OC city OC city
RPR
Tier 2 LAN
To nearest A/B cities with BNG Switch
Ethernet on GE
GE
Dark fibre X-ge C X-ge D
X-ge A X-ge B
ADSL terminals ADSL

terminals
Figure 26: Broadband Multiplay Network in other Cities
4.11 Services on BB-Multiplay

4.11.1 TVOIP Television Voice over Internet Protocol
i.) TVOIP (also called as IPTV) delivers television programmes to households via
broadband connection using Internet protocols.
ii.) It requires a subscription and IPTV set-top box (STB).
iii.) IPTV is typically bundled with other services like Video on Demand (VOD), Voice
Over IP (VOIP) or digital Phone, and Web access.
iv.) IPTV viewers will have full control over functionality such as rewind, fast-forward,
pause, and so on.
v.) IPTV (Internet Protocol Television) is a system where a digital television service is
delivered by using Internet Protocol over a network.
vi.) For residential users, IPTV is provided with Video On Demand and may be bundled
with Internet services such as Web access and VoIP.
vii.) The video stream is broken up into IP packets and dumped into the core network,
which is a massive IP network that handles all sorts of other traffic (data, voice, etc

viii.) The box will connect to the home DSL line and is responsible for reassembling the
packets into a video stream and then decoding the contents.
4.11.2 VOIP
i.) The technology used to transmit voice conversations over a data network using the
Internet Protocol.
ii.) A category of hardware and software that enables people to use the Internet as the
transmission medium for telephone calls.
iii.) VoIP works through sending voice information in digital form in packets,
iv.) VoIP also is referred to as Internet telephony, IP telephony, or Voice over the Internet
(VOI)
4.11.3 NMS
Based on the Five Layer Model of ITU.
NMS consist of following components:
F: Fault
C: Configuration
A: Accounting and Asset Management
P: Performance
S: Security

Sr. No. Name of Topics Page No.
A Proxy Services 2-6
B DNS Services 7-14
C Cyber Security and Firewall 15-36
E New Trends in IT – Big Data, Cloud Computing, AI 37-58
F Latest Trends in Web Technologies 59-72
IT Module for
SDE to AGM(LICE)
SDE to AGM(LICE) Page 1

Proxy Services
1.1 LEARNING OBJECTIVES
The objectives of this chapter are to

learn I. About proxy servers
II. Functionality of proxy servers
III. Advantages & proxy services offered
IV. Risks involved in using free proxies
V. Different variants of proxy servers and brief functionality
VI. Proxy Server vs. VPN
1.2 PROXY SERVER

A proxy server acts a middleman or an interface between Internet user and the
Internet. It‗s a mediator separating end users from the websites they access. Proxy servers
provide multiple functionalities including security and privacy depending on how we use
according to the policies configured.
If we use a proxy server, traffic from Internet flows through the proxy server on its
way to the web site. The request comes back to the same proxy server and the proxy server
forwards the data received from the website to us.
Latest proxies do more allied services other than forwarding web traffic, they perform
data security functions and improve network performance. A proxy server isolates and
protects users and the internal network from the malicious stuff in Internet. Proxies can
provide a high level of privacy. Proxy servers functions as a firewall and do web filter,
provide shared network connections, and cache data to speed up common requests.
I. BASIC PROXY SERVER FUNCTIONALITY
Figure 1: Proxy Server
Each network device on the Internet has a unique Internet Protocol (IP) Address. Proxy
server is a middleman on the Internet may be located inside organization or may be available
on Internet with its own IP address that our computer knows.

When our local machine sends a web request, the request goes to the proxy server first. Then
proxy server on behalf of our machine makes web request, collects the responses from the
web server, and forwards back the web data to our machine.
A proxy server hides your IP address, so the web server doesn‗t know exactly from where the
request comes from.
It can encrypt data, so data is unreadable in transit. And lastly, a proxy server can block
access to certain web pages, based on IP address or contents which act as web filter blocking
unwanted contents from being accessed.
1.3 ADVANTAGES & PROXY SERVICES OFFERED

There are several reasons organizations and individuals use a proxy server.
To control internet usage:
Companies and parents set up proxy servers to control and monitor how their employees or
kids use Internet services. Most organizations configure the proxy server to deny access to
specific sites, redirecting you with a note asking to refrain from looking at said sites on the
company network.
Organization can also monitor and log all web requests, even though they might not block the
site, they know how much time you spend cyber loafing.
Bandwidth savings:
Organizations can also get better overall network performance with a good proxy server.
Proxy servers can cache (save a copy of the website locally) popular websites – so when you
ask for www.abc.com, the proxy server will check to see if it has the most recent copy of the
site, and then send you the saved copy. Refer Figure2-Proxy caching.
For example when hundreds of people use www.abc.com at the same time from the same
proxy server, the proxy server sends only one request to abc.com. This saves bandwidth
usage.
Improved speeds: Since the saved copy is served with in the network, improves the network
performance in terms of less latency, faster loading of contents.
Privacy benefits: Individuals as well as organizations use proxy servers to browse the
Internet more privately. Some proxy servers will change the IP address and other identities
sent along the web request from being exposed. The destination server does not know who
actually made the original request; this keeps personal information and browsing habits more
private.

Proxy Services
Figure 2: Proxy Caching

Improved security: Proxy servers can be configured to encrypt web requests to keep
snooping eyes from reading transactions. Proxy servers provide security benefits on top of the
privacy benefits. Known malware sites from any access through the proxy server can be
blocked. Proxy servers can be coupled with a Virtual Private Network (VPN), server
allowing remote users always access the Internet through the company proxy.
Get access to blocked resources: Proxy servers allow users to get around content
restrictions imposed by companies or governments.
1.4 PROXY SERVER RISKS

Be cautious when you choose a proxy server: a few common risks can negate the potential
benefits of using proxy services.
Free proxy server risks
The backend hardware or encryption mechanism of such free proxy services may not be that
effective. You may face performance issues and potential data security issues.
Browsing history log
Make sure to check if proxy server logs and saves what data – and what kind of retention or
law enforcement policies they follow. The proxy server has your original IP address and web
request information possibly unencrypted, saved locally. If you expect to use a proxy server
for privacy, but the vendor is just logging and selling your data you might not be receiving
the expected value for the service.
No encryption
Using a proxy server without encryption is of no use. Without encryption you are sending
your requests as plain text. Anyone who sniffs data will be able to pull usernames and

Passwords and account information easily. Make sure proxy servers uses full encryption
capability.
1.5 TYPES OF PROXY SERVERS

There are many different variants of proxy servers. Each variant will work differently. It‗s
important to understand exactly what functionality you‗re getting from the proxy server, and
ensure that the proxy server meets the requirement.
Transparent Proxy
A transparent proxy discloses websites that it is a proxy server and it will still pass along your
IP address, identifying you to the web server. Businesses, public libraries, and schools often
use transparent proxies for content filtering: they‗re easy to set up both client and server side.
Transparent proxies are well-matched for organizations that want to make use of a proxy
without making people aware they are using one.
Forward Proxy
A forward proxy lies in front of users and is used to get data to groups of clients within an
internal network. When a request is sent, the proxy server examines and decides whether it
should proceed with establish a connection.
A forward proxy is best suited for internal networks that need a single point of exit. It
provides IP address security for those in the network and allows for straightforward
administrative control.
Figure 34: Forward Proxy & Reverse Proxy Server
Reverse Proxy
Unlike a forward proxy, which lies in front of clients, a reverse proxy is positioned in front of
web servers and forwards requests from a browser to the web servers. It works by analyzing
web requests from the user at the network edge of the web server.
It then forwards the requests to and receives replies from the origin server. Reverse proxies
are a strong option for popular websites that need to balance the load of many incoming
requests. They help an organization reduce bandwidth load because they act like another web
server managing incoming requests.

Anonymous Proxy
An anonymous proxy will identify itself as a proxy, but it will not pass client‗s IP address to
the website – this helps prevent identity theft and keep your browsing habits private. They
can also prevent a website from serving you targeted marketing content based on your
location.
Distorting proxy
A distorting proxy server passes a false IP address for clients while identifies itself as a
proxy. This serves similar purposes as the anonymous proxy, but by passing a false IP
address, client can appear to be from a different location to get around content restrictions.
High Anonymity proxy
High Anonymity proxy servers periodically change the IP address they present to the web
server, making it very difficult to keep track of what traffic belongs to who. High anonymity
proxies, like the TOR Network, is the most private and secure way to read the Internet.
SSL Proxy
A secure sockets layer (SSL) proxy provides encryption between the client and the server. As
the data is encrypted in both directions, the proxy hides its existence from both the client and
the server. These proxies are best suited for organizations that need enhanced protection
against threats. On the downside, content encrypted on an SSL proxy cannot be cached, so
when visiting websites multiple times, you may experience slower performance.
1.6 Proxy Server vs. VPN
Proxy servers and virtual private networks (VPNs) may seem interchangeable because both
route requests and responses through an external server. Both allows to access websites that
would otherwise block the country you‗re physically located in. However, VPNs provide
better protection against hackers because they encrypt all traffic.
1.7 Choosing VPN or Proxy

If you need to continually access the internet to send and receive data that should be
encrypted or if your organization has to conceal data from hackers and corporate spies, a
VPN would be a better choice.
A VPN is better suited for business use because users usually need secure data transmission
in both directions. Company information and personnel data can be very valuable in the
wrong hands, and a VPN provides the encryption you need to keep it protected. You can also
use both technologies simultaneously, particularly if you want to limit the websites that users
within your network visit while also encrypting their communications. For personal use
where a breach would only affect you, a single user, a proxy server may be an adequate
choice.
1.8 Conclusions
Proxy servers and virtual private networks (VPNs) may seem interchangeable because both
route requests and responses through an external server. Both allows to access websites that
would otherwise block the country you‗re physically located in. However, VPNs provide
better protection against hackers because they encrypt all traffic.

DNS Services
2.1 LEARNING OBJECTIVES
 The need of DNS
 Origin of DNS
 Hierarchy of Domain Name System
 Types of Name Servers
 How DNS Works
 Components of DNS
2.2 DNS introduction

DNS is Internet‗s Phone Book. DNS stands for two things: Domain Name Service (or
Domain Name System) and Domain Name Servers. One acronym defines the protocol; the
other defines the machines that provide the service. We access information online using
domain names, like bsnl.co.in. Web browsers indentify servers through Internet Protocol (IP)
addresses. DNS maintains a mapping of domain names with the IP address of servers. DNS
translates domain names to IP addresses so browsers can load Internet resources.
Figure: Name Resolution Illustration

Each device connected to the Internet has a unique IP address by which other
machines find the device. DNS servers get rid of memorization of IPv4 addresses such as
192.162.2.20 or more complex newer alphanumeric IPv6 addresses such as
2000:cc07:2748:1::b629:e7c2 (in IPv6).
Words are a lot easier for people to remember than numbers, especially when they can
be tied to a specific idea that is linked to the website.
2.3 Web site address

Before we get into DNS, let‗s start off with breaking down a web address. It
essentially gives where the web page is, and how you need to talk to it.
http://www.bsnl.co.in/pages/cellone.htm

The first part is "http://", and that tells your PC what protocol (what language so to speak) to
use talking with this site. In this case, you are using HTTP (Hypertext Transfer Protocol)
"https://" quite commonly used. This simply means that the connection between you and the
web server is secured (meaning the information being sent back and forth is encrypted). You
should see "https://" when you are checking out, especially when they are entering credit card
information.
The next part, "www.bsnl.co.in" is called the Domain Name. The "www" used to be
more significant than it is today. Today, the "www" is, for the most part, assumed and you
can get to the same page regardless of whether or not you type in "www" your browser.
The part "/pages/cellone.htm" tells the web server to look in the directory called "pages" and
send the file called "cellone.htm" to your browser. It is just like the directories on your PC.
The ― in‖ of the Domain Name ―www.bsnl.co.in‖ is called as Top Level Domain
(TLD). It is the right extreme portion of the domain name. For example the TLD of
www.yahoo.com is com.
Let's understand the process of how DNS works.
DNS means Domain Name Service. It is actually a service that can keep large number of
machines‗IP addresses mapped with their domain names. Now the question arises why is this
needed. Let‗s understand this with the help of an illustration.
Example: Let‗s say rose1, rose2, rose3, rose4, and rose5 are the 5 machines in a network,
then for communication between each machine, each machine‗s /etc/hosts in Unix (or
hosts.txt in Windows) file should have all the five entries of the machine name. Within this
small network there would be no problem if you add another machine say rose6 in the
network. But for this too, the network administrator has to go to each machine, add the rose6
in /etc/hosts file and then come back to the new comer rose6 machine and add all the other
entries (rose1...rose5) including its own name also in /etc/hosts (or hosts.txt) file.
But what if the network is setup with say 60 machines and a 61st machine has to be added?
Then administrator will have to go to each machine again and write the new machine‗s name
at /etc/hosts/ (or hosts.txt) file and again comeback and write all the 60 machines name on
the 61st machine‗s etc/hosts file which is a tedious and time taking job.
Thus, it is better to keep a centralized server, where all the IP addresses will stay and if a new
one does enter into the network then the change will have to be done at the server and not on
the client‗s machine.
2.4 The Origin of DNS

Like almost everything else originally associated with the Internet, DNS traces its
origins to ARPANET. Alphabetic hostnames were introduced shortly after its inception as a
means of allowing users greater functionality, since the numeric addresses proved difficult to
remember.
Originally, every site connected to ARPANET maintained a file called ‗HOSTS.TXT'
which contained the mapping information for all of the numeric addresses used there. That
information was shared through ARPANET. Unfortunately, there were many problems that
arose from that setup. Errors were commonplace and it was inefficient to make changes
considering they needed to be made on each and every copy of the HOSTS.TXT file.

Figure: ETC\HOSTS file of Windows machine
Refer the contents of hosts file of Windows PC that we use. It has few mappings of
server names and their IP addresses. These were the local DNS entries added into your
machine by ERP SAP application when it was installed. Since making such entries on each
machine is cumbersome. During 1980s, a plan was laid out in RFCs 881, 882, and 883,
known as ‗The Domain Names Plan and Schedule,' ‗Domain Names -- Concepts And
Facilities,' and ‗Domain Names -- Implementation And Specification.' These three RFCs
defined what has developed into DNS.
2.5 Understanding DNS
DNS organizes groups of computers into domains. These domains are organized into
a hierarchical structure, which can be defined on an Internet-wide basis for public networks
or on an enterprise-wide basis for private networks. The various levels within the hierarchy
identify individual computers, organizational domains, and top-level domains. For the fully
qualified host name omega.microsoft.com, omega represents the host name for an individual
computer, Microsoft is the organizational domain, and com is the top-level domain.
Top-level domains are at the root of the DNS hierarchy and are therefore also called root
domains. These domains are organized geographically, by organization type, and by function.
Normal domains, such as microsoft.com, are also referred to as parent domains. They‗re
called parent domains because they‗re the parents of an organizational structure. Parent
domains can be divided into sub-domains, which can be used for groups or departments
within an organization.
Three types of TLDs
1. Geographical or country based TLD (e.g. in, us, au, etc). This TLS is having 2
letters.
2. Generic or Organization based TLD (e.g com, edu, gov, mil, net, org, int, aero,
museum, etc)
3 Inverse (e.g. arpa). This TLD is to find domain name from IP address.
.
Sub-domains are often referred to as child domains. For example, the fully qualified domain
name (FQDN) for a computer within a human resources group could be designated as
jacob.hr.microsoft.com. Here, jacob is the host name, hr is the child domain, and microsoft.com
is the parent domain

2.6 Domain Name Space Hierarchy
DNS is organized in a hierarchical tree structure. Each branch in the tree represents a
domain and each sub-branch in the tree represents a sub-domain. DNS consists of multiple
levels of domains. The domains are identified based on the level at which they are placed in
the hierarchical tree structure. The various levels of domains in a domain name space
hierarchy are:
 Domain root: This is the node at the highest point of the hierarchical DNS
tree. In a DNS domain name, a trailing period represents the domain root tree (.). It is also
shown as two empty quotation marks representing a null value.
 Top-level domain: This is the next level in the hierarchical tree structure. It
represents the region or the type of organization to which a domain belongs. A top-level
domain name contains two or three letters such as com, edu, and mil.
 Second-level domain: This is a domain name registered under a specific top-
level domain, such as organizations based on type and geographical locations The Second-
level domain names have names with variable length. For example, example.com is a second-
level domain name.
 Subdomain: This is a domain created under a second-level domain.
Organizations need to create additional domains to represent organizational hierarchy and
various functional groups. A second-level domain also contains a name with variable length.
Figure : Domain namespace hierarchy

 Host or resource: A host or resource computer is the last in the DNS
hierarchy. It helps find the IP address of the computer based on its host name.
2.7 DNS Server Types
DNS is a system of distributed servers that store DNS database (IP address to domain
name mappings) in a hierarchical tree structure. At each level in the hierarchy there are DNS
Servers, with distinct purpose, let‗s discuss about them briefly.
Building blocks of DNS:
Domain Name Space
Recursive Resolvers
Root servers
TLD name servers
Authoritative name server
Resource records
DNS clients.
Domain Namespace
A DNS domain is a logical group of computers that either request for DNS service or
respond to a service request. However, this logical group might also represent the physical
network. A DNS domain can represent all the computers internetworked in a small business
network. At the same time, DNS domain can also comprise physical network that is spread
across geographical locations. This logical grouping of computers network is further grouped
into smaller administrative units, called administrative domains. An administrative domain is
a group of computers in a single administrative unit. Each administrative domain has two or
more name servers for name resolution. All administrative domains registered with the
Internet form a hierarchical structure, called the DNS domain namespace.
Figure : Components of the DNS

Description
Top-Level Domain
Used by resources that belongs to the Advanced Research

arpa
Project Agency (ARPA).
Used by businesses that uses the Internet for the commercial

com
purposes.
edu Used by schools, colleges, and universities.
gov Used by all types of government organizations.
int Reserved for international usage.
Used by all types of military organizations, such as

mil
Department of Defense (DoD).
net Used by Internet and telephone service providers.
org Used by charitable institutions.
biz Used by businesses.
name Used for registration by individuals.
info Offers unrestricted use.
.in Country-code National Internet Exchange of India

Table Examples of top-level domains
All DNS servers fall into one of four categories: Recursive resolvers, root name
servers, TLD name servers, and authoritative name servers. In DNS lookup process (when
there is no caching), these four DNS servers work mutually to resolve the IP address for a
specified domain name.
2.8 DNS recursive resolver

A recursive resolver also referred as a DNS recursor is the first stop in a DNS query. The
recursive resolver acts as a middleman between a client and a DNS name server. After
receiving a DNS query from a web client, a recursive resolver will either respond with cached
data, or send a request to a root name server, followed by another request to a TLD name
server, and then one last request to an authoritative name server.
After receiving a response from the authoritative name server containing the requested IP
address, the recursive resolver then sends a response to the client. The recursive resolver will
cache information received from authoritative name servers. When another client requests
resolution for the same domain name, the resolver will not talk to the other name severs
rather it sends details saved from its cache.

2.9 DNS root name server
Root servers are authoritative name servers that serve the DNS root zone. They serve
as first step in translating (resolving) domain name to IP address comprising a network of
hundreds of servers in many countries around the world. They are configured in the DNS root
zone as 13 named authorities. It directly answers requests for records in the root zone and
answers other requests by returning a list of the authoritative name servers for the appropriate
top-level domain (TLD).
The 13 DNS root name servers are known to every recursive resolver, and they are the first
stop in a recursive resolver‗s quest for DNS records. A root server accepts a recursive
resolver‗s query which includes a domain name, and the root name server responds by
directing the recursive resolver to a TLD name server, based on the extension of that domain
(.com, .net, .org, etc.). The root name servers are administered by Internet Corporation for
Assigned Names and Numbers (ICANN).
It doesn‗t mean that there are only 13 machines in the root name server system. There are 13
types of root name servers, but there are multiple copies of each one all over the world, which
use Anycast routing to provide speedy responses.
TLD name server

A TLD name server maintains information for all the domain names that share a common
domain extension, such as .com, .net, or whatever comes after the last dot in a url. For
example, a .com TLD name server contains information for every website that ends in ‗.com‗.
If a user was searching for google.com, after receiving a response from a root name server,
the recursive resolver would then send a query to a .com TLD name server, which would
respond by pointing to the authoritative name server for that domain. Management of TLD
name servers is handled by the Internet Assigned Numbers Authority (IANA), which is a
branch of ICANN.
Authoritative name server

When a recursive resolver receives a response from a TLD name server, that response will
direct the resolver to an authoritative name server. The authoritative name server is usually
the resolver‗s last step in the journey for an IP address. The authoritative name server
contains information specific to the domain name it serves (e.g. gmail.com) and it can
provide the IP address of that server found in the DNS A record, containing an IP address.
Figure: DNS Name servers

Non - Authoritative name server
An authoritative answer comes from a name server that is considered authoritative for the
domain which it's returning a record for (one of the name servers in the list for the domain
you did a lookup on), and a non-authoritative answer comes from anywhere else, may be
from a name server not in the list for the domain you did a lookup on. Name servers that
aren't authoritative are getting their answers second (or third or fourth...) hand - just relaying
the information along from somewhere else.
2.10 Resource Records
Resource Records (RRs) store and map domain names to the type of resources stored within a
domain. These records are also known as zone files that live in authoritative DNS servers
and provide information about a domain including what IP address is associated with that
domain. These records consist of a series of text files written in what is known as DNS
syntax. All DNS records also have a ‗TTL‗, which stands for time-to-live, and indicates how
often a DNS server will refresh that record.
The most common types of DNS records are
Type ‗A‗record holds the IPv4 address of a domain.
Type ‗AAAA‗ record holds the IPv6 address of a domain.
2.11 DNS Client
DNS clients are local computers that are configured to receive DNS services from a
DNS server. DNS clients are configured with a resolver that queries DNS servers. The
resolver in a DNS client works as an interface between the applications installed on the DNS
client and the DNS server. Resolver receives requests from applications such as email
programs and sends a query to the DNS server. After the DNS server resolves the query using
the resource records, the desired information is returned to the DNS client in a data format
that is compatible with the local computer. To resolve a query, DNS client either consults
DNS server or retrieves the information from local cache. DNS client and end user program
reside on a single computer.
Figure: DNS name resolution example
2.12 conclusions
DNS server plays a very important role in network, to resolve the IP request for a particular URL.
The DNS server basically store the bindings between a URL and the IP of that server in which the
web site is working.

CYBER SECURITY & FIREWALL
3.1 LEARNING OBJECTIVE
In the age of Information Revolution, the management of information and its security is the
key concern for all organizations and nations. For sharing of information among the intended
users, the systems have to be networked. With networking, the risk of unauthorized use and
attack has taken major attention of managers. Networks and Information are subject to
various types of attacks, various products are available in the market for securing the systems.
But it needs the thorough understanding of the various issues involved and proper
implementation.
In the cyber world, the current state of the practice regarding the technical ability to track and
trace Internet-based attacks is primitive at best. Sophisticated attacks can be almost
impossible to trace to their true source using current practices. The anonymity enjoyed by
today‗s cyber attackers poses a grave threat to the global information society, the progress of
an information based international economy, and the advancement of global collaboration
and cooperation in all areas of human endeavor.
The domestic and international implication of an increasingly critical societal dependence on

the Internet makes necessary the ability to deter, or otherwise minimize, the effects of cyber-
attacks. Home computers are typically not very secure and are easy to break-in. When
combined with high-speed Internet connections that are always turned on, intruders can
quickly find and then attack home computers. While intruders also attack home computers
connected to the Internet through dial-in connections, high-speed connections (cable modems
and DSL modems) are a favorite target. There may not be important data stored on the home
computers but they are targeted by the intruders for launching attack against other computer
systems.
Everybody is a target: ―We need a stronger IT security culture‖
Cyber- attacks are increasingly sophisticated. Cyber- attacks continue to grow
in sophistication, with attackers using an ever-expanding variety of tactics. This includes
social engineering, malware and ransomware (used for Petya, WannaCry and NotPetya).
Cyber security is a critical, board-level issue. New regulations and reporting requirements
make cyber security risk oversight a challenge. The board will continue to seek assurances
from management that their cyber risk strategies will reduce the risk of attacks and limit
financial and operational impacts.
Cyberc rime is a big business. Attackers can also be driven by political, ethical or social
incentives.
3.2 INFORMATION SECURITY
 Information is an asset which, like other important business assets, has value
to an organization and consequently needs to be suitably protected‗[BS ISO 27002:2005]
 Information can be created, stored, destroyed, processed, transmitted or used;
whatever form the information takes or means by which it is shared or stored, it should
always be appropriately protected. [BS ISO 27002:2005]
 Information security means to make the shared information always available
to authentic users without loss and assuring confidentiality. As well Information security
means protecting information and information systems from unauthorized access, use,
disclosure, disruption, modification, or destruction.

 Information security is concerned with the CIA of data regardless of the form
the data may take: electronic, print, or other forms.
 Preservation of CIA of information; in addition, other properties such as
authenticity, accountability, non-repudiation & reliability can also be involved. [ISO/IEC
17799:2005]
3.3 IMPORTANCE OF INFORMATION SECURITY
 Regulatory Compliance –
• IT (Amendment) Act 2008 and IT Act 2000
 Security Risk Management
• Reducing exposures to technology threats
• Preventing computer-related frauds
• Enforce policies and improve audit capability
 Reducing Operational Costs
• Reducing cost of unexpected security events
• Reducing losses from frauds and security failures
 Consequences
• Loss of competitive advantage
• Service interruption
• Embarrassing media coverage
• Legal penalties
3.4 INFORMATION SECURITY COMPONENTS
Information Security Components: or Qualities are (CIA)
 Confidentiality - Preventing disclosure of information to unauthorized
individuals or systems
Integrity - Data shall not be modified without authorization.
Availability - Information must be available when it is needed
Figure: Components of Information Security

3.5 Sources of Information For Intruders
 Intruder can hack your Information by using techniques such as:-
 Dumpster diving –Waste Baskets searching, Thrown papers, Scrapped Hard Disks
 Social Engineering- Talent hack, Help Desk persons, Tech support persons
Administrative support persons, Reception staff, Retired Employees, Vendors Contractors,
Partners etc may give out Information Knowingly or unknowingly.
 Information System- Electronically, Email Accounts (Default usernames and
Passwords)
 Networked PC‗s (Using Virus activity) ,web pages(biodata)
3.6 TYPES OF ATTACKS ON INFORMATION SYSTEM

 Malicious Code Attacks
 Known Vulnerabilities
 Configuration Errors
3.7 INDICATION OF INFECTIONS

 Poor System Performance
 Crashing of Applications
 Abnormal System Behavior
 Unknown Services are running
 Change in file extension or contents
 Automatic shutdown of System
 System Not Shutting Down
 Hard Disk is Busy
3.8 SYSTEMS VULNERABLITIES TO ATTACK

Information System Becomes Vulnerable to attack due to following reasons
 Use of Default User Accounts and Password
 Remote Access Not Disabled
 Logging and Audit Disabled
 No proper Access Controls on Files
 Non Availability of Updated Antivirus and Firewall
 Un-necessary Services running
3.9 ACHIEVING SECURITY BY MONITORING

A lot can be observed by just watching & paying attention to what you can see & measure
 Monitor for any changes in Configuration of ‗High risk‗ Devices
 Monitor Failed Login Attempts, Unusual Traffic, Changes to the Firewall,
Access Grants to Firewall, Connection setups through Firewalls
 Monitor Server Logs
3.10 SECURITY IMPLEMENTATION LEVELS
 OS/NOS level
 Keep OS Updated with Service packs (OS Release)
 Install Security Patches for OS

 Install up-to-date Antivirus Software
 Disable remote access
 Harden OS by turning off unnecessary Services and features
 Application Levels
 Keep Application Package Updated
 Install Security patches for Application Packages
 Do not Install Programs of unknown origin
 Take precautions while using emails
 Secure web Browsers
 RDBMS Level
 User Management
 Managing Allocation of Resources to Users
 Password Policy
 Backup and Recovery
 Auditing
 Network Level
 Use of Firewalls to Monitor and control Network Traffic.
o Monitor for any changes in Configuration of ‗High risk‗ Devices eg firewalls.
 Monitor Failed Login Attempts
 Monitor Server Logs
3.11 ADDRESSING SECURITY THREATS

 Technology
 Helps turn IT into a business asset not a cost center
 Supports day to day security processes
 Is the Enabler for running business successfully
 Process
 Data privacy processes to manage data effectively
 IT security processes to implement, manage, and govern security
 Financial reporting processes that include security of the business
 People
 Company understands the importance of security in the workplace
 Individuals know their role with security governance and compliance
 IT staff has the security skills and knowledge to support your business
3.12 MANAGING INFORMATION SECURITY
Figure: Managing Information Security

 People
Awareness and training are one of the fundamental vehicles to help address information
security threats
– No one is going to take precaution if he is not aware of the potential negative consequences
of his actions or inactions
– No one is able to protect himself from attacks if he is not aware of how he can do it
– Ignorance is no longer bliss – social engineering attacks remain as one of the most
successful attack on the Internet.
– Consistently the single most commonly listed program for any security initiatives, in both
public and private sector
• Communicate security policies, procedures, and processes
• Communicate and clarify roles and responsibilities
• Communicate lessons learned and share experiences for improvements
• Compliance requirement
3.13 TECHNOLOGY AND DEFENSE
Figure: Layers of Defence Mechanism
3.14 UNDERSTANDING RISK

 Crisis
 Dangers
– Threats: What are the potential harms
– Vulnerabilities: Where are the weaknesses that could be exploited
– Possibility of exposures: Chances of happening
– Attacks: What are the exploits available today and in the near future
– Impacts: What losses could the attacks incur

 Opportunities
– Can the desired benefits be retained or sustained if the risk is ignored
– What other benefits would be removed or added if the risk is managed
Managing Risk
 Risk
– Dealing with risk is like riding the wind of dangers
– Direction and velocity of wind change with monsoon and season
– Not always predictable, uncertainty is inherent
 Managing risk requires
– Continuous monitoring of the information systems in operation,
– Put in place processes and training people to be responsive to new attacks, new weaknesses,
and new exploits that could emerge or be discovered from time to time.
 FRAMEWORK FOR INFORMATION SECURITY
Figure: Cyber Security Framework
 CYBER SECURITY & THREAT VECTORS

 Cyber is a prefix used in a growing number of terms to describe new things
that are being made possible by the spread of computers. Anything related to the Internet also
falls under the cyber category.
 Cyber Security is defined as "the vulnerability of any computing system,
software program, or critical infrastructure to, or their ability to resist, intentional
interference, compromise, or incapacitation through the misuse of, or by unauthorized means
of, the Internet, public or private telecommunications systems or other similar conduct that
violates Federal, State, or international law, that harms interstate commerce of the country, or
that threatens public health or safety.

HACKER
 A hacker is a person able to exploit a system or gain unauthorized access
through skill &tactics. There are black hat hacker, white hats (ethical hackers) & grey hats
depending upon the capacity &goal of hacking involved.
 A hacker who breaks into your computer could
Delete your files,
 Read your documents,
 View your passwords or crash your system.

 A hacker can do by using a Malware.
3.15 VULNERABILITY
 Vulnerability is weakness in Information Security system that could be
exploited by a threat; that is a weakness in Network System components, Network security
process & procedures. The common types of vulnerabilities errors in design, configuration of
Network System components, Communication Links, OS, Applications (Web based),
Databases, Protocols, Services etc.
 The widespread use of many COTS (commercial off-the-shelf ) products
means that once a vulnerability is discovered, it can be exploited by attackers who target
many of the thousands or even millions of systems that have the vulnerable product installed.
 A lack of security expertise by most Internet users means that vendor security
patches to remove the vulnerabilities will not be applied promptly.
3.16 SECURITY THREATS

 High profile virus attacks in the recent past have forced a few businesses to
shut down connections to the Internet. New viruses and malicious code are used to commit
cybercrime and criminal acts. It pays to be aware of the various security threats.
Viruses
Worms
 Trojan Horses
 Spam
 Location Of Defense
 Perimeter Defense
 Host Defense
 Application & Data Server Defense
3.17 INTERNET ATTACKS

 Figure shows that although the sophistication of Internet attacks has increased
over time, the technical knowledge of the average attacker is declining, in the same manner
that the technical knowledge of the average user has declined.

 Sophisticated attackers routinely build attack scripts and toolkits that the
novice attacker can use with the click of mouse, with devastating effects.
 Hiding the tracks of the attacker and expunging or concealing any related
evidence is an integral part of many attacker toolkits today.
 ATTACK PROCESS & TOOLS
 Spoofing
  Phishing
 Denial of Services
 Spyware
 Keylogger
 Zombie computer
 Information Disclosure
 Elevation of Privilege
3.18 VIRUSES
A virus is a small piece of software (code) that piggybacks on real programs, O.S. or e-mails.
Each time a program runs the virus gets executed.
 Type of Viruses
 Executable Viruses
 Boot sector viruses
 E-mail viruses
 Executable Viruses
Traditional Viruses
– pieces of code attached to a legitimate program
– run when the legitimate program gets executed
– loads itself into memory &looks around to see if it can find any other
programs on disk
 E-mail Viruses
– Moves around in e-mail messages
– Replicates itself by automatically mailing itself to dozens of people in the
victim‗s e-mail address book
– Example: Melissa virus etc.
– Some e-mail viruses don't even require a double-click, they launch when you
view the infected message in the preview pane of your e-mail software
 Macro Viruses
– Infect programming environments rather than OS or files.
– Almost any application that has it‗s own macro programming environment
– MS Office (Word, Excel, Access…)
– Visual Basic
– Application loads a file containing macro and executes the macro upon
loading or runs it based on some application based trigger.

– Melissa was really successful macro virus
– Usually spread as an e-mail attachment
 Most Damaging Viruses
– Melissa Virus
– Estimated financial damage-300 to 600 million dollars
– Affected 15-20% of all business PCs
– Spread via email
3.19 COMPUTER WORMS

Network Worms are self-replicating programs which spread all over the Internet at a very fast
rate. They cause a huge bandwidth drain while propagating and sometimes bring even large
networks down to their knees.
Worms are hated because:

 Bandwidth consumption
 Might crash computers they infect
 Infected computers may be used for other attacks such as DDoS, Phishing
attacks etc
Difference between Worm & Virus
 They differ in the the method of attachment; rather than attaching to a file like
a virus a worm copies itself across the network without attachment.
 All copies have the same functionality and generally lack any sort of
synchronization among themselves
 Infects the environment rather than specific objects
 Morris Worm, WANK, CHRISTMA EXEC
The life cycle of a simple worm

 Scanning for a victim (Scan IP)
 Exploiting the victim (a piece of code which provides ―access‖ by utilizing
some flaw on the victim computer)
 Cloning itself onto the victim (copy of itself on the victim PC as FTP / HTTP
server)
 Running the clone to further spread infection (Make it a service, Add a
registry entry, Clone starts spreading infection further)
 Stealth techniques used to hide itself (Hide process / Files / activities / logs)
3.20 TROJAN HORSES
 Trojan horses are dangerous programs that hide within other seemingly
harmless programs.
 Once they're installed, the program will infect other files throughout your
system and potentially wreak havoc on your computer.
 They can even send important information from your computer over the
Internet to virus developer.
 The developer can control your computer, slowing your system's activity or
causing your machine to crash.
 Used to remotely control windows

 Categorized as RAT(Remote Administration tool)
 Used for stealing credit card information
 Works on most of the operating systems
 Worms and Trojan horses are actually more common today than viruses.
 Antivirus programs offer protection against all viruses, worms, and Trojans
3.21 ZOMBIE COMPUTER

 Refers to a computer that connects to the Internet and is controlled by
unauthorized third party without permission and awareness of computer's user. Hacker can
use zombie computer in many ways, e.g. Zombies can be used to conduct distributed denial
of service attacks or to send spam email.
 Furthermore hackers have full access to data on a zombie computer, & they
can copy, corrupt change or even delete entire of hard copy. Also they can install a software
on a zombie computer which help them to get the user name, password, & even financial
information of credit card number & bank account to commit fraud.
3.22 DENIAL OF SERVICE (DOS)
 Intruders launch a Denial of Service (DoS) attack to overload or halt network
services such as web or file servers. Such attacks deny authorized access to resources and
delay critical operations.
 Sometimes a cracker uses a network of zombie computers to sabotage a
specific Web site or server. A cracker tells all the computers on his botnet to contact a
specific server or Web site repeatedly. The sudden increase in traffic can cause the site to
load very slowly for legitimate users. Sometimes the traffic is enough to shut the site down
completely. We call this kind of an attack a Distributed Denial of Service(DDoS) attack
 The cracker sends the command to initiate the attack to his zombie army.
Each computer within the army sends an electronic connection request to an innocent
computer called a reflector. When the reflector receives the request, it looks like it originates
not from the zombies, but from the ultimate victim of the attack. The reflectors send
information to the victim system, and eventually the system's performance suffers or it shuts
down completely as it is inundated with multiple unsolicited responses from several
computers at once.
Figure: DDoS Attack

 From the perspective of the victim, it looks like the reflectors attacked the
system. From the perspective of the reflectors, it seems like the victimized system requested
the packets. The zombie computers remain hidden, and even more out of sight is the cracker
himself.
 The list of DDoS attack victims includes some pretty major names. Microsoft
suffered an attack from a DDoS called MyDoom. Crackers have targeted other major Internet
players like Amazon, CNN, Yahoo and eBay.
3.23 SPAMS
 Unsolicited bulk e-mail message that are commercial such as an advertisement
or noncommercial such as chain letters or jokes, is called spam. Spam is usually a vehicle for
virus.
 If you would like to send a lot of spam, then there are a number of companies
set up to send "bulk e-mail." The largest of these companies are able to send billions of spam
e-mail messages a day.
3.24 SPOOFING
 There are two main types of spoofing
 IP spoofing and
 E-mail spoofing.
 IP spoofing is largely a security exploit—here, the intruder sends data packets
that display an IP address different than that of the intruder. Thus, if the packets appear to
originate from a computer on the local network, the spoofed IP packet passes through the
firewall security without any trouble.
This technique is used primarily in one-way attacks such as Denial of Service (DoS)
attacks.
 In e-mail spoofing, the e-mail message is forged so that the true address of the
sender is not indicated. Hoax e-mails on security updates bearing a fake Microsoft e-mail
address were sent to several e-mail users.
 Industry leaders, including Microsoft, have now co-developed a technology
called the Sender ID Framework (SIDF) to counter e-mail spoofing and phishing. SIDF
validates messages that originate from the mail servers they claim to come from
3.25 PHISHING
 phishing is the criminally fraudulent process of attempting to acquire sensitive
information such as usernames, passwords and credit card details by masquerading as a
trustworthy entity in an electronic communication
 Mostly carried over on email or IMs This technique, largely used by hackers,
fraudulently acquires sensitive information posted on the Internet.
 Typically, an attacker sends an e-mail message that seems it has originated
from a legitimate Internet address. On occasions, the message includes a hyperlink to
websites that seemingly belong to legitimate enterprises. The content on such web pages then
request you to verify your personal information or account details. For example, you may
receive an e-mail from your bank requesting you to click a hyperlink in the e-mail and verify
your online banking information.

Figure Phishing Email
3.26 SPYWARE
 A program that covertly gathers information about your online activities
without your knowledge, is called Spyware. Spyware usually enters the computer while
downloading or installing a new program and allows intruders to monitor and access your
computer.
 Spyware differs from viruses and worms in that it does not usually self-
replicate. However, spyware – by design – exploits infected computers for commercial gain.
Typical tactics furthering this goal include:
 delivery of unsolicited pop-up advertisements;
 theft of personal information (including financial information such as credit
card numbers);
 monitoring of Web-browsing activity for marketing purposes; or
 routing of HTTP requests to advertising sites.
3.27 KEYLOGGER
 Keylogger surveillance software has the capability to record
keystroke/captures Screen Shots and save it to a log file (usually encrypted) for future use.
Captures every key pressed on the computer viewed by the unauthorized user. Key logger
software can record instant messages, e-mail and any information you type at any time on
your keyboard. The log file created by the key logger can then be saved to a specific location
or mailed to the concerned person. The software will also record any e-mail address you use
and Website URLs visited by you.

3.28 ELEVATION OF PRIVILEGE
 Elevation of privilege is a process by which a user obtains a higher level of
privilege than that for which he has been authorized. An intruder may mislead a system into
granting unauthorized rights in order to compromise or destroy the system. For example, an
attacker might use a guest account to log on to a network, detect a flaw in the software so that
the guest privileges can be changed to administrative privileges.
 "Elevation of privilege," then, is not a class of attack, as much as it is the
process of any attack. Virtually all attacks attempt to do something the attacker is not
privileged to do. The bad guy wants to somehow leverage whatever limited privilege he has,
and turn it into higher ("elevated") privilege.
3.29 DESKTOP SECURITY
A personal computer used without proper security measure could lead to exploiting the
system for illegal activities using the resources of such insecure computers. These exploiters
could be Virus, Trojans, Key loggers and sometimes real hackers. This may result in data
theft, data loss, personal information disclosure, stealing of credentials like passwords etc.
So, protect and secure your Personal Computer before it is compromised. The olden phrase is
always golden... Prevention is Better than Cure
Things to remember while using your personal computer
 Always install Licensed Software so that you have regular updates of your
Operating system and Applications. In case of open source software, make sure to update
frequently.
 Read the ―Terms and Conditions‖ / ―License Agreement‖ provided by
vendor/software before installation.
 Properly shutdown and switch of your personal computer after the use along
with your external devices like Monitor, Modem, Speakers etc.
3.30 SOFTWARE INSTALLATION
Installation of Operating System
 Get proper Licensed Operating System and read License agreement carefully
before installing the OS.
 Switch on your personal computer and go to BIOS Settings and change your
frst boot drive to CD Drive.
 Insert your CD/DVD into the CD drive and restart your system using
Ctrl+Alt+Delete.
 After restart, the system boots from the CD/DVD.
 Follow the installation steps as specifed by the vendor document.
Use the CD provided by the Vendor to install your
 Motherboard drivers, Monitor drivers
 Audio & Video drivers, Network drivers
3.31 GUIDELINES FOR DESKTOP SECURITY

 GUIDELINES FOR PHYSICAL SECURITY
 Regularly clean your system and it‗s components.

 Properly organize the power cables, wires, to prevent from water, insects etc.
 While working at PC, be careful not to spill water or food items on it.
 Always follow ―Safely Remove‖ option provided by the Operating System
while disconnecting the USB devices.
 By setting BIOS password, you can prevent unauthorized access to your
personal computer.
 Switch of the computer when it‗s not in use.
 GUIDELINES FOR INTERNET SECURITY:

Follow Internet Ethics while browsing.
 Check the copyright issues before using the content of Internet.
 Always access the site which uses https (Hyper Text Transfer Protocol Secure)
while performing Online transactions, Downloads etc, which is secure.
 If the site uses SSL, verify the Certificate details like Who is the owner,
Expiry date of the certificate etc to confirm whether it is trusted or not. You can do this by
clicking the lock icon.
 Use only Original Websites for downloading the files rather than Third Party
websites.
 Scan the downloaded files with an updated Anti-Virus Software before using
it.
 Install and properly configure a Software firewall, to protect against malicious
traffic.
 GUIDELINES FOR DATA SECURITY
 Enable Auto-updates of your Operating System and update it regularly.
 Download Anti-Virus Software from a Trusted Website and Install. Make sure
it automatically gets updated with latest virus signatures.
 Download Anti-Spyware Software from a Trusted Website and Install. Make
sure it automatically updates with latest definitions.
 Use ―Encryption‖ to secure your valuable Information.
 Note: For encryption password is required, always remember the password
used while encrypting it, else data would not be available thereafter.
 Strong password should be used for ―Admin‖ Account on computer and for
other important applications like E-mail client, Financial Applications (accounting etc).
 Backup : Periodically backup your computer data on CD / DVD or USB drive
etc.. in case it may get corrupted due to Hard-Disk failures or when reinstalling/format ting
the system.
 GUIDELINES FOR BROWSER SECURITY
 Always update your Web Browser with latest patches.
 Use privacy or security settings which are inbuilt in the browser.
 Also use content filtering software.
 Always have Safe Search ―ON‖ in Search Engine. 

 GUIDELINES FOR e-MAIL SECURITY
 Always use strong password for your email account
 Always use Anti-Spyware Software to scan the e-Mails for Spam.
 Always scan the e-Mail attachments with latest updated Anti-Virus and Anti-
Spyware before opening.
 Always remember to empty the Spam folder.

 Startup programs should be monitored / controlled for optimal system
performance
 GUIDELINES FOR WIRELES SECURITY

 Change default Administrator passwords.
 Turn On WPA (Wi-Fi Protected Access) / WEP Encryption.
 Change default SSID.
 Enable MAC address filtering.
 Turn of your wireless network when not in use.
 GUIDELINES FOR MODEM SECURITY

 Change the default passwords.
 Switch of when not in use
 Connect CPU and Monitor to Electrical Outlets.
Don’ts
 Do not install pirated software such as
o Operating System Software (Windows, Unix, etc..).
o Application Software (Office, Database..etc).
o Security Software (Antivirus, Antispyware..etc).
Note: Remember, some Pirated Software them self can be rogue programs.
 Do not plug the computer directly to the wall outlet as power surges may
destroy computer. Instead use a genuine surge protector to plug a computer.
 Don‗t eat food or drink around the PC.
 Don‗t place any magnets near the PC.
 Never spray or squirt any liquid onto any computer component. If a spray is
needed, spray the liquid onto a cloth and then use that cloth to rub down the component.
 Don‗t open the e-Mail attachments which have double extensions
3.32 SETUP - BIOS Settings

Computers BIOS is the first program that runs when computer is started. You can tell the
BIOS to ask for a password when it starts, thus restricting access to your computer.
To enter the BIOS setup program, sometimes called CMOS setup:
Turn on or reboot your computer. The screen will display a series of
diagnostics and a memory check. A message will come ―Hit the <DEL> key to enter the
BIOS setup program‖ will appear. [It‗s not always the DEL key some BIOS‗s use F2 or
F10 or any other key combination, check your motherboard manual for more details].
Note: Some BIOS versions use a graphical type menu with icons (a GUI) or have a text
interface, the principle however is exactly the same.
 There are two options that relate to passwords, Supervisor Password and User
Pass word, these relate to controlling access to the BIOS Setup Program and the Machine
Boot respectively.
Note: Not all BIOS‗s have this password feature, your bios may not have it in which
case you won‗t be able to restrict access to your computer in this way.
 Select USER PASSWORD and you‗ll be prompted to enter a password. You
should now enter a password of up to eight characters (most BIOS‗s are limited to eight
characters unfortunately). I recommend you to use the full eight but take care that you
choose something you‗ll not forget. The BIOS will then prompt you to confirm the
password, just type the same thing again. Now you‗ll want to set your system to ask for that
password every time it boots, so select the BIOS FEATURES SETUP option, to see a menu.
It‗s the Password Check option if you are interested in, so select it and change the set-ting to
―ALWAYS‖. Now navigate back to the main menu and select SAVE & EXIT SETUP. Your
machine will then reboot and you‗ll be prompted for the password. Each and every time you
boot you‗ll be asked for password you chose.
This method of restricting access to your computer is not completely foolproof, there are
ways around it. But it will stop or at least delay the majority of casual attempts to get access.
If you forget your BIOS password, consult your motherboard manual or if you don‗t have
one, consult the website of the BIOS manufacturer.
3.33 INTRODUCTION TO FIREWALLS

After completion of this module you will be able to know:
 The different Generations of Firewalls
 Why firewall is needed?
 Answers for FAQ
In its most basic terms, a firewall is a system designed to control access between two
networks.
There are many different kinds of firewalls—packet filters, application gateways, or
proxy servers. These firewalls can be delivered in the form of software that runs on an
operating system, like Windows or Linux. Or, these firewalls could be dedicated hardware
devices that were designed solely as firewalls.
Figure: Firewall
3.34 UNDERSTAND THE EVOLUTION OF FIREWALLS

Learn how firewalls have progressed from simple packet filtering to more
sophisticated application-level filtering.
Firewall is a system designed to prevent unauthorized access to or from a private
network.‖ Although technically accurate, this definition tells us only what a firewall does and

doesn‗t address the more important question of how it does it. For administrators who are
continually focused on keeping their networks secure, it is helpful to take a closer look at the
way firewalls function and how they have evolved in recent years to better protect our
corporate networks. All firewalls apply rules that define the criteria under which a given
packet -- or set of packets in a transaction -- can safely be routed forward to the intended
recipient.
3.35 Packet filtering Static packet filters
One of the simplest and least expensive forms of firewall protection is known as static
packet filtering. With static packet filtering, each packet entering or leaving the network is
checked and either passed or rejected depending on a set of user-defined rules. Dealing with
each individual packet, the firewall applies its rule set to determine which packet to allow or
disallow. You can compare this type of security to the Gate-keeper at a club who allows
people over 21 to enter and turns back those who do not meet the age rule requirements. The
static packet filtering firewall examines each packet based on the following criteria:
 Source IP address
Destination IP address
TCP/UDP source port
 TCP/UDP destination port
For example, to allow e-mail to and from an SMTP server, a rule would be inserted
into the firewall that allowed all network traffic with a TCP source and destination port of 25
(SMTP) and the IP address of the mail server as either the source or destination IP address. If
this were the only filter applied, all non-SMTP network traffic originating outside of the
firewall with a destination IP address of the mail server would be blocked by the firewall.
Many people have asked the question, ―Is a router with an access list a firewall?‖ The
answer is yes, a packet filter firewall can essentially be a router with packet filtering
capabilities. (Almost all routers can do this.) Packet filters are an attractive option where your
budget is limited and where security requirements are deemed rather low.
But there are drawbacks. Basic packet filtering firewalls are susceptible to IP
spoofing, where an intruder tries to gain unauthorized access to computers by sending
messages to a computer with an IP address indicating that the message is coming from a
trusted host. Information security experts believe that packet filtering firewalls offer the least
security because they allow a direct connection between endpoints through the firewall. This
leaves the potential for a vulnerability to be exploited. Another shortcoming is that this form
of firewall rarely provides sufficient logging or reporting capabilities.
3.36 Packet filtering firewall advantages
A single device can filter traffic for the entire network
Extremely fast and efficient in scanning traffic
Inexpensive
Minimal effect on other resources, network performance and end-user experience
Packet filtering firewall disadvantages
Because traffic filtering is based entirely on IP address or port information, packet
filtering lacks broader context that informs other types of firewalls

Doesn't check the payload and can be easily spoofed
Not an ideal option for every network
Access control lists can be difficult to set up and manage
Packet filtering may not provide the level of security necessary for every use case, but
there are situations in which this low-cost firewall is a solid option. For small or budget-
constrained organizations, packet filtering provides a basic level of security that can provide
protection against known threats. Larger enterprises can also use packet filtering as part of a
layered defense to screen potentially harmful traffic between internal departments.
3.37 Circuit-level gateway

Using another relatively quick way to identify malicious content, circuit-level
gateways monitor TCP handshakes and other network protocol session initiation messages
across the network as they are established between the local and remote hosts to determine
whether the session being initiated is legitimate -- whether the remote system is considered
trusted. They don't inspect the packets themselves, however.
Circuit-level gateway advantages
Only processes requested transactions; all other traffic is rejected
Easy to set up and manage
Low cost and minimal impact on end-user experience
Circuit-level gateway disadvantages
If they aren't used in conjunction with other security technology, circuit-level
gateways offer no protection against data leakage from devices within the firewall No
application layer monitoring
Requires ongoing updates to keep rules current
While circuit-level gateways provide a higher level of security than packet filtering
firewalls, they should be used in conjunction with other systems. For example, circuit-level
gateways are typically used alongside application-level gateways. This strategy combines
attributes of packet- and circuit-level gateway firewalls with content filtering.
Chart comparing the advantages and disadvantages of the five different types of
firewalls
Compare the advantages and disadvantages of the five different types of firewalls to
find the ones that best suit your business needs.
3.38 Application-level gateway
This kind of device -- technically a proxy and sometimes referred to as a proxy
firewall -- functions as the only entry point to and exit point from the network. Application-
level gateways filter packets not only according to the service for which they are intended --
as specified by the destination port -- but also by other characteristics, such as the HTTP
request string.
While gateways that filter at the application layer provide considerable data security,
they can dramatically affect network performance and can be challenging to manage.
Application-level gateway advantages

Examines all communications between outside sources and devices behind the
firewall, checking not just address, port and TCP header information, but the content itself
before it lets any traffic pass through the proxy
Provides fine-grained security controls that can, for example, allow access to a
website but restrict which pages on that site the user can open
Protects user anonymity
Application-level gateway disadvantages
Can inhibit network performance
Costlier than some other firewall options
Requires a high degree of effort to derive the maximum benefit from the gateway
Doesn't work with all network protocols
Application-layer firewalls are best used to protect enterprise resources from web
application threats. They can both block access to harmful sites and prevent sensitive
information from being leaked from within the firewall. They can, however, introduce a delay
in communications.
3.39 Stateful inspection firewall
State-aware devices not only examine each packet, but also keep track of whether or
not that packet is part of an established TCP or other network session. This offers more
security than either packet filtering or circuit monitoring alone but exacts a greater toll on
network performance.
A further variant of stateful inspection is the multilayer inspection firewall, which
considers the flow of transactions in process across multiple protocol layers of the seven-
layer Open Systems Interconnection (OSI) model.
Stateful inspection firewall advantages
Monitors the entire session for the state of the connection, while also checking IP
addresses and payloads for more thorough security
Offers a high degree of control over what content is let in or out of the network
Does not need to open numerous ports to allow traffic in or out
Delivers substantive logging capabilities
Stateful inspection firewall disadvantages
Resource-intensive and interferes with the speed of network communications
More expensive than other firewall options
Doesn't provide authentication capabilities to validate traffic sources aren't spoofed
Most organizations benefit from the use of a stateful inspection firewall. These
devices serve as a more thorough gateway between computers and other assets within the
firewall and resources beyond the enterprise. They also can be highly effective in defending
network devices against particular attacks, such as DoS.
An NGFW from Palo Alto Networks, which was among the first vendors to offer
advanced features, such as identifying the applications producing the traffic passing through
and integrating with other major network components, like Active Directory.
3.40 Next-generation firewall
A typical NGFW combines packet inspection with stateful inspection and also
includes some variety of deep packet inspection (DPI), as well as other network security
systems, such as an IDS/IPS, malware filtering and antivirus.
While packet inspection in traditional firewalls looks exclusively at the protocol
header of the packet, DPI looks at the actual data the packet is carrying. A DPI firewall tracks
the progress of a web browsing session and can notice whether a packet payload, when
assembled with other packets in an HTTP server reply, constitutes a legitimate HTML-
formatted response.
3.41 NGFW ADVANTAGES

NGFW combines DPI with malware filtering and other controls to provide an optimal
level of filtering. Tracks all traffic from Layer 2 to the application layer for more accurate
insights than other methods. Can be automatically updated to provide current context.
NGFW disadvantages
In order to derive the biggest benefit, organizations need to integrate NGFWs with
other security systems, which can be a complex process. Costlier than other firewall types
NGFWs are an essential safeguard for organizations in heavily regulated industries,
such as healthcare or finance. These firewalls deliver multifunctional capability, which
appeals to those with a strong grasp on just how virulent the threat environment is. NGFWs
work best when integrated with other security systems, which, in many cases, requires a high
degree of expertise.
Figure: Firewall Comparison

Firewall delivery methods
As IT consumption models evolved, so too did security deployment options. Firewalls
today can be deployed as a hardware appliance, be software-based or be delivered as a
service.
Hardware-based firewalls
A hardware-based firewall is an appliance that acts as a secure gateway between
devices inside the network perimeter and those outside it. Because they are self-contained
appliances, hardware-based firewalls don't consume processing power or other resources of
the host devices.
Sometimes called network-based firewalls, these appliances are ideal for medium and
large organizations looking to protect many devices. Hardware-based firewalls require more
knowledge to configure and manage than their host-based counterparts.
Software-based firewalls
A software-based firewall, or host firewall, runs on a server or other device. Host firewall
software needs to be installed on each device requiring protection. As such, software-based
firewalls consume some of the host device's CPU and RAM resources.
Software-based firewalls provide individual devices significant protection

against viruses and other malicious content. They can discern different programs running
on the host, while filtering inbound and outbound traffic. This provides a fine-grained
level of control, making it possible to enable communications to/from one program
but prevent it to/from another.
Cloud/hosted firewalls
Managed security service providers (MSSPs) offer cloud-based firewalls. This
hosted service can be configured to track both internal network activity and third-party
on-demand environments. Also known as firewall as a service, cloud-based firewalls
can be entirely managed by an MSSP, making it a good option for large or highly
distributed enterprises with gaps in security resources. Cloud-based firewalls can
also be beneficial to smaller organizations with limited staff and expertise.
3.42 Which firewall is best for your enterprise?
Choosing the right type of firewall means answering questions about what the
firewall is protecting, which resources the organization can afford and how the
infrastructure is architected. The best firewall for one organization may not be a good fit
for another.
Issues to consider include the following:
What are the technical objectives for the firewall? Can a simpler product work
better than a firewall with more features and capabilities that may not be necessary?
How does the firewall itself fit into the organization's architecture? Consider
whether the firewall is intended to protect a low-visibility service exposed on the
internet or a web application.
What kinds of traffic inspection are necessary? Some applications may
require monitoring all packet contents, while others can simply sort packets
based on source/destination addresses and ports.

Many firewall implementations incorporate features of different types of firewalls,
so choosing a type of firewall is rarely a matter of finding one that fits neatly into any
particular category. For example, an NGFW may incorporate new features, along with
some of those from packet filtering firewalls, application-level gateways or stateful
inspection firewalls.
Choosing the ideal firewall begins with understanding the architecture and
functions of the private network being protected but also calls for understanding the
different types of firewalls and firewall policies that are most effective for the organization.
Whichever type(s) of firewalls you choose, keep in mind that a misconfigured

firewall can, in some ways, be worse than no firewall at all because it lends the
dangerous false impression of security, while providing little to no protection.
3.43 conclusions
Firewalls will protect your network from unwanted traffic. Many times, the
unwanted traffic is harmful traffic from hackers trying to exploit your network. You want
a firewall to protect your network, just as you want locks on your door and windows
at your home.

New Trends in IT – Big Data, Cloud Computing, AI
4.1 Objectives
The objectives of this chapter is to understand
 Concept of Big Data and its Application
 Cloud Computing, its architecture and technologies
 Artificial Intelligence
 Machine Learning and Deep Learning
4.2 Introduction to BIG DATA

Big data is a field that treats ways to analyze, systematically extract information from, or
otherwise deal with data sets that are too large or complex to be dealt with by
traditional data-processing application software. Data with many fields (columns) offer
greater statistical power, while data with higher complexity (more attributes or columns)
may lead to a higher false discovery rate. Big data analysis challenges include capturing
data, data storage, data analysis, search, sharing, transfer, visualization, querying,
updating, information privacy, and data source. Big data was originally associated with
three key concepts: volume, variety, and velocity. The analysis of big data presents
challenges in sampling, and thus previously allowing for only observations and sampling.
Therefore, big data often includes data with sizes that exceed the capacity of traditional
software to process within an acceptable time and value.
Current usage of the term big data tends to refer to the use of predictive analytics, user
behavior analytics, or certain other advanced data analytics methods that
extract value from big data, and seldom to a particular size of data set.
Big data is essentially the wrangling of the three Vs to gain insights and make
predictions, so it's useful to take a closer look at each attribute.
4.2.1 Volume
Big data is enormous. While traditional data is measured in familiar sizes like megabytes,
gigabytes and terabytes, big data is stored in petabytes and zettabytes.
To grasp the enormity of difference in scale, consider this comparison from the Berkeley
School of Information: one gigabyte is the equivalent of a seven minute video in HD,
while a single zettabyte is equal to 250 billion DVDs. This is just the tip of the iceberg.
According to a report by EMC, the digital universe is doubling in size every two
years and by 2020 is expected to reach 44 trillion zettabytes.
Big data provides the architecture handling this kind of data. Without the appropriate
solutions for storing and processing, it would be impossible to mine for insights.
4.2.2 Velocity
From the speed at which it's created, to the amount of time needed to analyze
it, everything about big data is fast. Some have described it as trying to drink from a fire
hose.
Companies and organizations must have the capabilities to harness this data and
generate insights from it in real-time, otherwise it's not very useful. Real-time

processing allows decision makers to act quickly, giving them a leg up on the
competition.
While some forms of data can be batched processed and remain relevant over time,
much of big data is streaming into organizations at a clip and requires immediate
action for the best outcomes. Sensor data from health devices is a great example. The
ability to instantly process health data can provide users and physicians with
potentially life-saving information.
4.2.3 Variety
Roughly 95% of all big data is unstructured, meaning it does not fit easily
into a straightforward, traditional model. Everything from emails and videos to
scientific and meteorological data can constitute a big data stream, each with
their own unique attributes.
 Data is always being generated by digital technologies, whether we are using

apps on our phones, interacting on our social media, or shopping for products.
All of this information combines with other data sources and becomes Big Data.
 Companies even combine Big Data with technologies like Machine Learning
and Artificial Intelligence to further improve their ability to enhance our
daily lives with faster, more personalized experiences.
 Data is being produced by manufacturing machinery, healthcare equipment at
the hospital or doctor's office, electronic airline tickets at an airport, and
from the computer in a connected car.
 Big Data comes from text, audio, video, and images.
 Big Data is analyzed by organizations and businesses for reasons like
discovering patterns and trends related to human behavior and our interaction
with technology, which can then be used to make decisions that impact how we
live, work, and play.
Just think that as we go about our daily lives, our technology and Big Data is
helping businesses to understand more about us, and this information is used in turn
to shape our experiences for the better.
Big data analytics describes the process of uncovering trends, patterns, and correlations
in large amounts of raw data to help make data-informed decisions. These
processes use familiar statistical analysis techniques—like clustering and
regression—and apply those to more extensive datasets with the help of newer tools.
Big data has been a buzz word since the early 2000s, when software and
hardware capabilities made it possible for organizations to handle large amounts of
unstructured data. Since then, new technologies—from Amazon to smartphones—
have contributed even more to the substantial amounts of data available to
organizations.
With the explosion of data, early innovation projects like Hadoop, Spark, and
NoSQL databases were created for the storage and processing of big data. This field
continues to evolve as data engineers look for ways to integrate the vast
amounts of complex information created by sensors, networks, transactions, smart
devices, web usage, and more. Even now, big data analytics methods are being used
with emerging technologies, like machine learning, to discover and scale more
complex insights.

4.3 How big data analytics works
Big data analytics refers to collecting, processing, cleaning, and analyzing large datasets
to help organizations operationalize their big data.
4.3.1 Collect Data

Data collection looks different for every organization. With today‗s technology,
organizations can gather both structured and unstructured data from a variety of sources
— from cloud storage to mobile applications to in-store IoT sensors and beyond. Some
data will be stored in data warehouses where business intelligence tools and solutions can
access it easily.
Raw or unstructured data that is too diverse or complex for a warehouse may be assigned
metadata and stored in a data lake.
4.3.2 Process Data

Once data is collected and stored, it must be organized properly to get accurate results on
analytical queries, especially when it‗s large and unstructured. Available data is growing
exponentially, making data processing a challenge for organizations.
One processing option is batch processing, which looks at large data blocks over time.
Batch processing is useful when there is a longer turnaround time between collecting and
analyzing data.
Stream processing looks at small batches of data at once, shortening the delay time
between collection and analysis for quicker decision-making. Stream processing is more
complex and often more expensive.
4.3.3 Clean Data
Data big or small requires scrubbing to improve data quality and get stronger results; all
data must be formatted correctly, and any duplicative or irrelevant data must be
eliminated or accounted for. Dirty data can obscure and mislead, creating flawed insights.
4.3.4 Analyze Data

Getting big data into a usable state takes time. Once it‗s ready, advanced analytics
processes can turn big data into big insights. Some of these big data analysis methods
include:
 Data mining sorts through large datasets to identify patterns and relationships by
identifying anomalies and creating data clusters.
 Predictive analytics uses an organization‗s historical data to make predictions
about the future, identifying upcoming risks and opportunities.
 Deep learning imitates human learning patterns by using artificial intelligence
and machine learning to layer algorithms and find patterns in the most complex
and abstract data.
4.4 Big data analytics tools and technology

Big data analytics cannot be narrowed down to a single tool or technology.
Instead, several types of tools work together to help you collect, process, cleanse, and
analyze big data. Some of the major players in big data ecosystems are listed below.

 Hadoop is an open-source framework that efficiently stores and processes
big datasets on clusters of commodity hardware. This framework is free
and can handle large amounts of structured and unstructured data, making it
a valuable mainstay for any big data operation.
 NoSQL databases are non-relational data management systems that do
not require a fixed scheme, making them a great option for big, raw,
unstructured data. NoSQL stands for ―not only SQL,‖ and these databases can
handle a variety of data models.
 MapReduce is an essential component to the Hadoop framework serving
two functions. The first is mapping, which filters data to various nodes
within the cluster. The second is reducing, which organizes and reduces the
results from each node to answer a query.
 YARN stands for ―Yet Another Resource Negotiator.‖ It is another component
of second-generation Hadoop. The cluster management technology helps
with job scheduling and resource management in the cluster.
 Spark is an open source cluster computing framework that uses implicit
data parallelism and fault tolerance to provide an interface for
programming entire clusters. Spark can handle both batch and stream
processing for fast computation.
 Tableau is an end-to-end data analytics platform that allows you to prep,
analyze, collaborate, and share your big data insights. Tableau excels in self-
service visual analysis, allowing people to ask new questions of governed
big data and easily share those insights across the organization.
4.5 The big benefits of big data analytics

The ability to analyze more data at a faster rate can provide big benefits to
an organization, allowing it to more efficiently use data to answer important
questions. Big data analytics is important because it lets organizations use colossal
amounts of data in multiple formats from multiple sources to identify
opportunities and risks, helping organizations move quickly and improve their
bottom lines.
Some benefits of big data analytics include:
 Cost savings. Helping organizations identify ways to do business more efficiently

 Product development. Providing a better understanding of customer needs
 Market insights. Tracking purchase behavior and market trends
4.6 The Big Challenges of Big Data

Big data brings big benefits, but it also brings big challenges such new privacy and
security concerns, accessibility for business users, and choosing the right solutions for
your business needs. To capitalize on incoming data, organizations will have to address
the following:

 Making big data accessible. Collecting and processing data becomes more
difficult as the amount of data grows. Organizations must make data easy and
convenient for data owners of all skill levels to use.
 Maintaining quality data. With so much data to maintain, organizations are
spending more time than ever before scrubbing for duplicates, errors, absences,
conflicts, and inconsistencies.
 Keeping data secure. As the amount of data grows, so do privacy and security
concerns. Organizations will need to strive for compliance and put tight data
processes in place before they take advantage of big data.
 Finding the right tools and platforms. New technologies for processing and
analyzing big data are developed all the time. Organizations must find the right
technology to work within their established ecosystems and address their
particular needs. Often, the right solution is also a flexible solution that can
accommodate future infrastructure changes.
The importance of big data does not revolve around how much data a company has but
how a company utilises the collected data. Every company uses data in its own way; the
more efficiently a company uses its data, the more potential it has to grow. The company
can take data from any source and analyse it to find answers which will enable:
i. Cost Savings: Some tools of Big Data like Hadoop and Cloud-Based Analytics can
bring cost advantages to business when large amounts of data are to be stored and
these tools also help in identifying more efficient ways of doing business.
ii. Time Reductions: The high speed of tools like Hadoop and in-memory analytics
can easily identify new sources of data which helps businesses analyzing data
immediately and make quick decisions based on the learnings.
iii. Understand the market conditions: By analyzing big data you can get a better
understanding of current market conditions. For example, by analyzing customers‗
purchasing behaviors, a company can find out the products that are sold the most
and produce products according to this trend. By this, it can get ahead of its
competitors.
iv. Control online reputation: Big data tools can do sentiment analysis. Therefore,
you can get feedback about who is saying what about your company. If you want to
monitor and improve the online presence of your business, then, big data tools can
help in all this.
v. Using Big Data Analytics to Boost Customer Acquisition and Retention
The customer is the most important asset any business depends on. There is no
single business that can claim success without first having to establish a solid
customer base. However, even with a customer base, a business cannot afford to
disregard the high competition it faces. If a business is slow to learn what customers
are looking for, then it is very easy to begin offering poor quality products. In the
end, loss of clientele will result, and this creates an adverse overall effect on
business success. The use of big data allows businesses to observe various customer
related patterns and trends. Observing customer behaviour is important to trigger
loyalty.
vi. Using Big Data Analytics to Solve Advertisers Problem and Offer
Marketing Insights

Big data analytics can help change all business operations. This includes the
ability to match customer expectation, changing company‗s product line and
of course ensuring that the marketing campaigns are powerful.
vii. Big Data Analytics As a Driver of Innovations and Product Development
Another huge advantage of big data is the ability to help companies innovate
and redevelop their products.
4.7 Best Examples Of Big Data
The best examples of big data can be found both in the public and private sector.
From targeted advertising, education, and already mentioned massive industries
(healthcare, insurance, manufacturing or banking), to real-life scenarios, in
guest service or entertainment. Around 1.7 megabytes of data is generated every
second for every person on the planet, the potential for data-driven organizational
growth in the hospitality sector is enormous.
Big data can serve to deliver benefits in some surprising areas.
4.7.1 Big Data in Education industry

Following are some of the fields in education industry that have been transformed by
big data motivated changes
 Customized and dynamic learning

programs:  Reframing course material:
Grading
Systems:
Career
prediction:
4.7.2 Big Data in Insurance industry
The insurance industry holds importance not only for individuals but also
business companies. The reason insurance holds a significant place is because it
supports people during times of adversities and uncertainties. The data collected from
these sources are of varying formats and change at tremendous speeds.
Collecting information
As big data refers to gathering data from disparate sources, this feature creates a
crucial use case for the insurance industry to pounce on. Eg: When a customer
intends to buy a car insurance, the companies can obtain information from which
they can calculate the safety levels for driving in the buyer‗s vicinity and his past
driving records. On basis of this they can effectively calculate cost of car insurance as
well.
Gaining customer insight

Determining customer experience and making customers the center of a company‗s
attraction is of prime importance to organizations.
Fraud detection
Insurance frauds are a common incidence. Big data use case for reducing fraud is highly
effective.

Threat mapping
When an insurance agency sells an insurance, they want to be aware of all the
possibilities of things going unfavourably with their customer, making them file a claim.
4.7.3 Big data in Government industry

Along with many other areas, big data in government can have an enormous impact —
local, national and global. With so many complex issues on the table today, governments
have their work cut out trying to make sense of all the information they receive and make
vital decisions that affect millions of people. Governments, be it of any country, come
face to face with a very huge amount of data on almost daily basis. Reason being, they
have to keep track of various records and databases regarding the citizens. The proper
study and analysis of this data helps the Governments in endless ways. Few of them are:
 Welfare schemes
 Cyber security
4.7.4 Big Data in Banking Sector
The amount of data in banking sectors is skyrocketing every second. Study and analysis
of big data can help detect -
 The misuse of credit cards

 Misuse of debit cards
 Venture credit hazard treatment
 Business clarity
 Customer statistics alteration
 Money laundering
 Risk Mitigation
4.8 Real-Time Big Data Analytics Tools
More and more tools offer the possibility of real-time processing of Big Data.
4.8.1 Storm
Storm, which is now owned by Twitter, is a real-time distributed computation system.
4.8.2 Cloudera
Cloudera offers the Cloudera Enterprise RTQ tools that offers real-time,
interactive analytical queries of the data stored in HBase or HDFS.
4.8.3 Gridgrain
GridGain is an enterprise open source grid computing made for Java. It is

compatible with Hadoop DFS and it offers a substitute to Hadoop‗s MapReduce.
4.8.4 SpaceCurve
The technology that SpaceCurve is developing can discover underlying patterns

in multidimensional geodata.
4.9 CLOUD COMPUTING

Cloud Computing is defined as storing and accessing of data and computing services
over the internet. It doesn't store any data on your personal computer. It is the on-demand
availability of computer services like servers, data storage, networking, databases, etc.
The main purpose of cloud computing is to give access to data centers to many users.
Users can also access data from a remote server.
Examples of Cloud Computing Services: AWS, Azure, Google Cloud
4.3.1 Why Cloud Computing?
With increase in computer and Mobile user‗s, data storage has become a priority in all
fields. Large and small scale businesses today thrive on their data & they spent a huge
amount of money to maintain this data. It requires a strong IT support and a storage hub.
Not all businesses can afford high cost of in-house IT infrastructure and back up support
services. For them Cloud Computing is a cheaper solution. Perhaps its efficiency in
storing data, computation and less maintenance cost has succeeded to attract even bigger
businesses as well.
Cloud computing decreases the hardware and software demand from the user‗s side. The
only thing that user must be able to run is the cloud computing systems interface
software, which can be as simple as Web browser, and the Cloud network takes care of
the rest. We all have experienced cloud computing at some instant of time, some of the
popular cloud services we have used or we are still using are mail services like gmail,
hotmail or yahoo etc.
While accessing e-mail service our data is stored on cloud server and not on our
computer. The technology and infrastructure behind the cloud is invisible. It is less
important whether cloud services are based on HTTP, XML, Ruby, PHP or other specific
technologies as far as it is user friendly and functional. An individual user can connect to
cloud system from his/her own devices like desktop, laptop or mobile.
Cloud computing harnesses small business effectively having limited resources, it gives
small businesses access to the technologies that previously were out of their reach. Cloud
computing helps small businesses to convert their maintenance cost into profit. Let‗s see
how?
In an in-house IT server, you have to pay a lot of attention and ensure that there are no
flaws into the system so that it runs smoothly. And in case of any technical glitch you are
completely responsible; it will seek a lot of attention, time and money for repair.
Whereas, in cloud computing, the service provider takes the complete responsibility of
the complication and the technical faults.
4.3.2 Benefits of Cloud Computing
The potential for cost saving is the major reason of cloud services adoption by many
organizations. Cloud computing gives the freedom to use services as per the requirement
and pay only for what you use. Due to cloud computing it has become possible to run IT
operations as an outsourced unit without much in-house resources.
Following are the benefits of cloud computing:

1. Lower IT infrastructure and computer costs for users 2.
Improved performance
3. Fewer Maintenance issues 4.
Instant software updates
5. Improved compatibility between Operating systems 6.
Backup and recovery
7. Performance and Scalability 8.
Increased storage capacity 3.
Increase data safety
4.10 Types of Clouds

There are four different cloud models that you can subscribe according to business needs.
Following are the different Types of Clouds:
1. Private Cloud: Here, computing resources are deployed for one particular
organization. This method is more used for intra-business interactions. Where
the computing resources can be governed, owned and operated by the same
organization.
2. Community Cloud: Here, computing resources are provided for a community
and organizations.
3. Public Cloud: This type of cloud is used usually for B2C (Business to Consumer)
type interactions. Here the computing resource is owned, governed and operated
by government, an academic or business organization.
4. Hybrid Cloud: This type of cloud can be used for both type of interactions -
B2B (Business to Business) or B2C ( Business to Consumer). This deployment
method is called hybrid cloud as the computing resources are bound together by
different clouds.
4.11 Cloud Computing Services
The three major Cloud Computing Offerings are
Software as a Service (SaaS)

Platform as a Service (PaaS)
 Infrastructure as a Service (IaaS)
Different business use some or all of these components according to their
requirement.
4.11.1 SaaS (Software as a Service)
SaaS or software as a service is a software distribution model in which applications are

hosted by a vendor or service provider and made available to customers over a network
(internet). SaaS is becoming an increasingly prevalent delivery model as underlying
technologies that supports Service Oriented Architecture (SOA) or Web Services.
Through internet this service is available to users anywhere in the world.
Traditionaly, software application needed to be purchased upfront & then installed it onto
your computer. SaaS users on the other hand, instead of purchasing the software
subscribes to it, usually on monthly basis via internet.
Subscribe can be one or two people or every thousands of employees in a corporation.
SaaS is compatible with all internet enabled devices. Many important tasks like
accounting, sales, invoicing and planning all can be performed using SaaS.
4.11.2 PaaS (Platform as a Service)
Platform as a service, is referred as PaaS, it provides a platform and environment to allow

developers to build applications and services. This service is hosted in the cloud and
accessed by the users via internet.
To understand in a simple terms, let compare this with painting a picture, where you are
provided with paint colors, different paint brushes and paper by your school teacher and
you just have to draw a beautiful picture using those tools.
PaaS services are constantly updated & new features added. Software developers, web
developers and business can benefit from PaaS. It provides platform to support
application development. It includes software support and management services, storage,
networking, deploying, testing, collaborating, hosting and maintaining applications.
4.11.3 IaaS (Infrastructure as a Service
IaaS (Infrastructure As A Service) is one of the fundamental service model of cloud

computing alongside PaaS( Platform as a Service). It provides access to computing
resources in a virtualized environment ―the cloud‖ on internet. It provides computing
infrastructure like virtual server space, network connections, bandwidth, load balancers
and IP addresses. The pool of hardware resource is extracted from multiple servers and
networks usually distributed across numerous data centers. This provides redundancy
and reliability to IaaS.
IaaS is a complete package for computing. For small scale businesses who are looking for
cutting cost on IT infrastructure, IaaS is one of the solutions. Annually a lot of money is
spent in maintenance and buying new components like hard-drives, network connections,
external storage device etc. which a business owner could have saved for other expenses
by using IaaS.
4.12 What is Cloud Computing Architecture?

Cloud Computing Architecture is a combination of components required for a Cloud
Computing service like a front-end platform, a back-end platform or servers, a network or
internet service, and a cloud based delivery service.
Cloud computing distributes the file system over multiple hard disks and machines. Data is
never stored in one place only and in case one unit fails the other will take over
automatically. The user disk space is allocated on the distributed file system, while
another important component is algorithm for resource allocation. Cloud computing is a
strong distributed environment and it heavily depends upon strong algorithm.
Cloud Computing architecture comprises of many cloud components, which are loosely
coupled. We can broadly divide the cloud architecture into two parts:

 Front End - Front end consist client part of cloud computing system. It
comprise of interfaces and applications that are required to access the Cloud
Computing or Cloud Programming platform. Example - Web Browser.
 Back End - back end refers to the cloud itself, it comprises of the resources
that are required for cloud computing services. It consists of virtual machines,
servers, data storage, security mechanism etc. It is under providers‗ control.
Each of the ends is connected through a network, usually Internet. The following
diagram shows the graphical view of cloud computing architecture:
Figure : Cloud Computing Architecture

Note
 It is the responsibility of the back end to provide built-in security mechanism,
traffic control and protocols.
 The server employs certain protocols known as middleware, which help the
connected devices to communicate with each other.
4.13 Virtualization and Cloud Computing
The main enabling technology for Cloud Computing is Virtualization. Virtualization is a
partitioning of single physical server into multiple logical servers. Once the physical
server is divided, each logical server behaves like a physical server and can run an
operating system and applications independently. Many popular companies‗s like
VmWare and Microsoft provide virtualization services, where instead of using your
personal PC for storage and computation, you use their virtual server. They are fast, cost-
effective and less time consuming.
For software developers and testers virtualization comes very handy, as it allows
developer to write code that runs in many different environments and more importantly to
test that code.
Virtualization is mainly used for three main purposes - Network Virtualization, Server
Virtualization and Storage Virtualization
a. Network Virtualization: It is a method of combining the available resources in a
network by splitting up the available bandwidth into channels, each of which is

independent from the others and each channel is independent of others and can be
assigned to a specific server or device in real time.
b. Storage Virtualization: It is the pooling of physical storage from multiple network

storage devices into what appears to be a single storage device that is managed from a
central console. Storage virtualization is commonly used in storage area networks
(SANs).
c. Server Virtualization: Server virtualization is the masking of server resources like

processors, RAM, operating system etc, from server users. The intention of server
virtualization is to increase the resource sharing and reduce the burden and complexity of
computation from users.
Virtualization is the key to unlock the Cloud system, what makes virtualization so
important for the cloud is that it decouples the software from the hardware. For example,
PC‗s can use virtual memory to borrow extra memory from the hard disk. Usually hard
disk has a lot more space than memory. Although virtual disks are slower than real
memory, if managed properly the substitution works perfectly. Likewise, there is
software which can imitate an entire computer, which means 1 computer can perform the
functions equals to 20 computers.
4.14 Cloud Computing Technologies

A list of cloud computing technologies are given below -
o Virtualization
o Service-Oriented Architecture (SOA) o
Grid Computing
o Utility Computing
4.14.1 Virtualization
Virtualization is the process of creating a virtual environment to run multiple applications

and operating systems on the same server. The virtual environment can be anything, such as
a single instance or a combination of many operating systems, storage devices,
network application servers, and other environments.
The concept of Virtualization in cloud computing increases the use of virtual machines. A
virtual machine is a software computer or software program that not only works as a
physical computer but can also function as a physical machine and perform tasks such as
running applications or programs as per the user's demand.
Types of Virtualization
i. Hardware virtualization
ii. Server virtualization
iii. Storage virtualization
iv. Operating system virtualization
v. Data Virtualization
4.14.2 Service-Oriented Architecture (SOA)

Service-Oriented Architecture (SOA) allows organizations to access on-demand cloud-
based computing solutions according to the change of business needs. It can work without
or with cloud computing. The advantages of using SOA is that it is easy to maintain,
platform independent, and highly scalable.
Service Provider and Service consumer are the two major roles within SOA.
There are the following applications of Service-Oriented Architecture -
o It is used in the healthcare industry.

o It is used to create many mobile applications and games.
o In the air force, SOA infrastructure is used to deploy situational awareness
systems.
4.14.3 Grid Computing
Grid computing is also known as distributed computing. It is a processor architecture

that combines various different computing resources from multiple locations to achieve a
common goal. In grid computing, the grid is connected by parallel nodes to form a
computer cluster. These computer clusters are in different sizes and can run on any
operating system.
Grid computing contains the following three types of machines -
1. Control Node: It is a group of server which administrates the whole network.

2. Provider: It is a computer which contributes its resources in the network resource
pool.
3. User: It is a computer which uses the resources on the network.
Mainly, grid computing is used in the ATMs, back-end infrastructures, and marketing
research.
4.14.4 Utility Computing
Utility computing is the most trending IT service model. It provides on-demand

computing resources (computation, storage, and programming services via API) and
infrastructure based on the pay per use method. It minimizes the associated costs and
maximizes the efficient use of resources. The advantage of utility computing is that it
reduced the IT cost, provides greater flexibility, and easier to manage.
Large organizations such as Google and Amazon established their own utility services
for computing storage and application.
4.15 Challenges in Cloud Computing Technology

Cloud computing, an emergent technology, has placed many challenges in different
aspects of data and information handling. Some of these are shown in the following
diagram:

Figure : Challenges In Cloud Computing
4.4.1 Security and Privacy
Security and Privacy of information is the biggest challenge to cloud computing.

Security and privacy issues can be overcome by employing encryption, security
hardware and security applications.
4.4.2 Portability
This is another challenge to cloud computing that applications should easily be migrated from
one cloud provider to another. There must not be vendor lock-in. However, it is not yet made
possible because each of the cloud provider uses different standard languages for their platforms.
4.4.3 Interoperability
It means the application on one platform should be able to incorporate services from the other
platforms. It is made possible via web services, but developing such web services is very
complex.
4.4.4 Computing Performance

Data intensive applications on cloud requires high network bandwidth, which results in high
cost. Low bandwidth does not meet the desired computing performance of cloud application.
4.4.5 Reliability and Availability

It is necessary for cloud systems to be reliable and robust because most of the businesses are now
becoming dependent on services provided by third-party.
4.16 ARTIFICIAL INTELLIGENCE

AI (Artificial Intelligence) is the ability of a machine to perform cognitive functions as
humans do, such as perceiving, learning, reasoning and solving problems. The benchmark
for AI is the human level concerning in teams of reasoning, speech, and vision.
Introduction to AI Levels

1. Narrow AI: A artificial intelligence is said to be narrow when the machine can
perform a specific task better than a human. The current research of AI is here
now
2. General AI: An artificial intelligence reaches the general state when it can
perform any intellectual task with the same accuracy level as a human would
3. Strong AI: An AI is strong when it can beat humans in many tasks
Nowadays, AI is used in almost all industries, giving a technological edge to all

companies integrating AI at scale. AI provides a cutting-edge technology to deal with
complex data which is impossible to handle by a human being. AI automates redundant
jobs allowing a worker to focus on the high level, value-added tasks. When AI is
implemented at scale, it leads to cost reduction and revenue increase.
Artificial Intelligence has various applications in today's society. It is becoming essential

for today's time because it can solve complex problems with an efficient way in multiple
industries, such as Healthcare, entertainment, finance, education, etc. AI is making our
daily life more comfortable and fast.
AI has been dominant in various fields such as −
 Gaming − AI plays crucial role in strategic games such as chess, poker, tic-tac-toe, etc.,
where machine can think of large number of possible positions based on heuristic
knowledge.
 Natural Language Processing − It is possible to interact with the computer that
understands natural language spoken by humans.
 Expert Systems − There are some applications which integrate machine,
software, and special information to impart reasoning and advising. They provide
explanation and advice to the users.
 Vision Systems − These systems understand, interpret, and comprehend visual input on
the computer. For example,
o A spying aeroplane takes photographs, which are used to figure out spatial
information or map of the areas.
o Doctors use clinical expert system to diagnose the patient.
o Police use computer software that can recognize the face of criminal with the
stored portrait made by forensic artist.
 Speech Recognition − Some intelligent systems are capable of hearing and
comprehending the language in terms of sentences and their meanings while a human
talks to it. It can handle different accents, slang words, noise in the background,
change in human‗s noise due to cold, etc.
 Handwriting Recognition − The handwriting recognition software reads the text written
on paper by a pen or on screen by a stylus. It can recognize the shapes of the letters and
convert it into editable text.
 Intelligent Robots − Robots are able to perform the tasks given by a human. They
have sensors to detect physical data from the real world such as light, heat, temperature,
movement, sound, bump, and pressure. They have efficient processors, multiple

sensors and huge memory, to exhibit intelligence. In addition, they are capable of
learning from their mistakes and they can adapt to the new environment.
4.17 Application of Artificial Intelligence
Following are some sectors which have the application of Artificial Intelligence:
4.17.1 AI in Astronomy
o Artificial Intelligence can be very useful to solve complex universe problems. AI
technology can be helpful for understanding the universe such as how it works,
origin, etc.
4.17.2 AI in Healthcare
o In the last, five to ten years, AI becoming more advantageous for the healthcare
industry and going to have a significant impact on this industry.
o Healthcare Industries are applying AI to make a better and faster diagnosis than
humans. AI can help doctors with diagnoses and can inform when patients are
worsening so that medical help can reach to the patient before hospitalization.
4.17.3 AI in Gaming
o AI can be used for gaming purpose. The AI machines can play strategic games
like chess, where the machine needs to think of a large number of possible places.
4.17.4
o AI and finance industries are the best matches for each other. The finance industry is
implementing automation, chatbot, adaptive intelligence, algorithm trading, and machine learning
into financial processes.
4.17.5 AI in Data Security

o The security of data is crucial for every company and cyber-attacks are growing
very rapidly in the digital world. AI can be used to make your data more safe and
secure. Some examples such as AEG bot, AI2 Platform,are used to determine
software bug and cyber-attacks in a better way.
4.17.6 AI in Social Media

o Social Media sites such as Facebook, Twitter, and Snapchat contain billions of user
profiles, which need to be stored and managed in a very efficient way. AI can organize and
manage massive amounts of data. AI can analyze lots of data to identify the latest
trends, hashtag, and requirement of different users.
4.17.7 AI in Travel & Transport

o AI is becoming highly demanding for travel industries. AI is capable of doing
various travel related works such as from making travel arrangement to suggesting
the hotels, flights, and best routes to the customers. Travel industries are using AI-
powered chatbots which can make human-like interaction with customers for
better and fast response.
4.17.8 AI in Automotive Industry

o Some Automotive industries are using AI to provide virtual assistant to their user
for better performance. Such as Tesla has introduced TeslaBot, an intelligent
virtual assistant.
o Various Industries are currently working for developing self-driven cars which
can make your journey more safe and secure.
4.17.9 AI in Robotics:
o Artificial Intelligence has a remarkable role in Robotics. Usually, general robots
are programmed such that they can perform some repetitive task, but with the help
of AI, we can create intelligent robots which can perform tasks with their own
experiences without pre-programmed.
o Humanoid Robots are best examples for AI in robotics, recently the intelligent
Humanoid robot named as Erica and Sophia has been developed which can talk
and behave like humans.
4.17.10 AI in Entertainment
o We are currently using some AI based applications in our daily life with some
entertainment services such as Netflix or Amazon. With the help of ML/AI
algorithms, these services show the recommendations for programs or shows.
4.17.11 AI in Agriculture
o Agriculture is an area which requires various resources, labor, money, and time
for best result. Now a day's agriculture is becoming digital, and AI is emerging in
this field. Agriculture is applying AI as agriculture robotics, solid and crop
monitoring, predictive analysis. AI in agriculture can be very helpful for farmers.
4.17.12 AI in E-commerce
o AI is providing a competitive edge to the e-commerce industry, and it is becoming
more demanding in the e-commerce business. AI is helping shoppers to discover
associated products with recommended size, color, or even brand.
4.17.13 AI in education:
o AI can automate grading so that the tutor can have more time to teach. AI chatbot
can communicate with students as a teaching assistant.
o AI in the future can be work as a personal virtual tutor for students, which will be
accessible easily at any time and any place.
Following are the most common subsets of AI:

o Machine Learning o
Deep Learning
o Natural Language processing o
Expert System
o Robotics
o Machine Vision
o Speech Recognition
Note: Among all of the above, Machine learning plays a crucial role in AI.
Machine learning and deep learning are the ways of achieving AI in real life.

Figure Artificial Intelligence
4.18 Machine Learning

Machine learning is a part of AI which provides intelligence to machines with the ability to
automatically learn with experiences without being explicitly programmed.
o It is primarily concerned with the design and development of algorithms that

allow the system to learn from historical data.
o Machine Learning is based on the idea that machines can learn from past data,
identify patterns, and make decisions using algorithms.
o Machine learning algorithms are designed in such a way that they can learn and
improve their performance automatically.
o Machine learning helps in discovering patterns in data.
4.18.1 Types of Machine Learning
Machine learning can be subdivided intothe main three types:
i. Supervised learning: Supervised learning is a type of machine learning in which

machine learn from known datasets (set of training examples), and then predict
the output. A supervised learning agent needs to find out the function that matches
a given sample set. Supervised learning further can be classified into two
categories of algorithms:

 Classifications
 Regression
ii. Reinforcement learning: Reinforcement learning is a type of learning in which
an AI agent is trained by giving some commands, and on each action, an agent
gets a reward as a feedback. Using these feedbacks, agent improves its
performance.
Reward feedback can be positive or negative which means on each good action,
agent receives a positive reward while for wrong action, it gets a negative reward.
Reinforcement learning is of two types:
 Positive Reinforcement learning

 Negative Reinforcement learning
Unsupervised learning: Unsupervised learning is associated with learning without
supervision or training. In unsupervised learning, the algorithms are trained with data which is
neither labeled nor classified. In unsupervised learning, the agent needs to learn from patterns
without corresponding output values. Unsupervised learning can be classified into two categories of
algorithms:
 Clustering
 Association
4.19 Natural Language processing

Natural language processing is a subfield of computer science and artificial intelligence.
NLP enables a computer system to understand and process human language such as
English.
NLP plays an important role in AI as without NLP, AI agent cannot work on human
instructions, but with the help of NLP, we can instruct an AI system on our language.
Today we are all around AI, and as well as NLP, we can easily ask Siri, Google or
Cortana to help us in our language.
Natural language processing application enables a user to communicate with the system in
their own words directly.
The Input and output of NLP applications can be in two forms:
o Speech
o Text
4.20 Deep Learning

Deep learning is a subset of machine learning which provides the ability to machine to
perform human-like tasks without human involvement. It provides the ability to an AI
agent to mimic the human brain. DL can use both supervised and unsupervised learning to
train an AI agent.
o Deep learning is implemented through neural networks architecture hence also

called a deep neural network.
o Deep learning is the primary technology behind self-driving cars, speech
recognition, image recognition, automatic machine translation, etc.

o The main challenge for deep learning is that it requires lots of data with lots of
computational power.
4.20.1 How deep learning works:
o Deep Learning Algorithms work on deep neural networks, so it is called deep

learning. These deep neural networks are made of multiple layers.
o The first layer is called an Input layer, the last layer is called an output layer, and all
layers between these two layers are called hidden layers.
o In the deep neural network, there are multiple hidden layers, and each layer is
composed of neurons. These neurons are connected in each layer.
o The input layer receives input data, and the neurons propagate the input signal to its above
layers.
o The hidden layers perform mathematical operations on inputs, and the performed data
forwarded to the output layer.
o The output layer returns the output to the user.
4.21 Deep Learning

Expert Systems
An expert system is an application of artificial intelligence. In artificial intelligence,

expert systems are the computer programs that rely on obtaining the knowledge of human
experts and programming that knowledge into a system.
o Expert systems emulate the decision-making ability of human experts. These systems
are designed to solve the complex problem through bodies of knowledge rather than
conventional procedural code.
o One of the examples of an expert system is a Suggestion for the spelling error while
typing in the Google search
box.
o Following are some characteristics of expert systems:

o High performance
o Reliable
o Highly responsive
o Understandable

4.22 Robotics
o Robotics is a branch of artificial intelligence and engineering which is used for
designing and manufacturing of robots.
o Robots are the programmed machines which can perform a series of actions
automatically or semi-automatically.
o AI can be applied to robots to make intelligent robots which can perform the task
with their intelligence. AI algorithms are necessary to allow a robot to perform
more complex tasks.
o Nowadays, AI and machine learning are being applied on robots to manufacture
intelligent robots which can also interact socially like humans.
4.23 Machine Vision

o Machine vision is an application of computer vision which enables a machine to
recognize the object.
o Machine vision captures and analyses visual information using one or more video
cameras, analog-to-digital conversations, and digital signal processing.
o Machine vision systems are programmed to perform narrowly defined tasks such as
counting objects, reading the serial number, etc.
o Computer systems do not see in the same way as human eyes can see, but it is also
not bounded by human limitations such as to see through the wall.
o With the help of machine learning and machine vision, an AI agent can be able to
see through walls.
4.24 Speech Recognition:

Speech recognition is a technology which enables a machine to understand the spoken
language and translate into a machine-readable format. It can also be said as automatic
Speech recognition and computer speech recognition. It is a way to talk with a
computer, and on the basis of that command, a computer can perform a specific
task.
There is some speech recognition software which has a limited vocabulary of words and
phrase. This software requires unambiguous spoken language to understand and perform
specific task. Today's there are various software or devices which contains speech
recognition technology such as Cortana, Google virtual assistant, Apple Siri, etc.
We need to train our speech recognition system to understand our language. In previous
days, these systems were only designed to convert the speech to text, but now there are
various devices which can directly convert speech into commands.
Speech recognition systems can be used in the following areas:
o System control or navigation system

o Industrial application
o Voice dialing system

There are two types of speech recognition
1. Speaker Dependent
2. Speaker Independent
Artificial Intelligence has facilitated the processing of a large amount of data and its use
in the industry. The number of tools and frameworks available to data scientists and
developers has increased with the growth of AI and ML.
4.25 List of AI Tools and Frameworks


 Scikit Learn
 TensorFlow
 Theano
 Caffe 
 MxNet
 Keras
 PyTorch
 CNTK
Auto
ML
OpenNN
 H20: Open Source AI Platform
 Google ML Kit
4.26 Conclusion
Big Data, Cloud Computing and Artificial Intelligence are the trending technology in
today‘s world and are going to play pivotal role in the growth and development of Human
race.

Latest Trends in Web Technologies
5.1 LEARNING OBJECTIVE

The World Wide Web was introduced in the early 1990s with the goal of making it
possible to access information from any source in a consistent and simple way. Developed at
CERN, in Geneva, Switzerland, it was aimed at physi- cists and other scientists that generate huge
amounts of data and documents and need to share them with other scientists. Hypertext was
adopted as a simple way to both give access to documents and to link them together. The HTTP
protocol was designed to allow one computer—the client computer—to request data and
documents from another computer—the server computer— so that it could make that document
available to the users on the client computer. In this way, the World Wide Web was viewed as a
vast repository of information that provided access to a large number of users. This view of the
Web was quite static and it has changed considerably over time. A first key observation was that
the address that was considered to be a page of data on the server could in fact refer to a program
that could be executed on the server and its results returned to the client. Today, the address could
indeed refer to a sophisticated (Web) application being invoked. Currently, the Web is a powerful
platform offering a vast array of tools and components to application developers. A new
generation of applications offers users the opportunities to communicate, collaborate, and even
update the capabilities of the application. Applications support individuals, small businesses or
communities of users as well as large company businesses.
5.2 Foundations of the Web
Despite the enormous development is over the last decade, the fundamental principles upon
which the World Wide Web was based have remained constant. Structurally, the World Wide
Web is based on client-server computing, in which servers store documents and clients access
documents. The same computer may act as a client and as a server at different times. The World
Wide Web introduced three fundamental concepts on top of client-server computing: a method of
naming and referring to documents (URL), a language for writing documents that can contain
data and links to other documents (HTML), and a protocol for client and server machines to
communicate with each other (HTTP).
URL A naming system is a fundamental component of computer systems, especially so for
distributed systems. A naming system prescribes the way objects are named so that the objects
can be identified and located. Depending on the characteristics of the naming system, objects
may be searched for on the basis of their exact names only or on the basis of their attributes. For
example, one might want to tell the system to ―fetch the paper written by Alan Turing about
intelligence test.‖ The World Wide Web‘s naming scheme had the goal of uniquely identifying all
objects stored on the computers on the Internet. The naming scheme is based on Uniform
Resource Locators (URLs) which are composite names identifying the computer (IP address),
the document in the file system of that computer, and a protocol with which to communicate with
that object. URLs are now defined as a standard in IETF RFC 1630.
HTML The documents on the Web are written in the Hyper Text Markup Language. HTML
documents contain content to be displayed, formatting instructions that tell the browser
how to display the contents of the document, and links to other documents. HTML has evolved
along with browsers to achieve better visual presentations and standardization.

Initially, HTML was viewed as a language for instructing browsers what to display for
humans. But as the number of documents written in HTML has grown, and as many applications
started to generate HTML documents, computer processing of HTML documents became
important. The extended markup language XML was created to standardize the definition of
other specialized markup languages. XHTML is an XML compliant HTML which has become
the dominant variant of HTML.
Currently, the Web Hypertext Application Technology Working Group (www.whatwg.org)
is working on defining an evolutionary path for HTML and reconciling the discrepancies
between XHTML and HTML. Other groups such as W3C are working on XHTML as a standard.
HTTP The communication protocol for the Web is the HTTP (See IETF RFC 2616)
protocol. HTTP is a simple request-reply protocol. It defines eight basic operations:
OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, and CONNECT. The most used of
these operations or methods are GET and POST. The method GET retrieves from a given URL
the data associated with the requested URL. The method POST sends data to the program
listening at the specified URL.
These simple concepts have proven to be surprisingly powerful. Application developers have
found ingenious ways of using URLs to name a variety of things and not only documents. For
example, one of the early ideas was to use the URL to name a program to execute on the server
which would then produce output that would be returned to the client. Likewise, documents are
used not only to contain information to be displayed by the browser but to contain code
scripts to be executed (either in the browser or on the server). A whole array of languages has
been created to write code to be executed by the browser (e.g. JavaScript) or on the server
(e.g. PHP). Web applications take advantage of a variety of languages and design patterns to
combine the capabilities of clients and servers.
5.3 Deployment
Where do Web applications run? The server environment can be proprietary or open
source. Web application development has been driven by a move towards open source and
standardized components. This trend has spread also to the server environment where Web
servers run. Considering that there are many small organizations, small companies and non-profit
organizations, that run their own Web servers, there is both business reasons and technical
reasons for the move to open source. The standard, bare-bones, Web server environment is
commonly referred to as LAMP. Each of the four letters in LAMP stands for one
component of the environment. The components are:
• Linux for the operating system;
• Apache as the Web server;
• MySQL as the database server;
• Perl or Python or PHP as the language.
More generally, LAMP is deployed in three-tier architecture. The client is represented by a

standard Web browser. The middle tier is an application server that itself contains several levels
of software: operating system, which is usually Linux or FreeBSD; a Web server, which is
usually Apache or Lightttpd; an interface software that implements a CGI, which is now usually
Fast CGI; and finally languages for implementing applications, which are now commonly
PHP, PERL, Python, or Ruby. The database layer may host an open source database manager
such as MySQL, Postgress SQL, or SQL Lite. These standard environments can be put together
relatively easily and cheaply. It is sufficient for many types of Web applications. More
sophisticated applications, however, rely on proprietary software platforms. In the Java world,
much software is available including JDBC, EJB, Java Beans, and especially, J2EE, which is
a sophisticated framework for developing transaction-oriented database applications.
5.4 Modern Web applications: examples

Early Web applications offered mostly textual user interfaces and limited interactivity.
Today‗s Web applications offer rich interfaces, are interactive, and support collaboration
among users. Here we examine several applications that represent the current generation of
Web applications, sometimes collectively called Web 2.0.

 GOOGLE DOCS
Google docs and spreadsheets is a recent service offered by Google that provides the
traditional word processing and spreadsheet functionalities as a Web application. They are
streamlined services that support the most often-used features and do not support many
features that are offered by commercial word processors. The interface looks very much like a
typical desktop application. The user does not have to press a submit button after every change
(a hallmark of the first generation Web applications). The user‗s data is automatically saved in
the background. You can even drag a piece of text in the window.
In addition to the usual word processing features, Google docs offers features that are
associated with Web 2.0. A document may be shared with other users so that different people
may collaborate on editing it. Naturally, the document may be searched using keywords.
Additionally, documents may be tagged with terms the user chooses so that documents may
also be searched for based on tags. Docu- ments may be saved in a variety of formats (on the
Google servers) and mailed to other users. Other users may be given read-only or read-write
access to the document.
Tagging and collaboration are two features common to modern Web applications. (On-
line word processing was initially offered by Writely, a company that Google acquired.)
 DELICIOUS
Del.icio.us is a Web application that helps users manage and share their bookmarks. As
the amount of information on the Web has grown, it has become more and more difficult to
keep track of the information you find and want to remember for future reference. The
bookmark feature in browsers was intended for this purpose but it has limited functionality.
Del.icio.us lets users store bookmarks and tag those bookmarks with user-defined terms. The
tags are therefore available to the user from anywhere on the Internet and they make it
easier to search for bookmarks. Further, by sharing bookmarks and tags, users can help each
other find related Web pages. The system can also suggest tags that other users have applied to
the same document, thus giving the user ideas on how to classify a document.

Bookmarking sites such as Del.icio.us attempt to address the fundamental problem of
the user‗s needs to master the enormous amount of unstructured data available on the Web.
Bookmarks, hierarchically organized bookmarks, bookmarking sites, search engines, ant
tagging are all different solutions to this problem.

 WIKIPEDIA
Wikipedia has become one of the most popular sites on the Internet. It is used by many
as an authoritative source of information, from finding definitions of technical terms to
explanations of current events. The key feature of Wikipedia is that its content is produced by
users. Any- one can add or edit the information on Wikipedia. In contrast to
a traditional printed or on-line encyclopedia that employs professional editors and writers to
produce and structure and authenticate its content, Wikipedia relies on social structures to
ensure the creation and correction of its content. The vast numbers of users of the Internet form
a large pool of potential volunteers. The Wikipedia is updated constantly rather than following
the multi-year release cycle of a traditional encyclopedia.
An innovative aspect of the Wikipedia application, considered a characteristic of
Web 2.0 applications, is that it provides a platform for users to collaborate to create a valu-able
product. What makes Wikipedia valuable, its content, is indeed produced by the users themselves.
This aspect creates what is called the network effect: The more users there are, the more useful
the product becomes. Amazon already introduced early forms of user collaboration to enhance
the product by encouraging users to provide book reviews.

 FLICKR
Flickr is a photo sharing site where users store their photos and tag them for future
retrieval. Further, users may tag any of the photos on the site that are available publicly. Similar
to Wikipedia, Flickr is a site that would have nothing without its users. As more and more users
participate, the volume of content grows and tags allow photos to be found easily.

 MYSPACE
Myspace is a site for social networking. A user registers and creates a profile detailing his
or her or its characteristics (Profiles exist for animals and companies and products, pre-
sumably created by real humans). Each user‗s space is open to be visited by other users. Users
seem to enjoy sharing
all kinds of information about themselves and to communicate and interact with other
users. The basic thesis that makes MySpace work is that people like to interact with other people.
MySpace provides a platform for social interaction, albeit in virtual space. Users have populated
MyS- pace with a variety of multimedia documents including im-ages and videos. The site
constantly changes its appearance to maintain the interest of its users.

 BLOG SYSTEMS
According to Wikipedia, ―A blog is a Web site where entries are made in journal style
and displayed in a reverse chronological order. A fundamental feature of blogs is that it creates
the ability of readers to interactively leave comments for others to see and comment on. Blogs

(Web logs) first appeared on the Blogger.com system. A blog is a Web site managed by the user;
content is added by ―posting. these posts are often organized in categories and can be
commented on by other users. The traffic on blogs is in- tense and bloggers often cite other blogs
within their posts. Blogs therefore have very high link density. As of 2006, there exist over 60
million blogs on the Web.
Closely related to blogs is the concept of dynamic data feeds. Recently, the very primitive
syndication scheme of RSS, which requires polling Web sites for updated XML content, has
taken off among consumers. Many blogs use RSS to notify their readers of changes in the blog.
Aggrega- tor applications merge different RSS feeds to produce sites with richer content. One
area of society that has been affected by blogs is news publishing. Blogs as a phenomenon has
changed the traditional form of news delivery. Blogs offer a different paradigm
than the traditional printed news- papers. They enable a new model for society to access up to date
information about what is going on in the world, albeit without the newspaper‗s editorial process.
 WIKI SYSTEMS
Wiki systems are a form of content management system that enable a repository of
information that may be updated easily by its users. Wiki systems such as wikipedia.org are
similar to blogs in principle as they are based on user participation to add content. The
fundamental element of wikis is pages as in typical Web sites, as opposed to blogs in which
basic elements are posts (which can be displayed together within the same pages). Wikis allow
users not only to read but also to update the content of the pages. The underlying assumption is
that over time the wiki will represent the con- sensus knowledge (or at least the opinions) of all
the users. As blogs, wikis exhibit high link density. In addition, wikis have high linking within
the same wiki as they provide a simple syntax for the user to link to pages, both to existing
pages and to those yet to be created. Many wikis also provide authentication and versioning to
restrict editing by users and to be able to recover the history.
5.5 Key components of web applications

Studying these emerging applications, some features stand out as key common
principles.
• Search
• Tagging
• User participation
• User interaction and collaboration
Indeed, these features have become standard components in modern Web applications.
Searching and tagging are mechanisms to help users find their way through the mountain of
information on the Web. Tagging helps structure the data so that searching can become more
personalized and customized. User participation is used both to create and to structure the data.
Finally, enabling user interaction and collaboration is the final goal of many tools. An- other
common component that supports collaboration and interaction is a buddy system which alerts
users when their social contacts are online in real-time. This feature first appeared in
instant-messaging systems and is now present in such applications as Google Mail and Skype.

We expect to see these features to become the abstractions provided by a new kind of
Web-oriented middle ware. The common thread in all these applications is the importance of
content/data. A Web 2.0 motto is that the distinguishing characteristic of an application is no
longer the computer processor or the operating system or the database but the content of the data
store. As a result, there is a need for tools and policies to produce valuable data, provide access
to the data, and mechanisms for data-interoperability.
5.6 HTML
HTML stands for Hyper Text Markup Language. It is the standard markup language
for creating Web pages. It describes the structure of a Web page.
HTML consists of a series of elements which tell the browser how to display the
content.
HTML elements label pieces of content such as "this is a heading", "this

is a paragraph", "this is a link", etc.
Example of a simple HTML

document:
<!DOCTYPE html>
<html>
<head>
<title>Page
Title</title> </head>
<body>
<h1>This is the
Heading</h1> <p>Here is a
Paragraph.</p>
</bod
y>
</htm
l>
In the above example:
 The <!DOCTYPE html> declaration defines that this document is
an HTML5 document
 The <html> element is the root element of an HTML page
 The <head> element contains meta information about the HTML page
 The <title> element specifies a title for the HTML page (which is
shown in the browser's title bar or in the page's tab)
 The <body> element defines the document's body, and is a container
for all the visible contents, such as headings, paragraphs, images, hyperlinks,
tables, lists, etc.

 The <h1> element defines a large
heading  The <p> element defines a
paragraph
Web browsers (Chrome, Edge, Firefox, Safari) read HTML documents and display them
correctly. A browser does not display the HTML tags, but uses them to determine how to
display the document.
HyperLinks - Links are found in nearly all web pages. Links allow users to click their way
from page to page. HTML links are hyperlinks. We can click on a link and jump to another
document.
When we move the mouse over a link, the mouse arrow will turn into a little hand. A link
does not have to be text. A link can be an image or any other HTML element.
The HTML <a> tag defines a hyperlink. It has the following syntax:
<a href="url">link text</a>
The href attribute of the <a> element indicates the link's destination. The link text is the part
that will be visible to the reader. Clicking on the link text, will send the reader to the specified
URL address.
JavaScript makes HTML pages more dynamic and interactive.

The HTML <script> tag is used to define a client-side script (JavaScript).
The <script> element either contains script statements, or it points to an external script file
through the src attribute.
Common uses for JavaScript are image manipulation, form validation, and dynamic
changes of content.
5.7 CSS
CSS stands for Cascading Style Sheets. It is the language we use to style a Web page. CSS
describes how HTML elements are to be displayed on screen, paper, or in other media. CSS
saves a lot of work. It can control the layout of multiple web pages all at once. External
stylesheets are stored in CSS files
HTML was NEVER intended to contain tags for formatting a web page. HTML was
created to describe the content of a web page, like:
<h1>This is a heading</h1>
<p>This is a paragraph.</p>
When tags like <font>, and color attributes were added to the HTML 3.2 specification, it started
a nightmare for web developers. Development of large websites, where fonts and color
information were added to every single page, became a long and expensive process.

To solve this problem, the World Wide Web Consortium (W3C) created CSS. CSS removed the
style formatting from the HTML page. The style definitions are normally saved in external .css
files.
A CSS rule consists of a selector and a declaration block.
CSS Syntax:
The selector points to the HTML element you want to style. The eclaration block
contains one or more declarations separated by semicolons. Each declaration includes a CSS
property name and a value, separated by a colon. Multiple CSS declarations are separated with
semicolons, and declaration blocks are surrounded by curly braces.
Example
p{
color: red;
text-align: center;
}
p is a selector in CSS (it points to the HTML element you want to style: <p>).
color is a property, and red is the property value
text-align is a property, and center is the property value
In this example all <p> elements will be center-aligned, with a red text color:
5.8 PHP
PHP is mainly focused on server-side scripting, so you can do anything any other CGI program
can do, such as collect form data, generate dynamic page content, or send and receive cookies.
But PHP can do much more.
There are three main areas where PHP scripts are used.
o Server-side scripting. This is the most traditional and main target field for PHP. You
need three things to make this work: the PHP parser (CGI or server module), a web server and a
web browser. You need to run the web server, with a connected PHP installation. You can access
the PHP program output with a web browser, viewing the PHP page through the server. All these
can run on your home machine if you are just experimenting with PHP programming. See the
installation instructions section for more information.
o Command line scripting. You can make a PHP script to run it without any server or
browser. You only need the PHP parser to use it this way. This type of usage is ideal for scripts
regularly executed using cron (on *nix or Linux) or Task Scheduler (on Windows). These scripts
can also be used for simple text processing tasks. See the section about Command line usage of
PHP for more information.
o Writing desktop applications. PHP is probably not the very best language to create a
desktop application with a graphical user interface, but if you know PHP very well, and would
like to use some advanced PHP features in your client-side applications you can also use PHP-
GTK to write such programs. You also have the ability to write cross-platform applications this

way. PHP-GTK is an extension to PHP, not available in the main distribution. If you are
interested in PHP-GTK, visit » its own website.
PHP can be used on all major operating systems, including Linux, many Unix variants (including
HP-UX, Solaris and Open BSD), Microsoft Windows, macOS, RISC OS, and probably others.
PHP also has support for most of the web servers today. This includes Apache, IIS, and many
others. And this includes any web server that can utilize the FastCGI PHP binary, like lighttpd
and nginx. PHP works as either a module, or as a CGI processor.
So with PHP, you have the freedom of choosing an operating system and a web server.
Furthermore, you also have the choice of using procedural programming or object oriented
programming (OOP), or a mixture of them both.
With PHP you are not limited to output HTML. PHP's abilities includes outputting images, PDF
files and even Flash movies (using libswf and Ming) generated on the fly. You can also output
easily any text, such as XHTML and any other XML file. PHP can autogenerate these files, and
save them in the file system, instead of printing it out, forming a server-side cache for your
dynamic content.
One of the strongest and most significant features in PHP is its support for a wide range of
databases. Writing a database-enabled web page is incredibly simple using one of the database
specific extensions (e.g., for mysql), or using an abstraction layer like PDO, or connect to any
database supporting the Open Database Connection standard via the ODBC extension. Other
databases may utilize cURL or sockets, like CouchDB.
PHP also has support for talking to other services using protocols such as LDAP, IMAP, SNMP,
NNTP, POP3, HTTP, COM (on Windows) and countless others. You can also open raw network
sockets and interact using any other protocol. PHP has support for the WDDX complex data
exchange between virtually all Web programming languages.
Talking about interconnection, PHP has support for instantiation of Java objects and using them
transparently as PHP objects.
PHP has useful text processing features, which includes the Perl compatible regular expressions
(PCRE), and many extensions and tools to parse and access XML documents.
5.9 JAVA
Java is a programming language and computing platform. Java is used to develop mobile apps,
web apps, desktop apps, games and much more. It was originally designed for embedded
network applications running on multiple platforms. It is a portable, object-oriented, interpreted
language.
Although it is primarily used for Internet-based applications, Java is a simple, efficient, general-
purpose language. Java is extremely portable. The same Java application will run identically on
any computer, regardless of hardware features or operating system, as long as it has a Java
interpreter. Besides portability, another of Java's key advantages is its set of security features
which protect a PC running a Java program not only from problems caused by erroneous code
but also from malicious programs (such as viruses). A Java applet downloaded from the Internet
is safe to run, because Java's security features prevent these types of applets from accessing a
PC's hard drive or network connections. An applet is typically a small Java program that is
embedded within an HTML page.
Java can be considered both a compiled and an interpreted language because its source code is
first compiled into a binary byte-code. This byte-code runs on the Java Virtual Machine (JVM),
which is usually a software-based interpreter. The use of compiled byte-code allows the
interpreter (the virtual machine) to be small and efficient (and nearly as fast as the CPU running
native, compiled code).
In addition, this byte-code gives Java its portability: it will run on any JVM that is correctly
implemented, regardless of computer hardware or software configuration. Most Web browsers
(such as Microsoft Internet Explorer or Netscape Communicator) contain a JVM to run Java
applets.
Java is a dynamic language where you can safely modify a program while it is running. This is
especially important for network applications that cannot afford any downtime. Another key
feature of Java is that it is an open standard with publicly available source code.
Java Development kit (JDK)

JDK is a software development environment used for making applets and Java applications. The
full form of JDK is Java Development Kit. Java developers can use it on Windows, mac OS,
Solaris, and Linux. JDK helps them to code and run Java programs. It is possible to install more
than one JDK version on the same computer.
Java Runtime Environment (JRE)

JRE is a piece of software that is designed to run other software. It contains the class libraries,
loader class, and JVM. In simple terms, to run a Java program, JRE is needed.
Java Virtual Machine (JVM)
Java Virtual Machine (JVM) is an engine that provides a runtime environment to drive the
Java Code or applications. It converts Java bytecode into machine language. JVM is a part of
the Java Run Environment (JRE). In other programming languages, the compiler produces
machine code for a particular system. However, the Java compiler produces code for a Virtual
Machine known as Java Virtual Machine. Here are some important Java applications:
It is used for developing Android Apps
Helps you to create Enterprise Software
Wide range of Mobile java Applications
Scientific Computing Applications
Use for Big Data Analytics
Java Programming of Hardware devices
Used for Server-Side Technologies like Apache, JBoss, GlassFish, etc.
5.10 Python
Python is an interpreted, object-oriented, high-level programming language with dynamic
semantics. Its high-level built in data structures, combined with dynamic typing and dynamic
binding, make it very attractive for Rapid Application Development, as well as for use as a
scripting or glue language to connect existing components together. Python's simple, easy to
learn syntax emphasizes readability and therefore reduces the cost of program maintenance.
Python supports modules and packages, which encourages program modularity and code reuse.

The Python interpreter and the extensive standard library are available in source or binary form
without charge for all major platforms, and can be freely distributed.
Often, programmers fall in love with Python because of the increased productivity it provides.
Since there is no compilation step, the edit-test-debug cycle is incredibly fast. Debugging
Python programs is easy: a bug or bad input will never cause a segmentation fault. Instead,
when the interpreter discovers an error, it raises an exception. When the program doesn't catch
the exception, the interpreter prints a stack trace. A source level debugger allows inspection of
local and global variables, evaluation of arbitrary expressions, setting breakpoints, stepping
through the code a line at a time, and so on. The debugger is written in Python itself, testifying
to Python's introspective power. On the other hand, often the quickest way to debug a program
is to add a few print statements to the source: the fast edit-test-debug cycle makes this simple
approach very effective.
Python is a popular programming language. It is used for web development (server-side),

software development, mathematics, system scripting.
Python can be used on a server to create web applications. It can be used alongside software to
create workflows. It can connect to database systems. It can also read and modify files. It can be
used to handle big data and perform complex mathematics. It is also used for rapid prototyping,
or for production-ready software development.
Python works on different platforms (Windows, Mac, Linux, Raspberry Pi, etc). It has a simple
syntax similar to the English language. It allows developers to write programs with fewer lines
than some other programming languages.
Python runs on an interpreter system, so that code can be executed as soon as it is written. This
means that prototyping can be very quick.
Python can be treated in a procedural way, an object-oriented way or a functional way. Python
is one of the most widely used language over the web.
 Easy-to-learn − Python has few keywords, simple structure, and a clearly
defined syntax. This allows the student to pick up the language quickly.
 Easy-to-read − Python code is more clearly defined and visible to the eyes.
 Easy-to-maintain − Python's source code is fairly easy-to-maintain.
 A broad standard library − Python's bulk of the library is very portable and
cross-platform compatible on UNIX, Windows, and Macintosh.
 Interactive Mode − Python has support for an interactive mode which allows
interactive testing and debugging of snippets of code.
 Portable − Python can run on a wide variety of hardware platforms and has the
same interface on all platforms.
 Extendable − You can add low-level modules to the Python interpreter. These
modules enable programmers to add to or customize their tools to be more
efficient.

 Databases − Python provides interfaces to all major commercial databases.
 GUI Programming − Python supports GUI applications that can be created and
ported to many system calls, libraries and windows systems, such as Windows
MFC, Macintosh, and the X Window system of Unix.
 Scalable − Python provides a better structure and support for large programs than
shell scripting.
Libraries
Python's large standard library, commonly cited as one of its greatest strengths, provides tools
suited to many tasks. For Internet-facing applications, many standard formats and protocols
such as MIME and HTTP are supported. It includes modules for creating graphical user
interfaces, connecting to relational databases, generating pseudorandom numbers, arithmetic
with arbitrary-precision decimals, manipulating regular expressions, and unit testing.
Some parts of the standard library are covered by specifications (for example, the Web Server
Gateway Interface (WSGI) implementation wsgiref follows PEP 333), but most modules are
not. They are specified by their code, internal documentation, and test suites. However, because
most of the standard library is cross-platform Python code, only a few modules need altering or
rewriting for variant implementations.
Python Package Index (PyPI), the official repository for third-party Python software, contains
around 3lac packages with a wide range of functionality.
5.11 Development environments

Most Python implementations (including CPython) include a read–eval–print loop (REPL),
permitting them to function as a command line interpreter for which the user enters statements
sequentially and receives results immediately.
Other shells, including IDLE and IPython, add further abilities such as improved auto-
completion, session state retention and syntax highlighting.
As well as standard desktop integrated development environments, there are Web browser-based
IDEs; SageMath (intended for developing science and math-related Python programs);
PythonAnywhere, a browser-based IDE and hosting environment; and Canopy IDE, a
commercial Python IDE emphasizing scientific computing.
5.12 How to Install Python (Environment Set-up)

In order to become Python developer, the first step is to learn how to install or update Python on
a local machine or computer. In this tutorial, we will discuss the installation of Python on various
operating systems.
Installation on Windows

Visit the link https://www.python.org/downloads/ to download the latest release of Python. In
this process, we will install Python 3.8.6 on our Windows operating system. When we click on
the above link, it will bring us the following page.
Step - 1: Select the Python's version to download.

Click on the download button.
Step - 2: Click on the Install Now

Double-click the executable file, which is downloaded; the following window will open. Select
Customize installation and proceed. Click on the Add Path check box, it will set the Python path
automatically.
We can also click on the customize installation to choose desired location and features. Other
important thing is install launcher for the all user must be checked.

Step - 3 Installations in Process
Now, try to run python on the command prompt. Type the command python -version in case of
python3.
We are ready to work with the Python.

Applications of Python Programming Language
  Program video games
 Build Artificial Intelligence algorithms
 Program various scientific programs such as statistical models
5.13 Conclusion
The area of Web application development from a software engineering point of view. The Web is
an attractive playground for software engineers where you can quickly release an application to
millions of users and receive instant feedback. Web application development requires agility, the
use of standard components, inter-operability, and close attention to user needs. Indeed, one of
the important features of popular Web applications is to support user participation to add
value to the application and collaborate with other users.

Agm Lice Broadband Module

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Agm Lice Broadband Module

Uploaded by

Copyright:

Available Formats

AGM LICE Broadband Module

2.1 THE MODEL

2.2 Layered Architecture

For Restricted Circulation

Figure-10 OSI Model

For Restricted Circulation

For Restricted Circulation

Figure-11 Data Encapsulation

2.8.1 Physical Layer

For Restricted Circulation

Figure-12 Data Transmission in Physical Layer

For Restricted Circulation

For Restricted Circulation

Figure-14 Data Flow in Network Layer

2.8.4 Transport Layer

For Restricted Circulation

 Segmentation and reassembly. A message is divided into transmittable segments,

2.8.5 Session Layer

For Restricted Circulation

Specific responsibilities of the session layer include the following:

Figure-15 Data Flow in Session Layer

For Restricted Circulation

2.8.7 Application layer

 Network virtual terminal. A network virtual terminal is a software version of a

For Restricted Circulation

Figure-17 Data Flow in Application Layer

For Restricted Circulation

TCP/IP PROTOCOL SUITE

3.3 Network Interface/Data Link Layer

3.4 Internet/Network Layer

For Restricted Circulation

1.5 Transport Layer

3.6 Application Layer

3.7 Transmission Control Protocol (TCP)

For Restricted Circulation

Source/dest These fields identity multiple streams to the layer above.

Sequence/ack These are used for the windowing acknowledgement technique.

Checksum Again this covers only the header.

Option This variable-sized field contains some negotiation parameters to

Padding To align to the next 32-bit boundary.

For Restricted Circulation

Figure 3.1 : Architecture of the TCP/IP protocol suite

Source Port Destination Port

Figure 3.2: Format of TCP header

3.8 User Datagram Protocol (UDP)

For Restricted Circulation

Figure 3.3: Format of UDP header

3.9 Internet Protocol

For Restricted Circulation

For Restricted Circulation

Figure 3.4-Format of IP-header

3.10 TCP/IP Applications

For Restricted Circulation

3.10.1-Hypertext Transfer Protocol (HTTP)

3.10.2-Simple Mail Transfer Protocol (SMTP)

SMTP is an Internet standard for electronic mail (email) transmission. SMTP by

3.10.3-Dynamic Host Configuration Protocol (DHCP)

DHCP is used to dynamically (automatically) assign TCP/IP configuration

3.10.4-File Transfer Protocol (FTP)

For Restricted Circulation

3.10.5-Telnet (Telecommunications Network)

3.10.6-Multipurpose Internet Mail Extensions (MIME)

3.10.7 POP (Post Office Protocol)