Computer Network and TCP/IP
A computer network is a system for c
ommunication between computers.
These networks may be fixed (cabled, permanent) or temporary (as via modems or
Categorizing Computer Network
Computer Network can be
Personal area network (PAN)
Local area network (LAN)
Metropolitan area network (MAN)
Wide area network (WAN)
Personal Area Network (PAN)
A personal area network (PAN) is a computer network used for communication
among computer devices (
including telephones and personal digital a
to one person.
The devices may or may not belong to the person in question. The reach of a
typically a few meters.
PANs can be used for communication among the personal devices themselves
(intrapersonal communication), or for connecting to a higher level network and the
Internet (an uplink).
Personal area networks may be wired with computer
buses such as USB and
A wireless personal area network (WPAN) can also be made possible wit
technologies such as IrDA and Bluetooth.
Local Area Network (
A local area network (LAN) is a computer network covering a small local area, like a
home, office, or small group of buildings such
as a home, office, or college.
Current LANs ar
e most likely to be based on switched Ethernet or Wi
running at from 10
The defining characteristics of LANs in contrast to WANs are:
much higher data rates
smaller geographic range
at most a few kilometers
they do not
involve leased telecommunication lines.
"LAN" usually does not refer to data running over local analog telephone lines, as on
a private branch exchange (PBX).
Metropolitan Area Network (MAN)
Metropolitan Area Networks or MANs are large computer networks u
spanning a campus or a city.
They typically use wireless infrastructure or optical fiber connections to link their
For instance a university or college may have a MAN that joins together many of
their local area networks (LANs) situated aroun
d site of a fraction of a square
Then from their MAN they could have several wide area network (WAN) links to
other universities or the Internet.
Some technologies used for this purpose are ATM, FDDI and SMDS. These older
technologies are in the
process of being displaced by Ethernet
based MANs (e.g.
Metro Ethernet) in most areas.
MAN links between LANs have been built without cables using either microwave,
radio, or infra
space optical communication links.
Wide Area Network (
de area network or WAN is a computer network covering a wide geographical
area, involving a vast array of computers.
This is different from personal area networks (PANs), metropolitan area networks
(MANs) or local area networks (LANs) that are usually limi
ted to a room, building or
campus. The most well known example of a WAN is the Internet.
WANs are used to connect local area networks (LANs) together, so that users and
computers in one location can communicate with users and computers in other
Many WANs are built for one particular organization and are private.
Others, built by Internet service providers, provide connections from an
organization's LAN to the Internet.
WANs are most often built using leased lines.
Network protocols including TCP/
IP deliver transport and addressing functions.
Protocols including Packet over SONET/SDH, MPLS, ATM and Frame relay are often
used by service providers to deliver the links that are used in WANs.
The internet protocol suite
like many pro
tocol suites; can be viewed as a set of
layers, each layer solves a set of problems involving the transmission of data, and
provides a well
defined service to the upper layer protocols based on using services
from some lower layers.
Upper layers are logica
lly closer to the user and deal with more abstract data, relying
on lower layer protocols to translate data into forms that can eventually be
The OSI model describes a fixed set of seven layers that some vendors prefer and
be roughly compared to the TCP/IP model.
The OSI reference model is a hierarchical structure of seven layers that defines the
requirements for communications between two computers.
A system that implements protocol behavior
consisting of a series of these layers is
known as a 'protocol stack' or 'stack'.
Protocol stacks can be implemented either in hardware or software, or a
mixture of both.
Typically, only the lower layers are implemented in hardware, with the
being implemented in software.
The model was defined by the International Organization for Standardization in the
ISO standard 7498
It was conceived to allow interoperability across the various platforms offered by
vendors. The model allows all network
elements to operate together, regardless of
who built them.
Each layer has the property that it only uses the functions of the layer below, and
only exports functionality to the layer above.
This logical separation of layers makes reasoning about the behav
ior of protocol
stacks much easier, allowing the design of elaborate but highly reliable protocol
By the late 1970's, ISO was recommending the implementation of the OSI model as a
, by that time, TCP/IP had been in use f
or years. TCP/IP was fundamental to
ARPANET and the other networks that evolved into the Internet.
Only a subset of the
whole OSI model is used today.
It is widely believed that much of the specification is too complicated and that its full
functionality has taken too long to implement, although there are many people who
strongly support the OSI model.
On the other hand, many feel that the best thing ab
out the whole ISO networking
effort is that it failed before it could do too much damage.
Description of OSI Layers:
Figure 2.1: OSI 7
Layer 1: Physical layer
all the electrical and physical specifications for devices
includes the layout of pins, voltages, and cable specifications. Hubs,
repeaters and network adapters are physical
The major functions and services performed by the physical layer are:
establishment and termination of a connection to a
participation in the process whereby the communication resources
are effectively shared among multiple users. For example,
contention resolution and flow control.
modulation, or co
nversion between the representation of digital
data in user equipment and the corresponding signals transmitted
over a communications channel. These are signals operati
the physical cabling (
r and fiber optic)
or over a radio link.
Layer 2: Dat
a Link layer
Provides the functional and procedural means to transfer data between
network entities and to detect and possibly correct errors that may occur
in the Physical layer.
The addressing scheme is physical which means that the addresses (MAC
s) are hard
coded into the network ca
rds at the time of
This is the layer at whic
bridges and switches
Connectivity is provided only among locally attached network nodes
The best known example of a layer 2 protocol is the Ethernet.
Layer 3: Network layer
the functional and procedural means of transferring variable
length data sequences from a source to a destination via one or more
networks while maintaining the quality of service re
quested by the
k layer performs network routing, flow control,
segmentation/desegmentation, and error control functi
operate at this layer
sending data throughout the extended
network and making the Internet possible (there also e
xist layer 3 (or IP)
The addressing scheme is logical
chosen by the network
The best known example of a layer 3 protocol is the Internet Protocol (IP).
Layer 4: Transport layer
rovides transparent transfer of data between end users, thus relieving
the upper layers from any concern with providing reliable an
effective data transfer.
The transport layer controls the reliability of a given link. Some protocols
state and connection oriented.
This means that the transport layer can keep track
of the packets and
retransmit those t
The best known example of a layer 4 protocol
Layer 5: Session layer
rovides the mechanism for managing the dialogue between
It provides for either duplex or
duplex operation and establishes
checkpointing, adjournment, termination, and restart procedures.
The OSI model made this layer responsible for "graceful close" of sessions,
which is a property of TCP, and also for session checkpointing and
not usually used in the Internet protocol
Layer 6: Presentation layer
The Presentation layer relieves the Application layer of concern regarding
syntactical differences in data representati
on within the end
MIME encoding, data
compression, encryption, and similar manipulation
of the presentation
of data are done at this layer.
Examples: converting an EBCDIC
coded text file to an ASCII
coded file, or
serializing objects and other data structures into and out of XML.
Layer 7: App
The Application layer services facilitate communication between software
applications and lower
layer network services so that the network can
interpret an application's request and, in turn, the application can
ret data sent from the
Through Application layer protocols, software applications negotiate
eir formatting, procedural, secu
rity, synchronization, and other
requirements with the network.
Some common Application layer protocols are HTTP, SMTP, FTP and
Session establishment for
Ethernet Repeater, Ethernet
The IP suite uses encapsulation to provide abstraction of protocols and services to
different layers in the stack. The stack consists of four layers:
DNS, TLS/SSL, TFTP, FTP, HTTP, IMAP, IRC,
NNTP, POP3, SIP, SMTP, SNMP, SSH, TELNET,
ECHO, BitTorrent, RTP, rlogin, ENRP, …
Routing protocols like BGP and RIP, which for a
variety of reasons run over TCP and UDP
respectively, may also be considered part
application or network layer.
TCP, UDP, DCCP, SCTP, IL, RUDP, …
Routing protocols like OSPF, which run over IP,
may also be considered part of the transport or
network layer. I䍍C and IG䵐 run over IP may
be considered part of the
IP (IPv4, IPv6)
䅒P and R䅒P operate underneath IP but above
the link layer so they belong somewhere in
Fi, Token ring, PPP, SLIP, FDDI,
䅔䴬 Frame Relay, S䵄S
The layers near the top are
logically closer to the user while those near the bottom
are logically closer to the phy
sical transmission of the data.
Each layer has an upper layer protocol and a lower layer protocol (except the
top/bottom protocols, of course) that either use said laye
r's service or p
This abstraction also allows upper layers to provide services that the lower layers
not, or choose not, to provide.
For example, IP is designed not
be reliable and is a best effort delivery protocol.
is means that all transport layer must address whether or not to provide
reliability and to what degree.
UDP provides data integrity (via a checksum) but does not guarantee delivery; TCP
provides both data integrity and delivery guarantee (by retransmitt
receiver receives the packet).
Encapsulation of data within a UDP datagram within an IP packet
When systems exchange data using the TCP/IP model, they are
peer communication is
the ability of a specific layer to communicate with the corresponding
layer on another host
At each layer, the data or message is encapsulated and header
information about the corresponding protocol layer added. This
on is key in the peer
peer communication and is used to de
encapsulate and direct the message to the appropriate application.
Figure 2.3: Peer
Ethernet Frame Header:
Figure 2.4: Ethernet Frame Header
Figure 2.6: TCP Header
Figure 2.7: UDP Header
Local Area Network
The LAN is a communication system that links computers into a network, usually via
based cabling scheme.
personal computers (PCs), workstations, and servers to allow users to
communicate and share resources like hard disk storag
e and printers.
Devices linked by a LAN can be on the same floor
or within a building or campus.
It is user
owned and does not run o
ver leased lines, though a LAN might have
gateways to a wide area network (WAN).
LAN architecture can be divided into two categories; software and hardware.
user application may use a software protocol suite such as the
TCP/IP or ISO/OSI
The physical network medium is designed to carry signals encoded with
information, such as coaxial, twisted
pair cable, or fiber
carrying multiband modulated laser light.
Media types are displayed
with their IEEE identifiers. These identifiers include three
pieces of information:
The first part, 10 or 100 or 1000 or 10G, stands for a media speed of 10
Mbps or 100
Mbps or 1000
Mbps or 10
The second part, BASE, stands for baseband
, which is a type of signaling.
Baseband signaling means Ethernet signals are the only signals carried
over the media system.
The third part of the identifier provides a rough indication of segment
type or length. The designation T or F stands for twisted
pair or fiber
optic cable, respectively.
Whereas S or L represent
short or long distance.
Media commonly used for Ethernet networking in LAN are:
10 Mbit/s, Manchester coded signaling, copper twisted pair
3 coded si
gnaling, CAT5 copper
two twisted pairs.)
4B5B NRZI coded signaling, two strands of multi
optical fiber. Maximum length is 400 mete
rs for half
ensure collisions are detected]
or 2 kilometers for full
100 Mbit/s Ethernet over multi
mode fiber. Maximum
length is 300 meters. 100BASE
SX used short wave length
optics that was sharable with 10BASE
FL, thus making it possible to have
negotiation scheme and have 10/100 fiber ad
5 coded signaling, CAT5/CAT5e/CAT6 copper c
with four twisted pairs [
used in both directions
8B10B NRZ coded signaling,
mode fiber [up to 550
8B10B NRZ cod
ed signaling, multi
mode fiber [
m] or single
mode fiber [
up to 2 km; can be optimized for
distances, up to 10 km])
designed to support short distances over deployed multi
mode fiber cabling, it has a range of between 26 m and 82 m depending
on cable type. It
also supports 300 m operation over a n
ew 2000 MHz.km
uses wavelength division multiplexing to support ranges
of between 240 m and 300 m over deployed multi
mode cabling. Also
ts 10 km over single
supports 10 km over single
Twisted Pair Cabling
Twisted pair cable consists of a pair of insulated wires twisted together. It is a cable
type used in telecommunication for very long time. Cable twisting helps to reduce
noise pickup from
outside sources and crosstalk on multi
Twisted pair cabling comes in two varieties: shielded
The only difference between STP and UTP is that STP has a foil or wire braid
wrapped around the individual wires of the pa
irs. The shielding is designed to
minimize EMI radiation a
nd susceptibility to crosstalk.
The STP cable uses a woven
copper braided jacket, which is a higher
protective jacket than UTP.
is twisted pair cabl
ing that contains no
. A category 5e UTP cable has four twisted pairs of copper wire and can
transmit data at the rate of 1000Mbps.
The standard connector for twisted pair cabling is an RJ
45 connector. This is a
plastic connector that looks like
A slot allows the RJ
to be inserted only one way.
RJ stands for Registered Jack, implying that the connector follows a standard
ed from the telephone industry.
This standard designates which wire goes with each p
in inside the connector.
Straight and Crossover UTP cable
Straight cables are used when connecting devices with MDI ports to
devices with MDIX ports (different MDI type).
Example: Connecting PC to hub, PC to switch, switch to router.
Cross cables are used
when connecting a device with MDI port to another
device with MDI port OR when connecting a device with MDIX port to
another device with MDIX port (same MDI types).
Example: Connecting PC to PC, PC to router, switch to switch
switch to hub, hub to hub
medium dependent interface
Devices with MDIX ports are usually hubs and switches.
Devices with MDI ports are usually PCs and routers.
Newer devices usually have
auto MDI/MDIX negotiation
Arrangement for T568B straight cable:
2.8: Straight Cable
Arrangement for T568B crossover cable:
Figure 2.9: Crossover Cable
LANs can contain the following components:
A device that amplifies and regenerates the data signal bit by
bit in order to extend the
distance of the transmission. A repeater does
not read or interpret the data.
The central device through which all hosts in a twisted pair
Ethernet installation are connected.
A device that connects two or more network segments. It is a link
layer device that reads and interprets packet addresses for the purposes
of filtering or forwarding.
A multiport device, which provides for the logical dynamic
connection and disconnection between any two cable segments without
tion. The switch is a high
speed device because multiple
data paths can be established and used simultaneously.
A device that has two or more network interfaces. It examines
the software protocol (IP) address, selects an appropriate travel path, a
forwards the packet accordingly between separate networks.
Virtual LAN (VLAN)
A virtual LAN, commonly known as a vLAN or as a VLAN, is a logically
network. Several VLANs can co
exist on a single physical switch.
A VLAN consists of a network
of computers that behave as if connected to the same
even though they may actually physically connect
to different segments of a
Network administrators configure VLANs through software rather than hardware,
kes them extremely flexible.
One of the biggest advantages of VLANs emerges when physically moving a
computer to another location: it can stay on the same
without the need for
any hardware reconfiguration.
Early network designers often configured VLANs with the aim of reducing
the size of
the collision domain in a large single Ethernet segment and
thus of improving
When Ethernet switches made this a non
issue (because they have no collision
domain), attention turned to reducing the size of the broadcast domain at th
Virtual networks can also serve to restrict access to network resources without
regard to physical topology of the network, although the strength of this method
Virtual LANs operate at layer 2 (the data link layer) of
the OSI model. However,
administrators often configure a VLAN to map directly to an IP network, or subnet,
which gives the appearance of involving layer 3 (the network layer).
In the context of VLANs, the term "trunk" denotes a network link carrying multip
VLANs which are identified by
inserted into their packets.
Such trunks must run between "tagged ports" of VLAN
aware devices, so are often
switch or switch
router links rather than links to hosts.
The IEEE 802.1Q VLAN
dominates the VLAN world.
Prior to the introduction of 802.1Q several proprietary protocols existed, such as
Cisco's ISL (Inter
Switch Link) and 3Com VLT (Virtual LAN Trunk). Even Cisco now
deprecates ISL in favor of 802.1Q.
IEEE 802.1Q VLA
N Tag in Ethernet Frame
Duplex Ethernet is the traditional form of Ethernet that uses the CSMA/CD
(Carrier Sense Multiple Acc
ess/Collision Detect) protocol.
Devices connected to a hub or any half duplex connection uses CSMA/CD
With CSMA/CD tw
o or more stations shar
e a common transmission medium. Th
stations are said to be within the same
To transmit a frame, a station must wait for an idle period on the medium when no
other station is transmitting.
It then transmits the fr
ame by broadcasting it over the medium such that it is
"heard" by all the
other stations on the network.
f another device tries to send data at the same time, a "collision" is said to occur.
The transmitting station then intentionally transmits a "jam se
quence" to ensure all
stations are notified the frame transmis
sion failed due to a collision.
The station then remains silent for a random period of time befor
e attempting to
This process is repeated until the frame is eventually transmitte
Collision Domain and Broadcast Domain
In a network we need to reduce both collision domain and broadcast domain to a
A collision domain is a logical area in a computer network where data
"collide" with one another, in particular in the Ethernet
The more collisions in a network the less efficient it is.
Collision domain is defined as connected devices configured in a half
duplex port configuration, connected to each oth
er or a hub.
If a device is connected to a switch port and full
duplex mode is
configured, such a point
point connection is collisionless.
Routers, bridges and switches reduce collision domain. Collision domain
is based on physical media.
A broadcast domain is a logical area in a computer network where any
computer connected to the computer network can directly transmit to
any other in the domain without having to go through a routing device.
They share the same subnet and gateway addre
ss and are in the same
More specifically it is an area of the computer network made up of all the
computers and networking devices able to be reached by sending a frame
to the data link layer broadcast address.
Routers reduce broadcast domain. Broadc
ast domain is based on logical
A broadcast packet is a special type of
all nodes on
the network are always willing to receive.
IP Addressing and Subnetting
An IP address is an address used to uniquely identify a device on an
The address is made up of 32 binary bits, which can be divisible into a network
portion and host portion with the help of a subnet mask.
The 32 binary bits are broken into four octets (1 octet = 8 bits).
Each octet is converted to decimal and
separated by a period (dot).
For this reason, an IP address is said to be expressed in dotted decimal format (for
The value in each octet ranges from 0 to 255 in decimal, or 00000000
Here is how bi
The right most bit, or least significant bit, of an octet will hold a value of
. The bit just to the left of that will hold a value of 2
. This continues
until the left
most bit, or most significant bit, which will hold a value of
So if all binary bits are a one, the decimal equivalent would be 255 as
1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)
Here is a sample octet conversion when n
ot all of the bits are set to 1:
0 1 0 0 0 0 0 1
0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)
And this is sample shows an IP address represented in both binary and decimal.
10. 1. 23. 19 (decimal)
These octets are broken down to provide an addr
essing scheme that can
accommodate large and small networks.
Classful IPv4 Addressing
There are five different classes of networks, A to E.
We will focus on addressing classes A to C, since class D is reserved for multicast and
class E is reserved for futu
Given an IP address, its class can be determined from the three high
order bits. The
below shows the significance in the three high order bits and the range of
addresses that fall into each class.
Figure 2.11: IPv4 Classes
In a Class A address, the first octet is the network portion. Octets 2, 3, and 4 (the next
24 bits) are for the network manager to divide into subnets and hosts as he sees fit.
Class A addresses are used for networks that have more than 65,536 hosts (actua
up to 16777214 hosts!).
In a Class B address, the first two octets are the network portion. Octets 3 and 4 (16
bits) are for local subnets and hosts. Class B addresses are used for networks that
have between 256 and 65534 hosts.
In a Class C address
, the first three octets are the network portion. Octet 4 (8 bits) is
for local subnets and hosts
perfect for networks with less than 254 hosts.
A network mask helps you know which portion of the address identifies the network
and which por
tion of t
he address identifies the node.
Class A, B, and C networks have
default masks, also known as natural masks, as
Class A: 255.0.0.0
Class B: 255.255.0.0
Class C: 255.255.255.0
An IP address on a Class A network that has not been subnetted w
ould have an
address/mask pair similar to example: 18.104.22.168/255.0.0.0.
To see how the mask helps you identify the network and node parts of the address,
convert the address and mask to binary numbers.
22.214.171.124 = 00001000.00010100.00001111.00000001
0.0 = 11111111.00000000.00000000.00000000
Once you have the address and the mask represented in binary, then identifying the
network and host ID is easier. Any address bits which have corresponding mask bits
set to 1 represent the network ID. Any address b
its that have corresponding mask
bits set to 0 represent the node ID.
126.96.36.199 = 00001000.00010100.00001111.00000001
255.0.0.0 = 11111111.00000000.00000000.00000000
net id |
netid = 00001000 = 8
hostid = 00010100.00001111.00000001 = 20.15.1
Subnetting allows you to create multiple logical networks that exist within a single
Class A, B, or C network. If you do not subnet,
you will only be able to use one
network from your Class A, B, or C network, which is unrealistic.
Each data link on a network must have a unique network ID, with every node on that
link being a member of the same network. If you break a major network (C
lass A, B,
or C) into smaller subnetworks, it allows you to create a network of interconnecting
Each data link on this network would then have a unique subnetwork ID. Any device,
or gateway, connecting
distinct IP addresses
, one for each
subnetwork that it interconnects.
To subnet a network, extend the natural mask using some of the bits from the host
ID portion of the address to create a subnetwork ID. For example, g
iven a Class C
network of 204.17
.5.0 which has a natural m
ask of 255.255.255.0, you can create
subnets in this manner:
By extending the mask to be 255.2
55.255.224, you have taken three bits (indicated
by "sub") from the original host portion of the address
and used them to make
With these three bits, it is possible to create eight subnets. With the remaining five
host ID bits, each subnet can hav
e up to 32 host addresses, 30 of which can actually
be assigned to a device since host ids of all zeros or all ones are not allowed (it is
ry important to remember this).
So, with this in mind, tho
se subnets have been created
host address range 1 to 30
.5.32 255.255.255.224 host address range 33 to 62
.5.64 255.255.255.224 host address range 65 to 94
.5.96 255.255.255.224 host address range 97 to 126
.5.128 255.255.255.224 host address
range 129 to 158
.5.160 255.255.255.224 host address range 161 to 190
.5.192 255.255.255.224 host address range 193 to 222
.5.224 255.255.255.224 host address range 225 to 254
The network subnetting scheme in this section allows for
eight subnets, and the
network might appear as
in example below
Figure 2.12: Subnetting Example
Variable Length Subnet Mask (VLSM)
the previous example of subnetting
notice that the same subnet mask was applied
for all the subnets. This means that e
ach subnet has the same number of availab
You may need this in some cases, but, in most cases, having the same subnet mask
for all subnets ends up wasting address space
For example, let’s say we now need to create subnets with the follow
requirements for 204.15.
netA: must support 14 hosts
netB: must support 28 hosts
netC: must support 2 hosts
netD: must support 7 hosts
netE: must support 28 host
Determine what mask allows the required number of hosts.
netA: requires a /28
(255.255.255.240) mask to support 14 hosts
netB: requires a /27 (255.255.255.224) mask to support 28 hosts
netC: requires a /30 (255.255.255.252) mask to support 2 hosts
netD: requires a /28 (255.255.255.240) mask to support 7 hosts
netE: requires a /27 (2
188.8.131.52) mask to support 28 hosts
The easiest way to assign the subnets is to assign the largest first. For example, you
can assign in this manner:
netB: 184.108.40.206/27 host address range 1 to 30
netE: 220.127.116.11/27 host address range 33 to 62
: 18.104.22.168/28 host address range 65 to 78
netD: 22.214.171.124/28 host address range 81 to 94
netC: 126.96.36.199/30 host address range 97 to 98
This can be graphically represented as shown in the figure below:
VLSM helped save more than half
of the address space
Classless Inter Domain Routing (CIDR)
Classless Interdomain Routing (CIDR) was introduced in 1993 to improve both
address space utilization and routing scalability in the Internet.
It was needed because of the rapid growth of the Inte
rnet and growth of the IP
routing tables held in the Internet routers.
CIDR moves way from the traditional IP classes (Class A, Class B and Class C).
CIDR uses variable length subnet masks (VLSM) to allocate IP addresses to subnets
according to individual
In CIDR, an IP network is represented by a prefix, which is an IP address and some
indication of the length of the mask.
Length means the number of left
most contiguous mask bits that are set to one. So
network 172.16.0.0 255.255.0.0 can be represent
ed as 172.16.0.0/16.
CIDR also depicts a more hierarchical Internet architecture, where each domain
takes its IP addresses from a higher level. This allows for the summarization of the
domains to be done at the higher level.
For example, if an ISP owns net
work 172.16.0.0/16, then the ISP can offer
172.16.1.0/24, 172.16.2.0/24,and so on to customers. Yet, when advertising to other
providers, the ISP only needs to advertise 172.16.0.0/16.
For more information on CIDR, you can refer to RFC 1518 and RFC 1519.