1 Submitted by: Name: Amlan Basu College: ITM University Branch: Electronics and Communication NETWORKING When we connect two or more than two devices (pc) via cable or wifi device for the pupose of communication and to share files or resources then it is networking. A network, is a collection of computers and other hardware components interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, 2 more than one computer interconnected through a communication medium for information interchange is called a computer network. Networks may be classified according to a wide variety of characteristics, such as the medium used to transport the data, communications protocol used, scale, topology, and organizational scope. Communications protocols define the rules and data formats for exchanging information in a computer network, and provide the basis for network programming. Well-known communications protocols include Ethernet, a hardware and link layer. standard that is ubiquitous in local area networks, and the Internet protocol suite, which defines a set of protocols for internetworking, i.e. for data communication between multiple networks, as well as host-to-host data transfer, and application-specific data transmission formats. Networking is sometimes considered a sub-discipline of electrical engineering, telecommunications, computer science, information technology or computer engineering, since it relies upon the theoretical and practical application of these disciplines. History of networking: Before the advent of computer networks that were based upon some type of telecommunications system, communication between calculation machines and early computers was performed by human users by carrying instructions between them. Many of the social behaviors seen in today's Internet were demonstrably present in the 19th century and arguably in even earlier networks using visual signals. In September 1940, George Stibitz used a Teletype machine to send instructions for a problem set from his Model at Dartmouth College to his Complex Number Calculator in New York and received results back by the same means. Linking output systems like teletypewriters to computers was an interest at the Advanced Research Projects Agency (ARPA) when, in 1962, J.C.R. Licklider was hired and developed a working group he called the "Intergalactic Computer Network", a precursor to the ARPANET. Early networks of communicating computers included the military radar system ,SemiAutomatic Ground Environment (SAGE), started in the late 1950s. 3 The commercial airline reservation system semi-automatic business research environment (SABRE) went online with two connected mainframes in 1960. In 1964, researchers at Dartmouth developed the Dartmouth Time Sharing System for distributed users of large computer systems. The same year, at Massachusetts Institute of Technology, a research group supported by General Electric and Bell Labs used a computer to route and manage telephone connections. Throughout the 1960s Leonard Kleinrock, Paul Baran and Donald Davies independently conceptualized and developed network systems which used packets that could be used in a network between computer systems. 1965 Thomas Merrill and Lawrence G. Roberts created the first wide area network (WAN). The first widely used telephone switch that used true computer control was introduced by Western Electric in 1965. In 1969 the University of California at Los Angeles, the Stanford Research Institute, University of California at Santa Barbara, and the University of Utah were connected as the beginning of the ARPANET network using 50 kbit/s circuits. Commercial services using X.25 were deployed in 1972, and later used as an underlying infrastructure for expanding TCP/IP networks. Today, computer networks are the core of modern communication. All modern aspects of the public switched telephone network (PSTN) are computer-controlled, and telephony increasingly runs over the Internet Protocol, although not necessarily the public Internet. The scope of communication has increased significantly in the past decade, and this boom in communications would not have been possible without the progressively advancing computer network. Computer networks, and the technologies needed to connect and communicate through and between them, continue to drive computer hardware, software, and peripherals industries. This expansion is mirrored by growth in the numbers and types of users of networks, from the researcher to the home user. Properties of networking: 1. Facilitate communications Using a network, people can communicate efficiently and easily via email, instant messaging, chat rooms, telephone, video telephone calls, and video conferencing. 4 2. Permit sharing of files, data, and other types of information In a network environment, authorized users may access data and information stored on other computers on the network. The capability of providing access to data and information on shared storage devices is an important feature of many networks. 3. Share network and computing resources In a networked environment, each computer on a network may access and use resources provided by devices on the network, such as printing a document on a shared network printer. Distributed computing uses computing resources across a network to accomplish tasks. 4. May be insecure A computer network may be used by computer hackers to deploy computer viruses or computer worms on devices connected to the network, or to prevent these devices from normally accessing the network (denial of service). 5. May interfere with other technologies Power line communication strongly disturbs certain forms of radio communication, e.g., amateur radio. It may also interfere with last mile access technologies such as ADSL and VDSL. 6. May be difficult to set up A complex computer network may be difficult to set up. It may also be very costly to set up an effective computer network in a large organization or company. Communication media: Computer networks can be classified according to the hardware and associated software technology that is used to interconnect the individual devices in the network, such as electrical cable (HomePNA, power line communication, G.hn), optical fiber, and radio waves (wireless LAN). In the OSI model, these are located at levels 1 and 2. 5 A well-known family of communication media is collectively known as Ethernet. It is defined by IEEE 802 and utilizes various standards and media that enable communication between devices. Wireless LAN technology is designed to connect devices without wiring. These devices use radio waves or infrared signals as a transmission medium. Wired technologies The order of the following wired technologies is, roughly, from slowest to fastest transmission speed. 1. Twisted pair wire is the most widely used medium for telecommunication. Twisted-pair cabling consist of copper wires that are twisted into pairs. Ordinary telephone wires consist of two insulated copper wires twisted into pairs. Computer networking cabling (wired Ethernet as defined by IEEE 802.3) consists of 4 pairs of copper cabling that can be utilized for both voice and data transmission. The use of two wires twisted together helps to reduce crosstalk and electromagnetic induction. The transmission speed ranges from 2 million bits per second to 10 billion bits per second. Twisted pair cabling comes in two forms: unshielded twisted pair (UTP) and shielded twisted-pair (STP). Each form comes in several category ratings, designed for use in various scenarios. 2. Coaxial cable is widely used for cable television systems, office buildings, and other work-sites for local area networks. The cables consist of copper or aluminum wire surrounded by an insulating layer (typically a flexible material with a high dielectric constant), which itself is surrounded by a conductive layer. The insulation helps minimize interference and distortion. Transmission speed ranges from 200 million bits per second to more than 500 million bits per second. 3. ITU-T G.hn technology uses existing home wiring (coaxial cable, phone lines and power lines) to create a high-speed (up to 1 Gigabit/s) local area network. 4. An optical fiber is a glass fiber. It uses pulses of light to transmit data. Some advantages of optical fibers over metal wires are less transmission loss, immunity from electromagnetic radiation, and very fast transmission speed, up to trillions of bits per second. One can use different colors of lights to increase the number of messages being sent over a fiber optic cable. 6 Wireless technologies Terrestrial microwave – Terrestrial microwave communication uses Earth-based transmitters and receivers resembling satellite dishes. Terrestrial microwaves are in the low-gigahertz range, which limits all communications to line-of-sight. Relay stations are spaced approximately 48 km (30 mi) apart. Communications satellites – The satellites communicate via microwave radio waves, which are not deflected by the Earth's atmosphere. The satellites are stationed in space, typically in geosynchronous orbit 35,400 km (22,000 mi) above the equator. These Earthorbiting systems are capable of receiving and relaying voice, data, and TV signals. Cellular and PCS systems use several radio communications technologies. The systems divide the region covered into multiple geographic areas. Each area has a low-power transmitter or radio relay antenna device to relay calls from one area to the next area. Radio and spread spectrum technologies – Wireless local area network use a highfrequency radio technology similar to digital cellular and a low-frequency radio technology. Wireless LANs use spread spectrum technology to enable communication between multiple devices in a limited area. IEEE 802.11 defines a common flavor of open-standards wireless radio-wave technology. Infrared communication can transmit signals for small distances, typically no more than 10 meters. In most cases, line-of-sight propagation is used, which limits the physical positioning of communicating devices. A global area network (GAN) is a network used for supporting mobile across an arbitrary number of wireless LANs, satellite coverage areas, etc. The key challenge in mobile communications is handing off user communications from one local coverage area to the next. In IEEE Project 802, this involves a succession of terrestrial wireless LANs. Exotic technologies There have been various attempts at transporting data over more or less exotic media: 7 IP over Avian Carriers was a humorous April fool's Request for Comments, issued as RFC 1149. It was implemented in real life in 2001. Extending the Internet to interplanetary dimensions via radio waves. Both cases have a large round-trip delay time, which prevents useful communication. Communication protocol and network programming: A communications protocol is a set of rules for exchanging information over a network. It is typically a protocol stack (also see the OSI model), which is a "stack" of protocols, in which each protocol uses the protocol below it. An important example of a protocol stack is HTTP running over TCP over IP over IEEE 802.11 (TCP and IP are members of the Internet Protocol Suite, and IEEE 802.11 is a member of the Ethernet protocol suite). This stack is used between the wireless router and the home user's personal computer when the user is surfing the web. Communication protocols have various properties, such as whether they are connection-oriented or connectionless, whether they use circuit mode or packet switching, or whether they use hierarchical or flat addressing. There are many communication protocols, a few of which are described below. Ethernet Ethernet is a family of connectionless protocols used in LANs, described by a set of standards together called IEEE 802 published by the Institute of Electrical and Electronics Engineers. It has a flat addressing scheme and is mostly situated at levels 1 and 2 of the OSI model. For home users today, the most well-known member of this protocol family is IEEE 802.11, otherwise known as Wireless LAN (WLAN). However, the complete protocol suite deals with a multitude of networking aspects not only for home use, but especially when the technology is deployed to 8 support a diverse range of business needs. MAC bridging (IEEE 802.1D) deals with the routing of Ethernet packets using a Spanning Tree Protocol, IEEE 802.1Q describes VLANs, and IEEE 802.1X defines a port-based Network Access Control protocol, which forms the basis for the authentication mechanisms used in VLANs, but it is also found in WLANs – it is what the home user sees when the user has to enter a "wireless access key". Internet Protocol Suite The Internet Protocol Suite, often also called TCP/IP, is the foundation of all modern internetworking. It offers connection-less as well as connection-oriented services over an inherently unreliable network traversed by datagram transmission at the Internet protocol (IP) level. At its core, the protocol suite defines the addressing, identification, and routing specification in form of the traditional Internet Protocol Version 4 (IPv4) and IPv6, the next generation of the protocol with a much enlarged addressing capability. SONET/SDH Synchronous Optical Networking (SONET) and Synchronous Digital Hierarchy (SDH) are standardized multiplexing protocols that transfer multiple digital bit streams over optical fiber using lasers. They were originally designed to transport circuit mode communications from a variety of different sources, primarily to support real-time, uncompressed, circuit-switched voice encoded in PCM format. However, due to its protocol neutrality and transport-oriented features, SONET/SDH also was the obvious choice for transporting Asynchronous Transfer Mode (ATM) frames. Asynchronous Transfer Mode Asynchronous Transfer Mode (ATM) is a switching technique for telecommunication networks. It uses asynchronous time-division multiplexing and encodes data into small, fixed-sized cells. This differs from other protocols such as the Internet Protocol Suite or Ethernet that use variable sized packets or frames. ATM has similarity with both circuit and packet switched networking. This makes it a good choice for a network that must handle both traditional high-throughput data 9 traffic, and real-time, low-latency content such as voice and video. ATM uses a connectionoriented model in which a virtual circuit must be established between two endpoints before the actual data exchange begins. While the role of ATM is diminishing in favor of next-generation networks, it still plays a role in the last mile, which is the connection between an Internet service provider and the home user. For an interesting write-up of the technologies involved, including the deep stacking of communications protocols used, see. Network programming Computer network programming involves writing computer programs that communicate with each other across a computer network. Different programs must be written for the client process, which initiates the communication, and for the server process, which waits for the communication to be initiated. Both endpoints of the communication flow are implemented as network sockets; hence network programming is basically socket programming. Scale: Networks are often classified by their physical or organizational extent or their purpose. Usage, trust level, and access rights differ between these types of networks. Personal area network A personal area network (PAN) is a computer network used for communication among computer and different information technological devices close to one person. Some examples of devices that are used in a PAN are personal computers, printers, fax machines, telephones, PDAs, scanners, and even video game consoles. A PAN may include wired and wireless devices. The reach of a PAN typically extends to 10 meters. A wired PAN is usually constructed with USB and Firewire connections while technologies such as Bluetooth and infrared communication typically form a wireless PAN. Local area network 10 A local area network (LAN) is a network that connects computers and devices in a limited geographical area such as home, school, computer laboratory, office building, or closely positioned group of buildings. Each computer or device on the network is a node. Current wired LANs are most likely to be based on Ethernet technology, although new standards like ITU-T G.hn also provide a way to create a wired LAN using existing home wires (coaxial cables, phone lines and power lines). A sample LAN is depicted in the accompanying diagram. All interconnected devices must understand the network layer (layer 3), because they are handling multiple subnets (the different colors). Those inside the library, which have only 10/100 Mbit/s Ethernet connections to the user device and a Gigabit Ethernet connection to the central router, could be called "layer 3 switches" because they only have Ethernet interfaces and must understand IP. It would be more correct to call them access routers, where the router at the top is a distribution router that connects to the Internet and academic networks' customer access routers. LAN Protocol: LLC: In the seven-layer OSI model of computer networking, the logical link control (LLC) data communication protocol layer is the upper sublayer of the data link layer, which is itself layer 2. The LLC sub layer provides multiplexing mechanisms that make it possible for several network protocols (IP, IPX, Decnet and Appletalk) to coexist within a multipoint network and to be transported over the same network media. It can also provide flow control and automatic repeat request (ARQ) error management mechanisms. The LLC sublayer acts as an interface between the media access control (MAC) sub layer and the network layer. MAC: In the seven-layer OSI model of computer networking, media access control (MAC) data communication protocol is a sublayer of the data link layer, which itself is layer 2. The MAC sublayer provides addressing and channel access control mechanisms that make it possible for several terminals or network nodes to communicate within a multiple access network that incorporates a shared medium, e.g. Ethernet. The hardware that implements the MAC is referred to as a medium access controller. 11 The MAC sublayer acts as an interface between the logical link control (LLC) sublayer and the network's physical layer. The MAC layer emulates a full-duplex logical communication channel in a multi-point network. This channel may provide unicast, multicast or broadcast communication service. CSMA/CD: The CSMA/CD protocol functions somewhat like a dinner party in a dark room. Everyone around the table must listen for a period of quiet before speaking (Carrier Sense). Once a space occurs everyone has an equal chance to say something (Multiple Access). If two people start talking at the same instant they detect that fact, and quit speaking (Collision Detection.) To translate this into Ethernet terms, each interface must wait until there is no signal on the channel, then it can begin transmitting. If some other interface is transmitting there will be a signal on the channel, which is called carrier. All other interfaces must wait until carrier ceases before trying to transmit, and this process is called Carrier Sense. All Ethernet interfaces are equal in their ability to send frames onto the network. No one gets a higher priority than anyone else, and democracy reigns. This is what is meant by Multiple Access. Since signals take a finite time to travel from one end of an Ethernet system to the other, the first bits of a transmitted frame do not reach all parts of the network simultaneously. Therefore, it's possible for two interfaces to sense that the network is idle and to start transmitting their frames simultaneously. When this happens, the Ethernet system has a way to sense the "collision" of signals and to stop the transmission and resend the frames. This is called Collision Detect. The CSMA/CD protocol is designed to provide fair access to the shared channel so that all stations get a chance to use the network. After every packet transmission all stations use the CSMA/CD protocol to determine which station gets to use the Ethernet channel next. The defining characteristics of LANs, in contrast to WANs (Wide Area Networks), include their higher data transfer rates, smaller geographic range, and no need for leased telecommunication lines. Current Ethernet or other IEEE 802.3 LAN technologies operate at data transfer rates up to 10 Gbit/s. IEEE has projects investigating the standardization of 40 and 100 Gbit/s. LANs can be connected to Wide area network by using routers. 12 Home area network A home area network (HAN) is a residential LAN which is used for communication between digital devices typically deployed in the home, usually a small number of personal computers and accessories, such as printers and mobile computing devices. An important function is the sharing of Internet access, often a broadband service through a cable TV or Digital Subscriber Line (DSL) provider. Storage area network A storage area network (SAN) is a dedicated network that provides access to consolidated, block level data storage. SANs are primarily used to make storage devices, such as disk arrays, tape libraries, and optical jukeboxes, accessible to servers so that the devices appear like locally attached devices to the operating system. A SAN typically has its own network of storage devices that are generally not accessible through the local area network by other devices. The cost and complexity of SANs dropped in the early 2000s to levels allowing wider adoption across both enterprise and small to medium sized business environments. Campus area network A campus area network (CAN) is a computer network made up of an interconnection of LANs within a limited geographical area. The networking equipment (switches, routers) and transmission media (optical fiber, copper plant, Cat5 cabling etc.) are almost entirely owned (by the campus tenant / owner: an enterprise, university, government etc.). In the case of a university campus-based campus network, the network is likely to link a variety of campus buildings including, for example, academic colleges or departments, the university library, and student residence halls. Backbone network A backbone network is part of a computer network infrastructure that interconnects various pieces of network, providing a path for the exchange of information between different LANs or subnetworks. A backbone can tie together diverse networks in the same building, in different 13 buildings in a campus environment, or over wide areas. Normally, the backbone's capacity is greater than that of the networks connected to it. A large corporation which has many locations may have a backbone network that ties all of these locations together, for example, if a server cluster needs to be accessed by different departments of a company which are located at different geographical locations. The equipment which ties these departments together constitute the network backbone. Network performance management including network congestion are critical parameters taken into account when designing a network backbone. A specific case of a backbone network is the Internet backbone, which is the set of wide-area network connections and core routers that interconnect all networks connected to the Internet. Metropolitan area network A Metropolitan area network (MAN) is a large computer network that usually spans a city or a large campus. Wide area network A wide area network (WAN) is a computer network that covers a large geographic area such as a city, country, or spans even intercontinental distances, using a communications channel that combines many types of media such as telephone lines, cables, and air waves. A WAN often uses transmission facilities provided by common carriers, such as telephone companies. WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. WAN Protocols: 14 PPP:In networking, the Point-to-Point Protocol (PPP) is a data link protocol commonly used in establishing a direct connection between two networking nodes. It can provide connection authentication, transmission encryption (using ECP, RFC 1968), and compression. PPP is used over many types of physical networks including serial cable, phone line, trunk line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also used over Internet access connections (now marketed as "broadband"). Internet service providers (ISPs) have used PPP for customer dial-up access to the Internet, since IP packets cannot be transmitted over a modem line on their own, without some data link protocol. Two encapsulated forms of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish a Digital Subscriber Line (DSL) Internet service connection with customers. PPP is commonly used as a data link layer protocol for connection over synchronous and asynchronous circuits, where it has largely superseded the older Serial Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25 protocol suite). PPP was designed to work with numerous network layer protocols, including Internet Protocol (IP), TRILL, Novell's Internetwork Packet Exchange (IPX), NBF and AppleTalk. HDLC: High-Level Data Link Control (HDLC) is a bit-oriented synchronous data link layer protocol developed by the International Organization for Standardization (ISO). The original ISO standards for HDLC are: ISO 3309 — Frame Structure ISO 4335 — Elements of Procedure ISO 6159 — Unbalanced Classes of Procedure ISO 6256 — Balanced Classes of Procedure The current standard for HDLC is ISO 13239, which replaces all of those standards. HDLC provides both connection-oriented and connectionless service. HDLC can be used for point to multipoint connections, but is now used almost exclusively to connect one device to another, using what is known as Asynchronous Balanced Mode (ABM). 15 The original master-slave modes Normal Response Mode (NRM) and Asynchronous Response Mode (ARM) are rarely used. FRAME-RELAY: Frame Relay is a standardized wide area network technology that specifies the physical and logical link layers of digital telecommunications channels using a packet switching methodology. Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure, it may be used today in the context of many other network interfaces. Network providers commonly implement Frame Relay for voice (VoFR) and data as an encapsulation technique, used between local area networks (LANs) over a wide area network (WAN). Each end-user gets a private line (or leased line) to a Frame Relay node. The Frame Relay network handles the transmission over a frequently-changing path transparent to all endusers. Frame Relay has become one of the most extensively-used WAN protocols. It is less expensive than leased lines and that is one reason for its popularity. The extreme simplicity of configuring user equipment in a Frame Relay network offers another reason for Frame Relay's popularity. With the advent of Ethernet over fiber optics, MPLS, VPN and dedicated broadband services such as cable modem and DSL, the end may loom for the Frame Relay protocol and encapsulation. However many rural areas remain lacking DSL and cable modem services. In such cases the least expensive type of non-dial-up connection remains a 64-kbit/s frame-relay line. Thus a retail chain, for instance, may use Frame Relay for connecting rural stores into their corporate WAN. ISDN: Integrated Services Digital Network (ISDN) is a set of communications standards for simultaneous digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network. It was first defined in 1988 in the CCITT red book. Prior to ISDN, the telephone system was viewed as a way to transport voice, with some special services available for data. The key feature of ISDN is that it integrates speech and data on the same lines, adding features that were not available in the classic telephone system. There are several kinds of access interfaces to ISDN defined as Basic Rate Interface (BRI), Primary Rate Interface (PRI) and Broadband ISDN (B-ISDN). 16 ISDN is a circuit-switched telephone network system, which also provides access to packet switched networks, designed to allow digital transmission of voice and data over ordinary telephone copper wires, resulting in potentially better voice quality than an analog phone can provide. It offers circuit-switched connections (for either voice or data), and packet-switched connections (for data), in increments of 64 kilobit/s. A major market application for ISDN in some countries is Internet access, where ISDN typically provides a maximum of 128 kbit/s in both upstream and downstream directions. Channel bonding can achieve a greater data rate; typically the ISDN B-channels of 3 or 4 BRIs (6 to 8 64 kbit/s channels) are bonded. ISDN should not be mistaken for its use with a specific protocol, such as Q.931 whereby ISDN is employed as the network, data-link and physical layers in the context of the OSI model. In a broad sense ISDN can be considered a suite of digital services existing on layers 1, 2, and 3 of the OSI model. ISDN is designed to provide access to voice and data services simultaneously. However, common use reduced ISDN to be limited to Q.931 and related protocols, which are a set of protocols for establishing and breaking circuit switched connections, and for advanced calling features for the user. They were introduced in 1986. In a videoconference, ISDN provides simultaneous voice, video, and text transmission between individual desktop videoconferencing systems and group (room) videoconferencing systems. Enterprise private network An enterprise private network is a network built by an enterprise to interconnect various company sites, e.g., production sites, head offices, remote offices, shops, in order to share computer resources. Virtual private network A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The data link layer protocols of the virtual network are said to be tunneled through the larger network when this is the case. One common application is secure communications through the public Internet, but a VPN need not have explicit security features, such as authentication or content encryption. VPNs, for example, can be used to 17 separate the traffic of different user communities over an underlying network with strong security features. VPN may have best-effort performance, or may have a defined service level agreement (SLA) between the VPN customer and the VPN service provider. Generally, a VPN has a topology more complex than point-to-point. Internetwork An internetwork is the connection of multiple computer networks via a common routing technology using routers. The Internet is an aggregation of many connected internetworks spanning the Earth Organizational scope Networks are typically managed by organizations which own them. According to the owner's point of view, networks are seen as intranets or extranets. A special case of network is the Internet, which has no single owner but a distinct status when seen by an organizational entity – that of permitting virtually unlimited global connectivity for a great multitude of purposes. Intranets and extranets Intranets and extranets are parts or extensions of a computer network, usually a LAN. An intranet is a set of networks, using the Internet Protocol and IP-based tools such as web browsers and file transfer applications, that is under the control of a single administrative entity. That administrative entity closes the intranet to all but specific, authorized users. Most commonly, an intranet is the internal network of an organization. A large intranet will typically have at least one web server to provide users with organizational information. An extranet is a network that is limited in scope to a single organization or entity and also has limited connections to the networks of one or more other usually, but not necessarily, trusted organizations or entities—a company's customers may be given access to some part of its intranet—while at the same time the customers may not be considered trusted from a security standpoint. Technically, an extranet may also be categorized as a CAN, MAN, WAN, or other 18 type of network, although an extranet cannot consist of a single LAN; it must have at least one connection with an external network. Internet The Internet is a global system of interconnected governmental, academic, corporate, public, and private computer networks. It is based on the networking technologies of the Internet Protocol Suite. It is the successor of the Advanced Research Projects Agency Network (ARPANET) developed by DARPA of the United States Department of Defense. The Internet is also the communications backbone underlying the World Wide Web (WWW). Participants in the Internet use a diverse array of methods of several hundred documented, and often standardized, protocols compatible with the Internet Protocol Suite and an addressing system (IP addresses) administered by the Internet Assigned Numbers Authority and address registries. Service providers and large enterprises exchange information about the reachability of their address spaces through the Border Gateway Protocol (BGP), forming a redundant worldwide mesh of transmission paths. Network interface card (NIC): A network interface controller (also known as a network interface card, network adapter, LAN adapter and by similar terms) is a computer hardware component that connects a computer to a computer network. Whereas network interface controllers were commonly implemented on expansion cards that plug into a computer bus, the low cost and ubiquity of the Ethernet standard means that most newer computers have a network interface built into the motherboard. NIC has two addresses; permanent address and local address. Permanent address is also known as physical address or MAC address and is in the form of hexa decimal (0A:2B:CA:DA:5A:3A) and cannot be changed.It is of 48 bit and this 48 bit is divided into 2 equal halfs i.e. 24 bit and 24 bit.The first 24 bit is OUI(organisational unique identifier) and second 24 bit is serial number of vendor. A Media Access Control address (MAC address) is a unique identifier assigned to network interfaces for communications on the physical network 19 segment. MAC addresses are used for numerous network technologies and most IEEE 802 network technologies, including Ethernet. Logically, MAC addresses are used in the Media Access Control protocol sub-layer of the OSI reference model. MAC addresses are most often assigned by the manufacturer of a network interface card (NIC) and are stored in its hardware, the card's read-only memory, or some other firmware mechanism. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number and may be referred to as the burned-in address. It may also be known as an Ethernet hardware address (EHA), hardware address or physical address. A network node may have multiple NICs and will then have one unique MAC address per NIC. MAC addresses are formed according to the rules of one of three numbering name spaces managed by the Institute of Electrical and Electronics Engineers (IEEE): MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names EUI-48 and EUI-64, in which EUI is an acronym for Extended Unique Identifier An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: host or network interface identification and location addressing. Its role has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there."[2] The designers of the Internet Protocol defined an IP address as a 32-bit number[1] and this system, known as Internet Protocol Version 4 (IPv4), is still in use today. However, due to the enormous growth of the Internet and the predicted depletion of available addresses, a new version of IP (IPv6), using 128 bits for the address, was developed in 1995.[3] IPv6 was standardized as RFC 2460 in 1998, and its deployment has been ongoing since the mid-2000s. IP addresses are binary numbers, but they are usually stored in text files and displayed in humanreadable notations, such as 172.16.254.1 (for IPv4), and 2001:db8:0:1234:0:567:8:1 (for IPv6). The Internet Assigned Numbers Authority (IANA) manages the IP address space allocations globally and delegates five regional Internet registries (RIRs) to allocate IP address blocks to local Internet registries (Internet service providers) and other entities. 20 Local address,also known as logical address or IP address and is in the form of decimal (192.168.1.5) and can be changed.It is of 32 bit. The NIC allows computers to communicate over a computer network. It is both an OSI layer 1 (physical layer) and layer 2 (data link layer) device, as it provides physical access to a networking medium and provides a low-level addressing system through the use of MAC addresses. It allows users to connect to each other either by using cables or wirelessly. The NIC may use one or more of four techniques to transfer data: 1. Polling is where the CPU examines the status of the peripheral under program control. 2. Programmed I/O is where the microprocessor alerts the designated peripheral by applying its address to the system's address bus. 3. Interrupt-driven I/O is where the peripheral alerts the microprocessor that it is ready to transfer data. 4. Direct memory access is where an intelligent peripheral assumes control of the system bus to access memory directly. This removes load from the CPU but requires a separate processor on the card. An Ethernet network controller typically has an 8P8C socket where the network cable is connected. Older NICs also supplied BNC, or AUI connections. A few LEDs inform the user of whether the network is active, and whether or not data transmission occurs. Ethernet network controllers typically support 10 Mbit/s Ethernet, 100 Mbit/s Ethernet, and 1000 Mbit/s Ethernet varieties. Such controllers are designated 10/100/1000 - this means they can support a notional maximum transfer rate of 10, 100 or 1000 Megabits per second. OSI Model: The Open Systems Interconnection (OSI) model is a product of the Open Systems Interconnection effort at the International Organization for Standardization. It is a prescription of characterising and standardising the functions of a communications system in terms of abstraction layers. Similar communication functions are grouped into logical layers. A layer serves the layer above it and is served by the layer below it. 21 For example, a layer that provides error-free communications across a network provides the path needed by applications above it, while it calls the next lower layer to send and receive packets that make up the contents of that path. Two instances at one layer are connected by a horizontal connection on that layer. According to recommendation X.200, there are seven layers, labeled 1 to 7, with layer 1 at the bottom. Each layer is generically known as an N layer. An "N+1 entity" (at layer N+1) requests services from an "N entity" (at layer N). At each level, two entities (N-entity peers) interact by means of the N protocol by transmitting protocol data units (PDU). A Service Data Unit (SDU) is a specific unit of data that has been passed down from an OSI layer to a lower layer, and which the lower layer has not yet encapsulated into a protocol data unit (PDU). An SDU is a set of data that is sent by a user of the services of a given layer, and is transmitted semantically unchanged to a peer service user. The PDU at a layer N is the SDU of layer N-1. In effect the SDU is the 'payload' of a given PDU. That is, the process of changing an SDU to a PDU, consists of an encapsulation process, performed by the lower layer. All the data contained in the SDU becomes encapsulated within the PDU. The layer N-1 adds headers or footers, or both, to the SDU, transforming it into a PDU of layer N-1. The added headers or footers are part of the process used to make it possible to get data from a source to a destination. Some orthogonal aspects, such as management and security, involve every layer. Security services are not related to a specific layer: they can be related by a number of layers, as defined by ITU-T X.800 Recommendation. These services are aimed to improve the CIA triad (confidentiality, integrity, and availability) of transmitted data. Actually the availability of communication service is determined by network design and/or network management protocols. Appropriate choices for these are needed to protect against denial of service. Layer 1: physical layer 22 The physical layer defines electrical and physical specifications for devices. In particular, it defines the relationship between a device and a transmission medium, such as a copper or fiber optical cable. This includes the layout of pins, voltages, cable specifications, hubs, repeaters, network adapters, host bus adapters (HBA used in storage area networks) and more. The major functions and services performed by the physical layer are: i. Establishment and termination of a connection to a communications medium. ii. Participation in the process whereby the communication resources are effectively shared among multiple users. For example, contention resolution and flow control. iii. Modulation, or conversion between the representation of digital data in user equipment and the corresponding signals transmitted over a communications channel. These are signals operating over the physical cabling (such as copper and optical fiber) or over a radio link. Parallel SCSI buses operate in this layer, although it must be remembered that the logical SCSI protocol is a transport layer protocol that runs over this bus. Various physical-layer Ethernet standards are also in this layer; Ethernet incorporates both this layer and the data link layer. The same applies to other local-area networks, such as token ring, FDDI, ITU-T G.hn and IEEE 802.11, as well as personal area networks such as Bluetooth and IEEE 802.15.4. Layer 2: data link layer The data link layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the physical layer. Originally, this layer was intended for point-to-point and point-to-multipoint media, characteristic of wide area media in the telephone system. Local area network architecture, which included broadcast-capable multiaccess media, was developed independently of the ISO work in IEEE Project 802. IEEE work assumed sublayering and management functions not required for WAN use. In modern practice, only error detection, not flow control using sliding window, is present in data link protocols such as Point-to-Point Protocol (PPP), and, on local area networks, the IEEE 802.2 LLC layer is not used for most protocols on the Ethernet, and on other local area networks, its flow control and acknowledgment mechanisms are rarely used. 23 Sliding window flow control and acknowledgment is used at the transport layer by protocols such as TCP, but is still used in niches where X.25 offers performance advantages. The ITU-T G.hn standard, which provides high-speed local area networking over existing wires (power lines, phone lines and coaxial cables), includes a complete data link layer which provides both error correction and flow control by means of a selective repeat Sliding Window Protocol. Both WAN and LAN service arrange bits, from the physical layer, into logical sequences called frames. Not all physical layer bits necessarily go into frames, as some of these bits are purely intended for physical layer functions. For example, every fifth bit of the FDDI bit stream is not used by the layer. WAN protocol architecture Connection-oriented WAN data link protocols, in addition to framing, detect and may correct errors. They are also capable of controlling the rate of transmission. A WAN data link layer might implement a sliding window flow control and acknowledgment mechanism to provide reliable delivery of frames; that is the case for Synchronous Data Link Control (SDLC) and HDLC, and derivatives of HDLC such as LAPB and LAPD. IEEE 802 LAN architecture Practical, connectionless LANs began with the pre-IEEE Ethernet specification, which is the ancestor of IEEE 802.3. This layer manages the interaction of devices with a shared medium, which is the function of a media access control (MAC) sublayer. Above this MAC sublayer is the media-independent IEEE 802.2 Logical Link Control (LLC) sublayer, which deals with addressing and multiplexing on multiaccess media. While IEEE 802.3 is the dominant wired LAN protocol and IEEE 802.11 the wireless LAN protocol, obsolescent MAC layers include Token Ring and FDDI. The MAC sublayer detects but does not correct errors. Layer 3: network layer The network layer provides the functional and procedural means of transferring variable length data sequences from a source host on one network to a destination host on a different network (in 24 contrast to the data link layer which connects hosts within the same network), while maintaining the quality of service requested by the transport layer. The network layer performs network routing functions, and might also perform fragmentation and reassembly, and report delivery errors. Routers operate at this layer, sending data throughout the extended network and making the Internet possible. This is a logical addressing scheme – values are chosen by the network engineer. The addressing scheme is not hierarchical. The network layer may be divided into three sublayers: 1. Subnetwork access – that considers protocols that deal with the interface to networks, such as X.25; 2. Subnetwork-dependent convergence – when it is necessary to bring the level of a transit network up to the level of networks on either side 3. Subnetwork-independent convergence – handles transfer across multiple networks. An example of this latter case is CLNP, or IPv6 ISO 8473. It manages the connectionless transfer of data one hop at a time, from end system to ingress router, router to router, and from egress router to destination end system. It is not responsible for reliable delivery to a next hop, but only for the detection of erroneous packets so they may be discarded. In this scheme, IPv4 and IPv6 would have to be classed with X.25 as subnet access protocols because they carry interface addresses rather than node addresses. A number of layer-management protocols, a function defined in the Management Annex, ISO 7498/4, belong to the network layer. These include routing protocols, multicast group management, network-layer information and error, and network-layer address assignment. It is the function of the payload that makes these belong to the network layer, not the protocol that carries Layer 4: transport layer The transport layer provides transparent transfer of data between end users, providing reliable data transfer services to the upper layers. The transport layer controls the reliability of a given link through flow control, segmentation/desegmentation, and error control. Some protocols are state- and connection-oriented. This means that the transport layer can keep track of the 25 segments and retransmit those that fail. The transport layer also provides the acknowledgement of the successful data transmission and sends the next data if no errors occurred. OSI defines five classes of connection-mode transport protocols ranging from class 0 (which is also known as TP0 and provides the least features) to class 4 (TP4, designed for less reliable networks, similar to the Internet). Class 0 contains no error recovery, and was designed for use on network layers that provide error-free connections. Class 4 is closest to TCP, although TCP contains functions, such as the graceful close, which OSI assigns to the session layer. Also, all OSI TP connection-mode protocol classes provide expedited data and preservation of record boundaries. Detailed characteristics of TP0-4 classes are shown in the following table Perhaps an easy way to visualize the transport layer is to compare it with a Post Office, which deals with the dispatch and classification of mail and parcels sent. Do remember, however, that a post office manages the outer envelope of mail. Higher layers may have the equivalent of double envelopes, such as cryptographic presentation services that can be read by the addressee only. Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-IP protocols such as IBM's SNA or Novell's IPX over an IP network, or end-to-end encryption with IPsec. While Generic Routing Encapsulation (GRE) might seem to be a network-layer protocol, if the encapsulation of the payload takes place only at endpoint, GRE becomes closer to a transport protocol that uses IP headers but contains complete frames or packets to deliver to an endpoint. L2TP carries PPP frames inside transport packet. Although not developed under the OSI Reference Model and not strictly conforming to the OSI definition of the transport layer, the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) of the Internet Protocol Suite are commonly categorized as layer-4 protocols within OSI. Layer 5: session layer The session layer controls the dialogues (connections) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides for full-duplex, half-duplex, or simplex operation, and establishes checkpointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for graceful close of sessions, which is a property of the Transmission Control Protocol, and also for session 26 checkpointing and recovery, which is not usually used in the Internet Protocol Suite. The session layer is commonly implemented explicitly in application environments that use remote procedure calls. On this level, Inter-Process communication happen (SIGHUP, SIGKILL, End Process, etc.). Session layer protocols: NFS: Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a network in a manner similar to how local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC) system. The Network File System is an open standard defined in RFCs, allowing anyone to implement the protocol. SQL: Microsoft SQL (structure query language) Server is a relational database management system developed by Microsoft. As a database,it is a software product whose primary function is to store and retrieve data as requested by other software applications, be it those on the same computer or those running on another computer across a network (including the Internet). There are at least a dozen different editions of Microsoft SQL Server aimed at different audiences and for different workloads (ranging from small applications that store and retrieve data on the same computer, to millions of users and computers that access huge amounts of data from the Internet at the same time). True to its name, Microsoft SQL Server's primary query languages are T-SQL and ANSI SQL. ASP: ASP(apple to x session protocol) is a bare-bones transport-layer protocol which uses IP to transmit messages to an ASP "port" at the destination host. ASP is somewhat similar to UDP in the real world. The main purpose of ASP is as a simple example, to demonstrate the infrastructure which has to be in place to implement even the simplest protocol. As such, it makes a good template for constructing other protocols. ASP itself is really not that simple, at least not until you understand the x-kernel. LPC: The Local Procedure Call (LPC, often also referred to as Lightweight Procedure Call or Local Inter-Process Communication) is an internal, undocumented inter-process communication facility provided by the Microsoft Windows NT kernel for lightweight IPC between processes on the same computer. As of Windows Vista, LPC has been rewritten as Advanced Local Procedure 27 Call (ALPC) in order to provide a high-speed scalable communication mechanism required to efficiently implement User-Mode Driver Framework, whose user-mode parts require an efficient communication channel with UMDF's components in the executive. The (A)LPC interface is part of Windows NT's undocumented Native API, and as such is not available to applications for direct use. However, it can be used indirectly in the following instances: a) when using Remote Procedure Call API to communicate locally, i.e. between the processes on the same machine b) by calling Windows API which use (A)LPC (see below) RPC: In computer science, a remote procedure call (RPC) is an inter-process communication that allows a computer program to cause a subroutine or procedure to execute in another address space (commonly on another computer on a shared network) without the programmer explicitly coding the details for this remote interaction. That is, the programmer writes essentially the same code whether the subroutine is local to the executing program, or remote. When the software in question uses object-oriented principles, RPC is called remote invocation or remote method invocation. Layer 6: presentation layer The presentation layer establishes context between application-layer entities, in which the higher-layer entities may use different syntax and semantics if the presentation service provides a mapping between them. If a mapping is available, presentation service data units are encapsulated into session protocol data units, and passed down the stack. This layer provides independence from data representation (e.g., encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network. It is sometimes called the syntax layer. The original presentation structure used the basic encoding rules of Abstract Syntax Notation One (ASN.1), with capabilities such as converting an EBCDIC-coded text file to an ASCIIcoded file, or serialization of objects and other data structures from and to XML. 28 Layer 7: application layer The application layer is the OSI layer closest to the end user, which means that both the OSI application layer and the user interact directly with the software application. This layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronizing communication. When identifying communication partners, the application layer determines the identity and availability of communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network or the requested communication exist. In synchronizing communication, all communication between applications requires cooperation that is managed by the application layer. Some examples of application-layer implementations also include: 1. On OSI stack: a. FTAM File Transfer and Access Management Protocol b. X.400 Mail c. Common Management Information Protocol (CMIP) 2. On TCP/IP stack: a. Hypertext Transfer Protocol (HTTP), b. File Transfer Protocol (FTP), c. Simple Mail Transfer Protocol (SMTP) d. Simple Network Management Protocol (SNMP). OSI Model Data unit Layer Function Host layers Data 7. Application Network process to application 6. Presentation Data representation, encryption and decryption, convert machine dependent data to machine independent data 5. Session Interhost communication, managing sessions between applications Segments 4. Transport End-to-end connections, reliability and flow control Media layers Packet/Datagram 3. Network Path determination and logical addressing Frame 2. Data link Physical addressing Bit 1. Physical Media, signal and binary transmission 29 Protocols: HTTP: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web. Hypertext is a multi-linear set of objects, building a network by using logical links (the so-called hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol to exchange or transfer hypertext. The standards development of HTTP was coordinated by the Internet Engineering Task Force (IETF) and the World Wide Web Consortium (W3C), culminating in the publication of a series of Requests for Comments (RFCs), most notably RFC 2616 (June 1999), which defines HTTP/1.1, the version of HTTP in common use. 30 HTTPS: Hypertext Transfer Protocol Over Secure Socket (HTTPS) is a widely-used communications protocol for secure communication over a computer network, with especially wide deployment on the Internet. Technically, it is not a protocol in itself; rather, it is the result of simply layering the Hypertext Transfer Protocol (HTTP) on top of the SSL/TLS protocol, thus adding the security capabilities of SSL/TLS to standard HTTP communications. In its popular deployment on the internet, HTTPS provides authentication of the web site and associated web server that one is communicating with, which protects against Man-in-the-middle attacks. Additionally, it provides bidirectional encryption of communications between a client and server, which protects against eavesdropping and tampering with and/or forging the contents of the communication. In practice, this provides a reasonable guarantee that one is communicating with precisely the web site that one intended to communicate with (as opposed to an impostor), as well as ensuring that the contents of communications between the user and site cannot be read or forged by any third party. Because HTTPS piggybacks HTTP entirely on top of TLS, the entirety of the underlying HTTP protocol is encrypted. This includes the request URL (which particular web page which was requested), query parameters, headers, and cookies (which often contain identity information about the user). However, because host addresses and port numbers are necessarily part of the underlying TCP/IP protocols, HTTPS cannot protect their disclosure. In practice this means that eavesdroppers can infer the identity of the server (web site) that one is communicating with as well as the amount and duration of the communication, though not the content of the communication. Historically, HTTPS connections were primarily used for payment transactions on the World Wide Web, e-mail and for sensitive transactions in corporate information systems. In the late 2000s and early 2010s, HTTPS began to see widespread use for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private. HTTPS is especially important over unencrypted Wi-fi as it is completely insecure by design and attacks on unencrypted Wi-fi networks are relatively common. Another example where HTTPS is important is connections over Tor (anonymity network), as malicious Tor nodes can damage or alter the contents passing through them in an insecure fashion and inject malware into the 31 connection. This is one reason why EFF and Torproject started the development of HTTPS Everywhere, which is included in the Tor Browser Bundle. A site must be completely hosted over HTTPS, without having some of its contents loaded over HTTP or the user will be vulnerable to some attacks and surveillance. Similarly, cookies on a site served through HTTPS have to have the secure attribute enabled. A common misconception is that HTTPS is performance heavy and cannot be deployed on existing equipment. This isn't true; deploying HTTPS requires no additional equipment or special hardware. Deploying HTTPS also allows the use of SPDY, which is designed to reduce page load times and latency. It is recommended to use HTTP Strict Transport Security with HTTPS to protect users from man-in-the-middle attacks. POP: In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection. POP and IMAP (Internet Message Access Protocol) are the two most prevalent Internet standard protocols for e-mail retrieval. Virtually all modern e-mail clients and servers support both. The POP protocol has been developed through several versions, with version 3 (POP3) being the current standard. Most webmail service providers such as Hotmail, Gmail and Yahoo! Mail also provide IMAP and POP3 service. IMAP: Internet message access protocol (IMAP) is one of the two most prevalent Internet standard protocols for e-mail retrieval, the other being the Post Office Protocol (POP). Virtually all modern e-mail clients and mail servers support both protocols as a means of transferring email messages from a server. FTP: File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over a TCP-based network, such as the Internet. It is often used to upload web pages and other documents from a private development machine to a public web-hosting server. FTP is built on a client-server architecture and uses separate control and data connections between the client and the server. FTP users may authenticate themselves using a clear-text signin protocol, normally in the form of a username and password, but can connect anonymously if 32 the server is configured to allow it. For secure transmission that hides (encrypts) the username and password, and encrypts the content, SSH File Transfer Protocol may be used. The first FTP client applications were interactive command-line tools, implementing standard commands and syntax. Graphical user interfaces have since been developed for many of the popular desktop operating systems in use today, including general web design programs like Microsoft Expression Web, and specialist FTP clients such as CuteFTP. TFTP:Trivial File Transfer Protocol (TFTP) is a file transfer protocol notable for its simplicity. It is generally used for automated transfer of configuration or boot files between machines in a local environment. Compared to FTP, TFTP is extremely limited, providing no authentication, and is rarely used interactively by a user. Due to its simple design, TFTP could be implemented using a very small amount of memory. It is therefore useful for booting computers such as routers which may not have any data storage devices. It is an element of the Preboot Execution Environment (PXE) network boot protocol, where it is implemented in the firmware ROM / NIJARAM of the host's network card. It is also used to transfer small amounts of data between hosts on a network, such as IP phone firmware or operating system images when a remote X Window System terminal or any other thin client boots from a network host or server. The initial stages of some network based installation systems (such as Solaris Jumpstart, Red Hat Kickstart, Symantec Ghost and Windows NT's Remote Installation Services) use TFTP to load a basic kernel that performs the actual installation. TFTP was first defined in 1980 by IEN 133. It is currently defined by RFC 1350. There have been some extensions to the TFTP protocol documented in later RFC's (see the section on Extensions, below). TFTP is based in part on the earlier protocol EFTP, which was part of the PUP protocol suite. TFTP support appeared first as part of 4.3 BSD. Due to the lack of security, it is dangerous to use it over the Internet. Thus, TFTP is generally only used on private, local networks. SMTP: Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (email) transmission across Internet Protocol (IP) networks. SMTP was first defined by RFC 821 33 (1982, eventually declared STD 10), and last updated by RFC 5321 (2008) which includes the extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP uses TCP port 25. The protocol for new submissions (MSA) is effectively the same as SMTP, but it uses port 587 instead. SMTP connections secured by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in its own right. While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail applications typically only use SMTP for sending messages to a mail server for relaying. For receiving messages, client applications usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system (such as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a mail server. SNMP: Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing devices on IP networks." Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks, and more."It is used mostly in network management systems to monitor network-attached devices for conditions that warrant administrative attention. SNMP is a component of the Internet Protocol Suite as defined by the Internet Engineering Task Force (IETF). It consists of a set of standards for network management, including an application layer protocol, a database schema, and a set of data objects. SNMP exposes management data in the form of variables on the managed systems, which describe the system configuration. These variables can then be queried (and sometimes set) by managing applications. DNS: The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. A Domain Name Service resolves queries for these names into IP addresses for the purpose of locating computer services and devices worldwide. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet. 34 An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the addresses 192.0.43.10 (IPv4) and 2620:0:2d0:200::10 (IPv6). Unlike a phone book, however, DNS can be quickly updated and these updates distributed, allowing a service's location on the network to change without affecting the end users, who continue to use the same hostname. Users take advantage of this when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how the computer actually locates the services. The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated. Additionally, the responsibility for maintaining and updating the master record for the domains is spread among many domain name registrars, who compete for the end-user's, domain-owner's, business. Domains can be moved from registrar to registrar at any time. The Domain Name System also specifies the technical functionality of this database service. It defines the DNS protocol, a detailed specification of the data structures and communication exchanges used in DNS, as part of the Internet Protocol Suite. Tel net: Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. User data is interspersed in-band with Telnet control information in an 8-bit byte oriented data connection over the Transmission Control Protocol (TCP). Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet standards. Historically, Telnet provided access to a command-line interface (usually, of an operating system) on a remote host. Most network equipment and operating systems with a TCP/IP stack 35 support a Telnet service for remote configuration (including systems based on Windows NT). Because of security issues with Telnet, its use for this purpose has waned in favor of SSH. The term telnet may also refer to the software that implements the client part of the protocol. Telnet client applications are available for virtually all computer platforms. Telnet is also used as a verb. To telnet means to establish a connection with the Telnet protocol, either with command line client or with a programmatic interface. For example, a common directive might be: "To change your password, telnet to the server, log in and run the passwd command." Most often, a user will be telnetting to a Unix-like server system or a network device (such as a router) and obtain a login prompt to a command line text interface or a character-based full-screen manager. NTP: Network Time Protocol (NTP) is a networking protocol for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in use. NTP was originally designed by David L. Mills of the University of Delaware, who still develops and maintains it with a team of volunteers. NTP uses the User Datagram Protocol (UDP) on port number 123. NTP is not related to the simpler Daytime Protocol (RFC 867) or the Time Protocol (RFC 868). DHCP: The Dynamic Host Configuration Protocol (DHCP) is a network configuration protocol for hosts on Internet Protocol (IP) networks. Computers that are connected to IP networks must be configured before they can communicate with other hosts. The most essential information needed is an IP address, and a default route and routing prefix. DHCP eliminates the manual task by a network administrator. It also provides a central database of devices that are connected to the network and eliminates duplicate resource assignments. In addition to IP addresses, DHCP also provides other configuration information, particularly the IP addresses of local Domain Name Server (DNS), network boot servers, or other service hosts. DHCP is used for IPv4 as well as IPv6. While both versions serve much the same purpose, the details of the protocol for IPv4 and IPv6 are sufficiently different that they may be considered separate protocols. 36 Hosts that do not use DHCP for address configuration may still use it to obtain other configuration information. Alternatively, IPv6 hosts may use stateless address autoconfiguration. IPv4 hosts may use link-local addressing to achieve limited local connectivity. Networking devices: HUB: An Ethernet hub, active hub, network hub, repeater hub, multiport repeater or hub is a device for connecting multiple Ethernet devices together and making them act as a single network segment. It has multiple input/output (I/O) ports, in which a signal introduced at the input of any port appears at the output of every port except the original incoming. A hub works at the physical layer (layer 1) of the OSI model. The device is a form of multiport repeater. Repeater hubs also participate in collision detection, forwarding a jam signal to all ports if it detects a collision. Some hubs may also come with a BNC and/or Attachment Unit Interface (AUI) connector to allow connection to legacy 10BASE2 or 10BASE5 network segments. The availability of lowpriced network switches has largely rendered hubs obsolete but they are still seen in 20th century installations and more specialized applications. A network hub is an unsophisticated device in comparison with, for example, a switch. A hub does not examine or manage any of the traffic that comes through it: any packet entering any port is rebroadcast on all other ports. Effectively, it is barely aware of frames or packets and mostly operates on raw bits. Consequently, packet collisions are more frequent in networks connected using hubs than in networks connected using more sophisticated devices. 100 Mbit/s hubs and repeaters come in two different speed grades: Class I delay the signal for a maximum of 140 bit times (enabling translation between 100Base-TX, 100Base-FX and 100Base-T4) and Class II hubs delay the signal for a maximum of 92 bit times (enabling installation of two hubs in a single collision domain). The need for hosts to be able to detect collisions limits the number of hubs and the total size of a network built using hubs (a network built using switches does not have these limitations). For 10 Mbit/s networks built using repeater hubs, the 5-4-3 rule must be followed: up to 5 segments (4 hubs) are allowed between any two end stations. For 10BASE-T networks, up to five 37 segments and four repeaters are allowed between any two hosts. For 100 Mbit/s networks, the limit is reduced to 3 segments (2 hubs) between any two end stations, and even that is only allowed if the hubs are of Class II. Some hubs have manufacturer specific stack ports allowing them to be combined in a way that allows more hubs than simple chaining through Ethernet cables, but even so, a large fast Ethernet network is likely to require switches to avoid the chaining limits of hubs. Most hubs detect typical problems, such as excessive collisions and jabbering on individual ports, and partition the port, disconnecting it from the shared medium. Thus, hub-based twistedpair Ethernet is generally more robust than coaxial cable-based Ethernet (e.g. 10BASE2), where a misbehaving device can adversely affect the entire collision domain. Even if not partitioned automatically, a hub simplifies troubleshooting because hubs remove the need to troubleshoot faults on a long cable with multiple taps; status lights on the hub can indicate the possible problem source or, as a last resort, devices can be disconnected from a hub one at a time much more easily than from a coaxial cable. Hubs are classified as physical layer devices in the OSI model. At the physical layer, hubs support little in the way of sophisticated networking. Hubs do not read any of the data passing through them and are not aware of their source or destination addressing. A hub simply receives incoming Ethernet frames, regenerates the electrical signal on the bit (more precisely the symbol) level, and broadcasts these symbols out to all other devices on the network. To pass data through the repeater in a usable fashion from one segment to the next, the framing and data rate must be the same on each segment. This means that a repeater cannot connect an 802.3 segment (Ethernet) and an 802.5 segment (Token Ring) or a 10 MBit/s segment to 100 MBit/s Ethernet. SWITCH: A network switch or switching hub is a computer networking device that connects network segments or network devices. The term commonly refers to a multi-port network bridge that processes and routes data at the data link layer (layer 2) of the OSI model. Switches that additionally process data at the network layer (layer 3) and above are often referred to as layer-3 switches or multilayer switches. The first Ethernet switch was introduced by Kalpana in 1990 38 Layer 1 hubs versus higher-layer switches A network hub, or repeater, is a simple network device. Hubs do not manage any of the traffic that comes through them. Any packet entering a port is broadcast out or "repeated" on every other port, except for the port of entry. Since every packet is repeated on every other port, packet collisions affect the entire network, limiting its capacity. There are specialized applications where a hub can be useful, such as copying traffic to multiple network sensors. High end switches have a feature which does the same thing called port mirroring. By the early 2000s, there was little price difference between a hub and a low-end switch. Layer 2 A network bridge, operating at the data link layer, may interconnect a small number of devices in a home or the office. This is a trivial case of bridging, in which the bridge learns the MAC address of each connected device. Single bridges also can provide extremely high performance in specialized applications such as storage area networks. Classic bridges may also interconnect using a spanning tree protocol that disables links so that the resulting local area network is a tree without loops. In contrast to routers, spanning tree bridges must have topologies with only one active path between two points. The older IEEE 802.1D spanning tree protocol could be quite slow, with forwarding stopping for 30 seconds while the spanning tree would reconverge. A Rapid Spanning Tree Protocol was introduced as IEEE 802.1w, but the newest edition of IEEE 802.1D adopts the 802.1w extensions as the base standard. The IETF is specifying the TRILL protocol, which is the application of link-state routing technology to the layer-2 bridging problem. Devices which implement TRILL, called RBridges, combine the best features of both routers and bridges. While layer 2 switch remains more of a marketing term than a technical term,[citation needed] the products that were introduced as "switches" tended to use microsegmentation and Full duplex to 39 prevent collisions among devices connected to Ethernet. By using an internal forwarding plane much faster than any interface, they give the impression of simultaneous paths among multiple devices. 'Non-blocking' devices use a forwarding plane or equivalent method fast enough to allow full duplex traffic for each port simultaneously. Once a bridge learns the topology through a spanning tree protocol, it forwards data link layer frames using a layer 2 forwarding method. There are four forwarding methods a bridge can use, of which the second through fourth method were performance-increasing methods when used on "switch" products with the same input and output port bandwidths: 1. Store and forward: The switch buffers and verifies each frame before forwarding it. 2. Cut through: The switch reads only up to the frame's hardware address before starting to forward it. Cut-through switches have to fall back to store and forward if the outgoing port is busy at the time the packet arrives. There is no error checking with this method. 3. Fragment free: A method that attempts to retain the benefits of both store and forward and cut through. Fragment free checks the first 64 bytes of the frame, where addressing information is stored. According to Ethernet specifications, collisions should be detected during the first 64 bytes of the frame, so frames that are in error because of a collision will not be forwarded. This way the frame will always reach its intended destination. Error checking of the actual data in the packet is left for the end device. 4. Adaptive switching: A method of automatically selecting between the other three modes. While there are specialized applications, such as storage area networks, where the input and output interfaces are the same bandwidth, this is not always the case in general LAN applications. In LANs, a switch used for end user access typically concentrates lower bandwidth and uplinks into a higher bandwidth. Layer 3 Within the confines of the Ethernet physical layer, a layer-3 switch can perform some or all of the functions normally performed by a router. The most common layer-3 capability is awareness of IP multicast through IGMP snooping. With this awareness, a layer-3 switch can increase efficiency by delivering the traffic of a multicast group only to ports where the attached device has signaled that it wants to listen to that group. 40 Layer 4 While the exact meaning of the term layer-4 switch is vendor-dependent, it almost always starts with a capability for network address translation, but then adds some type of load distribution based on TCP sessions. The device may include a stateful firewall, a VPN concentrator, or be an IPSec security gateway. Layer 7 Layer-7 switches may distribute loads based on Uniform Resource Locator URL or by some installation-specific technique to recognize application-level transactions. A layer-7 switch may include a web cache and participate in a content delivery network. BRIDGE: Bridging is a forwarding technique used in packet-switched computer networks. Unlike routing, bridging makes no assumptions about where in a network a particular address is located. Instead, it depends on flooding and examination of source addresses in received packet headers to locate unknown devices. Once a device has been located, its location is recorded in a table where the source address is stored so as to avoid the need for further flooding. The utility of bridging is limited by its dependence on flooding, and is thus only used in local area networks. A network bridge connects multiple network segments at the data link layer (Layer 2) of the OSI model. Bridges can limit traffic on each segment, reduce bottlenecks, connect different network architectures and forward frames between segments. In Ethernet networks, the term bridge formally means a device that behaves according to the IEEE 802.1D standard. A bridge and a switch are very much alike; a switch being a bridge with numerous ports. Switch or Layer 2 switch is often used interchangeably with bridge. Bridging generally refers to transparent bridging or learning bridge operation which predominates in Ethernet. Another form of bridging, source route bridging, was developed for token ring networks. GATEWAY: A network gateway is an internetworking system capable of joining together two networks that use different base protocols. A network gateway can be implemented completely 41 in software, completely in hardware, or as a combination of both. Depending on the types of protocols they support, network gateways can operate at any level of the OSI model. Because a network gateway, by definition, appears at the edge of a network, related capabilities like firewalls tend to be integrated with it. On home networks, a broadband router typically serves as the network gateway although ordinary computers can also be configured to perform equivalent functions. ROUTER: Routers are physical devices that join multiple wired or wireless networks together. Technically, a wired or wireless router is a Layer 3 gateway, meaning that the wired/wireless router connects networks (as gateways do), and that the router operates at the network layer of the OSI model. Home networkers often use an Internet Protocol (IP) wired or wireless router, IP being the most common OSI network layer protocol. An IP router such as a DSL or cable modem broadband router joins the home's local area network (LAN) to the wide-area network (WAN) of the Internet. By maintaining configuration information in a piece of storage called the routing table, wired or wireless routers also have the ability to filter traffic, either incoming or outgoing, based on the IP addresses of senders and receivers. Some routers allow the home networker to update the routing table from a Web browser interface. Broadband routers combine the functions of a router with those of a network switch and a firewall in a single unit. Bellman–Ford algorithm computes single-source shortest paths in a weighted digraph. For graphs with only non-negative edge weights, the faster Dijkstra's algorithm also solves the problem. Thus, Bellman–Ford is used primarily for graphs with negative edge weights. The algorithm is named after its developers, Richard Bellman and Lester Ford, Jr. If a graph contains a "negative cycle", i.e., a cycle whose edges sum to a negative value, then walks of arbitrarily low weight can be constructed by repeatedly following the cycle, so there may not be a shortest path. Bellman-Ford can detect negative cycles and report their existence, but it cannot produce a correct answer if a negative cycle is reachable from the source. 42 According to Robert Sedgewick, "Negative weights are not merely a mathematical curiosity; arise in a natural way when we reduce other problems to shortest-paths problems". Let G be a graph containing a negative cycle. One NP-Complete variant of the shortest-path problem asks for the shortest path in G (containing a negative cycle) such that no edge is repeated. Sedgewick gives a reduction from the Hamiltonian path problem to this variant of the problem. Dijkstra's algorithm, conceived by Dutch computer scientist Edsger Dijkstra in 1956 and published in 1959, is a graph search algorithm that solves the single-source shortest path problem for a graph with nonnegative edge path costs, producing a shortest path tree. This algorithm is often used in routing and as a subroutine in other graph algorithms. For a given source vertex (node) in the graph, the algorithm finds the path with lowest cost (i.e. the shortest path) between that vertex and every other vertex. It can also be used for finding costs of shortest paths from a single vertex to a single destination vertex by stopping the algorithm once the shortest path to the destination vertex has been determined. For example, if the vertices of the graph represent cities and edge path costs represent driving distances between pairs of cities connected by a direct road, Dijkstra's algorithm can be used to find the shortest route between one city and all other cities. As a result, the shortest path first is widely used in network routing protocols, most notably IS-IS and OSPF (Open Shortest Path First). Dijkstra's original algorithm does not use a min-priority queue and runs in O(|V|2). The idea of this algorithm is also given in (Leyzorek et al. 1957). The implementation based on a minpriority queue implemented by a Fibonacci heap and running in O(|E| + |V| log |V|) is due to (Fredman & Tarjan 1984). This is asymptotically the fastest known single-source shortest-path algorithm for arbitrary directed graphs with unbounded nonnegative weights. (For an overview of earlier shortest path algorithms and later improvements and adaptations, see: Single-source shortest-paths algorithms for directed graphs with nonnegative weights.) BROUTER: A bridge router or brouter is a network device that works as a bridge and as a router. The brouter routes packets for known protocols and simply forwards all other packets as a bridge would. 43 Brouters operate at both the network layer for routable protocols and at the data link layer for non-routable protocols. As networks continue to become more complex, a mix of routable and non-routable protocols has led to the need for the combined features of bridges and routers. Brouters handle both routable and non-routable features by acting as routers for routable protocols and bridges for non-routable protocols. Bridged protocols might propagate throughout the network, but techniques such as filtering and learning might be used to reduce potential congestion. Brouters are used as connecting devices in the networking system, so it acts as a bridge in a network and as a router in an internetwork. FIREWALL: A firewall can either be software-based or hardware-based and is used to help keep a network secure. Its primary objective is to control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. A network's firewall builds a bridge between an internal network that is assumed to be secure and trusted, and another network, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted. Many personal computer operating systems include software-based firewalls to protect against threats from the public Internet. Many routers that pass data between networks contain firewall components and, conversely, many firewalls can perform basic routing functions. Some other connecting devices are RJ45, RJ11, RS232, RJ56, V35 and EIA/TIA. IP addressing: It is a 32 bit identifier which represents the address or logical address of host in our network. It is in the form of decimal. It is divided into four parts. Each part is of 8 bit. Class A : 0 to 127 (0.0.0.0 – 127.255.255.255) 127.255.255.255 Loop back address Class B: 128 to 191 44 (128.0.0.0 – 191.255.255.255) Class C: 192 to 223 (192.0.0.0 – 223.255.255.255) Class D: 224 – 239 Used for multicast (224.0.0.0 – 239.255.255.255) And Class E: 240 – 255 Research purpose (240.0.0.0 – 255.255.255.255) IANA (internet assign number authority) RIR (regional internet registry) ISP (internet service provider) user IP address Private IP APIPA Public IP 45 IANA: The Internet Assigned Numbers Authority (IANA) is the entity that oversees global IP address allocation, autonomous system number allocation, root zone management in the Domain Name System (DNS), media types, and other Internet Protocol-related symbols and numbers. IANA is a department operated by the Internet Corporation for Assigned Names and Numbers, also known as ICANN. Prior to the establishment of ICANN for this purpose, IANA was administered primarily by Jon Postel at the Information Sciences Institute (ISI) of the University of Southern California (USC), under a contract USC/ISI had with the United States Department of Defense, until ICANN was created to assume the responsibility under a United States Department of Commerce contract. RIR: A regional Internet registry (RIR) is an organization that manages the allocation and registration of Internet number resources within a particular region of the world. Internet number resources include IP addresses and autonomous system (AS) numbers. The Regional Internet Registry system evolved over time, eventually dividing the world into five RIRs: African Network Information Centre (AfriNIC) for Africa American Registry for Internet Numbers (ARIN) for the United States, Canada, several parts of the Caribbean region, and Antarctica. Asia-Pacific Network Information Centre (APNIC) for Asia, Australia, New Zealand, and neighboring countries Latin America and Caribbean Network Information Centre (LACNIC) for Latin America and parts of the Caribbean region Réseaux IP Européens Network Coordination Centre (RIPE NCC) for Europe, Russia, the Middle East, and Central Asia ISP: An Internet service provider (ISP) is an organization that provides access to the Internet. Internet service providers can be either community-owned and non-profit, or privately owned and for-profit. Access ISPs directly connect clients to the Internet using copper wires, wireless or fiber-optic connections. Hosting ISPs lease server space for smaller businesses and other people (colocation). Transit ISPs provide large amounts of bandwidth for connecting hosting ISPs to access ISPs. 46 Subnet Mask: A subnet mask is a bitmask that encodes the prefix length in quad-dotted notation: 32 bits, starting with a number of 1 bits equal to the prefix length, ending with 0 bits, and encoded in four-part dotted-decimal format. A subnet mask encodes the same information as a prefix length, but predates the advent of CIDR. However, in CIDR notation, the prefix bits are always contiguous, whereas subnet masks may specify non-contiguous bits. However, this has no practical advantage for increasing efficiency. A mask used to determine what subnet an IP address belongs to. An IP address has two components, the network address and the host address. For example, consider the IP address 150.215.017.009. Assuming this is part of a Class B network, the first two numbers (150.215) represent the Class B network address, and the second two numbers (017.009) identify a particular host on this network. Subnetting enables the network administrator to further divide the host part of the address into two or more subnets. In this case, a part of the host address is reserved to identify the particular subnet. This is easier to see if we show the IP address in binary format. The full address is: 10010110.11010111.00010001.00001001 The Class B network part is: 10010110.11010111 and the host address is 00010001.00001001 If this network is divided into 14 subnets, however, then the first 4 bits of the host address (0001) are reserved for identifying the subnet. The subnet mask is the network address plus the bits reserved for identifying the subnetwork. (By convention, the bits for the network address are all set to 1, though it would also work if the bits were set exactly as in the network address.) In this case, therefore, the subnet mask would be 11111111.11111111.11110000.00000000. It's called a mask because it can be used to identify 47 the subnet to which an IP address belongs by performing a bitwise AND operation on the mask and the IP address. The result is the subnetwork address: Subnet Mask 255.255.240.000 11111111.11111111.11110000.00000000 IP Address 150.215.017.009 10010110.11010111.00010001.00001001 Subnet Address 150.215.016.000 10010110.11010111.00010000.00000000 The subnet address, therefore, is 150.215.016.000. Moreover it is a 32 bit identifier that defines network ID and host ID. N H H H A : 255 . 0 . 0 . 0 N N H H N- network B: 255 . 255 . 0 . 0 N N N H- host H C: 255 . 255 . 255 . 0 IP: 192.168.5.50 SM: 255.255.255.0 192.168.1.0 NID 192.168.1.1 - - - - - - - - - - - - - - - - - 192.168.1.255 BID SUBNETTING CIDR CIDR – Classless inter domain routing VLSM VLSM – Variable length subnet mask 48 Classless Inter-Domain Routing (CIDR) It is a method for allocating IP addresses and routing Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous addressing architecture of classful network design in the Internet. Their goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses. IP addresses are described as consisting of two groups of bits in the address: the more significant part is the network address, which identifies a whole network or subnet, and the less significant portion is the host identifier, which specifies a particular interface of a host on that network. This division is used as the basis of traffic routing between IP networks and for address allocation policies. Classful network design for IPv4 sized the network address as one or more 8-bit groups, resulting in the blocks of Class A, B, or C addresses. Classless Inter-Domain Routing allocates address space to Internet service providers and end users on any address bit boundary, instead of on 8-bit segments. In IPv6, however, the interface identifier has a fixed size of 64 bits by convention, and smaller subnets are never allocated to end users. CIDR notation is a syntax of specifying IP addresses and their associated routing prefix. It appends to the address a slash character and the decimal number of leading bits of the routing prefix, e.g., 192.0.2.0/24 for IPv4, and 2001:db8::/32 for IPv6. Variable Length Subnet Mask (VLSM) It is a means of allocating IP addressing resources to subnets according to their individual need rather than some general network-wide rule.Subnet masks are used by hosts to determine network gateways and broadcast addresses.The Internet's explosive growth eventually required the more efficient use of the IP address space available. Variable Length Subnet Masking is a technique used to allow more efficient assignment of IP addresses. Originally Internet addresses were carved up into small, medium and large size blocks of contiguous addresses based on the values of the first four bits in the first octet of the IP address. These were often referred to as classful addresses. By carving classful address blocks into smaller classless blocks, you waste fewer addresses. The process of carving out smaller blocks from the larger blocks was called subnetting. CIDR Table: 49 Subnet Mask CIDR value Total IP's Binary Values 255.255.255.255 /32 1 11111111.11111111.11111111.11111111 255.255.255.254 /31 2 11111111.11111111.11111111.11111110 255.255.255.252 /30 4 11111111.11111111.11111111.11111100 255.255.255.248 /29 8 11111111.11111111.11111111.11111000 255.255.255.240 /28 16 11111111.11111111.11111111.11110000 255.255.255.224 /27 32 11111111.11111111.11111111.11100000 255.255.255.192 /26 64 11111111.11111111.11111111.11000000 255.255.255.128 /25 128 11111111.11111111.11111111.10000000 255.255.255.0 /24 256 11111111.11111111.11111111.00000000 255.255.254.0 /23 512 11111111.11111111.11111110.00000000 255.255.252.0 /22 1024 11111111.11111111.11111100.00000000 255.255.248.0 /21 2048 11111111.11111111.11111000.00000000 255.255.240.0 /20 4096 11111111.11111111.11110000.00000000 255.255.224.0 /19 8192 11111111.11111111.11100000.00000000 255.255.192.0 /18 16,384 11111111.11111111.11000000.00000000 255.255.128.0 /17 32,768 11111111.11111111.10000000.00000000 255.255.0.0 /16 65,536 11111111.11111111.00000000.00000000 255.254.0.0 /15 131,072 11111111.11111110.00000000.00000000 255.252.0.0 /14 262,144 11111111.11111100.00000000.00000000 255.248.0.0 /13 524,288 11111111.11111000.00000000.00000000 255.240.0.0 /12 1,048,576 11111111.11110000.00000000.00000000 255.224.0.0 /11 2,097,152 11111111.11100000.00000000.00000000 255.192.0.0 /10 4,194,304 11111111.11000000.00000000.00000000 255.128.0.0 /9 8,388,608 11111111.10000000.00000000.00000000 255.0.0.0 /8 16,777,216 11111111.00000000.00000000.00000000 254.0.0.0 /7 33,554,432 11111110.00000000.00000000.00000000 50 Subnet Mask CIDR value Total IP's Binary Values 252.0.0.0 /6 67,108,864 11111100.00000000.00000000.00000000 248.0.0.0 /5 134,217,728 11111000.00000000.00000000.00000000 240.0.0.0 /4 268,435,456 11110000.00000000.00000000.00000000 224.0.0.0 /3 536,870,912 11100000.00000000.00000000.00000000 192.0.0.0 /2 1,073,741,824 11000000.00000000.00000000.00000000 128.0.0.0 /1 2,147,483,648 10000000.00000000.00000000.00000000 0.0.0.0 /0 4,294,967,296 00000000.00000000.00000000.00000000 CABLING COAXIAL TWISTED PAIR UTP FIBRE OPTICS STP (unshielded twisted pair) STRAIGHT THROUGH (shielded twisted pair) CROSS OVER ROLLED OVER OR CONSOLE 568 A ETA/TIA 568 B 51 A cable is most often two or more wires running side by side and bonded, twisted or braided together to form a single assembly, but can also refer to a heavy strong rope. In mechanics cables, otherwise known as wire ropes, are used for lifting, hauling and towing or conveying force through tension. In electrical engineering cables are used to carry electric currents. An optical cable contains one or more optical fibers in a protective jacket that supports the fibers. Electric cables discussed here are mainly meant for installation in buildings and industrial sites. For power transmission at distances greater than a few kilometres see high-voltage cable, power cables and HVDC. Cable is the medium through which information usually moves from one network device to another. There are several types of cable which are commonly used with LANs. In some cases, a network will utilize only one type of cable, other networks will use a variety of cable types. The type of cable chosen for a network is related to the network's topology, protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of a network is necessary for the development of a successful network. Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted pair (UTP) is the most popular and is generally the best option for school networks. The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help eliminate interference from adjacent pairs and other electrical devices. The tighter the twisting, the higher the supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire (additional categories are emerging). Unshielded Twisted Pair Connector: The standard connector for unshielded twisted pair cabling is an RJ-45 connector. This is a plastic connector that looks like a large telephone-style connector (See fig. 2). A slot allows the RJ-45 to be inserted only one way. RJ stands for Registered Jack, implying that the connector follows a standard borrowed from the telephone industry. This standard designates which wire goes with each pin inside the connector. 52 Shielded Twisted Pair (STP) Cable : Although UTP cable is the least expensive cable, it may be susceptible to radio and electrical frequency interference (it should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the maximum distance of the cables. Shielded twisted pair cable is available in three different configurations: 1. Each pair of wires is individually shielded with foil. 2. There is a foil or braid shield inside the jacket covering all wires (as a group). 3. There is a shield around each individual pair, as well as around the entire group of wires (referred to as double shield twisted pair). Coaxial Cable Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation between the center conductor and a braided metal shield. The metal shield helps to block any outside interference from fluorescent lights, motors, and other computers. Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support greater cable lengths between network devices than twisted pair cable. The two types of coaxial cabling are thick coaxial and thin coaxial. Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin coaxial cable carrying Ethernet signals. The 2 refers to the approximate maximum segment length being 200 meters. In actual fact the maximum segment length is 185 meters. Thin coaxial cable has been popular in school networks, especially linear bus networks. Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for thick coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great choice when running longer lengths 53 in a linear bus network. One disadvantage of thick coaxial is that it does not bend easily and is difficult to install. Fiber Optic Cable Fiber optic cabling consists of a center glass core surrounded by several layers of protective materials. It transmits light rather than electronic signals eliminating the problem of electrical interference. This makes it ideal for certain environments that contain a large amount of electrical interference. It has also made it the standard for connecting networks between buildings, due to its immunity to the effects of moisture and lighting. Fiber optic cable has the ability to transmit signals over much longer distances than coaxial and twisted pair. It also has the capability to carry information at vastly greater speeds. This capacity broadens communication possibilities to include services such as video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper cabling; however, it is more difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable carrying Ethernet signals. The center core of fiber cables is made from glass or plastic fibers. A plastic coating then cushions the fiber center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon or PVC. Straight through: 1. .GREEN WHITE .GREEN WHITE 2. GREEN GREEN 3. ORANGE WHITE ORANGE WHITE 4. BLUE BLUE 5. BLUE WHITE BLUE WHITE 6. ORANGE ORANGE 7. BROWN WHITE BROWN WHITE 8. BROWN BROWN 568 A 568 B 54 Followed during connections of: 1. HUB SWITCH 2. HUB PC 3. SWITCH ROUTER Cross Over: 12 - 36 1 3 2 6 1. GREEN WHITE ORANGE WHITE 2. GREEN ORANGE 3. ORANGE WHITE GREEN WHITE 4. BLUE BLUE 5. BLUE WHITE BLUE WHITE 6. ORANGE GREEN 7. BROWN WHITE BROWN WHITE 8. BROWN BROWN 568 A 568 B Followed during the connections of: 1. LAPTOP LAPTOP 2. PC PC 3. HUB HUB 4. SWITCH SWITCH 5. PC ROUTER Rolled Over: 1. It is used for interface not for communication. GREEN WHITE BROWN 55 2. GREEN BROWN WHITE 3. ORANGE WHITE ORANGE 4. BLUE BLUE WHITE 5. BLUE WHITE BLUE 6. ORANGE ORANGE WHITE 7. BROWN WHITE GREEN 8. BROWN GEEN WHITE Used during the connection of: 1. PC ROUTER/SWITCH Modes of Router: 1.User executive mode Syntax: Router > 2.Previlage mode Syntax : Router# 3.Global configuration Syntax: Router(config)# 4.Interface mode or line console mode Syntax: Router(config if/line)# 5.Sub interface mode Syntax: Router(config-subif)# Router > enable Router# Router#config terminal 56 Router(config)# Router(config)#interface fastethernet 0/0 or line console 0 Router(config-if)# or Router(config-line)# Commands for router: 1.To enable the router: Router > enable 2.To disable the router: Router# disable 3.To show physical interface of router: Router#show ip interface brief 4.To show the command present in RAM of router: Router#show running-config 5.To show the command present in NVRAM of router: Router#show startup-config 6.To save command from RAM to NVRAM of the router: Router#copy running-config startup-config 7.To erase command present in NVRAM of router: Router#erase startup-config 8.To move on global configuration mode from previlage mode of router: Router#config terminal 57 Router(config)# 9.To change host name of the router: Router(config)#hostname hcl 10.To set service password: Router(config)#enable password hcl 11.To encrypt service password: Router(config)#service password-encryption 12.To set secret password to router: Router(config)#enable secret <password> 13.To show time: Router#show clock 14.To set time in router: Router#clock set 00:00:00 dd monthname yyyy 15.To set the console password: Router(config)#line console 0 Router(config-line)#password 123 Router(config-line)#login 16.To set banner to the router: Router(config)#banner motd*banner title* 17.To remove password: 58 Router(config)#no enable secret password Router(config)#no enable service password 18.To enable fastethernet of router: Router(config)#interface fastethernet 0/0 Router(config)#no shutdown 19.To assign ip address to fastethernet: Router(config)#interface fastethernet 0/0 Router(config)#ip address 192.168.1.1 255.255.255.0 20.To reboot router: Router#reload TO JOIN TWO ROUTERS WITH EACH OTHER: ROUTER A ROUTER B 1841 1841 192.168.1.1 192.168.1.2 SERIAL DCE ROUTER ARouter(config)#interface serial 0/0/0 Router(config)#ip address 192.168.1.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#clock rate 64000 ROUTER B- 59 Router(config)#interface serial 0/0/0 Router(config)#ip address 192.168.1.2 255.255.255.0 Router(config-if)#no shutdown Router(config-if)#clock rate 64000 ROUTER BRouter(config)#enable password Router(config)#line vty 0 4 user access verification Router(config-line)#password telnet password: telnet Router(config-line)#login Router > enable Router(config-line)#exit password: hcl Router ARouter#telnet 192.168.1.2 ROTER A ROTER A ROUTER A192.168.1.1 192.168.1.2 S0/0/0 S0/0/0 F0/0 F0/0 10.0.0.1 20.0.0.1 Switch 0 Switch 1 60 PC 20.0.0.5 ROUTER A: Router(config)#interface fastethernet Router(config-if)#ip address 10.0.0.1 255.0.0.0 Router(config-if)#no shutdown Router(config-if)#exit Router(config)#interface serial 0/0/0 Router(config-if)ip address 192.168.1.1 255.255.255.0 Router(config-if)#no shutdown Router(config-if)clockrate 64000 ROUTER B: Router(config)#interface fastethernet 0/0 Router(config-if)#ip address 20.0.0.1 255.0.0.0 Router(config-if)#no shutdown Router(cconfig-if)#exit Router(config)#interface serial 0/0/0 Router(config-if)#ip address 192.168.1.2 255.255.255.0 Router(config-if)#no shutdown 61 ROUTER A: Router(config)#ip route 10.0.0.1 255.0.0.0 192.168.1.2 ROUTER B: Router(config)#ip route 20.0.0.1 255.0.0.0 192.168.1.1 ROUTING STATIC ROUTING DYNAMIC ROUTING IGP DVRP RIP RIP V1 RIP V2 EGP LSRP IGRP OSPF DEFAULT ROUTING HYBRID(DVRP+LSRP) IS-IS EIGRP RIP NG DVRP – Distance vector routing protocol,follows B-F algorithm and best path. 62 LSRP – Link state routing protocol,follows dijkstra algorithm and shortest path. HYBRID(DVRP+LSRP) – follows both best and shortest path and both B-F and dijkstra algorithm. RIP – Routing information routing protocol (15 hops) IGRP – Interior gateway protocol (255 hops) OSPF – Open shortest path first, classfull + classless (unlimited hops) IS-IS – intermediate system to intermediate system, classfull + classless (255 hops) EIGRP – Enhanced interior gateway routing protocol, classfull + classless (255 hops) RIP V1 - Routing information routing protocol version one, classfull RIP V2 - Routing information routing protocol version two, classless + classfull RIP NG - Routing information routing protocol new generation, IPV6 STATIC ROUTING: # It is the process in which the router are predefined by the network administrator. # It is secured than dynamic routing. # It generally increases network administrator overload. # Static routing used when very few devices to configure (<5) and when we know the router wil probably never change. >> [Syntax: Router(config)#ip route destination NID subnet mask next hop] >> [HOP:In computer networking.a hop represents one portion of the path between source and destination] DEFAULT ROUTING: 63 # A default routing also known as the gateway of last resort,is the network routes used by a router when no other known route exists for a given IP packet’s destination address. # All the packets for destination not known by the router’s routing table are sent to the default route. >> [Syntax:Router(config)#ip route 0.0.0.0 0.0.0.0 next hop] DYANMIC ROUTING: # RIP is a distance vector routing protocol, which employs the hop count as a routing metric. # RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from the source to a destination. # The maximum number of hops allowed for RIP is 15. # The hold down ime is 180 seconds. # RIP router transmitted full updates every 30 seconds. # There are 3 versions of the RIP: RIP V1,RIP V2,RIPng. RIP V1: # RIP V1 uses classfull routing. It doesnot support classless inter domain routing(CIDR). >> [Syntax: Router(config)#router rip Router(config-router)#network source NID] 64 RIP V2: # RIP V1 supports classless classless inter domain routing(CIDR). # RIP V1 supports RIP V1 updates authentication. # RIP V1 encodes the next hop into each entries. >> [Syntax: Router(config)#router rip Router(config-router)#version 2 Router(config-router)#network source NID] RIPng: # RIPng supports IPV6 networking. # RIPng doesnot support RIP V1 updates authentication. # RIPng requires specific encoding of the next loop for a set of route entries. ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL (EIGRP) # EIGRP is a CISCO proprietary routing protocol loosely based on their original IGRP. # EIGRP is the combination of a distance vector and link state routing protocol. # EIGRP supports maximum hop up to 255. # EIGRP is enhanced version of IGRP. # EIGRP supports for IPV4,IPV6,appletalk,IPx. # EIGRP supports VLSM and CIDR both. # EIGRP uses autonomous system. # EIGRP uses autonomous system. 65 # EIGRP has four basic components: 1. Neighbour discovery/recovery: It is the process that routers use to dynamically lear off the other routers on their directly attached networks. 2. Reliable transport protocol: This protocol is responsible for guaranteed, ordered delivery of EIGRP packets to all neighbours. 3. DUAL: The DUAL (differing update algorithm) embodies the decision process for all route competitions (best free route). 4. Protocol dependent modules: These are responsible for network layer , protocol specific requirements. >> [Syntax: Router(config)#router eigrp AS no., Router(config-router)#network source NID] OPEN SHORTEST PATH FIRST (OSPF) a. It is an interior gateway protocol used to distribute routing information within a single autonomous system. b. It is a part of link state routing protocol that work on Dijkstra algorithm. c. The maximum number of hops allowed for OSPF is unlimited. d. It supports IPv6 and IPv4 both. e. It supports both VLSM and CIDR. f. It selects the best route by finding the lowest cost paths to a destination. g. It does require the router have a more powerful processor ans more memory than other routing protocols. h. It uses areas to organize a network into a hierarchial structure. >> [Syntax: Router(config)#router ospt AS no. Router(config-router#network source_NID wild_card_mask area area_number] VIRTUAL LOCAL AREA NETWORK (VLAN) i. VLAN is a logical grouping of network users and resources connected to administrativity defined port on a switch. 66 ii. It helps us to create small broadcast domains. iii. Host form one VLAN cannot communicate directly with the host on different VLAN. iv. a router. v. VLANs help us to enhance the network security. Types of VLAN links: a) Access port b) Tunk port Access Port: I. II. Carries the traffic off and belongs to only one VLAN. Access port is used to connect switch to PC. >> [Syntax: Switch(config)#interface fastethernet port Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan vlan_no.] Trunk Port : Carries the traffic of multiple VLANs. By default is a number of all VLANs in the VLAN database. Trunk port is used to connect switch to switch and switch to router. >> [Syntax: switch(config)#interface fastethernet port Switch(config-if)#switchport mode trunk] PC PC 10.0.0.1 10.0.0.5 67 f 0/1 f 0/5 SWITCH A VLAN 10 sales f 0/2 VLAN 20 marketing f 0/6 PC PC 10.0.0.2 10.0.0.6 Commnds of switch: switch#config terminal switch(config)#vlan 10 switch(config-vlan)#name sales switch(config-vlan)#exit switch#show vlan brief To create VLAN through data base: switch#vlan database switch(vlan)#vlan 20 name marketing switch#show vlan brief To assign port to dedicated VLAN: switch(config)#interface f0/1 switch(config-if)#switchport mode access switch(config-if)#switchport access vlan 10 switch#show vlan brief switch(config)#interface f0/2 68 switch(config-if)#switchport mode access switch(config-if)#switchport access vlan 20 switch#show vlan brief To assign port to dedicated vlan through range: switch(config)#interface range f0/5-6 switch(config-if-range)#switchport mode access switch(config-if-range)#switchport access vlan 20 switch#show vlan brief SWITCH TO SWITCH COMMUNICATION: SWITCH A SWITCH B f 0/20 f 0/21 Commands: Switch A: switch(config)#int f 0/20 switch(config-if)#switchport mode trunk Switch B: switch(config)#int f 0/21 switch(config-if)#switchport mode trunk INTER VLAN ROUTING: ROUTER PC f 0/0 192.168.1.5 Vlan10=192.168.1.1 PC 192.168.2.5 VLAN20=192.168.2.1 69 f 0/5 f 0/1 SWITCH VLAN 10 HCL f0/10 f 0/6 A PC 192.168.1.6 VLAN 20 f 0/11 CDC PC 192.168.2.6 SWITCH: ISL – INTER SWITCH LINK (Cisco) switch#vlan database switch(vlan)#vlan 10 name HCL switch(vlan)#vlan 20 name CDC switch(config)#int range f 0/5-6 switch(config-if-range)#switch port mode access switch(config-if-range)#switchport access vlan 10 switch(config-if-range)#exit switch(config)#int range f 0/10-11 switch(config-if-range)#switchport mode access switch(config-if-range)#switchport access vlan 20 switch(config-if-range)#exit ROUTER: router(config)#interface fastethernet 0/0 router(config-if)#no shutdown router(config-if)#exit dot1q - IEEE 70 router(config)#interface fastethernet 0/0.1 router(config-subif)#encapsulation dot1q 10 router(config-subif)#ip address 192.168.1.1 255.255.255.0 router(config-subif)#exit router(config)#interface fastethernet 0/0.2 router(config-subif)#encapsulation dot1q 20 router(config-subif)#ip address 192.168.2.1 255.255.255.0 router(config-subif)#exit VLAN TRUNKING PROTOCOL (VTP): 1. VLAN trunking protocol is a cisco proprietory layer 2 messaging protocol that manages the addition.deletion and renameing of virtual local area network (VLAN) on a network wide basis. 2. It was designed by cisco with the network engineer and administrator in mind,reducing the administration overhead and the possibility of error as described above in any switched network environment. 3. When a new VLAN is configured the same VLAN everywhere, it carries VLAN information to all the switches in a VTP domain. MODES OF VTP: 1.VTP server: a) The default mode for all the switches supporting VTP. b) In VTP mode we can create,remove and modify VLANs. c) VTP servers advertise their VLAN configuration to the other switches in the same VTP domain and synchronies their VLAN configuration with other switches based on messages received over trunk links. d) The VLANs information are stored on NVRAM and they are not lost after a reboot. 2.VTP client: a) They behave in the same way as VTP servers, but we cannot create,change or delete VLANs on the local device. b) VLAN configuration are saved in NVRAM. 3.VTP transparent: a) This mode is something between a VTP server and a VTP client but doesnot participate in the VTP domain. 71 b) Transparent VTP switchwill act as a VTP relay (forward all VTP information it receives, out its trunk ports) only when VTP version 2 is used in the network. c) When we set the VTP mode to transparent then the switches do not participate in VTP. d) VLANs can be created , change or deleted when in transparent mode . FRAME RELAY:a) b) c) d) e) It is a standard for packet switching WAN communication over high quality digital lines. Frame relay networks can provide data transfer upto 1.54 mbps. It can be implemented over a variety of connection lines (56k, T-1, T-2). It operates at the physical and data link layers of OSI model. When we sign up for frame relay service we are assigned a level of service called a committed information rate (CIR). >> [NOTE: The CIR is the maximum guaranteed data transmission rate we will receive on frame relay network] CONCEPTS ABOUT FRAME RELAY METHOD: 1. Routers connect to frame relay switch either directly or through a CSU/DSU. 2. Frame relay networks stimulate an ‘always on’ connection with PVCs (permanent virtual circuits). 3. Sending routers send data immediately without establishing a session. 4. Frame relay switches perform error checking but not correction. 5. Corrupted packets are simply dropped without notification. 6. Packets travel through the frame relay cloud without acknowledgements. 7. Congestion is the most common cause of packet loss on a frame relay network. 8. Frame relay switches send backward explicit congestions notification (BECN) messages to slow data transfer rate. FRAME RELAY PROTOCOLS: a) b) c) d) e) i. Data link connection identifiers (DLCIs) ii. Local management interface (LMI) DLCIs: It identifies each virtual circuit. It ranges between 16 and 1007. The DLCI represents the connection between two frame relay devices. The frame relay service provider assigns the DLCI when the virtual circuit is set up. Each DLCI is unique for the local network, bu not for the entire WAN. LMI: 72 a) It is a set of management protocol extensions that automates many frame relay management task. b) It is responsible for managing the connection an d reporting connection status. c) It maintains the link between the router and the switch. d) It gathers status information about other routers and connections on the network. e) Cisco routers support 3 LMI types: Cisco, ANSI and Q933a FRAME REALY CONNECTIONS AND CIRCUITS: I. II. Point-to-point: This link stimulates a direct connection with destination device. Multipoint: A multipoint link configures each circuit to communicate with more than one destination devices. A CSU/DSU (channel service unit/data service unit) is a digital interface device used to connect a data terminal equipment device or DTE, such as a router, to a digital circuit(eg.a T1 or T3 line). ACL (ACCESS CONTROL LIST) a) ACL is a set of rules defined within a list that a router uses to determine whether to accept or deny traffic on an interface. b) ACL is filtering unwamted packets when implementing security policies. c) It prevents certain traffic entering or exiting from a network, based on criteria we specified within thw access list so that network security can be achieved. Types of ACL: i. ii. iii. Standard ACL Extended ACL Named ACL Standard ACL: a. SACLs are cisco IOS based commands used to filter packets on cisco routers based on the source IP address of the packet. b. The destination of the packet and the ports involved do not matter. c. Its range area is 1-99 or 1300-1999. >>[Syntax: Router(config)#access-list <ACL no.> <permit/deny> <source IP> <source mask>] Extended ACL: a. Extended ACLs have the ability to filter packets based on source and destination IP address. b. It also allows you to specify different types of traffic such as ICMP,TCP,UDP etc. c. Its area range is 100-199 or 2000-2699. 73 >>[Syntax: Router(config)#access-list <ACL no.> <permit/deny> <protocol> <source IP> <source mask> <operator> <source port> or <destination IP> <destination mask> <operator> <destination port>] Named ACL: # Named ACLs are standard or extended ACLs which are given names instead of a ACL number. >>[Syntax: Router(config)#ip access-list <standard/extended> name #Inbound ACLs: IOS check the packet before it is sent to the routing table process. #Outbound ACLs: IOS check the packet after it is sent to the routing table process. Network Address Translation(NAT) 1. NAT is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. 2. NAT provides a type of firewall by hiding internal IP addresses. 3. NAT can be statically defined or it can be set up to dynamically translate from and to a pool of IP addresses. 4. NAT runs on the device that's connected to the Internet and hides the rest of your network from the public, thus making your whole network appear as one device to the rest of the world. Types of NAT: i. ii. iii. Static NAT Dynamic NAT Overloading NAt(PAT) Static NAT: a) Static NAT maps an unregistered IP address to a registered IP address on a one-to-one basis. b) It mapped a private IP address to a public IP address, where the public address is always the same IP address. >>[syntax: ip nat inside source static private-IP public-IP] Dynamic NAT: a) Dynamic NAT maps an unregistered IP address to a registered IP address from a group of registered IP addresses. 74 b) It mapped private IP address to a public IP address drawing from a pool of registered (public) IP addresses. >>[syntax:router(config)#access list no. permit private-Network-ID wild-card-mask router(config)#ip nat pool name public-IPaddress-range netmask subnet-mask router(config)#ip nat inside source list no. pool name] Overloading NAT(PAT): a) Overloading NAT is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address by using different ports. b) In PAT each computer on LAN is translated to the same IP address, but with a different port number assignment. >>[syntax:router(config)#access list no. permit private Network-ID wild-card-mask router(config)#ip nat pool name public-IPaddress public-IPaddress netmask subnet-mask router(config)#ip nat inside source list no. pool name overload] IP Networks/addresses map: Inside Local :—This is the local IP address of a private host on your network (e.g., a workstation's IP address). Inside Global :—This is the public IP address that the outside network sees as the IP address of your local host. Outside Local :—This is the local IP address from the private network, which your local host sees as the IP address of the remote host. Outside Global:—This is the public IP address of the remote host (e.g., the IP address of the remote Web server that a workstation is connecting to). Hardware Component of Cisco Devices: ROM: ROM contains the necessary firmware to boot up your router and typically has the following four components: a) POST (power-on self-test): Performs tests on the router's hardware components. 75 b) Bootstrap program: Brings the router up and determines how the IOS image and configuration files will be found and loaded. c) ROM Monitor (ROMMON mode): A mini–operating system that allows to perform lowlevel testing and troubleshooting, the password recovery procedure. d) Mini-IOS: A stripped-down version of the IOS that contains only IP code. This should be used in emergency situations where the IOS image in flash can't be found and we want to boot up the router and load in another IOS image. This stripped-down IOS is referred to as RXBOOT mode. RAM: a) RAM of router is like the memory in the PC. b) On a router, it (in most cases) contains the running IOS image; the active configuration file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers. c) The IOS is responsible for managing memory. When we turn off the router, everything in RAM is erased. Flash: a) Flash is a form of nonvolatile memory in that when we turn the router off, the information stored in flash is not lost. b) Routers store their IOS image in flash, but other information can also be stored here. c) Some lower-end Cisco routers actually run the IOS directly from flash (not RAM). d) Flash is slower than RAM, a fact that can create performance issues. NVRAM: a) NVRAM is like flash in that its contents are not erased when you turn off your router. b) It is slightly different, though, in that it uses a battery to maintain the information when the Cisco device is turned off. c) Routers use NVRAM to store their configuration files. In newer versions of the IOS, we can store more than one configuration file. ---------------------------------------------------------------------------------------------------------------------