Nw handout full by Prisma Dominatus

AUGUST 14, 2014

(Image credit) A network cable is unplugged â&#x20AC;&#x201C; Funny Picture. (2013, October 10). Retrieved from Funnyzone.org: http://www.funnyzone.org/funny-pictures/a-network-cable-is-unplugged-funny-picture/

INFORMATION NETWORK 436 302 & 436259 JIRAPON TANASANTI SILPAKORN UNIVERSITY

FORWARD Dear arts students Have you ever wonder, how a SMS travel from your mobile phone, through the air and some cloud, to receiver’s mobile phone? I am sure you have enjoyed online games and social network sites but do you know how they work? If you are, you should have experienced several network problems, aka. “Rotten Internet”. With this course, you should be able to “un-rotten” your internet1. In information network course, students learn how computer network works. Its architectures and protocols. This allows students to create their own computerized information network. They can fix some basic, yet frequently occur, problems. The knowledge also enable students to communicate with network specialist when the problem cannot be fixed from their side. This document is a handout for 436 302 and 436 259 Information network course, aimed for registered students. Information written in this handout is intended to be studied in combination with class lecture. So, if you have questions, attend the class and ask away!

This statement is not theoretically correct. It is used for rhetorical purpose. Students will learn the differences between network and the internet from this course.

Table of contents INTRODUCTION ..................................................................................................................................................... 1 Why should you learn information network? ................................................................................................................... 1 What is information network? .......................................................................................................................................... 1 Where to learn more?....................................................................................................................................................... 2 Course and teaching policy ............................................................................................................................................... 2

NETWORK TYPES AND TOPOLOGY ......................................................................................................................... 4 NETWORK TYPES ...........................................................................................................................................................4 Geographic ........................................................................................................................................................................ 4 Mode of operation ............................................................................................................................................................ 5 Structure Of Network ........................................................................................................................................................ 6

TOPOLOGY ...................................................................................................................................................................8 What is topology? ............................................................................................................................................................. 8

NETWORK COMPONENTS .................................................................................................................................... 14 CONNECTORS ..............................................................................................................................................................14 Network Interface Controller (NIC) ................................................................................................................................. 14 Hub.................................................................................................................................................................................. 15 Switch.............................................................................................................................................................................. 16 Router ............................................................................................................................................................................. 17 Access Point .................................................................................................................................................................... 19 Modem............................................................................................................................................................................ 19 Firewall............................................................................................................................................................................ 20

CABLES ......................................................................................................................................................................20 Coaxial ............................................................................................................................................................................. 20 Twisted pair .................................................................................................................................................................... 21 Fiber optic ....................................................................................................................................................................... 23

NETWORK TECHNOLOGIES .................................................................................................................................. 24 TERMINOLOGY ............................................................................................................................................................24 ETHERNET ..................................................................................................................................................................25 DSL ..........................................................................................................................................................................30 OTHER WIRED TECHNOLOGIES .......................................................................................................................................31 WIRELESS TECHNOLOGIES..............................................................................................................................................34 OSI & INTERNET MODEL ...................................................................................................................................... 38 INTERNET MODEL ........................................................................................................................................................38 OPEN SYSTEM INTERCONNECTION MODEL ........................................................................................................................40 APPLICATION LAYER ............................................................................................................................................ 42 HTTP & HTTPS ................................................................................................................................................................. 42 SMTP ............................................................................................................................................................................... 43 POP and IMAP ................................................................................................................................................................. 44 FTP .................................................................................................................................................................................. 45 SSH .................................................................................................................................................................................. 45 IRC ................................................................................................................................................................................... 46 Bit Torrent ....................................................................................................................................................................... 46 DHCP ............................................................................................................................................................................... 47 DNS ................................................................................................................................................................................. 47

SNMP .............................................................................................................................................................................. 48

PRESENTATION LAYER ......................................................................................................................................... 49 Translation ...................................................................................................................................................................... 49 Data Compression ........................................................................................................................................................... 50 Conversion ...................................................................................................................................................................... 50 Encryption/Decryption .................................................................................................................................................... 50

SESSION LAYER .................................................................................................................................................... 51 Services ........................................................................................................................................................................... 51 Communication mode .................................................................................................................................................... 52

TRANSPORT LAYER .............................................................................................................................................. 54 Transport (TCP & UDP) .................................................................................................................................................... 54

NETWORK LAYER ................................................................................................................................................. 61 NETWORK LAYER SERVICES .............................................................................................................................................61 Logical address (IP).......................................................................................................................................................... 61 Encapsulation .................................................................................................................................................................. 68 Routing and Routing Protocols ....................................................................................................................................... 69 Fragmentation / Segmentation (and reassemble packets) ............................................................................................. 72 Error handling ................................................................................................................................................................. 72

DATA LINK LAYER ................................................................................................................................................. 73 LLC sub layer ................................................................................................................................................................... 76 MAC sub layer ................................................................................................................................................................. 77 Notable Protocol ............................................................................................................................................................. 78

PHYSICAL LAYER .................................................................................................................................................. 81 How data are represented on a media ........................................................................................................................... 81

OSI MODEL VS INTERNET MODEL: SUMMARY ..................................................................................................... 85 NETWORK SECURITY ............................................................................................................................................ 96 attack .............................................................................................................................................................................. 96 defense ......................................................................................................................................................................... 102

NETWORK ADMINISTRATION ............................................................................................................................ 104 Conclusion ..................................................................................................................................................................... 109

BIBLIOGRAPHY................................................................................................................................................... 110

Information Network [436302]

INTRODUCTION WHY SHOULD YOU LEARN INFORMATION NETWORK ? Information network is everything in today life. Like ants touch their antennas to the other to share information, humans share information to each other almost all their waking time. This fact is even more emphasized by todayâ&#x20AC;&#x2122;s computer technologies. Computer network reinforces the power of information sharing. Without computer network, people cannot communicate with other as efficiently as it is. Think about a world without internet. No google. No Android or iPhone. How are you going to search for your homework? How are you going to ask your parents to pick you up after school? How do you know a make-up class is cancel? No, you will not know any of above without computer network. If you have a runner telling everybody news, you might know that a class is canceled. However, such Alexander the Great period technology is far out-date to fulfil todaysâ&#x20AC;&#x2122; requirement. Today we use computers to communicate with each other. We share information, knowledge and feeling. We also use them for leisure. Facebook, DotA and Messenger are but a few examples of them. So, if you learn about computer network technologies, you can see the truth behind everything you use to share information. And if things go wrong, you might be able to fix them.

WHAT IS INFORMATION NETWORK? Information network is a network of nodes connected to share information. Information is data which has been processed into useable form. Since data usually go through many process by multiple personnel, information network is usually formed to share information between working nodes, processing unit, data storage or personnel. Computer network is a network of nodes that are interconnected for data communication and resource sharing. Since computer network and information network are, by definition, closely related, these two terms might be used interchanged with each other. Students should note that the two are not, in essence, the same. Information networks are not necessarily use computers but computers are currently the best available technology to implement information network. Therefore, computer networks are taught in this course as information network. Page 1

Information Network [436302]

WHERE TO LEARN MORE ?

When students read textbooks, it is recommended that they do not seek the “best solution” but advantages and disadvantages of each technology.

Network technology advances quickly. Any books or publication could become outdated in a few years. It is recommended that students familiarize themselves with IEEE Xplore research database (www.ieeexplore.ieee.org) for advances in computer technologies.

Textbooks are good for basic principles. When students read textbooks, it is recommended that they do not seek the “best solution” but advantages and disadvantages of each technology. Some technologies mentioned as the best in a textbook could be obsolete by the time of reading. Therefore, only basic principle of how those particular technology work should be grasp. This course features one Thai textbook and two English textbooks. It is recommended that students try their best to understand English textbooks because there are many terms and jargons that cannot be translated into Thai exact words. This could make Thai textbooks more difficult to read.

COURSE AND TEACHING POLICY As you can see, handouts are in English. This policy aims to prepare students for coming Asean Economic Community or AEC. Students need English skills to survive in upcoming competition. The largest portion of information network knowledge is also recorded in English. Network device manuals and protocol references are in English. Therefore, English is the crucial for this course.

All handouts provided in this course will be in English… …If students cannot read the handout, it is recommended that they attend every lecture which will provided in Thai.

However, the instructor understand students’ situation. Lectures are to be provided in Thai to ensure correct understanding of information network knowledge. Students must read the handout, which will be distributed by the printing shop on every Monday, before class. Any questions from selflearning are to be asked during class. PowerPoint presentations shown in class might not be comprehensible without lecture, do not depend on it. If a student can identify mistakes, such as grammatical mistake, left uncorrected in the handouts, the student can identify those mistakes to the instructor. A reward is promised at the end of the course. Page 2

Information Network [436302] To ensure students understanding on every lesson, each session begins with pre-test. The test is scored. This is designed to stimulate self-learning and also used as attendant check. Then, a post-test is taken before a session ends. This test is also scored. This is designed to reflect students understanding on themselves and encourage concentration in the session. A term paper must be submitted for this course. Students are to assemble a team of their own. No Peer review solo work allowed. Teams decide their research topic on information network. At least, the project Students have to evaluate their should involve extensive learning on a topic related peers after working together. to information network technology. The best project Students who take no part in should be improvement of networking technique, or the work will earn less or no invention of a very new. A proposal must be score at all. submitted before midterm exam. After that, students must submit and present a term report at the last session before the final exam. In case that presentation exceed class time, additional session might be issued as circumstances demand.

ď&#x20AC;

Page 3

Information Network [436302]

NETWORK TYPES AND TOPOLOGY Computer network is a very large and complex subject to study. In order to understand the whole subject, students could analyze computer network and study each chunk from different perspectives. This is why students should learn about network “types”. This session also introduce students to “topologies” which is the way a network is connected. These knowledge will enable students to identify computer networks and know their characteristics.

NETWORK TYPES Computer network can be classified by various factor. One factor is a geographical scale of a network. Another factor is the mode of operation it is running. Structure of interconnected nodes is also a factor that analyst should consider.

GEOGRAPHIC How large is it? Networks are usually classified into one of the three classes depends on its geographical size. The smallest is Local Area Network (aka. LAN). The bigger but not as popular is Metropolitan Area Network or MAN. Finally, the largest and most sophisticate network is Wide Area Network or WAN. LAN LAN is the smallest computer network. LAN can be found in almost any offices. Homeuse internet connections are LAN, with or without wire. The current most prevalent technology for wired LAN is Gigabit Ethernet while WiFi is used for wireless LAN. LAN featured high rate of data transfer because it operates in short range. It is also take lowest cost to implement and to maintain. MAN MAN is not as common as LAN because it is in the middle between LAN and WAN. MAN serves as information network for areas as large as cities. It can be as small as a network for a university or as large as a network for some part of a country. The objective of MAN is similar to LAN which is resource and data sharing while using WAN communication technologies. Unlike WAN, however, MAN is usually owned by private institutes. Page 4

Information Network [436302] WAN WAN is the largest computer network. The Internet itself is a WAN. There are many data transmission technologies implemented into WAN. It links countries and connect overseas. WAN connects multiple networks together to form a large inter-network communication. The technologies in WAN are differ from technologies used in LAN. Therefore, it is the most expensive network structure to build and maintain.

LAN / MAN / WAN characteristics LAN

MAN

WAN

RANGE MAINTENANCE COST

IMPLEMENT COST

COMPLEXITY

USER PER NET

Computer networks usually be classified, according to geographical distribution, into one of these networks. There are other perspectives that computer networks can be classified such as model and distribution of the computer network.

MODE OF OPERATION How does it work? Client-server relation between network components is a model invented by Xerox PARC in during 1970s. The basic principle of client-server relationship is that clients request something from a server and the server respond accordingly. For example, a game online is operated using client-server where client, or player PC, process certain tasks such as graphical interface. The server responds to clients for their player actions, locations and status values. This mechanism allow many players to play on the same virtual world. CLIENT Client machine is a computer which can perform processing tasks. This computer then connected into a network to work with other computers. When this computer request information from a designated server computer, it becomes a client of that particular server. SERVER Server is usually a powerful computer capable of processing many/complex processing requests. Once processing is completed, the results are send to client requested for it. Server has many roles such as file server, where files are hosted, and proxy server, which act as a proxy between users and outside networks. Page 5

Information Network [436302] TERMINAL Terminal is similar, with a small distinction, to client machine. A terminal does not capable of processing anything on its own. A terminal is human interface which relay anything it receives to its server where all the processing is done.

Data

When analyzing a computer network, it is critical to know wherever there are weak links in the system. Considering only size (LAN/MAN/WAN) and model (client-server) is not enough to fully understand a network. Therefore, another perspective of computer network structure is centralized/distributed network.

STRUCTURE OF NETWORK How are they sit together? Structure of network components are the final perspective this handout introduces. This perspective enable analyst to understand physical network connection and operation. Unlike client-server which can be virtual, centralized and distributed network is not meant to be virtual. They are either grouped at one place, centralized, or distributed to many places. Each structure has its own advantages and disadvantages. CENTRALIZED SYSTEM Computer networks consisted of many computers, which perform its own role. Some computers perform more important tasks and they are usually more powerful. For example, a file server is usually has larger memory and can perform faster information retrieval. This way, the system is easier for system update because all data is stored in a single machine. It also minimize processing power demanded from client machines because the server perform all the works. Such system is called centralized system. Page 6

Information Network [436302] Centralized system > Single update > Minimize client power > Easy to maintain Distributed system > Robust > Scalable > Personalization Try to identify other traits of each system

DISTRIBUTED SYSTEM Distributed system, also called decentralized system, is opposite to centralized one. Distributed system allow each nodes of the network to process their own information. This way, the system is tolerant to failure because there is no central key component to the network. If one node is broken down, other nodes work on their own. This type of system is also scalable. As a network enlarged in scale, some processing tasks become too big/too complex for a single powerful server to handle. This create a situation where more computers are added to the network and jobs are distributed to those computers.

Page 7

Information Network [436302]

TOPOLOGY WHAT IS TOPOLOGY ? In computer network, topology is the way network nodes are arranged regard to each other. This course focuses on logical topologies. There are eight well known topologies, bus, ring, star, mesh, point, tree, hybrid and daisy chain. This handout will not describe them in respective order. Topology is important for troubleshooting network malfunctions. It is also enable network designer to plan out network performance and scalability. Sometimes, topology knowledge enable network staff to implement a computer network with limited components. P OINT - TO - POINT Point-to-point is the simplest topology. It is one node connect to another node. The connection media can be dedicated for the two nodes. An example of this topology is cable TV which connect a television to broadcast studio. The line is exclusively leased by the studio for the customer.

STUDY WITHOUT THINKING IS

USELESS Confucius

There is no magic-bullet in network topology. Even a look-best topology can be rendered useless in certain situations. Students are not supposed to memorize all topologies without understanding their potential. To fully understand them, try asking questions.    

FIGURE 1 : POINT-TO-POINT TOPOLOGY

Sometimes, the media is switched using specific technology. It connects two nodes until the communication is done. Then, the media can be released from the nodes and switched for other nodes. Think about this topology like a telephone system. When one person call another person, no one can call the caller. The line will be “busy”. Until they finish calling. The line then become “free” and people can make a call to them.



How much does it cost? How fast can it be? How reliable it is? How difficult it is to perform maintenance on these things. What if someone accidentally step on and snap a cable? Etc.

Compare topology to topology and you will see why you should study all these things. Page 8

Information Network [436302] B US Bus topology is a network which all computers connected together with a single cable called â&#x20AC;&#x153;busâ&#x20AC;?. This bus then transport data from one computer to another computer. At each end of the bus line, there is a terminator which stop signals from echoing back and interfere with newly send signal.

FIGURE 2 : BUS TOPOLOGY

When a computer want to communicate with another computer on the network, it broadcast, shout out the message with target name and every machine hears it. Computers which name are different from the designated target of that data ignore the packet while the right one receives it.

Question What are advantages and disadvantages of bus topology?

However, the bus can support only one channel. Bus is something like a copper wire and it cannot support more than one electrical current in itself. Therefore, if computers transmit signal at once, they collide and no communication can be made. This means bus network can be slowed down substantially if many computers are connected on the same bus. R ING Ring topology is when a node connect to other exact two nodes and form a continuous link that connect entire network together. To transmit data, a node sent signal addressed to the target node. The neighbor nodes then relay that messages to their neighbor nodes which perform the same task over and over until the target receive that data,

Page 9

Information Network [436302]

FIGURE 3 : RING TOPOLOGY

Question What are problems of ring topology? How to fix them?* *some solutions are blunter than you might think

Since ring has no beginning and ending of medium. No terminator is required. Each computer act like a terminator after it receives messages. It also allow quick troubleshooting. When a node is not working, administrator can pin-point the malfunction node by tracing a packet.

The best trait that allow ring topology to remain in use for MAN and WAN network until now is false tolerant. It can connect far away nodes with certain degree of resilience. If a link on a ring is cut, by whatever reason, nodes can still communicate using another way around. Old MAN and WAN networks, which may be too large to be modified, are designed and use ring topology because they cannot be allowed to break easily. S TAR Star topology is correctly the most popular topology. It features a central node which connect all other nodes together. The central node is a switch. Unlike bus where all nodes share the same media or connection line, a switch does not send all signals to all nodes but it analyze the signal and send it to the appropriate receivers. That means each cable is shared only to one node and the switch, minimize network congestion and waiting time.

Page 10

Information Network [436302]

FIGURE 4 : STAR TOPOLOGY

Star topology is popular for LAN because it is easy to design and set up. Switch is not expensive anymore. Any malfunction can be traced easily because every node has its own line. Connection speed is another strong point of star topology because nodes do not have to avoid congestion as much as other topology.

Question What is a disadvantage of star topology?

M ESH In Mesh topology, all nodes are connected to each other using point-to-point topology. Nodes are not only send and receive its own data but also relay othersâ&#x20AC;&#x2122; data. If all nodes in the network are connected to every single node, the network is called fully connected mesh network. Mesh topology offers extreme false-tolerant. Any node fails and the message always, as long as the mesh is still in operation, find another route to reach its target. It is also extremely secured and private because it use point-to-point connection via dedicated media. FIGURE 5 : MESH TOPOLOGY

Page 11

Information Network [436302]

FIGURE 6 : TREE TOPOLOGY

T REE Tree topology look like tree on ground where a central connection called “root” is the top of the hierarchy. Root connect to other nodes which in turn connect to other “child” nodes. This topology is a mix of Star networks on a Bus network. Tree topology offer good scalability. It is well segmented and limit any damages that happen to each cluster. This also make it fairly easy to troubleshoot when failure occurs. It shares the same vulnerability of Bus topology where the backbone is the single failure point, which means broken backbone cable will break the network. However, its Star topology partially counter that weak-point. When the backbone is downed, nodes in the same Star can still communicate with each other but not the other stars. H YBRID Hybrid means mixture of things. Sometimes one topology is not enough to fulfill all requirements of a network. Sometimes a network is built on top of another older network. Sometimes different company implement different network for the same firm. Therefore, hybrid topology is implemented. It is essentially mixture of Bus, Ring, Star and/or other topologies.

Page 12

Information Network [436302] Notable characteristics of hybrid topology are that it is false tolerant, scalable and flexible. Hybrid network takes advantage of other topologiesâ&#x20AC;&#x2122; advantages while counteract disadvantages using different topologies. However, it also introduce new disadvantage which is complexity. Hybrid topology can be extremely complex and expensive to design and work with. For example, try imagine a ring with one node connects to a bus which connect other three stars and fifteen nodes. One of the star connects to another bus which connects two rings, five trees and seven nodes. Just trying to make an image of one could cause a headache, not to mention reading design documents of such a network.

FIGURE 7 : HYBRID NETWORK

D AISY C HAIN Daisy chain is not as popular as it used to be. This topology is a series of nodes connected to and from another node. Similar to a severed ring which can be put in linear form where the last node does not connect to the first node. When it operates, data hops from node to node until it reach its destination. This topology is one of the easiest topology to implement. It is, however, quite expensive because one node require two transmitter.

Question Is there any other topology to connect computer network? How will you draw a diagram showing daisy chain topology?

ď&#x20AC; Page 13

Information Network [436302]

NETWORK COMPONENTS Information network requires certain components to connect computers and other tools such as printers or scanners. This handout introduce some basic components, both connectors and cables.

CONNECTORS In order to connect computers into a network, a connector is required. Larger network and more sophisticate one require even more components. For a data to be shared, it must travel through memories and access Network Interface Controller (NIC). The network controller then send packets of data into connection media, line or wireless. If that media does not dedicated for a sole connection between the communicating pair, it is very likely to enter some components which route the data to its target. These central components could be hubs, switches or routers. Knowledge of these components is critical for troubleshooting network problems. Network specialists might mention these components in their design or maintenance too.

NETWORK INTERFACE CONTROLLER (NIC) W HAT

IS IT ?

NIC is a card that sits in a personal computer. A RJ45, aka LAN jack, is plugged into NIC. NIC then takes data from the computer, transport via mainboard, and converts it into a standard format before sending it to its target. However, NIC is not necessarily installed inside a PC. NIC can be installed into many other components. Most of them embedded to a network connection devices such as mobile phone. A device can hold more than one NIC, as long as its capacity allows. For example, a computer notebook can hold a wireless NIC for Wi-Fi, a Bluetooth NIC and an Ethernet NIC. NICs can be classified as wireless NICs and wired NICs by their respective connection media. FIGURE 8 : NIC

Page 14

Information Network [436302] H OW

DOES IT WORK ?

NIC interact with connection media which could be natural waves for wireless connection or cables. In case of cables, NIC convert data into a signal that the media is capable of transporting. The signal could be electrical wave or light. It also responsible for reforming the signal it receives before sending those signal to higher level of operation. All NIC has a physical address called Media Access Control Address or MAC address. This address is a unique, in the entire world, set of number which identify the NIC. Unlike IP number which can be change easily, MAC address is not to be changed. You can think of it like an engine code of a car. NIC use this address to communicate with each other. In conclusion, NIC does two jobs. First, it convert data into signals which send via connection media. Second, it act as identifier for the computer using its MAC address.

HUB W HAT

IS IT ?

A hub is a central connection device which connect nodes into a single network segment. There are various size of hub mostly determined by number of ports it has. For example, four port hub can handle connection up to four nodes. Hub used to be popular but, with switch become cheaper and cheaper, it is mostly obsoleted now. However, it is necessary to know about it and how it works differently from switch because many hubs are still in use as they are installed back in their old good days.

TERM : IP A DDRESS : A logical address which represent a computer, or other internet devices, throughout a network. This address can be changed and usually changed every time the device reconnect to the network. It is used to identify the device outside network segment. IP address look like this: 127.0.0.1

: MAC A DDRESS : Mac address is a unique number that identify a certain NIC. It is use to identify the device inside a network segment. This number will not change in normal working protocol. However, there is also a technique all MAC spoofing which hackers can change MAC address in order to pretend to be someone else. MAC address look like this: 00:11:22:AA:CC:FF

Page 15

Information Network [436302]

H OW

DOES IT WORK ?

Despite its external feature, which look like a switch, hub is not to be used as a central connector for star topology. Instead, it work more like a bus. Hub receives signal through its port. When a signal comes, hubs broadcast, forward the signal to all other ports. Some hub can detect congestion in the media but most are not. If congestion is detected, that hub sends jamming signals to clear the congestion and warn all nodes not to send signal for a period of time. However, hub that does not support such function will leave congestion as it is and computer must handle congestion by themselves.

SWITCH W HAT

IS IT ?

Externally look very similar to hub. This device work smarter. It is the center of star topology. It has a number of ports. However, it works in a different way. Switch also comes in various level, called layer. Normal switch works with layer 2 of OSI model. There are also switch that works on layer 3, layer 4 and layer 7. H OW

DOES IT WORK ?

When switch receive signals, which is called frame in this layer, it look at the header part of the frame and find the source of the frame as well as the destination. It then consult its own address tables which is called MAC table (because it stores MAC address of each port) or Content addressable memory (CAM) table. If the destination MAC address is in the table, the switch forward the frame to that specific port. Otherwise, it broadcast the

TERM :: OSI M ODEL :: Open System Interconnection or OSI model is an ISO standard (ISO/IEC 7489-1) which standardize functions of communication system into layers. There are 7 layers. 1. 2. 3. 4. 5. 6. 7.

Physical layer Data link layer Network layer Transport layer Session layer Presentation layer Application layer

Theses layers perform specific set to communication related tasks such as converting signals, decode and encode data. OSI model is the heart of computer network study. It is used as reference and allow students to focus on specific task at a time. It also allow specialist to focus on specific area to identify malfunction. TCP/IP model or the Internet model is another reference model which is popular. Its layers are not as strictly separated as OSI layers. They are not designed to be compliant to each other. Page 16

Information Network [436302] frame. Higher layer switches work differently. In addition to MAC address, they incorporate IP address, port or even URL. Either way, all switches perform the same main job. They are to forward data only to its respective destination.

ROUTER W HAT

IS IT ?

Router is a component which transport data packet over different network segments. Router work on network layer (layer 3) of OSI model. It is an important component of the internet. The most popular version can be seen in homes or offices, both wire and wireless. It is important to note that routers used in homes or small offices are rather simple. They simply sent data packets to ISP. ISP routers and core routers are much more complex and powerful. There is a wireless version of router which the router perform both router functions, access point functions and network switch functions. Wireless routers, which are different by manufacturer to manufacturer, can be connected via wire and wireless. It is popular for home/small office wireless LAN connection. H OW

DOES IT WORK ?

Router maintain a routing table which contain IP and respective connecting interface. Routing table stores IP information of networks, their distances (also called costs or hops) and their directions, which represent with connection interfaces on the router. When a router receive a packet, it check the routing table for destination IP. If the IP is found in the table, router send that packet via its particular interface. If it is not, send to configured direction.

TERM RIP RIP stand for Routing Information protocol (not Rest In Peace). It is a distance vector routing protocol. It prevent routing loop using limited hop count. There are 3 version of RIP. They are RIPv1, RIPv2 and RIPng (next generation). RIPv1 is the oldest of RIP series. It uses classful routing technique which depends on IP class rather than network subnet. It also lack authentication, make it vulnerable to attack. RIPv2 is a big jump for RIP. It allows RIP to use classless routing which support multiple subnet mask within the same IP class. It reduces workload by performing multicast instead of broadcast its routing tables. It also provide authentication. RIPv3 is RIPv2 with IPv6 support. All RIP versions allow only 15 hops before timeout.

Page 17

Information Network [436302] Initially when a network component is connected to a network, it broadcast its MAC address. Router then provides IP address for that component and records it in routing table. Then, the router sends RIP message, or other routing information message, to all of its network. RIP carries routing information include the entire routing table. Thus, routing tables are shared with other routers until all routers hold the same routing table. This is how router populate its own routing table. REMEMBER RIP is not the only routing protocol. There are many, such as EIGRP (Enhance Interior gateway routing protocol) and OSPF (Open shortest path first). Actually, RIP is quite old. Therefore, it is important to keep learning and know how to read documentations. Learn beyond RIP and you will not go R.I.P. when you work with a real thing!

ACCESS POINT W HAT

IS IT ?

Access point act similarly to hub and switch without wire. It is used for wireless connection. Access point emits signal through natural wave which transport the data to receivers. Access point could be stand alone or build in with wireless router. Most home/small office access points are build-in type. H OW

DOES IT WORK ?

Access point incorporate signals into natural wave. In the sense that it restore signal strength, spread the signal into all direction and it can send only one frame at a time, is like hub. However, access point does receive the entire frame and check frame header to determine its destination like a switch. Some AP provide security measures but not all. If AP is stand-alone version, all higher layer functionalities would come from the router that attached to it.

TERM Cost/Hops/Distance Routing packets can be a very complex task. So complex that sometimes unlimited loop occurs. Therefore, when a data packet was send from a router, its cost, also known as hop or distance, was +1. RIP allow 15 hops which means that if a packet was send through 16 routers, the last router will drop it and reply â&#x20AC;&#x153;timeout errorâ&#x20AC;? to the sender. This prevent that packet from forever loop.

Page 18

Information Network [436302]

MODEM W HAT

IS IT ?

Modem is a combination between modulator and demodulator. As the name suggests, modem perform signal modulation and demodulation. Home modem features at least two ports, one for telephone (RJ21) another for Ethernet LAN (RJ45). H OW

DOES IT WORK ?

Modulation is to change digital signal or data into electrical wave and transmit it. Demodulation is the opposite, translate data carried wave into digital signal. Most of the time, modem receive wave from wireless connection or telephone line such as ADSL line from ISP. It transform that wave into digital signal and send via LAN to computers. When a user transmit data to the Internet, the data come to modem and modem transform that digital signal into waveform. It then combine, modulate, the signal into carrier wave in telephone line and transmit to ISP. Throughout modem development, many algorithms are used in order to modulate/demodulate signals. They also perform on a variety of frequency include microwave and radio wave. WiFi and WiMax modems are quite popular too.

FIREWALL W HAT

IS IT ?

Firewall is a device that stop certain data from entering/leaving a network. It can be either software (e.g. window firewall) or hardware. Some firewall may also provide proxy functionalities. H OW

DOES IT WORK ?

A number of firewall technologies has been developed over time. From the introduction of firewall, it works on network layer. Firewall analyze data packets by comparing the headers with a set of rule. For example, if a rule states that IP 192.168.1.0/24 is not allowed, packets contain such information will be dropped. Later, firewall that operate on layer 4 emerged. This firewall open packets to check on the state of the packet whether it is a connection, a stream or something else and perform action given by the rule. Then comes application layer firewall which check an entire data. Many firewall technologies are announced over time as security measures change but all perform for one goal. In a nutshell, firewall stops unwelcome traffic from outside network.

Page 19

Information Network [436302]

CABLES COAXIAL Used widely in the past, coaxial is a copper wire covered with jackets. The term coaxial come from co- which means “share” and –axis which means “core”. This cable have one big copper core at the center. The core is protected by layers of jackets or shields. These jackets are made of copper, aluminum, rubber and plastics. They are to protect the wire from being cut and ruptured during work.

DO YOU KNOW? THE BEST WAY TO WASTE A COAXIAL CABLE IS TO LAY IT OUTSIDE WHERE ANYONE CAN GRAB IT. COPPER FETCH GOOD PRICE, MAKING IT A TEMPTING PRAY FOR THIEVES.

Coaxial cable is good at delivering high energy connection thanks to its material, copper. The connection plug will have the copper core exposed. Coaxial cables are popular for cable-TV (RG-6) and video playing devices. However, because of high power energy being transmitted through the wire, strong electromagnetic force will emits from the cable. This cause some noise and interferences problem and is dealt with using one layer of the jacket. The connectors of coaxial cable is called RF (radio frequency) connectors. There are many type of them. One of the most prevalent one is IEC 169-2 standard connector. It is also called PAL connector used for television.

TWISTED PAIR Twisted pair cables is commonly called “LAN cable” because it is used for LAN in most small office/home. When you buy an Internet package from ISP, they give you a modem and a twisted pair cable to connect that modem to your PC. It is that common. Inside the cable, there are 8 smaller cables in different colors. These small cables are twisted together in pairs, making 4 pairs. Twisting is a technique to reduce electromagnetic interference caused by electrical current transmitted through cables’ copper wire. Twisted rate effects amount of noise that occur. There are many twisted pair cables. The most prevalent one seems to be UTP or Unshielded Twisted Pair. As the name suggested, unlike coaxial cables these cables do not have shield. There are shielded version of the cables too.

Page 20

Information Network [436302]

NAME CAT3 CAT4 CAT5

APPLICATION 10BASE-T & 100BASE-T Token Ring 100BASE-TX & 1000BASE-T

CAT5e

100BASE-TX & 1000BASE-T

CAT6

10GBASE-T

DESCRIPTION Top speed 16Mbit/s For token ring, not common Common in LAN, replaced by CAT5e CAT5 with better standard but the same build New UTP, faster than all above. Heavier, not as popular now.

TABLE 1 : UTP LIST

LAN cable or CAT5e is connected using 8P8C or 8 position 8 contact connector. As the name suggested, the connector features 8 copper pins where 8 lines from the UTP cable go into contact with. This connector is commonly referred as RJ45. Do not bother using the name 8P8C too much. Standards for wire arranging for RJ45 are TIA/EIA-568-A and TIA/EIA-568-B. The two essentially the same except that one pair is switched. User can use any of them but both ends of a cable must be the same standard. To wire the cable, all color must be arrange as shown in the table below. T568B is more common but get deprecated in T568C.

Position

1 2 3 4 5 6 7 8

CAT 5e Jacket

T568A

T568B

Normal Green stripe Green Orange stripe Blue Blue stripe Orange Brown Strip Brown

Crossed Orange stripe Orange Green stripe Brown stripe Brown Green Blue Blue stripe

Normal Orange stripe Orange Green stripe Blue Blue stripe Green Brown stripe Brown

Crossed Green stripe Green Orange stripe Brown stripe Brown Orange Blue stripe Blue

TABLE 2: T568A & T568B WIRING

Page 21

Information Network [436302] Table 2 mentions crossed cable. In the past, if a connection going to be between two computers to each other, a special cable must be used. It is called “Patch cable” or “Cross over cable”. This cable is wired differently from normal T568A/B standard but if one side of the patch cable is wired by T568A, the other side must be cross-over for T568A. New implementation of Ethernet connection does not require patch cable anymore. In case you work with an old network NICs and cannot connect two computers using standard cable, try using patch cable.

FIBER OPTIC Fiber optic is the latest and fastest cable technology for data communication. The cable is made of glass, as thin as human hair. Each line of glass act like a tube where light reflected inside. If you point a laser on one end, it will appear on the other end. The important thing to keep in mind when working with fiber optic cables is that they cannot afford to be bend like CAT5e or LAN cables. They are also weak against pulling forces. They are made of glass. If you bend them too much, they break. When they are broken, light cannot deliver information through broken glasses. Cable manufacturer can provide minimum bend radius, so make sure you ask for it when purchase fiber optics.

DEADLY LIGHT HAZARD FROM WORKING WITH FIBER OPTICS       

INVISIBLE LIGHT BURN EYE INVISIBLE GLASS FIBER IN SKIN = INFECTION INVISIBLE GLASS FIBER IN EYES = BLIND INVISIBLE GLASS FIBER IN LUNCH = INTERNAL BLEEDING INVISIBLE GLASS FIBER IN BLOOD VESSEL = DEATH CHEMICAL USED DURING SPLICING IS FLAMABLE WANT MORE? RESEARCH ABOUT IT AND DON’T TRY THIS AT HOME

NO JOKE…SERIOUSLY

There are many connectors for fiber optics. Their differences are in connecting mechanism such as locking or screwing mechanism. For example, SC series (EIA/TIA-568-C standard) offer level lock mechanism while FC series offer screw lock mechanism. The important characteristic is whether they can handle duplex/half-duplex/simplex communication. Fiber optics can be classified into multi-mode fiber and single-mode fiber. Multi-mode fiber has larger core than single-mode fiber. This allow multi-mode fiber to carry more than one light, thus more signals can be sent at once. However, the lights enter multimode fiber dispersed and weakened, lights output on the other side are not as clear as single-mode fiber which possess much smaller core and can carry only one light ray. Page 22

Information Network [436302]

NETWORK TECHNOLOGIES Information network in everyday life run on a few notable standardized technologies. This handout features a few yet most notable of them. Note that most of these technologies are working on layer 1 and 2.

TERMINOLOGY Before learning about the technology, there are a few terminologies that students need to know in order to understand the technologies correctly. Those terms are throughput and bandwidth. T HROUGHPUT

AND BANDWIDTH

Throughput and bandwidth are terminology that could be mistakenly interchanged. Therefore, it is important to understand both of them. They are involved in speed of network connection. Bandwidth is amount of data that can be transmitted through the channel of communication. It can be compared to the size of a pipe. A wider the pipe is, the more water can go through. For computer network, broadband connection provide broader, bigger pipe than dialup connection. Thus, broadband connection provide more bandwidth than dialup connection. Scope of bandwidth is between one device to another, such as from home to ISP. Therefore, it is not the whole internet connection. Throughput is an average rate of successful data delivery through the media on a given time. Unlike bandwidth, throughput is not scoped only from home to ISP. Rather, it concern about one end to another end of connection.

INTERNET 100Mbps

1Gbps 64 KB use 100 ms

FIGURE 9 : EXAMPLE OF BANDWIDTH AND THROUGHPUT COMPARISION

Page 23

Information Network [436302] End to end connection shown in figure 2 does share the same bandwidth. The bandwidths are 1Gbps and 100 Mbps. Time for a 64KB data packet to travel through this connection is 100 millisecond. To calculate throughput, use this equation: đ?&#x2018;&#x2021;â&#x201E;&#x17D;đ?&#x2018;&#x;đ?&#x2018;&#x153;đ?&#x2018;˘đ?&#x2018;&#x201D;â&#x201E;&#x17D;đ?&#x2018;?đ?&#x2018;˘đ?&#x2018;Ą = đ?&#x2018;&#x2021;â&#x201E;&#x17D;đ?&#x2018;&#x;đ?&#x2018;&#x153;đ?&#x2018;˘đ?&#x2018;&#x201D;â&#x201E;&#x17D;đ?&#x2018;?đ?&#x2018;˘đ?&#x2018;Ą =

đ?&#x2018;?đ?&#x2018;&#x2013;đ?&#x2018;Ą đ?&#x2018; đ?&#x2018;&#x2013;đ?&#x2018;§đ?&#x2018;&#x2019; đ?&#x2018;&#x153;đ?&#x2018;&#x201C; đ?&#x2018;&#x2018;đ?&#x2018;&#x17D;đ?&#x2018;Ąđ?&#x2018;&#x17D; đ?&#x2018;Ąđ?&#x2018;&#x2013;đ?&#x2018;&#x161;đ?&#x2018;&#x2019; đ?&#x2018;&#x2013;đ?&#x2018;&#x203A; đ?&#x2018; đ?&#x2018;&#x2019;đ?&#x2018;?đ?&#x2018;&#x153;đ?&#x2018;&#x203A;đ?&#x2018;&#x2018;

(64 Ă&#x2014; 1024) Ă&#x2014; 8 524280 = = 5242800 đ?&#x2018;?đ?&#x2018;?đ?&#x2018; ď&#x201A;ť 5.24 đ?&#x2018;&#x20AC;đ?&#x2018;?đ?&#x2018;?đ?&#x2018; 100 đ?&#x2018;&#x161;đ?&#x2018; 0.1

Note that in figure 2, both ends possess larger bandwidth than calculated throughput. This is normal because we do not know how large bandwidths of the Internet between the nodes are. We only know that latency between two ends are 100 milliseconds. All in all, the last throughput determine by size of data and time it takes to be delivered. This is the reason why broadband connection which advertised for large bandwidth yet cannot deliver files as quickly as it seems. M ULTIPLEXING Multiplexing is a method that mix signals into one signal to be send on one shared medium, such as a cable. The receivers must be able to reverse the multiplexed signal for their own signals. So, both side must know the same multiplexing method, such as time-division multiplexing.

ETHERNET Ethernet is the most prevalent network connection technology in LAN connection. This section shows basic Ethernet standards, frame structure, a way Ethernet use for error detection and a way Ethernet avoid collision of frames. W HAT

E THERNET

This is a question that you can get different answers depending on who you ask. In the nutshell, Ethernet is a technology that ensure data transfer from source to destination. It is not just cables. It includes switches, NICs and other Ethernet compliance devices. Ethernet also include logical way to organize data and way to send it through media. Ethernet has many applications. Some of them run over twisted pair cables while some on fiber optics. This handout do not cover all of them but the most popular ones.

Page 24

Information Network [436302] SOMETHING -BASE- SOMETHING

Ethernet can offer different speed level depends on its standard. The standard by IEEE for Do you know? Ethernet is IEEE 802.3 and in the standard there Mbps is not megabyte per second. are multiple Ethernet standards. Ethernet It is megabit per second standards are named in something-BASEsomething convention. The “BASE” come from baseband which refers to signals that send without being multiplexed or modulated. The prefix number is speed of transmission. The suffix is the medium. For example, 10BASET is a baseband connection which carry data on twisted pair cable at 10Mbps speed. The table below shows a list of some Ethernet baseband standards with their respective speed and media. NAME 10BASE-T 10BASE-F 100BASE-TX 100BASE-T4 100BASE-FX 1000BASE-T 1000BASE-TX 1000BASE-SX 1000BASE-LX 10GBASE-T 10GBASE-SR 10GBASE-LR 10GBASE-ER

SPEED (Mbps) Ethernet 10 10 Fast Ethernet 100 100 100 Gigabit Ethernet 1000 1000 1000 1000 10 Gigabit Ethernet 10000 10000 10000 10000

MEDIA Twisted pair Fiber optic Twisted pair (CAT5 up) Twisted pair (CAT3 up) Fiber optic Twisted pair (CAT5 up) Twisted pair (CAT6 up) Multi-mode fiber optic Single-mode fiber optic Twisted pair (CAT5e up) Multi-mode fiber optic Single-mode fiber optic Single-mode fiber optic

TABLE 3 : LIST OF SOME ETHERNET STANDARDS

Note that some standards which provide similar speed such as 10GBASE-SR, 10GBASELR and 10GBASE-ER are different for their effective range. For example, LR in 10GBASELR stands for “long reach” which provide effective range of 10 kilometers compare to “short reach” (SR) which perform at 400 meters range. ER or “extended reach” can go up to 40 kilometers. The table does not include the faster 100GBASE series.

Page 25

Information Network [436302] E THERNET

FRAME

Data packet on Ethernet network is called Ethernet Frame. This frame structure allows Ethernet network to communicate with great performance and reliability. The frame is constructed as follow: preamble start delimiter destination MAC source MAC EtherType / Length

data

7 octets of 10 to tell devices that a frame is about to start eg. 10101010 10101010 10101010 10101010 10101010 10101010 10101010 1 octet of 10 that end with 11 to tell that frame is start there eg. 10101011 destination address eg. DD:DD:DD:DD:DD:DD Source address eg. SS:SS:SS:SS:SS:SS:SS Protocal of the frame (for Ethernet II) / Length of the frame (IEEE 802.3) eg. 00001000 00000000 (0x800) Data up to 1500 octets

Frame check sequense Error checking values (CRC) 4 octets idle gap

12 octets of nothing to tell devices that frame is ended

FIGURE 10 : ETHERNET FRAME STRUCTURE

CRC CRC or Cyclic redundancy check is a mathematic method used to check if a frame is damaged. If a system check CRC against data and it does not match, system will show CRC error as shown in figure 3. Standard CRCs are 8, 12, 16 and 32 bits.

FIGURE 11 : CRC ERROR IN WINDOWS

CSMA/CD CSMA/CD stands for Carrier Sense Multiple Access / Collision Detection. It is a media access control algorithm Ethernet use to send data frame to its destination. The core procedure is to detect collision in the connection media. Page 26

Information Network [436302]

Make a frame

START

Wait random duration

Media free?

Yes Send 1 bit

Yes Recover?

No END Error

Yes

Collision? No Finish?

Send next bit No

Yes END Success FIGURE 12: CSMA/CD ALGORITHM

In case collision happens, recovery algorithm tries to recover collided frame. It also change waiting interval by exponential which called exponential back-off. Ensuring that next transmission will not cause collision. CSMA/CA Similar to CSMA/CD, Carrier Sense Multiple Access / Collision Avoidance or CSMA/CA is a media access control protocol. CSMA/CA is used for wireless network. Basically, it uses probability to calculate time to transmit packets that will not cause collision in the air. One of the main reason of using CSMA/CA is to avoid hidden node problem. Hidden node problem occur when a weak signal from a node, which cannot transmit strong enough signal, got lost in stronger signals transmitted by stronger node.

Page 27

Information Network [436302]

START

Make a frame Wait random duration

Media free?

Yes Send RTS

CTS ?

Yes Send Data

END

FIGURE 13: CSMA/CA ALGORITHM

Unlike CSMA/CD which transmit data immediately, CSMA/CA perform handshake. Handshake is a method that two side of communication agree that a set of data is going to be send. First, sender send Request To Send (RTS) request. The receiver get RTS and answer with Clear To Send (CTS). Both side must wait for the media to be cleared before transmit these requests. When any nodes receives CTS, they knows a data is being send and they stop transmitting data. Thus, avoid congestion.

Page 28

Information Network [436302]

DSL Ethernet is widely used on LAN, in a small area. ADSL is a technology that connects to longer distance but not as far as it can be fully declared WAN technology. DSL has many prefix such as ADSL, HDSL, VDSL etc. This handout focuses on the most popular for home/small office use, ADSL.

Choosing ADSL

W HAT

Speed: ADSL provider gives two numbers which indicate download and upload speed such as 256/125kbps. Most of the time, download speed exceed upload speed. These number is a maximum speed which does not guarantee that users will use those speeds. Instead, users cannot exceed those speeds.

DSL

DSL stands for Digital Subscriber Line. As the name imply, it carry digital data. It is provided by an ISP which require its customer to subscribe for the service. The line it uses is telephone line. This is one of the reasons why DSL providers are mostly originated from telephone firms (e.g. TOT, True Corp. or 3BB which was part of TT&T). W HAT

ADSL

ADSL is asymmetric DSL. It offer more or less download speed to upload speed. In other words, upload and download is asymmetrical. Apart from an â&#x20AC;&#x153;Aâ&#x20AC;?, it is all DSL service. H OW ADSL

WORKS

ADSL works well if the user is near the provider. It can provide internet over telephone line at maximum distance of 5 kilometers. It came to household users to replace dialup connection. To fully understand ADSL, one should know a bit of dial-up connection too. Dial-up connection is provided by a MODEM. Digital data is modulated to analog signals and send via telephone line. However, due to nature of the technology, when a dial-up connection is on, no telephone call can be send nor received. This is because the connection uses the entire frequency for data which is not effective. Dial-up connection also require exclusive use of resources, therefore a limit was set to disconnect user and force resource sharing.

When choosing for ADSL package, you should consider SPRICE

Price: Compare shopping.

price,

Reliability: The worst internet connection is the connection that failed when you need it the most. Providers do not tell you directly. So, you might want to look for reliability in company reputation. Contract: Seriously read and understand contract before signing it. Make sure you sign what you need. Extra: Freebies, additional service such as static IP and online storage.

ADSL use the same telephone line. However, it does not use all the frequency it has. ADSL use only a portion of the Page 29

Information Network [436302] frequency to transmit voice signal and all that left for data. The bandwidth that telephone line provided is chopped into 4 KHz channels. Voice circuit for telephone service uses only 1 channel. Some channels such as 25 KHz to 160 KHz are used for upstream data transfer, as known as upload. Other channels such as 240 KHz to 1.5 MHz are downstream or download. Some channels between voice and upload and download stream must be left as gaps to avoid noises and errors. For ADSL to work, at home or small office, user will have an ADSL MODEM or router. Telephone line which is connected to the ISP is connected to this device. User then connect their computers to this device using standard Ethernet cables, if their LAN is Ethernet. Another end of the connection, ISP connect users into a DSLAM device which in turn connected to ISP networks before exiting onto the Internet, ultimately enable Internet connection for users.

OTHER WIRED TECHNOLOGIES There are many network technologies that does not included in previous section. These technologies are not in focus of the handout because they are not common for home/small office users. However, they are worth mentioning and hopefully sparks curiosity for students. ISDN Integrated Services Digital Network or ISDN is fairly similar to ADSL from user perspective. It offers broadband high speed internet connection over telephone line. Users can use telephone while using internet connection. However, two technologies are different. ISDN in detail classified into two categories, Basic Rate Interface (BRI) and Primary Rate Interface (PRI). ISDN is circuit-switching connection which accompany a lot of limitations.

Page 30

Information Network [436302] T1 (L EASED

LINE )

Home and office users might not be familiar with T-carriers or more commonly known as T1 connection. It is a WAN technology which handles long distance and high rate of data transmission, mostly used by telecommunication firms. The name stands for Transmission system 1 (T1). Another name of T1 is DS1, Digital Signal 1. Latest version of this technology is T5, or DS5. Since it is mostly used by telecommunication firms, when it is leased for business users, it is sometimes called “leased line”. T1 is a symmetrical connection which means its upload and download speed is similar. By the technology itself, a full T1 connection provide 1.5 Mbps on both download and upload. Advantage of T1 connection is its quality of service. T1 is extremely reliable. If reliability is an issue, T1 is a good choice. This is one of the main reasons telecommunication company use it.

How much does T1 cost? You can get a good 4 Mbps DSL connection to your home for 500 baht (THB). T1, you need 500$ (USD) for 1.5 Mbps, a month. Note that T3 or above can cost dramatically more. Biggest disadvantage of T1 is the cost. T1 is seriously expensive. The cost vary by distance between user site and provider office. Lastly, speed of T1 is limited, rather fixed, at 1.5 Mbps. F RAME R ELAY Frame relay is a long distance non-persistent connection protocol. Non-persistent means this technology can connect one end to multiple ends. Long distance means it is a WAN technology. Frame Relay is a packet switching protocol which does not require dedicate circuit. However, it relies on virtual circuit.

Do you know? The “T” in T1 is not necessarily refer to “transmission”. Other schools said it is for “Time” because T1 use technique called “Time-division Multiplexing”. Another schools said it is “Terrestrial” because it is land transmission media and not to confuse with satellite transmission. You know what? All wrong. Yes, include the one in the main section of this handout. According to Dr. John Pan who work at Bell Labs, creator of T1, the letter “T” is nothing but a running letter. It is said that at 1917 AT&T deployed a transmission system called “A-system”. There you see where it is going. Later, many systems followed include B, C and D. The most successful is L system, especially L1 and L3. However, those are analog system up until the N. After that, many systems are deployed but not with great success. Until the “ T ” comes and kill all other systems. Page 31

Information Network [436302] Frame relay competed with X.25 protocol. X.25 is a rather reliable protocol with good error checking and recovery. Frame relay does have error control measures but not as well as X.25. Frame relay using simpler and faster error checking algorithm. If error is detected in a frame, the frame is dropped. No time spend in recovering error frames. TCP, which handles higher layer transmission, request resent later. Thus, Frame relay is faster. It relies on higher layer for completion of data transmission. Frame relay works by establishing point-to-point connection via virtual circuit through WAN cloud. WAN cloud is a set of connections which Frame relay does not hold control over but the connections guarantee that frames reaches another end. Therefore, Frame relay is usually used to connect LAN to LAN. ATM Asynchronous Transfer Mode or ATM is a high-speed network connection used by Internet Service Provider or ISP. Unlike Ethernet which data is routed through many routers, ATM is point-to-point connection which relies on virtual circuit. It does not handle data in variable length frame. Instead, it use fixed length cells which allow accurate calculation of network performance. ATM uses time-division multiplexing technique which allow it to reach its high speed potential. An advantage of ATM is the distance it can cover, thus make ATM a WAN technology. With ATM, speed as high as 10 Gbps could be achieved on fiber optic cables. However, ATM is more expensive than Ethernet, which is the leading LAN connection. FIOS FiOS is a broadband data communication service on fiber optic cables. The name FiOS belongs to Verizon Corp. FiOS is the best network currently available. It is fast and reliable. Commercial FiOS offers data communication for cable TV, phone and Internet in con connection. The downside of FiOS is the cost, not for the user but for the provider. FiOS requires provider to install fiber optic cables to users’ site. Fiber optics are not already installed like telephone line, which DSL and many other connections use. So, it’s an heavy investment for the provider. Not to mention all authorities who might not allow fiber optic cables to be install on the way to users’ site. Anyway, fiber optic data communication is expanding. New players joined the market. A big one is Google. Google fiber is in experimental phrase. However, it shows that FiOS is an extremely promising network technology to come.

Page 32

Information Network [436302]

WIRELESS TECHNOLOGIES W I -F I Wi-Fi is wireless LAN technology. The term is used interchangeably with WLAN or Wireless LAN. This technology use radio frequency to transmit signals between devices. Unlink previous wired technologies explained previously, Wi-Fi does not guarantee quality-of-service. W HY

IS IT CALLED

W I -F I

Wi-Fi2 can be written as Wifi or WiFi. The actual name of this network technology is IEEE 802.11 which is difficult to remember. One day, Wi-Fi alliance appears. It is a firm that promotes and certify network products if they meet standard for interoperability, such as IEEE 802.11. The name stands for Wireless Fidelity which is also advertising slogan for Wi-Fi alliance. Therefore, IEEE 802.11 is known as Wi-Fi from those days. H OW W I -F I

WORKS

There are many versions of Wi-Fi or 802.11 and each version works differently. Some common features are there too. For example, Wi-Fi communicate using Ethernet Frame. 802.11a uses 5GHz to avoid crowded 2.4 GHz band. Use Orthogonal Frequency Division Multiplexing (OFDM). Resilient to jams and other problems. Also offer high data rate of 54 Mbps, a really fast connection at the time. However, due to high frequency, signals does not go far and hardly penetrate a wall. Complexity in manufacturing also make 802.11a not so popular in the market.

Orthogonal frequency-division multiplexing OFDM basically works by dividing a frequency band into many subcarriers, separated by guard bands. All subcarriers deliver signals simultaneously. With digital signals, guard bands can be thinner, allow faster data transmission. Using Fast Fourier Transform (FFT) mathematical model to turn digital into sine wave and transmit it. The receiver reverses the process to get digital data. Each signal produced orthogonally to reduce interference between subcarriers. For easier understanding, it means each signal tone peak while all other adjacent signals are null.

802.11b uses 2.4 GHz. It is the most popular wireless network during 1999. It uses CSMA/CA to transmit data, 2

This handout use this spelling because word processer does not catch it as misspelling

Page 33

Information Network [436302] compare to OFDM from 802.11a. Technically, it can reach 11Mbps speed but due to method of transmitting data and overhead requirement, users can use only 6Mbps at best. 802.11g is a mix of 802.11a and 802.11b. It uses 2.4GHz band like 802.11b but it uses proven-better OFDM method. This enable it to reach speed of 54 Mbps while can travel for long range and penetrate walls. However, like 802.11b, it suffers interference from other devices that use the same frequency band such as Bluetooth devices and microwaves. 802.11g is compatible with 802.11b which allows them to work together at 802.11b speed. 802.11n is a big jump from 802.11g with speed, theoretically, up to 600Mbps, although practical speed is 150Mbps. A new technique called Multiple Input and Multiple Output (MIMO) is introduced. MIMO basically involves up to four antennas to simultaneously transmit and receive signals. It operates on both 2.4GHz and 5GHz. This is a complex technology that uses Spatial multiplexing, Space-Time coding, Beamforming and a few more techniques which involve some mathematics, which is not focused by this handout. 802.11n is compatible with previous versions. Wi-Fi has more standards such as 802.11y. Many more standards are being develop for better performance or more specific task. H OW

TO SET UP

W I -F I

NETWORK

Wi-Fi setup requires connection between these components. 1. Wi-Fi access point (or Wi-Fi router) 2. Wi-Fi receivers 3. (optional) Internet Connection Commercial Wi-Fi router or access point can work automatically after connected to a power line. Computers can connect to that Wi-Fi using its default network name. Without Internet connection, those computers can communicate with each other within the same Wi-Fi. However, Wi-Fi without Dynamic Host Configuration Protocol or DHCP service, which assign IP address to computers, might not be working correctly. Manual IP configuration can fix the problem. Most broadband internet router has DHCP service available automatically. Therefore, if Wi-Fi network connects to broadband router, Wi-Fi Internet can be used immediately. Wi-Fi router might require some specific initial setup. This can be done by connecting a computer to the router via wired Ethernet. Access the router by default IP address and login with default username/password. Page 34

Information Network [436302] Important settings is service set identifier or SSID. SSID is name of the Wi-Fi network. User see this name when the machine detects it. At this point, Wi-Fi is up and running. However, some configuration could further ensure Wi-Fi operation to go smoothly. Setup wireless security option ensure that the network is not used by someone who should not be using it. Router security is important too. It prevents people from changing router configuration. T HE G S Mobile data communication is developed for a long time. Each period of time is classified as Generation or G. Currently, 3G to 4G is in focus. However, to understand all of them, history of mobile phone generation must be mentioned. Information on each G is summarized in figure 6 and table 2. 0G

1978

1990

2000

2009

FIGURE 14: CELLULAR MOBILE GENERATION TIMELINE

Page 35

Information Network [436302] G 0

Characteristic Analog Manually process calls

Throughput ? (vary by provider)

Note Before 1G, such as mobile radio telephone. Call back to telephony office to be connected via line telephone service.

Example Tech IMTS

Analog Voice signals only

14.4 Kbps (max)

Beginning of mobile communication.

AMPS

Digital Voice & data

14.4 Kbps

Increase simultaneous user (more customer) Not change much in speed

GSM GPRS (2.5G)

Digital Voice & data Packet Switching (full)

500 â&#x20AC;&#x201C; 700 Kbps 1 â&#x20AC;&#x201C; 3 Mbps

Greatly improve mobile communication

CDMA (2000) EDGE UMTS HSPA (3.5G)

> 100 Mbps

Does not defined by standard yet.

Wi-MAX LTE

Broadband3 Digital Data Packet Switching Broadband Exclusively IP based

TABLE 4: CELLULAR MOBILE PHONE COMMUNICATION GENERATION

Table 2 shows characteristic of each generation. Please note that throughput shown in the table is not exact value because each technology provide different rate of throughput. Improved versions of each generation, such as 2.5G or 2.75G, are not included.

Broadband is defined as synonym to wideband in telecommunication technology. Simply put, broadband is a larger communication channel which can transport more data such as phone and internet at the same time. Opposite to baseband or narrow band which allow one message to be transport.

Page 36

Information Network [436302]

OSI & INTERNET MODEL This handout introduce some history of the Internet and its model. The name of the handout is OSI and Internet model but the actual arrangement of the topic is Internet model and OSI model. This is because Internet model is more popular and easier to understand through historical point of view, so the handout arrange the content by time. W HY

ARE THEY IMPORTANT

Importance of network models such as OSI model and Internet model lies in interoperability. Without a common model, computers cannot communicate to each other. Compare to human, it is like living without a common language. The model is not exactly the language but the structure of languages. Network models outline something similar to “a sentence must contain at least a verb”. The models outline that if two computers going to communicate, let’s give them IP address so no one confuse which is which. Therefore, if a network does not work properly, network models help troubleshooting process. It also helps designing network communication protocols. It also helps analyzing network structure for educational purposes.

INTERNET MODEL The Internet model is also called TCP/IP model. It is the most widespread model for computer networks. As the name imply, it is the core of the Internet. H ISTORY In 1957, there were a war, cold war. America and Soviet Union fights for superiorities in nuclear, space and other technologies. Soviet Union successfully send Sputnik 1, the first unmanned satellite in to orbit. America, losing the leading edge, found a Defense Advance Research Project Agency or DARPA in the next year. DARPA is the place where scientist works to ensure American’s leading edge on technologies, defense technologies in particular. DARPA saw redundancy in American researches. At that time, knowledge is exchanged via classes, documents and books. DARPA planned a network which connects research institutes to overcome redundancy and speed up knowledge development. This network is called ARPANET. The core of ARPANET is Transmission Control Protocol or TCP which uniqueness is acknowledge mechanism. TCP controls that receiver must reply to the sender after all data is received. Guarantee that all transmission is completed. Page 37

Information Network [436302] At the same time, nuclear arm race provoke another path on network development. Cuba nuclear crisis made the USA realized that centralized computer system is vulnerable to atomic weapon attack. If a nuclear bomb explode, a tremendous amount of electromagnetic interferences will occur, impaired communications. Such attacks on a computer center will render all computers in the network useless. Therefore, distributed computer system is developed. Along with it, routing protocols, which allows data to reach its destination via many nodes, is also developed. In the UK, a similar computer network is developed for commercial purposes. The National Physical Laboratory made NPL network. NPL network is designed for business users. Large files are transferred and congestion is often. To avoid such problem, NPL develop a method of slicing large file into smaller fragments which is reconstructed at the destination. Combined with distributed network which allow fragments to travel on many routers and end up at the same destination, a packet switching is invented. Lastly, in France, a network called Cyclades for scientific research was developed. Cyclades obtained less fund compared to ARPANET. This resulted in limited connection. Cyclades got around funding problem by focusing on connection between small scale networks. Inter-connecting-networks Cyclades gave the Internet its name. It was also implemented that intermediate devices between communications were not to interfere with the communication. Intermediate devices in Cyclades were to act as transfer nodes, relay messages toward its destination. This enable connection between networks with different software. All four networks combined, the concept of the internet is basically completed. However, computer networks then connect gateways to gateways, networks to networks â&#x20AC;&#x201C; not computers to computers. This is when the International Standard Organization published Open System Interconnection or OSI model. TCP then incorporated OSI models concept and developed into TCP/IP protocol. TCP/IP guarantee compatibility over different networks. That point marks the beginning of the modern day Internet.

Page 38

Information Network [436302] A RCHITECTURE Application

Application

Transport

Internet

The Internet model separates network communication into four layers although some school teaches differently and offer it in five layers. All the same, each layer performs specific set of tasks in order to enable end-to-end connection. Four layers include Application, Transport, Internet and Network Interface layer.

When computers communicate using TCP/IP protocol suite, which implemented Internet model, data is processed from Application layer down to the network interface layer. The network interface layer transmits signals to their FIGURE 15: INTERNET MODEL ARCHITECTURE destination where data is processed from network interface layer up to application layer, mimicking that application layer communicate with another application layer directly. Interface

Interface

In case inter-network connection is required to send messages, data is transmitted to default gateway. The gateway router opens the packet up to Internet layer to determine its route, based on Internet Protocol or IP Address, and transmit it accordingly.

OPEN SYSTEM INTERCONNECTION MODEL H ISTORY Upon development of the Internet, ISO developed OSI references model in an attempt to standardize Open System Interconnection protocol suite. However, OSI protocol suite is not commercially successful. The Internet protocol wins the race. However, OSI model is widely used for troubleshooting network problems and for IT professional education. OSI model is the first successful model to establish connection in a way that a connection is divided into layers and each layer communicate with each other.

Page 39

Information Network [436302] A RCHITECTURE OSI model define network connection tasks into 7 layers. Application

Application

Presentatio n

Session

Transport

Network

Datalink

Physical

FIGURE 16: OSI MODEL ARCHITECHTURE

TIPS: OSI model layers can be easily memorized by, All-People-Seems-To-Need-Data-Processing

OSI model has seven layers. The structure is shown in figure 2. It operates in the same way Internet model does. Application layer send information down the path. Each layer add their header, or transmission information, into the packet. When the packet reached the destination, it is send upward to receiverâ&#x20AC;&#x2122;s application layer. It is important in communication context to know that the first layer in OSI model is physical layer, not application layer.

Hardware such as switch and router are sometimes referred by layer. For example, a switch is working with MAC address which reside in OSI layer 2, datalink. Therefore, it is called layer 2 switch. A router, on the other hand, work with IP which belongs to network layer. It is called layer 3 switch.

Page 40

Information Network [436302]

APPLICATION LAYER Application layer handles user interaction with information network. User interacts with this layer via web browser and other applications. A lot of protocols can be classified into this layer because it involve user experiences on software products. This handout introduce a portion of the protocols which are commonly seen in computer networking. Application layer protocols are mostly understandable by human because it handles human-machine interaction. However, only a portion of them featured in Graphic User Interface or GUI. Some are command line such as Telnet which handles remote login.

NAME HTTP SMTP POP IMAP FTP SSH IRC BIT TORRENT DHCP DNS SNMP

PORT 80 25 110 143 20, 21 22 194 6888+ 67, 68 53 161

TASK Web browsing Send email Download email Synchronize email File Transfer Command Chat File Sharing Network control Network control Network control

TABLE 5: APPLICATION LAYER PROTOCOLS SUMMARY NOTE THAT BIT TORRENT USE MANY PORTS

A summary of each protocol and what they do is provided in table 1.

HTTP & HTTPS request

HyperText Transfer Protocol or HTTP and its secured version or HTTPS are one of the most important protocols for the Internet. HTTP brings webs. HTTP works in request & respond model, demonstrated in figure 3. The client, or userâ&#x20AC;&#x2122;s computer, send HTTP request to server. The request is processed by the server. The server then response to client requests accordingly. Request and response are demonstrated in table 2.

CLIENT

SERVER response

FIGURE 17: REQUEST & RESPONSE MODEL

Page 41

Information Network [436302] REQUEST

RESPONSE

text/html, application/xhtml+xml, application/xml;q=0.9,*/*;q=0.8 Accept-Encoding gzip, deflate Accept-Language en-US,en;q=0.5 Content-Length 109 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Host plus.google.com Origin https://www.google.co.th Referer https://www.google.co.th/ User-Agent Mozilla/5.0 (Windows NT 6.1; rv:20.0) Gecko/20100101 Firefox/20.0

Cache-Control Content-Encoding Content-Type Date Expires Server X-Firefox-Spdy X-Frame-Options x-xss-protection

private, max-age=0 gzip text/html; charset=UTF-8 Tue, 30 Apr 2013 08:17:29 GMT -1 gws 3 SAMEORIGIN 1; mode=block

TABLE 6: HTTP REQUEST AND RESPONSE

Requests usually included the server URL, requesting contents and their formats, user application which going to read those files, file length and language. Programmers might specify some properties of a request. The most common specification is the method that client use to communicate with server. These methods are GET and POST. In short, GET is a request which attributes and variables are shown in the request and thus shown in address bar. POST, on the other hand, does not show variables in the address bar. The server replies to clients request with requested files. Information in response usually includes the type of response in number such as 404 not found. Content encoding, content type and date/time that the server process the request are send back too. Programmers can specify certain responses too. HTTP Secure or HTTPS is an enhanced HTTP. It uses port 443 which is different port 80 by HTTP. To use HTTPS, user must specify at the beginning of URL. Although HTTPS is slower than HTTP, it implemented security measures against eavesdropping and other hacking techniques.

SMTP Simple Mail Transfer Protocol or SMTP is a part of email system. STMP sends email across IP networks. By standard, it works on port 25 but programmers can set the program to use other ports. It is text-based protocol, so originally it cannot send pictures but links to pictures can be send. It is also a connection oriented protocol which means connection between SMTP servers must be established for emails to be send. In commercial applications, such as Microsoft Outlook, SMTP server is known as Outgoing server. User must set SMTP server address before an email can be send. Applications usually ask for this setting during email setup process.

Page 42

Information Network [436302]

POP3

SMTP

receiver

sender SMTP server A

SMTP server B

FIGURE 18: SMTP PROCESS (WITH POP3)

SMTP is called simple because it can process only a set of simple commands, originated from command line. Some commands are described in table 3. Users can use EHLO command at the beginning of a connection to enable extended mode of SMTP which allows more complex functionalities.

POP AND IMAP

Command HELO EHLO MAIL FROM RCPT TO DATA RSET QUIT HELP

Task User respond to server request enhance mode Sender email Receiver email Start typing email Reset the email Exit SMTP Get help message

TABLE 7: SMTP COMMANDS

Post Office Protocol or POP is an email retrieval protocol. It gets email from SMTP server to userâ&#x20AC;&#x2122;s client, removing email on the server. The current standard for POP is version 3 or POP3. Usually, user does not use POP3 directly. Email client programs such as Microsoft Outlook operate using POP3 protocol to retrieve emails from email server. In commercial application, POP3 server is known as Incoming server. Internet Message Access Protocol or IMAP is another email retrieval protocol. However, IMAP does not perform only retrieval. It synchronize both ends of user emails. In essence, IMAP does not download and store email on user clients. It creates a copy, also known as cache, in user client while the original email is stored in the server. In commercial applications, IMAP is also called Incoming server. User must choose between IMAP and POP3. If user uses only one email and use only one email client, POP3 is a good choice because all emails are stored in the client. No email left on the server. When the user delete an email, the email gone for good. However, if the user uses more than one device, IMAP is a better solution because user do not have to manually remove emails in all devices. The two protocols are compared in table 4.

Page 43

Information Network [436302]

Task Assume content When retrieve email Speed Connection Complexity Multiple mailbox on server

POP3 ASCII Remove from server, store in client Faster Only for download Simple IMAP4

IMAP MIME Store in server, cache in client Slower Keep alive until inactive Complex None

TABLE 8: POP3 VS IMAP

FTP File Transfer Protocol or FTP is a protocol for file transfer from a client to a server and vice versa. It uses port 20 for data transfer while uses port 21 for control. Common functionality of FTP is to upload website from local, client computer, to server. User can also use FTP in browser application. However, user cannot upload anything using web browser to access FTP. FTP requires authentication. User must enter username and password to use FTP. However, some FTP server allow anonymous access. It is a common knowledge that default username and password for anonymous user is both [anonymous]. IT personnel is strongly advised to turn off anonymous user if it is not necessary.

SSH

Do you know? FTP can also be used from windows command prompt by type ftp and enter. Mozilla.org hosts a ftp server for users to download Firefox.

Secure shell or SSH is a protocol for secured data communication. It operates using public/private keys. This protocol is used to remote control on Linux server using port 22. Keys, in a nut shell SSH use asymmetric keys. One key is used for encrypt, another key for decrypt. These keys create secure channel for SSH.

SSH requires SSH server to be installed in the target machine. If the client side is not running Linux, users should install a terminal emulator which simulate Linux shell in their computer. Three principles of SSH are host identification, encryption and authentication. Host identification is to prove that the remote computer is the expected one. Encryption is to secure data communication. Authentication is for a user to prove their role, and its rights to perform some operations, on the server. Page 44

Information Network [436302]

IRC Internet Relay Chat or IRC is a protocol for instant text messaging. IRC is designed for group conversation by default. However, user can use private message for one-on-one conversation. IRC is accessed using IRC application.

BIT TORRENT Bit torrent is designed for peer-to-peer file sharing. It is used for big set of data which could be many files. Its designer Bram Cohen designed it in 2001 before commonly available in 2008. Although bit torrent is notorious for piracy usage, it is also used by big corporations to distribute files to user community. It is estimated that bit torrent is responsible for more than half overall internet traffic. Local network administrator should keep in mind that bit torrent can and will take all network traffic if it is not well regulated. Original file sharing method is via server/client model. The server hosts a file. Clients request the file and server responds by sending a copy of the file to each client. Problem occurs when a lot of client requesting for a big file on one server. Server can only send the file through its bandwidth restricted by connection media. Therefore, more client equals less speed. Bit torrent reverse the case. It is faster if more people downloading the same file. Bit torrent consisted of two type of users. The first one is seeder. The seeder is a user who hold a complete file. Seeder wants to share the file to the community so seeder publish a torrent file. Torrent file includes information about the shared file and trackers. People who want the file download this torrent file and use bit torrent client to download it. These people are the second type of user called peer or leecher.

FIGURE 19: TYPICAL DOWNLOAD

When a peer run torrent file, the client connects FIGURE 20: BIT TORRENT DOWNLOAD to trackers. A tracker is a computer which (DASH ARROW TO TRACKER) coordinate sharing. It stores data on who has an active torrent file, information on how complete the file is and how to connect to the host. The client starts downloading from any users who have pieces of the file that the Page 45

Information Network [436302] client is yet to have. While downloading, the client also share those pieces of file. Thus, create a network of file sharing which every user can be source.

DHCP Dynamic Host Configuration Protocol or DHCP is a protocol for IP address configuration. IP address can be configured manually. However, there are many problems if every user configure their own IP addresses such as IP conflict, which is a situation that more than one computer using the same IP address. DHCP ensure that IP address are well regulated without user manual process. When a computer connect to a network, it does not have IP address to use in the network yet. If network setting in the computer is set to use DHCP, the computer broadcasts for IP address. DHCP server gets the request and reply with its available IP address. The client then configure its IP address as instructed by DHCP server.

DNS Domain name service or DNS translates domain name into IP address. The Internet works on IP address but users work on domain name because domain name is easier to remember. Basically, when user visits a website via domain name such as www.google.com, computer must resolve the domain name into IP address before actual communication can happen. DNS do just that. To understand DNS, it is important to know structure of domain name. Domain name structure is shown in figure 7.

3rd level or sub

2nd level

Top level

Category

Country code

FIGURE 21: DOMAIN NAME STRUCTURE

Page 46

Information Network [436302] DNS start from top level domain which is the last part of domain name. For www.su.ac.th, it is “th”. DNS client contacts the root of domain name space for DNS which can direct it to “th” domain and goes by that suggestion. It then goes up a level until it reaches the destination, end of all sub domain. Domain name space is shown in figure 8.

SNMP Simply Network Management Protocol or SNMP is a network management protocol. SNMP allows network administrator to inspect devices status and fix/prevent network problems.

FIGURE 22: DOMAIN NAME SPACE HTTP://EN.WIKIPEDIA.ORG/WIKI/FILE:DOMAIN_NAME_SPACE.SVG

SNMP require some setup before it can operate. First, SNMP management server is set up. Second, SNMP agent must be setup in every network device. At this point, SNMP is working. Administrator can see status of every device, which has an agent installed, from management computer. When information of the network is requested in network management application, SNMP management sends of a request to all agents. Agents then respond with information regard the device it is installed on. Lastly, a Trap can be setup in each agent. A trap is a program which alert SNMP management if a criteria has been met. For example, administrator could configure a trap to alert the management console if CPU fan stop spinning or CPU temperature is too high. 

Page 47

Information Network [436302]

PRESENTATION LAYER Presentation layer is the 6th layer of OSI model. Basically, it works on data presentation which involve data compression, conversion, encryption and translation. Compared to application layer, presentation layer acts like an operating system which run the applications.

TRANSLATION Computer data is basically an array of binary code. Software knows how to decode it and represent it in a way human can understand. This is translation task for presentation layer to perform. Internet users might had encountered encoding problems shown in figure 1. This is an error from presentation layer. Common encodings people use are ASCII and Unicode.

FIGURE 23: WRONG ENCODING

ASCII American Standard Code for Information Interchange or ASCII is an encoding standard for English language, invented and used in the USA and across the Internet. U NICODE Unicode is a family of encoding standard which used for all languages includes Chinese characters. UTF-8 is one of the most common encoding for webpages and files.

Page 48

Information Network [436302]

DATA COMPRESSION Computer data can be translated into human readable data. However, computer data is long, too long for practical use. Therefore, a large data is compressed to a smaller file with the least degradation. This process is called Data Compression. It is an important aspect of many file types such as video, audio and image. There are many compression methods. Some file types are compressed using certain methods. Some contain compression information in the header of the files. For users to access the content in the files, they need codec. Codec is a piece of software which reverse compression of data, decode it into original content. Common compression on the internet can be seen in files such as JPEG and GIF. These images take less space than bitmap image. However, JPEG is smaller than GIF if it is a complex image like photograph. GIF is smaller if it shows less color variation. This is because these compression methods work differently, each of its own advantages.

CONVERSION Data conversion ensure compatibility between different systems. Computer systems are built in many different standards. Each standard has its own way of communication and data formatting. This can create problem when computers from different manufacturer interact with each other in computer network. Data conversion is needed to ensure that message from Microsoft Windows appears in the same fashion on OS X or Linux.

ENCRYPTION/DECRYPTION Communication across the Internet can be risky because data travels through many devices. Hackers could wiretapping any part of the Internet and steal information. Therefore, secret information, such as credit card number or password, must be encrypted. This prevent hackers from seeing the information without cracking the code. Strong encryption is easy to encrypt but difficult to decrypt without a certain piece of additional information.

Page 49

Information Network [436302]

SESSION LAYER Session layer defines the way to start, maintain and end a communication. It exists to ensure integrity of communication. For example, if a user wants to transfer money from his account to his friend’s account, session must be establish to ensure integrity. If his transfer command reaches the server, money is withdrew and then network crashes. Session service reverse the entire transaction. Without session, the money would have been withdrew without being deposit into destination account.

SERVICES A session is established at the beginning of a communication between computers. The session is terminated when either communication is completed or interrupted. Session time-out is a common interruption in network communication. Programmers can specify what to do when session error occurs base on system requirements. Session layer provides services that necessary for maintaining integrity of a communication. These services are authentication and authorization. Session restoration is also featured in this layer but it is not as well defined as authentication and authorization services.

Upper Layer The three last layers (7, 6, and 5) of the OSI model is also called the “Upper Layer”. Programmers work on these layers. The lower layers (from 4 to 1) is usually worked by network specialist. Except, probably, the first layer or physical layer which could be handled by network staffs, laying cables. In short, one can say the upper layers make sure that programs work correctly while the lower layers make sure that the network works correctly.

A UTHENTICATION Authentication is a process to confirm identity of a user or a computer. This process is delicate and can involve multiple security measures which might be unknown to the user. Basically, authentication process proves identity by ownership, knowledge and inherence factors. Ownership factor is something user has in possession. It can be an object or a piece of program file. For example, some security protocols use security token, a small data which indicate ownership. This factor can identify that the computer in communication is the right one. Knowledge factor is information that user knows such as password or pin code. Answer to the question in password recovery mode from many email providers fit this category too. This factor can identify that the person using the computer is the right person. Page 50

Information Network [436302] Inherence factor is biological information that can prove the identity of a user. This factor includes but not limited to finger print, facial feature and DNA sequence. This factor is excellence identification for user because it cannot be forgotten and usually unchanged. After authentication is completed, user is in the system. Session layer maintain that connection, allow user to interact with the system without having to enter password on every action. However, user should not be able to see information which belongs to other users. This is where authorization comes in. A UTHORIZATION Authorization is a process that check userâ&#x20AC;&#x2122;s rights and privilege on the system. For example, a modulator can ban forum posts in his forum but cannot ban posts in otherâ&#x20AC;&#x2122;s forum. An administrator can restrict common user from doing things but common user cannot restrict administrator. Authorization process is different from system to system. Programmer can also specify authorization process. However, OSI model documentation provide a guideline on authorization which allow compatibility between different networks.

Do you know how Windows and Linux perform authorization? How are they different? How can they work together in the same network?

COMMUNICATION MODE Communication controls can be categorized into three modes, simplex, half-duplex and full-duplex communication. Note that these modes can run only with hardware support. Each mode has its advantages and limitations. SIMPLEX allows one-way communication at all time. Example of this communication mode is a computer mouse which only inputs into computer and never receive command from the computer. Garage door remote control is another example of simplex communication.

Page 51

Information Network [436302] H ALF -D UPLEX allows two-way communication but only one side at a time. For example, a communication radio or walkie-talkie like those polices use. The devices allow user to communicate one-by-one. After one side finish talking, a call sign “Over” must be declared. The other heard call sign “Over” can start talking. F ULL DUPLEX allows both side to communicate simultaneously. VDO conference is an example of this mode. Telephone is also a full duplex communication. Sometimes hardware and communication channel do not allow duplex communication. In this case, session layer might emulate duplex environment using a number of techniques such as multiplexing. Multiplexing signals to create duplex communication is called duplexing.

Page 52

Information Network [436302]

TRANSPORT LAYER Transport (4th) layer is a dedicate layer in both OSI and Internet model. This is because it performs dedicated tasks and deserves to be separated as a layer. Basically, transport layer ensure data transportation to be completed. This handout outline how it makes possible.

TRANSPORT (TCP & UDP) Transport layer is responsible for all transportation of upper layer data. When a user works on applications, data from those applications go through presentation and session layer down to transport layer. Transport layer make sure that all data reaches the other side according to application being responsible for the data. Communication must be in correct sequence and act upon the rate both side agree to agree upon. For example, VDO conference communication must be handled by VDO conference on the destination machine, the VDO sequence must be correctly arranged and play at configured frame rate. To ensure transportation of data, transport layer perform data segmentation, connection establishment, multiplexing, flow control and provide reliability in data delivery. D ATA

SEGMENTATION

Data from the upper layers is too big to be send to other computer in its original form. Also, there are many applications running on the upper layers. Transport layer receives all data from those applications. It cut those data into smaller segments and put a header on them. Header is different from protocol to protocol. For example, TCP header could be 20 to 60 bytes while UDP header is 8 bytes. Role of the header is to make sure that transport layer on destination machine can put all segments back to its original content. Transmission Control Protocol or TCP has Protocol Data Unit or PDU is a data bigger header than User Datagram Protocol or unit of a particular protocol. Multiple UDP. This is because they work differently and PDU combined reconstruct the serve different purposes. TCP aims for original data from the upper layers. accurate delivery. It do not send incomplete data to the upper layers, thus create lagging experience if PDU is delayed. UDP, on the other hand, does not wait for delayed PDU. It drops delayed packets and requests retransmission. Other protocols handle PDU differently, according to their purposes.

Page 53

Information Network [436302] TCP and UDP are the most used protocol. Sometimes, error in the header of these protocol creates error in user application. Therefore, it is important for troubleshooter to know the structure of these PDU. First, let’s see the overall PDU from top down.

Application Hello Presentation Hello

ASCII Session (S) ASCII

Session (eg. Alive)

Hello

Transport Session

Port

MAC

ASCII

Hello

Port

Network Alive

ASCII

Hello

Data Link Alive

ASCII

Hello

Physical electric / optic FIGURE 24: OVERALL PDU FROM TOP-DOWN PERSPECTIVE

Figure 1 shows data from a machine which require network communication. When data travel to another layer, the layer add its header to the data. Once the data reaches the destination, headers are removed by designated layer. By the time it reaches application layer, the word “Hello” is ready to be displayed. In transport layer, figure 1 shows TCP which means it uses TCP header. Figure 2 shows structure of a TCP header (Kurose & Ross, 2008). Figure 3 shows TCP header in network analysis tool called Wireshark. Figure 4 is a structure of UDP header (Kurose & Ross, 2008). Figure 5 is UDP header in Wireshark.

Page 54

Information Network [436302]

Urgent data pointer

FIGURE 25: TCP HEADER STRUCTURE

For upper layer Raw value

FIGURE 26: TCP HEADER IN WIRESHARK

Page 55

Information Network [436302]

FIGURE 27: UDP HEADER STRUCTURE

Raw value For upper layer FIGURE 28: UDP HEADER IN WIRESHARK

C ONNECTION

ESTABLISHMENT

Connection oriented protocol like TCP require connection link to be established between communicators. Thus, TCP has a longer header than UDP and can take longer time to operate. Connection is important for TCP because it allows both side to agree upon connection variables such as security measures and other reliability assurance. With connection, the receiver knows a number of PDU it is going to receive, thus ensure accurate data delivery. Page 56

Information Network [436302] TCP uses handshake mechanism, also known as 3-way handshake, to establish connection between two computers. This mechanism is illustrated in figure 6.

wait

Time line FIGURE 29: TCP 3-WAY HANDSHAKE AND DATA TRANSFER

In TCP, sequence number is used to identify process. If a client send SYNC with sequence number [0], the server will respond SYNC - ACK with the sequence number + 1 (incremented by one), thus send SYNC - ACK [1]. The client then send an ACK in the same fashion. This goes on until connection is terminated. This is marked by arrows in figure 6. Sequence number can be seen as a request that the destination requests an action from the source. SYNC-ACK [1] can be translated into â&#x20AC;&#x153;Acknowledged (your sequence 0), waiting for your sequence 1â&#x20AC;?. Page 57

Information Network [436302] Compare to UDP which does not feature this mechanism, UDP uses best-afford technique. Best-afford is a fancy way to say â&#x20AC;&#x153;Send and prayâ&#x20AC;? because UDP sends data into the medium and finish. This is why UDP is an unreliable protocol. Note that unreliable protocol is not a bad protocol. It is good for some functions.

For better understanding about UDP, try making a diagram like figure 6 explaining UDP communication. Check your answer from a textbook or the Internet (if you choose the Internet, confirm it with your instructor).

M ULTIPLEXING Many applications send many different data. Once the data is segmented, transport layer must send all of those data on the same medium. TCP and UDP do this by using source and destination port. However, OSI protocol suite, which is not as successful as TCP/IP suite except its conceptual OSI model, put multiplexing service in session layer. F LOW

CONTROL

Computer in communication might run at a different speed. Their memories might be different too. These possibilities create a problem called buffer overflow, also known as buffer overrun. This problem is occurred when a computer with less processing power and/or less memories become overrun by a faster one sending too much data at it. Another problem occurs in other way around. Buffer underrun happens when network connection is slower than the speed that machines can process. This situation causes computers to wait for data from another computer to reach it, fill its buffer before process the data. This is where a process of flow control comes in. In order for two computers to communicate efficiently, control of data flow must be established. TCP handshakes exchange buffer sizes between two computers. Buffer size is shown in figure 3 in the name window size buffer or window buffer. R ELIABILITY Network communication, like all computer data, is vulnerable to some kind of error such as bit rot where a bit of data changed by decaying storage media. Noises or electromagnetic interference also causes error in data communication. Packets might be loss completely. Reliability is important because of these problems. Transport layer protocol has to ensure data transportation. To make sure that the data reaches the destination is the same data which had been send by the source, a checksum is added to the PDU. After checking for error, the layer also reply ACK if the packet seems to be correct. Page 58

Information Network [436302] Checksum is a small piece of data or datum, singularity of data, which is added to the data for error checking process. It is similar to an ID card with a picture of the person it belongs to. When a guard stop a person and ask for ID, the person hand over the ID and the guard see if the photo and the person matches. In computer sense, a packet of data also carry a checksum. When packet reaches destination, error checking process see the checksum and calculate it against the data. If the checksum checks positive, the packet is not corrupted. There are many checksum and/or error checking algorithms. Usually, a checksum Question for thought is an alpha-numeric value created by Why this handout says MD5 is not perfect? checksum function. Checksum function is What is the problem? related to hash function which is a Is SHA1 better? Or is it worse? function that cut and mix things to make Are there anything better than these two? them into a fixed length value. An example of checksum is MD5. Although it is not perfect and has some vulnerability, it demonstrates how checksum works. Table 1 shows a MD5 checksum along SHA1, which is another checksum algorithm. Please note that SHA1 is another checksum standard which is now outdated by SHA2. TABLE 9: MD5 AND SHA1 CHECKSUM

Input abc Abc abc Abc

Checksum ALG MD5 MD5 SHA1 SHA1

Output (checksum) 900150983cd24fb0d6963f7d28e17f72 35593b7ce5020eae3ca68fd5b6f3e031 a9993e364706816aba3e25717850c26c9cd0d89d 915858afa2278f25527f192038108346164b47f2

In conclusion, transport layer provide means of data transportation. UDP and TCP is the most used protocol in the Internet. Transport layer performs data segmentation. It provide connection establishment for connection-oriented protocol. It provides multiplexing functionality and flow control mechanism. It also ensure reliability on network communication.

Page 59

Information Network [436302]

NETWORK LAYER Network (3rd) layer is a dedicate layer in both OSI and Internet model. Similar to transport layer, network layer perform dedicated tasks so unique it cannot be mixed into any other layer. The most important task is to route packets to its destination between networks. Put emphasis on â&#x20AC;&#x153;between networksâ&#x20AC;? with an S.

NETWORK LAYER SERVICES Layer 3 or network layer is responsible for data delivery across multiple networks. Most used network layer protocol is called Internet Protocol or IP. Internet Protocol is a packet switching protocol using best afford mechanism. It features a logical, aka. not real, address called IP address along with routing protocol such as Address Resolution Protocol. It also provide error handling mechanism. All is accomplished in the same fashion as other layers, by data encapsulation by appending headers. This section explain and introduce network layer and its functionalities includes logical address, data encapsulation, routing, data fragmentation and error handling.

LOGICAL ADDRESS (IP) Logical address is assigned to a machine to represent it in the Internet. It is not a real unchangeable address like MAC address. Logical address can be changed easily. In Internet Protocol, such address is called IP address. It is a crucial element in routing data it the destination and back to the source. From a user perspective, all things relate to IP address is done automatically, for example, by DHCP. However, advance user can modify the setting to fit their needs. IP has a long history. Currently the most used IP is IP version 4 or IPv4. However, IPv4 cannot cope with our expanding Internet user. It cannot give enough address for future network devices. Therefore, version 6 or IPv6 is introduced to replace IPv4. IP V 4 IPv4 is a 32bit address. It is a set of 32 binary digits (0 or 1). Organized into 4 octets of decimal number with a dot between two octets. IPv4 supply the world with 232 (roughly 4.29 billion) addresses.

Page 60

Information Network [436302] It is important for network specialist to understand structure of IP address. Sometimes network problems can be related to IP address. Table 1 shows IP address in decimal and binary. TABLE 10: IP ADDRESS IN DECIMAL AND BINARY

DECIMAL BINARY

1ST OCTET 192 11000000

2ND OCTET 168 10101000

3RD OCTET 1 00000001

4TH OCTET 123 01111011

Currently, IP address is used by classless routing protocol. However, it used to be classful. The difference is in network prefix, a part of IP address that determine network boundary. In the past, there are an attempt to segment the Internet into smaller networks. To do this, Classful routing is invented. IP addresses are separated into classes from A to E. Each class is determined by the leading bits of binary. For example, class A IP address must has its first digit set to 0. Class B has its first digit set to 10. Network ID is assigned using the entire octet of digits, except the digits taken for network prefix. Class A gets 1 octet and class B gets 2 octets while class C gets 3 octets. Figure 1 shows class A to C IP address structures.

Network ID

Host ID

01111111 . 00000000 . 00000000 . 00000001 127

Prefix class A Network ID

Host ID

10101100 . 00011011 . 10010010 . 01001110 172

146

Prefix class B Network ID

Host ID

11000000 . 10101000 . 00000001 . 00000001 192

168

Prefix class C Each class is assigned to specific FIGURE 30: NETWORK ADDRESS IN CLASSES organizations depends on its needs. Class A addresses are assigned by International Assigned Numbers Authority or IANA. This class is for multi-national cooperation. Class B addresses are assigned for ISP or other big institutes like big university. Class C addresses are assigned for small size networks. IP address in household LAN is usually set to this class as default IP for home-use router is 192.168.1.1 or 192.168.0.1. Class D is for multicast purpose. Multicast is a service which a network device sent data for a specific group of devices. Unlike broadcasting which everyone on the network gets Page 61

Information Network [436302] the traffic, multicast send to only specific group. The device which initiate multicasting also send out a single line of traffic and network device replicate that data for its multiple destination. Therefore, it is useful for subscription VDO feed and other similar services. Class E is reserved for experimental purposes. IP classes are listed with available number of networks and hosts in table 2. TABLE 11: IP ADDRESS CLASSES

Class A B C D E

Leading bits 0 10 110 1110 1111

Network ID 1st octet 2 octets 3 octets Undefined Undefined

Available network 27 214 221 Undefined Undefined

Available addresses 224 216 224 Undefined Undefined

Start IP

End IP

0.0.0.0 128.0.0.0 192.0.0.0 224.0.0.0 240.0.0.0

127.255.255.255 191.255.255.255 223.255.255.255 239.255.255.255 255.255.255.255

It is important to note that there is a network in Class A address that perform a special task called loop-back. Calling that network result in calling upon the machine itself. This address is also called “Localhost” at 127.x.x.x, most memorable 127.0.0.1. Why does classful network fell out of use? Try to figure it out before checking the answer. ANSWER:

Using classful addresses, network cannot scale efficiently because network ID is fixed and predetermined. Private users are not allowed to configure their own sub network. This problem occurred when a user wants to make a network for 5 hosts but the smallest available class assigned 254 hosts (28 minus broadcast and network address), thus wastes 249 addresses.

Another special address is the last number of host ID such as 192.168.0.255 for network 192.168.0.0. The 255th host of the network is called broadcast address which relay data to all hosts in the network. On the other hand, the 0 host or 192.169.0.0 is not a computer. This is called a network address. Network address is used by router to call on the network itself. Thus, there should be no host with IP “127.x.x.x” or “x.x.x.0” or with broadcast IP in any network at all.

Classful networking is no longer practical. However, classful address is still used by network specialists. This allow old network devices which operate on classful networking architecture to work with classless network. Classless network allows users to design their own network ID using a set of number called Subnet Mask.

Scalability and address wasting. Page 62

Information Network [436302] S UBNET

MASK .

In classful networking, users cannot design their own network ID. Classless network allows so using subnet mask. Subnet mask looks link IP address with 4 decimal values with dot in between. However, to understand how subnet mask works, one must looks into its binary value. Subnet mask specify network ID. Network ID represent a network, like a name of a group. Number which come after network ID is called host number, or the number represent that specific machine. Subnet mask in binary separate network ID from host ID. The digit that assigned in the mask with “1” is network ID. The number that assigned with “0” is host address. Table 3 shows network masks. Color is projected to show masking process which subnet mask uses 1 to mask network ID (marked with red) from host ID (marked with green). The second example in the table shows subnetting which does not use an entire octet. Try to figure out how many hosts can that network support. TABLE 12: SUBNET MASK WITH COLOR MARKING (RED IS NETWORK ID, GREEN IS HOST ID)

1ST OCTET 11000000 192

2ND OCTET 10101000 168

3RD OCTET 00000001 1

4TH OCTET 00000001 1

SUBNET MASK (DECIMAL)

11111111 255

00000000 0

NETWORK ID (DECIMAL)

11000000 192

10101000 168

00000001 1

00000000 0

HOST ID (DECIMAL)

00000000 0

00000001 1

IP ADDRESS (DECIMAL)

11000000 192

10101000 168

00000001 1

SUBNET MASK (DECIMAL)

11111111 255

11000000 192

NETWORK ID (DECIMAL)

11000000 192

10101000 168

00000001 1

00000000 0

HOST ID (DECIMAL)

00000000 0

00000001 1

IP ADDRESS (DECIMAL)

Page 63

Information Network [436302]

Function of subnet mask is to divide networks. Computers can communicate with other computers in the same network, sharing same network ID, but cannot see those in other networks, with different network ID. Router connects between networks must operate on classless network in order to process subnet mask information. This topic about routing is discussed in routing section.

FIGURE 31: DESCENDING POWER OF TWO METHOD

FIGURE 32: DEMONSTRATION OF ONE PHYSICAL NETWORK WITH 2 SUBNETS

Figure 32 shows a physical network of 4 computers connecting to one switch. Each computer has an IP address assigned with subnet mask /30. Note that network ID of the left group and the right are different. If the left group try to connect to the right group as it is, they cannot do it. Although the Laptop in the center has same network ID as the left group, it cannot communicate with the left. This is because subnet mask with the most bit is in effect. The left group use 30 bits subnet while the notebook use 25 bits. In /30, IP address 192.168.1.7 belongs to network ID 192.168.1.4, the right group. Therefore, Laptop can communicate with the right group. Lastly, it is important to note that IP address assigned to Laptop is the broadcast IP for the left group. It could not be assigned to the left group because it will be restricted by subnet mask /30, but can be assigned to the laptop because it uses /25. This creates a Page 64

Information Network [436302] special situation when the Laptop communicates with the right group. First, Laptop connect to a computer with a direct connection, right to the computer. When the computer replies, though, the packet were to be broadcasted to every computers. Laptop takes the packet but others drop it. This can lead to security vulnerability which will be discuss later. Before ending IPv4 session, it is important for network specialist to be able to convert between decimal, binary and hexadecimal. Figure 2 introduces a method called “descending power of two” to convert binary to decimal. Another method called “division by two” is introduced in figure 3. This method is capable for converting larger number. IP V 6. After a long time of service and exponential expansion of Internet user, IPv4 is beginning to exhaust. Improved mobile technology also contributes to IP exhaustion, meaning IP address is not enough for all devices. This led to IPv6 development. IPv4 is 32 bits which means it contains 32 binary digits. IPv6 is 128 bits. It contains 128 binary digits. IPv6 is a long number if it is represented in decimal, so it is written in hexadecimal, organized into 8 groups of hexadecimal digits. 2128 addresses can be assigned using IPv6 available. It is designed so that mankind will not face IP exhaustion for a long time. IPv6 is the next big thing. It is currently being FIGURE 33: DIVIDING BY TWO METHOD implemented. However, due to popular use of IPv4, IPv6 is not as prevalent in everyday use as IPv4 yet. End users should find no different in using IPv6 because, like IPv4, IP address is automatically assigned by DHCP service. It is important, though, for network specialist to understand IPv6 structure.

Page 65

Information Network [436302] IPv6 IPv4 configuration FE80::2CC4:D928:FB13:6354%11

At interface NO.11

1111111010000000:0000000000000000:0000000000000000:0000000000000000: 0010110011000100: 1101100100101000:1111101100010011: 0110001101010100

Network prefix Subnet ID Host ID FIGURE 34: IPV6 SAMPLE AND STRUCTURE

IPv6 is organized into 8 hexadecimal separated by colon. Sometimes double colon (::) is used to shorten the address by suppressing all inline 0s. Leading 0 digits can be suppressed. After IP address, there is a % sign with a number (Windows) or a name (Linux) of the interface which the particular address is assigned to. IPv6 also assign certain address for specific tasks. Loopback address (127.x.x.x in IPv4) becomes ::1 in IPv6. Address begins with FE80 is normally reserved for local unicast address. FF0x (when x = 1 to 8) is reserved for multicast.

ANSWER:

The colon and drive letter

Good thing about IPv6 is that it works with IPv4 networks. It is announced that IPv6 will be implemented in 6th June 2013. However, no big change should occur in people lifestyles because IP address is assigned by DHCP service and people access website using DNS.

Do you know? IPv6 is not fully support by Windows. Whatâ&#x20AC;&#x2122;s the problem?

Windows use colon (:) to mark drive letter, like C:. So, you can access files on your local host by \\127.0.0.1\ but you cannot do so with \\::1\ because Windows confuse :1 for a drive.

Note that subnet ID is already implemented into the address itself. Subnet mask is not necessary anymore because address space is extremely large. However, some organization still use additional subnet digits (means the subnet range in the address is longer).

Page 66

Information Network [436302] NAT Network Address Translation or NAT is a service which allow Internet routing to operate with limited IP address. To understand NAT, scope of IP address must be studied. IP address is classified into private IP address and public IP address. By public, it means that the IP address is shared across the globe. Public IP is limited and must be shared. Private address, on the other hand, can be configured and distributed as the owner see fit. However, private IP address cannot be routed to the Internet, where public IP address is used. This is where NAT comes in. NAT translate between public and private IP address. Once a packet needs to go out to the Internet, NAT put the packet into a box using public IP address. It makes note that the packet is originally from a particular private IP address and send it out. On the receiver end, another NAT service get the packet which send to its public IP address. Open it up and relay to its destination. A physical example of how NAT works can be an apartment post service. An apartment can have only one building ID. When a resident want to send a packet anywhere, building ID is used. Inside the box, though, a room number is marked. This way, post office handles only building ID, comparable to public IP. When the packet reaches its receiverâ&#x20AC;&#x2122;s apartment, the apartment open the box to see the marked room number, comparable to private IP address. Then, the packet is delivered to its receiver.

NAT has some drawbacks. What are those drawbacks? Try to find the answer yourself and discuss with your friends. Remember, research from trust-worthy sources. If you are not sure, ask your instructor.

NAT is not the only technology that translate private address to public address. PAT (Port Address Translation) is another technology which operates on ports. PAT enable applications to share a single IP address, just like a computer can run many web server at a time.

ENCAPSULATION Encapsulation is a service performed by every layer. In network layer, it is even more important because its data is used for routing. Basically, encapsulation is like putting a content inside a box and write necessary information on the box. The box then handed Page 67

Information Network [436302] to another layer which treat the box as its content to be put into a box. The content is called Protocol Data Unit or PDU.

ROUTING AND ROUTING PROTOCOLS Routing is a service of sending data packets from node to node. It is comparable to a branch of post service office sending a packet to another post office. It basically involves sending data packet onto specific direction which the destination can be found. To do that, a couple of protocols are used such as RIP2. Before learning about routing protocol, it is important to know that network can perform without automatic routing protocol. Static routing could be setup. Static routing means telling a router to relay specific packets onto a specific way. Router keeps doing that even if the cable is cut. If the cable is indeed cut, error messages would be send to the source using Internet Control Message Protocol or ICMP. This raises a need for automatic routing protocol. R OUTING P ROTOCOLS A router operates on Internet layer and works on IP address. To do its job, it requires routing information. Routing protocols is a mean for routers to exchange routing information required for efficient routing. There are a few types of routing protocols. Link State routing protocols are protocols which works on status of links. The protocol see if a link is routable or not and assign packets accordingly. An example of these protocol is OSPF. Another type of routing protocol is called distance vector routing protocols. This type of routing protocol uses less information than link state protocols. Compare to link state routing protocols, it is usually much simpler. Link state routing protocols use many data such as throughput and reliability of a link to determine the best way to route a data packet. Distance Vector routing protocols use only hops, or router count it must go through. However, note that not all distance vector routing protocol is simple. Not BGP. The last type of routing protocol is hybrid type. Enhanced Interior Gateway Routing Protocol or IEGRP is a proprietary protocol by Cisco which is classified as a hybrid routing protocol. By hybrid, it works like link state protocols but it works automatically. OSPF Open Shortest Path First or OSPF works as the name suggests. It selects the shortest link to the destination as its preferable route. The device send data through a link to determine its costs such as throughput and reliability. OSPF keeps a database of those costs and links. When it receives a packet, it check the database and choose the lowest Page 68

Information Network [436302] cost, as a shortest path. If the cost is equal, traffic loads are balanced between two links. OSPF is a complex protocol and has a lot of detail in implementation and controls. IS-IS Intermediate System to Intermediate System or IS-IS is another link state routing protocol. It is not as common as OSPF but more popular with ISP users because it offers great scalability. It require less control messages to be send/received. RIP, RIP2 & RIP NG Routing Information Protocol or RIP is a distance vector routing protocol. RIP is an old routing protocol. It works on classful network. RIP2, its descendant, works on Classless Inter-Domain Routing or CIDR (pronounce /Sai-Dar/) which means it also use subnet mask. RIPng, ng as Next Generation, is the latest of the family. RIPng is designed to support IPv6. For home/small office user, distance vector routing protocol like RIP is more likely to be implemented. This is because it is easier to use. Practically no configuration required, turn it on and the protocol just works. RIP allows longest distance at 15 hops. Over than that, RIP does not allow it. Therefore, RIP is not as suitable for large networks. However, RIP is supported by most routing devices and some large networks use it anyway. The core mechanism of RIP (all versions) is RIP advertisement, also known as response message. In such message, routing tables are exchanged. Routing table is a database containing router information and cost, or hop, to a specific node. Routers running RIP share these information roughly every 30 seconds to ensure efficient routing capability. If a link is downed, routing table update helps router to avoid that link. If a shorter link to a node is connected, other routers know of the link early.

Try it If you want to see what a real routing table looks like, you can try it on your computer. 1. Open CMD 2. Type “route print” without “” and enter 3. Routing table stored in your computer will be displayed. This is an example:

Page 69

Information Network [436302] BGP Border Gateway Protocol or BGP is a standard routing protocol for the Internet. It is classified as a distance vector routing protocol but unlike RIP, it is not normally used by home/small office. It is designed for ISP or extremely large corporation. BGP also different because it requires manual configuration of each peers in connected to. This is because BGP require communication policy to be set before transmission. BGP is an extremely complex protocol in detail. This handout simply outline the protocol because it is so complex that it needs dedicated books for the protocol. Basically, BGP share routing information using a semi-permanent TCP connection. This connection establish either internal BGP (iBGP) or external BGP (eBPG). BGP send routing information about iBGP to other BGP routers on eBGP. This is the way BPG learn routing direction and associated attributes. BGP routes packets to the shortest path determined by Autonomous System Number or ASN. This means it does not consider only a node but an entire routing system. To choose a route, an extensive set of policies is considered. After considering all related policies, the shortest paths, least ASN, are chosen. Then, the closest next hop is chosen. If there are more than one path, load balance is perform, such as using BGP identifier.

FIGURE 35: GROWTH OF THE BGP TABLE - 1994 TO PRESENT

It is important to note that BGP is not the fastest routing protocol. It can handle large routing table but exchanging all that information is a big task. Growth of BGP routing table statistic is shown in figure 5. Note number on the vertical line. Thatâ&#x20AC;&#x2122;s the number of entries in BGP routing table. D EFAULT G ATEWAY Default gateway is not really a protocol. However, it is an important part of any Internet routable networks. Default gateway is the place that a device send data to when it has nowhere to go to. Default gateway is set by DHCP service, so usually user does not have to worry. However, there are times when user cannot access the Internet because its default gateway is not working, or the address to the gateway is miss typed. Page 70

Information Network [436302]

FRAGMENTATION / SEGMENTATION (AND REASSEMBLE PACKETS) Each layer in the OSI model process data in a unit called PDU. However, size of the PDU is not equal in every layer. In network layer, a PDU is called a packet. However, network layer must prepare data for datalink layer of which a PDU is called a frame. By Ethernet standard, an Ethernet frame is 1500 bytes. Any longer data will be truncated to that size. This is important for compatibility over different networks.

ERROR HANDLING Network communication is not always reliable. It is natural for electrical waves to be interfered by some sort of objects or other interferences. So, communication must be checked for errors. There are many error checking algorithms. Anyhow, when an error is detected, the source of that packet must be notified. This is where Internet Control Message Protocol or ICMP comes in. ICMP is a part of Internet Protocol suite. It is used to send error messages to the source as feedback. For example, a packet is send but lost on the way. ICMP detects the lost and send â&#x20AC;&#x153;Destination unreachableâ&#x20AC;? to the source. The source knows that the packet is error and decide whether to resend the packet or to do something else. This protocol is also used in controlling of networks such as ping.

Page 71

Information Network [436302]

DATA LINK LAYER Data link (2nd) layer is responsible for transmitting data between nodes in the network. It communicates with physical layer which is basically a wire and electronic stuffs. It also communicate with network layer which regulate routing and connection. Without data link layer, network layer does not have any means to use physical devices. D ATA

LINK LAYER : WHAT DOES IT DO ?

Data link is the last logical layer in the model. This layer act like a traffic rule on the road. The direction notices are set up by this layer. This allow frame, data link PDU, to know where to go. Traffic lights are also set up by this layer. This allow physical layer to know when to transmit data into the media. There are multiple protocols in this layer. The most used protocol is the Ethernet, which we studied in Network technology session. Other data link protocols are introduced in this session. MAC

ADDRESS

T ABLE

Also known as Content addressable memory (CAM) table or filter table, this table is what separate network switch from network hub. This table is fairly similar to routing table in network layer, but much simpler because it does not contain cost or distance matrix for each route. It only contains a list of nodes which it connects to and the ports those nodes are connected. A node is represent by its Media Access Control address or MAC address which is unique in the world. An example of the table is shown in table 1. Node (MAC address) 11-11-11-11-11-11 22-22-22-22-22-22 33-33-33-33-33-33 44-44-44-44-44-44

Port 1 1 2 3

TABLE 13: MAC ADDRESS TABLE

Table 1 shows an example of MAC table which contains Media Access Control, MAC, addresses, also known as physical addresses, and port numbers or port IDs, also called segments. This means a particular node can be FIGURE 36: TOPOLOGY OF TABLE 1 reached via one particular port. You may notice that some nodes share the same port. This is because port 1 is connected to another device which, in turn, connects the two nodes. Topology of table 1 is shown in figure 1 with abbreviated node address. The Px is the port and its number.

Page 72

Information Network [436302]

A network switch work like this: 1. Suppose the MAC address table, like shown in table 1, is initially empty. 2. Node 1 send a frame to node 4. a. The frame reaches hub, forward to all ports. i. Node 3 gets it, throw it away. ii. Switch gets it on port 1. FIGURE 37: LINK TO ANIMATION b. Switch put a record into MAC address table. EXPLAINING LAN SWITCHING [eg. 11-11-11-11-11-11 is on port 1] c. Switch cannot find node 4â&#x20AC;&#x2122;s address in its table. d. Switch forwards the frame on all other ports, which are 2 and 3. 3. Node 4 gets the frame and reply to node 1. a. The frame reaches switch. b. Switch consults its table and see node 1 on port 1. 4. Switch forwards the frame to port 1 only. Note that after switch learned the segment of the node, it can forward the frame on its way without using other ports. This is why this table is also called Filter table, because its filter usage of ports. There is a good animated presentation of LAN switching posted on www.howstuffworks.com by Mr. Tyson, Jeff. A link to the presentation is shown in figure 2 (use QR code reader to get the link4). It is important to know that hosts does not operate the way switches do. Before a host knows which direction it should send packets to, it must determine the next hopâ&#x20AC;&#x2122;s address. This is done by Address Resolution Protocol or ARP. A host send ARP packet to ask for MAC address of nodes in the network. It maintain ARP table for further routing. ARP table is different from MAC table because MAC table bind MAC address to port ID but ARP table bind MAC address to IP address. An example of ARP table is shown in figure 3.

Or access the file via URL [http://static.ddmcdn.com/flash/lan-switch-transparent.swf]

Page 73

Information Network [436302]

FIGURE 38: ARP TABLE FROM WINDOWS

With combination of ARP table (in hosts) and MAC table (in switches), computer network in star topology performs well. However, some might notice that this way of switching is not perfect. There is a problem with loop, also called redundancy in this case. It causes a problem called broadcast storm which cripple the entire network. L OOP

PROBLEM WITH SWITCH

A computer network is connected as shown in figure 4.

FIGURE 39: SWITCHING LOOP

Now, suppose PC0 (the most left one) sends a packet to PC1 (the most right one). First, PC0 do not know anything about the internet. So, it broadcasts ARP and learn about switch SW1. SW1 gets that ARP packet, replies the ARP and broadcasts ARP to all ports except the receiving port, the packet goes to SW2 and SW3. Now, SW3 also send ARP to SW2. So, SW2 receives ARP packet from SW3 and have to forward it to all ports but the receiving port. SW2 forward the packet from SW3 to SW1 and PC1. At the same time, SW2 forward Page 74

Information Network [436302] packet from SW1 to SW3 and PC1. SW1 must forward its packet to SW3 and SW3 must forward its packet to SW1 again. This becomes a loop which goes on forever, or one of the switch is turned off. Moreover, MAC table of SW 1 will hold MAC address of PC1 on both ports, to SW3 and to SW2. So, when PC0 send packet to PC1, SW1 forward packet to both SW2 and SW3. The loop happens again, over the infinite last loop. Loops like these are added with every packet. Finally, theses switches can no longer handle all these traffics and the network fails. To stop this problem, new models of switches implement Spanning Tree Protocol or STP. This STP create a virtual tree structure of the network. Since a tree cannot has a node being both parent and child, such link is detected as a loop and gets eliminated. Thus, new models of switches are no longer suffered by loop and broadcast storm. It is important, though, to bee cautions when working with legacy, old, devices for they are still vulnerable with the loops. This is the basic mechanism of level 2 switches work. To do so, there are many protocols involved. Data link layer performs two sub tasks, which make two sub layers, the LLC and the MAC.

LLC SUB LAYER Logical Link Control or LLC sub layer responsible for logical operation of the layer. Some protocols use it, some do not. Thus, it is an optional layer. It provides flow control and error control services. These services include synchronization of time and connection establishment. S YNCHRONIZE

TIME

Some protocols rely on time-clock to transmit data. These protocols, unlike Ethernet which has an end flag showing the end of a frame, use certain time period to determine the start and the end of a frame. To do this, both computers must share the same clock. LLC sub layer provide the service to do so, by asking for a central time from a 3 rd party node as a standard clock. C ONNECTION

SERVICE

Data link layer also provide services for connection oriented protocol. Note that if the upper layer protocol does not require connection service, data link layer does not required to do so as well. Data link layer provide services for connectionless, acknowledged connectionless and connection-oriented protocols. Page 75

Information Network [436302] E RROR

CONTROL

Error control in LLC sub layer is usually light-weight. It must perform quickly, so the network can perform at optimal speed. For example, adding a calculated bit at every pair of bits to detect error within two bits range. This added bit is called Parity bit. It is important to know that data link layer provides many protocol related services such as Ethernet over power line. These services is made by manufacturers of the physical NICs, so that upper layers can use their products.

MAC SUB LAYER Media Access Control or MAC is the most important aspect of data link layer. It is obvious among network devices that MAC address is essential for network switching. However, this MAC sub layer does not just add the address to the frame. There are multiple services it provides. P HYSICAL A DDRESS First, MAC sub layer provide MAC address. MAC address is a unique address, only one MAC address in the world. This standard is created to ensure that all NICs can communicate with each other without confusion. It is essential for Ethernet and other protocols. However, some under-quality NICs may appear in actual usage. These NICs have nonunique MAC addresses. This can cause problem in working environment because frames will be transport to all of these devices. It creates security problem, and hackers use this. It is known as “MAC spoofing” which will be explored further during network security session.

What if…? What if a network is to be installed on Mars? Does NICs there need earthly unique MAC address? If civilization spread across planets, how can MAC address all be unique?

L OGICAL T OPOLOGY The arrangement of nodes, computers and network devices, is physical topology. Logical topology, on the other hands, is the way nodes handle PDUs such as frame. This is the service which tests the media to see if a collision happens in CSMA/CD. It is the service that detects token in token ring topology. In short, it determines the type of network and controls how a device accesses communication media.

Page 76

Information Network [436302]

NOTABLE PROTOCOL As stated above, data link layer is a link between proprietary NICs and standard upper layers. So, there are many protocols supported in this layer. However, some are especially famous and important to learn because of its usage across the globe such as Ethernet. WAN protocols are also introduced such as MPLS, HDLC and PPP E THERNET Ethernet is a prevalent network technology which is used in LAN networks throughout the world. Ethernet working mechanism is explored in session 4, network technology. This is because it is so closely related to physical products such as CAT5e cable so that we cannot study connection cable without knowing part of Ethernet. Ethernet is quick. It is reliable. Its devices are cheap. These make Ethernet into one of the most popular network technology in the world. It is important to understand that Ethernet cover both data link layer and physical layer. For data link layer, Ethernet uses protocol such as CSMA/CD in LLC sub layer. For physical layer, it is about the devices or cables standard such as 1000BASE-T on CAT5e. MPLS Multi-Protocol Label Switching or MPLS is a data link layer protocol which is used by routers. It is a high-performance network protocol which allows faster data transmission. Label is a routing information attached to data packet in order to perform some useful tasks such as making private network in the Internet cloud. Using label as switching information allows packet to be routed without the router checking routing table. This is accomplished by Label Switching technology. ISPs use it. MPLS is fast and simple to understand. Basically, it attach a 32bits header at the top of a packet. This header is called a stack, which is also stackable. 20bits are the label. 3 bits are Quality of Service (QoS) field. 1 bit after that is a flag marking the last header of the stack. Then, it is 8 bits time to live (TTL). This header allows Label Switching Router to route the packet without looking into the IP packet. Because MPLS header is stackable, MPLS allow Virtual Private Lan or VPN to be constructed easily. When a packet passes a router, MPLS stack is added. When passes another router, another stack is added on top of the last one. By the time that packet reaches the destination, MPLS header contains information of all routers it went through. This allows network engineer to know the exact route, the tunnel through WAN cloud, and VPN can be configured more easily. It also allows QoS to be configured.

Page 77

Information Network [436302] HDLC High-level Data Link Control Protocol or HDLC is a bit-oriented protocol by standardized ISO. Bit-oriented protocol means this protocol do not work with any semantics or meaning of the data. It just use the bit code to do the work. This protocol is important because it is the default protocol for Point-to-point connection. A number of protocols are developed from HDLC such as the PPP, which is the next protocol in this handout. Flag Bits 8

Address Control 8+ 8-16

Information FCS 0+ 16-32

Flag 8

TABLE 14: STRUCTURE OF HDLC FRAME

There are many type of frame in HDLC. Structure of a frame is shown in table 2. Each frame provides specific type of service. This allows HDLC to provide both connectionoriented and connectionless communication. Examples of HDLC frame types are shown in figure 55.

FIGURE 40: EXAMPLE OF FRAME TYPES IN HDLC (WITH CONNECTION TYPE)

Lindner, M. (2006). HDLC (High level Data Link Control). Retrieved from Vorlesungen:

Datenkommunikation: https://www.ict.tuwien.ac.at/lva/384.081/infobase/L03-HDLC_v4-4.pdf

Page 78

Information Network [436302] HDLC operates using these frames. Types of frame is determined by certain bit value on the frame. For example, RR or Receiver Ready is send to the transmitter to notice that the receiver is ready to get more data. As you can see, RR frame is used in connectionoriented just like ACK but it works on data link layer which is way faster. PPP Point-to-Point Protocol or PPP is, as the name implies, used to connect two nodes directly to each other. It supports authentication, encryption/decryption and compression. Not to be confused with the services on session and presentation layer, PPP works on data link layer and operate on different data format. There are a few variation of well-known PPP which are PPPoE and PPPoA. The PPPoE is PPP over Ethernet while PPPoA is PPP over ATM. They are designed to work on those particular protocols, as the name implied. In network administration, PPP is well accepted when compare to HDLC because PPP provide network administrator with several options such as Password Authentication Protocol or PAP and Challenge-Handshake Authentication Protocol or CHAP. All the options will reported similar overhead. Only requirement to use PPP is to configure the interface to perform PPP encapsulation as shown in figure 6.

Configure NIC to use PPP

Options for PPP

FIGURE 41: SCREENSHOT FROM PACKET TRACER SHOWING PPP CONFIGURATION

Page 79

Information Network [436302]

PHYSICAL LAYER Physical (1st) layer is responsible for network hardware control. It does not concern itself with logical format of the data packet. It tasks are to use an appropriate mechanical and electronic method to transmit data via the media it is connected to.

HOW DATA ARE REPRESENTED ON A MEDIA Unlike data in the upper layer which is represented in binary, data in physical layer is transmitted via electrical wire, fiber optic or microwave. This makes the data can be electrical voltage, spectrum of light beam or frequency of the wave. This is one of the tasks of physical layer. It must translate between physical bits into logical bits which the upper layer can understand. M ODULATION

AND DEMODULATION

Modulation is a way a network device add data into transmission media such as microwave. These wave has a natural frequency. The frequency is called carrier wave because it is used to carry signal to another end. There are many modulation schemes, a network device may be able to perform some of them. To communcate with each other, network device must be compatable with each otherâ&#x20AC;&#x2122;s modulation scheme. Basically, when a computer transmit a bit, it modulates either positive or zero value, such as positive voltage for 1 and no voltage for 0 as shown in figure 2. This is called unipolar encoding. However, there are multiple problems with this basic modulating scheme. For example, too many 1 bits and the wire is flooded with positive charges. Therefore, bipolar encoding which encode negative charge for 0 and positive charge for 1, as shown in figure 3.

Carrier wave

Data

Voltage

1 Time

FIGURE 43: UNIPOLAR ENCODING

Modulated Signal FIGURE 42: ILLUSTRATION OF SIGNAL MODULATION

Page 80

Information Network [436302] However, there are another modulation scheme which does not use actual voltage to represent data. Instead, it uses transition of voltage to represent data. This is called State Transition Encoding. In this scheme, positive charge can represent both 1 and 0 and vice versa. If the original charge is positive, then it remain positive as long as data is 0. It turn to negative on 1 and keep changing the charge when 1 bit is encountered, as shown in figure 4.

Voltage

1 0

Time

FIGURE 44: BIPOLAR ENCODING

Voltage

WIRING STANDARD

1 1

Time

Physical layer is responsible for wiring standard. In this case, if a network cable is miss-wired or cutFIGURE 45: STATE TRANSITION ENCODING off, it is classified as physical layer failure. Wiring standard such as EIA/TIA 568A and EIA/TIA 568B which are standards for LAN network termination belongs to this layer. The â&#x20AC;&#x153;Categoryâ&#x20AC;? wires such as CAT5e and CAT6 which are used for Ethernet network are part of physical layer too. Even RJ45 which is a connector for LAN network is also part of physical layer. So, in short, physical layer is responsible for anything tangible within a network.

PHYSICAL TOPOLOGY

Physical topology is a part of physical layer, unlike logical topology which belongs to data link layer. Physical topology is about cabling layout throughout the network. Some topology such as ring can be improved by cable lining. For example, laying cable in a ring, physically, allow more false tolerant. Cable installer may lay 2 cables for ring network which improve false tolerant even more. Note that for a topology to perform, both physical link and logical link must be completed. Ring topology, for example, can perform when cables and other network devices are connected like a ring (physical layer). It also requires token to transmit data. Token is managed by data link layer.

Page 81

Information Network [436302] S YNCHRONOUS /

ASYNCHRONOUS TRANSMISSION

In the upper layers, communication can be categorized into synchronous and asynchronous mode. Physical layer provides synchronous service for doing so. In synchronous communication, network devices use time to determine the beginning, each part, and the end of a data packet. However, both ends must make sure that their clock is ticking at the same rate and start at the same time in order for the communication to succeed. This is done by physical layer by a clock inside the devices. However, depending on the protocol being used, another clock may be used instead of either sideâ&#x20AC;&#x2122;s clock. Asynchronous communication does not require a clock to work. Asynchronous communication use certain symbol or bits as start-bit/stop-bit. In this mode, physical layer must add certain bit pattern at the start and the end of bit stream. Another side of the communication must know which bit is the start-bit and stop-bit, in order to decode the message. B ANDWIDTH Physical layer is responsible for available bandwidth of a communication media. Since physical layer is about tangible things such as cable and devices, upgrading these things may improve available bandwidth and ultimately leads to higher throughput. Available bandwidth is depended on connection media and related technologies which are covered in session 3: network components and session 4: network technologies. M ULTIPLEXING Upper layer multiplexing is about using multiple application on one communication device, which is the physical layer. Therefore, the real multiplexing is performed by physical layer. At this layer, network device use telecommunication techniques such as Frequency Division Multiplexing or FDM, Time Division Multiplexing or TDM and Code Division Multiplexing or CDM. These techniques allow multiple user, whose data also come from multiple application, to share one communication media. D IFFERENT

NAME OF

PDU

After all these sessions, you might notice that this handout use some different words for a chunk of data which is being transmitted. This is because, by standard, name of a PDU is called differently between layers. These words are used in specification documentation and allow technical communication to be brief. By calling a PDU a frame, it is known by the communicators that they are talking about data link layer. All names of PDUs are listed in table 1. Page 82

Information Network [436302] OSI Layer Transport Network Datalink Physical

PDU name(s) Segment (TCP) / Datagram (UDP) Packet Frame Bit / Symbol TABLE 15: PDU NAMES

However, the work “Data packet” is also used when talking out of network layer. This is because the popularity of Internet Protocol or IP. So, the name of its PDU sticks to many computer network people as a nick name for PDU. Technically, not all PDUs are called packet.

Try troubleshooting

C ONCLUSION Physical layer is all about tangible stuffs on the network. If you touch it, you get shocked by it. If you throw it, it hits on impact. Unlike upper layer which you cannot touch it at all (except for application layer which you may click on it). If a problem occurs because something you can lay your hands on are out of order, that is a layer 1 problem. It is important to know that, by estimation, 90% of computer network problems are occurred on layer 1, physical layer.

Think you have learnt all layers of the OSI model and network world? Have you heard of Layer 8? Try troubleshooting the problems appeared in this link! (http://youtu.be/CHC67sfOibs)

Page 83

Information Network [436302]

OSI MODEL VS INTERNET MODEL: SUMMARY In this course, we have studied architecture of computer networks using OSI model. We also noted that another model, the Internet model or TCP/IP model, is currently in used. This handout compare these two model to summarize the similarities and differences, all in table 1 (page 2). Now that we know how the two models related, it is time to put all of that in action. Suppose a simple web browsing scenario. Everything that happen is explained in the following part. This part of the handout is a collection of screenshots from Cisco’s Packet tracer network simulation software. Students can try it at instructor website -> Information network course information -> Download link. The webpage is linked from this handout via QR code in figure 1. Symbols in the following part are described here.      



FIGURE 46: LINK TO COURSE WEBPAGE

Envelop represents a PDU. Dark red-brown envelop is a DNS related PDU. Light green envelop is a TCP packet. Violet envelop is a HTTP related PDU. A computer is a computer (what more can you expect?) Refrigerator-like machine is a server. Multiple services can be hosted in one server. In this case, DNS server and Web server is hosted in the same and only server in the diagram. Cloud represents internet or WAN connection.

The following network diagram omits middle nodes such as switches and routers for ease of explanation. The simulation is run many times, so the sequence numbers may not be exact. Students can use network simulator linked by QR code (figure 1) to simulate the network to see the exact sequence numbers.

Page 84

Information Network [436302] Topic Creator Usage

OSI model

ISO/IEC Conceptual design Educational & Troubleshooting Characteristic Rigid and precise design Difficult to implement Layer comparison

The Internet model The Internet Engineering Task Force Implementation Core of the Internet Loose design Easy to implement

Diagram from : Tetz, E. (2013, August 19). Network Basics: TCP/IP and OSI Network Model Comparisons. Retrieved from For Dummies (A Wiley Brand): Making Everything Easier: http://www.dummies.com/how-to/content/network-basics-tcpip-and-osi-network-modelcompari.html

Application Layer Protocols Presentation Layer Protocols Session Layer Protocols Transport Layer Protocols Network Layer Protocols Data link Layer Protocols Physical Layer Protocols

DS, FTAM, VT ICA, PAD, XDR

FTP, HTTP, DNS

H.245, ASP (not to confuse with Microsoft’s ASP), X.225 ATP, IL, µTP

TCP, UDP

AppleTalk DbP, SCCP, CLNP, IS-IS

IPv4, IPv6, RIP, OSPF

Ethernet, IEEE 802.11, MPLS, ATM, Frame relay, Token ring, STP 10BASE-T, 100BASE-TX, DSL, ISDN, Bluetooth, T1, T3 TABLE 16: OSI MODEL & TCP/IP OR INTERNET MODEL COMPARISON

Page 85

Information Network [436302]

FIGURE 47: SIMULATION OF WEB BROWSING SCENARIO

Suppose the user of PC wants to browse a website called www.me.com as shown in figure 2. 1. PC does not know where www.me.com is. Application layer initiate DNS protocol to ask DNS server for the IP address of www.me.com as shown in figure 3.

FIGURE 48: INITIATE DNS REQUEST

The request is send to transport layer, presentation and session layer are not used because TCP/IP protocol suite is used. Transport layer uses UDP to send DNS data packet from port 1031 to port 53. Network layer encapsulates IP information. The header contain source (192.168.0.2) and destination IP address (255.255.255.255). Data link layer encapsulates next nodeâ&#x20AC;&#x2122;s MAC address (FFFF.FFFF.FFFF) using Ethernet protocol. Physical layer encodes the data into bits and send through FastEthernet link. The final PDU structure is shown in figure 4.

Page 86

Information Network [436302]

FIGURE 49: DNS REQUEST DETAIL BY LAYER

2. DNS server gets the DNS request. It replies with IP information of the website www.me.com to the source of the request as shown in figure 5.

FIGURE 50: DNS SERVER REPLIES THE REQUEST

UDP protocol is used for DNS respond, from port 53 to post 1033. Network layer attaches IP header to the packet. Data link layer attaches MAC address information to Ethernet frame. Physical layer send the bits through FastEthernet link. The final PDU is shown in figure 6.

Page 87

Information Network [436302]

FIGURE 51: DNS RESPOND TO PC

3. Now, PC knows that www.me.com address as shown in figure 7.

FIGURE 52: ADDRESS RESOLVED

PC is preparing HTTP connection for web browsing as shown in figure 8.

Page 88

Information Network [436302]

FIGURE 53: PC GET DNS INFO, PREPARING HTTP SYNC

Transport layer send Sync segment as show in figure 9.

FIGURE 54: PC IS SENDING SYNC SEGMENT

The server respond with Sync-Ack segment as shown in figure 10. Network layer attaches IP information, from PC to Web Server. Data link layer attaches Ethernet information, from this node to the next node. Physical layer transmit the data.

Page 89

Information Network [436302]

FIGURE 55: SERVER GET SYNC, REPLIES WITH SYNC-ACK

4. PC receives SYNC-ACK segment. Its application layer prepare HTTP request as shown in figure 11.

FIGURE 56: PC GET SYNC-ACK, PREPARING HTTP REQUEST

Transport layer replies SYNC-ACK with ACK to establish connection as shown in figure 12. Network layer, data link layer and physical layer perform their tasks as usual to deliver data from end-to-end.

Page 90

Information Network [436302]

FIGURE 57: PC SEND ACK, CONNECTION ESTABLISHED

5. After that connection is established by TCP, HTTP request is send as shown in figure 13.

FIGURE 58: PC SEND HTTP REQUEST TO SERVER

Page 91

Information Network [436302] 6. The server replies HTTP request with a copy of index.html page to PC. PC gets the data and HTTP information appears on userâ&#x20AC;&#x2122;s web browser as shown in figure 14.

FIGURE 59: PC RECEIVES A COPY OF THE REQUESTED FILE AND DISPLAY THE RESULT ON WEB BROWSER

7. TCP knows that this is the end of HTTP, it tries to terminate the connection by sending FIN segment as shown in figure 15.

FIGURE 60: TCP PREPARING FIN SEGMENT

Page 92

Information Network [436302] 8. The server get FIN segment, it replies with FIN-ACK as shown in figure 16.

FIGURE 61: SERVER GET FIN, REPLIES WITH FIN-ACK

9. PC gets FIN-ACK and terminate the connection. It then send ACK segment and change connection status to CLOSE_WAIT as shown in figure 17.

FIGURE 62: PC GETS FIN-ACK, REPLIES WITH ACK AND CHANGE CONNECTION STATUS TO CLOSE_WAIT

Page 93

Information Network [436302] 10. The server gets the last ACK segment from PC and replies with ACK, change connection state to CLOSED. Once the PC gets the reply, it change the connection state to CLOSED too, as shown in figure 18.

FIGURE 63: CONNECTION CLOSED

These 10 steps is performed every time a webpage is browsed. All layers work together to create the Internet we are using today. Any malfunctions can be classified by the layer, and thus, limit troubleshooting scope. Make it easier to fix the problem. The instructor encourages students to try simulating network for better understanding of how network works.

Page 94

Information Network [436302]

NETWORK SECURITY Network security is an extremely large topic. Students can invest four and a half years studying it and still not acquire 10% of the whole wisdom on network security. It is interdisciplinary knowledge. It requires extensive awareness, knowledge and experience. This handout introduce students to the knowledge of network security. This handout is organized into two major topics, attack and defense.

ATTACK This section explain various attack techniques that hackers or attackers use to cause network malfunction and/or to steal information. It is important to note that attacks may be classified into two types. The first is passive attack which the attacker does not attack a target. Instead, the attacker attacks on transmission media to steal information travelling toward destination. The second type of attack is active attack which attacker target a network device. V IRUSES ,

WORMS , AND

T ROJAN

HORSES

Virus is a malicious program (also known as malware) which spread through various media and install itself in computers it comes in contact with. Virus may cause problems to the system. Some viruses are designed to make a machine malfunction. Some viruses are design for specific malicious activities. However, some viruses are simply born out of accident in programming. Worms are subclass of virus. They are malicious programs but worm can replicate themselves across computer network. Unlike viruses which require human interaction to spread, worms exploit weaknesses or holes in operation system or network to multiply themselves. Some worms can be controlled remotely by hackers. Trojan horses are malicious programs which does not damage the machine it has infected. It silently steals information from the machine and send it to hackers. Trojan allows hackers to remotely manipulate the infected computers. The three types of malicious programs are compared in table 1. These malicious programs may be results from accidents in programming, experiments gone wrong or designs of hackers. If they are spread by hackers, they are hack tools used for other goal such as taking down a webserver by flooding the network with worm. Malicious programs such as these are one of the most used weapon in hackersâ&#x20AC;&#x2122; arsenal.

Page 95

Information Network [436302] TABLE 17: COMPARE VIRUS, WORM AND TROJAN HORSE

Topic Remote control Infection

Virus No Attach to files

Worm Yes Exploit OS’s holes

Spread

Human interaction

Aim

Destroy system

Self-replication through network Destroy system Take control system

S PYWARE

Trojan horse Yes Lay low / Act like a useful program Human interaction Take control system Steal information

AND ADWARE

Spyware is quite similar to Trojan horse. However, spyware may not try to control the target. Instead, it steal information from the infected and send it to the spyware owner. This allows the owner to track the target activities and gain knowledge of the system. Adware is a program that forcefully show advertisement to the infected. It acts similar to a virus in such a way that it is difficult to remove from the system. Some adware are bundled to a useful program. Adware generates income to the owner, so the goal of adware is rather obvious. Z ERO - DAY

ATTACKS , ALSO CALLED ZERO - HOUR ATTACKS

A zero day attack refers to a hole in software which the vendor do not know of. This security hole is then exploited by hackers before the vendor aware of and fix it. Zero day attacks can include infiltration using malware which allow unwanted access to user information. The term “zero day” refers to the unknown nature of the vulnerability to anyone else but the hackers. Once the vulnerability is known, developer must make haste to who must protect users. To close the hole, the software company releases a patch. Usually, patches are released on a regular basis. For example, Microsoft usually release a patch on the second Tuesday of every month. Microsoft releases security patches which fix identified holes. However, if a critical vulnerability is discovered, a patch may be released outside of schedule. Operating systems are not the only target of such attack. Some browsers, games and software packages like Adobe Flash may become targets as well. So, it is important to keep updating the patches from the vendor. H ACKER

ATTACK

Hacker may try to crack open a security measure directly. This type of hacking is featured on many movies but it is not as easy as depicted in entertainment media. This Page 96

Information Network [436302] type of attack is rather rare but it is one of the most fearsome because it shows the ability of the person mounting the attack. An example of the easiest way to hack through password protected item is to bruteforce through the protection. Note that it is not the only way, but it is easy to understand. Suppose a website is protected by a password, a hacker may try to guess the correct password for administrator account which has full control over the website. The hacker may try to gain access to root user which has high privilege too. However, the hacker does not know the correct password. So, the hacker tries all possible passwords. Once the correct password is recovered from “programmed guessing”, the hacker gain access to the account. There is a case which a famous hacker group called “Anonymous” hacked their target during live interview. The VDO can be accessed via QR code in figure 1 or from URL http://youtu.be/OZJwSjor4hM. After watching the VDO, try to see how you feel against the hacker who could have done such as thing. This is the effect of a direct hacker attack. It is demoralizing. S OCIAL

ENGINEERING

FIGURE 64: ANONYMOUS HACK

Social engineering is one of the most effective way to hack into corporate target. Compare to hacker attack which a hacker use technical skill to breach through security measures, social engineering is for a hacker to hack through people network and gain access to the system they are using. Hackers who do this is also called human hackers. Social hackers use influential techniques to gain access to password or account or other technical information to enable to perform attacks later on. This include asking, flirting and other human interaction. In short, it is the technique that involves sociological or psychological tricks to make people do what the hacker wants. Figure 2 shows a rather hilarious way to social engineer for a password, do not fall for it.

FIGURE 65: SOCIAL ENGINEERING FOR A PASSWORD

Page 97

Information Network [436302] There is a good case study published in Hacking for dummies 4th edition by Kevin Beaver 6 . Hacking for dummies in a good supplementary book and the instructor suggests students read it if opportunity permits. CASE STUDY: Social engineering hack Mr. Winkler’s client wanted a general gauge of the organization’s security awareness level. Ira and his accomplice went for the pot of gold and tested the organization’s susceptibility to social engineering. To start, they scoped out the main entrance of the building and found that the reception area and security desk were in the middle of a large lobby and were staffed by a receptionist. The next day, the two men walked into the building during the morning rush while pretending to talk on cellphones. They stayed at least 15 feet from the attendant and ignored her as they walked by. After they were inside the facility, they found a conference room to set up shop in. They sat down to plan the rest of the day and decided a facility badge would be a great start. Mr. Winkler called the main information number and asked for the office that makes the badges. He was forwarded to the reception/security desk. Ira then pretended to be the CIO and told the person on the other end of the line that he wanted badges for a couple of subcontractors. The person responded, “Send the subcontractors down to the main lobby.” When Mr. Winkler and his accomplice arrived, a uniformed guard asked what they were working on, and they mentioned computers. The guard then asked them if they needed access to the computer room! Of course, they said, “That would help.” Within minutes, they both had badges with access to all office areas and the computer operations center. They went to the basement and used their badges to open the main computer room door. They walked in and were able to access a Windows server, load the user administration tool, add a new user to the domain, and make the user a member of the administrators’ group. Then they quickly left. The two men had access to the entire corporate network with administrative rights within two hours. They also used the badges to perform after-hours walkthroughs of the building. While doing so, they found the key to the CEO’s office and planted a mock bug there.

As you can see from the case, it is important for people to aware of this type of security attack because no matter how good technical measure against security threats may be, social engineering allows hacker to simply by-pass it.

Beaver, K. (2013, October 10). A Case Study in How Hackers Use Social Engineering. Retrieved from For Dummies: http://www.dummies.com/how-to/content/a-case-study-in-how-hackers-use-socialengineering.html

Page 98

Information Network [436302] P HISHING Phishing, pronounce like â&#x20AC;&#x153;fishingâ&#x20AC;?, is an attack that hacker takes information from the target by acting like someone trust-worthy as ask for those information using electronic media. For example, hacker may create a webpage that look exactly like Hotmail website. The fake page is shown to the target. If the target takes the bait, just like fish as the term suggests, and send login information, the hacker then forward those information to Hotmail. So, the target is presented with real Hotmail and suspect nothing. However, the hacker take a copy of those login information such as username and password. This way, the victim never knows that the account has been compromised. The hacker get credit card account and internet banking account using similar phishing technique. An example of phishing site can be found in figure 3, try to identify the indication of phishing site from the screenshot. The answer is in the textbox below the screenshot.

Answer: The URL is not correct. FIGURE 66: EXAMPLE OF PHISHING SITE REPLICATING FACEBOOK LOGIN PAGE

Page 99

Information Network [436302] D ENIAL

OF SERVICE ATTACKS

Denial of server or DOS and similar attack called Distributed DOS or DDOS is not an attack to gain control of a system. Instead, it is an attack to take down the system. There are various methods to do so. Most methods, though, involve overloading the server. For example, hackers might infect many PCs with their worms. After they gather a lot of infected which they can control, also called zombie PCs, they command all of the PCs to send HTTP requests to the target server. With such many requests from all over the world, the target server is flooded with requests and cannot handle them all. This result in system crash. At the very least, the real users cannot use their service because all the requests from the zombie PCs take up all bandwidth to the server. D ATA

INTERCEPTION

Data interception is an attack that the hacker get a copy of data during transmission. The oldest method of this attack could be “eave dropping” or “wiretapping”. Hackers may try to gain access to network cables and take the information directly from the cable. Other way of intercepting the data may be “middleman attack”. In this kind of attack, hacker gain access to the routers between the targets and their destination node. Hackers make a copy of all traffics through their router and filter to get the packets they want. Users may prevent this type of attack by using encrypted communication protocol such as HTTPS. I DENTITY

THEFT

Identity theft is not really a hack. The term originated from impersonation technique which is a non-electronic method. However, with computer technology, identity theft get to a new level using target’s identification information such as login session. For example, the easiest way to perform identity theft is to use the PC that the target just get off and forget to logout. The hacker then use the target’s account to perform something as if the hacker is the target. The hacker may ask for money to be transfer for emergency uses, hoping that target’s family member would take the bait. CONCLUSION

It is important to note that new ways of exploiting security vulnerabilities may surface in the future. Network security is a race between good guys, white hat hackers, who protect the system against the bad guys, black hat hackers, who try to destroy the system. Therefore, students should keep learning and exploring the world of network security, in order to provide the best security measure possible for their job and life. Page 100

Information Network [436302]

DEFENSE Defending against organized security attack is extremely difficult and require great afford. However, hackers usually not target a small victim because there is nothing to gain from the hack. Therefore, individuals can rely on several tools to keep themselves safe. However, corporation must maintain extreme care for security. They need more powerful and sophisticate security measures. P OLICY

AND SECURITY AWARENESS

Most security breaches involve some kind of social engineering. Therefore defending against social engineering is utmost important. The awareness of social engineering hack allows people in the corporation to defend against people hackers. Policy can improve defense against social engineering. For example, method of checking subcontractor origin can prevent social engineering such as shown in the case study mentioned on social engineering section. It is important that the leadership of a corporation recognize the importance of network security. Security consultants may be required to design and audit the system. Security breaches could be anywhere in the system. Therefore, from top to bottom, security awareness is required to ensure that hacker cannot invade. A NTI - VIRUS

AND ANTI - SPYWARE

An anti-virus program can prevent virus from infecting a computer. However, it is important to know that not every virus can be detected by anti-virus program. These programs require update for new virus definition files. These update is to inform the program of new viruses and threats. Without these updates, anti-virus program cannot recognize new security threats which come out non-stop every day. Although anti-virus program is important for security of a computer. It should not be installed on the same computer with another anti-virus program. There are reports that anti-virus programs interfere with each other. F IREWALL Firewall protects a computer or an entire computer network from unwanted traffics. These unwanted traffics may come from worms or hackers. Basically, firewall operates on rules, allowing some type of traffic to come in and out of a network. These rules can operate on up to application layer protocols. Firewall can be hardware or software. Firewall hardware is placed to guard the router from WAN connection. Any traffic from WAN or the Internet must pass through the Page 101

Information Network [436302] firewall before getting to the router. This reduces load from the router and potentially reduces damage from DDOS. Software firewall protects a computer from worms that spread through computer network. It also informs the user if a program from the computer wants to send something to a network. This can be a worm infecting the computer and trying to replicate itself through the network. This information allows damage to be controlled before it spread to other computers. I NTRUSION

PREVENTION SYSTEMS

(IPS)

Intrusion prevention systems or IPS is a network device that monitor the network, looking for any malicious action on the network. IPS may be configured to stop the action or report it. Since IPS is looking for actions that match malicious patterns, it is capable of stopping zero-day attacks. Apart from its expected functionalities, some IPS also capable of improving network performance. Since IPS can operate up to application layer, it is also capable of fixing error detected by CRC and clear out fragments from TCP connection. V IRTUAL P RIVATE N ETWORKS (VPN S ) Virtual private networks or VPN allows secure access on computers or network devices from remote location. VPN allows computers to connect to other computers through public network like a private network. This allows users to take advantage of security and policy of private network. For example, a student wants to search online research database. However, the research databases can be access from university network, such as SU WIFI. The student goes home and those databases cannot be accessed from home. To use those databases from home, the student must install VPN software which allow VPN to be established. Then, using VPN, the student can access research databases from home just like using SU WIFI. If students want to know more about how to setup VPN from Silpakorn University, the link to VPN setup manual provided by computer center is

FIGURE 67: SILPAKORN UNIVERSITY VPN SETUP MANUAL

encoded in QR code shown in figure 47.

Or visit URL [http://netserv.su.ac.th/manual/vpn/vpn64.html]

Page 102

Information Network [436302]

NETWORK ADMINISTRATION Computer network is a complex system of interconnected devices. In this kind of system, a single malfunctioned device can cripple the entire system. Network administration is a job which a network administrator make sure that the network works smoothly. It is a task that requires several skills fit for a course of studying and several months of training. However, this course introduce some simple commands which allow MS Windows users to check and perform some administrative tasks for their networks. Commands introduced in this handout can be accessed from command line interface of Windows. Examples shown in this handout are captured from Windows 7. I PCONFIG Ipconfig is a command which display and modify a computerâ&#x20AC;&#x2122;s IP address. Most of the time, it allows users to learn about their IP addresses without going through several clicks, using GUI interface. It also allows users to renew IP address, in case the connection failed to acquire an IP address. This command has many options for users to choose. The first option is /all which command the system to show all information about computerâ&#x20AC;&#x2122;s IP address. If users do not want IP address to be automatically configured by DHCP, simply add /release option and the OS will stop using that IP address. If IP address given to the computer does not perform correctly, the user may try to ask DHCP to reconfigure the IP address using /renew option. The last option which is rather useful is /flushdns. This last option allows a user to reset all DNS entries in case of wrong DNS configuration. More options are available for ipconfig as shown in figure 1. Figure 1 is a help page from ipconfig itself and can be accessed by typing: ipconfig /? Into command line. It is highly recommended that students should be able to read and understand this type of documentation because it is the easiest way to learn about the command. Many technical writings are written in similar style and being able to read these documents is one of the main goal of the course.

Page 103

Information Network [436302]

FIGURE 68: IPCONFIG /?

N SLOOKUP nslookup is a command which allows user to verify if DNS is working correctly. This command requires a domain name and will show the IP addresses for that domain name. Thus, if the IP address of the domain name is wrong, a wrong website would have been shown. This is useful when working with web programming as well as trying to spot DNS hacking.

Page 104

Information Network [436302] Figure 2 shows nslookup for www.google.com and google.com. Notice that those two URLs is linked to two sets of different IP addresses. This is the reason that some website can only be accessed with www at the front, while some sites do not require it. Also notice the last line in figure 2, the curser is not the similar to the top line. This is because nslookup is an on-going command. To get back to original command line, user must type in “exit”. N ETSTAT Netstat is a command that examine network status within the computer. It allows user to know which application is using network. Which protocol it is using and where it is connecting to. It is particularly useful to spot a worm or Trojan using computer network to send information or replicating itself through computer network. To use the command, simply type in “netstat”. However, netstat will try to resolve IP address for FIGURE 69: NSLOOKPUP SCREENSHOT domain name which takes some time. Therefore, if user want it quick, simply add –n after netstat. This option allow netstat to display only IP address, without resolving host name. Figure 3 shows netstat command.

FIGURE 70: NETSTAT –N SCREENSHOT

Page 105

Information Network [436302] P ING Ping is probably the easiest to use and the most useful command in network administration. It is used to check if another node, with an IP address, is online or not. To use the command, simply type in PING followed by an IP address. If there is a reply, the node is online. Otherwise, it is offline. Ping can also be used to check the speed of connection to that particular node using TTL (time to live) value. The higher TTL value is, the faster that connection is. Figure 4 shows ping in action. Figure 5 shows ping help file which allows you to see various options ping has to offer.

FIGURE 71: PINGING LOCALHOST

FIGURE 72: PING /?

Page 106

Information Network [436302] P ATHPING If ping shows connection cannot be established but you know exactly 100% that to device is online, you may want to know where in the network fail to deliver the packet. Pathping allows user to analyses each hop in the network and find which part of the net fails to perform. Syntax of pathping is basically similar to ping. However, the results contain much more details. Pathping shows each hop IP address or host name, if the name can be resolved. It also provides statistical values of each hop which allows administrator to know condition of the link. An example of pathping output is shown in figure 6.

FIGURE 73: PATHPING SCREENSHOT

Page 107

Information Network [436302] T RACERT Tracert command is refered to as “Trace route”, not “Tra-cert”. It is used to check latency of a link between nodes. This is much like pathping but tracert is faster. Tracert uses three packets and return latency of those packets, unlike pathping which send hundreds of packets. This makes tracert considerably faster. Try figure 5, see the word “computing statistics for 400 seconds”. That’s the time used for pathping. According to the degree of feedback. Tracert is great for checking links condition over the network that the user do not know about such as public network over to the ISP side. Pathping, on the other hand, is great for the network that the user can control.

FIGURE 74: TRACERT SCREENSHOT

CONCLUSION This handout introduces some network administration command for Windows, based on Windows 7. These commands are useful for troubleshooting network problems. However, they do not fix the problem, although some command like ipconfig could potentially fix the problem. Network problems may occur on physical layer and require hand-on repair to make it work. These commands pinpoint the problems.

Page 108

Information Network [436302]

BIBLIOGRAPHY แฟรงค์ เจ. เดอเฟอร จูเนียร์ และ เลส ฟรีด. ระบบเครือข่ายทางานอย่างไร = How networks work. Ed. นินาถ วนาพรรณ์. กรุงเทพฯ: ซีอ็ดยูเคชั่น, 2547. ภักดีวัฒนะกุล, กิตติ and สุธี พงศาสกุลชัย. เครือข่ายคอมพิวเตอร์ = กรุงเทพฯ: เคทีพี, 2554. เอี่ยมสิริวงศ์, โอภาส. เครือข่ายคอมพิวเตอร์และการสื่อสาร = communications. กรุงเทพฯ: ซีเอ็ดยูเคชั่น, 2552.

Computer network.

Computer networks and

Forouzan, Behrouz A. Data communications and networking. New York: McGraw-Hill, 2013. Beaver, K. (2013, October 10). A Case Study in How Hackers Use Social Engineering. Retrieved from For Dummies: http://www.dummies.com/how-to/content/a-casestudy-in-how-hackers-use-social-engineering.html Kurose, James F. and Keith W. Ross. Computer Networking A Top-Down Approach. 4th. Boston: Pearson/Addison wesley, 2008. Book. Stallings, William. Computer networking with Internet protocols and technology. N.J.: Upper Saddle River, 2004. Tanenbaum, Andrew S. Computer networks. N.J.: Upper Saddle River, 2003. Tetz, Edward. "Network Basics: TCP/IP and OSI Network Model Comparisons." 19 August 2013. For Dummies (A Wiley Brand): Making Everything Easier. <http://www.dummies.com/how-to/content/network-basics-tcpip-and-osinetwork-model-compari.html>.

Page 109