FUNDAMENTALS OF A NETWORK:

What is a Network?

A network, often simply referred to as a computer network, is a collection of

computers and devices connected by communications channels that facilitates
communications among users and allows users to share resources with other users.
A computer network allows sharing of resources and information among devices
connected to the network.

A computer network is a group of two or more computers connected to each

electronically. This means that the computers can "talk" to each other and that every
computer in the network can send information to the others.

In the world of computers, networking is the practice of linking two or more

computing devices together for the purpose of sharing data. Networks are built with
a mix of computer hardware and computer software.

Thus networking is the practice of linking two or more computers or devices with
each other. The connectivity can be wired or wireless. In a nutshell computer
networking is the engineering discipline concerned with the communication
between computer systems or devices. Computer networking is sometimes
considered a sub-discipline of telecommunications, computer science, information
technology and electronics engineering since it relies heavily upon the theoretical
and practical application of these scientific and engineering disciplines.

1
Network Classification:

As a computer network is a system for communication among two or more

computers. Though there are numerous ways of classifying a network, the most
popular categorization is by range, functional relationship, network topology and
specialized function.

By Range:

Local area network (LAN): A local area network is a network that connects
computers and devices in a limited geographical area such as home, school,
computer laboratory, office building, or closely positioned group of buildings. Each
computer or device on the network is a node. Current wired LANs are most likely to
be based on Ethernet technology, although new standards like ITU-T G.hn also
provide a way to create a wired LAN using existing home wires (coaxial cables, phone
lines and power lines)

All interconnected devices must understand the network layer (layer 3), because
they are handling multiple subnets (the different colors). Those inside the library,
which have only 10/100 Mbit/s Ethernet connections to the user device and a
Gigabit Ethernet connection to the central router, could be called "layer 3 switches"
because they only have Ethernet interfaces and must understand IP. It would be
more correct to call them access routers, where the router at the top is a distribution
router that connects to the Internet and academic networks' customer access
routers. The defining characteristics of LANs, in contrast to WANs (Wide Area
Networks), include their higher data transfer rates, smaller geographic range, and no
need for leased telecommunication lines. Current Ethernet or other IEEE 802.3 LAN
technologies operate at speeds up to 10 Gbit/s. This is the data transfer rate. IEEE
has projects investigating the standardization of 40 and 100 Gbit/s.

2
Metropolitan area network (MAN): A metropolitan area network is a large
computer network that usually spans a city or a large campus. A MAN usually
interconnects a number of local area networks (LANs) using a high-capacity
backbone technology, such as fiber-optical links, and provides up-link services to
wide area networks and the Internet. A Metropolitan Area Network (MAN) is a large
computer network that spans a metropolitan area or campus. Its geographic scope
falls between a WAN and LAN. MANs provide Internet connectivity for LANs in a
metropolitan region, and connect them to wider area networks like the Internet.

A Simple MAN

Wide area network (WAN): The term Wide Area Network (WAN) usually refers to a
network which covers a large geographical area, and use communications circuits to
connect the intermediate nodes. A major factor impacting WAN design and
performance is a requirement that they lease communications circuits from
telephone companies or other communications carriers. Transmission rates are
typically 2 Mbps, 34 Mbps, 45 Mbps, 155 Mbps, 625 Mbps (or sometimes
considerably more). Numerous WANs have been constructed, including public
packet networks, large corporate networks, military networks, banking networks,
stock brokerage networks, and airline reservation networks. Some WANs are very
extensive, spanning the globe, but most do not provide true global coverage.
Organisations supporting WANs using the Internet Protocol are known as Network
Service Providers (NSPs). These form the core of the Internet. By connecting the NSP

3
WANs together using links at Internet Packet Interchanges (sometimes called
"peering points") a global communication infrastructure is formed. NSPs do not
generally handle individual customer accounts (except for the major corporate
customers), but instead deal with intermediate organisations whom they can charge
for high capacity communications. They generally have an agreement to exchange
certain volumes of data at a certain "quality of service" with other NSPs. So
practically any NSP can reach any other NSP, but may require the use of one or more
other NSP networks to reach the required destination. NSPs vary in terms of the
transit delay, transmission rate, and connectivity offered. Since radio
communications systems do not provide a physically secure connection path,
WWANs typically incorporate encryption and authentication methods to make them
more secure. Unfortunately some of the early GSM encryption techniques were
flawed, and security experts have issued warnings that cellular communication,
including WWAN, is no longer secure. UMTS (3G) encryption was developed later
and has yet to be broken.

Personal area network (PAN): A personal area network is a computer network used
for communication among computer devices, including telephones and personal
digital assistants, in proximity to an individual's body. The devices may or may not
belong to the person in question. The reach of a PAN is typically a few meters. PANs
can be used for communication among the personal devices themselves
(intrapersonal communication), or for connecting to a higher level network and the
Internet (an uplink). Personal area networks may be wired with computer buses such
as USB and FireWire. A wireless personal area network (WPAN) can also be made
possible with network technologies such as IrDA, Bluetooth, UWB, Z-Wave and
ZigBee.

4
Virtual Private Network (VPN): A virtual private network (VPN) is a computer
network in which some of the links between nodes are carried by open connections or
virtual circuits in some larger network (e.g., the Internet) instead of by physical wires.
The data link layer protocols of the virtual network are said to be tunnelled through
the larger network when this is the case. One common application is secure
communications through the public Internet, but a VPN need not have explicit
security features, such as authentication or content encryption. VPNs, for example,
can be used to separate the traffic of different user communities over an underlying
network with strong security features. A VPN may have best-effort performance, or
may have a defined service level agreement (SLA) between the VPN customer and
the VPN service provider. Generally, a VPN has a topology more complex than point-
to-point.

5
By Functional Relationship:

Client-server: Client-server model of computing is a distributed application structure

that partitions tasks or workloads between service providers, called servers, and
service requesters, called clients. Often clients and servers communicate over a
computer network on separate hardware, but both client and server may reside in
the same system. A server machine is a host that is running one or more server
programs which share its resources with clients. A client does not share any of its
resources, but requests a server's content or service function. Clients therefore
initiate communication sessions with servers which await incoming requests. The
characteristics of the transmission facilities lead to an emphasis on efficiency of
communications techniques in the design of WANs. Controlling the volume of traffic
and avoiding excessive delays is important. Since the topologies of WANs are likely
to be more complex than those of LANs, routing algorithms also receive more
emphasis. Many WANs also implement sophisticated monitoring procedures to
account for which users consume the network resources.

Fig 2.6: Client-Server Setup

Peer-to-peer: A peer-to-peer, commonly abbreviated to P2P, is any distributed

network architecture composed of participants that make a portion of their

6
resources (such as processing power, disk storage or network bandwidth) directly
available to other network participants, without the need for central coordination
instances (such as servers or stable hosts). Peers are both suppliers and consumers
of resources, in contrast to the traditional client–server model where only servers
supply, and clients consume. Peer-to-peer was popularized by file sharing systems
like Napster. Peer-to-peer file sharing networks have inspired new structures and
philosophies in other areas of human interaction. In such social contexts, peer-to-
peer as a meme refers to the egalitarian social networking that is currently emerging
throughout society, enabled by Internet technologies in general. P2P networks are
typically used for connecting nodes via largely ad hoc connections. Sharing content
files containing audio, video, data or anything in digital format is very common, and
real time data, such as telephony traffic, is also passed using P2P technology.

Fig 2.7 A Peer to Peer Network

Multitier architecture: Multi-tier architecture (often referred to as n-tier

architecture) is an architecture in which the presentation, the application

7
processing, and the data management are logically separate processes. For example,
an application that uses middleware to service data requests between a user and a
database employs multi-tier architecture. The most widespread use of "multi-tier
architecture" refers to three-tier architecture. N-tier application architecture
provides a model for developers to create a flexible and reusable application. By
breaking up an application into tiers, developers only have to modify or add a
specific layer, rather than have to rewrite the entire application over.

There should be a presentation tier, a business or data access tier, and a data tier.
The concepts of layer and tier are often used interchangeably. However, one fairly
common point of view is that there is indeed a difference, and that a layer is a logical
structuring mechanism for the elements that make up the software solution, while a
tier is a physical structuring mechanism for the system infrastructure. Apart from the
usual advantages of modular software with well defined interfaces, the three-tier
architecture is intended to allow any of the three tiers to be upgraded or replaced
independently as requirements or technology change. For example, a change of
operating system in the presentation tier would only affect the user interface code.

Fig 2.8 Multitier architecture.

By Network Topology:

8
Bus network: A bus network topology is a network architecture in which a set of
clients are connected via a shared communications line, called a bus. There are
several common instances of the bus architecture, including one in the motherboard
of most computers, and those in some versions of Ethernet networks. Bus networks
are the simplest way to connect multiple clients, but may have problems when two
clients want to transmit at the same time on the same bus.

Thus systems which use bus network architectures normally have some scheme of
collision handling or collision avoidance for communication on the bus, quite often
using Carrier Sense Multiple Access or the presence of a bus master which controls
access to the shared bus resource. A true bus network is passive – the computers on
the bus simply listen for a signal; they are not responsible for moving the signal
along. However, many active architectures can also be described as a "bus", as they
provide the same logical functions as a passive bus; for example, switched Ethernet
can still be regarded as a logical network, if not a physical one. Indeed, the hardware
may be abstracted away completely in the case of a software bus. With the
dominance of switched Ethernet over passive Ethernet, passive bus networks are
uncommon in wired networks. However, almost all current wireless networks can be
viewed as examples of passive bus networks, with radio propagation serving as the
shared passive medium. The bus topology makes the addition of new devices
straightforward. The term used to describe clients is station or workstation in this
type of network. Bus network topology uses a broadcast channel which means that
all attached stations can hear every transmission and all stations have equal priority
in using the network to transmit data.

Fig 2.9: Bus Topology

9
Star network: Star networks are one of the most common computer network
topologies. In its simplest form, a star network consists of one central switch, hub or
computer, which acts as a conduit to transmit messages. Thus, the hub and leaf
nodes, and the transmission lines between them, form a graph with the topology of
a star. If the central node is passive, the originating node must be able to tolerate
the reception of an echo of its own transmission, delayed by the two-way
transmission time (i.e. to and from the central node) plus any delay generated in the
central node. An active star network has an active central node that usually has the
means to prevent echo-related problems. The star topology reduces the chance of
network failure by connecting all of the systems to a central node. When applied to a
bus-based network, this central hub rebroadcasts all transmissions received from
any peripheral node to all peripheral nodes on the network, sometimes including the
originating node. All peripheral nodes may thus communicate with all others by
transmitting to, and receiving from, the central node only. The failure of a
transmission line linking any peripheral node to the central node will result in the
isolation of that peripheral node from all others, but the rest of the systems will be
unaffected. It is also designed with each node (file waver, workstations, and
peripherals) connected directly to a central network hub, switch, or concentrator.
Data on a star network passes through the hub, switch, or concentrator before
continuing to its destination. The hub, switch, or concentrator manages and controls
all functions of the network. It is also acts as a repeater for the data flow. This
configuration is common with twisted pair cable. However, it can also be used with
coaxial cable or optical fibre cable.

Fig 2.10: Star Topology

10
Ring network: A ring network is a network topology in which each node connects to
exactly two other nodes, forming a single continuous pathway for signals through
each node - a ring. Data travels from node to node, with each node along the way
handling every packet. Because a ring topology provides only one pathway between
any two nodes, ring networks may be disrupted by the failure of a single link. A node
failure or cable break might isolate every node attached to the ring. FDDI networks
overcome this vulnerability by sending data on a clockwise and a counter clockwise
ring: in the event of a break data is wrapped back onto the complementary ring
before it reaches the end of the cable, maintaining a path to every node along the
resulting "C-Ring". 802.5 networks -- also known as IBM Token Ring networks --
avoid the weakness of a ring topology altogether: they actually use a star topology at
the physical layer and a Multistation Access Unit (MAU) to imitate a ring at the data
link layer. Many ring networks add a "counter-rotating ring" to form a redundant
topology. The numerous advantages of ring topology include Very orderly network
where every device has access to the token and the opportunity to transmit.
Performs better than a star topology under heavy network load. Can create much
larger network using Token Ring. Does not require network server to manage the
connectivity between the computers

Fig 2.11: Ring Topology

11
Grid network: A grid network is a kind of computer network consisting of a number
of (computer) systems connected in a grid topology. In a regular grid topology, each
node in the network is connected with two neighbours along one or more
dimensions. If the network is one-dimensional, and the chain of nodes is connected
to form a circular loop, the resulting topology is known as a ring. In general, when an
n-dimensional grid network is connected circularly in more than one dimension, the
resulting network topology is a torus, and the network is called toroidal.

Tree and hypertree networks: A Tree Network consists of star-configured nodes

connected to switches/concentrators, each connected to a linear bus backbone.
Each hub/concentrator rebroadcasts all transmissions received from any peripheral
node to all peripheral nodes on the network, sometimes including the originating
node. All peripheral nodes may thus communicate with all others by transmitting to,
and receiving from, the central node only. The failure of a transmission line linking
any peripheral node to the central node will result in the isolation of that peripheral
node from all others, but the rest of the systems will be unaffected.

Fig 2.12: Tree Type Topology

12
Elements of a Network:

A network element is usually defined as a manageable logical entity uniting one

or more physical devices. This allows distributed devices to be managed in a unified
way using one management system. Elements of the network include the entities on
which the network runs upon. This includes routers, switches, hubs, bridges,
network cards, repeaters, filters, modems, connecting cables. All of these network
components are discussed in detail below:

Routers: A router is a device that interconnects two or more computer networks,

and selectively interchanges packets of data between them. Each data packet
contains address information that a router can use to determine if the source and
destination are on the same network, or if the data packet must be transferred from
one network to another. Where multiple routers are used in a large collection of
interconnected networks, the routers exchange information about target system
addresses, so that each router can build up a table showing the preferred paths
between any two systems on the interconnected networks. A router is a networking
device whose software and hardware are customized to the tasks of routing and
forwarding information. A router has two or more network interfaces, which may be
to different physical types of network or different network standards. Each network
interface is a small computer specialized to convert electric signals from one form to
another. Routers connect two or more logical subnets, which do not share a
common network address. The subnets in the router do not necessarily map one-to-
one to the physical interfaces of the router. The term "layer 3 switching" is used with
the term "routing". The term switching is generally used to refer to data forwarding
between two network devices that share a common network address. This is also
called layer 2 switching or LAN switching.

13
 Fig 2.13: Cisco 3640 Routers

Switches: A network switch or switching hub is a computer networking device that

connects network segments. Switches may operate at one or more OSI layers,
including physical, data link, network, or transport (i.e., end-to-end). A device that
operates simultaneously at more than one of these layers is known as a multilayer
switch. In switches intended for commercial use, built-in or modular interfaces make
it possible to connect different types of networks, including Ethernet, Fibre Channel,
ATM, ITU-T G.hn and 802.11. This connectivity can be at any of the layers
mentioned. While Layer 2 functionality is adequate for speed-shifting within one
technology, interconnecting technologies such as Ethernet and token ring are easier
at Layer 3. Interconnection of different Layer 3 networks is done by routers. If there
are any features that characterize "Layer-3 switches" as opposed to general-purpose
routers, it tends to be that they are optimized, in larger switches, for high-density
Ethernet connectivity.

14
Hubs: A hub, essentially an network hub is a device for connecting multiple twisted
pair or fiber optic Ethernet devices together and making them act as a single
network segment. Hubs work at the physical layer (layer 1) of the OSI model. The
device is a form of multiport repeater. Repeater hubs also participate in collision
detection, forwarding a jam signal to all ports if it detects a collision. A network hub
is a fairly unsophisticated broadcast device. Hubs do not manage any of the traffic
that comes through them, and any packet entering any port is broadcast out on all
other ports. Since every packet is being sent out through all other ports, packet
collisions result—which greatly impedes the smooth flow of traffic. The need for
hosts to be able to detect collisions limits the number of hubs and the total size of a
network built using hubs (a network built using switches does not have these
limitations). For 10 Mbit/s networks, up to 5 segments (4 hubs) are allowed between
any two end stations. For 100 Mbit/s networks, the limit is reduced to 3 segments (2
hubs) between any two end stations, and even that is only allowed if the hubs are of
the low delay variety. Some hubs have special (and generally manufacturer specific)
stack ports allowing them to be combined in a way that allows more hubs than
simple chaining through Ethernet cables, but even so, a large Fast Ethernet network
is likely to require switches to avoid the chaining limits of hubs.

Fig 2.15: A Simple Hub

15
Bridges: A Network Bridge connects multiple network segments at the data link layer
(Layer 2) of the OSI model. In Ethernet networks, the term Bridge formally means a
device that behaves according to the IEEE 802.1D standard. A bridge and switch are
very much alike; a switch being a bridge with numerous ports.

Switch or Layer 2 switch is often used interchangeably with Bridge. Bridges are
similar to repeaters or network hubs, devices that connect network segments at the
physical layer; however, with bridging, traffic from one network is managed rather
than simply rebroadcast to adjacent network segments. Bridges are more complex
than hubs or repeaters. Bridges can analyze incoming data packets to determine if
the bridge is able to send the given packet to another segment of the network.

Repeaters: A network repeater is a device used to expand the boundaries of a wired

or wireless (Wi-Fi) local area network (LAN). In the past, wired network repeaters
were used to join segments of Ethernet cable. The repeaters would amplify the data
signals before sending them on to the uplinked segment, thereby countering signal
decay that occurs over extended lengths of wire. Modern Ethernet networks use
more sophisticated switching devices, leaving the wireless flavour of the network
repeater a more popular device for use with wireless LANs (WLANs) at work and
home. Another option is to setup a network repeater on the lower floor, halfway
between the basement and the upstairs office. The repeater should magnify the
signal enough to get good coverage in the upstairs floor. If the building is quite large,
several network repeaters can be placed strategically to “draw” the signal where
required, though this concept has its limits. Devices communicating with an
intermediate network repeater will have lower performance stats than those
communicating directly with the router. This becomes more of an issue as additional
repeaters are used in line.

16
Modems: A modem (modulator-demodulator) is a device that modulates an analog
carrier signal to encode digital information, and also demodulates such a carrier
signal to decode the transmitted information. The goal is to produce a signal that can
be transmitted easily and decoded to reproduce the original digital data. Modems
can be used over any means of transmitting analog signals, from driven diodes to
radio. The most familiar example is a voice band modem that turns the digital data
of a personal computer into analog audio signals that can be transmitted over a
telephone line, and once received on the other side, a modem converts the analog
data back into digital. Modems are generally classified by the amount of data they
can send in a given time, normally measured in bits per second (bit/s, or bps). They
can also be classified by Baud, the number of times the modem changes its signal
state per second. A simple type of a modem is shown below in the figure:

Fig 2.18: Modem

17
Network Cables: Communication is the process of transferring signals from one
point to another and there must be some medium to transfer those signals. In
computer networking and especially in the local area networking, there are certain
communication mediums. This section provides the basic overview of the network
cables, LAN communication system and other transmission mediums in LAN and
WAN. Today many standardized communication cables and communication devices
are in use the according to the needs of a computer network. LAN data
communication systems there are different types of cables are used.  The most
common types of the LAN cables are the Ethernet UTP/STP cables. An Ethernet cable
is a twisted pair cable that is consist of eight cables that are paired together to make
four pairs. A RJ-45 connector is joined with both ends of the cables and one end of
the connector is connected with the LAN card of the computer and the other end of
the cable is connected with the hub or switch. Cable testers are used to test the
performance of each cable. The preferable cable in the Ethernet networking is the
100baseT, which provides the best communication speed. UTP/STP is a standardize
cable in which data is transferred which provides the transmission speed of 10/100
mbps. The most commonly used cable in the star topology is the UTP/STP cable.
UTP/STP cables are same in functionality only a slight difference is that an extra
protective silver coated layer surrounds the cable. UPT/STP cables are further
divided into straight over and cross over cables. The most common use of the
UTP/STP cables is the serial transmission, Ethernet, ISDN, fixed and modular
interfaces in the WAN networking. Straight over cables are used to connect the
computer with the hub or switch and a cross over cable is used to connect the hub
with a hub or with a switch.

18
Coaxial cables are also used in the microwave frequencies but there not as popular
as other cables. The most advanced form of the communication cables is the fiber
optic cable. Fiber optic cables are designed for high speed data communication for
the corporate offices and ISPs, backbones and in the telecommunication industry.
Fiber optic cable acts as a backbone cable when it connects two ISPs with each
other. In the internet communication, there is a major role of the fiber optic cable,
which acts as a backbone. There is another type of cable which is called Twisted Pair
cable that is used connect the consoles of the Cisco Routers and switches and RJ-45
connectors are used to at the both ends of the twisted pair cables.

Networking Models:

Network models define a set of network layers and how they interact. There are
several different network models depending on what organization or company
started them. The most important two are:

The TCP/IP Model - This model is sometimes called the DOD model since it was
designed for the department of defence. It is also called the internet model because
TCP/IP is the protocol used on the internet.

OSI Network Model - The International Standards Organization (ISO) has defined a
standard called the Open Systems Interconnection (OSI) reference model. This is a
seven layer architecture listed in the next section.

The TCP/IP Model:

The TCP/IP model is a description framework for computer network protocols

created in the 1970s by DARPA, an agency of the United States Department of
Defense. It evolved from ARPANET, which were the world's first wide area network
and a predecessor of the Internet. The TCP/IP Model is sometimes called the
Internet Model or the DoD Model. The TCP/IP model, or Internet Protocol Suite,
describes a set of general design guidelines and implementations of specific
networking protocols to enable computers to communicate over a network.

19
TCP/IP provides end-to-end connectivity specifying how data should be formatted,
addressed, transmitted, routed and received at the destination. Protocols exist for a
variety of different types of communication services between computers.

Fig 2.20: TCP/IP Model

Layers in the TCP/IP Model:

The layers near the top are logically closer to the user application, while those near
the bottom are logically closer to the physical transmission of the data. Viewing
layers as providing or consuming a service is a method of abstraction to isolate upper
layer protocols from the nitty-gritty detail of transmitting bits over, for example,
Ethernet and collision detection, while the lower layers avoid having to know the
details of each and every application and its protocol. The following is a description
of each layer in the TCP/IP networking model starting from the lowest level:

Data Link Layer: The Data Link Layer is the networking scope of the local network
connection to which a host is attached. This regime is called the link in Internet
literature. This is the lowest component layer of the Internet protocols, as TCP/IP is
designed to be hardware independent. As a result TCP/IP has been implemented on
top of virtually any hardware networking technology in existence. The Data Link
Layer is used to move packets between the Internet Layer interfaces of two different
hosts on the same link. The processes of transmitting and receiving packets on a
given link can be controlled both in the software device driver for the network card,
as well as on firmware or specialized chipsets.

20
Network Layer: The Network Layer solves the problem of sending packets across one
or more networks. Internetworking requires sending data from the source network
to the destination network. This process is called routing. In the Internet Protocol
Suite, the Internet Protocol performs two basic functions: Host addressing and
identification and Packet routing. IP can carry data for a number of different upper
layer protocols. These protocols are each identified by a unique protocol number: for
example, Internet Control Message Protocol (ICMP) and Internet Group
Management Protocol (IGMP) are protocols 1 and 2, respectively.

Transport Layer: The Transport Layer's responsibilities include end-to-end message

transfer capabilities independent of the underlying network, along with error
control, segmentation, flow control, congestion control, and application addressing
(port numbers). End to end message transmission or connecting applications at the
transport layer can be categorized as either connection-oriented, implemented in
Transmission Control Protocol (TCP), or connectionless, implemented in User
Datagram Protocol (UDP). The Transport Layer can be thought of as a transport
mechanism, e.g., a vehicle with the responsibility to make sure that its contents
(passengers/goods) reach their destination safely and soundly, unless another
protocol layer is responsible for safe delivery.

Application Layer: The TCP/IP network interface layer provides network functions
such as frame synchronization, media access, and error control. It is sometimes
referred to as the network access layer, and is roughly equivalent to the Open
System Interconnection (OSI) model's data link layer. The network interface layer's
functionality is divided between the network interface card–driver combination and
the low-level protocol stack driver.

Application Layer protocols generally treat the transport layer (and lower) protocols
as "black boxes" which provide a stable network connection across which to
communicate, although the applications are usually aware of key qualities of the
transport layer connection such as the end point IP addresses and port numbers. As
noted above, layers are not necessarily clearly defined in the Internet protocol suite.

21
OSI Reference Network Model:

The Open System Interconnection (OSI) reference model describes how information
from a software application in one computer moves through a network medium to a
software application in another computer. The OSI reference model is a conceptual
model composed of seven layers, each specifying particular network functions. The
model was developed by the International Organization for Standardization (ISO) in
1984, and it is now considered the primary architectural model for intercomputer
communications. The OSI model divides the tasks involved with moving information
between networked computers into seven smaller, more manageable task groups. A
task or group of tasks is then assigned to each of the seven OSI layers. Each layer is
reasonably self-contained so that the tasks assigned to each layer can be
implemented independently. This enables the solutions offered by one layer to be
updated without adversely affecting the other layers. The following diagram details
the seven layers of the Open System Interconnection (OSI) reference model:

Fig 2.21: The OSI Reference Model Showing Seven Layers

22
Characteristics of the OSI Layers:

The seven layers of the OSI reference model can be divided into two categories:
upper layers and lower layers. The upper layers of the OSI model deal with
application issues and generally are implemented only in software. The highest layer,
the application layer, is closest to the end user. Both users and application layer
processes interact with software applications that contain a communications
component. The term upper layer is sometimes used to refer to any layer above
another layer in the OSI model. The lower layers of the OSI model handle data
transport issues. The lowest layer, the physical layer, is closest to the physical
network medium and is responsible for actually placing information on the medium.

Fig 2.22: Two Sets of Layers Make Up the OSI Layers

Description of the OSI Layers:

Physical Layer: It defines the electrical and physical specifications for devices. In
particular, it defines the relationship between a device and a physical medium.
Physical layer specifications define characteristics such as voltage levels, timing of
voltage changes, physical data rates, maximum transmission distances, and physical
connectors. Physical layer implementations can be categorized as either LAN or WAN
specifications. The major functions and services performed by the Physical Layer are
establishment and termination of a connection to a communications medium,
Participation, modulation and conversion between the representation of digital data
in user equipment and the corresponding signals transmitted over a communications
channel.

23
Data Link Layer: The data link layer provides reliable transit of data across a physical
network link. Different data link layer specifications define different network and
protocol characteristics, including physical addressing, network topology, error
notification, sequencing of frames, and flow control. Physical addressing (as opposed
to network addressing) defines how devices are addressed at the data link layer.
Network topology consists of the data link layer specifications that often define how
devices are to be physically connected, such as in a bus or a ring topology. Error
notification alerts upper-layer protocols that a transmission error has occurred, and
the sequencing of data frames reorders frames that are transmitted out of sequence.
Finally, flow control moderates the transmission of data so that the receiving device
is not overwhelmed with more traffic than it can handle at one time.

Network Layer: The network layer defines the network address, which differs from
the MAC address. Some network layer implementations, such as the Internet
Protocol (IP), define network addresses in a way that route selection can be
determined systematically by comparing the source network address with the
destination network address and applying the subnet mask. Because this layer
defines the logical network layout, routers can use this layer to determine how to
forward packets. Because of this, much of the design and configuration work for
internetworks happens at Layer 3, the network layer.

Transport Layer: The transport layer accepts data from the session layer and
segments the data for transport across the network. Generally, the transport layer is
responsible for making sure that the data is delivered error-free and in the proper
sequence. Flow control generally occurs at the transport layer. Flow control manages
data transmission between devices so that the transmitting device does not send
more data than the receiving device can process. Multiplexing enables data from
several applications to be transmitted onto a single physical link. Virtual circuits are
established, maintained, and terminated by the transport layer. Error checking
involves creating various mechanisms for detecting transmission errors, while error
recovery involves acting, such as requesting that data be retransmitted, to resolve
any errors that occur.

24
Session Layer: The session layer establishes, manages, and terminates
communication sessions. Communication sessions consist of service requests and
service responses that occur between applications located in different network
devices. These requests and responses are coordinated by protocols implemented at
the session layer. Some examples of session-layer implementations include Zone
Information Protocol (ZIP), the AppleTalk protocol that coordinates the name
binding process; and Session Control Protocol (SCP), the DECnet Phase IV session
layer protocol.

Presentation Layer: The system. Some examples of presentation layer coding and
conversion schemes include presentation layer provides a variety of coding and
conversion functions that are applied to application layer data. These functions
ensure that information sent from the application layer of one system would be
readable by the application layer of another common data representation formats,
conversion of character representation formats, common data compression
schemes, and common data encryption schemes. Common data representation
formats, or the use of standard image, sound, and video formats, enable the
interchange of application data between different types of computer systems.
Conversion schemes are used to exchange information with systems by using
different text and data representations, such as EBCDIC and ASCII.

Standard data compression schemes enable data that is compressed at the source
device to be properly decompressed at the destination. Standard data encryption
schemes enable data encrypted at the source device to be properly deciphered at
the destination.

Application Layer: The application layer is the OSI layer closest to the end user,
which means that both the OSI application layer and the user interact directly with
the software application. This layer interacts with software applications that
implement a communicating component. Such application programs fall outside the
scope of the OSI model. Application layer functions typically include identifying
communication partners, determining resource availability, and synchronizing
communication.

25
OSI and TCP/IP layering differences:

The three top layers in the OSI model—the Application Layer, the Presentation Layer
and the Session Layer—are not distinguished separately in the TCP/IP model where it
is just the Application Layer. While some pure OSI protocol applications, such as
X.400, also combined them, there is no requirement that a TCP/IP protocol stack
needs to impose monolithic architecture above the Transport Layer. For example,
the Network File System (NFS) application protocol runs over the Xternal Data
Representation (XDR) presentation protocol, which, in turn, runs over a protocol
with Session Layer functionality, Remote Procedure Call (RPC). RPC provides reliable
record transmission, so it can run safely over the best-effort User Datagram Protocol
(UDP) transport. The Session Layer roughly corresponds to the Telnet virtual terminal
functionality which is part of text based protocols such as the HTTP and SMTP TCP/IP
model Application Layer protocols. It also corresponds to TCP and UDP port
numbering, which is considered as part of the transport layer in the TCP/IP model.
Some functions that would have been performed by an OSI presentation layer are
realized at the Internet application layer using the MIME standard, which is used in
application layer protocols such as HTTP and SMTP.

26
ROUTING:

Definition:

Routing (or routeing) is the process of selecting paths in a network along which to
send network traffic. Routing is performed for many kinds of networks, including
the telephone network, electronic data networks (such as the Internet),
and transportation networks. Here we are concerned primarily with routing in
electronic data networks using packet switching technology In packet switching
networks, routing directs packet forwarding, the transit of logically addressed
packets from their source toward their ultimate destination through
intermediate nodes; typically hardware devices
called routers, bridges, gateways, firewalls, or switches. General-
purpose computers with multiple network cards can also forward packets and
perform routing, though they are not specialized hardware and may suffer from
limited performance. The routing process usually directs forwarding on the basis
of routing tables which maintain a record of the routes to various network
destinations. Thus, constructing routing tables, which are held in the
routers' memory, is very important for efficient routing. Most routing algorithms use
only one network path at a time, but multipath routing techniques enable the use of
multiple alternative paths. In more narrow sense of term, Routing is often contrasted
with bridging in its assumption that network addresses are structured and that
similar addresses imply proximity within the network. Because structured addresses
allow a single routing table entry to represent the route to a group of devices,
structured addressing (routing, in the narrow sense) outperforms unstructured
addressing (bridging) in large networks, and has become the dominant form of
addressing on the Internet, though bridging is still widely used within localized
environment

27
Routing Schemes:

There are the following types of schemes with which we can select the routes from
our source to the destination network. They are as follows:

Any cast delivers a message to any one out of a group of nodes, typically the one
nearest to the system

Broadcast delivers a message to all nodes in the network

Multicast delivers a message to a group of nodes that have expressed interest in

receiving the message

Unicast delivers a message to a single specified node

Geocast sends or delivers data packets into all nodes in a specified geographic area.

Classification of Routing:

Routing can be classified on the basis of route telling scheme to the router about
neighbouring networks. This can be done in two ways, either we can tell the router
about the neighbouring networks statically or they can be told dynamically. Hence
the classification comes out to be:

Static routing:

Small networks may involve manually configured routing tables (static routing) or
Non-Adaptive routing, while larger networks involve complex topologies and may
change rapidly, making the manual construction of routing tables unfeasible.
Nevertheless, most of the public switched telephone network (PSTN) uses pre-
computed routing tables, with fallback routes if the most direct route becomes
blocked (see routing in the PSTN). For (static routing) or Non-Adaptive routing there
is no algorithm, and is manually engineered. The advantage of this routing type is
maximum computing resources are saved but are conditioned. Networks have to be
prepared for disaster, by additional planning.

Dynamic routing:

28
Adaptive routing or Dynamic routing attempts to solve this problem by constructing
routing tables automatically, based on information carried by routing protocols, and
allowing the network to act nearly autonomously in avoiding network failures and
blockages. For larger networks, static routing is avoided. Examples for (Dynamic
routing) or Adaptive routing algorithms are Routing Information Protocol (RIP), Open
Shortest Path First (OSPF). Dynamic routing dominates the Internet. However, the
configuration of the routing protocols often requires a skilled touch; one should not
suppose that networking technology has developed to the point of the complete
automation of routing. Dynamic routing is further classified into different algorithms
which can be classified on the basis of the method on which any routing protocol
decides the path either on the basis of distance or on the basis of processing done by
CPU. This classification is as follows:

Distance vector algorithms:

Distance vector algorithms use the Bellman-Ford algorithm. This approach assigns a

number, the cost, to each of the links between each node in the network. Nodes will
send information from point A to point B via the path that results in the lowest  total
cost (i.e. the sum of the costs of the links between the nodes used). The algorithm
operates in a very simple manner. When a node first starts, it only knows of its
immediate neighbours, and the direct cost involved in reaching them. Each node, on
a regular basis, sends to each neighbour its own current idea of the total cost to get
to all the destinations it knows of. The neighbouring node(s) examine this
information, and compare it to what they already 'know'; anything which represents
an improvement on what they already have, they insert in their own routing table(s).
Over time, all the nodes in the network will discover the best next hop for all
destinations, and the best total cost. When one of the nodes involved goes down,
those nodes which used it as their next hop for certain destinations discard those
entries, and create new routing-table information. They then pass this information
to all adjacent nodes, which then repeat the process.

29
Link-state algorithms:

When applying link-state algorithms, each node uses as its fundamental data
a map of the network in the form of a graph. To produce this, each node floods the
entire network with information about what other nodes it can connect to, and each
node then independently assembles this information into a map. Using this map,
each router then independently determines the least-cost path from itself to every
other node using a standard shortest paths algorithm such as Dijkstra's algorithm.
The result is a tree rooted at the current node such that the path through the tree
from the root to any other node is the least-cost path to that node. This tree then
serves to construct the routing table, which specifies the best next hop to get from
the current node to any other node.

Routing Protocol Basics:

Administrative distance

The administrative distance (AD) is used to rate the trustworthiness of routing

information received on a router from a neighbour router. An administrative
distance is an integer from 0 to 255, where 0 is the most trusted and 255 means no
traffic will be passed via this route. If a router receives two updates listing the same
remote network, the first thing the router checks is the AD. The advertised route
with the lowest metric will be placed in the routing table.

Route source Default AD

Connected 0
Static route 1
EIGRP 90
RIP 120
IGRP 100
OSPF 110
External EIGRP 170
Unknown 255 (this route will never be
used)
Major Routing Protocols:

RIP

30
The Routing Information Protocol (RIP) is a dynamic routing protocol used in local
and wide area networks. As such it is classified as an interior gateway protocol (IGP).
It uses the distance-vector routing algorithm. It was first defined in RFC 1058 (1988).
The protocol has since been extended several times, resulting in RIP Version 2 (RFC
2453). Both versions are still in use today, however, they are considered to have
been made technically obsolete by more advanced techniques such as Open
Shortest Path First (OSPF) and the OSI protocol IS-IS. RIP has also been adapted for
use in IPv6 networks, a standard known as RIPng (RIP next generation),

Technical details

RIP is a distance-vector routing protocol, which employs the hop count as a routing

metric. The hold down time is 180 seconds. RIP prevents routing loops by
implementing a limit on the number of hops allowed in a path from the source to a
destination. The maximum number of hops allowed for RIP is 15. This hop limit,
however, also limits the size of networks that RIP can support. A hop count of 16 is
considered an infinite distance and used to deprecate inaccessible, inoperable, or
otherwise undesirable routes in the selection process. RIP implements the split
horizon, route poisoning and hold down mechanisms to prevent incorrect routing
information from being propagated. These are some of the stability features of RIP.
It is also possible to use the so called RIP-MTI algorithm to cope with the count to
infinity problem. With its help, it's possible to detect every possible loop with a very
small computation effort. Originally each RIP router transmitted full updates every
30 seconds. In the early deployments, routing tables were small enough that the
traffic was not significant. As networks grew in size, however, it became evident
there could be a massive traffic burst every 30 seconds, even if the routers had been
initialized at random times. RIP is implemented on top of the User Datagram
Protocol as its transport protocol. It is assigned the reserved port number 520.

RIP version 1

31
The original specification of RIP, defined in RFC 1058, uses classful routing. The
periodic routing updates do not carry subnet information, lacking support
for variable length subnet masks (VLSM). This limitation makes it impossible to have
different-sized subnets inside of the same network class. In other words, all subnets
in a network class must have the same size. There is also no support for router
authentication, making RIP vulnerable to various attacks. The RIP version 1 works
when there is only 16 hop counts (0-15).If there is more than 16 hops between two
routers it fails to send data packets to the destination address.

RIP version 2

Due to the deficiencies of the original RIP specification, RIP version 2 (RIPv2) was
developed in 1993 and last standardized in 1998. It included the ability to carry
subnet information, thus supporting Classless Inter-Domain Routing (CIDR). To
maintain backward compatibility, the hop count limit of 15 remained. RIPv2 has
facilities to fully interoperate with the earlier specification if all Must Be
Zero protocol fields in the RIPv1 messages are properly specified. In addition,
a compatibility switch feature allows fine-grained interoperability adjustments. In an
effort to avoid unnecessary load on hosts that do not participate in routing,
RIPv2 multicasts the entire routing table to all adjacent routers at the
address 224.0.0.9, as opposed to RIPv1 which uses broadcast. Unicast addressing is
still allowed for special applications.

Limitations

 Without using RIP-MTI, Hop count cannot exceed 15, in case if it exceeds it
will be considered invalid.
 Most RIP networks are flat. There is no concept of areas or boundaries in RIP
networks.
 Variable Length Subnet Masks were not supported by RIP version 1.
 Without using RIP-MTI, RIP has slow convergence and count to
infinity problems.

Interior Gateway Routing Protocol (IGRP)

32
Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing
protocol (IGP) invented by Cisco. It is used by routers to exchange routing data
within an autonomous system. IGRP is a proprietary protocol. IGRP was created in
part to overcome the limitations of RIP (maximum hop count of only 15, and a single
routing metric) when used within large networks. IGRP supports multiple metrics for
each route, including bandwidth, delay, load, MTU, and reliability; to compare two
routes these metrics are combined together into a single metric, using a formula
which can be adjusted through the use of pre-set constants. The maximum hop
count of IGRP-routed packets is 255 (default 100), and routing updates are broadcast
every 90 seconds (by default). IGRP is considered a classful routing protocol. Because
the protocol has no field for a subnet mask, the router assumes that all interface
addresses within the same Class A, Class B, or Class C network have the same subnet
mask as the subnet mask configured for the interfaces in question. This contrasts
with classless routing protocols that can use variable length subnet masks. Classful
protocols have become less popular as they are wasteful of IP address space.

Advancement:

In order to address the issues of address space and other factors, Cisco created
EIGRP (Enhanced Interior Gateway Routing Protocol). EIGRP adds support for VLSM
(variable length subnet mask) and adds the Diffusing Update Algorithm (DUAL) in
order to improve routing and provide a loop less environment. EIGRP has completely
replaced IGRP, making IGRP an obsolete routing protocol. In Cisco IOS versions 12.3
and greater, IGRP is completely unsupported. In the new Cisco CCNA curriculum
(version 4), IGRP is mentioned only briefly, as an "obsolete protocol".

OPEN SHORTEST PATH FIRST (OSPF):

33
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet
Protocol (IP) networks. Specifically, it is a link-state routing protocol and falls into the
group of interior gateway protocols, operating within a single autonomous system
(AS). It is defined as OSPF Version 2 in RFC 2328 (1998) for IPv4. The updates for IPv6
are specified as OSPF Version 3 in RFC 5340 (2008).

Overview

OSPF is an interior gateway protocol that routes Internet Protocol (IP) packets solely
within a single routing domain (autonomous system). It gathers link state
information from available routers and constructs a topology map of the network.
The topology determines the routing table presented to the Internet Layer which
makes routing decisions based solely on the destination IP address found in IP
datagram’s. OSPF was designed to support variable-length subnet masking (VLSM) or
Classless Inter-Domain Routing (CIDR) addressing models. OSPF detects changes in
the topology, such as link failures, very quickly and converges on a new loop-free
routing structure within seconds. It computes the shortest path tree for each route
using a method based on Dijkstra's algorithm, a shortest path first algorithm. The
link-state information is maintained on each router as a link-state database (LSDB)
which is a tree-image of the entire network topology. Identical copies of the LSDB
are periodically updated through flooding on all OSPF routers.

An OSPF network may be structured, or subdivided, into routing areas to simplify

administration and optimize traffic and resource utilization. Areas are identified by
32-bit numbers, expressed either simply in decimal, or often in octet-based dot-
decimal notation, familiar from IPv4 address notation. By convention, area 0 (zero)
or 0.0.0.0 represents the core or backbone region of an OSPF network. The
identifications of other areas may be chosen at will, often, administrators select the
IP address of a main router in an area as the area's identification.

Neighbour relationships

34
Routers in the same broadcast domain or at each end of a point-to-point
telecommunications link form adjacencies when they have detected each other. This
detection occurs when a router identifies itself in a hello OSPF protocol packet. This
is called a two way state and is the most basic relationship. The routers in an
Ethernet or frame relay network select a designated router (DR) and a backup
designated router (BDR) which act as a hub to reduce traffic between routers. OSPF
uses both Unicast and multicast to send "hello packets" and link state updates.

As a link state routing protocol, OSPF establishes and maintains neighbour

relationships in order to exchange routing updates with other routers. The
neighbour relationship table is called an adjacency database in OSPF. Provided that
OSPF is configured correctly, OSPF forms neighbour relationships only with the
routers directly connected to it. In order to form a neighbour relationship between
two routers, the interfaces used to form the relationship must be in the same area.
An interface can only belong to a single area.

EIGRP

Introduction
Enhanced Interior Gateway Routing Protocol - (EIGRP) is a Cisco proprietary routing
protocol loosely based on their original IGRP. EIGRP is an advanced distance-vector
routing protocol, with optimizations to minimize both the routing instability incurred
after topology changes, as well as the use of bandwidth and processing power in the
router. Routers that support EIGRP will automatically redistribute route information
to IGRP neighbours by converting the 32 bit EIGRP metric to the 24 bit IGRP metric.
Most of the routing optimizations are based on the Diffusing Update Algorithm
(DUAL) work from SRI, which guarantees loop-free operation and provides a
mechanism for fast convergence.

Basic operation

35
The data EIGRP collects is stored in three tables:

 Neighbour Table: Stores data about the neighbouring routers, i.e. those
directly accessible through directly connected interfaces.

 Topology Table: Confusingly named, this table does not store an overview of
the complete network topology; rather, it effectively contains only the
aggregation of the routing tables gathered from all directly connected
neighbours. This table contains a list of destination networks in the EIGRP-
routed network together with their respective metrics. Also for every
destination, a successor and a feasible successor are identified and stored in
the table if they exist. Every destination in the topology table can be marked
either as "Passive", which is the state when the routing has stabilized and the
router knows the route to the destination, or "Active" when the topology has
changed and the router is in the process of (actively) updating its route to
that destination.

 Routing table: Stores the actual routes to all destinations; the routing table is
populated from the topology table with every destination network that has
its successor and optionally feasible successor identified (if unequal-cost
load-balancing is enabled using the variance command). The successors and
feasible successors serve as the next hop routers for these destinations.

Unlike most other distance vector protocols, EIGRP does not rely on periodic route
dumps in order to maintain its topology table. Routing information is exchanged only
upon the establishment of new neighbour adjacencies, after which only changes are
sent.

For the purposes of comparing routes, these are combined together in a weighted
formula to produce a single overall metric:

36
Where the various constants (K1 through K5) can be set by the user to produce
varying behaviours. An important and totally non-obvious fact is that if K5 is set to

zero, the term is not used (i.e. taken as 1).

The default is for K1 and K3 to be set to 1, and the rest to zero, effectively reducing
the above formula to (Bandwidth + Delay) * 256.

Obviously, these constants must be set to the same value on all routers in an EIGRP
system, or permanent routing loops will probably result. Cisco routers running EIGRP
will not form an EIGRP adjacency and will complain about K-values mismatch until
these values are identical on these routers.

EIGRP scales Bandwidth and Delay metrics with following calculations:

Bandwidth for EIGRP = 107 / Interface Bandwidth

Delay for EIGRP = Interface Delay / 10

On Cisco routers, the interface bandwidth is a configurable static parameter

expressed in kilobits per second. Dividing a value of 10 7 Kbit/s (i.e. 10 Gbit/s) by the
interface bandwidth yields a value that is used in the weighted formula. Analogously,
the interface delay is a configurable static parameter expressed in microseconds.
Dividing this interface delay value by 10 yields a delay in units of tens of
microseconds that is used in the weighted formula.EIGRP also maintains a hop count
for every route; however, the hop count is not used in metric calculation. It is only
verified against a predefined maximum on an EIGRP router (by default it is set to 100
and can be changed to any value between 1 and 255). Routes having a hop count
higher than the maximum will be advertised as unreachable by an EIGRP router.

SWITCHING

Layer 2 Switching:

37
Ethernet is a family of frame-based computer networking technologies for local area
networks (LANs). The name comes from the physical concept of the ether. It defines
a number of wiring and signalling standards for the Physical Layer of the OSI
networking model as well as a common addressing format and Media Access Control
at the Data Link Layer. Ethernet is standardized as IEEE 802.3. The combination of
the twisted pair versions of Ethernet for connecting end systems to the network,
along with the fiber optic versions for site backbones, is the most widespread wired
LAN technology. It has been in use from around 1980 to the present, largely
replacing competing LAN standards such as token ring, FDDI, and ARCNET.

CSMA/CD shared medium Ethernet

Ethernet originally used a shared coaxial cable (the shared medium) winding around
a building or campus to every attached machine. A scheme known as carrier sense
multiple accesses with collision detection (CSMA/CD) governed the way the
computers shared the channel. This scheme was simpler than the competing token
ring or token bus technologies. When a computer wanted to send some information,
it used the following algorithm:

Collision detected procedure

1. Continue transmission until minimum packet time is reached (jam signal) to

ensure that all receivers detect the collision.
2. Increment retransmission counter.
3. Was the maximum number of transmission attempts reached? If so, abort
transmission.
4. Calculate and wait random back off period based on number of collisions.
5. Re-enter main procedure at stage 1.

This can be likened to what happens at a dinner party, where all the guests talk to
each other through a common medium (the air). Before speaking, each guest politely
waits for the current speaker to finish. If two guests start speaking at the same time,
both stop and wait for short, random periods of time (in Ethernet, this time is

38
generally measured in microseconds). The hope is that by each choosing a random
period of time, both guests will not choose the same time to try to speak again, thus
avoiding another collision. Exponentially increasing back-off times (determined using
the truncated binary exponential back off algorithm) are used when there is more
than one failed attempt to transmit.

Since all communications happen on the same wire, any information sent by one
computer is received by all, even if that information is intended for just one
destination. The network interface card interrupts the CPU only when applicable
packets are received: the card ignores information not addressed to it unless it is put
into "promiscuous mode". This "one speaks, all listen" property is a security
weakness of shared-medium Ethernet, since a node on an Ethernet network can
eavesdrop on all traffic on the wire if it so chooses. Use of a single cable also means
that the bandwidth is shared, so that network traffic can slow to a crawl when, for
example, the network and nodes restart after a power failure.

More advanced networks:

Simple switched Ethernet networks, while an improvement over hub based Ethernet,
suffer from a number of issues:

39
  They suffer from single points of failure. If any link fails some devices will be
unable to communicate with other devices and if the link that fails is in a
central location lots of users can be cut off from the resources they require.
 It is possible to trick switches or hosts into sending data to a machine even if
it's not intended for it (see switch vulnerabilities).
 Large amounts of broadcast traffic, whether malicious, accidental, or simply a
side effect of network size can flood slower links and/or systems.
o It is possible for any host to flood the network with broadcast traffic
forming a denial of service attack against any hosts that run at the
same or lower speed as the attacking device.
o As the network grows, normal broadcast traffic takes up an ever
greater amount of bandwidth.
o If switches are not multicast aware, multicast traffic will end up
treated like broadcast traffic due to being directed at a MAC with no
associated port.
o If switches discover more MAC addresses than they can store (either
through network size or through an attack) some addresses must
inevitably be dropped and traffic to those addresses will be treated
the same way as traffic to unknown addresses, that is essentially the
same as broadcast traffic (this issue is known as fail open).
 They suffer from bandwidth choke points where a lot of traffic is forced down
a single link.

Some switches offer a variety of tools to combat these issues including:

 Spanning-tree protocol to maintain the active links of the network as a tree

while allowing physical loops for redundancy.

40
  Various port protection features, as it is far more likely an attacker will be on
an end system port than on a switch-switch link.
 VLANs to keep different classes of users separate while using the same
physical infrastructure.
 Fast routing at higher levels to route between those VLANs.
 Link aggregation to add bandwidth to overloaded links and to provide some
measure of redundancy, although the links won't protect against switch
failure because they connect the same pair of switches.

Layer 3 Switching:

The only difference between a layer 3 switch and router is the way the administrator
creates the physical implementation. Also, traditional routers use microprocessors to
make forwarding decisions, and the switch performs only hardware-based packet
switching. However, some traditional routers can have other hardware functions as
well in some of the higher-end models. Layer 3 switches can be placed anywhere in
the network because they handle high-performance LAN traffic and can cost-
effectively replace routers. Layer 3 switching is all hardware-based packet
forwarding, and all packet forwarding is handled by hardware ASICs. Layer 3 switches
really are no different functionally than a traditional router and perform the same
functions, which are listed here

 Determine paths based on logical addressing

 Run layer 3 checksums (on header only)
 Use Time to Live (TTL)
 Process and respond to any option information
 Update Simple Network Management Protocol (SNMP) managers with
Management Information Base (MIB) information
 Provide Security

The benefits of layer 3 switching include the following

 Hardware-based packet forwarding

41
  High-performance packet switching
 High-speed scalability
 Low latency
 Lower per-port cost
 Flow accounting
 Security
 Quality of service (QoS)

Layer 4 Switching:

Layer 4 switching is considered a hardware-based layer 3 switching technology that

can also consider the application used (for example, Telnet or FTP). Layer 4 switching
provides additional routing above layer 3 by using the port numbers found in the
Transport layer header to make routing decisions. These port numbers are found in
Request for Comments (RFC) 1700 and reference the upper-layer protocol, program,
or application.

Layer 4 information has been used to help make routing decisions for quite a while.
For example, extended access lists can filter packets based on layer 4 port numbers.
The largest benefit of layer 4 switching is that the network administrator can
configure a layer 4 switch to prioritize data traffic by application, which means a QoS
can be defined for each user. For example, a number of users can be defined as a
Video group and be assigned more priority, or band-width, based on the need for
video conferencing.

VOIP

42
Voice over Internet Protocol (VoIP, Voice over IP) is a general term for a family of
methodologies, communication protocols, and transmission technologies for
delivery of voice communications and multimedia sessions over Internet Protocol
(IP) networks, such as the Internet. Other terms frequently encountered and
synonymous with VoIP are IP telephony, Internet telephony, voice over broadband
(VoBB), broadband telephony, and broadband phone.

Internet telephony refers to communications services — voice, facsimile, and/or

voice-messaging applications — that are transported via the Internet, rather than
the public switched telephone network (PSTN). The basic steps involved in
originating an Internet telephone call are conversion of the analog voice signal to
digital format and compression/translation of the signal into Internet protocol (IP)
packets for transmission over the Internet; the process is reversed at the receiving
end.

Protocols

Voice over IP has been implemented in various ways using both proprietary and
open protocols and standards. Examples of technologies used to implement Voice
over IP include:

H.323

IP Multimedia Subsystem (IMS)

Media Gateway Control Protocol (MGCP)

Session Initiation Protocol (SIP)

Real-time Transport Protocol (RTP)

Session Description Protocol (SDP)

The H.323 protocol was one of the first VoIP protocols that found wide-spread
implementation for long-distance traffic, as well as local area network services.
However, since the development of newer, less complex protocols, such as MGCP
and SIP, H.323 deployments are increasingly limited to carrying existing long-haul
network traffic. In particular, the Session Initiation Protocol (SIP) has gained
widespread VoIP market penetration.

Benefits

43
Operational cost

VoIP can be a benefit for reducing communication and infrastructure costs. Examples
include:

Routing phone calls over existing data networks to avoid the need for separate voice
and data networks. Conference calling, IVR, call forwarding, automatic redial, and
caller ID features that traditional telecommunication companies (telcos) normally
charge extra for are available free of charge from open source VoIP
implementations.

Flexibility

VoIP can facilitate tasks and provide services that may be more difficult to
implement using the PSTN. Examples include:

The ability to transmit more than one telephone call over a single broadband
connection. Secure calls using standardized protocols (such as Secure Real-time
Transport Protocol). Most of the difficulties of creating a secure telephone
connection over traditional phone lines, such as digitizing and digital transmission,
are already in place with VoIP. It is only necessary to encrypt and authenticate the
existing data stream.

Location independence. Only a sufficiently fast and stable Internet connection is

needed to get a connection from anywhere to a VoIP provider. Integration with
other services available over the Internet, including video conversation, message or
data file exchange during the conversation, audio conferencing, managing address
books, and passing information about whether other people are available to
interested parties.

Challenges

44
Quality of service

Communication on the IP network is inherently less reliable in contrast to the circuit-

switched public telephone network, as it does not provide a network-based
mechanism to ensure that data packets are not lost, or delivered in sequential order.
It is a best-effort network without fundamental Quality of Service (QoS) guarantees.
Therefore, VoIP implementations may face problems mitigating latency and jitter.

By default, IP routers handle traffic on a first-come, first-served basis. Routers on

high volume traffic links may introduce latency that exceeds permissible thresholds
for VoIP. Fixed delays cannot be controlled, as they are caused by the physical
distance the packets travel, however latency can be minimized by marking voice
packets as being delay-sensitive

Voice, and all other data, travel in packets over IP networks with fixed maximum
capacity. This system is more prone to congestion and DoS attacksthan traditional
circuit switched systems; a circuit switched system of insufficient capacity will refuse
new connections while carrying the remainder without impairment, while the quality
of real-time data such as telephone conversations on packet-switched networks
degrades dramatically.

The receiver must resequence IP packets that arrive out of order and recover
gracefully when packets arrive too late or not at all. Jitter results from the rapid and
random (i.e., unpredictable) changes in queue lengths along a given Internet path
due to competition from other users for the same transmission links. VoIP receivers
counter jitter by storing incoming packets briefly in a "de-jitter" or "playout" buffer,
deliberately increasing latency to increase the chance that each packet will be on
hand when it's time for the voice engine to play it. The added delay is thus a
compromise between excessive latency and excessive dropout, i.e., momentary
audio interruptions.

A number of protocols have been defined to support the reporting of QoS/QoE for
VoIP calls. These include RTCP Extended Report (RFC 3611), SIP RTCP Summary
Reports, H.460.9 Annex B (for H.323), H.248.30 and MGCP extensions. The RFC 3611
VoIP Metrics block is generated by an IP phone or gateway during a live call and
contains information on packet loss rate, packet discard rate (because of jitter),
packet loss/discard burst metrics (burst length/density, gap length/density), network
delay, end system delay, signal / noise / echo level, Mean Opinion Scores (MOS) and
R factors and configuration information related to the jitter buffer.

Layer-2 quality of service

45
A number of protocols that deal with the data link layer and physical layer include
quality-of-service mechanisms that can be used to ensure that applications like VoIP
work well even in congested scenarios.

Susceptibility to power failure

Telephones for traditional residential analog service are usually connected directly to
telephone company phone lines which provide direct current to power most basic
analog handsets independently of locally available power.

IP Phones and VoIP telephone adapters connect to routers or cable modems which
typically depend on the availability of mains electricity or locally generated power.[15]
Some VoIP service providers use customer premise equipment (e.g., cablemodems)
with battery-backed power supplies to assure uninterrupted service for up to several
hours in case of local power failures. Such battery-backed devices typically are
designed for use with analog handsets.

A fixed line phone has a direct relationship between a telephone number and a
physical location. If an emergency call comes from that number, then the physical
location is known.

In the IP world, it is not so simple. A broadband provider may know the location
where the wires terminate, but this does not necessarily allow the mapping of an IP
address to that location.[citation needed] IP addresses are often dynamically assigned, so
the ISP may allocate an address for online access, or at the time a broadband router
is engaged. The ISP recognizes individual IP addresses, but does not necessarily know
to which physical location it corresponds. [citation needed] The broadband service provider
knows the physical location, but is not necessarily tracking the IP addresses in use.
[citation needed]

Lack of redundancy

With the current separation of the Internet and the PSTN, a certain amount of
redundancy is provided. An Internet outage does not necessarily mean that a voice
communication outage will occur simultaneously, allowing individuals to call for
emergency services and many businesses to continue to operate normally. In
situations where telephone services become completely reliant on the Internet
infrastructure, a single-point failure can isolate communities from all
communication, including Enhanced 911 and equivalent services in other locales.
[original research?]

Number portability

46
Local number portability (LNP) and Mobile number portability (MNP) also impact
VoIP business. In November 2007, the Federal Communications Commission in the
United States released an order extending number portability obligations to
interconnected VoIP providers and carriers that support VoIP providers. [18] Number
portability is a service that allows a subscriber to select a new telephone carrier
without requiring a new number to be issued. Typically, it is the responsibility of the
former carrier to "map" the old number to the undisclosed number assigned by the
new carrier. This is achieved by maintaining a database of numbers. A dialed number
is initially received by the original carrier and quickly rerouted to the new carrier.
Multiple porting references must be maintained even if the subscriber returns to the
original carrier. The FCC mandates carrier compliance with these consumer-
protection stipulations.

A voice call originating in the VoIP environment also faces challenges to reach its
destination if the number is routed to a mobile phone number on a traditional
mobile carrier. VoIP has been identified in the past as a Least Cost Routing (LCR)
system, which is based on checking the destination of each telephone call as it is
made, and then sending the call via the network that will cost the customer the
least.[19] This rating is subject to some debate given the complexity of call routing
created by number portability. With GSM number portability now in place, LCR
providers can no longer rely on using the network root prefix to determine how to
route a call. Instead, they must now determine the actual network of every number
before routing the call.

PSTN integration

E.164 is a global numbering standard for both the PSTN and PLMN. Most VoIP
implementations support E.164 to allow calls to be routed to and from VoIP
subscribers and the PSTN/PLMN. [20] VoIP implementations can also allow other
identification techniques to be used. For example, Skype allows subscribers to
choose "Skype names"[21] (usernames) whereas SIP implementations can use URIs[22]
similar to email addresses. Often VoIP implementations employ methods of
translating non-E.164 identifiers to E.164 numbers and vice-versa, such as the Skype-
In service provided by Skype[23] and the ENUM service in IMS and SIP.[24]

Echo can also be an issue for PSTN integration. [25] Common causes of echo include
impedance mismatches in analog circuitry and acoustic coupling of the transmit and
receive signal at the receiving end.

Security

47
VoIP telephone systems are susceptible to attacks as are any internet-connected
devices. This means that hackers who know about these vulnerabilities (such as
insecure passwords) can institute denial-of-service attacks, harvest customer data,
record conversations and break into voice mailboxes.[26]

Another challenge is routing VoIP traffic through firewalls and network address
translators. Private Session Border Controllers are used along with firewalls to
enable VoIP calls to and from protected networks. For example, Skype uses a
proprietary protocol to route calls through other Skype peers on the network,
allowing it to traverse symmetric NATs and firewalls. Other methods to traverse
NATs involve using protocols such as STUN or ICE.

Many consumer VoIP solutions do not support encryption, although having a secure
phone is much easier to implement with VoIP than traditional phone lines. As a
result, it is relatively easy to eavesdrop on VoIP calls and even change their content.
[27]
An attacker with a packet sniffer could intercept your VoIP calls if you are not on a
secure VLAN.

There are open source solutions, such as Wireshark, that facilitate sniffing of VoIP
conversations. A modicum of security is afforded by patented audio codecs in
proprietary implementations that are not easily available for open source
application, however such security through obscurity has not proven effective in
other fields.[citation needed] Some vendors also use compression to make eavesdropping
more difficult. However, real security requires encryption and cryptographic
authentication which are not widely supported at a consumer level. The existing
security standard Secure Real-time Transport Protocol (SRTP) and the new ZRTP
protocol are available on Analog Telephone Adapters (ATAs) as well as various
softphones. It is possible to use IPsec to secure P2P VoIP by using opportunistic
encryption. Skype does not use SRTP, but uses encryption which is transparent to the
Skype provider. In 2005, Skype invited a researcher, Dr Tom Berson, to assess the
security of the Skype software, and his conclusions are available in a published
report.

The Voice VPN solution provides secure voice for enterprise VoIP networks by
applying IPSec encryption to the digitized voice stream.

Securing VoIP

48
To prevent the above security concerns the government and military organizations
are using; Voice over Secure IP (VoSIP), Secure Voice over IP (SVoIP), and Secure
Voice over Secure IP (SVoSIP) to protect confidential, and/or classified VoIP
communications. Secure Voice over IP is accomplished by encrypting VoIP with Type
1 encryption. Secure Voice over Secure IP is accomplished by using Type 1 encryption
on a classified network, like SIPRNet. Public Secure VoIP is also available with free
GNU programs.

Caller ID

Caller ID support among VoIP providers varies, although the majority of VoIP
providers now offer full Caller ID with name on outgoing calls.

In a few cases, VoIP providers may allow a caller to spoof the Caller ID information,
potentially making calls appear as though they are from a number that does not
belong to the caller Business grade VoIP equipment and software often makes it easy
to modify caller ID information. Although this can provide many businesses great
flexibility, it is also open to abuse.

The "Truth in Caller ID Act" has been in preparation in the US Congress since 2006,
but as of January 2009 still has not been enacted. This bill proposes to make it a
crime in the United States to "knowingly transmit misleading or inaccurate caller
identification information with the intent to defraud, cause harm, or wrongfully
obtain anything of value ..."

Compatibility with traditional analog telephone sets

Some analog telephone adapters do not decode pulse dialing from older phones.
They may only work with push-button telephones using the touch-tone system. The
VoIP user may use a pulse-to-tone converter, if needed.

Fax handling

Support for sending faxes over VoIP implementations is still limited. The existing
voice codecs are not designed for fax transmission; they are designed to digitize an
analog representation of a human voice efficiently. However, the inefficiency of
digitizing an analog representation (modem signal) of a digital representation (a
document image) of analog data (an original document) more than negates any
bandwidth advantage of VoIP. In other words, the fax "sounds" simply don't fit in the
VoIP channel. An alternative IP-based solution for delivering fax-over-IP called T.38 is
available.

49
IP telephony service
Ip telephony service will require the following
 Gns-graphical network simulator
 Pc-which will act as a router with the help of gns
 Access point-to connect different users in lan
 Cisco ip communicator-ip phone emulator

Implementation
Install GNS (Graphical network simulator)

Add IOS images of a router

50
Add a router and a cloud in GNS

Configure cloud and add PC’s fast Ethernet (LAN) interface as its interface for
bridging

51
Connect cloud and router using add a link button

Click on play and open console of the router

52
Assign Ip address 192.168.1.100 /24 to the fast Ethernet interface of the router by
issuing the following commands

Router>en

Router#config t

Router(config)#int f0/0

Router(config-if)#ip address

Router(config-if)#ip address 192.168.1.100 255.255.255.0

Router(config-if)#no sh

Connect pc to the access point

Assign ip address 192.168.1.10 to PC

53
Install cisco IP communicator on the host(s)

54
Open preferences of the cisco ip comunicator and enter the ip address of the PC in
the TFTP server1 text box

Now run telephony setup on the GNS’s router by issuing the following commands

55
Router#config t

Router(config)#telephony-service setup

-- Cisco IOS Telephony Services Setup ---

Do you want to setup DHCP service for your IP Phones? [yes/no]: no

Do you want to start telephony-service setup? [yes/no]: yes

Configuring Cisco IOS Telephony Services :

Enter the IP source address for Cisco IOS Telephony Services :192.168.1.100

Enter the Skinny Port for Cisco IOS Telephony Services : [2000]:

How many IP phones do you want to configure : [0]: 5

Do you want dual-line extensions assigned to phones? [yes/no]: no

56
What Language do you want on IP phones :

0 English

1 French

2 German

3 Russian

4 Spanish

5 Italian

6 Dutch

7 Norwegian

8 Portuguese

9 Danish

10 Swedish

11 Japanese

[0]: 0

Which Call Progress tone set do you want on IP phones :

57
 0 United States

1 France

2 Germany

3 Russia

4 Spain

5 Italy

6 Netherlands

7 Norway

8 Portugal

9 UK

10 Denmark

11 Switzerland

12 Sweden

13 Austria

14 Canada

15 Japan

[0]: 0

What is the first extension number you want to configure : 3000

Do you have Direct-Inward-Dial service for all your phones? [yes/no]: no

58
Do you want to forward calls to a voice message service? [yes/no]: no

Do you wish to change any of the above information? [yes/no]: no

CNF-FILES: Clock is not set or synchronized,

retaining old versionStamps

---- Setup completed config ---

The ip telephony setup is complete. To make a call dial extension number of the
desired person form the cisco ip communicator

BIBLIOGRAPHY:
CCNA- Study Guide by Todd Lammle
www.google.com
www.wikipedia.org

59
www.cisco.com
www.

60