CIT 361 RSS feeds and podcasts by Ed Nickel are licensed
under a Creative Commons Attribution 3.0 United States License
based on a work at http://cot.gbcnv.edu/~ed/class/syllabi.html.

CIT 361: Week 2

To automatically receive new feeds and podcasts you can copy this link: http://cot.gbcnv.edu/~ed/class/cit361/cit361.xml to your RSS reader and/or your iTunes/mp3 software. If you prefer getting the new feeds and podcasts manually you can read these files directly as you are reading this one or download the audio mp3 file which constitutes the podcast and listen to it using your favorite media software, such as Windows Media Player. Please note, iTunes is available free from Apple and can be used on your PC or Mac even if you do not have an iPod.

Before we start this chapter please go back and review Figure 1-2 on page 17. Notice that the Network Access layer in the TCP/IP model corresponds to both the Physical and Data Link layers in the standard OSI model. This week we will cover those two layers in the theoretical OSI model and compare them to the actual protocols used in TCP/IPs Network Layer.

To begin with, I should make one clarification, networking protocols are all software based either as programming code or as data packets. Layer one, the physical layer of the OSI model, is actually the physical media through which network data is transmitted. Since no software protocol has ever really been designed from the hardware layer up, almost all protocol suites (TCP/IP, IPX/SPX, WINS, etc.) run on most media equally well. I guess we need to be clear about what is meant by media, or in the singular medium. Most of you have heard of people and companies in the news industry called "the media" and this is obviously not what we mean in networking, but it can be used as an example to get the point across. News can be disseminated in print on paper, as newscasts on TV or radio, via websites on the Internet, and so on. Well, network protocols and data can be transmitted on Cat 5 or Cat 6 copper wires, fiber optic bundles, short range and long range wireless carriers, microwave, and more. While each of these "physical" carrier networking media has different, speed, bandwidth, security, and other characteristics, all of them can and do carry TCP/IP (and other) network traffic.

Many times I have heard non-network professionals and, sometimes, misinformed network professionals specify a particular media for network connectivity when they actually should not. They want a high speed, high capacity connection so they specify fiber optic cable and the providers will give them what they specify even though that may not be the best method of supplying their needs. A business tells a carrier to provide fiber optic and there is none in their immediate area so the business pays for the installation of several miles of new fiber to meet their specifications when they could have had the required speed and bandwidth using ATM (asynchronous transfer mode) on conditioned copper wires that already existed at a much lower cost. In all but a very few cases the physical media is not important to a particular installation but the characteristics of bandwidth, speed, security, etc. are important. With the right physical interface devices all network systems can be connected to each other. With these three paragraphs I have presented more than the book does about the physical layer of the OSI model and all that I intend to cover in this class with the exception of the MAC (media access control) hardware.

The MAC layer was actually introduced in chapter two as a protocol. I would like to cover its very direct relationship to hardware now. As the name, media access control layer, implies this is the connection between the physical media and the many higher level software protocols; or as the vernacular phrase goes, "where the rubber meets the road" or at least the data meets the media. Every media access device has a unique MAC address, aka hardware address, which starts with a 24 bit manufacturer's ID and ends with a 24 bit device ID or serial number. The manufacturers get their 24 bit ID codes from the Institute of Electrical and Electronics Engineers (IEEE) then each manufacturer assigns a unique 24 bit device ID code so that in theory no two devices anywhere on the Internet have exactly same MAC address. In actual practice there have been a few slip ups to this uniqueness situation. As was said last week and again in this chapter, these MAC addresses are used on local subnets to directly transmit data packets from one network device to another and no other addressing is required at the purely local level. For now hang on to these MAC concepts until we get to the last chapter in the book about IPv6 when they will again come into play.

Although mentioned in the book, I am going to skip SLIP (Serial Line Internet Protocol) since it is rarely used any more, and discuss PPP (Point-to-Point Protocol). PPP does not use any addressing since it is used directly between two and only two devices. This is the connectivity protocol used by dialup modems to make the connection between a computer and a specific modem at an ISP, Internet service provider. Since there are only two devices on such a dialup connection each one knows what it has sent and that anything it receives is coming from the other device, therefore no addressing is required. To over simplify the material in the book, an IP address can be assigned to the modems at an ISP, then whenever a person uses their computer to dial into the Internet they get temporary use of the modem's IP address while they are connected. The next person's computer dialing into that modem then gets that address while they are connected, and so on. This is the first and simplest (although not most efficient or convenient) method for sharing the limited number of IPv4 addresses. Please note, PPP is also used with ISDN, SONET, and other connectivity methods and not just dialup.

The most common data link layer method is framing and the Ethernet II Frame Type is the most common of these. There are a number of other frame types discussed in the book but this is the most common and only one I will cover here. The structure of this frame type is illustrated in figure 3-1 on page 106. Notice the big block labeled "DATA" in this illustration. This section of the frame is variable in size while all the rest have a very rigidly designed placement and size. As the book points out the overall frame size must be a minimum of 64 bytes and a maximum of 1518 bytes in length and it is the data portion which can be changed to meet these requirements. If it is too small then extra zero bits pad the data section. If it is too large then the data section is split and sent as two or more frames to fit a network's requirements. When they are split they are numbered so they can be reassembled in the correct order by the receiving device. You have probably seen the results of this kind of data splitting when you are on the Internet and a website sends a picture which forms from the top down on your screen but occasionally pauses the rapidly fills lower sections. This is because a packet in the middle did not arrive in sequence while other later packets did arrive, so your computer starts to display the picture then pauses to wait for the missing packet, and suddenly fills in a whole bunch as the missing packet as well as the others that already arrived are all lined up for display. This can happen more than once during the completion of a single web page and even in a single, hi-resolution picture. Once again, remember this behavior as it will be important when we discuss newer protocols like VoIP and streaming media.

The ARP (Address Resolution Protocol) is used to resolve or match IP addresses to MAC addresses for delivering data from a device on one subnet to one on another device on the same subnet. ARP is not routable. When a computer asks for the MAC of a device on another subnet via its IP address the router or gateway for that subnet will send its MAC to the requesting device so the data packet will be sent to the router including both the destination and source IP addresses. In theory the router could then ask the next subnet up the line if the particular IP address is there and get the next router's MAC if it is not to repeat this process until the packet reaches the subnet where the device with the specific IP address is located. However, much more efficient methods are actually used as we will discuss next. The book covers ARP in great detail and also various methods like ARP Caching and Proxy ARP, used to streamline the process of sending data via networks. ARP is a broadcast technology so it would have to be rebroadcast on every interconnected subnet of the Internet, if it were used outside its own subnet. This would mean all data traffic on the Internet would be sent to every connected network which would quickly bog down the whole Internet with data irrelevant to the vast majority of local networks.

The IP (Internet Protocol) is used to send datagrams between multiple, interconnected networks. Each router up the line from the previous router opens the IP datagram to examine the destination IP address if the address is known to that router it is sent directly to the appropriate subnet where ARP takes over the delivery. If it is an unknown IP address it is passed up the line to the next router until it finds a router that has a path to that IP address's network ID which then directs it through that route. Each step from one router to the next is called a hop and a particular packet can make 20 or more hops before reaching its destination. Since IP datagrams are directed along specific hierarchical routes and not broadcast to every device on a network they are much more efficient than ARP for long range communications. There are often a number of routes from a given source IP address to a particular destination IP address, so other protocols like RIP and OSPF, which will be discussed in chapter 10, are used to find the best route. Occasionally something will go wrong with the routing of a packet when that happens then the TTL (Time to Live) counter in a packet will de-increment to zero and the packet will simply be discarded by the next router. There are other protocols we will examine later which request missing data packets be resent to account for this. IP datagrams usually have an initial TTL of 64 and each router that forwards the packet subtracts one from this until it either reaches its destination or the TTL drops to zero and the packet is dropped.

On pages 130-132 the book covers fragmentation and re-assembly of data packets. Fragmentation occurs when one network, across which data is sent uses a smaller MTU (maximum transmission unit) than the originating network used. Since routers work best and fastest when they are simply re-transmitting the same packets they get, fragmentation represents a significant reduction in network efficiency. A router or gateway that receives a packet that is too large must spend processor time breaking those packets into smaller pieces and fitting them with appropriate headers. At the other end the receiving device must then spend a commensurate amount of processing time re-assembling those packets. Eliminating these bottlenecks can greatly improve network throughput so identifying and rectifying these should be a high priority for any network manager. Sometimes there is nothing that can be done, sometimes these are only intermittent conditions that can be left alone, sometimes a more efficient route can be given a higher priority in the routing tables, and sometimes a local network can be reconfigured to use a more optimal packet size. Which solution is best for a given situation is for the network manager to determine, but as overall IT systems managers you need to be aware of the problems and consequences of many such conditions to ensure that you have the right people and resources assigned to an IT area.

The rest of this chapter breaks down the IP datagram and examines each part. I will let the author's explanations stand as they are quite adequate. However, feel free to post any questions or comments you have on any of the material either I or the author covered this week.