Professional Documents
Culture Documents
0 Chapter introduction
We now stand at a critical turning point in the use of technology to extend and empower our human network. The globalization of the Internet has succeeded faster than anyone could have imagined. The manner in which social, commercial, political and personal interactions occur is rapidly changing to keep up with the evolution of this global network. In the next stage of our development, innovators will use the Internet as a starting point for their efforts - creating new products and services specifically designed to take advantage of the network capabilities. s developers push the limits of what is possible, the capabilities of the interconnected networks that form the Internet will play an increasing role in the success of these pro!ects. This chapter introduces the platform of data networks upon which our social and business relationships increasingly depend. The material lays the groundwork for exploring the services, technologies, and issues encountered by network professionals as they design, build, and maintain the modern network. In this chapter, you will learn to" #escribe how networks impact our daily lives. #escribe the role of data networking in the human network. Identify the key components of any data network. Identify the opportunities and challenges posed by converged networks. #escribe the characteristics of network architectures" fault tolerance, scalability, $uality of service and security. Install and use I%& clients and a Wiki server.
2. Living in a Network Centric World 1.1 Communicating in a Network Centric World 1.1.1 Networks Supporting the Way We Live
mong all of the essentials for human existence, the need to interact with others ranks !ust below our need to sustain life. &ommunication is almost as important to us as our reliance on air, water, food, and shelter. The methods that we use to share ideas and information are constantly changing and evolving. Whereas the human network was once limited to face-to-face conversations, media breakthroughs continue to extend the reach of our communications. 'rom the printing press to television, each new development has improved and enhanced our communication. s with every advance in communication technology, the creation and interconnection of robust data networks is having a profound effect. (arly data networks were limited to exchanging character-based information between connected computer systems. &urrent networks have evolved to carry voice, video streams, text, and graphics between many different types of devices. )reviously separate and distinct communication forms have converged onto a common platform. This platform provides access to a wide range of alternative and new communication methods that enable people to interact directly with each other almost instantaneously. The immediate nature of communications over the Internet encourages the formation of global communities. These communities foster social interaction that is independent of location or time zone.
The
lo!al Community
Technology is perhaps the most significant change agent in the world today, as it helps to create a world in which national borders, geographic distances, and physical limitations become less relevant, and present ever-diminishing obstacles. The creation of online communities for the exchange of ideas and information has the potential to increase productivity opportunities across the globe. s the Internet connects people and promotes unfettered communication, it presents the platform on which to run businesses, to address emergencies, to inform individuals, and to support education, science, and government. It is incredible how $uickly the Internet became an integral part of our daily routines. The complex interconnection of electronic devices and media that comprise the network is transparent to the millions of users who make it a valued and personal part of their lives. #ata networks that were once the transport of information from business to business have been repurposed to improve the $uality of life for people everywhere. In the course of a day, resources available through the Internet can help you" #ecide what to wear using online current weather conditions. 'ind the least congested route to your destination, displaying weather and traffic video from webcams. &heck your bank balance and pay bills electronically. %eceive and send e-mail, or make an Internet phone call, at an Internet cafe over lunch. *btain health information and nutritional advice from experts all over the world, and post to a forum to share related health or treatment information. #ownload new recipes and cooking techni$ues to create a spectacular dinner. )ost and share your photographs, home videos, and experiences with friends or with the world. +any uses of the Internet would have been hard to imagine !ust a few years ago. Take for example, one person,s experience publishing a home music video" -+y goal is to make my own movies. *ne day, my friend di and I made a video as a surprise for her boyfriend,s birthday. We recorded ourselves lip-synching to a song and dancing around. Then we decided, why not post it. Well, the reaction has been huge. It,s had over . million views so far, and the movie director /evin 0mith even did a short spoof of it. I don,t know what draws people to the video. +aybe it,s the simplicity of it, or the song. +aybe it,s because it,s spontaneous and fun, and it makes people feel good. I don,t know. 1ut I do know that I can do what I love and share it online with millions of people around the world. ll I need is my computer, digital camcorder, and some software. nd that,s an amazing thing.-
website 2or blog or wiki3 where others can download it and play the recording on their computers, laptops, and i)ods. Colla!oration Tools &ollaboration tools give people the opportunity to work together on shared documents. Without the constraints of location or time zone, individuals connected to a shared system can speak to each other, share text and graphics, and edit documents together. With collaboration tools always available, organizations can move $uickly to share information and pursue goals. The broad distribution of data networks means that people in remote locations can contribute on an e$ual basis with people at the heart of large population centers.
The &isco 7etworking cademy )rogram, which offers this course, is an example of a global online learning experience. The instructor provides a syllabus and establishes a preliminary schedule for completing the course content. The cademy program supplements the expertise of the instructor with an interactive curriculum that provides many forms of learning experiences. The program provides text, graphics, animations, and a simulated networking environment tool called )acket Tracer. )acket Tracer provides a way to build virtual representations of networks and emulate many of the functions of networking devices. 0tudents may communicate with the instructor and fellow students using online tools, like e-mail, bulletin8discussion boards, chat rooms, and instant messaging. 4inks provide access to learning resources outside of the courseware. 1lended e-learning provides the benefits of computer-based training while retaining advantages of instructor-led curriculum. 0tudents have the opportunity to work online at their own pace and skill level while still having access to an instructor and other live resources. In addition to the benefits for the student, networks have improved the management and administration of courses as well. 0ome of these online functions include enrollment, assessment delivery and grade books.
In the business world, the use of networks to provide efficient and cost-effective employee training is increasing in acceptance. *nline learning opportunities can decrease timeconsuming and costly travel yet still ensure that all employees are ade$uately trained to perform their !obs in a safe and productive manner. *nline courseware and delivery offer many benefits to businesses. mong the benefits are" &urrent and accurate training materials. &ollaboration between vendors, e$uipment manufacturers and training providers ensures that the courseware is up-to-date with the latest processes and procedures. When errors in materials are found and corrected, the new courseware is immediately available to all employees. vailability of training to a wide audience. *nline training is not dependent on travel schedules, instructor availability or physical class size. (mployees can be given deadlines by which training is to be completed and the employees can access the courseware when it is convenient. &onsistent $uality of instruction. The $uality of the instruction does not vary as it would if different instructors were delivering an in-person course. The online curriculum provides a consistent core of instruction to which instructors can add additional expertise.
6
&ost reduction. In addition to reducing the cost of travel and the lost time associated with travel, there are other cost reducing factors for business related to online training. It is usually less expensive to revise and update online courseware than it is to update paperbased material. 'acilities to support in-person training can also be reduced or eliminated.
+any businesses also provide customer training online. This courseware enables the customers to use the products and services provided by the business in the best manner, reducing calls to the help lines or customer service centers.
Initially, data networks were used by businesses to internally record and manage financial information, customer information, and employee payroll systems. These business
7
networks evolved to enable the transmission of many different types of information services, including e-mail, video, messaging, and telephony. Intranets, private networks in use by !ust one company, enable businesses to communicate and perform transactions among global employee and branch locations. &ompanies develop extranets, or extended internetworks, to provide suppliers, vendors, and customers limited access to corporate data to check order status, inventory, and parts lists. Today, networks provide a greater integration between related functions and organizations than was possible in the past. &onsider these business scenarios. wheat farmer in ustralia uses a laptop enabled with a 9lobal )ositioning 0ystem 29)03 to plant a crop with precision and efficiency. t harvest time, the farmer can co-ordinate harvesting with the availability of grain transporters and storage facilities. 6sing mobile wireless technology, the grain transporter can monitor the vehicle in-route in order to maintain the best fuel efficiency and safe operation. &hanges in status can be relayed to the driver of the vehicle instantly. %emote workers, called teleworkers or telecommuters, use secure remote access services from home or while traveling. The data network enables them to work as if they were on-site, with access to all the network-based tools normally available for their !obs. :irtual meetings and conferences can be convened which include people in remote locations. The network provides audio and video capability so all participants can both see and hear each other. The information from the meetings can be recorded to a wiki or blog. The latest versions of the agenda and minutes can be shared as soon as they are created. There are many success stories illustrating innovative ways networks are being used to make us more successful in the workplace. 0ome of these scenarios are available through the &isco web site at http"88www.cisco.com
offline access. 4ive sporting events and concerts can be experienced as they are happening, or recorded and viewed on demand. 7etworks enable the creation of new forms of entertainment, such as online games. )layers participate in any kind of online competition that game designers can imagine. We compete with friends and foes around the world in the same manner if they were in the same room. (ven offline activities are enhanced using network collaboration services. 9lobal communities of interest have grown rapidly. We share common experiences and hobbies well beyond our local neighborhood, city, or region. 0ports fans share opinions and facts about their favorite teams. &ollectors display prized collections and get expert feedback about them. *nline markets and auction sites provide the opportunity to buy, sell and trade all types of merchandise. Whatever form of recreation we en!oy in the human network, networks are improving our experience
&ommunication rules may vary according to the context. If a message conveys an important fact or concept, a confirmation that the message has been received and understood is necessary. 4ess important messages may not re$uire an acknowledgement from the recipient. The techni$ues that are used in network communications share these fundamentals with human conversations. 1ecause many of our human communication protocols are implicit or are ingrained in our cultures, some rules can be assumed. In establishing data networks, it is necessary to be much more explicit about how communication takes place and how it is !udged
10
11
'nternal 1actors Internal factors that interfere with network communication are related to the nature of the message itself. #ifferent types of messages may vary in complexity and importance. &lear and concise messages are usually easier to understand than complex messages. Important communications re$uire more care to ensure that they are delivered and understood by the recipient. Internal factors affecting the successful communication across the network include" The size of the message The complexity of the message The importance of the message 4arge messages may be interrupted or delayed at different points within the network. message with a low importance or priority could be dropped if the network becomes overloaded. 1oth the internal and external factors that affect the receipt of a message must be anticipated and controlled for network communications to be successful. 7ew innovations in network hardware and software are being implemented to ensure the $uality and reliability of network communications.
1eing able to reliably communicate to anyone, anywhere, is becoming increasingly important to our personal and business lives. In order to support the immediate delivery of the millions of messages being exchanged between people all over the world, we rely on a web of interconnected networks. These data or information networks vary in size and capabilities, but all networks have four basic elements in common" %ules or agreements to govern how the messages are sent, directed, received and interpreted The messages or units of information that travel from one device to another means of interconnecting these devices - a medium that can transport the messages from one device to another #evices on the network that exchange messages with each other The standardization of the various elements of the network enables e$uipment and devices created by different companies to work together. (xperts in various technologies can contribute their best ideas on how to develop an efficient network, without regard to the brand or manufacturer of the e$uipment.
In this course, many networking devices will be discussed. 7etworking is a very graphically oriented sub!ect, and icons are commonly used to represent networking devices. *n the left side of the diagram are shown some common devices which often originate messages that comprise our communication. These include various types of computers 2a )& and laptop icon are shown3, servers, and I) phones. *n local area networks these devices are typically connected by 4 7 media 2wired or wireless3. The right side of the figure shows some of the most common intermediate devices, used to direct and manage messages across the network, as well as other common networking symbols. 9eneric symbols are shown for" 0witch - the most common device for interconnecting local area networks 'irewall - provides security to networks %outer - helps direct messages as they travel across a network Wireless %outer - a specific type of router often found in home networks &loud - used to summarize a group of networking devices, the details of which may be unimportant to the discussion at hand
13
0erial 4ink - one form of W 7 interconnection, represented by the lightning bolt-shaped line
'or a network to function, the devices must be interconnected. 7etwork connections can be wired or wireless. In wired connections, the medium is either copper, which carries electrical signals, or optical fiber, which carries light signals. In wireless connections, the medium is the (arth,s atmosphere, or space, and the signals are microwaves. &opper medium includes cables, such as twisted pair telephone wire, coaxial cable, or most commonly, what is known as &ategory ; 6nshielded Twisted )air 26T)3 cable. *ptical fibers, thin strands of glass or plastic that carry light signals, are another form of networking media. Wireless media may include the home wireless connection between a wireless router and a computer with a wireless network card, the terrestrial wireless connection between two ground stations, or the communication between devices on earth and satellites. In a typical !ourney across the Internet, a message may travel across a variety of media.
14
5uman beings often seek to send and receive a variety of messages using computer applications< these applications re$uire services to be provided by the network. 0ome of these services include the World Wide Web, e-mail, instant messaging, and I) Telephony. #evices interconnected by medium to provide services must be governed by rules, or protocols. In the chart, some common services and a protocol most directly associated with that service are listed. )rotocols are the rules that the networked devices use to communicate with each other. The industry standard in networking today is a set of protocols called T&)8I) 2Transmission &ontrol )rotocol8Internet )rotocol3. T&)8I) is used in home and business networks, as well as being the primary protocol of the Internet. It is T&)8I) protocols that specify the formatting, addressing and routing mechanisms that ensure our messages are delivered to the correct recipient.
We close this section with an example to tie together how the elements of networks devices, media, and services - are connected by rules to deliver a message. )eople often only picture networks in the abstract sense. We create and send a text message and it almost immediately shows up on the destination device. lthough we know that between our sending device and the receiving device there is a network over which our message travels, we rarely think about all the parts and pieces that make up that infrastructure. The (essages In the first step of its !ourney from the computer to its destination, our instant message gets converted into a format that can be transmitted on the network. ll types of messages must be converted to bits, binary coded digital signals, before being sent to their destinations. This is true no matter what the original message format was" text, video, voice, or computer data. *nce our instant message is converted to bits, it is ready to be sent onto the network for delivery. The 2evices To begin to understand the robustness and complexity of the interconnected networks that make up the Internet, it is necessary to start with the basics. Take the example of sending the text message using an instant messaging program on a computer. When we think of using network services, we usually think of using a computer to access them. 1ut, a computer is only one type of device that can send and receive messages over a network. +any other types of devices can also be connected to the network to participate in network services. mong these devices are telephones, cameras, music systems, printers and game consoles. In addition to the computer, there are numerous other components that make it possible for our instant message to be directed across the miles of wires, underground cables, airwaves and satellite stations that might exist between the source and destination devices. *ne of the critical components in any size network is the router. router !oins two or more networks, like a
15
home network and the Internet, and passes information from one network to another. %outers in a network work to ensure that the message gets to its destination in the most efficient and $uickest manner. The (edium To send our instant message to its destination, the computer must be connected to a wired or wireless local network. 4ocal networks can be installed in homes or businesses, where they enable computers and other devices to share information with each other and to use a common connection to the Internet. Wireless networks allow the use of networked devices anywhere in an office or home, even outdoors. *utside the office or home, wireless networking is available in public hotspots, such as coffee shops, businesses, hotel rooms, and airports. +any installed networks use wires to provide connectivity. (thernet is the most common wired networking technology found today. The wires, called cables, connect the computers and other devices that make up the networks. Wired networks are best for moving large amounts of data at high speeds, such as are re$uired to support professional-$uality multimedia. The Services 7etwork services are computer programs that support the human network. #istributed on devices throughout the network, these services facilitate online communication tools such as email, bulletin8discussion boards, chat rooms, and instant messaging. In the case of instant messaging, for example, an instant messaging service, provided by devices in the cloud, must be accessible to both the sender and recipient. The /ules Important aspects of networks that are neither devices nor media are rules, or protocols. These rules are the standards and protocols that specify how the messages are sent, how they are directed through the network, and how they are interpreted at the destination devices. 'or example, in the case of =abber instant messaging, the >+)), T&), and I) protocols are all important sets of rules that enable our communication to occur.
16
17
18
19
for example, personal computers, phones, T:s, personal assistants, and retail point-of-sale registers - but only one common network infrastructure.
'ntelligent 'n$ormation Networks The role of the network is evolving. The intelligent communications platform of tomorrow will offer so much more than basic connectivity and access to applications. The convergence of the different types of communications networks onto one platform represents the first phase in building the intelligent information network. We are currently in this phase of network evolution. The next phase will be to consolidate not only the different types of messages onto a single network, but to also consolidate the applications that generate, transmit, and secure the messages onto integrated network devices. 7ot only will voice and video be transmitted over the same network, the devices that perform the telephone switching and video broadcasting will
20
be the same devices that route the messages through the network. The resulting communications platform will provide high $uality application functionality at a reduced cost. &lanning $or the 1uture The pace at which the development of exciting new converged network applications is occurring can be attributed to the rapid expansion of the Internet. This expansion has created a wider audience and a larger consumer base for whatever message, product or service can be delivered. The underlying mechanics and processes that drive this explosive growth have resulted in a network architecture that is both resilient and scalable. s the supporting technology platform for living, learning, working, and playing in the human network, the network architecture of the Internet must adapt to constantly changing re$uirements for a high $uality of service and security.
scalable network can expand $uickly to support new users and applications without impacting the performance of the service being delivered to existing users. Thousands of new users and service providers connect to the Internet each week. The ability of the network to support these new interconnections depends on a hierarchical layered design for the underlying physical infrastructure and logical architecture. The operation at each layer enables users or service providers to be inserted without causing disruption to the entire network. Technology developments are constantly increasing the message carrying capabilities and performance of the physical infrastructure components at every layer. These developments, along with new methods to identify and locate individual users within an internetwork, are enabling the Internet to keep pace with user demand.
0uality o$ Service )0oS* The Internet is currently providing an acceptable level of fault tolerance and scalability for its users. 1ut new applications available to users over internetworks create higher expectations for the $uality of the delivered services. :oice and live video transmissions re$uire a level of consistent $uality and uninterrupted delivery that was not necessary for traditional computer
22
applications. ?uality of these services is measured against the $uality of experiencing the same audio or video presentation in person. Traditional voice and video networks are designed to support a single type of transmission, and are therefore able to produce an acceptable level of $uality. 7ew re$uirements to support this $uality of service over a converged network are changing the way network architectures are designed and implemented. Security The Internet has evolved from a tightly controlled internetwork of educational and government organizations to a widely accessible means for transmission of business and personal communications. s a result, the security re$uirements of the network have changed. The security and privacy expectations that result from the use of internetworks to exchange confidential and business critical information exceed what the current architecture can deliver. %apid expansion in communication areas that were not served by traditional data networks is increasing the need to embed security into the network architecture. s a result, much effort is being devoted to this area of research and development. In the meantime, many tools and procedures are being implemented to combat inherent security flaws in the network architecture.
23
24
&acket Switched Connectionless Networks In the search for a network that could withstand the loss of a significant amount of its transmission and switching facilities, the early Internet designers reevaluated early research regarding packet switched networks. The premise for this type of networks is that a single message can be broken into multiple message blocks. Individual blocks containing addressing information indicate both their origination point and their final destination. 6sing this embedded information, these message blocks, called packets, can be sent through the network along various paths, and can be reassembled into the original message upon reaching their destination. 5tili6ing &ackets The devices within the network itself are unaware of the content of the individual packets, only visible is the address of the final destination and the next device in the path to that destination. 7o reserved circuit is built between sender and receiver. (ach packet is sent independently from one switching location to another. t each location, a routing decision is made as to which path to use to forward the packet towards its final destination. If a previously used path is no longer available, the routing function can dynamically choose the next best available path. 1ecause the messages are sent in pieces, rather than as a single complete message, the few packets that may be lost in the advent of a failure can be retransmitted to the destination along a different path. In many cases, the destination device is unaware that any failure or rerouting has occurred. &acket4switched Connectionless Networks The #o# researchers realized that a packet switched connectionless network had the features necessary to support a resilient, fault tolerant network architecture. The need for a single, reserved circuit from end-to-end does not exist in a packet switched network. ny piece of a message can be sent through the network using any available path. )ackets containing pieces of messages from different sources can travel the network at the same time. The problem of underutilized or idle circuits is eliminated -- all available resources can be used at any time to deliver packets to their final destination. 1y providing a method to dynamically use redundant paths, without intervention by the user, the Internet has become a fault tolerant, scalable method of communications. Connection4oriented Networks
25
lthough packet-switched connectionless networks met the needs of the #o#, and continue to be the primary infrastructure for today,s Internet, there are some benefits to a connectionoriented system like the circuit-switched telephone system. 1ecause resources at the various switching locations are dedicated to providing a finite number of circuits, the $uality and consistency of messages transmitted across a connection-oriented network can be guaranteed. nother benefit is that the provider of the service can charge the users of the network for the period of time that the connection is active. The ability to charge users for active connections through the network is a fundamental premise of the telecommunication service industry.
26
27
28
chieving the re$uired ?uality of 0ervice 2?o03 by managing the delay and packet loss parameters on a network becomes the secret to a successful end-to-end application $uality solution. Thus, ensuring ?o0 re$uires a set of techni$ues to manage the utilization of network resources. In order to maintain a high $uality of service for applications that re$uire it, it is necessary to prioritize which types of data packets must be delivered at the expense of other types of packets that can be delayed or dropped. Classi$ication Ideally, we would like to assign a precise priority for each type of communication. &urrently, this is neither practical nor possible. Therefore, we classify applications in categories based on specific $uality of service re$uirements. To create ?o0 classifications of data, we use a combination of communication characteristics and the relative importance assigned to the application. We then treat all data within the same classification according to the same rules. 'or example, communication that is time-sensitive or important would be classified differently from communication that can wait or is of lesser importance. 3ssigning priorities The characteristics of the information being communicated also affect its management. 'or example, the delivery of a movie uses a relatively large amount of network resources when it is delivered continuously without interruption. *ther types of service - e-mail, for example - are not nearly as demanding on the network. In one company, an administrator might decide to allocate the greatest share of the network resources to the movie, believing that this is the priority for his customers. This administrator may decide that the impact will be minimal if e-mail users have to wait a few additional seconds for their e-mail to arrive. In another company, the $uality of a video stream is not as important as critical process control information that operates the manufacturing machinery.
30
?o0 mechanisms enable the establishment of $ueue management strategies that enforce priorities for different classifications of application data. Without properly designed and implemented ?o0 mechanisms, data packets will be dropped without consideration of the application characteristics or priority. (xamples of priority decisions for an organization might include" Time-sensitive communication - increase priority for services like telephony or video distribution. 7on time-sensitive communication - decrease priority for web page retrieval or e-mail. 5igh importance to organization - increase priority for production control or business transaction data. 6ndesirable communication - decrease priority or block unwanted activity, like peer-topeer file sharing or live entertainment. The ?uality of 0ervice a network can offer is a vital issue, and in some situations, it is crucial. Imagine the conse$uences of a dropped distress call to an emergency response center, or of a lost control signal to an automated piece of heavy machinery. key responsibility for the network managers in an organization is to establish a ?uality of 0ervice policy and ensure that the mechanisms are in place to meet that goal.
31
32
0ecurity measures taken in a network should" )revent unauthorized disclosure or theft of information )revent unauthorized modification of information )revent #enial of 0ervice +eans to achieve these goals include" (nsuring confidentiality +aintaining communication integrity (nsuring availability "nsuring Con$identiality #ata privacy is maintained by allowing only the intended and authorized recipients individuals, processes, or devices - to read the data. 5aving a strong system for user authentication, enforcing passwords that are difficult to guess, and re$uiring users to change them fre$uently helps restrict access to communications and to data stored on network attached devices. Where appropriate, encrypting ontent ensures confidentiality and minimizes unauthorized disclosure or theft of information. (aintaining Communication 'ntegrity #ata integrity means having the assurance that the information has not been altered in transmission, from origin to destination. #ata integrity can be compromised when information has been corrupted - willfully or accidentally - before the intended recipient receives it. 0ource integrity is the assurance that the identity of the sender has been validated. 0ource integrity is compromised when a user or device fakes its identity and supplies incorrect information to a recipient. The use of digital signatures, hashing algorithms and checksum mechanisms are ways to provide source and data integrity across a network to prevent unauthorized modification of information. "nsuring 3vaila!ility
33
(nsuring confidentiality and integrity are irrelevant if network resources become over burdened, or not available at all. vailability means having the assurance of timely and reliable access to data services for authorized users. %esources can be unavailable during a #enial of 0ervice 2#o03 attack or due to the spread of a computer virus. 7etwork firewall devices, along with desktop and server anti-virus software can ensure system reliability and the robustness to detect, repel, and cope with such attacks. 1uilding fully redundant network infrastructures, with few single points of failure, can reduce the impact of these threats. The result of the implementation of measures to improve both the $uality of service and the security of network communications is an increase in the complexity of the underlying network platform. s the Internet continues to expand to offer more and more new services, its future depends on new, more robust network architectures being developed that include all four characteristics" fault tolerance, scalability, $uality of service, and security.
6pon completion of this activity, you will be able to" 6se the 0 70 site to $uickly identify Internet security threats and explain how threats are organized.
1.-. Trends 'n Networking 1.-.1 Where 's 't 3ll oing.
The convergence of the many different communication media onto a single network platform is fueling exponential growth in network capabilities. There are three ma!or trends that are contributing to the future shape of complex information networks" Increasing number of mobile users )roliferation of network capable devices (xpanding range of services (o!ile 5sers With the increase in the numbers of mobile workers and the increased use of hand-held devices, we are necessarily demanding more mobile connectivity to data networks. This demand has created a market for wireless services that have greater flexibility, coverage, and security. New and (ore Capa!le 2evicess
34
The computer is only one of many devices on today,s information networks. We have a proliferation of exciting new technologies that can take advantage of available network services. The functions performed by cell phones, )ersonal #igital ssistants 2)# s3, organizers, and pagers are converging into single hand-held devices with continuous connectivity to providers of services and content. These devices, once thought of as -toys- or luxury items, are now an integral part of how people communicate. In addition to mobile devices, we also have :oice over I) 2:oI)3 devices, gaming systems, and a large assortment of household and business gadgets that can connect and use network services. 'ncreased 3vaila!ility o$ Services The widespread acceptance of technology and the fast pace of innovation in network delivered services create a spiraling dependence. To meet user demands, new services are introduced and older services are enhanced. s the users come to trust these expanded services, they want even more capabilities. The network then grows to support the increasing demand. )eople depend on the services provided over the network, and therefore depend on the availability and reliability of the underlying network infrastructure. The challenge of keeping pace with an ever expanding network of users and services is the responsibility of trained network and IT professionals.
&hief Technology *fficers in many large organizations list the lack of $ualified personnel as the primary factor delaying the implementation of innovative new services. s students of networking technology, we examine the components of data networks and the roles they play in enabling communication. This course, as well as others in the 7etwork cademy series, is designed to empower you with the networking knowledge to build and manage these evolving networks.
Ch.2 Communicating over the Network 2.0 Chapter 'ntroduction 2.0.1 Chapter 'ntroduction
36
+ore and more, it is networks that connect us. )eople communicate online from everywhere. (fficient, dependable technology enables networks to be available whenever and wherever we need them. s our human network continues to expand, the platform that connects and supports it must also grow. %ather than developing uni$ue and separate systems for the delivery of each new service, the network industry as a whole has developed the means to both analyze the existing platform and enhance it incrementally. This ensures that existing communications are maintained while new services are introduced that are both cost effective and technologically sound. In this course, we focus on these aspects of the information network" #evices that make up the network +edia that connect the devices +essages that are carried across the network %ules and processes that govern network communications Tools and commands for constructing and maintaining networks &entral to the study of networks is the use of generally-accepted models that describe network functions. These models provide a framework for understanding current networks and for facilitating the development of new technologies to support future communications needs. Within this course, we use these models, as well as tools designed to analyze and simulate network functionality. Two of the tools that will enable you to build and interact with simulated networks are )acket Tracer @.A software and Wireshark network protocol analyzer. This chapter prepares you to" #escribe the structure of a network, including the devices and media that are necessary for successful communications. (xplain the function of protocols in network communications. (xplain the advantages of using a layered model to describe network functionality. #escribe the role of each layer in two recognized network models" The T&)8I) model and the *0I model. #escribe the importance of addressing and naming schemes in network communications.
&ommunication begins with a message, or information, that must be sent from one individual or device to another. )eople exchange ideas using many different communication methods. ll of these methods have three elements in common. The first of these elements is the message source, or sender. +essage sources are people, or electronic devices, that need to send a message to other individuals or devices. The second element of communication is the destination, or receiver, of the message. The destination receives the message and interprets it. third element, called a channel, consists of the media that provides the pathway over which the message can travel from source to destination. &onsider, for example, the desire to communicate using words, pictures, and sounds. (ach of these messages can be sent across a data or information network by first converting them into binary digits, or bits. These bits are then encoded into a signal that can be transmitted over the appropriate medium. In computer networks, the media is usually a type of cable, or a wireless transmission. The term network in this course will refer to data or information networks capable of carrying many different types of communications, including traditional computer data, interactive voice, video, and entertainment products.
0econd, segmentation can increase the reliability of network communications. The separate pieces of each message need not travel the same pathway across the network from source to destination. If a particular path becomes congested with data traffic or fails, individual pieces of the message can still be directed to the destination using alternate pathways. If part of the message fails to make it to the destination, only the missing parts need to be retransmitted. The downside to using segmentation and multiplexing to transmit messages across a network is the level of complexity that is added to the process. Imagine if you had to send a ABB-page letter, but each envelope would only hold one page. The process of addressing, labeling, sending, receiving, and opening the entire hundred envelopes would be timeconsuming for both the sender and the recipient. In network communications, each segment of the message must go through a similar process to ensure that it gets to the correct destination and can be reassembled into the content of the original message. :arious types of devices throughout the network participate in ensuring that the pieces of the message arrive reliably at their destination.
39
40
0ecurity #evices 2firewalls3 The management of data as it flows through the network is also a role of the intermediary devices. These devices use the destination host address, in con!unction with information about the network interconnections, to determine the path that messages should take through the network. )rocesses running on the intermediary network devices perform these functions" %egenerate and retransmit data signals +aintain information about what pathways exist through the network and internetwork 7otify other devices of errors and communication failures #irect data along alternate pathways when there is a link failure &lassify and direct messages according to ?o0 priorities )ermit or deny the flow of data, based on security settings
42
43
lthough there are benefits to using a 4 7 or W 7, most of us need to communicate with a resource on another network, outside of our local organization. (xamples of this type of communication include" 0ending an e-mail to a friend in another country ccessing news or products on a website 9etting a file from a neighbor,s computer Instant messaging with a relative in another city 'ollowing a favorite sporting team,s performance on a cell phone 'nternetwork global mesh of interconnected networks 2internetworks3 meets these human communication needs. 0ome of these interconnected networks are owned by large public and private organizations, such as government agencies or industrial enterprises, and are reserved for their exclusive use. The most well-known and widely used publicly-accessible internetwork is the Internet. The Internet is created by the interconnection of networks belonging to Internet 0ervice )roviders 2I0)s3. These I0) networks connect to each other to provide access for millions of users all over the world. (nsuring effective communication across this diverse infrastructure re$uires the application of consistent and commonly recognized technologies and protocols as well as the cooperation of many network administration agencies. 'ntranet The term intranet is often used to refer to a private connection of 4 7s and W 7s that belongs to an organization, and is designed to be accessible only by the organization,s members, employees, or others with authorization. 7ote" The following terms may be interchangeable" internetwork, data network, and network. connection of two or more data networks forms an internetwork - a network of networks. It is also common to refer to an internetwork as a data network - or simply as a network - when considering communications at a high level. The usage of terms depends on the context at the time and terms may often be interchanged.
45
overn Communications
ll communication, whether face-to-face or over a network, is governed by predetermined rules called protocols. These protocols are specific to the characteristics of the conversation. In our day-to-day personal communication, the rules we use to communicate over one medium, like a telephone call, are not necessarily the same as the protocols for using another medium, such as sending a letter. Think of how many different rules or protocols govern all the different methods of communication that exist in the world today. 0uccessful communication between hosts on a network re$uires the interaction of many different protocols. group of inter-related protocols that are necessary to perform a communication function is called a protocol suite. These protocols are implemented in software and hardware that is loaded on each host and network device.
46
*ne of the best ways to visualize how all of the protocols interact on a particular host is to view it as a stack. protocol stack shows how the individual protocols within the suite are implemented on the host. The protocols are viewed as a layered hierarchy, with each higher level service depending on the functionality defined by the protocols shown in the lower levels. The lower layers of the stack are concerned with moving data over the network and providing services to the upper layers, which are focused on the content of the message being sent and the user interface. 5sing layers to descri!e $ace4to4$ace communication 'or example, consider two people communicating face-to-face. s the figure shows, we can use three layers to describe this activity. t the bottom layer, the )hysical layer, we have two people, each with a voice that can utter words aloud. t the second layer, the %ules layer, we have an agreement to speak in a common language. t the top layer, the &ontent layer, we have the words actually spoken-the content of the communication. Were we to witness this conversation, we would not actually see -layers- floating in space. It is important to understand that the use of layers is a model and, as such, it provides a way to conveniently break a complex task into parts and describe how they work.
47
Individual protocols in a protocol suite may be vendor-specific and proprietary. )roprietary, in this context, means that one company or vendor controls the definition of the protocol and how it functions. 0ome proprietary protocols can be used by different organizations with permission from the owner. *thers can only be implemented on e$uipment manufactured by the proprietary vendor.
48
50
To visualize the interaction between various protocols, it is common to use a layered model. layered model depicts the operation of the protocols occurring within each layer, as well as the interaction with the layers above and below it. There are benefits to using a layered model to describe network protocols and operations. 6sing a layered model" ssists in protocol design, because protocols that operate at a specific layer have defined information that they act upon and a defined interface to the layers above and below. 'osters competition because products from different vendors can work together. )revents technology or capability changes in one layer from affecting other layers above and below. )rovides a common language to describe networking functions and capabilities.
reference model provides a common reference for maintaining consistency within all types of network protocols and services. reference model is not intended to be an implementation specification or to provide a sufficient level of detail to define precisely the services of the network architecture. The primary purpose of a reference model is to aid in clearer understanding of the functions and process involved. The *pen 0ystems Interconnection 2*0I3 model is the most widely known internetwork reference model. It is used for data network design, operation specifications, and troubleshooting. lthough the T&)8I) and *0I models are the primary models used when discussing network functionality, designers of network protocols, services, or devices can create their own models to represent their products. 6ltimately, designers are re$uired to communicate to the industry by relating their product or service to either the *0I model or the T&)8I) model, or to both.
52
s application data is passed down the protocol stack on its way to be transmitted across the network media, various protocols add information to it at each level. This is commonly known as the encapsulation process. The form that a piece of data takes at any layer is called a )rotocol #ata 6nit 2)#63. #uring encapsulation, each succeeding layer encapsulates the )#6 that it receives from the layer above in accordance with the protocol being used. t each stage of the process, a )#6 has a different name to reflect its new appearance. lthough there is no universal naming convention for )#6s, in this course, the )#6s are named according to the protocols of the T&)8I) suite. #ata - The general term for the )#6 used at the pplication layer 0egment - Transport 4ayer )#6 )acket - Internetwork 4ayer )#6 'rame - 7etwork ccess 4ayer )#6 1its - )#6 used when physically transmitting data over the medium
network. The trailer contains error checking information. 'inally the bits are encoded onto the (thernet media by the server 7I&.
55
56
57
4ayer @, the Transport layer of the *0I model, is often used to describe general services or functions that manage individual conversations between source and destination hosts. These functions include acknowledgement, error recovery, and se$uencing. t this layer, the T&)8I) protocols Transmission &ontrol )rotocol 2T&)3 and 6ser #atagram )rotocol 26#)3 provide the necessary functionality. The T&)8I) pplication layer includes a number of protocols that provide specific functionality to a variety of end user applications. The *0I model 4ayers ;, F and C are used as references for application software developers and vendors to produce products that need to access networks for communications.
59
2.-.2
#uring the process of encapsulation, address identifiers are added to the data as it travels down the protocol stack on the source host. =ust as there are multiple layers of protocols that prepare the data for transmission to its destination, there are multiple layers of addressing to ensure its delivery. The first identifier, the host physical address, is contained in the header of the 4ayer D )#6, called a frame. 4ayer D is concerned with the delivery of messages on a single local network. The 4ayer D address is uni$ue on the local network and represents the address of the end device on the physical media. In a 4 7 using (thernet, this address is called the +edia ccess &ontrol 2+ &3 address. When two end devices communicate on the local (thernet network, the frames that are exchanged between them contain the destination and source + & addresses. *nce a frame is successfully received by the destination host, the 4ayer D address information is removed as the data is decapsulated and moved up the protocol stack to 4ayer E.
2.-.+
4ayer E protocols are primarily designed to move data from one local network to another local network within an internetwork. Whereas 4ayer D addresses are only used to communicate between devices on a single local network, 4ayer E addresses must include identifiers that enable intermediary network devices to locate hosts on different networks. In the T&)8I) protocol suite, every I) host address contains information about the network where the host is located. t the boundary of each local network, an intermediary network device, usually a router, decapsulates the frame to read the destination host address contained in the header of the packet, the 4ayer E )#6. %outers use the network identifier portion of this address to determine which path to use to reach the destination host. *nce the path is determined, the router encapsulates the packet in a new frame and sends it on its way toward the destination end device. When the frame reaches its final destination, the frame and packet headers are removed and the data moved up to 4ayer @.
60
2.-.,
t 4ayer @, information contained in the )#6 header does not identify a destination host or a destination network. What it does identify is the specific process or service running on the destination host device that will act on the data being delivered. 5osts, whether they are clients or servers on the Internet, can run multiple network applications simultaneously. )eople using )&s often have an e-mail client running at the same time as a web browser, an instant messaging program, some streaming media, and perhaps even a game. ll these separately running programs are examples of individual processes. :iewing a web page invokes at least one network process. &licking a hyperlink causes a web browser to communicate with a web server. t the same time, in the background, an e-mail client may be sending and receiving email, and a colleague or friend may be sending an instant message. Think about a computer that has only one network interface on it. ll the data streams created by the applications that are running on the )& enter and leave through that one
61
interface, yet instant messages do not popup in the middle of word processor document or email showing up in a game. This is because the individual processes running on the source and destination hosts communicate with each other. (ach application or service is represented at 4ayer @ by a port number. uni$ue dialogue between devices is identified with a pair of 4ayer @ source and destination port numbers that are representative of the two communicating applications. When the data is received at the host, the port number is examined to determine which application or process is the correct destination for the data.
62
C@+. 3pplication Layer 1unctionality 3nd &rotocols +.0 Chapter 'ntroduction +.0.1 Chapter 'ntroduction
+ost of us experience the Internet through the World Wide Web, e-mail services, and file-sharing programs. These applications, and many others, provide the human interface to the underlying network, enabling us to send and receive information with relative ease. Typically the applications that we use are intuitive, meaning we can access and use them without knowing how they work. 5owever, for network professionals, it is important to know how an application is able to format, transmit and interpret messages that are sent and received across the network.
63
:isualizing the mechanisms that enable communication across the network is made easier if we use the layered framework of the *pen 0ystem Interconnection 2*0I3 model. In this chapter, we will focus on the role of one layer, the pplication layer and its components" applications, services, and protocols. We will explore how these three elements make the robust communication across the information network possible. In this chapter, you will learn to" #escribe how the functions of the three upper *0I model layers provide network services to end user applications. #escribe how the T&)8I) pplication 4ayer protocols provide the services specified by the upper layers of the *0I model. #efine how people use the pplication 4ayer to communicate across the information network. #escribe the function of well-known T&)8I) applications, such as the World Wide Web and email, and their related services 25TT), #70, 0+1, #5&), 0+T)8)*), and Telnet3. #escribe file-sharing processes that use peer-to-peer applications and the 9nutella protocol. (xplain how protocols ensure services running on one kind of device can send to and receive data from many different network devices. 6se network analysis tools to examine and explain how common user applications work.
The pplication layer, 4ayer seven, is the top layer of both the *0I and T&)8I) models. It is the layer that provides the interface between the applications we use to communicate and the underlying network over which our messages are transmitted. pplication layer protocols are used to exchange data between programs running on the source and destination hosts. There are many pplication layer protocols and new protocols are always being developed.
65
66
lthough the T&)8I) protocol suite was developed prior to the definition of the *0I model, the functionality of the T&)8I) pplication layer protocols fit roughly into the framework of the top three layers of the *0I model" pplication, )resentation and 0ession layers. +ost T&)8I) pplication layer protocols were developed before the emergence of personal computers, graphical user interfaces and multimedia ob!ects. s a result, these protocols implement very little of the functionality that is specified in the *0I model )resentation and 0ession layers.
67
The &resentation Layer The )resentation layer has three primary functions" &oding and conversion of pplication layer data to ensure that data from the source device can be interpreted by the appropriate application on the destination device. &ompression of the data in a manner that can be decompressed by the destination device. (ncryption of the data for transmission and the decryption of data upon receipt by the destination. )resentation layer implementations are not typically associated with a particular protocol stack. The standards for video and graphics are examples. 0ome well-known standards for video include ?uickTime and +otion )icture (xperts 9roup 2+)(93. ?uickTime is an pple &omputer specification for video and audio, and +)(9 is a standard for video compression and coding. mong the well-known graphic image formats are 9raphics Interchange 'ormat 29I'3, =oint )hotographic (xperts 9roup 2=)(93, and Tagged Image 'ile 'ormat 2TI''3. 9I' and =)(9 are compression and coding standards for graphic images, and TI'' is a standard coding format for graphic images. The Session Layer s the name of the 0ession layer implies, functions at this layer create and maintain dialogs between source and destination applications. The 0ession layer handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time. +ost applications, like web browsers or e-mail clients, incorporate functionality of the *0I layers ;, F and C.
The most widely-known T&)8I) pplication layer protocols are those that provide for the exchange of user information. These protocols specify the format and control information necessary for many of the common Internet communication functions. mong these T&)8I) protocols are" #omain 7ame 0ervice )rotocol 2#703 is used to resolve Internet names to I) addresses. 5ypertext Transfer )rotocol 25TT)3 is used to transfer files that make up the Web pages of the World Wide Web. 0imple +ail Transfer )rotocol 20+T)3 is used for the transfer of mail messages and attachments. Telnet, a terminal emulation protocol, is used to provide remote access to servers and networking devices.
68
'ile Transfer )rotocol 2'T)3 is used for interactive file transfer between systems. The protocols in the T&)8I) suite are generally defined by %e$uests for &omments 2%'&s3. The Internet (ngineering Task 'orce maintains the %'&s as the standards for the T&)8I) suite.
69
70
71
73
In the *0I model, applications that interact directly with people are considered to be at the top of the stack, as are the people themselves. 4ike all layers within the *0I model, the pplication layer relies on the functions of the lower layers in order to complete the communication process. Within the pplication layer, protocols specify what messages are exchanged between the source and destination hosts, the syntax of the control commands, the type and format of the data being transmitted, and the appropriate methods for error notification and recovery. )lay the animation to see the interaction between applications, services, and protocols.
75
sent is met by the expected response and the correct services are invoked when data transfer occurs. +any different types of applications communicate across data networks. Therefore, pplication layer services must implement multiple protocols to provide the desired range of communication experiences. (ach protocol has a specific purpose and contains the characteristics re$uired to meet that purpose. The right protocol details in each layer must be followed so that the functions at one layer interface properly with the services in the lower layer. pplications and services may also use multiple protocols in the course of a single conversation. *ne protocol may specify how to establish the network connection and another describe the process for the data transfer when the message is passed to the next lower layer.
+.2. (aking &rovisions $or 3pplications and Services +.2.1 The Client4Server (odel
When people attempt to access information on their device, whether it is a )&, laptop, )# , cell phone, or some other device connected to a network, the data may not be physically stored on their device. If that is the case, a re$uest to access that information must be made to the device where the data resides. The Client<Server model In the client8server model, the device re$uesting the information is called a client and the device responding to the re$uest is called a server. &lient and server processes are considered to be in the pplication layer. The client begins the exchange by re$uesting data from the server, which responds by sending one or more streams of data to the client. pplication layer protocols describe the format of the re$uests and responses between clients and servers. In addition to the actual data transfer, this exchange may also re$uire control information, such as user authentication and the identification of a data file to be transferred. *ne example of a client8server network is a corporate environment where employees use a company e-mail server to send, receive and store e-mail. The e-mail client on an employee
77
computer issues a re$uest to the e-mail server for any unread mail. The server responds by sending the re$uested e-mail to the client. lthough data is typically described as flowing from the server to the client, some data always flows from the client to the server. #ata flow may be e$ual in both directions, or may even be greater in the direction going from the client to the server. 'or example, a client may transfer a file to the server for storage purposes. #ata transfer from a client to a server is referred to as an upload and data from a server to a client as a download. %oll over the tabs in the figure to view file transfer.
+.2.2 Servers
In a general networking context, any device that responds to re$uests from client applications is functioning as a server. server is usually a computer that contains information to be shared with many client systems. 'or example, web pages, documents, databases, pictures, video, and audio files can all be stored on a server and delivered to re$uesting clients.
78
In other cases, such as a network printer, the print server delivers the client print re$uests to the specified printer. #ifferent types of server applications may have different re$uirements for client access. 0ome servers may re$uire authentication of user account information to verify if the user has permission to access the re$uested data or to use a particular operation. 0uch servers rely on a central list of user accounts and the authorizations, or permissions, 2both for data access and operations3 granted to each user. When using an 'T) client, for example, if you re$uest to upload data to the 'T) server, you may have permission to write to your individual folder but not to read other files on the site. In a client8server network, the server runs a service, or process, sometimes called a server daemon. 4ike most services, daemons typically run in the background and are not under an end user,s direct control. #aemons are described as -listening- for a re$uest from a client, because they are programmed to respond whenever the server receives a re$uest for the service provided by the daemon. When a daemon -hears- a re$uest from a client, it exchanges appropriate messages with the client, as re$uired by its protocol, and proceeds to send the re$uested data to the client in the proper format.
79
80
&eer4to4&eer 3pplications peer-to-peer application 2)D)3, unlike a peer-to-peer network, allows a device to act as both a client and a server within the same communication. In this model, every client is a server and every server a client. 1oth can initiate a communication and are considered e$ual in the communication process. 5owever, peer-to-peer applications re$uire that each end device provide a user interface and run a background service. When you launch a specific peer-to-peer application it invokes the re$uired user interface and background services. fter that the devices can communicate directly. 0ome )D) applications use a hybrid system where resource sharing is decentralized but the indexes that point to resource locations are stored in a centralized directory. In a hybrid system, each peer accesses an index server to get the location of a resource stored on another peer. The index server can also help connect two peers, but once connected, the communication takes place between the two peers without additional communication to the index server. )eer-to-peer applications can be used on peer-to-peer networks, client8server networks, and across the Internet.
81
The #omain 7ame 0ystem 2#703 was created for domain name to address resolution for these networks. #70 uses a distributed set of servers to resolve the names associated with these numbered addresses. The 2NS protocol defines an automated service that matches resource names with the re$uired numeric network address. It includes the format for $ueries, responses, and data formats. #70 protocol communications use a single format called a message. This message format is used for all types of client $ueries and server responses, error messages, and the transfer of resource record information between servers.
83
84
85
#70 is a client8server service< however, it differs from the other client8server services that we are examining. While other services use a client that is an application 2such as web browser, e-mail client3, the #70 client runs as a service itself. The #70 client, sometimes called the #70 resolver, supports name resolution for our other network applications and other services that need it. When configuring a network device, we generally provide one or more #70 0erver addresses that the #70 client can use for name resolution. 6sually the Internet service provider provides the addresses to use for the #70 servers. When a user,s application re$uests to connect to a remote device by name, the re$uesting #70 client $ueries one of these name servers to resolve the name to a numeric address. &omputer operating systems also have a utility called nslookup that allows the user to manually $uery the name servers to resolve a given host name. This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers. In the figure, when the nslookup is issued, the default #70 server configured for your host is displayed. In this example, the #70 server is dns-s!k.cisco.com which has an address of ACA.FG.DDF.ADB. We then can type the name of a host or domain for which we wish to get the address. In the first $uery in the figure, a $uery is made for www.cisco.com. The responding name server provides the address of A.G.AEE.DA..D;. The $ueries shown in the figure are only simple tests. The nslookup has many options available for extensive testing and verification of the #70 process.
86
#70 server provides the name resolution using the name daemon, which is often called named, 2pronounced name-dee3. The #70 server stores different types of resource records used to resolve names. These records contain the name, address, and type of record. 0ome of these record types are" - an end device address 70 - an authoritative name server &7 +( - the canonical name 2or 'ully ?ualified #omain 7ame3 for an alias< used when multiple services have the single network address but each service has its own entry in #70 +> - mail exchange record< maps a domain name to a list of mail exchange servers for that domain When a client makes a $uery, the server,s -named- process first looks at its own records to see if it can resolve the name. If it is unable to resolve the name using its stored records, it contacts other servers in order to resolve the name. The re$uest may be passed along to a number of servers, which can take extra time and consume bandwidth. *nce a match is found and returned to the original re$uesting server, the server temporarily stores the numbered address that matches the name in cache. If that same name is re$uested again, the first server can return the address by using the value stored in its name cache. &aching reduces both the #70 $uery data network traffic and the workloads of servers higher up the hierarchy. The #70 &lient service on Windows )&s optimizes the performance of #70 name resolution by storing previously resolved names in memory, as well. The ipconfig 8displaydns command displays all of the cached #70 entries on a Windows >) or DBBB computer system.
87
The #omain 7ame 0ystem uses a hierarchical system to create a name database to provide name resolution. The hierarchy looks like an inverted tree with the root at the top and branches below. t the top of the hierarchy, the root servers maintain records about how to reach the toplevel domain servers, which in turn have records that point to the secondary level domain servers and so on. The different top-level domains represent either the type of organization or the country of origin. (xamples of top-level domains are" .au 4 3ustralia .co 4 Colom!ia .com 4 a !usiness or industry .Ap 4 Bapan .org 4 a non4pro$it organi6ation fter top-level domains are second-level domain names, and below them are other lower level domains. (ach domain name is a path down this inverted tree starting from the root. 'or example, as shown in the figure, the root #70 server may not know exactly where the e-mail server mail.cisco.com is located, but it maintains a record for the -com- domain within the top-level domain. 4ikewise, the servers within the -com- domain may not have a record for mail.cisco.com, but they do have a record for the -cisco.com- domain. The servers within the cisco.com domain have a record 2a +> record to be precise3 for mail.cisco.com. The #omain 7ame 0ystem relies on this hierarchy of decentralized servers to store and maintain these resource records. The resource records list domain names that the server can resolve and alternative servers that can also process re$uests. If a given server has resource records that correspond to its level in the domain hierarchy, it is said to be authoritative for those records. 'or example, a name server in the cisco.netacad.net domain would not be authoritative for the mail.cisco.com record because that record is held at a higher domain level server, specifically the name server in the cisco.com domain.
88
browser sends a 9(T re$uest to the server and asks for the file web-server.htm. The server in turn sends the 5T+4 code for this web page to the browser. 'inally, the browser deciphers the 5T+4 code and formats the page for the browser window.
90
The 5ypertext Transfer )rotocol 25TT)3, one of the protocols in the T&)8I) suite, was originally developed to publish and retrieve 5T+4 pages and is now used for distributed, collaborative information systems. 5TT) is used across the World Wide Web for data transfer and is one of the most used application protocols. 5TT) specifies a re$uest8response protocol. When a client, typically a web browser, sends a re$uest message to a server, the 5TT) protocol defines the message types the client uses to re$uest the web page and also the message types the server uses to respond. The three common message types are 9(T, )*0T, and )6T.
91
"T is a client re$uest for data. web browser sends the 9(T message to re$uest pages from a web server. s shown in the figure, once the server receives the 9(T re$uest, it responds with a status line, such as 5TT)8A.A DBB */, and a message of its own, the body of which may be the re$uested file, an error message, or some other information. &>ST and &5T are used to send messages that upload data to the web server. 'or example, when the user enters data into a form embedded in a web page, )*0T includes the data in the message sent to the server. &5T uploads resources or content to the web server. lthough it is remarkably flexible, 5TT) is not a secure protocol. The )*0T messages upload information to the server in plain text that can be intercepted and read. 0imilarly, the server responses, typically 5T+4 pages, are also unencrypted. 'or secure communication across the Internet, the 5TT) 0ecure 25TT)03 protocol is used for accessing or posting web server information. 5TT)0 can use authentication and encryption to secure data as it travels between the client and server. 5TT)0 specifies additional rules for passing data between the pplication layer and the Transport 4ayer.
"4mail Server &rocesses 4 (T3 and (23 The e-mail server operates two separate processes" +ail Transfer gent 2+T 3 +ail #elivery gent 2+# 3 The +ail Transfer gent 2+T 3 process is used to forward e-mail. s shown in the figure, the +T receives messages from the +6 or from another +T on another e-mail server. 1ased on the message header, it determines how a message has to be forwarded to reach its destination. If the mail is addressed to a user whose mailbox is on the local server, the mail is passed to the +# . If the mail is for a user not on the local server, the +T routes the e-mail to the +T on the appropriate server.
In the figure, we see that the +ail #elivery gent 2+# 3 accepts a piece of e-mail from a +ail Transfer gent 2+T 3 and performs the actual delivery. The +# receives all the inbound
93
mail from the +T and places it into the appropriate users, mailboxes. The +# can also resolve final delivery issues, such as virus scanning, spam filtering, and return-receipt handling. +ost e-mail communications use the +6 , +T , and +# applications. 5owever, there are other alternatives for e-mail delivery. client may be connected to a corporate e-mail system, such as I1+,s 4otus 7otes, 7ovell,s 9roupwise, or +icrosoft,s (xchange. These systems often have their own internal email format, and their clients typically communicate with the e-mail server using a proprietary protocol. The server sends or receives e-mail via the Internet through the product,s Internet mail gateway, which performs any necessary reformatting. s another alternative, computers that do not have an +6 can still connect to a mail service on a web browser in order to retrieve and send messages in this manner. 0ome computers may run their own +T and manage inter-domain e-mail themselves. If, for example, two people who work for the same company exchange e-mail with each other using a proprietary protocol, their messages may stay completely within the company,s corporate e-mail system.
s mentioned earlier, e-mail can use the protocols, )*) and 0+T) 2see the figure for an explanation of how they each work3. )*) and )*)E 2)ost *ffice )rotocol, version E3 are inbound mail delivery protocols and are typical client8server protocols. They deliver e-mail from the e-mail server to the client 2+6 3. The +# listens for when a client connects to a server. *nce a connection is established, the server can deliver the e-mail to the client. The 0imple +ail Transfer )rotocol 20+T)3, on the other hand, governs the transfer of outbound e-mail from the sending client to the e-mail server 2+# 3, as well as the transport of e-mail between e-mail servers 2+T 3. 0+T) enables e-mail to be transported across data networks between different types of server and client software and makes e-mail exchange over the Internet possible. The 0+T) protocol message format uses a rigid set of commands and replies. These commands support the procedures used in 0+T), such as session initiation, mail transaction, forwarding mail, verifying mailbox names, expanding mailing lists, and the opening and closing exchanges. 0ome of the commands specified in the 0+T) protocol are"
94
5(4* - identifies the 0+T) client process to the 0+T) server process (54* - Is a newer version of 5(4*, which includes services extensions + I4 '%*+ - Identifies the sender %&)T T* - Identifies the recipient # T - Identifies the body of the message
+.+.,. 1T&
The 'ile Transfer )rotocol 2'T)3 is another commonly used pplication layer protocol. 'T) was developed to allow for file transfers between a client and a server. n 'T) client is an application that runs on a computer that is used to push and pull files from a server running the 'T) daemon 2'T)d3. To successfully transfer files, 'T) re$uires two connections between the client and the server" one for commands and replies, the other for the actual file transfer. The client establishes the first connection to the server on T&) port DA. This connection is used for control traffic, consisting of client commands and server replies. The client establishes the second connection to the server over T&) port DB. This connection is for the actual file transfer and is created every time there is a file transferred. The file transfer can happen in either direction. The client can download 2pull3 a file from the server or, the client can upload 2push3 a file to the server.
95
+.+.- 2@C& The #ynamic 5ost &onfiguration )rotocol 2#5&)3 service enables devices on a network to obtain I) addresses and other information from a #5&) server. This service automates the assignment of I) addresses, subnet masks, gateway and other I) networking parameters. #5&) allows a host to obtain an I) address dynamically when it connects to the network. The #5&) server is contacted and an address re$uested. The #5&) server chooses an address from a configured range of addresses called a pool and assigns 2-leases-3 it to the host for a set period. *n larger local networks, or where the user population changes fre$uently, #5&) is preferred. 7ew users may arrive with laptops and need a connection. *thers have new workstations that need to be connected. %ather than have the network administrator assign I) addresses for each workstation, it is more efficient to have I) addresses assigned automatically using #5&). #5&) distributed addresses are not permanently assigned to hosts but are only leased for a period of time. If the host is powered down or taken off the network, the address is returned to the pool for reuse. This is especially helpful with mobile users that come and go on a network. 6sers can freely move from location to location and re-establish network connections. The host can obtain an I) address once the hardware connection is made, either via a wired or wireless 4 7. #5&) makes it possible for you to access the Internet using wireless hotspots at airports or coffee shops. s you enter the area, your laptop #5&) client contacts the local #5&) server via a wireless connection. The #5&) server assigns an I) address to your laptop. s the figure shows, various types of devices can be #5&) servers when running #5&) service software. The #5&) server in most medium to large networks is usually a local dedicated )&-based server. With home networks the #5&) server is usually located at the I0) and a host on the home network receives its I) configuration directly from the I0). #5&) can pose a security risk because any device connected to the network can receive an address. This risk makes physical security an important factor when determining whether to use dynamic or manual addressing. #ynamic and static addressing both have their places in network designs. +any networks use both #5&) and static addressing. #5&) is used for general purpose hosts such as end user devices, and fixed addresses are used for network devices such as gateways, switches, servers and printers.
96
Without #5&), users have to manually input the I) address, subnet mask and other network settings in order to !oin the network. The #5&) server maintains a pool of I) addresses and leases an address to any #5&)-enabled client when the client is powered on. 1ecause the I) addresses are dynamic 2leased3 rather than static 2permanently assigned3, addresses no longer in use are automatically returned to the pool for reallocation. When a #5&)-configured device boots up or connects to the network, the client broadcasts a #5&) #I0&*:(% packet to identify any available #5&) servers on the network. #5&) server replies with a #5&) *''(%, which is a lease offer message with an assigned I) address, subnet mask, #70 server, and default gateway information as well as the duration of the lease. The client may receive multiple #5&) *''(% packets if there is more than one #5&) server on the local network, so it must choose between them, and broadcast a #5&) %(?6(0T packet that identifies the explicit server and lease offer that the client is accepting. client may choose to re$uest an address that it had previously been allocated by the server. ssuming that the I) address re$uested by the client, or offered by the server, is still valid, the server would return a #5&) &/ message that acknowledges to the client the lease is finalized. If the offer is no longer valid - perhaps due to a time-out or another client allocating the lease - then the selected server will respond with a #5&) 7 / message 27egative cknowledgement3. If a #5&) 7 / message is returned, then the selection process must begin again with a new #5&) #I0&*:(% message being transmitted. *nce the client has the lease, it must be renewed prior to the lease expiration through another #5&) %(?6(0T message. The #5&) server ensures that all I) addresses are uni$ue 2an I) address cannot be assigned to two different network devices simultaneously3. 6sing #5&) enables network administrators to easily reconfigure client I) addresses without having to manually make changes to the clients. +ost Internet providers use #5&) to allocate addresses to their customers who do not re$uire a static address. The fourth &&7 (xploration course will cover the operation of #5&) in greater detail.
97
+.+.7 1ile Sharing Services and S(; &rotocol The 0erver +essage 1lock 20+13 is a client8server file sharing protocol. I1+ developed 0erver +essage 1lock 20+13 in the late A.GBs to describe the structure of shared network resources, such as directories, files, printers, and serial ports. It is a re$uest-response protocol. 6nlike the file sharing supported by 'T), clients establish a long term connection to servers. *nce the connection is established, the user of the client can access the resources on the server as if the resource is local to the client host. 0+1 file-sharing and print services have become the mainstay of +icrosoft networking. With the introduction of the Windows DBBB series of software, +icrosoft changed the underlying structure for using 0+1. In previous versions of +icrosoft products, the 0+1 services used a non-T&)8I) protocol to implement name resolution. 1eginning with Windows DBBB, all subse$uent +icrosoft products use #70 naming. This allows T&)8I) protocols to directly support 0+1 resource sharing, as shown in the figure. The 4I76> and 67I> operating systems also provide a method of sharing resources with +icrosoft networks using a version of 0+1 called 0 +1 . The pple +acintosh operating systems also support resource sharing using the 0+1 protocol.
The 0+1 protocol describes file system access and how clients can make re$uests for files. It also describes the 0+1 protocol inter-process communication. ll 0+1 messages share a common format. This format uses a fixed-sized header followed by a variable-sized parameter and data component. 0+1 messages can" 0tart, authenticate, and terminate sessions &ontrol file and printer access
98
llow an application to send or receive messages to or from another device The 0+1 file exchange process is shown in the figure.
nutella &rotocol
Iou learned about 'T) and 0+1 as ways of obtaining files, here is another pplication protocol. 0haring files over the Internet has become extremely popular. With )D) applications based on the 9nutella protocol, people can make files on their hard disks available to others for downloading. 9nutella-compatible client software allows users to connect to 9nutella services over the Internet and to locate and access resources shared by other 9nutella peers. +any client applications are available for accessing the 9nutella network, including" 1ear0hare, 9nucleus, 4imeWire, +orpheus, Win+> and >olo> 2see a screen capture of 4imeWire in the figure3. While the 9nutella #eveloper 'orum maintains the basic protocol, application vendors often develop extensions to make the protocol work better on their applications.
99
+any )D) applications do not use a central database to record all the files available on the peers. Instead, the devices on the network each tell the other what files are available when $ueried and use the 9nutella protocol and services to support locating resources. 0ee the figure. When a user is connected to a 9nutella service, the client applications will search for other 9nutella nodes to connect to. These nodes handle $ueries for resource locations and replies to those re$uests. They also govern control messages, which help the service discover other nodes. The actual file transfers usually rely on 5TT) services. The 9nutella protocol defines five different packet types" ping - for device discovery pong - as a reply to a ping $uery - for file location $uery hit - as a reply to a $uery push - as a download re$uest
100
101
Telnet is a client8server protocol and it specifies how a :TI session is established and terminated. It also provides the syntax and order of the commands used to initiate the Telnet session, as well as control commands that can be issued during a session. (ach Telnet command consists of at least two bytes. The first byte is a special character called the Interpret as &ommand 2I &3 character. s its name implies, the I & defines the next byte as a command rather than text. 0ome sample Telnet protocol commands include" 3re Cou There )3CT* - 4ets the user re$uest that something appear on the terminal screen to indicate that the :TI session is active. "rase Line )"L* - #eletes all text from the current line. 'nterrupt &rocess )'&* - 0uspends, interrupts, aborts, or terminates the process to which the :irtual Terminal is connected. 'or example, if a user started a program on the Telnet server via the :TI, he or she could send an I) command to stop the program. While the Telnet protocol supports user authentication, it does not support the transport of encrypted data. ll data exchanged during a Telnet sessions is transported as plain text across the network. This means that the data can be intercepted and easily understood. If security is a concern, the 0ecure 0hell 20053 protocol offers an alternate and secure method for server access. 005 provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports the transport of session data using encryption. 3s a !est practice8 network pro$essionals should always use SS@ in place o$ Telnet8 whenever possi!le. 4ater in this course, we will use Telnet and 005 to access and configure network devices over the lab network.
102
3pplications are computer programs with which the user interacts and which initiate the data transfer process at the user,s re$uest. Services are background programs that provide the connection between the and the lower layers of the networking model. pplication layer
&rotocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices. #elivery of data over the network can be re$uested from a server by a client8 or between devices that operate in a peer4to4peer arrangement, where the client8server relationship is established according to which device is the source and destination at that time. (essages are exchanged between the pplication layer services at each end device in accordance with the protocol specifications to establish and use these relationships. )rotocols like @TT&8 for example, support the delivery of web pages to end devices. S(T&<&>& protocols support sending and receiving e-mail. S(; enables users to share files. 2NS resolves the human legible names used to refer to network resources into numeric addresses usable by the network.
to be of use. In other cases, an application can tolerate some loss of data during transmission over the network. In today,s converged networks, applications with very different transport needs may be communicating on the same network. The different Transport layer protocols have different rules allowing devices to handle these diverse data re$uirements. 0ome protocols provide !ust the basic functions for efficiently delivering the data pieces between the appropriate applications. These types of protocols are useful for applications whose data is sensitive to delays. *ther Transport layer protocols describe processes that provide additional features, such as ensuring reliable delivery between the applications. While these additional functions provide more robust communication at the Transport layer between applications, they have additional overhead and make larger demands on the network.
Separating (ultiple Communications &onsider a computer connected to a network that is simultaneously receiving and sending e-mail and instant messages, viewing websites, and conducting a :oI) phone call. (ach of these applications is sending and receiving data over the network at the same time. 5owever, data from the phone call is not directed to the web browser, and text from an instant message does not appear in an e-mail. 'urther, users re$uire that an e-mail or web page be completely received and presented for the information to be considered useful. 0light delays are considered acceptable to ensure that the complete information is received and presented. In contrast, occasionally missing small parts of a telephone conversation might be considered acceptable. *ne can either infer the missing audio from the context of the conversation or ask the other person to repeat what they said. This is considered preferable to the delays that would result from asking the network to manage and resend missing segments. In this example, the user - not the network - manages the resending or replacement of missing information.
106
s explained in a previous chapter, sending some types of data - a video for example across a network as one complete communication stream could prevent other communications from occurring at the same time. It also makes error recovery and retransmission of damaged data difficult. #ividing data into small parts, and sending these parts from the source to the destination, enables many different communications to be interleaved 2multiplexed3 on the same network. 0egmentation of the data, in accordance with Transport layer protocols, provides the means to both send and receive data when running multiple applications concurrently on a computer. Without segmentation, only one application, the streaming video for example, would be able to receive data. Iou could not receive e-mails, chat on instant messenger, or view web pages while also viewing the video. t the Transport layer, each particular set of pieces flowing between a source application and a destination application is known as a conversation. To identify each segment of data, the Transport layer adds to the piece a header containing binary data. This header contains fields of bits. It is the values in these fields that enable different Transport layer protocols to perform different functions.
107
108
"sta!lishing a Session The Transport layer can provide this connection orientation by creating a sessions between the applications. These connections prepare the applications to communicate with each other before any data is transmitted. Within these sessions, the data for a communication between the two applications can be closely managed. /elia!le 2elivery 'or many reasons, it is possible for a piece of data to become corrupted, or lost completely, as it is transmitted over the network. The Transport layer can ensure that all pieces reach their destination by having the source device to retransmit any data that is lost. Same >rder 2elivery 1ecause networks may provide multiple routes that can have different transmission times, data can arrive in the wrong order. 1y numbering and se$uencing the segments, the Transport layer can ensure that these segments are reassembled into the proper order. 1low Control 7etwork hosts have limited resources, such as memory or bandwidth. When Transport layer is aware that these resources are overtaxed, some protocols can re$uest that the sending application reduce the rate of data flow. This is done at the Transport layer by regulating the amount of data the source transmits as a group. 'low control can prevent the loss of segments on the network and avoid the need for retransmission. s the protocols are discussed in this chapter, these services will be explained in more detail.
109
pplications, such as databases, web pages, and e-mail, re$uire that all of the sent data arrive at the destination in its original condition, in order for the data to be useful. ny missing data could cause a corrupt communication that is either incomplete or unreadable. Therefore, these applications are designed to use a Transport layer protocol that implements reliability. The additional network overhead is considered to be re$uired for these applications. *ther applications are more tolerant of the loss of small amounts of data. 'or example, if one or two segments of a video stream fail to arrive, it would only create a momentary disruption in the stream. This may appear as distortion in the image but may not even be noticeable to the user. Imposing overhead to ensure reliability for this application could reduce the usefulness of the application. The image in a streaming video would be greatly degraded if the destination device had to account for lost data and delay the stream while waiting for its arrival. It is better to render the best image possible at the time with the segments that arrive and forego reliability. If reliability is re$uired for some reason, these applications can provide error checking and retransmission re$uests.
T&) is a connection-oriented protocol, described in %'& C.E. T&) incurs additional overhead to gain functions. dditional functions specified by T&) are the same order delivery, reliable delivery, and flow control. (ach T&) segment has DB bytes of overhead in the header encapsulating the pplication layer data, whereas each 6#) segment only has G bytes of overhead. 0ee the figure for a comparison. pplications that use T&) are" Web 1rowsers (-mail 'ile Transfers
is the default port assigned to web-serving applications. +any common applications have default port assignments. The source port in a segment or datagram header of a client re$uest is randomly generated from port numbers greater than ABDE. s long as it does not conflict with other ports in use on the system, the client can choose any port number from the range of default port numbers used by the operating system. This port number acts like a return address for the re$uesting application. The Transport layer keeps track of this port and the application that initiated the re$uest so that when a response is returned, it can be forwarded to the correct application. The re$uesting application port number is used as the destination port number in the response coming back from the server. The combination of the Transport layer port number and the 7etwork layer I) address assigned to the host uni$uely identifies a particular process running on a specific host device. This combination is called a socket. *ccasionally, you may find the terms port number and socket used interchangeably. In the context of this course, the term socket refers only to the uni$ue combination of I) address and port number. socket pair, consisting of the source and destination I) addresses and port numbers, is also uni$ue and identifies the conversation between the two hosts. 'or example, an 5TT) web page re$uest being sent to a web server 2port GB3 running on a host with a 4ayer E I)v@ address of A.D.AFG.A.DB would be destined to socket A.D.AFG.A.DB"GB. If the web browser re$uesting the web page is running on host A.D.AFG.ABB.@G and the #ynamic port number assigned to the web browser is @.A;D, the socket for the web page would be A.D.AFG.ABB.@G"@.A;D.
The Internet ssigned 7umbers uthority 2I 7 3 assigns port numbers. I 7 standards body that is responsible for assigning various addressing standards.
is a
There are different types of port numbers" Well Fnown &orts 27umbers B to ABDE3 - These numbers are reserved for services and applications. They are commonly used for applications such as 5TT) 2web server3 )*)E80+T) 2e-mail server3 and Telnet. 1y defining these well-known ports for server applications, client applications can be programmed to re$uest a connection to that specific port and its associated service.
113
/egistered &orts 27umbers ABD@ to @.A;A3 - These port numbers are assigned to user processes or applications. These processes are primarily individual applications that a user has chosen to install rather than common applications that would receive a Well /nown )ort. When not used for a server resource, these ports may also be used dynamically selected by a client as its source port. 2ynamic or &rivate &orts 27umbers @.A;D to F;;E;3 - lso known as (phemeral )orts, these are usually assigned dynamically to client applications when initiating a connection. It is not very common for a client to connect to a service using a #ynamic or )rivate )ort 2although some peer-to-peer file sharing programs do3. 5sing !oth TC& and 52& 0ome applications may use both T&) and 6#). 'or example, the low overhead of 6#) enables #70 to serve many client re$uests very $uickly. 0ometimes, however, sending the re$uested information may re$uire the reliability of T&). In this case, the well known port number of ;E is used by both protocols with this service. Links current list of port numbers can be found at http"88www.iana.org8assignments8port-numbers.
114
115
. 0ometimes it is necessary to know which active T&) connections are open and running on a networked host. Netstat is an important network utility that can be used to verify those connections. Netstat lists the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection. 6nexplained T&) connections can pose a ma!or security threat. This is because they can indicate that something or someone is connected to the local host. dditionally, unnecessary T&) connections can consume valuable system resources thus slowing down the host,s performance. Netstat should be used to examine the open connections on a host when performance appears to be compromised. +any useful options are available for the netstat command.
116
117
2ividing application data into pieces !oth ensures that data is transmitted within the limits o$ the media and that data $rom di$$erent applications can !e multiple#ed on to the media. TC& and 52& @andle Segmentation 2i$$erently. In T&), each segment header contains a se$uence number. This se$uence number allows the Transport layer functions on the destination host to reassemble segments in the order in which they were transmitted. This ensures that the destination application has the data in the exact form the sender intended. lthough services using 6#) also track the conversations between applications, they are not concerned with the order in which the information was transmitted, or in maintaining a connection. There is no se$uence number in the 6#) header. 6#) is a simpler design and generates less overhead than T&), resulting in a faster transfer of data. Information may arrive in a different order than it was transmitted because different packets may take different paths through the network. n application that uses 6#) must tolerate the fact that data may not arrive in the order in which it was sent.
,.2. The TC& &rotocol 9 Communicating with /elia!ility ,.2.1. TC& 9 (aking Conversations /elia!le
The key distinction !etween TC& and 52& is relia!ility. The reliability of T&) communication is performed using connection-oriented sessions. 1efore a host using T&) sends data to another host, the Transport layer initiates a process to create a connection with the destination. This connection enables the tracking of a session, or communication stream between the hosts. This process ensures that each host is aware of and prepared for the communication. complete T&) conversation re$uires the establishment of a session between the hosts in both directions. fter a session has been established, the destination sends acknowledgements to the source for the segments that it receives. These acknowledgements form the basis of reliability within the T&) session. s the source receives an acknowledgement, it knows that the data has been successfully delivered and can $uit tracking that data. If the source does not receive an
119
acknowledgement within a predetermined amount of time, it retransmits that data to the destination. )art of the additional overhead of using T&) is the network traffic generated by acknowledgements and retransmissions. The establishment of the sessions creates overhead in the form of additional segments being exchanged. There is also additional overhead on the individual hosts created by the necessity to keep track of which segments are awaiting acknowledgement and by the retransmission process. This reliability is achieved by having fields in the T&) segment, each with a specific function, as shown in the figure. These fields will be discussed later in this section.
#ataJ application data *ptions 2if any3Joptional information 6rgent )onterJ only used with an 6%9 2urgent3 flag T&) &hecksumJ used for error &hecking the heather and data Window 0izeJ is the dynamic window-how many octets can be send before waiting for acknowledgement 'lagsJused in session management and in the treatment of segments %eservedJ reserved set to zero 5eader 4engthJ specifies the length of the segment header in bytes cknowledgement 7umberJ specifies the next octet expected by the receiver 0e$uence 7umberJ specifies the number of the last octet 2byte3 in a segment #estination )ort 7umberJidentifies the upper layer protocol or application on remote site 0ource )ort 7umberJ T&) session on the device that opened a connection K normally a random value above ABDE
specific port, that port is considered to be -open- on the server. This means that the Transport layer accepts and processes segments addressed to that port. ny incoming client re$uest addressed to the correct socket is accepted and the data is passed to the server application. There can be many simultaneous ports open on a server, one for each active server application. It is common for a server to provide more than one service, such as a web server and an 'T) server, at the same time. *ne way to improve security on a server is to restrict server access to only those ports associated with the services and applications that should be accessible to authorized re$uestors. The figure shows the typical allocation of source and destination ports in T&) client8server operations.
121
122
5/ - 6rgent pointer field significant 3CF - cknowledgement field significant &S@ - )ush function /ST - %eset the connection SCN - 0ynchronize se$uence numbers 1'N - 7o more data from sender These fields are referred to as flags, because the value of one of these fields is only A bit and, therefore, has only two values" A or B. When a bit value is set to A, it indicates what control information is contained in the segment. 6sing a four-step process, flags are exchanged to terminate a T&) connection.
124
125
126
,.2., TC& Three4Way @andshake 6sing the Wireshark outputs, you can examine the operation of the T&) E-way handshake" Step 1 T&) client begins the three-way handshake by sending a segment with the 0I7 20ynchronize 0e$uence 7umber3 control flag set, indicating an initial value in the se$uence number field in the header. This initial value for the se$uence number, known as the Initial 0e$uence 7umber 2I073, is randomly chosen and is used to begin tracking the flow of data from
127
the client to the server for this session. The I07 in the header of each segment is increased by one for each byte of data sent from the client to the server as the data conversation continues. s shown in the figure, output from a protocol analyzer shows the 0I7 control flag and the relative se$uence number. The 0I7 control flag is set and the relative se$uence number is at B. lthough the protocol analyzer in the graphic indicates the relative values for the se$uence and acknowledgement numbers, the true values are ED bit binary numbers. We can determine the actual numbers sent in the segment headers by examining the )acket 1ytes pane. 5ere you can see the four bytes represented in hexadecimal.
Step 2 The T&) server needs to acknowledge the receipt of the 0I7 segment from the client to establish the session from the client to the server. To do so, the server sends a segment back to the client with the &/ flag set indicating that the cknowledgment number is significant. With this flag set in the segment, the client recognizes this as an acknowledgement that the server received the 0I7 from the T&) client. The value of the acknowledgment number field is e$ual to the client initial se$uence number plus A. This establishes a session from the client to the server. The &/ flag will remain set for the balance of the session. %ecall that the conversation between the client and the server is actually two one-way sessions" one from the client to the server, and the other from the server to the client. In this second step of the three-way handshake, the server must initiate the response from the server to the client. To start this session, the server uses the 0I7 flag in the same way that the client did. It sets the 0I7 control flag in the header to establish a session from the server to the client. The 0I7 flag indicates that the initial value of the se$uence number field is in the header. This value will be used to track the flow of data in this session from the server back to the client. s shown in the figure, the protocol analyzer output shows that the &/ and 0I7 control flags are set and the relative se$uence and acknowledgement numbers are shown.
128
Step + 'inally, the T&) client responds with a segment containing an &/ that is the response to the T&) 0I7 sent by the server. There is no user data in this segment. The value in the acknowledgment number field contains one more than the initial se$uence number received from the server. *nce both sessions are established between client and server, all additional segments exchanged in this communication will have the &/ flag set. s shown in the figure, the protocol analyzer output shows the &/ control flag set and the relative se$uence and acknowledgement numbers are shown. 0ecurity can be added to the data network by" #enying the establishment of T&) sessions *nly allowing sessions to be established for specific services *nly allowing traffic as a part of already established sessions This security can be implemented for all T&) sessions or only for selected sessions.
129
number in segments sent back to the source to indicate the next byte in this session that the receiver expects to receive. This is called expectational acknowledgement. The source is informed that the destination has received all bytes in this data stream up to, but not including, the byte indicated by the acknowledgement number. The sending host is expected to send a segment that uses a se$uence number that is e$ual to the acknowledgement number. %emember, each connection is actually two one-way sessions. 0e$uence numbers and acknowledgement numbers are being exchanged in both directions. In the example in the figure, the host on the left is sending data to the host on the right. It sends a segment containing AB bytes of data for this session and a se$uence number e$ual to A in the header. The receiving host on the right receives the segment at 4ayer @ and determines that the se$uence number is A and that it has AB bytes of data. The host then sends a segment back to the host on the left to acknowledge the receipt of this data. In this segment, the host sets the acknowledgement number to AA to indicate that the next byte of data it expects to receive in this session is byte number AA. 7ote, the ck. value in the source host stays A to indicate that the segment is part of an ongoing conversation and the number in the cknowledgment 7umber field is valid. When the sending host on the left receives this acknowledgement, it can now send the next segment containing data for this session starting with byte number AA. 4ooking at this example, if the sending host had to wait for acknowledgement of the receipt of each AB bytes, the network would have a lot of overhead. To reduce the overhead of these acknowledgements, multiple segments of data can be sent before and acknowledged with a single T&) message in the opposite direction. This acknowledgement contains an acknowledgement number based on the total number of bytes received in the session. 'or example, starting with a se$uence number of DBBB, if AB segments of ABBB bytes each were received, an acknowledgement number of ADBBB would be returned to the source. The amount of data that a source can transmit before an acknowledgement must be received is called the window size. Window 0ize is a field in the T&) header that enables the management of lost data and flow control.
7o matter how well designed a network is, data loss will occasionally occur. Therefore, T&) provides methods of managing these segment losses. mong these is a mechanism to retransmit segments with unacknowledged data. destination host service using T&) usually only acknowledges data for contiguous se$uence bytes. If one or more segments are missing, only the data in the segments that complete the stream are acknowledged. 'or example, if segments with se$uence numbers A;BB to EBBB and E@BB to E;BB were received, the acknowledgement number would be EBBA. This is because there are segments with the se$uence numbers EBBA to EE.. that have not been received. When T&) at the source host has not received an acknowledgement after a predetermined amount of time, it will go back to the last acknowledgement number that it received and retransmit data from that point forward. The retransmission process is not specified by the %'&, but is left up to the particular implementation of T&). 'or a typical T&) implementation, a host may transmit a segment, put a copy of the segment in a retransmission $ueue, and start a timer. When the data acknowledgment is received, the segment is deleted from the $ueue. If the acknowledgment is not received before the timer expires, the segment is retransmitted. The animation demonstrates the retransmission of lost segments. 5osts today may also employ an optional feature called 0elective cknowledgements. If both hosts support 0elective cknowledgements, it is possible for the destination to acknowledge bytes in discontinuous segments and the host would only need to retransmit the missing data.
134
/educing Window Si6e nother way to control the data flow is to use dynamic window sizes. When network resources are constrained, T&) can reduce the window size to re$uire that received segments be acknowledged more fre$uently. This effectively slows down the rate of transmission because the source waits for data to be acknowledged more fre$uently. The T&) receiving host sends the window size value to the sending T&) to indicate the number of bytes that it is prepared to receive as a part of this session. If the destination needs to slow down the rate of communication because of limited buffer memory, it can send a smaller window size value to the source as part of an acknowledgement. s shown in the figure, if a receiving host has congestion, it may respond to the sending host with a segment with a reduced window size. In this graphic, there was a loss of one of the segments. The receiver changed the window field in the T&) header of the returning segments in this conversation from EBBB down to A;BB. This caused the sender to reduce the window size to A;BB. fter periods of transmission with no data losses or constrained resources, the receiver will begin to increase the window field. This reduces the overhead on the network because fewer acknowledgments need to be sent. Window size will continue to increase until there is data loss, which will cause the window size to be decreased. This dynamic increasing and decreasing of window size is a continuous process in T&), which determines the optimum window size for each T&) session. In highly efficient networks, window sizes may become very large because data is not being lost. In networks where the underlying infrastructure is being stressed, the window size will likely remain small. 4inks #etails of T&),s various congestion management features can be found in %'& D;GA. http"88www.ietf.org8rfc8rfcD;GA.txt
135
,.,. The 52& &rotocol 9 Communicating with Low >verhead ,.,.1 52&4 Low >verhead vs. /elia!ility
6#) is a simple protocol that provides the basic Transport layer functions. It has a much lower overhead than T&), since it is not connection-oriented and does not provide the sophisticated retransmission, se$uencing, and flow control mechanisms. This does not mean that applications that use 6#) are always unreliable. It simply means that these functions are not provided by the Transport layer protocol and must be implemented elsewhere if re$uired. lthough the total amount of 6#) traffic found on a typical network is often relatively low, key pplication layer protocols that use 6#) include" #omain 7ame 0ystem 2#703 0imple 7etwork +anagement )rotocol 207+)3 #ynamic 5ost &onfiguration )rotocol 2#5&)3 %outing Information )rotocol 2%I)3 Trivial 'ile Transfer )rotocol 2T'T)3 *nline games 0ome applications, such as online games or :oI), can tolerate some loss of some data. If these applications used T&), they may experience large delays while T&) detects data loss and retransmits data. These delays would be more detrimental to the application than small data losses. 0ome applications, such as #70, will simply retry the re$uest if they do not receive a response, and therefore they do not need T&) to guarantee the message delivery. The low overhead of 6#) makes it very desirable for such applications.
136
137
138
139
140
141
The choice of Transport layer protocol is made by the developer of the application to best meet the user re$uirements. The developer bears in mind, though, that the other layers all play a part in data network communications and will influence its performance.
142