CONTENTS

(1)- Introduction
(2)- Network Topologies
• Bus
• Ring
• Star
(3)- Local Area Network(LAN)
• Wireless LAN
(4)- Wide Area Network(WAN)
(5)- Metropolitan Area Network(MAN)
(6)- OSI Model
(7)- TCP/IP Model
(8)- Networking Equipments
• Hubs
• Switches
• Hubs vs. Switches
• Routers
• Bridges
• Network Interface Card
(9)- Internet Protocol Addressing
(10)- Network Security
(11)- Firewall Basics
(1)- Introduction
A computer network is composed of multiple connected computers that communicate over a
wired or wireless medium to share data and other resources. For instance, a home computer
network may consist of two or more computers that share files and a printer using the network.
The size and scalability of any computer network are determined both by the physical medium of
communication and by the software controlling the communication (i.e., the protocols).

A typical network consists of:

• Nodes (computers)
• A connecting medium (wired or wireless)
• Specialized network equipment like routers or hubs.
In the case of the Internet, all of these pieces work together to allow your computer to send
information to another computer that could be on the other side of the world!
Here are some of the fundamental parts of a network:

• Network - A network is a group of computers connected together in a way that allows

information to be exchanged between the computers.
• Node - A node is anything that is connected to the network. While a node is typically a
computer, it can also be something like a printer or CD-ROM tower.
• Segment - A segment is any portion of a network that is separated, by a switch, bridge
or router, from other parts of the network.
• Backbone - The backbone is the main cabling of a network that all of the segments
connect to. Typically, the backbone is capable of carrying more information than the
individual segments. For example, each segment may have a transfer rate of 10 Mbps
(megabits per second), while the backbone may operate at 100 Mbps.
• Topology - Topology is the way that each node is physically connected to the network
• Local Area Network (LAN) - A LAN is a network of computers that are in the
same general physical location, usually within a building or a campus. If the computers are
 far apart (such as across town or in different cities), then a Wide Area Network (WAN) is
typically used.
• Network Interface Card (NIC) - Every computer (and most other devices) is
connected to a network through an NIC. In most desktop computers, this is an Ethernet card
(normally 10 or 100 Mbps) that is plugged into a slot on the computer's motherboard.

(2)- Network Topologies

Some of the most common topologies in use today include:

Bus - Each node is daisy-chained (connected one right after the other) along the same
backbone, similar to Christmas lights. Information sent from a node travels along the backbone
until it reaches its destination node. Each end of a bus network must be terminated with a
resistor to keep the signal that is sent by a node across the network from bouncing back when it
reaches the end of the cable.

Bus Network Topology

Ring - Like a bus network, rings have the nodes daisy-chained. The difference is that the end
of the network comes back around to the first node, creating a complete circuit. In a ring
network, each node takes a turn sending and receiving information through the use of a token.
The token, along with any data, is sent from the first node to the second node, which extracts the
data addressed to it and adds any data it wishes to send. Then, the second node passes the token
and data to the third node, and so on until it comes back around to the first node again. Only the
node with the token is allowed to send data. All other nodes must wait for the token to come to
them.

Ring Network Topology

Star - In a star network, each node is connected to a central device called a hub. The hub takes
a signal that comes from any node and passes it along to all the other nodes in the network. A
hub does not perform any type of filtering or routing of the data. It is simply a junction that joins
all the different nodes together.

Star network Topology

(3)- Local Area Network(LAN)

A local area network is exactly that – local. It is generally confined to a building or small
campus. LANs are constructed using Ethernet data switches and cabling. PCs, printers and file
servers are connected to the switch via Category-5 (commonly referred to as Cat-5) cables.
Contrary to popular belief, ALL computers use Media Access Control (MAC) addresses to talk
to each other – not IP addresses. The IP address merely gets the data to a location – not the
device. LAN speeds can range from 10megabit (10 million bits per second) to Gigabit Ethernet
(GIG-E, 1000million bits per second), depending on the devices involved. It is also possible to
configure virtual LANs (VLANs) on most LANs. VLANs allow for the separation of groups of
devices so they are invisible to devices on another VLAN on the same switch. As an example,
Voice over IP (VoIP) phone systems use VLANs to separate the phones from computers.
A local area network (LAN) is a computer network covering a small geographic area, like a
home, office, or group of buildings. The defining characteristics of LANs, in contrast to Wide
Area Networks (WANs), include their much higher data transfer rates, smaller geographic range,
and lack of a need for leased telecommunication lines.

Ethernet over unshielded twisted pair cabling, and Wi-Fi are the two most common technologies
currently, but ARCNET, Token Ring and many others have been used in the past.

Local area network is a network that spans a relatively small space and provides services to a
small amount of people. Depending on the amount of people that use a Local Area Network, a
peer-to-peer or client-server method of networking may be used. A peer-to-peer network is
where each client shares their resources with other workstations in the network. Examples of
peer-to-peer networks are: Small office networks where resource use is minimal and a home
network. A client-server network is where every client is connected to the server and each other.
Client-server networks use servers in different capacities. These can be classified into two types:
Single-service servers, where the server performs one task such as file server, print server, etc.;
while other servers can not only perform in the capacity of file servers and print servers, but they
also conduct calculations and use these to provide information to clients (Web/Intranet Server).
Computers are linked via Ethernet Cable, can be joined either directly (one computer to another),
or via a network hub that allows multiple connections.
(a)- Wireless LAN

Not all networks are connected with cabling; some networks are wireless. Wireless LANs use
high frequency radio signals, infrared light beams, or lasers to communicate between the
workstations and the file server or hubs. Each workstation and file server on a wireless network
has some sort of transceiver/antenna to send and receive the data. Information is relayed between
transceivers as if they were physically connected. For longer distance, wireless communications
can also take place through cellular telephone technology, microwave transmission, or by
satellite.
Wireless networks are great for allowing laptop computers or remote computers to connect to the
LAN. Wireless networks are also beneficial in older buildings where it may be difficult or
impossible to install cables.
The two most common types of infrared communications used in schools are line-of-sight and
scattered broadcast. Line-of-sight communication means that there must be an unblocked direct
line between the workstation and the transceiver. If a person walks within the line-of-sight while
there is a transmission, the information would need to be sent again. This kind of obstruction can
slow down the wireless network.
Scattered infrared communication is a broadcast of infrared transmissions sent out in multiple
directions that bounces off walls and ceilings until it eventually hits the receiver. Networking
communications with laser are virtually the same as line-of-sight infrared networks.
Wireless LANs have several disadvantages. They provide poor security, and are susceptible to
interference from lights and electronic devices. They are also slower than LANs using cabling.

(4)- Wide Area Network(WAN)

Wide area networks cover large distances. Most are constructed using leased facilities from
“Common Carriers” – for the state, it is generally Verizon. A WAN location, referred to as an
edge site, normally consists of a circuit (usually a T-1 1.544mb circuit), a channel subscriber unit
(CSU – sort of a modem for digital circuits), and a router. The site LAN is then connected to the
WAN router to provide users access to the network.
A wide area network is a network where a wide variety of resources are deployed across a large
domestic area or internationally. An example of this is a multinational business that uses a WAN
to interconnect their offices in different countries. The largest and best example of a WAN is the
Internet, which is the largest network in the world. The PSTN (Public Switched Telephone
Network) also is an extremely large network that is converging to use Internet technologies,
although not necessarily through the public Internet.

A Wide Area Network involves communication through the use of a wide range of different
technologies. These technologies include Point-to-Point WANs such as Point-to-Point Protocol
(PPP) and High-Level Data Link Control (HLDC), Frame Relay, ATM (Asynchronous Transfer
Mode) and Sonet (Synchronous Optical Network). The difference between the WAN
technologies is based on the switching capabilities they perform and the speed at which sending
and receiving bits of information (data) occur.
(5)- Metropolitan Area Network(MAN)
Metropolitan area networks, or MANs, are large computer networks usually spanning a city.
They typically use wireless infrastructure or Optical fiber connections to link their sites.

The IEEE 802-2001 standard describes a MAN as being:

A MAN is optimized for a larger geographical area than is a LAN, ranging from
“ several blocks of buildings to entire cities. As with local networks, MANs can also
depend on communications channels of moderate-to-high data rates. A MAN might
be owned and operated by a single organization, but it usually will be used by many
individuals and organizations. MANs might also be owned and operated as public
utilities. They will often provide means for internetworking of local networks. ”
Some technologies used for this purpose are ATM, FDDI, and SMDS. These older technologies
are in the process of being displaced by Ethernet-based MANs (e.g. Metro Ethernet) in most
areas. MAN links between LANs have been built without cables using either microwave, radio,
or infra-red laser links.

DQDB, Distributed Queue Dual Bus, is the Metropolitan Area Network standard for data
communication. It is specified in the IEEE 802.6 standard. Using DQDB, networks can be up to
30 miles long and operate at speeds of 34 to 155 Mbit/s.

A MAN is generally a very high speed network that encompasses a city area. For the state, the
Augusta area is considered a MAN. AMHI, EDOC, the Capitol campus, and CMCC are all
interconnected via fiber optics running at GIG-E or 100mb Ethernet. When reference is
made to the core routing switches, it refers to the four main switches that control the center of
the entire state network.
(6)- OSI Model

The OSI model is based on the proposal developed by the International Standards Organization
as a first step toward international standardization of the protocols used in various layers. The
model is also called ISO OSI (Open system Interconnection ) Reference Model.
 SEVEN LAYERS OF OSI MODEL

Layer 7: Application Layer

The Application layer is closest to the end user. It provides a means for the user to access
information on the network through an application. This layer is the main interface for the user(s)
to interact with the application and therefore the network. Some examples of application layer
implementations include Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer
Protocol (SMTP).

Layer 6: Presentation Layer

The Presentation layer transforms data to provide a standard interface for the Application layer.
MIME encoding, data compression, data encryption and similar manipulation of the presentation
is done at this layer to present the data as a service or protocol developer sees fit. Examples:
converting an EBCDIC-coded text file to an ASCII-coded file, or serializing objects and other
data structures into and out of XML.

Layer 5: Session Layer

The Session layer controls the dialogues (sessions) between computers. It establishes, manages
and terminates the connections between the local and remote application. It provides for either
duplex or half-duplex operation and establishes checkpointing, adjournment, termination, and
restart procedures. The OSI model made this layer responsible for "graceful close" of sessions,
which is a property of TCP, and also for session checkpointing and recovery, which is not
usually used in the Internet protocol suite.

Layer 4: Transport Layer

The Transport layer provides transparent transfer of data between end users, thus relieving the
upper layers from any concern while providing reliable and cost-effective data transfer. The
transport layer controls the reliability of a given link. Some protocols are state and connection
orientated. This means that the transport layer can keep track of the packets and retransmit those
that fail. The best known example of a layer 4 protocol is TCP. It is the layer that converts
messages into TCP or UDP packets.

Layer 3: Network Layer

The Network layer provides the functional and procedural means of transferring variable length
data sequences from a source to a destination via one or more networks while maintaining the
quality of service requested by the Transport layer. The Network layer performs network
routirng, flow control, segmentation/desegmentation, and error control functions. Routers
operate at this layer—sending data throughout the extended network and making the Internet
possible (there also exist layer 3 (or IP) switches). This is a logical addressing scheme – values
are chosen by the network engineer. The addressing scheme is hierarchical. The best known
example of a layer 3 protocol is the Internet Protocol (IP).

Layer 2: Data Link Layer

he Data Link layer provides the functional and procedural means to transfer data between
network entities and to detect and possibly correct errors that may occur in the Physical layer.
The addressing scheme is physical which means that the addresses (MAC address) are hard-
coded into the network cards at the time of manufacture. The addressing scheme is flat. Note:
The best known example of this is Ethernet. Other examples of data link protocols are HDLC
and ADCCP for point-to-point or packet-switched networks and Aloha for local area networks.
On IEEE 802 local area networks, and some non-IEEE 802 networks such as FDDI, this layer
may be split into a Media Access Control (MAC) layer and the IEEE 802.2 Logical Link Control
(LLC) layer.
This is the layer at which the bridges and switches operate. Connectivity is provided only among
locally attached network nodes. However, there's a reasonable argument to be made that these
really belong at "layer 2.5" rather than strictly at layer 2.
Layer 1: Physical Layer
The Physical layer defines all the electrical and physical specifications for devices. This includes
the layout of pins, voltages, and cable specifications. Hubs, repeaters, netwrork adapters and
Host Bus Adapters (HBAs used in Storage Area Networks) are physical-layer devices. The major
functions and services performed by the physical layer are:
• establishment and termination of a connection to a communications medium.
• participation in the process whereby the communication resources are effectively shared
among multiple users. For example, contention resolution and flow control.
• modulation, or conversion between the representation of digital data in user equipment
and the corresponding signals transmitted over a communications channel. These are
signals operating over the physical cabling—copper and fiber optic, for example—or
over a radio link.

(7)- TCP/IP Model

The layers near the top are logically closer to the user application (as opposed to the human user)
while those near the bottom are logically closer to the physical transmission of the data. Viewing
layers as providing or consuming a service is a method of abstraction to isolate upper layer
protocols from the nitty gritty detail of transmitting bits over, say, Ethernet and collision
detection while the lower layers avoid having to know the details of each and every application
and its protocol.
IP suite stack showing the physical network connection of two hosts via two routers
and the corresponding layers used at each hop

Sample encapsulation of data within a UDP datagram within an IP packet

This abstraction also allows upper layers to provide services that the lower layers cannot, or
choose not, to provide. Again, the original OSI Reference Model was extended to included
connectionless services (OSIRM CL) [5] For example, IP is not designed to be reliable and is a
best effort delivery protocol. This means that all transport layers must choose whether or not to
provide reliability and to what degree. UDP provides data integrity (via a checksum) but does not
guarantee delivery; TCP provides both data integrity and delivery guarantee (by retransmitting
until the receiver receives the packet).
This model lacks the formalism of the OSI Reference Model and associated documents, but the
IETF does not use a formal model and does not consider this a limitation, as in the comment by
David D. Clark, "We don't believe in kings, presidents, or voting. We believe in rough consensus
and running code." Criticisms of this model, which have been made with respect to the OSI
Reference Model, often do not consider ISO's later extensions to that model.

1. For multiaccess links with their own addressing systems (e.g. Ethernet) an address
mapping protocol is needed. Such protocols can be considered to be below IP but above
the existing link system. While the IETF does not use the terminology, this is a
subnetwork dependent convergence facility according to an extension to the OSI model,
the Internal Organization of the Network Layer (IONL) [6].
2. ICMP & IGMP operate on top of IP but do not transport data like UDP or TCP. Again,
this functionality exists as layer management extensions to the OSI model, in its
Management Framework (OSIRM MF) [7]
3. The SSL/TLS library operates above the transport layer (utilizes TCP) but below
application protocols. Again, there was no intention, on the part of the designers of these
protocols, to comply with OSI architecture.
4. The link is treated like a black box here. This is fine for discussing IP (since the whole
point of IP is it will run over virtually anything). The IETF explicitly does not intend to
discuss transmission systems, which is a less academic but practical alternative to the OSI
Reference Model.

OSI and TCP/IP Layering Differences

The three top layers in the OSI model - the application layer, the presentation layer and the
session layer - usually are lumped into one layer in the TCP/IP model. While some pure OSI
protocol applications, such as X.400, also lumped them together, there is no requirement that a
TCP/IP protocol stack needs to be monolithic above the transport layer. For example, the
Network File System (NFS) application protocol runs over the eXternal Data Representation
(XDR) presentation protocol, which, in turn, runs over a protocol with session layer
functionality, Remote Procedure Call (RPC). RPC provides reliable record transmission, so it
can run safely over the best-effort User Datagram Protocol (UDP) transport.

The session layer roughly corresponds to the Telnet virtual terminal functionality, which is part
of text based protocols such as HTTP and SMTP TCP/IP model application layer protocols. It
also corresponds to TCP and UDP port numbering, which is considered as part of the transport
layer in the TCP/IP model. The presentation layer has similarities to the MIME standard, which
also is used in HTTP and SMTP.

Since the IETF protocol development effort is not concerned with strict layering, some of its
protocols may not appear to fit cleanly into the OSI model. These conflicts, however, are more
frequent when one only looks at the original OSI model, ISO 7498, without looking at the
annexes to this model (e.g., ISO 7498/4 Management Framework), or the ISO 8648 Internal
Organization of the Network Layer (IONL). When the IONL and Management Framework
documents are considered, the ICMP and IGMP are neatly defined as layer management
protocols for the network layer. In like manner, the IONL provides a structure for "subnetwork
dependent convergence facilities" such as ARP and RARP.

IETF protocols can be applied recursively, as demonstrated by tunneling protocols such as

Generic Routing Encapsulation (GRE). While basic OSI documents do not consider tunneling,
there is some concept of tunneling in yet another extension to the OSI architecture, specifically
the transport layer gateways within the International Standardized Profile framework [8]. The
associated OSI development effort, however, has been abandoned given the real-world adoption
of TCP/IP protocols.

Applicati ECHO, ENRP, FTP, Gopher, HTTP, NFS, RTSP, SIP, SMTP, SNMP, SSH,
7
on Telnet, Whois, XMPP

Presentat
6 XDR, ASN.1, SMB, AFP, NCP
ion

5 Session ASAP, TLS, SSL, ISO 8327 / CCITT X.225, RPC, NetBIOS, ASP

4 Transport TCP, UDP, RTP, SCTP, SPX, ATP, IL

3 Network IP, ICMP, IGMP, IPX, OSPF, RIP, IGRP, EIGRP, ARP, RARP, X.25

Ethernet, Token ring, HDLC, Frame relay, ISDN, ATM, 802.11 WiFi,
2 Data Link
FDDI, PPP

10BASE-T, 100BASE-T, 1000BASE-T, SONET/SDH, G.709, T-carrier/E-

1 Physical
carrier, various 802.11 physical layers

The layers

The following is a description of each layer in the IP suite stack.

Application layer

The application layer is used by most programs for network communication. Data is passed from
the program in an application-specific format, then encapsulated into a transport layer protocol.

Since the IP stack has no layers between the application and transport layers, the application
layer must include any protocols that act like the OSI's presentation and session layer protocols.
This is usually done through libraries.
Data sent over the network is passed into the application layer where it is encapsulated into the
application layer protocol. From there, the data is passed down into the lower layer protocol of
the transport layer.

The two most common lower layer protocols are TCP and UDP. Common servers have specific
ports assigned to them (HTTP has port 80; FTP has port 21; etc.) while clients use ephemeral
ports.

Routers and switches do not utilize this layer but bandwidth throttling applications do, as with
the Resource Reservation Protocol (RSVP).

Transport layer

The transport layer's responsibilities include end-to-end message transfer capabilities

independent of the underlying network, along with error control, fragmentation and flow control.
End to end message transmission or connecting applications at the transport layer can be
categorized as either:

1. connection-oriented e.g. TCP

2. connectionless e.g UDP

The transport layer can be thought of literally as a transport mechanism e.g. a vehicle whose
responsibility is to make sure that its contents (passengers/goods) reach its destination safely and
soundly, unless a higher or lower layer is responsible for safe delivery. Some applications, such
as Voice Over IP (VOIP) can tolerate dropped packets, but not delay or reordering that would be
caused by a reliable transport.

The transport layer provides this service of connecting applications together through the use of
ports. Since IP provides only a best effort delivery, the transport layer is the first layer of the
TCP/IP stack to offer reliability. Note that IP can run over a reliable data link protocol such as
the High-Level Data Link Control (HDLC). Protocols above transport, such as RPC, also can
provide reliability.

For example, TCP is a connection-oriented protocol that addresses numerous reliability issues to
provide a reliable byte stream:

• data arrives in-order

• data has minimal error (i.e correctness)
• duplicate data is discarded
• lost/discarded packets are resent
• includes traffic congestion control

The newer SCTP is also a "reliable", connection-oriented, transport mechanism. It is stream-

oriented — not byte-oriented like TCP — and provides multiple streams multiplexed over a
single connection. It also provides multi-homing support, in which a connection end can be
represented by multiple IP addresses (representing multiple physical interfaces), such that if one
fails, the connection is not interrupted. It was developed initially for telephony applications (to
transport SS7 over IP), but can also be used for other applications.

UDP is a connectionless datagram protocol. Like IP, it is a best effort or "unreliable" protocol.
Reliability is addressed through error detection using a weak checksum algorithm. UDP is
typically used for applications such as streaming media (audio and video, etc) where on-time
arrival is more important than reliability, or for simple query/response applications like DNS
lookups, where the overhead of setting up a reliable connection is disproportionately large.

Both TCP and UDP are used to carry a number of higher-level applications. The applications at
any given network address are distinguished by their TCP or UDP port. By convention certain
well known ports are associated with specific applications. (See List of TCP and UDP port
numbers.)

RTP is a datagram protocol that is designed for real-time data such as streaming audio and video.

Network layer

As originally defined, the Network layer solves the problem of getting packets across a single
network. Examples of such protocols are X.25, and the ARPANET's Host/IMP Protocol.

With the advent of the concept of internetworking, additional functionality was added to this
layer, namely getting data from the source network to the destination network. This generally
involves routing the packet across a network of networks, known as an internetwork or (lower-
case) internet.[9]

In the Internet protocol suite, IP performs the basic task of getting packets of data from source to
destination. IP can carry data for a number of different upper layer protocols; these protocols are
each identified by a unique protocol number: ICMP and IGMP are protocols 1 and 2,
respectively.

Some of the protocols carried by IP, such as ICMP (used to transmit diagnostic information
about IP transmission) and IGMP (used to manage IP Multicast data) are layered on top of IP but
perform internetwork layer functions, illustrating an incompatibility between the Internet and the
IP stack and OSI model. All routing protocols, such as OSPF, and RIP are also part of the
network layer. What makes them part of the network layer is that their payload is totally
concerned with management of the network layer. The particular encapsulation of that payload is
irrelevant for layering purposes.

Data link layer

The link layer, which is the method used to move packets from the network layer on two
different hosts, is not really part of the Internet protocol suite, because IP can run over a variety
of different link layers. The processes of transmitting packets on a given link layer and receiving
packets from a given link layer can be controlled both in the software device driver for the
network card, as well as on firmware or specialist chipsets. These will perform data link
functions such as adding a packet header to prepare it for transmission, then actually transmit the
frame over a physical medium.

For Internet access over a dial-up modem, IP packets are usually transmitted using PPP. For
broadband Internet access such as ADSL or cable modems, PPPoE is often used. On a local
wired network, Ethernet is usually used, and on local wireless networks, IEEE 802.11 is usually
used. For wide-area networks, either PPP over T-carrier or E-carrier lines, Frame relay, ATM, or
packet over SONET/SDH (POS) are often used.

The link layer can also be the layer where packets are intercepted to be sent over a virtual private
network. When this is done, the link layer data is considered the application data and proceeds
back down the IP stack for actual transmission. On the receiving end, the data goes up the IP
stack twice (once for routing and the second time for the VPN).

The link layer can also be considered to include the physical layer, which is made up of the
actual physical network components (hubs, repeaters, fiber optic cable, coaxial cable, network
cards, Host Bus Adapter cards and the associated network connectors: RJ-45, BNC, etc), and the
low level specifications for the signals (voltage levels, frequencies, etc).

Physical layer

The Physical layer is responsible for encoding and transmission of data over network
communications media. It operates with data in the form of bits that are sent from the Physical
layer of the sending (source) device and received at the Physical layer of the destination device.

Ethernet, Token Ring, SCSI, hubs, repeaters, cables and connectors are standard network devices
that function at the Physical layer. The Physical layer is also considered the domain of many
hardware-related network design issues, such as LAN and WAN topology and wireless
technology.
(8)- Networking Equipments
(a)- Hubs

Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports. When a
packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see
all packets.
A passive hub serves simply as a conduit for the data, enabling it to go from one device (or
segment) to another. So-called intelligent hubs include additional features that enables an
administrator to monitor the traffic passing through the hub and to configure each port in the
hub. Intelligent hubs are also called manageable hubs.
A third type of hub, called a switching hub, actually reads the destination address of each packet
and then forwards the packet to the correct port.
A hub is an "unintelligent" broadcast device -- any packet entering any port of the HUB is
broadcast out on every port except source port. Hubs do not manage any of the traffic that comes
through their ports. Since every packet is constantly being sent out through every port, there are a
lot of packet collisions, which greatly impedes the smooth flow of traffic on the LAN. The
arrangement is shown below:

When a hub receives a packet (chunk) of data (a frame in Ethernet) at one of its ports from a PC
on the network, it transmits (repeats) the packet to all of its ports and, thus, to all of the other PCs
on the network. If two or more PCs on the network try to send packets at the same time a
collision is said to occur. When that happens all of the PCs have to go though a routine to
resolve the conflict. The process is prescribed in the Ethernet Carrier Sense Multiple Access
with Collision Detection (CSMA/CD) protocol. Each Ethernet Adapter has both a receiver and a
transmitter. If the adapters didn't have to listen with their receivers for collisions they would be
able to send data at the same time they are receiving it (full duplex). Because they have to
operate at half duplex (data flows one way at a time) and a hub retransmits data from one PC to
all of the PCs, the maximum bandwidth is 100 MHz and that bandwidth is shared by all of the
PC's connected to the hub. The result is when a person using a computer on a hub downloads a
large file or group of files from another computer the network becomes congested. In a 10 MHz
10Base-T network the affect is to slow the network to nearly a crawl.
(b)- Switches
A network switch (or just switch for short) is a networking device that performs transparent
bridging (connection of multiple network segments with forwarding based on MAC addresses) at
full wire speed in hardware. The use of specially designed hardware also makes it possible to
have large numbers of ports (unlike a PC based bridge which is very limited by expansion slot
count).
If a network has only switches and no hubs then the collision domains are either reduced to a
single link or, if both ends support full duplex, eliminated altogether. The principle of a fast
hardware forwarding device with many ports can be extended to higher layers giving the
multilayer switch.
A network switch (or just switch for short) is a networking device that performs transparent
bridging (connection of multiple network segments with forwarding based on MAC addresses) at
full wire speed in hardware. The use of specially designed hardware also makes it possible to
have large numbers of ports (unlike a PC based bridge which is very limited by expansion slot
count).
If a network has only switches and no hubs then the collision domains are either reduced to a
single link or, if both ends support full duplex, eliminated altogether. The principle of a fast
hardware forwarding device with many ports can be extended to higher layers giving the
multilayer switch.
An Ethernet switch automatically divides the network into multiple segments, acts as a high-
speed, selective bridge between the segments, and supports simultaneous connections of multiple
pairs of computers, which don't compete with other pairs of computers for network bandwidth.
It accomplishes this by maintaining a table of each destination address and its port. When the
switch receives a packet, it reads the destination address from the header information in the
packet, establishes a temporary connection between the source and destination ports, sends the
packet on its way, and then terminates the connection. In short, switches have separate collision
domains (CD) and each pair of PCs is talking through a separate collision domain so no
collisions occur. Therefore multiple connections between various pairs of PCs can be established
simultaneously with no collisions occurring.Picture a switch as making multiple dedicated cable
connections between pairs of computers. High-speed electronics in the switch automatically
connect the end of one cable (source port) from a sending computer to the end of another cable
(destination port) going to the receiving computer on a per packet basis. Multiple connections
like this can occur simultaneously. It's as simple as that. And like a crossover cable between two
PCs, PC's on an Ethernet switch do not share the transmission media, do not experience
collisions or have to listen for them, can operate in a full-duplex mode, have bandwidth as high
as 200 Mbps, 100 Mbps each way, and do not share this bandwidth with other PCs on the
switch. In short, a switch is "much better."

(c)- Hubs vs. Switches

A hub, or repeater, is a fairly unsophisticated broadcast device. Any packet entering any port is
broadcast out on every port and thus hubs do not manage any of the traffic that comes
through their ports. Since every packet is constantly being sent out through every port, this
results in packet collisions, which greatly impedes the smooth flow of traffic.
A switch isolates ports, meaning that every received packet is sent out only to the port on which
the target may be found (assuming the proper port can be found; if it is not, then the switch will
broadcast the packet to all ports). Since the switch intelligently sends packets only where they
need to go the performance of the network can be greatly increased.
More expensive switches can also do several other operations, such as isolating ports from each
other by placing them in different VLANs, or allowing snooping by copying all packets on some
set of ports to a special "sniffer" port.
This leaves the question of when a switch is most appropriate, versus a hub. If most of the
network traffic involves only a few ports, then there will be little performance gain achieved by
upgrading from a hub to a switch. But if the traffic involves more than a few ports, using a
switch can yield a significant improvement in performance. Also, modern Fast Ethernet switches
designed for small office / home office (SOHO) use are priced comparably to hubs, making use
of a hub somewhat pointless if new equipment must be purchased anyway.

(d)- Router

A router is a computer networking device that forwards data packets across an internetwork
toward their destinations, through a process known as routing. Routing occurs at layer 3 (the
Network layer e.g. IP) of the OSI seven-layer protocol stack.
A router acts as a junction between two or more networks to transfer data packets among them.
A router is different from a switch. A switch connects devices to form a Local area network
(LAN). One easy illustration for the different functions of routers and switches is to think of
switches as neighborhood streets, and the router as the intersections with the street signs. Each
house on the street has an address within a range on the block. In the same way, a switch
connects various devices each with their own IP address(es) on a LAN. However, the switch
knows nothing about IP addresses except its own management address. Routers connect
networks together the way that on-ramps or major intersections connect streets to both highways
and freeways, etc. The street signs at the intersection (routing table) show which way the packets
need to flow.
Router

So for example, a router at home connects the Internet Service Provider's (ISP) network (usually
on an Internet address) together with the LAN in the home (typically using a range of private IP
addresses, see network address translation) and a single broadcast domain. The switch connects
devices together to form the LAN. Sometimes the switch and the router are combined together in
one single package sold as a multiple port router.

In order to route packets, a router communicates with other routers using routing protocols and
using this information creates and maintains a routing table. The routing table stores the best
routes to certain network destinations, the "routing metrics" associated with those routes, and the
path to the next hop router. See the routing article for a more detailed discussion of how this
works.
Routing is most commonly associated with the Internet Protocol, although other less-popular
routed protocols are in use
A router that connects clients to the Internet is called an edge router. A router that serves solely
to transmit data between other routers, e.g. inside the network of an Internet service provider, is
called a core router.

(d)- Bridge
A network bridge connects multiple network segments at the data link layer (layer 2) of the OSI
model. Bridges are similar to repeaters or network hubs, devices that connect network segments
at the physical layer, however a bridge works by using bridging where traffic from one network
is managed rather than simply rebroadcast to adjacent network segments. In Ethernet networks,
the term "bridge" formally means a device that behaves according to the IEEE 802.1D standard -
this is most often referred to as a network switch in marketing literature.

Since bridging takes place at the data link layer of the OSI model, a bridge processes the
information from each frame of data it receives. In an Ethernet frame, this provides the MAC
address of the frame's source and destination. Bridges use two methods to resolve the network
segment that a MAC address belongs to.

• Transparent bridging – This method uses a forwarding database to send frames across
network segments. The forwarding database is initially empty and entries in the database
are built as the bridge receives frames. If an address entry is not found in the forwarding
database, the frame is rebroadcast to all ports of the bridge, forwarding the frame to all
segments except the source address. By means of these broadcast frames, the destination
network will respond and a route will be created. Along with recording the network
segment to which a particular frame is to be sent, bridges may also record a bandwidth
metric to avoid looping when multiple paths are available. Devices that have this
transparent bridging functionality are also known as adaptive bridges.

• Source route bridging – With source route bridging two frame types are used in order to
find the route to the destination network segment. Single-Route (SR) frames comprise
most of the network traffic and have set destinations, while All-Route(AR) frames are
used to find routes. Bridges send AR frames by broadcasting on all network branches;
each step of the followed route is registered by the bridge performing it. Each frame has a
maximum hop count, which is determined to be greater than the diameter of the network
graph, and is decremented by each bridge. Frames are dropped when this hop count
reaches zero, to avoid indefinite looping of AR frames. The first AR frame which reaches
its destination is considered to have followed the best route, and the route can be used for
subsequent SR frames; the other AR frames are discarded. This method of locating a
destination network can allow for indirect load balancing among multiple bridges
connecting two networks. The more a bridge is loaded, the less likely it is to take part in
the route finding process for a new destination as it will be slow to forward packets. A
new AR packet will find a different route over a less busy path if one exists. This method
is very different from transparent bridge usage, where redundant bridges will be
inactivated; however, more overhead is introduced to find routes, and space is wasted to
store them in frames. A switch with a faster backplane can be just as good for
performance, if not for fault tolerance.

(e)- Bridges vs. Routers

Bridging and Routing are both ways of performing data control, but work through different
methods. Bridging takes place at OSI Model Layer 2 (Data-Link Layer) while Routing takes
place at the OSI Model Layer 3 (Network Layer). This difference means that a bridge directs
frames according to hardware assigned MAC addresses while a router makes its decisions
according to arbitrarily assigned IP Addresses. As a result of this, bridges are not concerned with
and are unable to distinguish networks while routers can.

When designing a network, you can choose to put multiple segments into one bridged network or
to divide it into different networks interconnected by routers. If a host is physically moved from
one network area to another in a routed network, it has to get a new IP address; if this system is
moved within a bridged network, it doesn't have to reconfigure anything.
(f)- Network Interface Card (NIC)
A network card, network adapter or NIC (network interface card) is a piece of computer
hardware designed to allow computers to communicate over a computer network. It provides
physical access to a networking medium and provides a low-level addressing system through the
use of MAC addresses. It allows users to connect to each other either by using cables or
wirelessly.

(9)- Internet Protocol Addressing

GENERAL IP ADDRESSING ARCHITECTURE

As implied by its name, the IP (Internet Protocol) address is the mean to address someone over
the Internet.When you browse the web, you type an address that contains letters, numbers and
some signs.The address is then translated to an IP address by a protocol named DNS (Domain
Name Service) which is out of the scope of this tutorialEvery computer connected to the Internet
has a different IP address An IP address is actually a 32-bit numeric value.
Usually, for convenience, it is presented in DECIMAL DOT NOTATION:4 octets (bytes)
separated by dots.

As each number is represented by an octet (8 bits), its values ranging 0 - 255Each physical
network has its own unique network address, in which every host (computer \ router \ bridge) has
its own unique ID, hence, each host has its own unique address.Routers or gateways can have
one or more addresses depending upon the number of links they can maintain. An IP address is
therefore a combination of network and host identifications.

FORMS OF IP ADDRESSING
When the internet was just starting out, it was thought that order is needed.
IP addresses were classified into 5 categories or Classes. As such, there are five forms of IP
addresses:

Class & description

Class A:
126 networks, each can have up to (16M-2) nodes.

The address range lies from (1.0.0.0 - 127.255.255.255)

Class A IP addresses are chosen for huge networks.

Class B:

(16K-2) Networks can have up to (64K-2) nodes

The address range lies from (128.0.0.0 - 191.255.255.255)

These IP addresses are used for pretty large networks.

Class C:
(2M-2) Networks, each can have up to 254 nodes.

The address range lies from (192.0.0.0 - 223.255.255.255)

The IP addresses are used for Medium & Small networks.

Class D:
A multicast address.

The address range lies from (224.0.0.0 - 239.255.255.255)

Multicast is sending the same content to many users at once (like watching TV)

Class E:
This class of IP addressing is reserved for future use.
The address range would lies from (240.0.0.0 - 247.255.255.255)

A few conventions:
1) By convention we don't use series of 0 or of 1 as legal address!
2) By convention we save the address 127.0.0.0 for loopback

3) The address 0.0.0.0 is used to represent a default route.

4) The maximum number of nodes on each net is (2^n)-2 when n is number of bits for host ID.
Ip address formats
For example:
The address (binary) - 10000000 00000111 00001111 00000001

DECIMAL DOT NOTATION: 128.7.15.1

Therefore it belongs to: Class B addresses

Its Network-id is: 128.7

Its Host-id is: 15.1

Special forms of Internet Addresses

There are certain addresses that are not in use.

Other than that, there are special prefixes or addresses as follows:

0.0.0.0 - This host.

0.host_number - host on this net

255.255.255.255 - Limited broadcast * (local net).

Net_number.255 - Directed broadcast for the specified net

127.anything - Loop-back within the computer (should never appear on the net). Is used for
internal testing.

Broadcast: Sending the same message at once to all hosts connected to a specified
network.

IP Addresses assignment example

In the Picture above you can see at least 3 networks:

The upper one is Local Area Network (LAN) organized in bus topology

This Net ID is 212.55.12 (Class C), and it has 4 hosts, each has different Host ID.

The lower net on the right hand side is organized in ring topology.

Its Net ID is 128.22 (Class B), and it has 5 hosts.On the lower left hand side you can see a LAN
in star topology (net ID is 135.45- Class B), consists of 3 independent hosts, and a server,
connecting two other hosts.All networks are connected to a router, connecting them to the
Internet backbone.

IP Subnetting
Subnetting is a Technique used to allow a single IP network address to span multiple physical
networks. Subnetting was invented in order to use the IP address space (the one discussed here is
v4) in a better, less wasteful way, allowing addressing even though the number of hosts
connected to the internet at any given moment now is much larger than the one in the earlier days
of the internet, when the partition into classes took place. The original Classes method is very
wasteful - it uses merely 3% of the possible address space !!!
What is Subnetting all about:

Subnetting means using some of the bits of the host ID part in an IP address as a physical
network identifier.Subnetting is done by using some of the bits of the host-id part of the IP
address as a physical network identifier.The sequence of bits called a 'subnet mask' designates a
network identifier to a given network.All hosts on the same network should have the same subnet
mask, meaning the same prefix (expected length according to the net's size or number of hosts).
Subnetting better utilizes the address space by dividing these big networks to smaller ones.

An example of Subnetting:
The Class B network 128.10.0.0 can be subnetted using the first 8 bits of the host-id, to span 254
different physical networks.

The subnet mask for this case is 255.255.255.0

The subnet works are: 128.10.1.0, 128.10.2.0,..., 128.10.254.0 .

Each of the subnet works can have up to 254 different hosts:

128.10.XXX.1, 128.10.XXX.2,..., 128.10.XXX.254 .

If there is a need for less physical nets and more hosts in each one, less host-id bits can be used
for subnetting.

For example:

With the subnet mask 255.255.254.0,

126 different subnets are available with up to 510 hosts in each one.Many Class A and B
networks do not contain as many hosts as they could. This situation causes a lot of address space
waste

Dividing a single Class B network into two sub-networks:

All Gateways except G (Which is physically interconnecting the networks) route as if there was
a single physical network.

IP version 4

IPv4 only uses 32-bit (4 byte) addresses, which limits the address space to 4,294,967,296 (232)
possible unique addresses. However, many are reserved for special purposes, such as private
networks (~18 million addresses) or multicast addresses (~270 million addresses). This reduces
the number of addresses that can be allocated as public Internet addresses, and as the number of
addresses available is consumed, an IPv4 address shortage appears to be inevitable in the long
run. This limitation has helped stimulate the push towards IPv6, which is currently in the early
stages of deployment and is currently the only contender to replace IPv4.

Example: 127.0.0.1 (Loopback)

IP version 6

IPv6 is the new standard protocol for the Internet. Windows Vista, Apple Computer's Mac OS X,
and an increasing range of Linux distributions include native support for the protocol, but it is
not yet widely deployed elsewhere.

Addresses are 128 bits (16 bytes) wide, which, even with a generous assignment of netblocks,
will more than suffice for the foreseeable future. In theory, there would be exactly 2128, or about
3.403 × 1038 unique host interface addresses. Further, this large address space will be sparsely
populated, which makes it possible to again encode more routing information into the addresses
themselves.
Example: 2001:0db8:85a3:08d3:1319:8a2e:0370:7334

One source[1] notes that there will exist "roughly 5,000 addresses for every square micrometer of
the Earth's surface". This enormous magnitude of available IP addresses will be sufficiently large
for the indefinite future, even though mobile phones, cars and all types of personal devices are
coming to rely on the Internet for everyday purposes.

The above source, however, involves a common misperception about the IPv6 architecture. Its
large address space is not intended to provide unique addresses for every possible point. Rather,
the addressing architecture is such that it allows large blocks to be assigned for specific purposes
and, where appropriate, aggregated for provider routing. With a large address space, there is not
the need to have complex address conservation methods as used in classless inter-domain routing
(CIDR).

(10)- Network Security

Company information is as valuable a company asset as money in the bank. In fact, some
information can be even more valuable than cash. So protecting the company’s information with
appropriate security is critical to business success. This backgrounder will provide a basic
introduction to data and network security; however, it is only intended as an introductory primer
so business owners and managers can begin to understand the complexity of managing security.

Security exists on many layers. Network security considerations begin with (but are not limited
to) a range of considerations including:

how company office facilities are selected and maintained,

how potential employees are screened,
the remote access policy to the company’s systems and information, and
what kind of encryption and firewalls are provided in the corporate network.

Best-practice security isn’t just good business - in some cases, it’s also the law. And the legal
requirements are different for specific industries and between different jurisdictions. For
example, the Health Insurance Portability and Accountability Act (HIPAA) sets requirements for
patient privacy in the United States. In California, privacy laws prohibit financial institutions
from sharing personal financial information with unaffiliated third party partners without the
consumer’s consent. And in Europe, privacy laws protect certain employee information—even to
the point where inappropriately sharing an employee’s name and location in a company directory
can be considered a violation.

So when considering security, it is important to consider business policy and practices, legal
requirements, and technology. This technology backgrounder will introduce some of the
technical aspects to consider in network security, with a particular focus on network security for
small and medium-sized business.
Network security is a complicated subject, historically only tackled by well-trained and
experienced experts. However, as more and more people become ``wired'', an increasing number
of people need to understand the basics of security in a networked world. This document was
written with the basic computer user and information systems manager in mind, explaining the
concepts needed to read through the hype in the marketplace and understand risks and how to
deal with them. Some history of networking is included, as well as an introduction to TCP/IP and
internetworking . We go on to consider risk management, network threats, firewalls, and more
special-purpose secure networking devices. This is not intended to be a ``frequently asked
questions'' reference, nor is it a ``hands-on'' document describing how to accomplish specific
functionality. It is hoped that the reader will have a wider perspective on security in general, and
better understand how to reduce and manage risk personally, at home, and in the workplace.

(11)- Firewall Basics

Having an up-to-date anti-virus program in place is the first and most basic line of defense in
your computer. Without it, your computer will sooner or later be contaminated with virus
software. The resulting problem may be anywhere from annoying to disastrous. It is an essential
line of defense, but it is by no means the answer to all your problems.

Unfortunately for those of us who seek to improve the quality of life for everyone, there are
those who, for some reason of their own, intend to make life worse for everyone. This group
includes the "cracker" or "script kiddy" whose intention is to break into your computer and leave
a mark by destroying something of value to you.

Don't confuse these characters with the "hackers" of old. "Hackers" intent was to break the lock
and open the door by using their wit and wiles. The "cracker" or "script kiddy" intends only to
get into your computer -- probably using some tool found on the internet, the workings of which
they probably don't understand in the least -- and having opened the door, steal or destroy all
they can. This malicious intent is what makes these characters so dangerous to your computer.

You need to add a firewall to your defensive strategy. A firewall makes things a lot more
difficult for the invader to get into the computer. While there is no such thing as a fully secure
internet connected computer, you can get pretty close with good firewall protection. The idea is
to make your defenses strong enough that the next person's computer is an easier target so the
typical assailant will go for it and give up on yours. The highly skilled cracker isn't likely to
spend their energies going after your pc when there are banks and corporations to be had.

There are two categories of firewall than you can use. The first is a software firewall, the other
is a firewall built into an external device such as a router. Both have value.

A software firewall is a program that sits in your computer and monitors all traffic on your
internet connection. It only allows certain types of traffic through, thereby making it much
harder for the cracker to get their malicious code into your machine. Windows XP has a
firewall built in. If you go to the "Properties" dialog of your network connection, on the
"Advanced" tab you will find "Internet Connection Firewall". It is turned off by default. You
can turn it on with one click and it will already be configured suitably for a typical home use
machine. If you need to fine tune its rules, you can click on the "Settings" button and configure
the details of the firewall. The is also very informative help available (Click on "Learn more
about Internet Connection Firewall" on the "Advanced" tab.)

There are plenty of software firewalls available on the Internet. Stay away from those produced
by small or less well known manufacturers unless you can be certain of the quality of their work
and that they have not provided themselves a "back door" (a means whereby they can get
through their own firewall.) Two of the better known firewalls are Zone Alarm and Black Ice
Defender. If you use one of these firewalls, make sure you stay up to date with updates and
patches. (Windows' built-in firewall is updated by Windows Update, which you, of course,
already use.)

There is no reason not to use a software firewall in your computer, unless some specific program
that you require prevents its use. It is usually better to use the firewall and tweak the
configurations of both the firewall and the other program until they work together, rather than to
not use the firewall. A software firewall in your PC is a good thing to use even if you have an
external firewall. There is no such thing as a PC that is "too secure".

External firewalls, like those built into better routers, are very simple to use. If you have a
broadband connection and use such a router, it will not only provide a pretty good level of
protection for you, but also enable you to share your connection with several computers. These
devices have dropped dramatically is price over the past few years and are now well within the
means of a typical home PC owner. I highly recommend that you use one, even if you don't need
the sharing capability. They are a quick and easy way to provide a barrier between your PC and
the hostile world of the net.

Two guys find themselves trapped in a cave with a mountain lion sitting just outside the
entrance. After two days of the cat not leaving, they decide they will have to make a run for it.
"Wait while I put on my running shoes," says the one of them. "What's the point?" comes the
reply, "even with them on, you'll never outrun a mountain lion." "I'm not trying to outrun a
mountain lion," says the first.Such is the defensive strategy of firewalls! While they may never
be a 100% block, they will make you a harder target than the next guy. Don't be the easy target!
A firewall is a hardware or software device which is configured to permit, deny, or proxy data
through a computer network which has different levels of trust.

Function

A firewall's basic task is to regulate the flow of traffic between computer networks of different
trust levels. Typical examples are the Internet which is a zone with no trust and an internal
network which is a zone of higher trust. A zone with an intermediate trust level, situated between
the Internet and a trusted internal network, is often referred to as a "perimeter network" or
Demilitarized zone (DMZ).
A firewall's function within a network is similar to firewalls with fire door in building
construction. In former case, it is used to prevent network intrusion to the private network. In
latter case, it is intended to contain and delay structural fire from spreading to adjacent
structures.

Without proper configuration, a firewall can often become worthless. Standard security practices
dictate a "default-deny" firewall ruleset, in which the only network connections which are
allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration
requires detailed understanding of the network applications and endpoints required for the
organization's day-to-day operation. Many businesses lack such understanding, and therefore
implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically
blocked. This configuration makes inadvertent network connections and system compromise
much more likely.