1

SUMMER TRAINING PROJECT REPORT

ON

“BASICS OF NETWORKING AND COMPUTER ADMINISTRATION”

Bachelor of Technology

in

Computer Science Engineering

AS A PART OF SIX WEEKS IN-HOUSE TRAINING

Maharaja Surajmal Institute of Technology

Guru Gobind Singh Indraprastha University

(2008-2012)

2

ACKNOWLEDGEMENT

With great pleasure, I express my heartiest thanks to MR.N.P.SINGH, for giving me an

opportunity to work under his guidance in their esteem organization and providing me

necessary resources for my project. It makes me feel proud to have worked as a part of

BSES/BYPL, Karkardooma, Delhi.

I also have the honor of drawing invaluable support of MR.HEMANT CHATTERJEE

without whose unrelated support and guidance, this project would just not have been

possible. No words of appreciation are good enough for the constant encouragement,

which I have received from him. He also taught me and provided all the necessary

information regarding my project.

I would also like to express my extreme gratitude to MR.KUMAR GAURAV and

MR.LALIT BANTHAL for their inspiring and supporting guidance throughout the

course of my summer training.

I would like to thank all the staff and the members of BSES/BYPL.

At last I would like to extend my sincere thanks to all the respondents to whom I visited

for giving their support and valuable information, which helped in completing my

project report.

3

PREFACE

As a part of the partial fulfillment of the B.Tech (C.S.E) program at Maharaja Surajmal

Institute of Technology, Janakpuri, 6 weeks summer training was done with

BSES/BYPL Karkardooma (Head Office), Delhi.

My aim during this summer training was to get acquainted with the industrial

environment and learn about the basics of computer networking and troubleshooting

and gain practical knowledge of the same.

This project report describes what was learnt at the above mentioned organization. The

report describes in detail fundamentals of networking, basic computer administration

and troubleshooting.

4

INDEX

S.NO. TOPIC PAGE NO.

i. Acknowledgement 2

ii. Preface 3

iii. Certificate

1. Company Profile 6

2. Softwares used in BSES 7

3. Introduction to Networking 10

What is networking?

Benefits of networking

4. Categories of networks 11

LAN

WAN

MAN

Internetwork

Client-Server

Peer-to-Peer

5. Network topologies 16

Star topology

Bus topology

Ring topology

Mesh topology

6. Networking Hardware 19

Hub

Switch

Repeater

Bridge

Brouter

Gateway

NIC

7. Network Architectures 26

Ethernet

Token Ring

FDDI

ATM

LocalTalk

8. Cables used in Networking 30

Twisted Pair cable

STP cable

5

UTP cable

Coaxial cable

Fiber optic cable

Wireless LAN

9. OSI 36

What is it and why is it important?

7 layers of the OSI model

Physical Layer

Data Link Layer

Network Layer

Transport Layer

Session Layer

Presentation Layer

Application Layer

10. Protocols 45

DHCP

TCP/IP suite

TCP

IP

IP addressing

Subnetting

IPv6

UDP

DNS

11. Sharing resources in a network 54

12. Network Troubleshooting 55

13. Basic administration 58

Formatting

Partitioning

Booting

File systems 62

Computer Management 66

Installation of softwares by domain users 68

Registry Editor 68

Group Policy 70

Back up 71

14. Troubleshooting 72

Remote Assistance 75

iv. Bibliography 76

6

COMPANY PROFILE

BSES-YPL stands for Bombay Sub-urban Electricity Services Yamuna Power Limited.

It is a Public Private Partnership (PPP) organization and is the smallest of the three

private distribution companies (discoms) in Delhi. The company supplies electricity to

over 10.46 lakh customers, covering a population base of nearly 42 lakh in Central and

East Delhi. For better management of its customer base, the company serves its

customers through three circles, further subdivided into 14 Divisions, each managed by

an empowered group of officials. The department categorization in BSES YPL at each

division is as follows:

Admin

Human Resources (HR)

Information Technology (IT)

Finance & Accounts

EHV

Customer Care

O & M, etc...

The IT department provides support to all other departments. IT department provides

support for computer hardware, networking, softwares, maintenance and

troubleshooting. The various technologies and processes used in the company are:

System Operation- SCADA (Supervisory Control And Data Acquisition), DMS,

OMS, GIS (Geographic Information System)

Communication - V-SAT, GSM/CDMA based AMR, Fiber Optic, wireless

Business- Meter to Cash, CAS, IVRS, Web based services

Metering - e-meters, pre-paid, Energy Audit

Common Services - SAP, Admin, Legal, Call center

Information Technology – Software, Hardware, Networks and Connectivity of

around 400 locations

Organization – e-mails (Lotus Notes), Cell Phones

BSES is a type of LAN. Each division in itself is a LAN. Networking plays a very

important role in the organization for sharing resources over the entire organization.

The main network server is located at the head office at Nehru Place with rest of the

divisions being domains. Karkardooma division has its own administrator and server

with all the remaining client PCs.

7

SOFTWARES USED IN BSES

The various softwares used in BSES are as follows:

1. SYMANTEC

It is the antivirus software used in BSES for protection of the computer data. Symantec

Version 11 is used. Scanning is scheduled itself for a particular date and time.

The IP address 10.8.51.60 is used for updation of the antivirus.

2. LOTUS NOTES 7.0.2

It is a very useful software for email purposes. Each domain user in the LAN network

has its own account with user id and password. This software is also used to log the

calls (troubleshooting problems faced by domain users) that are fulfilled by the IT

engineers.

FEATURES

Provides a robust and productive user experience with a single point of access

to email, calendars, contacts, activities, instant messaging, feeds, office

documents, collaboration tools and business applications.

Helps users manage their ever-growing inboxes effectively, with full-text

search, delegation, mail filtering and sorting, conversation views and flags.

Helps increase user productivity with customizable widgets that can recognize

specific patterns of text in Lotus Notes documents; recognized text can be

8

clicked to perform the appropriate business action associated with that widget,

such as retrieving information from a flight number in an e-mail.

Helps users instantly locate and connect with resources via presence awareness,

business cards and instant messaging incorporated in context within the inbox

and calendar.

Helps minimize or eliminate the impact of computer viruses through robust

security features.

Helps drive business value through composite application technology that

allows you to integrate and present line-of-business solutions and data from

multiple systems into a single view for end-users.

Helps users to be productive even when disconnected from the network with

advanced replication technology.

3. MS OFFICE 2003

MS OFFICE 2003 is used for basic office services like MS WORD, MS EXCEL,

MSPOWERPOINT, etc.. A customized installation is done.

4. WinZip and WinRAR

The WinZip and WinRAR softwares are used for file archiving and compressing,

archive managing, etc..

5. CAS

CAS is Consumer Application Support. This software is used in the consumer care

department for consumer related queries, complaints, electricity bills, metering,

electricity theft, GCC, etc... CAS installation is done by installing BAM, CAS and DLL

registration packages. Oracle 8i client is also customized installed before installation of

CAS since CAS requires Oracle platform to work on.

6. SAP

SAP stands for Systems Applications and Products. This software is now being used in

BSES in place of CAS for customer related queries. It is also used to create service

orders. The installation of SAP first requires the installation of Dot Net Framework.

7. WinVNC

The WinVNC software is the most important software in BSES as it is used for all

troubleshooting purposes. Whenever a user has any problem, troubleshooting is done

by taking VNC on another computer, that is, getting the complete desktop and access to

all resources of the user.

9

8. IPMessenger

The IPMessenger software version 2 is used in BSES within its own LAN. It is like any

other Messenger service (Yahoo, Gtalk, etc...) and is used for chatting and transferring

files. After installation, it can be simply configured by entering username, IP address

and group name.

9. SMART2K

The SMART2K software is very useful and used in BSES for calculation of the

electronic meter reading. It is used by the Consumer care department workers.

10

INTRODUCTION TO NETWORKING

WHAT IS A COMPUTER NETWORK?

A network is any collection of independent computers that communicate with one

another over a shared network medium. A computer network is a collection of two

or more connected computers. When these computers are joined in a network,

people can share files and peripherals such as modems, printers, tape backup drives,

or CD-ROM drives.

Every network includes:

At least two computers Server or Client workstation.

Networking Interface Card's (NIC)

A connection medium, usually a wire or cable, although wireless

communication between networked computers and peripherals is also possible.

Network Operating system software, such as Microsoft Windows NT or 2000,

Novell NetWare, Unix and Linux.

Other computer Computer LAN Card

Plotter

Modem

Networking Software

LAN

Cable

BENEFITS OF COMPUTER NETWORKING

Powerful, flexible collaboration

Freedom to choose the right tool

Cost-effective resource sharing

11

Secure management of sensitive information

Effective worldwide communications

Easy, immediate information dissemination

Worldwide, instantaneous access to information

CATEGORIES OF NETWORKS

LOCAL AREA NETWORK (LAN)

A Local Area Network (LAN) is a network that is confined to a relatively small

area. It is generally limited to a geographic area such as a school, an office or a building

campus. Rarely are LAN computers more than a mile apart.

A LAN connects network devices over a relatively short distance. A networked office

building, school, or home usually contains a single LAN, though sometimes one

building will contain a few small LANs, and occasionally a LAN will span a group of

nearby buildings. In IP networking, one can conceive of a LAN as a single IP subnet

(though this is not necessarily true in practice).

LANs are designed to allow resources to be shared between personal computers or

workstations. The resources to be shared can include hardware (such as printer or

scanner), software (such as an application program), or data.

Besides operating in a limited space, LANs include several other distinctive features.

LANs are typically owned, controlled, and managed by a single person or organization.

One of the computers may be given a large-capacity disk drive and may become a

server to the other client computers. Softwares can then be stored on this central server

and used as needed by the whole group.

In addition to size, LANs are distinguished from other types of networks by their

transmission media and topology. They generally only one type of transmission

medium and common LAN topologies like bus, star and ring. They also use certain

specific connectivity technologies, primarily Ethernet and Token Ring.

CAMPUS AREA NETWORK (CAN)

A campus network, campus area network, corporate area network or CAN is

a computer network made up of an interconnection of local area networks (LANs)

within a limited geographical area. The networking equipments (switches, routers) and

transmission media (optical fiber, copper plant, Cat5 cabling etc) are almost entirely

owned (by the campus tenant / owner: an enterprise, university, government etc).

12

For example, In the case of a university campus-based campus network, the network is

likely to link a variety of campus buildings including; academic departments,

the university library and student residence halls.

A campus area network is larger than a local area network but smaller than a

metropolitan area network (MAN) or wide area network (WAN).

Organizations do follow the strategy of CAN because they always try to maintain the

best outcome by investing less and with the wireless communication throughout their

building offices, they can manage their budget that they may be spending on the wiring,

hubs, switches etc. they can perform the same task by only connecting one or two

devices at their main office and providing signals to other departments which they can

use without any difficulty.

Campus Area networks (CAN) are economical, beneficial and easy to implement in the

specific kilometers of locality. It is very helpful for the universities and other corporate

organizations to work from any block and receive the same speed of data transfer.

METROPOLITAN AREA NETWORK (MAN)

Metropolitan Area Networks are networks that connect LANs together within a city by

using local exchange carriers. A MAN is a network with a size between a LAN and a

WAN.

It is designed for customers who need a high-speed connectivity, normally to the

Internet, and have endpoints spread over a city or part of city.

A good example of a MAN is the part of the telephone company network that can

provide a high-speed DSL line to the customer. Another example is the cable TV

network that originally was designed for cable TV, but today can also be used for high-

speed data connection to the Internet.

Local exchange carrier

Downtown office Warehouse

Router Router

13

WIDE AREA NETWORK (WAN)

Wide Area Network provides long-distance transmission of data, image audio and

video information over large geographic areas that may comprise a country, a continent

or even the whole world. A WAN like the Internet spans the whole world!

A WAN is a geographically-dispersed collection of LANs that uses long distance

carriers. A network device called a router connects LANs to a WAN. In IP networking,

the router maintains both a LAN address and a WAN address.

WANs differ from LANs in several important ways. Like the Internet, most WANs are

not owned by any one organization but rather exist under collective or distributed

ownership and management.

WANs can be of different types- switched WAN (X.25, Frame Relay, ATM) or point-

to-point WAN. The switched WAN connects the end systems, which usually comprise

a router that connects to another LAN or WAN. The point-to-point WAN is normally a

line leased from a telephone or cable TV provider that connects a home computer or a

small LAN to an Internet Service Provider (ISP). This type of WAN is often used to

provide Internet access.

Long distance carrier

India New Zealand

Router Router

INTERNETWORK

When two or more networks (LAN, WAN or MAN) are connected, they become an

Internetwork, or Internet. An internetwork has subnetworks (network segments) that

have different network addresses. Internetworking includes everything from connecting

two small workgroup networks, each with perhaps two or three workstations, to

connecting thousands of computers—from notebook computers to mainframes—on

tens to hundreds of individual segments in a worldwide organization.

14

CLIENT SERVER NETWORK

Client/server network operating systems allow the network to centralize functions and

applications in one or more dedicated file servers. The file servers become the heart of

the system, providing access to resources and providing security. Individual

workstations (clients) have access to the resources available on the file servers. The

network operating system provides the mechanism to integrate all the components of

the network and allow multiple users to simultaneously share the same resources

irrespective of physical location. Novell Netware and Windows 2000 Server are

examples of client/server network operating systems.

Advantages of client/server network:

Centralized - Resources and data security are controlled through the server.

Scalability - Any or all elements can be replaced individually as needs increase.

Flexibility - New technology can be easily integrated into system.

Interoperability - All components (client/network/server) work together.

Accessibility - Server can be accessed remotely and across multiple platforms.

Disadvantages of client/server network:

Expense - Requires initial investment in dedicated server.

Maintenance - Large networks will require a staff to ensure efficient operation.

Dependence - When server goes down, operations will cease across the

network.

Workstation Workstation

Server

Workstation Workstation

15

Client

Response

Query Search

Server Database

PEER-TO-PEER NETWORK

In peer-to-peer networks, each computer is considered as a server as well as a client and

holds its own accounts database. Each computer can share resources that it owns, like

files, CD-ROM drives, printers, modems and fax machines. Peer-to-peer network

operating systems allow users to share resources and files located on their computers

and to access shared resources found on other computers. However, they do not have a

file server or a centralized management source. In a peer-to-peer network, all

computers are considered equal; they all have the same abilities to use the resources

available on the network. Peer-to-peer networks are designed primarily for small to

medium local area networks. AppleShare and Windows for Workgroups are examples

of programs that can function as peer-to-peer network operating systems.

Advantages of peer-to-peer network:

Security responsibility of each workstation.

Each station runs the same software.

Each computer has its own accounts database.

Cheap and easy to set up for small groups.

No centralized server required.

Disadvantages of peer-to-peer network:

Decentralized - No central repository for files and applications.

Security - Does not provide the security available on a client/server network.

16

NETWORK TOPOLOGIES

Topology means the way components are connected. The network topology describes

the method used to do the physical wiring of the network, that is, the way the individual

computers or devices are connected. The main ones are: bus, star and ring.

The choice of topology is dependent on:

- Type and number of equipments being used.

- Planned applications and rate of data transfers

- Requires response times

- Money considerations

- Length of cable needed

- Type of cable used

- Future growth (adding new hosts)

STAR TOPOLOGY

- A star topology is characterized by the fact that all connections to hosts

radiate outward from a central connection device such as a hub or a switch

giving it appearance of a star.

- Centralized connection points make the star the favored topology of network

administrators. When one host on a star topology fails, no other hosts on the

network are affected. So it is robust and provides easy fault identification

and fault isolation.

- Centralized connection points also make network monitoring and

management easy.

- A star network is also very cost efficient since a network administrator only

needs to install cabling for current needs. This provides a great deal of

scalability for modern networks that need to adjust to dynamic business

environments.

- Adding an additional host to the network is as easy as installing a new cable

between the central connection device and the new host.

17

- The primary disadvantage of star topology is the single point of failure that

could render the network unusable, that is, dependency of the whole

topology on one single point, the hub.

- Star topology requires more cable length and is more expensive than a linear

topology.

- This type of topology is also referred to as a hub and spoke topology,

mirroring the concept that the spokes(links) radiate out from a central

connection point (a hub or a switch).

BUS TOPOLOGY

- In a bus topology, all the hosts are connected to a single physical link. The most

popular bus network is Ethernet in which physical link is a coaxial cable

connected to each host through a T-connector.

- The bus topology is inexpensive to build, and it is easy to add a new host to the

network just by tapping into the physical link. It also uses less cabling than

mesh or star topologies.

- The major disadvantage of a bus topology is that troubleshooting it is very

difficult due to stray communication signals that prevent hosts from transmitting

any further data onto the cable. Also, both ends of the network must be

terminated by a terminator.

- The bus topology has also limited capability to scale to changing network

requirements, difficult reconnection and fault isolation.

- This type of topology is normally used in 10BSE2 and 10BASE5 Ethernet

networks.

RING TOPOLOGY

18

- In this type of topology, there is no single cable or central connection point that

is common to every host on the network.

- When one host wants to transmit data to another, the data is passed on to the

adjacent host for use by the adjacent host, or for retransmission by multiple

hosts until the data finally arrives at the intended destination. Also each host has

equal access to the transmission media.

- The major advantage to a ring topology is that multiple hosts may be permitted

to transmit data at the same time.

- Another benefit of this topology is the lower signal generation between hosts

that are not physically close to each other.

- In a ring topology, the signal that travels from one host to another is regenerated

as it is retransmitted by each host while travelling through the long stretch of the

cable.

- The primary disadvantage of ring topology is that if one host on the network

fails, the entire network may fail (a break in the ring). Also, installing a new

host into the ring means there will be a period of time that the network will be

disabled due to break in the ring.

MESH TOPOLOGY

- In a mesh topology, every device has a dedicated point-to point link to every

other device.

19

- The use of dedicated links guarantees that each connection can carry its own

data load, thus eliminating the traffic problems that can occur when links must

be shared by multiple devices.

- A mesh topology is robust. If one link becomes unusable, it does not

incapacitate the entire system.

- It provides the advantage of privacy or security. This is because when every

message travels along a dedicated line, only the intended recipient sees it.

Physical boundaries prevent other users from gaining access to messages.

- Point-to-point links make fault identification and fault isolation easy. It enables

the network manager to discover the precise location of the fault and aids in

finding its cause and solution.

- One practical example of a mesh topology is the connection of telephone

regional offices in which each regional office needs to be connected to every

other regional office.

- The main disadvantage of mesh topology is the amount of cabling and the

number of I/O ports required. Installation and reconnection are difficult and the

bulk of wiring can be greater than the available space can accommodate. Also

the hardware required to connect each link can be prohibitively expensive.

NETWORKING HARDWARE

Networking hardware includes all computers, peripherals, interface cards and other

equipment needed to perform data-processing and communications within the network.

HUB

Hubs are dumb broadcasters. They may connect many computers and send out the data

they receive to every computer connected to them. They work at the physical layer of

the OSI model. A hub is the central point in a star topology. It also provides additional

services (Managed, Switched, Intelligent hubs).

20

The simplest way to hook up more than two PCs in a network is using a hub. Hubs are

relatively simple and low in cost, and they are essentially multi-port repeaters or signal

booster amplifiers. They have no built-in intelligence; any packet of network data

which arrives via the input connections of any of their ports is simply beefed up and

sent out again via the output connections of all ports (including the one they came

from).

More than 8 PCs can be connected using hubs by cascading them. For the cascading to

work properly to expand your network, either use an uplink port on the lowerlevel hub

and link them with a normal straight through cable, or use normal ports on each and

link them with a crossover cable.

A hub processes data no matter which device it is addressed to, which causes

congestion. So it extends collision domain and cannot filter information.

SWITCH

A network switch is a device that forwards and filters OSI layer 2 datagrams (chunks of

data communication) between ports (connected cables) based on the MAC addresses in

the packets. It provides a central connection point for cables from workstations, servers,

and peripherals. In a star topology, twisted-pair wire is run from each workstation to a

central switch/hub.

Switches are multiport bridges/ smart hubs that send data directly to the destination

rather than everywhere in the network. Most switches are active, that is they electrically

amplify the signal as it moves from one device to another. Switches no longer

broadcast network packets as hubs did in the past, they memorize addressing of

computers and send the information to the correct location directly. Switches are:

Usually configured with 8, 12, or 24 RJ-45 ports

Often used in a star or star-wired ring topology

Sold with specialized software for port management

21

Usually installed in a standardized metal rack that also may store netmodems,

bridges, or routers

Isolate traffic, relieving congestion, separates collision domains, reducing

collisions.

Packet processing time is longer than in a hub, monitoring the network becomes

more complicated and it is more expensive too.

Switches divide the network in to smaller collision domains. Each segment into the

switch has its own collision domain. As packets arrive at the switch, it looks at the

MAC address in the header and decides which segment to forward the packet to.

Higher protocols like TCP/IP and IPX are buried deep inside the packet, so are

invisible to the switch. Once the destination segment has been determined, the packet is

forwarded without any delay.

REPEATER

Since a signal loses strength as it passes along a cable, it is often necessary to boost the

signal with a device called a repeater. The repeater electrically amplifies the signal it

receives and rebroadcasts it. Repeaters can be separate devices or they can be

incorporated into a concentrator. They are used when the total length of your network

cable exceeds the standards set for the type of cable being used. Repeaters work on the

Physical Layer of the OSI model and connect segments of the same network, even if

they use different media.

A good example of the use of repeaters would be in a local area network using a star

topology with unshielded twisted-pair cabling. The length limit for unshielded twisted-

pair cable is 100 meters. The most common configuration is for each workstation to be

connected by twisted-pair cable to a multi-port active concentrator. The concentrator

amplifies all the signals that pass through it allowing for the total length of cable on the

network to exceed the 100 meter limit.

A repeater has three basic functions:

22

- Receives a signal which it cleans up

- Re-times the signal to avoid collisions

- Transmits the signal onto the next segment

Repeaters require a small amount of time to regenerate the signal. This can cause a

propagation delay which can affect network communication when there are several

repeaters in a row. Many network architectures limit the number of repeaters that can

be used in a row. Repeaters work only at the physical layer of the OSI network model.

Repeater cannot filter data, extends the collision domain and cannot connect different

network architectures.

BRIDGE

A network bridge connects multiple network segments at the data link layer (layer 2) of

the OSI model. It is a device that allows you to segment a large network into two

smaller, more efficient networks. By subdividing LAN in to smaller segments, overall

reliability is increased and the network becomes easier to maintain. If you are adding to

an older wiring scheme and want the new network to be up-to-date, a bridge can

connect the two.

A bridge monitors the information traffic on both sides of the network so that it can

pass packets of information to the correct location. Most bridges can "listen" to the

network and automatically figure out the address of each computer on both sides of the

bridge. The bridge can inspect each message and, if necessary, broadcast it on the other

side of the network.

A bridge reads the outermost section of data on the data packet, to tell where the

message is going. It reduces the traffic on other network segments, since it does not

send all packets. Bridges can be programmed to reject packets from particular

networks. Bridging occurs at the data link layer of the OSI model, which means the

bridge cannot read IP addresses, but only the outermost hardware address (MAC

23

address) of the packet. To determine the network segment a MAC address belongs to,

bridges use one of:

Transparent Bridging - They build a table of addresses (bridging table) as they

receive packets. If the address is not in the bridging table, the packet is

forwarded to all segments other than the one it came from. This type of bridge is

used on ethernet networks.

Source route bridging - The source computer provides path information inside

the packet. This is used on Token Ring networks.

The bridge manages the traffic to maintain optimum performance on both sides of the

network but it does not allow unnecessary traffic through. Bridges can be used to

connect different types of cabling, or physical topologies and work with all protocols.

They must, however, be used between networks with the same protocol.

Bridges are fault tolerant by isolating fault segments and reconfiguring the paths in the

event of failure but they introduce network delays. Bridges are not efficient with

complex networks as shortest path may not always be chosen and may overload during

periods of high traffic. They might also cause broadcast storms on the network. Bridges

are slower than repeaters due to the additional processing of packets.

ROUTER

A router translates information from one network to another; it is similar to a

superintelligent bridge. Routers select the best path to route a message, based on the

destination address and origin. The router can direct traffic to prevent head-on

collisions, and is smart enough to know when to direct traffic along back roads and

shortcuts.

24

While bridges know the addresses of all computers on each side of the network, routers

know the addresses of computers, bridges, and other routers on the network. Routers

can even "listen" to the entire network to determine which sections are busiest -- they

can then redirect data around those sections until they clear up.

A router reads the information in each packet to tell where it is going. If it is destined

for an immediate network it has access to, it will strip the outer packet, readdress the

packet to the proper ethernet address, and transmit it on that network. If it is destined

for another network and must be sent to another router, it will re-package the outer

packet to be received by the next router and send it to the next router.

Router operates at network layer of the OSI model and can interconnect with different

types of complex networks (eg. Ethernet with token ring). Router segments the network

logically and limits the collision domain. Although they can transform information at

the data link level, routers cannot transform information from one data format such as

TCP/IP to another such as IPX/SPX. Routers do not send broadcast packets or

corrupted packets. If the routing table does not indicate the proper address of a packet,

the packet is discarded.

Routers can:

Direct signal traffic efficiently by optimizing the routing paths

Route messages between any two protocols

Route messages between linear bus, star, and star-wired ring topologies

Route messages across fiber optic, coaxial, and twisted-pair cabling

Routers are expensive and must use routable protocols; they are also slower than a

bridge.

BROUTER

A brouter functions both as a bridge and a router. It can work on networks using

different protocols.

Brouter can be programmed only to pass data packets using a specific protocol forward

to a segment. In this case, it functions in a similar manner to that of a bridge.

If a brouter is set to route data packets to the appropriate network with a routed

protocol such as IP, it functions as a router.

A brouter functions similar to a bridge for network transport protocols that are not

routable, and as a router for routable protocols. It functions at the network and data link

layers of the OSI network model.

25

GATEWAY

A gateway can translate information between different network data formats or network

architectures. It can translate TCP/IP to AppleTalk so computers supporting TCP/IP

can communicate with Apple brand computers. Most gateways operate at the

application layer, but can operate at the network or session layer of the OSI model.

A gateway may consist of hardware, software, or a combination of the two, and it may

provide translation at all or at only some of the different OSI layers, depending on the

types of systems it connects. Gateways will start at the lower level and strip

information until it gets to the required level and repackage the information and work

its way back toward the hardware layer of the OSI model.

NETWORK INTERFACE CARD

The network interface card (NIC) provides the physical connection between the

network and the computer workstation. It is a piece of computer hardware designed to

allow computers to communicate over a computer network. It provides physical access

to a networking medium and often provides a low-level addressing system through the

use of MAC addresses. There is also a single RJ45 socket on the card‘s mounting

bracket, to accept the network cable.

Each network interface card has its unique id (Media Access Control address). This is

written on a chip which is hardwired into it during manufacture. This address is

26

a six-byte (i.e., 48-bit) binary number, which is used by the network to identify the

node at which that PC is connected. The interface or NIC will only accept data packets

which carry this address in their destination address field and will always include the

same address code in the source address field of any data packets it transmits out to the

network.

Most NICs are internal, with the card fitting into an expansion slot inside the

computer. Some computers, such as Mac Classics, use external boxes which are

attached to a serial port or a SCSI port. Laptop computers can now be purchased with a

network interface card built-in or with network cards that slip into a PCMCIA slot.

Network interface cards are a major factor in determining the speed and performance of

a network. It is a good idea to use the fastest network card available for the type of

workstation you are using. The three most common network interface connections are

Ethernet cards, LocalTalk connectors, and Token Ring cards.

NETWORK ARCHITECTURES

ETHERNET

Ethernet is the most popular physical layer LAN technology in use today. Ethernet is

popular because it strikes a good balance between speed, cost and ease of installation.

These benefits, combined with wide acceptance in the computer marketplace and the

ability to support virtually all popular network protocols, make Ethernet an ideal

networking technology for most computer users today. It defines a number of wiring

27

and signaling standards for the Physical Layer of the OSI networking model as well as

a common addressing format and Media Access Control at the Data Link Layer.

The Institute for Electrical and Electronic Engineers (IEEE) defines the Ethernet

standard as IEEE Standard 802.3. This standard defines rules for configuring an

Ethernet network as well as specifying how elements in an Ethernet network interact

with one another. By adhering to the IEEE standard, network equipment and network

protocols can communicate efficiently.

Ethernet uses an access method called CSMA/CD (Carrier Sense Multiple

Access/Collision Detection). The Ethernet protocol allows for linear bus, star, or tree

topologies. Data can be transmitted over wireless access points, twisted pair, coaxial, or

fiber optic cable at a speed of 10 Mbps up to 1000 Mbps.

FAST ETHERNET

For Ethernet networks that need higher transmission speeds, the Fast Ethernet standard

(IEEE 802.3u) has been established. This standard raises the Ethernet speed limit from

10 Megabits per second (Mbps) to 100 Mbps with only minimal changes to the existing

cable structure. There are three types of Fast Ethernet: 100BASE-TX for use with level

5 UTP cable, 100BASE-FX for use with fiber-optic cable, and 100BASE-T4 which

utilizes an extra two wires for use with level 3 UTP cable. The 100BASE-TX standard

has become the most popular due to its close compatibility with the 10BASE-T

Ethernet standard. For the network manager, the incorporation of Fast Ethernet into an

existing configuration presents a host of decisions. Managers must determine the

number of users in each site on the network that need the higher throughput, decide

which segments of the backbone need to be reconfigured specifically for 100BASE-T

and then choose the necessary hardware to connect the 100BASE-T segments with

existing 10BASE-T segments. Gigabit Ethernet is a future technology that promises a

migration path beyond Fast Ethernet so the next generation of networks will support

even higher data transfer speeds.

TOKEN RING

Token Ring is another form of network configuration which

differs from Ethernet in that all messages are transferred in a

unidirectional manner along the ring at all times. The Token

Ring protocol was developed by IBM in the mid-1980s. The

access method used involves token-passing.

In Token Ring, the computers are connected so that the signal

travels around the network from one computer to another in a

logical ring. A single electronic token moves around the ring

28

from one computer to the next. If a computer does not have information to transmit, it

simply passes the token on to the next workstation. If a computer wishes to transmit

and receives an empty token, it attaches data to the token. The token then proceeds

around the ring until it comes to the computer for which the data is meant. At this point,

the data is captured by the receiving computer. The sender can then remove the

message and free that token for use by others.

The Token Ring protocol requires a star-wired ring using twisted pair or fiber optic

cable. It can operate at transmission speeds of 4 Mbps or 16 Mbps.

Various PC vendors have been proponents of Token Ring networks at different times

and thus these types of networks have been implemented in many organizations.

FDDI

FDDI (Fiber-Distributed Data Interface) is a standard

for data transmission on fiber optic lines in a local area

network that can extend in range up to 200 km (124

miles). The FDDI protocol uses token ring media

access control method and is implemented using fiber-

optic cable.

FDDI networks have a dual, counter-rotating ring

topology. This topology consists of two logical closed

signal paths called ―rings.‖ Signals on the rings travel in opposite directions from each

other. Although both rings can carry data, the primary ring usually carries data while

the secondary ring serves as a backup.

It is also a high-speed LAN technology. It is not generally used for direct connection to

desktop computers, but rather as a backbone technology. A backbone connects two or

more LAN segments to provide a path for transmitting packets among them. A simple

backbone might connect two servers through a high-speed link consisting of network

adapter cards and cable.

FDDI operates at the physical and data-link layers (levels one and two) of the OSI

model. It provides data transfer rates as high as 100 Mbps. In addition to being large

geographically, an FDDI local area network can support thousands of users. This

technology is fast and reliable but expensive.

29

ATM

Asynchronous Transfer Mode is both a LAN and a WAN technology. It is generally

implemented as a backbone technology. ATM is a cell relay technology, meaning that

it uses standard-sized packets called cells. The size of an ATM cell is 53 bytes.

In a LAN implementation, ATM functions at the data-link layer‘s media access control

sublayer.

ATM is extremely scalable; data transfer rates range from 25 Mbps to 2.4 gigabits per

Second (Gbps). This wide range of data transfer rates reflects the various ways in

which ATM can be used. The 25 Mbps rate is a new offering meant for desktop

environments. In LAN backbones, ATM provides data transfer rates of 100 Mbps and

155 Mbps. At the high end, WAN implementations using ATM and SONET together

have achieved data transfer rates of 2.4 Gbps.

ATM networks handle data in a predictable, efficient manner at the switches.

Standard-sized cells and high-bandwidth media like fiber-optic cable also enable ATM

to support real-time voice, video, and data traffic. ATM also offers flexibility in its

transmission media. As many as 22 ATM specifications exist for media like unshielded

twisted-pair, shielded twisted-pair, and fiber-optic cable. (ATM is generally

implemented with fiber-optic cable.)

Although it is seen as a technology of the future, ATM can currently be integrated with

Ethernet and token-ring networks, through use of LAN Emulation.

LOCAL TALK

LocalTalk is a network protocol that was developed by Apple Computer, Inc. for

Macintosh computers. The method used by LocalTalk is called CSMA/CA (Carrier

Sense Multiple Access with Collision Avoidance). It is similar to CSMA/CD except

that a computer signals its intent to transmit before it actually does so. LocalTalk

adapters and special twisted pair cable can be used to connect a series of computers

through the serial port. The Macintosh operating system allows the establishment of a

peer-to-peer network without the need for additional software. With the addition of the

server version of AppleShare software, a client/server network can be established.

30

The LocalTalk protocol allows for linear bus, star, or tree topologies using twisted pair

cable. A primary disadvantage of LocalTalk is speed. Its speed of transmission is only

230 Kbps.

Network Cable Speed Topology

Ethernet Twisted Pair, Coaxial,

Fiber 10 Mbps

Linear Bus, Star,

Tree

Fast

Ethernet Twisted Pair, Fiber 100 Mbps Star

LocalTalk Twisted Pair .23 Mbps Linear Bus or Star

Token Ring Twisted Pair 4 Mbps - 16

Mbps Star-Wired Ring

FDDI Fiber 100 Mbps Dual ring

ATM Twisted Pair, Fiber 155-2488 Mbps Linear Bus, Star,

Tree

CABLES USED IN NETWORKING

Cable is the medium through which information usually moves from one network

device to another. There are several types of cable which are commonly used with

LANs. In some cases, a network will utilize only one type of cable, other networks will

use a variety of cable types. The type of cable chosen for a network is related to the

network's topology, protocol, and size. Understanding the characteristics of different

types of cable and how they relate to other aspects of a network is necessary for the

development of a successful network. The different types of cables used in networking

are:

Unshielded Twisted Pair (UTP) cable

Shielded Twisted Pair (STP) cable

Coaxial cable

Fiber optic cable

Wireless LAN

31

TWISTED PAIR CABLE

It consists of two insulated strands of copper wire twisted around each other to form a

pair. One or more twisted pairs are used in a twisted-pair cable. The use of two wires

twisted together helps to reduce crosstalk and electromagnetic induction. The

transmission speed ranges from 2 million bits per second to 100 million bits per second.

Twisted pair cables are of two types:

STP (shielded twisted pair)

UTP.(unshielded twisted pair)

SHIELDED TWISTED PAIR

Shielded Twisted Pair cable has a foil or wire braid wrapped around the individual

wires of the pairs.

The STP cable uses a woven-copper braided jacket, which is a higher-quality, more

protective jacket than UTP.

STP is suitable for environments with electrical interference; however, the extra

shielding can make the cables quite bulky. Shielded twisted pair is often used on

networks using Token Ring topology.

UNSHIELDED TWISTED PAIR

UTP has four pairs of wires covered by outer jacket. The twist in UTP helps to reduce

crosstalk interference between wire pairs.

32

UTP is installed nearly everywhere. It is inexpensive and readily available cable.

It is very flexible and familiar to the cable installers. It is widely used and tested,

supports many network types and thus, the cable of choice for department networks.

Twisted pair cabling is often used in data networks for short and medium length

connections because of its relatively lower costs compared to optical fiber and coaxial

cable. It is used in Ethernet 10Base-T and 100Base-T networks, as well as in home and

office telephone wiring.

The standard connector for unshielded twisted pair cabling in data networks is an RJ-45

connector. This is a plastic connector that looks like a large telephone-style connector.

UTP cables can be divided further into six categories:

Category 1 Traditional telephone cable. Carries voice only but not data and it has

two twisted pairs.

Category 2 Certified UTP for data transmission of up to 4 Mbps. It has two twisted

pairs and is used in LocalTalk.

Category 3 Certified UTP for data transmission of up to 10 Mbps. It has four

twisted pairs and is used in Ethernet.

Category 4 Certified UTP for data transmission of up to 16 Mbps. It has four

twisted pairs and is used in Token Ring network.

Category 5 Certified for data transmission of up to 100 Mbps. It has four twisted

pairs of copper wire and is used in Fast Ethernet.

Category 5e Certified for data transmission up to 1000 Mbps. It is used in Gigabit

Ethernet.

Category 6 Certified for data transmission up to

Its disadvantages are

Susceptibility to electromagnetic interference (EMI),

Susceptibility to eavesdropping.

Lack of support for communication at distances of greater than 100 feet.

UTP WIRING

It is very important to know how exactly to wire UTP cables because it's the base of a

solid network and will help you avoid hours of frustration and troubleshooting if you do

it right the first time. On the other hand, if you are dealing with a poorly cabled

network, then you will be able to find the problem and fix it more efficiently.

The four pairs of UTP are connected according to the following color coding:

1. Orange/white and Orange

2. Green/white and Blue

3. Blue/white and Green

4. Brown/white and Brown

33

After matching the correct color code, the UTP is connected with an RJ45 connector

using a crimping tool. The other end of this wire may be connected to another PC or a

switch. For connecting to another PC, the same color coding is used on the other end.

For connecting a PC with a switch using UTP cable, the other end that is connected at

the switch follows a crossover strategy (rollover cable) with the color coding as

follows:

1. Green/white and Green

2. Orange/white and Blue

3. Blue/white and Orange

4. Brown/white and Brown.

The other end of UTP cable is also conneted to the RJ45 connector with crimper. Thus

the UTP wiring is done between PCs or between PCs and switch.

COAXIAL CABLE

The coaxial cable is made of two conductors that share the same axis.

In the center is a copper wire that is insulated by a plastic coating and then wrapped

with an outer conductor (usually a wire braid).

The outer conductor serves as electrical shielding for the signal being carried by the

inner conductor. A tough insulating plastic tube outside the outer conductor provides

physical and electrical protection.

Although coaxial cabling is difficult to install, it is highly resistant to signal

interference. In addition, it can support greater cable lengths between network devices

than twisted pair cable. Its transmission speed ranges from 200 million to more than

500 million bits per second. Coaxial cable is of two types:

Thin (ThinNet)

Thick (ThickNet).

ThinNet is .25 inches in diameter. 10Base2 refers to the specifications for thin coaxial

cable carrying Ethernet signals. The 2 refers to the approximate maximum segment

length being 200 meters. In actual fact the maximum segment length is 185 meters. It is

easy to install, small in diameter and shielded to reduce EMI interference but must be

grounded. Thin coaxial cable is popular in school networks, especially linear bus

networks. Its disadvantage is that one break and the whole network goes down.

ThickNet is .38 inches in diameter. 10Base5 refers to the specifications for thick

coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length

being 500 meters. Thick coaxial cable has an extra protective plastic cover that helps

keep moisture away from the center conductor. This makes thick coaxial a great choice

34

when running longer lengths in a linear bus network. One disadvantage of thick coaxial

is that it does not bend easily and is difficult to install.

Coaxial cable is the better choice even though it costs more. It is a standard technology

that resists rough treatment and EMI. It is widely used for cable television systems,

office buildings, and other worksites for local area networks.

FIBRE OPTIC CABLE

Fiber optic cabling consists of a center glass core surrounded by several layers of

protective materials. It transmits modulated pulses of light rather than electronic signals

eliminating the problem of electrical interference. This makes it ideal for certain

environments that contain a large amount of electrical interference. It has also made it

the standard for connecting networks between buildings, due to its immunity to the

effects of moisture and lighting.

Fiber optic cable has the ability to transmit signals over much longer distances than

coaxial and twisted pair. It also has the capability to carry information at vastly greater

speeds. This capacity broadens communication possibilities to include services such as

video conferencing and interactive services.

It is immune to EMI and detection outside the cable and provides a reliable and secure

transmission media. It also supports very high bandwidths. It has a signal attenuation

rate of 0.25 to 2.0 KM. Transmission speed may reach trillions of bits per second. The

transmission speed of fiber optics is hundreds of times faster than for coaxial cables and

thousands of times faster than a twisted-pair wire.

The cost of fiber optic cabling is comparable to copper cabling; however, it is more

difficult to install and modify. 10BaseF refers to the specifications for fiber optic cable

carrying Ethernet signals.

WIRELESS LAN

Not all networks are connected with cabling; some networks are wireless. Wireless

LANs use high frequency radio signals, infrared light beams, or lasers to communicate

between the workstations and the file server or hubs. Each workstation and file server

35

on a wireless network has some sort of transceiver/antenna to send and receive the data.

Information is relayed between transceivers as if they were physically connected. For

longer distance, wireless communications can also take place through cellular

telephone technology, microwave transmission, or by satellite.

Wireless networks are great for allowing laptop computers or remote computers to

connect to the LAN. Wireless networks are also beneficial in older buildings where it

may be difficult or impossible to install cables.

The two most common types of infrared communications used in schools are line-of-

sight and scattered broadcast. Line-of-sight communication means that there must be an

unblocked direct line between the workstation and the transceiver. If a person walks

within the line-of-sight while there is a transmission, the information would need to be

sent again. This kind of obstruction can slow down the wireless network.

Scattered infrared communication is a broadcast of infrared transmissions sent out in

multiple directions that bounces off walls and ceilings until it eventually hits the

receiver. Networking communications with laser are virtually the same as line-of-sight

infrared networks.

Wireless LANs have several disadvantages. They provide poor security, and are

susceptible to interference from lights and electronic devices. They are also slower than

LANs using cabling.

The following table shows the type of cabling used in different types of networks:

Specification Cable Type Maximum length

10BaseT Unshielded Twisted Pair 100 meters

10Base2 Thin Coaxial 185 meters

10Base5 Thick Coaxial 500 meters

10BaseF Fiber Optic 2000 meters

100BaseT Unshielded Twisted Pair 100 meters

100BaseTX Unshielded Twisted Pair 220 meters

36

OSI

The OSI (Open Systems Interconnect) model was developed by the International

Standards Organization (ISO) as a guideline for developing standards to enable the

interconnection of dissimilar computing devices. It is important to understand that the

OSI model is not itself a communication standard. In other words, it is not an agreed

method that governs how data is sent and received; it is only a guideline for developing

such standards.

The OSI Model: What It Is and Why It’s Important

It would be difficult to overstate the importance of the OSI model. Virtually all

networking vendors and users understand how important it is that network computing

products adhere to and fully support the networking standards the model has spawned.

The reasons are logical.

First, when a vendor‘s products adhere to the standards the OSI model has spawned,

connecting those products to other vendors‘ products is relatively simple. Conversely,

the further a vendor departs from those standards, the more difficult it becomes to

connect that vendor‘s products to those of other vendors.

Second, if a vendor were to depart from the communication standards the model has

spawned, software development efforts would be very difficult because the vendor

would have to build every part of all necessary software, rather than often being able to

build on the existing work of other vendors.

The first two problems give rise to a third significant problem for vendors: A vendor‘s

products become less marketable as they become more difficult to connect with other

vendors‘ products unless the introduction of the vendor‘s products is well ahead of the

introduction of other such products into the general marketplace.

The Seven Layers of the OSI Model

Because the task of controlling communications across a computer network is too

complex to be defined by one standard, the ISO divided the task into seven subtasks. Each layer is reasonably self-contained so that the tasks assigned to each layer can be

implemented independently. This enables the solutions offered by one layer to be updated

without adversely affecting the other layers.

Thus, the OSI model contains seven layers, each named to correspond to one of the

seven defined subtasks.

Each layer of the OSI model contains a logically grouped subset of the functions

required for controlling network communications.

The seven layers of the OSI reference model can be divided into two categories: upper

layers and lower layers.

The upper layers of the OSI model deal with application issues and generally are

implemented only in software. The highest layer, the application layer, is closest to the end

user. Both users and application layer processes interact with software applications that contain a communications component.

37

The lower layers of the OSI model handle data transport issues. The physical layer and the

data link layer are implemented in hardware and software. The lowest layer, the physical

layer, is closest to the physical network medium (the network cabling, for example) and is responsible for actually placing information on the medium.

DIAGRAM DEPICTING THE UPPER AND LOWER LAYERS OF OSI

The seven layers of the OSI model and the general purpose of each are:

Physical (1) Controls transmission of the raw bit stream over the transmission

medium. Standards for this layer define such parameters as the

amount of signal voltage swing, the duration of voltages (bits),

and so on.

Data link (2) Responsible for the reliability of the physical link established

at layer 1. Standards define how data frames are recognized

and provide necessary flow control and error handling at the

frame level.

Network (3) Responsible for establishing, maintaining, and terminating

38

network connections. Among other functions, standards define

how data routing and relaying are handled.

Transport (4) Insulates the three upper layers, 5 through 7, from having to

deal with the complexities of layers 1 through 3 by providing the

functions necessary to guarantee a reliable network link. Among

other functions, this layer provides error recovery and flow

control between the two end points of the network connection.

Session (5) Establishes, manages, and ends user connections and manages

the interaction between end systems. Services include such

things as establishing communications as full or half duplex

and grouping data.

Presentation (6) Performs data transformations to provide a common interface

for user applications, including services such as reformatting,

data compression and encryption.

Application (7) Provides services directly to user applications. Because of the

potentially wide variety of applications, this layer must provide

a wealth of services. Among these services are establishing

privacy mechanisms, authenticating the intended communication

partners and determining if adequate resources are present.

39

PHYSICAL LAYER

The physical layer is concerned with transmission of raw bits over a communication

channel. It specifies the mechanical, electrical and procedural network interface

specifications and the physical transmission of bit streams over a transmission medium

connecting two pieces of communication equipment. In simple terms, the physical layer

decides the following:

Number of pins and functions of each pin of the network connector

(Mechanical)

Signal Level, Data rate (Electrical)

Whether simultaneous transmission in both directions

Establishing and breaking of connection

Deals with physical transmission

The Physical layer has two responsibilities: it sends bits and receives bits. Bits come

only in values of 1 or 0. The Physical layer communicates directly with the various

types of actual communication media. Different kinds of media represent these bit

values in different ways. Specific protocols are needed for each type of media to

describe the proper bit patterns to be used, how data is encoded into media signals and

40

the various qualities of the physical media's attachment interface. At the physical layer,

the interface between the Data Terminal Equipment (DTE) and the Data Circuit-

Terminating Equipment (DCE) is identified. The Physical layer's connectors (RJ-45,

BNC) and different physical topologies (Bus, Star, Hybrid networks) are defined by the

OSI as standards, allowing different systems to communicate.

DATA LINK LAYER

The goal of the data link layer is to provide reliable, efficient communication between

adjacent machines connected by a single communication channel. Specifically:

1. Group the physical layer bit stream into units called frames. Note that frames are nothing

more than ``packets'' or ``messages''. By convention, we shall use the term ``frames'' when discussing DLL packets.

2. Sender calculates the checksum and sends checksum together with data. The checksum

allows the receiver to determine when a frame has been damaged in transit or received correctly.

3. Receiver recomputes the checksum and compares it with the received value. If they

differ, an error has occurred and the frame is discarded.

4. Error control protocol returns a positive or negative acknowledgment to the sender. A

positive acknowledgment indicates the frame was received without errors, while a negative acknowledgment indicates the opposite.

5. Flow control prevents a fast sender from overwhelming a slower receiver. For example, a supercomputer can easily generate data faster than a PC can consume it.

6. In general, data link layer provides service to the network layer. The network layer wants

to be able to send packets to its neighbors without worrying about the details of getting it there in one piece.

The Datalink ensures that messages are delivered to the proper device and translates

messages from the Network layer into bits for the Physical layer to transmit. It formats

the message into data frames (notice how we are not using the term segments) and adds

a customized header containing the hardware destination and source address.

Media Access Control (MAC) 802.3

This defines how packets are placed on the media (cable). Contention media (Ethernet)

access is first come first served access where everyone shares the same bandwidth.

Physical addressing is defined here.

Logical Link Control (LLC) 802.2

This sublayer is responsible for identifying Network layer protocols and then

encapsulating them when they are about to be transmitted onto the network or

decapsulate them when it receives a packet from the network and pass it onto the layer

above it, which is the Network layer. An LLC header tells the Datalink layer what to do

41

with a packet once a frame is received. For example, a host (computer) will receive a

frame and then look in the LLC header to understand that the packet is destined for the

IP protocol at the Network layer. The LLC can also provide flow control and

sequencing of control bits.

NETWORK LAYER

The basic purpose of the network layer is to provide an end-to-end communication

capability in contrast to machine-to-machine communication provided by the data link

layer. This end-to-end is performed using two basic approaches known as connection-oriented or connectionless network-layer services.

The Network layer is responsible for routing through an internetwork and for network

addressing. This means that the Network layer is responsible for transporting traffic

between devices that are not locally attached. It performs network routing functions,

and might also perform fragmentation and reassembly, and report delivery errors.

Routers, or other layer-3 devices, are specified at the Network layer and provide

routing services in an internetwork.

In the Open Systems Interconnection (OSI) communications model, the Network layer

knows the address of the neighboring nodes in the network, packages output with the

correct network address information, selects routes and quality of service and

recognizes and forwards to the Transport layer incoming messages for local host

domains (logical-physical address mapping). Among existing protocol that generally

map to the OSI network layer are the Internet Protocol (IP) part of TCP/IP and

NetWare IPX/SPX. Both IP Version 4 and IP Version 6 (IPv6) map to the OSI network

layer.

TRANSPORT LAYER

The transport level provides end-to-end communication between processes executing

on different machines. The Transport layer is responsible for providing mechanisms for

multiplexing upper-layer application, session establishment, data transfer and tear down

of virtual circuits. It also hides details of any network-dependent information from the

higher layers by providing transparent data transfer.

Services located in the Transport layer both segment and reassemble data from upper-

layer applications and unite it onto the same data stream. Application developers have

their choice of the two protocols TCP or UDP when working with TCP/IP protocols at

this layer.

Transport Layer is responsible for message segmentation, acknowledgement, traffic

control and packet creation.

42

SESSION LAYER

This layer allows users on different machines to establish session between them. A session

allows ordinary data transport but it also provides enhanced services useful in some

applications. A session may be used to allow a user to log into a remote time-sharing machine or to transfer a file between two machines.

The Session layer is responsible for setting up, managing, maintaining and then tearing

down sessions between Presentation layer entities. The Session layer also provides

dialog control between devices, or nodes. It coordinates communication between

systems and serves to organize their communication by offering three different

modes: simplex, half-duplex and full-duplex. The session layer basically keeps one

application's data separate from other application's data.

Some examples of Session-layer protocols are:

1. Network File System (NFS): Was developed by Sun Microsystems and used

with TCP/IP and UNIX workstations to allow transparent access to remote

resources.

2. Structured Query Language (SQL): Was developed by IBM to provide users

with a simpler way to define their information requirements on both local and

remote systems.

3. Remote Procedure Call (RPC): Is a broad client/server redirection tool used for

disparate service environments. Its procedures are created on clients and

performed on servers.

4. X Window: Is widely used by intelligent terminals for communicating with

remote UNIX computers, allowing them to operate as though they were locally

attached monitors.

PRESENTATION LAYER

This layer is concerned with Syntax and Semantics of the information transmitted, unlike

other layers, which are interested in moving data reliably from one machine to other. Few of the services that Presentation layer provides are:

1. Encoding data in a standard agreed upon way.

2. It manages the abstract data structures and converts from representation used inside computer to network standard representation and back.

The Presentation Layer presents data to the Application layer. It's basically a translator

and provides coding and conversion functions. A successful data transfer technique is

to adapt the data into a standard format before transmission. Computers are configured

to receive this generically formatted data and then convert the data back into its native

43

format for reading. By providing translation services, the Presentation layer ensures

that data transferred from the Application layer of one system can be read by the

Application layer of another host.

The OSI has protocol standards that define how standard data should be formatted.

Tasks like data compression, decompression, encryption and decryption are associated

with this layer. Some Presentation layer standards are involved in multimedia

operations.

APPLICATION LAYER

The Application layer of the OSI model is where users communicate with the

computer. Application layer functions typically include identifying communication

partners, determining resource availability, and synchronizing communication. When

identifying communication partners, the application layer determines the identity and

availability of communication partners for an application with data to transmit. When

determining resource availability, the application layer must decide whether sufficient

network or the requested communication exists. In synchronizing communication, all

communication between applications requires cooperation that is managed by the

application layer. The user interfaces with the computer at the application layer.

Although computer applications sometimes require only desktop resources,

applications may unite communicating components from more than one network

application; for example, file transfers, e-mail, remote access, network management

activities, client/server processes. Some examples of Application Layer

implementations include:

File transfer (FTP): Connect to a remote machine and send or fetch an arbitrary file.

FTP deals with authentication, listing a directory contents, ASCII or binary files,

etc.

Remote login (telnet): A remote terminal protocol that allows a user at one site to

establish a TCP connection to another site, and then pass keystrokes from the local

host to the remote host.

Mail (SMTP): Allow a mail delivery agent on a local machine to connect to a mail

delivery agent on a remote machine and deliver mail.

News (NNTP): Allows communication between a news server and a news client.

Web (HTTP): Base protocol for communication on the World Wide Web.

44

COMMUNICATION IN A NETWORK THROUGH OSI LAYERS

Communication in a network can be explained with the help of an example. Let there

be two identical computers and each computer is running an E-mail program. The E-

mail

program enables the users of the two computers to exchange messages. The

transmission of one brief message from computer A to computer B takes place in the

following way:

The transmission starts with the user of computer A pressing a key to send a mail

message to the user of computer B. The E-mail application is designed to talk to the

OSI application layer—it knows the proper protocol for doing so. The E-mail

application transfers the message to the OSI application layer. Using the functions built

into its protocol, the application layer accepts the message data and adds an application-

layer header to it. The application-layer header contains the information necessary for

the application layer in computer B to correctly handle the data when computer B

receives it.

After adding its header, the application layer in computer A passes the data to the

presentation layer below. The presentation layer treats everything received as data,

including the application-layer header, and appends its own header (the technical term

for this is ―encapsulation‖). The presentation-layer header contains the information

45

necessary for the presentation layer in computer B to correctly handle the data. After

adding its header, the presentation layer transfers the new data unit to the session layer.

This process is repeated through all layers in computer A until a final header is added at

the data-link layer. After the data-link–layer header is added, the data unit is known as

a ―frame.‖ The data, or frame, is passed from the data-link layer to the physical

computers.

When the signal reaches computer B, layer one in computer B (the physical layer)

copies the data. Now the process is reversed. The physical layer in computer B transfers

the data to the data-link layer. The data-link layer removes the header information that

was attached by the corresponding layer in computer A, acts upon the information the

header contains, and transfers the data unit up to the network layer.

This process continues, with the headers being stripped off at each layer and the

instructions contained therein carried out, until the original data from computer A (the

message) is finally passed from the application layer to the E-mail application in

computer B. When the E-mail application receives the message, it displays the layer

and is transmitted across the transmission medium connecting the two message on the

screen for the user of computer B to read.

PROTOCOLS

Network protocols are standards that allow computers to communicate. A protocol

defines how computers identify one another on a network, the form that the data should

take in transit, and how this information is processed once it reaches its final

destination. Protocols define the format, timing, sequence, and error checking used on

the network. Protocols also define procedures for handling lost or damaged

transmissions or "packets." TCP/IP (for UNIX, Windows NT, Windows 95 and other

platforms), IPX (for Novell NetWare), DECnet (for networking Digital Equipment

Corp. computers), AppleTalk (for Macintosh computers), and NetBIOS/NetBEUI (for

LAN Manager and Windows NT networks) are the main types of network protocols in

use today.

Although each network protocol is different, they all share the same physical cabling.

This common method of accessing the physical network allows multiple protocols to

peacefully coexist over the network media, and allows the builder of a network to use

common hardware for a variety of protocols. This concept is known as "protocol

independence‖.

DHCP

The Dynamic Host Configuration Protocol (DHCP) is an auto configuration protocol

used on IP networks. Computers that are connected to IP networks must be configured

before they can communicate with other computers on the network. DHCP allows a

46

computer to be configured automatically, eliminating the need for intervention by a

network administrator. It also provides a central database for keeping track of

computers that have been connected to the network. This prevents two computers from

accidentally being configured with the same IP address.

In the absence of DHCP, hosts may be manually configured with an IP address.

Alternatively IPv6 hosts may use stateless address autoconfiguration to generate an IP

address. IPv4 hosts may use link-local addressing to achieve limited local connectivity.

In addition to IP addresses, DHCP also provides other configuration information,

particularly the IP addresses of local caching DNS resolvers. Hosts that do not use

DHCP for address configuration may still use it to obtain other configuration

information.

When a DHCP-configured client (a computer or any other network-aware device)

connects to a network, the DHCP client sends a broadcast query requesting necessary

information from a DHCP server. The DHCP server manages a pool of IP addresses

and information about client configuration parameters such as default gateway, domain

name, the name servers, other servers such as time servers, and so forth. On receiving a

valid request, the server assigns the computer an IP address, a lease (length of time the

allocation is valid), and other IP configuration parameters, such as the subnet mask and

the default gateway. The query is typically initiated immediately after booting, and

must complete before the client can initiate IP-based communication with other hosts.

Depending on implementation, the DHCP server may have three methods of allocating

IP-addresses:

Dynamic Allocation: A network administrator assigns a range of IP

addresses to DHCP, and each client computer on the LAN is configured to

request an IP address from the DHCP server during network initialization.

The request-and-grant process uses a lease concept with a controllable time

period, allowing the DHCP server to reclaim (and then reallocate) IP

addresses that are not renewed.

Automatic Allocation: The DHCP server permanently assigns a free IP

address to a requesting client from the range defined by the administrator.

This is like dynamic allocation, but the DHCP server keeps a table of past IP

address assignments, so that it can preferentially assign to a client the same

IP address that the client previously had.

Static Allocation: The DHCP server allocates an IP address based on a table

with MAC address/IP address pairs, which are manually filled in (perhaps

by a network administrator). Only requesting clients with a MAC address

listed in this table will be allocated an IP address. This feature is not

supported by all DHCP servers.

47

TCP/IP PROTOCOL SUITE

The TCP/IP Protocol Suite is the set of communications protocols used for

the Internet and other similar networks. It is commonly also known as TCP/IP, named

from two of the most important protocols in it: the Transmission Control

Protocol (TCP) and the Internet Protocol (IP), which were the first two networking

protocols defined in this standard. Modern IP networking represents a synthesis of

several developments that began to evolve in the 1960s and 1970s, namely

the Internet and local area networks, which emerged during the 1980s, together with the

advent of the World Wide Web in the early 1990s.

The Internet Protocol Suite, like many protocol suites, is constructed as a set of layers.

Each layer solves a set of problems involving the transmission of data. In particular, the

layers define the operational scope of the protocols within.

Often a component of a layer provides a well-defined service to the upper layer

protocols and may be using services from the lower layers. Upper layers are logically

closer to the user and deal with more abstract data, relying on lower layer protocols to

translate data into forms that can eventually be physically transmitted.

The TCP/IP model consists of 4 layers (RFC 1122). From lowest to highest, these are

the Link Layer, the Internet Layer, the Transport Layer, and the Application Layer.

LAYERS OF TCP/IP MODEL

48

TCP/IP PROTOCOL STACK

TRANSMISSION CONTROL PROTOCOL

The Transmission Control Protocol is one of the most important and well-known

protocols in the world on networks today. Used in every type of network world-wide, it

enables millions of data transmissions to reach their destination and works as a bridge,

connecting hosts with one another and allowing them to use various programs in order

to exchange data.

The Need For Reliable Delivery

TCP is defined by RFC 793 and was introduced to the world towards the end of 1981.

The motivation behind creating such a protocol was the fact that back in the early 80s,

computer communication systems were playing a very important role for the military,

education and normal office environments. As such, there was the need to create a

mechanism that would be robust, reliable and complete data transmission on various

mediums without great losses.

TCP was designed to be able to deliver all of the above, and so it was adopted promptly

by the rest of the world.

Transmission Control Protocol (TCP) supports the network at the transport layer. It

provides a reliable connection oriented service. Connection oriented means both the

client and server must open the connection before data is sent. TCP is defined by RFC

793 and 1122. TCP provides:

End to end reliability.

Data packet re-sequencing.

49

Flow control.

Connection-Oriented

Windowing

Acknowledgements

More overhead

TCP relies on the IP service at the network layer to deliver data to the host. Since IP is

not reliable with regard to message quality or delivery, TCP must make provisions to

be sure that messages are delivered on time and correctly.

TCP is used in almost every type of network. As a protocol, it is not restricted to any

type of network topology, whether it be a local area network (LAN) or wide area

network (WAN). Being a transport protocol, we call it a transport protocol because it's

located in the transport layer of the OSI model its primary job is to get data from one

location to another, regardless of the physical network and location.

INTERNET PROTOCOL

Internet Protocol (IP) provides support at the network layer of the OSI model. All

transport protocol data packets such as UDP or TCP are encapsulated in IP data packets

to be carried from one host to another.

IP is a connection-less unreliable service meaning there is no guarantee that the data

will reach the intended host. The datagrams may be damaged upon arrival, out of order,

or not arrive at all. Therefore the layers above IP such as TCP are responsible for being

sure that correct data is delivered. IP provides for:

Addressing.

Type of service specification.

Fragmentation and re-assembly.

Security.

IP ADDRESSING

An Internet Protocol address (IP address) is a numerical label assigned to each

device (e.g. computer, printer) participating in a computer network that uses

the Internet Protocol for communication. An IP address serves two principal functions:

host or network interface identification and location addressing. The Internet Assigned

Numbers Authority (IANA) manages the IP address space allocations globally and

cooperates with five regional Internet registries (RIRs) to allocate IP address blocks

to local Internet registries (Internet service providers) and other entities.

Internet Protocol addresses are assigned to a host either anew at the time of booting, or

permanently by fixed configuration of its hardware or software. Persistent

configuration is also known as using a static IP address. In contrast, in situations when

50

the computer's IP address is assigned newly each time, this is known as using

a dynamic IP address.

In IPv4 an address consists of 32 bits which limits the address space to

4294967296 (232

) possible unique addresses. IPv4 reserves some addresses for special

purposes such as private networks (~18 million addresses) or multicast addresses (~270

million addresses).

Each IP address is denoted by a ―dotted decimal notation‖. This means there are four

numbers, each separated by a dot. Each number represents a one byte value with a

possible mathematical range of 0-255. Briefly, the first one or two bytes, depending on

the class of network, generally will indicate the number of the network, the third byte

indicates the number of the subnet, and the fourth number indicates the host number. IP

addresses are broken into 4 octets (IPv4). An octet is a byte consisting of 8 bits. The

IPv4 addresses are in the following form:

192.168.10.1

The host number cannot be 0 or 255. None of the numbers can be 255 and the first

number cannot be 0. This is because broadcasting is done with all bits set in some

bytes. Broadcasting is a form of communication that all hosts on a network can read,

and is normally used for performing various network queries. An address of all 0's is

not used, because when a machine is booted that does not have a hardware address

assigned, it provides 0.0.0.0 as its address until it receives its assignment. This would

occur for machines that are remote booted or those that boot using DHCP.

The first three bits of the most significant octet of an IP address are defined as the class

of the address. Three classes (A, B, and C) are defined for universal unicast addressing.

Depending on the class derived, the network identification is based on octet boundary

segments of the entire address. Each class uses successively additional octets in the

network identifier, thus reducing the possible number of hosts in the higher order

classes (B and C).

Class First octet in

binary

Range of first

octet

Network

ID

Host

ID

Number of

networks

Number of

addresses

A 0XXXXXXX 0 - 127 a b.c.d 27 = 128 224 = 16777216

B 10XXXXXX 128 - 191 a.b c.d 214 = 16384 216 = 65536

C 110XXXXX 192 - 223 a.b.c d 221 = 2097152 28 = 256

51

The first octet (first 8 Bits or first byte) of an IP Address is enough for us to determine

the Class to which it belongs. And, depending on the Class to which the IP Address

belongs, we can determine which portion of the IP Address is the Network ID and

which is the Host ID.

There are two parts of an IP address:

Network ID: The part of the IP address that defines the network.

Host ID: The latter part of the IP address that defines the host address.

The various classes of networks specify additional or fewer octets to designate the

network ID versus the host ID.

SUBNETTING

Subnetting is the process of breaking down a main class A, B, or C network into

subnets for routing purposes. A subnet mask is the same basic thing as a netmask with

the only real difference being that you are breaking a larger organizational network into

smaller parts, and each smaller section will use a different set of address numbers. This

will allow network packets to be routed between subnetworks.

When doing subnetting, the number of bits in the subnet mask determines the number

of available subnets. Two to the power of the number of bits minus two is the number

of available subnets. When setting up subnets the following must be determined:

Number of segments

Hosts per segment

52

Types of subnet masks:

Default - Fits into a Class A, B, or C network category

Custom - Used to break a default network such as a Class A, B, or C network

into subnets.

Subnetting provides the following advantages:

Network traffic isolation - There is less network traffic on each subnet.

Simplified Administration - Networks may be managed independently.

Improved security - Subnets can isolate internal networks so they are not visible

from external networks.

IPV6

The rapid exhaustion of IPv4 address space, despite conservation techniques, prompted

the Internet Engineering Task Force (IETF) to explore new technologies to expand the

Internet's addressing capability. The permanent solution was deemed to be a redesign of

the Internet Protocol itself. This next generation of the Internet Protocol, intended to

replace IPv4 on the Internet, was eventually named Internet Protocol Version 6 (IPv6)

in 1995. The address size was increased from 32 to 128 bits or 16 octets. This, even

with a generous assignment of network blocks, is deemed sufficient for the foreseeable

future. Mathematically, the new address space provides the potential for a maximum of

2128

, or about 3.403×1038

unique addresses. IPv6 has facilities that automatically

change the routing prefix of entire networks, should the global connectivity or the

routing policy change, without requiring internal redesign or renumbering. The large

number of IPv6 addresses allows large blocks to be assigned for specific purposes and,

where appropriate, to be aggregated for efficient routing.

USER DATAGRAM PROTOCOL

The User Datagram Protocol (UDP) is one of the core members of the Internet

Protocol Suite, the set of network protocols used for the Internet. With UDP, computer

applications can send messages, in this case referred to as datagrams, to other hosts on

an Internet Protocol (IP) network without requiring prior communications to set up

special transmission channels or data paths.

UDP supports the network at the transport layer. It is an unreliable connection-less

protocol and is defined by RFC 768 and 1122. It is a datagram service. There is no

guarantee that the data will reach its destination. UDP is meant to provide service with

very little transmission overhead. It adds very little to IP data packets except for some

error checking and port direction. Time-sensitive applications often use UDP because

dropping packets is preferable to waiting for delayed packets, which may not be an

53

option in a real-time system. The following protocols or services use UDP: DNS,

SNMP, BOOTP, TFTP, NFS, RIP, RPC, VoIP, etc..

UDP applications use datagram sockets to establish host-to-host communications. An

application binds a socket to its endpoint of data transmission, which is a combination

of an IP address and a service port. A port is a software structure that is identified by

the port number, a 16 bit integer value, allowing for port numbers between 0

and 65535. Port 0 is reserved, but is a permissible source port value if the sending

process does not expect messages in response.

The Internet Assigned Numbers Authority has divided port numbers into three

ranges. Port numbers 0 through 1023 are used for common, well-known services. Port

numbers 1024 through 49151 are the registered ports used for IANA-registered

services. Ports 49152 through 65535 are dynamic ports that are not officially for any

specific service, and can be used for any purpose. They are used as temporary ports

primarily by clients when communicating with servers

DNS

The Domain Name System (DNS) is a hierarchical naming system built on

a distributed database for computers, services, or any resource connected to

the Internet or a private network. It associates various information with domain

names assigned to each of the participating entities. Most importantly, it translates

domain names meaningful to humans into the numerical identifiers associated with

networking equipment for the purpose of locating and addressing these devices

worldwide.

An often-used analogy to explain the Domain Name System is that it serves as

the phone book for the Internet by translating human-friendly

computer hostnames into IP addresses.

For example, the domain namewww.example.com translates to the

addresses 192.0.32.10 (IPv4) and 2620:0:2d0:200::10 (IPv6).

The Domain Name System makes it possible to assign domain names to groups of

Internet resources and users in a meaningful way, independent of each entity's physical

location. Because of this, World Wide Web (WWW) hyperlinks and Internet contact

information can remain consistent and constant even if the current Internet routing

arrangements change or the participant uses a mobile device. Internet domain names

are easier to remember than IP addresses such as 208.77.188.166 (IPv4)

or 2001:db8:1f70::999:de8:7648:6e8 (IPv6). Users take advantage of this when they

recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without

having to know how the computer actually locates them.

The Domain Name System distributes the responsibility of assigning domain names

and mapping those names to IP addresses by designating authoritative name servers for

each domain. Authoritative name servers are assigned to be responsible for their

particular domains, and in turn can assign other authoritative name servers for their

54

sub-domains. This mechanism has made the DNS distributed and fault tolerant and has

helped avoid the need for a single central register to be continually consulted and

updated.

In general, the Domain Name System also stores other types of information, such as the

list of mail servers that accept email for a given Internet domain. By providing a

worldwide, distributed keyword-based redirection service, the Domain Name System is

an essential component of the functionality of the Internet.

SHARING RESOURCES IN A NETWORK

In a network, resources (files, folders, software or hardware) can be shared so that other

users on the network are able to access them.

A shared server can be created for this purpose or users can even make their own

resources sharable to each other. This is done using IP Address.

- When a shared server is made, all the resources to be shared among users are

placed in it and it is given an IP address with a password. Other domain users

can now access the shared server by:

Start Run type: //ipaddressofsharedserver

A password will be asked on entering which, the domain user can access all the

shared resources from the shared server.

- If a user wants to make any resources sharable, then follow these steps:

Right click on the file/folder Click Properties Select ‗Sharing‘ tab

Select ‗share this folder‘

The folder becomes shared and is visible with a hand underneath the folder

name. Sharing options can be used to limit the number of users that can access

the folder and set permissions for them.

The shared folder can now be accessed by the other domain users by:

Start Run type: //ipaddress

Here, ipaddress is the IP address of the user who has shared its resource.

- Hardware like printers can also be shared within a network either by making a

shared print server with an IP address assigned to it which can be accessed by

all domain users, or by assigning the network printer an IP address and

configuring the printer software on each of the domain user‘s system.

55

NETWORK TROUBLESHOOTING

Network troubleshooting process should follow the following steps:

Establish the symptoms.

Identify the affected area.

Establish what has changed.

Select the most probable cause.

Implement a solution

Test the result

Recognize the potential effects of the solution

Document the solution

1. PING

The "ping" program uses ICMP echo message requests and listens for ICMP echo

message reply messages from its intended host. Using the -R option with ping enables

56

the record route feature. If this option is used ping will set the record route (RR) in the

outgoing ICMP IP datagram.

To troubleshoot a TCP/IP configuration by using the ping command:

- To quickly obtain the TCP/IP configuration of a computer, open Command

Prompt, and then type ipconfig. From the display of the ipconfig command,

ensure that the network adapter for the TCP/IP configuration you are testing is

not in a Media disconnected state.

- Ping the IP address of the computer.

If you do not get a reply, and there is no firewall software installed, your

network configuration, modem, Ethernet card, or cabling is probably at fault.

Triple check all your network settings.

- Ping the IP address of the default gateway.

If the ping command fails, verify that the default gateway IP address is correct

and that the gateway (router) is operational.

- Ping the IP address of a remote host (a host that is on a different subnet).

If the ping command fails, verify that the remote host IP address is correct, that

the remote host is operational, and that all of the gateways (routers) between

this computer and the remote host are operational.

- Ping the IP address of the DNS server.

If the ping command fails, verify that the DNS server IP address is correct, that

the DNS server is operational, and that all of the gateways (routers) between

this computer and the DNS server are operational.

- Remove any unnecessary firewalls, protocols or other configurations the

complicate the troubleshooting process. You can add them back in later after

you get things working.

- If your PING works but there is problem in finding sites on Internet:

Try PINGing a name rather than an IP address.

This will determine if your DNS entry is correct or working.

For example: PING www.yahoo.com

If this works, then likely your web browser is misconfigured. Make sure you do

not have an incorrect proxy server setting in your Web Browser

It could also be a corrupt winsock registry entry

2. TRACEROUTE

The "traceroute" program uses ICMP messaging and the time to live (TTL) field

in the IP header. It works by sending a packet to the intended host with a TTL

value of 1. The first router will send back the ICMP "time exceeded" message to

57

the sending host. Then the traceroute program will send a message with a TTL of

2, then 3, etc. This way it will get information about each router using the

information received in the ICMP packets. To get information about the

receiving host, the message is sent to a port that is not likely to be serviced by

that host. A ICMP "port unreachable" error message is generated and sent back.

For example: tracert 102.55.92.2 or traceroute 102.55.92.2

This should begin listing the hops between the computer and network devices.

When the connection fails, determine which device is causing the issue by

reviewing the traceroute listing.

3. Specify IP address and default subnet mask manually

- Click Start / Settings / Control Panel

- Double-click the Network icon

- Within the configuration tab double-click the TCP/IP protocol icon.

- In the TCP/IP properties click the IP address tab

- Select the option to specify an IP address

- Enter the IP address and Subnet Mask address, an example of such an address

could be:

IP Address: 102.55.92.1

Subnet Mask: 255.255.255.192

- When specifying these values, the computers on the network must all have the

same Subnet Mask and have a different IP Address.

4. NETSTAT

NETSTAT is used to look up the various active connections within a computer. It is

helpful to understand what computers or networks you are connected to. This

allows you to further investigate problems. One host may be responding well but

another may be less responsive.

58

BASIC ADMINISTRATION

FORMATTING

Formatting is the process of reinstalling a new file system on a hard disk. It is generally

done in case of a corrupted OS.

Formatting in Windows XP can be done in following steps:

Step 1- Insert your Windows XP installation disc into your CD or DVD drive.

Step 2 - Restart your computer and start Windows setup using Microsoft Windows

bootable XP disk

Step 3 - Press ENTER to set up Windows XP now

Step 4 - Accept Windows usage agreement

Step 5 - Setup start

Press enter to start the windows installation

If an existing Windows XP installation is detected by the system, you are prompted to

repair it.

Step 6 - Delete old partition using ‗D‘ and format

Step 7 - Create a new partition in the unpartitioned space by pressing ‗C‘ and enter the

size of the partition required.

Step 8 - Select format using NTFS (Quick) and hit Enter.

59

Step 9 - Set up is formatting

Setup will start to and will auto-format the ―C:‖ partition, and start with Windows XP

installation. From here you are all set and the installation of Windows will proceed.

This will take a while. The computer will reboot several times, and will continue with

installation. Don‘t remove the Windows XP setup CD during this time.

Step 10 – Set up reboots and copies files needed for windows setup

Step 11 – Set up finished.

During formatting, if there is an error or a ―death screen‖ shows up, then either the hard

disk or RAM is damaged due to which OS cannot copy file to a particular bad sector.

If a sector of the hard disk is damaged, the hard disk can only be used as slave, its data

saved on another external hard disk and it becomes useless.

LOW LEVEL FORMATTING

Low-level formatting means creating all the sectors, tracks, cylinders, and head

information on the drive.

A low-level format performs three simultaneous functions:

1. It creates and organizes the sectors, making them ready to accept data.

2. It sets the proper interleave (records the sector header, trailer information, and

intersector and intertrack gaps).

3. It establishes the boot sector.

HIGH LEVEL FORMATTING

60

The high-level format is simply called "format" (the program used to perform a high-

level format is called FORMAT.COM).

This is the same format command used to prepare floppy disk drives. The high-level

format performs two major functions:

It creates and configures the file allocation tables (FATs).

It creates the root directory, which is the foundation on which files and

subdirectories are built.

PARTITIONING

Partitions are logical divisions of a hard drive. HDD can have anywhere from 1

to 24 logical drives, identified as C to Z.

Partitions exist for two reasons:

To divide the disk into several drive letters to make it easier to organize

data files.

To accommodate more than one operating system.

Partitioning offers many advantages. It helps the computer run faster, crash less,

be more efficient in general, makes defragmentation and scan disks easier, fast

and easy isolation of data and control of selective file sharing.

Primary and Extended Partitions

There are two types of partitions:

Primary

Extended.

The primary partition is the location where the boot information for the operating

system is stored. It stores the program files, windows files and all user documents and

settings.

The extended partition is for a hard disk drive other than the one on which OS is

installed. The extended partition is further divided into logical drives starting with D

and progressing until drive letter Z is created.

Newer operating systems can use all of the drive as a single primary partition.

The number of partitions that can be created follow the criteria:

1 primary, 1 extended

2 primary, 1 extended

3 primary, 1 extended

4 primary, 0 extended

There are two ways to partition drives:

FDisk, which is free with Windows, and which will wipe out the contents of

existing partitions in making any changes to them (therefore, backups are

definitely recommended!).

61

Third party partitioning programs, of which the best is still Partition Magic,

and which do not wipe out your data.

BOOTING PROCESS

Booting is a bootstrapping process that starts operating systems when the user turns on

a computer system. The booting process in windows XP consists of a list of detailed

procedures that the system undergoes to perform all system checks and load all

necessary files to bring the computer to an operable state. The booting process has

following steps:

The Power-On Self Test Phase (POST)

As soon as you power up your computer, a self-test is performed by the power supply

to ensure that the volume and current levels are correct before the Power Good signal is

sent to the processor. When this first stage is cleared, the microprocessor will then

trigger the BIOS to perform a series of operations.

BIOS ROM Phase

The BIOS, also known as the Basic Input Output System is a firmware or set of

instructions that resides on a ROM chip as contained in the motherboard. It first carries

out the P.O.S.T that performs and verifies all initial hardware checks, such as checking

if the system is initialized by a warm or cold start, detecting the presence of peripheral

devices and the amount of memory present. BIOS is a utility that gives us the facility to

enable or disable devices, see their status, set date and time, password (user and

supervisor), boot up sequence, etc..

The system will now attempt to determine the sequence of devices to load based on the

settings stored in the BIOS to start the operating system. It will start by reading from

the first bootup device. If it points to the floppy drive, it then searches for a floppy disk.

If it does not detect a bootable disk in the floppy drive, the system displays an error

message. If the floppy drive does not contain a disk, it detects the second device, which

is usually the hard disk. It'll then start by reading the boot code instructions located in

the master boot record and copies all execution into the memory when the instructions

are validated and no errors are found.

Boot Loader Phase

Once the POST is complete and the BIOS is sure that everything is working properly,

the BIOS will then attempt to read the MBR (Master Boot Record). Master boot record

holds the disk‘s primary partition table and is present at position track 0, cylinder 0,

sector 1 of the hard disk. It identifies the primary partition, extended partitions and

62

active partition which are needed to determine the file system and locate the operating

system loader file - NTLDR.

The MBR looks at the BOOT SECTOR (the first sector of the active partition). That is

where NTLDR is located; NTLDR is the BOOT LOADER for Windows XP. NTLDR

allows memory addressing, initiate the file system, read the boot.ini and loads the boot

menu.

Operating System Configuration Phase

Once XP is selected from the Boot Menu, NTLDR will run NTDETECT.COM,

BOOT.INI and BOOTSECT.DOS to get the proper OS selected and loaded. The

system starts in 16-bit real mode and then moves into 32-bit protected mode.

NTDETECT.COM searches for hardware devices and checks if their drivers are

properly installed or not. BOOT.INI is a configuration file that shows the names of the

operating systems present in hard disk. IO.SYS, MSDOS.SYS, PAGEFILE.SYS,

CONFIG.SYS are other system files saved in MBR. The first two contain MS-DOS

commands, PAGEFILE.SYS consists of the system‘s virtual memory and uses the

concept of paging/swapping for faster access, CONFIG.SYS is used to configure

different hardware components of the computer, reload all drivers and executes only at

the time of booting. Both NTLDR and NTDETECT.COM work together to enter all the

system registry into the registry editor.

NTLDR loads NTOSKRNL.EXE and HAL.DLL. Effectively, these two files are

windows XP. They must be located in %SystemRoot%System32. HAL.DLL

(Hardware Abstraction Layer) is a very important file since it provides for

communication with the motherboard.

NTLDR reads the registry, chooses a hardware profile and authorizes device drivers, in

that exact order.

Security & Logon Phase

Finally, NTOSKRNL.EXE takes over and it starts WINLOGON.EXE that in turn

triggers LSASS.EXE (Local Security Administration); which is the logon dialog

interface that prompts you to select your user profile and verifies your necessary

credentials before you are transferred to the Windows desktop.

FILE SYSTEMS

File system is a management tool that gives information about the FID (File

Identification Number) for the location of files in hard disks and drives. The file system

actually decides the manner that how data will be accurately arranged in the hard disk

drive. Whenever a file/folder is created, it is saved in the hard disk with an Inode

63

number or FID. Its subsequent folders maybe stored in any sector on the disk but its

Inode no. is linked with its parent file/folder‘s Inode no.

Files in Windows XP can be organized on the hard disk in two different ways.

The old FAT (File Allocation Table) file system was developed originally

(when the original IBM PCs came out) for MS-DOS on small machines and

floppy disks. There are variants — FAT12 is used on all floppy disks, for

example — but hard disk partitions in Windows XP can be assumed to use the

FAT32 version, or 32-bit File Allocation Table. FAT32 doesn‘t provide security

and can cause cluster damage.

Later, a more advanced file system was developed for hard disks in Windows

NT, called NTFS (the “NT File System”). This has matured, through several

versions, into the latest one that exists alongside FAT in Windows XP.

The file system used goes with an individual partition of the disk. You can mix the

two types on the same physical drive. Files can be moved between folders on an NTFS

partition and folders on a FAT partition or across a network to another machine that

might not even be running Windows. To convert FAT to NTFS:

Start Run type ―cmd‖ in Run In cmd, type: convert drive:/fs:ntfs

Advantages of NTFS

NTFS supersedes the FAT file system as the preferred file system for

Microsoft‘s Windows operating systems. NTFS has several improvements over FAT

and HPFS (High Performance File System) such as improved support for metadata and

the use of advanced data structures to improve performance, reliability, and disk space

utilization, plus additional extensions such as security access control lists (ACL)

and file system journaling. The NTFS file system provides various facilities like:

File Encryption

This can be done through the following steps:

Select any file/folder Right click and select Properties Click on advance tab

Select encrypt contents to secure data

The encrypted folder then appears in green color.

64

File/ folder Compression

This facility provided by NTFS is used to compress the hard disk space. Compression

is done by:

Select any file/folder Right click and select Properties Click on advance tab

Select compress contents to save disk space

The compressed folder then appears in blue color.

Disk Quota

NTFS also allows administrator to set up disk quotas for other users on the system.

Disk Quota can be set by:

Select any local hard drive Right click and select properties Select Quota tab and

enable quota management

65

No cluster formation or damage

There is no cluster formation or damage in NTFS due to which it is more reliable and

secure for recovery purposes.

Journaling

NTFS has stronger means of recovering from troubles than does FAT. All changes to

files are ―journalized,‖ which allows the system to roll back the state of a file after a

crash of the program using it or a crash of the system. Also, the structure of the file

system is less likely to suffer damage in a crash, and is therefore more easily reinstated

by CheckDisk (CHKDSK.EXE). If an NTFS partition is so damaged that it is not

possible to boot Windows, then only repair can be very difficult.

Inherit Permissions

66

The main feature of the NTFS file system is that you can define local security for files

and folders stored on NTFS partitions. You can specify access permissions on files and

folders which control which users can access the NTFS files and folders. You can also

specify what level of security is allowed for users or group. NTFS permissions can be

set for folders and files. On NTFS partitions, permissions are applied to users who

access the computer locally, and who access a NTFS folder which has been shared over

the network.

By default, permissions of NTFS volumes are inheritable. What this means is that files

and subfolders inherit permissions from their associated parent folder. You can

however, configure files and subfolders not to inherit permissions from their parent

folder.

NTFS inherit permissions can be set or cleared on any folder/file by:

Select the file/folder Right click and select properties Select the security tab

Click ‗advanced‘ and then ‗permissions‘ tab add/remove any permissions for any

user account/group

You can set the following permission inheritance options:

Allow inheritable permissions from the parent to propagate to this object and all

child objects. Include these with entries explicitly defined here.

Replace permission entries on all child objects with entries shown here that

apply to child objects.

When you clear inheritance of NTFS permissions from a parent container, you are

presented with two options: Copy and Remove. The Copy option will recurse the child

objects and write the NTFS permissions from the parent folder. The Remove option

removes all default NTFS-created permissions--that of Administrators, Users, Creator

Owner, System, etc.--from the list of Group or User Name. If you select this option,

you must add custom permissions before you apply the changes, because no users or

groups will have access to the folder until you add permissions.

COMPUTER MANAGEMENT

Computer Management is a collection of administrative tools that can be used to

manage a single local or remote computer. It combines several administrative utilities

into a console tree, and it provides easy access to administrative properties and tools.

Computer Management can be used to:

Monitor system events, such as logon times and application errors.

67

Create and manage shared resources.

View a list of users who are connected to a local or remote computer.

Start and stop system services, such as Task Scheduler and Indexing Service.

Set properties for storage devices.

View device configurations and add new device drivers.

Manage applications and services.

The following table lists some of the most common tasks for managing computers, and

the tools that can be used to perform them:

Task Tool or feature

On a single local or remote computer: create and manage shared

resources, view a list of users who are connected to the computer,

or view device configurations and add new device drivers.

Computer

Management

Use a graphical view of the hardware that is installed on your

computer; if necessary, update the drivers for hardware devices,

modify hardware settings and troubleshoot problems.

Device Manager

Create a specific desktop configuration for a group of users (for

example, programs available to users, programs that appear on

the user's desktop, Start menu options).

Group Policy (pre-

GPMC)

Install hardware and manage hardware-related issues. Hardware

Secure and manage user accounts and groups stored locally on a

computer.

Local Users and

Groups

Create, save, and open administrative tools (in the form of snap-

ins) that manage hardware, software, and network components of

a local or remote computer, or multiple computers.

Microsoft

Management

Console

Manage how a computer connects to the network. Network

Connections

Overview

View or edit configuration information on a computer. The Registry

On local or remote computers: display system configuration

information, such as hardware configurations, computer

components, installed software, and driver information.

System

Information

View and change system properties on a local or remote

computer.

System Properties

68

Manage user profiles. User profiles

overview

INSTALLATION OF SOFTWARES BY DOMAIN USERS

In a network, it is important to give certain rights to the domain users by the

administrator. It is necessary to give some powers to the domain users so that they can

install softwares required and execute them. This can be done by:

-Adding domain users to the ―Administrator‖ group

My Computer Manage Local users and Groups Groups Administrators

Add Advanced Find Now Select the domain users

This method isn‘t that secured since it gives all administrative powers to the domain

users.

-Adding domain users to ―Power Users‖ group

My Computer Manage Local users and Groups Groups Power Users

Add Advanced Find Now Select the domain users

This method is better but while softwares installation, administrator password will be

asked or run as own user option can be used for a power user.

Also a Power User cannot change the name of any local drive or any modifications if

NTFS permissions are not given.

REGISTRY EDITOR

Registry editor is a very sensitive part of the Operating System. It is an advanced tool

for viewing and changing settings in system registry, which contains information about

how computer runs. Windows stores its configuration information in a database, known

as the registry, that is organized in a tree format. Although Registry Editor enables us to

inspect and modify the registry, normally we do not need to do so, and making

incorrect changes can break our system. An advanced user who is prepared to both edit

and restore the registry can safely use Registry Editor for such tasks as eliminating

duplicate entries or deleting entries for programs that have been uninstalled or deleted.

While this simplifies the administration of a computer or network, one incorrect edit to

the registry can disable the operating system.

69

To open Registry Editor

Click Start, click Run, type regedit, and then click OK.

Before making changes to the registry, make a backup copy.

We can back up the registry by using a program such as Backup. For

troubleshooting purposes, keep a list of the changes you make to the registry.

Edit the registry carefully.

Incorrectly editing the registry may severely damage your system.

Limit the number of people who have access to the registry.

For example, because members of the Administrators group have full access to

the registry, add only users who need such access to the Administrators group.

Alternately, you can use Registry Editor to set permissions for specific keys and

subtrees, or simply remove Registry Editor from the computers of users whom

you do not want to alter the registry.

Never leave Registry Editor running unattended.

Do not run Registry Editor as Administrator, except when necessary.

A malicious user who has access to Registry Editor running as Administrator

can cause severe damage to the operating system and software. Only run

Registry Editor as Administrator if you need to see or change keys that you

cannot otherwise access.

Do not access HKEY_CURRENT_USER or HKEY_CLASSES_ROOT using

services that impersonate more than one user.

HKEY_CURRENT_USER and HKEY_CLASSES_ROOT are aliases for other

keys in the registry. For example, HKEY_CURRENT_USER is an alias for the

key in HKEY_USERS for the user who is currently logged in. If a service

accesses one of these keys while running as one user, and again while running

as another user, the operating system might still have the alias data cached from

the first user. If this happens, an error will result because the second user will

not have access rights for keys belonging to the first user.

The registry editor has following entries:

HKEY_LOCAL_MACHINE

Contains information about the local computer system, including hardware and

operating system data such as bus type, system memory, device drivers, and

startup control data.

70

HKEY_CLASSES_ROOT

Contains information used by various OLE technologies and file-class

association data. A particular key or value exists

in HKEY_CLASSES_ROOT if a corresponding key or value exists in

either HKEY_LOCAL_MACHINE\SOFTWARE\Classes or HKEY_CURREN

T_USER\SOFTWARE\Classes. If a key or value exists in both places,

the HKEY_CURRENT_USER version is the one that appears

in HKEY_CLASSES_ROOT.

HKEY_CURRENT_USER

Contains the user profile for the user who is currently logged on interactively

(as opposed to remotely), including environment variables, desktop settings,

network connections, printers, and program preferences. This subtree is an alias

of the HKEY_USERS subtree and points to HKEY_USERS\security ID of

current user.

HKEY_USERS

Contains information about actively loaded user profiles and the default profile.

This includes information that also appears in HKEY_CURRENT_USER.

Users who are accessing a server remotely do not have profiles under this key

on the server; their profiles are loaded into the registry of their own computers.

HKEY_CURRENT_CONFIG

Contains information about the hardware profile used by the local computer

system at startup. This information is used to configure settings such as the

device drivers to load and the display resolution to use. This subtree is part of

the HKEY_LOCAL_MACHINE subtree and points to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Hardware

Profiles\Current.

GROUP POLICY

Group Policy settings define the various components of the user's desktop environment

that a system administrator needs to manage, for example, the programs that are

available to users, the programs that appear on the user's desktop, and options for

the Start menu. To create a specific desktop configuration for a particular group of

users, use Group Policy Object Editor. Group Policy settings that you specify are

contained in a Group Policy object, which is in turn associated with selected Active

Directory® objects--sites, domains, or organizational units.

Group Policy applies not only to users and client computers, but also to member

servers, domain controllers, and any other Microsoft® Windows® 2000 computers

within the scope of management. By default, Group Policy that is applied to a domain

(that is, applied at the domain level, just above the root of Active Directory Users and

Computers) affects all computers and users in the domain.

71

With Group Policy we can do the following:

Manage registry-based policy with Administrative Templates. Group Policy

creates a file that contains registry settings that are written to the User or Local

Machine portion of the registry database. User profile settings that are specific

to a user who logs on to a given workstation or server are written to the registry

under HKEY_CURRENT_USER (HKCU), and computer-specific settings are

written under HKEY_LOCAL_MACHINE (HKLM).

Assign scripts. This includes such scripts as computer startup, shutdown, logon,

and logoff.

Redirect folders. You can redirect folders, such as My Documents and My

Pictures, from the Documents and Settings folder on the local computer to

network locations.

Manage applications. With Group Policy you can assign, publish, update, or

repair applications by using Group Policy Software Installation.

Specify security options.

BACK UP

1. WINTERNAL ERD COMMANDER

The Winternal ERD Commander is a software that can be used to take backup of a

corrupted OS hard disk. It is a bootable CD that allows for connection of external hard

drive also. Even if OS is corrupt, the CD boots and the data in local hard drives (D, E,

and F) can be backed up onto the external hard drive.

2. ASR BACK UP

ASR sets should be created on a regular basis as part of an overall plan for system

recovery in case of system failure. ASR should be a last resort in system recovery, used

only after you have exhausted other options such as Safe Mode Boot and Last Known

Good Configuration. Automated System Recovery (ASR) is a two part system

recovery, ASR backup and ASR restore.

The backup portion is accomplished through the ASR wizard located in Backup

(Start All programs Accessories System tools Backup). The wizard backs

up the system state, system services and all disks associated with the operating system

components. At the end, it asks for a floppy drive. This floppy drive now contains

72

information about the backup, the disk configurations (including basic and dynamic

volumes) and how to accomplish a restore.

The restore part is accessed by hitting F2 when prompted for ASR backup during setup

from Windows XP installation CD. Enter the floppy when it is prompted for. ASR will

read the disk configurations from the floppy and restore all of the disk signatures,

volumes and partitions on, at a minimum, the disks required to boot up. (It will attempt

to restore all of the disk configurations, but under some circumstances, it may not be

able to). ASR then installs a simple installation of and automatically starts a restore

from backup using the backup created by the ASR wizard.

3. MASTER-SLAVE METHOD

When a hard disk gets corrupted due to some bad sector, then ―Master-Slave‖ method

can be used to create backup of the damaged hard disk. In this method, the damaged

hard disk is inserted in another CPU with its own master hard disk (running properly)

and the jumper settings of that CPU are changed to make sure that damaged hard disk is

‗slave‘ while running hard disk is ‗master‘. In this way, booting takes place with the

master hard disk with all the contents of damaged hard disk (slave) available as further

local hard disk drives and thus the backup of damaged hard disk can be taken.

TROUBLESHOOTING

Whenever a problem occurs, the following troubleshooting process must be followed:

Step 1: Identify the problem

Begin gathering information

Ask questions

What is the nature of the problem

Is there a specific error message?

Identifying changes to a computer

Determine last major change

Don‘t forget about history

Examine logs

Windows Event Viewer

Application event logs

BIOS event log

Step 2: Analyze the problem and determine potential causes

Software or hardware problem?

73

It‘s not always so obvious

Make a list of all possible causes (how long will it take, etc.)

Set expectations

Plan for contingencies (bring all hardware or software with you)

There are often people and dollars on the line

Step 3: Test related components

Visual inspection

Connections (power cords, cables)

Hardware / software configurations (Eg. Is USB enabled and

configured)

Device manager

Vendor documentation (websites)

Step 4: Evaluate results

Questions often create more questions

Take additional steps, if needed

Consultation

Use of alternate resources

Manuals

Step 5: Document the outcome

Don't lose valuable information

Create a knowledge base

Differential diagnosis on operating system problems

Break the cycle into three components:

- System startup (operating system starts to load and it ends when control is

turned over to the user)

- The operating phase (the user and the operating system can use the

environment.)

- System shutdown - a shutdown command is given—or occurs unexpectedly .

Startup Issues

- No OS loading is often a hardware problem or difficulty related to new drivers

or software.

- Identify changes made in OS or the components contained within the computer.

74

- Get copies of the system configuration, emergency startup, recovery disks,

backups of core system files.

- Look for possible virus .

Operational Issues

- Applications, network connections, or system services that do not work are

usually isolated problems.

- If the device attached to the system is not working, it may be related to a

specific driver or a conflict with another device.

- Erratic problems during operation that cannot be directly pinpointed to a

specific application or device can be more difficult to diagnose.

Shutdown Issues

Computers can:

- Unexpectedly hang during normal operation

- Restart mode without warning

- Refuse to close when a proper shutdown

These types of problems stem from:

- Faulty device drivers

- Runaway system processes or applications, memory management problems

- Hardware problems.

Solutions for the above issues:

- Safe mode loads the OS with minimal set of drivers

- If the hard disk is still functional, you may attempt to start the system in

command mode.

- Press F8 just after the POST to get in to menu where you can get different

option to boot the system

- Safe mode offers access to a wider variety of tools to help isolate and repair

problems.

- Use safe mode or find another way to actually gain entry into the Windows

operating environment and run these tools.

- Most of these tools are available by clicking either

Start\Programs\Accessories\System Tools,

Start\Programs\Accessories\Administrative Tools, or via the Control Panel.

Some require command mode access.

- Use computer management, device manager, system configuration utility tools.

- Shutting down Windows improperly can leave a system in an unstable state and

corrupt important files.

75

- System hangs during shutdown due to an application that is not properly

releasing control or a runaway process.

- Two of the most valuable tools for resolving these problems are:

1. Selective startup

Selectively choose which options are installed on the system

during operation. This way you can help isolate the problem.

If a feature is disabled and the system begins to shut down

normally,

The exact action will vary on what is wrong with it.

2. The Windows Task Manager.

We can access this utility by pressing Ctrl+Alt+Del

It offers three tabs: Applications, Processes, and Performance.

Task Manager lets us see which applications are running.

If some application is causing a problem, close it and observe the relative

change in system resources.

REMOTE ASSISTANCE

Remote assistance can be used to troubleshoot any problems occurring in the computer

system. Only one user can be given assistance at a time. An invitation file RA has to be

prepared first. The following steps can be undertaken:

- Press F1 and select ―Ask for assistance‖

- Invite a friend to connect to your computer with Remote Assistance.

- Click ‗Invite someone to help you‘ and select ‗Save Invitation as a file‘.

- Enter the name, invitation time and password. Then save this invitation file on

desktop.

- Put this file in a folder and then share it by giving password to the user, via

email.

- The expert accepts the remote assistance request by entering password and yes.

- The ―Attempting to Start Remote Assistance Session with user‖ box appears.

Thus, remote assistance has now begun. Only chatting is possible in this case, users

cannot do anything but taking control is also possible.

76

BIBLIOGRAPHY

1. Wikipedia

2. www.esnips.com

3. www.firewall.cx

4. technet.microsoft.com

5. CISCO CCNA network guide

6. Notes from Mr.Hemant Chatterjee