When You Connect to the Internet, You

8/14/2019 When You Connect to the Internet, You

1/34

DSL

When you connect to the Internet, you might connectthrough a regularmodem, through a local-area network

connection in your office, through a cable modem or

through a digital subscriber line (DSL) connection. DSL

is a very high-speed connection that uses the same wires as

a regular telephone line.

To understand DSL, following things must be known

about a normal telephone line -- the kind that telephoneprofessionals call POTS, for Plain Old Telephone Service.

One of the ways that POTS makes the most of the

telephone company's wires and equipment is by limiting

the frequencies that the switches, telephones and other

equipment will carry. Human voices, speaking in normal

conversational tones, can be carried in a frequency range of

0 to 3,400 Hertz. This range of frequencies is tiny. Forexample, compare this to the range of most stereo speakers,

which cover from roughly 20 Hertz to 20,000 Hertz. And

the wires themselves have the potential to handle

frequencies up to several million Hertz in most cases. The

use of such a small portion of the wire's total bandwidth is

historical -- remember that the telephone system has been

in place, using a pair of copper wires to each home, for

about a century. By limiting the frequencies carried overthe lines, the telephone system can pack lots of wires into a

very small space without worrying about interference

between lines. Modern equipment that sends digital rather

than analog data can safely use much more of the telephone
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/cable-modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/speaker.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/cable-modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/speaker.htm


2/34

line's capacity. DSL does just that. At the customer's

location there is a DSL transceiver, which may also

provide other services. The DSL service provider has a

DSL Access Multiplexer (DSLAM) to receive customerconnections.

DSL Transceiver

Most residential customers call their DSL transceiver a

"DSL modem." The engineers at the telephone company or

ISP call it an ATU-R. Regardless of what it's called, it's the

point where data from the user's computer or network is

connected to the DSL line. The transceiver can connect to acustomer's equipment in several ways, though most

residential installation uses USB or 10 base-T Ethernet

connections. While most of the ADSL transceivers sold by

ISPs and telephone companies are simply transceivers, the

devices used by businesses may combine networkrouters,

network switches or other networking equipment in the

same platform.

DSLAM

The DSLAM at the access provider is the equipment that

really allows DSL to happen. A DSLAM takes connections

from many customers and aggregates them onto a single,

high-capacity connection to the Internet. DSLAMs are

generally flexible and able to support multiple types of

DSL in a single central office, and different varieties of

protocol and modulation in the same type of DSL. In

addition, the DSLAM may provide additional functions
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/usb.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/ethernet.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/router.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/usb.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/ethernet.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/router.htm


3/34

including routing or dynamic IP address assignment for the

customers.

The DSLAM provides one of the main differences between

user service through ADSL and through cable modems.Because cable-modem users generally share a network loop

that runs through a neighborhood, adding users means

lowering performance in many instances. ADSL provides a

dedicated connection from each user back to the DSLAM,

meaning that users won't see a performance decrease as

new users are added -- until the total number of users

begins to saturate the single, high-speed connection to theInternet. At that point, an upgrade by the service provider

can provide additional performance for all the users

connected to the DSLAM.

The copper wires have lots of room for carrying more than

your phone conversations -- they are capable of handling a

much greater bandwidth, or range of frequencies, than that

demanded for voice. DSL exploits this "extra capacity" tocarry information on the wire without disturbing the line's

ability to carry conversations. The entire plan is based on

matching particular frequencies to specific tasks.
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question549.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/cable-modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question549.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/cable-modem.htm


4/34

SECURITY

Wireless communications obviously provide potential

security issues, as an intruder does not need physical access

to the traditional wired network in order to gain access to

data communications. However, 802.11 wireless

communications cannot be received --much less decoded--by simple scanners, short wave receivers etc. This has led

to the common misconception that wireless

communications cannot be eavesdropped at all. However,

eavesdropping is possible using specialist equipment.


5/34

To protect against any potential security issues, 802.11

wireless communications have a function called WEP

(Wired Equivalent Privacy), a form of encryption which

provides privacy comparable to that of a traditional wirednetwork. If the wireless network has information that

should be secure then WEP should be used, ensuring the

data is protected at traditional wired network levels.

Also it should be noted that traditional Virtual Private

Networking (VPN) techniques will work over wireless

networks in the same way as traditional wired networks.

Advantages of DSL:

Internet connection can be left open and still the phone

line can be used for voice calls.

The speed is much higher than a regular modem (1.5

Mbps vs. 56 Kbps) DSL doesn't necessarily require new wiring; it can use

the existing phone line.

The company that offers DSL will usually provide the

modem as part of the installation.

Disadvantages of DSL: A DSL connection works better when the user is

closer to the provider's central office.

The connection is faster for receiving data than it is for

sending data over the Internet.


6/34

XDSL

Digital- means a line able to carry data traffic in its

original form, as opposed to analogue (see below)

Subscriber Line - the line connecting the individual

subscriber (eg a household) to the local exchange

Analogue - the phone lines we have used for voice

phone calls until today have been analogue lines and

we have used MoDems (Modulator-Demodulator) to

convert the digital output of the computer to analogueform for transmission and back into digital form at the

other end for use by the computer. The performance of

conventional modems and analogue lines has

restricted bandwidth - the speeds at which computers

can be connected across the phone network and the

capacity of the networks to handle traffic.

The use of digital lines makes transmission of computer

information faster and more reliable. It also allows much

faster connect and disconnect, eliminating the slow process

required for modems to establish a connection and start

handling traffic. Over time its expected that all future

telephony will be digital

The cables connecting most households to the phonenetwork are mainly simple twisted pair copper wires, which

have only been able to carry analogue traffic. Modem

speeds have gradually increased through the use of various

compression and other techniques,but at today's fastest (56


7/34

kilobits per second (kbps) they are approaching the

theoretical limit for this technology.

DSL technology enables much higher speeds across the

twisted pair lines from the exchange to the home. Speedsup to 2 Megabits per second are readily achievable - 30 or

more times faster than today's fastest modems. This means

that consumers and teleworkers can use applications that

need these higher speeds even if their town or village

doesn't have new, high performance cable networks. DSL

has its own kind of "modems". Also, the technology allows

the network to manage traffic rather than allocatingcomplete end-to-end circuits, so that from the user

perspective it can appear that the data connection is

"always on". xDSL deployment to homes will make it

easier for Internet connections can be sold on a fixed rate

"per month" basis rather than per minute, encouraging

wider and more intensive use of Internet, e-commerce,

teleworking etc. The various flavors of xDSL are: Asymmetric DSL (ADSL) - It is called "asymmetric"

because the download speed is greater than the upload

speed. ADSL works this way because most Internet

users look at, or download, much more information

than they send, or upload.

High bit-rate DSL (HDSL) - Providing transfer rates

comparable to a T1 line (about 1.5 Mbps), HDSLreceives and sends data at the same speed, but it

requires two lines that are separate from your normal

phone line.
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question372.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question372.htm


8/34

ISDN DSL (ISDL) - Geared primarily toward existing

users of Integrated Services Digital Network (ISDN),

ISDL is slower than most other forms of DSL,

operating at fixed rate of 144 Kbps in both directions.The advantage forISDN customers is that they can

use their existing equipment, but the actual speed gain

is typically only 16 Kbps (ISDN runs at 128 Kbps).

Multirate Symmetric DSL (MSDSL) - This is

Symmetric DSL that is capable of more than one

transfer rate. The transfer rate is set by the service

provider, typically based on the service (price) level.

Rate Adaptive DSL (RADSL) - This is a popularvariation of ADSL that allows the modem to adjust the

speed of the connection depending on the length and

quality of the line.

Symmetric DSL (SDSL or SHDSL) - Like HDSL,

this version receives and sends data at the same speed.

While SDSL also requires a separate line from your

phone, it uses only a single line instead of the twoused by HDSL.

Very high bit-rate DSL (VDSL) - An extremely fast

connection, VDSL is asymmetric, but only works over

a short distance using standard copper phone wiring.

Voice-over DSL (VoDSL) - A type ofIP telephony,

VoDSL allows multiple phone lines to be combined

into a single phone line that also includes data-

transmission capabilities.

The chart below provides a comparison of the various DSL

technologies:
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question372.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/ip-telephony.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/question372.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/ip-telephony.htm


9/34

DSLType

Maximum

SendSpeed

Maximum

ReceiveSpeed MaximumDistance LinesRequired PhoneSupport

ADSL 1 Mbps 8 Mbps18,000 ft

(5,500 m)1 Yes

HDSL1.54

Mbps

1.54

Mbps

12,000 ft

(3,650 m)2 No

IDSL 144 Kbps 144 Kbps

35,000 ft

(10,700m)

1 No

MSDSL 2 Mbps 2 Mbps29,000 ft

(8,800 m)1 No

RADSL 7 Mbps 1 Mbps18,000 ft

(5,500 m)1 Yes

SDSL 2.3 Mbps 2.3 Mbps 22,000 ft(6,700 m)

1 No

VDSL 52 Mbps 16 Mbps4,000 ft

(1,200 m)1 Yes

ADSL - Asymmetric Digital Subscriber Line

Asymmetric means that a higher speed is available from theexchange to the user (downstream) and a slower speed

from the user to the exchange (upstream) . For example the

user can download web pages or videos at high speed, but

can only send at a significantly lower speed. Capability


10/34

varies with distance - up to 9 Mbps downstream can be

supported up to one mile from an exchange and 2 Mbps up

to three miles. 64 kbps is the usual upstream speed. ADSL

can operate in parallel with conventional analogue voicetelephony over the same line. It is ideal for web

applications.

SHDSL - High speed Digital Subscriber Line

This has been in use for some years in some countries toprovide broad band facilities to business premises (leased

line) i.e. data is transmitted over single copper pair.,

providing 2 .3 Mbps as upstream and downstream speed

across up to 7.1 km of distance. It does not support voice.

VDSL - Very high speed Digital Subscriber Line

VDSL is a new technology not expected to be in use in

public networks for some years. Its expected to provide

speeds as high as 52 Mbps downstream and between 1.5

and 2.3 Mbps upstream, but over shorter distances than

ADSL - 1.3 km at 13 Mbps and 0.3 km at 52 Mps. Note

that by deploying higher performance lines from exchanges

to street cabinets, these speeds could be delivered to more

homes.


11/34

Circuit Switching WANs

(ISDN)

Integrated Services Digital Network (ISDN) is digital

service that is designed to run over existing telephone

networks. ISDN can support both data and voicea

telecommuters dream. But ISDN applications require

bandwidth.

Typical ISDN applications and implementations include

high-speed image applications

high-speed file transfer, videoconferencing, and multiple

links into homes of telecommuters. ISDN is actually a set

of communication protocols proposed by telephone

companies that allows them to carry a group of digital

services that simultaneously convey data, text, voice,music, graphics, and video to end users; it was designed to

achieve this over the telephone systems already in place.

ISDN is referenced by the OSI models Physical, Data

Link, and Network layers. The ISDN standards define the

hardware and call-setup schemes for end-to-end digital

connectivity. PPP is typically used with ISDN to provide

data encapsulation, link integrity, and authentication.

These are the benefits of ISDN:

It can carry voice, video, and data

simultaneously.

Call setup is faster than with a modem.


12/34

Data rates are faster than on a modem connection

Full-time connectivity across the ISDN is

spoofed by the Cisco IOS routers using dial-on-

demand routing (DDR). Small office and home office sites can be

economically supported with ISDN Basic Rate

Interface (BRI) services.

ISDN can be used as a backup service for a

leased-line connection between the remote and

central offices.

Basic Rate Interface (BRI)

ISDN BRI service, also known as 2B+1D, provides two B

channels and one D channel. The BRI B-channel service

operates at 64Kbps and carries data, whereas the BRI D-

channel service operates at 16Kbps and usually carries

control and signaling information. The total bandwidth for

ISDN BRI is then 144k (64 + 64 + 16 = 144).

Primary Rate Interface (PRI)

In North America and Japan, the ISDN PRI service (also

known as 23B+D1) delivers 23 64Kbps B channels and one

64Kbps D channel, for a total bit rate of up to 1.544Mbps.

In Europe, Australia, and other parts of the world, ISDN

provides 30 64Kbps B channels and one 64Kbps D

channel, for a total bit rate of up to 2.048Mbps.


13/34

Packet Switched WANs

(VPN)

The Packet Switched WAN appeared in the 1960's, and

defined the basis for all communication networks today.

The principle in Packet Switched Data Network (PSDN) is

that the data between the nodes is transferred in small

packets. This principle enables the PSDN to allow one node

to be connected to more than one other node through one

physical connection. That way, a fully connected network,between several nodes, can be obtained by connecting each

node to one physical link, as shown in the figure below.


14/34

Another advantage for Packet Switching was the efficient

use of resources by sharing the Network bandwidth among

the users (instead of dividing).

The first communication Packet Switched Networks werebased on the X.25packet switching protocol. X.25

networks became the de facto standard for non permanent

data communication and was adopted by most PTT's.X.25

networks enabled cheaper communication, since their tariff
http://www2.rad.com/networks/1994/packet/packet.htmhttp://www2.rad.com/networks/1994/packet/packet.htm


15/34

was based on the communication time and the amount of

data transferred. X.25 networks used the PTT's

transmission networks more efficiently since the bandwidth

was released at the end of the connection, or when no datawas transmitted. Another advantage of X.25 was that it

allowed easy implementation of international connections

enabling organizations to be connected to data centers and

services throughout the world. By the 1980's, X.25

networks were the main international channel for

commercial data communication.

As the popularity of the Internet grew, businesses turned to

it as a means of extending their own networks. First cameintranets, which are password-protected sites designed for

use only by company employees. Now, many companies

are creating their own VPNs (Virtual Private Networks)

to accommodate the needs of remote employees and distant

offices. Basically, a VPN is a private network that uses a

public network (usually the Internet) to connect remote

sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses "virtual"

connections routed through the Internet from the company's

private network to the remote site or employee.

There are basically two types of VPNs :

Remote-Access: Also called a Virtual Private Dial-

up Network (VPDN), this is a User-to-LANconnection used by a company that has employees

who need to connect to the private network from

various remote locations. Typically, a corporation that

wishes to set up a large Remote-Access VPN will
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/router.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/router.htm


16/34

outsource to an Enterprise Service Provider (ESP).

The ESP sets up a Network Access Server (NAS) and

provides the remote users with desktop client software

for their computers. The telecommuters can then dial a1-800 number to reach the NAS and use their VPN

client software to access the corporate network. A

good example of a company that needs a Remote-

Access VPN would be a large firm with hundreds of

sales people in the field. Remote-Access VPNs permit

secure, encrypted connections between a company's

private network and remote users through a third-party

service provider. Site-to-Site: Through the use of dedicated equipment

and large-scale encryption, a company can connect

multiple fixed sites over a public network such as the

Internet. Site-to-Site VPNs can be either:

o Intranet-based: If a company has one or

more remote locations that they wish to joinin a single private network, they can create

an intranet VPN to connect LAN to LAN.

o Extranet-based: When a company has a

close relationship with another company (for

example, a partner, supplier or customer),

they can build an extranet VPN that

connects LAN to LAN, and that allows all

of the various companies to work in a sharedenvironment.
http://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/modem.htmhttp://c/Documents%20and%20Settings/Administrator/My%20Documents/My%20Webs/how%20stuff%20works/HSW/modem.htm


17/34

VPN security

Each remote member of your network can communicate in

a secure and reliable manner using the Internet as the

medium to connect to the private LAN. A VPN can grow toaccommodate more users and different locations much

easier than a leased line. In fact, scalability is a major

advantage that VPNs have over typical leased lines. Unlike

leased lines where the cost increases in proportion to the

distances involved, the geographic locations of each office

matter little in the creation of a VPN.

Firewalls - A firewall provides a strong barrier

between your private network and the Internet.

Firewalls can be set to restrict the number of open

ports, what type of packets are passed through and

which protocols are allowed through. Some VPN

products, can be upgraded to include firewall

capabilities by running the appropriate IOS on them.

A good firewall should be available in place beforeimplementing a VPN, but a firewall can also be used

to terminate the VPN sessions.

Encryption - This is the process of taking all the data

that one computer is sending to another and encoding

it into a form that only the other computer will be able

to decode. Most computer encryption systems belong

in one of two categories:o Symmetric-key encryption

o Public-key encryption

In symmetric-key encryption, each computer has a secret

key (code) that it can use to encrypt a packet of information


18/34

before it is sent over the network to another computer.

Symmetric-key requires that you know which computers

will be talking to each other so you can install the key on

each one. Symmetric-key encryption is essentially the sameas a secret code that each of the two computers must know

in order to decode the information. The code provides the

key to decoding the message. Think of it like this: You

create a coded message to send to a friend in which each

letter is substituted with the letter that is two down from it

in the alphabet. So "A" becomes "C," and "B" becomes

"D". You have already told a trusted friend that the code is

"Shift by 2". Your friend gets the message and decodes it.Anyone else who sees the message will see only nonsense.

Public-key encryption uses a combination of a private key

and a public key. The private key is known only to your

computer, while the public key is given by your computer

to any computer that wants to communicate securely with

it. To decode an encrypted message, a computer must usethe public key, provided by the originating computer, and

its own private key. A very popular public-key encryption

utility is called Pretty Good Privacy (PGP), which allows

you to encrypt almost anything.


19/34

The Host-to-Host Layer Protocols

The main purpose of the Host-to-Host layer is to shield theupper-layer applications from the

complexities of the network.

The following are the two main protocols at this layer:

o Transmission Control Protocol (TCP)

o User Datagram Protocol (UDP)

Transmission Control Protocol (TCP)

TCP takes large blocks of information from an application

and breaks them into segments. It

numbers and sequences each segment so that the

destinations TCP can put the segments backinto the order that the application intended. After these

segments are sent, TCP (on the transmitting host) waits for

an acknowledgment of the receiving ends TCP virtual

circuit session, retransmitting those that arent

acknowledged.

Before a transmitting host starts to send segments down the

model, the senders TCP contactsthe destinations TCP to establish a connection. What is

created is known as a virtual circuit.This type of communication is called connection-oriented.

During this initial handshake, the


20/34

two TCP layers also agree on the amount of information

thats going to be sent before the recipients TCP sends

back an acknowledgment. With everything agreed upon in

advance, the path is paved for reliable communication totake place.

TCP is a full-duplex, connection-oriented, reliable, and

accurate protocol, but establishing

all these terms and conditions, in addition to error

checking, is no small task. TCP is very complicated and,

not surprisingly, costly in terms of network overhead. And

since todays networks are much more reliable than those

of yore, this added reliability is often unnecessary.

User Datagram Protocol (UDP)

If UDP is compared with TCP, then it will be observed

that UDP is basically the scaled-down economy model

thats sometimes referred to as a thin protocol. A thinprotocol doesnt take up much bandwidth on a network.

UDP doesnt offer all the bells and whistles of TCP, but it

does do a fabulous job of transporting information that

doesnt require reliable deliveryand it does so using far

fewer network resources.

There are some situations where it would definitely be wise

for developers to opt for UDP

rather than TCP.

SNMP monitors the network, sending intermittent

messages and a fairly steady flow of status


21/34

updates and alerts, especially when it is running on a large

network. The cost in overhead to

establish, maintain, and close a TCP connection for each

one of those little messages wouldreduce what would be an otherwise healthy, efficient

network to a dammed-up bog in no time.

Another circumstance calling for UDP over TCP is when

reliability is already handled at the

Process/Application layer. NFS handles its own reliability

issues, making the use of TCP both

impractical and redundant. But ultimately, its up to theapplication developer who decides

whether to use UDP or TCP, not the user who wants to

transfer data faster.

UDP does notsequence the segments and does not care inwhich order the segments arrive

at the destination. But after that, UDP sends the segments

off and forgets about them. Itdoesnt follow through, check up on them, or even allow

for an acknowledgment of safe

arrivalcomplete abandonment. Because of this, its

referred to as an unreliable protocol.

This does not mean that UDP is ineffective, only that it

doesnt handle issues of reliability.

Further, UDP doesnt create a virtual circuit, nor does it

contact the destination before delivering information to it.

Because of this, its also considered a connectionless

protocol. Since UDP assumes that the application will use

its own reliability method, it doesnt use any. This gives an

application developer a choice when running the IP stack:


22/34

they can choose TCP for reliability or UDP for faster

transfers.

The Internet Layer Protocols

In the DoD model, there are two main reasons for the

Internet layers existence: routing, and

providing a single network interface to the upper layers.

None of the other upper- or lower-layer protocols have anyfunctions relating to routing

that complex and important task belongs entirely to the

Internet layer. The Internet layers second duty is to

provide a single network interface to the upper-layer

protocols. Without this layer, application programmers

would need to write hooks into every one of their

applications for each different Network Access protocol.

This would not only be a pain in the neck, but it would leadto different versions of each applicationone for Ethernet,

another one for Token Ring, and so on. To prevent this, IP

provides one single network interface for the upper-layer

protocols. That accomplished, its then the job of IP and the

various Network Access protocols to get along and work

together. All network roads dont lead to Romethey lead

to IP. And all the other protocols at this layer, as well as allthose in the upper layers, use it. Never forget that. Let me

say it again: all paths through the DoD model go through

IP.


23/34

The following are the protocols at the Internet layer:

o Internet Protocol (IP)

o Internet Control Message Protocol (ICMP)

o Address Resolution Protocol (ARP)o Reverse Address Resolution Protocol (RARP)

Internet Protocol (IP)

IP essentially is the Internet layer. The other protocols

found here merely exist to support it. IP

holds the big picture and could be said to see all, in that

its aware of all the interconnected

networks. It has this ability because all the machines on the

network have a software, or logical, address called an IP

address.

IP looks at each packets address. Then, using a routing

table, it decides where a packet is to

be sent next, choosing the best path. The protocols of the

Network Access layer at the bottomof the DoD model dont possess IPs enlightened scope of

the entire network; they deal only with physical links (local

networks).

IP receives segments from the Host-to-Host layer and

fragments them into datagrams (packets)

if necessary. IP then reassembles datagrams back into

segments on the receiving side. Eachdatagram is assigned the IP address of the sender and of the

recipient. Each router (Layer 3

device) that receives a datagram makes routing decisions

based on the packets destination IP

address.


24/34

IP ADDRESSING SCHEME

AnIP addressis a numeric identifier that is assigned to

each machine on an IP network, and it designates the

specific location of a device on that network. An IP address

is a software address, not a hardware addressthe latter is

hardcoded on a network interface card (NIC) and is used

for finding hosts on a local network. IP addressing was

designed to allow a host on one network to communicatewith a host on a different network, regardless of the type of

LANs the hosts are articipating in.

IP Terminology

The following are several important terms vital to your

understanding of the Internet Protocol (IP):

Bit

A bit is one digit; either a 1 or a 0.

Byte

A byte is 7 or 8 bits, depending on whether parity is used.

For the rest of this section,

always assume a byte is 8 bits.

Octet

An octet, made up of 8 bits, is just an ordinary 8-bit binary

number. In this chapter, the


25/34

Terms byte and octetare completely interchangeable.

Network address

The network address is the designation used in routing tosend packets to a

remote networkfor example, 10.0.0.0, 172.16.0.0, and

192.168.10.0.

Broadcast address

This type of address is used by applications and hosts to

send information

to all nodes on a network. Examples include255.255.255.255, which is all networks, all nodes;

172.16.255.255, which is all subnets and hosts on network

172.16.0.0; and 10.255.255.255, which broadcasts to all

subnets and hosts on network 10.0.0.0.

The Hierarchical IP Addressing Scheme

An IP address consists of 32 bits of information. These bits

are divided into four sections,

referred to as octets or bytes, and each contains 1 byte (8

bits). IP address can be depicted by using one of three

methods:

Dotted-decimal, as in 172.16.30.56

Binary, as in

10101100.00010000.00011110.00111000

Hexadecimal (hex for short), as in AC.10.1E.38


26/34

All these examples represent the same IP address. Hex isnt

used as often as dotted-decimal or binary when IP

addressing is being discussed,Butsometimes an IP address

is stored in hex in some programs. The Windows Registryis a good example of a program that stores a machines IP

address in hex.

The 32-bit IP address is a structured or hierarchical address,

as opposed to a flat or nonhierarchical address. Although

either type of addressing scheme can be used, it is

advisable to use hierarchical addressing. The advantage of

using a hierarchical address is that it can handle a largenumber of addresses, namely 4.3 billion (a 32-bit address

space with two possible values for each positioneither 0

or 1gives 232, or 4,294,967,296).

The disadvantage of the flat addressing scheme and the

reason its not used for IP addressing relates to routing. If

every address were unique, all routers on the Internet wouldneed to store the address of every machine on the Internet.

This would make efficient routing impossible, even if only

a fraction of the possible addresses were used.This problem

can be solved by using a two- or three-level hierarchical

addressing scheme that is structured by network and host,

or network, subnet, and host.

This two- or three-level scheme is comparable to a

telephone number. In a phone number,

the first section, the area code, designates a very large area.

The second section, the prefix,

narrows the scope to a local calling area. The final segment,

the customer number, zooms in on the specific connection.


27/34

IP addresses use the same type of layered structure. Rather

than all 32 bits being treated as a unique identifier, as

would be the case in flat addressing, a part of the address is

designated as the network address, and the other part isdesignated as either the subnet and host, or just the host

address.

Network Addressing

The network address(also called network number)

uniquely identifies each network. Every machine on the

same network shares that network address as part of its IP

address. In the IP address 172.16.30.56, for example,172.16 is the network address.

The node address is assigned to, and uniquely identifies,

each machine on a network. This

part of the address must be unique because it identifies a

particular machinean individualas opposed to a

network, which is a group. This number can also bereferred to as a host address. In the sample IP address

172.16.30.56, 30.56 is the node address.

The designers of the Internet decided to create classes of

networks based on network size. For the small number of

networks that possess a very large number of nodes, they

created the Class A network. At the other extreme is the

Class C network, which is reserved for the numerous

networks with a small number of nodes. The class

distinction for networks between very large and very small

is predictably called the Class B network.


28/34

How an IP address should be subdivided into a network and

node address is determined by

the class designation of the network.

Summary of the three classes of networks

To ensure efficient routing, Internet designers defined a

mandate for the leading-bits section of the address for each

different network class. For example, since a router knows

that a Class A network address always starts with a 0, therouter might be able to speed a packet on its way after

reading only the first bit of its address. This is where the

address schemes define the difference between a Class A,

Class B, and Class C address.


29/34

Routers and Layer 3 Switching: While most switches

operate at the Data layer (Layer 2) of the OSI Reference

Model, some incorporate features of a router, and operate at

the Network layer (Layer 3) as well. In fact, a Layer 3switch is incredibly similar to a router.

When a router receives a packet, it looks at the Layer 3

(Network Layer) source and destination addresses to

determine the path the packet should take. A standard

switch relies on the MAC addresses to determine the source

and destination of a packet, which is Layer 2 (Data)networking.

The fundamental difference between a router and a Layer 3

switch is that Layer 3 switches have optimized hardware to

pass data as fast as Layer 2 switches, yet they make

decisions on how to transmit traffic at Layer 3, just like a

router. Within the LAN environment, a Layer 3 switch is

usually faster than a router because it is built on switchinghardware. In fact, many of Cisco's Layer 3 switches are

actually routers that operate faster because they are built on

"switching" hardware with customized chips inside the box.

The pattern matching and caching on Layer 3 switches is

similar to the pattern matching and caching on a router.

Both use a routing protocol and routing table to determine

the best path. However, a Layer 3 switch has the ability toreprogram the hardware dynamically with the current Layer

3 routing information. This is what allows much faster

packet processing.
http://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWosi.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWosi.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWosi.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWosi.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htm


30/34

On current Layer 3 switches, like the Cisco Catalyst 6000,

the information received from the routing protocols is used

to update the hardware caching tables. The 6000 is a great

way to connect to the Internet because it has WAN cards;but, based on traffic flow and budget, simple routers of

varying sizes are usually fine for Internet connections.


31/34

VLANs: As networks have grown in size and complexity,

many companies have turned to Virtual Local Area

Networks (VLANs) to provide some way of structuring this

growth logically. Basically, a VLAN is a collection ofnodes that are grouped together in a single broadcast

domain that is based on something other than physical

location. You learned about broadcasts earlier, and how a

router does not pass along broadcasts. A broadcast domain

is a network (or portion of a network) that will receive a

broadcast packet from any node located within that

network. In a typical network, everything on the same sideof the routeris all part of the same broadcast domain. A

switch that you have implemented VLANs on has multiple

broadcast domains, similar to a router. But you still need a

router to route from one VLAN to another; the switch can't

do this by itself.

Here are some common reasons why a company might

have VLANs:

Security - Separating systems with sensitive data from

the rest of the network decreases the chance that

someone will gain access to information they are not

authorized to see.

Projects/Special applications - Managing a project or

working with a specialized application can be

simplified by the use of a VLAN that brings all of the

required nodes together.

Performance/Bandwidth - Careful monitoring of

network use allows the network administrator to create
http://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htm


32/34

VLANs that reduce the number of routerhops and

increase the apparent bandwidth for network users.

Broadcasts/Traffic flow - Since a principle element

of a VLAN is the fact that it does not pass broadcasttraffic to nodes that are not part of the VLAN, it

automatically reduces broadcasts. Access lists provide

the network administrator with a way to control who

sees what network traffic. An access list is a table the

network administrator creates that lists what addresses

have access to that network.

Departments/Specific job types - Companies may

want VLANs set up for departments that are heavynetwork users (such as Multimedia or Engineering), or

a VLAN across departments that is dedicated to

specific types of employees (such as managers or sales

people).

You can create a VLAN using most switches simply by

logging into the switch via Telnet and entering theparameters for the VLAN (name, domain and port

assignments). After you have created the VLAN, any

network segments connected to the assigned ports will

become part of that VLAN.

While you can have more than one VLAN on a switch, they

cannot communicate directly with one another on that

switch. If they could, it would defeat the purpose of havinga VLAN, which is to isolate a part of the network.

Communication between VLANs requires the use of a

router.
http://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htmhttp://showimage%28%27http//whatis.techtarget.com/WhatIs_Search_Results_Exact/1,282033,,00.html?query=telnet%27);http://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htmhttp://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htmhttp://showimage%28%27http//whatis.techtarget.com/WhatIs_Search_Results_Exact/1,282033,,00.html?query=telnet%27);http://c/Documents%20and%20Settings/nc/My%20Documents/my%20projet%20report/New%20project%20on%20networking/My%20Assignments/networking/Documents%20and%20SettingsAdministratorMy%20DocumentsMy%20Webshow%20stuff%20worksHSWrouter.htm


33/34

VLAN is basically a LAN within a LAN and it is used toavoid any physical connectivity. There are three types of

VLAN:-

Port based VLAN

Application based VLAN

Protocol based VLAN

VLANs can span across multiple switches and you canhave more than one VLAN on each switch. For multiple

VLANs on multiple switches to be able to communicate via

a single link between the switches, you must use a process

called trunking ; trunking is the technology that allows

information from multiple VLANs to be carried over just

one link between switches.

The VLAN Trunking Protocol (VTP ) is the protocol that

switches use to communicate among themselves about

VLAN configuration.


34/34

In the image above, each switch has two VLANs. On the

first switch, VLAN A and VLAN B are sent through a

single port (trunked) to the router and through another port

to the second switch. VLAN C and VLAN D are trunkedfrom the second switch to the first switch, and through the

first switch to the router. This trunk can carry traffic from

all four VLANs. The trunk link from the first switch to the

router can also carry all four VLANs. In fact, this one

connection to the router allows the router to appear on all

four VLANs, as if it had four, different, physical ports

connected to the switch.

The VLANs can communicate with each other via the

trunking connection between the two switches using the

router. For example, data from a computer on VLAN A that

needs to get to a computer on VLAN B (or VLAN C or

VLAN D) must travel from the switch to the router and

back again to the switch. Because of the transparent

bridging algorithm and trunking, both PCs and the routerthink that they are on the same physical segment!